diff --git a/third_party/nixpkgs/.github/ISSUE_TEMPLATE/bug_report.md b/third_party/nixpkgs/.github/ISSUE_TEMPLATE/bug_report.md
index c197f03402..258c85f9dd 100644
--- a/third_party/nixpkgs/.github/ISSUE_TEMPLATE/bug_report.md
+++ b/third_party/nixpkgs/.github/ISSUE_TEMPLATE/bug_report.md
@@ -26,6 +26,7 @@ If applicable, add screenshots to help explain your problem.
Add any other context about the problem here.
### Notify maintainers
+
### Metadata
+
Please run `nix-shell -p nix-info --run "nix-info -m"` and paste the result.
```console
diff --git a/third_party/nixpkgs/.github/ISSUE_TEMPLATE/missing_documentation.md b/third_party/nixpkgs/.github/ISSUE_TEMPLATE/missing_documentation.md
index c00dc91bae..3018b6b994 100644
--- a/third_party/nixpkgs/.github/ISSUE_TEMPLATE/missing_documentation.md
+++ b/third_party/nixpkgs/.github/ISSUE_TEMPLATE/missing_documentation.md
@@ -1,7 +1,7 @@
---
name: Missing or incorrect documentation
about: Help us improve the Nixpkgs and NixOS reference manuals
-title: ''
+title: 'Documentation: '
labels: '9.needs: documentation'
assignees: ''
@@ -11,6 +11,10 @@ assignees: ''
+## Proposal
+
+
+
## Checklist
@@ -26,7 +30,3 @@ assignees: ''
[open documentation issues]: https://github.com/NixOS/nixpkgs/issues?q=is%3Aissue+is%3Aopen+label%3A%229.needs%3A+documentation%22
[open documentation pull requests]: https://github.com/NixOS/nixpkgs/pulls?q=is%3Aopen+is%3Apr+label%3A%228.has%3A+documentation%22%2C%226.topic%3A+documentation%22
-## Proposal
-
-
-
diff --git a/third_party/nixpkgs/.github/ISSUE_TEMPLATE/out_of_date_package_report.md b/third_party/nixpkgs/.github/ISSUE_TEMPLATE/out_of_date_package_report.md
index f1535526c2..2735534b0b 100644
--- a/third_party/nixpkgs/.github/ISSUE_TEMPLATE/out_of_date_package_report.md
+++ b/third_party/nixpkgs/.github/ISSUE_TEMPLATE/out_of_date_package_report.md
@@ -1,24 +1,17 @@
---
name: Out-of-date package reports
about: For packages that are out-of-date
-title: ''
+title: 'Update request: PACKAGENAME OLDVERSION → NEWVERSION'
labels: '9.needs: package (update)'
assignees: ''
---
-
-###### Checklist
-
-
-
-
-- [ ] Checked the [nixpkgs master branch](https://github.com/NixOS/nixpkgs)
+- Package name:
+- Latest released version:
+
+- Current version on the unstable channel:
+- Current version on the stable/release channel:
- [ ] Checked the [nixpkgs pull requests](https://github.com/NixOS/nixpkgs/pulls)
-###### Project name
-`nix search` name:
-
-current version:
-desired version:
+**Notify maintainers**
-###### Notify maintainers
-
+
-maintainers:
+-----
-###### Note for maintainers
-
-Please tag this issue in your PR.
+Note for maintainers: Please tag this issue in your PR.
diff --git a/third_party/nixpkgs/.github/ISSUE_TEMPLATE/packaging_request.md b/third_party/nixpkgs/.github/ISSUE_TEMPLATE/packaging_request.md
index 1ddcd983f3..a76741fa8e 100644
--- a/third_party/nixpkgs/.github/ISSUE_TEMPLATE/packaging_request.md
+++ b/third_party/nixpkgs/.github/ISSUE_TEMPLATE/packaging_request.md
@@ -1,14 +1,15 @@
---
name: Packaging requests
about: For packages that are missing
-title: ''
+title: 'Package request: PACKAGENAME'
labels: '0.kind: packaging request'
assignees: ''
---
**Project description**
-_describe the project a little_
+
+
**Metadata**
diff --git a/third_party/nixpkgs/doc/builders/fetchers.chapter.md b/third_party/nixpkgs/doc/builders/fetchers.chapter.md
index 773eb3028d..551df86a58 100644
--- a/third_party/nixpkgs/doc/builders/fetchers.chapter.md
+++ b/third_party/nixpkgs/doc/builders/fetchers.chapter.md
@@ -163,3 +163,30 @@ or "hg"), `domain` and `fetchSubmodules`.
If `fetchSubmodules` is `true`, `fetchFromSourcehut` uses `fetchgit`
or `fetchhg` with `fetchSubmodules` or `fetchSubrepos` set to `true`,
respectively. Otherwise, the fetcher uses `fetchzip`.
+
+## `requireFile` {#requirefile}
+
+`requireFile` allows requesting files that cannot be fetched automatically, but whose content is known.
+This is a useful last-resort workaround for license restrictions that prohibit redistribution, or for downloads that are only accessible after authenticating interactively in a browser.
+If the requested file is present in the Nix store, the resulting derivation will not be built, because its expected output is already available.
+Otherwise, the builder will run, but fail with a message explaining to the user how to provide the file. The following code, for example:
+
+```
+requireFile {
+ name = "jdk-${version}_linux-x64_bin.tar.gz";
+ url = "https://www.oracle.com/java/technologies/javase-jdk11-downloads.html";
+ sha256 = "94bd34f85ee38d3ef59e5289ec7450b9443b924c55625661fffe66b03f2c8de2";
+}
+```
+results in this error message:
+```
+***
+Unfortunately, we cannot download file jdk-11.0.10_linux-x64_bin.tar.gz automatically.
+Please go to https://www.oracle.com/java/technologies/javase-jdk11-downloads.html to download it yourself, and add it to the Nix store
+using either
+ nix-store --add-fixed sha256 jdk-11.0.10_linux-x64_bin.tar.gz
+or
+ nix-prefetch-url --type sha256 file:///path/to/jdk-11.0.10_linux-x64_bin.tar.gz
+
+***
+```
diff --git a/third_party/nixpkgs/doc/contributing/coding-conventions.chapter.md b/third_party/nixpkgs/doc/contributing/coding-conventions.chapter.md
index f6a0970165..2530b14a2f 100644
--- a/third_party/nixpkgs/doc/contributing/coding-conventions.chapter.md
+++ b/third_party/nixpkgs/doc/contributing/coding-conventions.chapter.md
@@ -204,13 +204,13 @@ The key words _must_, _must not_, _required_, _shall_, _shall not_, _should_, _s
In Nixpkgs, there are generally three different names associated with a package:
-- The `name` attribute of the derivation (excluding the version part). This is what most users see, in particular when using `nix-env`.
+- The `pname` attribute of the derivation. This is what most users see, in particular when using `nix-env`.
- The variable name used for the instantiated package in `all-packages.nix`, and when passing it as a dependency to other functions. Typically this is called the _package attribute name_. This is what Nix expression authors see. It can also be used when installing using `nix-env -iA`.
- The filename for (the directory containing) the Nix expression.
-Most of the time, these are the same. For instance, the package `e2fsprogs` has a `name` attribute `"e2fsprogs-version"`, is bound to the variable name `e2fsprogs` in `all-packages.nix`, and the Nix expression is in `pkgs/os-specific/linux/e2fsprogs/default.nix`.
+Most of the time, these are the same. For instance, the package `e2fsprogs` has a `pname` attribute `"e2fsprogs"`, is bound to the variable name `e2fsprogs` in `all-packages.nix`, and the Nix expression is in `pkgs/os-specific/linux/e2fsprogs/default.nix`.
There are a few naming guidelines:
diff --git a/third_party/nixpkgs/doc/default.nix b/third_party/nixpkgs/doc/default.nix
index 1d5fa4811a..ac405c3790 100644
--- a/third_party/nixpkgs/doc/default.nix
+++ b/third_party/nixpkgs/doc/default.nix
@@ -1,6 +1,5 @@
{ pkgs ? (import ./.. { }), nixpkgs ? { }}:
let
- lib = pkgs.lib;
doc-support = import ./doc-support { inherit pkgs nixpkgs; };
in pkgs.stdenv.mkDerivation {
name = "nixpkgs-manual";
@@ -15,7 +14,7 @@ in pkgs.stdenv.mkDerivation {
xmlformat
];
- src = lib.cleanSource ./.;
+ src = pkgs.nix-gitignore.gitignoreSource [] ./.;
postPatch = ''
ln -s ${doc-support} ./doc-support/result
diff --git a/third_party/nixpkgs/doc/languages-frameworks/haskell.section.md b/third_party/nixpkgs/doc/languages-frameworks/haskell.section.md
index f0b302bbc3..f21ba295dc 100644
--- a/third_party/nixpkgs/doc/languages-frameworks/haskell.section.md
+++ b/third_party/nixpkgs/doc/languages-frameworks/haskell.section.md
@@ -195,7 +195,7 @@ maintenance work for `haskellPackages` is required. Besides that, it is not
possible to get the dependencies of a legacy project from nixpkgs or to use a
specific stack solver for compiling a project.
-Even though we couldn‘t use them directly in nixpkgs, it would be desirable
+Even though we couldn’t use them directly in nixpkgs, it would be desirable
to have tooling to generate working Nix package sets from build plans generated
by `cabal-install` or a specific Stackage snapshot via import-from-derivation.
Sadly we currently don’t have tooling for this. For this you might be
@@ -538,7 +538,7 @@ via [`shellFor`](#haskell-shellFor).
When using `cabal-install` for dependency resolution you need to be a bit
careful to achieve build purity. `cabal-install` will find and use all
dependencies installed from the packages `env` via Nix, but it will also
-consult Hackage to potentially download and compile dependencies if it can‘t
+consult Hackage to potentially download and compile dependencies if it can’t
find a valid build plan locally. To prevent this you can either never run
`cabal update`, remove the cabal database from your `~/.cabal` folder or run
`cabal` with `--offline`. Note though, that for some usecases `cabal2nix` needs
diff --git a/third_party/nixpkgs/doc/languages-frameworks/index.xml b/third_party/nixpkgs/doc/languages-frameworks/index.xml
index 3774924c0b..f089b99a04 100644
--- a/third_party/nixpkgs/doc/languages-frameworks/index.xml
+++ b/third_party/nixpkgs/doc/languages-frameworks/index.xml
@@ -38,6 +38,7 @@
+
diff --git a/third_party/nixpkgs/doc/languages-frameworks/pkg-config.section.md b/third_party/nixpkgs/doc/languages-frameworks/pkg-config.section.md
index ee0a471be3..eecc84b4c1 100644
--- a/third_party/nixpkgs/doc/languages-frameworks/pkg-config.section.md
+++ b/third_party/nixpkgs/doc/languages-frameworks/pkg-config.section.md
@@ -4,6 +4,48 @@
Nixpkgs provides a couple of facilities for working with this tool.
- - A [setup hook](#setup-hook-pkg-config) bundled with in the `pkg-config` package, to bring a derivation's declared build inputs into the environment.
- - The [`validatePkgConfig` setup hook](https://nixos.org/manual/nixpkgs/stable/#validatepkgconfig), for packages that provide pkg-config modules.
- - The `defaultPkgConfigPackages` package set: a set of aliases, named after the modules they provide. This is meant to be used by language-to-nix integrations. Hand-written packages should use the normal Nixpkgs attribute name instead.
+## Writing packages providing pkg-config modules
+
+Packages should set `meta.pkgConfigProvides` with the list of package config modules they provide.
+They should also use `testers.testMetaPkgConfig` to check that the final built package matches that list.
+Additionally, the [`validatePkgConfig` setup hook](https://nixos.org/manual/nixpkgs/stable/#validatepkgconfig), will do extra checks on to-be-installed pkg-config modules.
+
+A good example of all these things is zlib:
+
+```
+{ pkg-config, testers, ... }:
+
+stdenv.mkDerivation (finalAttrs: {
+ ...
+
+ nativeBuildInputs = [ pkg-config validatePkgConfig ];
+
+ passthru.tests.pkg-config = testers.testMetaPkgConfig finalAttrs.finalPackage;
+
+ meta = {
+ ...
+ pkgConfigModules = [ "zlib" ];
+ };
+})
+```
+
+## Accessing packages via pkg-config module name
+
+### Within Nixpkgs
+
+A [setup hook](#setup-hook-pkg-config) is bundled in the `pkg-config` package to bring a derivation's declared build inputs into the environment.
+This will populate environment variables like `PKG_CONFIG_PATH`, `PKG_CONFIG_PATH_FOR_BUILD`, and `PKG_CONFIG_PATH_HOST` based on:
+
+ - how `pkg-config` itself is depended upon
+
+ - how other dependencies are depended upon
+
+For more details see the section on [specifying dependencies in general](#ssec-stdenv-dependencies).
+
+Normal pkg-config commands to look up dependencies by name will then work with those environment variables defined by the hook.
+
+### Externally
+
+The `defaultPkgConfigPackages` package set is a set of aliases, named after the modules they provide.
+This is meant to be used by language-to-nix integrations.
+Hand-written packages should use the normal Nixpkgs attribute name instead.
diff --git a/third_party/nixpkgs/doc/languages-frameworks/swift.section.md b/third_party/nixpkgs/doc/languages-frameworks/swift.section.md
new file mode 100644
index 0000000000..1cc452cc9b
--- /dev/null
+++ b/third_party/nixpkgs/doc/languages-frameworks/swift.section.md
@@ -0,0 +1,176 @@
+# Swift {#swift}
+
+The Swift compiler is provided by the `swift` package:
+
+```sh
+# Compile and link a simple executable.
+nix-shell -p swift --run 'swiftc -' <<< 'print("Hello world!")'
+# Run it!
+./main
+```
+
+The `swift` package also provides the `swift` command, with some caveats:
+
+- Swift Package Manager (SwiftPM) is packaged separately as `swiftpm`. If you
+ need functionality like `swift build`, `swift run`, `swift test`, you must
+ also add the `swiftpm` package to your closure.
+- On Darwin, the `swift repl` command requires an Xcode installation. This is
+ because it uses the system LLDB debugserver, which has special entitlements.
+
+## Module search paths {#ssec-swift-module-search-paths}
+
+Like other toolchains in Nixpkgs, the Swift compiler executables are wrapped
+to help Swift find your application's dependencies in the Nix store. These
+wrappers scan the `buildInputs` of your package derivation for specific
+directories where Swift modules are placed by convention, and automatically
+add those directories to the Swift compiler search paths.
+
+Swift follows different conventions depending on the platform. The wrappers
+look for the following directories:
+
+- On Darwin platforms: `lib/swift/macosx`
+ (If not targeting macOS, replace `macosx` with the Xcode platform name.)
+- On other platforms: `lib/swift/linux/x86_64`
+ (Where `linux` and `x86_64` are from lowercase `uname -sm`.)
+- For convenience, Nixpkgs also adds simply `lib/swift` to the search path.
+ This can save a bit of work packaging Swift modules, because many Nix builds
+ will produce output for just one target any way.
+
+## Core libraries {#ssec-swift-core-libraries}
+
+In addition to the standard library, the Swift toolchain contains some
+additional 'core libraries' that, on Apple platforms, are normally distributed
+as part of the OS or Xcode. These are packaged separately in Nixpkgs, and can
+be found (for use in `buildInputs`) as:
+
+- `swiftPackages.Dispatch`
+- `swiftPackages.Foundation`
+- `swiftPackages.XCTest`
+
+## Packaging with SwiftPM {#ssec-swift-packaging-with-swiftpm}
+
+Nixpkgs includes a small helper `swiftpm2nix` that can fetch your SwiftPM
+dependencies for you, when you need to write a Nix expression to package your
+application.
+
+The first step is to run the generator:
+
+```sh
+cd /path/to/my/project
+# Enter a Nix shell with the required tools.
+nix-shell -p swift swiftpm swiftpm2nix
+# First, make sure the workspace is up-to-date.
+swift package resolve
+# Now generate the Nix code.
+swiftpm2nix
+```
+
+This produces some files in a directory `nix`, which will be part of your Nix
+expression. The next step is to write that expression:
+
+```nix
+{ stdenv, swift, swiftpm, swiftpm2nix, fetchFromGitHub }:
+
+let
+ # Pass the generated files to the helper.
+ generated = swiftpm2nix.helpers ./nix;
+in
+
+stdenv.mkDerivation rec {
+ pname = "myproject";
+ version = "0.0.0";
+
+ src = fetchFromGitHub {
+ owner = "nixos";
+ repo = pname;
+ rev = version;
+ hash = "sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=";
+ };
+
+ # Including SwiftPM as a nativeBuildInput provides a buildPhase for you.
+ # This by default performs a release build using SwiftPM, essentially:
+ # swift build -c release
+ nativeBuildInputs = [ swift swiftpm ];
+
+ # The helper provides a configure snippet that will prepare all dependencies
+ # in the correct place, where SwiftPM expects them.
+ configurePhase = generated.configure;
+
+ installPhase = ''
+ # This is a special function that invokes swiftpm to find the location
+ # of the binaries it produced.
+ binPath="$(swiftpmBinPath)"
+ # Now perform any installation steps.
+ mkdir -p $out/bin
+ cp $binPath/myproject $out/bin/
+ '';
+}
+```
+
+### Custom build flags {#ssec-swiftpm-custom-build-flags}
+
+If you'd like to build a different configuration than `release`:
+
+```nix
+swiftpmBuildConfig = "debug";
+```
+
+It is also possible to provide additional flags to `swift build`:
+
+```nix
+swiftpmFlags = [ "--disable-dead-strip" ];
+```
+
+The default `buildPhase` already passes `-j` for parallel building.
+
+If these two customization options are insufficient, simply provide your own
+`buildPhase` that invokes `swift build`.
+
+### Running tests {#ssec-swiftpm-running-tests}
+
+Including `swiftpm` in your `nativeBuildInputs` also provides a default
+`checkPhase`, but it must be enabled with:
+
+```nix
+doCheck = true;
+```
+
+This essentially runs: `swift test -c release`
+
+### Patching dependencies {#ssec-swiftpm-patching-dependencies}
+
+In some cases, it may be necessary to patch a SwiftPM dependency. SwiftPM
+dependencies are located in `.build/checkouts`, but the `swiftpm2nix` helper
+provides these as symlinks to read-only `/nix/store` paths. In order to patch
+them, we need to make them writable.
+
+A special function `swiftpmMakeMutable` is available to replace the symlink
+with a writable copy:
+
+```
+configurePhase = generated.configure ++ ''
+ # Replace the dependency symlink with a writable copy.
+ swiftpmMakeMutable swift-crypto
+ # Now apply a patch.
+ patch -p1 -d .build/checkouts/swift-crypto -i ${./some-fix.patch}
+'';
+```
+
+## Considerations for custom build tools {#ssec-swift-considerations-for-custom-build-tools}
+
+### Linking the standard library {#ssec-swift-linking-the-standard-library}
+
+The `swift` package has a separate `lib` output containing just the Swift
+standard library, to prevent Swift applications needing a dependency on the
+full Swift compiler at run-time. Linking with the Nixpkgs Swift toolchain
+already ensures binaries correctly reference the `lib` output.
+
+Sometimes, Swift is used only to compile part of a mixed codebase, and the
+link step is manual. Custom build tools often locate the standard library
+relative to the `swift` compiler executable, and while the result will work,
+when this path ends up in the binary, it will have the Swift compiler as an
+unintended dependency.
+
+In this case, you should investigate how your build process discovers the
+standard library, and override the path. The correct path will be something
+like: `"${swift.swift.lib}/${swift.swiftModuleSubdir}"`
diff --git a/third_party/nixpkgs/doc/stdenv/stdenv.chapter.md b/third_party/nixpkgs/doc/stdenv/stdenv.chapter.md
index a12d68c093..0d159233a9 100644
--- a/third_party/nixpkgs/doc/stdenv/stdenv.chapter.md
+++ b/third_party/nixpkgs/doc/stdenv/stdenv.chapter.md
@@ -626,7 +626,7 @@ Before and after running `make`, the hooks `preBuild` and `postBuild` are called
### The check phase {#ssec-check-phase}
-The check phase checks whether the package was built correctly by running its test suite. The default `checkPhase` calls `make $checkTarget`, but only if the `doCheck` variable is enabled (see below).
+The check phase checks whether the package was built correctly by running its test suite. The default `checkPhase` calls `make $checkTarget`, but only if the [`doCheck` variable](#var-stdenv-doCheck) is enabled.
#### Variables controlling the check phase {#variables-controlling-the-check-phase}
@@ -646,7 +646,8 @@ See the [build phase](#var-stdenv-makeFlags) for details.
##### `checkTarget` {#var-stdenv-checkTarget}
-The make target that runs the tests. Defaults to `check` if it exists, otherwise `test`; if neither is found, do nothing.
+The `make` target that runs the tests.
+If unset, use `check` if it exists, otherwise `test`; if neither is found, do nothing.
##### `checkFlags` / `checkFlagsArray` {#var-stdenv-checkFlags}
diff --git a/third_party/nixpkgs/lib/default.nix b/third_party/nixpkgs/lib/default.nix
index b1441c7281..dc4df95754 100644
--- a/third_party/nixpkgs/lib/default.nix
+++ b/third_party/nixpkgs/lib/default.nix
@@ -88,7 +88,7 @@ let
updateManyAttrsByPath;
inherit (self.lists) singleton forEach foldr fold foldl foldl' imap0 imap1
concatMap flatten remove findSingle findFirst any all count
- optional optionals toList range partition zipListsWith zipLists
+ optional optionals toList range replicate partition zipListsWith zipLists
reverseList listDfs toposort sort naturalSort compareLists take
drop sublist last init crossLists unique intersectLists
subtractLists mutuallyExclusive groupBy groupBy';
diff --git a/third_party/nixpkgs/lib/licenses.nix b/third_party/nixpkgs/lib/licenses.nix
index f22d140141..0c4d9d8bc9 100644
--- a/third_party/nixpkgs/lib/licenses.nix
+++ b/third_party/nixpkgs/lib/licenses.nix
@@ -114,6 +114,16 @@ in mkLicense lset) ({
fullName = "Bitstream Vera Font License";
};
+ bitTorrent10 = {
+ spdxId = "BitTorrent-1.0";
+ fullName = " BitTorrent Open Source License v1.0";
+ };
+
+ bitTorrent11 = {
+ spdxId = "BitTorrent-1.1";
+ fullName = " BitTorrent Open Source License v1.1";
+ };
+
bola11 = {
url = "https://blitiri.com.ar/p/bola/";
fullName = "Buena Onda License Agreement 1.1";
@@ -333,6 +343,13 @@ in mkLicense lset) ({
free = false;
};
+ ecl20 = {
+ fullName = "Educational Community License, Version 2.0";
+ url = "https://opensource.org/licenses/ECL-2.0";
+ shortName = "ECL 2.0";
+ spdxId = "ECL-2.0";
+ };
+
efl10 = {
spdxId = "EFL-1.0";
fullName = "Eiffel Forum License v1.0";
diff --git a/third_party/nixpkgs/lib/lists.nix b/third_party/nixpkgs/lib/lists.nix
index 9f69485b40..2186cd4a79 100644
--- a/third_party/nixpkgs/lib/lists.nix
+++ b/third_party/nixpkgs/lib/lists.nix
@@ -303,6 +303,18 @@ rec {
else
genList (n: first + n) (last - first + 1);
+ /* Return a list with `n` copies of an element.
+
+ Type: replicate :: int -> a -> [a]
+
+ Example:
+ replicate 3 "a"
+ => [ "a" "a" "a" ]
+ replicate 2 true
+ => [ true true ]
+ */
+ replicate = n: elem: genList (_: elem) n;
+
/* Splits the elements of a list in two lists, `right` and
`wrong`, depending on the evaluation of a predicate.
diff --git a/third_party/nixpkgs/lib/path/default.nix b/third_party/nixpkgs/lib/path/default.nix
index 96a9244407..075e2fc0d1 100644
--- a/third_party/nixpkgs/lib/path/default.nix
+++ b/third_party/nixpkgs/lib/path/default.nix
@@ -4,6 +4,7 @@ let
inherit (builtins)
isString
+ isPath
split
match
;
@@ -25,6 +26,10 @@ let
assertMsg
;
+ inherit (lib.path.subpath)
+ isValid
+ ;
+
# Return the reason why a subpath is invalid, or `null` if it's valid
subpathInvalidReason = value:
if ! isString value then
@@ -94,6 +99,52 @@ let
in /* No rec! Add dependencies on this file at the top. */ {
+ /* Append a subpath string to a path.
+
+ Like `path + ("/" + string)` but safer, because it errors instead of returning potentially surprising results.
+ More specifically, it checks that the first argument is a [path value type](https://nixos.org/manual/nix/stable/language/values.html#type-path"),
+ and that the second argument is a valid subpath string (see `lib.path.subpath.isValid`).
+
+ Type:
+ append :: Path -> String -> Path
+
+ Example:
+ append /foo "bar/baz"
+ => /foo/bar/baz
+
+ # subpaths don't need to be normalised
+ append /foo "./bar//baz/./"
+ => /foo/bar/baz
+
+ # can append to root directory
+ append /. "foo/bar"
+ => /foo/bar
+
+ # first argument needs to be a path value type
+ append "/foo" "bar"
+ =>
+
+ # second argument needs to be a valid subpath string
+ append /foo /bar
+ =>
+ append /foo ""
+ =>
+ append /foo "/bar"
+ =>
+ append /foo "../bar"
+ =>
+ */
+ append =
+ # The absolute path to append to
+ path:
+ # The subpath string to append
+ subpath:
+ assert assertMsg (isPath path) ''
+ lib.path.append: The first argument is of type ${builtins.typeOf path}, but a path was expected'';
+ assert assertMsg (isValid subpath) ''
+ lib.path.append: Second argument is not a valid subpath string:
+ ${subpathInvalidReason subpath}'';
+ path + ("/" + subpath);
/* Whether a value is a valid subpath string.
@@ -133,7 +184,9 @@ in /* No rec! Add dependencies on this file at the top. */ {
subpath.isValid "./foo//bar/"
=> true
*/
- subpath.isValid = value:
+ subpath.isValid =
+ # The value to check
+ value:
subpathInvalidReason value == null;
@@ -150,11 +203,11 @@ in /* No rec! Add dependencies on this file at the top. */ {
Laws:
- - (Idempotency) Normalising multiple times gives the same result:
+ - Idempotency - normalising multiple times gives the same result:
subpath.normalise (subpath.normalise p) == subpath.normalise p
- - (Uniqueness) There's only a single normalisation for the paths that lead to the same file system node:
+ - Uniqueness - there's only a single normalisation for the paths that lead to the same file system node:
subpath.normalise p != subpath.normalise q -> $(realpath ${p}) != $(realpath ${q})
@@ -210,9 +263,12 @@ in /* No rec! Add dependencies on this file at the top. */ {
subpath.normalise "/foo"
=>
*/
- subpath.normalise = path:
- assert assertMsg (subpathInvalidReason path == null)
- "lib.path.subpath.normalise: Argument is not a valid subpath string: ${subpathInvalidReason path}";
- joinRelPath (splitRelPath path);
+ subpath.normalise =
+ # The subpath string to normalise
+ subpath:
+ assert assertMsg (isValid subpath) ''
+ lib.path.subpath.normalise: Argument is not a valid subpath string:
+ ${subpathInvalidReason subpath}'';
+ joinRelPath (splitRelPath subpath);
}
diff --git a/third_party/nixpkgs/lib/path/tests/unit.nix b/third_party/nixpkgs/lib/path/tests/unit.nix
index eccf3b7b1c..a1a45173a9 100644
--- a/third_party/nixpkgs/lib/path/tests/unit.nix
+++ b/third_party/nixpkgs/lib/path/tests/unit.nix
@@ -3,9 +3,44 @@
{ libpath }:
let
lib = import libpath;
- inherit (lib.path) subpath;
+ inherit (lib.path) append subpath;
cases = lib.runTests {
+ # Test examples from the lib.path.append documentation
+ testAppendExample1 = {
+ expr = append /foo "bar/baz";
+ expected = /foo/bar/baz;
+ };
+ testAppendExample2 = {
+ expr = append /foo "./bar//baz/./";
+ expected = /foo/bar/baz;
+ };
+ testAppendExample3 = {
+ expr = append /. "foo/bar";
+ expected = /foo/bar;
+ };
+ testAppendExample4 = {
+ expr = (builtins.tryEval (append "/foo" "bar")).success;
+ expected = false;
+ };
+ testAppendExample5 = {
+ expr = (builtins.tryEval (append /foo /bar)).success;
+ expected = false;
+ };
+ testAppendExample6 = {
+ expr = (builtins.tryEval (append /foo "")).success;
+ expected = false;
+ };
+ testAppendExample7 = {
+ expr = (builtins.tryEval (append /foo "/bar")).success;
+ expected = false;
+ };
+ testAppendExample8 = {
+ expr = (builtins.tryEval (append /foo "../bar")).success;
+ expected = false;
+ };
+
+ # Test examples from the lib.path.subpath.isValid documentation
testSubpathIsValidExample1 = {
expr = subpath.isValid null;
expected = false;
@@ -30,6 +65,7 @@ let
expr = subpath.isValid "./foo//bar/";
expected = true;
};
+ # Some extra tests
testSubpathIsValidTwoDotsEnd = {
expr = subpath.isValid "foo/..";
expected = false;
@@ -71,6 +107,7 @@ let
expected = true;
};
+ # Test examples from the lib.path.subpath.normalise documentation
testSubpathNormaliseExample1 = {
expr = subpath.normalise "foo//bar";
expected = "./foo/bar";
@@ -107,6 +144,7 @@ let
expr = (builtins.tryEval (subpath.normalise "/foo")).success;
expected = false;
};
+ # Some extra tests
testSubpathNormaliseIsValidDots = {
expr = subpath.normalise "./foo/.bar/.../baz...qux";
expected = "./foo/.bar/.../baz...qux";
diff --git a/third_party/nixpkgs/lib/tests/misc.nix b/third_party/nixpkgs/lib/tests/misc.nix
index c14bddb11a..406656dac1 100644
--- a/third_party/nixpkgs/lib/tests/misc.nix
+++ b/third_party/nixpkgs/lib/tests/misc.nix
@@ -479,6 +479,11 @@ runTests {
expected = [2 30 40 42];
};
+ testReplicate = {
+ expr = replicate 3 "a";
+ expected = ["a" "a" "a"];
+ };
+
testToIntShouldConvertStringToInt = {
expr = toInt "27";
expected = 27;
diff --git a/third_party/nixpkgs/maintainers/maintainer-list.nix b/third_party/nixpkgs/maintainers/maintainer-list.nix
index 94aab69a2c..857679feb5 100644
--- a/third_party/nixpkgs/maintainers/maintainer-list.nix
+++ b/third_party/nixpkgs/maintainers/maintainer-list.nix
@@ -693,6 +693,15 @@
fingerprint = "7FDB 17B3 C29B 5BA6 E5A9 8BB2 9FAA 63E0 9750 6D9D";
}];
};
+ Alper-Celik = {
+ email = "dev.alpercelik@gmail.com";
+ name = "Alper Çelik";
+ github = "Alper-Celik";
+ githubId = 110625473;
+ keys = [{
+ fingerprint = "6B69 19DD CEE0 FAF3 5C9F 2984 FA90 C0AB 738A B873";
+ }];
+ };
almac = {
email = "alma.cemerlic@gmail.com";
github = "a1mac";
@@ -2325,6 +2334,12 @@
githubId = 3212452;
name = "Cameron Nemo";
};
+ camillemndn = {
+ email = "camillemondon@free.fr";
+ github = "camillemndn";
+ githubId = 26444818;
+ name = "Camille M.";
+ };
campadrenalin = {
email = "campadrenalin@gmail.com";
github = "campadrenalin";
@@ -5105,6 +5120,12 @@
githubId = 36706276;
name = "Fufezan Mihai";
};
+ fugi = {
+ email = "me@fugi.dev";
+ github = "FugiMuffi";
+ githubId = 21362942;
+ name = "Fugi";
+ };
fusion809 = {
email = "brentonhorne77@gmail.com";
github = "fusion809";
@@ -5242,6 +5263,15 @@
githubId = 313929;
name = "Gabriel Ebner";
};
+ genericnerdyusername = {
+ name = "GenericNerdyUsername";
+ email = "genericnerdyusername@proton.me";
+ github = "GenericNerdyUsername";
+ githubId = 111183546;
+ keys = [{
+ fingerprint = "58CE D4BE 6B10 149E DA80 A990 2F48 6356 A4CB 30F3";
+ }];
+ };
genofire = {
name = "genofire";
email = "geno+dev@fireorbit.de";
@@ -6050,6 +6080,12 @@
githubId = 1592375;
name = "Walter Huf";
};
+ hughobrien = {
+ email = "github@hughobrien.ie";
+ github = "hughobrien";
+ githubId = 3400690;
+ name = "Hugh O'Brien";
+ };
hugolgst = {
email = "hugo.lageneste@pm.me";
github = "hugolgst";
@@ -6626,6 +6662,12 @@
github = "jayeshbhoot";
githubId = 1915507;
};
+ jayman2000 = {
+ email = "jason@jasonyundt.email";
+ github = "Jayman2000";
+ githubId = 5579359;
+ name = "Jason Yundt";
+ };
jb55 = {
email = "jb55@jb55.com";
github = "jb55";
@@ -7003,6 +7045,12 @@
githubId = 2308444;
name = "Joshua Gilman";
};
+ jnsgruk = {
+ email = "jon@sgrs.uk";
+ github = "jnsgruk";
+ githubId = 668505;
+ name = "Jon Seager";
+ };
jo1gi = {
email = "joakimholm@protonmail.com";
github = "jo1gi";
@@ -8906,8 +8954,8 @@
githubId = 2914269;
name = "Malo Bourgon";
};
- malvo = {
- email = "malte@malvo.org";
+ malte-v = {
+ email = "nixpkgs@mal.tc";
github = "malte-v";
githubId = 34393802;
name = "Malte Voos";
@@ -9975,6 +10023,12 @@
githubId = 3073833;
name = "Massimo Redaelli";
};
+ mrityunjaygr8 = {
+ email = "mrityunjaysaxena1996@gmail.com";
+ github = "mrityunjaygr8";
+ name = "Mrityunjay Saxena";
+ githubId = 14573967;
+ };
mrkkrp = {
email = "markkarpov92@gmail.com";
github = "mrkkrp";
@@ -12874,6 +12928,12 @@
githubId = 6022042;
name = "Sam Parkinson";
};
+ samhug = {
+ email = "s@m-h.ug";
+ github = "samhug";
+ githubId = 171470;
+ name = "Sam Hug";
+ };
samlich = {
email = "nixos@samli.ch";
github = "samlich";
@@ -13092,7 +13152,7 @@
github = "Scrumplex";
githubId = 11587657;
keys = [{
- fingerprint = "AF1F B107 E188 CB97 9A94 FD7F C104 1129 4912 A422";
+ fingerprint = "E173 237A C782 296D 98F5 ADAC E13D FD4B 4712 7951";
}];
};
scubed2 = {
@@ -13210,6 +13270,12 @@
githubId = 38824235;
name = "Serge Belov";
};
+ serge_sans_paille = {
+ email = "serge.guelton@telecom-bretagne.eu";
+ github = "serge-sans-paille";
+ githubId = 863807;
+ name = "Serge Guelton";
+ };
sersorrel = {
email = "ash@sorrel.sh";
github = "sersorrel";
@@ -13302,6 +13368,12 @@
githubId = 16765155;
name = "Shardul Baral";
};
+ sharzy = {
+ email = "me@sharzy.in";
+ github = "SharzyL";
+ githubId = 46294732;
+ name = "Sharzy";
+ };
shawndellysse = {
email = "sdellysse@gmail.com";
github = "sdellysse";
@@ -13627,6 +13699,12 @@
githubId = 57048005;
name = "snicket2100";
};
+ sno2wman = {
+ name = "SnO2WMaN";
+ email = "me@sno2wman.net";
+ github = "sno2wman";
+ githubId = 15155608;
+ };
snpschaaf = {
email = "philipe.schaaf@secunet.com";
name = "Philippe Schaaf";
@@ -13840,6 +13918,12 @@
githubId = 1699155;
name = "Steve Elliott";
};
+ stefanfehrenbach = {
+ email = "stefan.fehrenbach@gmail.com";
+ github = "fehrenbach";
+ githubId = 203168;
+ name = "Stefan Fehrenbach";
+ };
stehessel = {
email = "stephan@stehessel.de";
github = "stehessel";
@@ -15240,6 +15324,12 @@
githubId = 27813;
name = "Vincent Breitmoser";
};
+ vamega = {
+ email = "github@madiathv.com";
+ github = "vamega";
+ githubId = 223408;
+ name = "Varun Madiath";
+ };
vandenoever = {
email = "jos@vandenoever.info";
github = "vandenoever";
diff --git a/third_party/nixpkgs/nixos/doc/manual/configuration/xfce.chapter.md b/third_party/nixpkgs/nixos/doc/manual/configuration/xfce.chapter.md
index c331e63cfe..60771b36fa 100644
--- a/third_party/nixpkgs/nixos/doc/manual/configuration/xfce.chapter.md
+++ b/third_party/nixpkgs/nixos/doc/manual/configuration/xfce.chapter.md
@@ -54,4 +54,4 @@ run this command to do the same thing.
$ xfconf-query -c xfce4-session -p /compat/LaunchGNOME -s true
```
-A log-out and re-log will be needed for this to take effect.
+It is necessary to log out and log in again for this to take effect.
diff --git a/third_party/nixpkgs/nixos/doc/manual/default.nix b/third_party/nixpkgs/nixos/doc/manual/default.nix
index 913058746b..9dab1738ab 100644
--- a/third_party/nixpkgs/nixos/doc/manual/default.nix
+++ b/third_party/nixpkgs/nixos/doc/manual/default.nix
@@ -21,6 +21,8 @@ let
withManOptDedupPatch = true;
};
+ manpageUrls = pkgs.path + "/doc/manpage-urls.json";
+
# We need to strip references to /nix/store/* from options,
# including any `extraSources` if some modules came from elsewhere,
# or else the build will fail.
@@ -48,7 +50,7 @@ let
};
in buildPackages.nixosOptionsDoc {
inherit (eval) options;
- inherit (revision);
+ inherit revision;
transformOptions = opt: opt // {
# Clean up declaration sites to not refer to the NixOS source tree.
declarations =
@@ -72,7 +74,7 @@ let
nativeBuildInputs = [ pkgs.nixos-render-docs ];
} ''
nixos-render-docs manual docbook \
- --manpage-urls ${pkgs.path + "/doc/manpage-urls.json"} \
+ --manpage-urls ${manpageUrls} \
"$out" \
--section \
--section-id modules \
@@ -254,20 +256,38 @@ in rec {
# Generate the NixOS manpages.
manpages = runCommand "nixos-manpages"
{ inherit sources;
- nativeBuildInputs = [ buildPackages.libxml2.bin buildPackages.libxslt.bin ];
+ nativeBuildInputs = [
+ buildPackages.installShellFiles
+ ] ++ lib.optionals allowDocBook [
+ buildPackages.libxml2.bin
+ buildPackages.libxslt.bin
+ ] ++ lib.optionals (! allowDocBook) [
+ buildPackages.nixos-render-docs
+ ];
allowedReferences = ["out"];
}
''
# Generate manpages.
- mkdir -p $out/share/man
- xsltproc --nonet \
- --maxdepth 6000 \
- --param man.output.in.separate.dir 1 \
- --param man.output.base.dir "'$out/share/man/'" \
- --param man.endnotes.are.numbered 0 \
- --param man.break.after.slash 1 \
- ${docbook_xsl_ns}/xml/xsl/docbook/manpages/docbook.xsl \
- ${manual-combined}/man-pages-combined.xml
+ mkdir -p $out/share/man/man8
+ installManPage ${./manpages}/*
+ ${if allowDocBook
+ then ''
+ xsltproc --nonet \
+ --maxdepth 6000 \
+ --param man.output.in.separate.dir 1 \
+ --param man.output.base.dir "'$out/share/man/'" \
+ --param man.endnotes.are.numbered 0 \
+ --param man.break.after.slash 1 \
+ ${docbook_xsl_ns}/xml/xsl/docbook/manpages/docbook.xsl \
+ ${manual-combined}/man-pages-combined.xml
+ ''
+ else ''
+ mkdir -p $out/share/man/man5
+ nixos-render-docs options manpage \
+ --revision ${lib.escapeShellArg revision} \
+ ${optionsJSON}/share/doc/nixos/options.json \
+ $out/share/man/man5/configuration.nix.5
+ ''}
'';
}
diff --git a/third_party/nixpkgs/nixos/doc/manual/from_md/configuration/xfce.chapter.xml b/third_party/nixpkgs/nixos/doc/manual/from_md/configuration/xfce.chapter.xml
index 7ec69b5e9b..22a5d9875f 100644
--- a/third_party/nixpkgs/nixos/doc/manual/from_md/configuration/xfce.chapter.xml
+++ b/third_party/nixpkgs/nixos/doc/manual/from_md/configuration/xfce.chapter.xml
@@ -63,7 +63,8 @@ Thunar:2410): GVFS-RemoteVolumeMonitor-WARNING **: remote volume monitor with db
$ xfconf-query -c xfce4-session -p /compat/LaunchGNOME -s true
- A log-out and re-log will be needed for this to take effect.
+ It is necessary to log out and log in again for this to take
+ effect.
diff --git a/third_party/nixpkgs/nixos/doc/manual/from_md/release-notes/rl-2305.section.xml b/third_party/nixpkgs/nixos/doc/manual/from_md/release-notes/rl-2305.section.xml
index b8affabb86..6936fdd260 100644
--- a/third_party/nixpkgs/nixos/doc/manual/from_md/release-notes/rl-2305.section.xml
+++ b/third_party/nixpkgs/nixos/doc/manual/from_md/release-notes/rl-2305.section.xml
@@ -116,8 +116,8 @@
QDMR, a
- gui application and command line tool for programming cheap
- DMR radios
+ GUI application and command line tool for programming DMR
+ radios
programs.qdmr
@@ -152,6 +152,15 @@
are met, or not met.
+
+
+ sharing,
+ a command-line tool to share directories and files from the
+ CLI to iOS and Android devices without the need of an extra
+ client app. Available as
+ programs.sharing.
+
+
@@ -189,7 +198,22 @@
doInstallCheck is set. (Note that this
change will not cause breakage to derivations with
strictDeps unset, which are most packages
- except python, rust and go packages).
+ except python, rust, ocaml and go packages).
+
+
+
+
+ buildDunePackage now defaults to
+ strictDeps = true which means that any
+ library should go into buildInputs or
+ checkInputs. Any executable that is run on
+ the building machine should go into
+ nativeBuildInputs or
+ nativeCheckInputs respectively. Example of
+ executables are ocaml,
+ findlib and menhir. PPXs
+ are libraries which are built by dune and should therefore not
+ go into nativeBuildInputs.
@@ -397,6 +421,16 @@
attribute name.
+
+
+ Nebula now runs as a system user and group created for each
+ nebula network, using the CAP_NET_ADMIN
+ ambient capability on launch rather than starting as root.
+ Ensure that any files each Nebula instance needs to access are
+ owned by the correct user and group, by default
+ nebula-${networkName}.
+
+
In mastodon it is now necessary to specify
@@ -488,19 +522,72 @@
A few openssh options have been moved from extraConfig to the
new freeform option settings and renamed as
- follow:
- services.openssh.kbdInteractiveAuthentication
- to
- services.openssh.settings.KbdInteractiveAuthentication,
- services.openssh.passwordAuthentication to
- services.openssh.settings.PasswordAuthentication,
- services.openssh.useDns to
- services.openssh.settings.UseDns,
- services.openssh.permitRootLogin to
- services.openssh.settings.PermitRootLogin,
- services.openssh.logLevel to
- services.openssh.settings.LogLevel.
+ follows:
+
+
+
+ services.openssh.forwardX11 to
+ services.openssh.settings.X11Forwarding
+
+
+
+
+ services.openssh.kbdInteractiveAuthentication
+ ->
+ services.openssh.settings.KbdInteractiveAuthentication
+
+
+
+
+ services.openssh.passwordAuthentication
+ to
+ services.openssh.settings.PasswordAuthentication
+
+
+
+
+ services.openssh.useDns to
+ services.openssh.settings.UseDns
+
+
+
+
+ services.openssh.permitRootLogin to
+ services.openssh.settings.PermitRootLogin
+
+
+
+
+ services.openssh.logLevel to
+ services.openssh.settings.LogLevel
+
+
+
+
+ services.openssh.kexAlgorithms to
+ services.openssh.settings.KexAlgorithms
+
+
+
+
+ services.openssh.macs to
+ services.openssh.settings.Macs
+
+
+
+
+ services.openssh.ciphers to
+ services.openssh.settings.Ciphers
+
+
+
+
+ services.openssh.gatewayPorts to
+ services.openssh.settings.GatewayPorts
+
+
+
@@ -675,6 +762,13 @@
conversion.
+
+
+ Grafana Tempo has been updated to version 2.0. See the
+ upstream
+ upgrade guide for migration instructions.
+
+
A new virtualisation.rosetta module was
@@ -772,6 +866,18 @@
system.stateVersion.
+
+
+ Nebula now supports the
+ services.nebula.networks.<name>.isRelay
+ and
+ services.nebula.networks.<name>.relays
+ configuration options for setting up or allowing traffic
+ relaying. See the
+ announcement
+ for more details about relays.
+
+
hip has been separated into
@@ -808,6 +914,60 @@
(services.fwupd.daemonSettings).
+
+
+ The zramSwap is now implemented with
+ zram-generator, and the option
+ zramSwap.numDevices for using ZRAM devices
+ as general purpose ephemeral block devices has been removed.
+
+
+
+
+ As Singularity has renamed to
+ Apptainer
+ to distinguish from
+ an
+ un-renamed fork by Sylabs Inc., there are now two
+ packages of Singularity/Apptainer:
+
+
+
+
+ apptainer: From
+ github.com/apptainer/apptainer, which
+ is the new repo after renaming.
+
+
+
+
+ singularity: From
+ github.com/sylabs/singularity, which is
+ the fork by Sylabs Inc..
+
+
+
+
+ programs.singularity got a new
+ package option to specify which package to
+ use.
+
+
+ singularity-tools.buildImage got a new
+ input argument singularity to specify which
+ package to use.
+
+
+
+
+ The new option
+ programs.singularity.enableFakeroot, if set
+ to true, provides
+ --fakeroot support for
+ apptainer and
+ singularity.
+
+
The unifi-poller package and corresponding
@@ -836,6 +996,12 @@
libax25 package.
+
+
+ tvbrowser-bin was removed, and now
+ tvbrowser is built from source.
+
+
nixos-version now accepts
@@ -850,6 +1016,13 @@
been fixed to allow more than one plugin in the path.
+
+
+ The option
+ services.prometheus.exporters.pihole.interval
+ does not exist anymore and has been removed.
+
+
diff --git a/third_party/nixpkgs/nixos/doc/manual/man-nixos-build-vms.xml b/third_party/nixpkgs/nixos/doc/manual/man-nixos-build-vms.xml
deleted file mode 100644
index fa7c8c0c6d..0000000000
--- a/third_party/nixpkgs/nixos/doc/manual/man-nixos-build-vms.xml
+++ /dev/null
@@ -1,138 +0,0 @@
-
-
- nixos-build-vms
- 8
- NixOS
-
-
-
- nixos-build-vms
- build a network of virtual machines from a network of NixOS configurations
-
-
-
- nixos-build-vms
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- name
- value
-
-
-
- network.nix
-
-
-
-
- Description
-
- This command builds a network of QEMU-KVM virtual machines of a Nix
- expression specifying a network of NixOS machines. The virtual network can
- be started by executing the bin/run-vms shell script
- that is generated by this command. By default, a result
- symlink is produced that points to the generated virtual network.
-
-
- A network Nix expression has the following structure:
-
-{
- test1 = {pkgs, config, ...}:
- {
- services.openssh.enable = true;
- nixpkgs.localSystem.system = "i686-linux";
- deployment.targetHost = "test1.example.net";
-
- # Other NixOS options
- };
-
- test2 = {pkgs, config, ...}:
- {
- services.openssh.enable = true;
- services.httpd.enable = true;
- environment.systemPackages = [ pkgs.lynx ];
- nixpkgs.localSystem.system = "x86_64-linux";
- deployment.targetHost = "test2.example.net";
-
- # Other NixOS options
- };
-}
-
- Each attribute in the expression represents a machine in the network (e.g.
- test1 and test2) referring to a
- function defining a NixOS configuration. In each NixOS configuration, two
- attributes have a special meaning. The
- deployment.targetHost specifies the address (domain name
- or IP address) of the system which is used by ssh to
- perform remote deployment operations. The
- nixpkgs.localSystem.system attribute can be used to
- specify an architecture for the target machine, such as
- i686-linux which builds a 32-bit NixOS configuration.
- Omitting this property will build the configuration for the same
- architecture as the host system.
-
-
-
- Options
-
- This command accepts the following options:
-
-
-
-
-
-
-
-
- Shows a trace of the output.
-
-
-
-
-
-
-
-
-
- Do not create a 'result' symlink.
-
-
-
-
-
- ,
-
-
-
- Shows the usage of this command to the user.
-
-
-
-
-
- name value
-
-
- Set the Nix configuration option
- name to value.
- This overrides settings in the Nix configuration file (see
- nix.conf5).
-
-
-
-
-
-
diff --git a/third_party/nixpkgs/nixos/doc/manual/man-nixos-enter.xml b/third_party/nixpkgs/nixos/doc/manual/man-nixos-enter.xml
deleted file mode 100644
index 41f0e6b975..0000000000
--- a/third_party/nixpkgs/nixos/doc/manual/man-nixos-enter.xml
+++ /dev/null
@@ -1,154 +0,0 @@
-
-
- nixos-enter
- 8
- NixOS
-
-
-
- nixos-enter
- run a command in a NixOS chroot environment
-
-
-
- nixos-enter
-
-
-
-
- root
-
-
-
-
-
-
- system
-
-
-
-
-
-
- shell-command
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- arguments
-
-
-
-
- Description
-
- This command runs a command in a NixOS chroot environment, that is, in a
- filesystem hierarchy previously prepared using
- nixos-install.
-
-
-
- Options
-
- This command accepts the following options:
-
-
-
-
-
-
-
-
- The path to the NixOS system you want to enter. It defaults to
- /mnt.
-
-
-
-
-
-
-
-
-
- The NixOS system configuration to use. It defaults to
- /nix/var/nix/profiles/system. You can enter a
- previous NixOS configuration by specifying a path such as
- /nix/var/nix/profiles/system-106-link.
-
-
-
-
-
-
-
-
-
-
-
-
- The bash command to execute.
-
-
-
-
-
-
-
-
-
- Suppresses all output from the activation script of the target system.
-
-
-
-
-
-
-
-
-
- Interpret the remaining arguments as the program name and arguments to be
- invoked. The program is not executed in a shell.
-
-
-
-
-
-
- Examples
-
- Start an interactive shell in the NixOS installation in
- /mnt:
-
-
-# nixos-enter --root /mnt
-
-
- Run a shell command:
-
-
-# nixos-enter -c 'ls -l /; cat /proc/mounts'
-
-
- Run a non-shell command:
-
-
-# nixos-enter -- cat /proc/mounts
-
-
-
diff --git a/third_party/nixpkgs/nixos/doc/manual/man-nixos-generate-config.xml b/third_party/nixpkgs/nixos/doc/manual/man-nixos-generate-config.xml
deleted file mode 100644
index 9ac3b918ff..0000000000
--- a/third_party/nixpkgs/nixos/doc/manual/man-nixos-generate-config.xml
+++ /dev/null
@@ -1,214 +0,0 @@
-
-
- nixos-generate-config
- 8
- NixOS
-
-
-
- nixos-generate-config
- generate NixOS configuration modules
-
-
-
- nixos-generate-config
-
-
-
-
-
-
-
-
- root
-
-
-
-
-
-
- dir
-
-
-
-
- Description
-
- This command writes two NixOS configuration modules:
-
-
-
-
-
-
-
- This module sets NixOS configuration options based on your current
- hardware configuration. In particular, it sets the
- option to reflect all currently mounted file
- systems, the option to reflect active swap
- devices, and the options to ensure that
- the initial ramdisk contains any kernel modules necessary for mounting
- the root file system.
-
-
- If this file already exists, it is overwritten. Thus, you should not
- modify it manually. Rather, you should include it from your
- /etc/nixos/configuration.nix, and re-run
- nixos-generate-config to update it whenever your
- hardware configuration changes.
-
-
-
-
-
-
-
-
-
- This is the main NixOS system configuration module. If it already
- exists, it’s left unchanged. Otherwise,
- nixos-generate-config will write a template for you
- to customise.
-
-
-
-
-
-
-
- Options
-
- This command accepts the following options:
-
-
-
-
-
-
-
-
- If this option is given, treat the directory
- root as the root of the file system. This
- means that configuration files will be written to
- root/etc/nixos, and that
- any file systems outside of root are ignored
- for the purpose of generating the option.
-
-
-
-
-
-
-
-
-
- If this option is given, write the configuration files to the directory
- dir instead of
- /etc/nixos.
-
-
-
-
-
-
-
-
-
- Overwrite /etc/nixos/configuration.nix if it already
- exists.
-
-
-
-
-
-
-
-
-
- Omit everything concerning file systems and swap devices from the
- hardware configuration.
-
-
-
-
-
-
-
-
-
- Don't generate configuration.nix or
- hardware-configuration.nix and print the hardware
- configuration to stdout only.
-
-
-
-
-
-
- Examples
-
- This command is typically used during NixOS installation to write initial
- configuration modules. For example, if you created and mounted the target
- file systems on /mnt and
- /mnt/boot, you would run:
-
-$ nixos-generate-config --root /mnt
-
- The resulting file
- /mnt/etc/nixos/hardware-configuration.nix might look
- like this:
-
-# Do not modify this file! It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations. Please make changes
-# to /etc/nixos/configuration.nix instead.
-{ config, pkgs, ... }:
-
-{
- imports =
- [ <nixos/modules/installer/scan/not-detected.nix>
- ];
-
- boot.initrd.availableKernelModules = [ "ehci_hcd" "ahci" ];
- boot.kernelModules = [ "kvm-intel" ];
- boot.extraModulePackages = [ ];
-
- fileSystems."/" =
- { device = "/dev/disk/by-label/nixos";
- fsType = "ext3";
- options = [ "rw" "data=ordered" "relatime" ];
- };
-
- fileSystems."/boot" =
- { device = "/dev/sda1";
- fsType = "ext3";
- options = [ "rw" "errors=continue" "user_xattr" "acl" "barrier=1" "data=writeback" "relatime" ];
- };
-
- swapDevices =
- [ { device = "/dev/sda2"; }
- ];
-
- nix.maxJobs = 8;
-}
-
- It will also create a basic
- /mnt/etc/nixos/configuration.nix, which you should edit
- to customise the logical configuration of your system. This file includes
- the result of the hardware scan as follows:
-
- imports = [ ./hardware-configuration.nix ];
-
-
-
- After installation, if your hardware configuration changes, you can run:
-
-$ nixos-generate-config
-
- to update /etc/nixos/hardware-configuration.nix. Your
- /etc/nixos/configuration.nix will
- not be overwritten.
-
-
-
diff --git a/third_party/nixpkgs/nixos/doc/manual/man-nixos-install.xml b/third_party/nixpkgs/nixos/doc/manual/man-nixos-install.xml
deleted file mode 100644
index eb6680b656..0000000000
--- a/third_party/nixpkgs/nixos/doc/manual/man-nixos-install.xml
+++ /dev/null
@@ -1,357 +0,0 @@
-
-
- nixos-install
- 8
- NixOS
-
-
-
- nixos-install
- install bootloader and NixOS
-
-
-
- nixos-install
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- path
-
-
-
-
-
-
- root
-
-
-
-
-
-
- path
-
-
-
- flake-uri
-
-
-
-
-
-
-
-
-
-
-
-
- channel
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- number
-
-
-
- number
-
-
-
- name value
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- Description
-
- This command installs NixOS in the file system mounted on
- /mnt, based on the NixOS configuration specified in
- /mnt/etc/nixos/configuration.nix. It performs the
- following steps:
-
-
-
- It copies Nix and its dependencies to
- /mnt/nix/store.
-
-
-
-
- It runs Nix in /mnt to build the NixOS configuration
- specified in /mnt/etc/nixos/configuration.nix.
-
-
-
-
- It installs the current channel nixos
in the target channel
- profile (unless is specified).
-
-
-
-
- It installs the GRUB boot loader on the device specified in the option
- (unless
- is specified), and generates a GRUB
- configuration file that boots into the NixOS configuration just
- installed.
-
-
-
-
- It prompts you for a password for the root account (unless
- is specified).
-
-
-
-
-
- This command is idempotent: if it is interrupted or fails due to a temporary
- problem (e.g. a network issue), you can safely re-run it.
-
-
-
- Options
-
- This command accepts the following options:
-
-
-
- /
-
- Increases the level of verbosity of diagnostic messages
- printed on standard error. For each Nix operation, the information
- printed on standard output is well-defined; any diagnostic
- information is printed on standard error, never on standard
- output.
- Please note that this option may be specified repeatedly.
-
-
-
-
-
-
-
-
- Defaults to /mnt. If this option is given, treat the
- directory root as the root of the NixOS
- installation.
-
-
-
-
-
-
-
-
-
- If this option is provided, nixos-install will install
- the specified closure rather than attempt to build one from
- /mnt/etc/nixos/configuration.nix.
-
-
- The closure must be an appropriately configured NixOS system, with boot
- loader and partition configuration that fits the target host. Such a
- closure is typically obtained with a command such as nix-build
- -I nixos-config=./configuration.nix '<nixpkgs/nixos>' -A system
- --no-out-link
-
-
-
-
-
- flake-uri#name
-
-
-
- Build the NixOS system from the specified flake.
- The flake must contain an output named
- nixosConfigurations.name.
-
-
-
-
-
-
-
-
-
- If this option is provided, do not copy the current
- nixos
channel to the target host. Instead, use the
- specified derivation.
-
-
-
-
-
-
-
-
-
- Add a path to the Nix expression search path. This option may be given
- multiple times. See the NIX_PATH environment variable for information on
- the semantics of the Nix search path. Paths added through
- -I take precedence over NIX_PATH.
-
-
-
-
-
-
-
-
-
-
-
-
- Sets the maximum number of build jobs that Nix will perform in parallel
- to the specified number. The default is 1. A higher
- value is useful on SMP systems or to exploit I/O latency.
-
-
-
-
-
-
-
-
-
- Sets the value of the NIX_BUILD_CORES environment variable
- in the invocation of builders. Builders can use this variable at their
- discretion to control the maximum amount of parallelism. For instance, in
- Nixpkgs, if the derivation attribute
- enableParallelBuilding is set to
- true, the builder passes the
- flag to GNU Make. The
- value 0 means that the builder should use all
- available CPU cores in the system.
-
-
-
-
-
- name value
-
-
-
- Set the Nix configuration option name to
- value.
-
-
-
-
-
-
-
-
-
- Causes Nix to print out a stack trace in case of Nix expression
- evaluation errors.
-
-
-
-
-
-
-
-
-
- Causes Nix to continue building derivations as far as possible
- in the face of failed builds.
-
-
-
-
-
-
-
-
-
- Synonym for man nixos-install.
-
-
-
-
-
-
- Examples
-
- A typical NixOS installation is done by creating and mounting a file system
- on /mnt, generating a NixOS configuration in
- /mnt/etc/nixos/configuration.nix, and running
- nixos-install. For instance, if we want to install NixOS
- on an ext4 file system created in
- /dev/sda1:
-
-$ mkfs.ext4 /dev/sda1
-$ mount /dev/sda1 /mnt
-$ nixos-generate-config --root /mnt
-$ # edit /mnt/etc/nixos/configuration.nix
-$ nixos-install
-$ reboot
-
-
-
-
diff --git a/third_party/nixpkgs/nixos/doc/manual/man-nixos-option.xml b/third_party/nixpkgs/nixos/doc/manual/man-nixos-option.xml
deleted file mode 100644
index b921386d0d..0000000000
--- a/third_party/nixpkgs/nixos/doc/manual/man-nixos-option.xml
+++ /dev/null
@@ -1,134 +0,0 @@
-
-
- nixos-option
- 8
- NixOS
-
-
-
- nixos-option
- inspect a NixOS configuration
-
-
-
- nixos-option
-
-
-
-
-
-
-
-
-
- path
-
-
-
- option.name
-
-
-
-
- Description
-
- This command evaluates the configuration specified in
- /etc/nixos/configuration.nix and returns the properties
- of the option name given as argument.
-
-
- When the option name is not an option, the command prints the list of
- attributes contained in the attribute set.
-
-
-
- Options
-
- This command accepts the following options:
-
-
-
-
-
-
-
- Print all the values at or below the specified path recursively.
-
-
-
-
-
- path
-
-
-
- This option is passed to the underlying
- nix-instantiate invocation.
-
-
-
-
-
-
- Environment
-
-
-
- NIXOS_CONFIG
-
-
-
- Path to the main NixOS configuration module. Defaults to
- /etc/nixos/configuration.nix.
-
-
-
-
-
-
- Examples
-
- Investigate option values:
-$ nixos-option boot.loader
-This attribute set contains:
-generationsDir
-grub
-initScript
-
-$ nixos-option boot.loader.grub.enable
-Value:
-true
-
-Default:
-true
-
-Description:
-Whether to enable the GNU GRUB boot loader.
-
-Declared by:
- "/nix/var/nix/profiles/per-user/root/channels/nixos/nixpkgs/nixos/modules/system/boot/loader/grub/grub.nix"
-
-Defined by:
- "/nix/var/nix/profiles/per-user/root/channels/nixos/nixpkgs/nixos/modules/system/boot/loader/grub/grub.nix"
-
-
-
-
- Bugs
-
- The author listed in the following section is wrong. If there is any other
- bug, please report to Nicolas Pierron.
-
-
-
- See also
-
-
- configuration.nix
- 5
-
-
-
-
diff --git a/third_party/nixpkgs/nixos/doc/manual/man-nixos-rebuild.xml b/third_party/nixpkgs/nixos/doc/manual/man-nixos-rebuild.xml
deleted file mode 100644
index bf0f4aafa1..0000000000
--- a/third_party/nixpkgs/nixos/doc/manual/man-nixos-rebuild.xml
+++ /dev/null
@@ -1,781 +0,0 @@
-
-
- nixos-rebuild
- 8
- NixOS
-
-
-
-
- nixos-rebuild
- reconfigure a NixOS machine
-
-
-
-
- nixos-rebuild
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- builder-spec
-
-
-
-
-
- flake-uri
-
-
-
-
-
-
-
- input-name flake-uri
-
-
-
-
-
-
-
-
-
-
-
-
-
- name
-
-
-
-
-
-
-
-
-
-
-
- name
-
-
-
-
-
- host
-
-
-
- host
-
-
-
-
-
-
-
-
-
-
-
-
-
- NIX_PATH
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- number
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- Description
-
-
- This command updates the system so that it corresponds to the
- configuration specified in
- /etc/nixos/configuration.nix or
- /etc/nixos/flake.nix. Thus, every time you
- modify the configuration or any other NixOS module, you must run
- nixos-rebuild to make the changes take
- effect. It builds the new system in
- /nix/store, runs its activation script, and
- stop and (re)starts any system services if needed. Please note that
- user services need to be started manually as they aren't detected
- by the activation script at the moment.
-
-
-
- This command has one required argument, which specifies the desired
- operation. It must be one of the following:
-
-
-
-
-
-
-
-
- Build and activate the new configuration, and make it the boot default.
- That is, the configuration is added to the GRUB boot menu as the default
- menu entry, so that subsequent reboots will boot the system into the new
- configuration. Previous configurations activated with
- nixos-rebuild switch or nixos-rebuild
- boot remain available in the GRUB menu.
-
-
- Note that if you are using specializations, running just
- nixos-rebuild switch will switch you back to the
- unspecialized, base system - in that case, you might want to use this
- instead:
-
-$ nixos-rebuild switch --specialisation your-specialisation-name
-
- This command will build all specialisations and make them bootable just
- like regular nixos-rebuild switch does - the only
- thing different is that it will switch to given specialisation instead
- of the base system; it can be also used to switch from the base system
- into a specialised one, or to switch between specialisations.
-
-
-
-
-
-
-
-
-
-
- Build the new configuration and make it the boot default (as with
- nixos-rebuild switch), but do not activate it. That
- is, the system continues to run the previous configuration until the
- next reboot.
-
-
-
-
-
-
-
-
-
-
- Build and activate the new configuration, but do not add it to the GRUB
- boot menu. Thus, if you reboot the system (or if it crashes), you will
- automatically revert to the default configuration (i.e. the
- configuration resulting from the last call to nixos-rebuild
- switch or nixos-rebuild boot).
-
-
- Note that if you are using specialisations, running just
- nixos-rebuild test will activate the unspecialised,
- base system - in that case, you might want to use this instead:
-
-$ nixos-rebuild test --specialisation your-specialisation-name
-
- This command can be also used to switch from the base system into a
- specialised one, or to switch between specialisations.
-
-
-
-
-
-
-
-
-
-
- Build the new configuration, but neither activate it nor add it to the
- GRUB boot menu. It leaves a symlink named result in
- the current directory, which points to the output of the top-level
- “system” derivation. This is essentially the same as doing
-
-$ nix-build /path/to/nixpkgs/nixos -A system
-
- Note that you do not need to be root to run
- nixos-rebuild build.
-
-
-
-
-
-
-
-
-
-
- Show what store paths would be built or downloaded by any of the
- operations above, but otherwise do nothing.
-
-
-
-
-
-
-
-
-
-
- Build the new configuration, but instead of activating it, show what
- changes would be performed by the activation (i.e. by
- nixos-rebuild test). For instance, this command will
- print which systemd units would be restarted. The list of changes is not
- guaranteed to be complete.
-
-
-
-
-
-
-
-
-
-
- Opens configuration.nix in the default editor.
-
-
-
-
-
-
-
-
-
-
- Build a script that starts a NixOS virtual machine with the desired
- configuration. It leaves a symlink result in the
- current directory that points (under
- result/bin/run-hostname-vm)
- at the script that starts the VM. Thus, to test a NixOS configuration in
- a virtual machine, you should do the following:
-
-$ nixos-rebuild build-vm
-$ ./result/bin/run-*-vm
-
-
-
-
- The VM is implemented using the qemu package. For
- best performance, you should load the kvm-intel or
- kvm-amd kernel modules to get hardware
- virtualisation.
-
-
-
- The VM mounts the Nix store of the host through the 9P file system. The
- host Nix store is read-only, so Nix commands that modify the Nix store
- will not work in the VM. This includes commands such as
- nixos-rebuild; to change the VM’s configuration,
- you must halt the VM and re-run the commands above.
-
-
-
- The VM has its own ext3 root file system, which is
- automatically created when the VM is first started, and is persistent
- across reboots of the VM. It is stored in
- ./hostname.qcow2.
-
-
-
-
-
-
-
-
-
-
-
- Like , but boots using the regular boot loader
- of your configuration (e.g., GRUB 1 or 2), rather than booting directly
- into the kernel and initial ramdisk of the system. This allows you to
- test whether the boot loader works correctly. However, it does not
- guarantee that your NixOS configuration will boot successfully on the
- host hardware (i.e., after running nixos-rebuild
- switch), because the hardware and boot loader configuration in
- the VM are different. The boot loader is installed on an automatically
- generated virtual disk containing a /boot
- partition.
-
-
-
-
-
-
-
-
- Options
-
- This command accepts the following options:
-
-
-
-
-
-
-
-
-
-
-
-
- Update the root user's channel named nixos
- before rebuilding the system.
-
-
- In addition to the nixos channel, the root
- user's channels which have a file named
- .update-on-nixos-rebuild in their base
- directory will also be updated.
-
-
- Passing updates all of the root
- user's channels.
-
-
-
-
-
-
-
-
-
-
- Causes the boot loader to be (re)installed on the device specified by the
- relevant configuration options.
-
-
-
-
-
-
-
-
-
-
- Normally, nixos-rebuild first builds the
- nixUnstable attribute in Nixpkgs, and uses the
- resulting instance of the Nix package manager to build the new system
- configuration. This is necessary if the NixOS modules use features not
- provided by the currently installed version of Nix. This option disables
- building a new Nix.
-
-
-
-
-
-
-
-
-
-
- Equivalent to . This option is
- useful if you call nixos-rebuild frequently
- (e.g. if you’re hacking on a NixOS module).
-
-
-
-
-
-
-
-
-
-
- Instead of building a new configuration as specified by
- /etc/nixos/configuration.nix, roll back to the
- previous configuration. (The previous configuration is defined as the one
- before the “current” generation of the Nix profile
- /nix/var/nix/profiles/system.)
-
-
-
-
-
-
- builder-spec
-
-
-
- Allow ad-hoc remote builders for building the new system. This requires
- the user executing nixos-rebuild (usually root) to be
- configured as a trusted user in the Nix daemon. This can be achieved by
- using the nix.settings.trusted-users NixOS option. Examples
- values for that option are described in the Remote builds
- chapter in the Nix manual, (i.e. --builders
- "ssh://bigbrother x86_64-linux"). By specifying an empty string
- existing builders specified in /etc/nix/machines can
- be ignored: --builders "" for example when they are
- not reachable due to network connectivity.
-
-
-
-
-
-
-
-
-
-
-
-
-
- Instead of using the Nix profile
- /nix/var/nix/profiles/system to keep track of the
- current and previous system configurations, use
- /nix/var/nix/profiles/system-profiles/name.
- When you use GRUB 2, for every system profile created with this flag,
- NixOS will create a submenu named “NixOS - Profile
- 'name'” in GRUB’s boot menu, containing
- the current and previous configurations of this profile.
-
-
- For instance, if you want to test a configuration file named
- test.nix without affecting the default system
- profile, you would do:
-
-$ nixos-rebuild switch -p test -I nixos-config=./test.nix
-
- The new configuration will appear in the GRUB 2 submenu “NixOS -
- Profile 'test'”.
-
-
-
-
-
-
-
-
-
-
-
-
-
- Activates given specialisation; when not specified, switching and testing
- will activate the base, unspecialised system.
-
-
-
-
-
-
-
-
-
-
- Instead of building the new configuration locally, use the specified host
- to perform the build. The host needs to be accessible with ssh, and must
- be able to perform Nix builds. If the option
- is not set, the build will be copied back
- to the local machine when done.
-
-
- Note that, if is not specified, Nix will
- be built both locally and remotely. This is because the configuration
- will always be evaluated locally even though the building might be
- performed remotely.
-
-
- You can include a remote user name in the host name
- (user@host). You can also set ssh options by
- defining the NIX_SSHOPTS environment variable.
-
-
-
-
-
-
-
-
-
-
- Specifies the NixOS target host. By setting this to something other than
- an empty string, the system activation will happen
- on the remote host instead of the local machine. The remote host needs to
- be accessible over ssh, and for the commands ,
- and you need root access.
-
-
-
- If is not explicitly specified or empty,
- building will take place locally.
-
-
-
- You can include a remote user name in the host name
- (user@host). You can also set ssh options by
- defining the NIX_SSHOPTS environment variable.
-
-
-
- Note that nixos-rebuild honors the
- nixpkgs.crossSystem setting of the given configuration
- but disregards the true architecture of the target host. Hence the
- nixpkgs.crossSystem setting has to match the target
- platform or else activation will fail.
-
-
-
-
-
-
-
-
-
-
- When set, nixos-rebuild will add
- to each invocation of nix-copy-closure. This will only affect the
- behavior of nixos-rebuild if or
- is also set. This is useful when
- the target-host connection to cache.nixos.org is faster than the
- connection between hosts.
-
-
-
-
-
-
-
-
-
-
- When set, nixos-rebuild prefixes remote commands that run on
- the and
- systems with sudo. Setting this option allows
- deploying as a non-root user.
-
-
-
-
-
-
- flake-uri#name
-
-
-
- Build the NixOS system from the specified flake. It defaults to
- the directory containing the target of the symlink
- /etc/nixos/flake.nix, if it exists. The
- flake must contain an output named
- nixosConfigurations.name. If
- name is omitted, it default to the
- current host name.
-
-
-
-
-
-
-
-
-
-
- Do not imply if
- /etc/nixos/flake.nix exists. With this
- option, it is possible to build non-flake NixOS configurations
- even if the current NixOS systems uses flakes.
-
-
-
-
-
-
-
- In addition, nixos-rebuild accepts various Nix-related
- flags, including / , ,
- , ,
- , , and /
- . See the Nix manual for details.
-
-
-
-
- Environment
-
-
-
-
- NIXOS_CONFIG
-
-
-
- Path to the main NixOS configuration module. Defaults to
- /etc/nixos/configuration.nix.
-
-
-
-
-
-
- NIX_PATH
-
-
-
- A colon-separated list of directories used to look up Nix expressions enclosed in angle brackets (e.g <nixpkgs>). Example
-
- nixpkgs=./my-nixpkgs
-
-
-
-
-
-
-
- NIX_SSHOPTS
-
-
-
- Additional options to be passed to ssh on the command
- line.
-
-
-
-
-
-
-
- Files
-
-
-
-
-
- /etc/nixos/flake.nix
-
-
-
- If this file exists, then nixos-rebuild will
- use it as if the option was given. This
- file may be a symlink to a flake.nix in an
- actual flake; thus /etc/nixos need not be a
- flake.
-
-
-
-
-
-
- /run/current-system
-
-
-
- A symlink to the currently active system configuration in the Nix store.
-
-
-
-
-
-
- /nix/var/nix/profiles/system
-
-
-
- The Nix profile that contains the current and previous system
- configurations. Used to generate the GRUB boot menu.
-
-
-
-
-
-
-
-
- Bugs
-
- This command should be renamed to something more descriptive.
-
-
-
diff --git a/third_party/nixpkgs/nixos/doc/manual/man-nixos-version.xml b/third_party/nixpkgs/nixos/doc/manual/man-nixos-version.xml
deleted file mode 100644
index 507c5035ed..0000000000
--- a/third_party/nixpkgs/nixos/doc/manual/man-nixos-version.xml
+++ /dev/null
@@ -1,158 +0,0 @@
-
-
- nixos-version
- 8
- NixOS
-
-
- nixos-version
- show the NixOS version
-
-
-
- nixos-version
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- Description
-
- This command shows the version of the currently active NixOS configuration.
- For example:
-$ nixos-version
-16.03.1011.6317da4 (Emu)
-
- The version consists of the following elements:
-
-
-
- 16.03
-
-
-
- The NixOS release, indicating the year and month in which it was
- released (e.g. March 2016).
-
-
-
-
-
- 1011
-
-
-
- The number of commits in the Nixpkgs Git repository between the start of
- the release branch and the commit from which this version was built.
- This ensures that NixOS versions are monotonically increasing. It is
- git when the current NixOS configuration was built
- from a checkout of the Nixpkgs Git repository rather than from a NixOS
- channel.
-
-
-
-
-
- 6317da4
-
-
-
- The first 7 characters of the commit in the Nixpkgs Git repository from
- which this version was built.
-
-
-
-
-
- Emu
-
-
-
- The code name of the NixOS release. The first letter of the code name
- indicates that this is the N'th stable NixOS release; for example, Emu
- is the fifth release.
-
-
-
-
-
-
-
-
- Options
-
-
- This command accepts the following options:
-
-
-
-
-
-
-
-
-
-
-
-
-
- Show the full SHA1 hash of the Git commit from which this configuration
- was built, e.g.
-$ nixos-version --hash
-6317da40006f6bc2480c6781999c52d88dde2acf
-
-
-
-
-
-
-
-
-
-
-
- Show the configuration revision if available. This could be the full SHA1
- hash of the Git commit of the system flake, if you add
- { system.configurationRevision = self.rev or "dirty"; }
- to the modules array of your flake.nix system configuration e.g.
-$ nixos-version --configuration-revision
-aa314ebd1592f6cdd53cb5bba8bcae97d9323de8
-
-
-
-
-
-
-
-
-
-
-
- Print a JSON representation of the versions of NixOS and the
- top-level configuration flake.
-
-
-
-
-
-
-
-
-
diff --git a/third_party/nixpkgs/nixos/doc/manual/man-pages.xml b/third_party/nixpkgs/nixos/doc/manual/man-pages.xml
index 58f73521e9..0186221bdd 100644
--- a/third_party/nixpkgs/nixos/doc/manual/man-pages.xml
+++ b/third_party/nixpkgs/nixos/doc/manual/man-pages.xml
@@ -15,11 +15,4 @@
-
-
-
-
-
-
-
diff --git a/third_party/nixpkgs/nixos/doc/manual/manpages/README.md b/third_party/nixpkgs/nixos/doc/manual/manpages/README.md
new file mode 100644
index 0000000000..9923f48239
--- /dev/null
+++ b/third_party/nixpkgs/nixos/doc/manual/manpages/README.md
@@ -0,0 +1,57 @@
+# NixOS manpages
+
+This is the collection of NixOS manpages, excluding `configuration.nix(5)`.
+
+Man pages are written in [`mdoc(7)` format](https://mandoc.bsd.lv/man/mdoc.7.html) and should be portable between mandoc and groff for rendering (though minor differences may occur, mandoc and groff seem to have slightly different spacing rules.)
+
+For previewing edited files, you can just run `man -l path/to/file.8` and you will see it rendered.
+
+Being written in `mdoc` these manpages use semantic markup. This file provides a guideline on where to apply which of the semantic elements of `mdoc`.
+
+### Command lines and arguments
+
+In any manpage, commands, flags and arguments to the *current* executable should be marked according to their semantics. Commands, flags and arguments passed to *other* executables should not be marked like this and should instead be considered as code examples and marked with `Ql`.
+
+ - Use `Fl` to mark flag arguments, `Ar` for their arguments.
+ - Repeating arguments should be marked by adding ellipses (`...`).
+ - Use `Cm` to mark literal string arguments, e.g. the `boot` command argument passed to `nixos-rebuild`.
+ - Optional flags or arguments should be marked with `Op`. This includes optional repeating arguments.
+ - Required flags or arguments should not be marked.
+ - Mutually exclusive groups of arguments should be enclosed in curly brackets, preferrably created with `Bro`/`Brc` blocks.
+
+When an argument is used in an example it should be marked up with `Ar` again to differentiate it from a constant. For example, a command with a `--host name` flag that calls ssh to retrieve the host's local time would signify this thusly:
+```
+This will run
+.Ic ssh Ar name Ic time
+to retrieve the remote time.
+```
+
+### Paths, NixOS options, environment variables
+
+Constant paths should be marked with `Pa`, NixOS options with `Va`, and environment variables with `Ev`.
+
+Generated paths, e.g. `result/bin/run-hostname-vm` (where `hostname` is a variable or arguments) should be marked as `Ql` inline literals with their variable components marked appropriately.
+
+ - Taking `hostname` from an argument become `.Ql result/bin/run- Ns Ar hostname Ns -vm`
+ - Taking `hostname` from a variable otherwise defined becomes `.Ql result/bin/run- Ns Va hostname Ns -vm`
+
+### Code examples and other commands
+
+In free text names and complete invocations of other commands (e.g. `ssh` or `tar -xvf src.tar`) should be marked with `Ic`, fragments of command lines should be marked with `Ql`.
+
+Larger code blocks or those that cannot be shown inline should use indented literal display block markup for their contents, i.e.
+```
+.Bd -literal -offset indent
+...
+.Ed
+```
+Contents of code blocks may be marked up further, e.g. if they refer to arguments that will be subsituted into them:
+```
+.Bd -literal -offset indent
+{
+ options.hostname = "\c
+.Ar hostname Ns \c
+";
+}
+.Ed
+```
diff --git a/third_party/nixpkgs/nixos/doc/manual/manpages/nixos-build-vms.8 b/third_party/nixpkgs/nixos/doc/manual/manpages/nixos-build-vms.8
new file mode 100644
index 0000000000..abf06b5dd5
--- /dev/null
+++ b/third_party/nixpkgs/nixos/doc/manual/manpages/nixos-build-vms.8
@@ -0,0 +1,109 @@
+.Dd January 1, 1980
+.\" nixpkgs groff will use Nixpkgs as the OS in the title by default, taking it from
+.\" doc-default-operating-system. mandoc doesn't have this register set by default,
+.\" so we can use it as a groff/mandoc switch.
+.ie ddoc-default-operating-system .Dt nixos-build-vms \&8 "NixOS System Manager's Manual"
+.el .Dt nixos-build-vms 8
+.Os NixOS
+.Sh NAME
+.Nm nixos-build-vms
+.Nd build a network of virtual machines from a network of NixOS configurations
+.
+.
+.
+.Sh SYNOPSIS
+.Nm nixos-build-vms
+.Op Fl -show-trace
+.Op Fl -no-out-link
+.Op Fl -help
+.Op Fl -option Ar name value
+.Pa network.nix
+.
+.
+.
+.Sh DESCRIPTION
+.
+This command builds a network of QEMU\-KVM virtual machines of a Nix expression
+specifying a network of NixOS machines. The virtual network can be started by
+executing the
+.Pa bin/run-vms
+shell script that is generated by this command. By default, a
+.Pa result
+symlink is produced that points to the generated virtual network.
+.
+.Pp
+A network Nix expression has the following structure:
+.Bd -literal -offset indent
+{
+ test1 = {pkgs, config, ...}:
+ {
+ services.openssh.enable = true;
+ nixpkgs.localSystem.system = "i686-linux";
+ deployment.targetHost = "test1.example.net";
+
+ # Other NixOS options
+ };
+
+ test2 = {pkgs, config, ...}:
+ {
+ services.openssh.enable = true;
+ services.httpd.enable = true;
+ environment.systemPackages = [ pkgs.lynx ];
+ nixpkgs.localSystem.system = "x86_64-linux";
+ deployment.targetHost = "test2.example.net";
+
+ # Other NixOS options
+ };
+}
+.Ed
+.
+.Pp
+Each attribute in the expression represents a machine in the network
+.Ns (e.g.
+.Va test1
+and
+.Va test2 Ns
+) referring to a function defining a NixOS configuration. In each NixOS
+configuration, two attributes have a special meaning. The
+.Va deployment.targetHost
+specifies the address (domain name or IP address) of the system which is used by
+.Ic ssh
+to perform remote deployment operations. The
+.Va nixpkgs.localSystem.system
+attribute can be used to specify an architecture for the target machine, such as
+.Ql i686-linux
+which builds a 32-bit NixOS configuration. Omitting this property will build the
+configuration for the same architecture as the host system.
+.
+.
+.
+.Sh OPTIONS
+.Bl -tag -width indent
+.It Fl -show-trace
+Shows a trace of the output.
+.
+.It Fl -no-out-link
+Do not create a
+.Pa result
+symlink.
+.
+.It Fl h , -help
+Shows the usage of this command to the user.
+.
+.It Fl -option Ar name Va value
+Set the Nix configuration option
+.Va name
+to
+.Va value Ns
+\&. This overrides settings in the Nix configuration file (see
+.Xr nix.conf 5 Ns
+).
+.El
+.
+.
+.
+.Sh AUTHORS
+.An -nosplit
+.An Eelco Dolstra
+and
+.An the Nixpkgs/NixOS contributors
diff --git a/third_party/nixpkgs/nixos/doc/manual/manpages/nixos-enter.8 b/third_party/nixpkgs/nixos/doc/manual/manpages/nixos-enter.8
new file mode 100644
index 0000000000..bc8df31e5f
--- /dev/null
+++ b/third_party/nixpkgs/nixos/doc/manual/manpages/nixos-enter.8
@@ -0,0 +1,76 @@
+.Dd January 1, 1980
+.\" nixpkgs groff will use Nixpkgs as the OS in the title by default, taking it from
+.\" doc-default-operating-system. mandoc doesn't have this register set by default,
+.\" so we can use it as a groff/mandoc switch.
+.ie ddoc-default-operating-system .Dt nixos-enter \&8 "NixOS System Manager's Manual"
+.el .Dt nixos-enter 8
+.Os NixOS
+.Sh NAME
+.Nm nixos-enter
+.Nd run a command in a NixOS chroot environment
+.
+.
+.
+.Sh SYNOPSIS
+.Nm nixos-enter
+.Op Fl -root Ar root
+.Op Fl -system Ar system
+.Op Fl -command | c Ar shell-command
+.Op Fl -silent
+.Op Fl -help
+.Op Fl - Ar arguments ...
+.
+.
+.
+.Sh DESCRIPTION
+This command runs a command in a NixOS chroot environment, that is, in a filesystem hierarchy previously prepared using
+.Xr nixos-install 8 .
+.
+.
+.
+.Sh OPTIONS
+.Bl -tag -width indent
+.It Fl -root Ar root
+The path to the NixOS system you want to enter. It defaults to
+.Pa /mnt Ns
+\&.
+.It Fl -system Ar system
+The NixOS system configuration to use. It defaults to
+.Pa /nix/var/nix/profiles/system Ns
+\&. You can enter a previous NixOS configuration by specifying a path such as
+.Pa /nix/var/nix/profiles/system-106-link Ns
+\&.
+.
+.It Fl -command Ar shell-command , Fl c Ar shell-command
+The bash command to execute.
+.
+.It Fl -silent
+Suppresses all output from the activation script of the target system.
+.
+.It Fl -
+Interpret the remaining arguments as the program name and arguments to be invoked.
+The program is not executed in a shell.
+.El
+.
+.
+.
+.Sh EXAMPLES
+.Bl -tag -width indent
+.It Ic nixos-enter --root /mnt
+Start an interactive shell in the NixOS installation in
+.Pa /mnt Ns .
+.
+.It Ic nixos-enter -c 'ls -l /; cat /proc/mounts'
+Run a shell command.
+.
+.It Ic nixos-enter -- cat /proc/mounts
+Run a non-shell command.
+.El
+.
+.
+.
+.Sh AUTHORS
+.An -nosplit
+.An Eelco Dolstra
+and
+.An the Nixpkgs/NixOS contributors
diff --git a/third_party/nixpkgs/nixos/doc/manual/manpages/nixos-generate-config.8 b/third_party/nixpkgs/nixos/doc/manual/manpages/nixos-generate-config.8
new file mode 100644
index 0000000000..8b9bb4d424
--- /dev/null
+++ b/third_party/nixpkgs/nixos/doc/manual/manpages/nixos-generate-config.8
@@ -0,0 +1,169 @@
+.Dd January 1, 1980
+.\" nixpkgs groff will use Nixpkgs as the OS in the title by default, taking it from
+.\" doc-default-operating-system. mandoc doesn't have this register set by default,
+.\" so we can use it as a groff/mandoc switch.
+.ie ddoc-default-operating-system .Dt nixos-generate-config \&8 "NixOS System Manager's Manual"
+.el .Dt nixos-generate-config 8
+.Os NixOS
+.Sh NAME
+.Nm nixos-generate-config
+.Nd generate NixOS configuration modules
+.
+.
+.
+.Sh SYNOPSIS
+.Nm nixos-generate-config
+.Op Fl -force
+.Op Fl -root Ar root
+.Op Fl -dir Ar dir
+.
+.
+.
+.Sh DESCRIPTION
+This command writes two NixOS configuration modules:
+.Bl -tag -width indent
+.It Pa /etc/nixos/hardware-configuration.nix
+This module sets NixOS configuration options based on your current hardware
+configuration. In particular, it sets the
+.Va fileSystem
+option to reflect all currently mounted file systems, the
+.Va swapDevices
+option to reflect active swap devices, and the
+.Va boot.initrd.*
+options to ensure that the initial ramdisk contains any kernel modules necessary
+for mounting the root file system.
+.Pp
+If this file already exists, it is overwritten. Thus, you should not modify it
+manually. Rather, you should include it from your
+.Pa /etc/nixos/configuration.nix Ns
+, and re-run
+.Nm
+to update it whenever your hardware configuration changes.
+.
+.It Pa /etc/nixos/configuration.nix
+This is the main NixOS system configuration module. If it already exists, it’s
+left unchanged. Otherwise,
+.Nm
+will write a template for you to customise.
+.El
+.
+.
+.
+.Sh OPTIONS
+.Bl -tag -width indent
+.It Fl -root Ar root
+If this option is given, treat the directory
+.Ar root
+as the root of the file system. This means that configuration files will be written to
+.Ql Ar root Ns /etc/nixos Ns
+, and that any file systems outside of
+.Ar root
+are ignored for the purpose of generating the
+.Va fileSystems
+option.
+.
+.It Fl -dir Ar dir
+If this option is given, write the configuration files to the directory
+.Ar dir
+instead of
+.Pa /etc/nixos Ns
+\&.
+.
+.It Fl -force
+Overwrite
+.Pa /etc/nixos/configuration.nix
+if it already exists.
+.
+.It Fl -no-filesystems
+Omit everything concerning file systems and swap devices from the hardware configuration.
+.
+.It Fl -show-hardware-config
+Don't generate
+.Pa configuration.nix
+or
+.Pa hardware-configuration.nix
+and print the hardware configuration to stdout only.
+.El
+.
+.
+.
+.Sh EXAMPLES
+This command is typically used during NixOS installation to write initial
+configuration modules. For example, if you created and mounted the target file
+systems on
+.Pa /mnt
+and
+.Pa /mnt/boot Ns
+, you would run:
+.Bd -literal -offset indent
+$ nixos-generate-config --root /mnt
+.Ed
+.
+.Pp
+The resulting file
+.Pa /mnt/etc/nixos/hardware-configuration.nix
+might look like this:
+.Bd -literal -offset indent
+# Do not modify this file! It was generated by 'nixos-generate-config'
+# and may be overwritten by future invocations. Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, pkgs, ... }:
+
+{
+ imports =
+ [
+ ];
+
+ boot.initrd.availableKernelModules = [ "ehci_hcd" "ahci" ];
+ boot.kernelModules = [ "kvm-intel" ];
+ boot.extraModulePackages = [ ];
+
+ fileSystems."/" =
+ { device = "/dev/disk/by-label/nixos";
+ fsType = "ext3";
+ options = [ "rw" "data=ordered" "relatime" ];
+ };
+
+ fileSystems."/boot" =
+ { device = "/dev/sda1";
+ fsType = "ext3";
+ options = [ "rw" "errors=continue" "user_xattr" "acl" "barrier=1" "data=writeback" "relatime" ];
+ };
+
+ swapDevices =
+ [ { device = "/dev/sda2"; }
+ ];
+
+ nix.maxJobs = 8;
+}
+.Ed
+.
+.Pp
+It will also create a basic
+.Pa /mnt/etc/nixos/configuration.nix Ns
+, which you should edit to customise the logical configuration of your system. \
+This file includes the result of the hardware scan as follows:
+.Bd -literal -offset indent
+imports = [ ./hardware-configuration.nix ];
+.Ed
+.
+.Pp
+After installation, if your hardware configuration changes, you can run:
+.Bd -literal -offset indent
+$ nixos-generate-config
+.Ed
+.
+.Pp
+to update
+.Pa /etc/nixos/hardware-configuration.nix Ns
+\&. Your
+.Pa /etc/nixos/configuration.nix
+will
+.Em not
+be overwritten.
+.
+.Sh AUTHORS
+.An -nosplit
+.An Eelco Dolstra
+and
+.An the Nixpkgs/NixOS contributors
diff --git a/third_party/nixpkgs/nixos/doc/manual/manpages/nixos-install.8 b/third_party/nixpkgs/nixos/doc/manual/manpages/nixos-install.8
new file mode 100644
index 0000000000..dc0a5da275
--- /dev/null
+++ b/third_party/nixpkgs/nixos/doc/manual/manpages/nixos-install.8
@@ -0,0 +1,195 @@
+.Dd January 1, 1980
+.\" nixpkgs groff will use Nixpkgs as the OS in the title by default, taking it from
+.\" doc-default-operating-system. mandoc doesn't have this register set by default,
+.\" so we can use it as a groff/mandoc switch.
+.ie ddoc-default-operating-system .Dt nixos-install \&8 "NixOS System Manager's Manual"
+.el .Dt nixos-install 8
+.Os NixOS
+.Sh NAME
+.Nm nixos-install
+.Nd install bootloader and NixOS
+.
+.
+.
+.Sh SYNOPSIS
+.Nm nixos-install
+.Op Fl -verbose | v
+.Op Fl I Ar path
+.Op Fl -root Ar root
+.Op Fl -system Ar path
+.Op Fl -flake Ar flake-uri
+.Op Fl -impure
+.Op Fl -channel Ar channel
+.Op Fl -no-channel-copy
+.Op Fl -no-root-password | -no-root-passwd
+.Op Fl -no-bootloader
+.Op Fl -max-jobs | j Ar number
+.Op Fl -cores Ar number
+.Op Fl -option Ar name value
+.Op Fl -show-trace
+.Op Fl -keep-going
+.Op Fl -help
+.
+.
+.
+.Sh DESCRIPTION
+This command installs NixOS in the file system mounted on
+.Pa /mnt Ns
+, based on the NixOS configuration specified in
+.Pa /mnt/etc/nixos/configuration.nix Ns
+\&. It performs the following steps:
+.
+.Bl -enum
+.It
+It copies Nix and its dependencies to
+.Pa /mnt/nix/store Ns
+\&.
+.
+.It
+It runs Nix in
+.Pa /mnt
+to build the NixOS configuration specified in
+.Pa /mnt/etc/nixos/configuration.nix Ns
+\&.
+.
+.It
+It installs the current channel
+.Dq nixos
+in the target channel profile (unless
+.Fl -no-channel-copy
+is specified).
+.
+.It
+It installs the GRUB boot loader on the device specified in the option
+.Va boot.loader.grub.device
+(unless
+.Fl -no-bootloader
+is specified), and generates a GRUB configuration file that boots into the NixOS
+configuration just installed.
+.
+.It
+It prompts you for a password for the root account (unless
+.Fl -no-root-password
+is specified).
+.El
+.
+.Pp
+This command is idempotent: if it is interrupted or fails due to a temporary
+problem (e.g. a network issue), you can safely re-run it.
+.
+.
+.
+.Sh OPTIONS
+.Bl -tag -width indent
+.It Fl -verbose , v
+Increases the level of verbosity of diagnostic messages printed on standard
+error. For each Nix operation, the information printed on standard output is
+well-defined; any diagnostic information is printed on standard error, never on
+standard output.
+.Pp
+Please note that this option may be specified repeatedly.
+.
+.It Fl -root Ar root
+Defaults to
+.Pa /mnt Ns
+\&. If this option is given, treat the directory
+.Ar root
+as the root of the NixOS installation.
+.
+.It Fl -system Ar path
+If this option is provided,
+.Nm
+will install the specified closure rather than attempt to build one from
+.Pa /mnt/etc/nixos/configuration.nix Ns
+\&.
+.Pp
+The closure must be an appropriately configured NixOS system, with boot loader
+and partition configuration that fits the target host. Such a closure is
+typically obtained with a command such as
+.Ic nix-build -I nixos-config=./configuration.nix '' -A system --no-out-link Ns
+\&.
+.
+.It Fl -flake Ar flake-uri Ns # Ns Ar name
+Build the NixOS system from the specified flake. The flake must contain an
+output named
+.Ql nixosConfigurations. Ns Ar name Ns
+\&.
+.
+.It Fl -channel Ar channel
+If this option is provided, do not copy the current
+.Dq nixos
+channel to the target host. Instead, use the specified derivation.
+.
+.It Fl I Ar Path
+Add a path to the Nix expression search path. This option may be given multiple
+times. See the
+.Ev NIX_PATH
+environment variable for information on the semantics of the Nix search path. Paths added through
+.Fl I
+take precedence over
+.Ev NIX_PATH Ns
+\&.
+.
+.It Fl -max-jobs , j Ar number
+Sets the maximum number of build jobs that Nix will perform in parallel to the
+specified number. The default is 1. A higher value is useful on SMP systems or
+to exploit I/O latency.
+.
+.It Fl -cores Ar N
+Sets the value of the
+.Ev NIX_BUILD_CORES
+environment variable in the invocation of builders. Builders can use this
+variable at their discretion to control the maximum amount of parallelism. For
+instance, in Nixpkgs, if the derivation attribute
+.Va enableParallelBuilding
+is set to true, the builder passes the
+.Fl j Ns Va N
+flag to GNU Make. The value 0 means that the builder should use all available CPU cores in the system.
+.
+.It Fl -option Ar name value
+Set the Nix configuration option
+.Ar name
+to
+.Ar value Ns
+\&.
+.
+.It Fl -show-trace
+Causes Nix to print out a stack trace in case of Nix expression evaluation errors.
+.
+.It Fl -keep-going
+Causes Nix to continue building derivations as far as possible in the face of failed builds.
+.
+.It Fl -help
+Synonym for
+.Ic man nixos-install Ns
+\&.
+.El
+.
+.
+.
+.Sh EXAMPLES
+A typical NixOS installation is done by creating and mounting a file system on
+.Pa /mnt Ns
+, generating a NixOS configuration in
+.Pa /mnt/etc/nixos/configuration.nix Ns
+, and running
+.Nm Ns
+\&. For instance, if we want to install NixOS on an ext4 file system created in
+.Pa /dev/sda1 Ns
+:
+.Bd -literal -offset indent
+$ mkfs.ext4 /dev/sda1
+$ mount /dev/sda1 /mnt
+$ nixos-generate-config --root /mnt
+$ # edit /mnt/etc/nixos/configuration.nix
+$ nixos-install
+$ reboot
+.Ed
+.
+.
+.
+.Sh AUTHORS
+.An -nosplit
+.An Eelco Dolstra
+and
+.An the Nixpkgs/NixOS contributors
diff --git a/third_party/nixpkgs/nixos/doc/manual/manpages/nixos-option.8 b/third_party/nixpkgs/nixos/doc/manual/manpages/nixos-option.8
new file mode 100644
index 0000000000..79cc113cfa
--- /dev/null
+++ b/third_party/nixpkgs/nixos/doc/manual/manpages/nixos-option.8
@@ -0,0 +1,93 @@
+.Dd January 1, 1980
+.\" nixpkgs groff will use Nixpkgs as the OS in the title by default, taking it from
+.\" doc-default-operating-system. mandoc doesn't have this register set by default,
+.\" so we can use it as a groff/mandoc switch.
+.ie ddoc-default-operating-system .Dt nixos-option \&8 "NixOS System Manager's Manual"
+.el .Dt nixos-option 8
+.Os NixOS
+.Sh NAME
+.Nm nixos-option
+.Nd inspect a NixOS configuration
+.
+.
+.
+.Sh SYNOPSIS
+.Nm
+.Op Fl r | -recursive
+.Op Fl I Ar path
+.Ar option.name
+.
+.
+.
+.Sh DESCRIPTION
+This command evaluates the configuration specified in
+.Pa /etc/nixos/configuration.nix
+and returns the properties of the option name given as argument.
+.
+.Pp
+When the option name is not an option, the command prints the list of attributes
+contained in the attribute set.
+.
+.
+.
+.Sh OPTIONS
+.Bl -tag -width indent
+.It Fl r , -recursive
+Print all the values at or below the specified path recursively.
+.
+.It Fl I Ar path
+This option is passed to the underlying
+.Xr nix-instantiate 1
+invocation.
+.El
+.
+.
+.
+.Sh ENVIRONMENT
+.Bl -tag -width indent
+.It Ev NIXOS_CONFIG
+Path to the main NixOS configuration module. Defaults to
+.Pa /etc/nixos/configuration.nix Ns
+\&.
+.El
+.
+.
+.
+.Sh EXAMPLES
+Investigate option values:
+.Bd -literal -offset indent
+$ nixos-option boot.loader
+This attribute set contains:
+generationsDir
+grub
+initScript
+
+$ nixos-option boot.loader.grub.enable
+Value:
+true
+
+Default:
+true
+
+Description:
+Whether to enable the GNU GRUB boot loader.
+
+Declared by:
+ "/nix/var/nix/profiles/per-user/root/channels/nixos/nixpkgs/nixos/modules/system/boot/loader/grub/grub.nix"
+
+Defined by:
+ "/nix/var/nix/profiles/per-user/root/channels/nixos/nixpkgs/nixos/modules/system/boot/loader/grub/grub.nix"
+.Ed
+.
+.
+.
+.Sh SEE ALSO
+.Xr configuration.nix 5
+.
+.
+.
+.Sh AUTHORS
+.An -nosplit
+.An Nicolas Pierron
+and
+.An the Nixpkgs/NixOS contributors
diff --git a/third_party/nixpkgs/nixos/doc/manual/manpages/nixos-rebuild.8 b/third_party/nixpkgs/nixos/doc/manual/manpages/nixos-rebuild.8
new file mode 100644
index 0000000000..8ff59d6da9
--- /dev/null
+++ b/third_party/nixpkgs/nixos/doc/manual/manpages/nixos-rebuild.8
@@ -0,0 +1,456 @@
+.Dd January 1, 1980
+.\" nixpkgs groff will use Nixpkgs the OS in the title by default, taking it from
+.\" doc-default-operating-system. mandoc doesn't have this register set by default,
+.\" so we can use it as a groff/mandoc switch.
+.ie ddoc-default-operating-system .Dt nixos-rebuild \&8 "NixOS System Manager's Manual"
+.el .Dt nixos-rebuild 8
+.Os NixOS
+.Sh NAME
+.Nm nixos-rebuild
+.Nd reconfigure a NixOS machine
+.
+.
+.
+.Sh SYNOPSIS
+.Nm
+.Bro
+.Cm switch | boot | test | build | dry-build | dry-activate | edit | build-vm | build-vm-with-bootloader
+.Brc
+.br
+.Op Fl -upgrade | -upgrade-all
+.Op Fl -install-bootloader
+.Op Fl -no-build-nix
+.Op Fl -fast
+.Op Fl -rollback
+.Op Fl -builders Ar builder-spec
+.br
+.Op Fl -flake Ar flake-uri
+.Op Fl -no-flake
+.Op Fl -override-input Ar input-name flake-uri
+.br
+.Op Fl -profile-name | p Ar name
+.Op Fl -specialisation | c Ar name
+.br
+.Op Fl -build-host Va host
+.Op Fl -target-host Va host
+.Op Fl -use-remote-sudo
+.br
+.Op Fl -show-trace
+.Op Fl I Va NIX_PATH
+.Op Fl -verbose | v
+.Op Fl -impure
+.Op Fl -max-jobs | j Va number
+.Op Fl -keep-failed | K
+.Op Fl -keep-going | k
+.
+.
+.
+.Sh DESCRIPTION
+This command updates the system so that it corresponds to the
+configuration specified in
+.Pa /etc/nixos/configuration.nix
+or
+.Pa /etc/nixos/flake.nix Ns
+\&. Thus, every time you modify the configuration or any other NixOS module, you
+must run
+.Nm
+to make the changes take effect. It builds the new system in
+.Pa /nix/store Ns
+, runs its activation script, and stop and (re)starts any system services if
+needed. Please note that user services need to be started manually as they
+aren't detected by the activation script at the moment.
+.
+.Pp
+This command has one required argument, which specifies the desired
+operation. It must be one of the following:
+.Bl -tag -width indent
+.It Cm switch
+Build and activate the new configuration, and make it the boot default. That
+is, the configuration is added to the GRUB boot menu as the default
+menu entry, so that subsequent reboots will boot the system into the new
+configuration. Previous configurations activated with
+.Ic nixos-rebuild switch
+or
+.Ic nixos-rebuild boot
+remain available in the GRUB menu.
+.Pp
+Note that if you are using specializations, running just
+.Ic nixos-rebuild switch
+will switch you back to the unspecialized, base system \(em in that case, you
+might want to use this instead:
+.Bd -literal -offset indent
+$ nixos-rebuild switch --specialisation your-specialisation-name
+.Ed
+.Pp
+This command will build all specialisations and make them bootable just
+like regular
+.Ic nixos-rebuild switch
+does \(em the only thing different is that it will switch to given
+specialisation instead of the base system; it can be also used to switch from
+the base system into a specialised one, or to switch between specialisations.
+.
+.It Cm boot
+Build the new configuration and make it the boot default (as with
+.Ic nixos-rebuild switch Ns
+), but do not activate it. That is, the system continues to run the previous
+configuration until the next reboot.
+.
+.It Cm test
+Build and activate the new configuration, but do not add it to the GRUB
+boot menu. Thus, if you reboot the system (or if it crashes), you will
+automatically revert to the default configuration (i.e. the
+configuration resulting from the last call to
+.Ic nixos-rebuild switch
+or
+.Ic nixos-rebuild boot Ns
+).
+.Pp
+Note that if you are using specialisations, running just
+.Ic nixos-rebuild test
+will activate the unspecialised, base system \(em in that case, you might want
+to use this instead:
+.Bd -literal -offset indent
+$ nixos-rebuild test --specialisation your-specialisation-name
+.Ed
+.Pp
+This command can be also used to switch from the base system into a
+specialised one, or to switch between specialisations.
+.
+.It Cm build
+Build the new configuration, but neither activate it nor add it to the
+GRUB boot menu. It leaves a symlink named
+.Pa result
+in the current directory, which points to the output of the top-level
+.Dq system
+derivation. This is essentially the same as doing
+.Bd -literal -offset indent
+$ nix-build /path/to/nixpkgs/nixos -A system
+.Ed
+.Pp
+Note that you do not need to be root to run
+.Ic nixos-rebuild build Ns
+\&.
+.
+.It Cm dry-build
+Show what store paths would be built or downloaded by any of the
+operations above, but otherwise do nothing.
+.
+.It Cm dry-activate
+Build the new configuration, but instead of activating it, show what
+changes would be performed by the activation (i.e. by
+.Ic nixos-rebuild test Ns
+). For instance, this command will print which systemd units would be restarted.
+The list of changes is not guaranteed to be complete.
+.
+.It Cm edit
+Opens
+.Pa configuration.nix
+in the default editor.
+.
+.It Cm build-vm
+Build a script that starts a NixOS virtual machine with the desired
+configuration. It leaves a symlink
+.Pa result
+in the current directory that points (under
+.Ql result/bin/run\- Ns Va hostname Ns \-vm Ns
+)
+at the script that starts the VM. Thus, to test a NixOS configuration in
+a virtual machine, you should do the following:
+.Bd -literal -offset indent
+$ nixos-rebuild build-vm
+$ ./result/bin/run-*-vm
+.Ed
+.Pp
+The VM is implemented using the
+.Ql qemu
+package. For best performance, you should load the
+.Ql kvm-intel
+or
+.Ql kvm-amd
+kernel modules to get hardware virtualisation.
+.Pp
+The VM mounts the Nix store of the host through the 9P file system. The
+host Nix store is read-only, so Nix commands that modify the Nix store
+will not work in the VM. This includes commands such as
+.Nm Ns
+; to change the VM’s configuration, you must halt the VM and re-run the commands
+above.
+.Pp
+The VM has its own ext3 root file system, which is automatically created when
+the VM is first started, and is persistent across reboots of the VM. It is
+stored in
+.Ql ./ Ns Va hostname Ns .qcow2 Ns
+\&.
+.\" The entire file system hierarchy of the host is available in
+.\" the VM under
+.\" .Pa /hostfs Ns
+.\" .
+.
+.It Cm build-vm-with-bootloader
+Like
+.Cm build-vm Ns
+, but boots using the regular boot loader of your configuration (e.g. GRUB 1 or
+2), rather than booting directly into the kernel and initial ramdisk of the
+system. This allows you to test whether the boot loader works correctly. \
+However, it does not guarantee that your NixOS configuration will boot
+successfully on the host hardware (i.e., after running
+.Ic nixos-rebuild switch Ns
+), because the hardware and boot loader configuration in the VM are different.
+The boot loader is installed on an automatically generated virtual disk
+containing a
+.Pa /boot
+partition.
+.El
+.
+.
+.
+.Sh OPTIONS
+.Bl -tag -width indent
+.It Fl -upgrade , -upgrade-all
+Update the root user's channel named
+.Ql nixos
+before rebuilding the system.
+.Pp
+In addition to the
+.Ql nixos
+channel, the root user's channels which have a file named
+.Ql .update-on-nixos-rebuild
+in their base directory will also be updated.
+.Pp
+Passing
+.Fl -upgrade-all
+updates all of the root user's channels.
+.
+.It Fl -install-bootloader
+Causes the boot loader to be (re)installed on the device specified by the
+relevant configuration options.
+.
+.It Fl -no-build-nix
+Normally,
+.Nm
+first builds the
+.Ql nixUnstable
+attribute in Nixpkgs, and uses the resulting instance of the Nix package manager
+to build the new system configuration. This is necessary if the NixOS modules
+use features not provided by the currently installed version of Nix. This option
+disables building a new Nix.
+.
+.It Fl -fast
+Equivalent to
+.Fl -no-build-nix Ns
+\&. This option is useful if you call
+.Nm
+frequently (e.g. if you’re hacking on a NixOS module).
+.
+.It Fl -rollback
+Instead of building a new configuration as specified by
+.Pa /etc/nixos/configuration.nix Ns
+, roll back to the previous configuration. (The previous configuration is
+defined as the one before the “current” generation of the Nix profile
+.Pa /nix/var/nix/profiles/system Ns
+\&.)
+.
+.It Fl -builders Ar builder-spec
+Allow ad-hoc remote builders for building the new system. This requires
+the user executing
+.Nm
+(usually root) to be configured as a trusted user in the Nix daemon. This can be
+achieved by using the
+.Va nix.settings.trusted-users
+NixOS option. Examples values for that option are described in the
+.Dq Remote builds
+chapter in the Nix manual, (i.e.
+.Ql --builders \(dqssh://bigbrother x86_64-linux\(dq Ns
+). By specifying an empty string existing builders specified in
+.Pa /etc/nix/machines
+can be ignored:
+.Ql --builders \(dq\(dq
+for example when they are not reachable due to network connectivity.
+.
+.It Fl -profile-name Ar name , Fl p Ar name
+Instead of using the Nix profile
+.Pa /nix/var/nix/profiles/system
+to keep track of the current and previous system configurations, use
+.Pa /nix/var/nix/profiles/system-profiles/ Ns Va name Ns
+\&. When you use GRUB 2, for every system profile created with this flag, NixOS
+will create a submenu named
+.Dq NixOS - Profile Va name
+in GRUB’s boot menu, containing the current and previous configurations of this profile.
+.Pp
+For instance, if you want to test a configuration file named
+.Pa test.nix
+without affecting the default system profile, you would do:
+.Bd -literal -offset indent
+$ nixos-rebuild switch -p test -I nixos-config=./test.nix
+.Ed
+.Pp
+The new configuration will appear in the GRUB 2 submenu
+.Dq NixOS - Profile 'test' Ns
+\&.
+.
+.It Fl -specialisation Ar name , Fl c Ar name
+Activates given specialisation; when not specified, switching and testing
+will activate the base, unspecialised system.
+.
+.It Fl -build-host Ar host
+Instead of building the new configuration locally, use the specified host
+to perform the build. The host needs to be accessible with
+.Ic ssh Ns ,
+and must be able to perform Nix builds. If the option
+.Fl -target-host
+is not set, the build will be copied back to the local machine when done.
+.Pp
+Note that, if
+.Fl -no-build-nix
+is not specified, Nix will be built both locally and remotely. This is because
+the configuration will always be evaluated locally even though the building
+might be performed remotely.
+.Pp
+You can include a remote user name in the host name
+.Ns ( Va user@host Ns
+). You can also set ssh options by defining the
+.Ev NIX_SSHOPTS
+environment variable.
+.
+.It Fl -target-host Ar host
+Specifies the NixOS target host. By setting this to something other than an
+empty string, the system activation will happen on the remote host instead of
+the local machine. The remote host needs to be accessible over
+.Ic ssh Ns ,
+and for the commands
+.Cm switch Ns
+,
+.Cm boot
+and
+.Cm test
+you need root access.
+.Pp
+If
+.Fl -build-host
+is not explicitly specified or empty, building will take place locally.
+.Pp
+You can include a remote user name in the host name
+.Ns ( Va user@host Ns
+). You can also set ssh options by defining the
+.Ev NIX_SSHOPTS
+environment variable.
+.Pp
+Note that
+.Nm
+honors the
+.Va nixpkgs.crossSystem
+setting of the given configuration but disregards the true architecture of the
+target host. Hence the
+.Va nixpkgs.crossSystem
+setting has to match the target platform or else activation will fail.
+.
+.It Fl -use-substitutes
+When set, nixos-rebuild will add
+.Fl -use-substitutes
+to each invocation of nix-copy-closure. This will only affect the behavior of
+nixos-rebuild if
+.Fl -target-host
+or
+.Fl -build-host
+is also set. This is useful when the target-host connection to cache.nixos.org
+is faster than the connection between hosts.
+.
+.It Fl -use-remote-sudo
+When set, nixos-rebuild prefixes remote commands that run on the
+.Fl -build-host
+and
+.Fl -target-host
+systems with
+.Ic sudo Ns
+\&. Setting this option allows deploying as a non-root user.
+.
+.It Fl -flake Va flake-uri Ns Op Va #name
+Build the NixOS system from the specified flake. It defaults to the directory
+containing the target of the symlink
+.Pa /etc/nixos/flake.nix Ns
+, if it exists. The flake must contain an output named
+.Ql nixosConfigurations. Ns Va name Ns
+\&. If
+.Va name
+is omitted, it default to the current host name.
+.
+.It Fl -no-flake
+Do not imply
+.Fl -flake
+if
+.Pa /etc/nixos/flake.nix
+exists. With this option, it is possible to build non-flake NixOS configurations
+even if the current NixOS systems uses flakes.
+.El
+.Pp
+In addition,
+.Nm
+accepts various Nix-related flags, including
+.Fl -max-jobs Ns ,
+.Fl j Ns ,
+.Fl I Ns ,
+.Fl -show-trace Ns ,
+.Fl -keep-failed Ns ,
+.Fl -keep-going Ns ,
+.Fl -impure Ns ,
+.Fl -verbose Ns , and
+.Fl v Ns
+\&. See the Nix manual for details.
+.
+.
+.
+.Sh ENVIRONMENT
+.Bl -tag -width indent
+.It Ev NIXOS_CONFIG
+Path to the main NixOS configuration module. Defaults to
+.Pa /etc/nixos/configuration.nix Ns
+\&.
+.
+.It Ev NIX_PATH
+A colon-separated list of directories used to look up Nix expressions enclosed
+in angle brackets (e.g. ). Example:
+.Bd -literal -offset indent
+nixpkgs=./my-nixpkgs
+.Ed
+.
+.It Ev NIX_SSHOPTS
+Additional options to be passed to
+.Ic ssh
+on the command line.
+.El
+.
+.
+.
+.Sh FILES
+.Bl -tag -width indent
+.It Pa /etc/nixos/flake.nix
+If this file exists, then
+.Nm
+will use it as if the
+.Fl -flake
+option was given. This file may be a symlink to a
+.Pa flake.nix
+in an actual flake; thus
+.Pa /etc/nixos
+need not be a flake.
+.
+.It Pa /run/current-system
+A symlink to the currently active system configuration in the Nix store.
+.
+.It Pa /nix/var/nix/profiles/system
+The Nix profile that contains the current and previous system
+configurations. Used to generate the GRUB boot menu.
+.El
+.
+.
+.
+.Sh BUGS
+This command should be renamed to something more descriptive.
+.
+.
+.
+.Sh AUTHORS
+.An -nosplit
+.An Eelco Dolstra
+and
+.An the Nixpkgs/NixOS contributors
diff --git a/third_party/nixpkgs/nixos/doc/manual/manpages/nixos-version.8 b/third_party/nixpkgs/nixos/doc/manual/manpages/nixos-version.8
new file mode 100644
index 0000000000..980ee8b1f4
--- /dev/null
+++ b/third_party/nixpkgs/nixos/doc/manual/manpages/nixos-version.8
@@ -0,0 +1,90 @@
+.Dd January 1, 1980
+.\" nixpkgs groff will use Nixpkgs as the OS in the title by default, taking it from
+.\" doc-default-operating-system. mandoc doesn't have this register set by default,
+.\" so we can use it as a groff/mandoc switch.
+.ie ddoc-default-operating-system .Dt nixos-version \&8 "NixOS System Manager's Manual"
+.el .Dt nixos-version 8
+.Os NixOS
+.Sh NAME
+.Nm nixos-version
+.Nd show the NixOS version
+.
+.
+.
+.Sh SYNOPSIS
+.Nm nixos-version
+.Op Fl -hash
+.Op Fl -revision
+.Op Fl -configuration-revision
+.Op Fl -json
+.
+.
+.
+.Sh DESCRIPTION
+This command shows the version of the currently active NixOS configuration. For example:
+.Bd -literal -offset indent
+$ nixos-version
+16.03.1011.6317da4 (Emu)
+.Ed
+.
+.Pp
+The version consists of the following elements:
+.Bl -tag -width indent
+.It Ql 16.03
+The NixOS release, indicating the year and month in which it was released
+(e.g. March 2016).
+.It Ql 1011
+The number of commits in the Nixpkgs Git repository between the start of the
+release branch and the commit from which this version was built. This ensures
+that NixOS versions are monotonically increasing. It is
+.Ql git
+when the current NixOS configuration was built from a checkout of the Nixpkgs
+Git repository rather than from a NixOS channel.
+.It Ql 6317da4
+The first 7 characters of the commit in the Nixpkgs Git repository from which
+this version was built.
+.It Ql Emu
+The code name of the NixOS release. The first letter of the code name indicates
+that this is the N'th stable NixOS release; for example, Emu is the fifth
+release.
+.El
+.
+.
+.
+.Sh OPTIONS
+.Bl -tag -width indent
+.It Fl -hash , -revision
+Show the full SHA1 hash of the Git commit from which this configuration was
+built, e.g.
+.Bd -literal -offset indent
+$ nixos-version --hash
+6317da40006f6bc2480c6781999c52d88dde2acf
+.Ed
+.
+.It Fl -configuration-revision
+Show the configuration revision if available. This could be the full SHA1 hash
+of the Git commit of the system flake, if you add
+.Bd -literal -offset indent
+{ system.configurationRevision = self.rev or "dirty"; }
+.Ed
+.Pp
+to the
+.Ql modules
+array of your flake.nix system configuration e.g.
+.Bd -literal -offset indent
+$ nixos-version --configuration-revision
+aa314ebd1592f6cdd53cb5bba8bcae97d9323de8
+.Ed
+.
+.It Fl -json
+Print a JSON representation of the versions of NixOS and the top-level
+configuration flake.
+.El
+.
+.
+.
+.Sh AUTHORS
+.An -nosplit
+.An Eelco Dolstra
+and
+.An the Nixpkgs/NixOS contributors
diff --git a/third_party/nixpkgs/nixos/doc/manual/release-notes/rl-2305.section.md b/third_party/nixpkgs/nixos/doc/manual/release-notes/rl-2305.section.md
index 96f6767321..b7614c0788 100644
--- a/third_party/nixpkgs/nixos/doc/manual/release-notes/rl-2305.section.md
+++ b/third_party/nixpkgs/nixos/doc/manual/release-notes/rl-2305.section.md
@@ -38,7 +38,7 @@ In addition to numerous new and upgraded packages, this release has the followin
- [mmsd](https://gitlab.com/kop316/mmsd), a lower level daemon that transmits and recieves MMSes. Available as [services.mmsd](#opt-services.mmsd.enable).
-- [QDMR](https://dm3mat.darc.de/qdmr/), a gui application and command line tool for programming cheap DMR radios [programs.qdmr](#opt-programs.qdmr.enable)
+- [QDMR](https://dm3mat.darc.de/qdmr/), a GUI application and command line tool for programming DMR radios [programs.qdmr](#opt-programs.qdmr.enable)
- [v2rayA](https://v2raya.org), a Linux web GUI client of Project V which supports V2Ray, Xray, SS, SSR, Trojan and Pingtunnel. Available as [services.v2raya](options.html#opt-services.v2raya.enable).
@@ -48,13 +48,17 @@ In addition to numerous new and upgraded packages, this release has the followin
- [autosuspend](https://github.com/languitar/autosuspend), a python daemon that suspends a system if certain conditions are met, or not met.
+- [sharing](https://github.com/parvardegr/sharing), a command-line tool to share directories and files from the CLI to iOS and Android devices without the need of an extra client app. Available as [programs.sharing](#opt-programs.sharing.enable).
+
## Backward Incompatibilities {#sec-release-23.05-incompatibilities}
- `carnix` and `cratesIO` has been removed due to being unmaintained, use alternatives such as [naersk](https://github.com/nix-community/naersk) and [crate2nix](https://github.com/kolloch/crate2nix) instead.
-- `checkInputs` have been renamed to `nativeCheckInputs`, because they behave the same as `nativeBuildInputs` when `doCheck` is set. `checkInputs` now denote a new type of dependencies, added to `buildInputs` when `doCheck` is set. As a rule of thumb, `nativeCheckInputs` are tools on `$PATH` used during the tests, and `checkInputs` are libraries which are linked to executables built as part of the tests. Similarly, `installCheckInputs` are renamed to `nativeInstallCheckInputs`, corresponding to `nativeBuildInputs`, and `installCheckInputs` are a new type of dependencies added to `buildInputs` when `doInstallCheck` is set. (Note that this change will not cause breakage to derivations with `strictDeps` unset, which are most packages except python, rust and go packages).
+- `checkInputs` have been renamed to `nativeCheckInputs`, because they behave the same as `nativeBuildInputs` when `doCheck` is set. `checkInputs` now denote a new type of dependencies, added to `buildInputs` when `doCheck` is set. As a rule of thumb, `nativeCheckInputs` are tools on `$PATH` used during the tests, and `checkInputs` are libraries which are linked to executables built as part of the tests. Similarly, `installCheckInputs` are renamed to `nativeInstallCheckInputs`, corresponding to `nativeBuildInputs`, and `installCheckInputs` are a new type of dependencies added to `buildInputs` when `doInstallCheck` is set. (Note that this change will not cause breakage to derivations with `strictDeps` unset, which are most packages except python, rust, ocaml and go packages).
+
+- `buildDunePackage` now defaults to `strictDeps = true` which means that any library should go into `buildInputs` or `checkInputs`. Any executable that is run on the building machine should go into `nativeBuildInputs` or `nativeCheckInputs` respectively. Example of executables are `ocaml`, `findlib` and `menhir`. PPXs are libraries which are built by dune and should therefore not go into `nativeBuildInputs`.
- `borgbackup` module now has an option for inhibiting system sleep while backups are running, defaulting to off (not inhibiting sleep), available as [`services.borgbackup.jobs..inhibitsSleep`](#opt-services.borgbackup.jobs._name_.inhibitsSleep).
@@ -97,6 +101,8 @@ In addition to numerous new and upgraded packages, this release has the followin
- The [services.wordpress.sites.<name>.plugins](#opt-services.wordpress.sites._name_.plugins) and [services.wordpress.sites.<name>.themes](#opt-services.wordpress.sites._name_.themes) options have been converted from sets to attribute sets to allow for consumers to specify explicit install paths via attribute name.
+- Nebula now runs as a system user and group created for each nebula network, using the `CAP_NET_ADMIN` ambient capability on launch rather than starting as root. Ensure that any files each Nebula instance needs to access are owned by the correct user and group, by default `nebula-${networkName}`.
+
- In `mastodon` it is now necessary to specify location of file with `PostgreSQL` database password. In `services.mastodon.database.passwordFile` parameter default value `/var/lib/mastodon/secrets/db-password` has been changed to `null`.
- The `--target-host` and `--build-host` options of `nixos-rebuild` no longer treat the `localhost` value specially – to build on/deploy to local machine, omit the relevant flag.
@@ -122,7 +128,17 @@ In addition to numerous new and upgraded packages, this release has the followin
- The module `usbmuxd` now has the ability to change the package used by the daemon. In case you're experiencing issues with `usbmuxd` you can try an alternative program like `usbmuxd2`. Available as [services.usbmuxd.package](#opt-services.usbmuxd.package)
-- A few openssh options have been moved from extraConfig to the new freeform option `settings` and renamed as follow: `services.openssh.kbdInteractiveAuthentication` to `services.openssh.settings.KbdInteractiveAuthentication`, `services.openssh.passwordAuthentication` to `services.openssh.settings.PasswordAuthentication`, `services.openssh.useDns` to `services.openssh.settings.UseDns`, `services.openssh.permitRootLogin` to `services.openssh.settings.PermitRootLogin`, `services.openssh.logLevel` to `services.openssh.settings.LogLevel`.
+- A few openssh options have been moved from extraConfig to the new freeform option `settings` and renamed as follows:
+ - `services.openssh.forwardX11` to `services.openssh.settings.X11Forwarding`
+ - `services.openssh.kbdInteractiveAuthentication` -> `services.openssh.settings.KbdInteractiveAuthentication`
+ - `services.openssh.passwordAuthentication` to `services.openssh.settings.PasswordAuthentication`
+ - `services.openssh.useDns` to `services.openssh.settings.UseDns`
+ - `services.openssh.permitRootLogin` to `services.openssh.settings.PermitRootLogin`
+ - `services.openssh.logLevel` to `services.openssh.settings.LogLevel`
+ - `services.openssh.kexAlgorithms` to `services.openssh.settings.KexAlgorithms`
+ - `services.openssh.macs` to `services.openssh.settings.Macs`
+ - `services.openssh.ciphers` to `services.openssh.settings.Ciphers`
+ - `services.openssh.gatewayPorts` to `services.openssh.settings.GatewayPorts`
- `services.mastodon` gained a tootctl wrapped named `mastodon-tootctl` similar to `nextcloud-occ` which can be executed from any user and switches to the configured mastodon user with sudo and sources the environment variables.
@@ -175,6 +191,8 @@ In addition to numerous new and upgraded packages, this release has the followin
- `services.grafana` listens only on localhost by default again. This was changed to upstreams default of `0.0.0.0` by accident in the freeform setting conversion.
+- Grafana Tempo has been updated to version 2.0. See the [upstream upgrade guide](https://grafana.com/docs/tempo/latest/release-notes/v2-0/#upgrade-considerations) for migration instructions.
+
- A new `virtualisation.rosetta` module was added to allow running `x86_64` binaries through [Rosetta](https://developer.apple.com/documentation/apple-silicon/about-the-rosetta-translation-environment) inside virtualised NixOS guests on Apple silicon. This feature works by default with the [UTM](https://docs.getutm.app/) virtualisation [package](https://search.nixos.org/packages?channel=unstable&show=utm&from=0&size=1&sort=relevance&type=packages&query=utm).
- The new option `users.motdFile` allows configuring a Message Of The Day that can be updated dynamically.
@@ -193,6 +211,8 @@ In addition to numerous new and upgraded packages, this release has the followin
- [Garage](https://garagehq.deuxfleurs.fr/) version is based on [system.stateVersion](options.html#opt-system.stateVersion), existing installations will keep using version 0.7. New installations will use version 0.8. In order to upgrade a Garage cluster, please follow [upstream instructions](https://garagehq.deuxfleurs.fr/documentation/cookbook/upgrading/) and force [services.garage.package](options.html#opt-services.garage.package) or upgrade accordingly [system.stateVersion](options.html#opt-system.stateVersion).
+- Nebula now supports the `services.nebula.networks..isRelay` and `services.nebula.networks..relays` configuration options for setting up or allowing traffic relaying. See the [announcement](https://www.defined.net/blog/announcing-relay-support-in-nebula/) for more details about relays.
+
- `hip` has been separated into `hip`, `hip-common` and `hipcc`.
- `services.nginx.recommendedProxySettings` now removes the `Connection` header preventing clients from closing backend connections.
@@ -203,12 +223,30 @@ In addition to numerous new and upgraded packages, this release has the followin
- The `services.fwupd` module now allows arbitrary daemon settings to be configured in a structured manner ([`services.fwupd.daemonSettings`](#opt-services.fwupd.daemonSettings)).
+- The `zramSwap` is now implemented with `zram-generator`, and the option `zramSwap.numDevices` for using ZRAM devices as general purpose ephemeral block devices has been removed.
+
+- As Singularity has renamed to [Apptainer](https://apptainer.org/news/community-announcement-20211130)
+ to distinguish from [an un-renamed fork by Sylabs Inc.](https://sylabs.io/2021/05/singularity-community-edition),
+ there are now two packages of Singularity/Apptainer:
+ * `apptainer`: From `github.com/apptainer/apptainer`, which is the new repo after renaming.
+ * `singularity`: From `github.com/sylabs/singularity`, which is the fork by Sylabs Inc..
+
+ `programs.singularity` got a new `package` option to specify which package to use.
+
+ `singularity-tools.buildImage` got a new input argument `singularity` to specify which package to use.
+
+- The new option `programs.singularity.enableFakeroot`, if set to `true`, provides `--fakeroot` support for `apptainer` and `singularity`.
+
- The `unifi-poller` package and corresponding NixOS module have been renamed to `unpoller` to match upstream.
- The new option `services.tailscale.useRoutingFeatures` controls various settings for using Tailscale features like exit nodes and subnet routers. If you wish to use your machine as an exit node, you can set this setting to `server`, otherwise if you wish to use an exit node you can set this setting to `client`. The strict RPF warning has been removed as the RPF will be loosened automatically based on the value of this setting.
- [Xastir](https://xastir.org/index.php/Main_Page) can now access AX.25 interfaces via the `libax25` package.
+- `tvbrowser-bin` was removed, and now `tvbrowser` is built from source.
+
- `nixos-version` now accepts `--configuration-revision` to display more information about the current generation revision
- The option `services.nomad.extraSettingsPlugins` has been fixed to allow more than one plugin in the path.
+
+- The option `services.prometheus.exporters.pihole.interval` does not exist anymore and has been removed.
diff --git a/third_party/nixpkgs/nixos/lib/make-channel.nix b/third_party/nixpkgs/nixos/lib/make-channel.nix
index 9b920b989f..0a511468fb 100644
--- a/third_party/nixpkgs/nixos/lib/make-channel.nix
+++ b/third_party/nixpkgs/nixos/lib/make-channel.nix
@@ -23,7 +23,7 @@ pkgs.releaseTools.makeSourceTarball {
cp -prd . ../$releaseName
chmod -R u+w ../$releaseName
ln -s . ../$releaseName/nixpkgs # hack to make ‘’ work
- NIX_STATE_DIR=$TMPDIR nix-env -f ../$releaseName/default.nix -qaP --meta --xml \* > /dev/null
+ NIX_STATE_DIR=$TMPDIR nix-env -f ../$releaseName/default.nix -qaP --meta --show-trace --xml \* > /dev/null
cd ..
chmod -R u+w $releaseName
tar cfJ $out/tarballs/$releaseName.tar.xz $releaseName
diff --git a/third_party/nixpkgs/nixos/lib/make-options-doc/default.nix b/third_party/nixpkgs/nixos/lib/make-options-doc/default.nix
index 271af9ba18..09b0191d2b 100644
--- a/third_party/nixpkgs/nixos/lib/make-options-doc/default.nix
+++ b/third_party/nixpkgs/nixos/lib/make-options-doc/default.nix
@@ -78,7 +78,7 @@ let
title = args.title or null;
name = args.name or (lib.concatStringsSep "." args.path);
in ''
- - [`${lib.optionalString (title != null) "${title} aka "}pkgs.${name}`](
+ - [${lib.optionalString (title != null) "${title} aka "}`pkgs.${name}`](
https://search.nixos.org/packages?show=${name}&sort=relevance&query=${name}
)${
lib.optionalString (args ? comment) "\n\n ${args.comment}"
diff --git a/third_party/nixpkgs/nixos/lib/test-driver/test_driver/machine.py b/third_party/nixpkgs/nixos/lib/test-driver/test_driver/machine.py
index 8f01833bff..0db7930f49 100644
--- a/third_party/nixpkgs/nixos/lib/test-driver/test_driver/machine.py
+++ b/third_party/nixpkgs/nixos/lib/test-driver/test_driver/machine.py
@@ -1,4 +1,4 @@
-from contextlib import _GeneratorContextManager
+from contextlib import _GeneratorContextManager, nullcontext
from pathlib import Path
from queue import Queue
from typing import Any, Callable, Dict, Iterable, List, Optional, Tuple
@@ -406,25 +406,23 @@ class Machine:
return rootlog.nested(msg, my_attrs)
def wait_for_monitor_prompt(self) -> str:
- with self.nested("waiting for monitor prompt"):
- assert self.monitor is not None
- answer = ""
- while True:
- undecoded_answer = self.monitor.recv(1024)
- if not undecoded_answer:
- break
- answer += undecoded_answer.decode()
- if answer.endswith("(qemu) "):
- break
- return answer
+ assert self.monitor is not None
+ answer = ""
+ while True:
+ undecoded_answer = self.monitor.recv(1024)
+ if not undecoded_answer:
+ break
+ answer += undecoded_answer.decode()
+ if answer.endswith("(qemu) "):
+ break
+ return answer
def send_monitor_command(self, command: str) -> str:
self.run_callbacks()
- with self.nested(f"sending monitor command: {command}"):
- message = f"{command}\n".encode()
- assert self.monitor is not None
- self.monitor.send(message)
- return self.wait_for_monitor_prompt()
+ message = f"{command}\n".encode()
+ assert self.monitor is not None
+ self.monitor.send(message)
+ return self.wait_for_monitor_prompt()
def wait_for_unit(
self, unit: str, user: Optional[str] = None, timeout: int = 900
@@ -547,7 +545,7 @@ class Machine:
self.shell.send("echo ${PIPESTATUS[0]}\n".encode())
rc = int(self._next_newline_closed_block_from_shell().strip())
- return (rc, output.decode())
+ return (rc, output.decode(errors="replace"))
def shell_interact(self, address: Optional[str] = None) -> None:
"""Allows you to interact with the guest shell for debugging purposes.
@@ -685,9 +683,9 @@ class Machine:
retry(tty_matches)
def send_chars(self, chars: str, delay: Optional[float] = 0.01) -> None:
- with self.nested(f"sending keys '{chars}'"):
+ with self.nested(f"sending keys {repr(chars)}"):
for char in chars:
- self.send_key(char, delay)
+ self.send_key(char, delay, log=False)
def wait_for_file(self, filename: str) -> None:
"""Waits until the file exists in machine's file system."""
@@ -860,11 +858,15 @@ class Machine:
if matches is not None:
return
- def send_key(self, key: str, delay: Optional[float] = 0.01) -> None:
+ def send_key(
+ self, key: str, delay: Optional[float] = 0.01, log: Optional[bool] = True
+ ) -> None:
key = CHAR_TO_KEY.get(key, key)
- self.send_monitor_command(f"sendkey {key}")
- if delay is not None:
- time.sleep(delay)
+ context = self.nested(f"sending key {repr(key)}") if log else nullcontext()
+ with context:
+ self.send_monitor_command(f"sendkey {key}")
+ if delay is not None:
+ time.sleep(delay)
def send_console(self, chars: str) -> None:
assert self.process
diff --git a/third_party/nixpkgs/nixos/maintainers/scripts/lxd/lxd-image-inner.nix b/third_party/nixpkgs/nixos/maintainers/scripts/lxd/lxd-image-inner.nix
index c8cf2a04fb..ee55da1e9c 100644
--- a/third_party/nixpkgs/nixos/maintainers/scripts/lxd/lxd-image-inner.nix
+++ b/third_party/nixpkgs/nixos/maintainers/scripts/lxd/lxd-image-inner.nix
@@ -89,7 +89,7 @@ with lib;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
- # on your system were taken. It‘s perfectly fine and recommended to leave
+ # on your system were taken. It’s perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
diff --git a/third_party/nixpkgs/nixos/modules/config/no-x-libs.nix b/third_party/nixpkgs/nixos/modules/config/no-x-libs.nix
index 1d0bc73cac..e18003c0d4 100644
--- a/third_party/nixpkgs/nixos/modules/config/no-x-libs.nix
+++ b/third_party/nixpkgs/nixos/modules/config/no-x-libs.nix
@@ -46,8 +46,10 @@ with lib;
libextractor = super.libextractor.override { gtkSupport = false; };
libva = super.libva-minimal;
limesuite = super.limesuite.override { withGui = false; };
+ mc = super.mc.override { x11Support = false; };
mpv-unwrapped = super.mpv-unwrapped.override { sdl2Support = false; x11Support = false; };
msmtp = super.msmtp.override { withKeyring = false; };
+ neofetch = super.neofetch.override { x11Support = false; };
networkmanager-fortisslvpn = super.networkmanager-fortisslvpn.override { withGnome = false; };
networkmanager-iodine = super.networkmanager-iodine.override { withGnome = false; };
networkmanager-l2tp = super.networkmanager-l2tp.override { withGnome = false; };
diff --git a/third_party/nixpkgs/nixos/modules/config/stevenblack.nix b/third_party/nixpkgs/nixos/modules/config/stevenblack.nix
index ec68684849..07a0aa339a 100644
--- a/third_party/nixpkgs/nixos/modules/config/stevenblack.nix
+++ b/third_party/nixpkgs/nixos/modules/config/stevenblack.nix
@@ -15,7 +15,7 @@ let
in
{
options.networking.stevenblack = {
- enable = mkEnableOption (mdDoc "Enable the stevenblack hosts file blocklist.");
+ enable = mkEnableOption (mdDoc "Enable the stevenblack hosts file blocklist");
block = mkOption {
type = types.listOf (types.enum [ "fakenews" "gambling" "porn" "social" ]);
diff --git a/third_party/nixpkgs/nixos/modules/config/zram.nix b/third_party/nixpkgs/nixos/modules/config/zram.nix
index 87ac53a60b..4df646cf27 100644
--- a/third_party/nixpkgs/nixos/modules/config/zram.nix
+++ b/third_party/nixpkgs/nixos/modules/config/zram.nix
@@ -1,45 +1,27 @@
{ config, lib, pkgs, ... }:
-with lib;
-
let
cfg = config.zramSwap;
-
- # don't set swapDevices as mkDefault, so we can detect user had read our warning
- # (see below) and made an action (or not)
- devicesCount = if cfg.swapDevices != null then cfg.swapDevices else cfg.numDevices;
-
- devices = map (nr: "zram${toString nr}") (range 0 (devicesCount - 1));
-
- modprobe = "${pkgs.kmod}/bin/modprobe";
-
- warnings =
- assert cfg.swapDevices != null -> cfg.numDevices >= cfg.swapDevices;
- flatten [
- (optional (cfg.numDevices > 1 && cfg.swapDevices == null) ''
- Using several small zram devices as swap is no better than using one large.
- Set either zramSwap.numDevices = 1 or explicitly set zramSwap.swapDevices.
-
- Previously multiple zram devices were used to enable multithreaded
- compression. Linux supports multithreaded compression for 1 device
- since 3.15. See https://lkml.org/lkml/2014/2/28/404 for details.
- '')
- ];
+ devices = map (nr: "zram${toString nr}") (lib.range 0 (cfg.swapDevices - 1));
in
{
+ imports = [
+ (lib.mkRemovedOptionModule [ "zramSwap" "numDevices" ] "Using ZRAM devices as general purpose ephemeral block devices is no longer supported")
+ ];
+
###### interface
options = {
zramSwap = {
- enable = mkOption {
+ enable = lib.mkOption {
default = false;
- type = types.bool;
+ type = lib.types.bool;
description = lib.mdDoc ''
Enable in-memory compressed devices and swap space provided by the zram
kernel module.
@@ -49,29 +31,17 @@ in
'';
};
- numDevices = mkOption {
+ swapDevices = lib.mkOption {
default = 1;
- type = types.int;
+ type = lib.types.int;
description = lib.mdDoc ''
- Number of zram devices to create. See also
- `zramSwap.swapDevices`
+ Number of zram devices to be used as swap, recommended is 1.
'';
};
- swapDevices = mkOption {
- default = null;
- example = 1;
- type = with types; nullOr int;
- description = lib.mdDoc ''
- Number of zram devices to be used as swap. Must be
- `<= zramSwap.numDevices`.
- Default is same as `zramSwap.numDevices`, recommended is 1.
- '';
- };
-
- memoryPercent = mkOption {
+ memoryPercent = lib.mkOption {
default = 50;
- type = types.int;
+ type = lib.types.int;
description = lib.mdDoc ''
Maximum total amount of memory that can be stored in the zram swap devices
(as a percentage of your total memory). Defaults to 1/2 of your total
@@ -80,9 +50,9 @@ in
'';
};
- memoryMax = mkOption {
+ memoryMax = lib.mkOption {
default = null;
- type = with types; nullOr int;
+ type = with lib.types; nullOr int;
description = lib.mdDoc ''
Maximum total amount of memory (in bytes) that can be stored in the zram
swap devices.
@@ -90,9 +60,9 @@ in
'';
};
- priority = mkOption {
+ priority = lib.mkOption {
default = 5;
- type = types.int;
+ type = lib.types.int;
description = lib.mdDoc ''
Priority of the zram swap devices. It should be a number higher than
the priority of your disk-based swap devices (so that the system will
@@ -100,10 +70,10 @@ in
'';
};
- algorithm = mkOption {
+ algorithm = lib.mkOption {
default = "zstd";
example = "lz4";
- type = with types; either (enum [ "lzo" "lz4" "zstd" ]) str;
+ type = with lib.types; either (enum [ "lzo" "lz4" "zstd" ]) str;
description = lib.mdDoc ''
Compression algorithm. `lzo` has good compression,
but is slow. `lz4` has bad compression, but is fast.
@@ -116,9 +86,7 @@ in
};
- config = mkIf cfg.enable {
-
- inherit warnings;
+ config = lib.mkIf cfg.enable {
system.requiredKernelConfig = with config.lib.kernelConfig; [
(isModule "ZRAM")
@@ -128,78 +96,25 @@ in
# once in stage 2 boot, and again when the zram-reloader service starts.
# boot.kernelModules = [ "zram" ];
- boot.extraModprobeConfig = ''
- options zram num_devices=${toString cfg.numDevices}
- '';
+ systemd.packages = [ pkgs.zram-generator ];
+ systemd.services."systemd-zram-setup@".path = [ pkgs.util-linux ]; # for mkswap
- boot.kernelParams = ["zram.num_devices=${toString cfg.numDevices}"];
-
- services.udev.extraRules = ''
- KERNEL=="zram[0-9]*", ENV{SYSTEMD_WANTS}="zram-init-%k.service", TAG+="systemd"
- '';
-
- systemd.services =
- let
- createZramInitService = dev:
- nameValuePair "zram-init-${dev}" {
- description = "Init swap on zram-based device ${dev}";
- after = [ "dev-${dev}.device" "zram-reloader.service" ];
- requires = [ "dev-${dev}.device" "zram-reloader.service" ];
- before = [ "dev-${dev}.swap" ];
- requiredBy = [ "dev-${dev}.swap" ];
- unitConfig.DefaultDependencies = false; # needed to prevent a cycle
- serviceConfig = {
- Type = "oneshot";
- RemainAfterExit = true;
- ExecStop = "${pkgs.runtimeShell} -c 'echo 1 > /sys/class/block/${dev}/reset'";
- };
- script = ''
- set -euo pipefail
-
- # Calculate memory to use for zram
- mem=$(${pkgs.gawk}/bin/awk '/MemTotal: / {
- value=int($2*${toString cfg.memoryPercent}/100.0/${toString devicesCount}*1024);
- ${lib.optionalString (cfg.memoryMax != null) ''
- memory_max=int(${toString cfg.memoryMax}/${toString devicesCount});
- if (value > memory_max) { value = memory_max }
- ''}
- print value
- }' /proc/meminfo)
-
- ${pkgs.util-linux}/sbin/zramctl --size $mem --algorithm ${cfg.algorithm} /dev/${dev}
- ${pkgs.util-linux}/sbin/mkswap /dev/${dev}
- '';
- restartIfChanged = false;
- };
- in listToAttrs ((map createZramInitService devices) ++ [(nameValuePair "zram-reloader"
- {
- description = "Reload zram kernel module when number of devices changes";
- wants = [ "systemd-udevd.service" ];
- after = [ "systemd-udevd.service" ];
- unitConfig.DefaultDependencies = false; # needed to prevent a cycle
- serviceConfig = {
- Type = "oneshot";
- RemainAfterExit = true;
- ExecStartPre = "-${modprobe} -r zram";
- ExecStart = "-${modprobe} zram";
- ExecStop = "-${modprobe} -r zram";
- };
- restartTriggers = [
- cfg.numDevices
- cfg.algorithm
- cfg.memoryPercent
- ];
- restartIfChanged = true;
- })]);
-
- swapDevices =
- let
- useZramSwap = dev:
- {
- device = "/dev/${dev}";
- priority = cfg.priority;
- };
- in map useZramSwap devices;
+ environment.etc."systemd/zram-generator.conf".source =
+ (pkgs.formats.ini { }).generate "zram-generator.conf" (lib.listToAttrs
+ (builtins.map
+ (dev: {
+ name = dev;
+ value =
+ let
+ size = "${toString cfg.memoryPercent} / 100 * ram";
+ in
+ {
+ zram-size = if cfg.memoryMax != null then "min(${size}, ${toString cfg.memoryMax} / 1024 / 1024)" else size;
+ compression-algorithm = cfg.algorithm;
+ swap-priority = cfg.priority;
+ };
+ })
+ devices));
};
diff --git a/third_party/nixpkgs/nixos/modules/hardware/video/nvidia.nix b/third_party/nixpkgs/nixos/modules/hardware/video/nvidia.nix
index cee230ac41..2eff322d96 100644
--- a/third_party/nixpkgs/nixos/modules/hardware/video/nvidia.nix
+++ b/third_party/nixpkgs/nixos/modules/hardware/video/nvidia.nix
@@ -21,7 +21,8 @@ let
pCfg = cfg.prime;
syncCfg = pCfg.sync;
offloadCfg = pCfg.offload;
- primeEnabled = syncCfg.enable || offloadCfg.enable;
+ reverseSyncCfg = pCfg.reverseSync;
+ primeEnabled = syncCfg.enable || reverseSyncCfg.enable || offloadCfg.enable;
nvidiaPersistencedEnabled = cfg.nvidiaPersistenced;
nvidiaSettings = cfg.nvidiaSettings;
busIDType = types.strMatching "([[:print:]]+[\:\@][0-9]{1,3}\:[0-9]{1,2}\:[0-9])?";
@@ -31,7 +32,8 @@ in
imports =
[
(mkRenamedOptionModule [ "hardware" "nvidia" "optimus_prime" "enable" ] [ "hardware" "nvidia" "prime" "sync" "enable" ])
- (mkRenamedOptionModule [ "hardware" "nvidia" "optimus_prime" "allowExternalGpu" ] [ "hardware" "nvidia" "prime" "sync" "allowExternalGpu" ])
+ (mkRenamedOptionModule [ "hardware" "nvidia" "optimus_prime" "allowExternalGpu" ] [ "hardware" "nvidia" "prime" "allowExternalGpu" ])
+ (mkRenamedOptionModule [ "hardware" "nvidia" "prime" "sync" "allowExternalGpu" ] [ "hardware" "nvidia" "prime" "allowExternalGpu" ])
(mkRenamedOptionModule [ "hardware" "nvidia" "optimus_prime" "nvidiaBusId" ] [ "hardware" "nvidia" "prime" "nvidiaBusId" ])
(mkRenamedOptionModule [ "hardware" "nvidia" "optimus_prime" "intelBusId" ] [ "hardware" "nvidia" "prime" "intelBusId" ])
];
@@ -104,16 +106,17 @@ in
description = lib.mdDoc ''
Enable NVIDIA Optimus support using the NVIDIA proprietary driver via PRIME.
If enabled, the NVIDIA GPU will be always on and used for all rendering,
- while enabling output to displays attached only to the integrated Intel GPU
- without a multiplexer.
+ while enabling output to displays attached only to the integrated Intel/AMD
+ GPU without a multiplexer.
Note that this option only has any effect if the "nvidia" driver is specified
in {option}`services.xserver.videoDrivers`, and it should preferably
be the only driver there.
- If this is enabled, then the bus IDs of the NVIDIA and Intel GPUs have to be
- specified ({option}`hardware.nvidia.prime.nvidiaBusId` and
- {option}`hardware.nvidia.prime.intelBusId`).
+ If this is enabled, then the bus IDs of the NVIDIA and Intel/AMD GPUs have to
+ be specified ({option}`hardware.nvidia.prime.nvidiaBusId` and
+ {option}`hardware.nvidia.prime.intelBusId` or
+ {option}`hardware.nvidia.prime.amdgpuBusId`).
If you enable this, you may want to also enable kernel modesetting for the
NVIDIA driver ({option}`hardware.nvidia.modesetting.enable`) in order
@@ -125,11 +128,11 @@ in
'';
};
- hardware.nvidia.prime.sync.allowExternalGpu = mkOption {
+ hardware.nvidia.prime.allowExternalGpu = mkOption {
type = types.bool;
default = false;
description = lib.mdDoc ''
- Configure X to allow external NVIDIA GPUs when using optimus.
+ Configure X to allow external NVIDIA GPUs when using Prime [Reverse] sync optimus.
'';
};
@@ -139,9 +142,54 @@ in
description = lib.mdDoc ''
Enable render offload support using the NVIDIA proprietary driver via PRIME.
- If this is enabled, then the bus IDs of the NVIDIA and Intel GPUs have to be
- specified ({option}`hardware.nvidia.prime.nvidiaBusId` and
- {option}`hardware.nvidia.prime.intelBusId`).
+ If this is enabled, then the bus IDs of the NVIDIA and Intel/AMD GPUs have to
+ be specified ({option}`hardware.nvidia.prime.nvidiaBusId` and
+ {option}`hardware.nvidia.prime.intelBusId` or
+ {option}`hardware.nvidia.prime.amdgpuBusId`).
+ '';
+ };
+
+ hardware.nvidia.prime.offload.enableOffloadCmd = mkOption {
+ type = types.bool;
+ default = false;
+ description = lib.mdDoc ''
+ Adds a `nvidia-offload` convenience script to {option}`environment.systemPackages`
+ for offloading programs to an nvidia device. To work, should have also enabled
+ {option}`hardware.nvidia.prime.offload.enable` or {option}`hardware.nvidia.prime.reverseSync.enable`.
+
+ Example usage `nvidia-offload sauerbraten_client`.
+ '';
+ };
+
+ hardware.nvidia.prime.reverseSync.enable = mkOption {
+ type = types.bool;
+ default = false;
+ description = lib.mdDoc ''
+ Warning: This feature is relatively new, depending on your system this might
+ work poorly. AMD support, especially so.
+ See: https://forums.developer.nvidia.com/t/the-all-new-outputsink-feature-aka-reverse-prime/129828
+
+ Enable NVIDIA Optimus support using the NVIDIA proprietary driver via reverse
+ PRIME. If enabled, the Intel/AMD GPU will be used for all rendering, while
+ enabling output to displays attached only to the NVIDIA GPU without a
+ multiplexer.
+
+ Note that this option only has any effect if the "nvidia" driver is specified
+ in {option}`services.xserver.videoDrivers`, and it should preferably
+ be the only driver there.
+
+ If this is enabled, then the bus IDs of the NVIDIA and Intel/AMD GPUs have to
+ be specified ({option}`hardware.nvidia.prime.nvidiaBusId` and
+ {option}`hardware.nvidia.prime.intelBusId` or
+ {option}`hardware.nvidia.prime.amdgpuBusId`).
+
+ If you enable this, you may want to also enable kernel modesetting for the
+ NVIDIA driver ({option}`hardware.nvidia.modesetting.enable`) in order
+ to prevent tearing.
+
+ Note that this configuration will only be successful when a display manager
+ for which the {option}`services.xserver.displayManager.setupCommands`
+ option is supported is used.
'';
};
@@ -205,6 +253,13 @@ in
'';
}
+ {
+ assertion = offloadCfg.enableOffloadCmd -> offloadCfg.enable || reverseSyncCfg.enable;
+ message = ''
+ Offload command requires offloading or reverse prime sync to be enabled.
+ '';
+ }
+
{
assertion = primeEnabled -> pCfg.nvidiaBusId != "" && (pCfg.intelBusId != "" || pCfg.amdgpuBusId != "");
message = ''
@@ -217,9 +272,19 @@ in
message = "NVIDIA PRIME render offload is currently only supported on versions >= 435.21.";
}
+ {
+ assertion = (reverseSyncCfg.enable && pCfg.amdgpuBusId != "") -> versionAtLeast nvidia_x11.version "470.0";
+ message = "NVIDIA PRIME render offload for AMD APUs is currently only supported on versions >= 470 beta.";
+ }
+
{
assertion = !(syncCfg.enable && offloadCfg.enable);
- message = "Only one NVIDIA PRIME solution may be used at a time.";
+ message = "PRIME Sync and Offload cannot be both enabled";
+ }
+
+ {
+ assertion = !(syncCfg.enable && reverseSyncCfg.enable);
+ message = "PRIME Sync and PRIME Reverse Sync cannot be both enabled";
}
{
@@ -257,8 +322,10 @@ in
# - Configure the display manager to run specific `xrandr` commands which will
# configure/enable displays connected to the Intel iGPU / AMD APU.
- services.xserver.drivers = let
- in optional primeEnabled {
+ # reverse sync implies offloading
+ hardware.nvidia.prime.offload.enable = mkDefault reverseSyncCfg.enable;
+
+ services.xserver.drivers = optional primeEnabled {
name = igpuDriver;
display = offloadCfg.enable;
modules = optionals (igpuDriver == "amdgpu") [ pkgs.xorg.xf86videoamdgpu ];
@@ -273,7 +340,7 @@ in
deviceSection = optionalString primeEnabled
''
BusID "${pCfg.nvidiaBusId}"
- ${optionalString syncCfg.allowExternalGpu "Option \"AllowExternalGpus\""}
+ ${optionalString pCfg.allowExternalGpu "Option \"AllowExternalGpus\""}
'';
screenSection =
''
@@ -290,19 +357,22 @@ in
services.xserver.serverLayoutSection = optionalString syncCfg.enable ''
Inactive "Device-${igpuDriver}[0]"
+ '' + optionalString reverseSyncCfg.enable ''
+ Inactive "Device-nvidia[0]"
'' + optionalString offloadCfg.enable ''
Option "AllowNVIDIAGPUScreens"
'';
services.xserver.displayManager.setupCommands = let
- sinkGpuProviderName = if igpuDriver == "amdgpu" then
+ gpuProviderName = if igpuDriver == "amdgpu" then
# find the name of the provider if amdgpu
"`${pkgs.xorg.xrandr}/bin/xrandr --listproviders | ${pkgs.gnugrep}/bin/grep -i AMD | ${pkgs.gnused}/bin/sed -n 's/^.*name://p'`"
else
igpuDriver;
- in optionalString syncCfg.enable ''
+ providerCmdParams = if syncCfg.enable then "\"${gpuProviderName}\" NVIDIA-0" else "NVIDIA-G0 \"${gpuProviderName}\"";
+ in optionalString (syncCfg.enable || reverseSyncCfg.enable) ''
# Added by nvidia configuration module for Optimus/PRIME.
- ${pkgs.xorg.xrandr}/bin/xrandr --setprovideroutputsource "${sinkGpuProviderName}" NVIDIA-0
+ ${pkgs.xorg.xrandr}/bin/xrandr --setprovideroutputsource ${providerCmdParams}
${pkgs.xorg.xrandr}/bin/xrandr --auto
'';
@@ -325,7 +395,16 @@ in
environment.systemPackages = [ nvidia_x11.bin ]
++ optionals cfg.nvidiaSettings [ nvidia_x11.settings ]
- ++ optionals nvidiaPersistencedEnabled [ nvidia_x11.persistenced ];
+ ++ optionals nvidiaPersistencedEnabled [ nvidia_x11.persistenced ]
+ ++ optionals offloadCfg.enableOffloadCmd [
+ (pkgs.writeShellScriptBin "nvidia-offload" ''
+ export __NV_PRIME_RENDER_OFFLOAD=1
+ export __NV_PRIME_RENDER_OFFLOAD_PROVIDER=NVIDIA-G0
+ export __GLX_VENDOR_LIBRARY_NAME=nvidia
+ export __VK_LAYER_NV_optimus=NVIDIA_only
+ exec "$@"
+ '')
+ ];
systemd.packages = optional cfg.powerManagement.enable nvidia_x11.out;
diff --git a/third_party/nixpkgs/nixos/modules/installer/tools/tools.nix b/third_party/nixpkgs/nixos/modules/installer/tools/tools.nix
index caf97f66ef..d1b16d042d 100644
--- a/third_party/nixpkgs/nixos/modules/installer/tools/tools.nix
+++ b/third_party/nixpkgs/nixos/modules/installer/tools/tools.nix
@@ -217,7 +217,7 @@ in
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
- # on your system were taken. It‘s perfectly fine and recommended to leave
+ # on your system were taken. It’s perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
diff --git a/third_party/nixpkgs/nixos/modules/misc/ids.nix b/third_party/nixpkgs/nixos/modules/misc/ids.nix
index 17ea04cb4e..a434932497 100644
--- a/third_party/nixpkgs/nixos/modules/misc/ids.nix
+++ b/third_party/nixpkgs/nixos/modules/misc/ids.nix
@@ -510,6 +510,7 @@ in
#seeks = 148; # removed 2020-06-21
prosody = 149;
i2pd = 150;
+ systemd-coredump = 151;
systemd-network = 152;
systemd-resolve = 153;
systemd-timesync = 154;
diff --git a/third_party/nixpkgs/nixos/modules/misc/version.nix b/third_party/nixpkgs/nixos/modules/misc/version.nix
index 30d11913c5..447f819385 100644
--- a/third_party/nixpkgs/nixos/modules/misc/version.nix
+++ b/third_party/nixpkgs/nixos/modules/misc/version.nix
@@ -130,7 +130,7 @@ in
to be compatible. The effect is that NixOS will use
defaults corresponding to the specified release (such as using
an older version of PostgreSQL).
- It‘s perfectly fine and recommended to leave this value at the
+ It’s perfectly fine and recommended to leave this value at the
release version of the first install of this system.
Changing this option will not upgrade your system. In fact it
is meant to stay constant exactly when you upgrade your system.
diff --git a/third_party/nixpkgs/nixos/modules/module-list.nix b/third_party/nixpkgs/nixos/modules/module-list.nix
index 82eec40ecf..7a818f11ee 100644
--- a/third_party/nixpkgs/nixos/modules/module-list.nix
+++ b/third_party/nixpkgs/nixos/modules/module-list.nix
@@ -195,6 +195,7 @@
./programs/mdevctl.nix
./programs/mepo.nix
./programs/mininet.nix
+ ./programs/miriway.nix
./programs/mosh.nix
./programs/msmtp.nix
./programs/mtr.nix
@@ -222,6 +223,7 @@
./programs/seahorse.nix
./programs/sedutil.nix
./programs/shadow.nix
+ ./programs/sharing.nix
./programs/singularity.nix
./programs/skim.nix
./programs/slock.nix
@@ -696,6 +698,7 @@
./services/monitoring/arbtt.nix
./services/monitoring/bosun.nix
./services/monitoring/cadvisor.nix
+ ./services/monitoring/cockpit.nix
./services/monitoring/collectd.nix
./services/monitoring/das_watchdog.nix
./services/monitoring/datadog-agent.nix
@@ -1364,6 +1367,7 @@
./virtualisation/lxc.nix
./virtualisation/lxcfs.nix
./virtualisation/lxd.nix
+ ./virtualisation/multipass.nix
./virtualisation/nixos-containers.nix
./virtualisation/oci-containers.nix
./virtualisation/openstack-options.nix
diff --git a/third_party/nixpkgs/nixos/modules/programs/k3b.nix b/third_party/nixpkgs/nixos/modules/programs/k3b.nix
index cdaed3cf70..5d19e4f1cc 100644
--- a/third_party/nixpkgs/nixos/modules/programs/k3b.nix
+++ b/third_party/nixpkgs/nixos/modules/programs/k3b.nix
@@ -28,7 +28,7 @@ with lib;
k3b
dvdplusrwtools
cdrdao
- cdrkit
+ cdrtools
];
security.wrappers = {
@@ -44,7 +44,7 @@ with lib;
owner = "root";
group = "cdrom";
permissions = "u+wrx,g+x";
- source = "${pkgs.cdrkit}/bin/cdrecord";
+ source = "${pkgs.cdrtools}/bin/cdrecord";
};
};
diff --git a/third_party/nixpkgs/nixos/modules/programs/miriway.nix b/third_party/nixpkgs/nixos/modules/programs/miriway.nix
new file mode 100644
index 0000000000..52b5f84762
--- /dev/null
+++ b/third_party/nixpkgs/nixos/modules/programs/miriway.nix
@@ -0,0 +1,60 @@
+{ config, pkgs, lib, ... }:
+
+let
+ cfg = config.programs.miriway;
+in {
+ options.programs.miriway = {
+ enable = lib.mkEnableOption (lib.mdDoc ''
+ Miriway, a Mir based Wayland compositor. You can manually launch Miriway by
+ executing "exec miriway" on a TTY, or launch it from a display manager. Copy
+ /etc/xdg/xdg-miriway/miriway-shell.config to ~/.config/miriway-shell.config
+ to modify the default configuration. See ,
+ and "miriway --help" for more information'');
+
+ config = lib.mkOption {
+ type = lib.types.lines;
+ default = ''
+ x11-window-title=Miriway (Mir-on-X)
+ idle-timeout=600
+ ctrl-alt=t:miriway-terminal # Default "terminal emulator finder"
+
+ shell-component=dbus-update-activation-environment --systemd DISPLAY WAYLAND_DISPLAY
+ '';
+ example = ''
+ idle-timeout=300
+ ctrl-alt=t:weston-terminal
+ add-wayland-extensions=all
+
+ shell-components=dbus-update-activation-environment --systemd DISPLAY WAYLAND_DISPLAY
+
+ shell-component=waybar
+ shell-component=wbg Pictures/wallpaper
+
+ shell-meta=a:synapse
+ '';
+ description = lib.mdDoc ''
+ Miriway's config. This will be installed system-wide.
+ The default will install the miriway package's barebones example config.
+ '';
+ };
+ };
+
+ config = lib.mkIf cfg.enable {
+ environment = {
+ systemPackages = [ pkgs.miriway ];
+ etc = {
+ "xdg/xdg-miriway/miriway-shell.config".text = cfg.config;
+ };
+ };
+
+ hardware.opengl.enable = lib.mkDefault true;
+ fonts.enableDefaultFonts = lib.mkDefault true;
+ programs.dconf.enable = lib.mkDefault true;
+ programs.xwayland.enable = lib.mkDefault true;
+
+ # To make the Miriway session available if a display manager like SDDM is enabled:
+ services.xserver.displayManager.sessionPackages = [ pkgs.miriway ];
+ };
+
+ meta.maintainers = with lib.maintainers; [ OPNA2608 ];
+}
diff --git a/third_party/nixpkgs/nixos/modules/programs/proxychains.nix b/third_party/nixpkgs/nixos/modules/programs/proxychains.nix
index 0771f03c77..a52783aa66 100644
--- a/third_party/nixpkgs/nixos/modules/programs/proxychains.nix
+++ b/third_party/nixpkgs/nixos/modules/programs/proxychains.nix
@@ -86,7 +86,7 @@ in {
description = lib.mdDoc "Proxy DNS requests - no leak for DNS data.";
};
- quietMode = mkEnableOption (lib.mdDoc "Quiet mode (no output from the library).");
+ quietMode = mkEnableOption (lib.mdDoc "Quiet mode (no output from the library)");
remoteDNSSubnet = mkOption {
type = types.enum [ 10 127 224 ];
diff --git a/third_party/nixpkgs/nixos/modules/programs/qdmr.nix b/third_party/nixpkgs/nixos/modules/programs/qdmr.nix
index c0b1984eff..1bb81317bd 100644
--- a/third_party/nixpkgs/nixos/modules/programs/qdmr.nix
+++ b/third_party/nixpkgs/nixos/modules/programs/qdmr.nix
@@ -20,6 +20,6 @@ in {
config = lib.mkIf cfg.enable {
environment.systemPackages = [ cfg.package ];
services.udev.packages = [ cfg.package ];
- users.groups.wireshark = {};
+ users.groups.dialout = {};
};
}
diff --git a/third_party/nixpkgs/nixos/modules/programs/sharing.nix b/third_party/nixpkgs/nixos/modules/programs/sharing.nix
new file mode 100644
index 0000000000..9ab51859dc
--- /dev/null
+++ b/third_party/nixpkgs/nixos/modules/programs/sharing.nix
@@ -0,0 +1,19 @@
+{ config, pkgs, lib, ... }:
+with lib;
+{
+ options.programs.sharing = {
+ enable = mkEnableOption (lib.mdDoc ''
+ sharing, a CLI tool for sharing files.
+
+ Note that it will opens the 7478 port for TCP in the firewall, which is needed for it to function properly
+ '');
+ };
+ config =
+ let
+ cfg = config.programs.sharing;
+ in
+ mkIf cfg.enable {
+ environment.systemPackages = [ pkgs.sharing ];
+ networking.firewall.allowedTCPPorts = [ 7478 ];
+ };
+}
diff --git a/third_party/nixpkgs/nixos/modules/programs/singularity.nix b/third_party/nixpkgs/nixos/modules/programs/singularity.nix
index 9648d0c278..4884e5bdf2 100644
--- a/third_party/nixpkgs/nixos/modules/programs/singularity.nix
+++ b/third_party/nixpkgs/nixos/modules/programs/singularity.nix
@@ -3,32 +3,90 @@
with lib;
let
cfg = config.programs.singularity;
- singularity = pkgs.singularity.overrideAttrs (attrs : {
- installPhase = attrs.installPhase + ''
- mv $out/libexec/singularity/bin/starter-suid $out/libexec/singularity/bin/starter-suid.orig
- ln -s /run/wrappers/bin/singularity-suid $out/libexec/singularity/bin/starter-suid
- '';
- });
-in {
+in
+{
+
options.programs.singularity = {
- enable = mkEnableOption (lib.mdDoc "Singularity");
+ enable = mkEnableOption (mdDoc "singularity") // {
+ description = mdDoc ''
+ Whether to install Singularity/Apptainer with system-level overriding such as SUID support.
+ '';
+ };
+ package = mkOption {
+ type = types.package;
+ default = pkgs.singularity;
+ defaultText = literalExpression "pkgs.singularity";
+ example = literalExpression "pkgs.apptainer";
+ description = mdDoc ''
+ Singularity/Apptainer package to override and install.
+ '';
+ };
+ packageOverriden = mkOption {
+ type = types.nullOr types.package;
+ default = null;
+ description = mdDoc ''
+ This option provides access to the overriden result of `programs.singularity.package`.
+
+ For example, the following configuration makes all the Nixpkgs packages use the overriden `singularity`:
+ ```Nix
+ { config, lib, pkgs, ... }:
+ {
+ nixpkgs.overlays = [
+ (final: prev: {
+ _singularity-orig = prev.singularity;
+ singularity = config.programs.singularity.packageOverriden;
+ })
+ ];
+ programs.singularity.enable = true;
+ programs.singularity.package = pkgs._singularity-orig;
+ }
+ ```
+
+ Use `lib.mkForce` to forcefully specify the overriden package.
+ '';
+ };
+ enableFakeroot = mkOption {
+ type = types.bool;
+ default = true;
+ example = false;
+ description = mdDoc ''
+ Whether to enable the `--fakeroot` support of Singularity/Apptainer.
+ '';
+ };
+ enableSuid = mkOption {
+ type = types.bool;
+ default = true;
+ example = false;
+ description = mdDoc ''
+ Whether to enable the SUID support of Singularity/Apptainer.
+ '';
+ };
};
config = mkIf cfg.enable {
- environment.systemPackages = [ singularity ];
- security.wrappers.singularity-suid =
- { setuid = true;
- owner = "root";
- group = "root";
- source = "${singularity}/libexec/singularity/bin/starter-suid.orig";
- };
- systemd.tmpfiles.rules = [
- "d /var/singularity/mnt/session 0770 root root -"
- "d /var/singularity/mnt/final 0770 root root -"
- "d /var/singularity/mnt/overlay 0770 root root -"
- "d /var/singularity/mnt/container 0770 root root -"
- "d /var/singularity/mnt/source 0770 root root -"
- ];
+ programs.singularity.packageOverriden = (cfg.package.override (
+ optionalAttrs cfg.enableFakeroot {
+ newuidmapPath = "/run/wrappers/bin/newuidmap";
+ newgidmapPath = "/run/wrappers/bin/newgidmap";
+ } // optionalAttrs cfg.enableSuid {
+ enableSuid = true;
+ starterSuidPath = "/run/wrappers/bin/${cfg.package.projectName}-suid";
+ }
+ ));
+ environment.systemPackages = [ cfg.packageOverriden ];
+ security.wrappers."${cfg.packageOverriden.projectName}-suid" = mkIf cfg.enableSuid {
+ setuid = true;
+ owner = "root";
+ group = "root";
+ source = "${cfg.packageOverriden}/libexec/${cfg.packageOverriden.projectName}/bin/starter-suid.orig";
+ };
+ systemd.tmpfiles.rules = [
+ "d /var/lib/${cfg.packageOverriden.projectName}/mnt/session 0770 root root -"
+ "d /var/lib/${cfg.packageOverriden.projectName}/mnt/final 0770 root root -"
+ "d /var/lib/${cfg.packageOverriden.projectName}/mnt/overlay 0770 root root -"
+ "d /var/lib/${cfg.packageOverriden.projectName}/mnt/container 0770 root root -"
+ "d /var/lib/${cfg.packageOverriden.projectName}/mnt/source 0770 root root -"
+ ];
};
}
diff --git a/third_party/nixpkgs/nixos/modules/programs/ssh.nix b/third_party/nixpkgs/nixos/modules/programs/ssh.nix
index 36b724e04b..3b8da78e2a 100644
--- a/third_party/nixpkgs/nixos/modules/programs/ssh.nix
+++ b/third_party/nixpkgs/nixos/modules/programs/ssh.nix
@@ -282,7 +282,7 @@ in
config = {
programs.ssh.setXAuthLocation =
- mkDefault (config.services.xserver.enable || config.programs.ssh.forwardX11 || config.services.openssh.forwardX11);
+ mkDefault (config.services.xserver.enable || config.programs.ssh.forwardX11 || config.services.openssh.settings.X11Forwarding);
assertions =
[ { assertion = cfg.forwardX11 -> cfg.setXAuthLocation;
diff --git a/third_party/nixpkgs/nixos/modules/programs/sway.nix b/third_party/nixpkgs/nixos/modules/programs/sway.nix
index b0a766dd05..3b2e69bd37 100644
--- a/third_party/nixpkgs/nixos/modules/programs/sway.nix
+++ b/third_party/nixpkgs/nixos/modules/programs/sway.nix
@@ -26,7 +26,7 @@ let
};
};
- swayPackage = pkgs.sway.override {
+ defaultSwayPackage = pkgs.sway.override {
extraSessionCommands = cfg.extraSessionCommands;
extraOptions = cfg.extraOptions;
withBaseWrapper = cfg.wrapperFeatures.base;
@@ -42,6 +42,19 @@ in {
and
"man 5 sway" for more information'');
+ package = mkOption {
+ type = with types; nullOr package;
+ default = defaultSwayPackage;
+ defaultText = literalExpression "pkgs.sway";
+ description = lib.mdDoc ''
+ Sway package to use. Will override the options
+ 'wrapperFeatures', 'extraSessionCommands', and 'extraOptions'.
+ Set to null
to not add any Sway package to your
+ path. This should be done if you want to use the Home Manager Sway
+ module to install Sway.
+ '';
+ };
+
wrapperFeatures = mkOption {
type = wrapperOptions;
default = { };
@@ -121,16 +134,17 @@ in {
}
];
environment = {
- systemPackages = [ swayPackage ] ++ cfg.extraPackages;
+ systemPackages = optional (cfg.package != null) cfg.package ++ cfg.extraPackages;
# Needed for the default wallpaper:
- pathsToLink = [ "/share/backgrounds/sway" ];
+ pathsToLink = optionals (cfg.package != null) [ "/share/backgrounds/sway" ];
etc = {
- "sway/config".source = mkOptionDefault "${swayPackage}/etc/sway/config";
"sway/config.d/nixos.conf".source = pkgs.writeText "nixos.conf" ''
# Import the most important environment variables into the D-Bus and systemd
# user environments (e.g. required for screen sharing and Pinentry prompts):
exec dbus-update-activation-environment --systemd DISPLAY WAYLAND_DISPLAY SWAYSOCK XDG_CURRENT_DESKTOP
'';
+ } // optionalAttrs (cfg.package != null) {
+ "sway/config".source = mkOptionDefault "${cfg.package}/etc/sway/config";
};
};
security.polkit.enable = true;
@@ -139,7 +153,7 @@ in {
fonts.enableDefaultFonts = mkDefault true;
programs.dconf.enable = mkDefault true;
# To make a Sway session available if a display manager like SDDM is enabled:
- services.xserver.displayManager.sessionPackages = [ swayPackage ];
+ services.xserver.displayManager.sessionPackages = optionals (cfg.package != null) [ cfg.package ];
programs.xwayland.enable = mkDefault true;
# For screen sharing (this option only has an effect with xdg.portal.enable):
xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-wlr ];
diff --git a/third_party/nixpkgs/nixos/modules/security/polkit.nix b/third_party/nixpkgs/nixos/modules/security/polkit.nix
index f33898578b..de427ccb29 100644
--- a/third_party/nixpkgs/nixos/modules/security/polkit.nix
+++ b/third_party/nixpkgs/nixos/modules/security/polkit.nix
@@ -14,7 +14,7 @@ in
security.polkit.enable = mkEnableOption (lib.mdDoc "polkit");
- security.polkit.debug = mkEnableOption (lib.mdDoc "debug logs from polkit. This is required in order to see log messages from rule definitions.");
+ security.polkit.debug = mkEnableOption (lib.mdDoc "debug logs from polkit. This is required in order to see log messages from rule definitions");
security.polkit.extraConfig = mkOption {
type = types.lines;
diff --git a/third_party/nixpkgs/nixos/modules/services/backup/zfs-replication.nix b/third_party/nixpkgs/nixos/modules/services/backup/zfs-replication.nix
index ce914003c6..8e7059e5b5 100644
--- a/third_party/nixpkgs/nixos/modules/services/backup/zfs-replication.nix
+++ b/third_party/nixpkgs/nixos/modules/services/backup/zfs-replication.nix
@@ -9,7 +9,7 @@ let
in {
options = {
services.zfs.autoReplication = {
- enable = mkEnableOption (lib.mdDoc "ZFS snapshot replication.");
+ enable = mkEnableOption (lib.mdDoc "ZFS snapshot replication");
followDelete = mkOption {
description = lib.mdDoc "Remove remote snapshots that don't have a local correspondent.";
diff --git a/third_party/nixpkgs/nixos/modules/services/cluster/kubernetes/addon-manager.nix b/third_party/nixpkgs/nixos/modules/services/cluster/kubernetes/addon-manager.nix
index 7aa2a8323b..dc851688fb 100644
--- a/third_party/nixpkgs/nixos/modules/services/cluster/kubernetes/addon-manager.nix
+++ b/third_party/nixpkgs/nixos/modules/services/cluster/kubernetes/addon-manager.nix
@@ -62,7 +62,7 @@ in
'';
};
- enable = mkEnableOption (lib.mdDoc "Kubernetes addon manager.");
+ enable = mkEnableOption (lib.mdDoc "Kubernetes addon manager");
};
###### implementation
diff --git a/third_party/nixpkgs/nixos/modules/services/cluster/kubernetes/kubelet.nix b/third_party/nixpkgs/nixos/modules/services/cluster/kubernetes/kubelet.nix
index 3ede1cb80e..8e935d621b 100644
--- a/third_party/nixpkgs/nixos/modules/services/cluster/kubernetes/kubelet.nix
+++ b/third_party/nixpkgs/nixos/modules/services/cluster/kubernetes/kubelet.nix
@@ -146,7 +146,7 @@ in
default = "unix:///run/containerd/containerd.sock";
};
- enable = mkEnableOption (lib.mdDoc "Kubernetes kubelet.");
+ enable = mkEnableOption (lib.mdDoc "Kubernetes kubelet");
extraOpts = mkOption {
description = lib.mdDoc "Kubernetes kubelet extra command line options.";
diff --git a/third_party/nixpkgs/nixos/modules/services/computing/slurm/slurm.nix b/third_party/nixpkgs/nixos/modules/services/computing/slurm/slurm.nix
index 0c80e79d4b..344c43a429 100644
--- a/third_party/nixpkgs/nixos/modules/services/computing/slurm/slurm.nix
+++ b/third_party/nixpkgs/nixos/modules/services/computing/slurm/slurm.nix
@@ -383,7 +383,7 @@ in
"d /var/spool/slurmd 755 root root -"
];
- services.openssh.forwardX11 = mkIf cfg.client.enable (mkDefault true);
+ services.openssh.settings.X11Forwarding = mkIf cfg.client.enable (mkDefault true);
systemd.services.slurmctld = mkIf (cfg.server.enable) {
path = with pkgs; [ wrappedSlurm munge coreutils ]
diff --git a/third_party/nixpkgs/nixos/modules/services/desktops/gnome/evolution-data-server.nix b/third_party/nixpkgs/nixos/modules/services/desktops/gnome/evolution-data-server.nix
index 0006ba1a7b..a8db7dce8f 100644
--- a/third_party/nixpkgs/nixos/modules/services/desktops/gnome/evolution-data-server.nix
+++ b/third_party/nixpkgs/nixos/modules/services/desktops/gnome/evolution-data-server.nix
@@ -27,7 +27,7 @@ with lib;
options = {
services.gnome.evolution-data-server = {
- enable = mkEnableOption (lib.mdDoc "Evolution Data Server, a collection of services for storing addressbooks and calendars.");
+ enable = mkEnableOption (lib.mdDoc "Evolution Data Server, a collection of services for storing addressbooks and calendars");
plugins = mkOption {
type = types.listOf types.package;
default = [ ];
@@ -35,7 +35,7 @@ with lib;
};
};
programs.evolution = {
- enable = mkEnableOption (lib.mdDoc "Evolution, a Personal information management application that provides integrated mail, calendaring and address book functionality.");
+ enable = mkEnableOption (lib.mdDoc "Evolution, a Personal information management application that provides integrated mail, calendaring and address book functionality");
plugins = mkOption {
type = types.listOf types.package;
default = [ ];
diff --git a/third_party/nixpkgs/nixos/modules/services/development/zammad.nix b/third_party/nixpkgs/nixos/modules/services/development/zammad.nix
index 7de11b08b7..0faeb4c0e9 100644
--- a/third_party/nixpkgs/nixos/modules/services/development/zammad.nix
+++ b/third_party/nixpkgs/nixos/modules/services/development/zammad.nix
@@ -28,7 +28,7 @@ in
options = {
services.zammad = {
- enable = mkEnableOption (lib.mdDoc "Zammad, a web-based, open source user support/ticketing solution.");
+ enable = mkEnableOption (lib.mdDoc "Zammad, a web-based, open source user support/ticketing solution");
package = mkOption {
type = types.package;
diff --git a/third_party/nixpkgs/nixos/modules/services/games/freeciv.nix b/third_party/nixpkgs/nixos/modules/services/games/freeciv.nix
index 8b340bb161..f33ea5c08a 100644
--- a/third_party/nixpkgs/nixos/modules/services/games/freeciv.nix
+++ b/third_party/nixpkgs/nixos/modules/services/games/freeciv.nix
@@ -54,7 +54,7 @@ in
default = 0;
description = lib.mdDoc "Set debug log level.";
};
- options.exit-on-end = mkEnableOption (lib.mdDoc "exit instead of restarting when a game ends.");
+ options.exit-on-end = mkEnableOption (lib.mdDoc "exit instead of restarting when a game ends");
options.Guests = mkEnableOption (lib.mdDoc "guests to login if auth is enabled");
options.Newusers = mkEnableOption (lib.mdDoc "new users to login if auth is enabled");
options.port = mkOption {
diff --git a/third_party/nixpkgs/nixos/modules/services/hardware/udisks2.nix b/third_party/nixpkgs/nixos/modules/services/hardware/udisks2.nix
index 7368845daf..d5c71bb821 100644
--- a/third_party/nixpkgs/nixos/modules/services/hardware/udisks2.nix
+++ b/third_party/nixpkgs/nixos/modules/services/hardware/udisks2.nix
@@ -19,7 +19,7 @@ in
services.udisks2 = {
- enable = mkEnableOption (lib.mdDoc "udisks2, a DBus service that allows applications to query and manipulate storage devices.");
+ enable = mkEnableOption (lib.mdDoc "udisks2, a DBus service that allows applications to query and manipulate storage devices");
settings = mkOption rec {
type = types.attrsOf settingsFormat.type;
diff --git a/third_party/nixpkgs/nixos/modules/services/mail/dovecot.nix b/third_party/nixpkgs/nixos/modules/services/mail/dovecot.nix
index f6a167572f..21bafd859c 100644
--- a/third_party/nixpkgs/nixos/modules/services/mail/dovecot.nix
+++ b/third_party/nixpkgs/nixos/modules/services/mail/dovecot.nix
@@ -171,11 +171,11 @@ in
options.services.dovecot2 = {
enable = mkEnableOption (lib.mdDoc "the dovecot 2.x POP3/IMAP server");
- enablePop3 = mkEnableOption (lib.mdDoc "starting the POP3 listener (when Dovecot is enabled).");
+ enablePop3 = mkEnableOption (lib.mdDoc "starting the POP3 listener (when Dovecot is enabled)");
- enableImap = mkEnableOption (lib.mdDoc "starting the IMAP listener (when Dovecot is enabled).") // { default = true; };
+ enableImap = mkEnableOption (lib.mdDoc "starting the IMAP listener (when Dovecot is enabled)") // { default = true; };
- enableLmtp = mkEnableOption (lib.mdDoc "starting the LMTP listener (when Dovecot is enabled).");
+ enableLmtp = mkEnableOption (lib.mdDoc "starting the LMTP listener (when Dovecot is enabled)");
protocols = mkOption {
type = types.listOf types.str;
@@ -300,9 +300,9 @@ in
description = lib.mdDoc "Path to the server's private key.";
};
- enablePAM = mkEnableOption (lib.mdDoc "creating a own Dovecot PAM service and configure PAM user logins.") // { default = true; };
+ enablePAM = mkEnableOption (lib.mdDoc "creating a own Dovecot PAM service and configure PAM user logins") // { default = true; };
- enableDHE = mkEnableOption (lib.mdDoc "enable ssl_dh and generation of primes for the key exchange.") // { default = true; };
+ enableDHE = mkEnableOption (lib.mdDoc "enable ssl_dh and generation of primes for the key exchange") // { default = true; };
sieveScripts = mkOption {
type = types.attrsOf types.path;
@@ -310,7 +310,7 @@ in
description = lib.mdDoc "Sieve scripts to be executed. Key is a sequence, e.g. 'before2', 'after' etc.";
};
- showPAMFailure = mkEnableOption (lib.mdDoc "showing the PAM failure message on authentication error (useful for OTPW).");
+ showPAMFailure = mkEnableOption (lib.mdDoc "showing the PAM failure message on authentication error (useful for OTPW)");
mailboxes = mkOption {
type = with types; coercedTo
@@ -326,7 +326,7 @@ in
description = lib.mdDoc "Configure mailboxes and auto create or subscribe them.";
};
- enableQuota = mkEnableOption (lib.mdDoc "the dovecot quota service.");
+ enableQuota = mkEnableOption (lib.mdDoc "the dovecot quota service");
quotaPort = mkOption {
type = types.str;
diff --git a/third_party/nixpkgs/nixos/modules/services/mail/roundcube.nix b/third_party/nixpkgs/nixos/modules/services/mail/roundcube.nix
index e05820fb87..95dc2f6aa2 100644
--- a/third_party/nixpkgs/nixos/modules/services/mail/roundcube.nix
+++ b/third_party/nixpkgs/nixos/modules/services/mail/roundcube.nix
@@ -150,9 +150,13 @@ in
root = cfg.package;
index = "index.php";
extraConfig = ''
- location ~* \.php$ {
+ location ~* \.php(/|$) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:${fpm.socket};
+
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ fastcgi_param PATH_INFO $fastcgi_path_info;
+
include ${config.services.nginx.package}/conf/fastcgi_params;
include ${pkgs.nginx}/conf/fastcgi.conf;
}
diff --git a/third_party/nixpkgs/nixos/modules/services/misc/atuin.nix b/third_party/nixpkgs/nixos/modules/services/misc/atuin.nix
index c94852e3aa..508e2862b6 100644
--- a/third_party/nixpkgs/nixos/modules/services/misc/atuin.nix
+++ b/third_party/nixpkgs/nixos/modules/services/misc/atuin.nix
@@ -8,7 +8,7 @@ in
{
options = {
services.atuin = {
- enable = mkEnableOption (mdDoc "Enable server for shell history sync with atuin.");
+ enable = mkEnableOption (mdDoc "Enable server for shell history sync with atuin");
openRegistration = mkOption {
type = types.bool;
diff --git a/third_party/nixpkgs/nixos/modules/services/misc/input-remapper.nix b/third_party/nixpkgs/nixos/modules/services/misc/input-remapper.nix
index 6353966f5c..3f6d97f857 100644
--- a/third_party/nixpkgs/nixos/modules/services/misc/input-remapper.nix
+++ b/third_party/nixpkgs/nixos/modules/services/misc/input-remapper.nix
@@ -6,7 +6,7 @@ let cfg = config.services.input-remapper; in
{
options = {
services.input-remapper = {
- enable = mkEnableOption (lib.mdDoc "input-remapper, an easy to use tool to change the mapping of your input device buttons.");
+ enable = mkEnableOption (lib.mdDoc "input-remapper, an easy to use tool to change the mapping of your input device buttons");
package = mkPackageOptionMD pkgs "input-remapper" { };
enableUdevRules = mkEnableOption (lib.mdDoc "udev rules added by input-remapper to handle hotplugged devices. Currently disabled by default due to https://github.com/sezanzeb/input-remapper/issues/140");
serviceWantedBy = mkOption {
diff --git a/third_party/nixpkgs/nixos/modules/services/misc/pykms.nix b/third_party/nixpkgs/nixos/modules/services/misc/pykms.nix
index 314388e015..be3accc0d7 100644
--- a/third_party/nixpkgs/nixos/modules/services/misc/pykms.nix
+++ b/third_party/nixpkgs/nixos/modules/services/misc/pykms.nix
@@ -85,7 +85,7 @@ in
WorkingDirectory = libDir;
SyslogIdentifier = "pykms";
Restart = "on-failure";
- MemoryLimit = cfg.memoryLimit;
+ MemoryMax = cfg.memoryLimit;
};
};
};
diff --git a/third_party/nixpkgs/nixos/modules/services/misc/sourcehut/default.nix b/third_party/nixpkgs/nixos/modules/services/misc/sourcehut/default.nix
index b2cadbf0c4..d4391bc49e 100644
--- a/third_party/nixpkgs/nixos/modules/services/misc/sourcehut/default.nix
+++ b/third_party/nixpkgs/nixos/modules/services/misc/sourcehut/default.nix
@@ -438,7 +438,7 @@ in
};
options."lists.sr.ht" = commonServiceSettings "lists" // {
- allow-new-lists = mkEnableOption (lib.mdDoc "Allow creation of new lists.");
+ allow-new-lists = mkEnableOption (lib.mdDoc "Allow creation of new lists");
notify-from = mkOption {
description = lib.mdDoc "Outgoing email for notifications generated by users.";
type = types.str;
diff --git a/third_party/nixpkgs/nixos/modules/services/monitoring/cadvisor.nix b/third_party/nixpkgs/nixos/modules/services/monitoring/cadvisor.nix
index a8fba4e6e8..68e6e8e40b 100644
--- a/third_party/nixpkgs/nixos/modules/services/monitoring/cadvisor.nix
+++ b/third_party/nixpkgs/nixos/modules/services/monitoring/cadvisor.nix
@@ -123,7 +123,7 @@ in {
${escapeShellArgs cfg.extraOptions} \
${optionalString (cfg.storageDriver != null) ''
-storage_driver "${cfg.storageDriver}" \
- -storage_driver_user "${cfg.storageDriverHost}" \
+ -storage_driver_host "${cfg.storageDriverHost}" \
-storage_driver_db "${cfg.storageDriverDb}" \
-storage_driver_user "${cfg.storageDriverUser}" \
-storage_driver_password "$(cat "${cfg.storageDriverPasswordFile}")" \
diff --git a/third_party/nixpkgs/nixos/modules/services/monitoring/cockpit.nix b/third_party/nixpkgs/nixos/modules/services/monitoring/cockpit.nix
new file mode 100644
index 0000000000..2947b4d801
--- /dev/null
+++ b/third_party/nixpkgs/nixos/modules/services/monitoring/cockpit.nix
@@ -0,0 +1,231 @@
+{ pkgs, config, lib, ... }:
+
+let
+ cfg = config.services.cockpit;
+ inherit (lib) types mkEnableOption mkOption mkIf mdDoc literalMD mkPackageOptionMD;
+ settingsFormat = pkgs.formats.ini {};
+in {
+ options = {
+ services.cockpit = {
+ enable = mkEnableOption (mdDoc "Cockpit");
+
+ package = mkPackageOptionMD pkgs "Cockpit" {
+ default = [ "cockpit" ];
+ };
+
+ settings = lib.mkOption {
+ type = settingsFormat.type;
+
+ default = {};
+
+ description = mdDoc ''
+ Settings for cockpit that will be saved in /etc/cockpit/cockpit.conf.
+
+ See the [documentation](https://cockpit-project.org/guide/latest/cockpit.conf.5.html), that is also available with `man cockpit.conf.5` for details.
+ '';
+ };
+
+ port = mkOption {
+ description = mdDoc "Port where cockpit will listen.";
+ type = types.port;
+ default = 9090;
+ };
+
+ openFirewall = mkOption {
+ description = mdDoc "Open port for cockpit.";
+ type = types.bool;
+ default = false;
+ };
+ };
+ };
+ config = mkIf cfg.enable {
+
+ # expose cockpit-bridge system-wide
+ environment.systemPackages = [ cfg.package ];
+
+ # allow cockpit to find its plugins
+ environment.pathsToLink = [ "/share/cockpit" ];
+
+ # generate cockpit settings
+ environment.etc."cockpit/cockpit.conf".source = settingsFormat.generate "cockpit.conf" cfg.settings;
+
+ security.pam.services.cockpit = {};
+
+ networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ cfg.port ];
+
+ # units are in reverse sort order if you ls $out/lib/systemd/system
+ # all these units are basically verbatim translated from upstream
+
+ # Translation from $out/lib/systemd/system/systemd-cockpithttps.slice
+ systemd.slices.system-cockpithttps = {
+ description = "Resource limits for all cockpit-ws-https@.service instances";
+ sliceConfig = {
+ TasksMax = 200;
+ MemoryHigh = "75%";
+ MemoryMax = "90%";
+ };
+ };
+
+ # Translation from $out/lib/systemd/system/cockpit-wsinstance-https@.socket
+ systemd.sockets."cockpit-wsinstance-https@" = {
+ unitConfig = {
+ Description = "Socket for Cockpit Web Service https instance %I";
+ BindsTo = [ "cockpit.service" "cockpit-wsinstance-https@%i.service" ];
+ # clean up the socket after the service exits, to prevent fd leak
+ # this also effectively prevents a DoS by starting arbitrarily many sockets, as
+ # the services are resource-limited by system-cockpithttps.slice
+ Documentation = "man:cockpit-ws(8)";
+ };
+ socketConfig = {
+ ListenStream = "/run/cockpit/wsinstance/https@%i.sock";
+ SocketUser = "root";
+ SocketMode = "0600";
+ };
+ };
+
+ # Translation from $out/lib/systemd/system/cockpit-wsinstance-https@.service
+ systemd.services."cockpit-wsinstance-https@" = {
+ description = "Cockpit Web Service https instance %I";
+ bindsTo = [ "cockpit.service"];
+ path = [ cfg.package ];
+ documentation = [ "man:cockpit-ws(8)" ];
+ serviceConfig = {
+ Slice = "system-cockpithttps.slice";
+ ExecStart = "${cfg.package}/libexec/cockpit-ws --for-tls-proxy --port=0";
+ User = "root";
+ Group = "";
+ };
+ };
+
+ # Translation from $out/lib/systemd/system/cockpit-wsinstance-http.socket
+ systemd.sockets.cockpit-wsinstance-http = {
+ unitConfig = {
+ Description = "Socket for Cockpit Web Service http instance";
+ BindsTo = "cockpit.service";
+ Documentation = "man:cockpit-ws(8)";
+ };
+ socketConfig = {
+ ListenStream = "/run/cockpit/wsinstance/http.sock";
+ SocketUser = "root";
+ SocketMode = "0600";
+ };
+ };
+
+ # Translation from $out/lib/systemd/system/cockpit-wsinstance-https-factory.socket
+ systemd.sockets.cockpit-wsinstance-https-factory = {
+ unitConfig = {
+ Description = "Socket for Cockpit Web Service https instance factory";
+ BindsTo = "cockpit.service";
+ Documentation = "man:cockpit-ws(8)";
+ };
+ socketConfig = {
+ ListenStream = "/run/cockpit/wsinstance/https-factory.sock";
+ Accept = true;
+ SocketUser = "root";
+ SocketMode = "0600";
+ };
+ };
+
+ # Translation from $out/lib/systemd/system/cockpit-wsinstance-https-factory@.service
+ systemd.services."cockpit-wsinstance-https-factory@" = {
+ description = "Cockpit Web Service https instance factory";
+ documentation = [ "man:cockpit-ws(8)" ];
+ path = [ cfg.package ];
+ serviceConfig = {
+ ExecStart = "${cfg.package}/libexec/cockpit-wsinstance-factory";
+ User = "root";
+ };
+ };
+
+ # Translation from $out/lib/systemd/system/cockpit-wsinstance-http.service
+ systemd.services."cockpit-wsinstance-http" = {
+ description = "Cockpit Web Service http instance";
+ bindsTo = [ "cockpit.service" ];
+ path = [ cfg.package ];
+ documentation = [ "man:cockpit-ws(8)" ];
+ serviceConfig = {
+ ExecStart = "${cfg.package}/libexec/cockpit-ws --no-tls --port=0";
+ User = "root";
+ Group = "";
+ };
+ };
+
+ # Translation from $out/lib/systemd/system/cockpit.socket
+ systemd.sockets."cockpit" = {
+ unitConfig = {
+ Description = "Cockpit Web Service Socket";
+ Documentation = "man:cockpit-ws(8)";
+ Wants = "cockpit-motd.service";
+ };
+ socketConfig = {
+ ListenStream = cfg.port;
+ ExecStartPost = [
+ "-${cfg.package}/share/cockpit/motd/update-motd \"\" localhost"
+ "-${pkgs.coreutils}/bin/ln -snf active.motd /run/cockpit/motd"
+ ];
+ ExecStopPost = "-${pkgs.coreutils}/bin/ln -snf inactive.motd /run/cockpit/motd";
+ };
+ wantedBy = [ "sockets.target" ];
+ };
+
+ # Translation from $out/lib/systemd/system/cockpit.service
+ systemd.services."cockpit" = {
+ description = "Cockpit Web Service";
+ documentation = [ "man:cockpit-ws(8)" ];
+ restartIfChanged = true;
+ path = with pkgs; [ coreutils cfg.package ];
+ requires = [ "cockpit.socket" "cockpit-wsinstance-http.socket" "cockpit-wsinstance-https-factory.socket" ];
+ after = [ "cockpit-wsinstance-http.socket" "cockpit-wsinstance-https-factory.socket" ];
+ environment = {
+ G_MESSAGES_DEBUG = "cockpit-ws,cockpit-bridge";
+ };
+ serviceConfig = {
+ RuntimeDirectory="cockpit/tls";
+ ExecStartPre = [
+ # cockpit-tls runs in a more constrained environment, these + means that these commands
+ # will run with full privilege instead of inside that constrained environment
+ # See https://www.freedesktop.org/software/systemd/man/systemd.service.html#ExecStart= for details
+ "+${cfg.package}/libexec/cockpit-certificate-ensure --for-cockpit-tls"
+ ];
+ ExecStart = "${cfg.package}/libexec/cockpit-tls";
+ User = "root";
+ Group = "";
+ NoNewPrivileges = true;
+ ProtectSystem = "strict";
+ ProtectHome = true;
+ PrivateTmp = true;
+ PrivateDevices = true;
+ ProtectKernelTunables = true;
+ RestrictAddressFamilies = [ "AF_UNIX" "AF_INET" "AF_INET6" ];
+ MemoryDenyWriteExecute = true;
+ };
+ };
+
+ # Translation from $out/lib/systemd/system/cockpit-motd.service
+ # This part basically implements a motd state machine:
+ # - If cockpit.socket is enabled then /run/cockpit/motd points to /run/cockpit/active.motd
+ # - If cockpit.socket is disabled then /run/cockpit/motd points to /run/cockpit/inactive.motd
+ # - As cockpit.socket is disabled by default, /run/cockpit/motd points to /run/cockpit/inactive.motd
+ # /run/cockpit/active.motd is generated dynamically by cockpit-motd.service
+ systemd.services."cockpit-motd" = {
+ path = with pkgs; [ nettools ];
+ serviceConfig = {
+ Type = "oneshot";
+ ExecStart = "${cfg.package}/share/cockpit/motd/update-motd";
+ };
+ description = "Cockpit motd updater service";
+ documentation = [ "man:cockpit-ws(8)" ];
+ wants = [ "network.target" ];
+ after = [ "network.target" "cockpit.socket" ];
+ };
+
+ systemd.tmpfiles.rules = [ # From $out/lib/tmpfiles.d/cockpit-tmpfiles.conf
+ "C /run/cockpit/inactive.motd 0640 root root - ${cfg.package}/share/cockpit/motd/inactive.motd"
+ "f /run/cockpit/active.motd 0640 root root -"
+ "L+ /run/cockpit/motd - - - - inactive.motd"
+ "d /etc/cockpit/ws-certs.d 0600 root root 0"
+ ];
+ };
+
+ meta.maintainers = pkgs.cockpit.meta.maintainers;
+}
diff --git a/third_party/nixpkgs/nixos/modules/services/monitoring/mackerel-agent.nix b/third_party/nixpkgs/nixos/modules/services/monitoring/mackerel-agent.nix
index 4185cd76c4..67dc1bc19e 100644
--- a/third_party/nixpkgs/nixos/modules/services/monitoring/mackerel-agent.nix
+++ b/third_party/nixpkgs/nixos/modules/services/monitoring/mackerel-agent.nix
@@ -11,7 +11,7 @@ in {
# the upstream package runs as root, but doesn't seem to be strictly
# necessary for basic functionality
- runAsRoot = mkEnableOption (lib.mdDoc "Whether to run as root.");
+ runAsRoot = mkEnableOption (lib.mdDoc "Whether to run as root");
autoRetirement = mkEnableOption (lib.mdDoc ''
Whether to automatically retire the host upon OS shutdown.
diff --git a/third_party/nixpkgs/nixos/modules/services/monitoring/prometheus/exporters/pihole.nix b/third_party/nixpkgs/nixos/modules/services/monitoring/prometheus/exporters/pihole.nix
index 537d72e85c..6f403b3e58 100644
--- a/third_party/nixpkgs/nixos/modules/services/monitoring/prometheus/exporters/pihole.nix
+++ b/third_party/nixpkgs/nixos/modules/services/monitoring/prometheus/exporters/pihole.nix
@@ -6,6 +6,11 @@ let
cfg = config.services.prometheus.exporters.pihole;
in
{
+ imports = [
+ (mkRemovedOptionModule [ "interval"] "This option has been removed.")
+ ({ options.warnings = options.warnings; options.assertions = options.assertions; })
+ ];
+
port = 9617;
extraOpts = {
apiToken = mkOption {
@@ -13,15 +18,7 @@ in
default = "";
example = "580a770cb40511eb85290242ac130003580a770cb40511eb85290242ac130003";
description = lib.mdDoc ''
- pi-hole API token which can be used instead of a password
- '';
- };
- interval = mkOption {
- type = types.str;
- default = "10s";
- example = "30s";
- description = lib.mdDoc ''
- How often to scrape new data
+ Pi-Hole API token which can be used instead of a password
'';
};
password = mkOption {
@@ -29,7 +26,7 @@ in
default = "";
example = "password";
description = lib.mdDoc ''
- The password to login into pihole. An api token can be used instead.
+ The password to login into Pi-Hole. An api token can be used instead.
'';
};
piholeHostname = mkOption {
@@ -37,7 +34,7 @@ in
default = "pihole";
example = "127.0.0.1";
description = lib.mdDoc ''
- Hostname or address where to find the pihole webinterface
+ Hostname or address where to find the Pi-Hole webinterface
'';
};
piholePort = mkOption {
@@ -45,7 +42,7 @@ in
default = 80;
example = 443;
description = lib.mdDoc ''
- The port pihole webinterface is reachable on
+ The port Pi-Hole webinterface is reachable on
'';
};
protocol = mkOption {
@@ -53,21 +50,28 @@ in
default = "http";
example = "https";
description = lib.mdDoc ''
- The protocol which is used to connect to pihole
+ The protocol which is used to connect to Pi-Hole
+ '';
+ };
+ timeout = mkOption {
+ type = types.str;
+ default = "5s";
+ description = lib.mdDoc ''
+ Controls the timeout to connect to a Pi-Hole instance
'';
};
};
serviceOpts = {
serviceConfig = {
ExecStart = ''
- ${pkgs.bash}/bin/bash -c "${pkgs.prometheus-pihole-exporter}/bin/pihole-exporter \
- -interval ${cfg.interval} \
+ ${pkgs.prometheus-pihole-exporter}/bin/pihole-exporter \
${optionalString (cfg.apiToken != "") "-pihole_api_token ${cfg.apiToken}"} \
-pihole_hostname ${cfg.piholeHostname} \
${optionalString (cfg.password != "") "-pihole_password ${cfg.password}"} \
-pihole_port ${toString cfg.piholePort} \
-pihole_protocol ${cfg.protocol} \
- -port ${toString cfg.port}"
+ -port ${toString cfg.port} \
+ -timeout ${cfg.timeout}
'';
};
};
diff --git a/third_party/nixpkgs/nixos/modules/services/monitoring/prometheus/exporters/unpoller.nix b/third_party/nixpkgs/nixos/modules/services/monitoring/prometheus/exporters/unpoller.nix
index 5cd1e2c65e..3b7f978528 100644
--- a/third_party/nixpkgs/nixos/modules/services/monitoring/prometheus/exporters/unpoller.nix
+++ b/third_party/nixpkgs/nixos/modules/services/monitoring/prometheus/exporters/unpoller.nix
@@ -24,9 +24,9 @@ in {
inherit (options.services.unpoller.unifi) controllers;
inherit (options.services.unpoller) loki;
log = {
- debug = mkEnableOption (lib.mdDoc "debug logging including line numbers, high resolution timestamps, per-device logs.");
- quiet = mkEnableOption (lib.mdDoc "startup and error logs only.");
- prometheusErrors = mkEnableOption (lib.mdDoc "emitting errors to prometheus.");
+ debug = mkEnableOption (lib.mdDoc "debug logging including line numbers, high resolution timestamps, per-device logs");
+ quiet = mkEnableOption (lib.mdDoc "startup and error logs only");
+ prometheusErrors = mkEnableOption (lib.mdDoc "emitting errors to prometheus");
};
};
diff --git a/third_party/nixpkgs/nixos/modules/services/monitoring/uptime-kuma.nix b/third_party/nixpkgs/nixos/modules/services/monitoring/uptime-kuma.nix
index 886e14b5f6..5f803d57b5 100644
--- a/third_party/nixpkgs/nixos/modules/services/monitoring/uptime-kuma.nix
+++ b/third_party/nixpkgs/nixos/modules/services/monitoring/uptime-kuma.nix
@@ -11,7 +11,7 @@ in
options = {
services.uptime-kuma = {
- enable = mkEnableOption (mdDoc "Uptime Kuma, this assumes a reverse proxy to be set.");
+ enable = mkEnableOption (mdDoc "Uptime Kuma, this assumes a reverse proxy to be set");
package = mkOption {
type = types.package;
@@ -20,7 +20,7 @@ in
description = lib.mdDoc "Uptime Kuma package to use.";
};
- appriseSupport = mkEnableOption (mdDoc "apprise support for notifications.");
+ appriseSupport = mkEnableOption (mdDoc "apprise support for notifications");
settings = lib.mkOption {
type = lib.types.submodule { freeformType = with lib.types; attrsOf str; };
diff --git a/third_party/nixpkgs/nixos/modules/services/network-filesystems/moosefs.nix b/third_party/nixpkgs/nixos/modules/services/network-filesystems/moosefs.nix
index ab82a2a07d..49cbc89d5a 100644
--- a/third_party/nixpkgs/nixos/modules/services/network-filesystems/moosefs.nix
+++ b/third_party/nixpkgs/nixos/modules/services/network-filesystems/moosefs.nix
@@ -85,7 +85,7 @@ in {
description = lib.mdDoc "Run daemons as user moosefs instead of root.";
};
- client.enable = mkEnableOption (lib.mdDoc "Moosefs client.");
+ client.enable = mkEnableOption (lib.mdDoc "Moosefs client");
master = {
enable = mkOption {
@@ -131,7 +131,7 @@ in {
};
metalogger = {
- enable = mkEnableOption (lib.mdDoc "Moosefs metalogger daemon.");
+ enable = mkEnableOption (lib.mdDoc "Moosefs metalogger daemon");
settings = mkOption {
type = types.submodule {
@@ -149,7 +149,7 @@ in {
};
chunkserver = {
- enable = mkEnableOption (lib.mdDoc "Moosefs chunkserver daemon.");
+ enable = mkEnableOption (lib.mdDoc "Moosefs chunkserver daemon");
openFirewall = mkOption {
type = types.bool;
diff --git a/third_party/nixpkgs/nixos/modules/services/networking/blockbook-frontend.nix b/third_party/nixpkgs/nixos/modules/services/networking/blockbook-frontend.nix
index ab784563e4..46b26195d2 100644
--- a/third_party/nixpkgs/nixos/modules/services/networking/blockbook-frontend.nix
+++ b/third_party/nixpkgs/nixos/modules/services/networking/blockbook-frontend.nix
@@ -10,7 +10,7 @@ let
options = {
- enable = mkEnableOption (lib.mdDoc "blockbook-frontend application.");
+ enable = mkEnableOption (lib.mdDoc "blockbook-frontend application");
package = mkOption {
type = types.package;
diff --git a/third_party/nixpkgs/nixos/modules/services/networking/firefox-syncserver.nix b/third_party/nixpkgs/nixos/modules/services/networking/firefox-syncserver.nix
index a06b9573a8..42924d7f69 100644
--- a/third_party/nixpkgs/nixos/modules/services/networking/firefox-syncserver.nix
+++ b/third_party/nixpkgs/nixos/modules/services/networking/firefox-syncserver.nix
@@ -304,6 +304,10 @@ in
forceSSL = cfg.singleNode.enableTLS;
locations."/" = {
proxyPass = "http://127.0.0.1:${toString cfg.settings.port}";
+ # We need to pass the Host header that matches the original Host header. Otherwise,
+ # Hawk authentication will fail (because it assumes that the client and server see
+ # the same value of the Host header).
+ recommendedProxySettings = true;
};
};
};
diff --git a/third_party/nixpkgs/nixos/modules/services/networking/nebula.nix b/third_party/nixpkgs/nixos/modules/services/networking/nebula.nix
index 2bedafc5d9..e1a8c6740f 100644
--- a/third_party/nixpkgs/nixos/modules/services/networking/nebula.nix
+++ b/third_party/nixpkgs/nixos/modules/services/networking/nebula.nix
@@ -68,6 +68,12 @@ in
description = lib.mdDoc "Whether this node is a lighthouse.";
};
+ isRelay = mkOption {
+ type = types.bool;
+ default = false;
+ description = lib.mdDoc "Whether this node is a relay.";
+ };
+
lighthouses = mkOption {
type = types.listOf types.str;
default = [];
@@ -78,6 +84,15 @@ in
example = [ "192.168.100.1" ];
};
+ relays = mkOption {
+ type = types.listOf types.str;
+ default = [];
+ description = lib.mdDoc ''
+ List of IPs of relays that this node should allow traffic from.
+ '';
+ example = [ "192.168.100.1" ];
+ };
+
listen.host = mkOption {
type = types.str;
default = "0.0.0.0";
@@ -157,6 +172,11 @@ in
am_lighthouse = netCfg.isLighthouse;
hosts = netCfg.lighthouses;
};
+ relay = {
+ am_relay = netCfg.isRelay;
+ relays = netCfg.relays;
+ use_relays = true;
+ };
listen = {
host = netCfg.listen.host;
port = netCfg.listen.port;
@@ -173,25 +193,41 @@ in
configFile = format.generate "nebula-config-${netName}.yml" settings;
in
{
- # Create systemd service for Nebula.
+ # Create the systemd service for Nebula.
"nebula@${netName}" = {
description = "Nebula VPN service for ${netName}";
wants = [ "basic.target" ];
after = [ "basic.target" "network.target" ];
before = [ "sshd.service" ];
wantedBy = [ "multi-user.target" ];
- serviceConfig = mkMerge [
- {
- Type = "simple";
- Restart = "always";
- ExecStart = "${netCfg.package}/bin/nebula -config ${configFile}";
- }
- # The service needs to launch as root to access the tun device, if it's enabled.
- (mkIf netCfg.tun.disable {
- User = networkId;
- Group = networkId;
- })
- ];
+ serviceConfig = {
+ Type = "simple";
+ Restart = "always";
+ ExecStart = "${netCfg.package}/bin/nebula -config ${configFile}";
+ UMask = "0027";
+ CapabilityBoundingSet = "CAP_NET_ADMIN";
+ AmbientCapabilities = "CAP_NET_ADMIN";
+ LockPersonality = true;
+ NoNewPrivileges = true;
+ PrivateDevices = false; # needs access to /dev/net/tun (below)
+ DeviceAllow = "/dev/net/tun rw";
+ DevicePolicy = "closed";
+ PrivateTmp = true;
+ PrivateUsers = false; # CapabilityBoundingSet needs to apply to the host namespace
+ ProtectClock = true;
+ ProtectControlGroups = true;
+ ProtectHome = true;
+ ProtectHostname = true;
+ ProtectKernelLogs = true;
+ ProtectKernelModules = true;
+ ProtectKernelTunables = true;
+ ProtectProc = "invisible";
+ ProtectSystem = "strict";
+ RestrictNamespaces = true;
+ RestrictSUIDSGID = true;
+ User = networkId;
+ Group = networkId;
+ };
unitConfig.StartLimitIntervalSec = 0; # ensure Restart=always is always honoured (networks can go down for arbitrarily long)
};
}) enabledNetworks);
@@ -202,7 +238,7 @@ in
# Create the service users and groups.
users.users = mkMerge (mapAttrsToList (netName: netCfg:
- mkIf netCfg.tun.disable {
+ {
${nameToId netName} = {
group = nameToId netName;
description = "Nebula service user for network ${netName}";
@@ -210,9 +246,8 @@ in
};
}) enabledNetworks);
- users.groups = mkMerge (mapAttrsToList (netName: netCfg:
- mkIf netCfg.tun.disable {
- ${nameToId netName} = {};
- }) enabledNetworks);
+ users.groups = mkMerge (mapAttrsToList (netName: netCfg: {
+ ${nameToId netName} = {};
+ }) enabledNetworks);
};
}
diff --git a/third_party/nixpkgs/nixos/modules/services/networking/openvpn.nix b/third_party/nixpkgs/nixos/modules/services/networking/openvpn.nix
index 492a0936fd..78d312af97 100644
--- a/third_party/nixpkgs/nixos/modules/services/networking/openvpn.nix
+++ b/third_party/nixpkgs/nixos/modules/services/networking/openvpn.nix
@@ -57,7 +57,8 @@ let
''}"}
'';
- in {
+ in
+ {
description = "OpenVPN instance ‘${name}’";
wantedBy = optional cfg.autoStart "multi-user.target";
@@ -70,6 +71,16 @@ let
serviceConfig.Type = "notify";
};
+ restartService = optionalAttrs cfg.restartAfterSleep {
+ openvpn-restart = {
+ wantedBy = [ "sleep.target" ];
+ path = [ pkgs.procps ];
+ script = "pkill --signal SIGHUP --exact openvpn";
+ #SIGHUP makes openvpn process to self-exit and then it got restarted by systemd because of Restart=always
+ description = "Sends a signal to OpenVPN process to trigger a restart after return from sleep";
+ };
+ };
+
in
{
@@ -82,7 +93,7 @@ in
options = {
services.openvpn.servers = mkOption {
- default = {};
+ default = { };
example = literalExpression ''
{
@@ -201,14 +212,21 @@ in
};
+ services.openvpn.restartAfterSleep = mkOption {
+ default = true;
+ type = types.bool;
+ description = lib.mdDoc "Whether OpenVPN client should be restarted after sleep.";
+ };
+
};
###### implementation
- config = mkIf (cfg.servers != {}) {
+ config = mkIf (cfg.servers != { }) {
- systemd.services = listToAttrs (mapAttrsFlatten (name: value: nameValuePair "openvpn-${name}" (makeOpenVPNJob value name)) cfg.servers);
+ systemd.services = (listToAttrs (mapAttrsFlatten (name: value: nameValuePair "openvpn-${name}" (makeOpenVPNJob value name)) cfg.servers))
+ // restartService;
environment.systemPackages = [ openvpn ];
diff --git a/third_party/nixpkgs/nixos/modules/services/networking/soju.nix b/third_party/nixpkgs/nixos/modules/services/networking/soju.nix
index d4c4ca47bc..7f0ac3e3b8 100644
--- a/third_party/nixpkgs/nixos/modules/services/networking/soju.nix
+++ b/third_party/nixpkgs/nixos/modules/services/networking/soju.nix
@@ -120,5 +120,5 @@ in
};
};
- meta.maintainers = with maintainers; [ malvo ];
+ meta.maintainers = with maintainers; [ malte-v ];
}
diff --git a/third_party/nixpkgs/nixos/modules/services/networking/ssh/sshd.nix b/third_party/nixpkgs/nixos/modules/services/networking/ssh/sshd.nix
index f2b8d12ccc..095c7de0b7 100644
--- a/third_party/nixpkgs/nixos/modules/services/networking/ssh/sshd.nix
+++ b/third_party/nixpkgs/nixos/modules/services/networking/ssh/sshd.nix
@@ -13,11 +13,12 @@ let
else pkgs.buildPackages.openssh;
# reports boolean as yes / no
- mkValueStringSshd = v:
+ mkValueStringSshd = with lib; v:
if isInt v then toString v
else if isString v then v
else if true == v then "yes"
else if false == v then "no"
+ else if isList v then concatStringsSep "," v
else throw "unsupported type ${typeOf v}: ${(lib.generators.toPretty {}) v}";
# dont use the "=" operator
@@ -104,6 +105,11 @@ in
(mkRenamedOptionModule [ "services" "openssh" "useDns" ] [ "services" "openssh" "settings" "UseDns" ])
(mkRenamedOptionModule [ "services" "openssh" "permitRootLogin" ] [ "services" "openssh" "settings" "PermitRootLogin" ])
(mkRenamedOptionModule [ "services" "openssh" "logLevel" ] [ "services" "openssh" "settings" "LogLevel" ])
+ (mkRenamedOptionModule [ "services" "openssh" "macs" ] [ "services" "openssh" "settings" "Macs" ])
+ (mkRenamedOptionModule [ "services" "openssh" "ciphers" ] [ "services" "openssh" "settings" "Ciphers" ])
+ (mkRenamedOptionModule [ "services" "openssh" "kexAlgorithms" ] [ "services" "openssh" "settings" "KexAlgorithms" ])
+ (mkRenamedOptionModule [ "services" "openssh" "gatewayPorts" ] [ "services" "openssh" "settings" "GatewayPorts" ])
+ (mkRenamedOptionModule [ "services" "openssh" "forwardX11" ] [ "services" "openssh" "settings" "X11Forwarding" ])
];
###### interface
@@ -131,14 +137,6 @@ in
'';
};
- forwardX11 = mkOption {
- type = types.bool;
- default = false;
- description = lib.mdDoc ''
- Whether to allow X11 connections to be forwarded.
- '';
- };
-
allowSFTP = mkOption {
type = types.bool;
default = true;
@@ -167,16 +165,6 @@ in
'';
};
- gatewayPorts = mkOption {
- type = types.str;
- default = "no";
- description = lib.mdDoc ''
- Specifies whether remote hosts are allowed to connect to
- ports forwarded for the client. See
- {manpage}`sshd_config(5)`.
- '';
- };
-
ports = mkOption {
type = types.listOf types.port;
default = [22];
@@ -286,63 +274,6 @@ in
'';
};
- kexAlgorithms = mkOption {
- type = types.listOf types.str;
- default = [
- "sntrup761x25519-sha512@openssh.com"
- "curve25519-sha256"
- "curve25519-sha256@libssh.org"
- "diffie-hellman-group-exchange-sha256"
- ];
- description = lib.mdDoc ''
- Allowed key exchange algorithms
-
- Uses the lower bound recommended in both
-
- and
-
- '';
- };
-
- ciphers = mkOption {
- type = types.listOf types.str;
- default = [
- "chacha20-poly1305@openssh.com"
- "aes256-gcm@openssh.com"
- "aes128-gcm@openssh.com"
- "aes256-ctr"
- "aes192-ctr"
- "aes128-ctr"
- ];
- description = lib.mdDoc ''
- Allowed ciphers
-
- Defaults to recommended settings from both
-
- and
-
- '';
- };
-
- macs = mkOption {
- type = types.listOf types.str;
- default = [
- "hmac-sha2-512-etm@openssh.com"
- "hmac-sha2-256-etm@openssh.com"
- "umac-128-etm@openssh.com"
- "hmac-sha2-512"
- "hmac-sha2-256"
- "umac-128@openssh.com"
- ];
- description = lib.mdDoc ''
- Allowed MACs
-
- Defaults to recommended settings from both
-
- and
-
- '';
- };
settings = mkOption {
@@ -374,7 +305,13 @@ in
~/.ssh/authorized_keys from and sshd_config Match Host directives.
'';
};
-
+ X11Forwarding = mkOption {
+ type = types.bool;
+ default = false;
+ description = lib.mdDoc ''
+ Whether to allow X11 connections to be forwarded.
+ '';
+ };
PasswordAuthentication = mkOption {
type = types.bool;
default = true;
@@ -396,6 +333,70 @@ in
Specifies whether keyboard-interactive authentication is allowed.
'';
};
+ GatewayPorts = mkOption {
+ type = types.str;
+ default = "no";
+ description = lib.mdDoc ''
+ Specifies whether remote hosts are allowed to connect to
+ ports forwarded for the client. See
+ {manpage}`sshd_config(5)`.
+ '';
+ };
+ KexAlgorithms = mkOption {
+ type = types.listOf types.str;
+ default = [
+ "sntrup761x25519-sha512@openssh.com"
+ "curve25519-sha256"
+ "curve25519-sha256@libssh.org"
+ "diffie-hellman-group-exchange-sha256"
+ ];
+ description = lib.mdDoc ''
+ Allowed key exchange algorithms
+
+ Uses the lower bound recommended in both
+
+ and
+
+ '';
+ };
+ Macs = mkOption {
+ type = types.listOf types.str;
+ default = [
+ "hmac-sha2-512-etm@openssh.com"
+ "hmac-sha2-256-etm@openssh.com"
+ "umac-128-etm@openssh.com"
+ "hmac-sha2-512"
+ "hmac-sha2-256"
+ "umac-128@openssh.com"
+ ];
+ description = lib.mdDoc ''
+ Allowed MACs
+
+ Defaults to recommended settings from both
+
+ and
+
+ '';
+ };
+ Ciphers = mkOption {
+ type = types.listOf types.str;
+ default = [
+ "chacha20-poly1305@openssh.com"
+ "aes256-gcm@openssh.com"
+ "aes128-gcm@openssh.com"
+ "aes256-ctr"
+ "aes192-ctr"
+ "aes128-ctr"
+ ];
+ description = lib.mdDoc ''
+ Allowed ciphers
+
+ Defaults to recommended settings from both
+
+ and
+
+ '';
+ };
};
});
};
@@ -555,17 +556,10 @@ in
${optionalString cfgc.setXAuthLocation ''
XAuthLocation ${pkgs.xorg.xauth}/bin/xauth
''}
-
- X11Forwarding ${if cfg.forwardX11 then "yes" else "no"}
-
${optionalString cfg.allowSFTP ''
Subsystem sftp ${cfg.sftpServerExecutable} ${concatStringsSep " " cfg.sftpFlags}
''}
-
- GatewayPorts ${cfg.gatewayPorts}
-
PrintMotd no # handled by pam_motd
-
AuthorizedKeysFile ${toString cfg.authorizedKeysFiles}
${optionalString (cfg.authorizedKeysCommand != "none") ''
AuthorizedKeysCommand ${cfg.authorizedKeysCommand}
@@ -575,13 +569,9 @@ in
${flip concatMapStrings cfg.hostKeys (k: ''
HostKey ${k.path}
'')}
-
- KexAlgorithms ${concatStringsSep "," cfg.kexAlgorithms}
- Ciphers ${concatStringsSep "," cfg.ciphers}
- MACs ${concatStringsSep "," cfg.macs}
'';
- assertions = [{ assertion = if cfg.forwardX11 then cfgc.setXAuthLocation else true;
+ assertions = [{ assertion = if cfg.settings.X11Forwarding then cfgc.setXAuthLocation else true;
message = "cannot enable X11 forwarding without setting xauth location";}]
++ forEach cfg.listenAddresses ({ addr, ... }: {
assertion = addr != null;
diff --git a/third_party/nixpkgs/nixos/modules/services/search/meilisearch.nix b/third_party/nixpkgs/nixos/modules/services/search/meilisearch.nix
index 73567ca0bc..7c9fa62ae9 100644
--- a/third_party/nixpkgs/nixos/modules/services/search/meilisearch.nix
+++ b/third_party/nixpkgs/nixos/modules/services/search/meilisearch.nix
@@ -115,7 +115,7 @@ in
MEILI_HTTP_ADDR = "${cfg.listenAddress}:${toString cfg.listenPort}";
MEILI_NO_ANALYTICS = toString cfg.noAnalytics;
MEILI_ENV = cfg.environment;
- MEILI_DUMPS_DIR = "/var/lib/meilisearch/dumps";
+ MEILI_DUMP_DIR = "/var/lib/meilisearch/dumps";
MEILI_LOG_LEVEL = cfg.logLevel;
MEILI_MAX_INDEX_SIZE = cfg.maxIndexSize;
};
diff --git a/third_party/nixpkgs/nixos/modules/services/security/kanidm.nix b/third_party/nixpkgs/nixos/modules/services/security/kanidm.nix
index 55120799c9..5583c39368 100644
--- a/third_party/nixpkgs/nixos/modules/services/security/kanidm.nix
+++ b/third_party/nixpkgs/nixos/modules/services/security/kanidm.nix
@@ -55,7 +55,7 @@ in
options.services.kanidm = {
enableClient = lib.mkEnableOption (lib.mdDoc "the Kanidm client");
enableServer = lib.mkEnableOption (lib.mdDoc "the Kanidm server");
- enablePam = lib.mkEnableOption (lib.mdDoc "the Kanidm PAM and NSS integration.");
+ enablePam = lib.mkEnableOption (lib.mdDoc "the Kanidm PAM and NSS integration");
serverSettings = lib.mkOption {
type = lib.types.submodule {
diff --git a/third_party/nixpkgs/nixos/modules/services/security/privacyidea.nix b/third_party/nixpkgs/nixos/modules/services/security/privacyidea.nix
index e446e606ca..664335cb58 100644
--- a/third_party/nixpkgs/nixos/modules/services/security/privacyidea.nix
+++ b/third_party/nixpkgs/nixos/modules/services/security/privacyidea.nix
@@ -6,7 +6,7 @@ let
cfg = config.services.privacyidea;
opt = options.services.privacyidea;
- uwsgi = pkgs.uwsgi.override { plugins = [ "python3" ]; python3 = pkgs.python39; };
+ uwsgi = pkgs.uwsgi.override { plugins = [ "python3" ]; python3 = pkgs.python310; };
python = uwsgi.python3;
penv = python.withPackages (const [ pkgs.privacyidea ]);
logCfg = pkgs.writeText "privacyidea-log.cfg" ''
@@ -41,7 +41,7 @@ let
piCfgFile = pkgs.writeText "privacyidea.cfg" ''
SUPERUSER_REALM = [ '${concatStringsSep "', '" cfg.superuserRealm}' ]
- SQLALCHEMY_DATABASE_URI = 'postgresql:///privacyidea'
+ SQLALCHEMY_DATABASE_URI = 'postgresql+psycopg2:///privacyidea'
SECRET_KEY = '${cfg.secretKey}'
PI_PEPPER = '${cfg.pepper}'
PI_ENCFILE = '${cfg.encFile}'
diff --git a/third_party/nixpkgs/nixos/modules/services/web-apps/cloudlog.nix b/third_party/nixpkgs/nixos/modules/services/web-apps/cloudlog.nix
index ffd1085bde..9c6284fd1b 100644
--- a/third_party/nixpkgs/nixos/modules/services/web-apps/cloudlog.nix
+++ b/third_party/nixpkgs/nixos/modules/services/web-apps/cloudlog.nix
@@ -68,7 +68,7 @@ let
in
{
options.services.cloudlog = with types; {
- enable = mkEnableOption (mdDoc "Whether to enable Cloudlog.");
+ enable = mkEnableOption (mdDoc "Whether to enable Cloudlog");
dataDir = mkOption {
type = str;
default = "/var/lib/cloudlog";
diff --git a/third_party/nixpkgs/nixos/modules/services/web-apps/dokuwiki.nix b/third_party/nixpkgs/nixos/modules/services/web-apps/dokuwiki.nix
index 54cd5fd33b..2153720836 100644
--- a/third_party/nixpkgs/nixos/modules/services/web-apps/dokuwiki.nix
+++ b/third_party/nixpkgs/nixos/modules/services/web-apps/dokuwiki.nix
@@ -148,7 +148,7 @@ let
];
options = {
- enable = mkEnableOption (lib.mdDoc "DokuWiki web application.");
+ enable = mkEnableOption (lib.mdDoc "DokuWiki web application");
package = mkOption {
type = types.package;
diff --git a/third_party/nixpkgs/nixos/modules/services/web-apps/galene.nix b/third_party/nixpkgs/nixos/modules/services/web-apps/galene.nix
index 15ef09aa0b..747b85f94c 100644
--- a/third_party/nixpkgs/nixos/modules/services/web-apps/galene.nix
+++ b/third_party/nixpkgs/nixos/modules/services/web-apps/galene.nix
@@ -12,7 +12,7 @@ in
{
options = {
services.galene = {
- enable = mkEnableOption (lib.mdDoc "Galene Service.");
+ enable = mkEnableOption (lib.mdDoc "Galene Service");
stateDir = mkOption {
default = defaultstateDir;
diff --git a/third_party/nixpkgs/nixos/modules/services/web-apps/hledger-web.nix b/third_party/nixpkgs/nixos/modules/services/web-apps/hledger-web.nix
index 86716a0264..0fc283ff52 100644
--- a/third_party/nixpkgs/nixos/modules/services/web-apps/hledger-web.nix
+++ b/third_party/nixpkgs/nixos/modules/services/web-apps/hledger-web.nix
@@ -7,7 +7,7 @@ in {
enable = mkEnableOption (lib.mdDoc "hledger-web service");
- serveApi = mkEnableOption (lib.mdDoc "Serve only the JSON web API, without the web UI.");
+ serveApi = mkEnableOption (lib.mdDoc "Serve only the JSON web API, without the web UI");
host = mkOption {
type = types.str;
diff --git a/third_party/nixpkgs/nixos/modules/services/web-apps/jirafeau.nix b/third_party/nixpkgs/nixos/modules/services/web-apps/jirafeau.nix
index 293cbb3af4..b2e2741671 100644
--- a/third_party/nixpkgs/nixos/modules/services/web-apps/jirafeau.nix
+++ b/third_party/nixpkgs/nixos/modules/services/web-apps/jirafeau.nix
@@ -36,7 +36,7 @@ in
description = lib.mdDoc "Location of Jirafeau storage directory.";
};
- enable = mkEnableOption (lib.mdDoc "Jirafeau file upload application.");
+ enable = mkEnableOption (lib.mdDoc "Jirafeau file upload application");
extraConfig = mkOption {
type = types.lines;
diff --git a/third_party/nixpkgs/nixos/modules/services/web-apps/limesurvey.nix b/third_party/nixpkgs/nixos/modules/services/web-apps/limesurvey.nix
index 7093d1de0d..dd51174c8b 100644
--- a/third_party/nixpkgs/nixos/modules/services/web-apps/limesurvey.nix
+++ b/third_party/nixpkgs/nixos/modules/services/web-apps/limesurvey.nix
@@ -32,7 +32,7 @@ in
# interface
options.services.limesurvey = {
- enable = mkEnableOption (lib.mdDoc "Limesurvey web application.");
+ enable = mkEnableOption (lib.mdDoc "Limesurvey web application");
database = {
type = mkOption {
diff --git a/third_party/nixpkgs/nixos/modules/services/web-servers/caddy/default.nix b/third_party/nixpkgs/nixos/modules/services/web-servers/caddy/default.nix
index 50213ec252..f5a9cfac5d 100644
--- a/third_party/nixpkgs/nixos/modules/services/web-servers/caddy/default.nix
+++ b/third_party/nixpkgs/nixos/modules/services/web-servers/caddy/default.nix
@@ -35,7 +35,8 @@ let
Caddyfile-formatted = pkgs.runCommand "Caddyfile-formatted" { nativeBuildInputs = [ cfg.package ]; } ''
mkdir -p $out
- ${cfg.package}/bin/caddy fmt ${Caddyfile}/Caddyfile > $out/Caddyfile
+ cp --no-preserve=mode ${Caddyfile}/Caddyfile $out/Caddyfile
+ caddy fmt --overwrite $out/Caddyfile
'';
in
"${if pkgs.stdenv.buildPlatform == pkgs.stdenv.hostPlatform then Caddyfile-formatted else Caddyfile}/Caddyfile";
diff --git a/third_party/nixpkgs/nixos/modules/services/web-servers/nginx/default.nix b/third_party/nixpkgs/nixos/modules/services/web-servers/nginx/default.nix
index 1837ec936c..bc5b4be510 100644
--- a/third_party/nixpkgs/nixos/modules/services/web-servers/nginx/default.nix
+++ b/third_party/nixpkgs/nixos/modules/services/web-servers/nginx/default.nix
@@ -203,7 +203,8 @@ let
proxy_send_timeout ${cfg.proxyTimeout};
proxy_read_timeout ${cfg.proxyTimeout};
proxy_http_version 1.1;
- # don't let clients close the keep-alive connection to upstream
+ # don't let clients close the keep-alive connection to upstream. See the nginx blog for details:
+ # https://www.nginx.com/blog/avoiding-top-10-nginx-configuration-mistakes/#no-keepalives
proxy_set_header "Connection" "";
include ${recommendedProxyConfig};
''}
diff --git a/third_party/nixpkgs/nixos/modules/services/x11/desktop-managers/plasma5.nix b/third_party/nixpkgs/nixos/modules/services/x11/desktop-managers/plasma5.nix
index 65b94f61c4..181db01ad8 100644
--- a/third_party/nixpkgs/nixos/modules/services/x11/desktop-managers/plasma5.nix
+++ b/third_party/nixpkgs/nixos/modules/services/x11/desktop-managers/plasma5.nix
@@ -28,52 +28,11 @@ let
libsForQt5 = pkgs.plasma5Packages;
inherit (libsForQt5) kdeGear kdeFrameworks plasma5;
- inherit (pkgs) writeText;
inherit (lib)
getBin optionalString literalExpression
mkRemovedOptionModule mkRenamedOptionModule
mkDefault mkIf mkMerge mkOption mkPackageOptionMD types;
- ini = pkgs.formats.ini { };
-
- gtkrc2 = writeText "gtkrc-2.0" ''
- # Default GTK+ 2 config for NixOS Plasma 5
- include "/run/current-system/sw/share/themes/Breeze/gtk-2.0/gtkrc"
- style "user-font"
- {
- font_name="Sans Serif Regular"
- }
- widget_class "*" style "user-font"
- gtk-font-name="Sans Serif Regular 10"
- gtk-theme-name="Breeze"
- gtk-icon-theme-name="breeze"
- gtk-fallback-icon-theme="hicolor"
- gtk-cursor-theme-name="breeze_cursors"
- gtk-toolbar-style=GTK_TOOLBAR_ICONS
- gtk-menu-images=1
- gtk-button-images=1
- '';
-
- gtk3_settings = ini.generate "settings.ini" {
- Settings = {
- gtk-font-name = "Sans Serif Regular 10";
- gtk-theme-name = "Breeze";
- gtk-icon-theme-name = "breeze";
- gtk-fallback-icon-theme = "hicolor";
- gtk-cursor-theme-name = "breeze_cursors";
- gtk-toolbar-style = "GTK_TOOLBAR_ICONS";
- gtk-menu-images = 1;
- gtk-button-images = 1;
- };
- };
-
- kcminputrc = ini.generate "kcminputrc" {
- Mouse = {
- cursorTheme = "breeze_cursors";
- cursorSize = 0;
- };
- };
-
activationScript = ''
${set_XDG_CONFIG_HOME}
@@ -119,37 +78,6 @@ let
XDG_CONFIG_HOME=''${XDG_CONFIG_HOME:-$HOME/.config}
'';
- startplasma = ''
- ${set_XDG_CONFIG_HOME}
- mkdir -p "''${XDG_CONFIG_HOME}"
- '' + optionalString config.hardware.pulseaudio.enable ''
- # Load PulseAudio module for routing support.
- # See also: http://colin.guthr.ie/2009/10/so-how-does-the-kde-pulseaudio-support-work-anyway/
- ${getBin config.hardware.pulseaudio.package}/bin/pactl load-module module-device-manager "do_routing=1"
- '' + ''
- ${activationScript}
-
- # Create default configurations if Plasma has never been started.
- kdeglobals="''${XDG_CONFIG_HOME}/kdeglobals"
- if ! [ -f "$kdeglobals" ]; then
- kcminputrc="''${XDG_CONFIG_HOME}/kcminputrc"
- if ! [ -f "$kcminputrc" ]; then
- cat ${kcminputrc} >"$kcminputrc"
- fi
-
- gtkrc2="$HOME/.gtkrc-2.0"
- if ! [ -f "$gtkrc2" ]; then
- cat ${gtkrc2} >"$gtkrc2"
- fi
-
- gtk3_settings="''${XDG_CONFIG_HOME}/gtk-3.0/settings.ini"
- if ! [ -f "$gtk3_settings" ]; then
- mkdir -p "$(dirname "$gtk3_settings")"
- cat ${gtk3_settings} >"$gtk3_settings"
- fi
- fi
- '';
-
in
{
@@ -474,7 +402,6 @@ in
# Update the start menu for each user that is currently logged in
system.userActivationScripts.plasmaSetup = activationScript;
- services.xserver.displayManager.setupCommands = startplasma;
nixpkgs.config.firefox.enablePlasmaBrowserIntegration = true;
})
@@ -521,6 +448,7 @@ in
dolphin-plugins
ffmpegthumbs
kdegraphics-thumbnailers
+ pkgs.kio-admin
kio-extras
];
optionalPackages = [
diff --git a/third_party/nixpkgs/nixos/modules/services/x11/extra-layouts.nix b/third_party/nixpkgs/nixos/modules/services/x11/extra-layouts.nix
index 574657a50c..9c88d12ca6 100644
--- a/third_party/nixpkgs/nixos/modules/services/x11/extra-layouts.nix
+++ b/third_party/nixpkgs/nixos/modules/services/x11/extra-layouts.nix
@@ -106,9 +106,9 @@ in
description = lib.mdDoc ''
Extra custom layouts that will be included in the xkb configuration.
Information on how to create a new layout can be found here:
- [](https://www.x.org/releases/current/doc/xorg-docs/input/XKB-Enhancing.html#Defining_New_Layouts).
+ .
For more examples see
- [](https://wiki.archlinux.org/index.php/X_KeyBoard_extension#Basic_examples)
+
'';
};
diff --git a/third_party/nixpkgs/nixos/modules/system/boot/initrd-ssh.nix b/third_party/nixpkgs/nixos/modules/system/boot/initrd-ssh.nix
index 701d242abc..125f75d667 100644
--- a/third_party/nixpkgs/nixos/modules/system/boot/initrd-ssh.nix
+++ b/third_party/nixpkgs/nixos/modules/system/boot/initrd-ssh.nix
@@ -128,13 +128,13 @@ in
HostKey ${initrdKeyPath path}
'')}
- KexAlgorithms ${concatStringsSep "," sshdCfg.kexAlgorithms}
- Ciphers ${concatStringsSep "," sshdCfg.ciphers}
- MACs ${concatStringsSep "," sshdCfg.macs}
+ KexAlgorithms ${concatStringsSep "," sshdCfg.settings.KexAlgorithms}
+ Ciphers ${concatStringsSep "," sshdCfg.settings.Ciphers}
+ MACs ${concatStringsSep "," sshdCfg.settings.Macs}
- LogLevel ${sshdCfg.logLevel}
+ LogLevel ${sshdCfg.settings.LogLevel}
- ${if sshdCfg.useDns then ''
+ ${if sshdCfg.settings.UseDns then ''
UseDNS yes
'' else ''
UseDNS no
diff --git a/third_party/nixpkgs/nixos/modules/system/boot/kernel.nix b/third_party/nixpkgs/nixos/modules/system/boot/kernel.nix
index 8f203b2c8b..0298e28f32 100644
--- a/third_party/nixpkgs/nixos/modules/system/boot/kernel.nix
+++ b/third_party/nixpkgs/nixos/modules/system/boot/kernel.nix
@@ -20,7 +20,7 @@ in
###### interface
options = {
- boot.kernel.enable = mkEnableOption (lib.mdDoc "the Linux kernel. This is useful for systemd-like containers which do not require a kernel.") // {
+ boot.kernel.enable = mkEnableOption (lib.mdDoc "the Linux kernel. This is useful for systemd-like containers which do not require a kernel") // {
default = true;
};
diff --git a/third_party/nixpkgs/nixos/modules/system/boot/luksroot.nix b/third_party/nixpkgs/nixos/modules/system/boot/luksroot.nix
index 03d03cb348..cdb5d8bf3c 100644
--- a/third_party/nixpkgs/nixos/modules/system/boot/luksroot.nix
+++ b/third_party/nixpkgs/nixos/modules/system/boot/luksroot.nix
@@ -929,7 +929,14 @@ in
++ (if builtins.elem "xts" luks.cryptoModules then ["ecb"] else []);
# copy the cryptsetup binary and it's dependencies
- boot.initrd.extraUtilsCommands = mkIf (!config.boot.initrd.systemd.enable) ''
+ boot.initrd.extraUtilsCommands = let
+ pbkdf2-sha512 = pkgs.runCommandCC "pbkdf2-sha512" { buildInputs = [ pkgs.openssl ]; } ''
+ mkdir -p "$out/bin"
+ cc -O3 -lcrypto ${./pbkdf2-sha512.c} -o "$out/bin/pbkdf2-sha512"
+ strip -s "$out/bin/pbkdf2-sha512"
+ '';
+ in
+ mkIf (!config.boot.initrd.systemd.enable) ''
copy_bin_and_libs ${pkgs.cryptsetup}/bin/cryptsetup
copy_bin_and_libs ${askPass}/bin/cryptsetup-askpass
sed -i s,/bin/sh,$out/bin/sh, $out/bin/cryptsetup-askpass
@@ -939,9 +946,7 @@ in
copy_bin_and_libs ${pkgs.yubikey-personalization}/bin/ykinfo
copy_bin_and_libs ${pkgs.openssl.bin}/bin/openssl
- cc -O3 -I${pkgs.openssl.dev}/include -L${lib.getLib pkgs.openssl}/lib ${./pbkdf2-sha512.c} -o pbkdf2-sha512 -lcrypto
- strip -s pbkdf2-sha512
- copy_bin_and_libs pbkdf2-sha512
+ copy_bin_and_libs ${pbkdf2-sha512}/bin/pbkdf2-sha512
mkdir -p $out/etc/ssl
cp -pdv ${pkgs.openssl.out}/etc/ssl/openssl.cnf $out/etc/ssl
diff --git a/third_party/nixpkgs/nixos/modules/system/boot/stage-1.nix b/third_party/nixpkgs/nixos/modules/system/boot/stage-1.nix
index 4fcaeebffc..d26ea7597c 100644
--- a/third_party/nixpkgs/nixos/modules/system/boot/stage-1.nix
+++ b/third_party/nixpkgs/nixos/modules/system/boot/stage-1.nix
@@ -90,7 +90,7 @@ let
# copy what we need. Instead of using statically linked binaries,
# we just copy what we need from Glibc and use patchelf to make it
# work.
- extraUtils = pkgs.runCommandCC "extra-utils"
+ extraUtils = pkgs.runCommand "extra-utils"
{ nativeBuildInputs = [pkgs.buildPackages.nukeReferences];
allowedReferences = [ "out" ]; # prevent accidents like glibc being included in the initrd
}
diff --git a/third_party/nixpkgs/nixos/modules/system/boot/systemd/coredump.nix b/third_party/nixpkgs/nixos/modules/system/boot/systemd/coredump.nix
index 03ef00e568..2dbc95e38e 100644
--- a/third_party/nixpkgs/nixos/modules/system/boot/systemd/coredump.nix
+++ b/third_party/nixpkgs/nixos/modules/system/boot/systemd/coredump.nix
@@ -66,7 +66,9 @@ in {
uid = config.ids.uids.systemd-coredump;
group = "systemd-coredump";
};
- users.groups.systemd-coredump = {};
+ users.groups.systemd-coredump = {
+ gid = config.ids.gids.systemd-coredump;
+ };
})
(mkIf (!cfg.enable) {
diff --git a/third_party/nixpkgs/nixos/modules/tasks/filesystems/envfs.nix b/third_party/nixpkgs/nixos/modules/tasks/filesystems/envfs.nix
index 450b805f0f..76344f5f87 100644
--- a/third_party/nixpkgs/nixos/modules/tasks/filesystems/envfs.nix
+++ b/third_party/nixpkgs/nixos/modules/tasks/filesystems/envfs.nix
@@ -7,11 +7,11 @@ let
device = "none";
fsType = "envfs";
options = [
- "fallback-path=${pkgs.runCommand "fallback-path" {} ''
+ "fallback-path=${pkgs.runCommand "fallback-path" {} (''
mkdir -p $out
- ln -s ${pkgs.coreutils}/bin/env $out/env
- ln -s ${config.system.build.binsh}/bin/sh $out/sh
- ''}"
+ ln -s ${config.environment.usrbinenv} $out/env
+ ln -s ${config.environment.binsh} $out/sh
+ '' + cfg.extraFallbackPathCommands)}"
];
};
"/bin" = {
@@ -31,11 +31,19 @@ in {
etc.
'';
};
+
package = lib.mkOption {
type = lib.types.package;
- description = lib.mdDoc "Which package to use for the envfs.";
default = pkgs.envfs;
defaultText = lib.literalExpression "pkgs.envfs";
+ description = lib.mdDoc "Which package to use for the envfs.";
+ };
+
+ extraFallbackPathCommands = lib.mkOption {
+ type = lib.types.lines;
+ default = "";
+ example = "ln -s $''{pkgs.bash}/bin/bash $out/bash";
+ description = lib.mdDoc "Extra commands to run in the package that contains fallback executables in case not other executable is found";
};
};
};
diff --git a/third_party/nixpkgs/nixos/modules/virtualisation/amazon-image.nix b/third_party/nixpkgs/nixos/modules/virtualisation/amazon-image.nix
index e6c2c72339..aa44f26426 100644
--- a/third_party/nixpkgs/nixos/modules/virtualisation/amazon-image.nix
+++ b/third_party/nixpkgs/nixos/modules/virtualisation/amazon-image.nix
@@ -25,11 +25,7 @@ in
config = {
- assertions = [
- { assertion = versionOlder config.boot.kernelPackages.kernel.version "5.17";
- message = "ENA driver fails to build with kernel >= 5.17";
- }
- ];
+ assertions = [ ];
boot.growPartition = true;
diff --git a/third_party/nixpkgs/nixos/modules/virtualisation/multipass.nix b/third_party/nixpkgs/nixos/modules/virtualisation/multipass.nix
new file mode 100644
index 0000000000..d066932b61
--- /dev/null
+++ b/third_party/nixpkgs/nixos/modules/virtualisation/multipass.nix
@@ -0,0 +1,61 @@
+{ config
+, lib
+, pkgs
+, ...
+}:
+
+let
+ cfg = config.virtualisation.multipass;
+in
+{
+ options = {
+ virtualisation.multipass = {
+ enable = lib.mkEnableOption (lib.mdDoc ''
+ Multipass, a simple manager for virtualised Ubuntu instances.
+ '');
+
+ logLevel = lib.mkOption {
+ type = lib.types.enum [ "error" "warning" "info" "debug" "trace" ];
+ default = "debug";
+ description = lib.mdDoc ''
+ The logging verbosity of the multipassd binary.
+ '';
+ };
+
+ package = lib.mkPackageOptionMD pkgs "multipass" { };
+ };
+ };
+
+ config = lib.mkIf cfg.enable {
+ environment.systemPackages = [ cfg.package ];
+
+ systemd.services.multipass = {
+ description = "Multipass orchestrates virtual Ubuntu instances.";
+
+ wantedBy = [ "multi-user.target" ];
+ wants = [ "network.target" ];
+ after = [ "network.target" ];
+
+ environment = {
+ "XDG_DATA_HOME" = "/var/lib/multipass/data";
+ "XDG_CACHE_HOME" = "/var/lib/multipass/cache";
+ "XDG_CONFIG_HOME" = "/var/lib/multipass/config";
+ };
+
+ serviceConfig = {
+ ExecStart = "${cfg.package}/bin/multipassd --logger platform --verbosity ${cfg.logLevel}";
+ SyslogIdentifer = "multipassd";
+ Restart = "on-failure";
+ TimeoutStopSec = 300;
+ Type = "simple";
+
+ WorkingDirectory = "/var/lib/multipass";
+
+ StateDirectory = "multipass";
+ StateDirectoryMode = "0750";
+ CacheDirectory = "multipass";
+ CacheDirectoryMode = "0750";
+ };
+ };
+ };
+}
diff --git a/third_party/nixpkgs/nixos/modules/virtualisation/virtualbox-image.nix b/third_party/nixpkgs/nixos/modules/virtualisation/virtualbox-image.nix
index 2ea23d958c..bb42e6de06 100644
--- a/third_party/nixpkgs/nixos/modules/virtualisation/virtualbox-image.nix
+++ b/third_party/nixpkgs/nixos/modules/virtualisation/virtualbox-image.nix
@@ -107,6 +107,46 @@ in {
};
});
};
+ postExportCommands = mkOption {
+ type = types.lines;
+ default = "";
+ example = ''
+ ${pkgs.cot}/bin/cot edit-hardware "$fn" \
+ -v vmx-14 \
+ --nics 2 \
+ --nic-types VMXNET3 \
+ --nic-names 'Nic name' \
+ --nic-networks 'Nic match' \
+ --network-descriptions 'Nic description' \
+ --scsi-subtypes VirtualSCSI
+ '';
+ description = lib.mdDoc ''
+ Extra commands to run after exporting the OVA to `$fn`.
+ '';
+ };
+ storageController = mkOption {
+ type = with types; attrsOf (oneOf [ str int bool (listOf str) ]);
+ example = {
+ name = "SCSI";
+ add = "scsi";
+ portcount = 16;
+ bootable = "on";
+ hostiocache = "on";
+ };
+ default = {
+ name = "SATA";
+ add = "sata";
+ portcount = 4;
+ bootable = "on";
+ hostiocache = "on";
+ };
+ description = lib.mdDoc ''
+ Parameters passed to the VirtualBox appliance. Must have at least
+ `name`.
+
+ Run `VBoxManage storagectl --help` to see more options.
+ '';
+ };
};
};
@@ -167,11 +207,11 @@ in {
VBoxManage modifyvm "$vmName" \
--memory ${toString cfg.memorySize} \
${lib.cli.toGNUCommandLineShell { } cfg.params}
- VBoxManage storagectl "$vmName" --name SATA --add sata --portcount 4 --bootable on --hostiocache on
- VBoxManage storageattach "$vmName" --storagectl SATA --port 0 --device 0 --type hdd \
+ VBoxManage storagectl "$vmName" ${lib.cli.toGNUCommandLineShell { } cfg.storageController}
+ VBoxManage storageattach "$vmName" --storagectl ${cfg.storageController.name} --port 0 --device 0 --type hdd \
--medium disk.vmdk
${optionalString (cfg.extraDisk != null) ''
- VBoxManage storageattach "$vmName" --storagectl SATA --port 1 --device 0 --type hdd \
+ VBoxManage storageattach "$vmName" --storagectl ${cfg.storageController.name} --port 1 --device 0 --type hdd \
--medium data-disk.vmdk
''}
@@ -179,6 +219,7 @@ in {
mkdir -p $out
fn="$out/${cfg.vmFileName}"
VBoxManage export "$vmName" --output "$fn" --options manifest ${escapeShellArgs cfg.exportParams}
+ ${cfg.postExportCommands}
rm -v $diskImage
diff --git a/third_party/nixpkgs/nixos/tests/all-tests.nix b/third_party/nixpkgs/nixos/tests/all-tests.nix
index a041faa8fe..1af7456fad 100644
--- a/third_party/nixpkgs/nixos/tests/all-tests.nix
+++ b/third_party/nixpkgs/nixos/tests/all-tests.nix
@@ -134,6 +134,7 @@ in {
cloud-init-hostname = handleTest ./cloud-init-hostname.nix {};
cloudlog = handleTest ./cloudlog.nix {};
cntr = handleTestOn ["aarch64-linux" "x86_64-linux"] ./cntr.nix {};
+ cockpit = handleTest ./cockpit.nix {};
cockroachdb = handleTestOn ["x86_64-linux"] ./cockroachdb.nix {};
collectd = handleTest ./collectd.nix {};
connman = handleTest ./connman.nix {};
@@ -247,6 +248,7 @@ in {
gnome = handleTest ./gnome.nix {};
gnome-flashback = handleTest ./gnome-flashback.nix {};
gnome-xorg = handleTest ./gnome-xorg.nix {};
+ gnupg = handleTest ./gnupg.nix {};
go-neb = handleTest ./go-neb.nix {};
gobgpd = handleTest ./gobgpd.nix {};
gocd-agent = handleTest ./gocd-agent.nix {};
@@ -398,6 +400,7 @@ in {
minidlna = handleTest ./minidlna.nix {};
miniflux = handleTest ./miniflux.nix {};
minio = handleTest ./minio.nix {};
+ miriway = handleTest ./miriway.nix {};
misc = handleTest ./misc.nix {};
mjolnir = handleTest ./matrix/mjolnir.nix {};
mod_perl = handleTest ./mod_perl.nix {};
@@ -411,8 +414,11 @@ in {
mpd = handleTest ./mpd.nix {};
mpv = handleTest ./mpv.nix {};
mtp = handleTest ./mtp.nix {};
+ multipass = handleTest ./multipass.nix {};
mumble = handleTest ./mumble.nix {};
- musescore = handleTest ./musescore.nix {};
+ # Fails on aarch64-linux at the PDF creation step - need to debug this on an
+ # aarch64 machine..
+ musescore = handleTestOn ["x86_64-linux"] ./musescore.nix {};
munin = handleTest ./munin.nix {};
mutableUsers = handleTest ./mutable-users.nix {};
mxisd = handleTest ./mxisd.nix {};
@@ -514,7 +520,6 @@ in {
peering-manager = handleTest ./web-apps/peering-manager.nix {};
peertube = handleTestOn ["x86_64-linux"] ./web-apps/peertube.nix {};
pgadmin4 = handleTest ./pgadmin4.nix {};
- pgadmin4-standalone = handleTest ./pgadmin4-standalone.nix {};
pgjwt = handleTest ./pgjwt.nix {};
pgmanage = handleTest ./pgmanage.nix {};
phosh = handleTest ./phosh.nix {};
diff --git a/third_party/nixpkgs/nixos/tests/bpf.nix b/third_party/nixpkgs/nixos/tests/bpf.nix
index 5868e3bfcb..5dc9740477 100644
--- a/third_party/nixpkgs/nixos/tests/bpf.nix
+++ b/third_party/nixpkgs/nixos/tests/bpf.nix
@@ -25,5 +25,9 @@ import ./make-test-python.nix ({ pkgs, ... }: {
print(machine.succeed("bpftrace -e 'kprobe:schedule { "
" printf(\"tgid: %d\", ((struct task_struct*) curtask)->tgid); exit() "
"}'"))
+ # module BTF (bpftrace >= 0.17)
+ print(machine.succeed("bpftrace -e 'kfunc:nft_trans_alloc_gfp { "
+ " printf(\"portid: %d\\n\",args->ctx->portid); "
+ "} BEGIN { exit() }'"))
'';
})
diff --git a/third_party/nixpkgs/nixos/tests/cockpit.nix b/third_party/nixpkgs/nixos/tests/cockpit.nix
new file mode 100644
index 0000000000..4a4983f9bc
--- /dev/null
+++ b/third_party/nixpkgs/nixos/tests/cockpit.nix
@@ -0,0 +1,135 @@
+import ./make-test-python.nix (
+ { pkgs, lib, ... }:
+
+ let
+ user = "alice"; # from ./common/user-account.nix
+ password = "foobar"; # from ./common/user-account.nix
+ in {
+ name = "cockpit";
+ meta = {
+ maintainers = with lib.maintainers; [ lucasew ];
+ };
+ nodes = {
+ server = { config, ... }: {
+ imports = [ ./common/user-account.nix ];
+ security.polkit.enable = true;
+ users.users.${user} = {
+ extraGroups = [ "wheel" ];
+ };
+ services.cockpit = {
+ enable = true;
+ openFirewall = true;
+ settings = {
+ WebService = {
+ Origins = "https://server:9090";
+ };
+ };
+ };
+ };
+ client = { config, ... }: {
+ imports = [ ./common/user-account.nix ];
+ environment.systemPackages = let
+ seleniumScript = pkgs.writers.writePython3Bin "selenium-script" {
+ libraries = with pkgs.python3Packages; [ selenium ];
+ } ''
+ from selenium import webdriver
+ from selenium.webdriver.common.by import By
+ from selenium.webdriver.firefox.options import Options
+ from selenium.webdriver.support.ui import WebDriverWait
+ from selenium.webdriver.support import expected_conditions as EC
+ from time import sleep
+
+
+ def log(msg):
+ from sys import stderr
+ print(f"[*] {msg}", file=stderr)
+
+
+ log("Initializing")
+
+ options = Options()
+ options.add_argument("--headless")
+
+ driver = webdriver.Firefox(options=options)
+
+ driver.implicitly_wait(10)
+
+ log("Opening homepage")
+ driver.get("https://server:9090")
+
+ wait = WebDriverWait(driver, 60)
+
+
+ def wait_elem(by, query):
+ wait.until(EC.presence_of_element_located((by, query)))
+
+
+ def wait_title_contains(title):
+ wait.until(EC.title_contains(title))
+
+
+ def find_element(by, query):
+ return driver.find_element(by, query)
+
+
+ def set_value(elem, value):
+ script = 'arguments[0].value = arguments[1]'
+ return driver.execute_script(script, elem, value)
+
+
+ log("Waiting for the homepage to load")
+
+ # cockpit sets initial title as hostname
+ wait_title_contains("server")
+ wait_elem(By.CSS_SELECTOR, 'input#login-user-input')
+
+ log("Homepage loaded!")
+
+ log("Filling out username")
+ login_input = find_element(By.CSS_SELECTOR, 'input#login-user-input')
+ set_value(login_input, "${user}")
+
+ log("Filling out password")
+ password_input = find_element(By.CSS_SELECTOR, 'input#login-password-input')
+ set_value(password_input, "${password}")
+
+ log("Submiting credentials for login")
+ driver.find_element(By.CSS_SELECTOR, 'button#login-button').click()
+
+ # driver.implicitly_wait(1)
+ # driver.get("https://server:9090/system")
+
+ log("Waiting dashboard to load")
+ wait_title_contains("${user}@server")
+
+ log("Waiting for the frontend to initalize")
+ sleep(1)
+
+ log("Looking for that banner that tells about limited access")
+ container_iframe = find_element(By.CSS_SELECTOR, 'iframe.container-frame')
+ driver.switch_to.frame(container_iframe)
+
+ assert "Web console is running in limited access mode" in driver.page_source
+
+ driver.close()
+ '';
+ in with pkgs; [ firefox-unwrapped geckodriver seleniumScript ];
+ };
+ };
+
+ testScript = ''
+ start_all()
+
+ server.wait_for_open_port(9090)
+ server.wait_for_unit("network.target")
+ server.wait_for_unit("multi-user.target")
+ server.systemctl("start", "polkit")
+
+ client.wait_for_unit("multi-user.target")
+
+ client.succeed("curl -k https://server:9090 -o /dev/stderr")
+ print(client.succeed("whoami"))
+ client.succeed('PYTHONUNBUFFERED=1 selenium-script')
+ '';
+ }
+)
diff --git a/third_party/nixpkgs/nixos/tests/cups-pdf.nix b/third_party/nixpkgs/nixos/tests/cups-pdf.nix
index 70d14f29e2..957b0296a7 100644
--- a/third_party/nixpkgs/nixos/tests/cups-pdf.nix
+++ b/third_party/nixpkgs/nixos/tests/cups-pdf.nix
@@ -23,7 +23,7 @@ import ./make-test-python.nix ({ lib, pkgs, ... }: {
testScript = ''
from subprocess import run
- machine.wait_for_unit("cups.service")
+ machine.wait_for_unit("multi-user.target")
for name in ("opt", "noopt"):
text = f"test text {name}".upper()
machine.wait_until_succeeds(f"lpstat -v {name}")
diff --git a/third_party/nixpkgs/nixos/tests/gnupg.nix b/third_party/nixpkgs/nixos/tests/gnupg.nix
new file mode 100644
index 0000000000..65a9a93007
--- /dev/null
+++ b/third_party/nixpkgs/nixos/tests/gnupg.nix
@@ -0,0 +1,118 @@
+import ./make-test-python.nix ({ pkgs, lib, ...}:
+
+{
+ name = "gnupg";
+ meta = with lib.maintainers; {
+ maintainers = [ rnhmjoj ];
+ };
+
+ # server for testing SSH
+ nodes.server = { ... }: {
+ imports = [ ../modules/profiles/minimal.nix ];
+
+ users.users.alice.isNormalUser = true;
+ services.openssh.enable = true;
+ };
+
+ # machine for testing GnuPG
+ nodes.machine = { pkgs, ... }: {
+ imports = [ ../modules/profiles/minimal.nix ];
+
+ users.users.alice.isNormalUser = true;
+ services.getty.autologinUser = "alice";
+
+ environment.shellInit = ''
+ # preset a key passphrase in gpg-agent
+ preset_key() {
+ # find all keys
+ case "$1" in
+ ssh) grips=$(awk '/^[0-9A-F]/{print $1}' "''${GNUPGHOME:-$HOME/.gnupg}/sshcontrol") ;;
+ pgp) grips=$(gpg --with-keygrip --list-secret-keys | awk '/Keygrip/{print $3}') ;;
+ esac
+
+ # try to preset the passphrase for each key found
+ for grip in $grips; do
+ "$(gpgconf --list-dirs libexecdir)/gpg-preset-passphrase" -c -P "$2" "$grip"
+ done
+ }
+ '';
+
+ programs.gnupg.agent.enable = true;
+ programs.gnupg.agent.enableSSHSupport = true;
+ };
+
+ testScript =
+ ''
+ import shlex
+
+
+ def as_alice(command: str) -> str:
+ """
+ Wraps a command to run it as Alice in a login shell
+ """
+ quoted = shlex.quote(command)
+ return "su --login alice --command " + quoted
+
+
+ start_all()
+
+ with subtest("Wait for the autologin"):
+ machine.wait_until_tty_matches("1", "alice@machine")
+
+ with subtest("Can generate a PGP key"):
+ # Note: this needs a tty because of pinentry
+ machine.send_chars("gpg --gen-key\n")
+ machine.wait_until_tty_matches("1", "Real name:")
+ machine.send_chars("Alice\n")
+ machine.wait_until_tty_matches("1", "Email address:")
+ machine.send_chars("alice@machine\n")
+ machine.wait_until_tty_matches("1", "Change")
+ machine.send_chars("O\n")
+ machine.wait_until_tty_matches("1", "Please enter")
+ machine.send_chars("pgp_p4ssphrase\n")
+ machine.wait_until_tty_matches("1", "Please re-enter")
+ machine.send_chars("pgp_p4ssphrase\n")
+ machine.wait_until_tty_matches("1", "public and secret key created")
+
+ with subtest("Confirm the key is in the keyring"):
+ machine.wait_until_succeeds(as_alice("gpg --list-secret-keys | grep -q alice@machine"))
+
+ with subtest("Can generate and add an SSH key"):
+ machine.succeed(as_alice("ssh-keygen -t ed25519 -f alice -N ssh_p4ssphrase"))
+
+ # Note: apparently this must be run before using the OpenSSH agent
+ # socket for the first time in a tty. It's not needed for `ssh`
+ # because there's a hook that calls it automatically (only in NixOS).
+ machine.send_chars("gpg-connect-agent updatestartuptty /bye\n")
+
+ # Note: again, this needs a tty because of pinentry
+ machine.send_chars("ssh-add alice\n")
+ machine.wait_until_tty_matches("1", "Enter passphrase")
+ machine.send_chars("ssh_p4ssphrase\n")
+ machine.wait_until_tty_matches("1", "Please enter")
+ machine.send_chars("ssh_agent_p4ssphrase\n")
+ machine.wait_until_tty_matches("1", "Please re-enter")
+ machine.send_chars("ssh_agent_p4ssphrase\n")
+
+ with subtest("Confirm the SSH key has been registered"):
+ machine.wait_until_succeeds(as_alice("ssh-add -l | grep -q alice@machine"))
+
+ with subtest("Can preset the key passphrases in the agent"):
+ machine.succeed(as_alice("echo allow-preset-passphrase > .gnupg/gpg-agent.conf"))
+ machine.succeed(as_alice("pkill gpg-agent"))
+ machine.succeed(as_alice("preset_key pgp pgp_p4ssphrase"))
+ machine.succeed(as_alice("preset_key ssh ssh_agent_p4ssphrase"))
+
+ with subtest("Can encrypt and decrypt a message"):
+ machine.succeed(as_alice("echo Hello | gpg -e -r alice | gpg -d | grep -q Hello"))
+
+ with subtest("Can log into the server"):
+ # Install Alice's public key
+ public_key = machine.succeed(as_alice("cat alice.pub"))
+ server.succeed("mkdir /etc/ssh/authorized_keys.d")
+ server.succeed(f"printf '{public_key}' > /etc/ssh/authorized_keys.d/alice")
+
+ server.wait_for_open_port(22)
+ machine.succeed(as_alice("ssh -i alice -o StrictHostKeyChecking=no server exit"))
+ '';
+})
diff --git a/third_party/nixpkgs/nixos/tests/miriway.nix b/third_party/nixpkgs/nixos/tests/miriway.nix
new file mode 100644
index 0000000000..c4c50646f0
--- /dev/null
+++ b/third_party/nixpkgs/nixos/tests/miriway.nix
@@ -0,0 +1,126 @@
+import ./make-test-python.nix ({ pkgs, lib, ... }: {
+ name = "miriway";
+
+ meta = {
+ maintainers = with lib.maintainers; [ OPNA2608 ];
+ # FIXME On ARM Miriway inside the VM doesn't receive keyboard inputs, why?
+ broken = pkgs.stdenv.hostPlatform.isAarch;
+ };
+
+ nodes.machine = { config, ... }: {
+ imports = [
+ ./common/auto.nix
+ ./common/user-account.nix
+ ];
+
+ # Seems to very rarely get interrupted by oom-killer
+ virtualisation.memorySize = 2047;
+
+ test-support.displayManager.auto = {
+ enable = true;
+ user = "alice";
+ };
+
+ services.xserver = {
+ enable = true;
+ displayManager.defaultSession = lib.mkForce "miriway";
+ };
+
+ programs.miriway = {
+ enable = true;
+ config = ''
+ add-wayland-extensions=all
+
+ ctrl-alt=t:foot --maximized
+ ctrl-alt=a:env WINIT_UNIX_BACKEND=x11 WAYLAND_DISPLAY=invalid alacritty --option window.startup_mode=maximized
+
+ shell-component=dbus-update-activation-environment --systemd DISPLAY WAYLAND_DISPLAY
+
+ shell-component=foot --maximized
+ '';
+ };
+
+ environment = {
+ shellAliases = {
+ test-wayland = "wayland-info | tee /tmp/test-wayland.out && touch /tmp/test-wayland-exit-ok";
+ test-x11 = "glinfo | tee /tmp/test-x11.out && touch /tmp/test-x11-exit-ok";
+ };
+
+ systemPackages = with pkgs; [
+ mesa-demos
+ wayland-utils
+ foot
+ alacritty
+ ];
+
+ # To help with OCR
+ etc."xdg/foot/foot.ini".text = lib.generators.toINI { } {
+ main = {
+ font = "inconsolata:size=16";
+ };
+ colors = rec {
+ foreground = "000000";
+ background = "ffffff";
+ regular2 = foreground;
+ };
+ };
+ etc."xdg/alacritty/alacritty.yml".text = lib.generators.toYAML { } {
+ font = rec {
+ normal.family = "Inconsolata";
+ bold.family = normal.family;
+ italic.family = normal.family;
+ bold_italic.family = normal.family;
+ size = 16;
+ };
+ colors = rec {
+ primary = {
+ foreground = "0x000000";
+ background = "0xffffff";
+ };
+ normal = {
+ green = primary.foreground;
+ };
+ };
+ };
+ };
+
+ fonts.fonts = [ pkgs.inconsolata ];
+ };
+
+ enableOCR = true;
+
+ testScript = { nodes, ... }: ''
+ start_all()
+ machine.wait_for_unit("multi-user.target")
+
+ # Wait for Miriway to complete startup
+ machine.wait_for_file("/run/user/1000/wayland-0")
+ machine.succeed("pgrep miriway-shell")
+ machine.screenshot("miriway_launched")
+
+ # Test Wayland
+ # We let Miriway start the first terminal, as we might get stuck if it's not ready to process the first keybind
+ # machine.send_key("ctrl-alt-t")
+ machine.wait_for_text("alice@machine")
+ machine.send_chars("test-wayland\n")
+ machine.wait_for_file("/tmp/test-wayland-exit-ok")
+ machine.copy_from_vm("/tmp/test-wayland.out")
+ machine.screenshot("foot_wayland_info")
+ # Only succeeds when a mouse is moved inside an interactive session?
+ # machine.send_chars("exit\n")
+ # machine.wait_until_fails("pgrep foot")
+ machine.succeed("pkill foot")
+
+ # Test XWayland
+ machine.send_key("ctrl-alt-a")
+ machine.wait_for_text("alice@machine")
+ machine.send_chars("test-x11\n")
+ machine.wait_for_file("/tmp/test-x11-exit-ok")
+ machine.copy_from_vm("/tmp/test-x11.out")
+ machine.screenshot("alacritty_glinfo")
+ # Only succeeds when a mouse is moved inside an interactive session?
+ # machine.send_chars("exit\n")
+ # machine.wait_until_fails("pgrep alacritty")
+ machine.succeed("pkill alacritty")
+ '';
+})
diff --git a/third_party/nixpkgs/nixos/tests/multipass.nix b/third_party/nixpkgs/nixos/tests/multipass.nix
new file mode 100644
index 0000000000..0980e9195f
--- /dev/null
+++ b/third_party/nixpkgs/nixos/tests/multipass.nix
@@ -0,0 +1,37 @@
+import ./make-test-python.nix ({ pkgs, lib, ... }:
+
+let
+ multipass-image = import ../release.nix {
+ configuration = {
+ # Building documentation makes the test unnecessarily take a longer time:
+ documentation.enable = lib.mkForce false;
+ };
+ };
+
+in
+{
+ name = "multipass";
+
+ meta.maintainers = [ lib.maintainers.jnsgruk ];
+
+ nodes.machine = { lib, ... }: {
+ virtualisation = {
+ cores = 1;
+ memorySize = 1024;
+ diskSize = 4096;
+
+ multipass.enable = true;
+ };
+ };
+
+ testScript = ''
+ machine.wait_for_unit("sockets.target")
+ machine.wait_for_unit("multipass.service")
+ machine.wait_for_file("/var/lib/multipass/data/multipassd/network/multipass_subnet")
+
+ # Wait for Multipass to settle
+ machine.sleep(1)
+
+ machine.succeed("multipass list")
+ '';
+})
diff --git a/third_party/nixpkgs/nixos/tests/musescore.nix b/third_party/nixpkgs/nixos/tests/musescore.nix
index ac2f4ba74c..6aeb0558a4 100644
--- a/third_party/nixpkgs/nixos/tests/musescore.nix
+++ b/third_party/nixpkgs/nixos/tests/musescore.nix
@@ -2,13 +2,12 @@ import ./make-test-python.nix ({ pkgs, ...} :
let
# Make sure we don't have to go through the startup tutorial
- customMuseScoreConfig = pkgs.writeText "MuseScore3.ini" ''
+ customMuseScoreConfig = pkgs.writeText "MuseScore4.ini" ''
[application]
- startup\firstStart=false
+ hasCompletedFirstLaunchSetup=true
- [ui]
- application\startup\showTours=false
- application\startup\showStartCenter=false
+ [project]
+ preferredScoreCreationMode=1
'';
in
{
@@ -40,51 +39,68 @@ in
# Inject custom settings
machine.succeed("mkdir -p /root/.config/MuseScore/")
machine.succeed(
- "cp ${customMuseScoreConfig} /root/.config/MuseScore/MuseScore3.ini"
+ "cp ${customMuseScoreConfig} /root/.config/MuseScore/MuseScore4.ini"
)
# Start MuseScore window
machine.execute("DISPLAY=:0.0 mscore >&2 &")
# Wait until MuseScore has launched
- machine.wait_for_window("MuseScore")
+ machine.wait_for_window("MuseScore 4")
# Wait until the window has completely initialised
- machine.wait_for_text("MuseScore")
-
- # Start entering notes
- machine.send_key("n")
- # Type the beginning of https://de.wikipedia.org/wiki/Alle_meine_Entchen
- machine.send_chars("cdef6gg5aaaa7g")
- # Make sure the VM catches up with all the keys
- machine.sleep(1)
+ machine.wait_for_text("MuseScore 4")
machine.screenshot("MuseScore0")
+ # Create a new score
+ machine.send_key("ctrl-n")
+
+ # Wait until the creation wizard appears
+ machine.wait_for_window("New score")
+
+ machine.screenshot("MuseScore1")
+
+ machine.send_key("tab")
+ machine.send_key("tab")
+ machine.send_key("tab")
+ machine.send_key("tab")
+ machine.send_key("right")
+ machine.send_key("right")
+ machine.send_key("ret")
+
+ machine.sleep(1)
+
+ # Type the beginning of https://de.wikipedia.org/wiki/Alle_meine_Entchen
+ machine.send_chars("cdef6gg5aaaa7g")
+ machine.sleep(1)
+
+ machine.screenshot("MuseScore2")
+
# Go to the export dialogue and create a PDF
machine.send_key("alt-f")
machine.sleep(1)
machine.send_key("e")
# Wait until the export dialogue appears.
- machine.wait_for_window("Export")
- machine.screenshot("MuseScore1")
- machine.send_key("shift-tab")
- machine.sleep(1)
- machine.send_key("shift-tab")
- machine.sleep(1)
- machine.send_key("ret")
- machine.sleep(1)
- machine.send_key("ret")
-
- machine.screenshot("MuseScore2")
-
- # Wait until PDF is exported
- machine.wait_for_file("/root/Documents/MuseScore3/Scores/Untitled.pdf")
-
- # Check that it contains the title of the score
- machine.succeed("pdfgrep Title /root/Documents/MuseScore3/Scores/Untitled.pdf")
+ machine.wait_for_text("Export")
machine.screenshot("MuseScore3")
+
+ machine.send_key("shift-tab")
+ machine.sleep(1)
+ machine.send_key("ret")
+ machine.sleep(1)
+ machine.send_key("ret")
+
+ machine.screenshot("MuseScore4")
+
+ # Wait until PDF is exported
+ machine.wait_for_file('"/root/Documents/MuseScore4/Scores/Untitled score.pdf"')
+
+ # Check that it contains the title of the score
+ machine.succeed('pdfgrep "Untitled score" "/root/Documents/MuseScore4/Scores/Untitled score.pdf"')
+
+ machine.screenshot("MuseScore5")
'';
})
diff --git a/third_party/nixpkgs/nixos/tests/nebula.nix b/third_party/nixpkgs/nixos/tests/nebula.nix
index 372cfebdf8..89b91d89fc 100644
--- a/third_party/nixpkgs/nixos/tests/nebula.nix
+++ b/third_party/nixpkgs/nixos/tests/nebula.nix
@@ -10,6 +10,7 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: let
environment.systemPackages = [ pkgs.nebula ];
users.users.root.openssh.authorizedKeys.keys = [ snakeOilPublicKey ];
services.openssh.enable = true;
+ networking.interfaces.eth1.useDHCP = false;
services.nebula.networks.smoke = {
# Note that these paths won't exist when the machine is first booted.
@@ -30,13 +31,14 @@ in
lighthouse = { ... } @ args:
makeNebulaNode args "lighthouse" {
- networking.interfaces.eth1.ipv4.addresses = [{
+ networking.interfaces.eth1.ipv4.addresses = lib.mkForce [{
address = "192.168.1.1";
prefixLength = 24;
}];
services.nebula.networks.smoke = {
isLighthouse = true;
+ isRelay = true;
firewall = {
outbound = [ { port = "any"; proto = "any"; host = "any"; } ];
inbound = [ { port = "any"; proto = "any"; host = "any"; } ];
@@ -44,9 +46,9 @@ in
};
};
- node2 = { ... } @ args:
- makeNebulaNode args "node2" {
- networking.interfaces.eth1.ipv4.addresses = [{
+ allowAny = { ... } @ args:
+ makeNebulaNode args "allowAny" {
+ networking.interfaces.eth1.ipv4.addresses = lib.mkForce [{
address = "192.168.1.2";
prefixLength = 24;
}];
@@ -55,6 +57,7 @@ in
staticHostMap = { "10.0.100.1" = [ "192.168.1.1:4242" ]; };
isLighthouse = false;
lighthouses = [ "10.0.100.1" ];
+ relays = [ "10.0.100.1" ];
firewall = {
outbound = [ { port = "any"; proto = "any"; host = "any"; } ];
inbound = [ { port = "any"; proto = "any"; host = "any"; } ];
@@ -62,9 +65,9 @@ in
};
};
- node3 = { ... } @ args:
- makeNebulaNode args "node3" {
- networking.interfaces.eth1.ipv4.addresses = [{
+ allowFromLighthouse = { ... } @ args:
+ makeNebulaNode args "allowFromLighthouse" {
+ networking.interfaces.eth1.ipv4.addresses = lib.mkForce [{
address = "192.168.1.3";
prefixLength = 24;
}];
@@ -73,6 +76,7 @@ in
staticHostMap = { "10.0.100.1" = [ "192.168.1.1:4242" ]; };
isLighthouse = false;
lighthouses = [ "10.0.100.1" ];
+ relays = [ "10.0.100.1" ];
firewall = {
outbound = [ { port = "any"; proto = "any"; host = "any"; } ];
inbound = [ { port = "any"; proto = "any"; host = "lighthouse"; } ];
@@ -80,9 +84,9 @@ in
};
};
- node4 = { ... } @ args:
- makeNebulaNode args "node4" {
- networking.interfaces.eth1.ipv4.addresses = [{
+ allowToLighthouse = { ... } @ args:
+ makeNebulaNode args "allowToLighthouse" {
+ networking.interfaces.eth1.ipv4.addresses = lib.mkForce [{
address = "192.168.1.4";
prefixLength = 24;
}];
@@ -92,6 +96,7 @@ in
staticHostMap = { "10.0.100.1" = [ "192.168.1.1:4242" ]; };
isLighthouse = false;
lighthouses = [ "10.0.100.1" ];
+ relays = [ "10.0.100.1" ];
firewall = {
outbound = [ { port = "any"; proto = "any"; host = "lighthouse"; } ];
inbound = [ { port = "any"; proto = "any"; host = "any"; } ];
@@ -99,9 +104,9 @@ in
};
};
- node5 = { ... } @ args:
- makeNebulaNode args "node5" {
- networking.interfaces.eth1.ipv4.addresses = [{
+ disabled = { ... } @ args:
+ makeNebulaNode args "disabled" {
+ networking.interfaces.eth1.ipv4.addresses = lib.mkForce [{
address = "192.168.1.5";
prefixLength = 24;
}];
@@ -111,6 +116,7 @@ in
staticHostMap = { "10.0.100.1" = [ "192.168.1.1:4242" ]; };
isLighthouse = false;
lighthouses = [ "10.0.100.1" ];
+ relays = [ "10.0.100.1" ];
firewall = {
outbound = [ { port = "any"; proto = "any"; host = "lighthouse"; } ];
inbound = [ { port = "any"; proto = "any"; host = "any"; } ];
@@ -123,12 +129,14 @@ in
testScript = let
setUpPrivateKey = name: ''
- ${name}.succeed(
- "mkdir -p /root/.ssh",
- "chown 700 /root/.ssh",
- "cat '${snakeOilPrivateKey}' > /root/.ssh/id_snakeoil",
- "chown 600 /root/.ssh/id_snakeoil",
- )
+ ${name}.start()
+ ${name}.succeed(
+ "mkdir -p /root/.ssh",
+ "chown 700 /root/.ssh",
+ "cat '${snakeOilPrivateKey}' > /root/.ssh/id_snakeoil",
+ "chown 600 /root/.ssh/id_snakeoil",
+ "mkdir -p /root"
+ )
'';
# From what I can tell, StrictHostKeyChecking=no is necessary for ssh to work between machines.
@@ -146,26 +154,48 @@ in
${name}.succeed(
"mkdir -p /etc/nebula",
"nebula-cert keygen -out-key /etc/nebula/${name}.key -out-pub /etc/nebula/${name}.pub",
- "scp ${sshOpts} /etc/nebula/${name}.pub 192.168.1.1:/tmp/${name}.pub",
+ "scp ${sshOpts} /etc/nebula/${name}.pub root@192.168.1.1:/root/${name}.pub",
)
lighthouse.succeed(
- 'nebula-cert sign -ca-crt /etc/nebula/ca.crt -ca-key /etc/nebula/ca.key -name "${name}" -groups "${name}" -ip "${ip}" -in-pub /tmp/${name}.pub -out-crt /tmp/${name}.crt',
+ 'nebula-cert sign -ca-crt /etc/nebula/ca.crt -ca-key /etc/nebula/ca.key -name "${name}" -groups "${name}" -ip "${ip}" -in-pub /root/${name}.pub -out-crt /root/${name}.crt'
)
${name}.succeed(
- "scp ${sshOpts} 192.168.1.1:/tmp/${name}.crt /etc/nebula/${name}.crt",
- "scp ${sshOpts} 192.168.1.1:/etc/nebula/ca.crt /etc/nebula/ca.crt",
+ "scp ${sshOpts} root@192.168.1.1:/root/${name}.crt /etc/nebula/${name}.crt",
+ "scp ${sshOpts} root@192.168.1.1:/etc/nebula/ca.crt /etc/nebula/ca.crt",
+ '(id nebula-smoke >/dev/null && chown -R nebula-smoke:nebula-smoke /etc/nebula) || true'
)
'';
- in ''
- start_all()
+ getPublicIp = node: ''
+ ${node}.succeed("ip --brief addr show eth1 | awk '{print $3}' | tail -n1 | cut -d/ -f1").strip()
+ '';
+ # Never do this for anything security critical! (Thankfully it's just a test.)
+ # Restart Nebula right after the mutual block and/or restore so the state is fresh.
+ blockTrafficBetween = nodeA: nodeB: ''
+ node_a = ${getPublicIp nodeA}
+ node_b = ${getPublicIp nodeB}
+ ${nodeA}.succeed("iptables -I INPUT -s " + node_b + " -j DROP")
+ ${nodeB}.succeed("iptables -I INPUT -s " + node_a + " -j DROP")
+ ${nodeA}.systemctl("restart nebula@smoke.service")
+ ${nodeB}.systemctl("restart nebula@smoke.service")
+ '';
+ allowTrafficBetween = nodeA: nodeB: ''
+ node_a = ${getPublicIp nodeA}
+ node_b = ${getPublicIp nodeB}
+ ${nodeA}.succeed("iptables -D INPUT -s " + node_b + " -j DROP")
+ ${nodeB}.succeed("iptables -D INPUT -s " + node_a + " -j DROP")
+ ${nodeA}.systemctl("restart nebula@smoke.service")
+ ${nodeB}.systemctl("restart nebula@smoke.service")
+ '';
+ in ''
# Create the certificate and sign the lighthouse's keys.
${setUpPrivateKey "lighthouse"}
lighthouse.succeed(
"mkdir -p /etc/nebula",
'nebula-cert ca -name "Smoke Test" -out-crt /etc/nebula/ca.crt -out-key /etc/nebula/ca.key',
'nebula-cert sign -ca-crt /etc/nebula/ca.crt -ca-key /etc/nebula/ca.key -name "lighthouse" -groups "lighthouse" -ip "10.0.100.1/24" -out-crt /etc/nebula/lighthouse.crt -out-key /etc/nebula/lighthouse.key',
+ 'chown -R nebula-smoke:nebula-smoke /etc/nebula'
)
# Reboot the lighthouse and verify that the nebula service comes up on boot.
@@ -175,49 +205,104 @@ in
lighthouse.wait_for_unit("nebula@smoke.service")
lighthouse.succeed("ping -c5 10.0.100.1")
- # Create keys for node2's nebula service and test that it comes up.
- ${setUpPrivateKey "node2"}
- ${signKeysFor "node2" "10.0.100.2/24"}
- ${restartAndCheckNebula "node2" "10.0.100.2"}
+ # Create keys for allowAny's nebula service and test that it comes up.
+ ${setUpPrivateKey "allowAny"}
+ ${signKeysFor "allowAny" "10.0.100.2/24"}
+ ${restartAndCheckNebula "allowAny" "10.0.100.2"}
- # Create keys for node3's nebula service and test that it comes up.
- ${setUpPrivateKey "node3"}
- ${signKeysFor "node3" "10.0.100.3/24"}
- ${restartAndCheckNebula "node3" "10.0.100.3"}
+ # Create keys for allowFromLighthouse's nebula service and test that it comes up.
+ ${setUpPrivateKey "allowFromLighthouse"}
+ ${signKeysFor "allowFromLighthouse" "10.0.100.3/24"}
+ ${restartAndCheckNebula "allowFromLighthouse" "10.0.100.3"}
- # Create keys for node4's nebula service and test that it comes up.
- ${setUpPrivateKey "node4"}
- ${signKeysFor "node4" "10.0.100.4/24"}
- ${restartAndCheckNebula "node4" "10.0.100.4"}
+ # Create keys for allowToLighthouse's nebula service and test that it comes up.
+ ${setUpPrivateKey "allowToLighthouse"}
+ ${signKeysFor "allowToLighthouse" "10.0.100.4/24"}
+ ${restartAndCheckNebula "allowToLighthouse" "10.0.100.4"}
- # Create keys for node4's nebula service and test that it does not come up.
- ${setUpPrivateKey "node5"}
- ${signKeysFor "node5" "10.0.100.5/24"}
- node5.fail("systemctl status nebula@smoke.service")
- node5.fail("ping -c5 10.0.100.5")
+ # Create keys for disabled's nebula service and test that it does not come up.
+ ${setUpPrivateKey "disabled"}
+ ${signKeysFor "disabled" "10.0.100.5/24"}
+ disabled.fail("systemctl status nebula@smoke.service")
+ disabled.fail("ping -c5 10.0.100.5")
- # The lighthouse can ping node2 and node3 but not node5
+ # The lighthouse can ping allowAny and allowFromLighthouse but not disabled
lighthouse.succeed("ping -c3 10.0.100.2")
lighthouse.succeed("ping -c3 10.0.100.3")
lighthouse.fail("ping -c3 10.0.100.5")
- # node2 can ping the lighthouse, but not node3 because of its inbound firewall
- node2.succeed("ping -c3 10.0.100.1")
- node2.fail("ping -c3 10.0.100.3")
+ # allowAny can ping the lighthouse, but not allowFromLighthouse because of its inbound firewall
+ allowAny.succeed("ping -c3 10.0.100.1")
+ allowAny.fail("ping -c3 10.0.100.3")
- # node3 can ping the lighthouse and node2
- node3.succeed("ping -c3 10.0.100.1")
- node3.succeed("ping -c3 10.0.100.2")
+ # allowFromLighthouse can ping the lighthouse and allowAny
+ allowFromLighthouse.succeed("ping -c3 10.0.100.1")
+ allowFromLighthouse.succeed("ping -c3 10.0.100.2")
- # node4 can ping the lighthouse but not node2 or node3
- node4.succeed("ping -c3 10.0.100.1")
- node4.fail("ping -c3 10.0.100.2")
- node4.fail("ping -c3 10.0.100.3")
+ # block allowFromLighthouse <-> allowAny, and allowFromLighthouse -> allowAny should still work.
+ ${blockTrafficBetween "allowFromLighthouse" "allowAny"}
+ allowFromLighthouse.succeed("ping -c10 10.0.100.2")
+ ${allowTrafficBetween "allowFromLighthouse" "allowAny"}
+ allowFromLighthouse.succeed("ping -c10 10.0.100.2")
- # node2 can ping node3 now that node3 pinged it first
- node2.succeed("ping -c3 10.0.100.3")
- # node4 can ping node2 if node2 pings it first
- node2.succeed("ping -c3 10.0.100.4")
- node4.succeed("ping -c3 10.0.100.2")
+ # allowToLighthouse can ping the lighthouse but not allowAny or allowFromLighthouse
+ allowToLighthouse.succeed("ping -c3 10.0.100.1")
+ allowToLighthouse.fail("ping -c3 10.0.100.2")
+ allowToLighthouse.fail("ping -c3 10.0.100.3")
+
+ # allowAny can ping allowFromLighthouse now that allowFromLighthouse pinged it first
+ allowAny.succeed("ping -c3 10.0.100.3")
+
+ # block allowAny <-> allowFromLighthouse, and allowAny -> allowFromLighthouse should still work.
+ ${blockTrafficBetween "allowAny" "allowFromLighthouse"}
+ allowFromLighthouse.succeed("ping -c10 10.0.100.2")
+ allowAny.succeed("ping -c10 10.0.100.3")
+ ${allowTrafficBetween "allowAny" "allowFromLighthouse"}
+ allowFromLighthouse.succeed("ping -c10 10.0.100.2")
+ allowAny.succeed("ping -c10 10.0.100.3")
+
+ # allowToLighthouse can ping allowAny if allowAny pings it first
+ allowAny.succeed("ping -c3 10.0.100.4")
+ allowToLighthouse.succeed("ping -c3 10.0.100.2")
+
+ # block allowToLighthouse <-> allowAny, and allowAny <-> allowToLighthouse should still work.
+ ${blockTrafficBetween "allowAny" "allowToLighthouse"}
+ allowAny.succeed("ping -c10 10.0.100.4")
+ allowToLighthouse.succeed("ping -c10 10.0.100.2")
+ ${allowTrafficBetween "allowAny" "allowToLighthouse"}
+ allowAny.succeed("ping -c10 10.0.100.4")
+ allowToLighthouse.succeed("ping -c10 10.0.100.2")
+
+ # block lighthouse <-> allowFromLighthouse and allowAny <-> allowFromLighthouse; allowFromLighthouse won't get to allowAny
+ ${blockTrafficBetween "allowFromLighthouse" "lighthouse"}
+ ${blockTrafficBetween "allowFromLighthouse" "allowAny"}
+ allowFromLighthouse.fail("ping -c3 10.0.100.2")
+ ${allowTrafficBetween "allowFromLighthouse" "lighthouse"}
+ ${allowTrafficBetween "allowFromLighthouse" "allowAny"}
+ allowFromLighthouse.succeed("ping -c3 10.0.100.2")
+
+ # block lighthouse <-> allowAny, allowAny <-> allowFromLighthouse, and allowAny <-> allowToLighthouse; it won't get to allowFromLighthouse or allowToLighthouse
+ ${blockTrafficBetween "allowAny" "lighthouse"}
+ ${blockTrafficBetween "allowAny" "allowFromLighthouse"}
+ ${blockTrafficBetween "allowAny" "allowToLighthouse"}
+ allowFromLighthouse.fail("ping -c3 10.0.100.2")
+ allowAny.fail("ping -c3 10.0.100.3")
+ allowAny.fail("ping -c3 10.0.100.4")
+ ${allowTrafficBetween "allowAny" "lighthouse"}
+ ${allowTrafficBetween "allowAny" "allowFromLighthouse"}
+ ${allowTrafficBetween "allowAny" "allowToLighthouse"}
+ allowFromLighthouse.succeed("ping -c3 10.0.100.2")
+ allowAny.succeed("ping -c3 10.0.100.3")
+ allowAny.succeed("ping -c3 10.0.100.4")
+
+ # block lighthouse <-> allowToLighthouse and allowToLighthouse <-> allowAny; it won't get to allowAny
+ ${blockTrafficBetween "allowToLighthouse" "lighthouse"}
+ ${blockTrafficBetween "allowToLighthouse" "allowAny"}
+ allowAny.fail("ping -c3 10.0.100.4")
+ allowToLighthouse.fail("ping -c3 10.0.100.2")
+ ${allowTrafficBetween "allowToLighthouse" "lighthouse"}
+ ${allowTrafficBetween "allowToLighthouse" "allowAny"}
+ allowAny.succeed("ping -c3 10.0.100.4")
+ allowToLighthouse.succeed("ping -c3 10.0.100.2")
'';
})
diff --git a/third_party/nixpkgs/nixos/tests/nextcloud/default.nix b/third_party/nixpkgs/nixos/tests/nextcloud/default.nix
index 350486e8c7..b8d3ba75b5 100644
--- a/third_party/nixpkgs/nixos/tests/nextcloud/default.nix
+++ b/third_party/nixpkgs/nixos/tests/nextcloud/default.nix
@@ -26,4 +26,4 @@ foldl
};
})
{ }
- [ 24 25 26 ]
+ [ 24 25 ]
diff --git a/third_party/nixpkgs/nixos/tests/pgadmin4-standalone.nix b/third_party/nixpkgs/nixos/tests/pgadmin4-standalone.nix
deleted file mode 100644
index 5aa17fcb5b..0000000000
--- a/third_party/nixpkgs/nixos/tests/pgadmin4-standalone.nix
+++ /dev/null
@@ -1,43 +0,0 @@
-import ./make-test-python.nix ({ pkgs, lib, ... }:
- # This is separate from pgadmin4 since we don't want both running at once
-
- {
- name = "pgadmin4-standalone";
- meta.maintainers = with lib.maintainers; [ mkg20001 ];
-
- nodes.machine = { pkgs, ... }: {
- environment.systemPackages = with pkgs; [
- curl
- ];
-
- services.postgresql = {
- enable = true;
-
- authentication = ''
- host all all localhost trust
- '';
-
- ensureUsers = [
- {
- name = "postgres";
- ensurePermissions = {
- "DATABASE \"postgres\"" = "ALL PRIVILEGES";
- };
- }
- ];
- };
-
- services.pgadmin = {
- enable = true;
- initialEmail = "bruh@localhost.de";
- initialPasswordFile = pkgs.writeText "pw" "bruh2012!";
- };
- };
-
- testScript = ''
- machine.wait_for_unit("postgresql")
- machine.wait_for_unit("pgadmin")
-
- machine.wait_until_succeeds("curl -s localhost:5050")
- '';
- })
diff --git a/third_party/nixpkgs/nixos/tests/pgadmin4.nix b/third_party/nixpkgs/nixos/tests/pgadmin4.nix
index 2a2b5aaa28..6a9ce6ceae 100644
--- a/third_party/nixpkgs/nixos/tests/pgadmin4.nix
+++ b/third_party/nixpkgs/nixos/tests/pgadmin4.nix
@@ -1,133 +1,57 @@
-import ./make-test-python.nix ({ pkgs, lib, buildDeps ? [ ], pythonEnv ? [ ], ... }:
+import ./make-test-python.nix ({ pkgs, lib, ... }:
- /*
- This test suite replaces the typical pytestCheckHook function in python
- packages. Pgadmin4 test suite needs a running and configured postgresql
- server. This is why this test exists.
+{
+ name = "pgadmin4";
+ meta.maintainers = with lib.maintainers; [ mkg20001 gador ];
- To not repeat all the python dependencies needed, this test is called directly
- from the pgadmin4 derivation, which also passes the currently
- used propagatedBuildInputs and any python overrides.
+ nodes.machine = { pkgs, ... }: {
- Unfortunately, there doesn't seem to be an easy way to otherwise include
- the needed packages here.
+ imports = [ ./common/user-account.nix ];
- Due the the needed parameters a direct call to "nixosTests.pgadmin4" fails
- and needs to be called as "pgadmin4.tests"
+ environment.systemPackages = with pkgs; [
+ curl
+ pgadmin4-desktopmode
+ ];
- */
-
- let
- pgadmin4SrcDir = "/pgadmin";
- pgadmin4Dir = "/var/lib/pgadmin";
- pgadmin4LogDir = "/var/log/pgadmin";
-
- in
- {
- name = "pgadmin4";
- meta.maintainers = with lib.maintainers; [ gador ];
-
- nodes.machine = { pkgs, ... }: {
- imports = [ ./common/x11.nix ];
- # needed because pgadmin 6.8 will fail, if those dependencies get updated
- nixpkgs.overlays = [
- (self: super: {
- pythonPackages = pythonEnv;
- })
+ services.postgresql = {
+ enable = true;
+ authentication = ''
+ host all all localhost trust
+ '';
+ ensureUsers = [
+ {
+ name = "postgres";
+ ensurePermissions = {
+ "DATABASE \"postgres\"" = "ALL PRIVILEGES";
+ };
+ }
];
-
- environment.systemPackages = with pkgs; [
- pgadmin4
- postgresql
- chromedriver
- chromium
- # include the same packages as in pgadmin minus speaklater3
- (python3.withPackages
- (ps: buildDeps ++
- [
- # test suite package requirements
- pythonPackages.testscenarios
- pythonPackages.selenium
- ])
- )
- ];
- services.postgresql = {
- enable = true;
- authentication = ''
- host all all localhost trust
- '';
- ensureUsers = [
- {
- name = "postgres";
- ensurePermissions = {
- "DATABASE \"postgres\"" = "ALL PRIVILEGES";
- };
- }
- ];
- };
};
- testScript = ''
+ services.pgadmin = {
+ port = 5051;
+ enable = true;
+ initialEmail = "bruh@localhost.de";
+ initialPasswordFile = pkgs.writeText "pw" "bruh2012!";
+ };
+ };
+
+ testScript = ''
+ with subtest("Check pgadmin module"):
machine.wait_for_unit("postgresql")
+ machine.wait_for_unit("pgadmin")
+ machine.wait_until_succeeds("curl -s localhost:5051")
+ machine.wait_until_succeeds("curl -s localhost:5051/login | grep \"pgAdmin 4\" > /dev/null")
- # pgadmin4 needs its data and log directories
- machine.succeed(
- "mkdir -p ${pgadmin4Dir} \
- && mkdir -p ${pgadmin4LogDir} \
- && mkdir -p ${pgadmin4SrcDir}"
- )
-
- machine.succeed(
- "tar xvzf ${pkgs.pgadmin4.src} -C ${pgadmin4SrcDir}"
- )
-
- machine.wait_for_file("${pgadmin4SrcDir}/pgadmin4-${pkgs.pgadmin4.version}/README.md")
-
- # set paths and config for tests
- machine.succeed(
- "cd ${pgadmin4SrcDir}/pgadmin4-${pkgs.pgadmin4.version} \
- && cp -v web/regression/test_config.json.in web/regression/test_config.json \
- && sed -i 's|PostgreSQL 9.4|PostgreSQL|' web/regression/test_config.json \
- && sed -i 's|/opt/PostgreSQL/9.4/bin/|${pkgs.postgresql}/bin|' web/regression/test_config.json \
- && sed -i 's|\"headless_chrome\": false|\"headless_chrome\": true|' web/regression/test_config.json"
- )
-
- # adapt chrome config to run within a sandbox without GUI
- # see https://stackoverflow.com/questions/50642308/webdriverexception-unknown-error-devtoolsactiveport-file-doesnt-exist-while-t#50642913
- # add chrome binary path. use spaces to satisfy python indention (tabs throw an error)
- # this works for selenium 3 (currently used), but will need to be updated
- # to work with "from selenium.webdriver.chrome.service import Service" in selenium 4
- machine.succeed(
- "cd ${pgadmin4SrcDir}/pgadmin4-${pkgs.pgadmin4.version} \
- && sed -i '\|options.add_argument(\"--disable-infobars\")|a \ \ \ \ \ \ \ \ options.binary_location = \"${pkgs.chromium}/bin/chromium\"' web/regression/runtests.py \
- && sed -i '\|options.add_argument(\"--no-sandbox\")|a \ \ \ \ \ \ \ \ options.add_argument(\"--headless\")' web/regression/runtests.py \
- && sed -i '\|options.add_argument(\"--disable-infobars\")|a \ \ \ \ \ \ \ \ options.add_argument(\"--disable-dev-shm-usage\")' web/regression/runtests.py \
- && sed -i 's|(chrome_options=options)|(executable_path=\"${pkgs.chromedriver}/bin/chromedriver\", chrome_options=options)|' web/regression/runtests.py \
- && sed -i 's|driver_local.maximize_window()||' web/regression/runtests.py"
- )
-
- # Don't bother to test LDAP or kerberos authentication
- with subtest("run browser test"):
- machine.succeed(
- 'cd ${pgadmin4SrcDir}/pgadmin4-${pkgs.pgadmin4.version}/web \
- && python regression/runtests.py \
- --pkg browser \
- --exclude browser.tests.test_ldap_login.LDAPLoginTestCase,browser.tests.test_ldap_login,browser.tests.test_kerberos_with_mocking'
- )
-
- # fontconfig is necessary for chromium to run
- # https://github.com/NixOS/nixpkgs/issues/136207
- with subtest("run feature test"):
- machine.succeed(
- 'cd ${pgadmin4SrcDir}/pgadmin4-${pkgs.pgadmin4.version}/web \
- && export FONTCONFIG_FILE=${pkgs.makeFontsConf { fontDirectories = [];}} \
- && python regression/runtests.py --pkg feature_tests'
- )
-
- with subtest("run resql test"):
- machine.succeed(
- 'cd ${pgadmin4SrcDir}/pgadmin4-${pkgs.pgadmin4.version}/web \
- && python regression/runtests.py --pkg resql'
- )
- '';
- })
+ # pgadmin4 module saves the configuration to /etc/pgadmin/config_system.py
+ # pgadmin4-desktopmode tries to read that as well. This normally fails with a PermissionError, as the config file
+ # is owned by the user of the pgadmin module. With the check-system-config-dir.patch this will just throw a warning
+ # but will continue and not read the file.
+ # If we run pgadmin4-desktopmode as root (something one really shouldn't do), it can read the config file and fail,
+ # because of the wrong config for desktopmode.
+ with subtest("Check pgadmin standalone desktop mode"):
+ machine.execute("sudo -u alice pgadmin4 >&2 &", timeout=60)
+ machine.wait_until_succeeds("curl -s localhost:5050")
+ machine.wait_until_succeeds("curl -s localhost:5050/browser/ | grep \"pgAdmin 4\" > /dev/null")
+ '';
+})
diff --git a/third_party/nixpkgs/nixos/tests/podman/default.nix b/third_party/nixpkgs/nixos/tests/podman/default.nix
index c2ea399d65..c9b234d2b6 100644
--- a/third_party/nixpkgs/nixos/tests/podman/default.nix
+++ b/third_party/nixpkgs/nixos/tests/podman/default.nix
@@ -149,7 +149,6 @@ import ../make-test-python.nix (
docker.succeed(su_cmd("docker version"))
with subtest("Run container via docker cli"):
- docker.succeed("docker network create default")
docker.succeed("tar cv --files-from /dev/null | podman import - scratchimg")
docker.succeed(
"docker run -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin localhost/scratchimg /bin/sleep 10"
@@ -158,7 +157,6 @@ import ../make-test-python.nix (
docker.succeed("podman ps | grep sleeping")
docker.succeed("docker stop sleeping")
docker.succeed("docker rm sleeping")
- docker.succeed("docker network rm default")
with subtest("A podman non-member can not use the docker cli"):
docker.fail(su_cmd("docker version", user="mallory"))
diff --git a/third_party/nixpkgs/nixos/tests/podman/tls-ghostunnel.nix b/third_party/nixpkgs/nixos/tests/podman/tls-ghostunnel.nix
index 268a55701c..52c31dc21f 100644
--- a/third_party/nixpkgs/nixos/tests/podman/tls-ghostunnel.nix
+++ b/third_party/nixpkgs/nixos/tests/podman/tls-ghostunnel.nix
@@ -113,9 +113,6 @@ import ../make-test-python.nix (
podman.wait_for_unit("sockets.target")
podman.wait_for_unit("ghostunnel-server-podman-socket.service")
- with subtest("Create default network"):
- podman.succeed("docker network create default")
-
with subtest("Root docker cli also works"):
podman.succeed("docker version")
diff --git a/third_party/nixpkgs/nixos/tests/vscodium.nix b/third_party/nixpkgs/nixos/tests/vscodium.nix
index 37bb649889..3eda8b6cfb 100644
--- a/third_party/nixpkgs/nixos/tests/vscodium.nix
+++ b/third_party/nixpkgs/nixos/tests/vscodium.nix
@@ -33,13 +33,6 @@ let
};
enableOCR = true;
- # testScriptWithTypes:55: error: Item "function" of
- # "Union[Callable[[Callable[..., Any]], ContextManager[Any]], ContextManager[Any]]"
- # has no attribute "__enter__"
- # with codium_running:
- # ^
- skipTypeCheck = true;
-
testScript = ''
@polling_condition
def codium_running():
@@ -50,10 +43,10 @@ let
machine.wait_for_unit('graphical.target')
- codium_running.wait()
- with codium_running:
+ codium_running.wait() # type: ignore[union-attr]
+ with codium_running: # type: ignore[union-attr]
# Wait until vscodium is visible. "File" is in the menu bar.
- machine.wait_for_text('Get Started')
+ machine.wait_for_text('Welcome')
machine.screenshot('start_screen')
test_string = 'testfile'
diff --git a/third_party/nixpkgs/nixos/tests/zram-generator.nix b/third_party/nixpkgs/nixos/tests/zram-generator.nix
index affa081bcc..3407361d28 100644
--- a/third_party/nixpkgs/nixos/tests/zram-generator.nix
+++ b/third_party/nixpkgs/nixos/tests/zram-generator.nix
@@ -1,18 +1,24 @@
import ./make-test-python.nix {
name = "zram-generator";
- nodes.machine = { pkgs, ... }: {
- environment.etc."systemd/zram-generator.conf".text = ''
- [zram0]
- zram-size = ram / 2
- '';
- systemd.packages = [ pkgs.zram-generator ];
- systemd.services."systemd-zram-setup@".path = [ pkgs.util-linux ]; # for mkswap
+ nodes.machine = { ... }: {
+ zramSwap = {
+ enable = true;
+ priority = 10;
+ algorithm = "lz4";
+ swapDevices = 2;
+ memoryPercent = 30;
+ memoryMax = 10 * 1024 * 1024;
+ };
};
testScript = ''
machine.wait_for_unit("systemd-zram-setup@zram0.service")
- assert "zram0" in machine.succeed("zramctl -n")
- assert "zram0" in machine.succeed("swapon --show --noheadings")
+ machine.wait_for_unit("systemd-zram-setup@zram1.service")
+ zram = machine.succeed("zramctl --noheadings --raw")
+ swap = machine.succeed("swapon --show --noheadings")
+ for i in range(2):
+ assert f"/dev/zram{i} lz4 10M" in zram
+ assert f"/dev/zram{i} partition 10M" in swap
'';
}
diff --git a/third_party/nixpkgs/pkgs/applications/audio/airwave/default.nix b/third_party/nixpkgs/pkgs/applications/audio/airwave/default.nix
index 6ed488d7d6..a57f43eea6 100644
--- a/third_party/nixpkgs/pkgs/applications/audio/airwave/default.nix
+++ b/third_party/nixpkgs/pkgs/applications/audio/airwave/default.nix
@@ -1,5 +1,16 @@
-{ lib, stdenv, multiStdenv, cmake, fetchFromGitHub, file, libX11, makeWrapper
-, qt5, requireFile, unzip, wine
+{ lib,
+ stdenv,
+ multiStdenv,
+ fetchFromGitHub,
+ requireFile,
+ unzip,
+ wine,
+ cmake,
+ makeWrapper,
+ wrapQtAppsHook,
+ file,
+ libX11,
+ qt5
}:
let
@@ -13,11 +24,11 @@ let
};
vst-sdk = stdenv.mkDerivation rec {
- name = "vstsdk368_08_11_2017_build_121";
+ name = "vstsdk369_01_03_2018_build_132";
src = requireFile {
name = "${name}.zip";
url = "http://www.steinberg.net/en/company/developers.html";
- sha256 = "e0f235d8826d70f1ae0ae5929cd198acae1ecff74612fde5c60cbfb45c2f4a70";
+ sha256 = "0r29fv6yhm2m5yznn8m4my7fq01w1lpphax4sshagy6b1dgjlv3w";
};
nativeBuildInputs = [ unzip ];
installPhase = "cp -r . $out";
@@ -42,9 +53,18 @@ multiStdenv.mkDerivation {
src = airwave-src;
- nativeBuildInputs = [ cmake makeWrapper ];
+ nativeBuildInputs = [
+ cmake
+ makeWrapper
+ wrapQtAppsHook
+ ];
- buildInputs = [ file libX11 qt5.qtbase wine-xembed ];
+ buildInputs = [
+ file
+ libX11
+ qt5.qtbase
+ wine-xembed
+ ];
postPatch = ''
# Binaries not used directly should land in libexec/.
diff --git a/third_party/nixpkgs/pkgs/applications/audio/airwindows-lv2/default.nix b/third_party/nixpkgs/pkgs/applications/audio/airwindows-lv2/default.nix
index b58dbddc81..15db4c1cf0 100644
--- a/third_party/nixpkgs/pkgs/applications/audio/airwindows-lv2/default.nix
+++ b/third_party/nixpkgs/pkgs/applications/audio/airwindows-lv2/default.nix
@@ -2,12 +2,12 @@
stdenv.mkDerivation rec {
pname = "airwindows-lv2";
- version = "14.0";
+ version = "16.0";
src = fetchFromGitHub {
owner = "hannesbraun";
repo = pname;
rev = "v${version}";
- sha256 = "sha256-urlj9XwMqKt5JvvsA1f7YpuLhQXMGxp0V1pGv+LTroE=";
+ sha256 = "sha256-jdeJ/VAJTDeiR9pyYps82F2Ty16r+a/FK+XV5L3rWco=";
};
nativeBuildInputs = [ meson ninja pkg-config ];
diff --git a/third_party/nixpkgs/pkgs/applications/audio/amarok/default.nix b/third_party/nixpkgs/pkgs/applications/audio/amarok/default.nix
index 276b3d6c7b..e48e27b5cc 100644
--- a/third_party/nixpkgs/pkgs/applications/audio/amarok/default.nix
+++ b/third_party/nixpkgs/pkgs/applications/audio/amarok/default.nix
@@ -4,7 +4,6 @@
, karchive, kcmutils, kconfig, kdnssd, kguiaddons, kinit, kirigami2, knewstuff, knotifyconfig, ktexteditor, kwindowsystem
, fftw, phonon, plasma-framework, threadweaver, breeze-icons
, curl, ffmpeg, gdk-pixbuf, libaio, liblastfm, libmtp, loudmouth, lzo, lz4, mariadb-embedded, pcre, snappy, taglib, taglib_extras
-, pmdk, numactl
}:
mkDerivation rec {
diff --git a/third_party/nixpkgs/pkgs/applications/audio/bambootracker/default.nix b/third_party/nixpkgs/pkgs/applications/audio/bambootracker/default.nix
index 08e3479119..0cb33062bd 100644
--- a/third_party/nixpkgs/pkgs/applications/audio/bambootracker/default.nix
+++ b/third_party/nixpkgs/pkgs/applications/audio/bambootracker/default.nix
@@ -1,39 +1,67 @@
-{ mkDerivation
-, stdenv
+{ stdenv
, lib
, fetchFromGitHub
-, qmake
, pkg-config
-, qttools
+, qmake
+, qt5compat ? null
, qtbase
+, qttools
, rtaudio
, rtmidi
+, wrapQtAppsHook
}:
-mkDerivation rec {
+assert lib.versionAtLeast qtbase.version "6.0" -> qt5compat != null;
+
+stdenv.mkDerivation rec {
pname = "bambootracker";
- version = "0.6.0";
+ version = "0.6.1";
src = fetchFromGitHub {
owner = "BambooTracker";
repo = "BambooTracker";
rev = "v${version}";
fetchSubmodules = true;
- sha256 = "sha256-yubaKTc8NFLxMY0/5c2VubRHgAGOsRlitmXJ1UHzl60=";
+ hash = "sha256-Ymi1tjJCgStF0Rtseelq/YuTtBs2PrbF898TlbjyYUw=";
};
- nativeBuildInputs = [ qmake qttools pkg-config ];
+ postPatch = lib.optionalString (lib.versionAtLeast qtbase.version "6.0") ''
+ # Work around lrelease finding in qmake being broken by using pre-Qt5.12 code path
+ # https://github.com/NixOS/nixpkgs/issues/214765
+ substituteInPlace BambooTracker/lang/lang.pri \
+ --replace 'equals(QT_MAJOR_VERSION, 5):lessThan(QT_MINOR_VERSION, 12)' 'if(true)'
+ '';
- buildInputs = [ qtbase rtaudio rtmidi ];
+ nativeBuildInputs = [
+ pkg-config
+ qmake
+ qttools
+ wrapQtAppsHook
+ ];
- qmakeFlags = [ "CONFIG+=system_rtaudio" "CONFIG+=system_rtmidi" ];
+ buildInputs = [
+ qtbase
+ rtaudio
+ rtmidi
+ ] ++ lib.optionals (lib.versionAtLeast qtbase.version "6.0") [
+ qt5compat
+ ];
+
+ qmakeFlags = [
+ "CONFIG+=system_rtaudio"
+ "CONFIG+=system_rtmidi"
+ ];
postConfigure = "make qmake_all";
+ # Wrapping the inside of the app bundles, avoiding double-wrapping
+ dontWrapQtApps = stdenv.hostPlatform.isDarwin;
+
postInstall = lib.optionalString stdenv.hostPlatform.isDarwin ''
mkdir -p $out/Applications
mv $out/{bin,Applications}/BambooTracker.app
ln -s $out/{Applications/BambooTracker.app/Contents/MacOS,bin}/BambooTracker
+ wrapQtApp $out/Applications/BambooTracker.app/Contents/MacOS/BambooTracker
'';
meta = with lib; {
diff --git a/third_party/nixpkgs/pkgs/applications/audio/callaudiod/default.nix b/third_party/nixpkgs/pkgs/applications/audio/callaudiod/default.nix
index 562a53fe59..221febf35d 100644
--- a/third_party/nixpkgs/pkgs/applications/audio/callaudiod/default.nix
+++ b/third_party/nixpkgs/pkgs/applications/audio/callaudiod/default.nix
@@ -11,14 +11,14 @@
stdenv.mkDerivation rec {
pname = "callaudiod";
- version = "0.1.4";
+ version = "0.1.7";
src = fetchFromGitLab {
domain = "gitlab.com";
owner = "mobian1";
repo = pname;
rev = version;
- sha256 = "sha256-71+9ALz55aqxXRBRwOcs9fwiQK31pJ9E72pGRmt0OkE=";
+ sha256 = "sha256-BDEu3ASlnovMK0lQC+CQvpXvtdt33BRntstPAWaAnsg=";
};
strictDeps = true;
diff --git a/third_party/nixpkgs/pkgs/applications/audio/gtkcord4/default.nix b/third_party/nixpkgs/pkgs/applications/audio/gtkcord4/default.nix
index 5611407cfe..7471a0afb4 100644
--- a/third_party/nixpkgs/pkgs/applications/audio/gtkcord4/default.nix
+++ b/third_party/nixpkgs/pkgs/applications/audio/gtkcord4/default.nix
@@ -5,24 +5,27 @@
, glib
, gobject-introspection
, graphene
+, gst_all_1
, gtk4
, lib
, libadwaita
+, libcanberra-gtk3
, pango
, pkg-config
+, sound-theme-freedesktop
, withLibadwaita ? false
, wrapGAppsHook4
}:
buildGoModule rec {
pname = "gtkcord4";
- version = "0.0.6";
+ version = "0.0.8";
src = fetchFromGitHub {
owner = "diamondburned";
repo = pname;
rev = "v${version}";
- hash = "sha256-uEG1pAHMQT+C/E5rKByflvL0NNkC8SeSPMAXanzvhE4=";
+ hash = "sha256-aJRVk9KFCJbIFInkg5BCJ6ygBlDCFF53WXO9qyACFus=";
};
nativeBuildInputs = [
@@ -38,6 +41,14 @@ buildGoModule rec {
graphene
gtk4
pango
+ # Optional according to upstream but required for sound and video
+ gst_all_1.gst-plugins-bad
+ gst_all_1.gst-plugins-base
+ gst_all_1.gst-plugins-good
+ gst_all_1.gst-plugins-ugly
+ gst_all_1.gstreamer
+ libcanberra-gtk3
+ sound-theme-freedesktop
] ++ lib.optionals withLibadwaita [
libadwaita
];
@@ -45,12 +56,12 @@ buildGoModule rec {
tags = lib.optionals withLibadwaita [ "libadwaita" ];
postInstall = ''
- install -D -m 444 -t $out/share/applications .nix/com.github.diamondburned.gtkcord4.desktop
+ install -D -m 444 -t $out/share/applications nix/xyz.diamondb.gtkcord4.desktop
install -D -m 444 internal/icons/svg/logo.svg $out/share/icons/hicolor/scalable/apps/gtkcord4.svg
install -D -m 444 internal/icons/png/logo.png $out/share/icons/hicolor/256x256/apps/gtkcord4.png
'';
- vendorHash = "sha256-QZSjSk1xu5ZcrNEra5TxnUVvlQWb5/h31fm5Nc7WMoI=";
+ vendorHash = "sha256-usnlaOqyMd8rdnFpuCqfaCES8bPaB+NbdL4pFybKJbM=";
meta = with lib; {
description = "GTK4 Discord client in Go, attempt #4.";
diff --git a/third_party/nixpkgs/pkgs/applications/audio/lollypop/default.nix b/third_party/nixpkgs/pkgs/applications/audio/lollypop/default.nix
index 3ee546de22..005bef77d4 100644
--- a/third_party/nixpkgs/pkgs/applications/audio/lollypop/default.nix
+++ b/third_party/nixpkgs/pkgs/applications/audio/lollypop/default.nix
@@ -1,5 +1,5 @@
{ lib
-, fetchgit
+, fetchFromGitLab
, nix-update-script
, meson
, ninja
@@ -9,7 +9,7 @@
, gst_all_1
, libhandy
, libsecret
-, libsoup
+, libsoup_3
, appstream-glib
, desktop-file-utils
, totem-pl-parser
@@ -25,16 +25,17 @@
python3.pkgs.buildPythonApplication rec {
pname = "lollypop";
- version = "1.4.35";
+ version = "1.4.37";
format = "other";
- doCheck = false;
- src = fetchgit {
- url = "https://gitlab.gnome.org/World/lollypop";
- rev = "refs/tags/${version}";
+ src = fetchFromGitLab {
+ domain = "gitlab.gnome.org";
+ owner = "World";
+ repo = pname;
+ rev = version;
fetchSubmodules = true;
- sha256 = "sha256-Rdp0gZjdj2tXOWarsTpqgvSZVXAQsCLfk5oUyalE/ZA=";
+ sha256 = "sha256-3GPmGNbbSxvLq0t3F9q1x64BwNQCEvFQWLb0bSO9KUY=";
};
nativeBuildInputs = [
@@ -59,7 +60,7 @@ python3.pkgs.buildPythonApplication rec {
gstreamer
gtk3
libhandy
- libsoup
+ libsoup_3
pango
totem-pl-parser
] ++ lib.optional lastFMSupport libsecret;
@@ -98,7 +99,6 @@ python3.pkgs.buildPythonApplication rec {
updateScript = nix-update-script { };
};
-
meta = with lib; {
changelog = "https://gitlab.gnome.org/World/lollypop/tags/${version}";
description = "A modern music player for GNOME";
diff --git a/third_party/nixpkgs/pkgs/applications/audio/musescore/darwin.nix b/third_party/nixpkgs/pkgs/applications/audio/musescore/darwin.nix
index 88b5d3b74c..652adb03b6 100644
--- a/third_party/nixpkgs/pkgs/applications/audio/musescore/darwin.nix
+++ b/third_party/nixpkgs/pkgs/applications/audio/musescore/darwin.nix
@@ -1,8 +1,9 @@
{ stdenv, lib, fetchurl, undmg }:
let
- versionComponents = [ "3" "6" "2" "548020600" ];
+ versionComponents = [ "4" "0" "1" ];
appName = "MuseScore ${builtins.head versionComponents}";
+ ref = "230121751";
in
stdenv.mkDerivation rec {
@@ -13,8 +14,8 @@ stdenv.mkDerivation rec {
sourceRoot = "${appName}.app";
src = fetchurl {
- url = "https://github.com/musescore/MuseScore/releases/download/v${lib.concatStringsSep "." (lib.take 3 versionComponents)}/MuseScore-${version}.dmg";
- sha256 = "sha256-lHckfhTTrDzaGwlbnZ5w0O1gMPbRmrmgATIGMY517l0=";
+ url = "https://github.com/musescore/MuseScore/releases/download/v${version}/MuseScore-${version}.${ref}.dmg";
+ hash = "sha256-tkIEV+tCS0SYh2TlC70/zEBUEOSg//EaSKDGA7kH/vo=";
};
buildInputs = [ undmg ];
diff --git a/third_party/nixpkgs/pkgs/applications/audio/musescore/default.nix b/third_party/nixpkgs/pkgs/applications/audio/musescore/default.nix
index 573a78a925..97f71a1b48 100644
--- a/third_party/nixpkgs/pkgs/applications/audio/musescore/default.nix
+++ b/third_party/nixpkgs/pkgs/applications/audio/musescore/default.nix
@@ -1,28 +1,35 @@
-{ mkDerivation, lib, fetchFromGitHub, cmake, pkg-config
+{ mkDerivation, lib, fetchFromGitHub, fetchpatch, cmake, pkg-config, ninja
, alsa-lib, freetype, libjack2, lame, libogg, libpulseaudio, libsndfile, libvorbis
-, portaudio, portmidi, qtbase, qtdeclarative, qtgraphicaleffects
+, portaudio, portmidi, qtbase, qtdeclarative, qtgraphicaleffects, flac
, qtquickcontrols2, qtscript, qtsvg, qttools
-, qtwebengine, qtxmlpatterns
+, qtwebengine, qtxmlpatterns, qtnetworkauth, qtx11extras
, nixosTests
}:
mkDerivation rec {
pname = "musescore";
- version = "3.6.2";
+ version = "4.0.1";
src = fetchFromGitHub {
owner = "musescore";
repo = "MuseScore";
rev = "v${version}";
- sha256 = "sha256-GBGAD/qdOhoNfDzI+O0EiKgeb86GFJxpci35T6tZ+2s=";
+ sha256 = "sha256-Xhjjm/pYcjfZE632eP2jujqUAmzdYNa81EPrvS5UKnQ=";
};
-
patches = [
- ./remove_qtwebengine_install_hack.patch
+ # See https://github.com/musescore/MuseScore/issues/15571
+ (fetchpatch {
+ url = "https://github.com/musescore/MuseScore/commit/365be5dfb7296ebee4677cb74b67c1721bc2cf7b.patch";
+ hash = "sha256-tJ2M21i3geO9OsjUQKNatSXTkJ5U9qMT4RLNdJnyoKw=";
+ })
];
cmakeFlags = [
"-DMUSESCORE_BUILD_CONFIG=release"
+ # Disable the _usage_ of the `/bin/crashpad_handler` utility. See:
+ # https://github.com/musescore/MuseScore/pull/15577
+ "-DBUILD_CRASHPAD_CLIENT=OFF"
+ # Use our freetype
"-DUSE_SYSTEM_FREETYPE=ON"
];
@@ -34,13 +41,13 @@ mkDerivation rec {
"--set-default QT_QPA_PLATFORM xcb"
];
- nativeBuildInputs = [ cmake pkg-config ];
+ nativeBuildInputs = [ cmake pkg-config ninja ];
buildInputs = [
alsa-lib libjack2 freetype lame libogg libpulseaudio libsndfile libvorbis
- portaudio portmidi # tesseract
+ portaudio portmidi flac # tesseract
qtbase qtdeclarative qtgraphicaleffects qtquickcontrols2
- qtscript qtsvg qttools qtwebengine qtxmlpatterns
+ qtscript qtsvg qttools qtwebengine qtxmlpatterns qtnetworkauth qtx11extras
];
passthru.tests = nixosTests.musescore;
@@ -48,8 +55,11 @@ mkDerivation rec {
meta = with lib; {
description = "Music notation and composition software";
homepage = "https://musescore.org/";
- license = licenses.gpl2;
+ license = licenses.gpl3Only;
maintainers = with maintainers; [ vandenoever turion doronbehar ];
+ # Darwin requires CoreMIDI from SDK 11.3, we use the upstream built .dmg
+ # file in ./darwin.nix in the meantime.
platforms = platforms.linux;
+ mainProgram = "mscore";
};
}
diff --git a/third_party/nixpkgs/pkgs/applications/audio/musescore/remove_qtwebengine_install_hack.patch b/third_party/nixpkgs/pkgs/applications/audio/musescore/remove_qtwebengine_install_hack.patch
deleted file mode 100644
index 57a6092d58..0000000000
--- a/third_party/nixpkgs/pkgs/applications/audio/musescore/remove_qtwebengine_install_hack.patch
+++ /dev/null
@@ -1,19 +0,0 @@
---- a/main/CMakeLists.txt
-+++ b/main/CMakeLists.txt
-@@ -220,16 +219,0 @@ else (MINGW)
-- ## install qwebengine core
-- if (NOT APPLE AND USE_WEBENGINE)
-- install(PROGRAMS
-- ${QT_INSTALL_LIBEXECS}/QtWebEngineProcess
-- DESTINATION bin
-- )
-- install(DIRECTORY
-- ${QT_INSTALL_DATA}/resources
-- DESTINATION lib/qt5
-- )
-- install(DIRECTORY
-- ${QT_INSTALL_TRANSLATIONS}/qtwebengine_locales
-- DESTINATION lib/qt5/translations
-- )
-- endif(NOT APPLE AND USE_WEBENGINE)
--
diff --git a/third_party/nixpkgs/pkgs/applications/audio/musikcube/default.nix b/third_party/nixpkgs/pkgs/applications/audio/musikcube/default.nix
index 706a36b532..35e86c28f6 100644
--- a/third_party/nixpkgs/pkgs/applications/audio/musikcube/default.nix
+++ b/third_party/nixpkgs/pkgs/applications/audio/musikcube/default.nix
@@ -28,13 +28,13 @@
stdenv.mkDerivation rec {
pname = "musikcube";
- version = "0.99.4";
+ version = "0.99.5";
src = fetchFromGitHub {
owner = "clangen";
repo = pname;
rev = version;
- sha256 = "sha256-GAO3CKtlZF8Ol4K+40lD8n2RtewiHj3f59d5RIatNws=";
+ sha256 = "sha256-SbWL36GRIJPSvxZyj6sebJxTkSPsUcsKyC3TmcIq2O0";
};
outputs = [ "out" "dev" ];
diff --git a/third_party/nixpkgs/pkgs/applications/audio/pbpctrl/default.nix b/third_party/nixpkgs/pkgs/applications/audio/pbpctrl/default.nix
new file mode 100644
index 0000000000..071a446843
--- /dev/null
+++ b/third_party/nixpkgs/pkgs/applications/audio/pbpctrl/default.nix
@@ -0,0 +1,34 @@
+{ rustPlatform
+, fetchFromGitHub
+, pkg-config
+, dbus
+, protobuf
+, lib
+}:
+
+rustPlatform.buildRustPackage rec {
+ pname = "pbpctrl";
+
+ # https://github.com/qzed/pbpctrl/issues/4
+ version = "unstable-2023-02-07";
+
+ src = fetchFromGitHub {
+ owner = "qzed";
+ repo = "${pname}";
+ rev = "9fef4bb88046a9f00719b189f8e378c8dbdb8ee6";
+ hash = "sha256-8YbsBqqITJ9bKzbGX6d/CSBb8wzr6bDzy8vsyntL1CA=";
+ };
+
+ cargoHash = "sha256-ZxJjjaT/ZpEPxvO42UWBy3xW/V5dhXGsKn3KmuM89YA==";
+
+ nativeBuildInputs = [ pkg-config protobuf ];
+ buildInputs = [ dbus ];
+
+ meta = with lib; {
+ description = "Control Google Pixel Buds Pro from the Linux command line.";
+ homepage = "https://github.com/qzed/pbpctrl";
+ license = with licenses; [ asl20 mit ];
+ maintainers = [ maintainers.vanilla ];
+ platforms = platforms.linux;
+ };
+}
diff --git a/third_party/nixpkgs/pkgs/applications/audio/plexamp/default.nix b/third_party/nixpkgs/pkgs/applications/audio/plexamp/default.nix
index df008d1cfb..553ceb8be9 100644
--- a/third_party/nixpkgs/pkgs/applications/audio/plexamp/default.nix
+++ b/third_party/nixpkgs/pkgs/applications/audio/plexamp/default.nix
@@ -2,12 +2,12 @@
let
pname = "plexamp";
- version = "4.6.1";
+ version = "4.6.2";
src = fetchurl {
url = "https://plexamp.plex.tv/plexamp.plex.tv/desktop/Plexamp-${version}.AppImage";
name="${pname}-${version}.AppImage";
- sha512 = "9wkhSDn7kvj6pqCawTJDBO8HfYe8eEYtAR1Bi9/fxiOBXRYUUHEZzSGLF9QoTVYMuGGHeX35c+QvnA2VsdsWCw==";
+ sha512 = "xGmE/ikL3ez0WTJKiOIcB5QtI7Ta9wq1Qedy9albWVpCS04FTnxQH5S0esTXw6j+iDTD8Lc2JbOhw8tYo/zRXg==";
};
appimageContents = appimageTools.extractType2 {
@@ -33,7 +33,7 @@ in appimageTools.wrapType2 {
meta = with lib; {
description = "A beautiful Plex music player for audiophiles, curators, and hipsters";
homepage = "https://plexamp.com/";
- changelog = "https://forums.plex.tv/t/plexamp-release-notes/221280/48";
+ changelog = "https://forums.plex.tv/t/plexamp-release-notes/221280/49";
license = licenses.unfree;
maintainers = with maintainers; [ killercup synthetica ];
platforms = [ "x86_64-linux" ];
diff --git a/third_party/nixpkgs/pkgs/applications/audio/pocket-casts/default.nix b/third_party/nixpkgs/pkgs/applications/audio/pocket-casts/default.nix
index 528cc18cbe..576124d968 100644
--- a/third_party/nixpkgs/pkgs/applications/audio/pocket-casts/default.nix
+++ b/third_party/nixpkgs/pkgs/applications/audio/pocket-casts/default.nix
@@ -1,57 +1,59 @@
-{ lib, stdenv, fetchurl, dpkg, autoPatchelfHook, makeWrapper, electron
-, alsa-lib, gtk3, libXScrnSaver, libXtst, mesa, nss }:
+{ lib
+, stdenv
+, fetchFromGitHub
+, electron
+, copyDesktopItems
+, makeDesktopItem
+, makeWrapper
+}:
stdenv.mkDerivation rec {
pname = "pocket-casts";
version = "0.6.0";
- src = fetchurl {
- url = "https://github.com/felicianotech/pocket-casts-desktop-app/releases/download/v${version}/${pname}_${version}_amd64.deb";
- sha256 = "sha256-nHdF9RDOkM9HwwmK/axiIPM4nmKrWp/FHNC/EI1vTTc=";
+ src = fetchFromGitHub {
+ owner = "felicianotech";
+ repo = "pocket-casts-desktop-app";
+ rev = "v${version}";
+ sha256 = "sha256-WMv2G4b7kYnWy0pz8YyI2eTdefs1mtWau+HQLiRygjE=";
};
- nativeBuildInputs = [
- dpkg
- autoPatchelfHook
- makeWrapper
+ desktopItems = [
+ (makeDesktopItem {
+ name = pname;
+ desktopName = "Pocket Casts";
+ genericName = "Podcasts Listener";
+ exec = "pocket-casts";
+ icon = "pocket-casts";
+ comment = meta.description;
+ })
];
- buildInputs = [ alsa-lib gtk3 libXScrnSaver libXtst mesa nss ];
-
- unpackCmd = ''
- # If unpacking using -x option, there is a permission error
- dpkg-deb --fsys-tarfile $src | tar -x --no-same-permissions --no-same-owner;
- '';
+ nativeBuildInputs = [
+ copyDesktopItems
+ makeWrapper
+ ];
installPhase = ''
runHook preInstall
- mkdir -p $out
- mv bin $out
- mv lib $out
- mv share $out
+ mkdir -p $out/bin $out/opt/pocket-casts $out/share/pixmaps
- cp $out/lib/pocket-casts/resources/app/icon.png $out/share/pixmaps/pocket-casts.png
+ cp -r main.js tray-icon.png LICENSE $out/opt/pocket-casts
+ install -Dm644 icon.png $out/share/pixmaps/pocket-casts.png
+ install -Dm644 icon-x360.png $out/share/pixmaps/pocket-casts-x360.png
+
+ makeWrapper ${electron}/bin/electron $out/bin/pocket-casts \
+ --add-flags $out/opt/pocket-casts/main.js
runHook postInstall
'';
- postFixup = ''
- substituteInPlace $out/share/applications/pocket-casts.desktop \
- --replace Name=pocket-casts "Name=Pocket Casts" \
- --replace GenericName=pocket-casts "GenericName=Podcasts App" \
- --replace Exec=pocket-casts Exec=$out/bin/pocket-casts
- makeWrapper ${electron}/bin/electron \
- $out/bin/pocket-casts \
- --add-flags $out/lib/pocket-casts/resources/app/main.js
- '';
-
meta = with lib; {
description = "Pocket Casts webapp, packaged for the Linux Desktop";
homepage = "https://github.com/felicianotech/pocket-casts-desktop-app";
- sourceProvenance = with sourceTypes; [ binaryNativeCode ];
license = licenses.mit;
maintainers = with maintainers; [ wolfangaukang ];
- platforms = [ "x86_64-linux" ];
+ platforms = platforms.linux;
};
}
diff --git a/third_party/nixpkgs/pkgs/applications/audio/praat/default.nix b/third_party/nixpkgs/pkgs/applications/audio/praat/default.nix
index 519f59a1d8..10eede334c 100644
--- a/third_party/nixpkgs/pkgs/applications/audio/praat/default.nix
+++ b/third_party/nixpkgs/pkgs/applications/audio/praat/default.nix
@@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "praat";
- version = "6.3.05";
+ version = "6.3.06";
src = fetchFromGitHub {
owner = "praat";
repo = "praat";
rev = "v${version}";
- sha256 = "sha256-0e225cmP0CSYjRYNEXi4Oqq9o8XR2N7bNS1X5x+mQKw=";
+ sha256 = "sha256-KwJ8ia1yQmmG+N44ipvGCbuoR2cL03STSTKzUwlDqms=";
};
configurePhase = ''
diff --git a/third_party/nixpkgs/pkgs/applications/audio/shortwave/default.nix b/third_party/nixpkgs/pkgs/applications/audio/shortwave/default.nix
index 9fce777906..807a27e67e 100644
--- a/third_party/nixpkgs/pkgs/applications/audio/shortwave/default.nix
+++ b/third_party/nixpkgs/pkgs/applications/audio/shortwave/default.nix
@@ -23,20 +23,20 @@
stdenv.mkDerivation rec {
pname = "shortwave";
- version = "3.1.0";
+ version = "3.2.0";
src = fetchFromGitLab {
domain = "gitlab.gnome.org";
owner = "World";
repo = "Shortwave";
rev = version;
- sha256 = "sha256-N0ftIq0+sxkpo56IGHZYAK6MgRNW7T6C2jWEiJsYy/Y=";
+ sha256 = "sha256-ESZ1yD1IuBar8bv83xMczZbtPtHbWRpe2yMVyr7K5gQ=";
};
cargoDeps = rustPlatform.fetchCargoTarball {
inherit src;
name = "${pname}-${version}";
- hash = "sha256-90JBN3cJKqIJX6DRq5FtEpIr5Isxf+jb1SlxGMbBwMQ=";
+ hash = "sha256-8W46bGAitR2YbZbnsigAZMW5pSFTkDAe5JNaNOH5JfA=";
};
nativeBuildInputs = [
diff --git a/third_party/nixpkgs/pkgs/applications/audio/snapcast/default.nix b/third_party/nixpkgs/pkgs/applications/audio/snapcast/default.nix
index 558948ab4a..aef561e692 100644
--- a/third_party/nixpkgs/pkgs/applications/audio/snapcast/default.nix
+++ b/third_party/nixpkgs/pkgs/applications/audio/snapcast/default.nix
@@ -9,13 +9,13 @@ assert pulseaudioSupport -> libpulseaudio != null;
stdenv.mkDerivation rec {
pname = "snapcast";
- version = "0.26.0";
+ version = "0.27.0";
src = fetchFromGitHub {
owner = "badaix";
repo = "snapcast";
rev = "v${version}";
- sha256 = "sha256-CCifn9OEFM//Hk1PJj8T3MXIV8pXCTdBBXPsHuZwLyQ=";
+ sha256 = "sha256-dlK1xQQqst4VQjioC7MZzqXwMC+JfqtvnD5lrOqGhYI=";
};
nativeBuildInputs = [ cmake pkg-config ];
diff --git a/third_party/nixpkgs/pkgs/applications/audio/spotify-player/default.nix b/third_party/nixpkgs/pkgs/applications/audio/spotify-player/default.nix
index b15031a529..93a66559bc 100644
--- a/third_party/nixpkgs/pkgs/applications/audio/spotify-player/default.nix
+++ b/third_party/nixpkgs/pkgs/applications/audio/spotify-player/default.nix
@@ -11,16 +11,16 @@
rustPlatform.buildRustPackage rec {
pname = "spotify-player";
- version = "0.10.0";
+ version = "0.11.1";
src = fetchFromGitHub {
owner = "aome510";
repo = pname;
rev = "v${version}";
- sha256 = "sha256-bHPWpx8EJibr2kNuzuGAQPZ0DE6qeJwIRYDy+NFS/PQ=";
+ sha256 = "sha256-iaDaPjh2wZXxBxBDhWp+hHrJZyXqw6HSzgCzbZj9iho=";
};
- cargoSha256 = "sha256-QeQ3PYI5RmbJ+VQ9hLSTXgQXVVoID5zbRqSTrbWzVy8=";
+ cargoHash = "sha256-I8n/fR1aOsSex2p0u5FaqoJCh2J0oMxkikS9aynxgpA=";
nativeBuildInputs = [
pkg-config
diff --git a/third_party/nixpkgs/pkgs/applications/blockchains/btcpayserver/default.nix b/third_party/nixpkgs/pkgs/applications/blockchains/btcpayserver/default.nix
index 69004bb73c..f0f5f50dfe 100644
--- a/third_party/nixpkgs/pkgs/applications/blockchains/btcpayserver/default.nix
+++ b/third_party/nixpkgs/pkgs/applications/blockchains/btcpayserver/default.nix
@@ -6,13 +6,13 @@
buildDotnetModule rec {
pname = "btcpayserver";
- version = "1.7.5";
+ version = "1.7.7";
src = fetchFromGitHub {
owner = pname;
repo = pname;
rev = "v${version}";
- sha256 = "sha256-xycNt3jzZY2a4hNv3arWLt+EfMqpFVMDHMuzOWnL7aQ=";
+ sha256 = "sha256-bflQsVaCwV5zaU5k46wFQ45dIOg3dHmYfBVQHyw+EpM=";
};
projectFile = "BTCPayServer/BTCPayServer.csproj";
diff --git a/third_party/nixpkgs/pkgs/applications/blockchains/btcpayserver/deps.nix b/third_party/nixpkgs/pkgs/applications/blockchains/btcpayserver/deps.nix
index 8a05f8276b..3193a302d1 100644
--- a/third_party/nixpkgs/pkgs/applications/blockchains/btcpayserver/deps.nix
+++ b/third_party/nixpkgs/pkgs/applications/blockchains/btcpayserver/deps.nix
@@ -8,15 +8,15 @@
(fetchNuGet { pname = "AWSSDK.S3"; version = "3.3.110.10"; sha256 = "1lf1hfbx792dpa1hxgn0a0jrrvldd16hgbxx229dk2qcz5qlnc38"; })
(fetchNuGet { pname = "BIP78.Sender"; version = "0.2.2"; sha256 = "12pm2s35c0qzc06099q2z1pxwq94rq85n74yz8fs8gwvm2ksgp4p"; })
(fetchNuGet { pname = "BTCPayServer.Hwi"; version = "2.0.2"; sha256 = "0lh3n1qncqs4kbrmx65xs271f0d9c7irrs9qnsa9q51cbbqbljh9"; })
- (fetchNuGet { pname = "BTCPayServer.Lightning.All"; version = "1.4.18"; sha256 = "1w1h6za2mjk04njkw4hny3lx38h2m03gmvwrihj9h2rak7jf2gij"; })
+ (fetchNuGet { pname = "BTCPayServer.Lightning.All"; version = "1.4.20"; sha256 = "1vnzmczd4z25vbf987p4vp6sxc09fp6mvhrvq41iwj1ks5zcprlf"; })
(fetchNuGet { pname = "BTCPayServer.Lightning.Charge"; version = "1.3.20"; sha256 = "0nk82hkgs67mxfxkgbav8yxxd79m0xyqaan7vay00gg33pjqdjvj"; })
- (fetchNuGet { pname = "BTCPayServer.Lightning.CLightning"; version = "1.3.24"; sha256 = "0i0lqpxx0gy9zbssjigz0vq0way88x0slyyfijsx4sasrhrbv5qs"; })
+ (fetchNuGet { pname = "BTCPayServer.Lightning.CLightning"; version = "1.3.25"; sha256 = "0172czzzlgsljgmhb5wh8cb1cl12ac54qyzmd3w18wbkxmr205qk"; })
(fetchNuGet { pname = "BTCPayServer.Lightning.Common"; version = "1.3.16"; sha256 = "1g37736b4k0ncpyy2qycbk4l85fqvgwac3k98nbdj0dvhfghp1dn"; })
(fetchNuGet { pname = "BTCPayServer.Lightning.Common"; version = "1.3.21"; sha256 = "042xwfsxd30zgwiz0w14ynb755w5sldkplxgw1fkw68lrz66x5s4"; })
(fetchNuGet { pname = "BTCPayServer.Lightning.Eclair"; version = "1.3.20"; sha256 = "093w82mcxxxbvx66j0sp3lsfm2bkbi3igm80iz9zdghy85845kc9"; })
- (fetchNuGet { pname = "BTCPayServer.Lightning.LNBank"; version = "1.3.23"; sha256 = "036cggc386448i05s38pnhzs7qqbix6lml7j2zn84gcgk8w741gi"; })
+ (fetchNuGet { pname = "BTCPayServer.Lightning.LNBank"; version = "1.3.24"; sha256 = "0dah7q90x29rqhngxd9226pfn1k4bbhhfgnkpjpw64529m29cdks"; })
(fetchNuGet { pname = "BTCPayServer.Lightning.LND"; version = "1.4.14"; sha256 = "1gzqz34lgk42kf86ldi3z0k4m9x91hlkqh6d7rq93nphl57mwqar"; })
- (fetchNuGet { pname = "BTCPayServer.Lightning.LNDhub"; version = "1.0.16"; sha256 = "0l6pnjc6phsacwg145kwsakjpkd44jm1w53y0s166bwzpcdmljq0"; })
+ (fetchNuGet { pname = "BTCPayServer.Lightning.LNDhub"; version = "1.0.18"; sha256 = "0vnnnm9c5w8ag3a25fzmsjax028ykb7xr4fp7saq4si3bmzkjswp"; })
(fetchNuGet { pname = "BTCPayServer.NETCore.Plugins"; version = "1.4.4"; sha256 = "0rk0prmb0539ji5fd33cqy3yvw51i5i8m5hb43admr5z8960dd6l"; })
(fetchNuGet { pname = "BTCPayServer.NETCore.Plugins.Mvc"; version = "1.4.4"; sha256 = "1kmmj5m7s41wc1akpqw1b1j7pp4c0vn6sqxb487980ibpj6hyisl"; })
(fetchNuGet { pname = "CsvHelper"; version = "15.0.5"; sha256 = "01y8bhsnxghn3flz0pr11vj6wjrpmia8rpdrsp7kjfc1zmhqlgma"; })
diff --git a/third_party/nixpkgs/pkgs/applications/blockchains/erigon/default.nix b/third_party/nixpkgs/pkgs/applications/blockchains/erigon/default.nix
index a17bef8cae..51b6d4d16b 100644
--- a/third_party/nixpkgs/pkgs/applications/blockchains/erigon/default.nix
+++ b/third_party/nixpkgs/pkgs/applications/blockchains/erigon/default.nix
@@ -2,7 +2,7 @@
let
pname = "erigon";
- version = "2.37.0";
+ version = "2.38.1";
in
buildGoModule {
inherit pname version;
@@ -11,11 +11,11 @@ buildGoModule {
owner = "ledgerwatch";
repo = pname;
rev = "v${version}";
- sha256 = "sha256-r/mumt/f0wrOsXyEHo/NX0lJGt8zqXEVNC+9DWDkHAM=";
+ sha256 = "sha256-sLJMmSEUQNsodZ9Ms0ipDwN2QOYa9pZTlEqt4CF23Sc=";
fetchSubmodules = true;
};
- vendorSha256 = "sha256-vSJZ1wIx1CiLE04ZBDnQDQqM2v8BBLxw5qbAsixC3/U=";
+ vendorSha256 = "sha256-KESY+PSbWQHPJphop4GnVF4T8Q/MPb2GFDEko0ieXEM=";
proxyVendor = true;
# Build errors in mdbx when format hardening is enabled:
diff --git a/third_party/nixpkgs/pkgs/applications/blockchains/nbxplorer/default.nix b/third_party/nixpkgs/pkgs/applications/blockchains/nbxplorer/default.nix
index 08def5dd79..00df022f47 100644
--- a/third_party/nixpkgs/pkgs/applications/blockchains/nbxplorer/default.nix
+++ b/third_party/nixpkgs/pkgs/applications/blockchains/nbxplorer/default.nix
@@ -6,13 +6,13 @@
buildDotnetModule rec {
pname = "nbxplorer";
- version = "2.3.57";
+ version = "2.3.60";
src = fetchFromGitHub {
owner = "dgarage";
repo = "NBXplorer";
rev = "v${version}";
- sha256 = "sha256-oLkkGdzjyvgIXi0HZiFPCShzbBR8cOgMf1h1Nf1U6Rk=";
+ sha256 = "sha256-YUZvTs77dGhG7dpxbQyGhrOMMx+8LotdMJflPflMDAE=";
};
projectFile = "NBXplorer/NBXplorer.csproj";
diff --git a/third_party/nixpkgs/pkgs/applications/blockchains/nearcore/default.nix b/third_party/nixpkgs/pkgs/applications/blockchains/nearcore/default.nix
index 4931ec5107..b58c6bddaf 100644
--- a/third_party/nixpkgs/pkgs/applications/blockchains/nearcore/default.nix
+++ b/third_party/nixpkgs/pkgs/applications/blockchains/nearcore/default.nix
@@ -4,7 +4,7 @@
}:
rustPlatform.buildRustPackage rec {
pname = "nearcore";
- version = "1.30.0";
+ version = "1.30.1";
# https://github.com/near/nearcore/tags
src = fetchFromGitHub {
@@ -13,10 +13,10 @@ rustPlatform.buildRustPackage rec {
# there is also a branch for this version number, so we need to be explicit
rev = "refs/tags/${version}";
- sha256 = "sha256-Co8896RojUf/R8ZiRn7zSO1AWH7x5rYom6TbGohH1KM=";
+ sha256 = "sha256-VjvHCiWjsx5Y7xxqck/O9gSNrL8mxCTosLwLqC85ywY=";
};
- cargoSha256 = "sha256-M+vhLBXsd+R97Sh5s6jFzon/47XohJeQKh//9QP6PXw=";
+ cargoHash = "sha256-5Gs1sAzjuUO3IkwMX1NeA/Sbax0qtwvulyT66AQaNjs=";
cargoPatches = [ ./0001-make-near-test-contracts-optional.patch ];
postPatch = ''
diff --git a/third_party/nixpkgs/pkgs/applications/blockchains/stellar-core/default.nix b/third_party/nixpkgs/pkgs/applications/blockchains/stellar-core/default.nix
index 8f3fd4b1c8..9d984803d2 100644
--- a/third_party/nixpkgs/pkgs/applications/blockchains/stellar-core/default.nix
+++ b/third_party/nixpkgs/pkgs/applications/blockchains/stellar-core/default.nix
@@ -3,13 +3,13 @@
stdenv.mkDerivation rec {
pname = "stellar-core";
- version = "19.6.0";
+ version = "19.7.0";
src = fetchFromGitHub {
owner = "stellar";
repo = pname;
rev = "v${version}";
- sha256 = "sha256-lDefmPZM8ow6t5CpNBxef+9BoT773p5UgeMhgF+em2w=";
+ sha256 = "sha256-VfaP4EIVsu5JTAV7AX0Ymo44/TD8eUB61CViwf6Hfqw=";
fetchSubmodules = true;
};
diff --git a/third_party/nixpkgs/pkgs/applications/blockchains/ton/default.nix b/third_party/nixpkgs/pkgs/applications/blockchains/ton/default.nix
new file mode 100644
index 0000000000..f333fcd05d
--- /dev/null
+++ b/third_party/nixpkgs/pkgs/applications/blockchains/ton/default.nix
@@ -0,0 +1,51 @@
+{ lib
+, stdenv
+, fetchFromGitHub
+, cmake
+, git
+, gperf
+, libmicrohttpd
+, openssl
+, readline
+, zlib
+}:
+
+stdenv.mkDerivation rec {
+ pname = "ton";
+ version = "2023.01";
+
+ src = fetchFromGitHub {
+ owner = "ton-blockchain";
+ repo = "ton";
+ rev = "v${version}";
+ sha256 = "sha256-wb96vh0YcTBFE8EzBItdTf88cvRMLW2XxcGJpNetOi8=";
+ fetchSubmodules = true;
+ };
+
+ postPatch = ''
+ # without this fails on aarch64-darwin with clang-11: error: the clang compiler does not support '-mcpu=apple-m1'
+ substituteInPlace CMakeLists.txt \
+ --replace 'set(TON_ARCH "apple-m1")' ""
+ '';
+
+ nativeBuildInputs = [
+ cmake
+ git
+ ];
+
+ buildInputs = [
+ gperf
+ libmicrohttpd
+ openssl
+ readline
+ zlib
+ ];
+
+ meta = with lib; {
+ description = "A fully decentralized layer-1 blockchain designed by Telegram";
+ homepage = "https://ton.org/";
+ license = licenses.lgpl2Only;
+ platforms = platforms.all;
+ maintainers = with maintainers; [ misuzu ];
+ };
+}
diff --git a/third_party/nixpkgs/pkgs/applications/blockchains/torq/default.nix b/third_party/nixpkgs/pkgs/applications/blockchains/torq/default.nix
index cf7722238e..4b786168bc 100644
--- a/third_party/nixpkgs/pkgs/applications/blockchains/torq/default.nix
+++ b/third_party/nixpkgs/pkgs/applications/blockchains/torq/default.nix
@@ -1,9 +1,10 @@
{ lib
, buildGoModule
+, buildNpmPackage
, fetchFromGitHub
}:
-buildGoModule rec {
+let
pname = "torq";
version = "0.17.3";
@@ -14,6 +15,27 @@ buildGoModule rec {
hash = "sha256-fqHJZi1NQCrZqsa+N+FVYZ8s9o0D555Sqn5qNlJ1MmI=";
};
+ web = buildNpmPackage {
+ pname = "${pname}-frontend";
+ inherit version;
+ src = "${src}/web";
+ npmDepsHash = "sha256-8mUfTFzPjQlQvhC3zZf+WruDBkYnmGt3yckNi0CPWs0=";
+
+ # copied from upstream Dockerfile
+ npmInstallFlags = [ "--legacy-peer-deps" ];
+ TSX_COMPILE_ON_ERROR="true";
+ ESLINT_NO_DEV_ERRORS="true";
+
+ # override npmInstallHook, we only care about the build/ directory
+ installPhase = ''
+ mkdir $out
+ cp -r build $out/
+ '';
+ };
+in
+buildGoModule rec {
+ inherit pname version src;
+
vendorHash = "sha256-HETN2IMnpxnTyg6bQDpoD0saJu+gKocdEf0VzEi12Gs=";
subPackages = [ "cmd/torq" ];
@@ -24,6 +46,10 @@ buildGoModule rec {
"-X github.com/lncapital/torq/build.version=v${version}"
];
+ postInstall = ''
+ ln -s ${web} $out/web
+ '';
+
meta = with lib; {
description = "Capital management tool for lightning network nodes";
license = licenses.mit;
diff --git a/third_party/nixpkgs/pkgs/applications/display-managers/emptty/default.nix b/third_party/nixpkgs/pkgs/applications/display-managers/emptty/default.nix
index d4224893ba..61413a7bbc 100644
--- a/third_party/nixpkgs/pkgs/applications/display-managers/emptty/default.nix
+++ b/third_party/nixpkgs/pkgs/applications/display-managers/emptty/default.nix
@@ -8,13 +8,13 @@
buildGoModule rec {
pname = "emptty";
- version = "0.9.0";
+ version = "0.9.1";
src = fetchFromGitHub {
owner = "tvrzna";
repo = pname;
rev = "v${version}";
- hash = "sha256-iT7wdxHC+/3fvBbSrHHuqNYWiqwL48NYzFmtmgVaFik=";
+ hash = "sha256-CbTPJgnKMWMXdG6Hr8xT9ae4Q9MxAfhITn5WSCzCmI4=";
};
buildInputs = [ pam libX11 ];
diff --git a/third_party/nixpkgs/pkgs/applications/editors/eclipse/default.nix b/third_party/nixpkgs/pkgs/applications/editors/eclipse/default.nix
index a57a3901f6..a0b0fa56de 100644
--- a/third_party/nixpkgs/pkgs/applications/editors/eclipse/default.nix
+++ b/third_party/nixpkgs/pkgs/applications/editors/eclipse/default.nix
@@ -103,7 +103,7 @@ in rec {
fetchurl {
url = "https://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/eclipse/downloads/drops${platform_major}/R-${platform_major}.${platform_minor}-${timestamp}/eclipse-SDK-${platform_major}.${platform_minor}-linux-gtk-${arch}.tar.gz";
hash = {
- x86_64 = "sha512-hmdWGteMDt4HhYq+k9twuftalpTzHtGnVVLphZcpJcw+6vJfersciDMaeLRqbCAeFbzJdgzjYo76bpP6FubySw==";
+ x86_64 = "sha512-yH4/K9sBLCUc2EVYwPL0dLql/S3AfaV6fFh7ewAuIb7yHtcsOWMqy/h1hZUlFFg2ykfwDWDDHEK7qfTI0hM7BQ==";
aarch64 = "sha512-UYp8t7r2RrN3rKN180cWpJyhyO5LVXL8LrTRKJzttUgB7kM1nroTEI3DesBu+Hw4Ynl7eLiBK397rqcpOAfxJw==";
}.${arch};
};
diff --git a/third_party/nixpkgs/pkgs/applications/editors/gnome-builder/default.nix b/third_party/nixpkgs/pkgs/applications/editors/gnome-builder/default.nix
index 337370a6dd..d04e2507c9 100644
--- a/third_party/nixpkgs/pkgs/applications/editors/gnome-builder/default.nix
+++ b/third_party/nixpkgs/pkgs/applications/editors/gnome-builder/default.nix
@@ -41,13 +41,13 @@
stdenv.mkDerivation rec {
pname = "gnome-builder";
- version = "43.4";
+ version = "43.6";
outputs = [ "out" "devdoc" ];
src = fetchurl {
url = "mirror://gnome/sources/${pname}/${lib.versions.major version}/${pname}-${version}.tar.xz";
- sha256 = "Hg1tZ4RcGb7J463VlpX5pTHXKg5UKyA6zJD7OBInwrw=";
+ sha256 = "m08hPdloyVL75CJoUPXJVk3f1XimoPiT06K2rhmjd6k=";
};
patches = [
diff --git a/third_party/nixpkgs/pkgs/applications/editors/jetbrains/versions.json b/third_party/nixpkgs/pkgs/applications/editors/jetbrains/versions.json
index b6d4e39f9f..0dc6e8297c 100644
--- a/third_party/nixpkgs/pkgs/applications/editors/jetbrains/versions.json
+++ b/third_party/nixpkgs/pkgs/applications/editors/jetbrains/versions.json
@@ -27,10 +27,10 @@
"goland": {
"update-channel": "GoLand RELEASE",
"url-template": "https://download.jetbrains.com/go/goland-{version}.tar.gz",
- "version": "2022.3.1",
- "sha256": "566eada40511cd06727d69047e8a6a1e75b06ebade93d1ea78262fc2715c8a38",
- "url": "https://download.jetbrains.com/go/goland-2022.3.1.tar.gz",
- "build_number": "223.8214.59"
+ "version": "2022.3.2",
+ "sha256": "f130d0e4c2c89dcd291e05cca33484eb08e247e9ec29c13deaf67176afbf6a36",
+ "url": "https://download.jetbrains.com/go/goland-2022.3.2.tar.gz",
+ "build_number": "223.8617.58"
},
"idea-community": {
"update-channel": "IntelliJ IDEA RELEASE",
@@ -59,10 +59,10 @@
"phpstorm": {
"update-channel": "PhpStorm RELEASE",
"url-template": "https://download.jetbrains.com/webide/PhpStorm-{version}.tar.gz",
- "version": "2022.3.1",
- "sha256": "222e8cf974f70a77c92f03b34c38645bfe72a2dd4da20d7154f40375db54709b",
- "url": "https://download.jetbrains.com/webide/PhpStorm-2022.3.1.tar.gz",
- "build_number": "223.8214.64",
+ "version": "2022.3.2",
+ "sha256": "7592d18fa1e199087cfd661b64c2fad717840f8ff3e3faf4d88db58bdb397e03",
+ "url": "https://download.jetbrains.com/webide/PhpStorm-2022.3.2.tar.gz",
+ "build_number": "223.8617.59",
"version-major-minor": "2022.3"
},
"pycharm-community": {
@@ -92,18 +92,18 @@
"ruby-mine": {
"update-channel": "RubyMine RELEASE",
"url-template": "https://download.jetbrains.com/ruby/RubyMine-{version}.tar.gz",
- "version": "2022.3.1",
- "sha256": "4d2adb310b14fb38afcaa2da5c254c2fc0bede109e597eed6d3c36837497591f",
- "url": "https://download.jetbrains.com/ruby/RubyMine-2022.3.1.tar.gz",
- "build_number": "223.8214.60"
+ "version": "2022.3.2",
+ "sha256": "8c803914c55a3c1801ff9b619870d81597fabedbfb08a7c1aecf24f5d0884aea",
+ "url": "https://download.jetbrains.com/ruby/RubyMine-2022.3.2.tar.gz",
+ "build_number": "223.8617.48"
},
"webstorm": {
"update-channel": "WebStorm RELEASE",
"url-template": "https://download.jetbrains.com/webstorm/WebStorm-{version}.tar.gz",
- "version": "2022.3.1",
- "sha256": "d78bd6494cced51fe77d87c07040fa3a29e8af917317399036af161c56afd927",
- "url": "https://download.jetbrains.com/webstorm/WebStorm-2022.3.1.tar.gz",
- "build_number": "223.8214.51"
+ "version": "2022.3.2",
+ "sha256": "2b612177c99ff0c6c542abe005846c3aa6cf170faa0202daafeb4ab1627c3794",
+ "url": "https://download.jetbrains.com/webstorm/WebStorm-2022.3.2.tar.gz",
+ "build_number": "223.8617.44"
}
},
"x86_64-darwin": {
@@ -134,10 +134,10 @@
"goland": {
"update-channel": "GoLand RELEASE",
"url-template": "https://download.jetbrains.com/go/goland-{version}.dmg",
- "version": "2022.3.1",
- "sha256": "296d5da052b59a00b0930cf6eea07eb2e5ed4eb1417ee505b013c6d83ffda2e1",
- "url": "https://download.jetbrains.com/go/goland-2022.3.1.dmg",
- "build_number": "223.8214.59"
+ "version": "2022.3.2",
+ "sha256": "8e12ae0ee0d88cd716ac76a8a49392a51236287984d84c19324a19758fe8fc03",
+ "url": "https://download.jetbrains.com/go/goland-2022.3.2.dmg",
+ "build_number": "223.8617.58"
},
"idea-community": {
"update-channel": "IntelliJ IDEA RELEASE",
@@ -166,10 +166,10 @@
"phpstorm": {
"update-channel": "PhpStorm RELEASE",
"url-template": "https://download.jetbrains.com/webide/PhpStorm-{version}.dmg",
- "version": "2022.3.1",
- "sha256": "a2ea7d0f1fd9810a46a3f3fea5f47475fe8b325514488f46ee4dace474388fa4",
- "url": "https://download.jetbrains.com/webide/PhpStorm-2022.3.1.dmg",
- "build_number": "223.8214.64",
+ "version": "2022.3.2",
+ "sha256": "a2833c575cfa17c8d30a5f2e0d4ff06167372e7d8190ff08fc2f14e57a21396c",
+ "url": "https://download.jetbrains.com/webide/PhpStorm-2022.3.2.dmg",
+ "build_number": "223.8617.59",
"version-major-minor": "2022.3"
},
"pycharm-community": {
@@ -199,18 +199,18 @@
"ruby-mine": {
"update-channel": "RubyMine RELEASE",
"url-template": "https://download.jetbrains.com/ruby/RubyMine-{version}.dmg",
- "version": "2022.3.1",
- "sha256": "3b23165c3ea9ef3d87233a64005bee4fbf98c99df5d60410a1418e022ce032d6",
- "url": "https://download.jetbrains.com/ruby/RubyMine-2022.3.1.dmg",
- "build_number": "223.8214.60"
+ "version": "2022.3.2",
+ "sha256": "bea0a86a4ca00c08d78ccca7568ad5170798544c4a64b21bbfede126bdff0a99",
+ "url": "https://download.jetbrains.com/ruby/RubyMine-2022.3.2.dmg",
+ "build_number": "223.8617.48"
},
"webstorm": {
"update-channel": "WebStorm RELEASE",
"url-template": "https://download.jetbrains.com/webstorm/WebStorm-{version}.dmg",
- "version": "2022.3.1",
- "sha256": "ea2fb464cf8ba0bf553115cd0f006cb4dab729cbde941de2fc86588024abe8b9",
- "url": "https://download.jetbrains.com/webstorm/WebStorm-2022.3.1.dmg",
- "build_number": "223.8214.51"
+ "version": "2022.3.2",
+ "sha256": "87e716107156d15aa68230369b6eab2d25c5f6134cfe38cdb01e5b10f2a24418",
+ "url": "https://download.jetbrains.com/webstorm/WebStorm-2022.3.2.dmg",
+ "build_number": "223.8617.44"
}
},
"aarch64-darwin": {
@@ -241,10 +241,10 @@
"goland": {
"update-channel": "GoLand RELEASE",
"url-template": "https://download.jetbrains.com/go/goland-{version}-aarch64.dmg",
- "version": "2022.3.1",
- "sha256": "5873200406e91ca64df50470eb20f907c568f5d95b7488cb4c3b3d3eb8353df4",
- "url": "https://download.jetbrains.com/go/goland-2022.3.1-aarch64.dmg",
- "build_number": "223.8214.59"
+ "version": "2022.3.2",
+ "sha256": "1df4707686f88e284e15a7fd63945b476dabf8e5a041894c281aba4838c603d9",
+ "url": "https://download.jetbrains.com/go/goland-2022.3.2-aarch64.dmg",
+ "build_number": "223.8617.58"
},
"idea-community": {
"update-channel": "IntelliJ IDEA RELEASE",
@@ -273,10 +273,10 @@
"phpstorm": {
"update-channel": "PhpStorm RELEASE",
"url-template": "https://download.jetbrains.com/webide/PhpStorm-{version}-aarch64.dmg",
- "version": "2022.3.1",
- "sha256": "7658bcf3433d8f6b983136cc3f3edae5c02053d6983a59c273448f246ea3bcef",
- "url": "https://download.jetbrains.com/webide/PhpStorm-2022.3.1-aarch64.dmg",
- "build_number": "223.8214.64",
+ "version": "2022.3.2",
+ "sha256": "4e1244d7fa459a7f07ec43725ed4271e2c669c3202cc04cc074f11fb07bbb25e",
+ "url": "https://download.jetbrains.com/webide/PhpStorm-2022.3.2-aarch64.dmg",
+ "build_number": "223.8617.59",
"version-major-minor": "2022.3"
},
"pycharm-community": {
@@ -306,18 +306,18 @@
"ruby-mine": {
"update-channel": "RubyMine RELEASE",
"url-template": "https://download.jetbrains.com/ruby/RubyMine-{version}-aarch64.dmg",
- "version": "2022.3.1",
- "sha256": "d0ec036ed67146beb46059a6ec9aa07d8caa2225e141183fe1d47e27170ad71a",
- "url": "https://download.jetbrains.com/ruby/RubyMine-2022.3.1-aarch64.dmg",
- "build_number": "223.8214.60"
+ "version": "2022.3.2",
+ "sha256": "346b990c412f272acc2fc7e87448f456d8d6a1978b7a94eb645f9cea806b083c",
+ "url": "https://download.jetbrains.com/ruby/RubyMine-2022.3.2-aarch64.dmg",
+ "build_number": "223.8617.48"
},
"webstorm": {
"update-channel": "WebStorm RELEASE",
"url-template": "https://download.jetbrains.com/webstorm/WebStorm-{version}-aarch64.dmg",
- "version": "2022.3.1",
- "sha256": "f63d2708cccc57bd404b782137f11e5dabf012df0c18aabf900743c4f02daa97",
- "url": "https://download.jetbrains.com/webstorm/WebStorm-2022.3.1-aarch64.dmg",
- "build_number": "223.8214.51"
+ "version": "2022.3.2",
+ "sha256": "a869cd1c1c7b01bbd98f9a1cfd08b1b18ebe77f1c4422ee7e11ddc2c3cb250ce",
+ "url": "https://download.jetbrains.com/webstorm/WebStorm-2022.3.2-aarch64.dmg",
+ "build_number": "223.8617.44"
}
}
}
diff --git a/third_party/nixpkgs/pkgs/applications/editors/neovim/default.nix b/third_party/nixpkgs/pkgs/applications/editors/neovim/default.nix
index 23734f3f23..83d6796e68 100644
--- a/third_party/nixpkgs/pkgs/applications/editors/neovim/default.nix
+++ b/third_party/nixpkgs/pkgs/applications/editors/neovim/default.nix
@@ -35,13 +35,13 @@ let
in
stdenv.mkDerivation rec {
pname = "neovim-unwrapped";
- version = "0.8.2";
+ version = "0.8.3";
src = fetchFromGitHub {
owner = "neovim";
repo = "neovim";
rev = "v${version}";
- sha256 = "sha256-eqiH/K8w0FZNHLBBMjiTSQjNQyONqcx3X+d85gPnFJg=";
+ hash = "sha256-ItJ8aX/WUfcAovxRsXXyWKBAI92hFloYIZiv7viPIdQ=";
};
patches = [
diff --git a/third_party/nixpkgs/pkgs/applications/editors/neovim/tests/default.nix b/third_party/nixpkgs/pkgs/applications/editors/neovim/tests/default.nix
index 29749c35db..8a4e86ef65 100644
--- a/third_party/nixpkgs/pkgs/applications/editors/neovim/tests/default.nix
+++ b/third_party/nixpkgs/pkgs/applications/editors/neovim/tests/default.nix
@@ -9,8 +9,6 @@
let
inherit (neovimUtils) makeNeovimConfig;
- packages.myVimPackage.start = with vimPlugins; [ vim-nix ];
-
plugins = with vimPlugins; [
{
plugin = vim-obsession;
@@ -47,13 +45,6 @@ let
nvimAutoDisableWrap = makeNeovimConfig { };
- nvimConfDontWrap = makeNeovimConfig {
- inherit plugins;
- customRC = ''
- " just a comment
- '';
- };
-
wrapNeovim2 = suffix: config:
wrapNeovimUnstable neovim-unwrapped (config // {
extraName = suffix;
diff --git a/third_party/nixpkgs/pkgs/applications/editors/standardnotes/src.json b/third_party/nixpkgs/pkgs/applications/editors/standardnotes/src.json
index 09b5a7665d..0e0eb4b22d 100644
--- a/third_party/nixpkgs/pkgs/applications/editors/standardnotes/src.json
+++ b/third_party/nixpkgs/pkgs/applications/editors/standardnotes/src.json
@@ -1,13 +1,13 @@
{
- "version": "3.142.1",
+ "version": "3.144.3",
"appimage": {
"x86_64-linux": {
- "url": "https://github.com/standardnotes/app/releases/download/%40standardnotes/desktop%403.142.1/standard-notes-3.142.1-linux-x86_64.AppImage",
- "hash": "sha512-tf6vk108RMnxk7ZCFIAbWnlTvQqCkU6NtG+JCmMK/oR+/N3T5TDaHyufNJ9yVIh9pZrmaKMHjDUdCUgGc7lIRA=="
+ "url": "https://github.com/standardnotes/app/releases/download/%40standardnotes/desktop%403.144.3/standard-notes-3.144.3-linux-x86_64.AppImage",
+ "hash": "sha512-NHuabqi8pjCnSI6EwhPLgWjyytW/ZnGvGCjb/hXscRVcJgJiQZ7FNZnnepFtZ3c0z0F4bM6AYcH+eWmt0ySgXw=="
},
"aarch64-linux": {
- "url": "https://github.com/standardnotes/app/releases/download/%40standardnotes/desktop%403.142.1/standard-notes-3.142.1-linux-arm64.AppImage",
- "hash": "sha512-wQYeWUDLbthgcWPWcz5TbqR1rk3OkdISr/SsdbbrLIyroAaXppg+7FA/FbPW7wlrksiMKowJ/hAPQz1NIxSRZg=="
+ "url": "https://github.com/standardnotes/app/releases/download/%40standardnotes/desktop%403.144.3/standard-notes-3.144.3-linux-arm64.AppImage",
+ "hash": "sha512-EaCq/0IgrSPWCkWtOBzMISfuajgGZKborPO4SoWi2QgMmwZXgLc/RBCVzVBT9C2EQLmc506IVrjOdAzkuQM5TQ=="
}
}
}
diff --git a/third_party/nixpkgs/pkgs/applications/editors/texstudio/default.nix b/third_party/nixpkgs/pkgs/applications/editors/texstudio/default.nix
index 96fb32e80f..d162261116 100644
--- a/third_party/nixpkgs/pkgs/applications/editors/texstudio/default.nix
+++ b/third_party/nixpkgs/pkgs/applications/editors/texstudio/default.nix
@@ -3,13 +3,13 @@
mkDerivation rec {
pname = "texstudio";
- version = "4.4.1";
+ version = "4.5.1";
src = fetchFromGitHub {
owner = "${pname}-org";
repo = pname;
rev = version;
- hash = "sha256-3w9JKX0tT5J3tJthIxJ+ZMlG8+gEeQAl9Gn+Zyjhmt4=";
+ hash = "sha256-QBPWelCqh8Ggp0IjH37QGYGu5Ya2fpsiSEkKh3Ee7PM=";
};
nativeBuildInputs = [ qmake wrapQtAppsHook pkg-config ];
diff --git a/third_party/nixpkgs/pkgs/applications/editors/vim/plugins/generated.nix b/third_party/nixpkgs/pkgs/applications/editors/vim/plugins/generated.nix
index 4279436804..343d6936c0 100644
--- a/third_party/nixpkgs/pkgs/applications/editors/vim/plugins/generated.nix
+++ b/third_party/nixpkgs/pkgs/applications/editors/vim/plugins/generated.nix
@@ -197,12 +197,12 @@ final: prev:
Navigator-nvim = buildVimPluginFrom2Nix {
pname = "Navigator.nvim";
- version = "2022-12-21";
+ version = "2023-02-02";
src = fetchFromGitHub {
owner = "numToStr";
repo = "Navigator.nvim";
- rev = "a2e7d6ebd26e647469135d4096dfa89da4f070e5";
- sha256 = "0jli6pba08n20n97h0wh6h36pkca9bwq93h9dipmb0q4a2zqb37m";
+ rev = "91d86506ac2a039504d5205d32a1d4bc7aa57072";
+ sha256 = "12hsdwj4jqbkh8z3hcr1c660jmh44c0j4rzlchnc326gcbrayarv";
};
meta.homepage = "https://github.com/numToStr/Navigator.nvim/";
};
@@ -293,12 +293,12 @@ final: prev:
SchemaStore-nvim = buildVimPluginFrom2Nix {
pname = "SchemaStore.nvim";
- version = "2023-01-30";
+ version = "2023-02-04";
src = fetchFromGitHub {
owner = "b0o";
repo = "SchemaStore.nvim";
- rev = "d98828169af99624031d8535785a099cdf60d4c3";
- sha256 = "0j3lkz7lbd0naqqp6y2nlk9zawd453m41diia7f0saiyix76r6cp";
+ rev = "5c5723bd464fd048f5d62fcf20c41495d3386a33";
+ sha256 = "1vpay869faixkxpvxlwpk44pidjgnrhkchnchfsbd6c2brhgzz11";
};
meta.homepage = "https://github.com/b0o/SchemaStore.nvim/";
};
@@ -498,12 +498,12 @@ final: prev:
aerial-nvim = buildVimPluginFrom2Nix {
pname = "aerial.nvim";
- version = "2023-02-01";
+ version = "2023-02-03";
src = fetchFromGitHub {
owner = "stevearc";
repo = "aerial.nvim";
- rev = "30a64f8590482dcd461123cb66464ff371aeeb84";
- sha256 = "15rzr9p685ylv37amkfv0finnimhzlp2lmzkm8gdqzl0xhsfa2rn";
+ rev = "4428a478e70f6a6b52e86d16ced677020267f409";
+ sha256 = "18dvm2k6h0xvzhf6wr317b9j85qq46gkh2scxmi8b20p8d3kfi52";
fetchSubmodules = true;
};
meta.homepage = "https://github.com/stevearc/aerial.nvim/";
@@ -559,12 +559,12 @@ final: prev:
ale = buildVimPluginFrom2Nix {
pname = "ale";
- version = "2023-01-29";
+ version = "2023-02-03";
src = fetchFromGitHub {
owner = "dense-analysis";
repo = "ale";
- rev = "116d713f63c7a81663fa53efa10e34649c9479e3";
- sha256 = "1hqlav8h09qffcicxjwzq74rm8b128jav1hgcyjv7jyz7f3fjcw4";
+ rev = "45a3e3f574172028338de70ce8f8f606dec0a1b0";
+ sha256 = "0xyglfdqr8bq4s5mqq7wvj8czl1n9pgs16368q2zjj9j35x6m8xr";
};
meta.homepage = "https://github.com/dense-analysis/ale/";
};
@@ -727,12 +727,12 @@ final: prev:
aurora = buildVimPluginFrom2Nix {
pname = "aurora";
- version = "2023-01-31";
+ version = "2023-02-04";
src = fetchFromGitHub {
owner = "ray-x";
repo = "aurora";
- rev = "a55448018d75817e820c03b21d28a2cd65b7d353";
- sha256 = "1vlbpw4mgkh5rd2mqwjsvz9sxnq5zjci4jddhmnmkilrlgancfg0";
+ rev = "f7b2df980aa0518a1a208974dfcbc51ff91b531e";
+ sha256 = "1d0p7d7kicqy4bbh3kaxn9as71afjljp38lhcc595l2b8nlaf2hc";
};
meta.homepage = "https://github.com/ray-x/aurora/";
};
@@ -785,6 +785,18 @@ final: prev:
meta.homepage = "https://github.com/rmagatti/auto-session/";
};
+ autoclose-nvim = buildVimPluginFrom2Nix {
+ pname = "autoclose.nvim";
+ version = "2023-02-03";
+ src = fetchFromGitHub {
+ owner = "m4xshen";
+ repo = "autoclose.nvim";
+ rev = "5c63f2c28a48d556644f3650daccdf0ba03ea177";
+ sha256 = "0c8klbm0wwr1rq1kkq2lq18n3d8kbi977zac70xc8h3dcfdnzc4m";
+ };
+ meta.homepage = "https://github.com/m4xshen/autoclose.nvim/";
+ };
+
autoload_cscope-vim = buildVimPluginFrom2Nix {
pname = "autoload_cscope.vim";
version = "2011-01-28";
@@ -847,12 +859,12 @@ final: prev:
barbecue-nvim = buildVimPluginFrom2Nix {
pname = "barbecue.nvim";
- version = "2023-02-01";
+ version = "2023-02-04";
src = fetchFromGitHub {
owner = "utilyre";
repo = "barbecue.nvim";
- rev = "e3db3c4e25f5531bcb74b7951f52e425731433e5";
- sha256 = "0b69g3vr78x4hy5sj354iws43x4mm8qlqwfzl6cbiga16pa659ay";
+ rev = "572e4070d1f26ce7252570823598a656e828a9ec";
+ sha256 = "0k8mh345m8xxmss04zwscmpyfwxsa8pwd8pjklgv8njgxr5hk1hr";
};
meta.homepage = "https://github.com/utilyre/barbecue.nvim/";
};
@@ -1039,12 +1051,12 @@ final: prev:
calendar-vim = buildVimPluginFrom2Nix {
pname = "calendar.vim";
- version = "2023-01-14";
+ version = "2023-02-02";
src = fetchFromGitHub {
owner = "itchyny";
repo = "calendar.vim";
- rev = "8d4ab7a8d9120a3538216056047d10df3947789b";
- sha256 = "0v6d2kiww9ky0m0b94c66kfvxwmv11rkpxqyfv62pigirs8x3a82";
+ rev = "6004885c90fd0239b84ce242babbcfe7cd379535";
+ sha256 = "0avpcl9y718xldlhc6ip8hq6y6wp50k4hqdfrm3zg1z6l7iladwh";
};
meta.homepage = "https://github.com/itchyny/calendar.vim/";
};
@@ -1303,12 +1315,12 @@ final: prev:
cmp-dictionary = buildVimPluginFrom2Nix {
pname = "cmp-dictionary";
- version = "2023-01-31";
+ version = "2023-02-04";
src = fetchFromGitHub {
owner = "uga-rosa";
repo = "cmp-dictionary";
- rev = "06876deb8b82e2cc6a318f22196c39218f4f59bd";
- sha256 = "1m723a5qrs281n9sghmcgm8cnp9nrjxkaajnlq34bg3s56d32hik";
+ rev = "5662ec89119c49a806b77b5df7517017abe47f8e";
+ sha256 = "0md3msnkyw2dgkpgp12iskrdv7p4sywmdg4ifdmbcl56qn1dv5zr";
};
meta.homepage = "https://github.com/uga-rosa/cmp-dictionary/";
};
@@ -1471,12 +1483,12 @@ final: prev:
cmp-nvim-lsp-signature-help = buildVimPluginFrom2Nix {
pname = "cmp-nvim-lsp-signature-help";
- version = "2022-10-14";
+ version = "2023-02-03";
src = fetchFromGitHub {
owner = "hrsh7th";
repo = "cmp-nvim-lsp-signature-help";
- rev = "d2768cb1b83de649d57d967085fe73c5e01f8fd7";
- sha256 = "13imcdv0yws084z2x2lmdj17zy4ngf126i7djknnwp2jfkca1120";
+ rev = "3d8912ebeb56e5ae08ef0906e3a54de1c66b92f1";
+ sha256 = "0bkviamzpkw6yv4cyqa9pqm1g2gsvzk87v8xc4574yf86jz5hg68";
};
meta.homepage = "https://github.com/hrsh7th/cmp-nvim-lsp-signature-help/";
};
@@ -1747,12 +1759,12 @@ final: prev:
coc-lua = buildVimPluginFrom2Nix {
pname = "coc-lua";
- version = "2023-02-01";
+ version = "2023-02-04";
src = fetchFromGitHub {
owner = "josa42";
repo = "coc-lua";
- rev = "80858aa01d57ed2f93c6bc388bad373810d41a21";
- sha256 = "0rcikmjdhcw39kngx93snpnn0sh780drqnn342gg9ifnysbva3d9";
+ rev = "9f702344b9550800e9ca928cd21fd6dcc8dffaef";
+ sha256 = "10s0nqhybry6m6p13gvmchmc6in7zn7pgi1930svy7czqblcg6rw";
};
meta.homepage = "https://github.com/josa42/coc-lua/";
};
@@ -2083,12 +2095,12 @@ final: prev:
copilot-lua = buildVimPluginFrom2Nix {
pname = "copilot.lua";
- version = "2023-01-31";
+ version = "2023-02-02";
src = fetchFromGitHub {
owner = "zbirenbaum";
repo = "copilot.lua";
- rev = "bfae743805d5f16fc31f6d3a8f2e46b3f3dbb175";
- sha256 = "1gkb9w1ad8fq6hbvr96p6sp1kzx8vlk0x6wy47mqbliqpxgp3vhr";
+ rev = "a54e7b11a2c6efc9ddd3f42e56cf7d9eed1a9683";
+ sha256 = "05bpgrq11zcp9flqp0gm0xjcaq622z46yjxlf6iliv8a4pmbrbgr";
};
meta.homepage = "https://github.com/zbirenbaum/copilot.lua/";
};
@@ -2143,12 +2155,12 @@ final: prev:
coq_nvim = buildVimPluginFrom2Nix {
pname = "coq_nvim";
- version = "2023-01-29";
+ version = "2023-02-04";
src = fetchFromGitHub {
owner = "ms-jpq";
repo = "coq_nvim";
- rev = "b6032a67b53ca92b7bda401ef45284e888c5f4b6";
- sha256 = "1wxwwnbbz25idi4bwqzb9byf44awss97ca1925n5gmxq19g7x1gc";
+ rev = "d11f4eb12d73c5dcf5d6691378b18447446ec919";
+ sha256 = "08kkp57k4138cb4jgv3q3x3h2qx7f29kr914lzqzrb7q4ybzm6b8";
};
meta.homepage = "https://github.com/ms-jpq/coq_nvim/";
};
@@ -2179,12 +2191,12 @@ final: prev:
crates-nvim = buildVimPluginFrom2Nix {
pname = "crates.nvim";
- version = "2023-01-24";
+ version = "2023-02-02";
src = fetchFromGitHub {
owner = "saecki";
repo = "crates.nvim";
- rev = "c2e9929c3ac40776c30bc7b328a7dff98756050a";
- sha256 = "1lqxbb6r49afqqc2gfxdim1kr3dww74gg1pbz26s6bqvga1wzf8s";
+ rev = "1bca9122ddc4bf4c6573402bf6686fc084470a7e";
+ sha256 = "0isvyph3lpqpijxpfj5rjfh1w1mh3629jpyahy5sj2g8hn46mj08";
};
meta.homepage = "https://github.com/saecki/crates.nvim/";
};
@@ -2287,12 +2299,12 @@ final: prev:
dashboard-nvim = buildVimPluginFrom2Nix {
pname = "dashboard-nvim";
- version = "2023-02-01";
+ version = "2023-02-04";
src = fetchFromGitHub {
owner = "glepnir";
repo = "dashboard-nvim";
- rev = "df68a1943ac2f08a73e3284b266ea50e7d381db4";
- sha256 = "1m2c7xqsb5fp41j0sbv7z5w34pi372x21gxifkvhx6znv4l5r9f7";
+ rev = "d69d20170e12a20fa305e90870d6016e636cc328";
+ sha256 = "18i9rjjv7g5hr1gyb98w3mh50m1iwk643rb93z1n7f38ln55xzw8";
};
meta.homepage = "https://github.com/glepnir/dashboard-nvim/";
};
@@ -2891,12 +2903,12 @@ final: prev:
fcitx-vim = buildVimPluginFrom2Nix {
pname = "fcitx.vim";
- version = "2022-11-15";
+ version = "2023-02-02";
src = fetchFromGitHub {
owner = "lilydjwg";
repo = "fcitx.vim";
- rev = "dc95d0301b61a7db1f1badfe743fb627ea6e06d1";
- sha256 = "1z6n9ax8mnr9p1j64hrl463kqnaf7gc08975j5n7c77rrz23bd1q";
+ rev = "92247352c6f05c8deebea2f50d8e842bfd91c294";
+ sha256 = "01p7w8pc0d3crbksn5xwz4zcbnb7phjz5n6lk59v9b326sjm3rai";
};
meta.homepage = "https://github.com/lilydjwg/fcitx.vim/";
};
@@ -3048,12 +3060,12 @@ final: prev:
flutter-tools-nvim = buildVimPluginFrom2Nix {
pname = "flutter-tools.nvim";
- version = "2023-01-01";
+ version = "2023-02-02";
src = fetchFromGitHub {
owner = "akinsho";
repo = "flutter-tools.nvim";
- rev = "ae0be3cef35c0cb41d6c7f814a19b3402d50fd7a";
- sha256 = "0ynidizghmbrapcm2wrn6cjmn28gvzkxc1ia9s8nmh63574prfrv";
+ rev = "f84836a906fac21e9fb096ce15478051cd7df589";
+ sha256 = "1j725v2cf9k1dlxnpmzcz1ys7v9iyj0vyvjw9bkmjvy17hqcrxaw";
};
meta.homepage = "https://github.com/akinsho/flutter-tools.nvim/";
};
@@ -3180,12 +3192,12 @@ final: prev:
fzf-lsp-nvim = buildVimPluginFrom2Nix {
pname = "fzf-lsp.nvim";
- version = "2022-07-16";
+ version = "2023-02-02";
src = fetchFromGitHub {
owner = "gfanto";
repo = "fzf-lsp.nvim";
- rev = "f8988d7d738a0e9e7aba2f0a9512df6356bbda07";
- sha256 = "1bl8a3mnz9p9a03pqq3gdxpfxk8j3pjj8g4828nca3df72nk9vrn";
+ rev = "16905056051759b15a388709a3fa65ff098eb243";
+ sha256 = "1330a2ycs9bz0kkkygbsri5fh9grldzkg5fwahv30vf3nsybsrpc";
};
meta.homepage = "https://github.com/gfanto/fzf-lsp.nvim/";
};
@@ -3196,8 +3208,8 @@ final: prev:
src = fetchFromGitHub {
owner = "ibhagwan";
repo = "fzf-lua";
- rev = "bc7fd1253aff19ae5514fc11b0f947cc4b052a90";
- sha256 = "1maddqgwdxxsp6ar6csbxsvd1ng3i3ybqdy4b2jslj9f8v54znds";
+ rev = "5ad5771eb77d233ec7a4352240d2780dde8034d1";
+ sha256 = "0fkwsi9f2qymgavfpgxzrbga1z0z0024sri1wslsp66g1512x92f";
};
meta.homepage = "https://github.com/ibhagwan/fzf-lua/";
};
@@ -3336,24 +3348,24 @@ final: prev:
gitlinker-nvim = buildVimPluginFrom2Nix {
pname = "gitlinker.nvim";
- version = "2022-09-26";
+ version = "2023-02-03";
src = fetchFromGitHub {
owner = "ruifm";
repo = "gitlinker.nvim";
- rev = "c68d4873a14d2ae614875685ccca2e49472989e8";
- sha256 = "1lr55vn4mr9gdhr1zxihm98hjv1ypp47k5vhq5fkv14sd37hmwf8";
+ rev = "cc59f732f3d043b626c8702cb725c82e54d35c25";
+ sha256 = "000gg83j6fcx6iwp39m3dljfpg0f5vna8pkvwp1b13jf4hjyzcff";
};
meta.homepage = "https://github.com/ruifm/gitlinker.nvim/";
};
gitsigns-nvim = buildNeovimPluginFrom2Nix {
pname = "gitsigns.nvim";
- version = "2023-01-27";
+ version = "2023-02-03";
src = fetchFromGitHub {
owner = "lewis6991";
repo = "gitsigns.nvim";
- rev = "0d4fe37ba5285171f3729da955955205f3fa945b";
- sha256 = "0bpi4xhpi031sgrkxdqrrl7fk16wdkk1k7ln6b8qyf5vyhkcckfz";
+ rev = "ec4742a7eebf68bec663041d359b95637242b5c3";
+ sha256 = "18bwp15m2v4mrxp9i2vz061cfpv3ah08c8il3fx24aqhfbmaq6lz";
};
meta.homepage = "https://github.com/lewis6991/gitsigns.nvim/";
};
@@ -3599,12 +3611,12 @@ final: prev:
haskell-tools-nvim = buildVimPluginFrom2Nix {
pname = "haskell-tools.nvim";
- version = "2023-01-31";
+ version = "2023-02-03";
src = fetchFromGitHub {
owner = "MrcJkb";
repo = "haskell-tools.nvim";
- rev = "2e63d6336822a3676fdd27b0aa49cb2da08d1b17";
- sha256 = "0v4hc613smq1gry56imfy65cqy5128za4i5zfy1zvh3x1ppbqqvw";
+ rev = "03dfa7fa3d08a34cdef09ca05a6da166a1ba22a2";
+ sha256 = "166ar0qy3pl2jvw7y6im7v7gmrsji44ph1aahxqdpgbf170xx6pa";
};
meta.homepage = "https://github.com/MrcJkb/haskell-tools.nvim/";
};
@@ -3872,6 +3884,18 @@ final: prev:
meta.homepage = "https://github.com/lukas-reineke/indent-blankline.nvim/";
};
+ indent-o-matic = buildVimPluginFrom2Nix {
+ pname = "indent-o-matic";
+ version = "2023-01-24";
+ src = fetchFromGitHub {
+ owner = "Darazaki";
+ repo = "indent-o-matic";
+ rev = "3103dde7a47f2855097558ab52162bbbdbe8dc40";
+ sha256 = "1nfwzqki00x5vv75iawyky122v68qcajihfcdqxixlqln3srrmi4";
+ };
+ meta.homepage = "https://github.com/Darazaki/indent-o-matic/";
+ };
+
indentLine = buildVimPluginFrom2Nix {
pname = "indentLine";
version = "2022-09-07";
@@ -4211,12 +4235,12 @@ final: prev:
leap-nvim = buildVimPluginFrom2Nix {
pname = "leap.nvim";
- version = "2023-01-19";
+ version = "2023-02-04";
src = fetchFromGitHub {
owner = "ggandor";
repo = "leap.nvim";
- rev = "ff4c3663e5a0a0ecbb3fffbc8318825def35d2aa";
- sha256 = "1pxm1b3crqmvbmds5cjfnqirvqbjqzc6vc59i6jsr8i79vymf16z";
+ rev = "f565a9c4d92245d8b619235bebeaa73cc38aa40e";
+ sha256 = "1i40bi18wn7vg6mdcg0xp5zxk960lzj4kzda3syj51sv1pgdq802";
};
meta.homepage = "https://github.com/ggandor/leap.nvim/";
};
@@ -4594,12 +4618,12 @@ final: prev:
lsp_signature-nvim = buildVimPluginFrom2Nix {
pname = "lsp_signature.nvim";
- version = "2023-02-01";
+ version = "2023-02-02";
src = fetchFromGitHub {
owner = "ray-x";
repo = "lsp_signature.nvim";
- rev = "c15369260448d81cb65e5c6965850232ed22fbbc";
- sha256 = "07s83hn47rnvb96fz7h9kxdy9qxmz7h0v23m0ij8c4yhk9z8xyxj";
+ rev = "6f6252f63b0baf0f2224c4caea33819a27f3f550";
+ sha256 = "01913fb3g3f8291fw48a3rlsr4wkn6imljpk0h60vg65d2xc15l3";
};
meta.homepage = "https://github.com/ray-x/lsp_signature.nvim/";
};
@@ -4666,12 +4690,12 @@ final: prev:
luasnip = buildVimPluginFrom2Nix {
pname = "luasnip";
- version = "2023-01-27";
+ version = "2023-02-02";
src = fetchFromGitHub {
owner = "l3mon4d3";
repo = "luasnip";
- rev = "94f192cf5f0a1931b3035c2d8affdebec460968c";
- sha256 = "163zh6pq6a7qxs3yvkrpn5sihrbn1vhmr3jv27p4swkh2x3dn5q8";
+ rev = "d404ec306bfa4cdb0c3605dbb17e8a93a9597337";
+ sha256 = "1m6dmfplyln4xvc09srqxby93ksq1a62qai09j9msnd5pv4yqniy";
fetchSubmodules = true;
};
meta.homepage = "https://github.com/l3mon4d3/luasnip/";
@@ -4763,12 +4787,12 @@ final: prev:
mason-nvim = buildVimPluginFrom2Nix {
pname = "mason.nvim";
- version = "2023-02-01";
+ version = "2023-02-04";
src = fetchFromGitHub {
owner = "williamboman";
repo = "mason.nvim";
- rev = "07de1d12940a6580c125720d37e26abc318f778a";
- sha256 = "19m2j1kmc0mnzbjyp266dqqgfp2fw1mlzcsc9286ggbbvgisadih";
+ rev = "9ec92c1945b11ba7e7e6730fd60fd44525f24a25";
+ sha256 = "0snf7j4x4cmwrw81bwm3fj8k07l8iriqwzc5c47bl2w94fpbynyc";
};
meta.homepage = "https://github.com/williamboman/mason.nvim/";
};
@@ -4835,12 +4859,12 @@ final: prev:
mini-nvim = buildVimPluginFrom2Nix {
pname = "mini.nvim";
- version = "2023-01-31";
+ version = "2023-02-04";
src = fetchFromGitHub {
owner = "echasnovski";
repo = "mini.nvim";
- rev = "8e007cf3ae8db59bd926a9fbaf7f0d25a7fe67ca";
- sha256 = "02pq68d5c3g009qsjsbns0bswg1riq61l8giykhg09r0lbj28zn1";
+ rev = "33e76b0c22465de03906ebd00c01b64a04e495b3";
+ sha256 = "0kxfwmvp7pgvqr6cqs6zf5dklq6n7vcgzr1dj435f8yg6zh90aah";
};
meta.homepage = "https://github.com/echasnovski/mini.nvim/";
};
@@ -5195,12 +5219,12 @@ final: prev:
neoconf-nvim = buildVimPluginFrom2Nix {
pname = "neoconf.nvim";
- version = "2023-02-01";
+ version = "2023-02-04";
src = fetchFromGitHub {
owner = "folke";
repo = "neoconf.nvim";
- rev = "9fb68ebc1b5632b2e3e93ddb5ad1985c75c59fbd";
- sha256 = "0p2n2k28z0qjdsiyxq0frfl7y6lvf96bl5c7w8zk0amvabkh23wf";
+ rev = "de8dbd4ba6583619ed02323dbde737d586ba572f";
+ sha256 = "1ms7chmmilq8slf659m8d45i39pllgng7a95fc20ykwbakhi8m9b";
};
meta.homepage = "https://github.com/folke/neoconf.nvim/";
};
@@ -5219,28 +5243,40 @@ final: prev:
neodev-nvim = buildVimPluginFrom2Nix {
pname = "neodev.nvim";
- version = "2023-01-28";
+ version = "2023-02-04";
src = fetchFromGitHub {
owner = "folke";
repo = "neodev.nvim";
- rev = "8fd21037453f4306f500e437c5cbdf6e8b6c2f99";
- sha256 = "0zxac4425677w3pvj5yp7sxllmnj4bhwc6kwwa6c409wvyzrfas2";
+ rev = "70cab52c9d19e982f306716534e90c37a254b046";
+ sha256 = "13xrc45s5fx8y2dl1ds155r5w0yrivq2b1aqvqjk7ywgyyq2wr5l";
};
meta.homepage = "https://github.com/folke/neodev.nvim/";
};
neoformat = buildVimPluginFrom2Nix {
pname = "neoformat";
- version = "2023-01-11";
+ version = "2023-02-04";
src = fetchFromGitHub {
owner = "sbdchd";
repo = "neoformat";
- rev = "ec601d38a2e9309109f405ce038c5a6ce774f1a9";
- sha256 = "028xycbvjhs7mvnzlismjipibgqdhjm9s0asmjpg3g7y2qhkw3ix";
+ rev = "2e9fd3a7cbdce0c90379c8bc52e0bca6726eba81";
+ sha256 = "02f77wwhb1wfk9bcvy5mnc4r2rdgw6b3pdmacizmjnd1a9ajqysn";
};
meta.homepage = "https://github.com/sbdchd/neoformat/";
};
+ neogen = buildVimPluginFrom2Nix {
+ pname = "neogen";
+ version = "2023-01-16";
+ src = fetchFromGitHub {
+ owner = "danymat";
+ repo = "neogen";
+ rev = "465af9d6c6fb7f360175991dcc23fc10917e3a06";
+ sha256 = "08frlngajmb1905f52xh299h8l3mf34lp4aa5rgs2hl96iafbjr3";
+ };
+ meta.homepage = "https://github.com/danymat/neogen/";
+ };
+
neogit = buildVimPluginFrom2Nix {
pname = "neogit";
version = "2023-01-31";
@@ -5303,12 +5339,12 @@ final: prev:
neorg = buildVimPluginFrom2Nix {
pname = "neorg";
- version = "2023-01-29";
+ version = "2023-02-04";
src = fetchFromGitHub {
owner = "nvim-neorg";
repo = "neorg";
- rev = "b977fa0f2069ff71111237df07de2bdeeb2b7079";
- sha256 = "04r5pcdkvm9dgfsyhx0skf8nwyf790myrha7rjkqr9cpr707l6mj";
+ rev = "ac8828369cb2a4b2e1e17e6b495645585ed2a37b";
+ sha256 = "1ljyzvk3ff876sp4idfqq3ziqm7c6wc63kii3nsvh9i4m0w5i5af";
};
meta.homepage = "https://github.com/nvim-neorg/neorg/";
};
@@ -5543,12 +5579,12 @@ final: prev:
nlsp-settings-nvim = buildVimPluginFrom2Nix {
pname = "nlsp-settings.nvim";
- version = "2023-02-02";
+ version = "2023-02-04";
src = fetchFromGitHub {
owner = "tamago324";
repo = "nlsp-settings.nvim";
- rev = "5541d073b93a404445907e0aec3ebd9cf8914e53";
- sha256 = "0r4bbppp95rdhpz9j24w6smpzv891gk1ja6dis7j4gf3sra57hqy";
+ rev = "c2db6cfd687df2fba323ba31ad0d862d6129f62c";
+ sha256 = "0k7mhz2k05qwyrx9iyc9psjfshxzw8p1618fiyr7cck9aphzwqlf";
};
meta.homepage = "https://github.com/tamago324/nlsp-settings.nvim/";
};
@@ -5651,12 +5687,12 @@ final: prev:
null-ls-nvim = buildVimPluginFrom2Nix {
pname = "null-ls.nvim";
- version = "2023-01-31";
+ version = "2023-02-03";
src = fetchFromGitHub {
owner = "jose-elias-alvarez";
repo = "null-ls.nvim";
- rev = "c3e678110d5f31854c6575cf4bda3b82f3d4a884";
- sha256 = "045anxnny6rlfrj18wqqrdy69j0b6qpgiirabjas6hcyh3sjgrx6";
+ rev = "8f5d730021497233c39d3adbf4b8043d4be163f8";
+ sha256 = "0isrsbba9clpjjx5z37p4d0s8fasd7gxr1gxxjsvgkp2yn7blvi0";
};
meta.homepage = "https://github.com/jose-elias-alvarez/null-ls.nvim/";
};
@@ -5723,12 +5759,12 @@ final: prev:
nvim-base16 = buildVimPluginFrom2Nix {
pname = "nvim-base16";
- version = "2023-01-30";
+ version = "2023-02-03";
src = fetchFromGitHub {
owner = "RRethy";
repo = "nvim-base16";
- rev = "d41f301dcd3de51e95d5e1b7737e22a4e1eddd28";
- sha256 = "1dlxa4n0xv5zpkpvw06xvbmcyaghs5byrw9xkpv9m3wqk55x395d";
+ rev = "a3e0146ba46a797a0118da0177cbec5e28722399";
+ sha256 = "079f6dvdcl6zzdl8rgyxr7g8gla066w41ndmg2qakrbj5fap3fyn";
};
meta.homepage = "https://github.com/RRethy/nvim-base16/";
};
@@ -5783,12 +5819,12 @@ final: prev:
nvim-cmp = buildNeovimPluginFrom2Nix {
pname = "nvim-cmp";
- version = "2023-01-26";
+ version = "2023-02-03";
src = fetchFromGitHub {
owner = "hrsh7th";
repo = "nvim-cmp";
- rev = "e7e2ef7031db8e0cfad7ad9916ec766ddd9dbb3b";
- sha256 = "1jd1x6rg9k5gjwnlfrhmy976xky6sm7335hcz2lpgjapgy7rnyz7";
+ rev = "cfafe0a1ca8933f7b7968a287d39904156f2c57d";
+ sha256 = "1qgvlvjwah6581vppsb8racgkfjpjx2xqbk2ji1fmczc3rsk80h6";
};
meta.homepage = "https://github.com/hrsh7th/nvim-cmp/";
};
@@ -6059,12 +6095,12 @@ final: prev:
nvim-jdtls = buildVimPluginFrom2Nix {
pname = "nvim-jdtls";
- version = "2023-01-20";
+ version = "2023-02-02";
src = fetchFromGitHub {
owner = "mfussenegger";
repo = "nvim-jdtls";
- rev = "beb9101fb4a8a4f2655e691980b4c82a27d2e920";
- sha256 = "1j56xz39wfdxinmzi83qfb6gljnag8a590wvyjg9c8m7ssd0ixw6";
+ rev = "1f640d14d17f20cfc63c1acc26a10f9466e66a75";
+ sha256 = "1cfl5cjjfcijdsnbh1f23vp3msjlpkvr81am6lpkhx5as2dfws67";
};
meta.homepage = "https://github.com/mfussenegger/nvim-jdtls/";
};
@@ -6215,12 +6251,12 @@ final: prev:
nvim-navic = buildVimPluginFrom2Nix {
pname = "nvim-navic";
- version = "2023-01-26";
+ version = "2023-02-04";
src = fetchFromGitHub {
owner = "smiteshp";
repo = "nvim-navic";
- rev = "11e08391eeed00effa85ca24ff9d1e0472cbcd6a";
- sha256 = "16nr10lyzq45hm49mh2y6xjk8f59bra1mzgybclz09l9aikzmkhq";
+ rev = "7e9d2b2b601149fecdccd11b516acb721e571fe6";
+ sha256 = "02dzs5bh29ncvz3nzc2isnz9y5c99mx5qm97nvwrbbvxcp3yah2m";
};
meta.homepage = "https://github.com/smiteshp/nvim-navic/";
};
@@ -6239,12 +6275,12 @@ final: prev:
nvim-nonicons = buildVimPluginFrom2Nix {
pname = "nvim-nonicons";
- version = "2022-12-22";
+ version = "2023-02-04";
src = fetchFromGitHub {
owner = "yamatsum";
repo = "nvim-nonicons";
- rev = "68ecb6476f1b96d03c702dce6cf3ef1e5171c9a8";
- sha256 = "1vmzl5b3a07kh8b4wqqxd05sygvlyxq9vkrsshn2lrxmpbdg6227";
+ rev = "ceda07dc7339f35444b5f4c4016f76a9eb42ac16";
+ sha256 = "0kcagkzgvib0jg9aywfvrk4bx7pdyk7zj5b5i4wzacdcyx5yb7mx";
};
meta.homepage = "https://github.com/yamatsum/nvim-nonicons/";
};
@@ -6335,12 +6371,12 @@ final: prev:
nvim-spectre = buildVimPluginFrom2Nix {
pname = "nvim-spectre";
- version = "2023-01-11";
+ version = "2023-02-02";
src = fetchFromGitHub {
owner = "nvim-pack";
repo = "nvim-spectre";
- rev = "24275beae382e6bd0180b3064cf5729548641a02";
- sha256 = "0rw2g0a1sdd92ac22rgmvb4yk17ps2c760g03pbdwfca14d50fnh";
+ rev = "17b7c84ea8884bfec8e71b8021e924cb3a39c180";
+ sha256 = "1r6jran2nqyzjgxmwnykd53k38iz8pdc5x9ndcqd8w88ybg3bbpd";
};
meta.homepage = "https://github.com/nvim-pack/nvim-spectre/";
};
@@ -6383,24 +6419,24 @@ final: prev:
nvim-tree-lua = buildVimPluginFrom2Nix {
pname = "nvim-tree.lua";
- version = "2023-01-31";
+ version = "2023-02-04";
src = fetchFromGitHub {
owner = "nvim-tree";
repo = "nvim-tree.lua";
- rev = "215b29bfad74518442621b9d0483a621483b066b";
- sha256 = "00rvb70s9wg9vqnsm6a63vakpjyznvpc4yplbmqjqa4dnfwp9kl2";
+ rev = "7eb33d2a6d5d574a43159da90e0eac2445367393";
+ sha256 = "0x6lji8s86vgih7fv9yvvjkyh9bqlzrsmn04im1zif087wa1dcw1";
};
meta.homepage = "https://github.com/nvim-tree/nvim-tree.lua/";
};
nvim-treesitter = buildVimPluginFrom2Nix {
pname = "nvim-treesitter";
- version = "2023-02-01";
+ version = "2023-02-04";
src = fetchFromGitHub {
owner = "nvim-treesitter";
repo = "nvim-treesitter";
- rev = "f0e083912ac42e9001e02a89f70269aa0698e9ec";
- sha256 = "0yd2rfy2vsrnnxz0ih8j1f975kww9xcdwzp7241dbdyvy9h7ra7d";
+ rev = "bd7b4b6eff2dcb4a8a65f55d51398e79fa3d4ec6";
+ sha256 = "08amxr13yfqi2301lrdb0swl6wfjkbi3i7cq5r5ypyw7xaj1nbqb";
};
meta.homepage = "https://github.com/nvim-treesitter/nvim-treesitter/";
};
@@ -6491,23 +6527,23 @@ final: prev:
nvim-ts-rainbow2 = buildVimPluginFrom2Nix {
pname = "nvim-ts-rainbow2";
- version = "2023-01-19";
+ version = "2023-02-04";
src = fetchgit {
url = "https://gitlab.com/HiPhish/nvim-ts-rainbow2";
- rev = "2e0e2167f173df2f075fd52add2a0d6c66a2344a";
- sha256 = "0z5w6y6ynv4q8rjcrfi2vklf9l9h5azda73ragqbfijkx9ggniyy";
+ rev = "7d33fb4402676723b0d7ca4d95717f5e020cd123";
+ sha256 = "0h4kfmh75p6c00f1xa6609y7zq9nm3p0r8yj17bwy30hpi51vnqv";
};
meta.homepage = "https://gitlab.com/HiPhish/nvim-ts-rainbow2";
};
nvim-web-devicons = buildVimPluginFrom2Nix {
pname = "nvim-web-devicons";
- version = "2023-01-28";
+ version = "2023-02-04";
src = fetchFromGitHub {
owner = "nvim-tree";
repo = "nvim-web-devicons";
- rev = "a421d183ef37dfa13f51a5805bed2381aebf9080";
- sha256 = "0754m29aizcav7ynqflpbv3kzz2n7mw2xx8aliay3slzq18kix8d";
+ rev = "2b96193abe4372e18e4f4533895a42a466d53c17";
+ sha256 = "18vh5xpyzlmfwdz2n30fi7a6v7w5mnami857cczqy2bk5bc1xdvd";
};
meta.homepage = "https://github.com/nvim-tree/nvim-web-devicons/";
};
@@ -6598,12 +6634,12 @@ final: prev:
oil-nvim = buildVimPluginFrom2Nix {
pname = "oil.nvim";
- version = "2023-01-29";
+ version = "2023-02-03";
src = fetchFromGitHub {
owner = "stevearc";
repo = "oil.nvim";
- rev = "716dd8f9cf1ff2b9cda03497025612ce3c366307";
- sha256 = "14qydwhkr90w2bb1xza44pm2d1iiqmvijqik8qjs122i6z5hc7c6";
+ rev = "7371dd220f1d08789cc225846d8cafed938777e9";
+ sha256 = "0rcx62q9vrx0w6qgkpz39173r0fba6xk9ja212s93l3zwqp49wwb";
fetchSubmodules = true;
};
meta.homepage = "https://github.com/stevearc/oil.nvim/";
@@ -6611,12 +6647,12 @@ final: prev:
omnisharp-extended-lsp-nvim = buildVimPluginFrom2Nix {
pname = "omnisharp-extended-lsp.nvim";
- version = "2022-10-29";
+ version = "2023-02-02";
src = fetchFromGitHub {
owner = "Hoffs";
repo = "omnisharp-extended-lsp.nvim";
- rev = "83be0f285afa360ca4a134820381e54b4b7aadd3";
- sha256 = "1hdsc68qzf4j83xah72yjan7mlsvdz7w310m1qw81yzd45z0scyd";
+ rev = "55cb3d7310e07e38d0d420d195f353c51eb603fb";
+ sha256 = "1wy2cpg4cb2f18751lxiy8lbhxmp17z9d01b7qwbz6pxyr4l6k2p";
};
meta.homepage = "https://github.com/Hoffs/omnisharp-extended-lsp.nvim/";
};
@@ -6659,12 +6695,12 @@ final: prev:
onedarkpro-nvim = buildVimPluginFrom2Nix {
pname = "onedarkpro.nvim";
- version = "2023-01-24";
+ version = "2023-02-02";
src = fetchFromGitHub {
owner = "olimorris";
repo = "onedarkpro.nvim";
- rev = "c3409eca73d2ae334935ca4afdb0428f453ba404";
- sha256 = "1zj4kp8ffhgq9syqh5w7rr5zzb92kvzdkcpf3x0v2d4cwxysd2ji";
+ rev = "64d5c6d75c9769f8edca674138cf63e71efcf65b";
+ sha256 = "1zacxqgrmbpnmx7xp99b9g1s348874i5vmf4dj3f9hxzawlqq351";
};
meta.homepage = "https://github.com/olimorris/onedarkpro.nvim/";
};
@@ -6731,12 +6767,12 @@ final: prev:
oxocarbon-nvim = buildVimPluginFrom2Nix {
pname = "oxocarbon.nvim";
- version = "2023-01-10";
+ version = "2023-02-02";
src = fetchFromGitHub {
owner = "nyoom-engineering";
repo = "oxocarbon.nvim";
- rev = "b58812cde84df6ec0c2f54e602d608d94a78ebef";
- sha256 = "0gk2j9dkdjdiagz49wxj0skm9w50fifl0xg2496rcdarvhh5lny7";
+ rev = "f7b05feadc985f39639650067f1a333285cb4085";
+ sha256 = "0pwk7g59cmfpnqvvflbxxknmy3hnp6g9rz5la1gs00n7391gmcqq";
};
meta.homepage = "https://github.com/nyoom-engineering/oxocarbon.nvim/";
};
@@ -6863,12 +6899,12 @@ final: prev:
playground = buildVimPluginFrom2Nix {
pname = "playground";
- version = "2023-01-24";
+ version = "2023-02-02";
src = fetchFromGitHub {
owner = "nvim-treesitter";
repo = "playground";
- rev = "c19bcfd6a3681bc876e1b861f6685bfc04972d0d";
- sha256 = "07vhiknf5gfd8rp6ynp9xq3rlc17b1sh322mlhg3976hl62lgs4f";
+ rev = "c481c660fa903a0e295902b1765ecfbd6e76a556";
+ sha256 = "0d30s2rnjdizy8mibxl7pw99ij8209k09myv03d2sqnzapgx28ib";
};
meta.homepage = "https://github.com/nvim-treesitter/playground/";
};
@@ -6984,12 +7020,12 @@ final: prev:
purescript-vim = buildVimPluginFrom2Nix {
pname = "purescript-vim";
- version = "2022-12-07";
+ version = "2023-02-04";
src = fetchFromGitHub {
owner = "purescript-contrib";
repo = "purescript-vim";
- rev = "7af25a840d38dc6767c85edd1f35c1f835618071";
- sha256 = "1aw0bd0cx76ldm5nx17lqsxshlaiw8v9j0rwf1mlbz5k40c5v2w9";
+ rev = "9a01f01991ca52ae835da09f483aeeeb79639739";
+ sha256 = "0ix3gxh1d3iw9zjmw41yc3fk2dxz5xi5j0l7bn4xv7shbdpki1la";
};
meta.homepage = "https://github.com/purescript-contrib/purescript-vim/";
};
@@ -7500,6 +7536,18 @@ final: prev:
meta.homepage = "https://github.com/kovisoft/slimv/";
};
+ smart-splits-nvim = buildVimPluginFrom2Nix {
+ pname = "smart-splits.nvim";
+ version = "2022-12-21";
+ src = fetchFromGitHub {
+ owner = "mrjones2014";
+ repo = "smart-splits.nvim";
+ rev = "fdd158ce7554dc830fb86e0fe952cd9476cdf726";
+ sha256 = "17xjcfjfzmy4crs6ks8drdjcygdnri776gf3vmnssjyvmzab3mdl";
+ };
+ meta.homepage = "https://github.com/mrjones2014/smart-splits.nvim/";
+ };
+
smartpairs-vim = buildVimPluginFrom2Nix {
pname = "smartpairs.vim";
version = "2018-01-01";
@@ -7863,12 +7911,12 @@ final: prev:
switch-vim = buildVimPluginFrom2Nix {
pname = "switch.vim";
- version = "2023-01-18";
+ version = "2023-02-03";
src = fetchFromGitHub {
owner = "AndrewRadev";
repo = "switch.vim";
- rev = "9aa594704eb63b81477bf7547342a5cc4012ef80";
- sha256 = "058nwj9rin11p9ifcl50i6ys5fv4v80kml4gnxqq89cd52sz07mh";
+ rev = "41fec8581f4816291481ab6c6e0516bf904d4a7a";
+ sha256 = "0gxipkigllr82gadgnhlhj4kk47131ykqac26zp6yxamgrnx43sq";
fetchSubmodules = true;
};
meta.homepage = "https://github.com/AndrewRadev/switch.vim/";
@@ -8202,12 +8250,12 @@ final: prev:
telescope-manix = buildVimPluginFrom2Nix {
pname = "telescope-manix";
- version = "2023-01-23";
+ version = "2023-02-03";
src = fetchFromGitHub {
owner = "MrcJkb";
repo = "telescope-manix";
- rev = "66feda7a276366edfc555cb0a7e56b8dd70aadc3";
- sha256 = "1n4ygj3jhgqfg7xrh3hd56x14yqk6rdy3099hy8azbrx40zx0zdw";
+ rev = "28c0100c90dc200dd42471003d458fa8a2b71428";
+ sha256 = "0sd914iybjxrvfmakzw8wb6k97sjvw1nnmfli7a0wvrrbak562rk";
};
meta.homepage = "https://github.com/MrcJkb/telescope-manix/";
};
@@ -8334,12 +8382,12 @@ final: prev:
template-string-nvim = buildVimPluginFrom2Nix {
pname = "template-string.nvim";
- version = "2022-11-10";
+ version = "2023-02-02";
src = fetchFromGitHub {
owner = "axelvc";
repo = "template-string.nvim";
- rev = "fa94fd309f511ac19bcba0b4390104520f07a08d";
- sha256 = "00q8f8v6zcs85iyv36byil0a9v20m7q7scmkx1231nq0z21kzadc";
+ rev = "b97ee201fa2d5edced1c6dbaf432d00fec0468f1";
+ sha256 = "0cygqc07grd55w4bk42qil80353fr7hf3f73mc9n2y43knijamf8";
};
meta.homepage = "https://github.com/axelvc/template-string.nvim/";
};
@@ -8539,12 +8587,12 @@ final: prev:
toggleterm-nvim = buildVimPluginFrom2Nix {
pname = "toggleterm.nvim";
- version = "2023-01-13";
+ version = "2023-02-02";
src = fetchFromGitHub {
owner = "akinsho";
repo = "toggleterm.nvim";
- rev = "a54e6c471ce1cd8ef8357e34598a28a955297131";
- sha256 = "07q90impvavl0vv2c89ckqm2g6b7yk5n4z8n1864pz1j6442vhda";
+ rev = "19aad0f41f47affbba1274f05e3c067e6d718e1e";
+ sha256 = "1zslvsdv6y15yiqjyq52mdib15rk7k7k2qg1shwxhjjipgzykvpl";
};
meta.homepage = "https://github.com/akinsho/toggleterm.nvim/";
};
@@ -8729,6 +8777,18 @@ final: prev:
meta.homepage = "https://github.com/chrisbra/unicode.vim/";
};
+ unison = buildVimPluginFrom2Nix {
+ pname = "unison";
+ version = "2023-02-03";
+ src = fetchFromGitHub {
+ owner = "unisonweb";
+ repo = "unison";
+ rev = "59acc0cbe429492a99bfebf2b783fc2fa3967f75";
+ sha256 = "1nrpxprq1f2pp269nrx18avv7ghngqlr7rjahib91rgkvhw6k1x7";
+ };
+ meta.homepage = "https://github.com/unisonweb/unison/";
+ };
+
unite-vim = buildVimPluginFrom2Nix {
pname = "unite.vim";
version = "2021-02-06";
@@ -9151,12 +9211,12 @@ final: prev:
vim-airline = buildVimPluginFrom2Nix {
pname = "vim-airline";
- version = "2023-01-29";
+ version = "2023-02-02";
src = fetchFromGitHub {
owner = "vim-airline";
repo = "vim-airline";
- rev = "18b85395d32e235128b85a059dd60b562f9dbfe1";
- sha256 = "0212cazr83r9n07gmm0rbzp7mq0lh88iwbcqsdza3nw98rqp3i5z";
+ rev = "038e3a6ca59f11b3bb6a94087c1792322d1a1d5c";
+ sha256 = "0m59sij2y38sgcmzic3jxw08bwkycywkjxn906xgfkwn2rvhv8cv";
};
meta.homepage = "https://github.com/vim-airline/vim-airline/";
};
@@ -10087,12 +10147,12 @@ final: prev:
vim-endwise = buildVimPluginFrom2Nix {
pname = "vim-endwise";
- version = "2022-08-17";
+ version = "2023-02-03";
src = fetchFromGitHub {
owner = "tpope";
repo = "vim-endwise";
- rev = "4e5c8358d751625bb040b187b9fe430c2b769f0a";
- sha256 = "0vfkvq20kr6jbm526vkvyliv4zybha7jpp7iaimvw4zx1mjs5pih";
+ rev = "43301cf9a0fafd78cec7c2e5b9c0e2cfd9436e8a";
+ sha256 = "0lcgax5m1zmngdz5dk9lx89didicw831zgyyjx0w9iih6d9amj18";
};
meta.homepage = "https://github.com/tpope/vim-endwise/";
};
@@ -10483,12 +10543,12 @@ final: prev:
vim-go = buildVimPluginFrom2Nix {
pname = "vim-go";
- version = "2023-01-15";
+ version = "2023-02-04";
src = fetchFromGitHub {
owner = "fatih";
repo = "vim-go";
- rev = "9e64fc1ab60b2e97d39410482b64289dbbaf4eda";
- sha256 = "01vj5c89g6fblrybx2f95ji9blcdjyqrr120qwbq9kawbgja1giy";
+ rev = "58437d8250cc3355b565725073f51ff0ff77cea6";
+ sha256 = "1fsrhyawry2m4dq7lrh1zvanxn2qi35lqg1al92w065sf62mds9z";
};
meta.homepage = "https://github.com/fatih/vim-go/";
};
@@ -11097,12 +11157,12 @@ final: prev:
vim-ledger = buildVimPluginFrom2Nix {
pname = "vim-ledger";
- version = "2023-01-10";
+ version = "2023-02-04";
src = fetchFromGitHub {
owner = "ledger";
repo = "vim-ledger";
- rev = "653fb20b4c0eedabdc5486719b571813d5c8878c";
- sha256 = "1y6hzjx4qknwvilqxshqgl8q6wy7ycabmlzy2kgww7257cxsan1x";
+ rev = "9b18bd548ec1fd6e94b262b3af0d9fb337c0b1df";
+ sha256 = "1paqjvvrcgngpggwa2a57d85xzvz5g5mk43bzn5fkgc1xfd77yv1";
};
meta.homepage = "https://github.com/ledger/vim-ledger/";
};
@@ -12512,6 +12572,30 @@ final: prev:
meta.homepage = "https://github.com/t9md/vim-smalls/";
};
+ vim-smartbd = buildVimPluginFrom2Nix {
+ pname = "vim-smartbd";
+ version = "2015-12-20";
+ src = fetchFromGitHub {
+ owner = "Industrial";
+ repo = "vim-smartbd";
+ rev = "62c267401f634d4f8f65933c812469610ba505ea";
+ sha256 = "0a4ls93bgy5r7ar3r60zgdn2jzdkk10wrws14lw2xl8yg65rc0mg";
+ };
+ meta.homepage = "https://github.com/Industrial/vim-smartbd/";
+ };
+
+ vim-smartbw = buildVimPluginFrom2Nix {
+ pname = "vim-smartbw";
+ version = "2015-12-20";
+ src = fetchFromGitHub {
+ owner = "Industrial";
+ repo = "vim-smartbw";
+ rev = "8091e5e452f63b10d4c9eacf0cc84cba394148f7";
+ sha256 = "08i8qyqahj2jv44pay7bi2dxajhsrx244i44v53y4iiddps6smxn";
+ };
+ meta.homepage = "https://github.com/Industrial/vim-smartbw/";
+ };
+
vim-smoothie = buildVimPluginFrom2Nix {
pname = "vim-smoothie";
version = "2022-06-10";
@@ -12995,12 +13079,12 @@ final: prev:
vim-tpipeline = buildVimPluginFrom2Nix {
pname = "vim-tpipeline";
- version = "2023-01-29";
+ version = "2023-02-02";
src = fetchFromGitHub {
owner = "vimpostor";
repo = "vim-tpipeline";
- rev = "6be01c509779b1c8a3d1747677a9203419bd11c2";
- sha256 = "17ifpbrcyfs8szdsk3j59916lsbal72mysk4ksgpw0q1paqzk75s";
+ rev = "0dfb1bf84bf8899dc57ae1102605336b929898e7";
+ sha256 = "1pyk4bf3mrmhylmmrxj0wlq145ilanmkiblyjmdl0imwn8m5jyl9";
};
meta.homepage = "https://github.com/vimpostor/vim-tpipeline/";
};
@@ -13149,6 +13233,18 @@ final: prev:
meta.homepage = "https://github.com/mg979/vim-visual-multi/";
};
+ vim-visual-star-search = buildVimPluginFrom2Nix {
+ pname = "vim-visual-star-search";
+ version = "2021-07-14";
+ src = fetchFromGitHub {
+ owner = "bronson";
+ repo = "vim-visual-star-search";
+ rev = "7c32edb9e3c85d473d9be4dec721a4c9d5d4d69c";
+ sha256 = "1g3n84bwvy2535n8xwh14j3s8n1jwvl577vigg8zsxxvhjzl878b";
+ };
+ meta.homepage = "https://github.com/bronson/vim-visual-star-search/";
+ };
+
vim-visualstar = buildVimPluginFrom2Nix {
pname = "vim-visualstar";
version = "2015-08-27";
@@ -13524,12 +13620,12 @@ final: prev:
vimtex = buildVimPluginFrom2Nix {
pname = "vimtex";
- version = "2023-01-30";
+ version = "2023-02-02";
src = fetchFromGitHub {
owner = "lervag";
repo = "vimtex";
- rev = "b8607084b324ab0c98892ca20f78433904aecef5";
- sha256 = "15n8mfiq8mxcjlp13mv17prdfc59cd2kqjsbk7wg89khhbg81sq3";
+ rev = "8ef5b0d9b85e7bb57b00b4571db4804aec0e10eb";
+ sha256 = "1nk85v06s4kybvnmh8raxcmj49snph4nsbfyizwcixwr592amcs1";
};
meta.homepage = "https://github.com/lervag/vimtex/";
};
@@ -13933,12 +14029,12 @@ final: prev:
chad = buildVimPluginFrom2Nix {
pname = "chad";
- version = "2023-02-02";
+ version = "2023-02-03";
src = fetchFromGitHub {
owner = "ms-jpq";
repo = "chadtree";
- rev = "e82eb7f40313a52f80e2e14e6d8b5d014c83b053";
- sha256 = "02p7fvbampijqbkbjfq74hjm7h1ak6p5m6w5pv9askfc4vw0mcnj";
+ rev = "baae8d0a8afb062f5be6d83189e626dd74f41f98";
+ sha256 = "024iis733yvvkqil2m0wxh7lpkz0j7ij2if4yds07izbyyrpdxg6";
};
meta.homepage = "https://github.com/ms-jpq/chadtree/";
};
@@ -13957,12 +14053,12 @@ final: prev:
embark-vim = buildVimPluginFrom2Nix {
pname = "embark-vim";
- version = "2022-09-12";
+ version = "2023-02-03";
src = fetchFromGitHub {
owner = "embark-theme";
repo = "vim";
- rev = "96fdfff7dac84dda937d843a0aceb1c39acba761";
- sha256 = "1yms82s3iwis6lk5h1kapa9vlhlhbk1kqxlywlvvy6kz7d1iyvjj";
+ rev = "89a044730bf5402c49db03475a9fa56782ca9d1c";
+ sha256 = "0d7956wi0lcbimxbn5cmghw11vb8gfsg2pd6yr4xja6bb4ldlbrk";
};
meta.homepage = "https://github.com/embark-theme/vim/";
};
@@ -13981,12 +14077,12 @@ final: prev:
lspsaga-nvim-original = buildVimPluginFrom2Nix {
pname = "lspsaga-nvim-original";
- version = "2023-02-01";
+ version = "2023-02-04";
src = fetchFromGitHub {
owner = "glepnir";
repo = "lspsaga.nvim";
- rev = "f514660f65983d33613bf605bfd0adf583c06a8b";
- sha256 = "1xgkwfacglm3f96mvs5q799h5vxa7a0dsik562jzi20vhgm49x9x";
+ rev = "9a7013874a9d5e0413039fc9ded613fcdbd59cbd";
+ sha256 = "1n9dkd6wlghw1b011xnja2h36l68x5pi3cf7f4khw7zfk0f49r1k";
};
meta.homepage = "https://github.com/glepnir/lspsaga.nvim/";
};
diff --git a/third_party/nixpkgs/pkgs/applications/editors/vim/plugins/nvim-treesitter/generated.nix b/third_party/nixpkgs/pkgs/applications/editors/vim/plugins/nvim-treesitter/generated.nix
index a6ef2653ea..80e960b640 100644
--- a/third_party/nixpkgs/pkgs/applications/editors/vim/plugins/nvim-treesitter/generated.nix
+++ b/third_party/nixpkgs/pkgs/applications/editors/vim/plugins/nvim-treesitter/generated.nix
@@ -60,23 +60,23 @@
};
bash = buildGrammar {
language = "bash";
- version = "4488aa4";
+ version = "7f9506c";
src = fetchFromGitHub {
owner = "tree-sitter";
repo = "tree-sitter-bash";
- rev = "4488aa41406547e478636a4fcfd24f5bbc3f2f74";
- hash = "sha256-QkH5rI9/7x6L7e3YIwDMdSbBHOGhhC6LTHfasS7wX9U=";
+ rev = "7f9506c34ab6a0f4e3e052b7a49cbeef91f71236";
+ hash = "sha256-D9FesfedHnHWUcCIPGs72fpgeBO3xZ2rWTRDewa4qzM=";
};
meta.homepage = "https://github.com/tree-sitter/tree-sitter-bash";
};
beancount = buildGrammar {
language = "beancount";
- version = "c68ffc4";
+ version = "f3741a3";
src = fetchFromGitHub {
owner = "polarmutex";
repo = "tree-sitter-beancount";
- rev = "c68ffc4c6c27eadd81dd56c66f03f4d202d4b2d7";
- hash = "sha256-MJDatUpXJMf3OB8KocA+kJi+mqNKRs7wraq33tCg3/c=";
+ rev = "f3741a3a68ade59ec894ed84a64673494d2ba8f3";
+ hash = "sha256-WtZ3FindaePKbtlnilK9KkOoPxBaxRKNVM+8D52DtBE=";
};
meta.homepage = "https://github.com/polarmutex/tree-sitter-beancount";
};
@@ -135,6 +135,17 @@
};
meta.homepage = "https://github.com/amaanq/tree-sitter-capnp";
};
+ chatito = buildGrammar {
+ language = "chatito";
+ version = "3baf22e";
+ src = fetchFromGitHub {
+ owner = "ObserverOfTime";
+ repo = "tree-sitter-chatito";
+ rev = "3baf22e7e507cedf15d1dbc03df8afa50a625586";
+ hash = "sha256-NsdkvMkrHfVakeYxPJfr4HOg5BlLB6OPFQeMseQQL/k=";
+ };
+ meta.homepage = "https://github.com/ObserverOfTime/tree-sitter-chatito";
+ };
clojure = buildGrammar {
language = "clojure";
version = "262d6d6";
@@ -435,6 +446,17 @@
};
meta.homepage = "https://github.com/mgramigna/tree-sitter-fsh";
};
+ func = buildGrammar {
+ language = "func";
+ version = "88ee7d0";
+ src = fetchFromGitHub {
+ owner = "amaanq";
+ repo = "tree-sitter-func";
+ rev = "88ee7d0f569af10ab8c78a12f37217a8d15a0ffa";
+ hash = "sha256-SLI59AtprfCQr6VccCVr+2sazEtUSXnAwHcclWrkXxA=";
+ };
+ meta.homepage = "https://github.com/amaanq/tree-sitter-func";
+ };
fusion = buildGrammar {
language = "fusion";
version = "19db2f4";
@@ -448,12 +470,12 @@
};
gdscript = buildGrammar {
language = "gdscript";
- version = "a8fa839";
+ version = "4849e65";
src = fetchFromGitHub {
owner = "PrestonKnopp";
repo = "tree-sitter-gdscript";
- rev = "a8fa839150d05baaf4d5a472520ee71e9b1d8b3c";
- hash = "sha256-uSpic8MKMvl1p7LOHNn5EJGp1iOYkeqcRt7skdROmBo=";
+ rev = "4849e657b98945cd040ffa7fd833d6130259dbab";
+ hash = "sha256-Rs1W2jahp+J42JzICi+QLAqfHYXth47g4LjejJnJypo=";
};
meta.homepage = "https://github.com/PrestonKnopp/tree-sitter-gdscript";
};
@@ -569,6 +591,17 @@
};
meta.homepage = "https://github.com/camdencheek/tree-sitter-go-mod";
};
+ gosum = buildGrammar {
+ language = "gosum";
+ version = "68974b6";
+ src = fetchFromGitHub {
+ owner = "amaanq";
+ repo = "tree-sitter-go-sum";
+ rev = "68974b63c19dc6e27214a5c76b6e26c0c40fe5b7";
+ hash = "sha256-Avk9nAICwy59VYIlLhp9FkozAna9kMwY60pAqKyJsK4=";
+ };
+ meta.homepage = "https://github.com/amaanq/tree-sitter-go-sum";
+ };
gowork = buildGrammar {
language = "gowork";
version = "949a8a4";
@@ -637,12 +670,12 @@
};
help = buildGrammar {
language = "help";
- version = "9dee68e";
+ version = "8f75ef3";
src = fetchFromGitHub {
owner = "neovim";
repo = "tree-sitter-vimdoc";
- rev = "9dee68e3912d16e9878b06e3cd87e21ada3d9029";
- hash = "sha256-6XYEC+wKrCbPtcdjFH1O0EdX84M+NpPfTO2tXGFkwtk=";
+ rev = "8f75ef3ec86bc315d5fdb939899b397289389181";
+ hash = "sha256-zzD899bOSVn0/RCki6i8wHEQgaIrCurRw4AxnN3J+VA=";
};
meta.homepage = "https://github.com/neovim/tree-sitter-vimdoc";
};
@@ -813,12 +846,12 @@
};
julia = buildGrammar {
language = "julia";
- version = "9d36818";
+ version = "e2f449e";
src = fetchFromGitHub {
owner = "tree-sitter";
repo = "tree-sitter-julia";
- rev = "9d368185be7e8139f2eda93d8b0acc2a54031718";
- hash = "sha256-6jKiqDo8fSHrUGFIizNSKWoB0CVXJv6b3XfN9YjNLJc=";
+ rev = "e2f449e2bcc95f1d07ceb62d67f986005f73a6be";
+ hash = "sha256-ZXnEvHtheP8rI/lwPf94lVCF5S5rw38bewuZ0GHxjr8=";
};
meta.homepage = "https://github.com/tree-sitter/tree-sitter-julia";
};
@@ -923,24 +956,24 @@
};
markdown = buildGrammar {
language = "markdown";
- version = "63cda48";
+ version = "abea13b";
src = fetchFromGitHub {
owner = "MDeiml";
repo = "tree-sitter-markdown";
- rev = "63cda483a37c91eae817f33bc55680f228845566";
- hash = "sha256-1GJsg9R5fDWbbeLWVjLG0vQ2FCg0qiG3NRNEFZm3lqg=";
+ rev = "abea13b86c404564991244b69b7afc4ca362d0c0";
+ hash = "sha256-gdRl+jTSGlijc3/hn1BYClAlpYljzSRVpRoi9Q446PU=";
};
location = "tree-sitter-markdown";
meta.homepage = "https://github.com/MDeiml/tree-sitter-markdown";
};
markdown_inline = buildGrammar {
language = "markdown_inline";
- version = "63cda48";
+ version = "abea13b";
src = fetchFromGitHub {
owner = "MDeiml";
repo = "tree-sitter-markdown";
- rev = "63cda483a37c91eae817f33bc55680f228845566";
- hash = "sha256-1GJsg9R5fDWbbeLWVjLG0vQ2FCg0qiG3NRNEFZm3lqg=";
+ rev = "abea13b86c404564991244b69b7afc4ca362d0c0";
+ hash = "sha256-gdRl+jTSGlijc3/hn1BYClAlpYljzSRVpRoi9Q446PU=";
};
location = "tree-sitter-markdown-inline";
meta.homepage = "https://github.com/MDeiml/tree-sitter-markdown";
@@ -1291,12 +1324,12 @@
};
ruby = buildGrammar {
language = "ruby";
- version = "7a1921b";
+ version = "206c707";
src = fetchFromGitHub {
owner = "tree-sitter";
repo = "tree-sitter-ruby";
- rev = "7a1921bcfd90e3a04c1ad011059087aaf0168dd4";
- hash = "sha256-niL8gqKv1Nq1z8y4c49amqkDo+FoIP3XEJz+dV2UmWo=";
+ rev = "206c7077164372c596ffa8eaadb9435c28941364";
+ hash = "sha256-1kQ3RP2lJ0vwvVmKAQYNyPjltEKZLiZ4iI8iIxcRGd8=";
};
meta.homepage = "https://github.com/tree-sitter/tree-sitter-ruby";
};
@@ -1401,12 +1434,12 @@
};
sql = buildGrammar {
language = "sql";
- version = "286e10c";
+ version = "c508e60";
src = fetchFromGitHub {
owner = "derekstride";
repo = "tree-sitter-sql";
- rev = "286e10c5bc5d1703ee8f9afb351165a9a6182be1";
- hash = "sha256-sIZ6615ioSz2wzjQLxcMaXKxd17qGR6nFDMxuwOx0Z8=";
+ rev = "c508e6044adf4298d7b321f966c90cbe32d75d23";
+ hash = "sha256-Ed+6pwxwvwLKOVB9XVHF+IftEiO4bG0yZAe77xBcazI=";
};
generate = true;
meta.homepage = "https://github.com/derekstride/tree-sitter-sql";
@@ -1606,12 +1639,12 @@
};
v = buildGrammar {
language = "v";
- version = "7ef1f12";
+ version = "719cf0c";
src = fetchFromGitHub {
owner = "vlang";
repo = "vls";
- rev = "7ef1f120c1c8950c7a3e1cdffe655bdd7220321b";
- hash = "sha256-2oVvuJsvEgv8J3abkV5ezAt0YdIkNNA4psqrcr4K+jo=";
+ rev = "719cf0cd297f9b2f45ecfbeb0115379fb8cfa9c3";
+ hash = "sha256-4xb5x/JZN1pFvPVqazcZMdZm8DTpBb5nW5AgOrB3YHc=";
};
location = "tree_sitter_v";
meta.homepage = "https://github.com/vlang/vls";
@@ -1717,12 +1750,12 @@
};
zig = buildGrammar {
language = "zig";
- version = "d90d38d";
+ version = "b0693dd";
src = fetchFromGitHub {
owner = "maxxnino";
repo = "tree-sitter-zig";
- rev = "d90d38d28ce8cc27bfea8b4e0c75211e9e2398ca";
- hash = "sha256-vdfXC9PUyv4YynfrKi7M708zFbNIV6AERBd63/EAp1A=";
+ rev = "b0693dd473efd91d6085acd8e0ff9c627d37e077";
+ hash = "sha256-Jmz2XDI+mrBYE2TEhxPJZbICbhs5AOC0tyC4OOgT61U=";
};
meta.homepage = "https://github.com/maxxnino/tree-sitter-zig";
};
diff --git a/third_party/nixpkgs/pkgs/applications/editors/vim/plugins/overrides.nix b/third_party/nixpkgs/pkgs/applications/editors/vim/plugins/overrides.nix
index 173a9f2eb6..0b02b1d9d8 100644
--- a/third_party/nixpkgs/pkgs/applications/editors/vim/plugins/overrides.nix
+++ b/third_party/nixpkgs/pkgs/applications/editors/vim/plugins/overrides.nix
@@ -116,7 +116,7 @@
self: super: {
- barbecue-nvim = super.vimshell-vim.overrideAttrs (old: {
+ barbecue-nvim = super.barbecue-nvim.overrideAttrs (old: {
dependencies = with self; [ nvim-lspconfig nvim-navic nvim-web-devicons ];
meta = {
description = "A VS Code like winbar for Neovim";
@@ -991,6 +991,11 @@ self: super: {
'';
});
+ unison = super.unison.overrideAttrs (old: {
+ # Editor stuff isn't at top level
+ postPatch = "cd editor-support/vim";
+ });
+
vCoolor-vim = super.vCoolor-vim.overrideAttrs (old: {
# on linux can use either Zenity or Yad.
propagatedBuildInputs = [ gnome.zenity ];
@@ -1193,7 +1198,7 @@ self: super: {
hexokinase = buildGoModule {
name = "hexokinase";
src = old.src + "/hexokinase";
- vendorSha256 = "pQpattmS9VmO3ZIQUFn66az8GSmB4IvYhTTCFn6SUmo=";
+ vendorSha256 = null;
};
in
''
diff --git a/third_party/nixpkgs/pkgs/applications/editors/vim/plugins/vim-plugin-names b/third_party/nixpkgs/pkgs/applications/editors/vim/plugins/vim-plugin-names
index 1cebfd2ddc..6552349d1e 100644
--- a/third_party/nixpkgs/pkgs/applications/editors/vim/plugins/vim-plugin-names
+++ b/third_party/nixpkgs/pkgs/applications/editors/vim/plugins/vim-plugin-names
@@ -64,6 +64,7 @@ https://github.com/hotwatermorning/auto-git-diff/,,
https://github.com/jiangmiao/auto-pairs/,,
https://github.com/pocco81/auto-save.nvim/,HEAD,
https://github.com/rmagatti/auto-session/,,
+https://github.com/m4xshen/autoclose.nvim/,HEAD,
https://github.com/vim-scripts/autoload_cscope.vim/,,
https://github.com/rafi/awesome-vim-colorschemes/,,
https://github.com/ayu-theme/ayu-vim/,,
@@ -324,6 +325,7 @@ https://github.com/nishigori/increment-activator/,,
https://github.com/haya14busa/incsearch-easymotion.vim/,,
https://github.com/haya14busa/incsearch.vim/,,
https://github.com/lukas-reineke/indent-blankline.nvim/,,
+https://github.com/Darazaki/indent-o-matic/,,
https://github.com/Yggdroot/indentLine/,,
https://github.com/ciaranm/inkpot/,,
https://github.com/jbyuki/instant.nvim/,HEAD,
@@ -440,6 +442,7 @@ https://github.com/folke/neoconf.nvim/,HEAD,
https://github.com/KeitaNakamura/neodark.vim/,,
https://github.com/folke/neodev.nvim/,HEAD,
https://github.com/sbdchd/neoformat/,,
+https://github.com/danymat/neogen/,HEAD,
https://github.com/TimUntersberger/neogit/,,
https://github.com/Shougo/neoinclude.vim/,,
https://github.com/neomake/neomake/,,
@@ -630,6 +633,7 @@ https://github.com/AndrewRadev/sideways.vim/,,
https://github.com/lotabout/skim.vim/,,
https://github.com/mopp/sky-color-clock.vim/,,
https://github.com/kovisoft/slimv/,,
+https://github.com/mrjones2014/smart-splits.nvim/,,
https://github.com/gorkunov/smartpairs.vim/,,
https://github.com/camspiers/snap/,,
https://github.com/norcalli/snippets.nvim/,,
@@ -732,6 +736,7 @@ https://github.com/leafgarland/typescript-vim/,,
https://github.com/SirVer/ultisnips/,,
https://github.com/mbbill/undotree/,,
https://github.com/chrisbra/unicode.vim/,,
+https://github.com/unisonweb/unison/,,
https://github.com/Shougo/unite.vim/,,
https://github.com/axieax/urlview.nvim/,,
https://github.com/vim-scripts/utl.vim/,,
@@ -1050,6 +1055,8 @@ https://github.com/tpope/vim-sleuth/,,
https://github.com/jpalardy/vim-slime/,,
https://github.com/mzlogin/vim-smali/,,
https://github.com/t9md/vim-smalls/,,
+https://github.com/Industrial/vim-smartbd/,HEAD,
+https://github.com/Industrial/vim-smartbw/,HEAD,
https://github.com/psliwka/vim-smoothie/,,
https://github.com/bohlender/vim-smt2/,,
https://github.com/justinmk/vim-sneak/,,
@@ -1104,6 +1111,7 @@ https://github.com/hashivim/vim-vagrant/,,
https://github.com/tpope/vim-vinegar/,,
https://github.com/triglav/vim-visual-increment/,,
https://github.com/mg979/vim-visual-multi/,,
+https://github.com/bronson/vim-visual-star-search/,HEAD,
https://github.com/thinca/vim-visualstar/,,
https://github.com/ngemily/vim-vp4/,HEAD,
https://github.com/hrsh7th/vim-vsnip/,,
diff --git a/third_party/nixpkgs/pkgs/applications/editors/vscode/extensions/default.nix b/third_party/nixpkgs/pkgs/applications/editors/vscode/extensions/default.nix
index 9e4548ad0f..41666183ce 100644
--- a/third_party/nixpkgs/pkgs/applications/editors/vscode/extensions/default.nix
+++ b/third_party/nixpkgs/pkgs/applications/editors/vscode/extensions/default.nix
@@ -2580,8 +2580,8 @@ let
mktplcRef = {
name = "code-spell-checker";
publisher = "streetsidesoftware";
- version = "2.15.0";
- sha256 = "sha256-YfcO/01nO+92xZEJgYyLYAkqXMqfV/QDkcN9Dnjp5ZA=";
+ version = "2.16.0";
+ sha256 = "sha256-Qr4cYAEvAkvvE6KytVeInJzcMQJZqr/e/KPfelVzjUA=";
};
meta = with lib; {
changelog = "https://marketplace.visualstudio.com/items/streetsidesoftware.code-spell-checker/changelog";
diff --git a/third_party/nixpkgs/pkgs/applications/editors/vscode/extensions/lua/default.nix b/third_party/nixpkgs/pkgs/applications/editors/vscode/extensions/lua/default.nix
index 529428de67..6c9c72ca60 100644
--- a/third_party/nixpkgs/pkgs/applications/editors/vscode/extensions/lua/default.nix
+++ b/third_party/nixpkgs/pkgs/applications/editors/vscode/extensions/lua/default.nix
@@ -1,6 +1,6 @@
{ lib
, vscode-utils
-, sumneko-lua-language-server
+, lua-language-server
}:
vscode-utils.buildVscodeMarketplaceExtension {
@@ -14,7 +14,7 @@ vscode-utils.buildVscodeMarketplaceExtension {
patches = [ ./remove-chmod.patch ];
postInstall = ''
- ln -sf ${sumneko-lua-language-server}/bin/lua-language-server \
+ ln -sf ${lua-language-server}/bin/lua-language-server \
$out/$installPrefix/server/bin/lua-language-server
'';
diff --git a/third_party/nixpkgs/pkgs/applications/editors/vscode/generic.nix b/third_party/nixpkgs/pkgs/applications/editors/vscode/generic.nix
index 1b4f4508fb..c2036566b3 100644
--- a/third_party/nixpkgs/pkgs/applications/editors/vscode/generic.nix
+++ b/third_party/nixpkgs/pkgs/applications/editors/vscode/generic.nix
@@ -135,6 +135,9 @@ let
# this fixes bundled ripgrep
chmod +x resources/app/node_modules/@vscode/ripgrep/bin/rg
+
+ # see https://github.com/gentoo/gentoo/commit/4da5959
+ chmod +x resources/app/node_modules/node-pty/build/Release/spawn-helper
'';
inherit meta;
diff --git a/third_party/nixpkgs/pkgs/applications/editors/vscode/vscode.nix b/third_party/nixpkgs/pkgs/applications/editors/vscode/vscode.nix
index 1d684f3ee3..1e6195021c 100644
--- a/third_party/nixpkgs/pkgs/applications/editors/vscode/vscode.nix
+++ b/third_party/nixpkgs/pkgs/applications/editors/vscode/vscode.nix
@@ -18,17 +18,17 @@ let
archive_fmt = if stdenv.isDarwin then "zip" else "tar.gz";
sha256 = {
- x86_64-linux = "192csxsvxdnizdi2jnh0w243h54cb4r99y4p9mnck813bnlcplf5";
- x86_64-darwin = "0l5n7ba3gd7f73dag52ccd26076a37jvr5a3npyd0078nby0d5n4";
- aarch64-linux = "073czaap96ddchmsdx7wjqfm68pgimwrngmy2rfgj4b7a0iw3jg6";
- aarch64-darwin = "1nl3xpjw4ci0z0g7jx5z3v9j6l4vka5w1ijsf2qvrwa27pp8n6hk";
- armv7l-linux = "10vcmicrk19qi8l01hkvxlay8gqk5qlkx0kpax0blkk91cifqzg7";
+ x86_64-linux = "1b1xk4f736lxg7vsqhnra0x1vvb3x9fj7ijxqk5liz5pap18k1c8";
+ x86_64-darwin = "1pi2kspq162aaj42ssmrf67bbdk4n0vx618z8avxnbx3wbcrsnap";
+ aarch64-linux = "1j6qim8k94a2baj8w098l6x3i94n34g62c1brfmhha8fr48jzlir";
+ aarch64-darwin = "0agl2n6ljd5rc5shypn5j1292pf673nhqhmwhg5bg9qsawar0ksf";
+ armv7l-linux = "10k4pzp9lyn5g8frgixcx9jyixwckr1481d1npdzrgcdwfwrmf20";
}.${system} or throwSystem;
in
callPackage ./generic.nix rec {
# Please backport all compatible updates to the stable release.
# This is important for the extension ecosystem.
- version = "1.74.3";
+ version = "1.75.0";
pname = "vscode";
executableName = "code" + lib.optionalString isInsiders "-insiders";
diff --git a/third_party/nixpkgs/pkgs/applications/editors/vscode/vscodium.nix b/third_party/nixpkgs/pkgs/applications/editors/vscode/vscodium.nix
index 0821971406..cd89ab7d78 100644
--- a/third_party/nixpkgs/pkgs/applications/editors/vscode/vscodium.nix
+++ b/third_party/nixpkgs/pkgs/applications/editors/vscode/vscodium.nix
@@ -15,11 +15,11 @@ let
archive_fmt = if stdenv.isDarwin then "zip" else "tar.gz";
sha256 = {
- x86_64-linux = "0mm6xa0kizgg2f6cql6jk8h83pn89h6q7rrs1kypvj3j0x6ysqsg";
- x86_64-darwin = "1g9syvinj2mx292wrnrdn2znqhg17mrjqij0z1ilag5bi4xmzhcj";
- aarch64-linux = "0xbq6fla0lxan08jgmsva91cbcv8rhzd7mqixrm1lsqh4h0wpssz";
- aarch64-darwin = "1b4a56j256rib1997g9wwiak206axkppl124qg021vyab42x8rim";
- armv7l-linux = "0gb96hi854kyh8694j9mbgl78f4y68czkwmjxhzb054l5b4adjla";
+ x86_64-linux = "1qayw19mb7f0gcgcvl57gpacrqsyx2jvc6s63vzbx8jmf5qnk71a";
+ x86_64-darwin = "02z9026kp66lx6pll46xx790jj7c7wh2ca7xim373x90k8hm4kwz";
+ aarch64-linux = "1izqhzvv46p05k1z2yg380ddwmar4w2pbrd0dyvkdysvp166y931";
+ aarch64-darwin = "1zcr653ssck4nc3vf04l6bilnjdsiqscw62g1wzbyk6s50133cx8";
+ armv7l-linux = "0n914rcfn2m9zsbnkd82cmw88qbpssv6jk3g8ig3wqlircbgrw0h";
}.${system} or throwSystem;
sourceRoot = if stdenv.isDarwin then "" else ".";
@@ -29,7 +29,7 @@ in
# Please backport all compatible updates to the stable release.
# This is important for the extension ecosystem.
- version = "1.74.3.23010";
+ version = "1.75.0.23033";
pname = "vscodium";
executableName = "codium";
diff --git a/third_party/nixpkgs/pkgs/applications/emulators/rpcs3/default.nix b/third_party/nixpkgs/pkgs/applications/emulators/rpcs3/default.nix
index a97114a07a..d3d5f1e11f 100644
--- a/third_party/nixpkgs/pkgs/applications/emulators/rpcs3/default.nix
+++ b/third_party/nixpkgs/pkgs/applications/emulators/rpcs3/default.nix
@@ -9,10 +9,10 @@
let
# Keep these separate so the update script can regex them
- rpcs3GitVersion = "14637-c471120a8";
- rpcs3Version = "0.0.26-14637-c471120a8";
- rpcs3Revision = "c471120a80ec6f12cd4489e1a9be073d7d9c96f2";
- rpcs3Sha256 = "1fl7zarxbjaz6mi3lqv55kdwpvjfz8d02qfl0655zihwm6zzdny5";
+ rpcs3GitVersion = "14684-8652b7d35";
+ rpcs3Version = "0.0.26-14684-8652b7d35";
+ rpcs3Revision = "8652b7d358fe975242dd2c51c91fd2968e6bcb82";
+ rpcs3Sha256 = "08cd082cih9pcppipkhid1x1s7bq4grsz0zfa1rlxkzw3lajxnrf";
ittapi = fetchFromGitHub {
owner = "intel";
diff --git a/third_party/nixpkgs/pkgs/applications/emulators/wine/base.nix b/third_party/nixpkgs/pkgs/applications/emulators/wine/base.nix
index ae38f5d332..ed9e24a910 100644
--- a/third_party/nixpkgs/pkgs/applications/emulators/wine/base.nix
+++ b/third_party/nixpkgs/pkgs/applications/emulators/wine/base.nix
@@ -4,7 +4,6 @@
autoconf, hexdump, perl, nixosTests,
supportFlags,
patches,
- vkd3dArches,
moltenvk,
buildScript ? null, configureFlags ? [], mainProgram ? "wine"
}:
@@ -71,7 +70,6 @@ stdenv.mkDerivation ((lib.optionalAttrs (buildScript != null) {
++ lib.optional cupsSupport pkgs.cups
++ lib.optional gettextSupport pkgs.gettext
++ lib.optional dbusSupport pkgs.dbus
- ++ lib.optional openalSupport pkgs.openal
++ lib.optional cairoSupport pkgs.cairo
++ lib.optional odbcSupport pkgs.unixODBC
++ lib.optional netapiSupport pkgs.samba4
@@ -82,7 +80,6 @@ stdenv.mkDerivation ((lib.optionalAttrs (buildScript != null) {
++ lib.optional saneSupport pkgs.sane-backends
++ lib.optional gphoto2Support pkgs.libgphoto2
++ lib.optional krb5Support pkgs.libkrb5
- ++ lib.optional ldapSupport pkgs.openldap
++ lib.optional fontconfigSupport pkgs.fontconfig
++ lib.optional alsaSupport pkgs.alsa-lib
++ lib.optional pulseaudioSupport pkgs.libpulseaudio
@@ -91,7 +88,6 @@ stdenv.mkDerivation ((lib.optionalAttrs (buildScript != null) {
++ lib.optional vulkanSupport (if stdenv.isDarwin then moltenvk else pkgs.vulkan-loader)
++ lib.optional sdlSupport pkgs.SDL2
++ lib.optional usbSupport pkgs.libusb1
- ++ vkd3dArches
++ lib.optionals gstreamerSupport (with pkgs.gst_all_1;
[ gstreamer gst-plugins-base gst-plugins-good gst-plugins-ugly gst-libav
(gst-plugins-bad.override { enableZbar = false; }) ])
@@ -101,7 +97,7 @@ stdenv.mkDerivation ((lib.optionalAttrs (buildScript != null) {
++ lib.optionals (openglSupport && !stdenv.isDarwin) [ pkgs.libGLU pkgs.libGL pkgs.mesa.osmesa pkgs.libdrm ]
++ lib.optionals stdenv.isDarwin (with pkgs.buildPackages.darwin.apple_sdk.frameworks; [
CoreServices Foundation ForceFeedback AppKit OpenGL IOKit DiskArbitration Security
- ApplicationServices AudioToolbox CoreAudio AudioUnit CoreMIDI OpenAL OpenCL Cocoa Carbon
+ ApplicationServices AudioToolbox CoreAudio AudioUnit CoreMIDI OpenCL Cocoa Carbon
])
++ lib.optionals (stdenv.isLinux && !waylandSupport) (with pkgs.xorg; [
libX11 libXi libXcursor libXrandr libXrender libXxf86vm libXcomposite libXext
diff --git a/third_party/nixpkgs/pkgs/applications/emulators/wine/default.nix b/third_party/nixpkgs/pkgs/applications/emulators/wine/default.nix
index 37953f73c5..d3b285f36d 100644
--- a/third_party/nixpkgs/pkgs/applications/emulators/wine/default.nix
+++ b/third_party/nixpkgs/pkgs/applications/emulators/wine/default.nix
@@ -18,7 +18,6 @@
gstreamerSupport ? false,
cupsSupport ? false,
dbusSupport ? false,
- openalSupport ? false,
openclSupport ? false,
cairoSupport ? false,
odbcSupport ? false,
@@ -30,13 +29,11 @@
saneSupport ? false,
gphoto2Support ? false,
krb5Support ? false,
- ldapSupport ? false,
pulseaudioSupport ? false,
udevSupport ? false,
xineramaSupport ? false,
vulkanSupport ? false,
sdlSupport ? false,
- vkd3dSupport ? false,
usbSupport ? false,
mingwSupport ? wineRelease != "stable",
waylandSupport ? wineRelease == "wayland",
@@ -49,12 +46,12 @@ let wine-build = build: release:
wineRelease = release;
supportFlags = {
inherit
- cupsSupport gettextSupport dbusSupport openalSupport cairoSupport
+ cupsSupport gettextSupport dbusSupport cairoSupport
odbcSupport netapiSupport cursesSupport vaSupport pcapSupport
- v4lSupport saneSupport gphoto2Support krb5Support ldapSupport fontconfigSupport
+ v4lSupport saneSupport gphoto2Support krb5Support fontconfigSupport
alsaSupport pulseaudioSupport xineramaSupport gtkSupport openclSupport
tlsSupport openglSupport gstreamerSupport udevSupport vulkanSupport
- sdlSupport usbSupport vkd3dSupport mingwSupport waylandSupport embedInstallers;
+ sdlSupport usbSupport mingwSupport waylandSupport embedInstallers;
};
inherit moltenvk;
});
diff --git a/third_party/nixpkgs/pkgs/applications/emulators/wine/packages.nix b/third_party/nixpkgs/pkgs/applications/emulators/wine/packages.nix
index 3b5aa19658..2672e75580 100644
--- a/third_party/nixpkgs/pkgs/applications/emulators/wine/packages.nix
+++ b/third_party/nixpkgs/pkgs/applications/emulators/wine/packages.nix
@@ -5,14 +5,11 @@
let
src = lib.getAttr wineRelease (callPackage ./sources.nix {});
- vkd3d = pkgs.callPackage ./vkd3d.nix { inherit moltenvk; };
- vkd3d_i686 = pkgsi686Linux.callPackage ./vkd3d.nix { inherit moltenvk; };
in with src; {
wine32 = pkgsi686Linux.callPackage ./base.nix {
pname = "wine";
inherit src version supportFlags patches moltenvk;
pkgArches = [ pkgsi686Linux ];
- vkd3dArches = lib.optionals supportFlags.vkd3dSupport [ vkd3d_i686 ];
geckos = [ gecko32 ];
mingwGccs = with pkgsCross; [ mingw32.buildPackages.gcc ];
monos = [ mono ];
@@ -22,7 +19,6 @@ in with src; {
pname = "wine64";
inherit src version supportFlags patches moltenvk;
pkgArches = [ pkgs ];
- vkd3dArches = lib.optionals supportFlags.vkd3dSupport [ vkd3d ];
mingwGccs = with pkgsCross; [ mingwW64.buildPackages.gcc ];
geckos = [ gecko64 ];
monos = [ mono ];
@@ -35,7 +31,6 @@ in with src; {
inherit src version supportFlags patches moltenvk;
stdenv = stdenv_32bit;
pkgArches = [ pkgs pkgsi686Linux ];
- vkd3dArches = lib.optionals supportFlags.vkd3dSupport [ vkd3d vkd3d_i686 ];
geckos = [ gecko32 gecko64 ];
mingwGccs = with pkgsCross; [ mingw32.buildPackages.gcc mingwW64.buildPackages.gcc ];
monos = [ mono ];
diff --git a/third_party/nixpkgs/pkgs/applications/emulators/wine/sources.nix b/third_party/nixpkgs/pkgs/applications/emulators/wine/sources.nix
index 0e8f129f91..0d7ac403ad 100644
--- a/third_party/nixpkgs/pkgs/applications/emulators/wine/sources.nix
+++ b/third_party/nixpkgs/pkgs/applications/emulators/wine/sources.nix
@@ -1,17 +1,17 @@
{ pkgs ? import {} }:
## we default to importing here, so that you can use
-## a simple shell command to insert new sha256's into this file
+## a simple shell command to insert new hashes into this file
## e.g. with emacs C-u M-x shell-command
##
## nix-prefetch-url sources.nix -A {stable{,.mono,.gecko64,.gecko32}, unstable, staging, winetricks}
# here we wrap fetchurl and fetchFromGitHub, in order to be able to pass additional args around it
-let fetchurl = args@{url, sha256, ...}:
- pkgs.fetchurl { inherit url sha256; } // args;
- fetchFromGitHub = args@{owner, repo, rev, sha256, ...}:
- pkgs.fetchFromGitHub { inherit owner repo rev sha256; } // args;
- fetchFromGitLab = args@{domain, owner, repo, rev, sha256, ...}:
- pkgs.fetchFromGitLab { inherit domain owner repo rev sha256; } // args;
+let fetchurl = args@{url, hash, ...}:
+ pkgs.fetchurl { inherit url hash; } // args;
+ fetchFromGitHub = args@{owner, repo, rev, hash, ...}:
+ pkgs.fetchFromGitHub { inherit owner repo rev hash; } // args;
+ fetchFromGitLab = args@{domain, owner, repo, rev, hash, ...}:
+ pkgs.fetchFromGitLab { inherit domain owner repo rev hash; } // args;
updateScriptPreamble = ''
set -eou pipefail
@@ -24,27 +24,27 @@ let fetchurl = args@{url, sha256, ...}:
in rec {
stable = fetchurl rec {
- version = "7.0.1";
- url = "https://dl.winehq.org/wine/source/7.0/wine-${version}.tar.xz";
- sha256 = "sha256-gHyqeBIbFiUPJA0oKKB8pOPGCXOeVSTvD0z4muSagWw=";
+ version = "8.0";
+ url = "https://dl.winehq.org/wine/source/8.0/wine-${version}.tar.xz";
+ hash = "sha256-AnLCCTj4chrkUQr6qLNgN0V91XZh5NZkIxB5uekceS4=";
## see http://wiki.winehq.org/Gecko
gecko32 = fetchurl rec {
version = "2.47.3";
url = "https://dl.winehq.org/wine/wine-gecko/${version}/wine-gecko-${version}-x86.msi";
- sha256 = "sha256-5bmwbTzjVWRqjS5y4ETjfh4MjRhGTrGYWtzRh6f0jgE=";
+ hash = "sha256-5bmwbTzjVWRqjS5y4ETjfh4MjRhGTrGYWtzRh6f0jgE=";
};
gecko64 = fetchurl rec {
version = "2.47.3";
url = "https://dl.winehq.org/wine/wine-gecko/${version}/wine-gecko-${version}-x86_64.msi";
- sha256 = "sha256-pT7pVDkrbR/j1oVF9uTiqXr7yNyLA6i0QzSVRc4TlnU=";
+ hash = "sha256-pT7pVDkrbR/j1oVF9uTiqXr7yNyLA6i0QzSVRc4TlnU=";
};
## see http://wiki.winehq.org/Mono
mono = fetchurl rec {
- version = "7.0.0";
+ version = "7.4.0";
url = "https://dl.winehq.org/wine/wine-mono/${version}/wine-mono-${version}-x86.msi";
- sha256 = "sha256-s35vyeWQ5YIkPcJdcqX8wzDDp5cN/cmKeoHSOEW6iQA=";
+ hash = "sha256-ZBP/Mo679+x2icZI/rNUbYEC3thlB50fvwMxsUs6sOw=";
};
patches = [
@@ -54,14 +54,14 @@ in rec {
updateScript = writeShellScript "update-wine-stable" (''
${updateScriptPreamble}
- major=''${UPDATE_NIX_OLD_VERSION%.*}
+ major=''${UPDATE_NIX_OLD_VERSION%%.*}
latest_stable=$(get_latest_wine_version "$major.0")
latest_gecko=$(get_latest_lib_version wine-gecko)
# Can't use autobump on stable because we don't want the path
#