Project import generated by Copybara.
GitOrigin-RevId: 296793637b22bdb4d23b479879eba0a71c132a66
This commit is contained in:
parent
fbfd9c6aa3
commit
51e09efdfc
469 changed files with 5841 additions and 3111 deletions
1
third_party/nixpkgs/.github/CODEOWNERS
vendored
1
third_party/nixpkgs/.github/CODEOWNERS
vendored
|
@ -12,6 +12,7 @@
|
|||
|
||||
# GitHub actions
|
||||
/.github/workflows @Mic92 @zowoq
|
||||
/.github/workflows/merge-staging @FRidh
|
||||
|
||||
# EditorConfig
|
||||
/.editorconfig @Mic92 @zowoq
|
||||
|
|
39
third_party/nixpkgs/.github/workflows/merge-staging.yml
vendored
Normal file
39
third_party/nixpkgs/.github/workflows/merge-staging.yml
vendored
Normal file
|
@ -0,0 +1,39 @@
|
|||
name: "merge staging(-next)"
|
||||
|
||||
on:
|
||||
schedule:
|
||||
# * is a special character in YAML so you have to quote this string
|
||||
# Merge every 6 hours
|
||||
- cron: '0 */6 * * *'
|
||||
|
||||
jobs:
|
||||
sync-branch:
|
||||
if: github.repository == 'NixOS/nixpkgs'
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
|
||||
- name: Merge master into staging-next
|
||||
uses: devmasx/merge-branch@v1.3.1
|
||||
with:
|
||||
type: now
|
||||
from_branch: master
|
||||
target_branch: staging-next
|
||||
github_token: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
- name: Merge staging-next into staging
|
||||
uses: devmasx/merge-branch@v1.3.1
|
||||
with:
|
||||
type: now
|
||||
from_branch: staging-next
|
||||
target_branch: staging
|
||||
github_token: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
- name: Comment on failure
|
||||
uses: peter-evans/create-or-update-comment@v1
|
||||
if: ${{ failure() }}
|
||||
with:
|
||||
issue-number: 105153
|
||||
body: |
|
||||
An automatic merge [failed](https://github.com/NixOS/nixpkgs/actions/runs/${{ github.run_id }}).
|
||||
|
119
third_party/nixpkgs/doc/builders/packages/emacs.section.md
vendored
Normal file
119
third_party/nixpkgs/doc/builders/packages/emacs.section.md
vendored
Normal file
|
@ -0,0 +1,119 @@
|
|||
# Emacs {#sec-emacs}
|
||||
|
||||
## Configuring Emacs
|
||||
|
||||
The Emacs package comes with some extra helpers to make it easier to configure. `emacsWithPackages` allows you to manage packages from ELPA. This means that you will not have to install that packages from within Emacs. For instance, if you wanted to use `company` `counsel`, `flycheck`, `ivy`, `magit`, `projectile`, and `use-package` you could use this as a `~/.config/nixpkgs/config.nix` override:
|
||||
|
||||
```nix
|
||||
{
|
||||
packageOverrides = pkgs: with pkgs; {
|
||||
myEmacs = emacsWithPackages (epkgs: (with epkgs.melpaStablePackages; [
|
||||
company
|
||||
counsel
|
||||
flycheck
|
||||
ivy
|
||||
magit
|
||||
projectile
|
||||
use-package
|
||||
]));
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
You can install it like any other packages via `nix-env -iA myEmacs`. However, this will only install those packages. It will not `configure` them for us. To do this, we need to provide a configuration file. Luckily, it is possible to do this from within Nix! By modifying the above example, we can make Emacs load a custom config file. The key is to create a package that provide a `default.el` file in `/share/emacs/site-start/`. Emacs knows to load this file automatically when it starts.
|
||||
|
||||
```nix
|
||||
{
|
||||
packageOverrides = pkgs: with pkgs; rec {
|
||||
myEmacsConfig = writeText "default.el" ''
|
||||
;; initialize package
|
||||
|
||||
(require 'package)
|
||||
(package-initialize 'noactivate)
|
||||
(eval-when-compile
|
||||
(require 'use-package))
|
||||
|
||||
;; load some packages
|
||||
|
||||
(use-package company
|
||||
:bind ("<C-tab>" . company-complete)
|
||||
:diminish company-mode
|
||||
:commands (company-mode global-company-mode)
|
||||
:defer 1
|
||||
:config
|
||||
(global-company-mode))
|
||||
|
||||
(use-package counsel
|
||||
:commands (counsel-descbinds)
|
||||
:bind (([remap execute-extended-command] . counsel-M-x)
|
||||
("C-x C-f" . counsel-find-file)
|
||||
("C-c g" . counsel-git)
|
||||
("C-c j" . counsel-git-grep)
|
||||
("C-c k" . counsel-ag)
|
||||
("C-x l" . counsel-locate)
|
||||
("M-y" . counsel-yank-pop)))
|
||||
|
||||
(use-package flycheck
|
||||
:defer 2
|
||||
:config (global-flycheck-mode))
|
||||
|
||||
(use-package ivy
|
||||
:defer 1
|
||||
:bind (("C-c C-r" . ivy-resume)
|
||||
("C-x C-b" . ivy-switch-buffer)
|
||||
:map ivy-minibuffer-map
|
||||
("C-j" . ivy-call))
|
||||
:diminish ivy-mode
|
||||
:commands ivy-mode
|
||||
:config
|
||||
(ivy-mode 1))
|
||||
|
||||
(use-package magit
|
||||
:defer
|
||||
:if (executable-find "git")
|
||||
:bind (("C-x g" . magit-status)
|
||||
("C-x G" . magit-dispatch-popup))
|
||||
:init
|
||||
(setq magit-completing-read-function 'ivy-completing-read))
|
||||
|
||||
(use-package projectile
|
||||
:commands projectile-mode
|
||||
:bind-keymap ("C-c p" . projectile-command-map)
|
||||
:defer 5
|
||||
:config
|
||||
(projectile-global-mode))
|
||||
'';
|
||||
|
||||
myEmacs = emacsWithPackages (epkgs: (with epkgs.melpaStablePackages; [
|
||||
(runCommand "default.el" {} ''
|
||||
mkdir -p $out/share/emacs/site-lisp
|
||||
cp ${myEmacsConfig} $out/share/emacs/site-lisp/default.el
|
||||
'')
|
||||
company
|
||||
counsel
|
||||
flycheck
|
||||
ivy
|
||||
magit
|
||||
projectile
|
||||
use-package
|
||||
]));
|
||||
};
|
||||
}
|
||||
```
|
||||
|
||||
This provides a fairly full Emacs start file. It will load in addition to the user's presonal config. You can always disable it by passing `-q` to the Emacs command.
|
||||
|
||||
Sometimes `emacsWithPackages` is not enough, as this package set has some priorities imposed on packages (with the lowest priority assigned to Melpa Unstable, and the highest for packages manually defined in `pkgs/top-level/emacs-packages.nix`). But you can't control this priorities when some package is installed as a dependency. You can override it on per-package-basis, providing all the required dependencies manually - but it's tedious and there is always a possibility that an unwanted dependency will sneak in through some other package. To completely override such a package you can use `overrideScope'`.
|
||||
|
||||
```nix
|
||||
overrides = self: super: rec {
|
||||
haskell-mode = self.melpaPackages.haskell-mode;
|
||||
...
|
||||
};
|
||||
((emacsPackagesGen emacs).overrideScope' overrides).emacsWithPackages
|
||||
(p: with p; [
|
||||
# here both these package will use haskell-mode of our own choice
|
||||
ghc-mod
|
||||
dante
|
||||
])
|
||||
```
|
131
third_party/nixpkgs/doc/builders/packages/emacs.xml
vendored
131
third_party/nixpkgs/doc/builders/packages/emacs.xml
vendored
|
@ -1,131 +0,0 @@
|
|||
<section xmlns="http://docbook.org/ns/docbook"
|
||||
xmlns:xlink="http://www.w3.org/1999/xlink"
|
||||
xml:id="sec-emacs">
|
||||
<title>Emacs</title>
|
||||
|
||||
<section xml:id="sec-emacs-config">
|
||||
<title>Configuring Emacs</title>
|
||||
|
||||
<para>
|
||||
The Emacs package comes with some extra helpers to make it easier to configure. <varname>emacsWithPackages</varname> allows you to manage packages from ELPA. This means that you will not have to install that packages from within Emacs. For instance, if you wanted to use <literal>company</literal>, <literal>counsel</literal>, <literal>flycheck</literal>, <literal>ivy</literal>, <literal>magit</literal>, <literal>projectile</literal>, and <literal>use-package</literal> you could use this as a <filename>~/.config/nixpkgs/config.nix</filename> override:
|
||||
</para>
|
||||
|
||||
<screen>
|
||||
{
|
||||
packageOverrides = pkgs: with pkgs; {
|
||||
myEmacs = emacsWithPackages (epkgs: (with epkgs.melpaStablePackages; [
|
||||
company
|
||||
counsel
|
||||
flycheck
|
||||
ivy
|
||||
magit
|
||||
projectile
|
||||
use-package
|
||||
]));
|
||||
}
|
||||
}
|
||||
</screen>
|
||||
|
||||
<para>
|
||||
You can install it like any other packages via <command>nix-env -iA myEmacs</command>. However, this will only install those packages. It will not <literal>configure</literal> them for us. To do this, we need to provide a configuration file. Luckily, it is possible to do this from within Nix! By modifying the above example, we can make Emacs load a custom config file. The key is to create a package that provide a <filename>default.el</filename> file in <filename>/share/emacs/site-start/</filename>. Emacs knows to load this file automatically when it starts.
|
||||
</para>
|
||||
|
||||
<screen>
|
||||
{
|
||||
packageOverrides = pkgs: with pkgs; rec {
|
||||
myEmacsConfig = writeText "default.el" ''
|
||||
;; initialize package
|
||||
|
||||
(require 'package)
|
||||
(package-initialize 'noactivate)
|
||||
(eval-when-compile
|
||||
(require 'use-package))
|
||||
|
||||
;; load some packages
|
||||
|
||||
(use-package company
|
||||
:bind ("<C-tab>" . company-complete)
|
||||
:diminish company-mode
|
||||
:commands (company-mode global-company-mode)
|
||||
:defer 1
|
||||
:config
|
||||
(global-company-mode))
|
||||
|
||||
(use-package counsel
|
||||
:commands (counsel-descbinds)
|
||||
:bind (([remap execute-extended-command] . counsel-M-x)
|
||||
("C-x C-f" . counsel-find-file)
|
||||
("C-c g" . counsel-git)
|
||||
("C-c j" . counsel-git-grep)
|
||||
("C-c k" . counsel-ag)
|
||||
("C-x l" . counsel-locate)
|
||||
("M-y" . counsel-yank-pop)))
|
||||
|
||||
(use-package flycheck
|
||||
:defer 2
|
||||
:config (global-flycheck-mode))
|
||||
|
||||
(use-package ivy
|
||||
:defer 1
|
||||
:bind (("C-c C-r" . ivy-resume)
|
||||
("C-x C-b" . ivy-switch-buffer)
|
||||
:map ivy-minibuffer-map
|
||||
("C-j" . ivy-call))
|
||||
:diminish ivy-mode
|
||||
:commands ivy-mode
|
||||
:config
|
||||
(ivy-mode 1))
|
||||
|
||||
(use-package magit
|
||||
:defer
|
||||
:if (executable-find "git")
|
||||
:bind (("C-x g" . magit-status)
|
||||
("C-x G" . magit-dispatch-popup))
|
||||
:init
|
||||
(setq magit-completing-read-function 'ivy-completing-read))
|
||||
|
||||
(use-package projectile
|
||||
:commands projectile-mode
|
||||
:bind-keymap ("C-c p" . projectile-command-map)
|
||||
:defer 5
|
||||
:config
|
||||
(projectile-global-mode))
|
||||
'';
|
||||
myEmacs = emacsWithPackages (epkgs: (with epkgs.melpaStablePackages; [
|
||||
(runCommand "default.el" {} ''
|
||||
mkdir -p $out/share/emacs/site-lisp
|
||||
cp ${myEmacsConfig} $out/share/emacs/site-lisp/default.el
|
||||
'')
|
||||
company
|
||||
counsel
|
||||
flycheck
|
||||
ivy
|
||||
magit
|
||||
projectile
|
||||
use-package
|
||||
]));
|
||||
};
|
||||
}
|
||||
</screen>
|
||||
|
||||
<para>
|
||||
This provides a fairly full Emacs start file. It will load in addition to the user's presonal config. You can always disable it by passing <command>-q</command> to the Emacs command.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Sometimes <varname>emacsWithPackages</varname> is not enough, as this package set has some priorities imposed on packages (with the lowest priority assigned to Melpa Unstable, and the highest for packages manually defined in <filename>pkgs/top-level/emacs-packages.nix</filename>). But you can't control this priorities when some package is installed as a dependency. You can override it on per-package-basis, providing all the required dependencies manually - but it's tedious and there is always a possibility that an unwanted dependency will sneak in through some other package. To completely override such a package you can use <varname>overrideScope'</varname>.
|
||||
</para>
|
||||
|
||||
<screen>
|
||||
overrides = self: super: rec {
|
||||
haskell-mode = self.melpaPackages.haskell-mode;
|
||||
...
|
||||
};
|
||||
((emacsPackagesGen emacs).overrideScope' overrides).emacsWithPackages (p: with p; [
|
||||
# here both these package will use haskell-mode of our own choice
|
||||
ghc-mod
|
||||
dante
|
||||
])
|
||||
</screen>
|
||||
</section>
|
||||
</section>
|
40
third_party/nixpkgs/doc/builders/packages/firefox.section.md
vendored
Normal file
40
third_party/nixpkgs/doc/builders/packages/firefox.section.md
vendored
Normal file
|
@ -0,0 +1,40 @@
|
|||
# Firefox
|
||||
|
||||
## Build wrapped Firefox with extensions and policies
|
||||
|
||||
The `wrapFirefox` function allows to pass policies, preferences and extension that are available to firefox. With the help of `fetchFirefoxAddon` this allows build a firefox version that already comes with addons pre-installed:
|
||||
|
||||
```nix
|
||||
{
|
||||
myFirefox = wrapFirefox firefox-unwrapped {
|
||||
extraExtensions = [
|
||||
(fetchFirefoxAddon {
|
||||
name = "ublock";
|
||||
url = "https://addons.mozilla.org/firefox/downloads/file/3679754/ublock_origin-1.31.0-an+fx.xpi";
|
||||
sha256 = "1h768ljlh3pi23l27qp961v1hd0nbj2vasgy11bmcrlqp40zgvnr";
|
||||
})
|
||||
];
|
||||
|
||||
extraPolicies = {
|
||||
CaptivePortal = false;
|
||||
DisableFirefoxStudies = true;
|
||||
DisablePocket = true;
|
||||
DisableTelemetry = true;
|
||||
DisableFirefoxAccounts = true;
|
||||
FirefoxHome = {
|
||||
Pocket = false;
|
||||
Snippets = false;
|
||||
};
|
||||
UserMessaging = {
|
||||
ExtensionRecommendations = false;
|
||||
SkipOnboarding = true;
|
||||
};
|
||||
};
|
||||
|
||||
extraPrefs = ''
|
||||
// Show more ssl cert infos
|
||||
lockPref("security.identityblock.show_extended_validation", true);
|
||||
'';
|
||||
};
|
||||
}
|
||||
```
|
|
@ -9,17 +9,18 @@
|
|||
<xi:include href="dlib.xml" />
|
||||
<xi:include href="eclipse.xml" />
|
||||
<xi:include href="elm.xml" />
|
||||
<xi:include href="emacs.xml" />
|
||||
<xi:include href="emacs.section.xml" />
|
||||
<xi:include href="firefox.section.xml" />
|
||||
<xi:include href="ibus.xml" />
|
||||
<xi:include href="kakoune.section.xml" />
|
||||
<xi:include href="linux.xml" />
|
||||
<xi:include href="linux.section.xml" />
|
||||
<xi:include href="locales.xml" />
|
||||
<xi:include href="nginx.xml" />
|
||||
<xi:include href="opengl.xml" />
|
||||
<xi:include href="nginx.section.xml" />
|
||||
<xi:include href="opengl.section.xml" />
|
||||
<xi:include href="shell-helpers.xml" />
|
||||
<xi:include href="steam.xml" />
|
||||
<xi:include href="cataclysm-dda.section.xml" />
|
||||
<xi:include href="urxvt.xml" />
|
||||
<xi:include href="weechat.xml" />
|
||||
<xi:include href="xorg.xml" />
|
||||
<xi:include href="weechat.section.xml" />
|
||||
<xi:include href="xorg.section.xml" />
|
||||
</chapter>
|
||||
|
|
41
third_party/nixpkgs/doc/builders/packages/linux.section.md
vendored
Normal file
41
third_party/nixpkgs/doc/builders/packages/linux.section.md
vendored
Normal file
|
@ -0,0 +1,41 @@
|
|||
# Linux kernel {#sec-linux-kernel}
|
||||
|
||||
The Nix expressions to build the Linux kernel are in [`pkgs/os-specific/linux/kernel`](https://github.com/NixOS/nixpkgs/blob/master/pkgs/os-specific/linux/kernel).
|
||||
|
||||
The function that builds the kernel has an argument `kernelPatches` which should be a list of `{name, patch, extraConfig}` attribute sets, where `name` is the name of the patch (which is included in the kernel’s `meta.description` attribute), `patch` is the patch itself (possibly compressed), and `extraConfig` (optional) is a string specifying extra options to be concatenated to the kernel configuration file (`.config`).
|
||||
|
||||
The kernel derivation exports an attribute `features` specifying whether optional functionality is or isn’t enabled. This is used in NixOS to implement kernel-specific behaviour. For instance, if the kernel has the `iwlwifi` feature (i.e. has built-in support for Intel wireless chipsets), then NixOS doesn’t have to build the external `iwlwifi` package:
|
||||
|
||||
```nix
|
||||
modulesTree = [kernel]
|
||||
++ pkgs.lib.optional (!kernel.features ? iwlwifi) kernelPackages.iwlwifi
|
||||
++ ...;
|
||||
```
|
||||
|
||||
How to add a new (major) version of the Linux kernel to Nixpkgs:
|
||||
|
||||
1. Copy the old Nix expression (e.g. `linux-2.6.21.nix`) to the new one (e.g. `linux-2.6.22.nix`) and update it.
|
||||
|
||||
2. Add the new kernel to `all-packages.nix` (e.g., create an attribute `kernel_2_6_22`).
|
||||
|
||||
3. Now we’re going to update the kernel configuration. First unpack the kernel. Then for each supported platform (`i686`, `x86_64`, `uml`) do the following:
|
||||
|
||||
1. Make an copy from the old config (e.g. `config-2.6.21-i686-smp`) to the new one (e.g. `config-2.6.22-i686-smp`).
|
||||
|
||||
2. Copy the config file for this platform (e.g. `config-2.6.22-i686-smp`) to `.config` in the kernel source tree.
|
||||
|
||||
3. Run `make oldconfig ARCH={i386,x86_64,um}` and answer all questions. (For the uml configuration, also add `SHELL=bash`.) Make sure to keep the configuration consistent between platforms (i.e. don’t enable some feature on `i686` and disable it on `x86_64`).
|
||||
|
||||
4. If needed you can also run `make menuconfig`:
|
||||
|
||||
```ShellSession
|
||||
$ nix-env -i ncurses
|
||||
$ export NIX_CFLAGS_LINK=-lncurses
|
||||
$ make menuconfig ARCH=arch
|
||||
```
|
||||
|
||||
5. Copy `.config` over the new config file (e.g. `config-2.6.22-i686-smp`).
|
||||
|
||||
4. Test building the kernel: `nix-build -A kernel_2_6_22`. If it compiles, ship it! For extra credit, try booting NixOS with it.
|
||||
|
||||
5. It may be that the new kernel requires updating the external kernel modules and kernel-dependent packages listed in the `linuxPackagesFor` function in `all-packages.nix` (such as the NVIDIA drivers, AUFS, etc.). If the updated packages aren’t backwards compatible with older kernels, you may need to keep the older versions around.
|
|
@ -1,85 +0,0 @@
|
|||
<section xmlns="http://docbook.org/ns/docbook"
|
||||
xmlns:xlink="http://www.w3.org/1999/xlink"
|
||||
xml:id="sec-linux-kernel">
|
||||
<title>Linux kernel</title>
|
||||
|
||||
<para>
|
||||
The Nix expressions to build the Linux kernel are in <link
|
||||
xlink:href="https://github.com/NixOS/nixpkgs/blob/master/pkgs/os-specific/linux/kernel"><filename>pkgs/os-specific/linux/kernel</filename></link>.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
The function that builds the kernel has an argument <varname>kernelPatches</varname> which should be a list of <literal>{name, patch, extraConfig}</literal> attribute sets, where <varname>name</varname> is the name of the patch (which is included in the kernel’s <varname>meta.description</varname> attribute), <varname>patch</varname> is the patch itself (possibly compressed), and <varname>extraConfig</varname> (optional) is a string specifying extra options to be concatenated to the kernel configuration file (<filename>.config</filename>).
|
||||
</para>
|
||||
|
||||
<para>
|
||||
The kernel derivation exports an attribute <varname>features</varname> specifying whether optional functionality is or isn’t enabled. This is used in NixOS to implement kernel-specific behaviour. For instance, if the kernel has the <varname>iwlwifi</varname> feature (i.e. has built-in support for Intel wireless chipsets), then NixOS doesn’t have to build the external <varname>iwlwifi</varname> package:
|
||||
<programlisting>
|
||||
modulesTree = [kernel]
|
||||
++ pkgs.lib.optional (!kernel.features ? iwlwifi) kernelPackages.iwlwifi
|
||||
++ ...;
|
||||
</programlisting>
|
||||
</para>
|
||||
|
||||
<para>
|
||||
How to add a new (major) version of the Linux kernel to Nixpkgs:
|
||||
<orderedlist>
|
||||
<listitem>
|
||||
<para>
|
||||
Copy the old Nix expression (e.g. <filename>linux-2.6.21.nix</filename>) to the new one (e.g. <filename>linux-2.6.22.nix</filename>) and update it.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
Add the new kernel to <filename>all-packages.nix</filename> (e.g., create an attribute <varname>kernel_2_6_22</varname>).
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
Now we’re going to update the kernel configuration. First unpack the kernel. Then for each supported platform (<literal>i686</literal>, <literal>x86_64</literal>, <literal>uml</literal>) do the following:
|
||||
<orderedlist>
|
||||
<listitem>
|
||||
<para>
|
||||
Make an copy from the old config (e.g. <filename>config-2.6.21-i686-smp</filename>) to the new one (e.g. <filename>config-2.6.22-i686-smp</filename>).
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
Copy the config file for this platform (e.g. <filename>config-2.6.22-i686-smp</filename>) to <filename>.config</filename> in the kernel source tree.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
Run <literal>make oldconfig ARCH=<replaceable>{i386,x86_64,um}</replaceable></literal> and answer all questions. (For the uml configuration, also add <literal>SHELL=bash</literal>.) Make sure to keep the configuration consistent between platforms (i.e. don’t enable some feature on <literal>i686</literal> and disable it on <literal>x86_64</literal>).
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
If needed you can also run <literal>make menuconfig</literal>:
|
||||
<screen>
|
||||
<prompt>$ </prompt>nix-env -i ncurses
|
||||
<prompt>$ </prompt>export NIX_CFLAGS_LINK=-lncurses
|
||||
<prompt>$ </prompt>make menuconfig ARCH=<replaceable>arch</replaceable></screen>
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
Copy <filename>.config</filename> over the new config file (e.g. <filename>config-2.6.22-i686-smp</filename>).
|
||||
</para>
|
||||
</listitem>
|
||||
</orderedlist>
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
Test building the kernel: <literal>nix-build -A kernel_2_6_22</literal>. If it compiles, ship it! For extra credit, try booting NixOS with it.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
It may be that the new kernel requires updating the external kernel modules and kernel-dependent packages listed in the <varname>linuxPackagesFor</varname> function in <filename>all-packages.nix</filename> (such as the NVIDIA drivers, AUFS, etc.). If the updated packages aren’t backwards compatible with older kernels, you may need to keep the older versions around.
|
||||
</para>
|
||||
</listitem>
|
||||
</orderedlist>
|
||||
</para>
|
||||
</section>
|
11
third_party/nixpkgs/doc/builders/packages/nginx.section.md
vendored
Normal file
11
third_party/nixpkgs/doc/builders/packages/nginx.section.md
vendored
Normal file
|
@ -0,0 +1,11 @@
|
|||
# Nginx {#sec-nginx}
|
||||
|
||||
[Nginx](https://nginx.org) is a reverse proxy and lightweight webserver.
|
||||
|
||||
## ETags on static files served from the Nix store {#sec-nginx-etag}
|
||||
|
||||
HTTP has a couple different mechanisms for caching to prevent clients from having to download the same content repeatedly if a resource has not changed since the last time it was requested. When nginx is used as a server for static files, it implements the caching mechanism based on the [`Last-Modified`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Last-Modified) response header automatically; unfortunately, it works by using filesystem timestamps to determine the value of the `Last-Modified` header. This doesn't give the desired behavior when the file is in the Nix store, because all file timestamps are set to 0 (for reasons related to build reproducibility).
|
||||
|
||||
Fortunately, HTTP supports an alternative (and more effective) caching mechanism: the [`ETag`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/ETag) response header. The value of the `ETag` header specifies some identifier for the particular content that the server is sending (e.g. a hash). When a client makes a second request for the same resource, it sends that value back in an `If-None-Match` header. If the ETag value is unchanged, then the server does not need to resend the content.
|
||||
|
||||
As of NixOS 19.09, the nginx package in Nixpkgs is patched such that when nginx serves a file out of `/nix/store`, the hash in the store path is used as the `ETag` header in the HTTP response, thus providing proper caching functionality. This happens automatically; you do not need to do modify any configuration to get this behavior.
|
|
@ -1,25 +0,0 @@
|
|||
<section xmlns="http://docbook.org/ns/docbook"
|
||||
xmlns:xlink="http://www.w3.org/1999/xlink"
|
||||
xml:id="sec-nginx">
|
||||
<title>Nginx</title>
|
||||
|
||||
<para>
|
||||
<link xlink:href="https://nginx.org/">Nginx</link> is a reverse proxy and lightweight webserver.
|
||||
</para>
|
||||
|
||||
<section xml:id="sec-nginx-etag">
|
||||
<title>ETags on static files served from the Nix store</title>
|
||||
|
||||
<para>
|
||||
HTTP has a couple different mechanisms for caching to prevent clients from having to download the same content repeatedly if a resource has not changed since the last time it was requested. When nginx is used as a server for static files, it implements the caching mechanism based on the <link xlink:href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Last-Modified"><literal>Last-Modified</literal></link> response header automatically; unfortunately, it works by using filesystem timestamps to determine the value of the <literal>Last-Modified</literal> header. This doesn't give the desired behavior when the file is in the Nix store, because all file timestamps are set to 0 (for reasons related to build reproducibility).
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Fortunately, HTTP supports an alternative (and more effective) caching mechanism: the <link xlink:href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/ETag"><literal>ETag</literal></link> response header. The value of the <literal>ETag</literal> header specifies some identifier for the particular content that the server is sending (e.g. a hash). When a client makes a second request for the same resource, it sends that value back in an <literal>If-None-Match</literal> header. If the ETag value is unchanged, then the server does not need to resend the content.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
As of NixOS 19.09, the nginx package in Nixpkgs is patched such that when nginx serves a file out of <filename>/nix/store</filename>, the hash in the store path is used as the <literal>ETag</literal> header in the HTTP response, thus providing proper caching functionality. This happens automatically; you do not need to do modify any configuration to get this behavior.
|
||||
</para>
|
||||
</section>
|
||||
</section>
|
15
third_party/nixpkgs/doc/builders/packages/opengl.section.md
vendored
Normal file
15
third_party/nixpkgs/doc/builders/packages/opengl.section.md
vendored
Normal file
|
@ -0,0 +1,15 @@
|
|||
# OpenGL {#sec-opengl}
|
||||
|
||||
OpenGL support varies depending on which hardware is used and which drivers are available and loaded.
|
||||
|
||||
Broadly, we support both GL vendors: Mesa and NVIDIA.
|
||||
|
||||
## NixOS Desktop
|
||||
|
||||
The NixOS desktop or other non-headless configurations are the primary target for OpenGL libraries and applications. The current solution for discovering which drivers are available is based on [libglvnd](https://gitlab.freedesktop.org/glvnd/libglvnd). `libglvnd` performs "vendor-neutral dispatch", trying a variety of techniques to find the system's GL implementation. In practice, this will be either via standard GLX for X11 users or EGL for Wayland users, and supporting either NVIDIA or Mesa extensions.
|
||||
|
||||
## Nix on GNU/Linux
|
||||
|
||||
If you are using a non-NixOS GNU/Linux/X11 desktop with free software video drivers, consider launching OpenGL-dependent programs from Nixpkgs with Nixpkgs versions of `libglvnd` and `mesa.drivers` in `LD_LIBRARY_PATH`. For Mesa drivers, the Linux kernel version doesn't have to match nixpkgs.
|
||||
|
||||
For proprietary video drivers you might have luck with also adding the corresponding video driver package.
|
|
@ -1,9 +0,0 @@
|
|||
<section xmlns="http://docbook.org/ns/docbook"
|
||||
xmlns:xlink="http://www.w3.org/1999/xlink"
|
||||
xml:id="sec-opengl">
|
||||
<title>OpenGL</title>
|
||||
|
||||
<para>
|
||||
Packages that use OpenGL have NixOS desktop as their primary target. The current solution for loading the GPU-specific drivers is based on <literal>libglvnd</literal> and looks for the driver implementation in <literal>LD_LIBRARY_PATH</literal>. If you are using a non-NixOS GNU/Linux/X11 desktop with free software video drivers, consider launching OpenGL-dependent programs from Nixpkgs with Nixpkgs versions of <literal>libglvnd</literal> and <literal>mesa.drivers</literal> in <literal>LD_LIBRARY_PATH</literal>. For proprietary video drivers you might have luck with also adding the corresponding video driver package.
|
||||
</para>
|
||||
</section>
|
85
third_party/nixpkgs/doc/builders/packages/weechat.section.md
vendored
Normal file
85
third_party/nixpkgs/doc/builders/packages/weechat.section.md
vendored
Normal file
|
@ -0,0 +1,85 @@
|
|||
# Weechat {#sec-weechat}
|
||||
|
||||
Weechat can be configured to include your choice of plugins, reducing its closure size from the default configuration which includes all available plugins. To make use of this functionality, install an expression that overrides its configuration such as
|
||||
|
||||
```nix
|
||||
weechat.override {configure = {availablePlugins, ...}: {
|
||||
plugins = with availablePlugins; [ python perl ];
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
If the `configure` function returns an attrset without the `plugins` attribute, `availablePlugins` will be used automatically.
|
||||
|
||||
The plugins currently available are `python`, `perl`, `ruby`, `guile`, `tcl` and `lua`.
|
||||
|
||||
The python and perl plugins allows the addition of extra libraries. For instance, the `inotify.py` script in `weechat-scripts` requires D-Bus or libnotify, and the `fish.py` script requires `pycrypto`. To use these scripts, use the plugin's `withPackages` attribute:
|
||||
|
||||
```nix
|
||||
weechat.override { configure = {availablePlugins, ...}: {
|
||||
plugins = with availablePlugins; [
|
||||
(python.withPackages (ps: with ps; [ pycrypto python-dbus ]))
|
||||
];
|
||||
};
|
||||
}
|
||||
```
|
||||
|
||||
In order to also keep all default plugins installed, it is possible to use the following method:
|
||||
|
||||
```nix
|
||||
weechat.override { configure = { availablePlugins, ... }: {
|
||||
plugins = builtins.attrValues (availablePlugins // {
|
||||
python = availablePlugins.python.withPackages (ps: with ps; [ pycrypto python-dbus ]);
|
||||
});
|
||||
}; }
|
||||
```
|
||||
|
||||
WeeChat allows to set defaults on startup using the `--run-command`. The `configure` method can be used to pass commands to the program:
|
||||
|
||||
```nix
|
||||
weechat.override {
|
||||
configure = { availablePlugins, ... }: {
|
||||
init = ''
|
||||
/set foo bar
|
||||
/server add freenode chat.freenode.org
|
||||
'';
|
||||
};
|
||||
}
|
||||
```
|
||||
|
||||
Further values can be added to the list of commands when running `weechat --run-command "your-commands"`.
|
||||
|
||||
Additionally it's possible to specify scripts to be loaded when starting `weechat`. These will be loaded before the commands from `init`:
|
||||
|
||||
```nix
|
||||
weechat.override {
|
||||
configure = { availablePlugins, ... }: {
|
||||
scripts = with pkgs.weechatScripts; [
|
||||
weechat-xmpp weechat-matrix-bridge wee-slack
|
||||
];
|
||||
init = ''
|
||||
/set plugins.var.python.jabber.key "val"
|
||||
'':
|
||||
};
|
||||
}
|
||||
```
|
||||
|
||||
In `nixpkgs` there's a subpackage which contains derivations for WeeChat scripts. Such derivations expect a `passthru.scripts` attribute which contains a list of all scripts inside the store path. Furthermore all scripts have to live in `$out/share`. An exemplary derivation looks like this:
|
||||
|
||||
```nix
|
||||
{ stdenv, fetchurl }:
|
||||
|
||||
stdenv.mkDerivation {
|
||||
name = "exemplary-weechat-script";
|
||||
src = fetchurl {
|
||||
url = "https://scripts.tld/your-scripts.tar.gz";
|
||||
sha256 = "...";
|
||||
};
|
||||
passthru.scripts = [ "foo.py" "bar.lua" ];
|
||||
installPhase = ''
|
||||
mkdir $out/share
|
||||
cp foo.py $out/share
|
||||
cp bar.lua $out/share
|
||||
'';
|
||||
}
|
||||
```
|
|
@ -1,85 +0,0 @@
|
|||
<section xmlns="http://docbook.org/ns/docbook"
|
||||
xmlns:xlink="http://www.w3.org/1999/xlink"
|
||||
xml:id="sec-weechat">
|
||||
<title>Weechat</title>
|
||||
|
||||
<para>
|
||||
Weechat can be configured to include your choice of plugins, reducing its closure size from the default configuration which includes all available plugins. To make use of this functionality, install an expression that overrides its configuration such as
|
||||
<programlisting>weechat.override {configure = {availablePlugins, ...}: {
|
||||
plugins = with availablePlugins; [ python perl ];
|
||||
}
|
||||
}</programlisting>
|
||||
If the <literal>configure</literal> function returns an attrset without the <literal>plugins</literal> attribute, <literal>availablePlugins</literal> will be used automatically.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
The plugins currently available are <literal>python</literal>, <literal>perl</literal>, <literal>ruby</literal>, <literal>guile</literal>, <literal>tcl</literal> and <literal>lua</literal>.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
The python and perl plugins allows the addition of extra libraries. For instance, the <literal>inotify.py</literal> script in weechat-scripts requires D-Bus or libnotify, and the <literal>fish.py</literal> script requires pycrypto. To use these scripts, use the plugin's <literal>withPackages</literal> attribute:
|
||||
<programlisting>weechat.override { configure = {availablePlugins, ...}: {
|
||||
plugins = with availablePlugins; [
|
||||
(python.withPackages (ps: with ps; [ pycrypto python-dbus ]))
|
||||
];
|
||||
};
|
||||
}
|
||||
</programlisting>
|
||||
</para>
|
||||
|
||||
<para>
|
||||
In order to also keep all default plugins installed, it is possible to use the following method:
|
||||
<programlisting>weechat.override { configure = { availablePlugins, ... }: {
|
||||
plugins = builtins.attrValues (availablePlugins // {
|
||||
python = availablePlugins.python.withPackages (ps: with ps; [ pycrypto python-dbus ]);
|
||||
});
|
||||
}; }
|
||||
</programlisting>
|
||||
</para>
|
||||
|
||||
<para>
|
||||
WeeChat allows to set defaults on startup using the <literal>--run-command</literal>. The <literal>configure</literal> method can be used to pass commands to the program:
|
||||
<programlisting>weechat.override {
|
||||
configure = { availablePlugins, ... }: {
|
||||
init = ''
|
||||
/set foo bar
|
||||
/server add freenode chat.freenode.org
|
||||
'';
|
||||
};
|
||||
}</programlisting>
|
||||
Further values can be added to the list of commands when running <literal>weechat --run-command "your-commands"</literal>.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Additionally it's possible to specify scripts to be loaded when starting <literal>weechat</literal>. These will be loaded before the commands from <literal>init</literal>:
|
||||
<programlisting>weechat.override {
|
||||
configure = { availablePlugins, ... }: {
|
||||
scripts = with pkgs.weechatScripts; [
|
||||
weechat-xmpp weechat-matrix-bridge wee-slack
|
||||
];
|
||||
init = ''
|
||||
/set plugins.var.python.jabber.key "val"
|
||||
'':
|
||||
};
|
||||
}</programlisting>
|
||||
</para>
|
||||
|
||||
<para>
|
||||
In <literal>nixpkgs</literal> there's a subpackage which contains derivations for WeeChat scripts. Such derivations expect a <literal>passthru.scripts</literal> attribute which contains a list of all scripts inside the store path. Furthermore all scripts have to live in <literal>$out/share</literal>. An exemplary derivation looks like this:
|
||||
<programlisting>{ stdenv, fetchurl }:
|
||||
|
||||
stdenv.mkDerivation {
|
||||
name = "exemplary-weechat-script";
|
||||
src = fetchurl {
|
||||
url = "https://scripts.tld/your-scripts.tar.gz";
|
||||
sha256 = "...";
|
||||
};
|
||||
passthru.scripts = [ "foo.py" "bar.lua" ];
|
||||
installPhase = ''
|
||||
mkdir $out/share
|
||||
cp foo.py $out/share
|
||||
cp bar.lua $out/share
|
||||
'';
|
||||
}</programlisting>
|
||||
</para>
|
||||
</section>
|
34
third_party/nixpkgs/doc/builders/packages/xorg.section.md
vendored
Normal file
34
third_party/nixpkgs/doc/builders/packages/xorg.section.md
vendored
Normal file
|
@ -0,0 +1,34 @@
|
|||
# X.org {#sec-xorg}
|
||||
|
||||
The Nix expressions for the X.org packages reside in `pkgs/servers/x11/xorg/default.nix`. This file is automatically generated from lists of tarballs in an X.org release. As such it should not be modified directly; rather, you should modify the lists, the generator script or the file `pkgs/servers/x11/xorg/overrides.nix`, in which you can override or add to the derivations produced by the generator.
|
||||
|
||||
## Katamari Tarballs
|
||||
|
||||
X.org upstream releases used to include [katamari](https://en.wiktionary.org/wiki/%E3%81%8B%E3%81%9F%E3%81%BE%E3%82%8A) releases, which included a holistic recommended version for each tarball, up until 7.7. To create a list of tarballs in a katamari release:
|
||||
|
||||
```ShellSession
|
||||
export release="X11R7.7"
|
||||
export url="mirror://xorg/$release/src/everything/"
|
||||
cat $(PRINT_PATH=1 nix-prefetch-url $url | tail -n 1) \
|
||||
| perl -e 'while (<>) { if (/(href|HREF)="([^"]*.bz2)"/) { print "$ENV{'url'}$2\n"; }; }' \
|
||||
| sort > "tarballs-$release.list"
|
||||
```
|
||||
|
||||
## Individual Tarballs
|
||||
|
||||
The upstream release process for [X11R7.8](https://x.org/wiki/Releases/7.8/) does not include a planned katamari. Instead, each component of X.org is released as its own tarball. We maintain `pkgs/servers/x11/xorg/tarballs.list` as a list of tarballs for each individual package. This list includes X.org core libraries and protocol descriptions, extra newer X11 interface libraries, like `xorg.libxcb`, and classic utilities which are largely unused but still available if needed, like `xorg.imake`.
|
||||
|
||||
## Generating Nix Expressions
|
||||
|
||||
The generator is invoked as follows:
|
||||
|
||||
```ShellSession
|
||||
cd pkgs/servers/x11/xorg
|
||||
<tarballs.list perl ./generate-expr-from-tarballs.pl
|
||||
```
|
||||
|
||||
For each of the tarballs in the `.list` files, the script downloads it, unpacks it, and searches its `configure.ac` and `*.pc.in` files for dependencies. This information is used to generate `default.nix`. The generator caches downloaded tarballs between runs. Pay close attention to the `NOT FOUND: $NAME` messages at the end of the run, since they may indicate missing dependencies. (Some might be optional dependencies, however.)
|
||||
|
||||
## Overriding the Generator
|
||||
|
||||
If the expression for a package requires derivation attributes that the generator cannot figure out automatically (say, `patches` or a `postInstall` hook), you should modify `pkgs/servers/x11/xorg/overrides.nix`.
|
|
@ -1,34 +0,0 @@
|
|||
<section xmlns="http://docbook.org/ns/docbook"
|
||||
xmlns:xlink="http://www.w3.org/1999/xlink"
|
||||
xml:id="sec-xorg">
|
||||
<title>X.org</title>
|
||||
|
||||
<para>
|
||||
The Nix expressions for the X.org packages reside in <filename>pkgs/servers/x11/xorg/default.nix</filename>. This file is automatically generated from lists of tarballs in an X.org release. As such it should not be modified directly; rather, you should modify the lists, the generator script or the file <filename>pkgs/servers/x11/xorg/overrides.nix</filename>, in which you can override or add to the derivations produced by the generator.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
The generator is invoked as follows:
|
||||
<screen>
|
||||
<prompt>$ </prompt>cd pkgs/servers/x11/xorg
|
||||
<prompt>$ </prompt>cat tarballs-7.5.list extra.list old.list \
|
||||
| perl ./generate-expr-from-tarballs.pl
|
||||
</screen>
|
||||
For each of the tarballs in the <filename>.list</filename> files, the script downloads it, unpacks it, and searches its <filename>configure.ac</filename> and <filename>*.pc.in</filename> files for dependencies. This information is used to generate <filename>default.nix</filename>. The generator caches downloaded tarballs between runs. Pay close attention to the <literal>NOT FOUND: <replaceable>name</replaceable></literal> messages at the end of the run, since they may indicate missing dependencies. (Some might be optional dependencies, however.)
|
||||
</para>
|
||||
|
||||
<para>
|
||||
A file like <filename>tarballs-7.5.list</filename> contains all tarballs in a X.org release. It can be generated like this:
|
||||
<screen>
|
||||
<prompt>$ </prompt>export i="mirror://xorg/X11R7.4/src/everything/"
|
||||
<prompt>$ </prompt>cat $(PRINT_PATH=1 nix-prefetch-url $i | tail -n 1) \
|
||||
| perl -e 'while (<>) { if (/(href|HREF)="([^"]*.bz2)"/) { print "$ENV{'i'}$2\n"; }; }' \
|
||||
| sort > tarballs-7.4.list
|
||||
</screen>
|
||||
<filename>extra.list</filename> contains libraries that aren’t part of X.org proper, but are closely related to it, such as <literal>libxcb</literal>. <filename>old.list</filename> contains some packages that were removed from X.org, but are still needed by some people or by other packages (such as <varname>imake</varname>).
|
||||
</para>
|
||||
|
||||
<para>
|
||||
If the expression for a package requires derivation attributes that the generator cannot figure out automatically (say, <varname>patches</varname> or a <varname>postInstall</varname> hook), you should modify <filename>pkgs/servers/x11/xorg/overrides.nix</filename>.
|
||||
</para>
|
||||
</section>
|
|
@ -467,12 +467,8 @@
|
|||
It is possible for community members that have enough knowledge and experience on a special topic to contribute by merging pull requests.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
TODO: add the procedure to request merging rights.
|
||||
</para>
|
||||
|
||||
<!--
|
||||
The following paragraph about how to deal with unactive contributors is just a
|
||||
The following paragraphs about how to deal with unactive contributors is just a
|
||||
proposition and should be modified to what the community agrees to be the right
|
||||
policy.
|
||||
|
||||
|
@ -480,6 +476,10 @@ policy.
|
|||
three months will have their commit rights revoked.</para>
|
||||
-->
|
||||
|
||||
<para>
|
||||
Please see the discussion in <link xlink:href="https://github.com/NixOS/nixpkgs/issues/50105">GitHub nixpkgs issue #50105</link> for information on how to proceed to be granted this level of access.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
In a case a contributor definitively leaves the Nix community, they should create an issue or post on <link
|
||||
xlink:href="https://discourse.nixos.org">Discourse</link> with references of packages and modules they maintain so the maintainership can be taken over by other contributors.
|
||||
|
|
40
third_party/nixpkgs/doc/languages-frameworks/coq.section.md
vendored
Normal file
40
third_party/nixpkgs/doc/languages-frameworks/coq.section.md
vendored
Normal file
|
@ -0,0 +1,40 @@
|
|||
# Coq {#sec-language-coq}
|
||||
|
||||
Coq libraries should be installed in `$(out)/lib/coq/${coq.coq-version}/user-contrib/`. Such directories are automatically added to the `$COQPATH` environment variable by the hook defined in the Coq derivation.
|
||||
|
||||
Some extensions (plugins) might require OCaml and sometimes other OCaml packages. The `coq.ocamlPackages` attribute can be used to depend on the same package set Coq was built against.
|
||||
|
||||
Coq libraries may be compatible with some specific versions of Coq only. The `compatibleCoqVersions` attribute is used to precisely select those versions of Coq that are compatible with this derivation.
|
||||
|
||||
Here is a simple package example. It is a pure Coq library, thus it depends on Coq. It builds on the Mathematical Components library, thus it also takes `mathcomp` as `buildInputs`. Its `Makefile` has been generated using `coq_makefile` so we only have to set the `$COQLIB` variable at install time.
|
||||
|
||||
```nix
|
||||
{ stdenv, fetchFromGitHub, coq, mathcomp }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "coq${coq.coq-version}-multinomials-${version}";
|
||||
version = "1.0";
|
||||
src = fetchFromGitHub {
|
||||
owner = "math-comp";
|
||||
repo = "multinomials";
|
||||
rev = version;
|
||||
sha256 = "1qmbxp1h81cy3imh627pznmng0kvv37k4hrwi2faa101s6bcx55m";
|
||||
};
|
||||
|
||||
buildInputs = [ coq ];
|
||||
propagatedBuildInputs = [ mathcomp ];
|
||||
|
||||
installFlags = "COQLIB=$(out)/lib/coq/${coq.coq-version}/";
|
||||
|
||||
meta = {
|
||||
description = "A Coq/SSReflect Library for Monoidal Rings and Multinomials";
|
||||
inherit (src.meta) homepage;
|
||||
license = stdenv.lib.licenses.cecill-b;
|
||||
inherit (coq.meta) platforms;
|
||||
};
|
||||
|
||||
passthru = {
|
||||
compatibleCoqVersions = v: builtins.elem v [ "8.5" "8.6" "8.7" ];
|
||||
};
|
||||
}
|
||||
```
|
|
@ -1,52 +0,0 @@
|
|||
<section xmlns="http://docbook.org/ns/docbook"
|
||||
xmlns:xlink="http://www.w3.org/1999/xlink"
|
||||
xml:id="sec-language-coq">
|
||||
<title>Coq</title>
|
||||
|
||||
<para>
|
||||
Coq libraries should be installed in <literal>$(out)/lib/coq/${coq.coq-version}/user-contrib/</literal>. Such directories are automatically added to the <literal>$COQPATH</literal> environment variable by the hook defined in the Coq derivation.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Some extensions (plugins) might require OCaml and sometimes other OCaml packages. The <literal>coq.ocamlPackages</literal> attribute can be used to depend on the same package set Coq was built against.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Coq libraries may be compatible with some specific versions of Coq only. The <literal>compatibleCoqVersions</literal> attribute is used to precisely select those versions of Coq that are compatible with this derivation.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Here is a simple package example. It is a pure Coq library, thus it depends on Coq. It builds on the Mathematical Components library, thus it also takes <literal>mathcomp</literal> as <literal>buildInputs</literal>. Its <literal>Makefile</literal> has been generated using <literal>coq_makefile</literal> so we only have to set the <literal>$COQLIB</literal> variable at install time.
|
||||
</para>
|
||||
|
||||
<programlisting>
|
||||
{ stdenv, fetchFromGitHub, coq, mathcomp }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "coq${coq.coq-version}-multinomials-${version}";
|
||||
version = "1.0";
|
||||
src = fetchFromGitHub {
|
||||
owner = "math-comp";
|
||||
repo = "multinomials";
|
||||
rev = version;
|
||||
sha256 = "1qmbxp1h81cy3imh627pznmng0kvv37k4hrwi2faa101s6bcx55m";
|
||||
};
|
||||
|
||||
buildInputs = [ coq ];
|
||||
propagatedBuildInputs = [ mathcomp ];
|
||||
|
||||
installFlags = "COQLIB=$(out)/lib/coq/${coq.coq-version}/";
|
||||
|
||||
meta = {
|
||||
description = "A Coq/SSReflect Library for Monoidal Rings and Multinomials";
|
||||
inherit (src.meta) homepage;
|
||||
license = stdenv.lib.licenses.cecill-b;
|
||||
inherit (coq.meta) platforms;
|
||||
};
|
||||
|
||||
passthru = {
|
||||
compatibleCoqVersions = v: builtins.elem v [ "8.5" "8.6" "8.7" ];
|
||||
};
|
||||
}
|
||||
</programlisting>
|
||||
</section>
|
|
@ -9,7 +9,7 @@
|
|||
<xi:include href="android.section.xml" />
|
||||
<xi:include href="beam.section.xml" />
|
||||
<xi:include href="bower.xml" />
|
||||
<xi:include href="coq.xml" />
|
||||
<xi:include href="coq.section.xml" />
|
||||
<xi:include href="crystal.section.xml" />
|
||||
<xi:include href="emscripten.section.xml" />
|
||||
<xi:include href="gnome.xml" />
|
||||
|
@ -17,7 +17,7 @@
|
|||
<xi:include href="haskell.section.xml" />
|
||||
<xi:include href="idris.section.xml" />
|
||||
<xi:include href="ios.section.xml" />
|
||||
<xi:include href="java.xml" />
|
||||
<xi:include href="java.section.xml" />
|
||||
<xi:include href="lua.section.xml" />
|
||||
<xi:include href="maven.section.xml" />
|
||||
<xi:include href="node.section.xml" />
|
||||
|
@ -29,7 +29,7 @@
|
|||
<xi:include href="r.section.xml" />
|
||||
<xi:include href="ruby.section.xml" />
|
||||
<xi:include href="rust.section.xml" />
|
||||
<xi:include href="texlive.xml" />
|
||||
<xi:include href="texlive.section.xml" />
|
||||
<xi:include href="titanium.section.xml" />
|
||||
<xi:include href="vim.section.xml" />
|
||||
</chapter>
|
||||
|
|
91
third_party/nixpkgs/doc/languages-frameworks/java.section.md
vendored
Normal file
91
third_party/nixpkgs/doc/languages-frameworks/java.section.md
vendored
Normal file
|
@ -0,0 +1,91 @@
|
|||
# Java {#sec-language-java}
|
||||
|
||||
Ant-based Java packages are typically built from source as follows:
|
||||
|
||||
```nix
|
||||
stdenv.mkDerivation {
|
||||
name = "...";
|
||||
src = fetchurl { ... };
|
||||
|
||||
nativeBuildInputs = [ jdk ant ];
|
||||
|
||||
buildPhase = "ant";
|
||||
}
|
||||
```
|
||||
|
||||
Note that `jdk` is an alias for the OpenJDK (self-built where available,
|
||||
or pre-built via Zulu). Platforms with OpenJDK not (yet) in Nixpkgs
|
||||
(`Aarch32`, `Aarch64`) point to the (unfree) `oraclejdk`.
|
||||
|
||||
JAR files that are intended to be used by other packages should be
|
||||
installed in `$out/share/java`. JDKs have a stdenv setup hook that add
|
||||
any JARs in the `share/java` directories of the build inputs to the
|
||||
`CLASSPATH` environment variable. For instance, if the package `libfoo`
|
||||
installs a JAR named `foo.jar` in its `share/java` directory, and
|
||||
another package declares the attribute
|
||||
|
||||
```nix
|
||||
buildInputs = [ libfoo ];
|
||||
nativeBuildInputs = [ jdk ];
|
||||
```
|
||||
|
||||
then `CLASSPATH` will be set to
|
||||
`/nix/store/...-libfoo/share/java/foo.jar`.
|
||||
|
||||
Private JARs should be installed in a location like
|
||||
`$out/share/package-name`.
|
||||
|
||||
If your Java package provides a program, you need to generate a wrapper
|
||||
script to run it using a JRE. You can use `makeWrapper` for this:
|
||||
|
||||
```nix
|
||||
nativeBuildInputs = [ makeWrapper ];
|
||||
|
||||
installPhase = ''
|
||||
mkdir -p $out/bin
|
||||
makeWrapper ${jre}/bin/java $out/bin/foo \
|
||||
--add-flags "-cp $out/share/java/foo.jar org.foo.Main"
|
||||
'';
|
||||
```
|
||||
|
||||
Since the introduction of the Java Platform Module System in Java 9,
|
||||
Java distributions typically no longer ship with a general-purpose JRE:
|
||||
instead, they allow generating a JRE with only the modules required for
|
||||
your application(s). Because we can't predict what modules will be
|
||||
needed on a general-purpose system, the default jre package is the full
|
||||
JDK. When building a minimal system/image, you can override the
|
||||
`modules` parameter on `jre_minimal` to build a JRE with only the
|
||||
modules relevant for you:
|
||||
|
||||
```nix
|
||||
let
|
||||
my_jre = pkgs.jre_minimal.override {
|
||||
modules = [
|
||||
# The modules used by 'something' and 'other' combined:
|
||||
"java.base"
|
||||
"java.logging"
|
||||
];
|
||||
};
|
||||
something = (pkgs.something.override { jre = my_jre; });
|
||||
other = (pkgs.other.override { jre = my_jre; });
|
||||
in
|
||||
...
|
||||
```
|
||||
|
||||
Note all JDKs passthru `home`, so if your application requires
|
||||
environment variables like `JAVA_HOME` being set, that can be done in a
|
||||
generic fashion with the `--set` argument of `makeWrapper`:
|
||||
|
||||
```bash
|
||||
--set JAVA_HOME ${jdk.home}
|
||||
```
|
||||
|
||||
It is possible to use a different Java compiler than `javac` from the
|
||||
OpenJDK. For instance, to use the GNU Java Compiler:
|
||||
|
||||
```nix
|
||||
nativeBuildInputs = [ gcj ant ];
|
||||
```
|
||||
|
||||
Here, Ant will automatically use `gij` (the GNU Java Runtime) instead of
|
||||
the OpenJRE.
|
|
@ -1,77 +0,0 @@
|
|||
<section xmlns="http://docbook.org/ns/docbook"
|
||||
xmlns:xlink="http://www.w3.org/1999/xlink"
|
||||
xml:id="sec-language-java">
|
||||
<title>Java</title>
|
||||
|
||||
<para>
|
||||
Ant-based Java packages are typically built from source as follows:
|
||||
<programlisting>
|
||||
stdenv.mkDerivation {
|
||||
name = "...";
|
||||
src = fetchurl { ... };
|
||||
|
||||
nativeBuildInputs = [ jdk ant ];
|
||||
|
||||
buildPhase = "ant";
|
||||
}
|
||||
</programlisting>
|
||||
Note that <varname>jdk</varname> is an alias for the OpenJDK (self-built where available, or pre-built via Zulu). Platforms with OpenJDK not (yet) in Nixpkgs (<literal>Aarch32</literal>, <literal>Aarch64</literal>) point to the (unfree) <literal>oraclejdk</literal>.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
JAR files that are intended to be used by other packages should be installed in <filename>$out/share/java</filename>. JDKs have a stdenv setup hook that add any JARs in the <filename>share/java</filename> directories of the build inputs to the <envar>CLASSPATH</envar> environment variable. For instance, if the package <literal>libfoo</literal> installs a JAR named <filename>foo.jar</filename> in its <filename>share/java</filename> directory, and another package declares the attribute
|
||||
<programlisting>
|
||||
buildInputs = [ libfoo ];
|
||||
nativeBuildInputs = [ jdk ];
|
||||
</programlisting>
|
||||
then <envar>CLASSPATH</envar> will be set to <filename>/nix/store/...-libfoo/share/java/foo.jar</filename>.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Private JARs should be installed in a location like <filename>$out/share/<replaceable>package-name</replaceable></filename>.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
If your Java package provides a program, you need to generate a wrapper script to run it using a JRE. You can use <literal>makeWrapper</literal> for this:
|
||||
<programlisting>
|
||||
nativeBuildInputs = [ makeWrapper ];
|
||||
|
||||
installPhase =
|
||||
''
|
||||
mkdir -p $out/bin
|
||||
makeWrapper ${jre}/bin/java $out/bin/foo \
|
||||
--add-flags "-cp $out/share/java/foo.jar org.foo.Main"
|
||||
'';
|
||||
</programlisting>
|
||||
Since the introduction of the Java Platform Module System in Java 9, Java distributions typically no longer ship with a general-purpose JRE: instead, they allow generating a JRE with only the modules required for your application(s). Because we can't predict what modules will be needed on a general-purpose system, the default <package>jre</package> package is the full JDK. When building a minimal system/image, you can override the <literal>modules</literal> parameter on <literal>jre_minimal</literal> to build a JRE with only the modules relevant for you:
|
||||
<programlisting>
|
||||
let
|
||||
my_jre = pkgs.jre_minimal.override {
|
||||
modules = [
|
||||
# The modules used by 'something' and 'other' combined:
|
||||
"java.base"
|
||||
"java.logging"
|
||||
];
|
||||
};
|
||||
something = (pkgs.something.override { jre = my_jre; });
|
||||
other = (pkgs.other.override { jre = my_jre; });
|
||||
in
|
||||
...
|
||||
</programlisting>
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Note all JDKs passthru <literal>home</literal>, so if your application requires environment variables like <envar>JAVA_HOME</envar> being set, that can be done in a generic fashion with the <literal>--set</literal> argument of <literal>makeWrapper</literal>:
|
||||
<programlisting>
|
||||
--set JAVA_HOME ${jdk.home}
|
||||
</programlisting>
|
||||
</para>
|
||||
|
||||
<para>
|
||||
It is possible to use a different Java compiler than <command>javac</command> from the OpenJDK. For instance, to use the GNU Java Compiler:
|
||||
<programlisting>
|
||||
nativeBuildInputs = [ gcj ant ];
|
||||
</programlisting>
|
||||
Here, Ant will automatically use <command>gij</command> (the GNU Java Runtime) instead of the OpenJRE.
|
||||
</para>
|
||||
</section>
|
128
third_party/nixpkgs/doc/languages-frameworks/texlive.section.md
vendored
Normal file
128
third_party/nixpkgs/doc/languages-frameworks/texlive.section.md
vendored
Normal file
|
@ -0,0 +1,128 @@
|
|||
|
||||
# TeX Live {#sec-language-texlive}
|
||||
|
||||
Since release 15.09 there is a new TeX Live packaging that lives entirely under attribute `texlive`.
|
||||
|
||||
## User's guide {#sec-language-texlive-user-guide}
|
||||
|
||||
- For basic usage just pull `texlive.combined.scheme-basic` for an environment with basic LaTeX support.
|
||||
- It typically won't work to use separately installed packages together. Instead, you can build a custom set of packages like this:
|
||||
|
||||
```nix
|
||||
texlive.combine {
|
||||
inherit (texlive) scheme-small collection-langkorean algorithms cm-super;
|
||||
}
|
||||
```
|
||||
|
||||
- There are all the schemes, collections and a few thousand packages, as defined upstream (perhaps with tiny differences).
|
||||
- By default you only get executables and files needed during runtime, and a little documentation for the core packages. To change that, you need to add `pkgFilter` function to `combine`.
|
||||
|
||||
```nix
|
||||
texlive.combine {
|
||||
# inherit (texlive) whatever-you-want;
|
||||
pkgFilter = pkg:
|
||||
pkg.tlType == "run" || pkg.tlType == "bin" || pkg.pname == "cm-super";
|
||||
# elem tlType [ "run" "bin" "doc" "source" ]
|
||||
# there are also other attributes: version, name
|
||||
}
|
||||
```
|
||||
|
||||
- You can list packages e.g. by `nix repl`.
|
||||
|
||||
```ShellSession
|
||||
$ nix repl
|
||||
nix-repl> :l <nixpkgs>
|
||||
nix-repl> texlive.collection-[TAB]
|
||||
```
|
||||
|
||||
- Note that the wrapper assumes that the result has a chance to be useful. For example, the core executables should be present, as well as some core data files. The supported way of ensuring this is by including some scheme, for example `scheme-basic`, into the combination.
|
||||
|
||||
## Custom packages {#sec-language-texlive-custom-packages}
|
||||
|
||||
|
||||
You may find that you need to use an external TeX package. A derivation for such package has to provide contents of the "texmf" directory in its output and provide the `tlType` attribute. Here is a (very verbose) example:
|
||||
|
||||
```nix
|
||||
with import <nixpkgs> {};
|
||||
|
||||
let
|
||||
foiltex_run = stdenvNoCC.mkDerivation {
|
||||
pname = "latex-foiltex";
|
||||
version = "2.1.4b";
|
||||
passthru.tlType = "run";
|
||||
|
||||
srcs = [
|
||||
(fetchurl {
|
||||
url = "http://mirrors.ctan.org/macros/latex/contrib/foiltex/foiltex.dtx";
|
||||
sha256 = "07frz0krpz7kkcwlayrwrj2a2pixmv0icbngyw92srp9fp23cqpz";
|
||||
})
|
||||
(fetchurl {
|
||||
url = "http://mirrors.ctan.org/macros/latex/contrib/foiltex/foiltex.ins";
|
||||
sha256 = "09wkyidxk3n3zvqxfs61wlypmbhi1pxmjdi1kns9n2ky8ykbff99";
|
||||
})
|
||||
];
|
||||
|
||||
unpackPhase = ''
|
||||
runHook preUnpack
|
||||
|
||||
for _src in $srcs; do
|
||||
cp "$_src" $(stripHash "$_src")
|
||||
done
|
||||
|
||||
runHook postUnpack
|
||||
'';
|
||||
|
||||
nativeBuildInputs = [ texlive.combined.scheme-small ];
|
||||
|
||||
dontConfigure = true;
|
||||
|
||||
buildPhase = ''
|
||||
runHook preBuild
|
||||
|
||||
# Generate the style files
|
||||
latex foiltex.ins
|
||||
|
||||
runHook postBuild
|
||||
'';
|
||||
|
||||
installPhase = ''
|
||||
runHook preInstall
|
||||
|
||||
path="$out/tex/latex/foiltex"
|
||||
mkdir -p "$path"
|
||||
cp *.{cls,def,clo} "$path/"
|
||||
|
||||
runHook postInstall
|
||||
'';
|
||||
|
||||
meta = with lib; {
|
||||
description = "A LaTeX2e class for overhead transparencies";
|
||||
license = licenses.unfreeRedistributable;
|
||||
maintainers = with maintainers; [ veprbl ];
|
||||
platforms = platforms.all;
|
||||
};
|
||||
};
|
||||
foiltex = { pkgs = [ foiltex_run ]; };
|
||||
|
||||
latex_with_foiltex = texlive.combine {
|
||||
inherit (texlive) scheme-small;
|
||||
inherit foiltex;
|
||||
};
|
||||
in
|
||||
runCommand "test.pdf" {
|
||||
nativeBuildInputs = [ latex_with_foiltex ];
|
||||
} ''
|
||||
cat >test.tex <<EOF
|
||||
\documentclass{foils}
|
||||
|
||||
\title{Presentation title}
|
||||
\date{}
|
||||
|
||||
\begin{document}
|
||||
\maketitle
|
||||
\end{document}
|
||||
EOF
|
||||
pdflatex test.tex
|
||||
cp test.pdf $out
|
||||
''
|
||||
```
|
|
@ -1,152 +0,0 @@
|
|||
<section xmlns="http://docbook.org/ns/docbook"
|
||||
xmlns:xlink="http://www.w3.org/1999/xlink"
|
||||
xml:id="sec-language-texlive">
|
||||
<title>TeX Live</title>
|
||||
|
||||
<para>
|
||||
Since release 15.09 there is a new TeX Live packaging that lives entirely under attribute <varname>texlive</varname>.
|
||||
</para>
|
||||
|
||||
<section xml:id="sec-language-texlive-users-guide">
|
||||
<title>User's guide</title>
|
||||
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
<para>
|
||||
For basic usage just pull <varname>texlive.combined.scheme-basic</varname> for an environment with basic LaTeX support.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
It typically won't work to use separately installed packages together. Instead, you can build a custom set of packages like this:
|
||||
<programlisting>
|
||||
texlive.combine {
|
||||
inherit (texlive) scheme-small collection-langkorean algorithms cm-super;
|
||||
}
|
||||
</programlisting>
|
||||
There are all the schemes, collections and a few thousand packages, as defined upstream (perhaps with tiny differences).
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
By default you only get executables and files needed during runtime, and a little documentation for the core packages. To change that, you need to add <varname>pkgFilter</varname> function to <varname>combine</varname>.
|
||||
<programlisting>
|
||||
texlive.combine {
|
||||
# inherit (texlive) whatever-you-want;
|
||||
pkgFilter = pkg:
|
||||
pkg.tlType == "run" || pkg.tlType == "bin" || pkg.pname == "cm-super";
|
||||
# elem tlType [ "run" "bin" "doc" "source" ]
|
||||
# there are also other attributes: version, name
|
||||
}
|
||||
</programlisting>
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
You can list packages e.g. by <command>nix repl</command>.
|
||||
<programlisting>
|
||||
<prompt>$ </prompt>nix repl
|
||||
<prompt>nix-repl> </prompt>:l <nixpkgs>
|
||||
<prompt>nix-repl> </prompt>texlive.collection-<keycap function="tab" />
|
||||
</programlisting>
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
Note that the wrapper assumes that the result has a chance to be useful. For example, the core executables should be present, as well as some core data files. The supported way of ensuring this is by including some scheme, for example <varname>scheme-basic</varname>, into the combination.
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</section>
|
||||
|
||||
<section xml:id="sec-language-texlive-custom-packages">
|
||||
<title>Custom packages</title>
|
||||
<para>
|
||||
You may find that you need to use an external TeX package. A derivation for such package has to provide contents of the "texmf" directory in its output and provide the <varname>tlType</varname> attribute. Here is a (very verbose) example:
|
||||
<programlisting><![CDATA[
|
||||
with import <nixpkgs> {};
|
||||
|
||||
let
|
||||
foiltex_run = stdenvNoCC.mkDerivation {
|
||||
pname = "latex-foiltex";
|
||||
version = "2.1.4b";
|
||||
passthru.tlType = "run";
|
||||
|
||||
srcs = [
|
||||
(fetchurl {
|
||||
url = "http://mirrors.ctan.org/macros/latex/contrib/foiltex/foiltex.dtx";
|
||||
sha256 = "07frz0krpz7kkcwlayrwrj2a2pixmv0icbngyw92srp9fp23cqpz";
|
||||
})
|
||||
(fetchurl {
|
||||
url = "http://mirrors.ctan.org/macros/latex/contrib/foiltex/foiltex.ins";
|
||||
sha256 = "09wkyidxk3n3zvqxfs61wlypmbhi1pxmjdi1kns9n2ky8ykbff99";
|
||||
})
|
||||
];
|
||||
|
||||
unpackPhase = ''
|
||||
runHook preUnpack
|
||||
|
||||
for _src in $srcs; do
|
||||
cp "$_src" $(stripHash "$_src")
|
||||
done
|
||||
|
||||
runHook postUnpack
|
||||
'';
|
||||
|
||||
nativeBuildInputs = [ texlive.combined.scheme-small ];
|
||||
|
||||
dontConfigure = true;
|
||||
|
||||
buildPhase = ''
|
||||
runHook preBuild
|
||||
|
||||
# Generate the style files
|
||||
latex foiltex.ins
|
||||
|
||||
runHook postBuild
|
||||
'';
|
||||
|
||||
installPhase = ''
|
||||
runHook preInstall
|
||||
|
||||
path="$out/tex/latex/foiltex"
|
||||
mkdir -p "$path"
|
||||
cp *.{cls,def,clo} "$path/"
|
||||
|
||||
runHook postInstall
|
||||
'';
|
||||
|
||||
meta = with lib; {
|
||||
description = "A LaTeX2e class for overhead transparencies";
|
||||
license = licenses.unfreeRedistributable;
|
||||
maintainers = with maintainers; [ veprbl ];
|
||||
platforms = platforms.all;
|
||||
};
|
||||
};
|
||||
foiltex = { pkgs = [ foiltex_run ]; };
|
||||
|
||||
latex_with_foiltex = texlive.combine {
|
||||
inherit (texlive) scheme-small;
|
||||
inherit foiltex;
|
||||
};
|
||||
in
|
||||
runCommand "test.pdf" {
|
||||
nativeBuildInputs = [ latex_with_foiltex ];
|
||||
} ''
|
||||
cat >test.tex <<EOF
|
||||
\documentclass{foils}
|
||||
|
||||
\title{Presentation title}
|
||||
\date{}
|
||||
|
||||
\begin{document}
|
||||
\maketitle
|
||||
\end{document}
|
||||
EOF
|
||||
pdflatex test.tex
|
||||
cp test.pdf $out
|
||||
''
|
||||
]]></programlisting>
|
||||
</para>
|
||||
</section>
|
||||
</section>
|
1
third_party/nixpkgs/doc/using/overlays.xml
vendored
1
third_party/nixpkgs/doc/using/overlays.xml
vendored
|
@ -28,6 +28,7 @@
|
|||
</para>
|
||||
|
||||
<para>
|
||||
NOTE: DO NOT USE THIS in nixpkgs.
|
||||
Further overlays can be added by calling the <literal>pkgs.extend</literal> or <literal>pkgs.appendOverlays</literal>, although it is often preferable to avoid these functions, because they recompute the Nixpkgs fixpoint, which is somewhat expensive to do.
|
||||
</para>
|
||||
</section>
|
||||
|
|
4
third_party/nixpkgs/lib/modules.nix
vendored
4
third_party/nixpkgs/lib/modules.nix
vendored
|
@ -265,7 +265,7 @@ rec {
|
|||
if badAttrs != {} then
|
||||
throw "Module `${key}' has an unsupported attribute `${head (attrNames badAttrs)}'. This is caused by introducing a top-level `config' or `options' attribute. Add configuration attributes immediately on the top level instead, or move all of them (namely: ${toString (attrNames badAttrs)}) into the explicit `config' attribute."
|
||||
else
|
||||
{ _file = m._file or file;
|
||||
{ _file = toString m._file or file;
|
||||
key = toString m.key or key;
|
||||
disabledModules = m.disabledModules or [];
|
||||
imports = m.imports or [];
|
||||
|
@ -273,7 +273,7 @@ rec {
|
|||
config = addFreeformType (addMeta (m.config or {}));
|
||||
}
|
||||
else
|
||||
{ _file = m._file or file;
|
||||
{ _file = toString m._file or file;
|
||||
key = toString m.key or key;
|
||||
disabledModules = m.disabledModules or [];
|
||||
imports = m.require or [] ++ m.imports or [];
|
||||
|
|
2
third_party/nixpkgs/lib/systems/default.nix
vendored
2
third_party/nixpkgs/lib/systems/default.nix
vendored
|
@ -25,7 +25,7 @@ rec {
|
|||
system = parse.doubleFromSystem final.parsed;
|
||||
config = parse.tripleFromSystem final.parsed;
|
||||
# Just a guess, based on `system`
|
||||
platform = platforms.selectBySystem final.system;
|
||||
platform = platforms.select final;
|
||||
# Determine whether we are compatible with the provided CPU
|
||||
isCompatible = platform: parse.isCompatible final.parsed.cpu platform.parsed.cpu;
|
||||
# Derived meta-data
|
||||
|
|
11
third_party/nixpkgs/lib/systems/examples.nix
vendored
11
third_party/nixpkgs/lib/systems/examples.nix
vendored
|
@ -7,7 +7,7 @@ let
|
|||
|
||||
riscv = bits: {
|
||||
config = "riscv${bits}-unknown-linux-gnu";
|
||||
platform = platforms.riscv-multiplatform bits;
|
||||
platform = platforms.riscv-multiplatform;
|
||||
};
|
||||
in
|
||||
|
||||
|
@ -39,6 +39,11 @@ rec {
|
|||
platform = platforms.zero-gravitas;
|
||||
};
|
||||
|
||||
remarkable2 = {
|
||||
config = "armv7l-unknown-linux-gnueabihf";
|
||||
platform = platforms.zero-sugar;
|
||||
};
|
||||
|
||||
armv7l-hf-multiplatform = {
|
||||
config = "armv7l-unknown-linux-gnueabihf";
|
||||
platform = platforms.armv7l-hf-multiplatform;
|
||||
|
@ -105,13 +110,13 @@ rec {
|
|||
riscv64-embedded = {
|
||||
config = "riscv64-none-elf";
|
||||
libc = "newlib";
|
||||
platform = platforms.riscv-multiplatform "64";
|
||||
platform = platforms.riscv-multiplatform;
|
||||
};
|
||||
|
||||
riscv32-embedded = {
|
||||
config = "riscv32-none-elf";
|
||||
libc = "newlib";
|
||||
platform = platforms.riscv-multiplatform "32";
|
||||
platform = platforms.riscv-multiplatform;
|
||||
};
|
||||
|
||||
mmix = {
|
||||
|
|
49
third_party/nixpkgs/lib/systems/platforms.nix
vendored
49
third_party/nixpkgs/lib/systems/platforms.nix
vendored
|
@ -217,6 +217,21 @@ rec {
|
|||
};
|
||||
};
|
||||
|
||||
zero-sugar = {
|
||||
name = "zero-sugar";
|
||||
kernelBaseConfig = "zero-sugar_defconfig";
|
||||
kernelArch = "arm";
|
||||
kernelDTB = true;
|
||||
kernelAutoModules = false;
|
||||
kernelPreferBuiltin = true;
|
||||
kernelTarget = "zImage";
|
||||
gcc = {
|
||||
cpu = "cortex-a7";
|
||||
fpu = "neon-vfpv4";
|
||||
float-abi = "hard";
|
||||
};
|
||||
};
|
||||
|
||||
scaleway-c1 = armv7l-hf-multiplatform // {
|
||||
gcc = {
|
||||
cpu = "cortex-a9";
|
||||
|
@ -456,10 +471,9 @@ rec {
|
|||
## Other
|
||||
##
|
||||
|
||||
riscv-multiplatform = bits: {
|
||||
riscv-multiplatform = {
|
||||
name = "riscv-multiplatform";
|
||||
kernelArch = "riscv";
|
||||
bfdEmulation = "elf${bits}lriscv";
|
||||
kernelTarget = "vmlinux";
|
||||
kernelAutoModules = true;
|
||||
kernelBaseConfig = "defconfig";
|
||||
|
@ -469,17 +483,22 @@ rec {
|
|||
'';
|
||||
};
|
||||
|
||||
selectBySystem = system: {
|
||||
i486-linux = pc32;
|
||||
i586-linux = pc32;
|
||||
i686-linux = pc32;
|
||||
x86_64-linux = pc64;
|
||||
armv5tel-linux = sheevaplug;
|
||||
armv6l-linux = raspberrypi;
|
||||
armv7a-linux = armv7l-hf-multiplatform;
|
||||
armv7l-linux = armv7l-hf-multiplatform;
|
||||
aarch64-linux = aarch64-multiplatform;
|
||||
mipsel-linux = fuloong2f_n32;
|
||||
powerpc64le-linux = powernv;
|
||||
}.${system} or pcBase;
|
||||
select = platform:
|
||||
# x86
|
||||
/**/ if platform.isx86_32 then pc32
|
||||
else if platform.isx86_64 then pc64
|
||||
|
||||
# ARM
|
||||
else if platform.isAarch32 then let
|
||||
version = platform.parsed.cpu.version or "";
|
||||
in if lib.versionOlder version "6" then sheevaplug
|
||||
else if lib.versionOlder version "7" then raspberrypi
|
||||
else armv7l-hf-multiplatform
|
||||
else if platform.isAarch64 then aarch64-multiplatform
|
||||
|
||||
else if platform.parsed.cpu == lib.systems.parse.cpuTypes.mipsel then fuloong2f_n32
|
||||
|
||||
else if platform.parsed.cpu == lib.systems.parse.cpuTypes.powerpc64le then powernv
|
||||
|
||||
else pcBase;
|
||||
}
|
||||
|
|
|
@ -2755,6 +2755,16 @@
|
|||
email = "adam.copp@gmail.com";
|
||||
name = "Adam Copp";
|
||||
};
|
||||
ethancedwards8 = {
|
||||
email = "ethancarteredwards@gmail.com";
|
||||
github = "ethancedwards8";
|
||||
githubId = 60861925;
|
||||
name = "Ethan Carter Edwards";
|
||||
keys = [{
|
||||
longkeyid = "rsa4096/0xF93DDAFA26EF2458";
|
||||
fingerprint = "0E69 0F46 3457 D812 3387 C978 F93D DAFA 26EF 2458";
|
||||
}];
|
||||
};
|
||||
ethercrow = {
|
||||
email = "ethercrow@gmail.com";
|
||||
github = "ethercrow";
|
||||
|
@ -3437,6 +3447,12 @@
|
|||
fingerprint = "74B1 F67D 8E43 A94A 7554 0768 9CCC E364 02CB 49A6";
|
||||
}];
|
||||
};
|
||||
happysalada = {
|
||||
email = "raphael@megzari.com";
|
||||
github = "happysalada";
|
||||
githubId = 5317234;
|
||||
name = "Raphael Megzari";
|
||||
};
|
||||
haslersn = {
|
||||
email = "haslersn@fius.informatik.uni-stuttgart.de";
|
||||
github = "haslersn";
|
||||
|
@ -4807,6 +4823,12 @@
|
|||
githubId = 2422454;
|
||||
name = "Kai Wohlfahrt";
|
||||
};
|
||||
kyleondy = {
|
||||
email = "kyle@ondy.org";
|
||||
github = "kyleondy";
|
||||
githubId = 1640900;
|
||||
name = "Kyle Ondy";
|
||||
};
|
||||
kylesferrazza = {
|
||||
name = "Kyle Sferrazza";
|
||||
email = "kyle.sferrazza@gmail.com";
|
||||
|
@ -6213,6 +6235,16 @@
|
|||
githubId = 1916245;
|
||||
name = "Fernando Jose Pando";
|
||||
};
|
||||
nasirhm = {
|
||||
email = "nasirhussainm14@gmail.com";
|
||||
github = "nasirhm";
|
||||
githubId = 35005234;
|
||||
name = "Nasir Hussain";
|
||||
keys = [{
|
||||
longkeyid = "rsa4096/0xD8126E559CE7C35D";
|
||||
fingerprint = "7A10 AB8E 0BEC 566B 090C 9BE3 D812 6E55 9CE7 C35D";
|
||||
}];
|
||||
};
|
||||
Nate-Devv = {
|
||||
email = "natedevv@gmail.com";
|
||||
name = "Nathan Moore";
|
||||
|
@ -6759,6 +6791,12 @@
|
|||
githubId = 8641;
|
||||
name = "Pierre Carrier";
|
||||
};
|
||||
pengmeiyu = {
|
||||
email = "pengmyu@gmail.com";
|
||||
github = "pmeiyu";
|
||||
githubId = 8529551;
|
||||
name = "Peng Mei Yu";
|
||||
};
|
||||
penguwin = {
|
||||
email = "penguwin@penguwin.eu";
|
||||
github = "penguwin";
|
||||
|
|
|
@ -480,13 +480,8 @@ Retype new UNIX password: ***</screen>
|
|||
<prompt>$ </prompt>passwd eelco</screen>
|
||||
</para>
|
||||
<para>
|
||||
You may also want to install some software. For instance,
|
||||
<screen>
|
||||
<prompt>$ </prompt>nix-env -qaP \*</screen>
|
||||
shows what packages are available, and
|
||||
<screen>
|
||||
<prompt>$ </prompt>nix-env -f '<nixpkgs>' -iA w3m</screen>
|
||||
installs the <literal>w3m</literal> browser.
|
||||
You may also want to install some software. This will be covered
|
||||
in <xref linkend="sec-package-management" />.
|
||||
</para>
|
||||
</listitem>
|
||||
</orderedlist>
|
||||
|
|
|
@ -160,6 +160,11 @@
|
|||
<package>btc1</package> has been abandoned upstream, and removed.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<package>cpp_ethereum</package> (aleth) has been abandoned upstream, and removed.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<package>riak-cs</package> package removed along with <varname>services.riak-cs</varname> module.
|
||||
|
@ -239,6 +244,14 @@
|
|||
</para>
|
||||
</warning>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
The <literal>rspamd</literal> services is now sandboxed. It is run as
|
||||
a dynamic user instead of root, so secrets and other files may have to
|
||||
be moved or their permissions may have to be fixed. The sockets are now
|
||||
located in <literal>/run/rspamd</literal> instead of <literal>/run</literal>.
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</section>
|
||||
|
||||
|
@ -331,6 +344,19 @@
|
|||
<literal>unbound-control</literal> without passing a custom configuration location.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
NixOS now defaults to the unified cgroup hierarchy (cgroupsv2).
|
||||
See the <link xlink:href="https://www.redhat.com/sysadmin/fedora-31-control-group-v2">Fedora Article for 31</link>
|
||||
for details on why this is desirable, and how it impacts containers.
|
||||
</para>
|
||||
<para>
|
||||
If you want to run containers with a runtime that does not yet support cgroupsv2,
|
||||
you can switch back to the old behaviour by setting
|
||||
<xref linkend="opt-systemd.enableUnifiedCgroupHierarchy"/> = <literal>false</literal>;
|
||||
and rebooting.
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</section>
|
||||
</section>
|
||||
|
|
|
@ -223,9 +223,10 @@ in
|
|||
# Figure out device names for the boot device and root filesystem.
|
||||
rootPart=$(${pkgs.util-linux}/bin/findmnt -n -o SOURCE /)
|
||||
bootDevice=$(lsblk -npo PKNAME $rootPart)
|
||||
partNum=$(lsblk -npo MAJ:MIN $rootPart | awk -F: '{print $2}')
|
||||
|
||||
# Resize the root partition and the filesystem to fit the disk
|
||||
echo ",+," | sfdisk -N2 --no-reread $bootDevice
|
||||
echo ",+," | sfdisk -N$partNum --no-reread $bootDevice
|
||||
${pkgs.parted}/bin/partprobe
|
||||
${pkgs.e2fsprogs}/bin/resize2fs $rootPart
|
||||
|
||||
|
|
|
@ -397,6 +397,7 @@
|
|||
./services/logging/rsyslogd.nix
|
||||
./services/logging/syslog-ng.nix
|
||||
./services/logging/syslogd.nix
|
||||
./services/logging/vector.nix
|
||||
./services/mail/clamsmtp.nix
|
||||
./services/mail/davmail.nix
|
||||
./services/mail/dkimproxy-out.nix
|
||||
|
|
|
@ -12,6 +12,7 @@ let
|
|||
|
||||
mkOpts = rule: concatStringsSep " " [
|
||||
(optionalString rule.noPass "nopass")
|
||||
(optionalString rule.noLog "nolog")
|
||||
(optionalString rule.persist "persist")
|
||||
(optionalString rule.keepEnv "keepenv")
|
||||
"setenv { SSH_AUTH_SOCK ${concatStringsSep " " rule.setEnv} }"
|
||||
|
@ -118,6 +119,16 @@ in
|
|||
'';
|
||||
};
|
||||
|
||||
noLog = mkOption {
|
||||
type = with types; bool;
|
||||
default = false;
|
||||
description = ''
|
||||
If <code>true</code>, successful executions will not be logged
|
||||
to
|
||||
<citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
|
||||
'';
|
||||
};
|
||||
|
||||
persist = mkOption {
|
||||
type = with types; bool;
|
||||
default = false;
|
||||
|
|
|
@ -23,5 +23,9 @@ with lib;
|
|||
|
||||
boot.specialFileSystems."/proc".options = [ "hidepid=2" "gid=${toString config.ids.gids.proc}" ];
|
||||
systemd.services.systemd-logind.serviceConfig.SupplementaryGroups = [ "proc" ];
|
||||
|
||||
# Disable cgroupsv2, which doesn't work with hidepid.
|
||||
# https://github.com/NixOS/nixpkgs/pull/104094#issuecomment-729996203
|
||||
systemd.enableUnifiedCgroupHierarchy = false;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -76,6 +76,10 @@ in
|
|||
enable = mkDefault true;
|
||||
};
|
||||
|
||||
# TODO: disable this once k3s supports cgroupsv2, either by docker
|
||||
# supporting it, or their bundled containerd
|
||||
systemd.enableUnifiedCgroupHierarchy = false;
|
||||
|
||||
systemd.services.k3s = {
|
||||
description = "k3s service";
|
||||
after = mkIf cfg.docker [ "docker.service" ];
|
||||
|
|
|
@ -61,10 +61,8 @@ in {
|
|||
Restart = "always";
|
||||
ExecStart = ''${hoogleEnv}/bin/hoogle server --local --port ${toString cfg.port} --home ${cfg.home}'';
|
||||
|
||||
User = "nobody";
|
||||
Group = "nogroup";
|
||||
DynamicUser = true;
|
||||
|
||||
PrivateTmp = true;
|
||||
ProtectHome = true;
|
||||
|
||||
RuntimeDirectory = "hoogle";
|
||||
|
|
|
@ -148,7 +148,7 @@ in
|
|||
# saned needs to distinguish between IPv4 and IPv6 to open matching data sockets.
|
||||
BindIPv6Only = "ipv6-only";
|
||||
Accept = true;
|
||||
MaxConnections = 1;
|
||||
MaxConnections = 64;
|
||||
};
|
||||
};
|
||||
|
||||
|
|
61
third_party/nixpkgs/nixos/modules/services/logging/vector.nix
vendored
Normal file
61
third_party/nixpkgs/nixos/modules/services/logging/vector.nix
vendored
Normal file
|
@ -0,0 +1,61 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
let cfg = config.services.vector;
|
||||
|
||||
in {
|
||||
options.services.vector = {
|
||||
enable = mkEnableOption "Vector";
|
||||
|
||||
journaldAccess = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Enable Vector to access journald.
|
||||
'';
|
||||
};
|
||||
|
||||
settings = mkOption {
|
||||
type = (pkgs.formats.json { }).type;
|
||||
default = { };
|
||||
description = ''
|
||||
Specify the configuration for Vector in Nix.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
users.groups.vector = { };
|
||||
users.users.vector = {
|
||||
description = "Vector service user";
|
||||
group = "vector";
|
||||
isSystemUser = true;
|
||||
};
|
||||
systemd.services.vector = {
|
||||
description = "Vector event and log aggregator";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "network-online.target" ];
|
||||
requires = [ "network-online.target" ];
|
||||
serviceConfig = let
|
||||
format = pkgs.formats.toml { };
|
||||
conf = format.generate "vector.toml" cfg.settings;
|
||||
validateConfig = file:
|
||||
pkgs.runCommand "validate-vector-conf" { } ''
|
||||
${pkgs.vector}/bin/vector validate --no-topology --no-environment "${file}"
|
||||
ln -s "${file}" "$out"
|
||||
'';
|
||||
in {
|
||||
ExecStart = "${pkgs.vector}/bin/vector --config ${validateConfig conf}";
|
||||
User = "vector";
|
||||
Group = "vector";
|
||||
Restart = "no";
|
||||
StateDirectory = "vector";
|
||||
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
|
||||
AmbientCapabilities = "CAP_NET_BIND_SERVICE";
|
||||
# This group is required for accessing journald.
|
||||
SupplementaryGroups = mkIf cfg.journaldAccess "systemd-journal";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -371,6 +371,9 @@ in
|
|||
};
|
||||
services.postfix.config = mkIf cfg.postfix.enable cfg.postfix.config;
|
||||
|
||||
systemd.services.postfix.serviceConfig.SupplementaryGroups =
|
||||
mkIf cfg.postfix.enable [ postfixCfg.group ];
|
||||
|
||||
# Allow users to run 'rspamc' and 'rspamadm'.
|
||||
environment.systemPackages = [ pkgs.rspamd ];
|
||||
|
||||
|
@ -394,16 +397,45 @@ in
|
|||
restartTriggers = [ rspamdDir ];
|
||||
|
||||
serviceConfig = {
|
||||
ExecStart = "${pkgs.rspamd}/bin/rspamd ${optionalString cfg.debug "-d"} --user=${cfg.user} --group=${cfg.group} --pid=/run/rspamd.pid -c /etc/rspamd/rspamd.conf -f";
|
||||
ExecStart = "${pkgs.rspamd}/bin/rspamd ${optionalString cfg.debug "-d"} -c /etc/rspamd/rspamd.conf -f";
|
||||
Restart = "always";
|
||||
RuntimeDirectory = "rspamd";
|
||||
PrivateTmp = true;
|
||||
};
|
||||
|
||||
preStart = ''
|
||||
${pkgs.coreutils}/bin/mkdir -p /var/lib/rspamd
|
||||
${pkgs.coreutils}/bin/chown ${cfg.user}:${cfg.group} /var/lib/rspamd
|
||||
'';
|
||||
User = "${cfg.user}";
|
||||
Group = "${cfg.group}";
|
||||
SupplementaryGroups = mkIf cfg.postfix.enable [ postfixCfg.group ];
|
||||
|
||||
RuntimeDirectory = "rspamd";
|
||||
RuntimeDirectoryMode = "0755";
|
||||
StateDirectory = "rspamd";
|
||||
StateDirectoryMode = "0700";
|
||||
|
||||
AmbientCapabilities = [];
|
||||
CapabilityBoundingSet = [];
|
||||
DevicePolicy = "closed";
|
||||
LockPersonality = true;
|
||||
NoNewPrivileges = true;
|
||||
PrivateDevices = true;
|
||||
PrivateMounts = true;
|
||||
PrivateTmp = true;
|
||||
# we need to chown socket to rspamd-milter
|
||||
PrivateUsers = !cfg.postfix.enable;
|
||||
ProtectClock = true;
|
||||
ProtectControlGroups = true;
|
||||
ProtectHome = true;
|
||||
ProtectHostname = true;
|
||||
ProtectKernelLogs = true;
|
||||
ProtectKernelModules = true;
|
||||
ProtectKernelTunables = true;
|
||||
ProtectSystem = "strict";
|
||||
RemoveIPC = true;
|
||||
RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_UNIX" ];
|
||||
RestrictNamespaces = true;
|
||||
RestrictRealtime = true;
|
||||
RestrictSUIDSGID = true;
|
||||
SystemCallArchitectures = "native";
|
||||
SystemCallFilter = "@system-service";
|
||||
UMask = "0077";
|
||||
};
|
||||
};
|
||||
};
|
||||
imports = [
|
||||
|
|
|
@ -9,7 +9,14 @@ with lib;
|
|||
let
|
||||
cfg = config.networking.nat;
|
||||
|
||||
dest = if cfg.externalIP == null then "-j MASQUERADE" else "-j SNAT --to-source ${cfg.externalIP}";
|
||||
mkDest = externalIP: if externalIP == null
|
||||
then "-j MASQUERADE"
|
||||
else "-j SNAT --to-source ${externalIP}";
|
||||
dest = mkDest cfg.externalIP;
|
||||
destIPv6 = mkDest cfg.externalIPv6;
|
||||
|
||||
# Whether given IP (plus optional port) is an IPv6.
|
||||
isIPv6 = ip: builtins.length (lib.splitString ":" ip) > 2;
|
||||
|
||||
helpers = import ./helpers.nix { inherit config lib; };
|
||||
|
||||
|
@ -28,63 +35,80 @@ let
|
|||
${cfg.extraStopCommands}
|
||||
'';
|
||||
|
||||
setupNat = ''
|
||||
${helpers}
|
||||
# Create subchain where we store rules
|
||||
ip46tables -w -t nat -N nixos-nat-pre
|
||||
ip46tables -w -t nat -N nixos-nat-post
|
||||
ip46tables -w -t nat -N nixos-nat-out
|
||||
|
||||
mkSetupNat = { iptables, dest, internalIPs, forwardPorts }: ''
|
||||
# We can't match on incoming interface in POSTROUTING, so
|
||||
# mark packets coming from the internal interfaces.
|
||||
${concatMapStrings (iface: ''
|
||||
iptables -w -t nat -A nixos-nat-pre \
|
||||
${iptables} -w -t nat -A nixos-nat-pre \
|
||||
-i '${iface}' -j MARK --set-mark 1
|
||||
'') cfg.internalInterfaces}
|
||||
|
||||
# NAT the marked packets.
|
||||
${optionalString (cfg.internalInterfaces != []) ''
|
||||
iptables -w -t nat -A nixos-nat-post -m mark --mark 1 \
|
||||
${iptables} -w -t nat -A nixos-nat-post -m mark --mark 1 \
|
||||
${optionalString (cfg.externalInterface != null) "-o ${cfg.externalInterface}"} ${dest}
|
||||
''}
|
||||
|
||||
# NAT packets coming from the internal IPs.
|
||||
${concatMapStrings (range: ''
|
||||
iptables -w -t nat -A nixos-nat-post \
|
||||
${iptables} -w -t nat -A nixos-nat-post \
|
||||
-s '${range}' ${optionalString (cfg.externalInterface != null) "-o ${cfg.externalInterface}"} ${dest}
|
||||
'') cfg.internalIPs}
|
||||
'') internalIPs}
|
||||
|
||||
# NAT from external ports to internal ports.
|
||||
${concatMapStrings (fwd: ''
|
||||
iptables -w -t nat -A nixos-nat-pre \
|
||||
${iptables} -w -t nat -A nixos-nat-pre \
|
||||
-i ${toString cfg.externalInterface} -p ${fwd.proto} \
|
||||
--dport ${builtins.toString fwd.sourcePort} \
|
||||
-j DNAT --to-destination ${fwd.destination}
|
||||
|
||||
${concatMapStrings (loopbackip:
|
||||
let
|
||||
m = builtins.match "([0-9.]+):([0-9-]+)" fwd.destination;
|
||||
destinationIP = if (m == null) then throw "bad ip:ports `${fwd.destination}'" else elemAt m 0;
|
||||
destinationPorts = if (m == null) then throw "bad ip:ports `${fwd.destination}'" else builtins.replaceStrings ["-"] [":"] (elemAt m 1);
|
||||
matchIP = if isIPv6 fwd.destination then "[[]([0-9a-fA-F:]+)[]]" else "([0-9.]+)";
|
||||
m = builtins.match "${matchIP}:([0-9-]+)" fwd.destination;
|
||||
destinationIP = if m == null then throw "bad ip:ports `${fwd.destination}'" else elemAt m 0;
|
||||
destinationPorts = if m == null then throw "bad ip:ports `${fwd.destination}'" else builtins.replaceStrings ["-"] [":"] (elemAt m 1);
|
||||
in ''
|
||||
# Allow connections to ${loopbackip}:${toString fwd.sourcePort} from the host itself
|
||||
iptables -w -t nat -A nixos-nat-out \
|
||||
${iptables} -w -t nat -A nixos-nat-out \
|
||||
-d ${loopbackip} -p ${fwd.proto} \
|
||||
--dport ${builtins.toString fwd.sourcePort} \
|
||||
-j DNAT --to-destination ${fwd.destination}
|
||||
|
||||
# Allow connections to ${loopbackip}:${toString fwd.sourcePort} from other hosts behind NAT
|
||||
iptables -w -t nat -A nixos-nat-pre \
|
||||
${iptables} -w -t nat -A nixos-nat-pre \
|
||||
-d ${loopbackip} -p ${fwd.proto} \
|
||||
--dport ${builtins.toString fwd.sourcePort} \
|
||||
-j DNAT --to-destination ${fwd.destination}
|
||||
|
||||
iptables -w -t nat -A nixos-nat-post \
|
||||
${iptables} -w -t nat -A nixos-nat-post \
|
||||
-d ${destinationIP} -p ${fwd.proto} \
|
||||
--dport ${destinationPorts} \
|
||||
-j SNAT --to-source ${loopbackip}
|
||||
'') fwd.loopbackIPs}
|
||||
'') cfg.forwardPorts}
|
||||
'') forwardPorts}
|
||||
'';
|
||||
|
||||
setupNat = ''
|
||||
${helpers}
|
||||
# Create subchains where we store rules
|
||||
ip46tables -w -t nat -N nixos-nat-pre
|
||||
ip46tables -w -t nat -N nixos-nat-post
|
||||
ip46tables -w -t nat -N nixos-nat-out
|
||||
|
||||
${mkSetupNat {
|
||||
iptables = "iptables";
|
||||
inherit dest;
|
||||
inherit (cfg) internalIPs;
|
||||
forwardPorts = filter (x: !(isIPv6 x.destination)) cfg.forwardPorts;
|
||||
}}
|
||||
|
||||
${optionalString cfg.enableIPv6 (mkSetupNat {
|
||||
iptables = "ip6tables";
|
||||
dest = destIPv6;
|
||||
internalIPs = cfg.internalIPv6s;
|
||||
forwardPorts = filter (x: isIPv6 x.destination) cfg.forwardPorts;
|
||||
})}
|
||||
|
||||
${optionalString (cfg.dmzHost != null) ''
|
||||
iptables -w -t nat -A nixos-nat-pre \
|
||||
|
@ -117,6 +141,15 @@ in
|
|||
'';
|
||||
};
|
||||
|
||||
networking.nat.enableIPv6 = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description =
|
||||
''
|
||||
Whether to enable IPv6 NAT.
|
||||
'';
|
||||
};
|
||||
|
||||
networking.nat.internalInterfaces = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [];
|
||||
|
@ -141,6 +174,18 @@ in
|
|||
'';
|
||||
};
|
||||
|
||||
networking.nat.internalIPv6s = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [];
|
||||
example = [ "fc00::/64" ];
|
||||
description =
|
||||
''
|
||||
The IPv6 address ranges for which to perform NAT. Packets
|
||||
coming from these addresses (on any interface) and destined
|
||||
for the external interface will be rewritten.
|
||||
'';
|
||||
};
|
||||
|
||||
networking.nat.externalInterface = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
|
@ -164,6 +209,19 @@ in
|
|||
'';
|
||||
};
|
||||
|
||||
networking.nat.externalIPv6 = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
example = "2001:dc0:2001:11::175";
|
||||
description =
|
||||
''
|
||||
The public IPv6 address to which packets from the local
|
||||
network are to be rewritten. If this is left empty, the
|
||||
IP address associated with the external interface will be
|
||||
used.
|
||||
'';
|
||||
};
|
||||
|
||||
networking.nat.forwardPorts = mkOption {
|
||||
type = with types; listOf (submodule {
|
||||
options = {
|
||||
|
@ -176,7 +234,7 @@ in
|
|||
destination = mkOption {
|
||||
type = types.str;
|
||||
example = "10.0.0.1:80";
|
||||
description = "Forward connection to destination ip:port; to specify a port range, use ip:start-end";
|
||||
description = "Forward connection to destination ip:port (or [ipv6]:port); to specify a port range, use ip:start-end";
|
||||
};
|
||||
|
||||
proto = mkOption {
|
||||
|
@ -195,11 +253,15 @@ in
|
|||
};
|
||||
});
|
||||
default = [];
|
||||
example = [ { sourcePort = 8080; destination = "10.0.0.1:80"; proto = "tcp"; } ];
|
||||
example = [
|
||||
{ sourcePort = 8080; destination = "10.0.0.1:80"; proto = "tcp"; }
|
||||
{ sourcePort = 8080; destination = "[fc00::2]:80"; proto = "tcp"; }
|
||||
];
|
||||
description =
|
||||
''
|
||||
List of forwarded ports from the external interface to
|
||||
internal destinations by using DNAT.
|
||||
internal destinations by using DNAT. Destination can be
|
||||
IPv6 if IPv6 NAT is enabled.
|
||||
'';
|
||||
};
|
||||
|
||||
|
@ -246,6 +308,9 @@ in
|
|||
(mkIf config.networking.nat.enable {
|
||||
|
||||
assertions = [
|
||||
{ assertion = cfg.enableIPv6 -> config.networking.enableIPv6;
|
||||
message = "networking.nat.enableIPv6 requires networking.enableIPv6";
|
||||
}
|
||||
{ assertion = (cfg.dmzHost != null) -> (cfg.externalInterface != null);
|
||||
message = "networking.nat.dmzHost requires networking.nat.externalInterface";
|
||||
}
|
||||
|
@ -261,6 +326,15 @@ in
|
|||
kernel.sysctl = {
|
||||
"net.ipv4.conf.all.forwarding" = mkOverride 99 true;
|
||||
"net.ipv4.conf.default.forwarding" = mkOverride 99 true;
|
||||
} // optionalAttrs cfg.enableIPv6 {
|
||||
# Do not prevent IPv6 autoconfiguration.
|
||||
# See <http://strugglers.net/~andy/blog/2011/09/04/linux-ipv6-router-advertisements-and-forwarding/>.
|
||||
"net.ipv6.conf.all.accept_ra" = mkOverride 99 2;
|
||||
"net.ipv6.conf.default.accept_ra" = mkOverride 99 2;
|
||||
|
||||
# Forward IPv6 packets.
|
||||
"net.ipv6.conf.all.forwarding" = mkOverride 99 true;
|
||||
"net.ipv6.conf.default.forwarding" = mkOverride 99 true;
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
@ -14,11 +14,18 @@ in {
|
|||
default = 41641;
|
||||
description = "The port to listen on for tunnel traffic (0=autoselect).";
|
||||
};
|
||||
|
||||
package = mkOption {
|
||||
type = types.package;
|
||||
default = pkgs.tailscale;
|
||||
defaultText = "pkgs.tailscale";
|
||||
description = "The package to use for tailscale";
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
environment.systemPackages = [ pkgs.tailscale ]; # for the CLI
|
||||
systemd.packages = [ pkgs.tailscale ];
|
||||
environment.systemPackages = [ cfg.package ]; # for the CLI
|
||||
systemd.packages = [ cfg.package ];
|
||||
systemd.services.tailscaled = {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig.Environment = "PORT=${toString cfg.port}";
|
||||
|
|
|
@ -550,6 +550,14 @@ in
|
|||
'';
|
||||
};
|
||||
|
||||
systemd.enableUnifiedCgroupHierarchy = mkOption {
|
||||
default = true;
|
||||
type = types.bool;
|
||||
description = ''
|
||||
Whether to enable the unified cgroup hierarchy (cgroupsv2).
|
||||
'';
|
||||
};
|
||||
|
||||
systemd.coredump.enable = mkOption {
|
||||
default = true;
|
||||
type = types.bool;
|
||||
|
@ -1178,6 +1186,7 @@ in
|
|||
boot.kernel.sysctl = mkIf (!cfg.coredump.enable) {
|
||||
"kernel.core_pattern" = "core";
|
||||
};
|
||||
boot.kernelParams = optional (!cfg.enableUnifiedCgroupHierarchy) "systemd.unified_cgroup_hierarchy=0";
|
||||
};
|
||||
|
||||
# FIXME: Remove these eventually.
|
||||
|
|
|
@ -155,6 +155,9 @@ in
|
|||
users.groups.docker.gid = config.ids.gids.docker;
|
||||
systemd.packages = [ cfg.package ];
|
||||
|
||||
# TODO: remove once docker 20.10 is released
|
||||
systemd.enableUnifiedCgroupHierarchy = false;
|
||||
|
||||
systemd.services.docker = {
|
||||
wantedBy = optional cfg.enableOnBoot "multi-user.target";
|
||||
environment = proxy_env;
|
||||
|
|
44
third_party/nixpkgs/nixos/tests/all-tests.nix
vendored
44
third_party/nixpkgs/nixos/tests/all-tests.nix
vendored
|
@ -40,18 +40,18 @@ in
|
|||
bittorrent = handleTest ./bittorrent.nix {};
|
||||
bitwarden = handleTest ./bitwarden.nix {};
|
||||
blockbook-frontend = handleTest ./blockbook-frontend.nix {};
|
||||
buildkite-agents = handleTest ./buildkite-agents.nix {};
|
||||
boot = handleTestOn ["x86_64-linux"] ./boot.nix {}; # syslinux is unsupported on aarch64
|
||||
boot-stage1 = handleTest ./boot-stage1.nix {};
|
||||
borgbackup = handleTest ./borgbackup.nix {};
|
||||
buildbot = handleTest ./buildbot.nix {};
|
||||
buildkite-agents = handleTest ./buildkite-agents.nix {};
|
||||
caddy = handleTest ./caddy.nix {};
|
||||
cadvisor = handleTestOn ["x86_64-linux"] ./cadvisor.nix {};
|
||||
cage = handleTest ./cage.nix {};
|
||||
cagebreak = handleTest ./cagebreak.nix {};
|
||||
cassandra = handleTest ./cassandra.nix {};
|
||||
ceph-single-node = handleTestOn ["x86_64-linux"] ./ceph-single-node.nix {};
|
||||
ceph-multi-node = handleTestOn ["x86_64-linux"] ./ceph-multi-node.nix {};
|
||||
ceph-single-node = handleTestOn ["x86_64-linux"] ./ceph-single-node.nix {};
|
||||
certmgr = handleTest ./certmgr.nix {};
|
||||
cfssl = handleTestOn ["x86_64-linux"] ./cfssl.nix {};
|
||||
charliecloud = handleTest ./charliecloud.nix {};
|
||||
|
@ -59,9 +59,9 @@ in
|
|||
cjdns = handleTest ./cjdns.nix {};
|
||||
clickhouse = handleTest ./clickhouse.nix {};
|
||||
cloud-init = handleTest ./cloud-init.nix {};
|
||||
cockroachdb = handleTestOn ["x86_64-linux"] ./cockroachdb.nix {};
|
||||
codimd = handleTest ./codimd.nix {};
|
||||
consul = handleTest ./consul.nix {};
|
||||
cockroachdb = handleTestOn ["x86_64-linux"] ./cockroachdb.nix {};
|
||||
containers-bridge = handleTest ./containers-bridge.nix {};
|
||||
containers-custom-pkgs.nix = handleTest ./containers-custom-pkgs.nix {};
|
||||
containers-ephemeral = handleTest ./containers-ephemeral.nix {};
|
||||
|
@ -85,7 +85,6 @@ in
|
|||
dnscrypt-wrapper = handleTestOn ["x86_64-linux"] ./dnscrypt-wrapper {};
|
||||
doas = handleTest ./doas.nix {};
|
||||
docker = handleTestOn ["x86_64-linux"] ./docker.nix {};
|
||||
oci-containers = handleTestOn ["x86_64-linux"] ./oci-containers.nix {};
|
||||
docker-edge = handleTestOn ["x86_64-linux"] ./docker-edge.nix {};
|
||||
docker-registry = handleTest ./docker-registry.nix {};
|
||||
docker-tools = handleTestOn ["x86_64-linux"] ./docker-tools.nix {};
|
||||
|
@ -119,24 +118,23 @@ in
|
|||
fsck = handleTest ./fsck.nix {};
|
||||
ft2-clone = handleTest ./ft2-clone.nix {};
|
||||
gerrit = handleTest ./gerrit.nix {};
|
||||
gotify-server = handleTest ./gotify-server.nix {};
|
||||
grocy = handleTest ./grocy.nix {};
|
||||
gitdaemon = handleTest ./gitdaemon.nix {};
|
||||
gitea = handleTest ./gitea.nix {};
|
||||
gitlab = handleTest ./gitlab.nix {};
|
||||
gitolite = handleTest ./gitolite.nix {};
|
||||
gitolite-fcgiwrap = handleTest ./gitolite-fcgiwrap.nix {};
|
||||
glusterfs = handleTest ./glusterfs.nix {};
|
||||
gnome3-xorg = handleTest ./gnome3-xorg.nix {};
|
||||
gnome3 = handleTest ./gnome3.nix {};
|
||||
installed-tests = pkgs.recurseIntoAttrs (handleTest ./installed-tests {});
|
||||
gnome3-xorg = handleTest ./gnome3-xorg.nix {};
|
||||
go-neb = handleTest ./go-neb.nix {};
|
||||
gocd-agent = handleTest ./gocd-agent.nix {};
|
||||
gocd-server = handleTest ./gocd-server.nix {};
|
||||
go-neb = handleTest ./go-neb.nix {};
|
||||
google-oslogin = handleTest ./google-oslogin {};
|
||||
gotify-server = handleTest ./gotify-server.nix {};
|
||||
grafana = handleTest ./grafana.nix {};
|
||||
graphite = handleTest ./graphite.nix {};
|
||||
graylog = handleTest ./graylog.nix {};
|
||||
grocy = handleTest ./grocy.nix {};
|
||||
grub = handleTest ./grub.nix {};
|
||||
gvisor = handleTest ./gvisor.nix {};
|
||||
hadoop.hdfs = handleTestOn [ "x86_64-linux" ] ./hadoop/hdfs.nix {};
|
||||
|
@ -144,6 +142,8 @@ in
|
|||
handbrake = handleTestOn ["x86_64-linux"] ./handbrake.nix {};
|
||||
haproxy = handleTest ./haproxy.nix {};
|
||||
hardened = handleTest ./hardened.nix {};
|
||||
installed-tests = pkgs.recurseIntoAttrs (handleTest ./installed-tests {});
|
||||
oci-containers = handleTestOn ["x86_64-linux"] ./oci-containers.nix {};
|
||||
# 9pnet_virtio used to mount /nix partition doesn't support
|
||||
# hibernation. This test happens to work on x86_64-linux but
|
||||
# not on other platforms.
|
||||
|
@ -160,8 +160,8 @@ in
|
|||
ihatemoney = handleTest ./ihatemoney.nix {};
|
||||
incron = handleTest ./incron.nix {};
|
||||
influxdb = handleTest ./influxdb.nix {};
|
||||
initrd-network-ssh = handleTest ./initrd-network-ssh {};
|
||||
initrd-network-openvpn = handleTest ./initrd-network-openvpn {};
|
||||
initrd-network-ssh = handleTest ./initrd-network-ssh {};
|
||||
initrdNetwork = handleTest ./initrd-network.nix {};
|
||||
installer = handleTest ./installer.nix {};
|
||||
iodine = handleTest ./iodine.nix {};
|
||||
|
@ -201,8 +201,8 @@ in
|
|||
lxd-nftables = handleTest ./lxd-nftables.nix {};
|
||||
#logstash = handleTest ./logstash.nix {};
|
||||
lorri = handleTest ./lorri/default.nix {};
|
||||
magnetico = handleTest ./magnetico.nix {};
|
||||
magic-wormhole-mailbox-server = handleTest ./magic-wormhole-mailbox-server.nix {};
|
||||
magnetico = handleTest ./magnetico.nix {};
|
||||
mailcatcher = handleTest ./mailcatcher.nix {};
|
||||
mariadb-galera-mariabackup = handleTest ./mysql/mariadb-galera-mariabackup.nix {};
|
||||
mariadb-galera-rsync = handleTest ./mysql/mariadb-galera-rsync.nix {};
|
||||
|
@ -213,9 +213,9 @@ in
|
|||
metabase = handleTest ./metabase.nix {};
|
||||
minecraft = handleTest ./minecraft.nix {};
|
||||
minecraft-server = handleTest ./minecraft-server.nix {};
|
||||
minidlna = handleTest ./minidlna.nix {};
|
||||
miniflux = handleTest ./miniflux.nix {};
|
||||
minio = handleTest ./minio.nix {};
|
||||
minidlna = handleTest ./minidlna.nix {};
|
||||
misc = handleTest ./misc.nix {};
|
||||
moinmoin = handleTest ./moinmoin.nix {};
|
||||
mongodb = handleTest ./mongodb.nix {};
|
||||
|
@ -240,10 +240,10 @@ in
|
|||
ncdns = handleTest ./ncdns.nix {};
|
||||
ndppd = handleTest ./ndppd.nix {};
|
||||
neo4j = handleTest ./neo4j.nix {};
|
||||
specialisation = handleTest ./specialisation.nix {};
|
||||
netdata = handleTest ./netdata.nix {};
|
||||
networking.networkd = handleTest ./networking.nix { networkd = true; };
|
||||
networking.scripted = handleTest ./networking.nix { networkd = false; };
|
||||
specialisation = handleTest ./specialisation.nix {};
|
||||
# TODO: put in networking.nix after the test becomes more complete
|
||||
networkingProxy = handleTest ./networking-proxy.nix {};
|
||||
nextcloud = handleTest ./nextcloud {};
|
||||
|
@ -269,8 +269,8 @@ in
|
|||
openldap = handleTest ./openldap.nix {};
|
||||
opensmtpd = handleTest ./opensmtpd.nix {};
|
||||
openssh = handleTest ./openssh.nix {};
|
||||
openstack-image-userdata = (handleTestOn ["x86_64-linux"] ./openstack-image.nix {}).userdata or {};
|
||||
openstack-image-metadata = (handleTestOn ["x86_64-linux"] ./openstack-image.nix {}).metadata or {};
|
||||
openstack-image-userdata = (handleTestOn ["x86_64-linux"] ./openstack-image.nix {}).userdata or {};
|
||||
orangefs = handleTest ./orangefs.nix {};
|
||||
os-prober = handleTestOn ["x86_64-linux"] ./os-prober.nix {};
|
||||
osrm-backend = handleTest ./osrm-backend.nix {};
|
||||
|
@ -280,6 +280,7 @@ in
|
|||
pam-u2f = handleTest ./pam-u2f.nix {};
|
||||
pantheon = handleTest ./pantheon.nix {};
|
||||
paperless = handleTest ./paperless.nix {};
|
||||
pdns-recursor = handleTest ./pdns-recursor.nix {};
|
||||
peerflix = handleTest ./peerflix.nix {};
|
||||
pgjwt = handleTest ./pgjwt.nix {};
|
||||
pgmanage = handleTest ./pgmanage.nix {};
|
||||
|
@ -339,9 +340,9 @@ in
|
|||
snapper = handleTest ./snapper.nix {};
|
||||
sogo = handleTest ./sogo.nix {};
|
||||
solr = handleTest ./solr.nix {};
|
||||
sonarr = handleTest ./sonarr.nix {};
|
||||
spacecookie = handleTest ./spacecookie.nix {};
|
||||
spike = handleTest ./spike.nix {};
|
||||
sonarr = handleTest ./sonarr.nix {};
|
||||
sslh = handleTest ./sslh.nix {};
|
||||
sssd = handleTestOn ["x86_64-linux"] ./sssd.nix {};
|
||||
sssd-ldap = handleTestOn ["x86_64-linux"] ./sssd-ldap.nix {};
|
||||
|
@ -358,13 +359,12 @@ in
|
|||
systemd-boot = handleTest ./systemd-boot.nix {};
|
||||
systemd-confinement = handleTest ./systemd-confinement.nix {};
|
||||
systemd-journal = handleTest ./systemd-journal.nix {};
|
||||
systemd-timesyncd = handleTest ./systemd-timesyncd.nix {};
|
||||
systemd-networkd-vrf = handleTest ./systemd-networkd-vrf.nix {};
|
||||
systemd-networkd = handleTest ./systemd-networkd.nix {};
|
||||
systemd-networkd-dhcpserver = handleTest ./systemd-networkd-dhcpserver.nix {};
|
||||
systemd-networkd-ipv6-prefix-delegation = handleTest ./systemd-networkd-ipv6-prefix-delegation.nix {};
|
||||
systemd-networkd-vrf = handleTest ./systemd-networkd-vrf.nix {};
|
||||
systemd-nspawn = handleTest ./systemd-nspawn.nix {};
|
||||
pdns-recursor = handleTest ./pdns-recursor.nix {};
|
||||
systemd-timesyncd = handleTest ./systemd-timesyncd.nix {};
|
||||
taskserver = handleTest ./taskserver.nix {};
|
||||
telegraf = handleTest ./telegraf.nix {};
|
||||
tiddlywiki = handleTest ./tiddlywiki.nix {};
|
||||
|
@ -372,20 +372,22 @@ in
|
|||
tinydns = handleTest ./tinydns.nix {};
|
||||
tor = handleTest ./tor.nix {};
|
||||
# traefik test relies on docker-containers
|
||||
trac = handleTest ./trac.nix {};
|
||||
traefik = handleTestOn ["x86_64-linux"] ./traefik.nix {};
|
||||
transmission = handleTest ./transmission.nix {};
|
||||
trac = handleTest ./trac.nix {};
|
||||
trilium-server = handleTestOn ["x86_64-linux"] ./trilium-server.nix {};
|
||||
trezord = handleTest ./trezord.nix {};
|
||||
trickster = handleTest ./trickster.nix {};
|
||||
trilium-server = handleTestOn ["x86_64-linux"] ./trilium-server.nix {};
|
||||
tuptime = handleTest ./tuptime.nix {};
|
||||
unbound = handleTest ./unbound.nix {};
|
||||
ucg = handleTest ./ucg.nix {};
|
||||
udisks2 = handleTest ./udisks2.nix {};
|
||||
unbound = handleTest ./unbound.nix {};
|
||||
unit-php = handleTest ./web-servers/unit-php.nix {};
|
||||
upnp = handleTest ./upnp.nix {};
|
||||
uwsgi = handleTest ./uwsgi.nix {};
|
||||
v2ray = handleTest ./v2ray.nix {};
|
||||
vault = handleTest ./vault.nix {};
|
||||
vector = handleTest ./vector.nix {};
|
||||
victoriametrics = handleTest ./victoriametrics.nix {};
|
||||
virtualbox = handleTestOn ["x86_64-linux"] ./virtualbox.nix {};
|
||||
wasabibackend = handleTest ./wasabibackend.nix {};
|
||||
|
|
|
@ -117,7 +117,8 @@ import ./make-test-python.nix ({ pkgs, ... }: {
|
|||
)
|
||||
docker.wait_until_succeeds("curl -f http://localhost:8000/")
|
||||
docker.succeed(
|
||||
"docker rm --force nginx", "docker rmi '${examples.nginx.imageName}'",
|
||||
"docker rm --force nginx",
|
||||
"docker rmi '${examples.nginx.imageName}'",
|
||||
)
|
||||
|
||||
with subtest("A pulled image can be used as base image"):
|
||||
|
|
1
third_party/nixpkgs/nixos/tests/gitea.nix
vendored
1
third_party/nixpkgs/nixos/tests/gitea.nix
vendored
|
@ -14,6 +14,7 @@ let
|
|||
|
||||
nodes = {
|
||||
server = { config, pkgs, ... }: {
|
||||
virtualisation.memorySize = 2048;
|
||||
services.gitea = {
|
||||
enable = true;
|
||||
database = { inherit type; };
|
||||
|
|
4
third_party/nixpkgs/nixos/tests/misc.nix
vendored
4
third_party/nixpkgs/nixos/tests/misc.nix
vendored
|
@ -88,8 +88,8 @@ import ./make-test-python.nix ({ pkgs, ...} : rec {
|
|||
with subtest("whether kernel.poweroff_cmd is set"):
|
||||
machine.succeed('[ -x "$(cat /proc/sys/kernel/poweroff_cmd)" ]')
|
||||
|
||||
with subtest("whether the blkio controller is properly enabled"):
|
||||
machine.succeed("[ -e /sys/fs/cgroup/blkio/blkio.reset_stats ]")
|
||||
with subtest("whether the io cgroupv2 controller is properly enabled"):
|
||||
machine.succeed("grep -q '\\bio\\b' /sys/fs/cgroup/cgroup.controllers")
|
||||
|
||||
with subtest("whether we have a reboot record in wtmp"):
|
||||
machine.shutdown
|
||||
|
|
31
third_party/nixpkgs/nixos/tests/podman.nix
vendored
31
third_party/nixpkgs/nixos/tests/podman.nix
vendored
|
@ -34,7 +34,6 @@ import ./make-test-python.nix (
|
|||
podman.wait_for_unit("sockets.target")
|
||||
start_all()
|
||||
|
||||
|
||||
with subtest("Run container as root with runc"):
|
||||
podman.succeed("tar cv --files-from /dev/null | podman import - scratchimg")
|
||||
podman.succeed(
|
||||
|
@ -53,16 +52,20 @@ import ./make-test-python.nix (
|
|||
podman.succeed("podman stop sleeping")
|
||||
podman.succeed("podman rm sleeping")
|
||||
|
||||
with subtest("Run container rootless with runc"):
|
||||
podman.succeed(su_cmd("tar cv --files-from /dev/null | podman import - scratchimg"))
|
||||
with subtest("Run container as root with the default backend"):
|
||||
podman.succeed("tar cv --files-from /dev/null | podman import - scratchimg")
|
||||
podman.succeed(
|
||||
su_cmd(
|
||||
"podman run --runtime=runc -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10"
|
||||
"podman run -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10"
|
||||
)
|
||||
podman.succeed("podman ps | grep sleeping")
|
||||
podman.succeed("podman stop sleeping")
|
||||
podman.succeed("podman rm sleeping")
|
||||
|
||||
|
||||
podman.succeed(
|
||||
"mkdir -p /tmp/podman-run-1000/libpod && chown alice -R /tmp/podman-run-1000"
|
||||
)
|
||||
podman.succeed(su_cmd("podman ps | grep sleeping"))
|
||||
podman.succeed(su_cmd("podman stop sleeping"))
|
||||
podman.succeed(su_cmd("podman rm sleeping"))
|
||||
|
||||
|
||||
with subtest("Run container rootless with crun"):
|
||||
podman.succeed(su_cmd("tar cv --files-from /dev/null | podman import - scratchimg"))
|
||||
|
@ -74,6 +77,18 @@ import ./make-test-python.nix (
|
|||
podman.succeed(su_cmd("podman ps | grep sleeping"))
|
||||
podman.succeed(su_cmd("podman stop sleeping"))
|
||||
podman.succeed(su_cmd("podman rm sleeping"))
|
||||
# As of 2020-11-20, the runc backend doesn't work with cgroupsv2 yet, so we don't run that test.
|
||||
|
||||
with subtest("Run container rootless with the default backend"):
|
||||
podman.succeed(su_cmd("tar cv --files-from /dev/null | podman import - scratchimg"))
|
||||
podman.succeed(
|
||||
su_cmd(
|
||||
"podman run -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10"
|
||||
)
|
||||
)
|
||||
podman.succeed(su_cmd("podman ps | grep sleeping"))
|
||||
podman.succeed(su_cmd("podman stop sleeping"))
|
||||
podman.succeed(su_cmd("podman rm sleeping"))
|
||||
'';
|
||||
}
|
||||
)
|
||||
|
|
58
third_party/nixpkgs/nixos/tests/rspamd.nix
vendored
58
third_party/nixpkgs/nixos/tests/rspamd.nix
vendored
|
@ -13,10 +13,12 @@ let
|
|||
machine.succeed("id rspamd >/dev/null")
|
||||
'';
|
||||
checkSocket = socket: user: group: mode: ''
|
||||
machine.succeed("ls ${socket} >/dev/null")
|
||||
machine.succeed('[[ "$(stat -c %U ${socket})" == "${user}" ]]')
|
||||
machine.succeed('[[ "$(stat -c %G ${socket})" == "${group}" ]]')
|
||||
machine.succeed('[[ "$(stat -c %a ${socket})" == "${mode}" ]]')
|
||||
machine.succeed(
|
||||
"ls ${socket} >/dev/null",
|
||||
'[[ "$(stat -c %U ${socket})" == "${user}" ]]',
|
||||
'[[ "$(stat -c %G ${socket})" == "${group}" ]]',
|
||||
'[[ "$(stat -c %a ${socket})" == "${mode}" ]]',
|
||||
)
|
||||
'';
|
||||
simple = name: enableIPv6: makeTest {
|
||||
name = "rspamd-${name}";
|
||||
|
@ -54,33 +56,35 @@ in
|
|||
services.rspamd = {
|
||||
enable = true;
|
||||
workers.normal.bindSockets = [{
|
||||
socket = "/run/rspamd.sock";
|
||||
socket = "/run/rspamd/rspamd.sock";
|
||||
mode = "0600";
|
||||
owner = "root";
|
||||
group = "root";
|
||||
owner = "rspamd";
|
||||
group = "rspamd";
|
||||
}];
|
||||
workers.controller.bindSockets = [{
|
||||
socket = "/run/rspamd-worker.sock";
|
||||
socket = "/run/rspamd/rspamd-worker.sock";
|
||||
mode = "0666";
|
||||
owner = "root";
|
||||
group = "root";
|
||||
owner = "rspamd";
|
||||
group = "rspamd";
|
||||
}];
|
||||
};
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
${initMachine}
|
||||
machine.wait_for_file("/run/rspamd.sock")
|
||||
${checkSocket "/run/rspamd.sock" "root" "root" "600" }
|
||||
${checkSocket "/run/rspamd-worker.sock" "root" "root" "666" }
|
||||
machine.wait_for_file("/run/rspamd/rspamd.sock")
|
||||
${checkSocket "/run/rspamd/rspamd.sock" "rspamd" "rspamd" "600" }
|
||||
${checkSocket "/run/rspamd/rspamd-worker.sock" "rspamd" "rspamd" "666" }
|
||||
machine.log(machine.succeed("cat /etc/rspamd/rspamd.conf"))
|
||||
machine.log(
|
||||
machine.succeed("grep 'CONFDIR/worker-controller.inc' /etc/rspamd/rspamd.conf")
|
||||
)
|
||||
machine.log(machine.succeed("grep 'CONFDIR/worker-normal.inc' /etc/rspamd/rspamd.conf"))
|
||||
machine.log(machine.succeed("rspamc -h /run/rspamd-worker.sock stat"))
|
||||
machine.log(machine.succeed("rspamc -h /run/rspamd/rspamd-worker.sock stat"))
|
||||
machine.log(
|
||||
machine.succeed("curl --unix-socket /run/rspamd-worker.sock http://localhost/ping")
|
||||
machine.succeed(
|
||||
"curl --unix-socket /run/rspamd/rspamd-worker.sock http://localhost/ping"
|
||||
)
|
||||
)
|
||||
'';
|
||||
};
|
||||
|
@ -91,16 +95,16 @@ in
|
|||
services.rspamd = {
|
||||
enable = true;
|
||||
workers.normal.bindSockets = [{
|
||||
socket = "/run/rspamd.sock";
|
||||
socket = "/run/rspamd/rspamd.sock";
|
||||
mode = "0600";
|
||||
owner = "root";
|
||||
group = "root";
|
||||
owner = "rspamd";
|
||||
group = "rspamd";
|
||||
}];
|
||||
workers.controller.bindSockets = [{
|
||||
socket = "/run/rspamd-worker.sock";
|
||||
socket = "/run/rspamd/rspamd-worker.sock";
|
||||
mode = "0666";
|
||||
owner = "root";
|
||||
group = "root";
|
||||
owner = "rspamd";
|
||||
group = "rspamd";
|
||||
}];
|
||||
workers.controller2 = {
|
||||
type = "controller";
|
||||
|
@ -116,9 +120,9 @@ in
|
|||
|
||||
testScript = ''
|
||||
${initMachine}
|
||||
machine.wait_for_file("/run/rspamd.sock")
|
||||
${checkSocket "/run/rspamd.sock" "root" "root" "600" }
|
||||
${checkSocket "/run/rspamd-worker.sock" "root" "root" "666" }
|
||||
machine.wait_for_file("/run/rspamd/rspamd.sock")
|
||||
${checkSocket "/run/rspamd/rspamd.sock" "rspamd" "rspamd" "600" }
|
||||
${checkSocket "/run/rspamd/rspamd-worker.sock" "rspamd" "rspamd" "666" }
|
||||
machine.log(machine.succeed("cat /etc/rspamd/rspamd.conf"))
|
||||
machine.log(
|
||||
machine.succeed("grep 'CONFDIR/worker-controller.inc' /etc/rspamd/rspamd.conf")
|
||||
|
@ -137,9 +141,11 @@ in
|
|||
machine.wait_until_succeeds(
|
||||
"journalctl -u rspamd | grep -i 'starting controller process' >&2"
|
||||
)
|
||||
machine.log(machine.succeed("rspamc -h /run/rspamd-worker.sock stat"))
|
||||
machine.log(machine.succeed("rspamc -h /run/rspamd/rspamd-worker.sock stat"))
|
||||
machine.log(
|
||||
machine.succeed("curl --unix-socket /run/rspamd-worker.sock http://localhost/ping")
|
||||
machine.succeed(
|
||||
"curl --unix-socket /run/rspamd/rspamd-worker.sock http://localhost/ping"
|
||||
)
|
||||
)
|
||||
machine.log(machine.succeed("curl http://localhost:11335/ping"))
|
||||
'';
|
||||
|
|
35
third_party/nixpkgs/nixos/tests/systemd.nix
vendored
35
third_party/nixpkgs/nixos/tests/systemd.nix
vendored
|
@ -82,6 +82,10 @@ import ./make-test-python.nix ({ pkgs, ... }: {
|
|||
"systemd-run --pty --property=Type=oneshot --property=DynamicUser=yes --property=User=iamatest whoami"
|
||||
)
|
||||
|
||||
with subtest("regression test for https://bugs.freedesktop.org/show_bug.cgi?id=77507"):
|
||||
retcode, output = machine.execute("systemctl status testservice1.service")
|
||||
assert retcode in [0, 3] # https://bugs.freedesktop.org/show_bug.cgi?id=77507
|
||||
|
||||
# Regression test for https://github.com/NixOS/nixpkgs/issues/35268
|
||||
with subtest("file system with x-initrd.mount is not unmounted"):
|
||||
machine.succeed("mountpoint -q /test-x-initrd-mount")
|
||||
|
@ -122,17 +126,6 @@ import ./make-test-python.nix ({ pkgs, ... }: {
|
|||
machine.wait_for_unit("multi-user.target")
|
||||
assert "fq_codel" in machine.succeed("sysctl net.core.default_qdisc")
|
||||
|
||||
# Test cgroup accounting is enabled
|
||||
with subtest("systemd cgroup accounting is enabled"):
|
||||
machine.wait_for_unit("multi-user.target")
|
||||
assert "yes" in machine.succeed(
|
||||
"systemctl show testservice1.service -p IOAccounting"
|
||||
)
|
||||
|
||||
retcode, output = machine.execute("systemctl status testservice1.service")
|
||||
assert retcode in [0, 3] # https://bugs.freedesktop.org/show_bug.cgi?id=77507
|
||||
assert "CPU:" in output
|
||||
|
||||
# Test systemd is configured to manage a watchdog
|
||||
with subtest("systemd manages hardware watchdog"):
|
||||
machine.wait_for_unit("multi-user.target")
|
||||
|
@ -168,5 +161,25 @@ import ./make-test-python.nix ({ pkgs, ... }: {
|
|||
machine.succeed("systemctl status systemd-cryptsetup@luks1.service")
|
||||
machine.succeed("mkdir -p /tmp/luks1")
|
||||
machine.succeed("mount /dev/mapper/luks1 /tmp/luks1")
|
||||
|
||||
# Do some IP traffic
|
||||
output_ping = machine.succeed(
|
||||
"systemd-run --wait -- /run/wrappers/bin/ping -c 1 127.0.0.1 2>&1"
|
||||
)
|
||||
|
||||
with subtest("systemd reports accounting data on system.slice"):
|
||||
output = machine.succeed("systemctl status system.slice")
|
||||
assert "CPU:" in output
|
||||
assert "Memory:" in output
|
||||
|
||||
assert "IP:" in output
|
||||
assert "0B in, 0B out" not in output
|
||||
|
||||
assert "IO:" in output
|
||||
assert "0B read, 0B written" not in output
|
||||
|
||||
with subtest("systemd per-unit accounting works"):
|
||||
assert "IP traffic received: 84B" in output_ping
|
||||
assert "IP traffic sent: 84B" in output_ping
|
||||
'';
|
||||
})
|
||||
|
|
18
third_party/nixpkgs/nixos/tests/ucg.nix
vendored
Normal file
18
third_party/nixpkgs/nixos/tests/ucg.nix
vendored
Normal file
|
@ -0,0 +1,18 @@
|
|||
import ./make-test-python.nix ({ pkgs, ... }: {
|
||||
name = "ucg";
|
||||
meta = with pkgs.stdenv.lib.maintainers; {
|
||||
maintainers = [ AndersonTorres ];
|
||||
};
|
||||
|
||||
machine = { pkgs, ... }: {
|
||||
environment.systemPackages = [ pkgs.ucg ];
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
machine.succeed("echo 'Lorem ipsum dolor sit amet\n2.7182818284590' > /tmp/foo")
|
||||
assert "dolor" in machine.succeed("ucg 'dolor' /tmp/foo")
|
||||
assert "Lorem" in machine.succeed("ucg --ignore-case 'lorem' /tmp/foo")
|
||||
machine.fail("ucg --word-regexp '2718' /tmp/foo")
|
||||
machine.fail("ucg 'pisum' /tmp/foo")
|
||||
'';
|
||||
})
|
37
third_party/nixpkgs/nixos/tests/vector.nix
vendored
Normal file
37
third_party/nixpkgs/nixos/tests/vector.nix
vendored
Normal file
|
@ -0,0 +1,37 @@
|
|||
{ system ? builtins.currentSystem, config ? { }
|
||||
, pkgs ? import ../.. { inherit system config; } }:
|
||||
|
||||
with import ../lib/testing-python.nix { inherit system pkgs; };
|
||||
with pkgs.lib;
|
||||
|
||||
{
|
||||
test1 = makeTest {
|
||||
name = "vector-test1";
|
||||
meta.maintainers = [ pkgs.stdenv.lib.maintainers.happysalada ];
|
||||
|
||||
machine = { config, pkgs, ... }: {
|
||||
services.vector = {
|
||||
enable = true;
|
||||
journaldAccess = true;
|
||||
settings = {
|
||||
sources.journald.type = "journald";
|
||||
|
||||
sinks = {
|
||||
file = {
|
||||
type = "file";
|
||||
inputs = [ "journald" ];
|
||||
path = "/var/lib/vector/logs.log";
|
||||
encoding = { codec = "ndjson"; };
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
# ensure vector is forwarding the messages appropriately
|
||||
testScript = ''
|
||||
machine.wait_for_unit("vector.service")
|
||||
machine.succeed("test -f /var/lib/vector/logs.log")
|
||||
'';
|
||||
};
|
||||
}
|
|
@ -96,5 +96,7 @@ mkDerivation rec {
|
|||
license = stdenv.lib.licenses.gpl2Plus;
|
||||
maintainers = with stdenv.lib.maintainers; [ worldofpeace ];
|
||||
platforms = [ "x86_64-linux" ];
|
||||
# Needs QT 5.14
|
||||
broken = true;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
{ stdenv
|
||||
, fetchFromGitHub
|
||||
, unstableGitUpdater
|
||||
, SDL
|
||||
, jack2
|
||||
, Foundation
|
||||
|
@ -42,6 +43,8 @@ stdenv.mkDerivation rec {
|
|||
installPhase = let extension = if stdenv.isDarwin then "app" else "deb-exe";
|
||||
in "install -Dm555 lgpt.${extension} $out/bin/lgpt";
|
||||
|
||||
passthru.updateScript = unstableGitUpdater { };
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "A music tracker similar to lsdj optimised to run on portable game consoles";
|
||||
longDescription = ''
|
||||
|
|
|
@ -2,14 +2,14 @@
|
|||
, usePulseAudio ? config.pulseaudio or false, libpulseaudio }:
|
||||
|
||||
let
|
||||
version = "0.5.3";
|
||||
version = "0.5.4";
|
||||
in stdenv.mkDerivation {
|
||||
pname = "openmpt123";
|
||||
inherit version;
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://lib.openmpt.org/files/libopenmpt/src/libopenmpt-${version}+release.autotools.tar.gz";
|
||||
sha256 = "1f155yf5v57dwhzb7z0kh67lckr3yq4x8040dm54qgbxw582la77";
|
||||
sha256 = "0h7gpjx1221jwsq3k91p8zhf1h77qaxyasakc88s3g57vawhckgk";
|
||||
};
|
||||
|
||||
enableParallelBuilding = true;
|
||||
|
|
|
@ -21,14 +21,14 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "deja-dup";
|
||||
version = "42.5";
|
||||
version = "42.6";
|
||||
|
||||
src = fetchFromGitLab {
|
||||
domain = "gitlab.gnome.org";
|
||||
owner = "World";
|
||||
repo = pname;
|
||||
rev = version;
|
||||
sha256 = "1xgsd9a9y36lv6f2vjw2nxi9zj2zl1gv6rcyzkqajf91vgmxwf8k";
|
||||
sha256 = "0grwlfakrnr9ij7h8lsfazlws6qix8pl50dr94cpxnnbjga9xn9z";
|
||||
};
|
||||
|
||||
patches = [
|
||||
|
|
|
@ -15,19 +15,17 @@ in
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "btcpayserver";
|
||||
version = "1.0.5.5";
|
||||
version = "1.0.5.9";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = pname;
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "11h1nrmb7f44msbhhiz9ddqh5ss2kz6d8ysnvd070x3xj5krgnxz";
|
||||
sha256 = "011pp94i49fx587ng16m6ml63vwiysjvpkijihrk6xamz78zddgx";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ dotnetSdk dotnetPackages.Nuget ];
|
||||
nativeBuildInputs = [ dotnetSdk dotnetPackages.Nuget makeWrapper ];
|
||||
|
||||
# Due to a bug in btcpayserver, we can't just `dotnet publish` to create a binary.
|
||||
# Build with `dotnet build` instead and add a custom `dotnet run` script.
|
||||
buildPhase = ''
|
||||
export HOME=$TMP/home
|
||||
export DOTNET_CLI_TELEMETRY_OPTOUT=1
|
||||
|
@ -37,21 +35,15 @@ stdenv.mkDerivation rec {
|
|||
nuget init ${linkFarmFromDrvs "deps" deps} $TMP/nuget
|
||||
|
||||
dotnet restore --source $TMP/nuget BTCPayServer/BTCPayServer.csproj
|
||||
dotnet build -c Release BTCPayServer/BTCPayServer.csproj
|
||||
'';
|
||||
|
||||
runScript = ''
|
||||
#!${bash}/bin/bash
|
||||
DOTNET_CLI_TELEMETRY_OPTOUT=1 exec ${dotnetSdk}/bin/dotnet run --no-launch-profile --no-build \
|
||||
-c Release -p @@SHARE@@/BTCPayServer/BTCPayServer.csproj -- "$@"
|
||||
dotnet publish --no-restore --output $out/share/$pname -c Release BTCPayServer/BTCPayServer.csproj
|
||||
'';
|
||||
|
||||
# btcpayserver requires the publish directory as its working dir
|
||||
# https://github.com/btcpayserver/btcpayserver/issues/1894
|
||||
installPhase = ''
|
||||
cd ..
|
||||
share=$out/share/$pname
|
||||
mkdir -p $share
|
||||
mv -T source $share
|
||||
install -D -m500 <(echo "$runScript" | sed "s|@@SHARE@@|$share|") $out/bin/$pname
|
||||
makeWrapper $out/share/$pname/BTCPayServer $out/bin/$pname \
|
||||
--set DOTNET_ROOT "${dotnetSdk}" \
|
||||
--run "cd $out/share/$pname"
|
||||
'';
|
||||
|
||||
dontStrip = true;
|
||||
|
|
29
third_party/nixpkgs/pkgs/applications/blockchains/btcpayserver/deps.nix
generated
vendored
29
third_party/nixpkgs/pkgs/applications/blockchains/btcpayserver/deps.nix
generated
vendored
|
@ -21,8 +21,8 @@
|
|||
})
|
||||
(fetchNuGet {
|
||||
name = "BTCPayServer.Lightning.All";
|
||||
version = "1.2.3";
|
||||
sha256 = "1vx47rb505904pz30n5jzc9x42pcfln695l31q4dv5p4fbf10g4q";
|
||||
version = "1.2.4";
|
||||
sha256 = "1f4wgs8ijk1wmppz5lmas7l6m83szz57jyk6ak0dxhccdld9rdaj";
|
||||
})
|
||||
(fetchNuGet {
|
||||
name = "BTCPayServer.Lightning.Charge";
|
||||
|
@ -31,8 +31,8 @@
|
|||
})
|
||||
(fetchNuGet {
|
||||
name = "BTCPayServer.Lightning.CLightning";
|
||||
version = "1.2.0";
|
||||
sha256 = "0a47fz20ngcz90h2y01isi2h940jljcmnfy6wyknj029sii7i1zs";
|
||||
version = "1.2.1";
|
||||
sha256 = "14km69jzmnyqg19w27g6znml4z0xkm8l4j7rj0x36bw67cjmgahv";
|
||||
})
|
||||
(fetchNuGet {
|
||||
name = "BTCPayServer.Lightning.Common";
|
||||
|
@ -706,8 +706,8 @@
|
|||
})
|
||||
(fetchNuGet {
|
||||
name = "NBitcoin.Altcoins";
|
||||
version = "2.0.16";
|
||||
sha256 = "0fsdb96k5lwyq4d7h7yg91qghima08yk0bsw5cvr4h2jsfphk423";
|
||||
version = "2.0.21";
|
||||
sha256 = "0xmygiwjlia7fbxy63893jb15g6fxggxxr9bbm8znd9bs3jzp2g1";
|
||||
})
|
||||
(fetchNuGet {
|
||||
name = "NBitcoin";
|
||||
|
@ -726,13 +726,8 @@
|
|||
})
|
||||
(fetchNuGet {
|
||||
name = "NBitcoin";
|
||||
version = "5.0.45";
|
||||
sha256 = "102vwxwkg367yxv26hycnc7hjxlv2zvsgr8g6adw8dmzsxck5fwk";
|
||||
})
|
||||
(fetchNuGet {
|
||||
name = "NBitcoin";
|
||||
version = "5.0.51";
|
||||
sha256 = "0rg014sl7rqscnranwyfk41xfr5ccjqyx7aidfl5mh0znz44db2g";
|
||||
version = "5.0.60";
|
||||
sha256 = "0pin4ldfz5lfxyd47mj1ypyp8lmj0v5nq5zvygdjna956vphd39v";
|
||||
})
|
||||
(fetchNuGet {
|
||||
name = "NBitpayClient";
|
||||
|
@ -741,8 +736,8 @@
|
|||
})
|
||||
(fetchNuGet {
|
||||
name = "NBXplorer.Client";
|
||||
version = "3.0.17";
|
||||
sha256 = "0xx2xshgpci9l9883zpqnmgchpizygy0hcq2wp2ch6yf3hbrj9qq";
|
||||
version = "3.0.19";
|
||||
sha256 = "0nahfxdsryf5snjy87770m51v2jcry02lmb10ilsg4h2ig4pjdk4";
|
||||
})
|
||||
(fetchNuGet {
|
||||
name = "NETStandard.Library";
|
||||
|
@ -956,8 +951,8 @@
|
|||
})
|
||||
(fetchNuGet {
|
||||
name = "Selenium.WebDriver.ChromeDriver";
|
||||
version = "83.0.4103.3900";
|
||||
sha256 = "17j9b637209nm5cs5sgr3vflphkhaxpm8bcjizhgj65r52gn17as";
|
||||
version = "85.0.4183.8700";
|
||||
sha256 = "0klyqmwa6yc0ibbmci51mzb2vl6n13qlk06chc9w78i0a43fs382";
|
||||
})
|
||||
(fetchNuGet {
|
||||
name = "Selenium.WebDriver";
|
||||
|
|
|
@ -4,11 +4,11 @@ cups, vivaldi-ffmpeg-codecs, libpulseaudio, at-spi2-core }:
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "exodus";
|
||||
version = "20.11.21";
|
||||
version = "20.11.23";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://downloads.exodus.io/releases/${pname}-linux-x64-${version}.zip";
|
||||
sha256 = "1q6sh2jhngvihkxjprkcd1php6r7m6qkxsijx8d3azzlgj9nbf2n";
|
||||
sha256 = "0hcvgph2m4nbrarhw2cggc8q5jxwnibiz2mbkypgizphk5svdj9l";
|
||||
};
|
||||
|
||||
sourceRoot = ".";
|
||||
|
|
|
@ -15,13 +15,13 @@ in
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "nbxplorer";
|
||||
version = "2.1.42";
|
||||
version = "2.1.46";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "dgarage";
|
||||
repo = "NBXplorer";
|
||||
rev = "v${version}";
|
||||
sha256 = "01q6n7095rrha00xs3l7igzfb9rd743z8crxa2dcz4q5srapfzpi";
|
||||
sha256 = "1aph7yiwmch7s7x1qkzqv1shs3v6kg8i2s7266la0yp9ksf3w35p";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ dotnetSdk dotnetPackages.Nuget makeWrapper ];
|
||||
|
|
37
third_party/nixpkgs/pkgs/applications/blockchains/nbxplorer/deps.nix
generated
vendored
37
third_party/nixpkgs/pkgs/applications/blockchains/nbxplorer/deps.nix
generated
vendored
|
@ -31,8 +31,8 @@
|
|||
})
|
||||
(fetchNuGet {
|
||||
name = "Microsoft.CodeCoverage";
|
||||
version = "16.6.1";
|
||||
sha256 = "01ffm4nflqdb93vq4xl0j3377x360fgx6c6h12mpkcy85ixbv3rl";
|
||||
version = "16.7.1";
|
||||
sha256 = "1farw63445cdyciplfs6l9j1gayxw16rkzmrwsiswfyjhqz70xd4";
|
||||
})
|
||||
(fetchNuGet {
|
||||
name = "Microsoft.CSharp";
|
||||
|
@ -126,8 +126,8 @@
|
|||
})
|
||||
(fetchNuGet {
|
||||
name = "Microsoft.NET.Test.Sdk";
|
||||
version = "16.6.1";
|
||||
sha256 = "0jjdg468jc6pv2z764f3xc19lcr772nzjm9cjfqq3bqw8vkpzmhv";
|
||||
version = "16.7.1";
|
||||
sha256 = "0yqxipj74ax2n76w9ccydppx78ym8m5fda88qnvj4670qjvl0kf8";
|
||||
})
|
||||
(fetchNuGet {
|
||||
name = "Microsoft.NETCore.Platforms";
|
||||
|
@ -156,13 +156,13 @@
|
|||
})
|
||||
(fetchNuGet {
|
||||
name = "Microsoft.TestPlatform.ObjectModel";
|
||||
version = "16.6.1";
|
||||
sha256 = "0q98q1nw6jl4bajm66z4a9vvh928w8ffsd3k6fpsps23ykpsky7h";
|
||||
version = "16.7.1";
|
||||
sha256 = "0s9dyh99gzdpk1i5v468i2r9m6i3jrr41r394pwdwiajsz99kay0";
|
||||
})
|
||||
(fetchNuGet {
|
||||
name = "Microsoft.TestPlatform.TestHost";
|
||||
version = "16.6.1";
|
||||
sha256 = "0anzvb2mda548swb2ll1hv65knb8gwjm01hwbl0pzzr607my3lix";
|
||||
version = "16.7.1";
|
||||
sha256 = "1xik06rxn9ps83in0zn9vcl2ibv3acmdqvrx07qq89lxj1sgqlhs";
|
||||
})
|
||||
(fetchNuGet {
|
||||
name = "Microsoft.Win32.Primitives";
|
||||
|
@ -181,18 +181,23 @@
|
|||
})
|
||||
(fetchNuGet {
|
||||
name = "NBitcoin.Altcoins";
|
||||
version = "2.0.19";
|
||||
sha256 = "12a3bf1pi6sq78z6h3clyczvycx7cjry8fby4fyi748wjwljjizz";
|
||||
version = "2.0.21";
|
||||
sha256 = "0xmygiwjlia7fbxy63893jb15g6fxggxxr9bbm8znd9bs3jzp2g1";
|
||||
})
|
||||
(fetchNuGet {
|
||||
name = "NBitcoin.TestFramework";
|
||||
version = "2.0.11";
|
||||
sha256 = "09jrbq9p5k67kdic2038s7q299y2nc8ij6m55m3m8hys7jdrrv05";
|
||||
version = "2.0.12";
|
||||
sha256 = "1d6lmymc9x3p74c8hc2x3m61ncnkqqgrddw9cw2m0zkvilkncsns";
|
||||
})
|
||||
(fetchNuGet {
|
||||
name = "NBitcoin";
|
||||
version = "5.0.54";
|
||||
sha256 = "0mx2gr8j8bc4mf1vi1fvqj3672qalxvzvincc61if79p46cik24b";
|
||||
version = "5.0.58";
|
||||
sha256 = "0qim9xbbj380254iyi1jsh2gnr90ddwd2593jw9a8bjwnlk7qr2c";
|
||||
})
|
||||
(fetchNuGet {
|
||||
name = "NBitcoin";
|
||||
version = "5.0.60";
|
||||
sha256 = "0pin4ldfz5lfxyd47mj1ypyp8lmj0v5nq5zvygdjna956vphd39v";
|
||||
})
|
||||
(fetchNuGet {
|
||||
name = "NETStandard.Library";
|
||||
|
@ -1061,8 +1066,8 @@
|
|||
})
|
||||
(fetchNuGet {
|
||||
name = "xunit.runner.visualstudio";
|
||||
version = "2.4.2";
|
||||
sha256 = "0fi85h43nyrhfc5jzg07znh01r7cpb7bpjdc6mzb9z1pm14ppfm6";
|
||||
version = "2.4.3";
|
||||
sha256 = "0j1d0rbcm7pp6dypi61sjxp8l22sv261252z55b243l39jgv2rp3";
|
||||
})
|
||||
(fetchNuGet {
|
||||
name = "xunit";
|
||||
|
|
|
@ -307,12 +307,12 @@ in
|
|||
|
||||
idea-community = buildIdea rec {
|
||||
name = "idea-community-${version}";
|
||||
version = "2020.2.4"; /* updated by script */
|
||||
version = "2020.3"; /* updated by script */
|
||||
description = "Integrated Development Environment (IDE) by Jetbrains, community edition";
|
||||
license = stdenv.lib.licenses.asl20;
|
||||
src = fetchurl {
|
||||
url = "https://download.jetbrains.com/idea/ideaIC-${version}.tar.gz";
|
||||
sha256 = "1rlw01aq6ci46xv4d4877k30309jjws29kwhriy98xf804msyzyb"; /* updated by script */
|
||||
sha256 = "0x1nsjw1m03iq7sd9i2qqlyribrzgi8yh6k5hnb630kvrxr8pxy6"; /* updated by script */
|
||||
};
|
||||
wmClass = "jetbrains-idea-ce";
|
||||
update-channel = "IntelliJ IDEA RELEASE";
|
||||
|
@ -320,12 +320,12 @@ in
|
|||
|
||||
idea-ultimate = buildIdea rec {
|
||||
name = "idea-ultimate-${version}";
|
||||
version = "2020.2.4"; /* updated by script */
|
||||
version = "2020.3"; /* updated by script */
|
||||
description = "Integrated Development Environment (IDE) by Jetbrains, requires paid license";
|
||||
license = stdenv.lib.licenses.unfree;
|
||||
src = fetchurl {
|
||||
url = "https://download.jetbrains.com/idea/ideaIU-${version}-no-jbr.tar.gz";
|
||||
sha256 = "05qr8jiasqxmkgi9v52g7hgpdf7pkkjcp42bbkh1f4zgvq81p5py"; /* updated by script */
|
||||
sha256 = "1l6bvfgzp27113rjy1y3jvp09cqx8gpnbgpwp83vsph7x0dhx8a3"; /* updated by script */
|
||||
};
|
||||
wmClass = "jetbrains-idea";
|
||||
update-channel = "IntelliJ IDEA RELEASE";
|
||||
|
@ -333,12 +333,12 @@ in
|
|||
|
||||
mps = buildMps rec {
|
||||
name = "mps-${version}";
|
||||
version = "2020.2.2"; /* updated by script */
|
||||
version = "2020.2.3"; /* updated by script */
|
||||
description = "Create your own domain-specific language";
|
||||
license = stdenv.lib.licenses.unfree;
|
||||
src = fetchurl {
|
||||
url = "https://download.jetbrains.com/mps/2020.2/MPS-${version}.tar.gz";
|
||||
sha256 = "1a09yahky8ii2dypj69m89c3yh7akn7sa74n0j0mff7r46ad421y"; /* updated by script */
|
||||
sha256 = "1wd3d8pc155m54y5p2056p0x93v2nv9457i7la53ibbs7rj1j7kw"; /* updated by script */
|
||||
};
|
||||
wmClass = "jetbrains-mps";
|
||||
update-channel = "MPS RELEASE";
|
||||
|
@ -359,12 +359,12 @@ in
|
|||
|
||||
pycharm-community = buildPycharm rec {
|
||||
name = "pycharm-community-${version}";
|
||||
version = "2020.2.4"; /* updated by script */
|
||||
version = "2020.2.5"; /* updated by script */
|
||||
description = "PyCharm Community Edition";
|
||||
license = stdenv.lib.licenses.asl20;
|
||||
src = fetchurl {
|
||||
url = "https://download.jetbrains.com/python/${name}.tar.gz";
|
||||
sha256 = "196hhb4n52a50w50awx01ksyl5dkrbdmnz8sb9di5ihni7043p97"; /* updated by script */
|
||||
sha256 = "0jkc26y3v94jj8q7dxq1py59is2whh45b890iac5adg6x670z3s6"; /* updated by script */
|
||||
};
|
||||
wmClass = "jetbrains-pycharm-ce";
|
||||
update-channel = "PyCharm RELEASE";
|
||||
|
@ -372,12 +372,12 @@ in
|
|||
|
||||
pycharm-professional = buildPycharm rec {
|
||||
name = "pycharm-professional-${version}";
|
||||
version = "2020.2.4"; /* updated by script */
|
||||
version = "2020.2.5"; /* updated by script */
|
||||
description = "PyCharm Professional Edition";
|
||||
license = stdenv.lib.licenses.unfree;
|
||||
src = fetchurl {
|
||||
url = "https://download.jetbrains.com/python/${name}.tar.gz";
|
||||
sha256 = "0dwd9gvi8n3igza95pil3mf7azxn131830rvfzdvnvrzj9yb2q8l"; /* updated by script */
|
||||
sha256 = "04imfgr45gvicjjgqzdcdmbnbiszjma3s40k2pgqs5nn6wbrw3dd"; /* updated by script */
|
||||
};
|
||||
wmClass = "jetbrains-pycharm";
|
||||
update-channel = "PyCharm RELEASE";
|
||||
|
@ -398,12 +398,12 @@ in
|
|||
|
||||
ruby-mine = buildRubyMine rec {
|
||||
name = "ruby-mine-${version}";
|
||||
version = "2020.2.4"; /* updated by script */
|
||||
version = "2020.3"; /* updated by script */
|
||||
description = "The Most Intelligent Ruby and Rails IDE";
|
||||
license = stdenv.lib.licenses.unfree;
|
||||
src = fetchurl {
|
||||
url = "https://download.jetbrains.com/ruby/RubyMine-${version}.tar.gz";
|
||||
sha256 = "0bpkl8phc16yjm7qjfbg42rm7sbfwbrjva7w0qiwiw9ibwvs90id"; /* updated by script */
|
||||
sha256 = "0ij6j9bxfqzj8gnrhhdgai22s1n5swd4waxd5zjvmv7q9j9cb2l5"; /* updated by script */
|
||||
};
|
||||
wmClass = "jetbrains-rubymine";
|
||||
update-channel = "RubyMine RELEASE";
|
||||
|
@ -411,12 +411,12 @@ in
|
|||
|
||||
webstorm = buildWebStorm rec {
|
||||
name = "webstorm-${version}";
|
||||
version = "2020.2.4"; /* updated by script */
|
||||
version = "2020.3"; /* updated by script */
|
||||
description = "Professional IDE for Web and JavaScript development";
|
||||
license = stdenv.lib.licenses.unfree;
|
||||
src = fetchurl {
|
||||
url = "https://download.jetbrains.com/webstorm/WebStorm-${version}.tar.gz";
|
||||
sha256 = "0l97nk9psb8g0sxm148fcz0x2v9mwqblffigrz2rmac3gd275s7f"; /* updated by script */
|
||||
sha256 = "0sk7slwfr9jasid09hxw81sik5srn35vif3pbzpybig3yszbv6ld"; /* updated by script */
|
||||
};
|
||||
wmClass = "jetbrains-webstorm";
|
||||
update-channel = "WebStorm RELEASE";
|
||||
|
|
|
@ -12,4 +12,5 @@
|
|||
kak-powerline = pkgs.callPackage ./kak-powerline.nix { };
|
||||
kak-prelude = pkgs.callPackage ./kak-prelude.nix { };
|
||||
kak-vertical-selection = pkgs.callPackage ./kak-vertical-selection.nix { };
|
||||
openscad-kak = pkgs.callPackage ./openscad.kak.nix { };
|
||||
}
|
||||
|
|
25
third_party/nixpkgs/pkgs/applications/editors/kakoune/plugins/openscad.kak.nix
vendored
Normal file
25
third_party/nixpkgs/pkgs/applications/editors/kakoune/plugins/openscad.kak.nix
vendored
Normal file
|
@ -0,0 +1,25 @@
|
|||
{ stdenv, fetchFromGitHub }:
|
||||
|
||||
stdenv.mkDerivation {
|
||||
pname = "openscad.kak";
|
||||
version = "unstable-2019-11-08";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "mayjs";
|
||||
repo = "openscad.kak";
|
||||
rev = "d9143d5e7834e3356b49720664d5647cab9db7cc";
|
||||
sha256 = "0j4dqhrn56z77hdalfdxagwz8h6nwr8s9i4w0bs2644k72lsm2ix";
|
||||
};
|
||||
|
||||
installPhase = ''
|
||||
install -Dm644 rc/openscad.kak -t $out/share/kak/autoload/plugins/
|
||||
'';
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "Syntax highlighting for OpenSCAD files";
|
||||
homepage = "https://github.com/mayjs/openscad.kak";
|
||||
license = licenses.unlicense;
|
||||
maintainers = with maintainers; [ eraserhd ];
|
||||
platforms = platforms.all;
|
||||
};
|
||||
}
|
|
@ -16,11 +16,11 @@ let
|
|||
|
||||
in stdenv.mkDerivation rec {
|
||||
pname = "nano";
|
||||
version = "5.3";
|
||||
version = "5.4";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://gnu/nano/${pname}-${version}.tar.xz";
|
||||
sha256 = "0lj3fcfzprmv9raydx8yq25lw81bs6g40rhd0fv9d6idcb7wphf5";
|
||||
sha256 = "1sc6xl9935k9s9clkv83hapijka4qknfnj6f15c3b1i2n84396gy";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ texinfo ] ++ optional enableNls gettext;
|
||||
|
|
|
@ -53,5 +53,8 @@ in mkDerivation rec {
|
|||
license = lib.licenses.gpl2Plus;
|
||||
platforms = with lib.platforms; linux;
|
||||
maintainers = with lib.maintainers; [ lsix ];
|
||||
# Our 3.10 LTS cannot use a newer Qt (5.15) version because it requires qtwebkit
|
||||
# and our qtwebkit fails to build with 5.15. 01bcfd3579219d60e5d07df309a000f96b2b658b
|
||||
broken = true;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -5,11 +5,11 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "avocode";
|
||||
version = "4.10.3";
|
||||
version = "4.10.4";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://media.avocode.com/download/avocode-app/${version}/avocode-${version}-linux.zip";
|
||||
sha256 = "1ngyd3sfnhf8hpi015pgbms5bspc30lzrpfpw3jp992i4mzcjq0z";
|
||||
sha256 = "06xf5y2mljk3pd74ap9n90bhhidbzpg5c6wws361ygd4f3x86c46";
|
||||
};
|
||||
|
||||
libPath = stdenv.lib.makeLibraryPath (with xorg; [
|
||||
|
|
|
@ -7,11 +7,11 @@ with stdenv.lib;
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "feh";
|
||||
version = "3.5";
|
||||
version = "3.6";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://feh.finalrewind.org/${pname}-${version}.tar.bz2";
|
||||
sha256 = "07jklibpi4ig9pbdrwhllsfffxn2h8xf4ma36qii00w4hb69v3rq";
|
||||
sha256 = "1n6gbyzlc3kx2cq9wfz7azn7mrjmcc9pq436k1n4mrh0lik5sxw7";
|
||||
};
|
||||
|
||||
outputs = [ "out" "man" "doc" ];
|
||||
|
|
|
@ -21,13 +21,13 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "fondo";
|
||||
version = "1.3.10";
|
||||
version = "1.4.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "calo001";
|
||||
repo = pname;
|
||||
rev = version;
|
||||
sha256 = "0yrbcngmwhn5gl5if9w2cx8shh33zk5fd6iqwnapsq8y0lzq6ppr";
|
||||
sha256 = "0cdcn4qmdryk2x327f1z3pq8pg4cb0q1jr779gh8s6nqajyk8nqm";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
|
|
@ -18,7 +18,7 @@
|
|||
, typescript
|
||||
}:
|
||||
stdenv.mkDerivation rec {
|
||||
name = "imgbrd-grabber";
|
||||
pname = "imgbrd-grabber";
|
||||
|
||||
version = "7.3.2";
|
||||
src = fetchFromGitHub {
|
||||
|
@ -84,4 +84,11 @@ stdenv.mkDerivation rec {
|
|||
'';
|
||||
|
||||
sourceRoot = "source/src";
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "Very customizable imageboard/booru downloader with powerful filenaming features";
|
||||
license = licenses.asl20;
|
||||
homepage = "https://bionus.github.io/imgbrd-grabber/";
|
||||
maintainers = [ maintainers.evanjs ];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -2,13 +2,13 @@
|
|||
|
||||
buildPythonApplication rec {
|
||||
pname = "imgp";
|
||||
version = "2.7";
|
||||
version = "2.8";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "jarun";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "13r4fn3dd0nyidfhrr7zzpls5ifbyqdwxhyvpkqr8ahchws7wfc6";
|
||||
sha256 = "1miabaxd5pwxn0va4drzj1d4ppxvyqsrrd4xw1j6qr52yci0lms8";
|
||||
};
|
||||
|
||||
propagatedBuildInputs = [ pillow ];
|
||||
|
|
|
@ -1,8 +1,12 @@
|
|||
{ stdenv, buildGoPackage, fetchFromGitHub }:
|
||||
{ stdenv
|
||||
, buildGoPackage
|
||||
, unstableGitUpdater
|
||||
, fetchFromGitHub
|
||||
}:
|
||||
|
||||
buildGoPackage rec {
|
||||
pname = "meme-unstable";
|
||||
version = "2017-09-10";
|
||||
pname = "meme";
|
||||
version = "unstable-2017-09-10";
|
||||
|
||||
owner = "nomad-software";
|
||||
repo = "meme";
|
||||
|
@ -14,6 +18,8 @@ buildGoPackage rec {
|
|||
sha256 = "1gbsv1d58ck6mj89q31s5b0ppw51ab76yqgz39jgwqnkidvzdfly";
|
||||
};
|
||||
|
||||
passthru.updateScript = unstableGitUpdater { };
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "A command line utility for creating image macro style memes";
|
||||
homepage = "https://github.com/nomad-software/meme";
|
||||
|
|
|
@ -4,13 +4,13 @@
|
|||
|
||||
stdenv.mkDerivation (rec {
|
||||
pname = "pqiv";
|
||||
version = "2.11";
|
||||
version = "2.12";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "phillipberndt";
|
||||
repo = "pqiv";
|
||||
rev = version;
|
||||
sha256 = "06cwm28b7j1skwp21s5snmj1pqh3xh6y2i5v4w3pz0b8k3053h9i";
|
||||
sha256 = "18nvrqmlifh4m8nfs0d19sb9d1l3a95xc89qxqdr881jcxdsgflw";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ pkgconfig ];
|
||||
|
|
|
@ -13,14 +13,14 @@ let
|
|||
pythonPackages = python3Packages;
|
||||
in
|
||||
mkDerivation rec {
|
||||
version = "1.10";
|
||||
version = "1.11";
|
||||
pname = "renderdoc";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "baldurk";
|
||||
repo = "renderdoc";
|
||||
rev = "v${version}";
|
||||
sha256 = "1ibf2lv3q69fkzv1nsva2mbdjlayrpxicrd96d9nfcw64f2mv6ds";
|
||||
sha256 = "01r4fq03fpyhwvn47wx3dw29vcadcd0qml00h36q38cq3pi9x42j";
|
||||
};
|
||||
|
||||
buildInputs = [
|
||||
|
|
57
third_party/nixpkgs/pkgs/applications/misc/archivy/default.nix
vendored
Normal file
57
third_party/nixpkgs/pkgs/applications/misc/archivy/default.nix
vendored
Normal file
|
@ -0,0 +1,57 @@
|
|||
{ stdenv, lib, python3, fetchPypi, appdirs, attrs, requests,
|
||||
beautifulsoup4, click-plugins, elasticsearch, flask_login, flask_wtf,
|
||||
pypandoc, python-dotenv, python-frontmatter, tinydb, validators,
|
||||
watchdog, wtforms }:
|
||||
|
||||
python3.pkgs.buildPythonApplication rec {
|
||||
pname = "archivy";
|
||||
version = "0.8.5";
|
||||
|
||||
src = fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "144ckgxjaw29yp5flyxd1rnkm7hlim4zgy6xng7x0a9j54h527iq";
|
||||
};
|
||||
|
||||
# Relax some dependencies
|
||||
postPatch = ''
|
||||
substituteInPlace requirements.txt \
|
||||
--replace 'validators ==' 'validators >=' \
|
||||
--replace 'elasticsearch ==' 'elasticsearch >=' \
|
||||
--replace 'python-dotenv ==' 'python-dotenv >=' \
|
||||
--replace 'beautifulsoup4 ==' 'beautifulsoup4 >=' \
|
||||
--replace 'WTForms ==' 'WTForms >=' \
|
||||
--replace 'python_dotenv ==' 'python_dotenv >=' \
|
||||
--replace 'attrs == 20.2.0' 'attrs' \
|
||||
--replace 'python_frontmatter == 0.5.0' 'python_frontmatter' \
|
||||
--replace 'requests ==' 'requests >='
|
||||
'';
|
||||
|
||||
propagatedBuildInputs = [
|
||||
appdirs
|
||||
attrs
|
||||
beautifulsoup4
|
||||
click-plugins
|
||||
elasticsearch
|
||||
flask_login
|
||||
flask_wtf
|
||||
pypandoc
|
||||
python-dotenv
|
||||
python-frontmatter
|
||||
tinydb
|
||||
requests
|
||||
validators
|
||||
watchdog
|
||||
wtforms
|
||||
];
|
||||
|
||||
# __init__.py attempts to mkdir in read-only file system
|
||||
doCheck = false;
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "Self-hosted knowledge repository";
|
||||
homepage = "https://archivy.github.io";
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ siraben ];
|
||||
platforms = platforms.unix;
|
||||
};
|
||||
}
|
|
@ -1,85 +0,0 @@
|
|||
{ stdenv
|
||||
, fetchFromGitHub
|
||||
, cmake
|
||||
, jsoncpp
|
||||
, libjson-rpc-cpp
|
||||
, curl
|
||||
, boost
|
||||
, leveldb
|
||||
, cryptopp
|
||||
, libcpuid
|
||||
, opencl-headers
|
||||
, ocl-icd
|
||||
, miniupnpc
|
||||
, libmicrohttpd
|
||||
, gmp
|
||||
, libGLU, libGL
|
||||
, extraCmakeFlags ? []
|
||||
}:
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "cpp-ethereum";
|
||||
version = "1.3.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "ethereum";
|
||||
repo = "cpp-ethereum";
|
||||
rev = "62ab9522e58df9f28d2168ea27999a214b16ea96";
|
||||
sha256 = "1fxgpqhmjhpv0zzs1m3yf9h8mh25dqpa7pmcfy7f9qiqpfdr4zq9";
|
||||
};
|
||||
|
||||
cmakeFlags = [ "-DCMAKE_BUILD_TYPE=Release" extraCmakeFlags ];
|
||||
|
||||
configurePhase = ''
|
||||
export BOOST_INCLUDEDIR=${boost.dev}/include
|
||||
export BOOST_LIBRARYDIR=${boost.out}/lib
|
||||
|
||||
mkdir -p Build/Install
|
||||
pushd Build
|
||||
|
||||
cmake .. -DCMAKE_INSTALL_PREFIX=$(pwd)/Install $cmakeFlags
|
||||
'';
|
||||
|
||||
enableParallelBuilding = true;
|
||||
|
||||
runPath = with stdenv.lib; makeLibraryPath ([ stdenv.cc.cc ] ++ buildInputs);
|
||||
|
||||
installPhase = ''
|
||||
make install
|
||||
|
||||
mkdir -p $out
|
||||
|
||||
for f in Install/lib/*.so* $(find Install/bin -executable -type f); do
|
||||
patchelf --set-rpath $runPath:$out/lib $f
|
||||
done
|
||||
|
||||
cp -r Install/* $out
|
||||
'';
|
||||
|
||||
buildInputs = [
|
||||
cmake
|
||||
jsoncpp
|
||||
libjson-rpc-cpp
|
||||
curl
|
||||
boost
|
||||
leveldb
|
||||
cryptopp
|
||||
libcpuid
|
||||
opencl-headers
|
||||
ocl-icd
|
||||
miniupnpc
|
||||
libmicrohttpd
|
||||
gmp
|
||||
libGLU libGL
|
||||
];
|
||||
|
||||
dontStrip = true;
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "Ethereum C++ client";
|
||||
homepage = "https://github.com/ethereum/cpp-ethereum";
|
||||
license = licenses.gpl3;
|
||||
maintainers = with maintainers; [ artuuge ];
|
||||
platforms = platforms.linux;
|
||||
broken = true; # 2018-04-10
|
||||
};
|
||||
}
|
|
@ -5,13 +5,13 @@
|
|||
|
||||
buildGoModule rec {
|
||||
pname = "dasel";
|
||||
version = "1.6.2";
|
||||
version = "1.8.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "TomWright";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-LGrFs9JNb0gjXg6IRkUfUOWS+sr1nukzOEWK4XUfkfw=";
|
||||
sha256 = "sha256-N27XmrbZTLeNkNvGDsChqKZrAagkQoGFaJeeZ1/Qnkw=";
|
||||
};
|
||||
|
||||
vendorSha256 = "1552k85z4s6gv7sss7dccv3h8x22j2sr12icp6s7s0a3i4iwyksw";
|
||||
|
|
|
@ -7,7 +7,7 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "dbeaver-ce";
|
||||
version = "7.2.5";
|
||||
version = "7.3.0";
|
||||
|
||||
desktopItem = makeDesktopItem {
|
||||
name = "dbeaver";
|
||||
|
@ -30,7 +30,7 @@ stdenv.mkDerivation rec {
|
|||
|
||||
src = fetchurl {
|
||||
url = "https://dbeaver.io/files/${version}/dbeaver-ce-${version}-linux.gtk.x86_64.tar.gz";
|
||||
sha256 = "sha256-CRyAeizhaSDmVFGRhrYIW0Ofli9HnkgItiAGRJAETQM=";
|
||||
sha256 = "sha256-JhEF2/97vo2FgzpCFkuc31aLl9qjKHV8RYXO5oBU1no=";
|
||||
};
|
||||
|
||||
installPhase = ''
|
||||
|
|
|
@ -8,11 +8,11 @@ GEM
|
|||
gemojione (4.3.3)
|
||||
json
|
||||
github-markup (3.0.5)
|
||||
gollum (5.1.1)
|
||||
gollum (5.1.2)
|
||||
gemojione (~> 4.1)
|
||||
gollum-lib (~> 5.0)
|
||||
kramdown (~> 2.3)
|
||||
kramdown-parser-gfm (~> 1.0.0)
|
||||
kramdown-parser-gfm (~> 1.1.0)
|
||||
mustache (>= 0.99.5, < 1.0.0)
|
||||
octicons (~> 8.5)
|
||||
rss (~> 0.2.9)
|
||||
|
@ -39,7 +39,7 @@ GEM
|
|||
json (2.3.1)
|
||||
kramdown (2.3.0)
|
||||
rexml
|
||||
kramdown-parser-gfm (1.0.1)
|
||||
kramdown-parser-gfm (1.1.0)
|
||||
kramdown (~> 2.0)
|
||||
loofah (2.8.0)
|
||||
crass (~> 1.0.2)
|
||||
|
|
|
@ -66,10 +66,10 @@
|
|||
platforms = [];
|
||||
source = {
|
||||
remotes = ["https://rubygems.org"];
|
||||
sha256 = "14i6y3ilv9l7cqvkawl75js26cfj1pd8cphhmq9lic95ajvdf371";
|
||||
sha256 = "0pmvxj7pka7pjpw060a9pfxsci1hmx45hk9hbp5m49xkkiiqf1gx";
|
||||
type = "gem";
|
||||
};
|
||||
version = "5.1.1";
|
||||
version = "5.1.2";
|
||||
};
|
||||
gollum-lib = {
|
||||
dependencies = ["gemojione" "github-markup" "gollum-rugged_adapter" "loofah" "nokogiri" "octicons" "rouge" "twitter-text"];
|
||||
|
@ -120,10 +120,10 @@
|
|||
platforms = [];
|
||||
source = {
|
||||
remotes = ["https://rubygems.org"];
|
||||
sha256 = "0ykna2apphld9llmjnz0210fipp4fkmj2ja18l7iz9xikg0h0ihi";
|
||||
sha256 = "0a8pb3v951f4x7h968rqfsa19c8arz21zw1vaj42jza22rap8fgv";
|
||||
type = "gem";
|
||||
};
|
||||
version = "1.0.1";
|
||||
version = "1.1.0";
|
||||
};
|
||||
loofah = {
|
||||
dependencies = ["crass" "nokogiri"];
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "gpx";
|
||||
version = "2.6.7";
|
||||
version = "2.6.8";
|
||||
|
||||
nativeBuildInputs = [ autoreconfHook ];
|
||||
|
||||
|
@ -10,7 +10,7 @@ stdenv.mkDerivation rec {
|
|||
owner = "markwal";
|
||||
repo = "GPX";
|
||||
rev = version;
|
||||
sha256 = "1dl5vlsx05ipy10h18xigicb3k7m33sa9hfyd46hkpr2glx7jh4p";
|
||||
sha256 = "1izs8s5npkbfrsyk17429hyl1vyrbj9dp6vmdlbb2vh6mfgl54h8";
|
||||
};
|
||||
|
||||
meta = {
|
||||
|
|
|
@ -2,16 +2,16 @@
|
|||
|
||||
buildGoModule rec {
|
||||
pname = "hugo";
|
||||
version = "0.78.2";
|
||||
version = "0.79.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "gohugoio";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "1xjxyx520wa6sgvighjp82qqfi0ykfskp0za5j95167c56ss8lm4";
|
||||
sha256 = "0i9c12w0jlfrqb5gygfn20rn41m7qy6ab03n779wbzwfqqz85mj6";
|
||||
};
|
||||
|
||||
vendorSha256 = "00jjcw76l12ppx3q1xhly7q10jfi2kx62a8z3r1k7m2593k8c4vq";
|
||||
vendorSha256 = "0jb6aqdv9yx7fxbkgd73rx6kvxagxscrin5b5bal3ig7ys1ghpsp";
|
||||
|
||||
doCheck = false;
|
||||
|
||||
|
|
77
third_party/nixpkgs/pkgs/applications/misc/ideamaker/default.nix
vendored
Normal file
77
third_party/nixpkgs/pkgs/applications/misc/ideamaker/default.nix
vendored
Normal file
|
@ -0,0 +1,77 @@
|
|||
{ stdenv
|
||||
, autoPatchelfHook
|
||||
, curl
|
||||
, dpkg
|
||||
, fetchurl
|
||||
, gcc
|
||||
, lib
|
||||
, libGLU
|
||||
, libcork
|
||||
, makeDesktopItem
|
||||
, qt5
|
||||
, quazip_qt4
|
||||
, zlib
|
||||
}:
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "ideamaker";
|
||||
version = "4.0.1";
|
||||
|
||||
src = fetchurl {
|
||||
# N.B. Unfortunately ideamaker adds a number after the patch number in
|
||||
# their release scheme which is not referenced anywhere other than in
|
||||
# the download URL. Because of this, I have chosen to not use ${version}
|
||||
# and just handwrite the correct values in the following URL, hopefully
|
||||
# avoiding surprises for the next person that comes to update this
|
||||
# package.
|
||||
url = "https://download.raise3d.com/ideamaker/release/4.0.1/ideaMaker_4.0.1.4802-ubuntu_amd64.deb";
|
||||
sha256 = "0a1jcakdglcr4kz0kyq692dbjk6aq2yqcp3i6gzni91k791h49hp";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ autoPatchelfHook dpkg qt5.wrapQtAppsHook ];
|
||||
buildInputs = [
|
||||
curl
|
||||
gcc.cc.lib
|
||||
libGLU
|
||||
libcork
|
||||
qt5.qtbase
|
||||
qt5.qtserialport
|
||||
quazip_qt4
|
||||
zlib
|
||||
];
|
||||
|
||||
unpackPhase = ''
|
||||
runHook preUnpack
|
||||
dpkg-deb -x $src .
|
||||
runHook postUnpack
|
||||
'';
|
||||
|
||||
installPhase = ''
|
||||
runHook preInstall
|
||||
|
||||
mkdir -p $out/{bin,share/pixmaps}
|
||||
|
||||
cp usr/lib/x86_64-linux-gnu/ideamaker/ideamaker $out/bin
|
||||
ln -s "${desktopItem}/share/applications" $out/share/
|
||||
cp usr/share/ideamaker/icons/ideamaker-icon.png $out/share/pixmaps/${pname}.png
|
||||
|
||||
runHook postInstall
|
||||
'';
|
||||
|
||||
desktopItem = makeDesktopItem {
|
||||
name = pname;
|
||||
exec = pname;
|
||||
icon = pname;
|
||||
desktopName = "Ideamaker";
|
||||
genericName = meta.description;
|
||||
categories = "Utility;Viewer;Engineering;";
|
||||
mimeType = "application/sla";
|
||||
};
|
||||
|
||||
meta = with lib; {
|
||||
homepage = "https://www.raise3d.com/ideamaker/";
|
||||
description = "Raise3D's 3D slicer software";
|
||||
license = licenses.unfree;
|
||||
platforms = [ "x86_64-linux" ];
|
||||
maintainers = with maintainers; [ lovesegfault ];
|
||||
};
|
||||
}
|
|
@ -4,7 +4,7 @@ let
|
|||
throwSystem = throw "Unsupported system: ${system}";
|
||||
|
||||
pname = "keeweb";
|
||||
version = "1.15.7";
|
||||
version = "1.16.0";
|
||||
name = "${pname}-${version}";
|
||||
|
||||
suffix = {
|
||||
|
@ -15,8 +15,8 @@ let
|
|||
src = fetchurl {
|
||||
url = "https://github.com/keeweb/keeweb/releases/download/v${version}/KeeWeb-${version}.${suffix}";
|
||||
sha256 = {
|
||||
x86_64-linux = "0cy0avl0m07xs523xm0rzsmifl28sv4rjb2jj3x492qmr2v64ckk";
|
||||
x86_64-darwin = "0r8c3zi0ibj0bb0gfc1axfn0y4qpjqfr0xpcxf810d65kaz6wic4";
|
||||
x86_64-linux = "1pivic7n5nv00s8bb51i2jz2mxgjn92hkc8n0p8662ai1cdng47g";
|
||||
x86_64-darwin = "0q6k0qgkgzid9yjbfsfpp8l9dr0n8xp25a4jf2bxwickm4irs9mz";
|
||||
}.${system} or throwSystem;
|
||||
};
|
||||
|
||||
|
|
|
@ -3,12 +3,12 @@
|
|||
}:
|
||||
|
||||
mkDerivation rec {
|
||||
version = "2.3.5.2";
|
||||
version = "2.3.6";
|
||||
pname = "lyx";
|
||||
|
||||
src = fetchurl {
|
||||
url = "ftp://ftp.lyx.org/pub/lyx/stable/2.3.x/${pname}-${version}.tar.xz";
|
||||
sha256 = "1pwdh0ljd7lm5a83vsqmp4695irhig07wxa90jc23ng5gap589na";
|
||||
sha256 = "160whjwwrmxizdakjlkf9xc86bhqfnslw47fixgqq4qhbapcxxkg";
|
||||
};
|
||||
|
||||
# LaTeX is used from $PATH, as people often want to have it with extra pkgs
|
||||
|
|
|
@ -2,16 +2,16 @@
|
|||
|
||||
rustPlatform.buildRustPackage rec {
|
||||
pname = "navi";
|
||||
version = "2.12.1";
|
||||
version = "2.13.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "denisidoro";
|
||||
repo = "navi";
|
||||
rev = "v${version}";
|
||||
sha256 = "1vrj8ad004h6jgmcb56f3f19s4xk6gvcpwysj78bxzgpa1998r3r";
|
||||
sha256 = "04ks38s6d3nkdj0arhxw8f3sfw796l97fbqxsm7b9g5d2953a6cs";
|
||||
};
|
||||
|
||||
cargoSha256 = "0yifgcf2pfszzny523ax7pb9a5r3012nynbnhdqg0j1ia1pdymf3";
|
||||
cargoSha256 = "1zwar1l793809bsgqnwrgi50y76bd78qd4s8lw6d64f4z72dh80g";
|
||||
|
||||
nativeBuildInputs = [ makeWrapper ];
|
||||
|
||||
|
|
|
@ -30,12 +30,12 @@ let
|
|||
|
||||
in stdenv.mkDerivation rec {
|
||||
pname = "obsidian";
|
||||
version = "0.9.15";
|
||||
version = "0.9.17";
|
||||
|
||||
src = fetchurl {
|
||||
url =
|
||||
"https://github.com/obsidianmd/obsidian-releases/releases/download/v${version}/obsidian-${version}.asar.gz";
|
||||
sha256 = "0cfzci2l1bbjc5mqs3hjyy3grz5jk3qbna57vfcvxz36kcd5djv5";
|
||||
sha256 = "0spa5zsipd456dcsp7ww24ab5vk4vmwyvrdmraw3hcsbnj9vcnwa";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ makeWrapper graphicsmagick ];
|
||||
|
|
|
@ -2,16 +2,16 @@
|
|||
|
||||
rustPlatform.buildRustPackage rec {
|
||||
pname = "pueue";
|
||||
version = "0.8.1";
|
||||
version = "0.8.2";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "Nukesor";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "0rqnbils0r98qglhm2jafw5d119fqdzszmk825yc0bma4icm7xzp";
|
||||
sha256 = "1vdlsfnqnyri0ny2g695lhivs9m25v9lsqf1valwbjv9l9vjxfqa";
|
||||
};
|
||||
|
||||
cargoSha256 = "1f3g5i0yh82qll1hyihrvv08pbd4h9vzs6jy6bf94bzabyjsgnzv";
|
||||
cargoSha256 = "0qziwb69qpbziz772np8dcb1dvxg6m506k5kl63m75z4zicgykcv";
|
||||
|
||||
nativeBuildInputs = [ installShellFiles ];
|
||||
|
||||
|
|
|
@ -158,7 +158,7 @@ stdenv.mkDerivation rec {
|
|||
contribute to your favorite creators automatically.
|
||||
'';
|
||||
license = licenses.mpl20;
|
||||
maintainers = with maintainers; [ uskudnik rht jefflabonte ];
|
||||
maintainers = with maintainers; [ uskudnik rht jefflabonte nasirhm ];
|
||||
platforms = [ "x86_64-linux" ];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -31,9 +31,9 @@
|
|||
}
|
||||
},
|
||||
"dev": {
|
||||
"version": "88.0.4324.11",
|
||||
"sha256": "123gqbxrn508wxdj3is0kzccml5zwnf8pfl90xdizvzcm3wy5315",
|
||||
"sha256bin64": "11bswhxpnw7qi6lagfpgxh4yh56w7l0bc3rqwf975cbq2cnzpjby",
|
||||
"version": "88.0.4324.27",
|
||||
"sha256": "0mciiyh3sn2zrl8g6znylc2pm9sb0wzsclgavf7mmlknri5sjblc",
|
||||
"sha256bin64": "0ax27j42167yyx90h5k6ra898kn626w5cvgmafm3al9kyfsx36m4",
|
||||
"deps": {
|
||||
"gn": {
|
||||
"version": "2020-11-05",
|
||||
|
|
|
@ -118,6 +118,7 @@ buildStdenv.mkDerivation ({
|
|||
|
||||
patches = [
|
||||
./env_var_for_system_dir.patch
|
||||
./no-buildconfig-ffx76.patch
|
||||
] ++
|
||||
|
||||
# there are two flavors of pipewire support
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ config, stdenv, lib, callPackage, fetchurl, nss_3_44 }:
|
||||
{ stdenv, lib, callPackage, fetchurl, fetchpatch }:
|
||||
|
||||
let
|
||||
common = opts: callPackage (import ./common.nix opts) {};
|
||||
|
@ -14,7 +14,14 @@ rec {
|
|||
};
|
||||
|
||||
patches = [
|
||||
./no-buildconfig-ffx76.patch
|
||||
# Fix compilation on aarch64 with newer rust version
|
||||
# See https://bugzilla.mozilla.org/show_bug.cgi?id=1677690
|
||||
# and https://bugzilla.redhat.com/show_bug.cgi?id=1897675
|
||||
(fetchpatch {
|
||||
name = "aarch64-simd-bgz-1677690.patch";
|
||||
url = "https://github.com/mozilla/gecko-dev/commit/71597faac0fde4f608a60dd610d0cefac4972cc3.patch";
|
||||
sha256 = "1f61nsgbv2c2ylgjs7wdahxrrlgc19gjy5nzs870zr1g832ybwin";
|
||||
})
|
||||
];
|
||||
|
||||
meta = {
|
||||
|
@ -41,10 +48,6 @@ rec {
|
|||
sha512 = "20h53cn7p4dds1yfm166iwbjdmw4fkv5pfk4z0pni6x8ddjvg19imzs6ggmpnfhaji8mnlknm7xp5j7x9vi24awvdxdds5n88rh25hd";
|
||||
};
|
||||
|
||||
patches = [
|
||||
./no-buildconfig-ffx76.patch
|
||||
];
|
||||
|
||||
meta = {
|
||||
description = "A web browser built from Firefox Extended Support Release source tree";
|
||||
homepage = "http://www.mozilla.com/en-US/firefox/";
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
{ stdenv, lib, makeDesktopItem, makeWrapper, lndir, config
|
||||
, replace, fetchurl, zip, unzip, jq
|
||||
|
||||
## various stuff that can be plugged in
|
||||
, flashplayer, hal-flash
|
||||
|
@ -31,6 +32,16 @@ let
|
|||
, forceWayland ? false
|
||||
, useGlvnd ? true
|
||||
, cfg ? config.${browserName} or {}
|
||||
|
||||
## Following options are needed for extra prefs & policies
|
||||
# For more information about anti tracking (german website)
|
||||
# visit https://wiki.kairaven.de/open/app/firefox
|
||||
, extraPrefs ? ""
|
||||
# For more information about policies visit
|
||||
# https://github.com/mozilla/policy-templates#enterprisepoliciesenabled
|
||||
, extraPolicies ? {}
|
||||
, firefoxLibName ? "firefox" # Important for tor package or the like
|
||||
, extraExtensions ? [ ]
|
||||
}:
|
||||
|
||||
assert forceWayland -> (browser ? gtk3); # Can only use the wayland backend if gtk3 is being used
|
||||
|
@ -81,6 +92,61 @@ let
|
|||
++ pkcs11Modules;
|
||||
gtk_modules = [ libcanberra-gtk2 ];
|
||||
|
||||
#########################
|
||||
# #
|
||||
# EXTRA PREF CHANGES #
|
||||
# #
|
||||
#########################
|
||||
policiesJson = builtins.toFile "policies.json"
|
||||
(builtins.toJSON enterprisePolicies);
|
||||
|
||||
extensions = builtins.map (a:
|
||||
if ! (builtins.hasAttr "extid" a) then
|
||||
throw "extraExtensions has an invalid entry. Missing extid attribute. Please use fetchfirefoxaddon"
|
||||
else
|
||||
a
|
||||
) extraExtensions;
|
||||
|
||||
enterprisePolicies =
|
||||
{
|
||||
policies = {
|
||||
DisableAppUpdate = true;
|
||||
} //
|
||||
{
|
||||
ExtensionSettings = {
|
||||
"*" = {
|
||||
blocked_install_message = "You can't have manual extension mixed with nix extensions";
|
||||
installation_mode = "blocked";
|
||||
};
|
||||
|
||||
} // lib.foldr (e: ret:
|
||||
ret // {
|
||||
"${e.extid}" = {
|
||||
installation_mode = "allowed";
|
||||
};
|
||||
}
|
||||
) {} extensions;
|
||||
}
|
||||
// extraPolicies;
|
||||
};
|
||||
|
||||
mozillaCfg = builtins.toFile "mozilla.cfg" ''
|
||||
// First line must be a comment
|
||||
|
||||
// Disables addon signature checking
|
||||
// to be able to install addons that do not have an extid
|
||||
// Security is maintained because only user whitelisted addons
|
||||
// with a checksum can be installed
|
||||
lockPref("xpinstall.signatures.required", false);
|
||||
${extraPrefs}
|
||||
'';
|
||||
|
||||
#############################
|
||||
# #
|
||||
# END EXTRA PREF CHANGES #
|
||||
# #
|
||||
#############################
|
||||
|
||||
in stdenv.mkDerivation {
|
||||
inherit pname version;
|
||||
|
||||
|
@ -106,6 +172,7 @@ let
|
|||
nativeBuildInputs = [ makeWrapper lndir ];
|
||||
buildInputs = lib.optional (browser ? gtk3) browser.gtk3;
|
||||
|
||||
|
||||
buildCommand = lib.optionalString stdenv.isDarwin ''
|
||||
mkdir -p $out/Applications
|
||||
cp -R --no-preserve=mode,ownership ${browser}/Applications/${browserName}.app $out/Applications
|
||||
|
@ -117,7 +184,66 @@ let
|
|||
exit 1
|
||||
fi
|
||||
|
||||
makeWrapper "$(readlink -v --canonicalize-existing "${browser}${browser.execdir or "/bin"}/${browserName}")" \
|
||||
#########################
|
||||
# #
|
||||
# EXTRA PREF CHANGES #
|
||||
# #
|
||||
#########################
|
||||
# Link the runtime. The executable itself has to be copied,
|
||||
# because it will resolve paths relative to its true location.
|
||||
# Any symbolic links have to be replicated as well.
|
||||
cd "${browser}"
|
||||
find . -type d -exec mkdir -p "$out"/{} \;
|
||||
|
||||
find . -type f \( -not -name "${browserName}" \) -exec ln -sT "${browser}"/{} "$out"/{} \;
|
||||
|
||||
find . -type f -name "${browserName}" -print0 | while read -d $'\0' f; do
|
||||
cp -P --no-preserve=mode,ownership "${browser}/$f" "$out/$f"
|
||||
chmod a+rwx "$out/$f"
|
||||
done
|
||||
|
||||
# fix links and absolute references
|
||||
cd "${browser}"
|
||||
|
||||
find . -type l -print0 | while read -d $'\0' l; do
|
||||
target="$(readlink "$l" | ${replace}/bin/replace-literal -es -- "${browser}" "$out")"
|
||||
ln -sfT "$target" "$out/$l"
|
||||
done
|
||||
|
||||
# This will not patch binaries, only "text" files.
|
||||
# Its there for the wrapper mostly.
|
||||
cd "$out"
|
||||
${replace}/bin/replace-literal -esfR -- "${browser}" "$out"
|
||||
|
||||
# create the wrapper
|
||||
|
||||
executablePrefix="$out${browser.execdir or "/bin"}"
|
||||
executablePath="$executablePrefix/${browserName}"
|
||||
|
||||
if [ ! -x "$executablePath" ]
|
||||
then
|
||||
echo "cannot find executable file \`${browser}${browser.execdir or "/bin"}/${browserName}'"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ ! -L "$executablePath" ]
|
||||
then
|
||||
# Careful here, the file at executablePath may already be
|
||||
# a wrapper. That is why we postfix it with -old instead
|
||||
# of -wrapped.
|
||||
oldExe="$executablePrefix"/".${browserName}"-old
|
||||
mv "$executablePath" "$oldExe"
|
||||
else
|
||||
oldExe="$(readlink -v --canonicalize-existing "$executablePath")"
|
||||
fi
|
||||
|
||||
if [ ! -x "${browser}${browser.execdir or "/bin"}/${browserName}" ]
|
||||
then
|
||||
echo "cannot find executable file \`${browser}${browser.execdir or "/bin"}/${browserName}'"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
makeWrapper "$oldExe" \
|
||||
"$out${browser.execdir or "/bin"}/${browserName}${nameSuffix}" \
|
||||
--suffix-each MOZ_PLUGIN_PATH ':' "$plugins" \
|
||||
--suffix LD_LIBRARY_PATH ':' "$libs" \
|
||||
|
@ -137,6 +263,11 @@ let
|
|||
--suffix XDG_DATA_DIRS : '${gnome3.adwaita-icon-theme}/share'
|
||||
''
|
||||
}
|
||||
#############################
|
||||
# #
|
||||
# END EXTRA PREF CHANGES #
|
||||
# #
|
||||
#############################
|
||||
|
||||
if [ -e "${browser}/share/icons" ]; then
|
||||
mkdir -p "$out/share"
|
||||
|
@ -166,6 +297,43 @@ let
|
|||
# For manpages, in case the program supplies them
|
||||
mkdir -p $out/nix-support
|
||||
echo ${browser} > $out/nix-support/propagated-user-env-packages
|
||||
|
||||
|
||||
#########################
|
||||
# #
|
||||
# EXTRA PREF CHANGES #
|
||||
# #
|
||||
#########################
|
||||
# user customization
|
||||
mkdir -p $out/lib/${firefoxLibName}
|
||||
|
||||
# creating policies.json
|
||||
mkdir -p "$out/lib/${firefoxLibName}/distribution"
|
||||
|
||||
POL_PATH="$out/lib/${firefoxLibName}/distribution/policies.json"
|
||||
rm -f "$POL_PATH"
|
||||
cat ${policiesJson} >> "$POL_PATH"
|
||||
|
||||
# preparing for autoconfig
|
||||
mkdir -p "$out/lib/${firefoxLibName}/defaults/pref"
|
||||
|
||||
cat > "$out/lib/${firefoxLibName}/defaults/pref/autoconfig.js" <<EOF
|
||||
pref("general.config.filename", "mozilla.cfg");
|
||||
pref("general.config.obscure_value", 0);
|
||||
EOF
|
||||
|
||||
cat > "$out/lib/${firefoxLibName}/mozilla.cfg" < ${mozillaCfg}
|
||||
|
||||
mkdir -p $out/lib/${firefoxLibName}/distribution/extensions
|
||||
|
||||
for i in ${toString extensions}; do
|
||||
ln -s -t $out/lib/${firefoxLibName}/distribution/extensions $i/*
|
||||
done
|
||||
#############################
|
||||
# #
|
||||
# END EXTRA PREF CHANGES #
|
||||
# #
|
||||
#############################
|
||||
'';
|
||||
|
||||
preferLocalBuild = true;
|
||||
|
|
|
@ -16,14 +16,14 @@ let
|
|||
|
||||
in stdenv.mkDerivation rec {
|
||||
pname = "palemoon";
|
||||
version = "28.15.0";
|
||||
version = "28.16.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
githubBase = "repo.palemoon.org";
|
||||
owner = "MoonchildProductions";
|
||||
repo = "Pale-Moon";
|
||||
rev = "${version}_Release";
|
||||
sha256 = "1sbs3gcwfx58mxc0x1g6jklmvpa9dw2bq3i8y9645gfa1s12p8wy";
|
||||
sha256 = "1svwbiar7c38c8xfw249mwnvayqq5868nkks7cbv9nyf2m9yap56";
|
||||
fetchSubmodules = true;
|
||||
};
|
||||
|
||||
|
|
|
@ -2,15 +2,15 @@
|
|||
|
||||
buildGoModule rec {
|
||||
pname = "istioctl";
|
||||
version = "1.7.5";
|
||||
version = "1.8.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "istio";
|
||||
repo = "istio";
|
||||
rev = version;
|
||||
sha256 = "10h2ak3s74xb1rjvc6bc5yiyq2k8qbv07wxnshiqp5cnd6pjni0w";
|
||||
sha256 = "0fwc56797gmcg9pcy0jpv5lb0b6wwiqh242xn1chd4a4hp8in7h9";
|
||||
};
|
||||
vendorSha256 = "1xj77w2h7qg808v6ll8hm5nvnb2lwky789aikgxli2k6m0cy0c5k";
|
||||
vendorSha256 = "0ing5pih2rz974dcianlb05fpgrj3y7h32awf3cp41gh448gxd24";
|
||||
|
||||
doCheck = false;
|
||||
|
||||
|
|
|
@ -1,42 +1,94 @@
|
|||
#!/usr/bin/env nix-shell
|
||||
#! nix-shell -i bash -p coreutils curl jq
|
||||
#! nix-shell -i bash -p coreutils curl jq moreutils
|
||||
# shellcheck shell=bash
|
||||
# vim: ft=sh
|
||||
#
|
||||
# Update a terraform provider to the latest version advertised at the
|
||||
# provider source address.
|
||||
#
|
||||
# Update a terraform provider to the latest version advertised at
|
||||
# the provider source address.
|
||||
set -euo pipefail
|
||||
|
||||
USAGE=$(cat<<DOC
|
||||
Specify the terraform provider name to update.
|
||||
show_usage() {
|
||||
cat <<DOC
|
||||
Usage: ./update-provider [--force] [--vendor] [<owner>/]<provider>
|
||||
|
||||
Example:
|
||||
To update nixpkgs.terraform-providers.aws run:
|
||||
./update-provider aws
|
||||
Update a single provider in the providers.json inventory file.
|
||||
|
||||
For example to update 'terraform-providers.aws' run:
|
||||
|
||||
./update-provider aws
|
||||
|
||||
If the provider is not in the list already, use the form '<owner>/<provider>'
|
||||
to add the provider to the list:
|
||||
|
||||
./update-provider hetznercloud/hcloud
|
||||
|
||||
Options:
|
||||
|
||||
* --force: Force the update even if the version matches.
|
||||
* --vendor: Switch from go package to go modules with vendor.
|
||||
* --vendor-sha256 <sha256>: Override the SHA256 or "null".
|
||||
DOC
|
||||
)
|
||||
}
|
||||
|
||||
provider_name="${1:-}"
|
||||
if [ -z "$provider_name" ]; then
|
||||
echo "No providers specified!"
|
||||
force=
|
||||
provider=
|
||||
vendor=
|
||||
vendorSha256=
|
||||
|
||||
while [[ $# -gt 0 ]]; do
|
||||
case "$1" in
|
||||
-h | --help)
|
||||
show_usage
|
||||
exit
|
||||
;;
|
||||
--force)
|
||||
force=1
|
||||
shift
|
||||
;;
|
||||
--vendor)
|
||||
force=1
|
||||
vendor=1
|
||||
shift
|
||||
;;
|
||||
--vendor-sha256)
|
||||
force=1
|
||||
vendorSha256=$2
|
||||
shift 2
|
||||
;;
|
||||
*)
|
||||
if [[ -n "$provider" ]]; then
|
||||
echo "ERROR: provider name was passed two times: '$provider' and '$1'"
|
||||
echo "Use --help for more info"
|
||||
exit 1
|
||||
fi
|
||||
provider=$1
|
||||
shift
|
||||
esac
|
||||
done
|
||||
|
||||
if [[ -z "$provider" ]]; then
|
||||
echo "ERROR: No providers specified!"
|
||||
echo
|
||||
echo "$USAGE"
|
||||
show_usage
|
||||
exit 1
|
||||
fi
|
||||
|
||||
provider_source_address="$(jq -r ".$provider_name.\"provider-source-address\"" providers.json)"
|
||||
provider_name=$(basename "$provider")
|
||||
|
||||
if [ "$provider_source_address" == "null" ]; then
|
||||
echo "No provider source address specified with provider: $provider_name"
|
||||
exit 1
|
||||
fi
|
||||
# Usage: read_attr <key>
|
||||
read_attr() {
|
||||
jq -r ".\"$provider_name\".\"$1\"" providers.json
|
||||
}
|
||||
|
||||
# The provider source address (used inside Terraform `required_providers` block) is
|
||||
# used to compute the registry API endpoint
|
||||
#
|
||||
# registry.terraform.io/hashicorp/aws (provider source address)
|
||||
# registry.terraform.io/providers/hashicorp/aws (provider URL for the website)
|
||||
# registry.terraform.io/v1/providers/hashicorp/aws (provider URL for the JSON API)
|
||||
registry_response=$(curl -s https://"${provider_source_address/\///v1/providers/}")
|
||||
# Usage: update_attr <key> <value>
|
||||
update_attr() {
|
||||
if [[ "$2" == "null" ]]; then
|
||||
jq -S ".\"$provider_name\".\"$1\" = null" providers.json | sponge providers.json
|
||||
else
|
||||
jq -S ".\"$provider_name\".\"$1\" = \"$2\"" providers.json | sponge providers.json
|
||||
fi
|
||||
}
|
||||
|
||||
prefetch_github() {
|
||||
# of a given owner, repo and rev, fetch the tarball and return the output of
|
||||
|
@ -47,31 +99,80 @@ prefetch_github() {
|
|||
nix-prefetch-url --unpack "https://github.com/$owner/$repo/archive/$rev.tar.gz"
|
||||
}
|
||||
|
||||
old_source_address="$(read_attr provider-source-address)"
|
||||
old_vendor_sha256=$(read_attr vendorSha256)
|
||||
old_version=$(read_attr version)
|
||||
|
||||
if [[ $provider =~ ^[^/]+/[^/]+$ ]]; then
|
||||
source_address=registry.terraform.io/$provider
|
||||
else
|
||||
source_address=$old_source_address
|
||||
fi
|
||||
if [[ "$source_address" == "null" ]]; then
|
||||
echo "Could not find the source address for provider: $provider"
|
||||
exit 1
|
||||
fi
|
||||
update_attr "provider-source-address" "$source_address"
|
||||
|
||||
# The provider source address (used inside Terraform `required_providers` block) is
|
||||
# used to compute the registry API endpoint
|
||||
#
|
||||
# registry.terraform.io/hashicorp/aws (provider source address)
|
||||
# registry.terraform.io/providers/hashicorp/aws (provider URL for the website)
|
||||
# registry.terraform.io/v1/providers/hashicorp/aws (provider URL for the JSON API)
|
||||
registry_response=$(curl -s https://"${source_address/\///v1/providers/}")
|
||||
|
||||
version="$(jq -r '.version' <<< "$registry_response")"
|
||||
if [[ "$old_version" = "$version" && "$force" != 1 && -z "$vendorSha256" && "$old_vendor_sha256" != "$vendorSha256" ]]; then
|
||||
echo "$provider_name is already at version $version"
|
||||
exit
|
||||
fi
|
||||
update_attr version "$version"
|
||||
|
||||
provider_source_url="$(jq -r '.source' <<< "$registry_response")"
|
||||
|
||||
org="$(echo "$provider_source_url" | cut -d '/' -f 4)"
|
||||
update_attr owner "$org"
|
||||
repo="$(echo "$provider_source_url" | cut -d '/' -f 5)"
|
||||
update_attr repo "$repo"
|
||||
rev="$(jq -r '.tag' <<< "$registry_response")"
|
||||
|
||||
update_attr rev "$rev"
|
||||
sha256=$(prefetch_github "$org" "$repo" "$rev")
|
||||
update_attr sha256 "$sha256"
|
||||
|
||||
version="$(jq -r '.version' <<< "$registry_response")"
|
||||
repo_root=$(git rev-parse --show-toplevel)
|
||||
|
||||
updated_provider="$(mktemp)"
|
||||
cat <<EOF >> "$updated_provider"
|
||||
{
|
||||
"$provider_name": {
|
||||
"owner": "$org",
|
||||
"repo": "$repo",
|
||||
"rev": "$rev",
|
||||
"sha256": "$sha256",
|
||||
"version": "$version",
|
||||
"provider-source-address": "$provider_source_address"
|
||||
}
|
||||
}
|
||||
EOF
|
||||
if [[ -z "$vendorSha256" ]]; then
|
||||
if [[ "$old_vendor_sha256" == null ]]; then
|
||||
vendorSha256=null
|
||||
elif [[ -n "$old_vendor_sha256" || "$vendor" = 1 ]]; then
|
||||
echo "=== Calculating vendorSha256 ==="
|
||||
update_attr vendorSha256 "0000000000000000000000000000000000000000000000000000000000000000"
|
||||
# Hackish way to find out the desired sha256. First build, then extract the
|
||||
# error message from the logs.
|
||||
set +e
|
||||
nix-build --no-out-link "$repo_root" -A "terraform-providers.$provider_name.go-modules" 2>vendor_log.txt
|
||||
set -e
|
||||
logs=$(< vendor_log.txt)
|
||||
if ! [[ $logs =~ got:\ +([^\ ]+) ]]; then
|
||||
echo "ERROR: could not find new hash in output:"
|
||||
cat vendor_log.txt
|
||||
rm -f vendor_log.txt
|
||||
exit 1
|
||||
fi
|
||||
rm -f vendor_log.txt
|
||||
vendorSha256=${BASH_REMATCH[1]}
|
||||
# Deal with nix unstable
|
||||
if [[ $vendorSha256 = sha256-* ]]; then
|
||||
vendorSha256=$(nix to-base32 "$vendorSha256")
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
original_provider_list="$(mktemp)"
|
||||
cat providers.json > "$original_provider_list"
|
||||
if [[ -n "$vendorSha256" ]]; then
|
||||
update_attr vendorSha256 "$vendorSha256"
|
||||
fi
|
||||
|
||||
jq --sort-keys --slurp '.[0] * .[1]' "$original_provider_list" "$updated_provider" > providers.json
|
||||
# Check that the provider builds
|
||||
echo "=== Building terraform-providers.$provider_name ==="
|
||||
nix-build "$repo_root" -A "terraform-providers.$provider_name"
|
||||
|
|
|
@ -2,13 +2,13 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "rssguard";
|
||||
version = "3.8.2";
|
||||
version = "3.8.3";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "martinrotter";
|
||||
repo = pname;
|
||||
rev = version;
|
||||
sha256 = "0vy89ih586s89s29dzzggk7bkaz70mzrc9islirk01s1jal1jn0v";
|
||||
sha256 = "1704nj77h6s88l4by3wxl5l770gaig90mv3ix80r00nh8mhzq44q";
|
||||
};
|
||||
|
||||
buildInputs = [ qtwebengine qttools ];
|
||||
|
|
|
@ -4,13 +4,13 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "toxic";
|
||||
version = "0.9.0";
|
||||
version = "0.9.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "Tox";
|
||||
repo = "toxic";
|
||||
rev = "v${version}";
|
||||
sha256 = "1y0k9vfb4818b3s313jlxbpjwdxd62cc4kc1vpxdjvs8mx543vrv";
|
||||
sha256 = "1j0yd33sm824dy4mhwfxqkywa46yhqy5hd5wq4lp7lgl6m6mypar";
|
||||
};
|
||||
|
||||
makeFlags = [ "PREFIX=$(out)"];
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue