Project import generated by Copybara.
GitOrigin-RevId: 78cd22c1b8604de423546cd49bfe264b786eca13
This commit is contained in:
parent
d79265ddad
commit
2495e3f88b
1007 changed files with 10657 additions and 19342 deletions
4
third_party/nixpkgs/.github/CODEOWNERS
vendored
4
third_party/nixpkgs/.github/CODEOWNERS
vendored
|
@ -233,6 +233,7 @@
|
|||
/pkgs/applications/blockchains @mmahut @RaghavSood
|
||||
|
||||
# Go
|
||||
/doc/languages-frameworks/go.section.md @kalbasit @Mic92 @zowoq
|
||||
/pkgs/development/compilers/go @kalbasit @Mic92 @zowoq
|
||||
/pkgs/development/go-modules @kalbasit @Mic92 @zowoq
|
||||
/pkgs/development/go-packages @kalbasit @Mic92 @zowoq
|
||||
|
@ -248,3 +249,6 @@
|
|||
/pkgs/development/compilers/nim @ehmry
|
||||
/pkgs/development/nim-packages @ehmry
|
||||
/pkgs/top-level/nim-packages.nix @ehmry
|
||||
|
||||
# terraform providers
|
||||
/pkgs/applications/networking/cluster/terraform-providers @zowoq
|
||||
|
|
1
third_party/nixpkgs/.gitignore
vendored
1
third_party/nixpkgs/.gitignore
vendored
|
@ -3,6 +3,7 @@
|
|||
.*.swp
|
||||
.*.swo
|
||||
.idea/
|
||||
.vscode/
|
||||
outputs/
|
||||
result
|
||||
result-*
|
||||
|
|
|
@ -1,6 +1,5 @@
|
|||
--[[
|
||||
Turns a manpage reference into a link, when a mapping is defined
|
||||
in the unix-man-urls.lua file.
|
||||
Turns a manpage reference into a link, when a mapping is defined below.
|
||||
]]
|
||||
|
||||
local man_urls = {
|
||||
|
|
|
@ -55,7 +55,7 @@ Additionally, the following syntax extensions are currently used:
|
|||
- []{#ssec-contributing-markup-inline-roles}
|
||||
If you want to link to a man page, you can use `` {manpage}`nix.conf(5)` ``, which will turn into {manpage}`nix.conf(5)`.
|
||||
|
||||
The references will turn into links when a mapping exists in {file}`doc/build-aux/pandoc-filters/unix-man-urls.lua`.
|
||||
The references will turn into links when a mapping exists in {file}`doc/build-aux/pandoc-filters/link-unix-man-references.lua`.
|
||||
|
||||
This syntax is taken from [MyST](https://myst-parser.readthedocs.io/en/latest/syntax/syntax.html#roles-an-in-line-extension-point). Though, the feature originates from [reStructuredText](https://www.sphinx-doc.org/en/master/usage/restructuredtext/roles.html#role-manpage) with slightly different syntax.
|
||||
|
||||
|
|
|
@ -246,11 +246,21 @@ If the branch is already in a broken state, please refrain from adding extra new
|
|||
|
||||
### Stable release branches {#submitting-changes-stable-release-branches}
|
||||
|
||||
For cherry-picking a commit to a stable release branch (“backporting”), use `git cherry-pick -x <original commit>` so that the original commit id is included in the commit.
|
||||
The same staging workflow applies to stable release branches, but the main branch is called `release-*` instead of `master`.
|
||||
|
||||
Add a reason for the backport by using `git cherry-pick -xe <original commit>` instead when it is not obvious from the original commit message. It is not needed when it's a minor version update that includes security and bug fixes but don't add new features or when the commit fixes an otherwise broken package.
|
||||
Example branch names: `release-21.11`, `staging-21.11`, `staging-next-21.11`.
|
||||
|
||||
For backporting Pull Requests to stable branches, assign label `backport <branch>` to the original Pull Requests and automation should take care of the rest once the Pull Requests is merged.
|
||||
Most changes added to the stable release branches are cherry-picked (“backported”) from the `master` and staging branches.
|
||||
|
||||
#### Automatically backporting a Pull Request {#submitting-changes-stable-release-branches-automatic-backports}
|
||||
|
||||
Assign label `backport <branch>` (e.g. `backport release-21.11`) to the PR and a backport PR is automatically created after the PR is merged.
|
||||
|
||||
#### Manually backporting changes {#submitting-changes-stable-release-branches-manual-backports}
|
||||
|
||||
Cherry-pick changes via `git cherry-pick -x <original commit>` so that the original commit id is included in the commit message.
|
||||
|
||||
Add a reason for the backport when it is not obvious from the original commit message. You can do this by cherry picking with `git cherry-pick -xe <original commit>`, which allows editing the commit message. This is not needed for minor version updates that include security and bug fixes but don't add new features or when the commit fixes an otherwise broken package.
|
||||
|
||||
Here is an example of a cherry-picked commit message with good reason description:
|
||||
|
||||
|
|
|
@ -29,8 +29,6 @@ pet = buildGoModule rec {
|
|||
|
||||
vendorSha256 = "1879j77k96684wi554rkjxydrj8g3hpp0kvxz03sd8dmwr3lh83j";
|
||||
|
||||
runVend = true;
|
||||
|
||||
meta = with lib; {
|
||||
description = "Simple command-line snippet manager, written in Go";
|
||||
homepage = "https://github.com/knqyf263/pet";
|
||||
|
|
|
@ -1170,6 +1170,17 @@
|
|||
githubId = 56650223;
|
||||
name = "Artturi N";
|
||||
};
|
||||
azahi = {
|
||||
email = "azahi@teknik.io";
|
||||
matrix = "@azahi:matrix.org";
|
||||
github = "azahi";
|
||||
githubId = 22211000;
|
||||
name = "Azat Bahawi";
|
||||
keys = [{
|
||||
longkeyid = "rsa2048/0xB40FCB6608BBE3B6";
|
||||
fingerprint = "E9F3 483F 31C7 29B4 4CA2 7C38 B40F CB66 08BB E3B6";
|
||||
}];
|
||||
};
|
||||
ayazhafiz = {
|
||||
email = "ayaz.hafiz.1@gmail.com";
|
||||
github = "ayazhafiz";
|
||||
|
@ -1877,6 +1888,13 @@
|
|||
githubId = 495429;
|
||||
name = "Claas Augner";
|
||||
};
|
||||
cawilliamson = {
|
||||
email = "home@chrisaw.com";
|
||||
github = "cawilliamson";
|
||||
githubId = 1141769;
|
||||
matrix = "@cawilliamson:nixos.dev";
|
||||
name = "Christopher A. Williamson";
|
||||
};
|
||||
cbley = {
|
||||
email = "claudio.bley@gmail.com";
|
||||
github = "avdv";
|
||||
|
@ -2070,12 +2088,6 @@
|
|||
githubId = 399718;
|
||||
name = "Chris Martin";
|
||||
};
|
||||
chrisaw = {
|
||||
email = "home@chrisaw.com";
|
||||
github = "cawilliamson";
|
||||
githubId = 1141769;
|
||||
name = "Christopher A. Williamson";
|
||||
};
|
||||
chrisjefferson = {
|
||||
email = "chris@bubblescope.net";
|
||||
github = "chrisjefferson";
|
||||
|
@ -3125,6 +3137,16 @@
|
|||
githubId = 10198051;
|
||||
name = "Drew Risinger";
|
||||
};
|
||||
drperceptron = {
|
||||
email = "92106371+drperceptron@users.noreply.github.com";
|
||||
github = "drperceptron";
|
||||
githubId = 92106371;
|
||||
name = "Dr Perceptron";
|
||||
keys = [{
|
||||
longkeyid = "rsa4096/0x95EB6DFF26D1CEB0";
|
||||
fingerprint = "7E38 89D9 B1A8 B381 C8DE A15F 95EB 6DFF 26D1 CEB0";
|
||||
}];
|
||||
};
|
||||
drupol = {
|
||||
name = "Pol Dellaiera";
|
||||
email = "pol.dellaiera@protonmail.com";
|
||||
|
@ -8636,7 +8658,7 @@
|
|||
};
|
||||
noreferences = {
|
||||
email = "norkus@norkus.net";
|
||||
github = "noreferences";
|
||||
github = "jozuas";
|
||||
githubId = 13085275;
|
||||
name = "Juozas Norkus";
|
||||
};
|
||||
|
@ -11037,6 +11059,13 @@
|
|||
githubId = 26806;
|
||||
name = "Scott Olson";
|
||||
};
|
||||
SomeoneSerge = {
|
||||
email = "sergei.kozlukov@aalto.fi";
|
||||
matrix = "@ss:someonex.net";
|
||||
github = "SomeoneSerge";
|
||||
githubId = 9720532;
|
||||
name = "Sergei K";
|
||||
};
|
||||
sondr3 = {
|
||||
email = "nilsen.sondre@gmail.com";
|
||||
github = "sondr3";
|
||||
|
@ -11163,6 +11192,12 @@
|
|||
githubId = 7512804;
|
||||
name = "Martin Langlotz";
|
||||
};
|
||||
steamwalker = {
|
||||
email = "steamwalker@xs4all.nl";
|
||||
github = "steamwalker";
|
||||
githubId = 94006354;
|
||||
name = "steamwalker";
|
||||
};
|
||||
steell = {
|
||||
email = "steve@steellworks.com";
|
||||
github = "Steell";
|
||||
|
@ -11600,6 +11635,12 @@
|
|||
githubId = 280235;
|
||||
name = "Terje Larsen";
|
||||
};
|
||||
terrorjack = {
|
||||
email = "astrohavoc@gmail.com";
|
||||
github = "TerrorJack";
|
||||
githubId = 3889585;
|
||||
name = "Cheng Shao";
|
||||
};
|
||||
tesq0 = {
|
||||
email = "mikolaj.galkowski@gmail.com";
|
||||
github = "tesq0";
|
||||
|
@ -11795,6 +11836,13 @@
|
|||
githubId = 1618946;
|
||||
name = "Tiago Castro";
|
||||
};
|
||||
tilcreator = {
|
||||
name = "Tilman Jackel";
|
||||
email = "contact.nixos@tc-j.de";
|
||||
matrix = "@tilcreator:matrix.org";
|
||||
github = "TilCreator";
|
||||
githubId = 18621411;
|
||||
};
|
||||
tilpner = {
|
||||
email = "till@hoeppner.ws";
|
||||
github = "tilpner";
|
||||
|
@ -12851,6 +12899,12 @@
|
|||
githubId = 2242427;
|
||||
name = "Yoann Ono";
|
||||
};
|
||||
yana = {
|
||||
email = "yana@riseup.net";
|
||||
github = "alpakido";
|
||||
githubId = 1643293;
|
||||
name = "Yana Timoshenko";
|
||||
};
|
||||
yarny = {
|
||||
email = "41838844+Yarny0@users.noreply.github.com";
|
||||
github = "Yarny0";
|
||||
|
@ -12870,12 +12924,6 @@
|
|||
githubId = 73759599;
|
||||
name = "Lara A.";
|
||||
};
|
||||
yegortimoshenko = {
|
||||
email = "yegortimoshenko@riseup.net";
|
||||
github = "yegortimoshenko";
|
||||
githubId = 1643293;
|
||||
name = "Yegor Timoshenko";
|
||||
};
|
||||
yesbox = {
|
||||
email = "jesper.geertsen.jonsson@gmail.com";
|
||||
github = "yesbox";
|
||||
|
@ -13434,6 +13482,12 @@
|
|||
github = "zeri42";
|
||||
githubId = 68825133;
|
||||
};
|
||||
zombiezen = {
|
||||
name = "Ross Light";
|
||||
email = "ross@zombiezen.com";
|
||||
github = "zombiezen";
|
||||
githubId = 181535;
|
||||
};
|
||||
zseri = {
|
||||
name = "zseri";
|
||||
email = "zseri.devel@ytrizja.de";
|
||||
|
|
|
@ -273,13 +273,6 @@
|
|||
<link xlink:href="options.html#opt-services.peertube.enable">services.peertube</link>.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<link xlink:href="https://maddy.email">maddy</link>, a
|
||||
composable all-in-one mail server. Available as
|
||||
<link xlink:href="options.html#opt-services.maddy.enable">services.maddy</link>.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<link xlink:href="https://sr.ht">sourcehut</link>, a
|
||||
|
|
|
@ -30,6 +30,14 @@
|
|||
PHP 8.1 is now available
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
Mattermost has been updated to version 6.2. Migrations may
|
||||
take a while, see the
|
||||
<link xlink:href="https://docs.mattermost.com/install/self-managed-changelog.html#release-v6.2-feature-release">upgrade
|
||||
notes</link>.
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</section>
|
||||
<section xml:id="sec-release-22.05-new-services">
|
||||
|
@ -51,6 +59,14 @@
|
|||
<link xlink:href="options.html#opt-virtualisation.docker.rootless.enable">virtualisation.docker.rootless.enable</link>.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<link xlink:href="https://conduit.rs/">matrix-conduit</link>,
|
||||
a simple, fast and reliable chat server powered by matrix.
|
||||
Available as
|
||||
<link xlink:href="option.html#opt-services.matrix-conduit.enable">services.matrix-conduit</link>.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<link xlink:href="https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-overview.html">filebeat</link>,
|
||||
|
@ -59,6 +75,13 @@
|
|||
<link linkend="opt-services.filebeat.enable">services.filebeat</link>.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<link xlink:href="https://github.com/hifi/heisenbridge">heisenbridge</link>,
|
||||
a bouncer-style Matrix IRC bridge. Available as
|
||||
<link xlink:href="options.html#opt-services.heisenbridge.enable">services.heisenbridge</link>.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<link xlink:href="https://github.com/ngoduykhanh/PowerDNS-Admin">PowerDNS-Admin</link>,
|
||||
|
@ -66,6 +89,21 @@
|
|||
<link xlink:href="options.html#opt-services.powerdns-admin.enable">services.powerdns-admin</link>.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<link xlink:href="https://maddy.email">maddy</link>, a
|
||||
composable all-in-one mail server. Available as
|
||||
<link xlink:href="options.html#opt-services.maddy.enable">services.maddy</link>.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<link xlink:href="https://tetrd.app">tetrd</link>, share your
|
||||
internet connection from your device to your PC and vice versa
|
||||
through a USB cable. Available at
|
||||
<link linkend="opt-services.tetrd.enable">services.tetrd</link>.
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</section>
|
||||
<section xml:id="sec-release-22.05-incompatibilities">
|
||||
|
@ -109,6 +147,13 @@
|
|||
removed due to it being an outdated version.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
The MoinMoin wiki engine
|
||||
(<literal>services.moinmoin</literal>) has been removed,
|
||||
because Python 2 is being retired from nixpkgs.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
The <literal>wafHook</literal> hook now honors
|
||||
|
@ -169,6 +214,20 @@
|
|||
~100MB for python itself).
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<literal>documentation.man</literal> has been refactored to
|
||||
support choosing a man implementation other than GNU’s
|
||||
<literal>man-db</literal>. For this,
|
||||
<literal>documentation.man.manualPages</literal> has been
|
||||
renamed to
|
||||
<literal>documentation.man.man-db.manualPages</literal>. If
|
||||
you want to use the new alternative man implementation
|
||||
<literal>mandoc</literal>, add
|
||||
<literal>documentation.man = { enable = true; man-db.enable = false; mandoc.enable = true; }</literal>
|
||||
to your configuration.
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</section>
|
||||
<section xml:id="sec-release-22.05-notable-changes">
|
||||
|
@ -244,7 +303,7 @@
|
|||
<listitem>
|
||||
<para>
|
||||
The option
|
||||
<link linkend="opt-services.ssh.enableAskPassword">services.ssh.enableAskPassword</link>
|
||||
<link linkend="opt-programs.ssh.enableAskPassword">programs.ssh.enableAskPassword</link>
|
||||
was added, decoupling the setting of
|
||||
<literal>SSH_ASKPASS</literal> from
|
||||
<literal>services.xserver.enable</literal>. This allows easy
|
||||
|
|
|
@ -74,8 +74,6 @@ In addition to numerous new and upgraded packages, this release has the followin
|
|||
|
||||
- [PeerTube](https://joinpeertube.org/), developed by Framasoft, is the free and decentralized alternative to video platforms. Available at [services.peertube](options.html#opt-services.peertube.enable).
|
||||
|
||||
- [maddy](https://maddy.email), a composable all-in-one mail server. Available as [services.maddy](options.html#opt-services.maddy.enable).
|
||||
|
||||
- [sourcehut](https://sr.ht), a collection of tools useful for software development. Available as [services.sourcehut](options.html#opt-services.sourcehut.enable).
|
||||
|
||||
- [ucarp](https://download.pureftpd.org/pub/ucarp/README), an userspace implementation of the Common Address Redundancy Protocol (CARP). Available as [networking.ucarp](options.html#opt-networking.ucarp.enable).
|
||||
|
|
|
@ -13,15 +13,26 @@ In addition to numerous new and upgraded packages, this release has the followin
|
|||
|
||||
- PHP 8.1 is now available
|
||||
|
||||
- Mattermost has been updated to version 6.2. Migrations may take a while,
|
||||
see the [upgrade notes](https://docs.mattermost.com/install/self-managed-changelog.html#release-v6.2-feature-release).
|
||||
|
||||
## New Services {#sec-release-22.05-new-services}
|
||||
|
||||
- [aesmd](https://github.com/intel/linux-sgx#install-the-intelr-sgx-psw), the Intel SGX Architectural Enclave Service Manager. Available as [services.aesmd](#opt-services.aesmd.enable).
|
||||
- [rootless Docker](https://docs.docker.com/engine/security/rootless/), a `systemd --user` Docker service which runs without root permissions. Available as [virtualisation.docker.rootless.enable](options.html#opt-virtualisation.docker.rootless.enable).
|
||||
|
||||
- [matrix-conduit](https://conduit.rs/), a simple, fast and reliable chat server powered by matrix. Available as [services.matrix-conduit](option.html#opt-services.matrix-conduit.enable).
|
||||
|
||||
- [filebeat](https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-overview.html), a lightweight shipper for forwarding and centralizing log data. Available as [services.filebeat](#opt-services.filebeat.enable).
|
||||
|
||||
- [heisenbridge](https://github.com/hifi/heisenbridge), a bouncer-style Matrix IRC bridge. Available as [services.heisenbridge](options.html#opt-services.heisenbridge.enable).
|
||||
|
||||
- [PowerDNS-Admin](https://github.com/ngoduykhanh/PowerDNS-Admin), a web interface for the PowerDNS server. Available at [services.powerdns-admin](options.html#opt-services.powerdns-admin.enable).
|
||||
|
||||
- [maddy](https://maddy.email), a composable all-in-one mail server. Available as [services.maddy](options.html#opt-services.maddy.enable).
|
||||
|
||||
- [tetrd](https://tetrd.app), share your internet connection from your device to your PC and vice versa through a USB cable. Available at [services.tetrd](#opt-services.tetrd.enable).
|
||||
|
||||
## Backward Incompatibilities {#sec-release-22.05-incompatibilities}
|
||||
|
||||
- `pkgs.ghc` now refers to `pkgs.targetPackages.haskellPackages.ghc`.
|
||||
|
@ -43,6 +54,8 @@ In addition to numerous new and upgraded packages, this release has the followin
|
|||
|
||||
- `services.kubernetes.addons.dashboard` was removed due to it being an outdated version.
|
||||
|
||||
- The MoinMoin wiki engine (`services.moinmoin`) has been removed, because Python 2 is being retired from nixpkgs.
|
||||
|
||||
- The `wafHook` hook now honors `NIX_BUILD_CORES` when `enableParallelBuilding` is not set explicitly. Packages can restore the old behaviour by setting `enableParallelBuilding=false`.
|
||||
|
||||
- `pkgs.claws-mail-gtk2`, representing Claws Mail's older release version three, was removed in order to get rid of Python 2.
|
||||
|
@ -62,6 +75,8 @@ In addition to numerous new and upgraded packages, this release has the followin
|
|||
This has the added benefit to reduce the closure size of `ipython` from ~400MB to ~160MB
|
||||
(including ~100MB for python itself).
|
||||
|
||||
- `documentation.man` has been refactored to support choosing a man implementation other than GNU's `man-db`. For this, `documentation.man.manualPages` has been renamed to `documentation.man.man-db.manualPages`. If you want to use the new alternative man implementation `mandoc`, add `documentation.man = { enable = true; man-db.enable = false; mandoc.enable = true; }` to your configuration.
|
||||
|
||||
## Other Notable Changes {#sec-release-22.05-notable-changes}
|
||||
|
||||
- The option [services.redis.servers](#opt-services.redis.servers) was added
|
||||
|
@ -97,7 +112,7 @@ In addition to numerous new and upgraded packages, this release has the followin
|
|||
will now correctly remove those domains during rebuild/renew.
|
||||
|
||||
- The option
|
||||
[services.ssh.enableAskPassword](#opt-services.ssh.enableAskPassword) was
|
||||
[programs.ssh.enableAskPassword](#opt-programs.ssh.enableAskPassword) was
|
||||
added, decoupling the setting of `SSH_ASKPASS` from
|
||||
`services.xserver.enable`. This allows easy usage in non-X11 environments,
|
||||
e.g. Wayland.
|
||||
|
|
|
@ -74,10 +74,6 @@ let
|
|||
];
|
||||
};
|
||||
|
||||
# list of man outputs currently active intended for use as default values
|
||||
# for man-related options, thus "man" is included unconditionally.
|
||||
activeManOutputs = [ "man" ] ++ lib.optionals cfg.dev.enable [ "devman" ];
|
||||
|
||||
in
|
||||
|
||||
{
|
||||
|
@ -107,8 +103,8 @@ in
|
|||
type = types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
Whether to install manual pages and the <command>man</command> command.
|
||||
This also includes "man" outputs.
|
||||
Whether to install manual pages.
|
||||
This also includes <literal>man</literal> outputs.
|
||||
'';
|
||||
};
|
||||
|
||||
|
@ -116,27 +112,18 @@ in
|
|||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to generate the manual page index caches using
|
||||
<literal>mandb(8)</literal>. This allows searching for a page or
|
||||
keyword using utilities like <literal>apropos(1)</literal>.
|
||||
'';
|
||||
};
|
||||
|
||||
man.manualPages = mkOption {
|
||||
type = types.path;
|
||||
default = pkgs.buildEnv {
|
||||
name = "man-paths";
|
||||
paths = config.environment.systemPackages;
|
||||
pathsToLink = [ "/share/man" ];
|
||||
extraOutputsToInstall = activeManOutputs;
|
||||
ignoreCollisions = true;
|
||||
};
|
||||
defaultText = literalDocBook "all man pages in <option>config.environment.systemPackages</option>";
|
||||
description = ''
|
||||
The manual pages to generate caches for if <option>generateCaches</option>
|
||||
is enabled. Must be a path to a directory with man pages under
|
||||
<literal>/share/man</literal>; see the source for an example.
|
||||
Advanced users can make this a content-addressed derivation to save a few rebuilds.
|
||||
Whether to generate the manual page index caches.
|
||||
This allows searching for a page or
|
||||
keyword using utilities like
|
||||
<citerefentry>
|
||||
<refentrytitle>apropos</refentrytitle>
|
||||
<manvolnum>1</manvolnum>
|
||||
</citerefentry>
|
||||
and the <literal>-k</literal> option of
|
||||
<citerefentry>
|
||||
<refentrytitle>man</refentrytitle>
|
||||
<manvolnum>1</manvolnum>
|
||||
</citerefentry>.
|
||||
'';
|
||||
};
|
||||
|
||||
|
@ -220,30 +207,22 @@ in
|
|||
};
|
||||
|
||||
config = mkIf cfg.enable (mkMerge [
|
||||
{
|
||||
assertions = [
|
||||
{
|
||||
assertion = !(cfg.man.man-db.enable && cfg.man.mandoc.enable);
|
||||
message = ''
|
||||
man-db and mandoc can't be used as the default man page viewer at the same time!
|
||||
'';
|
||||
}
|
||||
];
|
||||
}
|
||||
|
||||
# The actual implementation for this lives in man-db.nix or mandoc.nix,
|
||||
# depending on which backend is active.
|
||||
(mkIf cfg.man.enable {
|
||||
environment.systemPackages = [ pkgs.man-db ];
|
||||
environment.pathsToLink = [ "/share/man" ];
|
||||
environment.extraOutputsToInstall = activeManOutputs;
|
||||
environment.etc."man_db.conf".text =
|
||||
let
|
||||
manualCache = pkgs.runCommandLocal "man-cache" { } ''
|
||||
echo "MANDB_MAP ${cfg.man.manualPages}/share/man $out" > man.conf
|
||||
${pkgs.man-db}/bin/mandb -C man.conf -psc >/dev/null 2>&1
|
||||
'';
|
||||
in
|
||||
''
|
||||
# Manual pages paths for NixOS
|
||||
MANPATH_MAP /run/current-system/sw/bin /run/current-system/sw/share/man
|
||||
MANPATH_MAP /run/wrappers/bin /run/current-system/sw/share/man
|
||||
|
||||
${optionalString cfg.man.generateCaches ''
|
||||
# Generated manual pages cache for NixOS (immutable)
|
||||
MANDB_MAP /run/current-system/sw/share/man ${manualCache}
|
||||
''}
|
||||
# Manual pages caches for NixOS
|
||||
MANDB_MAP /run/current-system/sw/share/man /var/cache/man/nixos
|
||||
'';
|
||||
environment.extraOutputsToInstall = [ "man" ] ++ optional cfg.dev.enable "devman";
|
||||
})
|
||||
|
||||
(mkIf cfg.info.enable {
|
||||
|
|
|
@ -296,7 +296,7 @@ in
|
|||
infinoted = 264;
|
||||
sickbeard = 265;
|
||||
headphones = 266;
|
||||
couchpotato = 267;
|
||||
# couchpotato = 267; # unused, removed 2022-01-01
|
||||
gogs = 268;
|
||||
#pdns-recursor = 269; # dynamically allocated as of 2020-20-18
|
||||
#kresd = 270; # switched to "knot-resolver" with dynamic ID
|
||||
|
@ -603,7 +603,7 @@ in
|
|||
infinoted = 264;
|
||||
sickbeard = 265;
|
||||
headphones = 266;
|
||||
couchpotato = 267;
|
||||
# couchpotato = 267; # unused, removed 2022-01-01
|
||||
gogs = 268;
|
||||
#kresd = 270; # switched to "knot-resolver" with dynamic ID
|
||||
#rpc = 271; # unused
|
||||
|
|
73
third_party/nixpkgs/nixos/modules/misc/man-db.nix
vendored
Normal file
73
third_party/nixpkgs/nixos/modules/misc/man-db.nix
vendored
Normal file
|
@ -0,0 +1,73 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
|
||||
let
|
||||
cfg = config.documentation.man.man-db;
|
||||
in
|
||||
|
||||
{
|
||||
options = {
|
||||
documentation.man.man-db = {
|
||||
enable = lib.mkEnableOption "man-db as the default man page viewer" // {
|
||||
default = config.documentation.man.enable;
|
||||
defaultText = lib.literalExpression "config.documentation.man.enable";
|
||||
example = false;
|
||||
};
|
||||
|
||||
manualPages = lib.mkOption {
|
||||
type = lib.types.path;
|
||||
default = pkgs.buildEnv {
|
||||
name = "man-paths";
|
||||
paths = config.environment.systemPackages;
|
||||
pathsToLink = [ "/share/man" ];
|
||||
extraOutputsToInstall = [ "man" ]
|
||||
++ lib.optionals config.documentation.dev.enable [ "devman" ];
|
||||
ignoreCollisions = true;
|
||||
};
|
||||
defaultText = lib.literalDocBook "all man pages in <option>config.environment.systemPackages</option>";
|
||||
description = ''
|
||||
The manual pages to generate caches for if <option>documentation.man.generateCaches</option>
|
||||
is enabled. Must be a path to a directory with man pages under
|
||||
<literal>/share/man</literal>; see the source for an example.
|
||||
Advanced users can make this a content-addressed derivation to save a few rebuilds.
|
||||
'';
|
||||
};
|
||||
|
||||
package = lib.mkOption {
|
||||
type = lib.types.package;
|
||||
default = pkgs.man-db;
|
||||
defaultText = lib.literalExpression "pkgs.man-db";
|
||||
description = ''
|
||||
The <literal>man-db</literal> derivation to use. Useful to override
|
||||
configuration options used for the package.
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
imports = [
|
||||
(lib.mkRenamedOptionModule [ "documentation" "man" "manualPages" ] [ "documentation" "man" "man-db" "manualPages" ])
|
||||
];
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
environment.systemPackages = [ cfg.package ];
|
||||
environment.etc."man_db.conf".text =
|
||||
let
|
||||
manualCache = pkgs.runCommandLocal "man-cache" { } ''
|
||||
echo "MANDB_MAP ${cfg.manualPages}/share/man $out" > man.conf
|
||||
${cfg.package}/bin/mandb -C man.conf -psc >/dev/null 2>&1
|
||||
'';
|
||||
in
|
||||
''
|
||||
# Manual pages paths for NixOS
|
||||
MANPATH_MAP /run/current-system/sw/bin /run/current-system/sw/share/man
|
||||
MANPATH_MAP /run/wrappers/bin /run/current-system/sw/share/man
|
||||
|
||||
${lib.optionalString config.documentation.man.generateCaches ''
|
||||
# Generated manual pages cache for NixOS (immutable)
|
||||
MANDB_MAP /run/current-system/sw/share/man ${manualCache}
|
||||
''}
|
||||
# Manual pages caches for NixOS
|
||||
MANDB_MAP /run/current-system/sw/share/man /var/cache/man/nixos
|
||||
'';
|
||||
};
|
||||
}
|
61
third_party/nixpkgs/nixos/modules/misc/mandoc.nix
vendored
Normal file
61
third_party/nixpkgs/nixos/modules/misc/mandoc.nix
vendored
Normal file
|
@ -0,0 +1,61 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
makewhatis = "${lib.getBin cfg.package}/bin/makewhatis";
|
||||
|
||||
cfg = config.documentation.man.mandoc;
|
||||
|
||||
in {
|
||||
meta.maintainers = [ lib.maintainers.sternenseemann ];
|
||||
|
||||
options = {
|
||||
documentation.man.mandoc = {
|
||||
enable = lib.mkEnableOption "mandoc as the default man page viewer";
|
||||
|
||||
manPath = lib.mkOption {
|
||||
type = with lib.types; listOf str;
|
||||
default = [ "share/man" ];
|
||||
example = lib.literalExpression "[ \"share/man\" \"share/man/fr\" ]";
|
||||
description = ''
|
||||
Change the manpath, i. e. the directories where
|
||||
<citerefentry><refentrytitle>man</refentrytitle><manvolnum>1</manvolnum></citerefentry>
|
||||
looks for section-specific directories of man pages.
|
||||
You only need to change this setting if you want extra man pages
|
||||
(e. g. in non-english languages). All values must be strings that
|
||||
are a valid path from the target prefix (without including it).
|
||||
The first value given takes priority.
|
||||
'';
|
||||
};
|
||||
|
||||
package = lib.mkOption {
|
||||
type = lib.types.package;
|
||||
default = pkgs.mandoc;
|
||||
defaultText = lib.literalExpression "pkgs.mandoc";
|
||||
description = ''
|
||||
The <literal>mandoc</literal> derivation to use. Useful to override
|
||||
configuration options used for the package.
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
environment = {
|
||||
systemPackages = [ cfg.package ];
|
||||
|
||||
# tell mandoc about man pages
|
||||
etc."man.conf".text = lib.concatMapStrings (path: ''
|
||||
manpath /run/current-system/sw/${path}
|
||||
'') cfg.manPath;
|
||||
|
||||
# create mandoc.db for whatis(1), apropos(1) and man(1) -k
|
||||
# TODO(@sternenseemman): fix symlinked directories not getting indexed,
|
||||
# see: https://inbox.vuxu.org/mandoc-tech/20210906171231.GF83680@athene.usta.de/T/#e85f773c1781e3fef85562b2794f9cad7b2909a3c
|
||||
extraSetup = lib.mkIf config.documentation.man.generateCaches ''
|
||||
${makewhatis} -T utf8 ${
|
||||
lib.concatMapStringsSep " " (path: "\"$out/${path}\"") cfg.manPath
|
||||
}
|
||||
'';
|
||||
};
|
||||
};
|
||||
}
|
|
@ -108,6 +108,8 @@
|
|||
./misc/lib.nix
|
||||
./misc/label.nix
|
||||
./misc/locate.nix
|
||||
./misc/man-db.nix
|
||||
./misc/mandoc.nix
|
||||
./misc/meta.nix
|
||||
./misc/nixpkgs.nix
|
||||
./misc/passthru.nix
|
||||
|
@ -509,7 +511,6 @@
|
|||
./services/misc/cpuminer-cryptonight.nix
|
||||
./services/misc/cgminer.nix
|
||||
./services/misc/confd.nix
|
||||
./services/misc/couchpotato.nix
|
||||
./services/misc/dendrite.nix
|
||||
./services/misc/devmon.nix
|
||||
./services/misc/dictd.nix
|
||||
|
@ -554,6 +555,7 @@
|
|||
./services/misc/mame.nix
|
||||
./services/misc/matrix-appservice-discord.nix
|
||||
./services/misc/matrix-appservice-irc.nix
|
||||
./services/misc/matrix-conduit.nix
|
||||
./services/misc/matrix-synapse.nix
|
||||
./services/misc/mautrix-facebook.nix
|
||||
./services/misc/mautrix-telegram.nix
|
||||
|
@ -561,7 +563,6 @@
|
|||
./services/misc/mediatomb.nix
|
||||
./services/misc/metabase.nix
|
||||
./services/misc/moonraker.nix
|
||||
./services/misc/mwlib.nix
|
||||
./services/misc/mx-puppet-discord.nix
|
||||
./services/misc/n8n.nix
|
||||
./services/misc/nitter.nix
|
||||
|
@ -737,7 +738,6 @@
|
|||
./services/networking/eternal-terminal.nix
|
||||
./services/networking/fakeroute.nix
|
||||
./services/networking/ferm.nix
|
||||
./services/networking/firefox/sync-server.nix
|
||||
./services/networking/fireqos.nix
|
||||
./services/networking/firewall.nix
|
||||
./services/networking/flannel.nix
|
||||
|
@ -1027,13 +1027,11 @@
|
|||
./services/web-apps/pgpkeyserver-lite.nix
|
||||
./services/web-apps/powerdns-admin.nix
|
||||
./services/web-apps/matomo.nix
|
||||
./services/web-apps/moinmoin.nix
|
||||
./services/web-apps/openwebrx.nix
|
||||
./services/web-apps/restya-board.nix
|
||||
./services/web-apps/sogo.nix
|
||||
./services/web-apps/rss-bridge.nix
|
||||
./services/web-apps/tt-rss.nix
|
||||
./services/web-apps/trac.nix
|
||||
./services/web-apps/trilium.nix
|
||||
./services/web-apps/selfoss.nix
|
||||
./services/web-apps/shiori.nix
|
||||
|
|
|
@ -74,8 +74,10 @@ in {
|
|||
</para>
|
||||
<para>
|
||||
You will get file collisions if you put the actual application binary in
|
||||
the global environment and applications started via .desktop files are
|
||||
not wrapped if they specify the absolute path to the binary.
|
||||
the global environment (such as by adding the application package to
|
||||
<code>environment.systemPackages</code>), and applications started via
|
||||
.desktop files are not wrapped if they specify the absolute path to the
|
||||
binary.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
|
6
third_party/nixpkgs/nixos/modules/rename.nix
vendored
6
third_party/nixpkgs/nixos/modules/rename.nix
vendored
|
@ -20,10 +20,11 @@ with lib;
|
|||
(mkRemovedOptionModule [ "fonts" "fontconfig" "penultimate" ] "The corresponding package has removed from nixpkgs.")
|
||||
(mkRemovedOptionModule [ "services" "quagga" ] "the corresponding package has been removed from nixpkgs")
|
||||
(mkRemovedOptionModule [ "services" "chronos" ] "The corresponding package was removed from nixpkgs.")
|
||||
(mkRemovedOptionModule [ "services" "couchpotato" ] "The corresponding package was removed from nixpkgs.")
|
||||
(mkRemovedOptionModule [ "services" "deepin" ] "The corresponding packages were removed from nixpkgs.")
|
||||
(mkRemovedOptionModule [ "services" "firefox" "syncserver" "user" ] "")
|
||||
(mkRemovedOptionModule [ "services" "firefox" "syncserver" "group" ] "")
|
||||
(mkRemovedOptionModule [ "services" "firefox" "syncserver" ] "The corresponding package was removed from nixpkgs.")
|
||||
(mkRemovedOptionModule [ "services" "marathon" ] "The corresponding package was removed from nixpkgs.")
|
||||
(mkRemovedOptionModule [ "services" "moinmoin" ] "The corresponding package was removed from nixpkgs.")
|
||||
(mkRemovedOptionModule [ "services" "mesos" ] "The corresponding package was removed from nixpkgs.")
|
||||
(mkRemovedOptionModule [ "services" "winstone" ] "The corresponding package was removed from nixpkgs.")
|
||||
(mkRemovedOptionModule [ "networking" "vpnc" ] "Use environment.etc.\"vpnc/service.conf\" instead.")
|
||||
|
@ -37,6 +38,7 @@ with lib;
|
|||
(mkRemovedOptionModule [ "services" "frab" ] "The frab module has been removed")
|
||||
(mkRemovedOptionModule [ "services" "fourStoreEndpoint" ] "The fourStoreEndpoint module has been removed")
|
||||
(mkRemovedOptionModule [ "services" "mathics" ] "The Mathics module has been removed")
|
||||
(mkRemovedOptionModule [ "services" "mwlib" ] "The corresponding package was removed from nixpkgs.")
|
||||
(mkRemovedOptionModule [ "programs" "way-cooler" ] ("way-cooler is abandoned by its author: " +
|
||||
"https://way-cooler.org/blog/2020/01/09/way-cooler-post-mortem.html"))
|
||||
(mkRemovedOptionModule [ "services" "xserver" "multitouch" ] ''
|
||||
|
|
|
@ -244,8 +244,6 @@ in
|
|||
security.apparmor.includes."nixos/security.wrappers" = ''
|
||||
include "${pkgs.apparmorRulesFromClosure { name="security.wrappers"; } [
|
||||
securityWrapper
|
||||
pkgs.stdenv.cc.cc
|
||||
pkgs.stdenv.cc.libc
|
||||
]}"
|
||||
'';
|
||||
|
||||
|
|
|
@ -95,6 +95,10 @@ in
|
|||
};
|
||||
};
|
||||
|
||||
systemd.tmpfiles.rules = mkIf cfg.privateRepos [
|
||||
"f ${cfg.dataDir}/.htpasswd 0700 restic restic -"
|
||||
];
|
||||
|
||||
users.users.restic = {
|
||||
group = "restic";
|
||||
home = cfg.dataDir;
|
||||
|
|
|
@ -4,8 +4,9 @@ with lib;
|
|||
|
||||
let
|
||||
cfg = config.services.logrotate;
|
||||
inherit (config.users) groups;
|
||||
|
||||
pathOpts = {
|
||||
pathOpts = { name, ... }: {
|
||||
options = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
|
@ -16,10 +17,19 @@ let
|
|||
'';
|
||||
};
|
||||
|
||||
path = mkOption {
|
||||
name = mkOption {
|
||||
type = types.str;
|
||||
internal = true;
|
||||
};
|
||||
|
||||
path = mkOption {
|
||||
type = with types; either str (listOf str);
|
||||
default = name;
|
||||
defaultText = "attribute name";
|
||||
description = ''
|
||||
The path to log files to be rotated.
|
||||
Spaces are allowed and normal shell quoting rules apply,
|
||||
with ', ", and \ characters supported.
|
||||
'';
|
||||
};
|
||||
|
||||
|
@ -74,6 +84,7 @@ let
|
|||
};
|
||||
};
|
||||
|
||||
config.name = name;
|
||||
config.extraConfig = ''
|
||||
missingok
|
||||
notifempty
|
||||
|
@ -82,7 +93,7 @@ let
|
|||
|
||||
mkConf = pathOpts: ''
|
||||
# generated by NixOS using the `services.logrotate.paths.${pathOpts.name}` attribute set
|
||||
"${pathOpts.path}" {
|
||||
${concatMapStringsSep " " (path: ''"${path}"'') (toList pathOpts.path)} {
|
||||
${optionalString (pathOpts.user != null || pathOpts.group != null) "su ${pathOpts.user} ${pathOpts.group}"}
|
||||
${pathOpts.frequency}
|
||||
rotate ${toString pathOpts.keep}
|
||||
|
@ -90,7 +101,7 @@ let
|
|||
}
|
||||
'';
|
||||
|
||||
paths = sortProperties (mapAttrsToList (name: pathOpts: pathOpts // { name = name; }) (filterAttrs (_: pathOpts: pathOpts.enable) cfg.paths));
|
||||
paths = sortProperties (attrValues (filterAttrs (_: pathOpts: pathOpts.enable) cfg.paths));
|
||||
configFile = pkgs.writeText "logrotate.conf" (concatStringsSep "\n" ((map mkConf paths) ++ [ cfg.extraConfig ]));
|
||||
|
||||
in
|
||||
|
@ -152,17 +163,34 @@ in
|
|||
}
|
||||
) cfg.paths;
|
||||
|
||||
services.logrotate = {
|
||||
paths = {
|
||||
"/var/log/btmp" = {
|
||||
frequency = mkDefault "monthly";
|
||||
keep = mkDefault 1;
|
||||
extraConfig = ''
|
||||
create 0660 root ${groups.utmp.name}
|
||||
'';
|
||||
};
|
||||
"/var/log/wtmp" = {
|
||||
frequency = mkDefault "monthly";
|
||||
keep = mkDefault 1;
|
||||
extraConfig = ''
|
||||
create 0664 root ${groups.utmp.name}
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.logrotate = {
|
||||
description = "Logrotate Service";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
startAt = "hourly";
|
||||
script = ''
|
||||
exec ${pkgs.logrotate}/sbin/logrotate ${configFile}
|
||||
'';
|
||||
|
||||
serviceConfig = {
|
||||
Restart = "no";
|
||||
User = "root";
|
||||
ExecStart = "${pkgs.logrotate}/sbin/logrotate ${configFile}";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
|
@ -3,9 +3,16 @@
|
|||
with lib;
|
||||
|
||||
let
|
||||
|
||||
name = "maddy";
|
||||
|
||||
cfg = config.services.maddy;
|
||||
|
||||
defaultConfig = ''
|
||||
# Minimal configuration with TLS disabled, adapted from upstream example
|
||||
# configuration here https://github.com/foxcpp/maddy/blob/master/maddy.conf
|
||||
# Do not use this in production!
|
||||
|
||||
tls off
|
||||
|
||||
auth.pass_table local_authdb {
|
||||
|
@ -131,22 +138,34 @@ let
|
|||
in {
|
||||
options = {
|
||||
services.maddy = {
|
||||
|
||||
enable = mkEnableOption "Maddy, a free an open source mail server";
|
||||
|
||||
user = mkOption {
|
||||
default = "maddy";
|
||||
type = with types; uniq string;
|
||||
description = ''
|
||||
Name of the user under which maddy will run. If not specified, a
|
||||
default user will be created.
|
||||
User account under which maddy runs.
|
||||
|
||||
<note><para>
|
||||
If left as the default value this user will automatically be created
|
||||
on system activation, otherwise the sysadmin is responsible for
|
||||
ensuring the user exists before the maddy service starts.
|
||||
</para></note>
|
||||
'';
|
||||
};
|
||||
|
||||
group = mkOption {
|
||||
default = "maddy";
|
||||
type = with types; uniq string;
|
||||
description = ''
|
||||
Name of the group under which maddy will run. If not specified, a
|
||||
default group will be created.
|
||||
Group account under which maddy runs.
|
||||
|
||||
<note><para>
|
||||
If left as the default value this group will automatically be created
|
||||
on system activation, otherwise the sysadmin is responsible for
|
||||
ensuring the group exists before the maddy service starts.
|
||||
</para></note>
|
||||
'';
|
||||
};
|
||||
|
||||
|
@ -158,6 +177,7 @@ in {
|
|||
Hostname to use. It should be FQDN.
|
||||
'';
|
||||
};
|
||||
|
||||
primaryDomain = mkOption {
|
||||
default = "localhost";
|
||||
type = with types; uniq string;
|
||||
|
@ -166,6 +186,7 @@ in {
|
|||
Primary MX domain to use. It should be FQDN.
|
||||
'';
|
||||
};
|
||||
|
||||
localDomains = mkOption {
|
||||
type = with types; listOf str;
|
||||
default = ["$(primary_domain)"];
|
||||
|
@ -178,11 +199,18 @@ in {
|
|||
Define list of allowed domains.
|
||||
'';
|
||||
};
|
||||
|
||||
config = mkOption {
|
||||
type = with types; nullOr lines;
|
||||
default = defaultConfig;
|
||||
description = ''
|
||||
Server configuration.
|
||||
Server configuration, see
|
||||
<link xlink:href="https://maddy.email">https://maddy.email</link> for
|
||||
more information. The default configuration of this module will setup
|
||||
minimal maddy instance for mail transfer without TLS encryption.
|
||||
<note><para>
|
||||
This should not be used in a production environment.
|
||||
</para></note>
|
||||
'';
|
||||
};
|
||||
|
||||
|
@ -203,9 +231,11 @@ in {
|
|||
packages = [ pkgs.maddy ];
|
||||
services.maddy = {
|
||||
serviceConfig = {
|
||||
User = "${cfg.user}";
|
||||
Group = "${cfg.group}";
|
||||
User = cfg.user;
|
||||
Group = cfg.group;
|
||||
StateDirectory = [ "maddy" ];
|
||||
};
|
||||
restartTriggers = [ config.environment.etc."maddy/maddy.conf".source ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
};
|
||||
};
|
||||
|
@ -220,20 +250,16 @@ in {
|
|||
'';
|
||||
};
|
||||
|
||||
users.users = optionalAttrs (cfg.user == "maddy") {
|
||||
maddy = {
|
||||
description = "Maddy service user";
|
||||
group = cfg.group;
|
||||
home = "/var/lib/maddy";
|
||||
createHome = true;
|
||||
users.users = optionalAttrs (cfg.user == name) {
|
||||
${name} = {
|
||||
isSystemUser = true;
|
||||
group = cfg.group;
|
||||
description = "Maddy mail transfer agent user";
|
||||
};
|
||||
};
|
||||
|
||||
users.groups = mkIf (cfg.group == "maddy") {
|
||||
maddy = pkgs.lib.mkForce {
|
||||
name = cfg.group;
|
||||
};
|
||||
users.groups = optionalAttrs (cfg.group == name) {
|
||||
${cfg.group} = { };
|
||||
};
|
||||
|
||||
networking.firewall = mkIf cfg.openFirewall {
|
||||
|
|
|
@ -1,42 +0,0 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.couchpotato;
|
||||
|
||||
in
|
||||
{
|
||||
options = {
|
||||
services.couchpotato = {
|
||||
enable = mkEnableOption "CouchPotato Server";
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
systemd.services.couchpotato = {
|
||||
description = "CouchPotato Server";
|
||||
after = [ "network.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
serviceConfig = {
|
||||
Type = "simple";
|
||||
User = "couchpotato";
|
||||
Group = "couchpotato";
|
||||
StateDirectory = "couchpotato";
|
||||
ExecStart = "${pkgs.couchpotato}/bin/couchpotato";
|
||||
Restart = "on-failure";
|
||||
};
|
||||
};
|
||||
|
||||
users.users.couchpotato =
|
||||
{ group = "couchpotato";
|
||||
home = "/var/lib/couchpotato/";
|
||||
description = "CouchPotato daemon user";
|
||||
uid = config.ids.uids.couchpotato;
|
||||
};
|
||||
|
||||
users.groups.couchpotato =
|
||||
{ gid = config.ids.gids.couchpotato; };
|
||||
};
|
||||
}
|
208
third_party/nixpkgs/nixos/modules/services/misc/heisenbridge.nix
vendored
Normal file
208
third_party/nixpkgs/nixos/modules/services/misc/heisenbridge.nix
vendored
Normal file
|
@ -0,0 +1,208 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.heisenbridge;
|
||||
|
||||
pkg = config.services.heisenbridge.package;
|
||||
bin = "${pkg}/bin/heisenbridge";
|
||||
|
||||
jsonType = (pkgs.formats.json { }).type;
|
||||
|
||||
registrationFile = "/var/lib/heisenbridge/registration.yml";
|
||||
# JSON is a proper subset of YAML
|
||||
bridgeConfig = builtins.toFile "heisenbridge-registration.yml" (builtins.toJSON {
|
||||
id = "heisenbridge";
|
||||
url = cfg.registrationUrl;
|
||||
# Don't specify as_token and hs_token
|
||||
rate_limited = false;
|
||||
sender_localpart = "heisenbridge";
|
||||
namespaces = cfg.namespaces;
|
||||
});
|
||||
in
|
||||
{
|
||||
options.services.heisenbridge = {
|
||||
enable = mkEnableOption "the Matrix<->IRC bridge";
|
||||
|
||||
package = mkOption {
|
||||
type = types.package;
|
||||
default = pkgs.heisenbridge;
|
||||
defaultText = "pkgs.heisenbridge";
|
||||
example = "pkgs.heisenbridge.override { … = …; }";
|
||||
description = ''
|
||||
Package of the application to run, exposed for overriding purposes.
|
||||
'';
|
||||
};
|
||||
|
||||
homeserver = mkOption {
|
||||
type = types.str;
|
||||
description = "The URL to the home server for client-server API calls";
|
||||
example = "http://localhost:8008";
|
||||
};
|
||||
|
||||
registrationUrl = mkOption {
|
||||
type = types.str;
|
||||
description = ''
|
||||
The URL where the application service is listening for HS requests, from the Matrix HS perspective.#
|
||||
The default value assumes the bridge runs on the same host as the home server, in the same network.
|
||||
'';
|
||||
example = "https://matrix.example.org";
|
||||
default = "http://${cfg.address}:${toString cfg.port}";
|
||||
defaultText = "http://$${cfg.address}:$${toString cfg.port}";
|
||||
};
|
||||
|
||||
address = mkOption {
|
||||
type = types.str;
|
||||
description = "Address to listen on. IPv6 does not seem to be supported.";
|
||||
default = "127.0.0.1";
|
||||
example = "0.0.0.0";
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
description = "The port to listen on";
|
||||
default = 9898;
|
||||
};
|
||||
|
||||
debug = mkOption {
|
||||
type = types.bool;
|
||||
description = "More verbose logging. Recommended during initial setup.";
|
||||
default = false;
|
||||
};
|
||||
|
||||
owner = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
description = ''
|
||||
Set owner MXID otherwise first talking local user will claim the bridge
|
||||
'';
|
||||
default = null;
|
||||
example = "@admin:example.org";
|
||||
};
|
||||
|
||||
namespaces = mkOption {
|
||||
description = "Configure the 'namespaces' section of the registration.yml for the bridge and the server";
|
||||
# TODO link to Matrix documentation of the format
|
||||
type = types.submodule {
|
||||
freeformType = jsonType;
|
||||
};
|
||||
|
||||
default = {
|
||||
users = [
|
||||
{
|
||||
regex = "@irc_.*";
|
||||
exclusive = true;
|
||||
}
|
||||
];
|
||||
aliases = [ ];
|
||||
rooms = [ ];
|
||||
};
|
||||
};
|
||||
|
||||
identd.enable = mkEnableOption "identd service support";
|
||||
identd.port = mkOption {
|
||||
type = types.port;
|
||||
description = "identd listen port";
|
||||
default = 113;
|
||||
};
|
||||
|
||||
extraArgs = mkOption {
|
||||
type = types.listOf types.str;
|
||||
description = "Heisenbridge is configured over the command line. Append extra arguments here";
|
||||
default = [ ];
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
systemd.services.heisenbridge = {
|
||||
description = "Matrix<->IRC bridge";
|
||||
before = [ "matrix-synapse.service" ]; # So the registration file can be used by Synapse
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
preStart = ''
|
||||
umask 077
|
||||
set -e -u -o pipefail
|
||||
|
||||
if ! [ -f "${registrationFile}" ]; then
|
||||
# Generate registration file if not present (actually, we only care about the tokens in it)
|
||||
${bin} --generate --config ${registrationFile}
|
||||
fi
|
||||
|
||||
# Overwrite the registration file with our generated one (the config may have changed since then),
|
||||
# but keep the tokens. Two step procedure to be failure safe
|
||||
${pkgs.yq}/bin/yq --slurp \
|
||||
'.[0] + (.[1] | {as_token, hs_token})' \
|
||||
${bridgeConfig} \
|
||||
${registrationFile} \
|
||||
> ${registrationFile}.new
|
||||
mv -f ${registrationFile}.new ${registrationFile}
|
||||
|
||||
# Grant Synapse access to the registration
|
||||
if ${getBin pkgs.glibc}/bin/getent group matrix-synapse > /dev/null; then
|
||||
chgrp -v matrix-synapse ${registrationFile}
|
||||
chmod -v g+r ${registrationFile}
|
||||
fi
|
||||
'';
|
||||
|
||||
serviceConfig = rec {
|
||||
Type = "simple";
|
||||
ExecStart = lib.concatStringsSep " " (
|
||||
[
|
||||
bin
|
||||
(if cfg.debug then "-vvv" else "-v")
|
||||
"--config"
|
||||
registrationFile
|
||||
"--listen-address"
|
||||
(lib.escapeShellArg cfg.address)
|
||||
"--listen-port"
|
||||
(toString cfg.port)
|
||||
]
|
||||
++ (lib.optionals (cfg.owner != null) [
|
||||
"--owner"
|
||||
(lib.escapeShellArg cfg.owner)
|
||||
])
|
||||
++ (lib.optionals cfg.identd.enable [
|
||||
"--identd"
|
||||
"--identd-port"
|
||||
(toString cfg.identd.port)
|
||||
])
|
||||
++ [
|
||||
(lib.escapeShellArg cfg.homeserver)
|
||||
]
|
||||
++ (map (lib.escapeShellArg) cfg.extraArgs)
|
||||
);
|
||||
|
||||
ProtectHome = true;
|
||||
PrivateDevices = true;
|
||||
ProtectKernelTunables = true;
|
||||
ProtectKernelModules = true;
|
||||
ProtectControlGroups = true;
|
||||
StateDirectory = "heisenbridge";
|
||||
StateDirectoryMode = "755";
|
||||
|
||||
User = "heisenbridge";
|
||||
Group = "heisenbridge";
|
||||
|
||||
CapabilityBoundingSet = [ "CAP_CHOWN" ] ++ optional (cfg.port < 1024 || cfg.identd.port < 1024) "CAP_NET_BIND_SERVICE";
|
||||
AmbientCapabilities = CapabilityBoundingSet;
|
||||
NoNewPrivileges = true;
|
||||
|
||||
LockPersonality = true;
|
||||
RestrictRealtime = true;
|
||||
PrivateMounts = true;
|
||||
SystemCallFilter = "~@aio @clock @cpu-emulation @debug @keyring @memlock @module @mount @obsolete @raw-io @setuid @swap";
|
||||
SystemCallArchitectures = "native";
|
||||
RestrictAddressFamilies = "AF_INET AF_INET6";
|
||||
};
|
||||
};
|
||||
|
||||
users.groups.heisenbridge = {};
|
||||
users.users.heisenbridge = {
|
||||
description = "Service user for the Heisenbridge";
|
||||
group = "heisenbridge";
|
||||
isSystemUser = true;
|
||||
};
|
||||
};
|
||||
|
||||
meta.maintainers = [ lib.maintainers.piegames ];
|
||||
}
|
140
third_party/nixpkgs/nixos/modules/services/misc/matrix-conduit.nix
vendored
Normal file
140
third_party/nixpkgs/nixos/modules/services/misc/matrix-conduit.nix
vendored
Normal file
|
@ -0,0 +1,140 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.matrix-conduit;
|
||||
|
||||
format = pkgs.formats.toml {};
|
||||
configFile = format.generate "conduit.toml" cfg.settings;
|
||||
in
|
||||
{
|
||||
meta.maintainers = with maintainers; [ pstn piegames ];
|
||||
options.services.matrix-conduit = {
|
||||
enable = mkEnableOption "matrix-conduit";
|
||||
|
||||
extraEnvironment = mkOption {
|
||||
type = types.attrsOf types.str;
|
||||
description = "Extra Environment variables to pass to the conduit server.";
|
||||
default = {};
|
||||
example = { RUST_BACKTRACE="yes"; };
|
||||
};
|
||||
|
||||
package = mkOption {
|
||||
type = types.package;
|
||||
default = pkgs.matrix-conduit;
|
||||
defaultText = "pkgs.matrix-conduit";
|
||||
example = "pkgs.matrix-conduit";
|
||||
description = ''
|
||||
Package of the conduit matrix server to use.
|
||||
'';
|
||||
};
|
||||
|
||||
settings = mkOption {
|
||||
type = types.submodule {
|
||||
freeformType = format.type;
|
||||
options = {
|
||||
global.server_name = mkOption {
|
||||
type = types.str;
|
||||
example = "example.com";
|
||||
description = "The server_name is the name of this server. It is used as a suffix for user # and room ids.";
|
||||
};
|
||||
global.port = mkOption {
|
||||
type = types.port;
|
||||
default = 6167;
|
||||
description = "The port Conduit will be running on. You need to set up a reverse proxy in your web server (e.g. apache or nginx), so all requests to /_matrix on port 443 and 8448 will be forwarded to the Conduit instance running on this port";
|
||||
};
|
||||
global.max_request_size = mkOption {
|
||||
type = types.ints.positive;
|
||||
default = 20000000;
|
||||
description = "Max request size in bytes. Don't forget to also change it in the proxy.";
|
||||
};
|
||||
global.allow_registration = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = "Whether new users can register on this server.";
|
||||
};
|
||||
global.allow_encryption = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
description = "Whether new encrypted rooms can be created. Note: existing rooms will continue to work.";
|
||||
};
|
||||
global.allow_federation = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
Whether this server federates with other servers.
|
||||
'';
|
||||
};
|
||||
global.trusted_servers = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [ "matrix.org" ];
|
||||
description = "Servers trusted with signing server keys.";
|
||||
};
|
||||
global.address = mkOption {
|
||||
type = types.str;
|
||||
default = "::1";
|
||||
description = "Address to listen on for connections by the reverse proxy/tls terminator.";
|
||||
};
|
||||
global.database_path = mkOption {
|
||||
type = types.str;
|
||||
default = "/var/lib/matrix-conduit/";
|
||||
readOnly = true;
|
||||
description = ''
|
||||
Path to the conduit database, the directory where conduit will save its data.
|
||||
Note that due to using the DynamicUser feature of systemd, this value should not be changed
|
||||
and is set to be read only.
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
default = {};
|
||||
description = ''
|
||||
Generates the conduit.toml configuration file. Refer to
|
||||
<link xlink:href="https://gitlab.com/famedly/conduit/-/blob/master/conduit-example.toml"/>
|
||||
for details on supported values.
|
||||
Note that database_path can not be edited because the service's reliance on systemd StateDir.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
systemd.services.conduit = {
|
||||
description = "Conduit Matrix Server";
|
||||
documentation = [ "https://gitlab.com/famedly/conduit/" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
environment = lib.mkMerge ([
|
||||
{ CONDUIT_CONFIG = configFile; }
|
||||
cfg.extraEnvironment
|
||||
]);
|
||||
serviceConfig = {
|
||||
DynamicUser = true;
|
||||
User = "conduit";
|
||||
LockPersonality = true;
|
||||
MemoryDenyWriteExecute = true;
|
||||
ProtectClock = true;
|
||||
ProtectControlGroups = true;
|
||||
ProtectHostname = true;
|
||||
ProtectKernelLogs = true;
|
||||
ProtectKernelModules = true;
|
||||
ProtectKernelTunables = true;
|
||||
PrivateDevices = true;
|
||||
PrivateMounts = true;
|
||||
PrivateUsers = true;
|
||||
RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ];
|
||||
RestrictNamespaces = true;
|
||||
RestrictRealtime = true;
|
||||
SystemCallArchitectures = "native";
|
||||
SystemCallFilter = [
|
||||
"@system-service"
|
||||
"~@privileged"
|
||||
];
|
||||
StateDirectory = "matrix-conduit";
|
||||
ExecStart = "${cfg.package}/bin/conduit";
|
||||
Restart = "on-failure";
|
||||
RestartSec = 10;
|
||||
StartLimitBurst = 5;
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,264 +0,0 @@
|
|||
{ config, lib, options, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.mwlib;
|
||||
opt = options.services.mwlib;
|
||||
pypkgs = pkgs.python27Packages;
|
||||
|
||||
inherit (pypkgs) python mwlib;
|
||||
|
||||
user = mkOption {
|
||||
default = "nobody";
|
||||
type = types.str;
|
||||
description = "User to run as.";
|
||||
};
|
||||
|
||||
in
|
||||
{
|
||||
|
||||
options.services.mwlib = {
|
||||
|
||||
nserve = {
|
||||
enable = mkOption {
|
||||
default = false;
|
||||
type = types.bool;
|
||||
description = ''
|
||||
Whether to enable nserve. Nserve is a HTTP
|
||||
server. The Collection extension is talking to
|
||||
that program directly. Nserve uses at least
|
||||
one qserve instance in order to distribute
|
||||
and manage jobs.
|
||||
'';
|
||||
}; # nserve.enable
|
||||
|
||||
port = mkOption {
|
||||
default = 8899;
|
||||
type = types.port;
|
||||
description = "Specify port to listen on.";
|
||||
}; # nserve.port
|
||||
|
||||
address = mkOption {
|
||||
default = "127.0.0.1";
|
||||
type = types.str;
|
||||
description = "Specify network interface to listen on.";
|
||||
}; # nserve.address
|
||||
|
||||
qserve = mkOption {
|
||||
default = [ "${cfg.qserve.address}:${toString cfg.qserve.port}" ];
|
||||
defaultText = literalExpression ''
|
||||
[ "''${config.${opt.qserve.address}}:''${toString config.${opt.qserve.port}}"
|
||||
]'';
|
||||
type = types.listOf types.str;
|
||||
description = "Register qserve instance.";
|
||||
}; # nserve.qserve
|
||||
|
||||
inherit user;
|
||||
}; # nserve
|
||||
|
||||
qserve = {
|
||||
enable = mkOption {
|
||||
default = false;
|
||||
type = types.bool;
|
||||
description = ''
|
||||
A job queue server used to distribute and manage
|
||||
jobs. You should start one qserve instance
|
||||
for each machine that is supposed to render pdf
|
||||
files. Unless you’re operating the Wikipedia
|
||||
installation, one machine should suffice.
|
||||
'';
|
||||
}; # qserve.enable
|
||||
|
||||
port = mkOption {
|
||||
default = 14311;
|
||||
type = types.port;
|
||||
description = "Specify port to listen on.";
|
||||
}; # qserve.port
|
||||
|
||||
address = mkOption {
|
||||
default = "127.0.0.1";
|
||||
type = types.str;
|
||||
description = "Specify network interface to listen on.";
|
||||
}; # qserve.address
|
||||
|
||||
datadir = mkOption {
|
||||
default = "/var/lib/mwlib-qserve";
|
||||
type = types.path;
|
||||
description = "qserve data directory (FIXME: unused?)";
|
||||
}; # qserve.datadir
|
||||
|
||||
allow = mkOption {
|
||||
default = [ "127.0.0.1" ];
|
||||
type = types.listOf types.str;
|
||||
description = "List of allowed client IPs. Empty means any.";
|
||||
}; # qserve.allow
|
||||
|
||||
inherit user;
|
||||
}; # qserve
|
||||
|
||||
nslave = {
|
||||
enable = mkOption {
|
||||
default = cfg.qserve.enable;
|
||||
defaultText = literalExpression "config.${opt.qserve.enable}";
|
||||
type = types.bool;
|
||||
description = ''
|
||||
Pulls new jobs from exactly one qserve instance
|
||||
and calls the zip and render programs
|
||||
in order to download article collections and
|
||||
convert them to different output formats. Nslave
|
||||
uses a cache directory to store the generated
|
||||
documents. Nslave also starts an internal http
|
||||
server serving the content of the cache directory.
|
||||
'';
|
||||
}; # nslave.enable
|
||||
|
||||
cachedir = mkOption {
|
||||
default = "/var/cache/mwlib-nslave";
|
||||
type = types.path;
|
||||
description = "Directory to store generated documents.";
|
||||
}; # nslave.cachedir
|
||||
|
||||
numprocs = mkOption {
|
||||
default = 10;
|
||||
type = types.int;
|
||||
description = "Number of parallel jobs to be executed.";
|
||||
}; # nslave.numprocs
|
||||
|
||||
http = mkOption {
|
||||
default = {};
|
||||
description = ''
|
||||
Internal http server serving the content of the cache directory.
|
||||
You have to enable it, or use your own way for serving files
|
||||
and set the http.url option accordingly.
|
||||
'';
|
||||
type = types.submodule ({ config, options, ... }: {
|
||||
options = {
|
||||
enable = mkOption {
|
||||
default = true;
|
||||
type = types.bool;
|
||||
description = "Enable internal http server.";
|
||||
}; # nslave.http.enable
|
||||
|
||||
port = mkOption {
|
||||
default = 8898;
|
||||
type = types.port;
|
||||
description = "Port to listen to when serving files from cache.";
|
||||
}; # nslave.http.port
|
||||
|
||||
address = mkOption {
|
||||
default = "127.0.0.1";
|
||||
type = types.str;
|
||||
description = "Specify network interface to listen on.";
|
||||
}; # nslave.http.address
|
||||
|
||||
url = mkOption {
|
||||
default = "http://localhost:${toString config.port}/cache";
|
||||
defaultText = literalExpression ''"http://localhost:''${toString config.${options.port}}/cache"'';
|
||||
type = types.str;
|
||||
description = ''
|
||||
Specify URL for accessing generated files from cache.
|
||||
The Collection extension of Mediawiki won't be able to
|
||||
download files without it.
|
||||
'';
|
||||
}; # nslave.http.url
|
||||
};
|
||||
}); # types.submodule
|
||||
}; # nslave.http
|
||||
|
||||
inherit user;
|
||||
}; # nslave
|
||||
|
||||
}; # options.services
|
||||
|
||||
config = {
|
||||
|
||||
systemd.services.mwlib-nserve = mkIf cfg.nserve.enable
|
||||
{
|
||||
description = "mwlib network interface";
|
||||
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "network.target" "mwlib-qserve.service" ];
|
||||
|
||||
serviceConfig = {
|
||||
ExecStart = concatStringsSep " " (
|
||||
[
|
||||
"${mwlib}/bin/nserve"
|
||||
"--port ${toString cfg.nserve.port}"
|
||||
"--interface ${cfg.nserve.address}"
|
||||
] ++ cfg.nserve.qserve
|
||||
);
|
||||
User = cfg.nserve.user;
|
||||
};
|
||||
}; # systemd.services.mwlib-nserve
|
||||
|
||||
systemd.services.mwlib-qserve = mkIf cfg.qserve.enable
|
||||
{
|
||||
description = "mwlib job queue server";
|
||||
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
preStart = ''
|
||||
mkdir -pv '${cfg.qserve.datadir}'
|
||||
chown -Rc ${cfg.qserve.user}:`id -ng ${cfg.qserve.user}` '${cfg.qserve.datadir}'
|
||||
chmod -Rc u=rwX,go= '${cfg.qserve.datadir}'
|
||||
'';
|
||||
|
||||
serviceConfig = {
|
||||
ExecStart = concatStringsSep " " (
|
||||
[
|
||||
"${mwlib}/bin/mw-qserve"
|
||||
"-p ${toString cfg.qserve.port}"
|
||||
"-i ${cfg.qserve.address}"
|
||||
"-d ${cfg.qserve.datadir}"
|
||||
] ++ map (a: "-a ${a}") cfg.qserve.allow
|
||||
);
|
||||
User = cfg.qserve.user;
|
||||
PermissionsStartOnly = true;
|
||||
};
|
||||
}; # systemd.services.mwlib-qserve
|
||||
|
||||
systemd.services.mwlib-nslave = mkIf cfg.nslave.enable
|
||||
{
|
||||
description = "mwlib worker";
|
||||
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "network.target" ];
|
||||
|
||||
preStart = ''
|
||||
mkdir -pv '${cfg.nslave.cachedir}'
|
||||
chown -Rc ${cfg.nslave.user}:`id -ng ${cfg.nslave.user}` '${cfg.nslave.cachedir}'
|
||||
chmod -Rc u=rwX,go= '${cfg.nslave.cachedir}'
|
||||
'';
|
||||
|
||||
path = with pkgs; [ imagemagick pdftk ];
|
||||
environment = {
|
||||
PYTHONPATH = concatMapStringsSep ":"
|
||||
(m: "${pypkgs.${m}}/lib/${python.libPrefix}/site-packages")
|
||||
[ "mwlib-rl" "mwlib-ext" "pygments" "pyfribidi" ];
|
||||
};
|
||||
|
||||
serviceConfig = {
|
||||
ExecStart = concatStringsSep " " (
|
||||
[
|
||||
"${mwlib}/bin/nslave"
|
||||
"--cachedir ${cfg.nslave.cachedir}"
|
||||
"--numprocs ${toString cfg.nslave.numprocs}"
|
||||
"--url ${cfg.nslave.http.url}"
|
||||
] ++ (
|
||||
if cfg.nslave.http.enable then
|
||||
[
|
||||
"--serve-files-port ${toString cfg.nslave.http.port}"
|
||||
"--serve-files-address ${cfg.nslave.http.address}"
|
||||
] else
|
||||
[
|
||||
"--no-serve-files"
|
||||
]
|
||||
));
|
||||
User = cfg.nslave.user;
|
||||
PermissionsStartOnly = true;
|
||||
};
|
||||
}; # systemd.services.mwlib-nslave
|
||||
|
||||
}; # config
|
||||
}
|
|
@ -51,7 +51,7 @@ in
|
|||
ProtectKernelLogs = true;
|
||||
ProtectKernelModules = true;
|
||||
ProtectKernelTunables = true;
|
||||
ProtectProc = "noaccess";
|
||||
ProtectProc = "invisible";
|
||||
ProtectSystem = "strict";
|
||||
RemoveIPC = true;
|
||||
RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ];
|
||||
|
|
|
@ -1,183 +0,0 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.firefox.syncserver;
|
||||
|
||||
defaultDbLocation = "/var/db/firefox-sync-server/firefox-sync-server.db";
|
||||
defaultSqlUri = "sqlite:///${defaultDbLocation}";
|
||||
|
||||
syncServerIni = pkgs.writeText "syncserver.ini" ''
|
||||
[DEFAULT]
|
||||
overrides = ${cfg.privateConfig}
|
||||
|
||||
[server:main]
|
||||
use = egg:gunicorn
|
||||
host = ${cfg.listen.address}
|
||||
port = ${toString cfg.listen.port}
|
||||
|
||||
[app:main]
|
||||
use = egg:syncserver
|
||||
|
||||
[syncserver]
|
||||
public_url = ${cfg.publicUrl}
|
||||
${optionalString (cfg.sqlUri != "") "sqluri = ${cfg.sqlUri}"}
|
||||
allow_new_users = ${boolToString cfg.allowNewUsers}
|
||||
|
||||
[browserid]
|
||||
backend = tokenserver.verifiers.LocalVerifier
|
||||
audiences = ${removeSuffix "/" cfg.publicUrl}
|
||||
'';
|
||||
|
||||
user = "syncserver";
|
||||
group = "syncserver";
|
||||
in
|
||||
|
||||
{
|
||||
meta.maintainers = with lib.maintainers; [ nadrieril ];
|
||||
|
||||
options = {
|
||||
services.firefox.syncserver = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to enable a Firefox Sync Server, this give the opportunity to
|
||||
Firefox users to store all synchronized data on their own server. To use this
|
||||
server, Firefox users should visit the <option>about:config</option>, and
|
||||
replicate the following change
|
||||
|
||||
<screen>
|
||||
services.sync.tokenServerURI: http://localhost:5000/token/1.0/sync/1.5
|
||||
</screen>
|
||||
|
||||
where <option>http://localhost:5000/</option> corresponds to the
|
||||
public url of the server.
|
||||
'';
|
||||
};
|
||||
|
||||
listen.address = mkOption {
|
||||
type = types.str;
|
||||
default = "127.0.0.1";
|
||||
example = "0.0.0.0";
|
||||
description = ''
|
||||
Address on which the sync server listen to.
|
||||
'';
|
||||
};
|
||||
|
||||
listen.port = mkOption {
|
||||
type = types.port;
|
||||
default = 5000;
|
||||
description = ''
|
||||
Port on which the sync server listen to.
|
||||
'';
|
||||
};
|
||||
|
||||
publicUrl = mkOption {
|
||||
type = types.str;
|
||||
default = "http://localhost:5000/";
|
||||
example = "http://sync.example.com/";
|
||||
description = ''
|
||||
Public URL with which firefox users can use to access the sync server.
|
||||
'';
|
||||
};
|
||||
|
||||
allowNewUsers = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
Whether to allow new-user signups on the server. Only request by
|
||||
existing accounts will be honored.
|
||||
'';
|
||||
};
|
||||
|
||||
sqlUri = mkOption {
|
||||
type = types.str;
|
||||
default = defaultSqlUri;
|
||||
example = "postgresql://scott:tiger@localhost/test";
|
||||
description = ''
|
||||
The location of the database. This URL is composed of
|
||||
<option>dialect[+driver]://user:password@host/dbname[?key=value..]</option>,
|
||||
where <option>dialect</option> is a database name such as
|
||||
<option>mysql</option>, <option>oracle</option>, <option>postgresql</option>,
|
||||
etc., and <option>driver</option> the name of a DBAPI, such as
|
||||
<option>psycopg2</option>, <option>pyodbc</option>, <option>cx_oracle</option>,
|
||||
etc. The <link
|
||||
xlink:href="http://docs.sqlalchemy.org/en/rel_0_9/core/engines.html#database-urls">
|
||||
SQLAlchemy documentation</link> provides more examples and describe the syntax of
|
||||
the expected URL.
|
||||
'';
|
||||
};
|
||||
|
||||
privateConfig = mkOption {
|
||||
type = types.str;
|
||||
default = "/etc/firefox/syncserver-secret.ini";
|
||||
description = ''
|
||||
The private config file is used to extend the generated config with confidential
|
||||
information, such as the <option>syncserver.sqlUri</option> setting if it contains a
|
||||
password, and the <option>syncserver.secret</option> setting is used by the server to
|
||||
generate cryptographically-signed authentication tokens.
|
||||
|
||||
If this file does not exist, then it is created with a generated
|
||||
<option>syncserver.secret</option> settings.
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
systemd.services.syncserver = {
|
||||
after = [ "network.target" ];
|
||||
description = "Firefox Sync Server";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
path = [
|
||||
pkgs.coreutils
|
||||
(pkgs.python.withPackages (ps: [ pkgs.syncserver ps.gunicorn ]))
|
||||
];
|
||||
|
||||
serviceConfig = {
|
||||
User = user;
|
||||
Group = group;
|
||||
PermissionsStartOnly = true;
|
||||
};
|
||||
|
||||
preStart = ''
|
||||
if ! test -e ${cfg.privateConfig}; then
|
||||
mkdir -p $(dirname ${cfg.privateConfig})
|
||||
echo > ${cfg.privateConfig} '[syncserver]'
|
||||
chmod 600 ${cfg.privateConfig}
|
||||
echo >> ${cfg.privateConfig} "secret = $(head -c 20 /dev/urandom | sha1sum | tr -d ' -')"
|
||||
fi
|
||||
chmod 600 ${cfg.privateConfig}
|
||||
chmod 755 $(dirname ${cfg.privateConfig})
|
||||
chown ${user}:${group} ${cfg.privateConfig}
|
||||
|
||||
'' + optionalString (cfg.sqlUri == defaultSqlUri) ''
|
||||
if ! test -e $(dirname ${defaultDbLocation}); then
|
||||
mkdir -m 700 -p $(dirname ${defaultDbLocation})
|
||||
chown ${user}:${group} $(dirname ${defaultDbLocation})
|
||||
fi
|
||||
|
||||
# Move previous database file if it exists
|
||||
oldDb="/var/db/firefox-sync-server.db"
|
||||
if test -f $oldDb; then
|
||||
mv $oldDb ${defaultDbLocation}
|
||||
chown ${user}:${group} ${defaultDbLocation}
|
||||
fi
|
||||
'';
|
||||
|
||||
script = ''
|
||||
gunicorn --paste ${syncServerIni}
|
||||
'';
|
||||
};
|
||||
|
||||
users.users.${user} = {
|
||||
inherit group;
|
||||
isSystemUser = true;
|
||||
};
|
||||
|
||||
users.groups.${group} = {};
|
||||
};
|
||||
}
|
|
@ -224,7 +224,7 @@ let
|
|||
|
||||
i2pdSh = pkgs.writeScriptBin "i2pd" ''
|
||||
#!/bin/sh
|
||||
exec ${pkgs.i2pd}/bin/i2pd \
|
||||
exec ${cfg.package}/bin/i2pd \
|
||||
${if cfg.address == null then "" else "--host="+cfg.address} \
|
||||
--service \
|
||||
--conf=${i2pdConf} \
|
||||
|
@ -253,6 +253,15 @@ in
|
|||
'';
|
||||
};
|
||||
|
||||
package = mkOption {
|
||||
type = types.package;
|
||||
default = pkgs.i2pd;
|
||||
defaultText = literalExpression "pkgs.i2pd";
|
||||
description = ''
|
||||
i2pd package to use.
|
||||
'';
|
||||
};
|
||||
|
||||
logLevel = mkOption {
|
||||
type = types.enum ["debug" "info" "warn" "error"];
|
||||
default = "error";
|
||||
|
|
96
third_party/nixpkgs/nixos/modules/services/networking/tetrd.nix
vendored
Normal file
96
third_party/nixpkgs/nixos/modules/services/networking/tetrd.nix
vendored
Normal file
|
@ -0,0 +1,96 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
options.services.tetrd.enable = lib.mkEnableOption pkgs.tetrd.meta.description;
|
||||
|
||||
config = lib.mkIf config.services.tetrd.enable {
|
||||
environment = {
|
||||
systemPackages = [ pkgs.tetrd ];
|
||||
etc."resolv.conf".source = "/etc/tetrd/resolv.conf";
|
||||
};
|
||||
|
||||
systemd = {
|
||||
tmpfiles.rules = [ "f /etc/tetrd/resolv.conf - - -" ];
|
||||
|
||||
services.tetrd = {
|
||||
description = pkgs.tetrd.meta.description;
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
serviceConfig = {
|
||||
ExecStart = "${pkgs.tetrd}/opt/Tetrd/bin/tetrd";
|
||||
Restart = "always";
|
||||
RuntimeDirectory = "tetrd";
|
||||
RootDirectory = "/run/tetrd";
|
||||
DynamicUser = true;
|
||||
UMask = "006";
|
||||
DeviceAllow = "usb_device";
|
||||
LockPersonality = true;
|
||||
MemoryDenyWriteExecute = true;
|
||||
NoNewPrivileges = true;
|
||||
PrivateMounts = true;
|
||||
PrivateNetwork = lib.mkDefault false;
|
||||
PrivateTmp = true;
|
||||
PrivateUsers = lib.mkDefault false;
|
||||
ProtectClock = lib.mkDefault false;
|
||||
ProtectControlGroups = true;
|
||||
ProtectHome = true;
|
||||
ProtectHostname = true;
|
||||
ProtectKernelLogs = true;
|
||||
ProtectKernelModules = true;
|
||||
ProtectKernelTunables = true;
|
||||
ProtectProc = "invisible";
|
||||
ProtectSystem = "strict";
|
||||
RemoveIPC = true;
|
||||
RestrictAddressFamilies = [ "AF_UNIX" "AF_INET" "AF_INET6" "AF_NETLINK" ];
|
||||
RestrictNamespaces = true;
|
||||
RestrictRealtime = true;
|
||||
RestrictSUIDSGID = true;
|
||||
SystemCallArchitectures = "native";
|
||||
|
||||
SystemCallFilter = [
|
||||
"@system-service"
|
||||
"~@aio"
|
||||
"~@chown"
|
||||
"~@clock"
|
||||
"~@cpu-emulation"
|
||||
"~@debug"
|
||||
"~@keyring"
|
||||
"~@memlock"
|
||||
"~@module"
|
||||
"~@mount"
|
||||
"~@obsolete"
|
||||
"~@pkey"
|
||||
"~@raw-io"
|
||||
"~@reboot"
|
||||
"~@swap"
|
||||
"~@sync"
|
||||
];
|
||||
|
||||
BindReadOnlyPaths = [
|
||||
builtins.storeDir
|
||||
"/etc/ssl"
|
||||
"/etc/static/ssl"
|
||||
"${pkgs.nettools}/bin/route:/usr/bin/route"
|
||||
"${pkgs.nettools}/bin/ifconfig:/usr/bin/ifconfig"
|
||||
];
|
||||
|
||||
BindPaths = [
|
||||
"/etc/tetrd/resolv.conf:/etc/resolv.conf"
|
||||
"/run"
|
||||
"/var/log"
|
||||
];
|
||||
|
||||
CapabilityBoundingSet = [
|
||||
"CAP_DAC_OVERRIDE"
|
||||
"CAP_NET_ADMIN"
|
||||
];
|
||||
|
||||
AmbientCapabilities = [
|
||||
"CAP_DAC_OVERRIDE"
|
||||
"CAP_NET_ADMIN"
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -6,23 +6,95 @@ let
|
|||
|
||||
cfg = config.services.mattermost;
|
||||
|
||||
defaultConfig = builtins.fromJSON (builtins.replaceStrings [ "\\u0026" ] [ "&" ]
|
||||
(readFile "${pkgs.mattermost}/config/config.json")
|
||||
);
|
||||
|
||||
database = "postgres://${cfg.localDatabaseUser}:${cfg.localDatabasePassword}@localhost:5432/${cfg.localDatabaseName}?sslmode=disable&connect_timeout=10";
|
||||
|
||||
mattermostConf = foldl recursiveUpdate defaultConfig
|
||||
[ { ServiceSettings.SiteURL = cfg.siteUrl;
|
||||
postgresPackage = config.services.postgresql.package;
|
||||
|
||||
createDb = {
|
||||
statePath ? cfg.statePath,
|
||||
localDatabaseUser ? cfg.localDatabaseUser,
|
||||
localDatabasePassword ? cfg.localDatabasePassword,
|
||||
localDatabaseName ? cfg.localDatabaseName,
|
||||
useSudo ? true
|
||||
}: ''
|
||||
if ! test -e ${escapeShellArg "${statePath}/.db-created"}; then
|
||||
${lib.optionalString useSudo "${pkgs.sudo}/bin/sudo -u ${escapeShellArg config.services.postgresql.superUser} \\"}
|
||||
${postgresPackage}/bin/psql postgres -c \
|
||||
"CREATE ROLE ${localDatabaseUser} WITH LOGIN NOCREATEDB NOCREATEROLE ENCRYPTED PASSWORD '${localDatabasePassword}'"
|
||||
${lib.optionalString useSudo "${pkgs.sudo}/bin/sudo -u ${escapeShellArg config.services.postgresql.superUser} \\"}
|
||||
${postgresPackage}/bin/createdb \
|
||||
--owner ${escapeShellArg localDatabaseUser} ${escapeShellArg localDatabaseName}
|
||||
touch ${escapeShellArg "${statePath}/.db-created"}
|
||||
fi
|
||||
'';
|
||||
|
||||
mattermostPluginDerivations = with pkgs;
|
||||
map (plugin: stdenv.mkDerivation {
|
||||
name = "mattermost-plugin";
|
||||
installPhase = ''
|
||||
mkdir -p $out/share
|
||||
cp ${plugin} $out/share/plugin.tar.gz
|
||||
'';
|
||||
dontUnpack = true;
|
||||
dontPatch = true;
|
||||
dontConfigure = true;
|
||||
dontBuild = true;
|
||||
preferLocalBuild = true;
|
||||
}) cfg.plugins;
|
||||
|
||||
mattermostPlugins = with pkgs;
|
||||
if mattermostPluginDerivations == [] then null
|
||||
else stdenv.mkDerivation {
|
||||
name = "${cfg.package.name}-plugins";
|
||||
nativeBuildInputs = [
|
||||
autoPatchelfHook
|
||||
] ++ mattermostPluginDerivations;
|
||||
buildInputs = [
|
||||
cfg.package
|
||||
];
|
||||
installPhase = ''
|
||||
mkdir -p $out/data/plugins
|
||||
plugins=(${escapeShellArgs (map (plugin: "${plugin}/share/plugin.tar.gz") mattermostPluginDerivations)})
|
||||
for plugin in "''${plugins[@]}"; do
|
||||
hash="$(sha256sum "$plugin" | cut -d' ' -f1)"
|
||||
mkdir -p "$hash"
|
||||
tar -C "$hash" -xzf "$plugin"
|
||||
autoPatchelf "$hash"
|
||||
GZIP_OPT=-9 tar -C "$hash" -cvzf "$out/data/plugins/$hash.tar.gz" .
|
||||
rm -rf "$hash"
|
||||
done
|
||||
'';
|
||||
|
||||
dontUnpack = true;
|
||||
dontPatch = true;
|
||||
dontConfigure = true;
|
||||
dontBuild = true;
|
||||
preferLocalBuild = true;
|
||||
};
|
||||
|
||||
mattermostConfWithoutPlugins = recursiveUpdate
|
||||
{ ServiceSettings.SiteURL = cfg.siteUrl;
|
||||
ServiceSettings.ListenAddress = cfg.listenAddress;
|
||||
TeamSettings.SiteName = cfg.siteName;
|
||||
SqlSettings.DriverName = "postgres";
|
||||
SqlSettings.DataSource = database;
|
||||
PluginSettings.Directory = "${cfg.statePath}/plugins/server";
|
||||
PluginSettings.ClientDirectory = "${cfg.statePath}/plugins/client";
|
||||
}
|
||||
cfg.extraConfig
|
||||
];
|
||||
cfg.extraConfig;
|
||||
|
||||
mattermostConfJSON = pkgs.writeText "mattermost-config-raw.json" (builtins.toJSON mattermostConf);
|
||||
mattermostConf = recursiveUpdate
|
||||
mattermostConfWithoutPlugins
|
||||
(
|
||||
if mattermostPlugins == null then {}
|
||||
else {
|
||||
PluginSettings = {
|
||||
Enable = true;
|
||||
};
|
||||
}
|
||||
);
|
||||
|
||||
mattermostConfJSON = pkgs.writeText "mattermost-config.json" (builtins.toJSON mattermostConf);
|
||||
|
||||
in
|
||||
|
||||
|
@ -31,6 +103,13 @@ in
|
|||
services.mattermost = {
|
||||
enable = mkEnableOption "Mattermost chat server";
|
||||
|
||||
package = mkOption {
|
||||
type = types.package;
|
||||
default = pkgs.mattermost;
|
||||
defaultText = "pkgs.mattermost";
|
||||
description = "Mattermost derivation to use.";
|
||||
};
|
||||
|
||||
statePath = mkOption {
|
||||
type = types.str;
|
||||
default = "/var/lib/mattermost";
|
||||
|
@ -77,6 +156,16 @@ in
|
|||
'';
|
||||
};
|
||||
|
||||
preferNixConfig = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
If both mutableConfig and this option are set, the Nix configuration
|
||||
will take precedence over any settings configured in the server
|
||||
console.
|
||||
'';
|
||||
};
|
||||
|
||||
extraConfig = mkOption {
|
||||
type = types.attrs;
|
||||
default = { };
|
||||
|
@ -85,6 +174,17 @@ in
|
|||
'';
|
||||
};
|
||||
|
||||
plugins = mkOption {
|
||||
type = types.listOf (types.oneOf [types.path types.package]);
|
||||
default = [];
|
||||
example = "[ ./com.github.moussetc.mattermost.plugin.giphy-2.0.0.tar.gz ]";
|
||||
description = ''
|
||||
Plugins to add to the configuration. Overrides any installed if non-null.
|
||||
This is a list of paths to .tar.gz files or derivations evaluating to
|
||||
.tar.gz files. All entries will be passed to `mattermost plugin add`.
|
||||
'';
|
||||
};
|
||||
|
||||
localDatabaseCreate = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
|
@ -135,6 +235,12 @@ in
|
|||
|
||||
matterircd = {
|
||||
enable = mkEnableOption "Mattermost IRC bridge";
|
||||
package = mkOption {
|
||||
type = types.package;
|
||||
default = pkgs.matterircd;
|
||||
defaultText = "pkgs.matterircd";
|
||||
description = "matterircd derivation to use.";
|
||||
};
|
||||
parameters = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [ ];
|
||||
|
@ -167,7 +273,7 @@ in
|
|||
# The systemd service will fail to execute the preStart hook
|
||||
# if the WorkingDirectory does not exist
|
||||
system.activationScripts.mattermost = ''
|
||||
mkdir -p ${cfg.statePath}
|
||||
mkdir -p "${cfg.statePath}"
|
||||
'';
|
||||
|
||||
systemd.services.mattermost = {
|
||||
|
@ -176,39 +282,41 @@ in
|
|||
after = [ "network.target" "postgresql.service" ];
|
||||
|
||||
preStart = ''
|
||||
mkdir -p ${cfg.statePath}/{data,config,logs}
|
||||
ln -sf ${pkgs.mattermost}/{bin,fonts,i18n,templates,client} ${cfg.statePath}
|
||||
mkdir -p "${cfg.statePath}"/{data,config,logs,plugins}
|
||||
mkdir -p "${cfg.statePath}/plugins"/{client,server}
|
||||
ln -sf ${cfg.package}/{bin,fonts,i18n,templates,client} "${cfg.statePath}"
|
||||
'' + lib.optionalString (mattermostPlugins != null) ''
|
||||
rm -rf "${cfg.statePath}/data/plugins"
|
||||
ln -sf ${mattermostPlugins}/data/plugins "${cfg.statePath}/data"
|
||||
'' + lib.optionalString (!cfg.mutableConfig) ''
|
||||
rm -f ${cfg.statePath}/config/config.json
|
||||
cp ${mattermostConfJSON} ${cfg.statePath}/config/config.json
|
||||
${pkgs.mattermost}/bin/mattermost config migrate ${cfg.statePath}/config/config.json ${database}
|
||||
rm -f "${cfg.statePath}/config/config.json"
|
||||
${pkgs.jq}/bin/jq -s '.[0] * .[1]' ${cfg.package}/config/config.json ${mattermostConfJSON} > "${cfg.statePath}/config/config.json"
|
||||
'' + lib.optionalString cfg.mutableConfig ''
|
||||
if ! test -e "${cfg.statePath}/config/.initial-created"; then
|
||||
rm -f ${cfg.statePath}/config/config.json
|
||||
cp ${mattermostConfJSON} ${cfg.statePath}/config/config.json
|
||||
touch ${cfg.statePath}/config/.initial-created
|
||||
${pkgs.jq}/bin/jq -s '.[0] * .[1]' ${cfg.package}/config/config.json ${mattermostConfJSON} > "${cfg.statePath}/config/config.json"
|
||||
touch "${cfg.statePath}/config/.initial-created"
|
||||
fi
|
||||
'' + lib.optionalString cfg.localDatabaseCreate ''
|
||||
if ! test -e "${cfg.statePath}/.db-created"; then
|
||||
${pkgs.sudo}/bin/sudo -u ${config.services.postgresql.superUser} \
|
||||
${config.services.postgresql.package}/bin/psql postgres -c \
|
||||
"CREATE ROLE ${cfg.localDatabaseUser} WITH LOGIN NOCREATEDB NOCREATEROLE ENCRYPTED PASSWORD '${cfg.localDatabasePassword}'"
|
||||
${pkgs.sudo}/bin/sudo -u ${config.services.postgresql.superUser} \
|
||||
${config.services.postgresql.package}/bin/createdb \
|
||||
--owner ${cfg.localDatabaseUser} ${cfg.localDatabaseName}
|
||||
touch ${cfg.statePath}/.db-created
|
||||
fi
|
||||
'' + ''
|
||||
chown ${cfg.user}:${cfg.group} -R ${cfg.statePath}
|
||||
chmod u+rw,g+r,o-rwx -R ${cfg.statePath}
|
||||
'' + lib.optionalString (cfg.mutableConfig && cfg.preferNixConfig) ''
|
||||
new_config="$(${pkgs.jq}/bin/jq -s '.[0] * .[1]' "${cfg.statePath}/config/config.json" ${mattermostConfJSON})"
|
||||
|
||||
rm -f "${cfg.statePath}/config/config.json"
|
||||
echo "$new_config" > "${cfg.statePath}/config/config.json"
|
||||
'' + lib.optionalString cfg.localDatabaseCreate (createDb {}) + ''
|
||||
# Don't change permissions recursively on the data, current, and symlinked directories (see ln -sf command above).
|
||||
# This dramatically decreases startup times for installations with a lot of files.
|
||||
find . -maxdepth 1 -not -name data -not -name client -not -name templates -not -name i18n -not -name fonts -not -name bin -not -name . \
|
||||
-exec chown "${cfg.user}:${cfg.group}" -R {} \; -exec chmod u+rw,g+r,o-rwx -R {} \;
|
||||
|
||||
chown "${cfg.user}:${cfg.group}" "${cfg.statePath}/data" .
|
||||
chmod u+rw,g+r,o-rwx "${cfg.statePath}/data" .
|
||||
'';
|
||||
|
||||
serviceConfig = {
|
||||
PermissionsStartOnly = true;
|
||||
User = cfg.user;
|
||||
Group = cfg.group;
|
||||
ExecStart = "${pkgs.mattermost}/bin/mattermost" +
|
||||
(lib.optionalString (!cfg.mutableConfig) " -c ${database}");
|
||||
ExecStart = "${cfg.package}/bin/mattermost";
|
||||
WorkingDirectory = "${cfg.statePath}";
|
||||
Restart = "always";
|
||||
RestartSec = "10";
|
||||
|
@ -224,7 +332,7 @@ in
|
|||
serviceConfig = {
|
||||
User = "nobody";
|
||||
Group = "nogroup";
|
||||
ExecStart = "${pkgs.matterircd}/bin/matterircd ${concatStringsSep " " cfg.matterircd.parameters}";
|
||||
ExecStart = "${cfg.matterircd.package}/bin/matterircd ${escapeShellArgs cfg.matterircd.parameters}";
|
||||
WorkingDirectory = "/tmp";
|
||||
PrivateTmp = true;
|
||||
Restart = "always";
|
||||
|
|
|
@ -1,304 +0,0 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.moinmoin;
|
||||
python = pkgs.python27;
|
||||
pkg = python.pkgs.moinmoin;
|
||||
dataDir = "/var/lib/moin";
|
||||
usingGunicorn = cfg.webServer == "nginx-gunicorn" || cfg.webServer == "gunicorn";
|
||||
usingNginx = cfg.webServer == "nginx-gunicorn";
|
||||
user = "moin";
|
||||
group = "moin";
|
||||
|
||||
uLit = s: ''u"${s}"'';
|
||||
indentLines = n: str: concatMapStrings (line: "${fixedWidthString n " " " "}${line}\n") (splitString "\n" str);
|
||||
|
||||
moinCliWrapper = wikiIdent: pkgs.writeShellScriptBin "moin-${wikiIdent}" ''
|
||||
${pkgs.su}/bin/su -s ${pkgs.runtimeShell} -c "${pkg}/bin/moin --config-dir=/var/lib/moin/${wikiIdent}/config $*" ${user}
|
||||
'';
|
||||
|
||||
wikiConfig = wikiIdent: w: ''
|
||||
# -*- coding: utf-8 -*-
|
||||
|
||||
from MoinMoin.config import multiconfig, url_prefix_static
|
||||
|
||||
class Config(multiconfig.DefaultConfig):
|
||||
${optionalString (w.webLocation != "/") ''
|
||||
url_prefix_static = '${w.webLocation}' + url_prefix_static
|
||||
''}
|
||||
|
||||
sitename = u'${w.siteName}'
|
||||
page_front_page = u'${w.frontPage}'
|
||||
|
||||
data_dir = '${dataDir}/${wikiIdent}/data'
|
||||
data_underlay_dir = '${dataDir}/${wikiIdent}/underlay'
|
||||
|
||||
language_default = u'${w.languageDefault}'
|
||||
${optionalString (w.superUsers != []) ''
|
||||
superuser = [${concatMapStringsSep ", " uLit w.superUsers}]
|
||||
''}
|
||||
|
||||
${indentLines 4 w.extraConfig}
|
||||
'';
|
||||
wikiConfigFile = name: wiki: pkgs.writeText "${name}.py" (wikiConfig name wiki);
|
||||
|
||||
in
|
||||
{
|
||||
options.services.moinmoin = with types; {
|
||||
enable = mkEnableOption "MoinMoin Wiki Engine";
|
||||
|
||||
webServer = mkOption {
|
||||
type = enum [ "nginx-gunicorn" "gunicorn" "none" ];
|
||||
default = "nginx-gunicorn";
|
||||
example = "none";
|
||||
description = ''
|
||||
Which web server to use to serve the wiki.
|
||||
Use <literal>none</literal> if you want to configure this yourself.
|
||||
'';
|
||||
};
|
||||
|
||||
gunicorn.workers = mkOption {
|
||||
type = ints.positive;
|
||||
default = 3;
|
||||
example = 10;
|
||||
description = ''
|
||||
The number of worker processes for handling requests.
|
||||
'';
|
||||
};
|
||||
|
||||
wikis = mkOption {
|
||||
type = attrsOf (submodule ({ name, ... }: {
|
||||
options = {
|
||||
siteName = mkOption {
|
||||
type = str;
|
||||
default = "Untitled Wiki";
|
||||
example = "ExampleWiki";
|
||||
description = ''
|
||||
Short description of your wiki site, displayed below the logo on each page, and
|
||||
used in RSS documents as the channel title.
|
||||
'';
|
||||
};
|
||||
|
||||
webHost = mkOption {
|
||||
type = str;
|
||||
description = "Host part of the wiki URL. If undefined, the name of the attribute set will be used.";
|
||||
example = "wiki.example.org";
|
||||
};
|
||||
|
||||
webLocation = mkOption {
|
||||
type = str;
|
||||
default = "/";
|
||||
example = "/moin";
|
||||
description = "Location part of the wiki URL.";
|
||||
};
|
||||
|
||||
frontPage = mkOption {
|
||||
type = str;
|
||||
default = "LanguageSetup";
|
||||
example = "FrontPage";
|
||||
description = ''
|
||||
Front page name. Set this to something like <literal>FrontPage</literal> once languages are
|
||||
configured.
|
||||
'';
|
||||
};
|
||||
|
||||
superUsers = mkOption {
|
||||
type = listOf str;
|
||||
default = [];
|
||||
example = [ "elvis" ];
|
||||
description = ''
|
||||
List of trusted user names with wiki system administration super powers.
|
||||
|
||||
Please note that accounts for these users need to be created using the <command>moin</command> command-line utility, e.g.:
|
||||
<command>moin-<replaceable>WIKINAME</replaceable> account create --name=<replaceable>NAME</replaceable> --email=<replaceable>EMAIL</replaceable> --password=<replaceable>PASSWORD</replaceable></command>.
|
||||
'';
|
||||
};
|
||||
|
||||
languageDefault = mkOption {
|
||||
type = str;
|
||||
default = "en";
|
||||
example = "de";
|
||||
description = "The ISO-639-1 name of the main wiki language. Languages that MoinMoin does not support are ignored.";
|
||||
};
|
||||
|
||||
extraConfig = mkOption {
|
||||
type = lines;
|
||||
default = "";
|
||||
example = ''
|
||||
show_hosts = True
|
||||
search_results_per_page = 100
|
||||
acl_rights_default = u"Known:read,write,delete,revert All:read"
|
||||
logo_string = u"<h2>\U0001f639</h2>"
|
||||
theme_default = u"modernized"
|
||||
|
||||
user_checkbox_defaults = {'show_page_trail': 0, 'edit_on_doubleclick': 0}
|
||||
navi_bar = [u'SomePage'] + multiconfig.DefaultConfig.navi_bar
|
||||
actions_excluded = multiconfig.DefaultConfig.actions_excluded + ['newaccount']
|
||||
|
||||
mail_smarthost = "mail.example.org"
|
||||
mail_from = u"Example.Org Wiki <wiki@example.org>"
|
||||
'';
|
||||
description = ''
|
||||
Additional configuration to be appended verbatim to this wiki's config.
|
||||
|
||||
See <link xlink:href='http://moinmo.in/HelpOnConfiguration' /> for documentation.
|
||||
'';
|
||||
};
|
||||
|
||||
};
|
||||
config = {
|
||||
webHost = mkDefault name;
|
||||
};
|
||||
}));
|
||||
example = literalExpression ''
|
||||
{
|
||||
"mywiki" = {
|
||||
siteName = "Example Wiki";
|
||||
webHost = "wiki.example.org";
|
||||
superUsers = [ "admin" ];
|
||||
frontPage = "Index";
|
||||
extraConfig = "page_category_regex = ur'(?P<all>(Category|Kategorie)(?P<key>(?!Template)\S+))'"
|
||||
};
|
||||
}
|
||||
'';
|
||||
description = ''
|
||||
Configurations of the individual wikis. Attribute names must be valid Python
|
||||
identifiers of the form <literal>[A-Za-z_][A-Za-z0-9_]*</literal>.
|
||||
|
||||
For every attribute <replaceable>WIKINAME</replaceable>, a helper script
|
||||
moin-<replaceable>WIKINAME</replaceable> is created which runs the
|
||||
<command>moin</command> command under the <literal>moin</literal> user (to avoid
|
||||
file ownership issues) and with the right configuration directory passed to it.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
assertions = forEach (attrNames cfg.wikis) (wname:
|
||||
{ assertion = builtins.match "[A-Za-z_][A-Za-z0-9_]*" wname != null;
|
||||
message = "${wname} is not valid Python identifier";
|
||||
}
|
||||
);
|
||||
|
||||
users.users = {
|
||||
moin = {
|
||||
description = "MoinMoin wiki";
|
||||
home = dataDir;
|
||||
group = group;
|
||||
isSystemUser = true;
|
||||
};
|
||||
};
|
||||
|
||||
users.groups = {
|
||||
moin = {
|
||||
members = mkIf usingNginx [ config.services.nginx.user ];
|
||||
};
|
||||
};
|
||||
|
||||
environment.systemPackages = [ pkg ] ++ map moinCliWrapper (attrNames cfg.wikis);
|
||||
|
||||
systemd.services = mkIf usingGunicorn
|
||||
(flip mapAttrs' cfg.wikis (wikiIdent: wiki:
|
||||
nameValuePair "moin-${wikiIdent}"
|
||||
{
|
||||
description = "MoinMoin wiki ${wikiIdent} - gunicorn process";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "network.target" ];
|
||||
restartIfChanged = true;
|
||||
restartTriggers = [ (wikiConfigFile wikiIdent wiki) ];
|
||||
|
||||
environment = let
|
||||
penv = python.buildEnv.override {
|
||||
# setuptools: https://github.com/benoitc/gunicorn/issues/1716
|
||||
extraLibs = [ python.pkgs.eventlet python.pkgs.setuptools pkg ];
|
||||
};
|
||||
in {
|
||||
PYTHONPATH = "${dataDir}/${wikiIdent}/config:${penv}/${python.sitePackages}";
|
||||
};
|
||||
|
||||
preStart = ''
|
||||
umask 0007
|
||||
rm -rf ${dataDir}/${wikiIdent}/underlay
|
||||
cp -r ${pkg}/share/moin/underlay ${dataDir}/${wikiIdent}/
|
||||
chmod -R u+w ${dataDir}/${wikiIdent}/underlay
|
||||
'';
|
||||
|
||||
startLimitIntervalSec = 30;
|
||||
|
||||
serviceConfig = {
|
||||
User = user;
|
||||
Group = group;
|
||||
WorkingDirectory = "${dataDir}/${wikiIdent}";
|
||||
ExecStart = ''${python.pkgs.gunicorn}/bin/gunicorn moin_wsgi \
|
||||
--name gunicorn-${wikiIdent} \
|
||||
--workers ${toString cfg.gunicorn.workers} \
|
||||
--worker-class eventlet \
|
||||
--bind unix:/run/moin/${wikiIdent}/gunicorn.sock
|
||||
'';
|
||||
|
||||
Restart = "on-failure";
|
||||
RestartSec = "2s";
|
||||
|
||||
StateDirectory = "moin/${wikiIdent}";
|
||||
StateDirectoryMode = "0750";
|
||||
RuntimeDirectory = "moin/${wikiIdent}";
|
||||
RuntimeDirectoryMode = "0750";
|
||||
|
||||
NoNewPrivileges = true;
|
||||
ProtectSystem = "strict";
|
||||
ProtectHome = true;
|
||||
PrivateTmp = true;
|
||||
PrivateDevices = true;
|
||||
PrivateNetwork = true;
|
||||
ProtectKernelTunables = true;
|
||||
ProtectKernelModules = true;
|
||||
ProtectControlGroups = true;
|
||||
RestrictAddressFamilies = [ "AF_UNIX" "AF_INET" "AF_INET6" ];
|
||||
RestrictNamespaces = true;
|
||||
LockPersonality = true;
|
||||
MemoryDenyWriteExecute = true;
|
||||
RestrictRealtime = true;
|
||||
};
|
||||
}
|
||||
));
|
||||
|
||||
services.nginx = mkIf usingNginx {
|
||||
enable = true;
|
||||
virtualHosts = flip mapAttrs' cfg.wikis (name: w: nameValuePair w.webHost {
|
||||
forceSSL = mkDefault true;
|
||||
enableACME = mkDefault true;
|
||||
locations."${w.webLocation}" = {
|
||||
extraConfig = ''
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
proxy_set_header X-Forwarded-Server $host;
|
||||
|
||||
proxy_pass http://unix:/run/moin/${name}/gunicorn.sock;
|
||||
'';
|
||||
};
|
||||
});
|
||||
};
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d /run/moin 0750 ${user} ${group} - -"
|
||||
"d ${dataDir} 0550 ${user} ${group} - -"
|
||||
]
|
||||
++ (concatLists (flip mapAttrsToList cfg.wikis (wikiIdent: wiki: [
|
||||
"d ${dataDir}/${wikiIdent} 0750 ${user} ${group} - -"
|
||||
"d ${dataDir}/${wikiIdent}/config 0550 ${user} ${group} - -"
|
||||
"L+ ${dataDir}/${wikiIdent}/config/wikiconfig.py - - - - ${wikiConfigFile wikiIdent wiki}"
|
||||
# needed in order to pass module name to gunicorn
|
||||
"L+ ${dataDir}/${wikiIdent}/config/moin_wsgi.py - - - - ${pkg}/share/moin/server/moin.wsgi"
|
||||
# seed data files
|
||||
"C ${dataDir}/${wikiIdent}/data 0770 ${user} ${group} - ${pkg}/share/moin/data"
|
||||
# fix nix store permissions
|
||||
"Z ${dataDir}/${wikiIdent}/data 0770 ${user} ${group} - -"
|
||||
])));
|
||||
};
|
||||
|
||||
meta.maintainers = with lib.maintainers; [ mmilata ];
|
||||
}
|
|
@ -1,79 +0,0 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
cfg = config.services.trac;
|
||||
|
||||
inherit (lib) mkEnableOption mkIf mkOption types;
|
||||
|
||||
in {
|
||||
|
||||
options = {
|
||||
|
||||
services.trac = {
|
||||
enable = mkEnableOption "Trac service";
|
||||
|
||||
listen = {
|
||||
ip = mkOption {
|
||||
type = types.str;
|
||||
default = "0.0.0.0";
|
||||
description = ''
|
||||
IP address that Trac should listen on.
|
||||
'';
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
default = 8000;
|
||||
description = ''
|
||||
Listen port for Trac.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
dataDir = mkOption {
|
||||
default = "/var/lib/trac";
|
||||
type = types.path;
|
||||
description = ''
|
||||
The directory for storing the Trac data.
|
||||
'';
|
||||
};
|
||||
|
||||
openFirewall = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Open ports in the firewall for Trac.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
systemd.services.trac = {
|
||||
description = "Trac server";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
DynamicUser = true;
|
||||
StateDirectory = baseNameOf cfg.dataDir;
|
||||
ExecStart = ''
|
||||
${pkgs.trac}/bin/tracd -s \
|
||||
-b ${toString cfg.listen.ip} \
|
||||
-p ${toString cfg.listen.port} \
|
||||
${cfg.dataDir}
|
||||
'';
|
||||
};
|
||||
preStart = ''
|
||||
if [ ! -e ${cfg.dataDir}/VERSION ]; then
|
||||
${pkgs.trac}/bin/trac-admin ${cfg.dataDir} initenv Trac "sqlite:db/trac.db"
|
||||
fi
|
||||
'';
|
||||
};
|
||||
|
||||
networking.firewall = mkIf cfg.openFirewall {
|
||||
allowedTCPPorts = [ cfg.listen.port ];
|
||||
};
|
||||
|
||||
};
|
||||
}
|
|
@ -317,7 +317,7 @@ let
|
|||
${optionalString (hasSSL && vhost.sslTrustedCertificate != null) ''
|
||||
ssl_trusted_certificate ${vhost.sslTrustedCertificate};
|
||||
''}
|
||||
${optionalString (hasSSL && vhost.rejectSSL) ''
|
||||
${optionalString vhost.rejectSSL ''
|
||||
ssl_reject_handshake on;
|
||||
''}
|
||||
${optionalString (hasSSL && vhost.kTLS) ''
|
||||
|
|
|
@ -38,11 +38,5 @@ in
|
|||
"/share"
|
||||
];
|
||||
|
||||
security.wrappers.lumina-checkpass-wrapped = {
|
||||
source = "${pkgs.lumina.lumina}/bin/lumina-checkpass";
|
||||
owner = "root";
|
||||
group = "root";
|
||||
};
|
||||
|
||||
};
|
||||
}
|
||||
|
|
|
@ -532,6 +532,33 @@ let
|
|||
'';
|
||||
});
|
||||
|
||||
createGreDevice = n: v: nameValuePair "${n}-netdev"
|
||||
(let
|
||||
deps = deviceDependency v.dev;
|
||||
in
|
||||
{ description = "GRE Tunnel Interface ${n}";
|
||||
wantedBy = [ "network-setup.service" (subsystemDevice n) ];
|
||||
bindsTo = deps;
|
||||
partOf = [ "network-setup.service" ];
|
||||
after = [ "network-pre.target" ] ++ deps;
|
||||
before = [ "network-setup.service" ];
|
||||
serviceConfig.Type = "oneshot";
|
||||
serviceConfig.RemainAfterExit = true;
|
||||
path = [ pkgs.iproute2 ];
|
||||
script = ''
|
||||
# Remove Dead Interfaces
|
||||
ip link show "${n}" >/dev/null 2>&1 && ip link delete "${n}"
|
||||
ip link add name "${n}" type ${v.type} \
|
||||
${optionalString (v.remote != null) "remote \"${v.remote}\""} \
|
||||
${optionalString (v.local != null) "local \"${v.local}\""} \
|
||||
${optionalString (v.dev != null) "dev \"${v.dev}\""}
|
||||
ip link set "${n}" up
|
||||
'';
|
||||
postStop = ''
|
||||
ip link delete "${n}" || true
|
||||
'';
|
||||
});
|
||||
|
||||
createVlanDevice = n: v: nameValuePair "${n}-netdev"
|
||||
(let
|
||||
deps = deviceDependency v.interface;
|
||||
|
@ -570,6 +597,7 @@ let
|
|||
// mapAttrs' createMacvlanDevice cfg.macvlans
|
||||
// mapAttrs' createFouEncapsulation cfg.fooOverUDP
|
||||
// mapAttrs' createSitDevice cfg.sits
|
||||
// mapAttrs' createGreDevice cfg.greTunnels
|
||||
// mapAttrs' createVlanDevice cfg.vlans
|
||||
// {
|
||||
network-setup = networkSetup;
|
||||
|
|
|
@ -18,6 +18,7 @@ let
|
|||
concatLists (map (bond: bond.interfaces) (attrValues cfg.bonds))
|
||||
++ concatLists (map (bridge: bridge.interfaces) (attrValues cfg.bridges))
|
||||
++ map (sit: sit.dev) (attrValues cfg.sits)
|
||||
++ map (gre: gre.dev) (attrValues cfg.greTunnels)
|
||||
++ map (vlan: vlan.interface) (attrValues cfg.vlans)
|
||||
# add dependency to physical or independently created vswitch member interface
|
||||
# TODO: warn the user that any address configured on those interfaces will be useless
|
||||
|
@ -245,6 +246,25 @@ in
|
|||
} ]);
|
||||
};
|
||||
})))
|
||||
(mkMerge (flip mapAttrsToList cfg.greTunnels (name: gre: {
|
||||
netdevs."40-${name}" = {
|
||||
netdevConfig = {
|
||||
Name = name;
|
||||
Kind = gre.type;
|
||||
};
|
||||
tunnelConfig =
|
||||
(optionalAttrs (gre.remote != null) {
|
||||
Remote = gre.remote;
|
||||
}) // (optionalAttrs (gre.local != null) {
|
||||
Local = gre.local;
|
||||
});
|
||||
};
|
||||
networks = mkIf (gre.dev != null) {
|
||||
"40-${gre.dev}" = (mkMerge [ (genericNetwork (mkOverride 999)) {
|
||||
tunnel = [ name ];
|
||||
} ]);
|
||||
};
|
||||
})))
|
||||
(mkMerge (flip mapAttrsToList cfg.vlans (name: vlan: {
|
||||
netdevs."40-${name}" = {
|
||||
netdevConfig = {
|
||||
|
|
|
@ -10,6 +10,7 @@ let
|
|||
interfaces = attrValues cfg.interfaces;
|
||||
hasVirtuals = any (i: i.virtual) interfaces;
|
||||
hasSits = cfg.sits != { };
|
||||
hasGres = cfg.greTunnels != { };
|
||||
hasBonds = cfg.bonds != { };
|
||||
hasFous = cfg.fooOverUDP != { }
|
||||
|| filterAttrs (_: s: s.encapsulation != null) cfg.sits != { };
|
||||
|
@ -997,6 +998,65 @@ in
|
|||
});
|
||||
};
|
||||
|
||||
networking.greTunnels = mkOption {
|
||||
default = { };
|
||||
example = literalExpression ''
|
||||
{
|
||||
greBridge = {
|
||||
remote = "10.0.0.1";
|
||||
local = "10.0.0.22";
|
||||
dev = "enp4s0f0";
|
||||
type = "tap";
|
||||
};
|
||||
}
|
||||
'';
|
||||
description = ''
|
||||
This option allows you to define Generic Routing Encapsulation (GRE) tunnels.
|
||||
'';
|
||||
type = with types; attrsOf (submodule {
|
||||
options = {
|
||||
|
||||
remote = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
example = "10.0.0.1";
|
||||
description = ''
|
||||
The address of the remote endpoint to forward traffic over.
|
||||
'';
|
||||
};
|
||||
|
||||
local = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
example = "10.0.0.22";
|
||||
description = ''
|
||||
The address of the local endpoint which the remote
|
||||
side should send packets to.
|
||||
'';
|
||||
};
|
||||
|
||||
dev = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
example = "enp4s0f0";
|
||||
description = ''
|
||||
The underlying network device on which the tunnel resides.
|
||||
'';
|
||||
};
|
||||
|
||||
type = mkOption {
|
||||
type = with types; enum [ "tun" "tap" ];
|
||||
default = "tap";
|
||||
example = "tap";
|
||||
apply = v: if v == "tun" then "gre" else "gretap";
|
||||
description = ''
|
||||
Whether the tunnel routes layer 2 (tap) or layer 3 (tun) traffic.
|
||||
'';
|
||||
};
|
||||
};
|
||||
});
|
||||
};
|
||||
|
||||
networking.vlans = mkOption {
|
||||
default = { };
|
||||
example = literalExpression ''
|
||||
|
@ -1229,6 +1289,7 @@ in
|
|||
boot.kernelModules = [ ]
|
||||
++ optional hasVirtuals "tun"
|
||||
++ optional hasSits "sit"
|
||||
++ optional hasGres "gre"
|
||||
++ optional hasBonds "bonding"
|
||||
++ optional hasFous "fou";
|
||||
|
||||
|
|
|
@ -255,11 +255,14 @@ in
|
|||
magnetico = handleTest ./magnetico.nix {};
|
||||
mailcatcher = handleTest ./mailcatcher.nix {};
|
||||
mailhog = handleTest ./mailhog.nix {};
|
||||
man = handleTest ./man.nix {};
|
||||
mariadb-galera-mariabackup = handleTest ./mysql/mariadb-galera-mariabackup.nix {};
|
||||
mariadb-galera-rsync = handleTest ./mysql/mariadb-galera-rsync.nix {};
|
||||
matomo = handleTest ./matomo.nix {};
|
||||
matrix-appservice-irc = handleTest ./matrix-appservice-irc.nix {};
|
||||
matrix-conduit = handleTest ./matrix-conduit.nix {};
|
||||
matrix-synapse = handleTest ./matrix-synapse.nix {};
|
||||
mattermost = handleTest ./mattermost.nix {};
|
||||
mediawiki = handleTest ./mediawiki.nix {};
|
||||
meilisearch = handleTest ./meilisearch.nix {};
|
||||
memcached = handleTest ./memcached.nix {};
|
||||
|
@ -272,7 +275,6 @@ in
|
|||
misc = handleTest ./misc.nix {};
|
||||
mjolnir = handleTest ./matrix/mjolnir.nix {};
|
||||
mod_perl = handleTest ./mod_perl.nix {};
|
||||
moinmoin = handleTest ./moinmoin.nix {};
|
||||
mongodb = handleTest ./mongodb.nix {};
|
||||
moodle = handleTest ./moodle.nix {};
|
||||
morty = handleTest ./morty.nix {};
|
||||
|
@ -475,7 +477,6 @@ in
|
|||
tinc = handleTest ./tinc {};
|
||||
tinydns = handleTest ./tinydns.nix {};
|
||||
tor = handleTest ./tor.nix {};
|
||||
trac = handleTest ./trac.nix {};
|
||||
# traefik test relies on docker-containers
|
||||
traefik = handleTestOn ["x86_64-linux"] ./traefik.nix {};
|
||||
trafficserver = handleTest ./trafficserver.nix {};
|
||||
|
|
100
third_party/nixpkgs/nixos/tests/man.nix
vendored
Normal file
100
third_party/nixpkgs/nixos/tests/man.nix
vendored
Normal file
|
@ -0,0 +1,100 @@
|
|||
|
||||
import ./make-test-python.nix ({ pkgs, lib, ... }: let
|
||||
manImplementations = [
|
||||
"mandoc"
|
||||
"man-db"
|
||||
];
|
||||
|
||||
machineNames = builtins.map machineSafe manImplementations;
|
||||
|
||||
makeConfig = useImpl: {
|
||||
# Note: mandoc currently can't index symlinked section directories.
|
||||
# So if a man section comes from one package exclusively (e. g.
|
||||
# 1p from man-pages-posix and 2 from man-pages), it isn't searchable.
|
||||
environment.systemPackages = [
|
||||
pkgs.man-pages
|
||||
pkgs.openssl
|
||||
pkgs.libunwind
|
||||
];
|
||||
|
||||
documentation = {
|
||||
enable = true;
|
||||
nixos.enable = lib.mkForce true;
|
||||
dev.enable = true;
|
||||
man = {
|
||||
enable = true;
|
||||
generateCaches = true;
|
||||
} // lib.listToAttrs (builtins.map (impl: {
|
||||
name = impl;
|
||||
value = {
|
||||
enable = useImpl == impl;
|
||||
};
|
||||
}) manImplementations);
|
||||
};
|
||||
};
|
||||
|
||||
machineSafe = builtins.replaceStrings [ "-" ] [ "_" ];
|
||||
in {
|
||||
name = "man";
|
||||
meta.maintainers = [ lib.maintainers.sternenseemann ];
|
||||
|
||||
nodes = lib.listToAttrs (builtins.map (i: {
|
||||
name = machineSafe i;
|
||||
value = makeConfig i;
|
||||
}) manImplementations);
|
||||
|
||||
testScript = ''
|
||||
import re
|
||||
start_all()
|
||||
|
||||
def match_man_k(page, section, haystack):
|
||||
"""
|
||||
Check if the man page {page}({section}) occurs in
|
||||
the output of `man -k` given as haystack. Note:
|
||||
This is not super reliable, e. g. it can't deal
|
||||
with man pages that are in multiple sections.
|
||||
"""
|
||||
|
||||
for line in haystack.split("\n"):
|
||||
# man -k can look like this:
|
||||
# page(3) - bla
|
||||
# page (3) - bla
|
||||
# pagea, pageb (3, 3P) - foo
|
||||
# pagea, pageb, pagec(3) - bar
|
||||
pages = line.split("(")[0]
|
||||
sections = re.search("\\([a-zA-Z1-9, ]+\\)", line)
|
||||
if sections is None:
|
||||
continue
|
||||
else:
|
||||
sections = sections.group(0)[1:-1]
|
||||
|
||||
if page in pages and f'{section}' in sections:
|
||||
return True
|
||||
|
||||
return False
|
||||
|
||||
'' + lib.concatMapStrings (machine: ''
|
||||
with subtest("Test direct man page lookups in ${machine}"):
|
||||
# man works
|
||||
${machine}.succeed("man man > /dev/null")
|
||||
# devman works
|
||||
${machine}.succeed("man 3 libunwind > /dev/null")
|
||||
# NixOS configuration man page is installed
|
||||
${machine}.succeed("man configuration.nix > /dev/null")
|
||||
|
||||
with subtest("Test generateCaches via man -k in ${machine}"):
|
||||
expected = [
|
||||
("openssl", "ssl", 3),
|
||||
("unwind", "libunwind", 3),
|
||||
("user", "useradd", 8),
|
||||
("user", "userdel", 8),
|
||||
("mem", "free", 3),
|
||||
("mem", "free", 1),
|
||||
]
|
||||
|
||||
for (keyword, page, section) in expected:
|
||||
matches = ${machine}.succeed(f"man -k {keyword}")
|
||||
if not match_man_k(page, section, matches):
|
||||
raise Exception(f"{page}({section}) missing in matches: {matches}")
|
||||
'') machineNames;
|
||||
})
|
95
third_party/nixpkgs/nixos/tests/matrix-conduit.nix
vendored
Normal file
95
third_party/nixpkgs/nixos/tests/matrix-conduit.nix
vendored
Normal file
|
@ -0,0 +1,95 @@
|
|||
import ./make-test-python.nix ({ pkgs, ... }:
|
||||
let
|
||||
name = "conduit";
|
||||
in
|
||||
{
|
||||
nodes = {
|
||||
conduit = args: {
|
||||
services.matrix-conduit = {
|
||||
enable = true;
|
||||
settings.global.server_name = name;
|
||||
settings.global.allow_registration = true;
|
||||
extraEnvironment.RUST_BACKTRACE = "yes";
|
||||
};
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
virtualHosts.${name} = {
|
||||
enableACME = false;
|
||||
forceSSL = false;
|
||||
enableSSL = false;
|
||||
|
||||
locations."/_matrix" = {
|
||||
proxyPass = "http://[::1]:6167";
|
||||
};
|
||||
};
|
||||
};
|
||||
networking.firewall.allowedTCPPorts = [ 80 ];
|
||||
};
|
||||
client = { pkgs, ... }: {
|
||||
environment.systemPackages = [
|
||||
(
|
||||
pkgs.writers.writePython3Bin "do_test"
|
||||
{ libraries = [ pkgs.python3Packages.matrix-nio ]; } ''
|
||||
import asyncio
|
||||
|
||||
from nio import AsyncClient
|
||||
|
||||
|
||||
async def main() -> None:
|
||||
# Connect to conduit
|
||||
client = AsyncClient("http://conduit:80", "alice")
|
||||
|
||||
# Register as user alice
|
||||
response = await client.register("alice", "my-secret-password")
|
||||
|
||||
# Log in as user alice
|
||||
response = await client.login("my-secret-password")
|
||||
|
||||
# Create a new room
|
||||
response = await client.room_create(federate=False)
|
||||
room_id = response.room_id
|
||||
|
||||
# Join the room
|
||||
response = await client.join(room_id)
|
||||
|
||||
# Send a message to the room
|
||||
response = await client.room_send(
|
||||
room_id=room_id,
|
||||
message_type="m.room.message",
|
||||
content={
|
||||
"msgtype": "m.text",
|
||||
"body": "Hello conduit!"
|
||||
}
|
||||
)
|
||||
|
||||
# Sync responses
|
||||
response = await client.sync(timeout=30000)
|
||||
|
||||
# Check the message was received by conduit
|
||||
last_message = response.rooms.join[room_id].timeline.events[-1].body
|
||||
assert last_message == "Hello conduit!"
|
||||
|
||||
# Leave the room
|
||||
response = await client.room_leave(room_id)
|
||||
|
||||
# Close the client
|
||||
await client.close()
|
||||
|
||||
asyncio.get_event_loop().run_until_complete(main())
|
||||
''
|
||||
)
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
start_all()
|
||||
|
||||
with subtest("start conduit"):
|
||||
conduit.wait_for_unit("conduit.service")
|
||||
conduit.wait_for_open_port(80)
|
||||
|
||||
with subtest("ensure messages can be exchanged"):
|
||||
client.succeed("do_test")
|
||||
'';
|
||||
})
|
124
third_party/nixpkgs/nixos/tests/mattermost.nix
vendored
Normal file
124
third_party/nixpkgs/nixos/tests/mattermost.nix
vendored
Normal file
|
@ -0,0 +1,124 @@
|
|||
import ./make-test-python.nix ({ pkgs, lib, ... }:
|
||||
let
|
||||
host = "smoke.test";
|
||||
port = "8065";
|
||||
url = "http://${host}:${port}";
|
||||
siteName = "NixOS Smoke Tests, Inc.";
|
||||
|
||||
makeMattermost = mattermostConfig:
|
||||
{ config, ... }: {
|
||||
environment.systemPackages = [
|
||||
pkgs.mattermost
|
||||
pkgs.curl
|
||||
pkgs.jq
|
||||
];
|
||||
networking.hosts = {
|
||||
"127.0.0.1" = [ host ];
|
||||
};
|
||||
services.mattermost = lib.recursiveUpdate {
|
||||
enable = true;
|
||||
inherit siteName;
|
||||
listenAddress = "0.0.0.0:${port}";
|
||||
siteUrl = url;
|
||||
extraConfig = {
|
||||
SupportSettings.AboutLink = "https://nixos.org";
|
||||
};
|
||||
} mattermostConfig;
|
||||
};
|
||||
in
|
||||
{
|
||||
name = "mattermost";
|
||||
|
||||
nodes = {
|
||||
mutable = makeMattermost {
|
||||
mutableConfig = true;
|
||||
extraConfig.SupportSettings.HelpLink = "https://search.nixos.org";
|
||||
};
|
||||
mostlyMutable = makeMattermost {
|
||||
mutableConfig = true;
|
||||
preferNixConfig = true;
|
||||
plugins = let
|
||||
mattermostDemoPlugin = pkgs.fetchurl {
|
||||
url = "https://github.com/mattermost/mattermost-plugin-demo/releases/download/v0.9.0/com.mattermost.demo-plugin-0.9.0.tar.gz";
|
||||
sha256 = "1h4qi34gcxcx63z8wiqcf2aaywmvv8lys5g8gvsk13kkqhlmag25";
|
||||
};
|
||||
in [
|
||||
mattermostDemoPlugin
|
||||
];
|
||||
};
|
||||
immutable = makeMattermost {
|
||||
mutableConfig = false;
|
||||
extraConfig.SupportSettings.HelpLink = "https://search.nixos.org";
|
||||
};
|
||||
};
|
||||
|
||||
testScript = let
|
||||
expectConfig = jqExpression: pkgs.writeShellScript "expect-config" ''
|
||||
set -euo pipefail
|
||||
echo "Expecting config to match: "${lib.escapeShellArg jqExpression} >&2
|
||||
curl ${lib.escapeShellArg url} >/dev/null
|
||||
config="$(curl ${lib.escapeShellArg "${url}/api/v4/config/client?format=old"})"
|
||||
echo "Config: $(echo "$config" | ${pkgs.jq}/bin/jq)" >&2
|
||||
[[ "$(echo "$config" | ${pkgs.jq}/bin/jq -r ${lib.escapeShellArg ".SiteName == $siteName and .Version == ($mattermostName / $sep)[-1] and (${jqExpression})"} --arg siteName ${lib.escapeShellArg siteName} --arg mattermostName ${lib.escapeShellArg pkgs.mattermost.name} --arg sep '-')" = "true" ]]
|
||||
'';
|
||||
|
||||
setConfig = jqExpression: pkgs.writeShellScript "set-config" ''
|
||||
set -euo pipefail
|
||||
mattermostConfig=/var/lib/mattermost/config/config.json
|
||||
newConfig="$(${pkgs.jq}/bin/jq -r ${lib.escapeShellArg jqExpression} $mattermostConfig)"
|
||||
rm -f $mattermostConfig
|
||||
echo "$newConfig" > "$mattermostConfig"
|
||||
'';
|
||||
in
|
||||
''
|
||||
start_all()
|
||||
|
||||
## Mutable node tests ##
|
||||
mutable.wait_for_unit("mattermost.service")
|
||||
mutable.wait_for_open_port(8065)
|
||||
|
||||
# Get the initial config
|
||||
mutable.succeed("${expectConfig ''.AboutLink == "https://nixos.org" and .HelpLink == "https://search.nixos.org"''}")
|
||||
|
||||
# Edit the config
|
||||
mutable.succeed("${setConfig ''.SupportSettings.AboutLink = "https://mattermost.com"''}")
|
||||
mutable.succeed("${setConfig ''.SupportSettings.HelpLink = "https://nixos.org/nixos/manual"''}")
|
||||
mutable.systemctl("restart mattermost.service")
|
||||
mutable.wait_for_open_port(8065)
|
||||
|
||||
# AboutLink and HelpLink should be changed
|
||||
mutable.succeed("${expectConfig ''.AboutLink == "https://mattermost.com" and .HelpLink == "https://nixos.org/nixos/manual"''}")
|
||||
|
||||
## Mostly mutable node tests ##
|
||||
mostlyMutable.wait_for_unit("mattermost.service")
|
||||
mostlyMutable.wait_for_open_port(8065)
|
||||
|
||||
# Get the initial config
|
||||
mostlyMutable.succeed("${expectConfig ''.AboutLink == "https://nixos.org"''}")
|
||||
|
||||
# Edit the config
|
||||
mostlyMutable.succeed("${setConfig ''.SupportSettings.AboutLink = "https://mattermost.com"''}")
|
||||
mostlyMutable.succeed("${setConfig ''.SupportSettings.HelpLink = "https://nixos.org/nixos/manual"''}")
|
||||
mostlyMutable.systemctl("restart mattermost.service")
|
||||
mostlyMutable.wait_for_open_port(8065)
|
||||
|
||||
# AboutLink should be overridden by NixOS configuration; HelpLink should be what we set above
|
||||
mostlyMutable.succeed("${expectConfig ''.AboutLink == "https://nixos.org" and .HelpLink == "https://nixos.org/nixos/manual"''}")
|
||||
|
||||
## Immutable node tests ##
|
||||
immutable.wait_for_unit("mattermost.service")
|
||||
immutable.wait_for_open_port(8065)
|
||||
|
||||
# Get the initial config
|
||||
immutable.succeed("${expectConfig ''.AboutLink == "https://nixos.org" and .HelpLink == "https://search.nixos.org"''}")
|
||||
|
||||
# Edit the config
|
||||
immutable.succeed("${setConfig ''.SupportSettings.AboutLink = "https://mattermost.com"''}")
|
||||
immutable.succeed("${setConfig ''.SupportSettings.HelpLink = "https://nixos.org/nixos/manual"''}")
|
||||
immutable.systemctl("restart mattermost.service")
|
||||
immutable.wait_for_open_port(8065)
|
||||
|
||||
# Our edits should be ignored on restart
|
||||
immutable.succeed("${expectConfig ''.AboutLink == "https://nixos.org" and .HelpLink == "https://search.nixos.org"''}")
|
||||
'';
|
||||
})
|
28
third_party/nixpkgs/nixos/tests/moinmoin.nix
vendored
28
third_party/nixpkgs/nixos/tests/moinmoin.nix
vendored
|
@ -1,28 +0,0 @@
|
|||
import ./make-test-python.nix ({ pkgs, lib, ... }: {
|
||||
name = "moinmoin";
|
||||
meta.maintainers = with lib.maintainers; [ mmilata ];
|
||||
|
||||
machine =
|
||||
{ ... }:
|
||||
{ services.moinmoin.enable = true;
|
||||
services.moinmoin.wikis.ExampleWiki.superUsers = [ "admin" ];
|
||||
services.moinmoin.wikis.ExampleWiki.webHost = "localhost";
|
||||
|
||||
services.nginx.virtualHosts.localhost.enableACME = false;
|
||||
services.nginx.virtualHosts.localhost.forceSSL = false;
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
start_all()
|
||||
|
||||
machine.wait_for_unit("moin-ExampleWiki.service")
|
||||
machine.wait_for_unit("nginx.service")
|
||||
machine.wait_for_file("/run/moin/ExampleWiki/gunicorn.sock")
|
||||
|
||||
assert "If you have just installed" in machine.succeed("curl -L http://localhost/")
|
||||
|
||||
assert "status success" in machine.succeed(
|
||||
"moin-ExampleWiki account create --name=admin --email=admin@example.com --password=foo 2>&1"
|
||||
)
|
||||
'';
|
||||
})
|
71
third_party/nixpkgs/nixos/tests/networking.nix
vendored
71
third_party/nixpkgs/nixos/tests/networking.nix
vendored
|
@ -489,6 +489,77 @@ let
|
|||
client2.wait_until_succeeds("ping -c 1 fc00::2")
|
||||
'';
|
||||
};
|
||||
gre = let
|
||||
node = { pkgs, ... }: with pkgs.lib; {
|
||||
networking = {
|
||||
useNetworkd = networkd;
|
||||
useDHCP = false;
|
||||
};
|
||||
};
|
||||
in {
|
||||
name = "GRE";
|
||||
nodes.client1 = args@{ pkgs, ... }:
|
||||
mkMerge [
|
||||
(node args)
|
||||
{
|
||||
virtualisation.vlans = [ 1 2 ];
|
||||
networking = {
|
||||
greTunnels = {
|
||||
greTunnel = {
|
||||
local = "192.168.2.1";
|
||||
remote = "192.168.2.2";
|
||||
dev = "eth2";
|
||||
type = "tap";
|
||||
};
|
||||
};
|
||||
bridges.bridge.interfaces = [ "greTunnel" "eth1" ];
|
||||
interfaces.eth1.ipv4.addresses = mkOverride 0 [];
|
||||
interfaces.bridge.ipv4.addresses = mkOverride 0 [
|
||||
{ address = "192.168.1.1"; prefixLength = 24; }
|
||||
];
|
||||
};
|
||||
}
|
||||
];
|
||||
nodes.client2 = args@{ pkgs, ... }:
|
||||
mkMerge [
|
||||
(node args)
|
||||
{
|
||||
virtualisation.vlans = [ 2 3 ];
|
||||
networking = {
|
||||
greTunnels = {
|
||||
greTunnel = {
|
||||
local = "192.168.2.2";
|
||||
remote = "192.168.2.1";
|
||||
dev = "eth1";
|
||||
type = "tap";
|
||||
};
|
||||
};
|
||||
bridges.bridge.interfaces = [ "greTunnel" "eth2" ];
|
||||
interfaces.eth2.ipv4.addresses = mkOverride 0 [];
|
||||
interfaces.bridge.ipv4.addresses = mkOverride 0 [
|
||||
{ address = "192.168.1.2"; prefixLength = 24; }
|
||||
];
|
||||
};
|
||||
}
|
||||
];
|
||||
testScript = { ... }:
|
||||
''
|
||||
start_all()
|
||||
|
||||
with subtest("Wait for networking to be configured"):
|
||||
client1.wait_for_unit("network.target")
|
||||
client2.wait_for_unit("network.target")
|
||||
|
||||
# Print diagnostic information
|
||||
client1.succeed("ip addr >&2")
|
||||
client2.succeed("ip addr >&2")
|
||||
|
||||
with subtest("Test GRE tunnel bridge over VLAN"):
|
||||
client1.wait_until_succeeds("ping -c 1 192.168.1.2")
|
||||
|
||||
client2.wait_until_succeeds("ping -c 1 192.168.1.1")
|
||||
'';
|
||||
};
|
||||
vlan = let
|
||||
node = address: { pkgs, ... }: with pkgs.lib; {
|
||||
#virtualisation.vlans = [ 1 ];
|
||||
|
|
19
third_party/nixpkgs/nixos/tests/trac.nix
vendored
19
third_party/nixpkgs/nixos/tests/trac.nix
vendored
|
@ -1,19 +0,0 @@
|
|||
import ./make-test-python.nix ({ pkgs, ... }: {
|
||||
name = "trac";
|
||||
meta = with pkgs.lib.maintainers; {
|
||||
maintainers = [ mmahut ];
|
||||
};
|
||||
|
||||
nodes = {
|
||||
machine = { ... }: {
|
||||
services.trac.enable = true;
|
||||
};
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
start_all()
|
||||
machine.wait_for_unit("trac.service")
|
||||
machine.wait_for_open_port(8000)
|
||||
machine.wait_until_succeeds("curl -fL http://localhost:8000/ | grep 'Trac Powered'")
|
||||
'';
|
||||
})
|
|
@ -15,13 +15,13 @@ assert withGtk3 -> gtk3 != null;
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "carla";
|
||||
version = "2.4.0";
|
||||
version = "2.4.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "falkTX";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-WxhG9X6jVcu10bl5p0f61+SYZmJw4W7DYvezbpAlNjg=";
|
||||
sha256 = "sha256-faVLPHPQ4voR/RHiPpUwnZK+5Jx0u4rJWuH5zlydzwY=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
@ -78,7 +78,7 @@ stdenv.mkDerivation rec {
|
|||
'';
|
||||
|
||||
meta = with lib; {
|
||||
homepage = "http://kxstudio.sf.net/carla";
|
||||
homepage = "https://kx.studio/Applications:Carla";
|
||||
description = "An audio plugin host";
|
||||
longDescription = ''
|
||||
It currently supports LADSPA (including LRDF), DSSI, LV2, VST2/3
|
||||
|
|
|
@ -13,13 +13,13 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "ft2-clone";
|
||||
version = "1.48";
|
||||
version = "1.49";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "8bitbubsy";
|
||||
repo = "ft2-clone";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-ZE9uid/srHHuTRqzgbtHcfmM0VkVsdrK1CJ3Qwbvtao=";
|
||||
sha256 = "sha256-DpEzilMERfbop7YYqNCcxSe1qfcz4n7Uqj/i5t5a6nQ=";
|
||||
};
|
||||
|
||||
# Adapt the linux-only CMakeLists to darwin (more reliable than make-macos.sh)
|
||||
|
|
|
@ -1,34 +0,0 @@
|
|||
{ lib, fetchurl, python2Packages, gettext, klick}:
|
||||
|
||||
python2Packages.buildPythonApplication rec {
|
||||
pname = "gtklick";
|
||||
version = "0.6.4";
|
||||
|
||||
src = fetchurl {
|
||||
url = "http://das.nasophon.de/download/${pname}-${version}.tar.gz";
|
||||
sha256 = "7799d884126ccc818678aed79d58057f8cf3528e9f1be771c3fa5b694d9d0137";
|
||||
};
|
||||
|
||||
pythonPath = with python2Packages; [
|
||||
pyliblo
|
||||
pyGtkGlade
|
||||
];
|
||||
|
||||
nativeBuildInputs = [ gettext ];
|
||||
|
||||
propagatedBuildInputs = [ klick ];
|
||||
|
||||
# wrapPythonPrograms breaks gtklick in the postFixup phase.
|
||||
# To fix it, apply wrapPythonPrograms and then clean up the wrapped file.
|
||||
postFixup = ''
|
||||
wrapPythonPrograms
|
||||
|
||||
sed -i "/import sys; sys.argv\[0\] = 'gtklick'/d" $out/bin/.gtklick-wrapped
|
||||
'';
|
||||
|
||||
meta = {
|
||||
homepage = "http://das.nasophon.de/gtklick/";
|
||||
description = "Simple metronome with an easy-to-use GTK interface";
|
||||
license = lib.licenses.gpl2Plus;
|
||||
};
|
||||
}
|
|
@ -1,21 +0,0 @@
|
|||
{ lib, fetchurl, python2Packages }:
|
||||
|
||||
python2Packages.buildPythonApplication rec {
|
||||
pname = "lastfmsubmitd";
|
||||
version = "1.0.6";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://www.red-bean.com/decklin/lastfmsubmitd/lastfmsubmitd-${version}.tar.gz";
|
||||
sha256 = "c2636d5095a95167366bacd458624d67b046e060244fa54ba2c2e3efb79f9b0e";
|
||||
};
|
||||
|
||||
doCheck = false;
|
||||
|
||||
installCommand = "python setup.py install --prefix=$out";
|
||||
|
||||
meta = {
|
||||
homepage = "https://www.red-bean.com/decklin/lastfmsubmitd/";
|
||||
license = lib.licenses.mit;
|
||||
description = "An last.fm audio scrobbler and daemon";
|
||||
};
|
||||
}
|
|
@ -43,6 +43,6 @@ mkDerivation rec {
|
|||
homepage = "https://lmms.io";
|
||||
license = licenses.gpl2Plus;
|
||||
platforms = [ "x86_64-linux" "i686-linux" ];
|
||||
maintainers = with maintainers; [ goibhniu yegortimoshenko ];
|
||||
maintainers = with maintainers; [ goibhniu yana ];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -25,7 +25,7 @@
|
|||
|
||||
python3.pkgs.buildPythonApplication rec {
|
||||
pname = "lollypop";
|
||||
version = "1.4.23";
|
||||
version = "1.4.26";
|
||||
|
||||
format = "other";
|
||||
doCheck = false;
|
||||
|
@ -34,7 +34,7 @@ python3.pkgs.buildPythonApplication rec {
|
|||
url = "https://gitlab.gnome.org/World/lollypop";
|
||||
rev = "refs/tags/${version}";
|
||||
fetchSubmodules = true;
|
||||
sha256 = "sha256-wwdH3gMpYt40VGqrL1XfB1dOfg45zLKtTEI23AwjCis=";
|
||||
sha256 = "sha256-Q/z9oET06DimMRZl03TgjEeheoVHtIkH+Z69qWZetcI=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
|
|
@ -27,7 +27,7 @@ stdenv.mkDerivation rec {
|
|||
|
||||
meta = with lib; {
|
||||
description = "Music tracker application, similar to Fasttracker II";
|
||||
homepage = "http://milkytracker.org";
|
||||
homepage = "https://milkytracker.org/";
|
||||
license = licenses.gpl3Plus;
|
||||
platforms = [ "x86_64-linux" "i686-linux" ];
|
||||
maintainers = with maintainers; [];
|
||||
|
|
|
@ -1,31 +0,0 @@
|
|||
{ fetchurl, lib, python2Packages, libmms }:
|
||||
|
||||
python2Packages.buildPythonApplication rec {
|
||||
pname = "mimms";
|
||||
version = "3.2";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://download.savannah.gnu.org/releases/mimms/mimms-${version}.tar.bz2";
|
||||
sha256 = "0zmcd670mpq85cs3nvdq3i805ba0d1alqahfy1m9cpf7kxrivfml";
|
||||
};
|
||||
|
||||
postInstall = ''
|
||||
wrapProgram $out/bin/mimms \
|
||||
--prefix LD_LIBRARY_PATH : ${libmms}/lib
|
||||
'';
|
||||
|
||||
meta = {
|
||||
homepage = "https://savannah.nongnu.org/projects/mimms/";
|
||||
license = lib.licenses.gpl3;
|
||||
description = "An mms (e.g. mms://) stream downloader";
|
||||
|
||||
longDescription = ''
|
||||
mimms is a program designed to allow you to download streams
|
||||
using the MMS protocol and save them to your computer, as
|
||||
opposed to watching them live. Similar functionality is
|
||||
available in full media player suites such as Xine, MPlayer,
|
||||
and VLC, but mimms is quick and easy to use and, for the time
|
||||
being, remains a useful program.
|
||||
'';
|
||||
};
|
||||
}
|
|
@ -2,12 +2,12 @@
|
|||
|
||||
let
|
||||
pname = "plexamp";
|
||||
version = "3.8.2";
|
||||
version = "3.9.0";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://plexamp.plex.tv/plexamp.plex.tv/desktop/Plexamp-${version}.AppImage";
|
||||
name="${pname}-${version}.AppImage";
|
||||
sha512 = "JVzfWlrX21KHw4tSrGpCYqqoWFudnyFG4YnHKsnIUtxLDkjyQA8N2/OrDIR+SlK/b0RRs9KZ4lbqQMX8PXUHsg==";
|
||||
sha512 = "2OaV8dONv7yBcQsfecgfedP2ypBN6svD9rgZLgUwSydyH2+rODNPne4O7z2Hahm7Y0Ae+NFxbpQ9lbNbX0vhsg==";
|
||||
};
|
||||
|
||||
appimageContents = appimageTools.extractType2 {
|
||||
|
@ -33,7 +33,7 @@ in appimageTools.wrapType2 {
|
|||
meta = with lib; {
|
||||
description = "A beautiful Plex music player for audiophiles, curators, and hipsters";
|
||||
homepage = "https://plexamp.com/";
|
||||
changelog = "https://forums.plex.tv/t/plexamp-release-notes/221280/35";
|
||||
changelog = "https://forums.plex.tv/t/plexamp-release-notes/221280/36";
|
||||
license = licenses.unfree;
|
||||
maintainers = with maintainers; [ killercup synthetica ];
|
||||
platforms = [ "x86_64-linux" ];
|
||||
|
|
|
@ -30,11 +30,11 @@
|
|||
|
||||
mkDerivation rec {
|
||||
pname = "qtractor";
|
||||
version = "0.9.23";
|
||||
version = "0.9.24";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://sourceforge/${pname}/${pname}-${version}.tar.gz";
|
||||
sha256 = "sha256-GgDc7WM4nVGlq+8EcwxJ7MnSPYwAej51IMrN0glCTbQ=";
|
||||
sha256 = "sha256-YTT7ko5HjKrZ8DKU3L06EI7bZeBtvPl21pqUf6EaeS4=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
|
|
@ -27,7 +27,7 @@ stdenv.mkDerivation rec {
|
|||
|
||||
meta = with lib; {
|
||||
description = "A DSP tonewheel organ emulator";
|
||||
homepage = "http://setbfree.org";
|
||||
homepage = "https://setbfree.org";
|
||||
license = licenses.gpl2;
|
||||
platforms = [ "x86_64-linux" "i686-linux" ]; # fails on ARM and Darwin
|
||||
maintainers = [ maintainers.goibhniu ];
|
||||
|
|
44
third_party/nixpkgs/pkgs/applications/audio/sony-headphones-client/default.nix
vendored
Normal file
44
third_party/nixpkgs/pkgs/applications/audio/sony-headphones-client/default.nix
vendored
Normal file
|
@ -0,0 +1,44 @@
|
|||
{ lib, stdenv, fetchFromGitHub, cmake, pkg-config, bluez, dbus, glew, glfw, imgui, makeDesktopItem, copyDesktopItems }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "SonyHeadphonesClient";
|
||||
version = "1.2";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "Plutoberth";
|
||||
repo = "SonyHeadphonesClient";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-oejXrs9X+R6Jydro0XIw2XifzFA7asDhpobtaE3//Hc=";
|
||||
fetchSubmodules = true;
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake pkg-config copyDesktopItems ];
|
||||
buildInputs = [ bluez dbus glew glfw imgui ];
|
||||
|
||||
sourceRoot = "./source/Client";
|
||||
|
||||
cmakeFlags = [ "-Wno-dev" ];
|
||||
|
||||
installPhase = ''
|
||||
runHook preInstall
|
||||
install -Dm755 -t $out/bin SonyHeadphonesClient
|
||||
runHook postInstall
|
||||
'';
|
||||
|
||||
desktopItems = [ (makeDesktopItem {
|
||||
name = "SonyHeadphonesClient";
|
||||
exec = "SonyHeadphonesClient";
|
||||
icon = "SonyHeadphonesClient";
|
||||
desktopName = "Sony Headphones Client";
|
||||
comment = "A client recreating the functionality of the Sony Headphones app";
|
||||
categories = "Audio;Mixer;";
|
||||
}) ];
|
||||
|
||||
meta = with lib; {
|
||||
description = "A client recreating the functionality of the Sony Headphones app";
|
||||
homepage = "https://github.com/Plutoberth/SonyHeadphonesClient";
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ stunkymonkey ];
|
||||
platforms = platforms.linux;
|
||||
};
|
||||
}
|
|
@ -16,7 +16,7 @@ stdenv.mkDerivation rec {
|
|||
|
||||
meta = with lib; {
|
||||
description = "Allows to analyze samples of musical instruments, and to combine them (morphing) to construct hybrid sounds";
|
||||
homepage = "http://spectmorph.org";
|
||||
homepage = "https://spectmorph.org";
|
||||
license = licenses.gpl3;
|
||||
platforms = [ "x86_64-linux" "i686-linux" ];
|
||||
maintainers = [ maintainers.magnetophon ];
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ lib, stdenv, fetchFromGitHub }:
|
||||
{ lib, stdenv, fetchFromGitHub, fetchpatch }:
|
||||
|
||||
stdenv.mkDerivation {
|
||||
pname = "wavegain";
|
||||
|
@ -11,6 +11,17 @@ stdenv.mkDerivation {
|
|||
sha256 = "0wghqnsbypmr4xcrhb568bfjdnxzzp8qgnws3jslzmzf34dpk5ls";
|
||||
};
|
||||
|
||||
patches = [
|
||||
# Upstream fix for -fno-common toolchains.
|
||||
(fetchpatch {
|
||||
name = "fno-common.patch";
|
||||
url = "https://github.com/MestreLion/wavegain/commit/ee5e0f9a0ce34c0cf2769ea6566685a54b938304.patch";
|
||||
sha256 = "11yi0czdn5h5bsqp23cww6yn9lm60cij8i1pzfwcfhgyf6f8ym1n";
|
||||
})
|
||||
];
|
||||
|
||||
makeFlags = [ "CC=${stdenv.cc.targetPrefix}cc" ];
|
||||
|
||||
installPhase = ''
|
||||
strip -s wavegain
|
||||
install -vD wavegain "$out/bin/wavegain"
|
||||
|
|
|
@ -137,6 +137,7 @@ stdenv.mkDerivation rec {
|
|||
"-Denable_rtmidi=true"
|
||||
"-Denable_rtaudio=true"
|
||||
"-Denable_sdl=true"
|
||||
"-Dcarla=enabled"
|
||||
"-Dmanpage=true"
|
||||
# "-Duser_manual=true" # needs sphinx-intl
|
||||
"-Dlsp_dsp=disabled"
|
||||
|
|
|
@ -3,13 +3,13 @@
|
|||
|
||||
buildDotnetModule rec {
|
||||
pname = "btcpayserver";
|
||||
version = "1.3.6";
|
||||
version = "1.3.7";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = pname;
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-8SWbbdPx/cC7EWTkSbB/YqR13jaL76fFIjHPGL4rFyk=";
|
||||
sha256 = "sha256-W8WRw42hMNUaQZlfrl73REGIvLcj6Vso9Axx53ENkx0=";
|
||||
};
|
||||
|
||||
projectFile = "BTCPayServer/BTCPayServer.csproj";
|
||||
|
|
|
@ -2,11 +2,11 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "ergo";
|
||||
version = "4.0.16";
|
||||
version = "4.0.16.2";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/ergoplatform/ergo/releases/download/v${version}/ergo-${version}.jar";
|
||||
sha256 = "sha256-cdfpXJtN/JXQNBnCyTIvJLQQhjzDV3+l4WoASII9uuU=";
|
||||
sha256 = "sha256-nAaNT5Rt/oLBA2pSJSinoLKMYJ0VZmuC0zoMYbMSAJQ=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ makeWrapper ];
|
||||
|
|
|
@ -9,17 +9,16 @@ let
|
|||
|
||||
in buildGoModule rec {
|
||||
pname = "go-ethereum";
|
||||
version = "1.10.11";
|
||||
version = "1.10.14";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "ethereum";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-8kPaa2wRKUQBn4LFDnc7tEbLR62f99NS1HIVDeHHzto=";
|
||||
sha256 = "sha256-0DQrcei3FM+X4BYokou7dPNVCcJTbY05YsTvzdtsas8=";
|
||||
};
|
||||
|
||||
runVend = true;
|
||||
vendorSha256 = "sha256-i2FOAN1ng3WNOWaFowiSSuYR4LA1Bo3tjkvgcClBXSU=";
|
||||
vendorSha256 = "sha256-zQOpWtQrdn+E1tRWmtEScQ7DDMzNCSr5H+5YL+Z1vug=";
|
||||
|
||||
doCheck = false;
|
||||
|
||||
|
|
|
@ -5,16 +5,16 @@
|
|||
|
||||
buildGoModule rec {
|
||||
pname = "lightning-loop";
|
||||
version = "0.15.0-beta";
|
||||
version = "0.16.0-beta";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "lightninglabs";
|
||||
repo = "loop";
|
||||
rev = "v${version}";
|
||||
sha256 = "1yjc04jiam3836w7vn3b1jqj1dq1k8wwfnccir0vh29cn6v0cf63";
|
||||
sha256 = "0q4lk338mr30frilgnjr43gd55z7ryj2s260437b4pnp03hmbf10";
|
||||
};
|
||||
|
||||
vendorSha256 = "0c3ly0s438sr9iql2ps4biaswphp7dfxshddyw5fcm0ajqzvhrmw";
|
||||
vendorSha256 = "14862603rrss14p537j9i7iwflaaprwrnslmqm9hpb7hj52bxqfv";
|
||||
|
||||
subPackages = [ "cmd/loop" "cmd/loopd" ];
|
||||
|
||||
|
|
|
@ -5,16 +5,16 @@
|
|||
|
||||
buildGoModule rec {
|
||||
pname = "lightning-pool";
|
||||
version = "0.5.1-alpha";
|
||||
version = "0.5.3-alpha";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "lightninglabs";
|
||||
repo = "pool";
|
||||
rev = "v${version}";
|
||||
sha256 = "147s0p4arfxl2akzm267p8zfy6hgssym5rwxv78kp8i39mfinpkn";
|
||||
sha256 = "1nc3hksk9qcxrsyqpz9vcfc8x093rc8yx8ppfk177j9fhdnn8bk7";
|
||||
};
|
||||
|
||||
vendorSha256 = "0zd3bwqi0hnk0562x9hd62cwjw1xj386m83jagg41kzz0cpcr7zl";
|
||||
vendorSha256 = "09yxaa74814l1rp0arqhqpplr2j0p8dj81zqcbxlwp5ckjv9r2za";
|
||||
|
||||
subPackages = [ "cmd/pool" "cmd/poold" ];
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
#!/usr/bin/env nix-shell
|
||||
#!nix-shell -i bash -p coreutils curl jq common-updater-scripts dotnet-sdk_3 git gnupg nix
|
||||
#!nix-shell -i bash -p coreutils curl jq common-updater-scripts dotnet-sdk_3 git gnupg nixFlakes
|
||||
set -euo pipefail
|
||||
|
||||
# This script uses the following env vars:
|
||||
|
@ -17,7 +17,7 @@ scriptDir=$(cd "${BASH_SOURCE[0]%/*}" && pwd)
|
|||
nixpkgs=$(realpath "$scriptDir"/../../../../..)
|
||||
|
||||
evalNixpkgs() {
|
||||
nix eval --raw "(with import \"$nixpkgs\" {}; $1)"
|
||||
nix eval --impure --raw --expr "(with import \"$nixpkgs\" {}; $1)"
|
||||
}
|
||||
|
||||
getRepo() {
|
||||
|
|
|
@ -1,98 +0,0 @@
|
|||
#! /usr/bin/env nix-shell
|
||||
#! nix-shell -i bash -p dotnet-sdk_3 jq xmlstarlet curl nixpkgs-fmt
|
||||
set -euo pipefail
|
||||
|
||||
# Run this script to generate deps.nix
|
||||
|
||||
# TODO: consolidate with other dotnet deps generation scripts by which
|
||||
# this script is inspired:
|
||||
# - pkgs/servers/nosql/eventstore/create-deps.sh
|
||||
# - pkgs/development/dotnet-modules/python-language-server/create_deps.sh
|
||||
# - pkgs/misc/emulators/ryujinx/updater.sh
|
||||
|
||||
cd "$(dirname "${BASH_SOURCE[0]}")"
|
||||
|
||||
deps_file="$(realpath "./deps.nix")"
|
||||
|
||||
exec 2>&1 6> "$deps_file"
|
||||
|
||||
store_src="$( nix-build ../../../.. -A wasabibackend.src --no-out-link )"
|
||||
src="$(mktemp -d)"
|
||||
cp -rT "$store_src" "$src"
|
||||
chmod -R +w "$src"
|
||||
pushd "$src"
|
||||
|
||||
URLBASE="https://www.nuget.org/api/v2/package"
|
||||
|
||||
DEPS_HEADER="
|
||||
{ fetchurl }:
|
||||
let
|
||||
nugetUrlBase = \"$URLBASE\";
|
||||
fetchNuGet = { name, version, sha256 }: fetchurl {
|
||||
inherit sha256;
|
||||
url = \"\${nugetUrlBase}/\${name}/\${version}\";
|
||||
};
|
||||
in ["
|
||||
|
||||
DEPS_FOOTER="]"
|
||||
|
||||
DEPS_TEMPLATE="
|
||||
(fetchNuGet {
|
||||
name = \"%s\";
|
||||
version = \"%s\";
|
||||
sha256 = \"%s\";
|
||||
})"
|
||||
|
||||
tmpdir="$(mktemp -d -p "$(pwd)")" # must be under source root
|
||||
trap 'rm -rf "$tmpdir"' EXIT
|
||||
|
||||
HOME="$tmpdir" dotnet restore --packages "$tmpdir"/.nuget/packages \
|
||||
--no-cache --force --runtime linux-x64 \
|
||||
WalletWasabi.Backend/WalletWasabi.Backend.csproj >&2
|
||||
|
||||
mapfile -t repos < <(
|
||||
xmlstarlet sel -t -v 'configuration/packageSources/add/@value' -n NuGet.config "$tmpdir"/.nuget/NuGet/NuGet.Config |
|
||||
while IFS= read index
|
||||
do
|
||||
curl --compressed -fsL "$index" | \
|
||||
jq -r '.resources[] | select(."@type" == "PackageBaseAddress/3.0.0")."@id"'
|
||||
done
|
||||
)
|
||||
|
||||
echo $DEPS_HEADER >&6
|
||||
|
||||
cd "$tmpdir/.nuget/packages"
|
||||
for package in *
|
||||
do
|
||||
cd "$package"
|
||||
for version in *
|
||||
do
|
||||
found=false
|
||||
for repo in "${repos[@]}"
|
||||
do
|
||||
url="$repo$package/$version/$package.$version.nupkg"
|
||||
if curl -fsL "$url" -o /dev/null
|
||||
then
|
||||
found=true
|
||||
break
|
||||
fi
|
||||
done
|
||||
|
||||
if ! $found
|
||||
then
|
||||
echo "couldn't find $package $version" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
sha256=$(nix-prefetch-url "$url" 2>/dev/null)
|
||||
|
||||
printf "$DEPS_TEMPLATE" $package $version $sha256 >&6
|
||||
done
|
||||
cd ..
|
||||
done
|
||||
|
||||
echo $DEPS_FOOTER >&6
|
||||
|
||||
exec 6>&-
|
||||
|
||||
nixpkgs-fmt "$deps_file"
|
|
@ -1,95 +1,45 @@
|
|||
{ lib, stdenv
|
||||
{ lib
|
||||
, stdenv
|
||||
, fetchFromGitHub
|
||||
, fetchurl
|
||||
, makeWrapper
|
||||
, Nuget
|
||||
, buildDotnetModule
|
||||
, dotnetCorePackages
|
||||
, openssl
|
||||
, autoPatchelfHook
|
||||
, zlib
|
||||
, openssl
|
||||
}:
|
||||
|
||||
let
|
||||
deps = import ./deps.nix { inherit fetchurl; };
|
||||
|
||||
dotnet-sdk = dotnetCorePackages.sdk_3_1;
|
||||
dotnet-aspnetcore = dotnetCorePackages.aspnetcore_3_1;
|
||||
|
||||
nugetSource = stdenv.mkDerivation {
|
||||
pname = "${pname}-nuget-deps";
|
||||
inherit version;
|
||||
|
||||
dontUnpack = true;
|
||||
dontInstall = true;
|
||||
|
||||
nativeBuildInputs = [ Nuget ];
|
||||
|
||||
buildPhase = ''
|
||||
export HOME=$(mktemp -d)
|
||||
mkdir -p $out/lib
|
||||
|
||||
nuget sources Disable -Name "nuget.org"
|
||||
for package in ${toString deps}; do
|
||||
nuget add $package -Source $out/lib
|
||||
done
|
||||
'';
|
||||
};
|
||||
|
||||
pname = "WasabiBackend";
|
||||
version = "1.1.12";
|
||||
|
||||
projectName = "WalletWasabi.Backend";
|
||||
projectConfiguration = "Release";
|
||||
projectRuntime = "linux-x64";
|
||||
in
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
inherit pname version;
|
||||
buildDotnetModule rec {
|
||||
pname = "wasabibackend";
|
||||
version = "1.1.13.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "zkSNACKs";
|
||||
repo = "WalletWasabi";
|
||||
rev = "v${version}";
|
||||
sha256 = "001k43z2jxvs03csyzndlzlk034aclzc4n8ddrqxykgrq508xk1d";
|
||||
sha256 = "sha256-zDOk8MurT5NXOr4kvm5mnsphY+eDFWuVBcpeTZpcHOo=";
|
||||
};
|
||||
|
||||
buildInputs = [
|
||||
Nuget
|
||||
dotnet-sdk
|
||||
makeWrapper
|
||||
];
|
||||
projectFile = "WalletWasabi.Backend/WalletWasabi.Backend.csproj";
|
||||
nugetDeps = ./deps.nix;
|
||||
|
||||
buildPhase = ''
|
||||
export HOME=$(mktemp -d)
|
||||
export DOTNET_CLI_TELEMETRY_OPTOUT=1
|
||||
export DOTNET_SKIP_FIRST_TIME_EXPERIENCE=1
|
||||
export DOTNET_ROOT="${dotnet-sdk}/bin"
|
||||
dotnet-sdk = dotnetCorePackages.sdk_3_1;
|
||||
dotnet-runtime = dotnetCorePackages.aspnetcore_3_1;
|
||||
|
||||
nuget sources Disable -Name "nuget.org"
|
||||
nativeBuildInputs = [ autoPatchelfHook ];
|
||||
buildInputs = [ stdenv.cc.cc.lib zlib ];
|
||||
|
||||
dotnet restore \
|
||||
--source ${nugetSource}/lib \
|
||||
--runtime ${projectRuntime} \
|
||||
${projectName}
|
||||
runtimeDeps = [ openssl zlib ];
|
||||
|
||||
dotnet publish \
|
||||
--no-restore \
|
||||
--runtime ${projectRuntime} \
|
||||
--configuration ${projectConfiguration} \
|
||||
${projectName}
|
||||
preConfigure = ''
|
||||
makeWrapperArgs+=(
|
||||
--run "cd $out/lib/${pname}"
|
||||
)
|
||||
'';
|
||||
|
||||
installPhase = ''
|
||||
mkdir -p $out
|
||||
cp -r ${projectName}/bin/${projectConfiguration}/netcoreapp3.1/${projectRuntime}/publish $out/lib
|
||||
mkdir -p $out/bin
|
||||
makeWrapper $out/lib/WalletWasabi.Backend $out/bin/${pname} \
|
||||
--prefix LD_LIBRARY_PATH : ${lib.makeLibraryPath [ openssl zlib ]} \
|
||||
--run "cd $out/lib"
|
||||
postInstall = ''
|
||||
mv $out/bin/WalletWasabi.Backend $out/bin/WasabiBackend
|
||||
'';
|
||||
|
||||
# If we don't disable stripping the executable fails to start with segfault
|
||||
dontStrip = true;
|
||||
|
||||
meta = with lib; {
|
||||
description = "Backend for the Wasabi Wallet";
|
||||
homepage = "https://wasabiwallet.io/";
|
||||
|
|
1154
third_party/nixpkgs/pkgs/applications/blockchains/wasabibackend/deps.nix
generated
vendored
1154
third_party/nixpkgs/pkgs/applications/blockchains/wasabibackend/deps.nix
generated
vendored
File diff suppressed because it is too large
Load diff
|
@ -3,13 +3,13 @@
|
|||
|
||||
mkDerivation rec {
|
||||
pname = "featherpad";
|
||||
version = "1.0.1";
|
||||
version = "1.1.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "tsujan";
|
||||
repo = "FeatherPad";
|
||||
rev = "V${version}";
|
||||
sha256 = "sha256-FeqTPDix2tqTJ3UU6i2e6FkmCO0KMNt4tLtrPjX57fc=";
|
||||
sha256 = "sha256-Sff1oyRYCsiJ7Kl3HxI/bln0M80KlbcNSw6jrEOeWiI=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake pkg-config qttools ];
|
||||
|
|
|
@ -251,12 +251,12 @@ in
|
|||
|
||||
clion = buildClion rec {
|
||||
name = "clion-${version}";
|
||||
version = "2021.3.1"; /* updated by script */
|
||||
version = "2021.3.2"; /* updated by script */
|
||||
description = "C/C++ IDE. New. Intelligent. Cross-platform";
|
||||
license = lib.licenses.unfree;
|
||||
src = fetchurl {
|
||||
url = "https://download.jetbrains.com/cpp/CLion-${version}.tar.gz";
|
||||
sha256 = "0nf1r02i51pplrazlyavc6xs6mi91spa92srfqpsgb78ar9vn027"; /* updated by script */
|
||||
sha256 = "029xim3a6ijqdbzwxan189ydcy5b0ry2qqc70fipp8ic5z5iai3b"; /* updated by script */
|
||||
};
|
||||
wmClass = "jetbrains-clion";
|
||||
update-channel = "CLion RELEASE"; # channel's id as in http://www.jetbrains.com/updates/updates.xml
|
||||
|
@ -264,12 +264,12 @@ in
|
|||
|
||||
datagrip = buildDataGrip rec {
|
||||
name = "datagrip-${version}";
|
||||
version = "2021.3.2"; /* updated by script */
|
||||
version = "2021.3.3"; /* updated by script */
|
||||
description = "Your Swiss Army Knife for Databases and SQL";
|
||||
license = lib.licenses.unfree;
|
||||
src = fetchurl {
|
||||
url = "https://download.jetbrains.com/datagrip/${name}.tar.gz";
|
||||
sha256 = "0m0nc988w2a2p0l3a9cirnk2vbrsas4wb3fc4pwiml5bz5vwh255"; /* updated by script */
|
||||
sha256 = "0wbr7hjbj9zvxn4j7nrp7sdzjk78hcg7ssz430y35x9isfiqv5py"; /* updated by script */
|
||||
};
|
||||
wmClass = "jetbrains-datagrip";
|
||||
update-channel = "DataGrip RELEASE";
|
||||
|
@ -277,12 +277,12 @@ in
|
|||
|
||||
goland = buildGoland rec {
|
||||
name = "goland-${version}";
|
||||
version = "2021.3.1"; /* updated by script */
|
||||
version = "2021.3.2"; /* updated by script */
|
||||
description = "Up and Coming Go IDE";
|
||||
license = lib.licenses.unfree;
|
||||
src = fetchurl {
|
||||
url = "https://download.jetbrains.com/go/${name}.tar.gz";
|
||||
sha256 = "1kl1sg2fjh8wpx47984vw6zrqf7nakbji606cl52brkxik7py0d3"; /* updated by script */
|
||||
sha256 = "0csc52wwqggdxc61qkmbs84hdvyj3x60rcv5jrxcwp3bjq94kskw"; /* updated by script */
|
||||
};
|
||||
wmClass = "jetbrains-goland";
|
||||
update-channel = "GoLand RELEASE";
|
||||
|
@ -290,12 +290,12 @@ in
|
|||
|
||||
idea-community = buildIdea rec {
|
||||
name = "idea-community-${version}";
|
||||
version = "2021.3"; /* updated by script */
|
||||
version = "2021.3.1"; /* updated by script */
|
||||
description = "Integrated Development Environment (IDE) by Jetbrains, community edition";
|
||||
license = lib.licenses.asl20;
|
||||
src = fetchurl {
|
||||
url = "https://download.jetbrains.com/idea/ideaIC-${version}.tar.gz";
|
||||
sha256 = "0xrhgqbsyd2plzkkmy00bwsa8dk4ijszmhmbyn6c9ygl01zhji6y"; /* updated by script */
|
||||
sha256 = "19xxbjcn17n3fk1vdb31nihn9cv5q65wfxdan6dx7z0wq5c4x9zd"; /* updated by script */
|
||||
};
|
||||
wmClass = "jetbrains-idea-ce";
|
||||
update-channel = "IntelliJ IDEA RELEASE";
|
||||
|
@ -303,12 +303,12 @@ in
|
|||
|
||||
idea-ultimate = buildIdea rec {
|
||||
name = "idea-ultimate-${version}";
|
||||
version = "2021.3"; /* updated by script */
|
||||
version = "2021.3.1"; /* updated by script */
|
||||
description = "Integrated Development Environment (IDE) by Jetbrains, requires paid license";
|
||||
license = lib.licenses.unfree;
|
||||
src = fetchurl {
|
||||
url = "https://download.jetbrains.com/idea/ideaIU-${version}-no-jbr.tar.gz";
|
||||
sha256 = "0riwww75aizprb01c1sccprbr00ky5wgy5cxxjxqgm8v72rfnihb"; /* updated by script */
|
||||
sha256 = "0ys8f2h0qaj8s9ga94hg73vah552a6al4r1ypdp05f7j1m7lzajf"; /* updated by script */
|
||||
};
|
||||
wmClass = "jetbrains-idea";
|
||||
update-channel = "IntelliJ IDEA RELEASE";
|
||||
|
@ -330,12 +330,12 @@ in
|
|||
|
||||
phpstorm = buildPhpStorm rec {
|
||||
name = "phpstorm-${version}";
|
||||
version = "2021.3"; /* updated by script */
|
||||
version = "2021.3.1"; /* updated by script */
|
||||
description = "Professional IDE for Web and PHP developers";
|
||||
license = lib.licenses.unfree;
|
||||
src = fetchurl {
|
||||
url = "https://download.jetbrains.com/webide/PhpStorm-${version}.tar.gz";
|
||||
sha256 = "1h3ld3swvvx8hicm5lpf65mr7asiqy59hvqnigz71hbjgqnsb8g0"; /* updated by script */
|
||||
sha256 = "011i3jgfnb2h64ikbm3wi1vfhzm50mwwy9nksl71nzllj3kz111x"; /* updated by script */
|
||||
};
|
||||
wmClass = "jetbrains-phpstorm";
|
||||
update-channel = "PhpStorm RELEASE";
|
||||
|
@ -343,12 +343,12 @@ in
|
|||
|
||||
pycharm-community = buildPycharm rec {
|
||||
name = "pycharm-community-${version}";
|
||||
version = "2021.3"; /* updated by script */
|
||||
version = "2021.3.1"; /* updated by script */
|
||||
description = "PyCharm Community Edition";
|
||||
license = lib.licenses.asl20;
|
||||
src = fetchurl {
|
||||
url = "https://download.jetbrains.com/python/${name}.tar.gz";
|
||||
sha256 = "0iypqilil6x9k1gi6bfjzccw7wp601grd9639yk50crg45wnzga4"; /* updated by script */
|
||||
sha256 = "1xd88rd1w3ghkm6jq8ilhhjy972qfm57si581rnsjpz65rj6xpgm"; /* updated by script */
|
||||
};
|
||||
wmClass = "jetbrains-pycharm-ce";
|
||||
update-channel = "PyCharm RELEASE";
|
||||
|
@ -356,12 +356,12 @@ in
|
|||
|
||||
pycharm-professional = buildPycharm rec {
|
||||
name = "pycharm-professional-${version}";
|
||||
version = "2021.3"; /* updated by script */
|
||||
version = "2021.3.1"; /* updated by script */
|
||||
description = "PyCharm Professional Edition";
|
||||
license = lib.licenses.unfree;
|
||||
src = fetchurl {
|
||||
url = "https://download.jetbrains.com/python/${name}.tar.gz";
|
||||
sha256 = "0z6dnigx616939azyngjy5r4gayazplkgq480k80ppmkw636yhl1"; /* updated by script */
|
||||
sha256 = "0639mzjh1hw158gmf4qqld03371z60k3xyca21l1pnv3551svd6d"; /* updated by script */
|
||||
};
|
||||
wmClass = "jetbrains-pycharm";
|
||||
update-channel = "PyCharm RELEASE";
|
||||
|
@ -382,12 +382,12 @@ in
|
|||
|
||||
ruby-mine = buildRubyMine rec {
|
||||
name = "ruby-mine-${version}";
|
||||
version = "2021.3"; /* updated by script */
|
||||
version = "2021.3.1"; /* updated by script */
|
||||
description = "The Most Intelligent Ruby and Rails IDE";
|
||||
license = lib.licenses.unfree;
|
||||
src = fetchurl {
|
||||
url = "https://download.jetbrains.com/ruby/RubyMine-${version}.tar.gz";
|
||||
sha256 = "1vmybxnwyv7wiv3clm857yvzlws0bcza01wx8jm0dbnrzq38dz4d"; /* updated by script */
|
||||
sha256 = "1xax3738myxjzm0p8zm8aaa2nw0336h80nrm9dqby2j7dass2jnm"; /* updated by script */
|
||||
};
|
||||
wmClass = "jetbrains-rubymine";
|
||||
update-channel = "RubyMine RELEASE";
|
||||
|
@ -395,12 +395,12 @@ in
|
|||
|
||||
webstorm = buildWebStorm rec {
|
||||
name = "webstorm-${version}";
|
||||
version = "2021.3"; /* updated by script */
|
||||
version = "2021.3.1"; /* updated by script */
|
||||
description = "Professional IDE for Web and JavaScript development";
|
||||
license = lib.licenses.unfree;
|
||||
src = fetchurl {
|
||||
url = "https://download.jetbrains.com/webstorm/WebStorm-${version}.tar.gz";
|
||||
sha256 = "1llz97r95xrf7yixgbfipg153qikkxziwwhv9dvvi29v7pi1k4ys"; /* updated by script */
|
||||
sha256 = "1f918cj76b79x0d2hhv78mvmki5d1dps8nsx7i50wn2qzdml4kc6"; /* updated by script */
|
||||
};
|
||||
wmClass = "jetbrains-webstorm";
|
||||
update-channel = "WebStorm RELEASE";
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
python3Packages.buildPythonApplication rec {
|
||||
pname = "manuskript";
|
||||
version = "0.11.0";
|
||||
version = "0.13.1";
|
||||
|
||||
format = "other";
|
||||
|
||||
|
@ -10,7 +10,7 @@ python3Packages.buildPythonApplication rec {
|
|||
repo = pname;
|
||||
owner = "olivierkes";
|
||||
rev = version;
|
||||
sha256 = "1l6l9k6k69yv8xqpll0zv9cwdqqg4zvxy90l6sx5nv2yywh5crla";
|
||||
hash = "sha256-TEmAamNdqBK7bu62tLtJl05wBI6hga84PQSrWiMPROY=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ wrapQtAppsHook ];
|
||||
|
@ -42,7 +42,7 @@ python3Packages.buildPythonApplication rec {
|
|||
|
||||
meta = {
|
||||
description = "A open-source tool for writers";
|
||||
homepage = "http://www.theologeek.ch/manuskript";
|
||||
homepage = "https://www.theologeek.ch/manuskript";
|
||||
longDescription = ''
|
||||
Manuskript is a tool for those writer who like to organize and
|
||||
plan everything before writing. The snowflake method can help you
|
||||
|
|
|
@ -2,13 +2,13 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "mg";
|
||||
version = "6.9";
|
||||
version = "7.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "ibara";
|
||||
repo = "mg";
|
||||
rev = "mg-${version}";
|
||||
sha256 = "1w49yb9v1657rv1w5w7rc9ih1d2vzv6ym3mzhf2wgmh04pdm6hid";
|
||||
sha256 = "sha256-qnb0yB/NNJV257dsLmP84brajoRG03U+Ja1ACYbBvbE=";
|
||||
};
|
||||
|
||||
enableParallelBuilding = true;
|
||||
|
|
|
@ -32,13 +32,13 @@ let
|
|||
in
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "neovim-unwrapped";
|
||||
version = "0.6.0";
|
||||
version = "0.6.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "neovim";
|
||||
repo = "neovim";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-mVVZiDjAsAs4PgC8lHf0Ro1uKJ4OKonoPtF59eUd888=";
|
||||
sha256 = "sha256-0XCW047WopPr3pRTy9rF3Ff6MvNRHT4FletzOERD41A=";
|
||||
};
|
||||
|
||||
patches = [
|
||||
|
|
45
third_party/nixpkgs/pkgs/applications/editors/xedit/default.nix
vendored
Normal file
45
third_party/nixpkgs/pkgs/applications/editors/xedit/default.nix
vendored
Normal file
|
@ -0,0 +1,45 @@
|
|||
{ lib
|
||||
, stdenv
|
||||
, fetchFromGitLab
|
||||
, autoreconfHook
|
||||
, pkg-config
|
||||
, utilmacros
|
||||
, libX11
|
||||
, libXaw
|
||||
, libXmu
|
||||
, libXt
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "xedit";
|
||||
version = "1.2.2";
|
||||
|
||||
src = fetchFromGitLab {
|
||||
domain = "gitlab.freedesktop.org";
|
||||
owner = "xorg/app";
|
||||
repo = "xedit";
|
||||
rev = "${pname}-${version}";
|
||||
sha256 = "0b5ic13aasv6zh20v2k7zyxsqbnsxfq5rs3w8nwzl1gklmgrjxa3";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ autoreconfHook pkg-config utilmacros ];
|
||||
buildInputs = [
|
||||
libX11
|
||||
libXaw
|
||||
libXmu
|
||||
libXt
|
||||
];
|
||||
|
||||
configureFlags = [
|
||||
"--with-lispdir=$out/share/X11/xedit/lisp"
|
||||
"--with-appdefaultdir=$out/share/X11/app-defaults"
|
||||
];
|
||||
|
||||
meta = with lib; {
|
||||
description = "Simple graphical text editor using Athena Widgets (Xaw)";
|
||||
homepage = "https://gitlab.freedesktop.org/xorg/app/xedit";
|
||||
license = with licenses; [ mit ];
|
||||
maintainers = with maintainers; [ shamilton ];
|
||||
platforms = platforms.linux;
|
||||
};
|
||||
}
|
|
@ -2,10 +2,10 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "dcw-gmt";
|
||||
version = "2.0.1";
|
||||
version = "2.0.2";
|
||||
src = fetchurl {
|
||||
url = "ftp://ftp.soest.hawaii.edu/gmt/dcw-gmt-${version}.tar.gz";
|
||||
sha256 = "sha256-XJCylo9Alc9epEo1TcnY+d0bj+VRTgM4/4W0jgNUeiU=";
|
||||
sha256 = "sha256-KzAPAco1DbF6rdAmCuM7823GthvkFQ5mgpAzzsPWXDw=";
|
||||
};
|
||||
|
||||
installPhase = ''
|
||||
|
|
|
@ -11,8 +11,7 @@ buildGoModule rec {
|
|||
sha256 = "DitJnWIz1Dt9yXtyQp/z738IAmG4neYmfc49Wdjos7Q=";
|
||||
};
|
||||
|
||||
runVend = true;
|
||||
vendorSha256 = "JKrBMhzBL1+jlMPudynjOc/ekFiUVaxltyLr4V8QZbg=";
|
||||
vendorSha256 = "sha256-pKgukWKF4f/kLASjh8aKU7x9UBW/H+4C/02vxmh+qOU=";
|
||||
|
||||
meta = with lib; {
|
||||
description = "Convert images into ASCII art on the console";
|
||||
|
|
|
@ -1,29 +1,115 @@
|
|||
{ lib, stdenv, fetchurl, libsoup, graphicsmagick, json-glib, wrapGAppsHook
|
||||
, cairo, cmake, ninja, curl, perl, llvm, desktop-file-utils, exiv2, glib
|
||||
, ilmbase, gtk3, intltool, lcms2, lensfun, libX11, libexif, libgphoto2, libjpeg
|
||||
, libpng, librsvg, libtiff, openexr, osm-gps-map, pkg-config, sqlite, libxslt
|
||||
, openjpeg, lua, pugixml, colord, colord-gtk, libwebp, libsecret, gnome
|
||||
, ocl-icd, pcre, gtk-mac-integration, isocodes, llvmPackages, gmic, libavif, icu
|
||||
{ lib
|
||||
, stdenv
|
||||
, fetchurl
|
||||
, libsoup
|
||||
, graphicsmagick
|
||||
, json-glib
|
||||
, wrapGAppsHook
|
||||
, cairo
|
||||
, cmake
|
||||
, ninja
|
||||
, curl
|
||||
, perl
|
||||
, llvm_13
|
||||
, desktop-file-utils
|
||||
, exiv2
|
||||
, glib
|
||||
, ilmbase
|
||||
, gtk3
|
||||
, intltool
|
||||
, lcms2
|
||||
, lensfun
|
||||
, libX11
|
||||
, libexif
|
||||
, libgphoto2
|
||||
, libjpeg
|
||||
, libpng
|
||||
, librsvg
|
||||
, libtiff
|
||||
, openexr_3
|
||||
, osm-gps-map
|
||||
, pkg-config
|
||||
, sqlite
|
||||
, libxslt
|
||||
, openjpeg
|
||||
, pugixml
|
||||
, colord
|
||||
, colord-gtk
|
||||
, libwebp
|
||||
, libsecret
|
||||
, gnome
|
||||
, SDL2
|
||||
, ocl-icd
|
||||
, pcre
|
||||
, gtk-mac-integration
|
||||
, isocodes
|
||||
, llvmPackages
|
||||
, gmic
|
||||
, libavif
|
||||
, icu
|
||||
, jasper
|
||||
, libheif
|
||||
, libaom
|
||||
, portmidi
|
||||
, fetchpatch
|
||||
, lua5_4
|
||||
, ...
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
version = "3.6.1";
|
||||
version = "3.8.0";
|
||||
pname = "darktable";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/darktable-org/darktable/releases/download/release-${version}/darktable-${version}.tar.xz";
|
||||
sha256 = "sha256-or/HwQO4JJRUV6m/7Z5S8Af6HQMPnbyz/wMnhRvkLRQ=";
|
||||
sha256 = "01gp9dg5wr2rg1k8cqs0l3s7ism8a4q8qypgwccd4jh7ip3wfr9f";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake ninja llvm pkg-config intltool perl desktop-file-utils wrapGAppsHook ];
|
||||
nativeBuildInputs = [ cmake ninja llvm_13 pkg-config intltool perl desktop-file-utils wrapGAppsHook ];
|
||||
|
||||
buildInputs = [
|
||||
cairo curl exiv2 glib gtk3 ilmbase lcms2 lensfun libexif
|
||||
libgphoto2 libjpeg libpng librsvg libtiff openexr sqlite libxslt
|
||||
libsoup graphicsmagick json-glib openjpeg lua pugixml
|
||||
libwebp libsecret gnome.adwaita-icon-theme osm-gps-map pcre isocodes gmic libavif icu
|
||||
cairo
|
||||
curl
|
||||
exiv2
|
||||
glib
|
||||
gtk3
|
||||
ilmbase
|
||||
lcms2
|
||||
lensfun
|
||||
libexif
|
||||
libgphoto2
|
||||
libjpeg
|
||||
libpng
|
||||
librsvg
|
||||
libtiff
|
||||
openexr_3
|
||||
sqlite
|
||||
libxslt
|
||||
libsoup
|
||||
graphicsmagick
|
||||
json-glib
|
||||
openjpeg
|
||||
pugixml
|
||||
libwebp
|
||||
libsecret
|
||||
SDL2
|
||||
gnome.adwaita-icon-theme
|
||||
osm-gps-map
|
||||
pcre
|
||||
isocodes
|
||||
gmic
|
||||
libavif
|
||||
icu
|
||||
jasper
|
||||
libheif
|
||||
libaom
|
||||
portmidi
|
||||
lua5_4
|
||||
] ++ lib.optionals stdenv.isLinux [
|
||||
colord colord-gtk libX11 ocl-icd
|
||||
colord
|
||||
colord-gtk
|
||||
libX11
|
||||
ocl-icd
|
||||
] ++ lib.optional stdenv.isDarwin gtk-mac-integration
|
||||
++ lib.optional stdenv.cc.isClang llvmPackages.openmp;
|
||||
|
||||
|
@ -34,15 +120,25 @@ stdenv.mkDerivation rec {
|
|||
"-DUSE_KWALLET=OFF"
|
||||
];
|
||||
|
||||
patches = [
|
||||
(fetchpatch {
|
||||
# This is merged in darktable master and will hopefully be in 3.8.1
|
||||
name = "cmake-fix.patch";
|
||||
url = "https://github.com/darktable-org/darktable/commit/58d247f7ebea76c55fa2525beb9f5ce092c6670d.patch";
|
||||
sha256 = "11fn6d2mwlapbf1zbyv6bhgv29kxcwrs7cnbway0rnl9nj8wimf2";
|
||||
})
|
||||
];
|
||||
|
||||
# darktable changed its rpath handling in commit
|
||||
# 83c70b876af6484506901e6b381304ae0d073d3c and as a result the
|
||||
# binaries can't find libdarktable.so, so change LD_LIBRARY_PATH in
|
||||
# the wrappers:
|
||||
preFixup = let
|
||||
preFixup =
|
||||
let
|
||||
libPathEnvVar = if stdenv.isDarwin then "DYLD_LIBRARY_PATH" else "LD_LIBRARY_PATH";
|
||||
libPathPrefix = "$out/lib/darktable" + lib.optionalString stdenv.isLinux ":${ocl-icd}/lib";
|
||||
in ''
|
||||
in
|
||||
''
|
||||
for f in $out/share/darktable/kernels/*.cl; do
|
||||
sed -r "s|#include \"(.*)\"|#include \"$out/share/darktable/kernels/\1\"|g" -i "$f"
|
||||
done
|
||||
|
@ -57,6 +153,6 @@ stdenv.mkDerivation rec {
|
|||
homepage = "https://www.darktable.org";
|
||||
license = licenses.gpl3Plus;
|
||||
platforms = platforms.linux ++ platforms.darwin;
|
||||
maintainers = with maintainers; [ goibhniu flosse mrVanDalo ];
|
||||
maintainers = with maintainers; [ goibhniu flosse mrVanDalo paperdigits ];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -11,11 +11,11 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "drawio";
|
||||
version = "16.0.2";
|
||||
version = "16.1.2";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/jgraph/drawio-desktop/releases/download/v${version}/drawio-x86_64-${version}.rpm";
|
||||
sha256 = "980af60ea53fd0c255cfa3faa9407b146658074ea411bc491f53a047352b5b66";
|
||||
sha256 = "b86ff3f77b17e7da66979fe8ea878685c0018273f5d0302f10d3094d502452ee";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "lightburn";
|
||||
version = "1.0.04";
|
||||
version = "1.0.06";
|
||||
|
||||
nativeBuildInputs = [
|
||||
p7zip
|
||||
|
@ -16,7 +16,7 @@ stdenv.mkDerivation rec {
|
|||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/LightBurnSoftware/deployment/releases/download/${version}/LightBurn-Linux64-v${version}.7z";
|
||||
sha256 = "sha256-3uuYxDxlBlu3/4BhII36s+PsLJCmHDIE3fRAz6GO/js=";
|
||||
sha256 = "sha256-2Wlyt9Xw/FNaFkN1Q6utXdGzp42piebESQARhfpvRhM=";
|
||||
};
|
||||
|
||||
buildInputs = [
|
||||
|
|
|
@ -14,17 +14,21 @@
|
|||
, levmar
|
||||
, qhull
|
||||
, cmake
|
||||
, cgal_5
|
||||
, boost17x
|
||||
, mpfr
|
||||
, xercesc
|
||||
}:
|
||||
|
||||
mkDerivation rec {
|
||||
pname = "meshlab";
|
||||
version = "2020.12";
|
||||
version = "2021.10";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "cnr-isti-vclab";
|
||||
repo = "meshlab";
|
||||
rev = "Meshlab-${version}";
|
||||
sha256 = "QrnqXEVqI1ADUYWalZ0h/0+xS+gDZTinm0weT39onw0=";
|
||||
sha256 = "14rrd8qrf91k89y6w2mn1r9zcfnwd0mir6g4dlgvr04i77hj4lk4";
|
||||
fetchSubmodules = true; # for vcglib
|
||||
};
|
||||
|
||||
|
@ -41,6 +45,10 @@ mkDerivation rec {
|
|||
gmp
|
||||
levmar
|
||||
qhull
|
||||
cgal_5
|
||||
boost17x
|
||||
mpfr
|
||||
xercesc
|
||||
];
|
||||
|
||||
nativeBuildInputs = [ cmake ];
|
||||
|
@ -61,6 +69,7 @@ mkDerivation rec {
|
|||
# disable when available in nixpkgs
|
||||
"-DALLOW_BUNDLED_OPENCTM=ON"
|
||||
"-DALLOW_BUNDLED_SSYNTH=ON"
|
||||
"-DALLOW_BUNDLED_BOOST=OFF"
|
||||
# some plugins are disabled unless these are on
|
||||
"-DALLOW_BUNDLED_NEWUOA=ON"
|
||||
"-DALLOW_BUNDLED_LEVMAR=ON"
|
||||
|
|
|
@ -21,7 +21,7 @@ stdenv.mkDerivation {
|
|||
buildInputs = [ zlib ];
|
||||
|
||||
meta = with lib; {
|
||||
homepage = "http://pbrt.org";
|
||||
homepage = "https://pbrt.org/";
|
||||
description = "The renderer described in the third edition of the book 'Physically Based Rendering: From Theory To Implementation'";
|
||||
platforms = platforms.linux;
|
||||
license = licenses.bsd2;
|
||||
|
|
37
third_party/nixpkgs/pkgs/applications/misc/HentaiAtHome/default.nix
vendored
Normal file
37
third_party/nixpkgs/pkgs/applications/misc/HentaiAtHome/default.nix
vendored
Normal file
|
@ -0,0 +1,37 @@
|
|||
{ buildGraalvmNativeImage, fetchzip, graalvm17-ce, lib }:
|
||||
|
||||
buildGraalvmNativeImage rec {
|
||||
pname = "HentaiAtHome";
|
||||
version = "1.6.1";
|
||||
src = fetchzip {
|
||||
url = "https://repo.e-hentai.org/hath/HentaiAtHome_${version}.zip";
|
||||
hash =
|
||||
"sha512-nGGCuVovj4NJGrihKKYXnh0Ic9YD36o7r6wv9zSivZn22zm8lBYVXP85LnOw2z9DiJARivOctQGl48YFD7vxOQ==";
|
||||
stripRoot = false;
|
||||
};
|
||||
|
||||
jar = "${src}/HentaiAtHome.jar";
|
||||
dontUnpack = true;
|
||||
|
||||
graalvm = graalvm17-ce;
|
||||
extraNativeImageBuildArgs = [
|
||||
"--enable-url-protocols=http,https"
|
||||
"--install-exit-handlers"
|
||||
"--no-fallback"
|
||||
];
|
||||
|
||||
doInstallCheck = true;
|
||||
installCheckPhase = ''
|
||||
pushd $(mktemp -d)
|
||||
$out/bin/HentaiAtHome
|
||||
popd
|
||||
'';
|
||||
|
||||
meta = with lib; {
|
||||
homepage = "https://ehwiki.org/wiki/Hentai@Home";
|
||||
description =
|
||||
"Hentai@Home is an open-source P2P gallery distribution system which reduces the load on the E-Hentai Galleries";
|
||||
license = licenses.gpl3;
|
||||
maintainers = with maintainers; [ terrorjack ];
|
||||
};
|
||||
}
|
|
@ -2,13 +2,13 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "batsignal";
|
||||
version = "1.3.1";
|
||||
version = "1.3.2";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "electrickite";
|
||||
repo = "batsignal";
|
||||
rev = version;
|
||||
sha256 = "sha256-ClwI3ZbkLul+l0zzzGxNjSOUTuVzIxtwUPNLOeFT2X0=";
|
||||
sha256 = "sha256-+5yAwBUyhqmoV8l8VwIQMxnSgjNZNbGfGajPhA+IFwA=";
|
||||
};
|
||||
|
||||
buildInputs = [ libnotify glib ];
|
||||
|
|
|
@ -27,20 +27,25 @@
|
|||
|
||||
mkDerivation rec {
|
||||
pname = "calibre";
|
||||
version = "5.33.2";
|
||||
version = "5.34.0";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://download.calibre-ebook.com/${version}/${pname}-${version}.tar.xz";
|
||||
sha256 = "sha256-wtt3ucCaFq9wLk79CeCz20tMM6AbLtZ4Ln6TxOx0dvI=";
|
||||
hash = "sha256-1NQB7vrcU0hR308/8keUn/rHhdvJk5Ab0pOMPyiU1+M=";
|
||||
};
|
||||
|
||||
# https://sources.debian.org/patches/calibre/5.33.2+dfsg-1
|
||||
# https://sources.debian.org/patches/calibre/${version}+dfsg-1
|
||||
patches = [
|
||||
# allow for plugin update check, but no calibre version check
|
||||
(fetchpatch {
|
||||
name = "0001-only-plugin-update.patch";
|
||||
url = "https://raw.githubusercontent.com/debian-calibre/calibre/debian/${version}%2Bdfsg-1/debian/patches/0001-only-plugin-update.patch";
|
||||
sha256 = "sha256-dLzO1TWP7Q4nw2a3oN7qlhGCmcA0NKJrZidUnD6hUMA=";
|
||||
sha256 = "sha256:1h2hl4z9qm17crms4d1lq2cq44cnxbga1dv6qckhxvcg6pawxg3l";
|
||||
})
|
||||
(fetchpatch {
|
||||
name = "0007-Hardening-Qt-code.patch";
|
||||
url = "https://raw.githubusercontent.com/debian-calibre/calibre/debian/${version}%2Bdfsg-1/debian/patches/0007-Hardening-Qt-code.patch";
|
||||
sha256 = "sha256:18wps7fn0cpzb7gf78f15pmbaff4vlygc9g00hq7zynfa4pcgfdg";
|
||||
})
|
||||
]
|
||||
++ lib.optional (!unrarSupport) ./dont_build_unrar_plugin.patch;
|
||||
|
|
|
@ -10,13 +10,13 @@
|
|||
|
||||
mkDerivation rec {
|
||||
pname = "ddcui";
|
||||
version = "0.1.2";
|
||||
version = "0.2.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "rockowitz";
|
||||
repo = "ddcui";
|
||||
rev = "v${version}";
|
||||
sha256 = "0myma1zw6dlygv3xbin662d91zcnwss10syf12q2fppkrd8qdgqf";
|
||||
sha256 = "sha256-dp6D5GHpo0PJILnzZDKLnEPgQQ7980dI/6RV5ws3RTU=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
|
|
@ -1,47 +0,0 @@
|
|||
{ lib, fetchurl, python2Packages }:
|
||||
|
||||
python2Packages.buildPythonApplication rec {
|
||||
version = "2.9.3.1";
|
||||
pname = "electrum-dash";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/akhavr/electrum-dash/releases/download/${version}/Electrum-DASH-${version}.tar.gz";
|
||||
#"https://github.com/dashpay/electrum-dash/releases/download/v${version}/Electrum-DASH-${version}.tar.gz";
|
||||
sha256 = "9b7ac205f63fd4bfb15d77a34a4451ef82caecf096f31048a7603bd276dfc33e";
|
||||
};
|
||||
|
||||
propagatedBuildInputs = with python2Packages; [
|
||||
dnspython
|
||||
ecdsa
|
||||
pbkdf2
|
||||
protobuf
|
||||
pyasn1
|
||||
pyasn1-modules
|
||||
pycrypto
|
||||
pyqt4
|
||||
qrcode
|
||||
requests
|
||||
pyaes
|
||||
tlslite-ng
|
||||
x11_hash
|
||||
mnemonic
|
||||
jsonrpclib
|
||||
|
||||
# plugins
|
||||
trezor
|
||||
];
|
||||
|
||||
preInstall = ''
|
||||
mkdir -p $out/share
|
||||
sed -i 's@usr_share = .*@usr_share = os.getenv("out")+"/share"@' setup.py
|
||||
pyrcc4 icons.qrc -o gui/qt/icons_rc.py
|
||||
'';
|
||||
|
||||
meta = with lib; {
|
||||
description = "Electrum DASH";
|
||||
homepage = "https://github.com/dashpay/electrum-dash";
|
||||
license = licenses.gpl3;
|
||||
maintainers = with maintainers; [ np ];
|
||||
knownVulnerabilities = [ "CVE-2018-1000022" ];
|
||||
};
|
||||
}
|
|
@ -2,11 +2,11 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "fetchmail";
|
||||
version = "6.4.24";
|
||||
version = "6.4.25";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://sourceforge/fetchmail/fetchmail-${version}.tar.xz";
|
||||
sha256 = "sha256-nJYd8lzZIvU5IYsLVqd+ekd3jkntkH7apbSUGtOyU88=";
|
||||
sha256 = "sha256-fr776JFy/Vnw/YMX2HQ6hDbzdczcqzkA5MPsBqj78n8=";
|
||||
};
|
||||
|
||||
buildInputs = [ openssl ];
|
||||
|
|
|
@ -10,13 +10,13 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "free42";
|
||||
version = "3.0.7";
|
||||
version = "3.0.8";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "thomasokken";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-wGzZRp+7KBV/sxm08XCkCDx+A8nR9To5MCmcdWdlttM=";
|
||||
sha256 = "sha256-nZCuFumAyeUxRmmtd6/qvXk3LVZgbDhlsDygXMWDfp0=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ copyDesktopItems pkg-config ];
|
||||
|
|
|
@ -2,13 +2,13 @@
|
|||
|
||||
mkDerivation rec {
|
||||
pname = "heimer";
|
||||
version = "3.0.0";
|
||||
version = "3.1.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "juzzlin";
|
||||
repo = pname;
|
||||
rev = version;
|
||||
sha256 = "sha256-Q1a+sGZTVUjViakBT3E7+AgqMSldAnp7UJcsSS6KZXs=";
|
||||
sha256 = "sha256-F0Pl6Wk+sGfOegy7iljQH63kAMYlRYv7G9nBAAtDEkg=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake ];
|
||||
|
|
|
@ -2,16 +2,16 @@
|
|||
|
||||
buildGoModule rec {
|
||||
pname = "hugo";
|
||||
version = "0.91.1";
|
||||
version = "0.91.2";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "gohugoio";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-TPJGRXiZQ7yEttGFpVdiFcyUL5emfjfuoq3k+dQmKCg=";
|
||||
sha256 = "sha256-6bqtw0hUrRBhTwEDURaTjgl3aVVCbfxjoPRfhSd3LK8=";
|
||||
};
|
||||
|
||||
vendorSha256 = "sha256-ViWbqWjlHd8yosxe+CF1GJ9oK+plOn9s7ruhgsX/v58=";
|
||||
vendorSha256 = "sha256-CO+7WgoTsFCd9vkcALKcJP6Kj3CIWr5FF75/WgbK04g=";
|
||||
|
||||
doCheck = false;
|
||||
|
||||
|
|
|
@ -2,13 +2,13 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "iptsd";
|
||||
version = "0.4";
|
||||
version = "0.5";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "linux-surface";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-CoPgkt7n2kk7WlQHe0RjNlxfp2Nd8BbIE2gyf0bOBy4=";
|
||||
sha256 = "sha256-A/0hA4gJwzrRPn57IKYvfcAnx1KXbQl0ZX2TE8mcQhc=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ meson ninja pkg-config ];
|
||||
|
|
|
@ -57,7 +57,7 @@ stdenv.mkDerivation rec {
|
|||
|
||||
meta = with lib; {
|
||||
description = "Real-time earthquake map of Japan";
|
||||
homepage = "http://jquake.net";
|
||||
homepage = "https://jquake.net";
|
||||
downloadPage = "https://jquake.net/?down";
|
||||
changelog = "https://jquake.net/?docu";
|
||||
maintainers = with maintainers; [ nessdoor ];
|
||||
|
|
|
@ -2,13 +2,13 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "kanboard";
|
||||
version = "1.2.20";
|
||||
version = "1.2.21";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "kanboard";
|
||||
repo = "kanboard";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-IB+GhUZvjngjf1UHKc7B/PkZHVXKYUTk6CVA5XSiF5Y=";
|
||||
sha256 = "sha256-0CIemSdgNnYfpwZqfTerd/RZ+mYeFUWTE+v2hwu+9gI=";
|
||||
};
|
||||
|
||||
dontBuild = true;
|
||||
|
|
|
@ -13,12 +13,12 @@
|
|||
let font-droid = nerdfonts.override { fonts = [ "DroidSansMono" ]; };
|
||||
in stdenv.mkDerivation rec {
|
||||
pname = "koreader";
|
||||
version = "2021.12";
|
||||
version = "2021.12.1";
|
||||
|
||||
src = fetchurl {
|
||||
url =
|
||||
"https://github.com/koreader/koreader/releases/download/v${version}/koreader-${version}-amd64.deb";
|
||||
sha256 = "sha256-duOIbYavqmUUkH6RthTYu/SeM8zOeeLm7CIAQwhw6AY=";
|
||||
sha256 = "sha256-Ia0oCSGs6UYcvZVEhNpiOh3D08FgXqjqpgsQJojd3dk=";
|
||||
};
|
||||
|
||||
sourceRoot = ".";
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
, boost
|
||||
, fetchFromGitHub
|
||||
, installShellFiles
|
||||
, mkDerivationWith
|
||||
, mkDerivation
|
||||
, muparser
|
||||
, pkg-config
|
||||
, qmake
|
||||
|
@ -10,10 +10,9 @@
|
|||
, qtsvg
|
||||
, qttools
|
||||
, runtimeShell
|
||||
, stdenv
|
||||
}:
|
||||
|
||||
mkDerivationWith stdenv.mkDerivation rec {
|
||||
mkDerivation rec {
|
||||
pname = "librecad";
|
||||
version = "2.2.0-rc2";
|
||||
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
{ lib, stdenv, fetchFromGitHub, which, zstd, pbzip2 }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
version = "2.4.2";
|
||||
version = "2.4.5";
|
||||
pname = "makeself";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
|
@ -9,7 +9,7 @@ stdenv.mkDerivation rec {
|
|||
repo = "makeself";
|
||||
rev = "release-${version}";
|
||||
fetchSubmodules = true;
|
||||
sha256 = "07cq7q71bv3fwddkp2863ylry2ivds00f8sjy8npjpdbkailxm21";
|
||||
sha256 = "sha256-15lUtErGsbXF2Gn0f0rvA18mMuVMmkKrGO2poeYZU9g=";
|
||||
};
|
||||
|
||||
postPatch = "patchShebangs test";
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
{ lib
|
||||
, stdenv
|
||||
, autoconf
|
||||
, automake
|
||||
, automake115x
|
||||
, c-ares
|
||||
, cryptopp
|
||||
, curl
|
||||
|
@ -37,7 +37,7 @@ stdenv.mkDerivation rec {
|
|||
|
||||
nativeBuildInputs = [
|
||||
autoconf
|
||||
automake
|
||||
automake115x
|
||||
libtool
|
||||
pkg-config
|
||||
];
|
||||
|
|
|
@ -14,11 +14,11 @@ let
|
|||
in
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "mkgmap";
|
||||
version = "4835";
|
||||
version = "4836";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://www.mkgmap.org.uk/download/mkgmap-r${version}-src.tar.gz";
|
||||
sha256 = "u4qwfL8qp+rUIIYuZmVYjEkh0riL8yeQz0t8j5shT34=";
|
||||
sha256 = "nmEl7pN3LW6nqo5IB6GgzcDMHhdAsMySTdANVbybznY=";
|
||||
};
|
||||
|
||||
patches = [
|
||||
|
@ -72,7 +72,7 @@ stdenv.mkDerivation rec {
|
|||
|
||||
meta = with lib; {
|
||||
description = "Create maps for Garmin GPS devices from OpenStreetMap (OSM) data";
|
||||
homepage = "http://www.mkgmap.org.uk";
|
||||
homepage = "https://www.mkgmap.org.uk/";
|
||||
downloadPage = "https://www.mkgmap.org.uk/download/mkgmap.html";
|
||||
license = licenses.gpl2Only;
|
||||
maintainers = with maintainers; [ sikmir ];
|
||||
|
|
|
@ -68,7 +68,7 @@ stdenv.mkDerivation rec {
|
|||
|
||||
meta = with lib; {
|
||||
description = "Utility for splitting OpenStreetMap maps into tiles";
|
||||
homepage = "http://www.mkgmap.org.uk";
|
||||
homepage = "https://www.mkgmap.org.uk/";
|
||||
downloadPage = "https://www.mkgmap.org.uk/download/splitter.html";
|
||||
license = licenses.gpl2Only;
|
||||
maintainers = with maintainers; [ sikmir ];
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue