Project import generated by Copybara.

GitOrigin-RevId: 311ceed827f531f88f46222920cd1ebb2c101f73
This commit is contained in:
Default email 2021-04-12 20:23:04 +02:00
parent 9593a9bb86
commit 1a0302a145
641 changed files with 20370 additions and 9053 deletions

View file

@ -34,6 +34,41 @@ cataclysm-dda.override {
}
```
## Important note for overriding packages
After applying `overrideAttrs`, you need to fix `passthru.pkgs` and
`passthru.withMods` attributes either manually or by using `attachPkgs`:
```nix
let
# You enabled parallel building.
myCDDA = cataclysm-dda-git.overrideAttrs (_: {
enableParallelBuilding = true;
});
# Unfortunately, this refers to the package before overriding and
# parallel building is still disabled.
badExample = myCDDA.withMods (_: []);
inherit (cataclysmDDA) attachPkgs pkgs wrapCDDA;
# You can fix it by hand
goodExample1 = myCDDA.overrideAttrs (old: {
passthru = old.passthru // {
pkgs = pkgs.override { build = goodExample1; };
withMods = wrapCDDA goodExample1;
};
});
# or by using a helper function `attachPkgs`.
goodExample2 = attachPkgs pkgs myCDDA;
in
# badExample # parallel building disabled
# goodExample1.withMods (_: []) # parallel building enabled
goodExample2.withMods (_: []) # parallel building enabled
```
## Customizing with mods
To install Cataclysm DDA with mods of your choice, you can use `withMods`

View file

@ -2,15 +2,15 @@
## Introduction {#beam-introduction}
In this document and related Nix expressions, we use the term, *BEAM*, to describe the environment. BEAM is the name of the Erlang Virtual Machine and, as far as we're concerned, from a packaging perspective, all languages that run on the BEAM are interchangeable. That which varies, like the build system, is transparent to users of any given BEAM package, so we make no distinction.
In this document and related Nix expressions, we use the term, _BEAM_, to describe the environment. BEAM is the name of the Erlang Virtual Machine and, as far as we're concerned, from a packaging perspective, all languages that run on the BEAM are interchangeable. That which varies, like the build system, is transparent to users of any given BEAM package, so we make no distinction.
## Structure {#beam-structure}
All BEAM-related expressions are available via the top-level `beam` attribute, which includes:
- `interpreters`: a set of compilers running on the BEAM, including multiple Erlang/OTP versions (`beam.interpreters.erlangR19`, etc), Elixir (`beam.interpreters.elixir`) and LFE (`beam.interpreters.lfe`).
- `interpreters`: a set of compilers running on the BEAM, including multiple Erlang/OTP versions (`beam.interpreters.erlangR19`, etc), Elixir (`beam.interpreters.elixir`) and LFE (Lisp Flavoured Erlang) (`beam.interpreters.lfe`).
- `packages`: a set of package builders (Mix and rebar3), each compiled with a specific Erlang/OTP version, e.g. `beam.packages.erlangR19`.
- `packages`: a set of package builders (Mix and rebar3), each compiled with a specific Erlang/OTP version, e.g. `beam.packages.erlangR19`.
The default Erlang compiler, defined by `beam.interpreters.erlang`, is aliased as `erlang`. The default BEAM package set is defined by `beam.packages.erlang` and aliased at the top level as `beamPackages`.
@ -26,7 +26,9 @@ We provide a version of Rebar3, under `rebar3`. We also provide a helper to fetc
### Mix & Erlang.mk {#build-tools-other}
Both Mix and Erlang.mk work exactly as expected. There is a bootstrap process that needs to be run for both, however, which is supported by the `buildMix` and `buildErlangMk` derivations, respectively.
Erlang.mk works exactly as expected. There is a bootstrap process that needs to be run, which is supported by the `buildErlangMk` derivation.
For Elixir applications use `mixRelease` to make a release. See examples for more details.
## How to Install BEAM Packages {#how-to-install-beam-packages}
@ -52,15 +54,150 @@ Erlang.mk functions similarly to Rebar3, except we use `buildErlangMk` instead o
#### Mix Packages {#mix-packages}
Mix functions similarly to Rebar3, except we use `buildMix` instead of `buildRebar3`.
`mixRelease` is used to make a release in the mix sense. Dependencies will need to be fetched with `fetchMixDeps` and passed to it.
Alternatively, we can use `buildHex` as a shortcut:
#### mixRelease - Elixir Phoenix example
Here is how your `default.nix` file would look.
```nix
with import <nixpkgs> { };
let
packages = beam.packagesWith beam.interpreters.erlang;
src = builtins.fetchgit {
url = "ssh://git@github.com/your_id/your_repo";
rev = "replace_with_your_commit";
};
pname = "your_project";
version = "0.0.1";
mixEnv = "prod";
mixDeps = packages.fetchMixDeps {
pname = "mix-deps-${pname}";
inherit src mixEnv version;
# nix will complain and tell you the right value to replace this with
sha256 = lib.fakeSha256;
# if you have build time environment variables add them here
MY_ENV_VAR="my_value";
};
nodeDependencies = (pkgs.callPackage ./assets/default.nix { }).shell.nodeDependencies;
frontEndFiles = stdenvNoCC.mkDerivation {
pname = "frontend-${pname}";
nativeBuildInputs = [ nodejs ];
inherit version src;
buildPhase = ''
cp -r ./assets $TEMPDIR
mkdir -p $TEMPDIR/assets/node_modules/.cache
cp -r ${nodeDependencies}/lib/node_modules $TEMPDIR/assets
export PATH="${nodeDependencies}/bin:$PATH"
cd $TEMPDIR/assets
webpack --config ./webpack.config.js
cd ..
'';
installPhase = ''
cp -r ./priv/static $out/
'';
outputHashAlgo = "sha256";
outputHashMode = "recursive";
# nix will complain and tell you the right value to replace this with
outputHash = lib.fakeSha256;
impureEnvVars = lib.fetchers.proxyImpureEnvVars;
};
in packages.mixRelease {
inherit src pname version mixEnv mixDeps;
# if you have build time environment variables add them here
MY_ENV_VAR="my_value";
preInstall = ''
mkdir -p ./priv/static
cp -r ${frontEndFiles} ./priv/static
'';
}
```
Setup will require the following steps:
- Move your secrets to runtime environment variables. For more information refer to the [runtime.exs docs](https://hexdocs.pm/mix/Mix.Tasks.Release.html#module-runtime-configuration). On a fresh Phoenix build that would mean that both `DATABASE_URL` and `SECRET_KEY` need to be moved to `runtime.exs`.
- `cd assets` and `nix-shell -p node2nix --run node2nix --development` will generate a Nix expression containing your frontend dependencies
- commit and push those changes
- you can now `nix-build .`
- To run the release, set the `RELEASE_TMP` environment variable to a directory that your program has write access to. It will be used to store the BEAM settings.
#### Example of creating a service for an Elixir - Phoenix project
In order to create a service with your release, you could add a `service.nix`
in your project with the following
```nix
{config, pkgs, lib, ...}:
let
release = pkgs.callPackage ./default.nix;
release_name = "app";
working_directory = "/home/app";
in
{
systemd.services.${release_name} = {
wantedBy = [ "multi-user.target" ];
after = [ "network.target" "postgresql.service" ];
requires = [ "network-online.target" "postgresql.service" ];
description = "my app";
environment = {
# RELEASE_TMP is used to write the state of the
# VM configuration when the system is running
# it needs to be a writable directory
RELEASE_TMP = working_directory;
# can be generated in an elixir console with
# Base.encode32(:crypto.strong_rand_bytes(32))
RELEASE_COOKIE = "my_cookie";
MY_VAR = "my_var";
};
serviceConfig = {
Type = "exec";
DynamicUser = true;
WorkingDirectory = working_directory;
# Implied by DynamicUser, but just to emphasize due to RELEASE_TMP
PrivateTmp = true;
ExecStart = ''
${release}/bin/${release_name} start
'';
ExecStop = ''
${release}/bin/${release_name} stop
'';
ExecReload = ''
${release}/bin/${release_name} restart
'';
Restart = "on-failure";
RestartSec = 5;
StartLimitBurst = 3;
StartLimitInterval = 10;
};
# disksup requires bash
path = [ pkgs.bash ];
};
environment.systemPackages = [ release ];
}
```
## How to Develop {#how-to-develop}
### Creating a Shell {#creating-a-shell}
Usually, we need to create a `shell.nix` file and do our development inside of the environment specified therein. Just install your version of erlang and other interpreter, and then user your normal build tools. As an example with elixir:
Usually, we need to create a `shell.nix` file and do our development inside of the environment specified therein. Just install your version of Erlang and any other interpreters, and then use your normal build tools. As an example with Elixir:
```nix
{ pkgs ? import "<nixpkgs"> {} }:
@ -79,6 +216,68 @@ mkShell {
}
```
#### Building in a Shell (for Mix Projects) {#building-in-a-shell}
#### Elixir - Phoenix project
Using a `shell.nix` as described (see <xref linkend="creating-a-shell"/>) should just work.
Here is an example `shell.nix`.
```nix
with import <nixpkgs> { };
let
# define packages to install
basePackages = [
git
# replace with beam.packages.erlang.elixir_1_11 if you need
beam.packages.erlang.elixir
nodejs-15_x
postgresql_13
# only used for frontend dependencies
# you are free to use yarn2nix as well
nodePackages.node2nix
# formatting js file
nodePackages.prettier
];
inputs = basePackages ++ lib.optionals stdenv.isLinux [ inotify-tools ]
++ lib.optionals stdenv.isDarwin
(with darwin.apple_sdk.frameworks; [ CoreFoundation CoreServices ]);
# define shell startup command
hooks = ''
# this allows mix to work on the local directory
mkdir -p .nix-mix .nix-hex
export MIX_HOME=$PWD/.nix-mix
export HEX_HOME=$PWD/.nix-mix
export PATH=$MIX_HOME/bin:$HEX_HOME/bin:$PATH
# TODO: not sure how to make hex available without installing it afterwards.
mix local.hex --if-missing
export LANG=en_US.UTF-8
export ERL_AFLAGS="-kernel shell_history enabled"
# postges related
# keep all your db data in a folder inside the project
export PGDATA="$PWD/db"
# phoenix related env vars
export POOL_SIZE=15
export DB_URL="postgresql://postgres:postgres@localhost:5432/db"
export PORT=4000
export MIX_ENV=dev
# add your project env vars here, word readable in the nix store.
export ENV_VAR="your_env_var"
'';
in mkShell {
buildInputs = inputs;
shellHook = hooks;
}
```
Initializing the project will require the following steps:
- create the db directory `initdb ./db` (inside your mix project folder)
- create the postgres user `createuser postgres -ds`
- create the db `createdb db`
- start the postgres instance `pg_ctl -l "$PGDATA/server.log" start`
- add the `/db` folder to your `.gitignore`
- you can start your phoenix server and get a shell with `iex -S mix phx.server`

View file

@ -73,7 +73,7 @@ in {
darwin = filterDoubles predicates.isDarwin;
freebsd = filterDoubles predicates.isFreeBSD;
# Should be better, but MinGW is unclear.
gnu = filterDoubles (matchAttrs { kernel = parse.kernels.linux; abi = parse.abis.gnu; }) ++ filterDoubles (matchAttrs { kernel = parse.kernels.linux; abi = parse.abis.gnueabi; }) ++ filterDoubles (matchAttrs { kernel = parse.kernels.linux; abi = parse.abis.gnueabihf; }) ++ filterDoubles (matchAttrs { kernel = parse.kernels.linux; abi = parse.abis.elfv1; }) ++ filterDoubles (matchAttrs { kernel = parse.kernels.linux; abi = parse.abis.elfv2; });
gnu = filterDoubles (matchAttrs { kernel = parse.kernels.linux; abi = parse.abis.gnu; }) ++ filterDoubles (matchAttrs { kernel = parse.kernels.linux; abi = parse.abis.gnueabi; }) ++ filterDoubles (matchAttrs { kernel = parse.kernels.linux; abi = parse.abis.gnueabihf; });
illumos = filterDoubles predicates.isSunOS;
linux = filterDoubles predicates.isLinux;
netbsd = filterDoubles predicates.isNetBSD;

View file

@ -21,14 +21,10 @@ rec {
config = "powerpc64le-unknown-linux-musl";
};
ppc64-elfv1 = {
config = "powerpc64-unknown-linux-elfv1";
ppc64 = {
config = "powerpc64-unknown-linux-gnu";
gcc = { abi = "elfv2"; }; # for gcc configuration
};
ppc64-elfv2 = {
config = "powerpc64-unknown-linux-elfv2";
};
ppc64 = ppc64-elfv2; # default to modern elfv2
ppc64-musl = {
config = "powerpc64-unknown-linux-musl";
gcc = { abi = "elfv2"; }; # for gcc configuration
@ -60,6 +56,7 @@ rec {
armv7a-android-prebuilt = {
config = "armv7a-unknown-linux-androideabi";
rustc.config = "armv7-linux-androideabi";
sdkVer = "29";
ndkVer = "21";
useAndroidPrebuilt = true;
@ -67,6 +64,7 @@ rec {
aarch64-android-prebuilt = {
config = "aarch64-unknown-linux-android";
rustc.config = "aarch64-linux-android";
sdkVer = "29";
ndkVer = "21";
useAndroidPrebuilt = true;

View file

@ -337,18 +337,10 @@ rec {
The "gnu" ABI is ambiguous on 32-bit ARM. Use "gnueabi" or "gnueabihf" instead.
'';
}
{ assertion = platform: platform.system != "powerpc64-linux";
message = ''
The "gnu" ABI is ambiguous on big-endian 64-bit PPC. Use "elfv1" or "elfv2" instead.
'';
}
];
};
gnuabi64 = { abi = "64"; };
elfv1 = { abi = "elfv1"; };
elfv2 = { abi = "elfv2"; };
musleabi = { float = "soft"; };
musleabihf = { float = "hard"; };
musl = {};
@ -452,7 +444,6 @@ rec {
if lib.versionAtLeast (parsed.cpu.version or "0") "6"
then abis.gnueabihf
else abis.gnueabi
else if cpu == "powerpc64" then abis.elfv2
else abis.gnu
else abis.unknown;
};

View file

@ -118,6 +118,12 @@
githubId = 2258953;
name = "Aaron Schif";
};
aaschmid = {
email = "service@aaschmid.de";
github = "aaschmid";
githubId = 567653;
name = "Andreas Schmid";
};
abaldeau = {
email = "andreas@baldeau.net";
github = "baldo";
@ -1707,6 +1713,12 @@
githubId = 3086255;
name = "Barry Moore II";
};
chivay = {
email = "hubert.jasudowicz@gmail.com";
github = "chivay";
githubId = 14790226;
name = "Hubert Jasudowicz";
};
chkno = {
email = "chuck@intelligence.org";
github = "chkno";
@ -2471,6 +2483,12 @@
githubId = 1708810;
name = "Daniel Vianna";
};
dnr = {
email = "dnr@dnr.im";
github = "dnr";
githubId = 466723;
name = "David Reiss";
};
dochang = {
email = "dochang@gmail.com";
github = "dochang";
@ -3693,6 +3711,12 @@
githubId = 201997;
name = "Eric Seidel";
};
gspia = {
email = "iahogsp@gmail.com";
github = "gspia";
githubId = 3320792;
name = "gspia";
};
guibert = {
email = "david.guibert@gmail.com";
github = "dguibert";
@ -4902,6 +4926,12 @@
email = "jwilberding@afiniate.com";
name = "Jordan Wilberding";
};
jwygoda = {
email = "jaroslaw@wygoda.me";
github = "jwygoda";
githubId = 20658981;
name = "Jarosław Wygoda";
};
jyp = {
email = "jeanphilippe.bernardy@gmail.com";
github = "jyp";
@ -6567,6 +6597,16 @@
githubId = 754512;
name = "Mogria";
};
mohe2015 = {
name = "Moritz Hedtke";
email = "Moritz.Hedtke@t-online.de";
github = "mohe2015";
githubId = 13287984;
keys = [{
longkeyid = "rsa4096/0x6794D45A488C2EDE";
fingerprint = "1248 D3E1 1D11 4A85 75C9 8934 6794 D45A 488C 2EDE";
}];
};
monsieurp = {
email = "monsieurp@gentoo.org";
github = "monsieurp";
@ -7517,6 +7557,12 @@
githubId = 3438604;
name = "Petter Storvik";
};
p-h = {
email = "p@hurlimann.org";
github = "p-h";
githubId = 645664;
name = "Philippe Hürlimann";
};
philandstuff = {
email = "philip.g.potter@gmail.com";
github = "philandstuff";
@ -7631,6 +7677,16 @@
githubId = 610615;
name = "Chih-Mao Chen";
};
plabadens = {
name = "Pierre Labadens";
email = "labadens.pierre+nixpkgs@gmail.com";
github = "plabadens";
githubId = 4303706;
keys = [{
longkeyid = "rsa2048/0xF55814E4D6874375";
fingerprint = "B00F E582 FD3F 0732 EA48 3937 F558 14E4 D687 4375";
}];
};
plchldr = {
email = "mail@oddco.de";
github = "plchldr";
@ -9185,6 +9241,12 @@
githubId = 1699155;
name = "Steve Elliott";
};
stephank = {
email = "nix@stephank.nl";
github = "stephank";
githubId = 89950;
name = "Stéphan Kochen";
};
stephenmw = {
email = "stephen@q5comm.com";
github = "stephenmw";
@ -9451,6 +9513,12 @@
githubId = 321799;
name = "Paul Colomiets";
};
takagiy = {
email = "takagiy.4dev@gmail.com";
github = "takagiy";
githubId = 18656090;
name = "Yuki Takagi";
};
taketwo = {
email = "alexandrov88@gmail.com";
github = "taketwo";
@ -10436,6 +10504,12 @@
githubId = 78392041;
name = "Winter";
};
wirew0rm = {
email = "alex@wirew0rm.de";
github = "wirew0rm";
githubId = 1202371;
name = "Alexander Krimm";
};
wishfort36 = {
email = "42300264+wishfort36@users.noreply.github.com";
github = "wishfort36";
@ -10532,6 +10606,12 @@
githubId = 13378502;
name = "Wulfsta";
};
wunderbrick = {
name = "Andrew Phipps";
email = "lambdafuzz@tutanota.com";
github = "wunderbrick";
githubId = 52174714;
};
wyvie = {
email = "elijahrum@gmail.com";
github = "wyvie";
@ -10616,6 +10696,12 @@
githubId = 11824817;
name = "Marti Serra";
};
xworld21 = {
email = "1962985+xworld21@users.noreply.github.com";
github = "xworld21";
githubId = 1962985;
name = "Vincenzo Mantova";
};
xwvvvvwx = {
email = "davidterry@posteo.de";
github = "xwvvvvwx";

View file

@ -133,7 +133,7 @@ true
<programlisting>
{ config, pkgs, ... }:
let netConfig = { hostName }: {
let netConfig = hostName: {
networking.hostName = hostName;
networking.useDHCP = false;
};

View file

@ -83,6 +83,17 @@
further details.
</para>
</listitem>
<listitem>
<para>
The <option>services.packagekit.backend</option> option has been removed as
it only supported a single setting which would always be the default.
Instead new <link
xlink:href="https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md">RFC
0042</link> compliant <xref linkend="opt-services.packagekit.settings"/>
and <xref linkend="opt-services.packagekit.vendorSettings"/> options have
been introduced.
</para>
</listitem>
</itemizedlist>
</section>

View file

@ -556,10 +556,8 @@ in {
install -m 0700 -d /root
install -m 0755 -d /home
${pkgs.perl}/bin/perl -w \
-I${pkgs.perlPackages.FileSlurp}/${pkgs.perl.libPrefix} \
-I${pkgs.perlPackages.JSON}/${pkgs.perl.libPrefix} \
${./update-users-groups.pl} ${spec}
${pkgs.perl.withPackages (p: [ p.FileSlurp p.JSON ])}/bin/perl \
-w ${./update-users-groups.pl} ${spec}
'';
# for backwards compatibility

View file

@ -6,14 +6,13 @@ let
in {
options.hardware.rtl-sdr = {
enable = lib.mkEnableOption ''
Enables rtl-sdr udev rules and ensures 'plugdev' group exists.
This is a prerequisite to using devices supported by rtl-sdr without
being root, since rtl-sdr USB descriptors will be owned by plugdev
through udev.
Enables rtl-sdr udev rules, ensures 'plugdev' group exists, and blacklists DVB kernel modules.
This is a prerequisite to using devices supported by rtl-sdr without being root, since rtl-sdr USB descriptors will be owned by plugdev through udev.
'';
};
config = lib.mkIf cfg.enable {
boot.blacklistedKernelModules = [ "dvb_usb_rtl28xxu" "e4000" "rtl2832" ];
services.udev.packages = [ pkgs.rtl-sdr ];
users.groups.plugdev = {};
};

View file

@ -17,6 +17,9 @@ let
firmware-pkg = pkgs.system76-firmware;
firmwareConfig = mkIf cfg.firmware-daemon.enable {
# Make system76-firmware-cli usable by root from the command line.
environment.systemPackages = [ firmware-pkg ];
services.dbus.packages = [ firmware-pkg ];
systemd.services.system76-firmware-daemon = {

View file

@ -34,7 +34,7 @@ let
name = "nixos-generate-config";
src = ./nixos-generate-config.pl;
path = lib.optionals (lib.elem "btrfs" config.boot.supportedFilesystems) [ pkgs.btrfs-progs ];
perl = "${pkgs.perl}/bin/perl -I${pkgs.perlPackages.FileSlurp}/${pkgs.perl.libPrefix}";
perl = "${pkgs.perl.withPackages (p: [ p.FileSlurp ])}/bin/perl";
inherit (config.system.nixos-generate-config) configuration desktopConfiguration;
xserverEnabled = config.services.xserver.enable;
};

View file

@ -288,6 +288,7 @@
./services/continuous-integration/hail.nix
./services/continuous-integration/hercules-ci-agent/default.nix
./services/continuous-integration/hydra/default.nix
./services/continuous-integration/github-runner.nix
./services/continuous-integration/gitlab-runner.nix
./services/continuous-integration/gocd-agent/default.nix
./services/continuous-integration/gocd-server/default.nix
@ -658,6 +659,7 @@
./services/networking/dnscrypt-wrapper.nix
./services/networking/dnsdist.nix
./services/networking/dnsmasq.nix
./services/networking/doh-proxy-rust.nix
./services/networking/ncdns.nix
./services/networking/nomad.nix
./services/networking/ejabberd.nix
@ -679,6 +681,7 @@
./services/networking/gnunet.nix
./services/networking/go-neb.nix
./services/networking/go-shadowsocks2.nix
./services/networking/gobgpd.nix
./services/networking/gogoclient.nix
./services/networking/gvpe.nix
./services/networking/hans.nix
@ -863,6 +866,7 @@
./services/security/shibboleth-sp.nix
./services/security/sks.nix
./services/security/sshguard.nix
./services/security/step-ca.nix
./services/security/tor.nix
./services/security/torify.nix
./services/security/torsocks.nix

View file

@ -14,10 +14,8 @@ let
dir = "bin";
src = ./command-not-found.pl;
isExecutable = true;
inherit (pkgs) perl;
inherit (cfg) dbPath;
perlFlags = concatStrings (map (path: "-I ${path}/${pkgs.perl.libPrefix} ")
[ pkgs.perlPackages.DBI pkgs.perlPackages.DBDSQLite pkgs.perlPackages.StringShellQuote ]);
perl = pkgs.perl.withPackages (p: [ p.DBDSQLite p.StringShellQuote ]);
};
in

View file

@ -1,4 +1,4 @@
#! @perl@/bin/perl -w @perlFlags@
#! @perl@/bin/perl -w
use strict;
use DBI;

View file

@ -0,0 +1,299 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.github-runner;
svcName = "github-runner";
systemdDir = "${svcName}/${cfg.name}";
# %t: Runtime directory root (usually /run); see systemd.unit(5)
runtimeDir = "%t/${systemdDir}";
# %S: State directory root (usually /var/lib); see systemd.unit(5)
stateDir = "%S/${systemdDir}";
# %L: Log directory root (usually /var/log); see systemd.unit(5)
logsDir = "%L/${systemdDir}";
in
{
options.services.github-runner = {
enable = mkOption {
default = false;
example = true;
description = ''
Whether to enable GitHub Actions runner.
Note: GitHub recommends using self-hosted runners with private repositories only. Learn more here:
<link xlink:href="https://docs.github.com/en/actions/hosting-your-own-runners/about-self-hosted-runners"
>About self-hosted runners</link>.
'';
type = lib.types.bool;
};
url = mkOption {
type = types.str;
description = ''
Repository to add the runner to.
Changing this option triggers a new runner registration.
'';
example = "https://github.com/nixos/nixpkgs";
};
tokenFile = mkOption {
type = types.path;
description = ''
The full path to a file which contains the runner registration token.
The file should contain exactly one line with the token without any newline.
The token can be used to re-register a runner of the same name but is time-limited.
Changing this option or the file's content triggers a new runner registration.
'';
example = "/run/secrets/github-runner/nixos.token";
};
name = mkOption {
# Same pattern as for `networking.hostName`
type = types.strMatching "^$|^[[:alnum:]]([[:alnum:]_-]{0,61}[[:alnum:]])?$";
description = ''
Name of the runner to configure. Defaults to the hostname.
Changing this option triggers a new runner registration.
'';
example = "nixos";
default = config.networking.hostName;
};
runnerGroup = mkOption {
type = types.nullOr types.str;
description = ''
Name of the runner group to add this runner to (defaults to the default runner group).
Changing this option triggers a new runner registration.
'';
default = null;
};
extraLabels = mkOption {
type = types.listOf types.str;
description = ''
Extra labels in addition to the default (<literal>["self-hosted", "Linux", "X64"]</literal>).
Changing this option triggers a new runner registration.
'';
example = literalExample ''[ "nixos" ]'';
default = [ ];
};
replace = mkOption {
type = types.bool;
description = ''
Replace any existing runner with the same name.
Without this flag, registering a new runner with the same name fails.
'';
default = false;
};
extraPackages = mkOption {
type = types.listOf types.package;
description = ''
Extra packages to add to <literal>PATH</literal> of the service to make them available to workflows.
'';
default = [ ];
};
};
config = mkIf cfg.enable {
warnings = optionals (isStorePath cfg.tokenFile) [
''
`services.github-runner.tokenFile` points to the Nix store and, therefore, is world-readable.
Consider using a path outside of the Nix store to keep the token private.
''
];
systemd.services.${svcName} = {
description = "GitHub Actions runner";
wantedBy = [ "multi-user.target" ];
wants = [ "network-online.target" ];
after = [ "network.target" "network-online.target" ];
environment = {
HOME = runtimeDir;
RUNNER_ROOT = runtimeDir;
};
path = (with pkgs; [
bash
coreutils
git
gnutar
gzip
]) ++ [
config.nix.package
] ++ cfg.extraPackages;
serviceConfig = rec {
ExecStart = "${pkgs.github-runner}/bin/runsvc.sh";
# Does the following, sequentially:
# - Copy the current and the previous `tokenFile` to the $RUNTIME_DIRECTORY
# and make it accessible to the service user to allow for a content
# comparison.
# - If the module configuration or the token has changed, clear the state directory.
# - Configure the runner.
# - Copy the configured `tokenFile` to the $STATE_DIRECTORY and make it
# inaccessible to the service user.
# - Set up the directory structure by creating the necessary symlinks.
ExecStartPre =
let
# Wrapper script which expects the full path of the state, runtime and logs
# directory as arguments. Overrides the respective systemd variables to provide
# unambiguous directory names. This becomes relevant, for example, if the
# caller overrides any of the StateDirectory=, RuntimeDirectory= or LogDirectory=
# to contain more than one directory. This causes systemd to set the respective
# environment variables with the path of all of the given directories, separated
# by a colon.
writeScript = name: lines: pkgs.writeShellScript "${svcName}-${name}.sh" ''
set -euo pipefail
STATE_DIRECTORY="$1"
RUNTIME_DIRECTORY="$2"
LOGS_DIRECTORY="$3"
${lines}
'';
currentConfigPath = "$STATE_DIRECTORY/.nixos-current-config.json";
runnerRegistrationConfig = getAttrs [ "name" "tokenFile" "url" "runnerGroup" "extraLabels" ] cfg;
newConfigPath = builtins.toFile "${svcName}-config.json" (builtins.toJSON runnerRegistrationConfig);
currentConfigTokenFilename = ".current-token";
newConfigTokenFilename = ".new-token";
runnerCredFiles = [
".credentials"
".credentials_rsaparams"
".runner"
];
ownConfigTokens = writeScript "own-config-tokens" ''
# Copy current and new token file to runtime dir and make it accessible to the service user
cp ${escapeShellArg cfg.tokenFile} "$RUNTIME_DIRECTORY/${newConfigTokenFilename}"
chmod 600 "$RUNTIME_DIRECTORY/${newConfigTokenFilename}"
chown "$USER" "$RUNTIME_DIRECTORY/${newConfigTokenFilename}"
if [[ -e "$STATE_DIRECTORY/${currentConfigTokenFilename}" ]]; then
cp "$STATE_DIRECTORY/${currentConfigTokenFilename}" "$RUNTIME_DIRECTORY/${currentConfigTokenFilename}"
chmod 600 "$RUNTIME_DIRECTORY/${currentConfigTokenFilename}"
chown "$USER" "$RUNTIME_DIRECTORY/${currentConfigTokenFilename}"
fi
'';
disownConfigTokens = writeScript "disown-config-tokens" ''
# Make the token inaccessible to the runner service user
chmod 600 "$STATE_DIRECTORY/${currentConfigTokenFilename}"
chown root:root "$STATE_DIRECTORY/${currentConfigTokenFilename}"
'';
unconfigureRunner = writeScript "unconfigure" ''
differs=
# Set `differs = 1` if current and new runner config differ or if `currentConfigPath` does not exist
${pkgs.diffutils}/bin/diff -q '${newConfigPath}' "${currentConfigPath}" >/dev/null 2>&1 || differs=1
# Also trigger a registration if the token content changed
${pkgs.diffutils}/bin/diff -q \
"$RUNTIME_DIRECTORY"/{${currentConfigTokenFilename},${newConfigTokenFilename}} \
>/dev/null 2>&1 || differs=1
if [[ -n "$differs" ]]; then
echo "Config has changed, removing old runner state."
echo "The old runner will still appear in the GitHub Actions UI." \
"You have to remove it manually."
find "$STATE_DIRECTORY/" -mindepth 1 -delete
fi
'';
configureRunner = writeScript "configure" ''
empty=$(ls -A "$STATE_DIRECTORY")
if [[ -z "$empty" ]]; then
echo "Configuring GitHub Actions Runner"
token=$(< "$RUNTIME_DIRECTORY"/${newConfigTokenFilename})
RUNNER_ROOT="$STATE_DIRECTORY" ${pkgs.github-runner}/bin/config.sh \
--unattended \
--work "$RUNTIME_DIRECTORY" \
--url ${escapeShellArg cfg.url} \
--token "$token" \
--labels ${escapeShellArg (concatStringsSep "," cfg.extraLabels)} \
--name ${escapeShellArg cfg.name} \
${optionalString cfg.replace "--replace"} \
${optionalString (cfg.runnerGroup != null) "--runnergroup ${escapeShellArg cfg.runnerGroup}"}
# Move the automatically created _diag dir to the logs dir
mkdir -p "$STATE_DIRECTORY/_diag"
cp -r "$STATE_DIRECTORY/_diag/." "$LOGS_DIRECTORY/"
rm -rf "$STATE_DIRECTORY/_diag/"
# Cleanup token from config
rm -f "$RUNTIME_DIRECTORY"/${currentConfigTokenFilename}
mv "$RUNTIME_DIRECTORY"/${newConfigTokenFilename} "$STATE_DIRECTORY/${currentConfigTokenFilename}"
# Symlink to new config
ln -s '${newConfigPath}' "${currentConfigPath}"
fi
'';
setupRuntimeDir = writeScript "setup-runtime-dirs" ''
# Link _diag dir
ln -s "$LOGS_DIRECTORY" "$RUNTIME_DIRECTORY/_diag"
# Link the runner credentials to the runtime dir
ln -s "$STATE_DIRECTORY"/{${lib.concatStringsSep "," runnerCredFiles}} "$RUNTIME_DIRECTORY/"
'';
in
map (x: "${x} ${escapeShellArgs [ stateDir runtimeDir logsDir ]}") [
"+${ownConfigTokens}" # runs as root
unconfigureRunner
configureRunner
"+${disownConfigTokens}" # runs as root
setupRuntimeDir
];
# Contains _diag
LogsDirectory = [ systemdDir ];
# Default RUNNER_ROOT which contains ephemeral Runner data
RuntimeDirectory = [ systemdDir ];
# Home of persistent runner data, e.g., credentials
StateDirectory = [ systemdDir ];
StateDirectoryMode = "0700";
WorkingDirectory = runtimeDir;
# By default, use a dynamically allocated user
DynamicUser = true;
KillMode = "process";
KillSignal = "SIGTERM";
# Hardening (may overlap with DynamicUser=)
# The following options are only for optimizing:
# systemd-analyze security github-runner
AmbientCapabilities = "";
CapabilityBoundingSet = "";
# ProtectClock= adds DeviceAllow=char-rtc r
DeviceAllow = "";
LockPersonality = true;
NoNewPrivileges = true;
PrivateDevices = true;
PrivateMounts = true;
PrivateTmp = true;
PrivateUsers = true;
ProtectClock = true;
ProtectControlGroups = true;
ProtectHome = true;
ProtectHostname = true;
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
ProtectSystem = "strict";
RemoveIPC = true;
RestrictNamespaces = true;
RestrictRealtime = true;
RestrictSUIDSGID = true;
UMask = "0066";
# Needs network access
PrivateNetwork = false;
# Cannot be true due to Node
MemoryDenyWriteExecute = false;
};
};
};
}

View file

@ -163,7 +163,7 @@ in
'';
example = literalExample ''
{
"DATABASE nextcloud" = "ALL PRIVILEGES";
"DATABASE \"nextcloud\"" = "ALL PRIVILEGES";
"ALL TABLES IN SCHEMA public" = "ALL PRIVILEGES";
}
'';

View file

@ -88,6 +88,13 @@ in
example = "/run/redis/redis.sock";
};
unixSocketPerm = mkOption {
type = types.int;
default = 750;
description = "Change permissions for the socket";
example = 700;
};
logLevel = mkOption {
type = types.str;
default = "notice"; # debug, verbose, notice, warning
@ -204,7 +211,6 @@ in
'';
example = literalExample ''
{
unixsocketperm = "700";
loadmodule = [ "/path/to/my_module.so" "/path/to/other_module.so" ];
}
'';
@ -256,7 +262,7 @@ in
slowlog-max-len = cfg.slowLogMaxLen;
}
(mkIf (cfg.bind != null) { bind = cfg.bind; })
(mkIf (cfg.unixSocket != null) { unixsocket = cfg.unixSocket; })
(mkIf (cfg.unixSocket != null) { unixsocket = cfg.unixSocket; unixsocketperm = "${toString cfg.unixSocketPerm}"; })
(mkIf (cfg.slaveOf != null) { slaveof = "${cfg.slaveOf.ip} ${cfg.slaveOf.port}"; })
(mkIf (cfg.masterAuth != null) { masterauth = cfg.masterAuth; })
(mkIf (cfg.requirePass != null) { requirepass = cfg.requirePass; })
@ -277,11 +283,18 @@ in
serviceConfig = {
ExecStart = "${cfg.package}/bin/redis-server /run/redis/redis.conf";
RuntimeDirectory = "redis";
StateDirectory = "redis";
Type = "notify";
# User and group
User = "redis";
Group = "redis";
# Runtime directory and mode
RuntimeDirectory = "redis";
RuntimeDirectoryMode = "0750";
# State directory and mode
StateDirectory = "redis";
StateDirectoryMode = "0700";
# Access write directories
UMask = "0077";
};
};
};

View file

@ -11,6 +11,7 @@ let
haveAliases = cfg.postmasterAlias != "" || cfg.rootAlias != ""
|| cfg.extraAliases != "";
haveCanonical = cfg.canonical != "";
haveTransport = cfg.transport != "";
haveVirtual = cfg.virtual != "";
haveLocalRecipients = cfg.localRecipients != null;
@ -244,6 +245,7 @@ let
;
aliasesFile = pkgs.writeText "postfix-aliases" aliases;
canonicalFile = pkgs.writeText "postfix-canonical" cfg.canonical;
virtualFile = pkgs.writeText "postfix-virtual" cfg.virtual;
localRecipientMapFile = pkgs.writeText "postfix-local-recipient-map" (concatMapStrings (x: x + " ACCEPT\n") cfg.localRecipients);
checkClientAccessFile = pkgs.writeText "postfix-check-client-access" cfg.dnsBlacklistOverrides;
@ -529,6 +531,15 @@ in
";
};
canonical = mkOption {
type = types.lines;
default = "";
description = ''
Entries for the <citerefentry><refentrytitle>canonical</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> table.
'';
};
virtual = mkOption {
type = types.lines;
default = "";
@ -941,6 +952,9 @@ in
(mkIf haveAliases {
services.postfix.aliasFiles.aliases = aliasesFile;
})
(mkIf haveCanonical {
services.postfix.mapFiles.canonical = canonicalFile;
})
(mkIf haveTransport {
services.postfix.mapFiles.transport = transportFile;
})

View file

@ -29,6 +29,16 @@ in
default = "jellyfin";
description = "Group under which jellyfin runs.";
};
openFirewall = mkOption {
type = types.bool;
default = false;
description = ''
Open the default ports in the firewall for the media server. The
HTTP/HTTPS ports can be changed in the Web UI, so this option should
only be used if they are unchanged.
'';
};
};
};
@ -104,6 +114,12 @@ in
jellyfin = {};
};
networking.firewall = mkIf cfg.openFirewall {
# from https://jellyfin.org/docs/general/networking/index.html
allowedTCPPorts = [ 8096 8920 ];
allowedUDPPorts = [ 1900 7359 ];
};
};
meta.maintainers = with lib.maintainers; [ minijackson ];

View file

@ -0,0 +1,60 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.doh-proxy-rust;
in {
options.services.doh-proxy-rust = {
enable = mkEnableOption "doh-proxy-rust";
flags = mkOption {
type = types.listOf types.str;
default = [];
example = literalExample [ "--server-address=9.9.9.9:53" ];
description = ''
A list of command-line flags to pass to doh-proxy. For details on the
available options, see <link xlink:href="https://github.com/jedisct1/doh-server#usage"/>.
'';
};
};
config = mkIf cfg.enable {
systemd.services.doh-proxy-rust = {
description = "doh-proxy-rust";
after = [ "network.target" "nss-lookup.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${pkgs.doh-proxy-rust}/bin/doh-proxy ${escapeShellArgs cfg.flags}";
Restart = "always";
RestartSec = 10;
DynamicUser = true;
CapabilityBoundingSet = "";
LockPersonality = true;
MemoryDenyWriteExecute = true;
NoNewPrivileges = true;
ProtectClock = true;
ProtectHome = true;
ProtectHostname = true;
ProtectKernelLogs = true;
RemoveIPC = true;
RestrictAddressFamilies = "AF_INET AF_INET6";
RestrictNamespaces = true;
RestrictRealtime = true;
RestrictSUIDSGID = true;
SystemCallArchitectures = "native";
SystemCallErrorNumber = "EPERM";
SystemCallFilter = [ "@system-service" "~@privileged @resources" ];
};
};
};
meta.maintainers = with maintainers; [ stephank ];
}

View file

@ -0,0 +1,64 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.gobgpd;
format = pkgs.formats.toml { };
confFile = format.generate "gobgpd.conf" cfg.settings;
in {
options.services.gobgpd = {
enable = mkEnableOption "GoBGP Routing Daemon";
settings = mkOption {
type = format.type;
default = { };
description = ''
GoBGP configuration. Refer to
<link xlink:href="https://github.com/osrg/gobgp#documentation"/>
for details on supported values.
'';
example = literalExample ''
{
global = {
config = {
as = 64512;
router-id = "192.168.255.1";
};
};
neighbors = [
{
config = {
neighbor-address = "10.0.255.1";
peer-as = 65001;
};
}
{
config = {
neighbor-address = "10.0.255.2";
peer-as = 65002;
};
}
];
}
'';
};
};
config = mkIf cfg.enable {
environment.systemPackages = [ pkgs.gobgpd ];
systemd.services.gobgpd = {
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
description = "GoBGP Routing Daemon";
serviceConfig = {
Type = "notify";
ExecStartPre = "${pkgs.gobgpd}/bin/gobgpd -f ${confFile} -d";
ExecStart = "${pkgs.gobgpd}/bin/gobgpd -f ${confFile} --sdnotify";
ExecReload = "${pkgs.gobgpd}/bin/gobgpd -r";
DynamicUser = true;
AmbientCapabilities = "cap_net_bind_service";
};
};
};
}

View file

@ -484,6 +484,8 @@ in {
})
];
boot.kernelModules = [ "ctr" ];
security.polkit.extraConfig = polkitConf;
services.dbus.packages = cfg.packages

View file

@ -242,7 +242,7 @@ in
"default.action"
] ++ optional cfg.inspectHttps (toString inspectAction);
} // (optionalAttrs cfg.enableTor {
forward-socks5 = "127.0.0.1:9063 .";
forward-socks5 = "/ 127.0.0.1:9063 .";
toggle = true;
enable-remote-toggle = false;
enable-edit-actions = false;

View file

@ -4,10 +4,22 @@ with lib;
let
cfg = config.services.spacecookie;
configFile = pkgs.writeText "spacecookie.json" (lib.generators.toJSON {} {
inherit (cfg) hostname port root;
});
spacecookieConfig = {
listen = {
inherit (cfg) port;
};
} // cfg.settings;
format = pkgs.formats.json {};
configFile = format.generate "spacecookie.json" spacecookieConfig;
in {
imports = [
(mkRenamedOptionModule [ "services" "spacecookie" "root" ] [ "services" "spacecookie" "settings" "root" ])
(mkRenamedOptionModule [ "services" "spacecookie" "hostname" ] [ "services" "spacecookie" "settings" "hostname" ])
];
options = {
@ -15,32 +27,149 @@ in {
enable = mkEnableOption "spacecookie";
hostname = mkOption {
type = types.str;
default = "localhost";
description = "The hostname the service is reachable via. Clients will use this hostname for further requests after loading the initial gopher menu.";
package = mkOption {
type = types.package;
default = pkgs.spacecookie;
defaultText = literalExample "pkgs.spacecookie";
example = literalExample "pkgs.haskellPackages.spacecookie";
description = ''
The spacecookie derivation to use. This can be used to
override the used package or to use another version.
'';
};
openFirewall = mkOption {
type = types.bool;
default = false;
description = ''
Whether to open the necessary port in the firewall for spacecookie.
'';
};
port = mkOption {
type = types.port;
default = 70;
description = "Port the gopher service should be exposed on.";
description = ''
Port the gopher service should be exposed on.
'';
};
root = mkOption {
address = mkOption {
type = types.str;
default = "[::]";
description = ''
Address to listen on. Must be in the
<literal>ListenStream=</literal> syntax of
<link xlink:href="https://www.freedesktop.org/software/systemd/man/systemd.socket.html">systemd.socket(5)</link>.
'';
};
settings = mkOption {
type = types.submodule {
freeformType = format.type;
options.hostname = mkOption {
type = types.str;
default = "localhost";
description = ''
The hostname the service is reachable via. Clients
will use this hostname for further requests after
loading the initial gopher menu.
'';
};
options.root = mkOption {
type = types.path;
default = "/srv/gopher";
description = "The root directory spacecookie serves via gopher.";
description = ''
The directory spacecookie should serve via gopher.
Files in there need to be world-readable since
the spacecookie service file sets
<literal>DynamicUser=true</literal>.
'';
};
options.log = {
enable = mkEnableOption "logging for spacecookie"
// { default = true; example = false; };
hide-ips = mkOption {
type = types.bool;
default = true;
description = ''
If enabled, spacecookie will hide personal
information of users like IP addresses from
log output.
'';
};
hide-time = mkOption {
type = types.bool;
# since we are starting with systemd anyways
# we deviate from the default behavior here:
# journald will add timestamps, so no need
# to double up.
default = true;
description = ''
If enabled, spacecookie will not print timestamps
at the beginning of every log line.
'';
};
level = mkOption {
type = types.enum [
"info"
"warn"
"error"
];
default = "info";
description = ''
Log level for the spacecookie service.
'';
};
};
};
description = ''
Settings for spacecookie. The settings set here are
directly translated to the spacecookie JSON config
file. See
<link xlink:href="https://sternenseemann.github.io/spacecookie/spacecookie.json.5.html">spacecookie.json(5)</link>
for explanations of all options.
'';
};
};
};
config = mkIf cfg.enable {
assertions = [
{
assertion = !(cfg.settings ? user);
message = ''
spacecookie is started as a normal user, so the setuid
feature doesn't work. If you want to run spacecookie as
a specific user, set:
systemd.services.spacecookie.serviceConfig = {
DynamicUser = false;
User = "youruser";
Group = "yourgroup";
}
'';
}
{
assertion = !(cfg.settings ? listen || cfg.settings ? port);
message = ''
The NixOS spacecookie module uses socket activation,
so the listen options have no effect. Use the port
and address options in services.spacecookie instead.
'';
}
];
systemd.sockets.spacecookie = {
description = "Socket for the Spacecookie Gopher Server";
wantedBy = [ "sockets.target" ];
listenStreams = [ "[::]:${toString cfg.port}" ];
listenStreams = [ "${cfg.address}:${toString cfg.port}" ];
socketConfig = {
BindIPv6Only = "both";
};
@ -53,7 +182,7 @@ in {
serviceConfig = {
Type = "notify";
ExecStart = "${pkgs.haskellPackages.spacecookie}/bin/spacecookie ${configFile}";
ExecStart = "${lib.getBin cfg.package}/bin/spacecookie ${configFile}";
FileDescriptorStoreMax = 1;
DynamicUser = true;
@ -79,5 +208,9 @@ in {
RestrictAddressFamilies = "AF_UNIX AF_INET6";
};
};
networking.firewall = mkIf cfg.openFirewall {
allowedTCPPorts = [ cfg.port ];
};
};
}

View file

@ -0,0 +1,134 @@
{ config, lib, pkgs, ... }:
let
cfg = config.services.step-ca;
settingsFormat = (pkgs.formats.json { });
in
{
meta.maintainers = with lib.maintainers; [ mohe2015 ];
options = {
services.step-ca = {
enable = lib.mkEnableOption "the smallstep certificate authority server";
openFirewall = lib.mkEnableOption "opening the certificate authority server port";
package = lib.mkOption {
type = lib.types.package;
default = pkgs.step-ca;
description = "Which step-ca package to use.";
};
address = lib.mkOption {
type = lib.types.str;
example = "127.0.0.1";
description = ''
The address (without port) the certificate authority should listen at.
This combined with <option>services.step-ca.port</option> overrides <option>services.step-ca.settings.address</option>.
'';
};
port = lib.mkOption {
type = lib.types.port;
example = 8443;
description = ''
The port the certificate authority should listen on.
This combined with <option>services.step-ca.address</option> overrides <option>services.step-ca.settings.address</option>.
'';
};
settings = lib.mkOption {
type = with lib.types; attrsOf anything;
description = ''
Settings that go into <filename>ca.json</filename>. See
<link xlink:href="https://smallstep.com/docs/step-ca/configuration">
the step-ca manual</link> for more information. The easiest way to
configure this module would be to run <literal>step ca init</literal>
to generate <filename>ca.json</filename> and then import it using
<literal>builtins.fromJSON</literal>.
<link xlink:href="https://smallstep.com/docs/step-cli/basic-crypto-operations#run-an-offline-x509-certificate-authority">This article</link>
may also be useful if you want to customize certain aspects of
certificate generation for your CA.
You need to change the database storage path to <filename>/var/lib/step-ca/db</filename>.
<warning>
<para>
The <option>services.step-ca.settings.address</option> option
will be ignored and overwritten by
<option>services.step-ca.address</option> and
<option>services.step-ca.port</option>.
</para>
</warning>
'';
};
intermediatePasswordFile = lib.mkOption {
type = lib.types.path;
example = "/run/keys/smallstep-password";
description = ''
Path to the file containing the password for the intermediate
certificate private key.
<warning>
<para>
Make sure to use a quoted absolute path instead of a path literal
to prevent it from being copied to the globally readable Nix
store.
</para>
</warning>
'';
};
};
};
config = lib.mkIf config.services.step-ca.enable (
let
configFile = settingsFormat.generate "ca.json" (cfg.settings // {
address = cfg.address + ":" + toString cfg.port;
});
in
{
assertions =
[
{
assertion = !lib.isStorePath cfg.intermediatePasswordFile;
message = ''
<option>services.step-ca.intermediatePasswordFile</option> points to
a file in the Nix store. You should use a quoted absolute path to
prevent this.
'';
}
];
systemd.packages = [ cfg.package ];
# configuration file indirection is needed to support reloading
environment.etc."smallstep/ca.json".source = configFile;
systemd.services."step-ca" = {
wantedBy = [ "multi-user.target" ];
restartTriggers = [ configFile ];
unitConfig = {
ConditionFileNotEmpty = ""; # override upstream
};
serviceConfig = {
Environment = "HOME=%S/step-ca";
WorkingDirectory = ""; # override upstream
ReadWriteDirectories = ""; # override upstream
# LocalCredential handles file permission problems arising from the use of DynamicUser.
LoadCredential = "intermediate_password:${cfg.intermediatePasswordFile}";
ExecStart = [
"" # override upstream
"${cfg.package}/bin/step-ca /etc/smallstep/ca.json --password-file \${CREDENTIALS_DIRECTORY}/intermediate_password"
];
# ProtectProc = "invisible"; # not supported by upstream yet
# ProcSubset = "pid"; # not supported by upstream upstream yet
# PrivateUsers = true; # doesn't work with privileged ports therefore not supported by upstream
DynamicUser = true;
StateDirectory = "step-ca";
};
};
networking.firewall = lib.mkIf cfg.openFirewall {
allowedTCPPorts = [ cfg.port ];
};
}
);
}

View file

@ -157,7 +157,7 @@ let
proxy_connect_timeout 60;
proxy_send_timeout 60;
proxy_read_timeout 60;
proxy_http_version 1.0;
proxy_http_version 1.1;
include ${recommendedProxyConfig};
''}

View file

@ -37,6 +37,7 @@ in
./tinywm.nix
./twm.nix
./windowmaker.nix
./wmderland.nix
./wmii.nix
./xmonad.nix
./yeahwm.nix

View file

@ -0,0 +1,61 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.xserver.windowManager.wmderland;
in
{
options.services.xserver.windowManager.wmderland = {
enable = mkEnableOption "wmderland";
extraSessionCommands = mkOption {
default = "";
type = types.lines;
description = ''
Shell commands executed just before wmderland is started.
'';
};
extraPackages = mkOption {
type = with types; listOf package;
default = with pkgs; [
rofi
dunst
light
hsetroot
feh
rxvt-unicode
];
example = literalExample ''
with pkgs; [
rofi
dunst
light
hsetroot
feh
rxvt-unicode
]
'';
description = ''
Extra packages to be installed system wide.
'';
};
};
config = mkIf cfg.enable {
services.xserver.windowManager.session = singleton {
name = "wmderland";
start = ''
${cfg.extraSessionCommands}
${pkgs.wmderland}/bin/wmderland &
waitPID=$!
'';
};
environment.systemPackages = [
pkgs.wmderland pkgs.wmderlandc
] ++ cfg.extraPackages;
};
}

View file

@ -1,4 +1,4 @@
#! @perl@
#! @perl@/bin/perl
use strict;
use warnings;

View file

@ -113,8 +113,7 @@ let
configurationName = config.boot.loader.grub.configurationName;
# Needed by switch-to-configuration.
perl = "${pkgs.perl}/bin/perl " + (concatMapStringsSep " " (lib: "-I${lib}/${pkgs.perl.libPrefix}") (with pkgs.perlPackages; [ FileSlurp NetDBus XMLParser XMLTwig ]));
perl = pkgs.perl.withPackages (p: with p; [ FileSlurp NetDBus XMLParser XMLTwig ]);
};
# Handle assertions and warnings

View file

@ -728,13 +728,17 @@ in
utillinux = pkgs.util-linux;
btrfsprogs = pkgs.btrfs-progs;
};
perl = pkgs.perl.withPackages (p: with p; [
FileSlurp FileCopyRecursive
XMLLibXML XMLSAX XMLSAXBase
ListCompare JSON
]);
in pkgs.writeScript "install-grub.sh" (''
#!${pkgs.runtimeShell}
set -e
export PERL5LIB=${with pkgs.perlPackages; makePerlPath [ FileSlurp FileCopyRecursive XMLLibXML XMLSAX XMLSAXBase ListCompare JSON ]}
${optionalString cfg.enableCryptodisk "export GRUB_ENABLE_CRYPTODISK=y"}
'' + flip concatMapStrings cfg.mirroredBoots (args: ''
${pkgs.perl}/bin/perl ${install-grub-pl} ${grubConfig args} $@
${perl}/bin/perl ${install-grub-pl} ${grubConfig args} $@
'') + cfg.extraInstallCommands);
system.build.grub = grub;

View file

@ -154,7 +154,7 @@ in
''
# Set up the statically computed bits of /etc.
echo "setting up /etc..."
${pkgs.perl}/bin/perl -I${pkgs.perlPackages.FileSlurp}/${pkgs.perl.libPrefix} ${./setup-etc.pl} ${etc}/etc
${pkgs.perl.withPackages (p: [ p.FileSlurp ])}/bin/perl ${./setup-etc.pl} ${etc}/etc
'';
};

View file

@ -6,7 +6,7 @@ let
makeScript = name: service: pkgs.writeScript "${name}-runner"
''
#! ${pkgs.perl}/bin/perl -w -I${pkgs.perlPackages.FileSlurp}/${pkgs.perl.libPrefix}
#! ${pkgs.perl.withPackages (p: [ p.FileSlurp ])}/bin/perl -w
use File::Slurp;

View file

@ -4,15 +4,7 @@ let
inherit (lib) mkOption types;
# Once https://github.com/NixOS/nixpkgs/pull/75584 is merged we can use the TOML generator
toTOML = name: value: pkgs.runCommandNoCC name {
nativeBuildInputs = [ pkgs.remarshal ];
value = builtins.toJSON value;
passAsFile = [ "value" ];
} ''
json2toml "$valuePath" "$out"
'';
toml = pkgs.formats.toml { };
in
{
meta = {
@ -26,6 +18,11 @@ in
[ "virtualisation" "containers" "users" ]
"All users with `isNormalUser = true` set now get appropriate subuid/subgid mappings."
)
(
lib.mkRemovedOptionModule
[ "virtualisation" "containers" "containersConf" "extraConfig" ]
"Use virtualisation.containers.containersConf.settings instead."
)
];
options.virtualisation.containers = {
@ -45,23 +42,10 @@ in
description = "Enable the OCI seccomp BPF hook";
};
containersConf = mkOption {
default = {};
containersConf.settings = mkOption {
type = toml.type;
default = { };
description = "containers.conf configuration";
type = types.submodule {
options = {
extraConfig = mkOption {
type = types.lines;
default = "";
description = ''
Extra configuration that should be put in the containers.conf
configuration file
'';
};
};
};
};
registries = {
@ -113,21 +97,19 @@ in
};
config = lib.mkIf cfg.enable {
virtualisation.containers.containersConf.settings = {
network.cni_plugin_dirs = [ "${pkgs.cni-plugins}/bin/" ];
engine = {
init_path = "${pkgs.catatonit}/bin/catatonit";
} // lib.optionalAttrs cfg.ociSeccompBpfHook.enable {
hooks_dir = [ config.boot.kernelPackages.oci-seccomp-bpf-hook ];
};
};
environment.etc."containers/containers.conf".text = ''
[network]
cni_plugin_dirs = ["${pkgs.cni-plugins}/bin/"]
environment.etc."containers/containers.conf".source =
toml.generate "containers.conf" cfg.containersConf.settings;
[engine]
init_path = "${pkgs.catatonit}/bin/catatonit"
${lib.optionalString (cfg.ociSeccompBpfHook.enable) ''
hooks_dir = [
"${config.boot.kernelPackages.oci-seccomp-bpf-hook}",
]
''}
'' + cfg.containersConf.extraConfig;
environment.etc."containers/registries.conf".source = toTOML "registries.conf" {
environment.etc."containers/registries.conf".source = toml.generate "registries.conf" {
registries = lib.mapAttrs (n: v: { registries = v; }) cfg.registries;
};

View file

@ -157,6 +157,7 @@ in
systemd.services.docker = {
wantedBy = optional cfg.enableOnBoot "multi-user.target";
after = [ "network.target" "docker.socket" ];
requires = [ "docker.socket" ];
environment = proxy_env;
serviceConfig = {

View file

@ -49,6 +49,7 @@ in {
package = mkOption {
type = types.package;
default = pkgs.libvirt;
defaultText = "pkgs.libvirt";
description = ''
libvirt package to use.
'';
@ -157,7 +158,7 @@ in {
# this file is expected in /etc/qemu and not sysconfdir (/var/lib)
etc."qemu/bridge.conf".text = lib.concatMapStringsSep "\n" (e:
"allow ${e}") cfg.allowedBridges;
systemPackages = with pkgs; [ libvirt libressl.nc iptables cfg.qemuPackage ];
systemPackages = with pkgs; [ libressl.nc iptables cfg.package cfg.qemuPackage ];
etc.ethertypes.source = "${pkgs.iptables}/etc/ethertypes";
};
@ -242,7 +243,7 @@ in {
systemd.services.libvirt-guests = {
wantedBy = [ "multi-user.target" ];
path = with pkgs; [ coreutils libvirt gawk ];
path = with pkgs; [ coreutils gawk cfg.package ];
restartIfChanged = false;
environment.ON_BOOT = "${cfg.onBoot}";

View file

@ -96,13 +96,12 @@ in
virtualisation.containers = {
enable = true; # Enable common /etc/containers configuration
containersConf.extraConfig = lib.optionalString cfg.enableNvidia
(builtins.readFile (toml.generate "podman.nvidia.containers.conf" {
containersConf.settings = lib.optionalAttrs cfg.enableNvidia {
engine = {
conmon_env_vars = [ "PATH=${lib.makeBinPath [ pkgs.nvidia-podman ]}" ];
runtimes.nvidia = [ "${pkgs.nvidia-podman}/bin/nvidia-container-runtime" ];
};
}));
};
};
systemd.packages = [ cfg.package ];

View file

@ -138,6 +138,7 @@ in
gnome3 = handleTest ./gnome3.nix {};
gnome3-xorg = handleTest ./gnome3-xorg.nix {};
go-neb = handleTest ./go-neb.nix {};
gobgpd = handleTest ./gobgpd.nix {};
gocd-agent = handleTest ./gocd-agent.nix {};
gocd-server = handleTest ./gocd-server.nix {};
google-oslogin = handleTest ./google-oslogin {};
@ -432,6 +433,7 @@ in
wasabibackend = handleTest ./wasabibackend.nix {};
wiki-js = handleTest ./wiki-js.nix {};
wireguard = handleTest ./wireguard {};
wmderland = handleTest ./wmderland.nix {};
wordpress = handleTest ./wordpress.nix {};
xandikos = handleTest ./xandikos.nix {};
xautolock = handleTest ./xautolock.nix {};

View file

@ -0,0 +1,43 @@
import ./make-test-python.nix ({ lib, pkgs, ... }: {
name = "doh-proxy-rust";
meta = with lib.maintainers; {
maintainers = [ stephank ];
};
nodes = {
machine = { pkgs, lib, ... }: {
services.bind = {
enable = true;
extraOptions = "empty-zones-enable no;";
zones = lib.singleton {
name = ".";
master = true;
file = pkgs.writeText "root.zone" ''
$TTL 3600
. IN SOA ns.example.org. admin.example.org. ( 1 3h 1h 1w 1d )
. IN NS ns.example.org.
ns.example.org. IN A 192.168.0.1
'';
};
};
services.doh-proxy-rust = {
enable = true;
flags = [
"--server-address=127.0.0.1:53"
];
};
};
};
testScript = { nodes, ... }: ''
url = "http://localhost:3000/dns-query"
query = "AAABAAABAAAAAAAAAm5zB2V4YW1wbGUDb3JnAAABAAE=" # IN A ns.example.org.
bin_ip = r"$'\xC0\xA8\x00\x01'" # 192.168.0.1, as shell binary string
machine.wait_for_unit("bind.service")
machine.wait_for_unit("doh-proxy-rust.service")
machine.wait_for_open_port(53)
machine.wait_for_open_port(3000)
machine.succeed(f"curl --fail '{url}?dns={query}' | grep -qF {bin_ip}")
'';
})

View file

@ -61,7 +61,7 @@ let
+ "Please contact your site administrator.'"
)
server.succeed(
"su -l gitea -c 'GITEA_WORK_DIR=/var/lib/gitea gitea admin create-user "
"su -l gitea -c 'GITEA_WORK_DIR=/var/lib/gitea gitea admin user create "
+ "--username test --password totallysafe --email test@localhost'"
)

View file

@ -0,0 +1,71 @@
import ./make-test-python.nix ({ pkgs, ... }:
let
ifAddr = node: iface: (pkgs.lib.head node.config.networking.interfaces.${iface}.ipv4.addresses).address;
in {
name = "gobgpd";
meta = with pkgs.lib.maintainers; { maintainers = [ higebu ]; };
nodes = {
node1 = { nodes, ... }: {
environment.systemPackages = [ pkgs.gobgp ];
networking.firewall.allowedTCPPorts = [ 179 ];
services.gobgpd = {
enable = true;
settings = {
global = {
config = {
as = 64512;
router-id = "192.168.255.1";
};
};
neighbors = [{
config = {
neighbor-address = ifAddr nodes.node2 "eth1";
peer-as = 64513;
};
}];
};
};
};
node2 = { nodes, ... }: {
environment.systemPackages = [ pkgs.gobgp ];
networking.firewall.allowedTCPPorts = [ 179 ];
services.gobgpd = {
enable = true;
settings = {
global = {
config = {
as = 64513;
router-id = "192.168.255.2";
};
};
neighbors = [{
config = {
neighbor-address = ifAddr nodes.node1 "eth1";
peer-as = 64512;
};
}];
};
};
};
};
testScript = { nodes, ... }: let
addr1 = ifAddr nodes.node1 "eth1";
addr2 = ifAddr nodes.node2 "eth1";
in
''
start_all()
for node in node1, node2:
with subtest("should start gobgpd node"):
node.wait_for_unit("gobgpd.service")
with subtest("should open port 179"):
node.wait_for_open_port(179)
with subtest("should show neighbors by gobgp cli and BGP state should be ESTABLISHED"):
node1.wait_until_succeeds("gobgp neighbor ${addr2} | grep -q ESTABLISHED")
node2.wait_until_succeeds("gobgp neighbor ${addr1} | grep -q ESTABLISHED")
'';
})

View file

@ -14,9 +14,10 @@ in {
environment.systemPackages = with pkgs; [ mosquitto ];
services.mosquitto = {
enable = true;
checkPasswords = true;
users = {
"${mqttUsername}" = {
acl = [ "pattern readwrite #" ];
acl = [ "topic readwrite #" ];
password = mqttPassword;
};
};
@ -77,12 +78,9 @@ in {
hass.wait_for_open_port(8123)
hass.succeed("curl --fail http://localhost:8123/lovelace")
with subtest("Toggle a binary sensor using MQTT"):
# wait for broker to become available
hass.wait_until_succeeds(
"mosquitto_sub -V mqttv311 -t home-assistant/test -u ${mqttUsername} -P '${mqttPassword}' -W 1 -t '*'"
)
hass.wait_for_open_port(1883)
hass.succeed(
"mosquitto_pub -V mqttv311 -t home-assistant/test -u ${mqttUsername} -P '${mqttPassword}' -m let_there_be_light"
"mosquitto_pub -V mqttv5 -t home-assistant/test -u ${mqttUsername} -P '${mqttPassword}' -m let_there_be_light"
)
with subtest("Print log to ease debugging"):
output_log = hass.succeed("cat ${configDir}/home-assistant.log")

View file

@ -17,7 +17,7 @@ in
services.redis.unixSocket = redisSocket;
# Allow access to the unix socket for the "redis" group.
services.redis.settings.unixsocketperm = "770";
services.redis.unixSocketPerm = 770;
users.users."member" = {
createHome = false;

View file

@ -1,47 +1,52 @@
let
gopherRoot = "/tmp/gopher";
gopherHost = "gopherd";
fileContent = "Hello Gopher!";
gopherClient = "client";
fileContent = "Hello Gopher!\n";
fileName = "file.txt";
in
import ./make-test-python.nix ({...}: {
name = "spacecookie";
nodes = {
${gopherHost} = {
networking.firewall.allowedTCPPorts = [ 70 ];
systemd.services.spacecookie = {
preStart = ''
mkdir -p ${gopherRoot}/directory
echo "${fileContent}" > ${gopherRoot}/${fileName}
printf "%s" "${fileContent}" > ${gopherRoot}/${fileName}
'';
};
services.spacecookie = {
enable = true;
openFirewall = true;
settings = {
root = gopherRoot;
hostname = gopherHost;
};
};
};
client = {};
${gopherClient} = {};
};
testScript = ''
start_all()
${gopherHost}.wait_for_open_port(70)
${gopherHost}.wait_for_unit("spacecookie.service")
client.wait_for_unit("network.target")
fileResponse = client.succeed("curl -f -s gopher://${gopherHost}//${fileName}")
# with daemon type notify, the unit being started
# should also mean the port is open
${gopherHost}.wait_for_unit("spacecookie.service")
${gopherClient}.wait_for_unit("network.target")
fileResponse = ${gopherClient}.succeed("curl -f -s gopher://${gopherHost}/0/${fileName}")
# the file response should return our created file exactly
if not (fileResponse == "${fileContent}\n"):
if not (fileResponse == "${builtins.replaceStrings [ "\n" ] [ "\\n" ] fileContent}"):
raise Exception("Unexpected file response")
# sanity check on the directory listing: we serve a directory and a file
# via gopher, so the directory listing should have exactly two entries,
# one with gopher file type 0 (file) and one with file type 1 (directory).
dirResponse = client.succeed("curl -f -s gopher://${gopherHost}")
dirResponse = ${gopherClient}.succeed("curl -f -s gopher://${gopherHost}")
dirEntries = [l[0] for l in dirResponse.split("\n") if len(l) > 0]
dirEntries.sort()

View file

@ -0,0 +1,54 @@
import ./make-test-python.nix ({ pkgs, ...} : {
name = "wmderland";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ takagiy ];
};
machine = { lib, ... }: {
imports = [ ./common/x11.nix ./common/user-account.nix ];
test-support.displayManager.auto.user = "alice";
services.xserver.displayManager.defaultSession = lib.mkForce "none+wmderland";
services.xserver.windowManager.wmderland.enable = true;
systemd.services.setupWmderlandConfig = {
wantedBy = [ "multi-user.target" ];
before = [ "multi-user.target" ];
environment = {
HOME = "/home/alice";
};
unitConfig = {
type = "oneshot";
RemainAfterExit = true;
user = "alice";
};
script = let
config = pkgs.writeText "config" ''
set $Mod = Mod1
bindsym $Mod+Return exec ${pkgs.xterm}/bin/xterm -cm -pc
'';
in ''
mkdir -p $HOME/.config/wmderland
cp ${config} $HOME/.config/wmderland/config
'';
};
};
testScript = { ... }: ''
with subtest("ensure x starts"):
machine.wait_for_x()
machine.wait_for_file("/home/alice/.Xauthority")
machine.succeed("xauth merge ~alice/.Xauthority")
with subtest("ensure we can open a new terminal"):
machine.send_key("alt-ret")
machine.wait_until_succeeds("pgrep xterm")
machine.wait_for_window(r"alice.*?machine")
machine.screenshot("terminal")
with subtest("ensure we can communicate through ipc with wmderlandc"):
# Kills the previously open xterm
machine.succeed("pgrep xterm")
machine.execute("DISPLAY=:0 wmderlandc kill")
machine.fail("pgrep xterm")
'';
})

View file

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "bschaffl";
version = "1.4.4";
version = "1.4.6";
src = fetchFromGitHub {
owner = "sjaehn";
repo = pname;
rev = version;
sha256 = "sha256-tu5JL0vcqRsZYmoaYGYm/aj95i7wLtnKYGbEPD7AsoM=";
sha256 = "sha256-tD4LsIXb2II+TNEfzXBviMR2fq/FtCSsaL2YGun1vu0=";
};
nativeBuildInputs = [ pkg-config ];

View file

@ -1,12 +1,21 @@
{ lib, stdenv
{ stdenv
, alsaLib
, curl
, fetchFromGitHub
, fftwFloat
, freetype
, glib
, lib
, libGL
, libX11
, libXcursor
, libXext
, libXinerama
, libXrandr
, libXrender
, libgcc
, libglvnd
, libsecret
, meson
, ninja
, pkg-config
@ -14,25 +23,33 @@
stdenv.mkDerivation rec {
pname = "distrho-ports";
version = "2020-07-14";
version = "2021-03-15";
src = fetchFromGitHub {
owner = "DISTRHO";
repo = "DISTRHO-Ports";
rev = version;
sha256 = "03ji41i6dpknws1vjwfxnl8c8bgisv2ng8xa4vqy2473k7wgdw4v";
sha256 = "00fgqwayd20akww3n2imyqscmyrjyc9jj0ar13k9dhpaxqk2jxbf";
};
nativeBuildInputs = [ pkg-config meson ninja ];
buildInputs = [
alsaLib
curl
fftwFloat
freetype
glib
libGL
libX11
libXcursor
libXext
libXinerama
libXrandr
libXrender
libgcc
libglvnd
libsecret
];
meta = with lib; {
@ -61,6 +78,7 @@ stdenv.mkDerivation rec {
pitchedDelay
refine
stereosourceseparation
swankyamp
tal-dub-3
tal-filter
tal-filter-2
@ -71,9 +89,10 @@ stdenv.mkDerivation rec {
tal-vocoder-2
temper
vex
vitalium
wolpertinger
'';
license = with licenses; [ gpl2 gpl3 gpl2Plus lgpl3 mit ];
license = with licenses; [ gpl2Only gpl3Only gpl2Plus lgpl2Plus lgpl3Only mit ];
maintainers = [ maintainers.goibhniu ];
platforms = [ "x86_64-linux" ];
};

View file

@ -1,25 +1,67 @@
{ lib, stdenv, fetchurl
, pkg-config, cmake, python3, ffmpeg_3, phonon, automoc4
, chromaprint, docbook_xml_dtd_45, docbook_xsl, libxslt
, id3lib, taglib, mp4v2, flac, libogg, libvorbis
, zlib, readline , qtbase, qttools, qtmultimedia, qtquickcontrols
{ lib
, stdenv
, fetchurl
, automoc4
, chromaprint
, cmake
, docbook_xml_dtd_45
, docbook_xsl
, ffmpeg_3
, flac
, id3lib
, libogg
, libvorbis
, libxslt
, mp4v2
, phonon
, pkg-config
, python3
, qtbase
, qtmultimedia
, qtquickcontrols
, qttools
, readline
, taglib
, wrapQtAppsHook
, zlib
}:
stdenv.mkDerivation rec {
pname = "kid3";
version = "3.8.5";
version = "3.8.6";
src = fetchurl {
url = "mirror://sourceforge/project/kid3/kid3/${version}/${pname}-${version}.tar.gz";
sha256 = "sha256-DEZ5J1QendgXJ1gBZ3h0LwsVTLL1vPznJ7Nc+97jFB8=";
sha256 = "sha256-ce+MWCJzAnN+u+07f0dvn0jnbqiUlS2RbcM9nAj5bgg=";
};
nativeBuildInputs = [ cmake pkg-config wrapQtAppsHook ];
buildInputs = [ python3 ffmpeg_3 phonon automoc4 chromaprint
docbook_xml_dtd_45 docbook_xsl libxslt id3lib taglib mp4v2 flac
libogg libvorbis zlib readline qtbase qttools qtmultimedia
qtquickcontrols ];
nativeBuildInputs = [
cmake
pkg-config
wrapQtAppsHook
];
buildInputs = [
automoc4
chromaprint
docbook_xml_dtd_45
docbook_xsl
ffmpeg_3
flac
id3lib
libogg
libvorbis
libxslt
mp4v2
phonon
python3
qtbase
qtmultimedia
qtquickcontrols
qttools
readline
taglib
zlib
];
cmakeFlags = [ "-DWITH_APPS=Qt;CLI" ];
NIX_LDFLAGS = "-lm -lpthread";

View file

@ -7,11 +7,11 @@
}:
stdenv.mkDerivation rec {
name = "mpg123-1.26.4";
name = "mpg123-1.26.5";
src = fetchurl {
url = "mirror://sourceforge/mpg123/${name}.tar.bz2";
sha256 = "sha256-CBmRVA33pmaykEmthw8pPPoohjs2SIq01Yzqp7WEZFQ=";
sha256 = "sha256-UCqX4Nk1vn432YczgCHY8wG641wohPKoPVnEtSRm7wY=";
};
outputs = [ "out" "conplay" ];

View file

@ -1,30 +1,30 @@
{ lib, stdenv, fetchurl, pkg-config
, gtk2, alsaLib
, fftw, gsl
, alsaLib, fftw, gsl, motif, xorg
}:
stdenv.mkDerivation rec {
name = "snd-20.3";
pname = "snd";
version = "21.1";
src = fetchurl {
url = "mirror://sourceforge/snd/${name}.tar.gz";
sha256 = "016slh34gb6qqb38m8k9yg48rbhc5p12084szcwvanhh5v7fc7mk";
url = "mirror://sourceforge/snd/snd-${version}.tar.gz";
sha256 = "1jxvpgx1vqa6bwdzlzyzrjn2swjf9nfhzi9r1r96ivi0870vvjk3";
};
nativeBuildInputs = [ pkg-config ];
buildInputs = [
gtk2 alsaLib
fftw gsl
];
buildInputs = [ alsaLib fftw gsl motif ]
++ (with xorg; [ libXext libXft libXpm libXt ]);
meta = {
configureFlags = [ "--with-motif" ];
enableParallelBuilding = true;
meta = with lib; {
description = "Sound editor";
homepage = "http://ccrma.stanford.edu/software/snd";
platforms = lib.platforms.linux;
license = lib.licenses.free;
maintainers = with lib.maintainers; [ ];
homepage = "https://ccrma.stanford.edu/software/snd/";
platforms = platforms.unix;
license = licenses.free;
maintainers = with maintainers; [ ];
};
}

View file

@ -8,17 +8,17 @@ let
in buildGoModule rec {
pname = "go-ethereum";
version = "1.10.1";
version = "1.10.2";
src = fetchFromGitHub {
owner = "ethereum";
repo = pname;
rev = "v${version}";
sha256 = "sha256-4lHT0P8Euau0AJNtg1YstJJRQ58WTUlIH+HCKEjCq/s=";
sha256 = "sha256-PJaJ9fCva9UUBcQrnVa2c7dk4koi6AyX6bj3JStUMwM=";
};
runVend = true;
vendorSha256 = "sha256-DgyOvplk1JWn6D/z4zbXHLNLuAVQ5beEHi0NuSv236A=";
vendorSha256 = "sha256-qLpwrV9NkmUO0yoK2/gwb5oe/lky/w/P0QVoFSTNuMU=";
doCheck = false;

View file

@ -7,16 +7,16 @@
}:
rustPlatform.buildRustPackage rec {
pname = "polkadot";
version = "0.8.29";
version = "0.8.30";
src = fetchFromGitHub {
owner = "paritytech";
repo = "polkadot";
rev = "v${version}";
sha256 = "sha256-O5GIbX7qp+Te5QQuqytC9rsQJ5FuXtUl5h2DZXsfMPk=";
sha256 = "sha256-9GCk1gqlQJhuoiKRi7J1qcJlZjlq2ObGicp5tGGDhrY=";
};
cargoSha256 = "sha256-4VmRIrd79odnYrHuBLdFwere+7bvtUI3daVs3ZUKsdY=";
cargoSha256 = "sha256-pWqbcargCEkisdGnj08VQdRqjocR7zZhWukhYjfZDqI=";
nativeBuildInputs = [ clang ];

View file

@ -2,7 +2,7 @@
, wrapGAppsHook, pkg-config, desktop-file-utils
, appstream-glib, pythonPackages, glib, gobject-introspection
, gtk3, webkitgtk, glib-networking, gnome3, gspell, texlive
, shared-mime-info, haskellPackages, libhandy
, shared-mime-info, libhandy
}:
let
@ -38,7 +38,6 @@ in stdenv.mkDerivation rec {
gappsWrapperArgs+=(
--prefix PYTHONPATH : "$out/lib/python${pythonEnv.pythonVersion}/site-packages/"
--prefix PATH : "${texlive}/bin"
--prefix PATH : "${haskellPackages.pandoc-citeproc}/bin"
--prefix XDG_DATA_DIRS : "${shared-mime-info}/share"
)
'';

View file

@ -1,29 +1,33 @@
{ lib, stdenv, makeWrapper, fetchFromGitHub, cmake, alsaLib, mesa_glu, libXcursor, libXinerama, libXrandr, xorgserver }:
{ lib, stdenv, fetchFromGitHub
, cmake, makeWrapper
, alsaLib, fontconfig, mesa_glu, libXcursor, libXinerama, libXrandr, xorg
}:
stdenv.mkDerivation rec {
pname = "bonzomatic";
version = "2018-03-29";
version = "2021-03-07";
src = fetchFromGitHub {
owner = "Gargaj";
repo = pname;
rev = version;
sha256 = "12mdfjvbhdqz1585772rj4cap8m4ijfci6ib62jysxjf747k41fg";
sha256 = "0gbh7kj7irq2hyvlzjgbs9fcns9kamz7g5p6msv12iw75z9yi330";
};
nativeBuildInputs = [ cmake makeWrapper ];
buildInputs = [ alsaLib mesa_glu libXcursor libXinerama libXrandr xorgserver ];
buildInputs = [
alsaLib fontconfig mesa_glu
libXcursor libXinerama libXrandr xorg.xinput xorg.libXi xorg.libXext
];
postFixup = ''
wrapProgram $out/bin/Bonzomatic --prefix LD_LIBRARY_PATH : "${alsaLib}/lib"
wrapProgram $out/bin/bonzomatic --prefix LD_LIBRARY_PATH : "${alsaLib}/lib"
'';
meta = with lib; {
description = "A live-coding tool for writing 2D fragment/pixel shaders";
license = with licenses; [
unlicense
unfreeRedistributable # contains libbass.so in repository
];
description = "Live shader coding tool and Shader Showdown workhorse";
homepage = "https://github.com/gargaj/bonzomatic";
license = licenses.unlicense;
maintainers = [ maintainers.ilian ];
platforms = [ "i686-linux" "x86_64-linux" ];
};

View file

@ -38,13 +38,13 @@ let
in
stdenv.mkDerivation rec {
pname = "cudatext";
version = "1.129.3";
version = "1.131.0";
src = fetchFromGitHub {
owner = "Alexey-T";
repo = "CudaText";
rev = version;
sha256 = "1sg9wg6w3w0phrnnzpj7h2g22y0x7a3dl57djzydayxmg8fnn2ys";
sha256 = "1zq17yi5zn4hdgrrn3c3cdk6s38fv36r66dl0dqz2z8jjd6vy4p3";
};
postPatch = ''
@ -106,8 +106,8 @@ stdenv.mkDerivation rec {
Config system in JSON files. Multi-carets and multi-selections.
Search and replace with RegEx. Extendable by Python plugins and themes.
'';
homepage = "http://www.uvviewsoft.com/cudatext/";
changelog = "http://uvviewsoft.com/cudatext/history.txt";
homepage = "https://cudatext.github.io/";
changelog = "https://cudatext.github.io/history.txt";
license = licenses.mpl20;
maintainers = with maintainers; [ sikmir ];
platforms = platforms.linux;

View file

@ -11,18 +11,18 @@
},
"ATFlatControls": {
"owner": "Alexey-T",
"rev": "2021.03.05",
"sha256": "1p2pzha5dd4p23j2bv6jxphj596dlb5v8ixjzg4x2zglz2hir6yz"
"rev": "2021.04.01",
"sha256": "12sncivsv6pvwflzzy12rpn1fjiq64n2n3bcj7630xxlrbygkhxb"
},
"ATSynEdit": {
"owner": "Alexey-T",
"rev": "2021.03.16",
"sha256": "1sq9j2zaif019gl6nf391lyp8k9s38f5s6ci7k3z5v90hkz1dcql"
"rev": "2021.04.09",
"sha256": "1ldr2z88zywn0ccgs17vfhq55ibihjcmfjjxcqsjifrbm0y6wipp"
},
"ATSynEdit_Cmp": {
"owner": "Alexey-T",
"rev": "2021.03.08",
"sha256": "0xvnvx4qzp6nxi912i4zlnal91k6vbcsyfbz05ib73sz68xqd5qv"
"rev": "2021.04.01",
"sha256": "1g6zp9d7vwjisad3y1mfnk1jcbjqxp3yimm0sh1655al6qwn886m"
},
"EControl": {
"owner": "Alexey-T",
@ -31,8 +31,8 @@
},
"ATSynEdit_Ex": {
"owner": "Alexey-T",
"rev": "2021.03.16",
"sha256": "1a4mxcwjm9naxh4piqm5y93w2xd5rgl0vcn108wy1pkr221agg2q"
"rev": "2021.04.01",
"sha256": "1hq9hbv81mcymjcms97wcwcfqfpxis6h6v5m0syyih4r53khv0az"
},
"Python-for-Lazarus": {
"owner": "Alexey-T",

View file

@ -2,20 +2,20 @@
buildGoModule rec {
pname = "glow";
version = "1.4.0";
version = "1.4.1";
src = fetchFromGitHub {
owner = "charmbracelet";
repo = "glow";
rev = "v${version}";
sha256 = "13ip29yxjc2fhsk12m6hj6mswrgc9a4m8gf0hiffd1nh5313mqxi";
sha256 = "0m673xf67q9gjhd98ysh3dvwiqbj6lgsbm20c4zxyz76vdn5k6x8";
};
vendorSha256 = "0i49b1yq9x5n59k29yacxyif928r0w7hl6azfvr5k3rssg0y4l7f";
vendorSha256 = "0ngasfcimizahm80gflxzz3cxz0ir10l62i03l73w8syx4wll0q4";
doCheck = false;
buildFlagsArray = [ "-ldflags=" "-X=main.Version=${version}" ];
buildFlagsArray = [ "-ldflags= -s -w -X=main.Version=${version}" ];
meta = with lib; {
description = "Render markdown on the CLI, with pizzazz!";

View file

@ -57,7 +57,7 @@ let
gdbLibPath=$out/clion-${version}/bin/gdb/linux/lib
patchelf \
--set-rpath "$gdbLibPath" \
bin/gdb/linux/lib/python3.*/lib-dynload/zlib.cpython-*m-x86_64-linux-gnu.so
bin/gdb/linux/lib/python3.*/lib-dynload/zlib.cpython-*-x86_64-linux-gnu.so
patchelf --set-interpreter $interp \
--set-rpath "${lib.makeLibraryPath [ stdenv.cc.cc.lib zlib ]}:$gdbLibPath" \
bin/gdb/linux/bin/gdb
@ -269,12 +269,12 @@ in
clion = buildClion rec {
name = "clion-${version}";
version = "2020.3.3"; /* updated by script */
version = "2021.1"; /* updated by script */
description = "C/C++ IDE. New. Intelligent. Cross-platform";
license = lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/cpp/CLion-${version}.tar.gz";
sha256 = "10s0jkxi892pg7d2slh7cvrd0ch2223qms3c9v1ax0n6ymfkcw14"; /* updated by script */
sha256 = "1qq2k14pf2qy93y1xchlv08vvx99zcml8bdcx3h6jnjz6d7gz0px"; /* updated by script */
};
wmClass = "jetbrains-clion";
update-channel = "CLion RELEASE"; # channel's id as in http://www.jetbrains.com/updates/updates.xml
@ -282,12 +282,12 @@ in
datagrip = buildDataGrip rec {
name = "datagrip-${version}";
version = "2020.3.2"; /* updated by script */
version = "2021.1"; /* updated by script */
description = "Your Swiss Army Knife for Databases and SQL";
license = lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/datagrip/${name}.tar.gz";
sha256 = "1wjaavgslwpz4jniszswdy10rk3622i1w3awdwhgjlcc6mwkwz1f"; /* updated by script */
sha256 = "11am11lkrhgfianr1apkkl4mn8gcsf6p1vz47y7lz4rfm05ac4gj"; /* updated by script */
};
wmClass = "jetbrains-datagrip";
update-channel = "DataGrip RELEASE";
@ -295,12 +295,12 @@ in
goland = buildGoland rec {
name = "goland-${version}";
version = "2020.3.4"; /* updated by script */
version = "2021.1"; /* updated by script */
description = "Up and Coming Go IDE";
license = lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/go/${name}.tar.gz";
sha256 = "148rs9w0fqr5xzhnq5bd473j4vnb69kf8yxxjmwdp25z2d7x47ip"; /* updated by script */
sha256 = "1hxid7k5b26hiwwdxbvhi1fzhlrvm1xsd5gb0vj0g5zw658y2lzz"; /* updated by script */
};
wmClass = "jetbrains-goland";
update-channel = "GoLand RELEASE";
@ -308,12 +308,12 @@ in
idea-community = buildIdea rec {
name = "idea-community-${version}";
version = "2020.3.3"; /* updated by script */
version = "2021.1"; /* updated by script */
description = "Integrated Development Environment (IDE) by Jetbrains, community edition";
license = lib.licenses.asl20;
src = fetchurl {
url = "https://download.jetbrains.com/idea/ideaIC-${version}.tar.gz";
sha256 = "1msfl8qq0aday4ssip73r0y096mrb89mr7z2j4mpqhkzgsmvpjk0"; /* updated by script */
sha256 = "1d7m39rzdgh2fyx50rpifqfsdmvfpi04hjp52pl76m35gyb5hsvs"; /* updated by script */
};
wmClass = "jetbrains-idea-ce";
update-channel = "IntelliJ IDEA RELEASE";
@ -321,12 +321,12 @@ in
idea-ultimate = buildIdea rec {
name = "idea-ultimate-${version}";
version = "2020.3.3"; /* updated by script */
version = "2021.1"; /* updated by script */
description = "Integrated Development Environment (IDE) by Jetbrains, requires paid license";
license = lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/idea/ideaIU-${version}-no-jbr.tar.gz";
sha256 = "0szq8lqp1h7kci8kqd1bb3g16j3p5f4dfmbccbyrrwsram3hvjgi"; /* updated by script */
sha256 = "062kaph42xs5hc01sbmry4cm7nkyjks43qr5m7pbj5a2bgd7zzgx"; /* updated by script */
};
wmClass = "jetbrains-idea";
update-channel = "IntelliJ IDEA RELEASE";
@ -334,12 +334,12 @@ in
mps = buildMps rec {
name = "mps-${version}";
version = "2020.3.2"; /* updated by script */
version = "2020.3.3"; /* updated by script */
description = "Create your own domain-specific language";
license = lib.licenses.asl20;
src = fetchurl {
url = "https://download.jetbrains.com/mps/2020.3/MPS-${version}.tar.gz";
sha256 = "0vskzia48jq50bjdqw993gizvvd59f3qlszbsdp7xg5a3afbk7p3"; /* updated by script */
sha256 = "0sb50f7d4272dzx84njc326xvhbqn3xwrphvdq4zl3pk3wl8f4nz"; /* updated by script */
};
wmClass = "jetbrains-mps";
update-channel = "MPS RELEASE";
@ -347,12 +347,12 @@ in
phpstorm = buildPhpStorm rec {
name = "phpstorm-${version}";
version = "2020.3.3"; /* updated by script */
version = "2021.1"; /* updated by script */
description = "Professional IDE for Web and PHP developers";
license = lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/webide/PhpStorm-${version}.tar.gz";
sha256 = "0arff0882xw1azbxpn1n3wbc5ncg8gmfim3jf6rq2dky8kp9ylkm"; /* updated by script */
sha256 = "052m7mqa1s548my0gda9y2mysi2ijq27c9b3bskrwqsf1pm5ry63"; /* updated by script */
};
wmClass = "jetbrains-phpstorm";
update-channel = "PhpStorm RELEASE";
@ -360,12 +360,12 @@ in
pycharm-community = buildPycharm rec {
name = "pycharm-community-${version}";
version = "2020.3.4"; /* updated by script */
version = "2021.1"; /* updated by script */
description = "PyCharm Community Edition";
license = lib.licenses.asl20;
src = fetchurl {
url = "https://download.jetbrains.com/python/${name}.tar.gz";
sha256 = "0xh0hb0v3ilgqjljh22c75hkllqgqbpppplni2dz2pv9rb3r5dv5"; /* updated by script */
sha256 = "1iiglh7s2zm37kj6hzlzxb1jnzh2p0j1f2zzhg3nqyrrakfbyq3h"; /* updated by script */
};
wmClass = "jetbrains-pycharm-ce";
update-channel = "PyCharm RELEASE";
@ -373,12 +373,12 @@ in
pycharm-professional = buildPycharm rec {
name = "pycharm-professional-${version}";
version = "2020.3.4"; /* updated by script */
version = "2021.1"; /* updated by script */
description = "PyCharm Professional Edition";
license = lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/python/${name}.tar.gz";
sha256 = "18gkjc52qpghs721rkbsj03kaf6n8c8sxg57b2d82hjckjgm6q10"; /* updated by script */
sha256 = "1n3b4mdygzal7w88gwka5wh5jp09bh2zmm4n5rz9s7hr2srz71mz"; /* updated by script */
};
wmClass = "jetbrains-pycharm";
update-channel = "PyCharm RELEASE";
@ -386,12 +386,12 @@ in
rider = buildRider rec {
name = "rider-${version}";
version = "2020.3.4"; /* updated by script */
version = "2021.1"; /* updated by script */
description = "A cross-platform .NET IDE based on the IntelliJ platform and ReSharper";
license = lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/rider/JetBrains.Rider-${version}.tar.gz";
sha256 = "1v99yqj83aw9j400z3v24n7xnyxzw5vm0b3rwd4yb8w3ajl59gq1"; /* updated by script */
sha256 = "089j52sig2ac21v6zl9mvb7x4sr9c428nn930b41y3qd6bg52xxx"; /* updated by script */
};
wmClass = "jetbrains-rider";
update-channel = "Rider RELEASE";
@ -399,12 +399,12 @@ in
ruby-mine = buildRubyMine rec {
name = "ruby-mine-${version}";
version = "2020.3.2"; /* updated by script */
version = "2021.1"; /* updated by script */
description = "The Most Intelligent Ruby and Rails IDE";
license = lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/ruby/RubyMine-${version}.tar.gz";
sha256 = "17x3sz4jkz2px25gj813xqrrb2cm7mdl6m5a22zg086phym66g3c"; /* updated by script */
sha256 = "12mkb51x1w5wbx436pfnfzcad10qd53y43n0p4l2zg9yx985gm7v"; /* updated by script */
};
wmClass = "jetbrains-rubymine";
update-channel = "RubyMine RELEASE";
@ -412,12 +412,12 @@ in
webstorm = buildWebStorm rec {
name = "webstorm-${version}";
version = "2020.3.3"; /* updated by script */
version = "2021.1"; /* updated by script */
description = "Professional IDE for Web and JavaScript development";
license = lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/webstorm/WebStorm-${version}.tar.gz";
sha256 = "0szq7qz5p1ksmqdy1rma5rfl0d9dy9qmhz8k5id4zdpyz2jsacfb"; /* updated by script */
sha256 = "15i521qj2b0y1viqr0xx815ckpq359j6nars4xxq8xvy7cg729yc"; /* updated by script */
};
wmClass = "jetbrains-webstorm";
update-channel = "WebStorm RELEASE";

View file

@ -12,27 +12,19 @@ let
else if stdenv.hostPlatform.system == "aarch64-linux" then "aarch64"
else if stdenv.hostPlatform.system == "powerpc64le-linux" then "ppc64le"
else throw "ImageMagick is not supported on this platform.";
cfg = {
version = "7.0.11-3";
sha256 = "sha256-y937OxAHNTbWa96oQmTpp/ivxtPVL16hr4SvzZWugQo=";
patches = [];
};
in
stdenv.mkDerivation {
stdenv.mkDerivation rec {
pname = "imagemagick";
inherit (cfg) version;
version = "7.0.11-6";
src = fetchFromGitHub {
owner = "ImageMagick";
repo = "ImageMagick";
rev = cfg.version;
inherit (cfg) sha256;
rev = version;
sha256 = "sha256-QClOS58l17KHeQXya+IKNx6nIkd6jCKp8uupRH7Fwnk=";
};
patches = cfg.patches;
outputs = [ "out" "dev" "doc" ]; # bin/ isn't really big
outputMan = "out"; # it's tiny

View file

@ -1,6 +1,6 @@
{ lib, stdenv, fetchurl, makeWrapper
, xorg, imlib2, libjpeg, libpng
, curl, libexif, jpegexiforient, perlPackages
, curl, libexif, jpegexiforient, perl
, enableAutoreload ? !stdenv.hostPlatform.isDarwin }:
with lib;
@ -31,14 +31,7 @@ stdenv.mkDerivation rec {
--add-flags '--theme=feh'
'';
checkInputs = [ perlPackages.perl perlPackages.TestCommand ];
preCheck = ''
export PERL5LIB="${perlPackages.TestCommand}/${perlPackages.perl.libPrefix}"
'';
postCheck = ''
unset PERL5LIB
'';
checkInputs = lib.singleton (perl.withPackages (p: [ p.TestCommand ]));
doCheck = true;
meta = {

View file

@ -13,11 +13,11 @@
stdenv.mkDerivation rec {
pname = "fig2dev";
version = "3.2.8";
version = "3.2.8a";
src = fetchurl {
url = "mirror://sourceforge/mcj/fig2dev-${version}.tar.xz";
sha256 = "0zg29yqknfafyzmmln4k7kydfb2dapk3r8ffvlqhj3cm8fp5h4lk";
sha256 = "1bm75lf9j54qpbjx8hzp6ixaayp1x9w4v3yxl6vxyw8g5m4sqdk3";
};
nativeBuildInputs = [ makeWrapper ];

View file

@ -1,18 +1,20 @@
{ lib, stdenv, fetchFromGitHub, autoreconfHook, pkg-config, libpng, nasm }:
{ lib, stdenv, fetchFromGitHub, cmake, pkg-config, libpng, zlib, nasm }:
stdenv.mkDerivation rec {
version = "3.3.1";
version = "4.0.3";
pname = "mozjpeg";
src = fetchFromGitHub {
owner = "mozilla";
repo = "mozjpeg";
rev = "v${version}";
sha256 = "1na68860asn8b82ny5ilwbhh4nyl9gvx2yxmm4wr2v1v95v51fky";
sha256 = "1wb2ys0yjy6hgpb9qvzjxs7sb2zzs44p6xf7n026mx5nx85hjbyv";
};
nativeBuildInputs = [ autoreconfHook pkg-config ];
buildInputs = [ libpng nasm ];
cmakeFlags = [ "-DENABLE_STATIC=NO" "-DPNG_SUPPORTED=TRUE" ]; # See https://github.com/mozilla/mozjpeg/issues/351
nativeBuildInputs = [ cmake pkg-config ];
buildInputs = [ libpng zlib nasm ];
meta = {
description = "Mozilla JPEG Encoder Project";

View file

@ -1,11 +1,12 @@
{ fetchurl, lib, stdenv, libjpeg, libpng, libtiff, perl }:
stdenv.mkDerivation rec {
name = "libpano13-2.9.19";
pname = "libpano13";
version = "2.9.20";
src = fetchurl {
url = "mirror://sourceforge/panotools/${name}.tar.gz";
sha256 = "1a4m3plmfcrrplqs9zfzhc5apibn10m5sajpizm1sd3q74w5fwq3";
url = "mirror://sourceforge/panotools/${pname}-${version}.tar.gz";
sha256 = "12cv4886l1czfjwy7k6ipgf3zjksgwhdjzr2s9fdg33vqcv2hlrv";
};
buildInputs = [ perl libjpeg libpng libtiff ];

View file

@ -2,16 +2,16 @@
buildGoModule rec {
pname = "pdfcpu";
version = "0.3.9";
version = "0.3.11";
src = fetchFromGitHub {
owner = "pdfcpu";
repo = pname;
rev = "v${version}";
sha256 = "sha256-btkGn/67KVFB272j7u5MKZCeby2fyRthLLeXj8VgX7s=";
sha256 = "sha256-kLRxZW89Bm2N/KxFYetIq+auPBW/vFoUnB8uaEcM8Yo=";
};
vendorSha256 = "sha256-/SsDDFveovJfuEdnOkxHAWccS8PJW5k9IHSxSJAgHMQ=";
vendorSha256 = "sha256-p/2Bu5h2P3ebgvSC12jdR2Zpd27xCFwtB/KZV0AULAM=";
# No tests
doCheck = false;

View file

@ -14,11 +14,11 @@
stdenv.mkDerivation rec {
pname = "xfig";
version = "3.2.8";
version = "3.2.8a";
src = fetchurl {
url = "mirror://sourceforge/mcj/xfig-${version}.tar.xz";
sha256 = "1czamqp0xn0j6qjnasa3fjnrzi072v6qknylr6jrs4gwsfw4ybyw";
sha256 = "0y45i1gqg3r0aq55jk047l1hnv90kqis6ld9lppx6c5jhpmc0hxs";
};
nativeBuildInputs = [ makeWrapper ];

View file

@ -35,7 +35,8 @@ stdenv.mkDerivation rec {
patches = lib.optional stdenv.isDarwin ./darwin.patch;
nativeBuildInputs = [ cmake makeWrapper ] ++ optional cudaSupport addOpenGLRunpath;
nativeBuildInputs = [ cmake makeWrapper python3Packages.wrapPython ]
++ optionals cudaSupport [ addOpenGLRunpath ];
buildInputs =
[ boost ffmpeg gettext glew ilmbase
freetype libjpeg libpng libsamplerate libsndfile libtiff
@ -63,6 +64,7 @@ stdenv.mkDerivation rec {
++ optional cudaSupport cudatoolkit
++ optional colladaSupport opencollada
++ optional spaceNavSupport libspnav;
pythonPath = with python3Packages; [ numpy requests ];
postPatch = ''
# allow usage of dynamically linked embree
@ -109,6 +111,7 @@ stdenv.mkDerivation rec {
"-DWITH_PYTHON_INSTALL_NUMPY=OFF"
"-DPYTHON_NUMPY_PATH=${python3Packages.numpy}/${python.sitePackages}"
"-DPYTHON_NUMPY_INCLUDE_DIRS=${python3Packages.numpy}/${python.sitePackages}/numpy/core/include"
"-DWITH_PYTHON_INSTALL_REQUESTS=OFF"
"-DWITH_OPENVDB=ON"
"-DWITH_TBB=ON"
"-DWITH_IMAGE_OPENJPEG=ON"
@ -137,10 +140,11 @@ stdenv.mkDerivation rec {
blenderExecutable =
placeholder "out" + (if stdenv.isDarwin then "/Blender.app/Contents/MacOS/Blender" else "/bin/blender");
# --python-expr is used to workaround https://developer.blender.org/T74304
postInstall = ''
buildPythonPath "$pythonPath"
wrapProgram $blenderExecutable \
--prefix PYTHONPATH : ${python3Packages.numpy}/${python.sitePackages} \
--prefix PATH : $program_PATH \
--prefix PYTHONPATH : "$program_PYTHONPATH" \
--add-flags '--python-use-system-env'
'';

View file

@ -5,13 +5,13 @@
buildGoModule rec {
pname = "dasel";
version = "1.13.6";
version = "1.14.0";
src = fetchFromGitHub {
owner = "TomWright";
repo = pname;
rev = "v${version}";
sha256 = "sha256-PTi1blbMVsuftLrFIYNDI8ZFEwRxDA53Md9oZTv7nHs=";
sha256 = "1g4a001k86myfln0xlzy8w9krwamvfchnvywpr1p3x6iw95z46w8";
};
vendorSha256 = "sha256-BdX4DO77mIf/+aBdkNVFUzClsIml1UMcgvikDbbdgcY=";

View file

@ -3,35 +3,45 @@
python3Packages.buildPythonApplication rec {
pname = "electron-cash";
version = "4.2.0";
version = "4.2.4";
src = fetchFromGitHub {
owner = "Electron-Cash";
repo = "Electron-Cash";
rev = version;
sha256 = "0ixsx4224jilc5zis6wbsbxqxv10mm5sksrzq15xp30zz0bzb6md";
sha256 = "sha256-hiOS0cTaPqllb31p+6nU4GYvw/E1Hdn8yd3sppzGkqg=";
};
propagatedBuildInputs = with python3Packages; [
dnspython
ecdsa
jsonrpclib-pelix
matplotlib
pbkdf2
# requirements
pyaes
pycrypto
pyqt5
pysocks
qrcode
ecdsa
requests
tlslite-ng
qrcode
protobuf
jsonrpclib-pelix
pysocks
qdarkstyle
python-dateutil
stem
certifi
pathvalidate
dnspython
# plugins
keepkey
# requirements-binaries
pyqt5
psutil
pycryptodomex
cryptography
# requirements-hw
cython
trezor
keepkey
btchip
hidapi
pyscard
pysatochip
];
nativeBuildInputs = [ wrapQtAppsHook ];
@ -83,7 +93,7 @@ python3Packages.buildPythonApplication rec {
'';
homepage = "https://www.electroncash.org/";
platforms = platforms.linux;
maintainers = with maintainers; [ lassulus nyanloutre ];
maintainers = with maintainers; [ lassulus nyanloutre oxalica ];
license = licenses.mit;
};
}

View file

@ -0,0 +1,79 @@
{ mkDerivation, lib, fetchzip, libarchive, autoPatchelfHook, libsecret, libGL, zlib, openssl, qtbase, qtwebkit, qtxmlpatterns }:
mkDerivation rec {
pname = "foxitreader";
version = "2.4.4.0911";
src = fetchzip {
url = "https://cdn01.foxitsoftware.com/pub/foxit/reader/desktop/linux/${lib.versions.major version}.x/${lib.versions.majorMinor version}/en_us/FoxitReader.enu.setup.${version}.x64.run.tar.gz";
sha256 = "0ff4xs9ipc7sswq0czfhpsd7qw7niw0zsf9wgsqhbbgzcpbdhcb7";
stripRoot = false;
};
buildInputs = [ libGL libsecret openssl qtbase qtwebkit qtxmlpatterns zlib ];
nativeBuildInputs = [ autoPatchelfHook libarchive ];
buildPhase = ''
runHook preBuild
input_file=$src/*.run
mkdir -p extracted
# Look for all 7z files and extract them
grep --only-matching --byte-offset --binary \
--text -P '7z\xBC\xAF\x27\x1C\x00\x03' $input_file | cut -d: -f1 |
while read position; do
tail -c +$(($position + 1)) $input_file > file.7z
bsdtar xf file.7z -C extracted
done
runHook postBuild
'';
installPhase = ''
runHook preInstall
mkdir -p $out/lib
cd extracted
cp -r \
CollectStrategy.txt \
cpdf_settings \
fxplugins \
lang \
resource \
run \
stamps \
welcome \
Wrappers \
$out/lib/
patchelf $out/lib/fxplugins/librms.so \
--replace-needed libssl.so.10 libssl.so \
--replace-needed libcrypto.so.10 libcrypto.so
# FIXME: Doing this with one invocation is broken right now
patchelf $out/lib/fxplugins/librmscrypto.so \
--replace-needed libssl.so.10 libssl.so
patchelf $out/lib/fxplugins/librmscrypto.so \
--replace-needed libcrypto.so.10 libcrypto.so
install -D -m 755 FoxitReader -t $out/bin
# Install icon and desktop files
install -D -m 644 images/FoxitReader.png -t $out/share/pixmaps/
install -D -m 644 FoxitReader.desktop -t $out/share/applications/
echo Exec=FoxitReader %F >> $out/share/applications/FoxitReader.desktop
runHook postInstall
'';
qtWrapperArgs = [ "--set appname FoxitReader" "--set selfpath $out/lib" ];
meta = with lib; {
description = "A viewer for PDF documents";
homepage = "https://www.foxitsoftware.com/";
license = licenses.unfree;
maintainers = with maintainers; [ p-h rhoriguchi ];
};
}

View file

@ -10,13 +10,13 @@
stdenv.mkDerivation rec {
pname = "free42";
version = "3.0.1";
version = "3.0.2";
src = fetchFromGitHub {
owner = "thomasokken";
repo = pname;
rev = "v${version}";
sha256 = "sha256-Htk2NHgYVL622URx67BUtounAUopLTahaSqfAqd3+ZI=";
sha256 = "sha256-dU8c+tpt+4nCWQj3P2rl6CJNtWFcXaYb3ZESg8hAllQ=";
};
nativeBuildInputs = [ copyDesktopItems pkg-config ];
@ -84,7 +84,7 @@ stdenv.mkDerivation rec {
homepage = "https://github.com/thomasokken/free42";
description = "A software clone of HP-42S Calculator";
license = licenses.gpl2Only;
maintainers = with maintainers; [ AndersonTorres ];
maintainers = with maintainers; [ AndersonTorres plabadens ];
platforms = with platforms; unix;
};
}

View file

@ -19,11 +19,11 @@
stdenv.mkDerivation rec {
pname = "gnome-usage";
version = "3.38.0";
version = "3.38.1";
src = fetchurl {
url = "mirror://gnome/sources/${pname}/${lib.versions.majorMinor version}/${pname}-${version}.tar.xz";
sha256 = "0mqs39yi2cqwkzlmmgzrszsva5hbdpws6zk4lbi4w2cjzl185mcl";
sha256 = "mMdm4X4VZXEfx0uaJP0u0NX618y0VRlhLdTiFHaO05M=";
};
nativeBuildInputs = [

View file

@ -1,4 +1,5 @@
{ lib, stdenv
{ lib
, stdenv
, autoconf
, automake
, c-ares
@ -24,21 +25,29 @@
, unzip
, wget
}:
mkDerivation rec {
pname = "megasync";
version = "4.3.5.0";
version = "4.4.0.0";
src = fetchFromGitHub {
owner = "meganz";
repo = "MEGAsync";
rev = "v${version}_Linux";
sha256 = "0rr1jjy0n5bj1lh6xi3nbbcikvq69j3r9qnajp4mhywr5izpccvs";
sha256 = "1xggca7283943070mmpsfhh7c9avy809h0kgmf7497f4ca5zkg2y";
fetchSubmodules = true;
};
nativeBuildInputs =
[ autoconf automake doxygen lsb-release pkg-config qttools swig unzip ];
nativeBuildInputs = [
autoconf
automake
doxygen
libtool
lsb-release
pkg-config
qttools
swig
unzip
];
buildInputs = [
c-ares
cryptopp
@ -47,7 +56,6 @@ mkDerivation rec {
libmediainfo
libraw
libsodium
libtool
libuv
libzen
qtbase

View file

@ -30,12 +30,12 @@ let
in stdenv.mkDerivation rec {
pname = "obsidian";
version = "0.11.9";
version = "0.11.13";
src = fetchurl {
url =
"https://github.com/obsidianmd/obsidian-releases/releases/download/v${version}/obsidian-${version}.tar.gz";
sha256 = "XymM3qma8H2dm2tq8Zg+oKxOzb48azqlqn701pN5gdI=";
sha256 = "0QL1rP37pmdIdGM9eHa7PfW1GVrvn2fX4bQPqQ8FOpI=";
};
nativeBuildInputs = [ makeWrapper graphicsmagick ];

View file

@ -5,13 +5,13 @@
python3Packages.buildPythonApplication rec {
pname = "pdfarranger";
version = "1.7.0";
version = "1.7.1";
src = fetchFromGitHub {
owner = pname;
repo = pname;
rev = version;
sha256 = "0dmgmvpghsm938iznalbg8h8k17a5h3q466yfc67mcll428n4nx3";
sha256 = "1c2mafnz8pv32wzkc2wx4q8y2x7xffpn6ag12dj7ga5n772fb6s3";
};
nativeBuildInputs = [

View file

@ -1,81 +1,77 @@
{ lib
, fetchFromGitHub
, perl
, python3
, sqlite
, gpsbabel
, fetchFromGitHub
, gdk-pixbuf
, gnome3
, gobject-introspection
, wrapGAppsHook
, gtk3
, xvfb_run
, webkitgtk
, gpsbabel
, glib-networking
, glibcLocales
, gobject-introspection
, gtk3
, perl
, sqlite
, tzdata
, substituteAll
, webkitgtk
, wrapGAppsHook
, xvfb_run
}:
let
# Pytrainer needs a matplotlib with GTK backend.
matplotlibGtk = python3.pkgs.matplotlib.override {
python = python3.override {
packageOverrides = (self: super: {
matplotlib = super.matplotlib.override {
enableGtk3 = true;
};
in
python3.pkgs.buildPythonApplication rec {
});
};
in python.pkgs.buildPythonApplication rec {
pname = "pytrainer";
version = "2.0.1";
version = "2.0.2";
src = fetchFromGitHub {
owner = "pytrainer";
repo = "pytrainer";
rev = "v${version}";
sha256 = "0m2sy3f5pyc4wv1ns31r7vlafqkzp0a2jasaskwrkl6273agbbk9";
sha256 = "sha256-i3QC6ct7tS8B0QQjtVqPcd03LLIxo6djQe4YX35syzk=";
};
patches = [
(substituteAll {
src = ./fix-paths.patch;
perl = "${perl}/bin/perl";
})
];
postPatch = ''
substituteInPlace ./setup.py \
--replace "'mysqlclient'," ""
'';
propagatedBuildInputs = with python3.pkgs; [
dateutil
lxml
matplotlibGtk
pygobject3
sqlalchemy
propagatedBuildInputs = with python.pkgs; [
sqlalchemy_migrate
psycopg2
requests
certifi
python-dateutil
matplotlib
lxml
setuptools
requests
gdal
];
nativeBuildInputs = [
gobject-introspection
wrapGAppsHook
xvfb_run
];
buildInputs = [
gpsbabel
sqlite
gtk3
webkitgtk
glib-networking
glibcLocales
gnome3.adwaita-icon-theme
gdk-pixbuf
];
makeWrapperArgs = [
"--prefix" "PATH" ":" (lib.makeBinPath [ perl gpsbabel ])
];
checkInputs = [
glibcLocales
perl
xvfb_run
] ++ (with python.pkgs; [
mysqlclient
psycopg2
]);
checkPhase = ''
env HOME=$TEMPDIR TZDIR=${tzdata}/share/zoneinfo \
TZ=Europe/Kaliningrad \
@ -85,9 +81,9 @@ python3.pkgs.buildPythonApplication rec {
'';
meta = with lib; {
homepage = "https://github.com/pytrainer/pytrainer/wiki";
homepage = "https://github.com/pytrainer/pytrainer";
description = "Application for logging and graphing sporting excursions";
maintainers = [ maintainers.rycee ];
maintainers = with maintainers; [ rycee dotlambda ];
license = licenses.gpl2Plus;
platforms = platforms.linux;
};

View file

@ -1,11 +0,0 @@
--- a/imports/file_garminfit.py
+++ b/imports/file_garminfit.py
@@ -81,7 +81,7 @@
logging.debug(">>")
result = False
try:
- result = subprocess.check_output(["perl",
+ result = subprocess.check_output(["@perl@",
self.main_data_path+"plugins/garmin-fit/bin/fit2tcx",
filename])
except subprocess.CalledProcessError:

View file

@ -4,13 +4,13 @@
let
pname = "qdirstat";
version = "1.7";
version = "1.7.1";
src = fetchFromGitHub {
owner = "shundhammer";
repo = pname;
rev = version;
sha256 = "163x3fxra0l3vvrzm25mh7jvcwjbmwsqlpppkxx76mkz9a1769fy";
sha256 = "sha256-i1xHMwSnBULJbOA/ykQK9WBd+6TBNBRI9hnU1FDGQlY=";
};
in
@ -50,7 +50,7 @@ mkDerivation {
meta = with lib; {
description = "Graphical disk usage analyzer";
homepage = src.meta.homepage;
license = licenses.gpl2;
license = licenses.gpl2Plus;
maintainers = with maintainers; [ gnidorah ];
platforms = platforms.linux;
};

View file

@ -29,6 +29,8 @@ mkDerivation rec {
qmakeFlags = [ "INSTALLROOT=$(out)" ];
NIX_CFLAGS_COMPILE = "-Wno-error=deprecated-declarations";
postPatch = ''
patchShebangs .
sed -i -e '/unix:!macx:INSTALLROOT += \/usr/d' \

View file

@ -19,13 +19,13 @@
buildPythonApplication rec {
pname = "udiskie";
version = "2.3.2";
version = "2.3.3";
src = fetchFromGitHub {
owner = "coldfix";
repo = "udiskie";
rev = "v${version}";
hash = "sha256-eucAFMzLf2RfMfVgFTfPAgVNpDADddvTUZQO/XbBhGo=";
hash = "sha256-OeNAcL7jd8GiPVUGxWwX4N/G/jzxfyifaoSD/hXXwyM=";
};
nativeBuildInputs = [
@ -58,8 +58,8 @@ buildPythonApplication rec {
'';
checkInputs = [
nose
keyutils
nose
];
checkPhase = ''

View file

@ -89,6 +89,6 @@ mkChromiumDerivation (base: rec {
then ["aarch64-linux" "x86_64-linux"]
else [];
timeout = 172800; # 48 hours (increased from the Hydra default of 10h)
broken = elem channel [ "beta" "dev" ];
broken = elem channel [ "dev" ];
};
})

View file

@ -156,7 +156,12 @@ let
# To fix the build of chromiumBeta and chromiumDev:
"b5b80df7dafba8cafa4c6c0ba2153dfda467dfc9" # add dependency on opus in webcodecs
"1r4wmwaxz5xbffmj5wspv2xj8s32j9p6jnwimjmalqg3al2ba64x"
);
) ++ optional (versionRange "89" "90.0.4422.0") (fetchpatch {
url = "https://raw.githubusercontent.com/archlinux/svntogit-packages/61b0ab526d2aa3c62fa20bb756461ca9a482f6c6/trunk/chromium-fix-libva-redef.patch";
sha256 = "1qj4sn1ngz0p1l1w3346kanr1sqlr3xdzk1f1i86lqa45mhv77ny";
}) ++ optional (chromiumVersionAtLeast "90")
./fix-missing-atspi2-dependency.patch
;
postPatch = ''
# remove unused third-party

View file

@ -41,6 +41,7 @@ let
});
} // lib.optionalAttrs (lib.versionAtLeast upstream-info.version "90") {
llvmPackages = llvmPackages_12;
stdenv = llvmPackages_12.stdenv;
});
browser = callPackage ./browser.nix { inherit channel enableWideVine ungoogled; };

View file

@ -0,0 +1,26 @@
From 6c5b9197076f6f384112e6566039116c56600909 Mon Sep 17 00:00:00 2001
From: Michael Weiss <dev.primeos@gmail.com>
Date: Sat, 10 Apr 2021 13:53:50 +0200
Subject: [PATCH] Fix a missing atspi2 dependency
See https://bugs.chromium.org/p/chromium/issues/detail?id=1197837 for
more details.
---
content/public/browser/BUILD.gn | 1 +
1 file changed, 1 insertion(+)
diff --git a/content/public/browser/BUILD.gn b/content/public/browser/BUILD.gn
index 7e7c436d90c7..20ef832f1d8c 100644
--- a/content/public/browser/BUILD.gn
+++ b/content/public/browser/BUILD.gn
@@ -535,6 +535,7 @@ source_set("browser_sources") {
if (use_atk) {
sources += [ "ax_inspect_factory_auralinux.cc" ]
+ configs += [ "//build/config/linux/atspi2" ]
}
if (is_linux || is_chromeos) {
--
2.20.1

View file

@ -31,15 +31,15 @@
}
},
"dev": {
"version": "91.0.4464.5",
"sha256": "1djwlb74cgfc5ns7w2m10qcd2d2fz0i90k5szcfsm899c7x3zgyf",
"sha256bin64": "0kqr5mlbq23ahmyg67lh15j5sqa29wi301s8rvfgh0gxf10vgc2l",
"version": "91.0.4469.4",
"sha256": "08lffqjfcszniwwshililab553a0dvycaa72h1dklxvxf360nz5f",
"sha256bin64": "14xyzjwzcyp6idscq6i87yh2fibjamkz5xfsb2y0hrf2diaqijw1",
"deps": {
"gn": {
"version": "2021-03-30",
"version": "2021-04-06",
"url": "https://gn.googlesource.com/gn",
"rev": "5667cc61018864b17542e0baff8b790f245583b0",
"sha256": "0mr7jqk1r46ngrx4hrg8gxnzqxfxc1c9a966gpsjlgc00k390m5s"
"rev": "dba01723a441c358d843a575cb7720d54ddcdf92",
"sha256": "199xkks67qrn0xa5fhp24waq2vk8qb78a96cb3kdd8v1hgacgb8x"
}
}
},

View file

@ -115,8 +115,7 @@ let
};
}
) {} extensions;
} //
{
} // lib.optionalAttrs usesNixExtensions {
Extensions = {
Install = lib.foldr (e: ret:
ret ++ [ "${e.outPath}/${e.extid}.xpi" ]

View file

@ -14,13 +14,13 @@
stdenv.mkDerivation rec {
pname = "lagrange";
version = "1.3.0";
version = "1.3.2";
src = fetchFromGitHub {
owner = "skyjake";
repo = "lagrange";
rev = "v${version}";
sha256 = "sha256-85KshJEL7ri10mSm/KgcT03WLEwRMMTGczb6mGx66Jw=";
sha256 = "sha256-90MN7JH84h10dSXt5Kwc2V3FKVutQ7AmNcR4TK2bpBY=";
fetchSubmodules = true;
};

View file

@ -1,4 +1,4 @@
{ lib, fetchurl, fetchzip, python3
{ lib, fetchpatch, fetchurl, fetchzip, python3
, mkDerivationWith, wrapQtAppsHook, wrapGAppsHook, qtbase, glib-networking
, asciidoc, docbook_xml_dtd_45, docbook_xsl, libxml2
, libxslt, gst_all_1 ? null
@ -67,7 +67,15 @@ in mkDerivationWith python3Packages.buildPythonApplication rec {
++ lib.optional (pythonOlder "3.9") importlib-resources
);
patches = [ ./fix-restart.patch ];
patches = [
./fix-restart.patch
(fetchpatch {
name = "fix-version-parsing.patch";
url = "https://github.com/qutebrowser/qutebrowser/commit/c3d1b71c6f08607f47353f406aca0168bb3062a1.patch";
excludes = [ "doc/changelog.asciidoc" ];
sha256 = "1vm2yjvmrw4cyn8mpwfwvvcihn74f60ql3qh1rjj8n0wak8z1ir6";
})
];
dontWrapGApps = true;
dontWrapQtApps = true;

View file

@ -19,16 +19,16 @@ let
in
buildGoModule rec {
pname = "argo";
version = "2.12.10";
version = "3.0.0";
src = fetchFromGitHub {
owner = "argoproj";
repo = "argo";
rev = "v${version}";
sha256 = "sha256-A4s6D3/1FsqrJ+Jaql4IuyD9ySChL3SXqVvl8wUDRDE=";
sha256 = "sha256-TbNqwTVND09WzUH8ZH7YFRwcHV8eX1G0FXtZJi67Sk4=";
};
vendorSha256 = "sha256-4XPMixVNj6PUKobNLwpsOBT7Zs/7pkhDtQacLIB5EfE=";
vendorSha256 = "sha256-YjVAoMyGKMHLGEPeOOkCKCzeWFiUsXfJIKcw5GYoljg=";
doCheck = false;

View file

@ -1,11 +1,11 @@
{ lib, buildGoModule, fetchFromGitHub, fetchzip, installShellFiles }:
let
version = "0.11.0";
version = "0.12.0";
manifests = fetchzip {
url = "https://github.com/fluxcd/flux2/releases/download/v${version}/manifests.tar.gz";
sha256 = "sha256-nqvFJriNMK3SvAsNzhE8MCzVNR8j/TjYU+f1PbuxkuI=";
sha256 = "sha256-8NgKr5uRVFBD1pARaD+vH9wPA5gUNltwMe0i0icED1c=";
stripRoot = false;
};
in
@ -19,10 +19,10 @@ buildGoModule rec {
owner = "fluxcd";
repo = "flux2";
rev = "v${version}";
sha256 = "sha256-V4cZuRlC1Hu4gBG5/8ZNBKlSBFLgOtSJ3GbpjW5/8xM=";
sha256 = "sha256-idHMijca1lYQF4aW+RPyzRraLDNdVavMuj4TP6z90Oo=";
};
vendorSha256 = "sha256-aVVvrOjCKxzFer5uZRSu1LCQKkGkPcBdKdebN5uHUUg=";
vendorSha256 = "sha256-VrDO8y6omRKf3mPRAnRMZsSMwQHxQxShUa9HZ3dfCgM=";
nativeBuildInputs = [ installShellFiles ];

View file

@ -2,15 +2,15 @@
buildGoModule rec {
pname = "istioctl";
version = "1.9.1";
version = "1.9.2";
src = fetchFromGitHub {
owner = "istio";
repo = "istio";
rev = version;
sha256 = "sha256-WcIcI+y8tTY0YfyuR/DUCjN1xbGpCOBWvEHBo+q2EV8=";
sha256 = "sha256-co/0ogI48FxrwVGwIuMqeFPFYtQF4/rv9V6b225TZc4=";
};
vendorSha256 = "sha256-pSiJfQTvJ6OisdrWTH6mOcAn/wBA1OcVaGtOwBe1qvQ=";
vendorSha256 = "sha256-yJHYyRPl1V1WNV0nJoR3bRTTGRTQaT/tG4TSQeL5U88=";
doCheck = false;

View file

@ -44,7 +44,7 @@ with lib;
# Those pieces of software we entirely ignore upstream's handling of, and just
# make sure they're in the path if desired.
let
k3sVersion = "1.20.4+k3s1"; # k3s git tag
k3sVersion = "1.20.5+k3s1"; # k3s git tag
traefikChartVersion = "1.81.0"; # taken from ./scripts/download at the above k3s tag
k3sRootVersion = "0.8.1"; # taken from ./scripts/download at the above k3s tag
k3sCNIVersion = "0.8.6-k3s1"; # taken from ./scripts/version.sh at the above k3s tag
@ -79,7 +79,7 @@ let
owner = "rancher";
repo = "plugins";
rev = "v${version}";
sha256 = "13kx9msn5y9rw8v1p717wx0wbjqln59g6y3qfb1760aiwknva35q";
sha256 = "sha256-uAy17eRRAXPCcnh481KxFMvFQecnnBs24jn5YnVNfY4=";
};
meta = {
@ -96,7 +96,7 @@ let
url = "https://github.com/k3s-io/k3s";
rev = "v${k3sVersion}";
leaveDotGit = true; # ./scripts/version.sh depends on git
sha256 = "0rmn3nh8a94axv6lb2xjnn3gpq0scnvj69bvcs74azvw62fvq016";
sha256 = "sha256-7RAZkSTh15BEZ3p6u2xE9vd5fpy4KBYrl2TjtpIiStM=";
};
# Stage 1 of the k3s build:
# Let's talk about how k3s is structured.
@ -243,16 +243,17 @@ stdenv.mkDerivation rec {
iproute2
bridge-utils
ethtool
util-linux
util-linux # kubelet wants 'nsenter' from util-linux: https://github.com/kubernetes/kubernetes/issues/26093#issuecomment-705994388
ipset
conntrack-tools
];
buildInputs = [
k3sBin
makeWrapper
] ++ k3sRuntimeDeps;
nativeBuildInputs = [ makeWrapper ];
unpackPhase = "true";
# And, one final derivation (you thought the last one was it, right?)

View file

@ -0,0 +1,30 @@
{ lib, buildGoModule, fetchFromGitHub }:
buildGoModule rec {
pname = "kubelogin";
version = "1.23.0";
src = fetchFromGitHub {
owner = "int128";
repo = pname;
rev = "v${version}";
sha256 = "0n94nx17c6ln2nd6d9yr93vc251y1xphq1wj2vzs4j2l8dqfyjpn";
};
subPackages = ["."];
vendorSha256 = "1dvrk6z6k66wawgb50n8hbgdd8fly399mlbgnvxi671vfi7lkz09";
# Rename the binary instead of symlinking to avoid conflict with the
# Azure version of kubelogin
postInstall = ''
mv $out/bin/kubelogin $out/bin/kubectl-oidc_login
'';
meta = with lib; {
description = "A Kubernetes credential plugin implementing OpenID Connect (OIDC) authentication";
inherit (src.meta) homepage;
license = licenses.asl20;
maintainers = with maintainers; [ benley ];
};
}

View file

@ -5,8 +5,8 @@ self: super: {
_: {
src = pkgs.fetchgit {
url = "https://github.com/NixOS/nixops.git";
rev = "1ed5a091bc52de6c91319f446f833018a1cb326e";
sha256 = "1fx17qv9cl7hz7322zh4xlg02xn7bwwjj82cdcvqpsjf83crz3xi";
rev = "45256745cef246dabe1ae8a7d109988f190cd7ef";
sha256 = "0ni1v8ppg5cf35gq7nzd50kajxzp5zkbzhf022in0fgbjcprlzr2";
};
}
);
@ -15,8 +15,8 @@ self: super: {
_: {
src = pkgs.fetchgit {
url = "https://github.com/NixOS/nixops-aws.git";
rev = "dbbaa1b15b6cf7ca1ceeb0a6195f5ee27693c505";
sha256 = "13gw3h7g19a0s7dpayjfksrmw6g0364dcm5z2d6mlyzdkfgak4jn";
rev = "3f66ee06f689021cd4c985b9b49697bdda64d961";
sha256 = "17vn8bpy9kr259anmh3g5xwp08q69l9sz7s3nzn8sy5flqa87w50";
};
}
);
@ -25,8 +25,8 @@ self: super: {
_: {
src = pkgs.fetchgit {
url = "https://github.com/nix-community/nixops-encrypted-links.git";
rev = "0bb9aa50a7294ee9dca10a18ff7d9024234913e1";
sha256 = "00wj03wcry83acwljq5v80dyrqaxpqb4j3jsdkfy3d7n5g4aq19l";
rev = "e2f196fce15fcfb00d18c055e1ac53aec33b8fb1";
sha256 = "12ynqwd5ad6wfyv6sma55wnmrlr8i14kd5d42zqv4zl23h0xnd6m";
};
}
);
@ -35,8 +35,8 @@ self: super: {
_: {
src = pkgs.fetchgit {
url = "https://github.com/nix-community/nixops-gce.git";
rev = "23596af53eabc4e3bcf72beaaed82b2c8d40e419";
sha256 = "10gfdhf4b3ldrpns8z66mqxwfcbgf9ccz8fx0rcp7gsgsffb0i3c";
rev = "fed6aadace9a9e914425589c065bb969d53f2309";
sha256 = "096ic1kzlcv8cx51hnhlq37pkg4pis2rk5kri14dwp3865si1mdw";
};
}
);

View file

@ -38,20 +38,20 @@ python-versions = "*"
[[package]]
name = "boto3"
version = "1.17.0"
version = "1.17.35"
description = "The AWS SDK for Python"
category = "main"
optional = false
python-versions = ">= 2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, !=3.5.*"
[package.dependencies]
botocore = ">=1.20.0,<1.21.0"
botocore = ">=1.20.35,<1.21.0"
jmespath = ">=0.7.1,<1.0.0"
s3transfer = ">=0.3.0,<0.4.0"
[[package]]
name = "botocore"
version = "1.20.0"
version = "1.20.35"
description = "Low-level, data-driven core of boto 3."
category = "main"
optional = false
@ -62,6 +62,9 @@ jmespath = ">=0.7.1,<1.0.0"
python-dateutil = ">=2.1,<3.0.0"
urllib3 = ">=1.25.4,<1.27"
[package.extras]
crt = ["awscrt (==0.10.8)"]
[[package]]
name = "certifi"
version = "2020.12.5"
@ -72,7 +75,7 @@ python-versions = "*"
[[package]]
name = "cffi"
version = "1.14.4"
version = "1.14.5"
description = "Foreign Function Interface for Python calling C code."
category = "main"
optional = false
@ -99,22 +102,22 @@ python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*"
[[package]]
name = "cryptography"
version = "3.3.1"
version = "3.4.6"
description = "cryptography is a package which provides cryptographic recipes and primitives to Python developers."
category = "main"
optional = false
python-versions = ">=2.7,!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,!=3.5.*"
python-versions = ">=3.6"
[package.dependencies]
cffi = ">=1.12"
six = ">=1.4.1"
[package.extras]
docs = ["sphinx (>=1.6.5,!=1.8.0,!=3.1.0,!=3.1.1)", "sphinx-rtd-theme"]
docstest = ["doc8", "pyenchant (>=1.6.11)", "twine (>=1.12.0)", "sphinxcontrib-spelling (>=4.0.1)"]
pep8test = ["black", "flake8", "flake8-import-order", "pep8-naming"]
sdist = ["setuptools-rust (>=0.11.4)"]
ssh = ["bcrypt (>=3.1.5)"]
test = ["pytest (>=3.6.0,!=3.9.0,!=3.9.1,!=3.9.2)", "pretend", "iso8601", "pytz", "hypothesis (>=1.11.4,!=3.79.2)"]
test = ["pytest (>=6.0)", "pytest-cov", "pytest-subtests", "pytest-xdist", "pretend", "iso8601", "pytz", "hypothesis (>=1.11.4,!=3.79.2)"]
[[package]]
name = "docutils"
@ -197,7 +200,7 @@ typing-extensions = "^3.7.4"
type = "git"
url = "https://github.com/NixOS/nixops.git"
reference = "master"
resolved_reference = "1ed5a091bc52de6c91319f446f833018a1cb326e"
resolved_reference = "45256745cef246dabe1ae8a7d109988f190cd7ef"
[[package]]
name = "nixops-aws"
@ -219,7 +222,7 @@ typing-extensions = "^3.7.4"
type = "git"
url = "https://github.com/NixOS/nixops-aws.git"
reference = "master"
resolved_reference = "dbbaa1b15b6cf7ca1ceeb0a6195f5ee27693c505"
resolved_reference = "3f66ee06f689021cd4c985b9b49697bdda64d961"
[[package]]
name = "nixops-encrypted-links"
@ -237,7 +240,7 @@ nixops = "branch master"
type = "git"
url = "https://github.com/nix-community/nixops-encrypted-links.git"
reference = "master"
resolved_reference = "0bb9aa50a7294ee9dca10a18ff7d9024234913e1"
resolved_reference = "e2f196fce15fcfb00d18c055e1ac53aec33b8fb1"
[[package]]
name = "nixops-gcp"
@ -258,7 +261,7 @@ nixos-modules-contrib = "branch master"
type = "git"
url = "https://github.com/nix-community/nixops-gce.git"
reference = "master"
resolved_reference = "23596af53eabc4e3bcf72beaaed82b2c8d40e419"
resolved_reference = "fed6aadace9a9e914425589c065bb969d53f2309"
[[package]]
name = "nixops-virtd"
@ -355,7 +358,7 @@ python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*"
[[package]]
name = "pygments"
version = "2.7.4"
version = "2.8.1"
description = "Pygments is a syntax highlighting package written in Python."
category = "dev"
optional = false
@ -408,7 +411,7 @@ socks = ["PySocks (>=1.5.6,!=1.5.7)", "win-inet-pton"]
[[package]]
name = "s3transfer"
version = "0.3.4"
version = "0.3.6"
description = "An Amazon S3 Transfer Manager"
category = "main"
optional = false
@ -435,7 +438,7 @@ python-versions = "*"
[[package]]
name = "sphinx"
version = "3.4.3"
version = "3.5.3"
description = "Python documentation generator"
category = "dev"
optional = false
@ -461,7 +464,7 @@ sphinxcontrib-serializinghtml = "*"
[package.extras]
docs = ["sphinxcontrib-websupport"]
lint = ["flake8 (>=3.5.0)", "isort", "mypy (>=0.790)", "docutils-stubs"]
lint = ["flake8 (>=3.5.0)", "isort", "mypy (>=0.800)", "docutils-stubs"]
test = ["pytest", "pytest-cov", "html5lib", "cython", "typed-ast"]
[[package]]
@ -537,7 +540,7 @@ test = ["pytest"]
[[package]]
name = "typeguard"
version = "2.10.0"
version = "2.11.1"
description = "Run-time type checker for Python"
category = "main"
optional = false
@ -545,7 +548,7 @@ python-versions = ">=3.5.3"
[package.extras]
doc = ["sphinx-rtd-theme", "sphinx-autodoc-typehints (>=1.2.0)"]
test = ["pytest", "typing-extensions"]
test = ["pytest", "typing-extensions", "mypy"]
[[package]]
name = "typing-extensions"
@ -557,16 +560,16 @@ python-versions = "*"
[[package]]
name = "urllib3"
version = "1.26.3"
version = "1.26.4"
description = "HTTP library with thread-safe connection pooling, file post, and more."
category = "main"
optional = false
python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, <4"
[package.extras]
brotli = ["brotlipy (>=0.6.0)"]
secure = ["pyOpenSSL (>=0.14)", "cryptography (>=1.3.4)", "idna (>=2.0.0)", "certifi", "ipaddress"]
socks = ["PySocks (>=1.5.6,!=1.5.7,<2.0)"]
brotli = ["brotlipy (>=0.6.0)"]
[metadata]
lock-version = "1.1"
@ -591,55 +594,55 @@ boto = [
{file = "boto-2.49.0.tar.gz", hash = "sha256:ea0d3b40a2d852767be77ca343b58a9e3a4b00d9db440efb8da74b4e58025e5a"},
]
boto3 = [
{file = "boto3-1.17.0-py2.py3-none-any.whl", hash = "sha256:b4860f56bc585d3d1fde90d288da5eb4d1198401d72201dc3e25de8887b080e2"},
{file = "boto3-1.17.0.tar.gz", hash = "sha256:2a39bd5e5f2d50ce9267d682cc92750f8771399665021f47e80f9c8d2fb812a6"},
{file = "boto3-1.17.35-py2.py3-none-any.whl", hash = "sha256:1e6e06b2f1eee5a76acdde1e7b4f57c93c1bf2905341207d74f2a140ce060cd8"},
{file = "boto3-1.17.35.tar.gz", hash = "sha256:40e84a5f7888924db74a2710dbe48d066b51fe1f5549efaffe90e6efe813f37b"},
]
botocore = [
{file = "botocore-1.20.0-py2.py3-none-any.whl", hash = "sha256:634b39ab0d55477cfbffb0e5dff31b7ab4bb171b04a0c69f8bcf65135f26ba94"},
{file = "botocore-1.20.0.tar.gz", hash = "sha256:a608d6d644b852f3c154fc433eaae52febbebc7c474fa8f4d666797d0931770a"},
{file = "botocore-1.20.35-py2.py3-none-any.whl", hash = "sha256:e34bbb7d7de154c2ff2a73ae0691c601a69c5bda887374c8a6a23072380b07a4"},
{file = "botocore-1.20.35.tar.gz", hash = "sha256:9119ffb231145ffadd55391c9356dcdb18e3de65c3a7c82844634e949f0ca5a0"},
]
certifi = [
{file = "certifi-2020.12.5-py2.py3-none-any.whl", hash = "sha256:719a74fb9e33b9bd44cc7f3a8d94bc35e4049deebe19ba7d8e108280cfd59830"},
{file = "certifi-2020.12.5.tar.gz", hash = "sha256:1a4995114262bffbc2413b159f2a1a480c969de6e6eb13ee966d470af86af59c"},
]
cffi = [
{file = "cffi-1.14.4-cp27-cp27m-macosx_10_9_x86_64.whl", hash = "sha256:ebb253464a5d0482b191274f1c8bf00e33f7e0b9c66405fbffc61ed2c839c775"},
{file = "cffi-1.14.4-cp27-cp27m-manylinux1_i686.whl", hash = "sha256:2c24d61263f511551f740d1a065eb0212db1dbbbbd241db758f5244281590c06"},
{file = "cffi-1.14.4-cp27-cp27m-manylinux1_x86_64.whl", hash = "sha256:9f7a31251289b2ab6d4012f6e83e58bc3b96bd151f5b5262467f4bb6b34a7c26"},
{file = "cffi-1.14.4-cp27-cp27m-win32.whl", hash = "sha256:5cf4be6c304ad0b6602f5c4e90e2f59b47653ac1ed9c662ed379fe48a8f26b0c"},
{file = "cffi-1.14.4-cp27-cp27m-win_amd64.whl", hash = "sha256:f60567825f791c6f8a592f3c6e3bd93dd2934e3f9dac189308426bd76b00ef3b"},
{file = "cffi-1.14.4-cp27-cp27mu-manylinux1_i686.whl", hash = "sha256:c6332685306b6417a91b1ff9fae889b3ba65c2292d64bd9245c093b1b284809d"},
{file = "cffi-1.14.4-cp27-cp27mu-manylinux1_x86_64.whl", hash = "sha256:d9efd8b7a3ef378dd61a1e77367f1924375befc2eba06168b6ebfa903a5e59ca"},
{file = "cffi-1.14.4-cp35-cp35m-macosx_10_9_x86_64.whl", hash = "sha256:51a8b381b16ddd370178a65360ebe15fbc1c71cf6f584613a7ea08bfad946698"},
{file = "cffi-1.14.4-cp35-cp35m-manylinux1_i686.whl", hash = "sha256:1d2c4994f515e5b485fd6d3a73d05526aa0fcf248eb135996b088d25dfa1865b"},
{file = "cffi-1.14.4-cp35-cp35m-manylinux1_x86_64.whl", hash = "sha256:af5c59122a011049aad5dd87424b8e65a80e4a6477419c0c1015f73fb5ea0293"},
{file = "cffi-1.14.4-cp35-cp35m-win32.whl", hash = "sha256:594234691ac0e9b770aee9fcdb8fa02c22e43e5c619456efd0d6c2bf276f3eb2"},
{file = "cffi-1.14.4-cp35-cp35m-win_amd64.whl", hash = "sha256:64081b3f8f6f3c3de6191ec89d7dc6c86a8a43911f7ecb422c60e90c70be41c7"},
{file = "cffi-1.14.4-cp36-cp36m-macosx_10_9_x86_64.whl", hash = "sha256:f803eaa94c2fcda012c047e62bc7a51b0bdabda1cad7a92a522694ea2d76e49f"},
{file = "cffi-1.14.4-cp36-cp36m-manylinux1_i686.whl", hash = "sha256:105abaf8a6075dc96c1fe5ae7aae073f4696f2905fde6aeada4c9d2926752362"},
{file = "cffi-1.14.4-cp36-cp36m-manylinux1_x86_64.whl", hash = "sha256:0638c3ae1a0edfb77c6765d487fee624d2b1ee1bdfeffc1f0b58c64d149e7eec"},
{file = "cffi-1.14.4-cp36-cp36m-manylinux2014_aarch64.whl", hash = "sha256:7c6b1dece89874d9541fc974917b631406233ea0440d0bdfbb8e03bf39a49b3b"},
{file = "cffi-1.14.4-cp36-cp36m-win32.whl", hash = "sha256:155136b51fd733fa94e1c2ea5211dcd4c8879869008fc811648f16541bf99668"},
{file = "cffi-1.14.4-cp36-cp36m-win_amd64.whl", hash = "sha256:6bc25fc545a6b3d57b5f8618e59fc13d3a3a68431e8ca5fd4c13241cd70d0009"},
{file = "cffi-1.14.4-cp37-cp37m-macosx_10_9_x86_64.whl", hash = "sha256:a7711edca4dcef1a75257b50a2fbfe92a65187c47dab5a0f1b9b332c5919a3fb"},
{file = "cffi-1.14.4-cp37-cp37m-manylinux1_i686.whl", hash = "sha256:00e28066507bfc3fe865a31f325c8391a1ac2916219340f87dfad602c3e48e5d"},
{file = "cffi-1.14.4-cp37-cp37m-manylinux1_x86_64.whl", hash = "sha256:798caa2a2384b1cbe8a2a139d80734c9db54f9cc155c99d7cc92441a23871c03"},
{file = "cffi-1.14.4-cp37-cp37m-manylinux2014_aarch64.whl", hash = "sha256:a5ed8c05548b54b998b9498753fb9cadbfd92ee88e884641377d8a8b291bcc01"},
{file = "cffi-1.14.4-cp37-cp37m-win32.whl", hash = "sha256:00a1ba5e2e95684448de9b89888ccd02c98d512064b4cb987d48f4b40aa0421e"},
{file = "cffi-1.14.4-cp37-cp37m-win_amd64.whl", hash = "sha256:9cc46bc107224ff5b6d04369e7c595acb700c3613ad7bcf2e2012f62ece80c35"},
{file = "cffi-1.14.4-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:df5169c4396adc04f9b0a05f13c074df878b6052430e03f50e68adf3a57aa28d"},
{file = "cffi-1.14.4-cp38-cp38-manylinux1_i686.whl", hash = "sha256:9ffb888f19d54a4d4dfd4b3f29bc2c16aa4972f1c2ab9c4ab09b8ab8685b9c2b"},
{file = "cffi-1.14.4-cp38-cp38-manylinux1_x86_64.whl", hash = "sha256:8d6603078baf4e11edc4168a514c5ce5b3ba6e3e9c374298cb88437957960a53"},
{file = "cffi-1.14.4-cp38-cp38-manylinux2014_aarch64.whl", hash = "sha256:d5ff0621c88ce83a28a10d2ce719b2ee85635e85c515f12bac99a95306da4b2e"},
{file = "cffi-1.14.4-cp38-cp38-win32.whl", hash = "sha256:b4e248d1087abf9f4c10f3c398896c87ce82a9856494a7155823eb45a892395d"},
{file = "cffi-1.14.4-cp38-cp38-win_amd64.whl", hash = "sha256:ec80dc47f54e6e9a78181ce05feb71a0353854cc26999db963695f950b5fb375"},
{file = "cffi-1.14.4-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:840793c68105fe031f34d6a086eaea153a0cd5c491cde82a74b420edd0a2b909"},
{file = "cffi-1.14.4-cp39-cp39-manylinux1_i686.whl", hash = "sha256:b18e0a9ef57d2b41f5c68beefa32317d286c3d6ac0484efd10d6e07491bb95dd"},
{file = "cffi-1.14.4-cp39-cp39-manylinux1_x86_64.whl", hash = "sha256:045d792900a75e8b1e1b0ab6787dd733a8190ffcf80e8c8ceb2fb10a29ff238a"},
{file = "cffi-1.14.4-cp39-cp39-manylinux2014_aarch64.whl", hash = "sha256:7ef7d4ced6b325e92eb4d3502946c78c5367bc416398d387b39591532536734e"},
{file = "cffi-1.14.4-cp39-cp39-win32.whl", hash = "sha256:ba4e9e0ae13fc41c6b23299545e5ef73055213e466bd107953e4a013a5ddd7e3"},
{file = "cffi-1.14.4-cp39-cp39-win_amd64.whl", hash = "sha256:f032b34669220030f905152045dfa27741ce1a6db3324a5bc0b96b6c7420c87b"},
{file = "cffi-1.14.4.tar.gz", hash = "sha256:1a465cbe98a7fd391d47dce4b8f7e5b921e6cd805ef421d04f5f66ba8f06086c"},
{file = "cffi-1.14.5-cp27-cp27m-macosx_10_9_x86_64.whl", hash = "sha256:bb89f306e5da99f4d922728ddcd6f7fcebb3241fc40edebcb7284d7514741991"},
{file = "cffi-1.14.5-cp27-cp27m-manylinux1_i686.whl", hash = "sha256:34eff4b97f3d982fb93e2831e6750127d1355a923ebaeeb565407b3d2f8d41a1"},
{file = "cffi-1.14.5-cp27-cp27m-manylinux1_x86_64.whl", hash = "sha256:99cd03ae7988a93dd00bcd9d0b75e1f6c426063d6f03d2f90b89e29b25b82dfa"},
{file = "cffi-1.14.5-cp27-cp27m-win32.whl", hash = "sha256:65fa59693c62cf06e45ddbb822165394a288edce9e276647f0046e1ec26920f3"},
{file = "cffi-1.14.5-cp27-cp27m-win_amd64.whl", hash = "sha256:51182f8927c5af975fece87b1b369f722c570fe169f9880764b1ee3bca8347b5"},
{file = "cffi-1.14.5-cp27-cp27mu-manylinux1_i686.whl", hash = "sha256:43e0b9d9e2c9e5d152946b9c5fe062c151614b262fda2e7b201204de0b99e482"},
{file = "cffi-1.14.5-cp27-cp27mu-manylinux1_x86_64.whl", hash = "sha256:cbde590d4faaa07c72bf979734738f328d239913ba3e043b1e98fe9a39f8b2b6"},
{file = "cffi-1.14.5-cp35-cp35m-macosx_10_9_x86_64.whl", hash = "sha256:5de7970188bb46b7bf9858eb6890aad302577a5f6f75091fd7cdd3ef13ef3045"},
{file = "cffi-1.14.5-cp35-cp35m-manylinux1_i686.whl", hash = "sha256:a465da611f6fa124963b91bf432d960a555563efe4ed1cc403ba5077b15370aa"},
{file = "cffi-1.14.5-cp35-cp35m-manylinux1_x86_64.whl", hash = "sha256:d42b11d692e11b6634f7613ad8df5d6d5f8875f5d48939520d351007b3c13406"},
{file = "cffi-1.14.5-cp35-cp35m-win32.whl", hash = "sha256:72d8d3ef52c208ee1c7b2e341f7d71c6fd3157138abf1a95166e6165dd5d4369"},
{file = "cffi-1.14.5-cp35-cp35m-win_amd64.whl", hash = "sha256:29314480e958fd8aab22e4a58b355b629c59bf5f2ac2492b61e3dc06d8c7a315"},
{file = "cffi-1.14.5-cp36-cp36m-macosx_10_9_x86_64.whl", hash = "sha256:3d3dd4c9e559eb172ecf00a2a7517e97d1e96de2a5e610bd9b68cea3925b4892"},
{file = "cffi-1.14.5-cp36-cp36m-manylinux1_i686.whl", hash = "sha256:48e1c69bbacfc3d932221851b39d49e81567a4d4aac3b21258d9c24578280058"},
{file = "cffi-1.14.5-cp36-cp36m-manylinux1_x86_64.whl", hash = "sha256:69e395c24fc60aad6bb4fa7e583698ea6cc684648e1ffb7fe85e3c1ca131a7d5"},
{file = "cffi-1.14.5-cp36-cp36m-manylinux2014_aarch64.whl", hash = "sha256:9e93e79c2551ff263400e1e4be085a1210e12073a31c2011dbbda14bda0c6132"},
{file = "cffi-1.14.5-cp36-cp36m-win32.whl", hash = "sha256:58e3f59d583d413809d60779492342801d6e82fefb89c86a38e040c16883be53"},
{file = "cffi-1.14.5-cp36-cp36m-win_amd64.whl", hash = "sha256:005a36f41773e148deac64b08f233873a4d0c18b053d37da83f6af4d9087b813"},
{file = "cffi-1.14.5-cp37-cp37m-macosx_10_9_x86_64.whl", hash = "sha256:2894f2df484ff56d717bead0a5c2abb6b9d2bf26d6960c4604d5c48bbc30ee73"},
{file = "cffi-1.14.5-cp37-cp37m-manylinux1_i686.whl", hash = "sha256:0857f0ae312d855239a55c81ef453ee8fd24136eaba8e87a2eceba644c0d4c06"},
{file = "cffi-1.14.5-cp37-cp37m-manylinux1_x86_64.whl", hash = "sha256:cd2868886d547469123fadc46eac7ea5253ea7fcb139f12e1dfc2bbd406427d1"},
{file = "cffi-1.14.5-cp37-cp37m-manylinux2014_aarch64.whl", hash = "sha256:35f27e6eb43380fa080dccf676dece30bef72e4a67617ffda586641cd4508d49"},
{file = "cffi-1.14.5-cp37-cp37m-win32.whl", hash = "sha256:9ff227395193126d82e60319a673a037d5de84633f11279e336f9c0f189ecc62"},
{file = "cffi-1.14.5-cp37-cp37m-win_amd64.whl", hash = "sha256:9cf8022fb8d07a97c178b02327b284521c7708d7c71a9c9c355c178ac4bbd3d4"},
{file = "cffi-1.14.5-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:8b198cec6c72df5289c05b05b8b0969819783f9418e0409865dac47288d2a053"},
{file = "cffi-1.14.5-cp38-cp38-manylinux1_i686.whl", hash = "sha256:ad17025d226ee5beec591b52800c11680fca3df50b8b29fe51d882576e039ee0"},
{file = "cffi-1.14.5-cp38-cp38-manylinux1_x86_64.whl", hash = "sha256:6c97d7350133666fbb5cf4abdc1178c812cb205dc6f41d174a7b0f18fb93337e"},
{file = "cffi-1.14.5-cp38-cp38-manylinux2014_aarch64.whl", hash = "sha256:8ae6299f6c68de06f136f1f9e69458eae58f1dacf10af5c17353eae03aa0d827"},
{file = "cffi-1.14.5-cp38-cp38-win32.whl", hash = "sha256:b85eb46a81787c50650f2392b9b4ef23e1f126313b9e0e9013b35c15e4288e2e"},
{file = "cffi-1.14.5-cp38-cp38-win_amd64.whl", hash = "sha256:1f436816fc868b098b0d63b8920de7d208c90a67212546d02f84fe78a9c26396"},
{file = "cffi-1.14.5-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:1071534bbbf8cbb31b498d5d9db0f274f2f7a865adca4ae429e147ba40f73dea"},
{file = "cffi-1.14.5-cp39-cp39-manylinux1_i686.whl", hash = "sha256:9de2e279153a443c656f2defd67769e6d1e4163952b3c622dcea5b08a6405322"},
{file = "cffi-1.14.5-cp39-cp39-manylinux1_x86_64.whl", hash = "sha256:6e4714cc64f474e4d6e37cfff31a814b509a35cb17de4fb1999907575684479c"},
{file = "cffi-1.14.5-cp39-cp39-manylinux2014_aarch64.whl", hash = "sha256:158d0d15119b4b7ff6b926536763dc0714313aa59e320ddf787502c70c4d4bee"},
{file = "cffi-1.14.5-cp39-cp39-win32.whl", hash = "sha256:afb29c1ba2e5a3736f1c301d9d0abe3ec8b86957d04ddfa9d7a6a42b9367e396"},
{file = "cffi-1.14.5-cp39-cp39-win_amd64.whl", hash = "sha256:f2d45f97ab6bb54753eab54fffe75aaf3de4ff2341c9daee1987ee1837636f1d"},
{file = "cffi-1.14.5.tar.gz", hash = "sha256:fd78e5fee591709f32ef6edb9a015b4aa1a5022598e36227500c8f4e02328d9c"},
]
chardet = [
{file = "chardet-4.0.0-py2.py3-none-any.whl", hash = "sha256:f864054d66fd9118f2e67044ac8981a54775ec5b67aed0441892edb553d21da5"},
@ -650,20 +653,13 @@ colorama = [
{file = "colorama-0.4.4.tar.gz", hash = "sha256:5941b2b48a20143d2267e95b1c2a7603ce057ee39fd88e7329b0c292aa16869b"},
]
cryptography = [
{file = "cryptography-3.3.1-cp27-cp27m-macosx_10_10_x86_64.whl", hash = "sha256:c366df0401d1ec4e548bebe8f91d55ebcc0ec3137900d214dd7aac8427ef3030"},
{file = "cryptography-3.3.1-cp27-cp27m-manylinux1_x86_64.whl", hash = "sha256:9f6b0492d111b43de5f70052e24c1f0951cb9e6022188ebcb1cc3a3d301469b0"},
{file = "cryptography-3.3.1-cp27-cp27m-manylinux2010_x86_64.whl", hash = "sha256:a69bd3c68b98298f490e84519b954335154917eaab52cf582fa2c5c7efc6e812"},
{file = "cryptography-3.3.1-cp27-cp27m-win32.whl", hash = "sha256:84ef7a0c10c24a7773163f917f1cb6b4444597efd505a8aed0a22e8c4780f27e"},
{file = "cryptography-3.3.1-cp27-cp27m-win_amd64.whl", hash = "sha256:594a1db4511bc4d960571536abe21b4e5c3003e8750ab8365fafce71c5d86901"},
{file = "cryptography-3.3.1-cp27-cp27mu-manylinux1_x86_64.whl", hash = "sha256:0003a52a123602e1acee177dc90dd201f9bb1e73f24a070db7d36c588e8f5c7d"},
{file = "cryptography-3.3.1-cp27-cp27mu-manylinux2010_x86_64.whl", hash = "sha256:83d9d2dfec70364a74f4e7c70ad04d3ca2e6a08b703606993407bf46b97868c5"},
{file = "cryptography-3.3.1-cp36-abi3-macosx_10_10_x86_64.whl", hash = "sha256:dc42f645f8f3a489c3dd416730a514e7a91a59510ddaadc09d04224c098d3302"},
{file = "cryptography-3.3.1-cp36-abi3-manylinux1_x86_64.whl", hash = "sha256:788a3c9942df5e4371c199d10383f44a105d67d401fb4304178020142f020244"},
{file = "cryptography-3.3.1-cp36-abi3-manylinux2010_x86_64.whl", hash = "sha256:69e836c9e5ff4373ce6d3ab311c1a2eed274793083858d3cd4c7d12ce20d5f9c"},
{file = "cryptography-3.3.1-cp36-abi3-manylinux2014_aarch64.whl", hash = "sha256:9e21301f7a1e7c03dbea73e8602905a4ebba641547a462b26dd03451e5769e7c"},
{file = "cryptography-3.3.1-cp36-abi3-win32.whl", hash = "sha256:b4890d5fb9b7a23e3bf8abf5a8a7da8e228f1e97dc96b30b95685df840b6914a"},
{file = "cryptography-3.3.1-cp36-abi3-win_amd64.whl", hash = "sha256:0e85aaae861d0485eb5a79d33226dd6248d2a9f133b81532c8f5aae37de10ff7"},
{file = "cryptography-3.3.1.tar.gz", hash = "sha256:7e177e4bea2de937a584b13645cab32f25e3d96fc0bc4a4cf99c27dc77682be6"},
{file = "cryptography-3.4.6-cp36-abi3-macosx_10_10_x86_64.whl", hash = "sha256:57ad77d32917bc55299b16d3b996ffa42a1c73c6cfa829b14043c561288d2799"},
{file = "cryptography-3.4.6-cp36-abi3-manylinux2010_x86_64.whl", hash = "sha256:93cfe5b7ff006de13e1e89830810ecbd014791b042cbe5eec253be11ac2b28f3"},
{file = "cryptography-3.4.6-cp36-abi3-manylinux2014_aarch64.whl", hash = "sha256:5ecf2bcb34d17415e89b546dbb44e73080f747e504273e4d4987630493cded1b"},
{file = "cryptography-3.4.6-cp36-abi3-manylinux2014_x86_64.whl", hash = "sha256:fec7fb46b10da10d9e1d078d1ff8ed9e05ae14f431fdbd11145edd0550b9a964"},
{file = "cryptography-3.4.6-cp36-abi3-win32.whl", hash = "sha256:df186fcbf86dc1ce56305becb8434e4b6b7504bc724b71ad7a3239e0c9d14ef2"},
{file = "cryptography-3.4.6-cp36-abi3-win_amd64.whl", hash = "sha256:66b57a9ca4b3221d51b237094b0303843b914b7d5afd4349970bb26518e350b0"},
{file = "cryptography-3.4.6.tar.gz", hash = "sha256:2d32223e5b0ee02943f32b19245b61a62db83a882f0e76cc564e1cec60d48f87"},
]
docutils = [
{file = "docutils-0.16-py2.py3-none-any.whl", hash = "sha256:0c5b78adfbf7762415433f5515cd5c9e762339e23369dbe8000d84a4bf4ab3af"},
@ -767,8 +763,8 @@ pycparser = [
{file = "pycparser-2.20.tar.gz", hash = "sha256:2d475327684562c3a96cc71adf7dc8c4f0565175cf86b6d7a404ff4c771f15f0"},
]
pygments = [
{file = "Pygments-2.7.4-py3-none-any.whl", hash = "sha256:bc9591213a8f0e0ca1a5e68a479b4887fdc3e75d0774e5c71c31920c427de435"},
{file = "Pygments-2.7.4.tar.gz", hash = "sha256:df49d09b498e83c1a73128295860250b0b7edd4c723a32e9bc0d295c7c2ec337"},
{file = "Pygments-2.8.1-py3-none-any.whl", hash = "sha256:534ef71d539ae97d4c3a4cf7d6f110f214b0e687e92f9cb9d2a3b0d3101289c8"},
{file = "Pygments-2.8.1.tar.gz", hash = "sha256:2656e1a6edcdabf4275f9a3640db59fd5de107d88e8663c5d4e9a0fa62f77f94"},
]
pyparsing = [
{file = "pyparsing-2.4.7-py2.py3-none-any.whl", hash = "sha256:ef9d7589ef3c200abe66653d3f1ab1033c3c419ae9b9bdb1240a85b024efc88b"},
@ -787,8 +783,8 @@ requests = [
{file = "requests-2.25.1.tar.gz", hash = "sha256:27973dd4a904a4f13b263a19c866c13b92a39ed1c964655f025f3f8d3d75b804"},
]
s3transfer = [
{file = "s3transfer-0.3.4-py2.py3-none-any.whl", hash = "sha256:1e28620e5b444652ed752cf87c7e0cb15b0e578972568c6609f0f18212f259ed"},
{file = "s3transfer-0.3.4.tar.gz", hash = "sha256:7fdddb4f22275cf1d32129e21f056337fd2a80b6ccef1664528145b72c49e6d2"},
{file = "s3transfer-0.3.6-py2.py3-none-any.whl", hash = "sha256:5d48b1fd2232141a9d5fb279709117aaba506cacea7f86f11bc392f06bfa8fc2"},
{file = "s3transfer-0.3.6.tar.gz", hash = "sha256:c5dadf598762899d8cfaecf68eba649cd25b0ce93b6c954b156aaa3eed160547"},
]
six = [
{file = "six-1.15.0-py2.py3-none-any.whl", hash = "sha256:8b74bedcbbbaca38ff6d7491d76f2b06b3592611af620f8426e82dddb04a5ced"},
@ -799,8 +795,8 @@ snowballstemmer = [
{file = "snowballstemmer-2.1.0.tar.gz", hash = "sha256:e997baa4f2e9139951b6f4c631bad912dfd3c792467e2f03d7239464af90e914"},
]
sphinx = [
{file = "Sphinx-3.4.3-py3-none-any.whl", hash = "sha256:c314c857e7cd47c856d2c5adff514ac2e6495f8b8e0f886a8a37e9305dfea0d8"},
{file = "Sphinx-3.4.3.tar.gz", hash = "sha256:41cad293f954f7d37f803d97eb184158cfd90f51195131e94875bc07cd08b93c"},
{file = "Sphinx-3.5.3-py3-none-any.whl", hash = "sha256:3f01732296465648da43dec8fb40dc451ba79eb3e2cc5c6d79005fd98197107d"},
{file = "Sphinx-3.5.3.tar.gz", hash = "sha256:ce9c228456131bab09a3d7d10ae58474de562a6f79abb3dc811ae401cf8c1abc"},
]
sphinxcontrib-applehelp = [
{file = "sphinxcontrib-applehelp-1.0.2.tar.gz", hash = "sha256:a072735ec80e7675e3f432fcae8610ecf509c5f1869d17e2eecff44389cdbc58"},
@ -827,8 +823,8 @@ sphinxcontrib-serializinghtml = [
{file = "sphinxcontrib_serializinghtml-1.1.4-py2.py3-none-any.whl", hash = "sha256:f242a81d423f59617a8e5cf16f5d4d74e28ee9a66f9e5b637a18082991db5a9a"},
]
typeguard = [
{file = "typeguard-2.10.0-py3-none-any.whl", hash = "sha256:a75c6d86ac9d1faf85c5ae952de473e5d26824dda6d4394ff6bc676849cfb939"},
{file = "typeguard-2.10.0.tar.gz", hash = "sha256:d830132dcd544d3f8a2a842ea739eaa0d7c099fcebb9dcdf3802f4c9929d8191"},
{file = "typeguard-2.11.1-py3-none-any.whl", hash = "sha256:c62706201ec6c14962162fa67d70bd2762753247533d70ff2442e5ac08f94fa2"},
{file = "typeguard-2.11.1.tar.gz", hash = "sha256:33243c1cbfcb9736a06c6db22dd08876b5f297e6344aa272a2862c0f8e669f64"},
]
typing-extensions = [
{file = "typing_extensions-3.7.4.3-py2-none-any.whl", hash = "sha256:dafc7639cde7f1b6e1acc0f457842a83e722ccca8eef5270af2d74792619a89f"},
@ -836,6 +832,6 @@ typing-extensions = [
{file = "typing_extensions-3.7.4.3.tar.gz", hash = "sha256:99d4073b617d30288f569d3f13d2bd7548c3a7e4c8de87db09a9d29bb3a4a60c"},
]
urllib3 = [
{file = "urllib3-1.26.3-py2.py3-none-any.whl", hash = "sha256:1b465e494e3e0d8939b50680403e3aedaa2bc434b7d5af64dfd3c958d7f5ae80"},
{file = "urllib3-1.26.3.tar.gz", hash = "sha256:de3eedaad74a2683334e282005cd8d7f22f4d55fa690a2a1020a416cb0a47e73"},
{file = "urllib3-1.26.4-py2.py3-none-any.whl", hash = "sha256:2f4da4594db7e1e110a944bb1b551fdf4e6c136ad42e4234131391e21eb5b0df"},
{file = "urllib3-1.26.4.tar.gz", hash = "sha256:e7b021f7241115872f92f43c6508082facffbd1c048e3c6e2bb9c2a157e28937"},
]

View file

@ -1,26 +1,26 @@
{ lib, stdenv, fetchzip }:
let
stdenv.mkDerivation rec {
pname = "octant";
version = "0.19.0";
src =
let
inherit (stdenv.hostPlatform) system;
suffix = {
x86_64-linux = "Linux-64bit";
aarch64-linux = "Linux-arm64";
x86_64-darwin = "macOS-64bit";
}."${system}" or (throw "Unsupported system: ${system}");
baseurl = "https://github.com/vmware-tanzu/octant/releases/download";
}.${system} or (throw "Unsupported system: ${system}");
fetchsrc = version: sha256: fetchzip {
url = "${baseurl}/v${version}/octant_${version}_${suffix}.tar.gz";
sha256 = sha256."${system}";
url = "https://github.com/vmware-tanzu/octant/releases/download/v${version}/octant_${version}_${suffix}.tar.gz";
sha256 = sha256.${system};
};
in
stdenv.mkDerivation rec {
pname = "octant";
version = "0.18.0";
src = fetchsrc version {
x86_64-linux = "sha256-D/pHOXR7XQoJCGqUep1lBAY4239HH35m+evFd21pcK0=";
aarch64-linux = "sha256-aL1axz3ebqrKQ3xK2UgDMQ+o6ZKgIvwy6Phici7WT2c=";
x86_64-darwin = "sha256-MFxOAAEnLur0LJJNU0SSlO+bH4f18zOfZNA49fKEQEw=";
in
fetchsrc version {
x86_64-linux = "sha256-TKvUBof4TLcHr9hg6AOLjVd1NcAX9HHVuuABdFKRNQA=";
aarch64-linux = "sha256-BJb7h6kJZ3QhdlEqNHkiFp91uYLXzYHvKftxEAhjY38=";
x86_64-darwin = "sha256-Ig98IqLmlN9D4iXrP9SXYwTrQOvbtQ/tQW+uEmntm+I=";
};
dontConfigure = true;
@ -48,12 +48,14 @@ stdenv.mkDerivation rec {
meta = with lib; {
homepage = "https://octant.dev/";
changelog = "https://github.com/vmware-tanzu/octant/blob/v${version}/CHANGELOG.md";
description = "Highly extensible platform for developers to better understand the complexity of Kubernetes clusters.";
description = "Highly extensible platform for developers to better understand the complexity of Kubernetes clusters";
longDescription = ''
Octant is a tool for developers to understand how applications run on a Kubernetes cluster.
It aims to be part of the developer's toolkit for gaining insight and approaching complexity found in Kubernetes.
Octant offers a combination of introspective tooling, cluster navigation, and object management along with a
plugin system to further extend its capabilities.
Octant is a tool for developers to understand how applications run on a
Kubernetes cluster.
It aims to be part of the developer's toolkit for gaining insight and
approaching complexity found in Kubernetes. Octant offers a combination of
introspective tooling, cluster navigation, and object management along
with a plugin system to further extend its capabilities.
'';
license = licenses.asl20;
maintainers = with maintainers; [ jk ];

View file

@ -0,0 +1,78 @@
{ lib, stdenv, appimageTools, fetchurl, gsettings-desktop-schemas, gtk3, undmg }:
let
pname = "octant-desktop";
version = "0.19.0";
name = "${pname}-${version}";
inherit (stdenv.hostPlatform) system;
suffix = {
x86_64-linux = "AppImage";
x86_64-darwin = "dmg";
}.${system} or (throw "Unsupported system: ${system}");
src = fetchurl {
url = "https://github.com/vmware-tanzu/octant/releases/download/v${version}/Octant-${version}.${suffix}";
sha256 = {
x86_64-linux = "sha256-1XFb0zuyOy8XEUd9hoexItjq4assuWlWIzqw7pZxHx0=";
x86_64-darwin = "sha256-e3v5BFX7wnx4sAQrOq+dBIDVPJYzQZKKvKjSX+dis2U=";
}.${system};
};
linux = appimageTools.wrapType2 {
inherit name src passthru meta;
profile = ''
export LC_ALL=C.UTF-8
export XDG_DATA_DIRS=${gsettings-desktop-schemas}/share/gsettings-schemas/${gsettings-desktop-schemas.name}:${gtk3}/share/gsettings-schemas/${gtk3.name}:$XDG_DATA_DIRS
'';
multiPkgs = null; # no 32bit needed
extraPkgs = appimageTools.defaultFhsEnvArgs.multiPkgs;
extraInstallCommands =
let appimageContents = appimageTools.extractType2 { inherit name src; }; in
''
mv $out/bin/{${name},${pname}}
install -Dm444 ${appimageContents}/octant.desktop -t $out/share/applications
substituteInPlace $out/share/applications/octant.desktop \
--replace 'Exec=AppRun --no-sandbox' 'Exec=${pname}'
install -m 444 -D ${appimageContents}/octant.png \
$out/share/icons/hicolor/512x512/apps/octant.png
'';
};
darwin = stdenv.mkDerivation {
inherit name src passthru meta;
nativeBuildInputs = [ undmg ];
sourceRoot = "Octant.app";
installPhase = ''
mkdir -p $out/Applications/Octant.app
cp -R . $out/Applications/Octant.app
'';
};
passthru = { updateScript = ./update-desktop.sh; };
meta = with lib; {
homepage = "https://octant.dev/";
changelog = "https://github.com/vmware-tanzu/octant/blob/v${version}/CHANGELOG.md";
description = "Highly extensible platform for developers to better understand the complexity of Kubernetes clusters";
longDescription = ''
Octant is a tool for developers to understand how applications run on a
Kubernetes cluster.
It aims to be part of the developer's toolkit for gaining insight and
approaching complexity found in Kubernetes. Octant offers a combination of
introspective tooling, cluster navigation, and object management along
with a plugin system to further extend its capabilities.
'';
license = licenses.asl20;
maintainers = with maintainers; [ jk ];
platforms = [ "x86_64-linux" "x86_64-darwin" ];
};
in
if stdenv.isDarwin
then darwin
else linux

View file

@ -0,0 +1,36 @@
#!/usr/bin/env nix-shell
#!nix-shell -i bash -p curl gnused gawk nix-prefetch
set -euo pipefail
ROOT="$(dirname "$(readlink -f "$0")")"
NIX_DRV="$ROOT/desktop.nix"
if [ ! -f "$NIX_DRV" ]; then
echo "ERROR: cannot find desktop.nix in $ROOT"
exit 1
fi
fetch_arch() {
VER="$1"; SUFFIX="$2"
URL="https://github.com/vmware-tanzu/octant/releases/download/v${VER}/Octant-${VER}.${SUFFIX}"
nix-prefetch "{ stdenv, fetchurl }:
stdenv.mkDerivation rec {
pname = \"octant-desktop\"; version = \"${VER}\";
src = fetchurl { url = \"$URL\"; };
}
"
}
replace_sha() {
sed -i "s#$1 = \"sha256-.\{44\}\"#$1 = \"$2\"#" "$NIX_DRV"
}
OCTANT_VER=$(curl -Ls -w "%{url_effective}" -o /dev/null https://github.com/vmware-tanzu/octant/releases/latest | awk -F'/' '{print $NF}' | sed 's/v//')
OCTANT_DESKTOP_LINUX_X64_SHA256=$(fetch_arch "$OCTANT_VER" "AppImage")
OCTANT_DESKTOP_DARWIN_X64_SHA256=$(fetch_arch "$OCTANT_VER" "dmg")
sed -i "s/version = \".*\"/version = \"$OCTANT_VER\"/" "$NIX_DRV"
replace_sha "x86_64-linux" "$OCTANT_DESKTOP_LINUX_X64_SHA256"
replace_sha "x86_64-darwin" "$OCTANT_DESKTOP_DARWIN_X64_SHA256"

View file

@ -28,11 +28,11 @@ replace_sha() {
OCTANT_VER=$(curl -Ls -w "%{url_effective}" -o /dev/null https://github.com/vmware-tanzu/octant/releases/latest | awk -F'/' '{print $NF}' | sed 's/v//')
OCTANT_LINUX_X64_SHA256=$(fetch_arch "$OCTANT_VER" "Linux-64bit")
OCTANT_DARWIN_X64_SHA256=$(fetch_arch "$OCTANT_VER" "Linux-arm64")
OCTANT_LINUX_AARCH64_SHA256=$(fetch_arch "$OCTANT_VER" "macOS-64bit")
OCTANT_LINUX_AARCH64_SHA256=$(fetch_arch "$OCTANT_VER" "Linux-arm64")
OCTANT_DARWIN_X64_SHA256=$(fetch_arch "$OCTANT_VER" "macOS-64bit")
sed -i "s/version = \".*\"/version = \"$OCTANT_VER\"/" "$NIX_DRV"
replace_sha "x86_64-linux" "$OCTANT_LINUX_X64_SHA256"
replace_sha "x86_64-darwin" "$OCTANT_LINUX_AARCH64_SHA256"
replace_sha "aarch64-linux" "$OCTANT_DARWIN_X64_SHA256"
replace_sha "aarch64-linux" "$OCTANT_LINUX_AARCH64_SHA256"
replace_sha "x86_64-darwin" "$OCTANT_DARWIN_X64_SHA256"

View file

@ -2,13 +2,13 @@
buildGoModule rec {
pname = "terragrunt";
version = "0.28.18";
version = "0.28.19";
src = fetchFromGitHub {
owner = "gruntwork-io";
repo = pname;
rev = "v${version}";
sha256 = "sha256-W0HjGILezhuc1lXvGCHw23h8Sx1uw4YLLsOOBZYGvU8=";
sha256 = "sha256-REcVc4u7pDTDHvoI1Fw36Mioyg1D4U29Hq0ih8Bt95s=";
};
vendorSha256 = "sha256-kcRM76xfajtQist1aJTmaRludxRlfvHQ9ucB3LOgnBk=";

Some files were not shown because too many files have changed in this diff Show more