Merge master into staging-next

This commit is contained in:
github-actions[bot] 2022-12-02 00:02:32 +00:00 committed by GitHub
commit f2b70bba3e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
58 changed files with 1171 additions and 666 deletions

View file

@ -1809,6 +1809,13 @@ services.github-runner.serviceOverrides.SupplementaryGroups = [
<link xlink:href="options.html#opt-services.tandoor-recipes.enable">services.tandoor-recipes</link>.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="http://www.litech.org/tayga/">TAYGA</link>,
an out-of-kernel stateless NAT64 implementation. Available as
<link linkend="opt-services.tayga.enable">services.tayga</link>.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://github.com/tmate-io/tmate-ssh-server">tmate-ssh-server</link>,

View file

@ -526,6 +526,8 @@ In addition to numerous new and upgraded packages, this release includes the fol
- [Tandoor Recipes](https://tandoor.dev), a self-hosted multi-tenant recipe collection. Available as [services.tandoor-recipes](options.html#opt-services.tandoor-recipes.enable).
- [TAYGA](http://www.litech.org/tayga/), an out-of-kernel stateless NAT64 implementation. Available as [services.tayga](#opt-services.tayga.enable).
- [tmate-ssh-server](https://github.com/tmate-io/tmate-ssh-server), server side part of [tmate](https://tmate.io/). Available as [services.tmate-ssh-server](#opt-services.tmate-ssh-server.enable).
- [Uptime Kuma](https://uptime.kuma.pet/), a fancy self-hosted monitoring tool. Available as [services.uptime-kuma](#opt-services.uptime-kuma.enable).

View file

@ -1,7 +1,7 @@
{
x86_64-linux = "/nix/store/nmq5zcd93qb1yskx42rs910ff0247nn2-nix-2.11.0";
i686-linux = "/nix/store/ja6im1sw9a8lzczi10lc0iddffl9kzmn-nix-2.11.0";
aarch64-linux = "/nix/store/myr6fcqa9y4y2fb83zz73dck52vcn81z-nix-2.11.0";
x86_64-darwin = "/nix/store/2pfjz9b22k9997gh7cb0hjk1qa4lxrvy-nix-2.11.0";
aarch64-darwin = "/nix/store/lr32i0bdarx1iqsch4sy24jj1jkfw9vf-nix-2.11.0";
x86_64-linux = "/nix/store/xdlpraypxdimjyfrr4k06narrv8nmfgh-nix-2.11.1";
i686-linux = "/nix/store/acghbpn3aaj2q64mz3ljipsgf9d9qxlp-nix-2.11.1";
aarch64-linux = "/nix/store/0lrf6danhdqjsrhala134ak8vn0b9ghj-nix-2.11.1";
x86_64-darwin = "/nix/store/60sx4c6xflgqk11gvijwzlsczbxgxgwh-nix-2.11.1";
aarch64-darwin = "/nix/store/dmk5m3nlqp1awaqrp1f06qhhkh3l102n-nix-2.11.1";
}

View file

@ -967,6 +967,7 @@
./services/networking/syncthing-relay.nix
./services/networking/syncplay.nix
./services/networking/tailscale.nix
./services/networking/tayga.nix
./services/networking/tcpcrypt.nix
./services/networking/teamspeak3.nix
./services/networking/tedicross.nix

View file

@ -17,7 +17,7 @@ let
cfgUpdate = pkgs.writeText "octoprint-config.yaml" (builtins.toJSON fullConfig);
pluginsEnv = package.python.withPackages (ps: [ps.octoprint] ++ (cfg.plugins ps));
pluginsEnv = package.python.withPackages (ps: [ ps.octoprint ] ++ (cfg.plugins ps));
package = pkgs.octoprint;
@ -47,6 +47,12 @@ in
'';
};
openFirewall = mkOption {
type = types.bool;
default = false;
description = lib.mdDoc "Open ports in the firewall for OctoPrint.";
};
user = mkOption {
type = types.str;
default = "octoprint";
@ -67,7 +73,7 @@ in
plugins = mkOption {
type = types.functionTo (types.listOf types.package);
default = plugins: [];
default = plugins: [ ];
defaultText = literalExpression "plugins: []";
example = literalExpression "plugins: with plugins; [ themeify stlviewer ]";
description = lib.mdDoc "Additional plugins to be used. Available plugins are passed through the plugins input.";
@ -75,7 +81,7 @@ in
extraConfig = mkOption {
type = types.attrs;
default = {};
default = { };
description = lib.mdDoc "Extra options which are added to OctoPrint's YAML configuration file.";
};
@ -128,6 +134,6 @@ in
};
};
networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ cfg.port ];
};
}

View file

@ -0,0 +1,195 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.tayga;
# Converts an address set to a string
strAddr = addr: "${addr.address}/${toString addr.prefixLength}";
configFile = pkgs.writeText "tayga.conf" ''
tun-device ${cfg.tunDevice}
ipv4-addr ${cfg.ipv4.address}
${optionalString (cfg.ipv6.address != null) "ipv6-addr ${cfg.ipv6.address}"}
prefix ${strAddr cfg.ipv6.pool}
dynamic-pool ${strAddr cfg.ipv4.pool}
data-dir ${cfg.dataDir}
'';
addrOpts = v:
assert v == 4 || v == 6;
{
options = {
address = mkOption {
type = types.str;
description = lib.mdDoc "IPv${toString v} address.";
};
prefixLength = mkOption {
type = types.addCheck types.int (n: n >= 0 && n <= (if v == 4 then 32 else 128));
description = lib.mdDoc ''
Subnet mask of the interface, specified as the number of
bits in the prefix ("${if v == 4 then "24" else "64"}").
'';
};
};
};
versionOpts = v: {
options = {
router = {
address = mkOption {
type = types.str;
description = lib.mdDoc "The IPv${toString v} address of the router.";
};
};
address = mkOption {
type = types.nullOr types.str;
default = null;
description = lib.mdDoc "The source IPv${toString v} address of the TAYGA server.";
};
pool = mkOption {
type = with types; nullOr (submodule (addrOpts v));
description = lib.mdDoc "The pool of IPv${toString v} addresses which are used for translation.";
};
};
};
in
{
options = {
services.tayga = {
enable = mkEnableOption (lib.mdDoc "Tayga");
package = mkOption {
type = types.package;
default = pkgs.tayga;
defaultText = lib.literalMD "pkgs.tayga";
description = lib.mdDoc "This option specifies the TAYGA package to use.";
};
ipv4 = mkOption {
type = types.submodule (versionOpts 4);
description = lib.mdDoc "IPv4-specific configuration.";
example = literalExpression ''
{
address = "192.0.2.0";
router = {
address = "192.0.2.1";
};
pool = {
address = "192.0.2.1";
prefixLength = 24;
};
}
'';
};
ipv6 = mkOption {
type = types.submodule (versionOpts 6);
description = lib.mdDoc "IPv6-specific configuration.";
example = literalExpression ''
{
address = "2001:db8::1";
router = {
address = "64:ff9b::1";
};
pool = {
address = "64:ff9b::";
prefixLength = 96;
};
}
'';
};
dataDir = mkOption {
type = types.path;
default = "/var/lib/tayga";
description = lib.mdDoc "Directory for persistent data";
};
tunDevice = mkOption {
type = types.str;
default = "nat64";
description = lib.mdDoc "Name of the nat64 tun device";
};
};
};
config = mkIf cfg.enable {
networking.interfaces."${cfg.tunDevice}" = {
virtual = true;
virtualType = "tun";
virtualOwner = mkIf config.networking.useNetworkd "";
ipv4 = {
addresses = [
{ address = cfg.ipv4.router.address; prefixLength = 32; }
];
routes = [
cfg.ipv4.pool
];
};
ipv6 = {
addresses = [
{ address = cfg.ipv6.router.address; prefixLength = 128; }
];
routes = [
cfg.ipv6.pool
];
};
};
systemd.services.tayga = {
description = "Stateless NAT64 implementation";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig = {
ExecStart = "${cfg.package}/bin/tayga -d --nodetach --config ${configFile}";
ExecReload = "${pkgs.coreutils}/bin/kill -SIGHUP $MAINPID";
Restart = "always";
# Hardening Score:
# - nixos-scripts: 2.1
# - systemd-networkd: 1.6
ProtectHome = true;
SystemCallFilter = [
"@network-io"
"@system-service"
"~@privileged"
"~@resources"
];
ProtectKernelLogs = true;
AmbientCapabilities = [
"CAP_NET_ADMIN"
];
CapabilityBoundingSet = "";
RestrictAddressFamilies = [
"AF_INET"
"AF_INET6"
"AF_NETLINK"
];
StateDirectory = "tayga";
DynamicUser = mkIf config.networking.useNetworkd true;
MemoryDenyWriteExecute = true;
RestrictRealtime = true;
RestrictSUIDSGID = true;
ProtectHostname = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
RestrictNamespaces = true;
NoNewPrivileges = true;
ProtectControlGroups = true;
SystemCallArchitectures = "native";
PrivateTmp = true;
LockPersonality = true;
ProtectSystem = true;
PrivateUsers = true;
ProtectProc = "invisible";
};
};
};
}

View file

@ -488,5 +488,53 @@ let self = {
"22.05".us-west-1.aarch64-linux.hvm-ebs = "ami-0f96be48071c13ab2";
"22.05".us-west-2.aarch64-linux.hvm-ebs = "ami-084bc5d777585adfb";
latest = self."22.05";
# 22.11.466.596a8e828c5
"22.11".eu-west-1.x86_64-linux.hvm-ebs = "ami-01aafe08a4e74bd9a";
"22.11".af-south-1.x86_64-linux.hvm-ebs = "ami-0d937fc7bf7b8c2ed";
"22.11".ap-east-1.x86_64-linux.hvm-ebs = "ami-020e59f6affef2732";
"22.11".ap-northeast-1.x86_64-linux.hvm-ebs = "ami-04a7bd7a969506a87";
"22.11".ap-northeast-2.x86_64-linux.hvm-ebs = "ami-007b9209171e2dcdd";
"22.11".ap-northeast-3.x86_64-linux.hvm-ebs = "ami-0c4d0b584cd570584";
"22.11".ap-south-1.x86_64-linux.hvm-ebs = "ami-02aa47f84c215d593";
"22.11".ap-southeast-1.x86_64-linux.hvm-ebs = "ami-067a7fca4a01c4dda";
"22.11".ap-southeast-2.x86_64-linux.hvm-ebs = "ami-0638db75ba113c635";
"22.11".ap-southeast-3.x86_64-linux.hvm-ebs = "ami-08dcda749c59e8747";
"22.11".ca-central-1.x86_64-linux.hvm-ebs = "ami-09b007688e369f794";
"22.11".eu-central-1.x86_64-linux.hvm-ebs = "ami-05df1b211df600977";
"22.11".eu-north-1.x86_64-linux.hvm-ebs = "ami-0427d0897b928e191";
"22.11".eu-south-1.x86_64-linux.hvm-ebs = "ami-051beda489f0dd109";
"22.11".eu-west-2.x86_64-linux.hvm-ebs = "ami-0c2090b73fc610ac3";
"22.11".eu-west-3.x86_64-linux.hvm-ebs = "ami-0d03a150cf6c07022";
"22.11".me-south-1.x86_64-linux.hvm-ebs = "ami-0443b1af94bff9e3d";
"22.11".sa-east-1.x86_64-linux.hvm-ebs = "ami-07b2ce95ba17b6bc1";
"22.11".us-east-1.x86_64-linux.hvm-ebs = "ami-0508167db03652cc4";
"22.11".us-east-2.x86_64-linux.hvm-ebs = "ami-0e41ac272a7d67029";
"22.11".us-west-1.x86_64-linux.hvm-ebs = "ami-02f3fb062ee9af563";
"22.11".us-west-2.x86_64-linux.hvm-ebs = "ami-06b260b3a958948a0";
"22.11".eu-west-1.aarch64-linux.hvm-ebs = "ami-0c4132540cabbc7df";
"22.11".af-south-1.aarch64-linux.hvm-ebs = "ami-0f12780247b337357";
"22.11".ap-east-1.aarch64-linux.hvm-ebs = "ami-04789617e858da6fb";
"22.11".ap-northeast-1.aarch64-linux.hvm-ebs = "ami-0f4d8517ab163b274";
"22.11".ap-northeast-2.aarch64-linux.hvm-ebs = "ami-051a06893bcc696c1";
"22.11".ap-northeast-3.aarch64-linux.hvm-ebs = "ami-05a086610680a7d8b";
"22.11".ap-south-1.aarch64-linux.hvm-ebs = "ami-04cd79197824124cd";
"22.11".ap-southeast-1.aarch64-linux.hvm-ebs = "ami-0437f330961467257";
"22.11".ap-southeast-2.aarch64-linux.hvm-ebs = "ami-000c2ecbc430c36d7";
"22.11".ap-southeast-3.aarch64-linux.hvm-ebs = "ami-062e917296b5087c0";
"22.11".ca-central-1.aarch64-linux.hvm-ebs = "ami-0c91995b735d1b8b6";
"22.11".eu-central-1.aarch64-linux.hvm-ebs = "ami-0537d704b177a676b";
"22.11".eu-north-1.aarch64-linux.hvm-ebs = "ami-05f1f532f90d8e16c";
"22.11".eu-south-1.aarch64-linux.hvm-ebs = "ami-097fe290eafff61ad";
"22.11".eu-west-2.aarch64-linux.hvm-ebs = "ami-053b6cc7a3394891a";
"22.11".eu-west-3.aarch64-linux.hvm-ebs = "ami-0a5b6d023afde63c3";
"22.11".me-south-1.aarch64-linux.hvm-ebs = "ami-024fcb01f8638ed08";
"22.11".sa-east-1.aarch64-linux.hvm-ebs = "ami-06d72c6e930037236";
"22.11".us-east-1.aarch64-linux.hvm-ebs = "ami-0b33ffb684d6b07b5";
"22.11".us-east-2.aarch64-linux.hvm-ebs = "ami-033ff64078c59f378";
"22.11".us-west-1.aarch64-linux.hvm-ebs = "ami-052d52b9e30a18562";
"22.11".us-west-2.aarch64-linux.hvm-ebs = "ami-07418b6a4782c9521";
latest = self."22.11";
}; in self

View file

@ -638,6 +638,7 @@ in {
systemd-misc = handleTest ./systemd-misc.nix {};
tandoor-recipes = handleTest ./tandoor-recipes.nix {};
taskserver = handleTest ./taskserver.nix {};
tayga = handleTest ./tayga.nix {};
teeworlds = handleTest ./teeworlds.nix {};
telegraf = handleTest ./telegraf.nix {};
teleport = handleTest ./teleport.nix {};

235
nixos/tests/tayga.nix Normal file
View file

@ -0,0 +1,235 @@
# This test verifies that we can ping an IPv4-only server from an IPv6-only
# client via a NAT64 router. The hosts and networks are configured as follows:
#
# +------
# Client | eth1 Address: 2001:db8::2/64
# | | Route: 64:ff9b::/96 via 2001:db8::1
# +--|---
# | VLAN 3
# +--|---
# | eth2 Address: 2001:db8::1/64
# Router |
# | nat64 Address: 64:ff9b::1/128
# | Route: 64:ff9b::/96
# | Address: 192.0.2.0/32
# | Route: 192.0.2.0/24
# |
# | eth1 Address: 100.64.0.1/24
# +--|---
# | VLAN 2
# +--|---
# Server | eth1 Address: 100.64.0.2/24
# | Route: 192.0.2.0/24 via 100.64.0.1
# +------
import ./make-test-python.nix ({ pkgs, lib, ... }:
{
name = "tayga";
meta = with pkgs.lib.maintainers; {
maintainers = [ hax404 ];
};
nodes = {
# The server is configured with static IPv4 addresses. RFC 6052 Section 3.1
# disallows the mapping of non-global IPv4 addresses like RFC 1918 into the
# Well-Known Prefix 64:ff9b::/96. TAYGA also does not allow the mapping of
# documentation space (RFC 5737). To circumvent this, 100.64.0.2/24 from
# RFC 6589 (Carrier Grade NAT) is used here.
# To reach the IPv4 address pool of the NAT64 gateway, there is a static
# route configured. In normal cases, where the router would also source NAT
# the pool addresses to one IPv4 addresses, this would not be needed.
server = {
virtualisation.vlans = [
2 # towards router
];
networking = {
useDHCP = false;
interfaces.eth1 = lib.mkForce {};
};
systemd.network = {
enable = true;
networks."vlan1" = {
matchConfig.Name = "eth1";
address = [
"100.64.0.2/24"
];
routes = [
{ routeConfig = { Destination = "192.0.2.0/24"; Gateway = "100.64.0.1"; }; }
];
};
};
};
# The router is configured with static IPv4 addresses towards the server
# and IPv6 addresses towards the client. For NAT64, the Well-Known prefix
# 64:ff9b::/96 is used. NAT64 is done with TAYGA which provides the
# tun-interface nat64 and does the translation over it. The IPv6 packets
# are sent to this interfaces and received as IPv4 packets and vice versa.
# As TAYGA only translates IPv6 addresses to dedicated IPv4 addresses, it
# needs a pool of IPv4 addresses which must be at least as big as the
# expected amount of clients. In this test, the packets from the pool are
# directly routed towards the client. In normal cases, there would be a
# second source NAT44 to map all clients behind one IPv4 address.
router_systemd = {
boot.kernel.sysctl = {
"net.ipv4.ip_forward" = 1;
"net.ipv6.conf.all.forwarding" = 1;
};
virtualisation.vlans = [
2 # towards server
3 # towards client
];
networking = {
useDHCP = false;
useNetworkd = true;
firewall.enable = false;
interfaces.eth1 = lib.mkForce {
ipv4 = {
addresses = [ { address = "100.64.0.1"; prefixLength = 24; } ];
};
};
interfaces.eth2 = lib.mkForce {
ipv6 = {
addresses = [ { address = "2001:db8::1"; prefixLength = 64; } ];
};
};
};
services.tayga = {
enable = true;
ipv4 = {
address = "192.0.2.0";
router = {
address = "192.0.2.1";
};
pool = {
address = "192.0.2.0";
prefixLength = 24;
};
};
ipv6 = {
address = "2001:db8::1";
router = {
address = "64:ff9b::1";
};
pool = {
address = "64:ff9b::";
prefixLength = 96;
};
};
};
};
router_nixos = {
boot.kernel.sysctl = {
"net.ipv4.ip_forward" = 1;
"net.ipv6.conf.all.forwarding" = 1;
};
virtualisation.vlans = [
2 # towards server
3 # towards client
];
networking = {
useDHCP = false;
firewall.enable = false;
interfaces.eth1 = lib.mkForce {
ipv4 = {
addresses = [ { address = "100.64.0.1"; prefixLength = 24; } ];
};
};
interfaces.eth2 = lib.mkForce {
ipv6 = {
addresses = [ { address = "2001:db8::1"; prefixLength = 64; } ];
};
};
};
services.tayga = {
enable = true;
ipv4 = {
address = "192.0.2.0";
router = {
address = "192.0.2.1";
};
pool = {
address = "192.0.2.0";
prefixLength = 24;
};
};
ipv6 = {
address = "2001:db8::1";
router = {
address = "64:ff9b::1";
};
pool = {
address = "64:ff9b::";
prefixLength = 96;
};
};
};
};
# The client is configured with static IPv6 addresses. It has also a static
# route for the NAT64 IP space where the IPv4 addresses are mapped in. In
# normal cases, there would be only a default route.
client = {
virtualisation.vlans = [
3 # towards router
];
networking = {
useDHCP = false;
interfaces.eth1 = lib.mkForce {};
};
systemd.network = {
enable = true;
networks."vlan1" = {
matchConfig.Name = "eth1";
address = [
"2001:db8::2/64"
];
routes = [
{ routeConfig = { Destination = "64:ff9b::/96"; Gateway = "2001:db8::1"; }; }
];
};
};
environment.systemPackages = [ pkgs.mtr ];
};
};
testScript = ''
# start client and server
for machine in client, server:
machine.wait_for_unit("network-online.target")
machine.log(machine.execute("ip addr")[1])
machine.log(machine.execute("ip route")[1])
machine.log(machine.execute("ip -6 route")[1])
# test systemd-networkd and nixos-scripts based router
for router in router_systemd, router_nixos:
router.start()
router.wait_for_unit("network-online.target")
router.wait_for_unit("tayga.service")
router.log(machine.execute("ip addr")[1])
router.log(machine.execute("ip route")[1])
router.log(machine.execute("ip -6 route")[1])
with subtest("Wait for tayga"):
router.wait_for_unit("tayga.service")
with subtest("Test ICMP"):
client.wait_until_succeeds("ping -c 3 64:ff9b::100.64.0.2 >&2")
with subtest("Test ICMP and show a traceroute"):
client.wait_until_succeeds("mtr --show-ips --report-wide 64:ff9b::100.64.0.2 >&2")
router.log(router.execute("systemd-analyze security tayga.service")[1])
router.shutdown()
'';
})

View file

@ -6,7 +6,7 @@ stdenv.mkDerivation rec {
src = fetchzip {
url = "https://github.com/conduktor/builds/releases/download/v${version}/Conduktor-linux-${version}.zip";
sha256 = "1kr5yh9piqbl6njsnxgh6jzf3vifw8ja5x4qm4znmzi3r49sw0gx";
sha256 = "sha256-9y/7jni5zIITUWd75AxsfG/b5vCYotmeMeC9aYM2WEs=";
};
nativeBuildInputs = [ makeWrapper copyDesktopItems ];

View file

@ -34,6 +34,7 @@ let
src = fetchurl {
url = "https://www.charlesproxy.com/assets/release/${version}/charles-proxy-${version}${platform}.tar.gz";
curlOptsList = [ "--user-agent" "Mozilla/5.0" ]; # HTTP 104 otherwise
inherit sha256;
};
nativeBuildInputs = [ makeWrapper ];

View file

@ -1,10 +0,0 @@
{ callPackage
, buildGoModule
}:
callPackage ./generic.nix {
inherit buildGoModule;
version = "1.2.15";
sha256 = "sha256-p9yRjSapQAhuHv+slUmYI25bUb1N1A7LBiJOdk1++iI=";
vendorSha256 = "sha256-6d3tE337zVAIkzQzAnV2Ya5xwwhuzmKgtPUJcJ9HRto=";
}

View file

@ -1,10 +0,0 @@
{ callPackage
, buildGoModule
}:
callPackage ./generic.nix {
inherit buildGoModule;
version = "1.3.8";
sha256 = "sha256-hUmDWgGV8HAXew8SpcbhaiaF9VfBN5mk1W7t5lhnZ9I=";
vendorSha256 = "sha256-IfYobyDFriOldJnNfRK0QVKBfttoZZ1iOkt4cBQxd00=";
}

View file

@ -1,10 +0,0 @@
{ callPackage
, buildGoModule
}:
callPackage ./generic.nix {
inherit buildGoModule;
version = "1.4.3";
sha256 = "sha256-GQVfrn9VlzfdIj73W3hBpHcevsXZcb6Uj808HUCZUUg=";
vendorSha256 = "sha256-JQRpsQhq5r/QcgFwtnptmvnjBEhdCFrXFrTKkJioL3A=";
}

View file

@ -0,0 +1,70 @@
{ lib
, buildGoModule
, buildGo119Module
, fetchFromGitHub
, nixosTests
}:
let
generic =
{ buildGoModule, version, sha256, vendorSha256, ... }@attrs:
let attrs' = builtins.removeAttrs attrs [ "buildGoModule" "version" "sha256" "vendorSha256" ];
in
buildGoModule (rec {
pname = "nomad";
inherit version vendorSha256;
subPackages = [ "." ];
src = fetchFromGitHub {
owner = "hashicorp";
repo = pname;
rev = "v${version}";
inherit sha256;
};
# ui:
# Nomad release commits include the compiled version of the UI, but the file
# is only included if we build with the ui tag.
tags = [ "ui" ];
meta = with lib; {
homepage = "https://www.nomadproject.io/";
description = "A Distributed, Highly Available, Datacenter-Aware Scheduler";
platforms = platforms.unix;
license = licenses.mpl20;
maintainers = with maintainers; [ rushmorem pradeepchhetri endocrimes maxeaubrey techknowlogick ];
};
} // attrs');
in
rec {
# Nomad never updates major go versions within a release series and is unsupported
# on Go versions that it did not ship with. Due to historic bugs when compiled
# with different versions we pin Go for all versions.
# Upstream partially documents used Go versions here
# https://github.com/hashicorp/nomad/blob/master/contributing/golang.md
nomad = nomad_1_4;
nomad_1_2 = generic {
buildGoModule = buildGo119Module;
version = "1.2.15";
sha256 = "sha256-p9yRjSapQAhuHv+slUmYI25bUb1N1A7LBiJOdk1++iI=";
vendorSha256 = "sha256-6d3tE337zVAIkzQzAnV2Ya5xwwhuzmKgtPUJcJ9HRto=";
};
nomad_1_3 = generic {
buildGoModule = buildGo119Module;
version = "1.3.8";
sha256 = "sha256-hUmDWgGV8HAXew8SpcbhaiaF9VfBN5mk1W7t5lhnZ9I=";
vendorSha256 = "sha256-IfYobyDFriOldJnNfRK0QVKBfttoZZ1iOkt4cBQxd00=";
};
nomad_1_4 = generic {
buildGoModule = buildGo119Module;
version = "1.4.3";
sha256 = "sha256-GQVfrn9VlzfdIj73W3hBpHcevsXZcb6Uj808HUCZUUg=";
vendorSha256 = "sha256-JQRpsQhq5r/QcgFwtnptmvnjBEhdCFrXFrTKkJioL3A=";
passthru.tests.nomad = nixosTests.nomad;
};
}

View file

@ -1,39 +0,0 @@
{ lib
, buildGoModule
, fetchFromGitHub
, version
, sha256
, vendorSha256
, nixosTests
}:
buildGoModule rec {
pname = "nomad";
inherit version;
subPackages = [ "." ];
src = fetchFromGitHub {
owner = "hashicorp";
repo = pname;
rev = "v${version}";
inherit sha256;
};
inherit vendorSha256;
# ui:
# Nomad release commits include the compiled version of the UI, but the file
# is only included if we build with the ui tag.
tags = [ "ui" ];
passthru.tests.nomad = nixosTests.nomad;
meta = with lib; {
homepage = "https://www.nomadproject.io/";
description = "A Distributed, Highly Available, Datacenter-Aware Scheduler";
platforms = platforms.unix;
license = licenses.mpl20;
maintainers = with maintainers; [ rushmorem pradeepchhetri endocrimes maxeaubrey techknowlogick ];
};
}

View file

@ -17,17 +17,21 @@ let
({ owner
, repo
, rev
, version
, spdx ? "UNSET"
, version ? lib.removePrefix "v" rev
, hash ? throw "use hash instead of sha256" # added 2202/09
, vendorHash ? throw "use vendorHash instead of vendorSha256" # added 2202/09
, deleteVendor ? false
, proxyVendor ? false
, mkProviderFetcher ? fetchFromGitHub
, mkProviderGoModule ? buildGoModule
# Looks like "registry.terraform.io/vancluever/acme"
, provider-source-address
# "https://registry.terraform.io/providers/vancluever/acme"
, homepage ? ""
# "registry.terraform.io/vancluever/acme"
, provider-source-address ? lib.replaceStrings [ "https://registry" ".io/providers" ] [ "registry" ".io" ] homepage
, ...
}@attrs:
assert lib.stringLength provider-source-address > 0;
mkProviderGoModule {
pname = repo;
inherit vendorHash version deleteVendor proxyVendor;
@ -42,6 +46,11 @@ let
inherit owner repo rev hash;
};
meta = {
inherit homepage;
license = lib.getLicenseFromSpdxId spdx;
};
# Move the provider to libexec
postInstall = ''
dir=$out/libexec/terraform-providers/${provider-source-address}/${version}/''${GOOS}_''${GOARCH}
@ -70,6 +79,8 @@ let
netlify = automated-providers.netlify.overrideAttrs (_: { meta.broken = stdenv.isDarwin; });
pass = automated-providers.pass.overrideAttrs (_: { meta.broken = stdenv.isDarwin; });
tencentcloud = automated-providers.tencentcloud.overrideAttrs (_: { meta.broken = stdenv.isDarwin; });
# github api seems to be broken, doesn't just fail to recognize the license, it's ignored entirely.
checkly = automated-providers.checkly.override { spdx = "MIT"; };
gitlab = automated-providers.gitlab.override { mkProviderFetcher = fetchFromGitLab; owner = "gitlab-org"; };
# mkisofs needed to create ISOs holding cloud-init data and wrapped to terraform via deecb4c1aab780047d79978c636eeb879dd68630
libvirt = automated-providers.libvirt.overrideAttrs (_: { propagatedBuildInputs = [ cdrtools ]; });
@ -79,17 +90,21 @@ let
removed-providers =
let
archived = name: date: throw "the ${name} terraform provider has been archived by upstream on ${date}";
license = name: date: throw "the ${name} terraform provider removed from nixpkgs on ${date} because of unclear licensing";
removed = name: date: throw "the ${name} terraform provider removed from nixpkgs on ${date}";
in
lib.optionalAttrs config.allowAliases {
b2 = removed "b2" "2022/06";
checkpoint = removed "checkpoint" "2022/11";
dome9 = removed "dome9" "2022/08";
logicmonitor = license "logicmonitor" "2022/11";
ncloud = removed "ncloud" "2022/08";
nsxt = license "nsxt" "2022/11";
opc = archived "opc" "2022/05";
oraclepaas = archived "oraclepaas" "2022/05";
panos = removed "panos" "2022/05";
template = archived "template" "2022/05";
vercel = license "vercel" "2022/11";
};
# excluding aliases, used by terraform-full

View file

@ -9,7 +9,7 @@ readarray -t providers < <(
jq -r 'to_entries
| map_values(.value + { alias: .key })
| .[]
| select(."provider-source-address"?)
| select(."homepage"?)
| .alias' providers.json
)
@ -21,5 +21,5 @@ ${providers[*]}
EOF
for provider in "${providers[@]}"; do
./update-provider "$@" "${provider}"
./update-provider --no-spdx "$@" "${provider}"
done

View file

@ -28,14 +28,13 @@ Options:
* --force: Force the update even if the version matches.
* --no-build: Don't build provider
* --vendor-hash <SRI-hash>: Override the SHA256 or "null".
DOC
}
build=1
force=
provider=
build=1
vendorHash=
spdx=1
while [[ $# -gt 0 ]]; do
case "$1" in
@ -51,10 +50,9 @@ while [[ $# -gt 0 ]]; do
build=0
shift
;;
--vendor-hash)
force=1
vendorHash=$2
shift 2
--no-spdx)
spdx=0
shift
;;
*)
if [[ -n ${provider} ]]; then
@ -103,40 +101,33 @@ echo_provider() {
pushd "$(dirname "$0")" >/dev/null
if [[ ${provider} =~ ^[^/]+/[^/]+$ ]]; then
echo_provider "init"
source_address=registry.terraform.io/${provider}
homepage="https://registry.terraform.io/providers/${provider}"
provider=$(basename "${provider}")
update_attr "provider-source-address" "${source_address}"
update_attr version "0"
echo_provider "init"
update_attr homepage "${homepage}"
# create empty stings so nix-prefetch works
update_attr hash ""
update_attr vendorHash ""
else
source_address="$(read_attr provider-source-address)"
fi
old_vendor_hash=$(read_attr vendorHash)
old_version=$(read_attr version)
homepage="$(read_attr homepage)"
# The provider source address (used inside Terraform `required_providers` block) is
# used to compute the registry API endpoint
#
# registry.terraform.io/hashicorp/aws (provider source address)
# registry.terraform.io/providers/hashicorp/aws (provider URL for the website)
# registry.terraform.io/v1/providers/hashicorp/aws (provider URL for the JSON API)
registry_response=$(curl -s https://"${source_address/\///v1/providers/}")
registry_response=$(curl -s "${homepage//providers/v1/providers}")
version="$(jq -r '.version' <<<"${registry_response}")"
if [[ ${old_version} == "${version}" && ${force} != 1 && -z ${vendorHash} && ${old_vendor_hash} != "${vendorHash}" ]]; then
echo_provider "already at version ${version}"
exit
old_rev="$(read_attr rev)"
rev="$(jq -r '.tag' <<<"${registry_response}")"
if [[ ${force} != 1 ]]; then
if [[ ${old_rev} == "${rev}" ]]; then
echo_provider "already at version ${rev}"
exit
fi
if [[ ${rev//v/} =~ [[:alpha:]] ]]; then
echo_provider "not updating to unstable version ${rev}"
exit
fi
fi
if [[ ${version} =~ [[:alpha:]] && ${force} != 1 ]]; then
echo_provider "not updating to unstable version ${version}"
exit
fi
echo_provider "updating from ${old_version} to ${version}"
update_attr version "${version}"
echo_provider "updating from ${old_rev} to ${rev}"
update_attr rev "${rev}"
provider_source_url="$(jq -r '.source' <<<"${registry_response}")"
@ -144,23 +135,23 @@ org="$(echo "${provider_source_url}" | cut -d '/' -f 4)"
update_attr owner "${org}"
repo="$(echo "${provider_source_url}" | cut -d '/' -f 5)"
update_attr repo "${repo}"
rev="$(jq -r '.tag' <<<"${registry_response}")"
update_attr rev "${rev}"
if [[ ${spdx} == 1 ]]; then
spdx="$(curl -L -s "https://api.github.com/repos/${org}/${repo}/license" | jq -r '.license.spdx_id')"
update_attr spdx "${spdx}"
fi
echo_provider "calculating hash"
hash=$(generate_hash src)
update_attr hash "${hash}"
if [[ -z ${vendorHash} ]]; then
if [[ ${old_vendor_hash} == null ]]; then
vendorHash=null
else
echo_provider "calculating vendorHash"
vendorHash=$(generate_hash go-modules)
fi
old_vendor_hash="$(read_attr vendorHash)"
if [[ ${old_vendor_hash} != null ]]; then
echo_provider "calculating vendorHash"
vendorHash=$(generate_hash go-modules)
update_attr vendorHash "${vendorHash}"
fi
update_attr vendorHash "${vendorHash}"
# Check that the provider builds
if [[ ${build} == 1 ]]; then
echo_provider "building"

View file

@ -8,8 +8,7 @@
}:
let
libtorrent = (python3.pkgs.toPythonModule (
libtorrent-rasterbar-1_2_x.override { python = python3; })).python;
libtorrent = (python3.pkgs.toPythonModule (libtorrent-rasterbar-1_2_x)).python;
in
stdenv.mkDerivation rec {
pname = "tribler";

View file

@ -1,4 +1,4 @@
{ lib, mkDerivation, fetchFromGitHub, fetchpatch, which, qtbase, qtwebkit, qtscript, xlibsWrapper
{ lib, mkDerivation, fetchFromGitHub, fetchpatch, which, qtbase, qtwebkit, qtscript
, libpulseaudio, fftwSinglePrec , lame, zlib, libGLU, libGL, alsa-lib, freetype
, perl, pkg-config , libsamplerate, libbluray, lzo, libX11, libXv, libXrandr, libXvMC, libXinerama, libXxf86vm
, libXmu , yasm, libuuid, taglib, libtool, autoconf, automake, file, exiv2, linuxHeaders, soundtouch, libzip
@ -32,7 +32,7 @@ mkDerivation rec {
setSourceRoot = "sourceRoot=$(echo */mythtv)";
buildInputs = [
freetype qtbase qtscript lame zlib xlibsWrapper libGLU libGL
freetype qtbase qtscript lame zlib libGLU libGL
perl libsamplerate libbluray lzo alsa-lib libpulseaudio fftwSinglePrec libX11 libXv libXrandr libXvMC
libXmu libXinerama libXxf86vm libXmu libuuid taglib exiv2 soundtouch libzip
] ++ lib.optional withWebKit qtwebkit;

View file

@ -2,13 +2,13 @@
stdenvNoCC.mkDerivation rec {
pname = "papirus-icon-theme";
version = "20221101";
version = "20221201";
src = fetchFromGitHub {
owner = "PapirusDevelopmentTeam";
repo = pname;
rev = version;
sha256 = "sha256-MSH7yd5fizBtmkTNG3gMFxNpjVDKWsHM8wogPhBMkk8=";
sha256 = "sha256-Y+flyo8MJVmAoiJ0mSZNu/xhhLzsYr6t8R0c+TOxbq0=";
};
nativeBuildInputs = [ gtk3 papirus-folders ];

View file

@ -63,6 +63,6 @@ stdenv.mkDerivation rec {
description = "Simple and beautiful calendar application for GNOME";
maintainers = teams.gnome.members;
license = licenses.gpl3Plus;
platforms = platforms.linux;
platforms = platforms.unix;
};
}

View file

@ -84,6 +84,6 @@ stdenv.mkDerivation rec {
description = "Clock application designed for GNOME 3";
maintainers = teams.gnome.members;
license = licenses.gpl2Plus;
platforms = platforms.linux;
platforms = platforms.unix;
};
}

View file

@ -39,6 +39,6 @@ stdenv.mkDerivation rec {
homepage = "https://wiki.gnome.org/Apps/Vinagre";
license = licenses.gpl2Plus;
maintainers = teams.gnome.members;
platforms = platforms.linux;
platforms = platforms.unix;
};
}

View file

@ -46,6 +46,6 @@ stdenv.mkDerivation rec {
homepage = "https://wiki.gnome.org/Apps/Atomix";
license = licenses.gpl2Plus;
maintainers = teams.gnome.members;
platforms = platforms.linux;
platforms = platforms.unix;
};
}

View file

@ -60,6 +60,6 @@ stdenv.mkDerivation rec {
description = "GTK application to generate and let you play games of Hitori";
maintainers = teams.gnome.members;
license = licenses.gpl2;
platforms = platforms.linux;
platforms = platforms.unix;
};
}

View file

@ -64,6 +64,6 @@ stdenv.mkDerivation rec {
description = "Sort of poker with dice and less money";
maintainers = teams.gnome.members;
license = licenses.gpl2Plus;
platforms = platforms.linux;
platforms = platforms.unix;
};
}

View file

@ -2,7 +2,6 @@
, stdenv
, fetchurl
, ncurses5
, python27
}:
stdenv.mkDerivation rec {
@ -40,7 +39,7 @@ stdenv.mkDerivation rec {
find $out -type f | while read f; do
patchelf "$f" > /dev/null 2>&1 || continue
patchelf --set-interpreter $(cat ${stdenv.cc}/nix-support/dynamic-linker) "$f" || true
patchelf --set-rpath ${lib.makeLibraryPath [ "$out" stdenv.cc.cc ncurses5 python27 ]} "$f" || true
patchelf --set-rpath ${lib.makeLibraryPath [ "$out" stdenv.cc.cc ncurses5 ]} "$f" || true
done
'';

View file

@ -2,7 +2,6 @@
, stdenv
, fetchurl
, ncurses5
, python27
}:
stdenv.mkDerivation rec {
@ -39,7 +38,7 @@ stdenv.mkDerivation rec {
find $out -type f | while read f; do
patchelf "$f" > /dev/null 2>&1 || continue
patchelf --set-interpreter $(cat ${stdenv.cc}/nix-support/dynamic-linker) "$f" || true
patchelf --set-rpath ${lib.makeLibraryPath [ "$out" stdenv.cc.cc ncurses5 python27 ]} "$f" || true
patchelf --set-rpath ${lib.makeLibraryPath [ "$out" stdenv.cc.cc ncurses5 ]} "$f" || true
done
'';

View file

@ -2,7 +2,6 @@
, stdenv
, fetchurl
, ncurses5
, python27
}:
stdenv.mkDerivation rec {
@ -39,7 +38,7 @@ stdenv.mkDerivation rec {
find $out -type f | while read f; do
patchelf "$f" > /dev/null 2>&1 || continue
patchelf --set-interpreter $(cat ${stdenv.cc}/nix-support/dynamic-linker) "$f" || true
patchelf --set-rpath ${lib.makeLibraryPath [ "$out" stdenv.cc.cc ncurses5 python27 ]} "$f" || true
patchelf --set-rpath ${lib.makeLibraryPath [ "$out" stdenv.cc.cc ncurses5 ]} "$f" || true
done
'';

View file

@ -2,7 +2,6 @@
, stdenv
, fetchurl
, ncurses5
, python27
}:
stdenv.mkDerivation rec {
@ -39,7 +38,7 @@ stdenv.mkDerivation rec {
find $out -type f | while read f; do
patchelf "$f" > /dev/null 2>&1 || continue
patchelf --set-interpreter $(cat ${stdenv.cc}/nix-support/dynamic-linker) "$f" || true
patchelf --set-rpath ${lib.makeLibraryPath [ "$out" stdenv.cc.cc ncurses5 python27 ]} "$f" || true
patchelf --set-rpath ${lib.makeLibraryPath [ "$out" stdenv.cc.cc ncurses5 ]} "$f" || true
done
'';

View file

@ -2,7 +2,6 @@
, stdenv
, fetchurl
, ncurses5
, python27
}:
stdenv.mkDerivation rec {
@ -41,7 +40,7 @@ stdenv.mkDerivation rec {
find $out -type f | while read f; do
patchelf "$f" > /dev/null 2>&1 || continue
patchelf --set-interpreter $(cat ${stdenv.cc}/nix-support/dynamic-linker) "$f" || true
patchelf --set-rpath ${lib.makeLibraryPath [ "$out" stdenv.cc.cc ncurses5 python27 ]} "$f" || true
patchelf --set-rpath ${lib.makeLibraryPath [ "$out" stdenv.cc.cc ncurses5 ]} "$f" || true
done
'';

View file

@ -4,7 +4,8 @@
, libXcursor, libXrandr, fontconfig, openjdk11-bootstrap
, setJavaClassPath
, headless ? false
, enableJavaFX ? openjfx.meta.available, openjfx
# disabled by default since openjfx11 depends on python2 (EOL)
, enableJavaFX ? false, openjfx
, enableGnome2 ? true, gtk3, gnome_vfs, glib, GConf
}:

View file

@ -4,7 +4,8 @@
, libXcursor, libXrandr, fontconfig, openjdk11, fetchpatch
, setJavaClassPath
, headless ? false
, enableJavaFX ? openjfx.meta.available, openjfx
# disabled by default since openjfx11 depends on python2 (EOL)
, enableJavaFX ? false, openjfx
, enableGnome2 ? true, gtk3, gnome_vfs, glib, GConf
}:

View file

@ -4,7 +4,8 @@
, libXcursor, libXrandr, fontconfig, openjdk13-bootstrap, fetchpatch
, setJavaClassPath
, headless ? false
, enableJavaFX ? openjfx.meta.available, openjfx
# disabled by default since openjfx11 depends on python2 (EOL)
, enableJavaFX ? false, openjfx
, enableGnome2 ? true, gtk3, gnome_vfs, glib, GConf
}:

View file

@ -4,7 +4,8 @@
, libXcursor, libXrandr, fontconfig, openjdk14-bootstrap
, setJavaClassPath
, headless ? false
, enableJavaFX ? openjfx.meta.available, openjfx
# disabled by default since openjfx11 depends on python2 (EOL)
, enableJavaFX ? false, openjfx
, enableGnome2 ? true, gtk3, gnome_vfs, glib, GConf
}:

View file

@ -21,8 +21,9 @@ with python3.pkgs; buildPythonApplication rec {
--subst-var-by SPDX_LICENSE_LIST_DATA '${spdx-license-list-data.json}'
substituteInPlace setup.py \
--replace 'uvicorn==%s" % ("0.17.*"' 'uvicorn==%s" % ("0.18.*"' \
--replace 'aiofiles==0.8.*' 'aiofiles==22.1.*' \
--replace 'uvicorn==%s" % ("0.16.0" if PY36 else "0.19.*")' 'uvicorn>=0.16,<=0.19"' \
--replace 'starlette==%s" % ("0.19.1" if PY36 else "0.21.*")' 'starlette>=0.19.1,<=0.21"' \
--replace 'tabulate==%s" % ("0.8.10" if PY36 else "0.9.*")' 'tabulate>=0.8.10,<=0.9"' \
--replace 'wsproto==' 'wsproto>='
'';

View file

@ -3,14 +3,14 @@
let
callPackage = newScope self;
version = "6.1.4";
version = "6.1.5";
# pypi tarballs don't contain tests - https://github.com/platformio/platformio-core/issues/1964
src = fetchFromGitHub {
owner = "platformio";
repo = "platformio-core";
rev = "v${version}";
sha256 = "sha256-PLVsXnaflEZdn12lWrpnm8+uNfwB+T7JXnvjQihfuSs=";
sha256 = "sha256-7Wx3O2zL5Dlbk7rooiHutpN63kAjhuYijgsZru+oaOI=";
};
self = {

View file

@ -1,5 +1,5 @@
{ lib, stdenv, buildPythonPackage, isPyPy, fetchPypi, pytestCheckHook,
libffi, pkg-config, pycparser
libffi, pkg-config, pycparser, python, fetchpatch
}:
if isPyPy then null else buildPythonPackage rec {
@ -17,6 +17,17 @@ if isPyPy then null else buildPythonPackage rec {
propagatedBuildInputs = [ pycparser ];
patches =
# Fix test that failed because python seems to have changed the exception format in the
# final release. This patch should be included in the next version and can be removed when
# it is released.
lib.optionals (python.pythonVersion == "3.11") [
(fetchpatch {
url = "https://foss.heptapod.net/pypy/cffi/-/commit/8a3c2c816d789639b49d3ae867213393ed7abdff.diff";
sha256 = "sha256-3wpZeBqN4D8IP+47QDGK7qh/9Z0Ag4lAe+H0R5xCb1E=";
})
];
postPatch = lib.optionalString stdenv.isDarwin ''
# Remove setup.py impurities
substituteInPlace setup.py \

View file

@ -3,11 +3,12 @@
, fetchFromGitHub
, pythonOlder
, pytz
, tomlkit
}:
buildPythonPackage rec {
pname = "neo4j";
version = "5.2.1";
version = "5.3.0";
format = "setuptools";
disabled = pythonOlder "3.7";
@ -16,11 +17,12 @@ buildPythonPackage rec {
owner = "neo4j";
repo = "neo4j-python-driver";
rev = "refs/tags/${version}";
hash = "sha256-d4OkXj6mZjrdRG8UyxWeAh3rLywz2TUk2pZq+Ni1F3s=";
hash = "sha256-x67zkQTUhGS5LIVOW2F+OJxnUPwsH1/bX42RArNscUc=";
};
propagatedBuildInputs = [
pytz
tomlkit
];
# Missing dependencies
@ -33,6 +35,7 @@ buildPythonPackage rec {
meta = with lib; {
description = "Neo4j Bolt Driver for Python";
homepage = "https://github.com/neo4j/neo4j-python-driver";
changelog = "https://github.com/neo4j/neo4j-python-driver/releases/tag/${version}";
license = licenses.asl20;
maintainers = with maintainers; [ fab ];
};

View file

@ -16,14 +16,14 @@
buildPythonPackage rec {
pname = "pip-tools";
version = "6.8.0";
version = "6.11.0";
format = "setuptools";
disabled = pythonOlder "3.7";
src = fetchPypi {
inherit pname version;
hash = "sha256-Oeiu5GVEbgInjYDb69QyXR3YYzJI9DITxzol9Y59ilU=";
hash = "sha256-kMXcFQ44VuRGO4HMyZMHzPlVTl24OT6yc3BcsLj3HGA=";
};
patches = [ ./fix-setup-py-bad-syntax-detection.patch ];
@ -66,6 +66,7 @@ buildPythonPackage rec {
meta = with lib; {
description = "Keeps your pinned dependencies fresh";
homepage = "https://github.com/jazzband/pip-tools/";
changelog = "https://github.com/jazzband/pip-tools/releases/tag/${version}";
license = licenses.bsd3;
maintainers = with maintainers; [ zimbatm ];
};

View file

@ -9,14 +9,14 @@
buildPythonPackage rec {
pname = "pyface";
version = "7.4.2";
version = "7.4.3";
format = "setuptools";
disabled = pythonOlder "3.6";
src = fetchPypi {
inherit pname version;
sha256 = "sha256-YT7TAcubr7m6o3xEeT13XQPdI9hD7rkm/xPPaJ6v6N0=";
hash = "sha256-ds0e4C6UaVH7bCt/+YDduJEhQ31hq15t/epaeTZ9kDY=";
};
propagatedBuildInputs = [
@ -34,6 +34,7 @@ buildPythonPackage rec {
meta = with lib; {
description = "Traits-capable windowing framework";
homepage = "https://github.com/enthought/pyface";
changelog = "https://github.com/enthought/pyface/releases/tag/${version}";
maintainers = with maintainers; [ knedlsepp ];
license = licenses.bsdOriginal;
};

View file

@ -1,24 +1,38 @@
{ lib, buildPythonPackage, fetchPypi, isPyPy, unixODBC }:
{ lib
, buildPythonPackage
, fetchPypi
, isPyPy
, pythonOlder
, unixODBC
}:
buildPythonPackage rec {
pname = "pyodbc";
version = "4.0.34";
disabled = isPyPy; # use pypypdbc instead
version = "4.0.35";
format = "setuptools";
disabled = pythonOlder "3.7" || isPyPy; # use pypypdbc instead
src = fetchPypi {
inherit pname version;
sha256 = "sha256-fqeGlTK5a41Smx8I6oV2X5TffkpY6Wiy+NRVNGoD5Fw=";
hash = "sha256-krmvSOi5KEVbyLlL89oFdR+uwJMqEe7iN8GJxtQ55cg=";
};
buildInputs = [ unixODBC ];
buildInputs = [
unixODBC
];
doCheck = false; # tests require a database server
# Tests require a database server
doCheck = false;
pythonImportsCheck = [ "pyodbc" ];
pythonImportsCheck = [
"pyodbc"
];
meta = with lib; {
description = "Python ODBC module to connect to almost any database";
homepage = "https://github.com/mkleehammer/pyodbc";
changelog = "https://github.com/mkleehammer/pyodbc/releases/tag/${version}";
license = licenses.mit;
platforms = platforms.unix;
maintainers = with maintainers; [ bjornfor ];

View file

@ -9,7 +9,7 @@
buildPythonPackage rec {
pname = "pyomo";
version = "6.4.2";
version = "6.4.3";
format = "setuptools";
disabled = pythonOlder "3.7";
@ -18,7 +18,7 @@ buildPythonPackage rec {
repo = "pyomo";
owner = "pyomo";
rev = "refs/tags/${version}";
hash = "sha256-YTcK5UCE6AuGk3iyhLOeqdl0rb8ccOhBRJEew40Rris=";
hash = "sha256-EHttGeQUI8SWo8R9zRchguvDA6U8EKhDbBf5jdwl4dI=";
};
propagatedBuildInputs = [
@ -54,6 +54,7 @@ buildPythonPackage rec {
meta = with lib; {
description = "Python Optimization Modeling Objects";
homepage = "http://pyomo.org";
changelog = "https://github.com/Pyomo/pyomo/releases/tag/${version}";
license = licenses.bsd3;
maintainers = with maintainers; [ costrouc ];
};

View file

@ -15,7 +15,7 @@
buildPythonPackage rec {
pname = "scmrepo";
version = "0.1.3";
version = "0.1.4";
format = "pyproject";
disabled = pythonOlder "3.7";
@ -24,7 +24,7 @@ buildPythonPackage rec {
owner = "iterative";
repo = pname;
rev = "refs/tags/${version}";
hash = "sha256-YivsP5c0fnpm/0VCFfyH054LYAQbyEdH+wZTRxsCAY4=";
hash = "sha256-E9uQ8EMLncF9nkOBl1rQLt6I2wEhtv4Z1I1IpCYgorg=";
};
postPatch = ''
@ -58,6 +58,7 @@ buildPythonPackage rec {
meta = with lib; {
description = "SCM wrapper and fsspec filesystem";
homepage = "https://github.com/iterative/scmrepo";
changelog = "https://github.com/iterative/scmrepo/releases/tag/${version}";
license = licenses.asl20;
maintainers = with maintainers; [ fab ];
};

View file

@ -15,7 +15,7 @@
buildPythonPackage rec {
pname = "teslajsonpy";
version = "3.2.2";
version = "3.3.0";
format = "pyproject";
disabled = pythonOlder "3.7";
@ -24,7 +24,7 @@ buildPythonPackage rec {
owner = "zabuldon";
repo = pname;
rev = "refs/tags/v${version}";
hash = "sha256-o3MTmMLSdpOprV6wridKF0SxPfKfIvla00/Z9Y2EePE=";
hash = "sha256-hjeMGqCoCC1CYvBPVkSsvU+Us+dtPwNFAFa0y+WNCLg=";
};
nativeBuildInputs = [

View file

@ -3,16 +3,16 @@
nixosTests }:
buildGoModule rec {
pname = "buildkite-agent";
version = "3.40.0";
version = "3.41.0";
src = fetchFromGitHub {
owner = "buildkite";
repo = "agent";
rev = "v${version}";
sha256 = "sha256-pd5B7RW13SWtOAwJGxhJBAhihCFkL3TokhWqcy7hVFk=";
sha256 = "sha256-AQaSwdletUP7amDHXIG/3Xsw6rJCJE+eYWj2FYe/vRY=";
};
vendorSha256 = "sha256-+LTjtJFHdYv0zeX8RpK0tuLWRpz5jXBwA7ZOvmA6YV0=";
vendorSha256 = "sha256-NEdwdDM/H6l2XzYCTU11uijZTSEqjIWRHsqg6ML/daY=";
postPatch = ''
substituteInPlace bootstrap/shell/shell.go --replace /bin/bash ${bash}/bin/bash

View file

@ -1,4 +1,4 @@
{ lib, stdenv, runtimeShell, writeText, fetchFromGitHub, gradle, openjdk11, git, perl, cmake }:
{ lib, stdenv, runtimeShell, writeText, fetchFromGitHub, gradle, openjdk17, git, perl, cmake }:
let
pname = "fastddsgen";
version = "2.2.0";
@ -15,7 +15,7 @@ let
deps = stdenv.mkDerivation {
pname = "${pname}-deps";
inherit src version;
nativeBuildInputs = [ gradle openjdk11 perl ];
nativeBuildInputs = [ gradle openjdk17 perl ];
buildPhase = ''
export GRADLE_USER_HOME=$(mktemp -d);
@ -39,7 +39,7 @@ in
stdenv.mkDerivation {
inherit pname src version;
nativeBuildInputs = [ gradle openjdk11 ];
nativeBuildInputs = [ gradle openjdk17 ];
# use our offline deps
postPatch = ''
@ -72,7 +72,7 @@ stdenv.mkDerivation {
# Override the default start script to use absolute java path
cat <<EOF >$out/bin/fastddsgen
#!${runtimeShell}
exec ${openjdk11}/bin/java -jar "$out/share/fastddsgen/java/fastddsgen.jar" "\$@"
exec ${openjdk17}/bin/java -jar "$out/share/fastddsgen/java/fastddsgen.jar" "\$@"
EOF
chmod a+x "$out/bin/fastddsgen"
@ -92,6 +92,6 @@ stdenv.mkDerivation {
used to publish or subscribe.
'';
maintainers = with maintainers; [ wentasah ];
platforms = openjdk11.meta.platforms;
platforms = openjdk17.meta.platforms;
};
}

View file

@ -2,20 +2,21 @@
rustPlatform.buildRustPackage rec {
pname = "jfmt";
version = "1.2.0";
version = "1.2.1";
src = fetchFromGitHub {
owner = "scruffystuffs";
repo = "${pname}.rs";
rev = version;
sha256 = "07qb0sjwww6d2n7fw8w4razq1mkn4psrs9wqi1ccndrya1y39d8b";
rev = "v${version}";
hash = "sha256-X3wk669G07BTPAT5xGbAfIu2Qk90aaJIi1CLmOnSG80=";
};
cargoSha256 = "19kg2n53y9nazwpp8gcvdprxry2llf2k7g4q4zalyxkhpf7k6irb";
cargoHash = "sha256-u/v3P7iPdBJU/0wlSNBq/cjnM3XOnoVfUjrrmo4sTAA=";
meta = with lib; {
description = "CLI utility to format json files";
homepage = "https://github.com/scruffystuffs/jfmt.rs";
changelog = "https://github.com/scruffystuffs/jfmt.rs/blob/${version}/CHANGELOG.md";
license = licenses.mit;
maintainers = [ maintainers.psibi ];
};

View file

@ -16,13 +16,13 @@
buildGoModule rec {
pname = "evcc";
version = "0.108.2";
version = "0.108.3";
src = fetchFromGitHub {
owner = "evcc-io";
repo = pname;
rev = version;
hash = "sha256-vhgqsKwgK27cbmyoTdR6QFCKrG5tRfSutp6DsDDsCTU=";
hash = "sha256-jBUKMsSpcMoW4v9S5pCpojoYzFASj8hmWPzUcqL3doQ=";
};
vendorHash = "sha256-10W1BNHcdP77m7lJ/mc+jQeUigoUid3K0wI4bUm5y+s=";

View file

@ -2,17 +2,17 @@
python3Packages.buildPythonApplication rec {
pname = "volctl";
version = "0.8.2";
version = "0.9.2";
src = fetchFromGitHub {
owner = "buzz";
repo = pname;
rev = "v${version}";
sha256 = "1cx27j83pz2qffnzb85fbl1x6pp3irv1kbw7g1hri7kaw6ky4xiz";
sha256 = "sha256-ill0rwqrgAH7lbzh86DQc1Q71lkYh8PCKZvi4XadsW8=";
};
postPatch = ''
substituteInPlace volctl/lib/xwrappers.py \
substituteInPlace volctl/xwrappers.py \
--replace 'libXfixes.so' "${xorg.libXfixes}/lib/libXfixes.so" \
--replace 'libXfixes.so.3' "${xorg.libXfixes}/lib/libXfixes.so.3"
'';
@ -27,6 +27,7 @@ python3Packages.buildPythonApplication rec {
];
propagatedBuildInputs = [ pango gtk3 ] ++ (with python3Packages; [
pulsectl
click
pycairo
pygobject3

View file

@ -33,6 +33,6 @@ mkDerivation rec {
homepage = "https://github.com/flameshot-org/flameshot";
maintainers = with maintainers; [ scode oxalica ];
license = licenses.gpl3Plus;
platforms = platforms.linux;
platforms = platforms.linux ++ platforms.darwin;
};
}

View file

@ -33,7 +33,7 @@ xorg,
}:
let
version = "1.33.1";
version = "1.34.1";
rpath = lib.makeLibraryPath [
alsa-lib
@ -82,7 +82,7 @@ let
if stdenv.hostPlatform.system == "x86_64-linux" then
fetchurl {
url = "https://downloads.mongodb.com/compass/mongodb-compass_${version}_amd64.deb";
sha256 = "sha256-Db3Xv6kNAPWqeM+vZeG7GieweaThJO0CCuwm6/v4l2s=";
sha256 = "sha256-TkwSfzTIUMCyNFVA3K+Y2ZKA3gTGXHi1mgySXef1KE4=";
}
else
throw "MongoDB compass is not supported on ${stdenv.hostPlatform.system}";

View file

@ -1,4 +1,4 @@
{ lib, stdenv, fetchurl }:
{ lib, stdenv, fetchurl, nixosTests }:
stdenv.mkDerivation rec {
version = "0.9.2";
@ -9,6 +9,8 @@ stdenv.mkDerivation rec {
sha256 = "1700y121lhvpna49bjpssb7jq1abj9qw5wxgjn8gzp6jm4kpj7rb";
};
passthru.tests.tayga = nixosTests.tayga;
meta = with lib; {
description = "Userland stateless NAT64 daemon";
longDescription = ''
@ -19,7 +21,7 @@ stdenv.mkDerivation rec {
for networks where dedicated NAT64 hardware would be overkill.
'';
homepage = "http://www.litech.org/tayga";
license = licenses.gpl2;
license = licenses.gpl2Plus;
maintainers = with maintainers; [ _0x4A6F ];
platforms = platforms.linux;
};

View file

@ -106,8 +106,8 @@ in lib.makeExtensible (self: {
};
nix_2_11 = common {
version = "2.11.0";
sha256 = "sha256-9+rpYzI+SmxJn+EbYxjGv68Ucp22bdFUSy/4LkHkkDQ=";
version = "2.11.1";
sha256 = "sha256-qCV65kw09AG+EkdchDPq7RoeBznX0Q6Qa4yzPqobdOk=";
patches = [
./patches/flaky-tests.patch
(fetchpatch {

View file

@ -2783,7 +2783,9 @@ with pkgs;
bcachefs-tools = callPackage ../tools/filesystems/bcachefs-tools { };
bisq-desktop = callPackage ../applications/blockchains/bisq-desktop { };
bisq-desktop = callPackage ../applications/blockchains/bisq-desktop {
openjdk11 = openjdk11.override { enableJavaFX = true; };
};
bic = callPackage ../development/interpreters/bic { };
@ -6249,7 +6251,7 @@ with pkgs;
ddrutility = callPackage ../tools/system/ddrutility { };
inherit (callPackages ../applications/networking/p2p/deluge {
libtorrent-rasterbar = libtorrent-rasterbar-1_2_x.override { python = python3; };
libtorrent-rasterbar = libtorrent-rasterbar-1_2_x;
})
deluge-gtk
deluged
@ -9790,22 +9792,12 @@ with pkgs;
noip = callPackage ../tools/networking/noip { };
nomad = nomad_1_4;
# Nomad never updates major go versions within a release series and is unsupported
# on Go versions that it did not ship with. Due to historic bugs when compiled
# with different versions we pin Go for all versions.
# Upstream partially documents used Go versions here
# https://github.com/hashicorp/nomad/blob/master/contributing/golang.md
nomad_1_2 = callPackage ../applications/networking/cluster/nomad/1.2.nix {
buildGoModule = buildGo119Module;
};
nomad_1_3 = callPackage ../applications/networking/cluster/nomad/1.3.nix {
buildGoModule = buildGo119Module;
};
nomad_1_4 = callPackage ../applications/networking/cluster/nomad/1.4.nix {
buildGoModule = buildGo119Module;
};
inherit (callPackage ../applications/networking/cluster/nomad { })
nomad
nomad_1_2
nomad_1_3
nomad_1_4
;
nomad-autoscaler = callPackage ../applications/networking/cluster/nomad-autoscaler { };
@ -21110,7 +21102,7 @@ with pkgs;
libtorrent-rasterbar-1_2_x = callPackage ../development/libraries/libtorrent-rasterbar/1.2.nix {
inherit (darwin.apple_sdk.frameworks) SystemConfiguration;
python = python2;
python = python3;
};
libtorrent-rasterbar = libtorrent-rasterbar-2_0_x;