Merge staging-next into staging
This commit is contained in:
commit
a6adcc1edf
58 changed files with 691 additions and 333 deletions
|
@ -36,6 +36,13 @@
|
|||
<link linkend="opt-services.filebeat.enable">services.filebeat</link>.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<link xlink:href="https://github.com/ngoduykhanh/PowerDNS-Admin">PowerDNS-Admin</link>,
|
||||
a web interface for the PowerDNS server. Available at
|
||||
<link xlink:href="options.html#opt-services.powerdns-admin.enable">services.powerdns-admin</link>.
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</section>
|
||||
<section xml:id="sec-release-22.05-incompatibilities">
|
||||
|
|
|
@ -12,6 +12,8 @@ In addition to numerous new and upgraded packages, this release has the followin
|
|||
|
||||
- [filebeat](https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-overview.html), a lightweight shipper for forwarding and centralizing log data. Available as [services.filebeat](#opt-services.filebeat.enable).
|
||||
|
||||
- [PowerDNS-Admin](https://github.com/ngoduykhanh/PowerDNS-Admin), a web interface for the PowerDNS server. Available at [services.powerdns-admin](options.html#opt-services.powerdns-admin.enable).
|
||||
|
||||
## Backward Incompatibilities {#sec-release-22.05-incompatibilities}
|
||||
|
||||
- `pkgs.ghc` now refers to `pkgs.targetPackages.haskellPackages.ghc`.
|
||||
|
|
|
@ -1026,6 +1026,7 @@
|
|||
./services/web-apps/plantuml-server.nix
|
||||
./services/web-apps/plausible.nix
|
||||
./services/web-apps/pgpkeyserver-lite.nix
|
||||
./services/web-apps/powerdns-admin.nix
|
||||
./services/web-apps/matomo.nix
|
||||
./services/web-apps/moinmoin.nix
|
||||
./services/web-apps/openwebrx.nix
|
||||
|
|
|
@ -10,6 +10,8 @@ let
|
|||
stateDir = "%S/${systemdDir}";
|
||||
# %L: Log directory root (usually /var/log); see systemd.unit(5)
|
||||
logsDir = "%L/${systemdDir}";
|
||||
# Name of file stored in service state directory
|
||||
currentConfigTokenFilename = ".current-token";
|
||||
in
|
||||
{
|
||||
options.services.github-runner = {
|
||||
|
@ -144,13 +146,11 @@ in
|
|||
ExecStart = "${cfg.package}/bin/runsvc.sh";
|
||||
|
||||
# Does the following, sequentially:
|
||||
# - Copy the current and the previous `tokenFile` to the $RUNTIME_DIRECTORY
|
||||
# and make it accessible to the service user to allow for a content
|
||||
# comparison.
|
||||
# - If the module configuration or the token has changed, clear the state directory.
|
||||
# - Configure the runner.
|
||||
# - Copy the configured `tokenFile` to the $STATE_DIRECTORY and make it
|
||||
# inaccessible to the service user.
|
||||
# - If the module configuration or the token has changed, purge the state directory,
|
||||
# and create the current and the new token file with the contents of the configured
|
||||
# token. While both files have the same content, only the later is accessible by
|
||||
# the service user.
|
||||
# - Configure the runner using the new token file. When finished, delete it.
|
||||
# - Set up the directory structure by creating the necessary symlinks.
|
||||
ExecStartPre =
|
||||
let
|
||||
|
@ -173,37 +173,20 @@ in
|
|||
currentConfigPath = "$STATE_DIRECTORY/.nixos-current-config.json";
|
||||
runnerRegistrationConfig = getAttrs [ "name" "tokenFile" "url" "runnerGroup" "extraLabels" ] cfg;
|
||||
newConfigPath = builtins.toFile "${svcName}-config.json" (builtins.toJSON runnerRegistrationConfig);
|
||||
currentConfigTokenFilename = ".current-token";
|
||||
newConfigTokenFilename = ".new-token";
|
||||
runnerCredFiles = [
|
||||
".credentials"
|
||||
".credentials_rsaparams"
|
||||
".runner"
|
||||
];
|
||||
ownConfigTokens = writeScript "own-config-tokens" ''
|
||||
# Copy current and new token file to runtime dir and make it accessible to the service user
|
||||
cp ${escapeShellArg cfg.tokenFile} "$RUNTIME_DIRECTORY/${newConfigTokenFilename}"
|
||||
chmod 600 "$RUNTIME_DIRECTORY/${newConfigTokenFilename}"
|
||||
chown "$USER" "$RUNTIME_DIRECTORY/${newConfigTokenFilename}"
|
||||
|
||||
if [[ -e "$STATE_DIRECTORY/${currentConfigTokenFilename}" ]]; then
|
||||
cp "$STATE_DIRECTORY/${currentConfigTokenFilename}" "$RUNTIME_DIRECTORY/${currentConfigTokenFilename}"
|
||||
chmod 600 "$RUNTIME_DIRECTORY/${currentConfigTokenFilename}"
|
||||
chown "$USER" "$RUNTIME_DIRECTORY/${currentConfigTokenFilename}"
|
||||
fi
|
||||
'';
|
||||
disownConfigTokens = writeScript "disown-config-tokens" ''
|
||||
# Make the token inaccessible to the runner service user
|
||||
chmod 600 "$STATE_DIRECTORY/${currentConfigTokenFilename}"
|
||||
chown root:root "$STATE_DIRECTORY/${currentConfigTokenFilename}"
|
||||
'';
|
||||
unconfigureRunner = writeScript "unconfigure" ''
|
||||
differs=
|
||||
# Set `differs = 1` if current and new runner config differ or if `currentConfigPath` does not exist
|
||||
${pkgs.diffutils}/bin/diff -q '${newConfigPath}' "${currentConfigPath}" >/dev/null 2>&1 || differs=1
|
||||
# Also trigger a registration if the token content changed
|
||||
${pkgs.diffutils}/bin/diff -q \
|
||||
"$RUNTIME_DIRECTORY"/{${currentConfigTokenFilename},${newConfigTokenFilename}} \
|
||||
"$STATE_DIRECTORY"/${currentConfigTokenFilename} \
|
||||
${escapeShellArg cfg.tokenFile} \
|
||||
>/dev/null 2>&1 || differs=1
|
||||
|
||||
if [[ -n "$differs" ]]; then
|
||||
|
@ -211,13 +194,18 @@ in
|
|||
echo "The old runner will still appear in the GitHub Actions UI." \
|
||||
"You have to remove it manually."
|
||||
find "$STATE_DIRECTORY/" -mindepth 1 -delete
|
||||
|
||||
# Copy the configured token file to the state dir and allow the service user to read the file
|
||||
install --mode=666 ${escapeShellArg cfg.tokenFile} "$STATE_DIRECTORY/${newConfigTokenFilename}"
|
||||
# Also copy current file to allow for a diff on the next start
|
||||
install --mode=600 ${escapeShellArg cfg.tokenFile} "$STATE_DIRECTORY/${currentConfigTokenFilename}"
|
||||
fi
|
||||
'';
|
||||
configureRunner = writeScript "configure" ''
|
||||
empty=$(ls -A "$STATE_DIRECTORY")
|
||||
if [[ -z "$empty" ]]; then
|
||||
if [[ -e "$STATE_DIRECTORY/${newConfigTokenFilename}" ]]; then
|
||||
echo "Configuring GitHub Actions Runner"
|
||||
token=$(< "$RUNTIME_DIRECTORY"/${newConfigTokenFilename})
|
||||
|
||||
token=$(< "$STATE_DIRECTORY"/${newConfigTokenFilename})
|
||||
RUNNER_ROOT="$STATE_DIRECTORY" ${cfg.package}/bin/config.sh \
|
||||
--unattended \
|
||||
--work "$RUNTIME_DIRECTORY" \
|
||||
|
@ -234,8 +222,7 @@ in
|
|||
rm -rf "$STATE_DIRECTORY/_diag/"
|
||||
|
||||
# Cleanup token from config
|
||||
rm -f "$RUNTIME_DIRECTORY"/${currentConfigTokenFilename}
|
||||
mv "$RUNTIME_DIRECTORY"/${newConfigTokenFilename} "$STATE_DIRECTORY/${currentConfigTokenFilename}"
|
||||
rm "$STATE_DIRECTORY/${newConfigTokenFilename}"
|
||||
|
||||
# Symlink to new config
|
||||
ln -s '${newConfigPath}' "${currentConfigPath}"
|
||||
|
@ -250,10 +237,8 @@ in
|
|||
'';
|
||||
in
|
||||
map (x: "${x} ${escapeShellArgs [ stateDir runtimeDir logsDir ]}") [
|
||||
"+${ownConfigTokens}" # runs as root
|
||||
unconfigureRunner
|
||||
"+${unconfigureRunner}" # runs as root
|
||||
configureRunner
|
||||
"+${disownConfigTokens}" # runs as root
|
||||
setupRuntimeDir
|
||||
];
|
||||
|
||||
|
@ -266,6 +251,13 @@ in
|
|||
StateDirectoryMode = "0700";
|
||||
WorkingDirectory = runtimeDir;
|
||||
|
||||
InaccessiblePaths = [
|
||||
# Token file path given in the configuration
|
||||
cfg.tokenFile
|
||||
# Token file in the state directory
|
||||
"${stateDir}/${currentConfigTokenFilename}"
|
||||
];
|
||||
|
||||
# By default, use a dynamically allocated user
|
||||
DynamicUser = true;
|
||||
|
||||
|
|
149
nixos/modules/services/web-apps/powerdns-admin.nix
Normal file
149
nixos/modules/services/web-apps/powerdns-admin.nix
Normal file
|
@ -0,0 +1,149 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.powerdns-admin;
|
||||
|
||||
configText = ''
|
||||
${cfg.config}
|
||||
''
|
||||
+ optionalString (cfg.secretKeyFile != null) ''
|
||||
with open('${cfg.secretKeyFile}') as file:
|
||||
SECRET_KEY = file.read()
|
||||
''
|
||||
+ optionalString (cfg.saltFile != null) ''
|
||||
with open('${cfg.saltFile}') as file:
|
||||
SALT = file.read()
|
||||
'';
|
||||
in
|
||||
{
|
||||
options.services.powerdns-admin = {
|
||||
enable = mkEnableOption "the PowerDNS web interface";
|
||||
|
||||
extraArgs = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [ ];
|
||||
example = literalExpression ''
|
||||
[ "-b" "127.0.0.1:8000" ]
|
||||
'';
|
||||
description = ''
|
||||
Extra arguments passed to powerdns-admin.
|
||||
'';
|
||||
};
|
||||
|
||||
config = mkOption {
|
||||
type = types.str;
|
||||
default = "";
|
||||
example = ''
|
||||
BIND_ADDRESS = '127.0.0.1'
|
||||
PORT = 8000
|
||||
SQLALCHEMY_DATABASE_URI = 'postgresql://powerdnsadmin@/powerdnsadmin?host=/run/postgresql'
|
||||
'';
|
||||
description = ''
|
||||
Configuration python file.
|
||||
See <link xlink:href="https://github.com/ngoduykhanh/PowerDNS-Admin/blob/v${pkgs.powerdns-admin.version}/configs/development.py">the example configuration</link>
|
||||
for options.
|
||||
'';
|
||||
};
|
||||
|
||||
secretKeyFile = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
example = "/etc/powerdns-admin/secret";
|
||||
description = ''
|
||||
The secret used to create cookies.
|
||||
This needs to be set, otherwise the default is used and everyone can forge valid login cookies.
|
||||
Set this to null to ignore this setting and configure it through another way.
|
||||
'';
|
||||
};
|
||||
|
||||
saltFile = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
example = "/etc/powerdns-admin/salt";
|
||||
description = ''
|
||||
The salt used for serialization.
|
||||
This should be set, otherwise the default is used.
|
||||
Set this to null to ignore this setting and configure it through another way.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
systemd.services.powerdns-admin = {
|
||||
description = "PowerDNS web interface";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "networking.target" ];
|
||||
|
||||
environment.FLASK_CONF = builtins.toFile "powerdns-admin-config.py" configText;
|
||||
environment.PYTHONPATH = pkgs.powerdns-admin.pythonPath;
|
||||
serviceConfig = {
|
||||
ExecStart = "${pkgs.powerdns-admin}/bin/powerdns-admin --pid /run/powerdns-admin/pid ${escapeShellArgs cfg.extraArgs}";
|
||||
ExecStartPre = "${pkgs.coreutils}/bin/env FLASK_APP=${pkgs.powerdns-admin}/share/powerdnsadmin/__init__.py ${pkgs.python3Packages.flask}/bin/flask db upgrade -d ${pkgs.powerdns-admin}/share/migrations";
|
||||
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
|
||||
ExecStop = "${pkgs.coreutils}/bin/kill -TERM $MAINPID";
|
||||
PIDFile = "/run/powerdns-admin/pid";
|
||||
RuntimeDirectory = "powerdns-admin";
|
||||
User = "powerdnsadmin";
|
||||
Group = "powerdnsadmin";
|
||||
|
||||
AmbientCapabilities = "CAP_NET_BIND_SERVICE";
|
||||
BindReadOnlyPaths = [
|
||||
"/nix/store"
|
||||
"-/etc/resolv.conf"
|
||||
"-/etc/nsswitch.conf"
|
||||
"-/etc/hosts"
|
||||
"-/etc/localtime"
|
||||
]
|
||||
++ (optional (cfg.secretKeyFile != null) cfg.secretKeyFile)
|
||||
++ (optional (cfg.saltFile != null) cfg.saltFile);
|
||||
CapabilityBoundingSet = "CAP_NET_BIND_SERVICE";
|
||||
# ProtectClock= adds DeviceAllow=char-rtc r
|
||||
DeviceAllow = "";
|
||||
# Implies ProtectSystem=strict, which re-mounts all paths
|
||||
#DynamicUser = true;
|
||||
LockPersonality = true;
|
||||
MemoryDenyWriteExecute = true;
|
||||
NoNewPrivileges = true;
|
||||
PrivateDevices = true;
|
||||
PrivateMounts = true;
|
||||
# Needs to start a server
|
||||
#PrivateNetwork = true;
|
||||
PrivateTmp = true;
|
||||
PrivateUsers = true;
|
||||
ProcSubset = "pid";
|
||||
ProtectClock = true;
|
||||
ProtectHome = true;
|
||||
ProtectHostname = true;
|
||||
# Would re-mount paths ignored by temporary root
|
||||
#ProtectSystem = "strict";
|
||||
ProtectControlGroups = true;
|
||||
ProtectKernelLogs = true;
|
||||
ProtectKernelModules = true;
|
||||
ProtectKernelTunables = true;
|
||||
ProtectProc = "invisible";
|
||||
RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_UNIX" ];
|
||||
RestrictNamespaces = true;
|
||||
RestrictRealtime = true;
|
||||
RestrictSUIDSGID = true;
|
||||
SystemCallArchitectures = "native";
|
||||
# gunicorn needs setuid
|
||||
SystemCallFilter = [
|
||||
"@system-service"
|
||||
"~@privileged @resources @keyring"
|
||||
# These got removed by the line above but are needed
|
||||
"@setuid @chown"
|
||||
];
|
||||
TemporaryFileSystem = "/:ro";
|
||||
# Does not work well with the temporary root
|
||||
#UMask = "0066";
|
||||
};
|
||||
};
|
||||
|
||||
users.groups.powerdnsadmin = { };
|
||||
users.users.powerdnsadmin = {
|
||||
description = "PowerDNS web interface user";
|
||||
isSystemUser = true;
|
||||
group = "powerdnsadmin";
|
||||
};
|
||||
};
|
||||
}
|
|
@ -381,6 +381,7 @@ in
|
|||
postgresql = handleTest ./postgresql.nix {};
|
||||
postgresql-wal-receiver = handleTest ./postgresql-wal-receiver.nix {};
|
||||
powerdns = handleTest ./powerdns.nix {};
|
||||
powerdns-admin = handleTest ./powerdns-admin.nix {};
|
||||
power-profiles-daemon = handleTest ./power-profiles-daemon.nix {};
|
||||
pppd = handleTest ./pppd.nix {};
|
||||
predictable-interface-names = handleTest ./predictable-interface-names.nix {};
|
||||
|
|
117
nixos/tests/powerdns-admin.nix
Normal file
117
nixos/tests/powerdns-admin.nix
Normal file
|
@ -0,0 +1,117 @@
|
|||
# Test powerdns-admin
|
||||
{ system ? builtins.currentSystem
|
||||
, config ? { }
|
||||
, pkgs ? import ../.. { inherit system config; }
|
||||
}:
|
||||
|
||||
with import ../lib/testing-python.nix { inherit system pkgs; };
|
||||
with pkgs.lib;
|
||||
let
|
||||
defaultConfig = ''
|
||||
BIND_ADDRESS = '127.0.0.1'
|
||||
PORT = 8000
|
||||
'';
|
||||
|
||||
makeAppTest = name: configs: makeTest {
|
||||
name = "powerdns-admin-${name}";
|
||||
meta = with pkgs.lib.maintainers; {
|
||||
maintainers = [ Flakebi zhaofengli ];
|
||||
};
|
||||
|
||||
nodes.server = { pkgs, config, ... }: mkMerge ([
|
||||
{
|
||||
services.powerdns-admin = {
|
||||
enable = true;
|
||||
secretKeyFile = "/etc/powerdns-admin/secret";
|
||||
saltFile = "/etc/powerdns-admin/salt";
|
||||
};
|
||||
# It's insecure to have secrets in the world-readable nix store, but this is just a test
|
||||
environment.etc."powerdns-admin/secret".text = "secret key";
|
||||
environment.etc."powerdns-admin/salt".text = "salt";
|
||||
environment.systemPackages = [
|
||||
(pkgs.writeShellScriptBin "run-test" config.system.build.testScript)
|
||||
];
|
||||
}
|
||||
] ++ configs);
|
||||
|
||||
testScript = ''
|
||||
server.wait_for_unit("powerdns-admin.service")
|
||||
server.wait_until_succeeds("run-test", timeout=10)
|
||||
'';
|
||||
};
|
||||
|
||||
matrix = {
|
||||
backend = {
|
||||
mysql = {
|
||||
services.powerdns-admin = {
|
||||
config = ''
|
||||
${defaultConfig}
|
||||
SQLALCHEMY_DATABASE_URI = 'mysql://powerdnsadmin@/powerdnsadmin?unix_socket=/run/mysqld/mysqld.sock'
|
||||
'';
|
||||
};
|
||||
systemd.services.powerdns-admin = {
|
||||
after = [ "mysql.service" ];
|
||||
serviceConfig.BindPaths = "/run/mysqld";
|
||||
};
|
||||
|
||||
services.mysql = {
|
||||
enable = true;
|
||||
package = pkgs.mariadb;
|
||||
ensureDatabases = [ "powerdnsadmin" ];
|
||||
ensureUsers = [
|
||||
{
|
||||
name = "powerdnsadmin";
|
||||
ensurePermissions = {
|
||||
"powerdnsadmin.*" = "ALL PRIVILEGES";
|
||||
};
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
postgresql = {
|
||||
services.powerdns-admin = {
|
||||
config = ''
|
||||
${defaultConfig}
|
||||
SQLALCHEMY_DATABASE_URI = 'postgresql://powerdnsadmin@/powerdnsadmin?host=/run/postgresql'
|
||||
'';
|
||||
};
|
||||
systemd.services.powerdns-admin = {
|
||||
after = [ "postgresql.service" ];
|
||||
serviceConfig.BindPaths = "/run/postgresql";
|
||||
};
|
||||
|
||||
services.postgresql = {
|
||||
enable = true;
|
||||
ensureDatabases = [ "powerdnsadmin" ];
|
||||
ensureUsers = [
|
||||
{
|
||||
name = "powerdnsadmin";
|
||||
ensurePermissions = {
|
||||
"DATABASE powerdnsadmin" = "ALL PRIVILEGES";
|
||||
};
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
listen = {
|
||||
tcp = {
|
||||
services.powerdns-admin.extraArgs = [ "-b" "127.0.0.1:8000" ];
|
||||
system.build.testScript = ''
|
||||
curl -sSf http://127.0.0.1:8000/
|
||||
'';
|
||||
};
|
||||
unix = {
|
||||
services.powerdns-admin.extraArgs = [ "-b" "unix:/run/powerdns-admin/http.sock" ];
|
||||
system.build.testScript = ''
|
||||
curl -sSf --unix-socket /run/powerdns-admin/http.sock http://somehost/
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
in
|
||||
with matrix; {
|
||||
postgresql = makeAppTest "postgresql" [ backend.postgresql listen.tcp ];
|
||||
mysql = makeAppTest "mysql" [ backend.mysql listen.tcp ];
|
||||
unix-listener = makeAppTest "unix-listener" [ backend.postgresql listen.unix ];
|
||||
}
|
|
@ -6,11 +6,11 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "bitwig-studio";
|
||||
version = "4.1.1";
|
||||
version = "4.1.2";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://downloads.bitwig.com/stable/${version}/${pname}-${version}.deb";
|
||||
sha256 = "sha256-bhd3Ij4y1r5pHrpQkbHuMTNl8Z3w0HsbCkr1C0CVFvQ=";
|
||||
sha256 = "sha256-fXrpTOA6Uh4DgGU+3A7SV23Sb+Z2Ud4rCPmMk5I1MnA=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ dpkg makeWrapper wrapGAppsHook ];
|
||||
|
|
|
@ -7,16 +7,16 @@
|
|||
}:
|
||||
rustPlatform.buildRustPackage rec {
|
||||
pname = "polkadot";
|
||||
version = "0.9.12-1";
|
||||
version = "0.9.14";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "paritytech";
|
||||
repo = "polkadot";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-+HATcxdIDQGDIQBF08yy/eKBcS10Hp7C0nZFVsYFNwQ=";
|
||||
sha256 = "sha256-SCi+hpdMUTX1NLF1RUce0d/2G19sVfJ5IsmM1xcAUKo=";
|
||||
};
|
||||
|
||||
cargoSha256 = "sha256-1qg4ZnSORRVI7eCVMrR7lY3tzo7KJt+dC2RBXqbKrig=";
|
||||
cargoSha256 = "sha256-ZcIsbMI96qX0LLJXmkCRS9g40ccZOH/upPbAA7XEZIw=";
|
||||
|
||||
nativeBuildInputs = [ clang ];
|
||||
|
||||
|
|
|
@ -1,31 +1,19 @@
|
|||
{ lib, stdenv, fetchFromGitHub, fetchpatch
|
||||
{ lib, stdenv, fetchFromGitHub
|
||||
, cmake, halide
|
||||
, libpng, libjpeg, libtiff, libraw
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "hdr-plus-unstable";
|
||||
version = "2020-10-29";
|
||||
pname = "hdr-plus";
|
||||
version = "unstable-2021-12-10";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "timothybrooks";
|
||||
repo = "hdr-plus";
|
||||
rev = "132bd73ccd4eaef9830124605c93f06a98607cfa";
|
||||
sha256 = "1n49ggrppf336p7n510kapzh376791bysxj3f33m3bdzksq360ps";
|
||||
rev = "0ab70564493bdbcd5aca899b5885505d0c824435";
|
||||
sha256 = "sha256-QV8bGxkwFpbNzJG4kmrWwFQxUo2XzLPnoI1e32UmM6g=";
|
||||
};
|
||||
|
||||
patches = [
|
||||
# PR #70, fixes incompatibility with Halide 10.0.0
|
||||
(fetchpatch {
|
||||
url = "https://github.com/timothybrooks/hdr-plus/pull/70/commits/077e1a476279539c72e615210762dca27984c57b.patch";
|
||||
sha256 = "1sg2l1bqs2smpfpy4flwg86fzhcc4yf7zx998v1bfhim43yyrx59";
|
||||
})
|
||||
];
|
||||
|
||||
postPatch = ''
|
||||
sed -i '2a #include <array>' src/InputSource.h
|
||||
'';
|
||||
|
||||
nativeBuildInputs = [ cmake ];
|
||||
|
||||
buildInputs = [ halide libpng libjpeg libtiff libraw ];
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ lib, stdenv, fetchFromGitHub, autoreconfHook
|
||||
{ lib, stdenv, fetchFromGitHub, autoreconfHook, pkg-config
|
||||
, curl, db, libgeotiff
|
||||
, libXpm, libXt, motif, pcre
|
||||
, perl, proj, rastermagick, shapelib
|
||||
|
@ -6,17 +6,21 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "xastir";
|
||||
version = "2.1.6";
|
||||
version = "2.1.8";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = pname;
|
||||
repo = pname;
|
||||
rev = "Release-${version}";
|
||||
sha256 = "0yrvwy6hlc73gzwrsrczflyymyz0k33hj991ajrd1vijq14m3n91";
|
||||
hash = "sha256-hRe0KO1lWOv3hNNDMS70t+X1rxuhNlNKykmo4LEU+U0=";
|
||||
};
|
||||
|
||||
buildInputs = [
|
||||
nativeBuildInputs = [
|
||||
autoreconfHook
|
||||
pkg-config
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
curl db libgeotiff
|
||||
libXpm libXt motif pcre
|
||||
perl proj rastermagick shapelib
|
||||
|
|
|
@ -7,10 +7,10 @@ in
|
|||
rec {
|
||||
firefox = common rec {
|
||||
pname = "firefox";
|
||||
version = "95.0";
|
||||
version = "95.0.1";
|
||||
src = fetchurl {
|
||||
url = "mirror://mozilla/firefox/releases/${version}/source/firefox-${version}.source.tar.xz";
|
||||
sha512 = "350672a2cd99195c67dafc0e71c6eaf1e23e85a5fe92775697119a054f17c34a736035e23d7f2bb404b544f0f144efef3843cfc293596a6e61d1ea36efc3a724";
|
||||
sha512 = "54887c3adbf7202b835ae1ac928c3c95516ef11f9894456561dad500a1a61623f926b37f6e02fef0898e7ee0fd9147a71e5432634e6e0a2c2fecd08509799c37";
|
||||
};
|
||||
|
||||
meta = {
|
||||
|
|
|
@ -2,16 +2,16 @@
|
|||
|
||||
buildGoModule rec {
|
||||
pname = "pgo-client";
|
||||
version = "4.7.3";
|
||||
version = "4.7.4";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "CrunchyData";
|
||||
repo = "postgres-operator";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-nIflJLHhzEMq4RZUHjZYvBW+cxsi/gc9ZnMoGCesbrc=";
|
||||
sha256 = "sha256-8L3eFMATCGIM6xxUM7mi/D3njHMFk7cgPLJotilAS5k=";
|
||||
};
|
||||
|
||||
vendorSha256 = "sha256-m8b6Lh6it67A6cppdBDX4X0u7Kde4GQz9wln/TrHVwI=";
|
||||
vendorSha256 = "sha256-4Vz7Lioj6iLU7dbz/B2BSAgfaCl2MyC8MM9yiyWLi2o=";
|
||||
|
||||
subPackages = [ "cmd/pgo" ];
|
||||
|
||||
|
|
|
@ -183,11 +183,9 @@ stdenv.mkDerivation {
|
|||
meta = with lib; {
|
||||
description = "Mozilla Thunderbird, a full-featured email client (binary package)";
|
||||
homepage = "http://www.mozilla.org/thunderbird/";
|
||||
license = {
|
||||
free = false;
|
||||
url = "http://www.mozilla.org/en-US/foundation/trademarks/policy/";
|
||||
};
|
||||
license = licenses.mpl20;
|
||||
maintainers = with lib.maintainers; [ ];
|
||||
platforms = platforms.linux;
|
||||
hydraPlatforms = [ ];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ lib, stdenv, fetchFromGitHub, mkYarnPackage, writeText, python3 }:
|
||||
{ lib, stdenv, fetchFromGitHub, mkYarnPackage, nixosTests, writeText, python3 }:
|
||||
|
||||
let
|
||||
version = "0.2.3";
|
||||
|
@ -23,8 +23,8 @@ let
|
|||
|
||||
pythonDeps = with python.pkgs; [
|
||||
flask flask_assets flask_login flask_sqlalchemy flask_migrate flask-seasurf flask_mail flask-sslify
|
||||
mysqlclient sqlalchemy
|
||||
configobj bcrypt requests ldap pyotp qrcode dnspython
|
||||
mysqlclient psycopg2 sqlalchemy
|
||||
cffi configobj cryptography bcrypt requests ldap pyotp qrcode dnspython
|
||||
gunicorn python3-saml pyopenssl pytz cssmin jsmin authlib bravado-core
|
||||
lima pytimeparse pyyaml
|
||||
];
|
||||
|
@ -91,6 +91,7 @@ in stdenv.mkDerivation rec {
|
|||
|
||||
postPatch = ''
|
||||
rm -r powerdnsadmin/static powerdnsadmin/assets.py
|
||||
sed -i "s/id:/'id':/" migrations/versions/787bdba9e147_init_db.py
|
||||
'';
|
||||
|
||||
installPhase = ''
|
||||
|
@ -100,7 +101,7 @@ in stdenv.mkDerivation rec {
|
|||
wrapPythonPrograms
|
||||
|
||||
mkdir -p $out/share $out/bin
|
||||
cp -r powerdnsadmin $out/share/powerdnsadmin
|
||||
cp -r migrations powerdnsadmin $out/share/
|
||||
|
||||
ln -s ${assets} $out/share/powerdnsadmin/static
|
||||
ln -s ${assetsPy} $out/share/powerdnsadmin/assets.py
|
||||
|
@ -114,6 +115,12 @@ in stdenv.mkDerivation rec {
|
|||
runHook postInstall
|
||||
'';
|
||||
|
||||
passthru = {
|
||||
# PYTHONPATH of all dependencies used by the package
|
||||
pythonPath = python3.pkgs.makePythonPath pythonDeps;
|
||||
tests = nixosTests.powerdns-admin;
|
||||
};
|
||||
|
||||
meta = with lib; {
|
||||
description = "A PowerDNS web interface with advanced features";
|
||||
homepage = "https://github.com/ngoduykhanh/PowerDNS-Admin";
|
||||
|
|
|
@ -9,18 +9,18 @@
|
|||
|
||||
buildGoModule rec {
|
||||
pname = "shellhub-agent";
|
||||
version = "0.7.2";
|
||||
version = "0.8.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "shellhub-io";
|
||||
repo = "shellhub";
|
||||
rev = "v${version}";
|
||||
sha256 = "02ka7acynkwkml2pavlv4j5vkm6x5aq5sfxgydv26qzs39f1wdgc";
|
||||
sha256 = "LafREMle3v/XLLsfS+sNSE4Q9AwX4v8Mg9/9RngbN40=";
|
||||
};
|
||||
|
||||
modRoot = "./agent";
|
||||
|
||||
vendorSha256 = "18z3vwcwkyj6hcvl35qmj034237h9l18dvcbx1hxry7qdwv807c9";
|
||||
vendorSha256 = "sha256-3bHDDjfpXgmS6lpIOkpouTKTjHT1gMbUWnuskaOptUM=";
|
||||
|
||||
ldflags = [ "-s" "-w" "-X main.AgentVersion=v${version}" ];
|
||||
|
||||
|
|
|
@ -114,7 +114,7 @@ rec {
|
|||
|
||||
echo "mounting Nix store..."
|
||||
mkdir -p /fs${storeDir}
|
||||
mount -t 9p store /fs${storeDir} -o trans=virtio,version=9p2000.L,cache=loose
|
||||
mount -t 9p store /fs${storeDir} -o trans=virtio,version=9p2000.L,cache=loose,msize=131072
|
||||
|
||||
mkdir -p /fs/tmp /fs/run /fs/var
|
||||
mount -t tmpfs -o "mode=1777" none /fs/tmp
|
||||
|
@ -123,7 +123,7 @@ rec {
|
|||
|
||||
echo "mounting host's temporary directory..."
|
||||
mkdir -p /fs/tmp/xchg
|
||||
mount -t 9p xchg /fs/tmp/xchg -o trans=virtio,version=9p2000.L
|
||||
mount -t 9p xchg /fs/tmp/xchg -o trans=virtio,version=9p2000.L,msize=131072
|
||||
|
||||
mkdir -p /fs/proc
|
||||
mount -t proc none /fs/proc
|
||||
|
|
|
@ -14,15 +14,15 @@ let
|
|||
in
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "nextpnr";
|
||||
version = "2021.11.24"; # tagged as 0.1, but we'll keep tracking HEAD
|
||||
version = "2021.15.21";
|
||||
|
||||
srcs = [
|
||||
(fetchFromGitHub {
|
||||
owner = "YosysHQ";
|
||||
repo = "nextpnr";
|
||||
rev = "fd2d4a8f999947ece42f791e19ddc4c2d8b823f2";
|
||||
sha256 = "sha256-bGh3svJeVRJO0rTnSYoTndeQrTENx6j9t+GCGX4RX4k=";
|
||||
name = "nextpnr";
|
||||
owner = "YosysHQ";
|
||||
repo = "nextpnr";
|
||||
rev = "d04cfd5f0f6da184f5b8a03f0ce18fbd1d98eca3";
|
||||
hash = "sha256-gm/+kwIZ/m10+KuCJoK45F56nKZD3tM0myHwbFKIKAs=";
|
||||
name = "nextpnr";
|
||||
})
|
||||
(fetchFromGitHub {
|
||||
owner = "YosysHQ";
|
||||
|
|
|
@ -34,13 +34,13 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "yosys";
|
||||
version = "0.11+52";
|
||||
version = "0.12+36";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "YosysHQ";
|
||||
repo = "yosys";
|
||||
rev = "2be110cb0ba645f95f62ee01b6a6fa46a85d5b26";
|
||||
hash = "sha256-A1QKu6SbtpJJPF8/LA5SMUP3/+n5giM6rOYdc6vkl90=";
|
||||
rev = "60c3ea367c942459a95e610ed98f277ce46c0142";
|
||||
hash = "sha256-NcfhNUmb3IDG08XgS+NGbRLI8sn4aQkOA7RF7wucDug=";
|
||||
};
|
||||
|
||||
enableParallelBuilding = true;
|
||||
|
|
|
@ -5,9 +5,10 @@ with lib; mkCoqDerivation {
|
|||
owner = "snu-sf";
|
||||
inherit version;
|
||||
defaultVersion = with versions; switch coq.coq-version [
|
||||
{ case = range "8.6" "8.13"; out = "4.0.2"; }
|
||||
{ case = range "8.6" "8.13"; out = "4.1.1"; }
|
||||
{ case = isEq "8.5"; out = "1.2.8"; }
|
||||
] null;
|
||||
release."4.1.1".sha256 = "1qap8cyv649lr1s11r7h5jzdjd4hsna8kph15qy5fw24h5nx6byy";
|
||||
release."4.0.2".sha256 = "1q96bsxclqx84xn5vkid501jkwlc1p6fhb8szrlrp82zglj58b0b";
|
||||
release."1.2.8".sha256 = "05fskx5x1qgaf9qv626m38y5izichzzqc7g2rglzrkygbskrrwsb";
|
||||
releaseRev = v: "v${v}";
|
||||
|
|
|
@ -1,25 +1,28 @@
|
|||
{ lib, stdenv, fetchFromGitHub, python3, boost, cmake }:
|
||||
|
||||
let
|
||||
rev = "03e0070f263fbe31c247de61d259544722786210";
|
||||
rev = "2f06397673bbca3da11928d538b8ab7d01c944c6";
|
||||
# git describe --tags
|
||||
realVersion = "1.0-532-g${builtins.substring 0 7 rev}";
|
||||
realVersion = "1.0-534-g${builtins.substring 0 7 rev}";
|
||||
in stdenv.mkDerivation rec {
|
||||
pname = "trellis";
|
||||
version = "2021-09-01";
|
||||
version = "2021-12-14";
|
||||
|
||||
srcs = [
|
||||
(fetchFromGitHub {
|
||||
owner = "YosysHQ";
|
||||
repo = "prjtrellis";
|
||||
inherit rev;
|
||||
sha256 = "joQMsjVj8d3M3IaqOkfVQ1I5qPDM8HHJiye+Ak8f3dg=";
|
||||
hash = "sha256-m5CalAIbzY2bhOvpBbPBeLZeDp+itk1HlRsSmtiddaA=";
|
||||
name = "trellis";
|
||||
})
|
||||
|
||||
(fetchFromGitHub {
|
||||
owner = "YosysHQ";
|
||||
repo = "prjtrellis-db";
|
||||
# note: the upstream submodule points to revision 0ee729d20eaf,
|
||||
# but that's just the tip of the branch that was merged into master.
|
||||
# fdf4bf275a is the merge commit itself
|
||||
rev = "fdf4bf275a7402654bc643db537173e2fbc86103";
|
||||
sha256 = "eDq2wU2pnfK9bOkEVZ07NQPv02Dc6iB+p5GTtVBiyQA=";
|
||||
name = "trellis-database";
|
||||
|
|
|
@ -1,20 +1,34 @@
|
|||
{ lib, stdenv, fetchurl, jre }:
|
||||
{ lib, stdenv, fetchurl, makeWrapper, jre }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "alda";
|
||||
version = "1.5.0";
|
||||
version = "2.0.6";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/alda-lang/alda/releases/download/${version}/alda";
|
||||
sha256 = "sha256-OHbOsgYN87ThU7EgjCgxADnOv32qIi+7XwDwcW0dmV0=";
|
||||
src_alda = fetchurl {
|
||||
url = "https://alda-releases.nyc3.digitaloceanspaces.com/${version}/client/linux-amd64/alda";
|
||||
sha256 = "1078hywl3gim5wfgxb0xwbk1dn80ls3i7y33n76qsdd4b0x0sn7i";
|
||||
};
|
||||
|
||||
src_player = fetchurl {
|
||||
url = "https://alda-releases.nyc3.digitaloceanspaces.com/${version}/player/non-windows/alda-player";
|
||||
sha256 = "1g7k2qnh4vcw63604z7zbvhbpn7l1v3m9mx4j4vywfq6qar1r6ck";
|
||||
};
|
||||
|
||||
dontUnpack = true;
|
||||
|
||||
installPhase = ''
|
||||
install -Dm755 $src $out/bin/alda
|
||||
sed -i -e '1 s!java!${jre}/bin/java!' $out/bin/alda
|
||||
'';
|
||||
nativeBuildInputs = [ makeWrapper ];
|
||||
|
||||
installPhase =
|
||||
let
|
||||
binPath = lib.makeBinPath [ jre ];
|
||||
in
|
||||
''
|
||||
install -D $src_alda $out/bin/alda
|
||||
install -D $src_player $out/bin/alda-player
|
||||
|
||||
wrapProgram $out/bin/alda --prefix PATH : $out/bin:${binPath}
|
||||
wrapProgram $out/bin/alda-player --prefix PATH : $out/bin:${binPath}
|
||||
'';
|
||||
|
||||
meta = with lib; {
|
||||
description = "A music programming language for musicians";
|
||||
|
@ -23,5 +37,4 @@ stdenv.mkDerivation rec {
|
|||
maintainers = [ maintainers.ericdallo ];
|
||||
platforms = jre.meta.platforms;
|
||||
};
|
||||
|
||||
}
|
||||
|
|
|
@ -2,13 +2,14 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "assimp";
|
||||
version = "5.0.1";
|
||||
version = "5.1.3";
|
||||
outputs = [ "out" "lib" "dev" ];
|
||||
|
||||
src = fetchFromGitHub{
|
||||
owner = "assimp";
|
||||
repo = "assimp";
|
||||
rev = "v${version}";
|
||||
sha256 = "00vxzfcrs856qnyk806wqr67nmpjk06mjby0fqmyhm6i1jj2hg1w";
|
||||
hash = "sha256-GNSfaP8O5IsjGwtC3DFaV4OiMMUXIcmHmz+5TCT/HP8=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake ];
|
||||
|
@ -16,7 +17,7 @@ stdenv.mkDerivation rec {
|
|||
|
||||
meta = with lib; {
|
||||
description = "A library to import various 3D model formats";
|
||||
homepage = "http://assimp.sourceforge.net/";
|
||||
homepage = "https://www.assimp.org/";
|
||||
license = licenses.bsd3;
|
||||
maintainers = with maintainers; [ ehmry ];
|
||||
platforms = platforms.linux ++ platforms.darwin;
|
||||
|
|
|
@ -1,33 +1,35 @@
|
|||
{ lib, stdenv, fetchFromGitHub, cmake
|
||||
{ lib
|
||||
, stdenv
|
||||
, fetchFromGitHub
|
||||
, cmake
|
||||
, python3
|
||||
, withAnimation ? true
|
||||
, withTranscoder ? true
|
||||
}:
|
||||
|
||||
let
|
||||
cmakeBool = b: if b then "ON" else "OFF";
|
||||
in
|
||||
stdenv.mkDerivation rec {
|
||||
version = "1.4.3";
|
||||
version = "1.5.0";
|
||||
pname = "draco";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "google";
|
||||
repo = "draco";
|
||||
rev = version;
|
||||
sha256 = "sha256-eSu6tkWbRHzJkWwPgljaScAuL0gRkp8PJUHWC8mUvOw=";
|
||||
hash = "sha256-BoJg2lZBPVVm6Nc0XK8QSISpe+B8tpgRg9PFncN4+fY=";
|
||||
fetchSubmodules = true;
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake ];
|
||||
nativeBuildInputs = [ cmake python3 ];
|
||||
|
||||
cmakeFlags = [
|
||||
# Fake these since we are building from a tarball
|
||||
"-Ddraco_git_hash=${version}"
|
||||
"-Ddraco_git_desc=${version}"
|
||||
|
||||
"-DBUILD_UNITY_PLUGIN=1"
|
||||
"-DDRACO_ANIMATION_ENCODING=${cmakeBool withAnimation}"
|
||||
"-DDRACO_TRANSCODER_SUPPORTED=${cmakeBool withTranscoder}"
|
||||
"-DBUILD_SHARED_LIBS=${cmakeBool true}"
|
||||
];
|
||||
|
||||
# Upstream mistakenly installs to /nix/store/.../nix/store/.../*, work around that
|
||||
postInstall = ''
|
||||
mv $out/nix/store/*/* $out
|
||||
rm -rf $out/nix
|
||||
'';
|
||||
|
||||
meta = with lib; {
|
||||
description = "Library for compressing and decompressing 3D geometric meshes and point clouds";
|
||||
homepage = "https://google.github.io/draco/";
|
||||
|
|
|
@ -1,19 +1,19 @@
|
|||
{ lib, stdenv, fetchFromGitHub, cmake, protozero, expat, zlib, bzip2, boost }:
|
||||
{ lib, stdenv, fetchFromGitHub, cmake, protozero, expat, zlib, bzip2, boost, lz4 }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "libosmium";
|
||||
version = "2.17.1";
|
||||
version = "2.17.2";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "osmcode";
|
||||
repo = "libosmium";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-riNcIC60gw9qxF8UmPjq03XuD3of0BxKbZpgwjMNh3c=";
|
||||
sha256 = "sha256-+WeEK7rWoUPAiAsgd5qT2bwDf+5IlP4uuyh7+i2L/HU=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake ];
|
||||
|
||||
buildInputs = [ protozero zlib bzip2 expat boost ];
|
||||
buildInputs = [ protozero zlib bzip2 expat boost lz4 ];
|
||||
|
||||
cmakeFlags = [ "-DINSTALL_GDALCPP:BOOL=ON" ];
|
||||
|
||||
|
|
|
@ -23,7 +23,7 @@ stdenv.mkDerivation rec {
|
|||
NIX_LDFLAGS = lib.optionalString stdenv.isDarwin "-lX11";
|
||||
|
||||
meta = with lib; {
|
||||
homepage = "https://people.freedesktop.org/~aplattner/vdpau/";
|
||||
homepage = "https://www.freedesktop.org/wiki/Software/VDPAU/";
|
||||
description = "Library to use the Video Decode and Presentation API for Unix (VDPAU)";
|
||||
license = licenses.mit; # expat version
|
||||
platforms = platforms.unix;
|
||||
|
|
|
@ -2,12 +2,12 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "tkrzw";
|
||||
version = "0.9.51";
|
||||
version = "1.0.21";
|
||||
# TODO: defeat multi-output reference cycles
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://dbmx.net/tkrzw/pkg/tkrzw-${version}.tar.gz";
|
||||
hash = "sha256-UqF2cJ/r8OksAKyHw6B9UiBFIXgKeDmD2ZyJ+iPkY2w=";
|
||||
hash = "sha256-1g3sIRXxYtD8XGVNpbn4HLTCi+xl2yfJklbUouMQcHs=";
|
||||
};
|
||||
|
||||
enableParallelBuilding = true;
|
||||
|
|
|
@ -1,25 +0,0 @@
|
|||
{ lib, buildNimPackage, fetchFromGitHub, python27 }:
|
||||
|
||||
buildNimPackage rec {
|
||||
pname = "python";
|
||||
version = "1.2";
|
||||
src = fetchFromGitHub {
|
||||
owner = "nim-lang";
|
||||
repo = pname;
|
||||
rev = "b7c3b2c447a69fdb0a974ba149062e52182fda08";
|
||||
hash = "sha256-Wl4on0rf4zbNxmwmq/ZkNiPIFCZY+1BdokPQoba2EVI=";
|
||||
};
|
||||
postPatch = let pythonLib = "${python27}/lib/libpython2.7.so";
|
||||
in ''
|
||||
substituteInPlace src/python.nim \
|
||||
--replace 'items(LibNames)' "[\"${pythonLib}\"]" \
|
||||
--replace 'dynlib: dllname' 'dynlib: "${pythonLib}"'
|
||||
'';
|
||||
doCheck = true;
|
||||
meta = with lib;
|
||||
src.meta // {
|
||||
description = "Nim wrapper for the Python 2 programming language";
|
||||
license = [ licenses.mit ];
|
||||
maintainers = [ maintainers.ehmry ];
|
||||
};
|
||||
}
|
|
@ -1,4 +1,4 @@
|
|||
{ lib, buildNimPackage, fetchFromGitHub, python, rocksdb, snappy, spryvm, stew
|
||||
{ lib, buildNimPackage, fetchFromGitHub, rocksdb, snappy, spryvm, stew
|
||||
, tempfile, ui }:
|
||||
|
||||
buildNimPackage rec {
|
||||
|
@ -10,8 +10,8 @@ buildNimPackage rec {
|
|||
rev = "098da7bb34a9113d5db5402fecfc76b1c3fa3b36";
|
||||
hash = "sha256-PfWBrG2Z16tLgcN8JYpHaNMysBbbYX812Lkgk0ItMwE=";
|
||||
};
|
||||
buildInputs = [ python rocksdb snappy spryvm stew tempfile ui ];
|
||||
patches = [ ./nil.patch ];
|
||||
buildInputs = [ rocksdb snappy spryvm stew tempfile ui ];
|
||||
patches = [ ./nil.patch ./python.patch ];
|
||||
doCheck = true;
|
||||
meta = with lib;
|
||||
src.meta // {
|
||||
|
|
43
pkgs/development/nim-packages/spry/python.patch
Normal file
43
pkgs/development/nim-packages/spry/python.patch
Normal file
|
@ -0,0 +1,43 @@
|
|||
diff --git a/src/ispry.nim b/src/ispry.nim
|
||||
index 23ad6c3..d2cfc89 100644
|
||||
--- a/src/ispry.nim
|
||||
+++ b/src/ispry.nim
|
||||
@@ -21,7 +21,7 @@ import spryvm/sprycore, spryvm/sprylib, spryvm/spryextend, spryvm/sprymath,
|
||||
spryvm/spryos, spryvm/spryio, spryvm/sprymemfile, spryvm/sprythread,
|
||||
spryvm/spryoo, spryvm/sprydebug, spryvm/sprycompress, spryvm/sprystring,
|
||||
spryvm/sprymodules, spryvm/spryreflect, spryvm/spryblock, spryvm/sprynet,
|
||||
- spryvm/sprysmtp, spryvm/spryjson, spryvm/sprysqlite, spryvm/sprypython,
|
||||
+ spryvm/sprysmtp, spryvm/spryjson, spryvm/sprysqlite,
|
||||
spryvm/spryrocksdb
|
||||
|
||||
const Prompt = ">>> "
|
||||
@@ -63,7 +63,6 @@ proc main() =
|
||||
|
||||
spry.addMemfile()
|
||||
spry.addThread()
|
||||
- spry.addPython()
|
||||
spry.addDebug()
|
||||
spry.addCompress()
|
||||
spry.addReflect()
|
||||
diff --git a/src/spry.nim b/src/spry.nim
|
||||
index 670a280..cda9027 100644
|
||||
--- a/src/spry.nim
|
||||
+++ b/src/spry.nim
|
||||
@@ -14,8 +14,7 @@ import spryvm/sprycore, spryvm/sprylib, spryvm/spryextend, spryvm/sprymath,
|
||||
spryvm/spryos, spryvm/spryio, spryvm/sprymemfile, spryvm/sprythread,
|
||||
spryvm/spryoo, spryvm/sprydebug, spryvm/sprycompress, spryvm/sprystring,
|
||||
spryvm/sprymodules, spryvm/spryreflect, spryvm/spryui, spryvm/spryblock, spryvm/sprynet,
|
||||
- spryvm/sprysmtp, spryvm/spryjson, spryvm/sprysqlite, spryvm/spryrocksdb,
|
||||
- spryvm/sprypython
|
||||
+ spryvm/sprysmtp, spryvm/spryjson, spryvm/sprysqlite, spryvm/spryrocksdb
|
||||
|
||||
var spry = newInterpreter()
|
||||
|
||||
@@ -34,7 +33,6 @@ spry.addOO()
|
||||
|
||||
spry.addMemfile()
|
||||
spry.addThread()
|
||||
-spry.addPython()
|
||||
spry.addDebug()
|
||||
spry.addCompress()
|
||||
spry.addReflect()
|
|
@ -309,20 +309,13 @@ let
|
|||
|
||||
prisma = super.prisma.override rec {
|
||||
nativeBuildInputs = [ pkgs.makeWrapper ];
|
||||
version = "3.5.0";
|
||||
|
||||
inherit (pkgs.prisma-engines) version;
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/prisma/-/prisma-${version}.tgz";
|
||||
sha512 = "sha512-WEYQ+H98O0yigG+lI0gfh4iyBChvnM6QTXPDtY9eFraLXAmyb6tf/T2mUdrUAU1AEvHLVzQA5A+RpONZlQozBg==";
|
||||
sha512 = "sha512-6SqgHS/5Rq6HtHjsWsTxlj+ySamGyCLBUQfotc2lStOjPv52IQuDVpp58GieNqc9VnfuFyHUvTZw7aQB+G2fvQ==";
|
||||
};
|
||||
dependencies = [ rec {
|
||||
name = "_at_prisma_slash_engines";
|
||||
packageName = "@prisma/engines";
|
||||
version = "3.5.0-38.78a5df6def6943431f4c022e1428dbc3e833cf8e";
|
||||
src = fetchurl {
|
||||
url = "https://registry.npmjs.org/@prisma/engines/-/engines-${version}.tgz";
|
||||
sha512 = "sha512-MqZUrxuLlIbjB3wu8LrRJOKcvR4k3dunKoI4Q2bPfAwLQY0XlpsLZ3TRVW1c32ooVk939p6iGNkaCUo63Et36g==";
|
||||
};
|
||||
}];
|
||||
postInstall = with pkgs; ''
|
||||
wrapProgram "$out/bin/prisma" \
|
||||
--set PRISMA_MIGRATION_ENGINE_BINARY ${prisma-engines}/bin/migration-engine \
|
||||
|
|
|
@ -3,14 +3,14 @@
|
|||
|
||||
buildPythonPackage rec {
|
||||
pname = "bx-python";
|
||||
version = "0.8.12";
|
||||
version = "0.8.13";
|
||||
disabled = pythonOlder "3.6";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "bxlab";
|
||||
repo = "bx-python";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-bOoD2dY6Zf4HRMqZcGSot1owu/5VEkF6wpuMTzVUlFU=";
|
||||
sha256 = "0r3z02mvaswijalr42ikpa7crvliijy0aigsvp5m0frp05n4irf5";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cython ];
|
||||
|
|
|
@ -16,7 +16,7 @@
|
|||
|
||||
buildPythonPackage rec {
|
||||
pname = "cyclonedx-python-lib";
|
||||
version = "0.12.2";
|
||||
version = "0.12.3";
|
||||
format = "pyproject";
|
||||
|
||||
disabled = pythonOlder "3.6";
|
||||
|
@ -25,7 +25,7 @@ buildPythonPackage rec {
|
|||
owner = "CycloneDX";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-+NIC+dxajG5wffIFUC5MqRAiodh8ynO1fp1XTOxaR1g=";
|
||||
sha256 = "1404wcwjglq025n8ncsrl2h64g1sly83cs9sc6jpiw1g5ay4a1vi";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
|
|
@ -19,7 +19,7 @@
|
|||
, shamir-mnemonic
|
||||
, typing-extensions
|
||||
, trezor-udev-rules
|
||||
, pytest
|
||||
, pytestCheckHook
|
||||
}:
|
||||
|
||||
buildPythonPackage rec {
|
||||
|
@ -54,16 +54,7 @@ buildPythonPackage rec {
|
|||
trezor-udev-rules
|
||||
];
|
||||
|
||||
checkInputs = [
|
||||
pytest
|
||||
];
|
||||
|
||||
# disable test_tx_api.py as it requires being online
|
||||
checkPhase = ''
|
||||
runHook preCheck
|
||||
pytest --pyargs tests --ignore tests/test_tx_api.py
|
||||
runHook postCheck
|
||||
'';
|
||||
checkInputs = [ pytestCheckHook ];
|
||||
|
||||
postFixup = ''
|
||||
mkdir completions
|
||||
|
|
|
@ -17,6 +17,9 @@
|
|||
, xdg-user-dirs
|
||||
, xrandr
|
||||
, zsync
|
||||
, OVMF
|
||||
, quickemu
|
||||
, testVersion
|
||||
}:
|
||||
let
|
||||
runtimePaths = [
|
||||
|
@ -40,15 +43,20 @@ in
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "quickemu";
|
||||
version = "2.2.7";
|
||||
version = "3.11";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "wimpysworld";
|
||||
repo = pname;
|
||||
owner = "quickemu-project";
|
||||
repo = "quickemu";
|
||||
rev = version;
|
||||
sha256 = "sha256-TNG1pCePsi12QQafhayhj+V5EXq+v7qmaW5v5X8ER6s=";
|
||||
sha256 = "1xwf9vwbr57wmyxfcqzl1jnmfx3ffh7sfqf0zcdq41wqkm8s106n";
|
||||
};
|
||||
|
||||
patches = [
|
||||
./efi_vars_ensure_writable.patch
|
||||
./input_overrides.patch
|
||||
];
|
||||
|
||||
nativeBuildInputs = [ makeWrapper ];
|
||||
|
||||
installPhase = ''
|
||||
|
@ -56,16 +64,21 @@ stdenv.mkDerivation rec {
|
|||
|
||||
install -Dm755 -t "$out/bin" quickemu quickget macrecovery
|
||||
|
||||
for f in quickget macrecovery quickemu; do
|
||||
wrapProgram $out/bin/$f --prefix PATH : "${lib.makeBinPath runtimePaths}"
|
||||
done
|
||||
for f in quickget macrecovery quickemu; do
|
||||
wrapProgram $out/bin/$f \
|
||||
--prefix PATH : "${lib.makeBinPath runtimePaths}" \
|
||||
--set ENV_EFI_CODE "${OVMF.fd}/FV/OVMF_CODE.fd" \
|
||||
--set ENV_EFI_VARS "${OVMF.fd}/FV/OVMF_VARS.fd"
|
||||
done
|
||||
|
||||
runHook postInstall
|
||||
'';
|
||||
|
||||
passthru.tests = testVersion { package = quickemu; };
|
||||
|
||||
meta = with lib; {
|
||||
description = "Quickly create and run optimised Windows, macOS and Linux desktop virtual machines";
|
||||
homepage = "https://github.com/wimpysworld/quickemu";
|
||||
homepage = "https://github.com/quickemu-project/quickemu";
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ fedx-sudo ];
|
||||
};
|
||||
|
|
13
pkgs/development/quickemu/efi_vars_ensure_writable.patch
Normal file
13
pkgs/development/quickemu/efi_vars_ensure_writable.patch
Normal file
|
@ -0,0 +1,13 @@
|
|||
diff --git a/quickemu b/quickemu
|
||||
index a9a60a5..1a932ac 100755
|
||||
--- a/quickemu
|
||||
+++ b/quickemu
|
||||
@@ -197,7 +197,7 @@ function efi_vars() {
|
||||
|
||||
if [ ! -e "${VARS_OUT}" ]; then
|
||||
if [ -e "${VARS_IN}" ]; then
|
||||
- cp "${VARS_IN}" "${VARS_OUT}"
|
||||
+ cp "${VARS_IN}" "${VARS_OUT}" && chmod +w "${VARS_OUT}"
|
||||
else
|
||||
echo "ERROR! ${VARS_IN} was not found. Please install edk2."
|
||||
exit 1
|
28
pkgs/development/quickemu/input_overrides.patch
Normal file
28
pkgs/development/quickemu/input_overrides.patch
Normal file
|
@ -0,0 +1,28 @@
|
|||
diff --git a/quickemu b/quickemu
|
||||
index 1a932ac..ab2f752 100755
|
||||
--- a/quickemu
|
||||
+++ b/quickemu
|
||||
@@ -383,7 +383,10 @@ function vm_boot() {
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1929357#c5
|
||||
case ${secureboot} in
|
||||
on)
|
||||
- if [ -e "/usr/share/OVMF/OVMF_CODE_4M.secboot.fd" ]; then
|
||||
+ if [[ ${ENV_EFI_CODE_SECURE} && ${ENV_EFI_CODE_SECURE-x} ]] && [[ ${ENV_EFI_VARS_SECURE} && ${ENV_EFI_VARS_SECURE-x} ]]; then
|
||||
+ EFI_CODE="${ENV_EFI_CODE_SECURE}"
|
||||
+ efi_vars "${ENV_EFI_VARS_SECURE}" "${EFI_VARS}"
|
||||
+ elif [ -e "/usr/share/OVMF/OVMF_CODE_4M.secboot.fd" ]; then
|
||||
EFI_CODE="/usr/share/OVMF/OVMF_CODE_4M.secboot.fd"
|
||||
efi_vars "/usr/share/OVMF/OVMF_VARS_4M.fd" "${EFI_VARS}"
|
||||
elif [ -e "/usr/share/edk2/ovmf/OVMF_CODE.secboot.fd" ]; then
|
||||
@@ -402,7 +405,10 @@ function vm_boot() {
|
||||
fi
|
||||
;;
|
||||
*)
|
||||
- if [ -e "/usr/share/OVMF/OVMF_CODE_4M.fd" ]; then
|
||||
+ if [[ ${ENV_EFI_CODE} && ${ENV_EFI_CODE-x} ]] && [[ ${ENV_EFI_VARS} && ${ENV_EFI_VARS-x} ]]; then
|
||||
+ EFI_CODE="${ENV_EFI_CODE}"
|
||||
+ efi_vars "${ENV_EFI_VARS}" "${EFI_VARS}"
|
||||
+ elif [ -e "/usr/share/OVMF/OVMF_CODE_4M.fd" ]; then
|
||||
EFI_CODE="/usr/share/OVMF/OVMF_CODE_4M.fd"
|
||||
efi_vars "/usr/share/OVMF/OVMF_VARS_4M.fd" "${EFI_VARS}"
|
||||
elif [ -e "/usr/share/edk2/ovmf/OVMF_CODE.fd" ]; then
|
|
@ -46,13 +46,13 @@ with py.pkgs;
|
|||
|
||||
buildPythonApplication rec {
|
||||
pname = "checkov";
|
||||
version = "2.0.664";
|
||||
version = "2.0.668";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "bridgecrewio";
|
||||
repo = pname;
|
||||
rev = version;
|
||||
sha256 = "sha256-t7u47gkUtn9EwBWtz97GkiM8tyGCFk4S5UTQ+OosI2o=";
|
||||
sha256 = "sha256-kCqhNxqI+9F9nQvZDOYjC2Bb5a1x4a9b9aqvDe/siP0=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = with py.pkgs; [
|
||||
|
|
|
@ -14,6 +14,7 @@
|
|||
, lttng-ust
|
||||
, makeWrapper
|
||||
, nodejs-12_x
|
||||
, nodejs-16_x
|
||||
, openssl
|
||||
, stdenv
|
||||
, zlib
|
||||
|
@ -37,13 +38,13 @@ let
|
|||
in
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "github-runner";
|
||||
version = "2.284.0";
|
||||
version = "2.285.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "actions";
|
||||
repo = "runner";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-JR0OzbT5gGhO/dxb/eSjP/d/VxW/aLmTs/oPwN8b8Rc=";
|
||||
hash = "sha256-SlKUuebsoZ9OgYuDTNOlY1KMg01LFSFazrLCctiFq3A=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
@ -142,6 +143,9 @@ stdenv.mkDerivation rec {
|
|||
disabledTests = [
|
||||
# Self-updating is patched out, hence this test will fail
|
||||
"FullyQualifiedName!=GitHub.Runner.Common.Tests.Listener.RunnerL0.TestRunOnceHandleUpdateMessage"
|
||||
] ++ lib.optionals (stdenv.hostPlatform.system == "aarch64-linux") [
|
||||
# "JavaScript Actions in Alpine containers are only supported on x64 Linux runners. Detected Linux Arm64"
|
||||
"FullyQualifiedName!=GitHub.Runner.Common.Tests.Worker.StepHostL0.DetermineNodeRuntimeVersionInAlpineContainerAsync"
|
||||
] ++ map
|
||||
# Online tests
|
||||
(x: "FullyQualifiedName!=GitHub.Runner.Common.Tests.Worker.ActionManagerL0.PrepareActions_${x}")
|
||||
|
@ -189,6 +193,7 @@ stdenv.mkDerivation rec {
|
|||
|
||||
mkdir -p _layout/externals
|
||||
ln -s ${nodejs-12_x} _layout/externals/node12
|
||||
ln -s ${nodejs-16_x} _layout/externals/node16
|
||||
|
||||
# BUILDCONFIG needs to be "Debug"
|
||||
dotnet msbuild \
|
||||
|
@ -230,11 +235,12 @@ stdenv.mkDerivation rec {
|
|||
--replace './externals' "$out/externals" \
|
||||
--replace './bin' "$out/lib"
|
||||
|
||||
# The upstream package includes Node 12 and expects it at the path
|
||||
# externals/node12. As opposed to the official releases, we don't
|
||||
# link the Alpine Node flavor.
|
||||
# The upstream package includes Node {12,16} and expects it at the path
|
||||
# externals/node{12,16}. As opposed to the official releases, we don't
|
||||
# link the Alpine Node flavors.
|
||||
mkdir -p $out/externals
|
||||
ln -s ${nodejs-12_x} $out/externals/node12
|
||||
ln -s ${nodejs-16_x} $out/externals/node16
|
||||
|
||||
runHook postInstall
|
||||
'';
|
||||
|
|
|
@ -10,19 +10,19 @@
|
|||
|
||||
rustPlatform.buildRustPackage rec {
|
||||
pname = "prisma-engines";
|
||||
version = "3.5.0";
|
||||
version = "3.6.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "prisma";
|
||||
repo = "prisma-engines";
|
||||
rev = version;
|
||||
sha256 = "sha256-c4t7r9Os0nmQEBpNeZ+XdTPc/5X6Dyw0dd7J4pw5s88=";
|
||||
sha256 = "sha256-opo4CM/ONZfVWhv/2r9Mfu8eNTgcG2hwvJmSrQ/OPDA=";
|
||||
};
|
||||
|
||||
# Use system openssl.
|
||||
OPENSSL_NO_VENDOR = 1;
|
||||
|
||||
cargoSha256 = "sha256-rjqFEY7GXXWzlw5E6Wg4KPz25BbvQPuLW5m8+3CbcRw=";
|
||||
cargoSha256 = "sha256-Zrv5cI2uyGu4hOH8lKOrzA+U3ZLE+MEeD5fBxhI+eIk=";
|
||||
|
||||
nativeBuildInputs = [ pkg-config ];
|
||||
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
let
|
||||
baseName = "scalafmt";
|
||||
version = "3.0.8";
|
||||
version = "3.2.1";
|
||||
deps = stdenv.mkDerivation {
|
||||
name = "${baseName}-deps-${version}";
|
||||
buildCommand = ''
|
||||
|
@ -13,7 +13,7 @@ let
|
|||
'';
|
||||
outputHashMode = "recursive";
|
||||
outputHashAlgo = "sha256";
|
||||
outputHash = "VBU6Jg6Sq3RBy0ym5YbjLjvcfx/85f6wNMmkGVV0W88=";
|
||||
outputHash = "v1IODq88Wpjm7IxSKmD9Nub3r4XNP+jNT0A6ApX3Cas=";
|
||||
};
|
||||
in
|
||||
stdenv.mkDerivation {
|
||||
|
|
|
@ -10,17 +10,17 @@ let
|
|||
};
|
||||
|
||||
self = common.overrideAttrs (common: rec {
|
||||
version = "0.F-2";
|
||||
version = "0.F-3";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "CleverRaven";
|
||||
repo = "Cataclysm-DDA";
|
||||
rev = version;
|
||||
sha256 = "sha256-8AZOrO/Wxui+LqAZo8hURktMTycecIgOONUJmE3M+vM=";
|
||||
sha256 = "sha256-2su1uQaWl9WG41207dRvOTdVKcQsEz/y0uTi9JX52uI=";
|
||||
};
|
||||
|
||||
makeFlags = common.makeFlags ++ [
|
||||
# Makefile declares version as 0.F, even under 0.F-2
|
||||
# Makefile declares version as 0.F, with no minor release number
|
||||
"VERSION=${version}"
|
||||
];
|
||||
|
||||
|
|
|
@ -2,13 +2,13 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "vkquake";
|
||||
version = "1.11.0";
|
||||
version = "1.12.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "Novum";
|
||||
repo = "vkQuake";
|
||||
rev = version;
|
||||
sha256 = "sha256-FbHqpBiTJWeJPBHUBTOIuXRoLttmDIpip5wUvuVw8YI=";
|
||||
sha256 = "sha256-D6JtYhR+bkYYm4yuipNrsonziDGiDWICEohy4Mgdr+0=";
|
||||
};
|
||||
|
||||
sourceRoot = "source/Quake";
|
||||
|
|
|
@ -21,8 +21,7 @@ stdenv.mkDerivation rec {
|
|||
--replace /etc "$out/etc"
|
||||
|
||||
substituteInPlace $WRAPPER \
|
||||
--replace "\`cp " "\`cp -p " \
|
||||
--replace "\`mv " "\`cp -p "
|
||||
--replace "cp " "cp -p "
|
||||
'';
|
||||
|
||||
buildPhase = ''
|
||||
|
@ -33,11 +32,18 @@ stdenv.mkDerivation rec {
|
|||
|
||||
installPhase = ''
|
||||
TARGETFOLDER=$out/opt/brother/Printers/mfcj470dw/cupswrapper/
|
||||
mkdir -p $out/opt/brother/Printers/mfcj470dw/cupswrapper/
|
||||
PPDFOLDER=$out/share/cups/model/
|
||||
FILTERFOLDER=$out/lib/cups/filter/
|
||||
|
||||
mkdir -p $TARGETFOLDER
|
||||
mkdir -p $PPDFOLDER
|
||||
mkdir -p $FILTERFOLDER
|
||||
|
||||
cp brcupsconfpt1/brcupsconfpt1 $TARGETFOLDER
|
||||
cp cupswrapper/cupswrappermfcj470dw $TARGETFOLDER/
|
||||
cp PPD/brother_mfcj470dw_printer_en.ppd $TARGETFOLDER/
|
||||
cp cupswrapper/cupswrappermfcj470dw $TARGETFOLDER
|
||||
cp PPD/brother_mfcj470dw_printer_en.ppd $PPDFOLDER
|
||||
|
||||
ln -s ${mfcj470dwlpr}/lib/cups/filter/brother_lpdwrapper_mfcj470dw $FILTERFOLDER/
|
||||
'';
|
||||
|
||||
cleanPhase = ''
|
||||
|
|
|
@ -25,14 +25,14 @@ stdenv.mkDerivation rec {
|
|||
let
|
||||
ae.prebuilt = fetchurl {
|
||||
url = "https://download.01.org/intel-sgx/sgx-linux/${versionTag}/prebuilt_ae_${versionTag}.tar.gz";
|
||||
hash = "sha256-nGKZEpT2Mx0DLgqjv9qbZqBt1pQaSHcnA0K6nHma3sk";
|
||||
hash = "sha256-JriA9UGYFkAPuCtRizk8RMM1YOYGR/eO9ILnx47A40s=";
|
||||
};
|
||||
dcap = rec {
|
||||
version = "1.11";
|
||||
version = "1.12.1";
|
||||
filename = "prebuilt_dcap_${version}.tar.gz";
|
||||
prebuilt = fetchurl {
|
||||
url = "https://download.01.org/intel-sgx/sgx-dcap/${version}/linux/${filename}";
|
||||
hash = "sha256-ShGScS4yNLki04RNPxxLvqzGmy4U1L0gVETvfAo8w9M=";
|
||||
hash = "sha256-V/XHva9Sq3P36xSW+Sd0G6Dnk4H0ANO1Ns/u+FI1eGI=";
|
||||
};
|
||||
};
|
||||
in
|
||||
|
|
|
@ -1,7 +1,8 @@
|
|||
{ lib
|
||||
, stdenv
|
||||
, fetchzip
|
||||
, fetchFromGitHub
|
||||
, fetchpatch
|
||||
, fetchzip
|
||||
, callPackage
|
||||
, autoconf
|
||||
, automake
|
||||
|
@ -25,40 +26,33 @@
|
|||
}:
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "sgx-sdk";
|
||||
version = "2.14.100.2";
|
||||
|
||||
versionTag = lib.concatStringsSep "." (lib.take 2 (lib.splitVersion version));
|
||||
# Version as given in se_version.h
|
||||
version = "2.15.101.1";
|
||||
# Version as used in the Git tag
|
||||
versionTag = "2.15.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "intel";
|
||||
repo = "linux-sgx";
|
||||
rev = "sgx_${versionTag}";
|
||||
hash = "sha256-D/QZWBUe1gRbbjWnV10b7IPoM3utefAsOEKnQuasIrM=";
|
||||
hash = "sha256-e11COTR5eDPMB81aPRKatvIkAOeX+OZgnvn2utiv78M=";
|
||||
fetchSubmodules = true;
|
||||
};
|
||||
|
||||
postUnpack =
|
||||
let
|
||||
optlibName = "optimized_libs_${versionTag}.tar.gz";
|
||||
optimizedLibs = fetchzip {
|
||||
url = "https://download.01.org/intel-sgx/sgx-linux/${versionTag}/${optlibName}";
|
||||
hash = "sha256-FjNhNV9+KDMvBYdWXZbua6qYOc3Z1/jtcF4j52TSxQY=";
|
||||
stripRoot = false;
|
||||
};
|
||||
sgxIPPCryptoHeader = "${optimizedLibs}/external/ippcp_internal/inc/sgx_ippcp.h";
|
||||
in
|
||||
''
|
||||
# Make sure this is the right version of linux-sgx
|
||||
grep -q '"${version}"' "$src/common/inc/internal/se_version.h" \
|
||||
|| (echo "Could not find expected version ${version} in linux-sgx source" >&2 && exit 1)
|
||||
postUnpack = ''
|
||||
# Make sure this is the right version of linux-sgx
|
||||
grep -q '"${version}"' "$src/common/inc/internal/se_version.h" \
|
||||
|| (echo "Could not find expected version ${version} in linux-sgx source" >&2 && exit 1)
|
||||
'';
|
||||
|
||||
# Make sure we use the correct version to build IPP Crypto
|
||||
grep -q 'optlib_name=${optlibName}' "$src/download_prebuilt.sh" \
|
||||
|| (echo "Could not find expected optimized libs ${optlibName} in linux-sgx source" >&2 && exit 1)
|
||||
|
||||
# Add missing sgx_ippcp.h: https://github.com/intel/linux-sgx/pull/752
|
||||
ln -s ${sgxIPPCryptoHeader} "$sourceRoot/external/ippcp_internal/inc/sgx_ippcp.h"
|
||||
'';
|
||||
patches = [
|
||||
# Commit to add missing sgx_ippcp.h not yet part of this release
|
||||
(fetchpatch {
|
||||
name = "add-missing-sgx_ippcp-header.patch";
|
||||
url = "https://github.com/intel/linux-sgx/commit/51d1087b707a47e18588da7bae23e5f686d44be6.patch";
|
||||
sha256 = "sha256-RZC14H1oEuGp0zn8CySDPy1KNqP/POqb+KMYoQt2A7M=";
|
||||
})
|
||||
];
|
||||
|
||||
postPatch = ''
|
||||
# https://github.com/intel/linux-sgx/pull/730
|
||||
|
@ -121,7 +115,7 @@ stdenv.mkDerivation rec {
|
|||
|
||||
pushd 'external/ippcp_internal'
|
||||
|
||||
install ${ipp-crypto-no_mitigation}/include/* inc/
|
||||
cp -r ${ipp-crypto-no_mitigation}/include/. inc/
|
||||
|
||||
install -D -m a+rw ${ipp-crypto-no_mitigation}/lib/intel64/libippcp.a \
|
||||
lib/linux/intel64/no_mitigation/libippcp.a
|
||||
|
@ -131,7 +125,7 @@ stdenv.mkDerivation rec {
|
|||
lib/linux/intel64/cve_2020_0551_cf/libippcp.a
|
||||
|
||||
rm inc/ippcp.h
|
||||
patch ${ipp-crypto-no_mitigation}/include/ippcp.h -i inc/ippcp20u3.patch -o inc/ippcp.h
|
||||
patch ${ipp-crypto-no_mitigation}/include/ippcp.h -i inc/ippcp21u3.patch -o inc/ippcp.h
|
||||
|
||||
install -D ${ipp-crypto-no_mitigation.src}/LICENSE license/LICENSE
|
||||
|
||||
|
@ -227,8 +221,7 @@ stdenv.mkDerivation rec {
|
|||
--replace '/opt/intel/sgxsdk' "$out"
|
||||
for file in $out/share/SampleCode/*/Makefile; do
|
||||
substituteInPlace $file \
|
||||
--replace '/opt/intel/sgxsdk' "$out" \
|
||||
--replace '$(SGX_SDK)/buildenv.mk' "$out/share/bin/buildenv.mk"
|
||||
--replace '/opt/intel/sgxsdk' "$out"
|
||||
done
|
||||
|
||||
header "Fixing BINUTILS_DIR in buildenv.mk"
|
||||
|
|
|
@ -2,23 +2,35 @@
|
|||
, stdenv
|
||||
, fetchFromGitHub
|
||||
, cmake
|
||||
, python3
|
||||
, nasm
|
||||
, openssl
|
||||
, python3
|
||||
, extraCmakeFlags ? [ ]
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "ipp-crypto";
|
||||
version = "2020_update3";
|
||||
version = "2021.3";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "intel";
|
||||
repo = "ipp-crypto";
|
||||
rev = "ipp-crypto_${version}";
|
||||
sha256 = "02vlda6mlhbd12ljzdf65klpx4kmx1ylch9w3yllsiya4hwqzy4b";
|
||||
rev = "ippcp_${version}";
|
||||
hash = "sha256-QEJXvQ//zhQqibFxXwPMdS1MHewgyb24LRmkycVSGrM=";
|
||||
};
|
||||
|
||||
# Fix typo: https://github.com/intel/ipp-crypto/pull/33
|
||||
postPatch = ''
|
||||
substituteInPlace sources/cmake/ippcp-gen-config.cmake \
|
||||
--replace 'ippcpo-config.cmake' 'ippcp-config.cmake'
|
||||
'';
|
||||
|
||||
cmakeFlags = [ "-DARCH=intel64" ] ++ extraCmakeFlags;
|
||||
|
||||
nativeBuildInputs = [ cmake python3 nasm ];
|
||||
nativeBuildInputs = [
|
||||
cmake
|
||||
nasm
|
||||
openssl
|
||||
python3
|
||||
];
|
||||
}
|
||||
|
|
|
@ -12,7 +12,11 @@ let
|
|||
buildInputs = [
|
||||
sgx-sdk
|
||||
];
|
||||
enableParallelBuilding = true;
|
||||
|
||||
# The samples don't have proper support for parallel building
|
||||
# causing them to fail randomly.
|
||||
enableParallelBuilding = false;
|
||||
|
||||
buildFlags = [
|
||||
"SGX_MODE=SIM"
|
||||
];
|
||||
|
@ -44,6 +48,7 @@ in
|
|||
# Requires interaction
|
||||
doInstallCheck = false;
|
||||
});
|
||||
protobufSGXDemo = buildSample "ProtobufSGXDemo";
|
||||
remoteAttestation = (buildSample "RemoteAttestation").overrideAttrs (oldAttrs: {
|
||||
dontFixup = true;
|
||||
installCheckPhase = ''
|
||||
|
@ -52,6 +57,7 @@ in
|
|||
});
|
||||
sampleEnclave = buildSample "SampleEnclave";
|
||||
sampleEnclavePCL = buildSample "SampleEnclavePCL";
|
||||
sampleEnclaveGMIPP = buildSample "SampleEnclaveGMIPP";
|
||||
sealUnseal = buildSample "SealUnseal";
|
||||
switchless = buildSample "Switchless";
|
||||
}
|
||||
|
|
39
pkgs/servers/http/apache-modules/mod_itk/default.nix
Normal file
39
pkgs/servers/http/apache-modules/mod_itk/default.nix
Normal file
|
@ -0,0 +1,39 @@
|
|||
{ lib
|
||||
, stdenv
|
||||
, fetchurl
|
||||
, pkg-config
|
||||
, mod_ca
|
||||
, apr
|
||||
, aprutil
|
||||
, apacheHttpd
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "mod_itk";
|
||||
version = "2.4.7-04";
|
||||
|
||||
src = fetchurl {
|
||||
url = "http://mpm-itk.sesse.net/mpm-itk-${version}.tar.gz";
|
||||
sha256 = "sha256:1kzgd1332pgpxf489kr0vdwsaik0y8wp3q282d4wa5jlk7l877v0";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ pkg-config ];
|
||||
buildInputs = [ mod_ca apr aprutil apacheHttpd ];
|
||||
|
||||
installPhase = ''
|
||||
runHook preInstall
|
||||
|
||||
mkdir -p $out/modules
|
||||
${apacheHttpd.dev}/bin/apxs -S LIBEXECDIR=$out/modules -i mpm_itk.la
|
||||
|
||||
runHook postInstall
|
||||
'';
|
||||
|
||||
meta = with lib; {
|
||||
description = "an MPM (Multi-Processing Module) for the Apache web server.";
|
||||
maintainers = [ maintainers.zupo ];
|
||||
homepage = "http://mpm-itk.sesse.net/";
|
||||
license = licenses.asl20;
|
||||
platforms = platforms.unix;
|
||||
};
|
||||
}
|
|
@ -45,7 +45,6 @@ nimPackages.buildNimPackage rec {
|
|||
homepage = "https://github.com/zedeus/nitter";
|
||||
maintainers = with maintainers; [ erdnaxe ];
|
||||
license = licenses.agpl3Only;
|
||||
platforms = [ "x86_64-linux" ];
|
||||
mainProgram = "nitter";
|
||||
};
|
||||
}
|
||||
|
|
|
@ -2,13 +2,13 @@
|
|||
|
||||
buildGoModule rec {
|
||||
pname = "tailscale";
|
||||
version = "1.18.1";
|
||||
version = "1.18.2";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "tailscale";
|
||||
repo = "tailscale";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-DmgCuv10TiB4UYISthJ1UghuPdvRKYl0cU9VxDvFjMc=";
|
||||
sha256 = "sha256-8leFG2gYXw+orN/2NfjTvgRqSZSdso7OHIgECEJrO9k=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = lib.optionals stdenv.isLinux [ makeWrapper ];
|
||||
|
|
|
@ -21,7 +21,9 @@ mkDerivation rec {
|
|||
};
|
||||
|
||||
patches = [
|
||||
# Support for USE_LAUNCHER_ABSOLUTE_PATH.
|
||||
# Use absolute install path for `Exec=` in the desktop file.
|
||||
# This is required since KWin relies on absolute paths in `Exec=` to find a process'
|
||||
# corresponding desktop file and check if it's allowed to take screenshot.
|
||||
# Should be removed when the next release comes out.
|
||||
(fetchpatch {
|
||||
url = "https://github.com/flameshot-org/flameshot/commit/1031980ed1e62d24d7f719998b7951d48801e3fa.patch";
|
||||
|
@ -44,9 +46,6 @@ mkDerivation rec {
|
|||
nativeBuildInputs = [ cmake qttools qtsvg ];
|
||||
buildInputs = [ qtbase ];
|
||||
|
||||
# Use relative path for the .desktop file.
|
||||
cmakeFlags = [ "-DUSE_LAUNCHER_ABSOLUTE_PATH=OFF" ];
|
||||
|
||||
meta = with lib; {
|
||||
description = "Powerful yet simple to use screenshot software";
|
||||
homepage = "https://github.com/flameshot-org/flameshot";
|
||||
|
|
|
@ -35,6 +35,8 @@ stdenv.mkDerivation rec {
|
|||
url = "https://github.com/deiv/driftnet/pull/33/commits/bef5f3509ab5710161e9e21ea960a997eada534f.patch";
|
||||
sha256 = "1b7p9fkgp7dxv965l7q7y632s80h3nnrkaqnak2h0hakwv0i4pvm";
|
||||
})
|
||||
# https://github.com/deiv/driftnet/issues/37
|
||||
./libwebsockets-4.3.0.patch
|
||||
];
|
||||
|
||||
enableParallelBuilding = true;
|
||||
|
@ -59,6 +61,6 @@ stdenv.mkDerivation rec {
|
|||
homepage = "https://github.com/deiv/driftnet";
|
||||
maintainers = with maintainers; [ offline ];
|
||||
platforms = platforms.linux ++ platforms.darwin;
|
||||
license = licenses.gpl2;
|
||||
license = licenses.gpl2Plus;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,61 +0,0 @@
|
|||
diff --git a/src/compat/compat.h b/src/compat/compat.h
|
||||
index 6add422..ea80406 100644
|
||||
--- a/src/compat/compat.h
|
||||
+++ b/src/compat/compat.h
|
||||
@@ -17,7 +17,7 @@
|
||||
#include <config.h>
|
||||
#endif
|
||||
|
||||
-#ifdef __FreeBSD__
|
||||
+#if defined(__FreeBSD__) || defined(__APPLE__)
|
||||
#include <sys/types.h>
|
||||
#endif
|
||||
|
||||
diff --git a/src/network/layer2.c b/src/network/layer2.c
|
||||
index 763f0ac..2497b72 100644
|
||||
--- a/src/network/layer2.c
|
||||
+++ b/src/network/layer2.c
|
||||
@@ -14,7 +14,7 @@
|
||||
|
||||
#include <string.h>
|
||||
|
||||
-#ifdef __FreeBSD__
|
||||
+#if defined(__FreeBSD__) || defined(__APPLE__)
|
||||
#include <netinet/in_systm.h>
|
||||
#include <netinet/in.h>
|
||||
#else
|
||||
@@ -29,7 +29,7 @@
|
||||
/*
|
||||
* Freebsd and Cygwin doesn't define 'ethhdr'
|
||||
*/
|
||||
-#if defined(__FreeBSD__) || defined(__CYGWIN__)
|
||||
+#if defined(__FreeBSD__) || defined(__CYGWIN__) || defined(__APPLE__)
|
||||
|
||||
#define ETH_ALEN 6 /* Octets in one ethernet addr */
|
||||
#define ETH_P_IP 0x0800 /* Internet Protocol packet */
|
||||
diff --git a/src/network/layer3.c b/src/network/layer3.c
|
||||
index 7864126..aae2041 100644
|
||||
--- a/src/network/layer3.c
|
||||
+++ b/src/network/layer3.c
|
||||
@@ -15,7 +15,7 @@
|
||||
#include <string.h>
|
||||
#include <assert.h>
|
||||
|
||||
-#ifdef __FreeBSD__
|
||||
+#if defined(__FreeBSD__) || defined(__APPLE__)
|
||||
#include <netinet/in_systm.h>
|
||||
#include <netinet/in.h>
|
||||
#include <sys/socket.h>
|
||||
diff --git a/src/pid.c b/src/pid.c
|
||||
index 621834e..94e7dcc 100644
|
||||
--- a/src/pid.c
|
||||
+++ b/src/pid.c
|
||||
@@ -14,7 +14,7 @@
|
||||
|
||||
#include "compat/compat.h"
|
||||
|
||||
-#ifdef __FreeBSD__
|
||||
+#if defined(__FreeBSD__) || defined(__APPLE__)
|
||||
#include <sys/stat.h>
|
||||
#endif
|
||||
#include <fcntl.h>
|
12
pkgs/tools/networking/driftnet/libwebsockets-4.3.0.patch
Normal file
12
pkgs/tools/networking/driftnet/libwebsockets-4.3.0.patch
Normal file
|
@ -0,0 +1,12 @@
|
|||
diff --git a/src/http_display/httpd.c b/src/http_display/httpd.c
|
||||
index f4709ef..7921d23 100644
|
||||
--- a/src/http_display/httpd.c
|
||||
+++ b/src/http_display/httpd.c
|
||||
@@ -191,7 +191,6 @@ static void * http_server_dispatch(void *arg)
|
||||
LWSMPRO_FILE, /* mount type is a directory in a filesystem */
|
||||
1, /* strlen("/"), ie length of the mountpoint */
|
||||
NULL,
|
||||
- { NULL, NULL } // sentinel
|
||||
};
|
||||
|
||||
memset(&info, 0, sizeof info);
|
|
@ -1,6 +1,6 @@
|
|||
{ lib
|
||||
, stdenv
|
||||
, fetchFromGitHub, fetchpatch
|
||||
, fetchFromGitHub
|
||||
, autoreconfHook
|
||||
, pkg-config
|
||||
, libtasn1, openssl, fuse, glib, libseccomp, json-glib
|
||||
|
@ -8,32 +8,32 @@
|
|||
, unixtools, expect, socat
|
||||
, gnutls
|
||||
, perl
|
||||
|
||||
# Tests
|
||||
, python3, which
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "swtpm";
|
||||
version = "0.6.1";
|
||||
version = "0.7.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "stefanberger";
|
||||
repo = "swtpm";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-iy8xjKnPLq1ntZa9x+KtLDznzu6m+1db3NPeGQESUVo=";
|
||||
sha256 = "sha256-5MKQmZxTW8WofmTkV9kGeGN5RxsgVVMFZEF3rPDUO6Q=";
|
||||
};
|
||||
|
||||
patches = [
|
||||
(fetchpatch {
|
||||
url = "https://patch-diff.githubusercontent.com/raw/stefanberger/swtpm/pull/527.patch";
|
||||
sha256 = "sha256-cpKHP15a27ifmmswSgHoNzGPO6TY/ZuJIfM5xLOlqlU=";
|
||||
})
|
||||
];
|
||||
|
||||
nativeBuildInputs = [
|
||||
pkg-config unixtools.netstat expect socat
|
||||
perl # for pod2man
|
||||
autoreconfHook
|
||||
];
|
||||
|
||||
checkInputs = [
|
||||
python3 which
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
libtpms
|
||||
openssl libtasn1 libseccomp
|
||||
|
@ -47,17 +47,20 @@ stdenv.mkDerivation rec {
|
|||
];
|
||||
|
||||
postPatch = ''
|
||||
patchShebangs tests/*
|
||||
|
||||
# Makefile tries to create the directory /var/lib/swtpm-localca, which fails
|
||||
substituteInPlace samples/Makefile.am \
|
||||
--replace 'install-data-local:' 'do-not-execute:'
|
||||
|
||||
# Use the correct path to the certtool binary
|
||||
# instead of relying on it being in the environment
|
||||
substituteInPlace samples/swtpm_localca.c --replace \
|
||||
substituteInPlace src/swtpm_localca/swtpm_localca.c --replace \
|
||||
'# define CERTTOOL_NAME "certtool"' \
|
||||
'# define CERTTOOL_NAME "${gnutls}/bin/certtool"'
|
||||
'';
|
||||
|
||||
doCheck = true;
|
||||
enableParallelBuilding = true;
|
||||
|
||||
outputs = [ "out" "man" ];
|
||||
|
|
|
@ -20716,6 +20716,8 @@ with pkgs;
|
|||
mod_wsgi2 = callPackage ../servers/http/apache-modules/mod_wsgi { python = python2; ncurses = null; };
|
||||
mod_wsgi3 = callPackage ../servers/http/apache-modules/mod_wsgi { python = python3; };
|
||||
|
||||
mod_itk = callPackage ../servers/http/apache-modules/mod_itk { };
|
||||
|
||||
php = pkgs.php.override { inherit apacheHttpd; };
|
||||
|
||||
subversion = pkgs.subversion.override { httpServer = true; inherit apacheHttpd; };
|
||||
|
@ -29438,7 +29440,7 @@ with pkgs;
|
|||
};
|
||||
|
||||
xastir = callPackage ../applications/misc/xastir {
|
||||
rastermagick = imagemagick;
|
||||
rastermagick = imagemagick6;
|
||||
inherit (xorg) libXt;
|
||||
};
|
||||
|
||||
|
|
|
@ -48,8 +48,6 @@ lib.makeScope newScope (self:
|
|||
|
||||
pixie = callPackage ../development/nim-packages/pixie { };
|
||||
|
||||
python = callPackage ../development/nim-packages/python { };
|
||||
|
||||
redis = callPackage ../development/nim-packages/redis { };
|
||||
|
||||
redpool = callPackage ../development/nim-packages/redpool { };
|
||||
|
|
Loading…
Reference in a new issue