Project import generated by Copybara.

GitOrigin-RevId: 0f213d0fee84280d8c3a97f7469b988d6fe5fcdf
This commit is contained in:
Default email 2023-01-11 08:51:40 +01:00
parent 59ac05168c
commit 6d4aeb4377
1880 changed files with 50521 additions and 38373 deletions

View file

@ -0,0 +1,3 @@
before:before
between:between
after:after

View file

@ -0,0 +1,15 @@
before:before
between:between
after:after
unnamed-1.1:k
unnamed-1.2:l
unnamed-2.01:a
unnamed-2.02:b
unnamed-2.03:c
unnamed-2.04:d
unnamed-2.05:e
unnamed-2.06:f
unnamed-2.07:g
unnamed-2.08:h
unnamed-2.09:i
unnamed-2.10:j

View file

@ -55,10 +55,13 @@ trim_trailing_whitespace = unset
[*.lock]
indent_size = unset
# trailing whitespace is an actual syntax element of classic Markdown/
# CommonMark to enforce a line break
# Although Markdown/CommonMark allows using two trailing spaces to denote
# a hard line break, we do not use that feature in nixpkgs since
# it forces the surrounding paragraph to become a <literallayout> which
# does not wrap reasonably.
# Instead of a hard line break, start a new paragraph by inserting a blank line.
[*.md]
trim_trailing_whitespace = unset
trim_trailing_whitespace = true
# binaries
[*.nib]

View file

@ -28,6 +28,7 @@
/lib/cli.nix @edolstra @nbp @Profpatsch
/lib/debug.nix @edolstra @nbp @Profpatsch
/lib/asserts.nix @edolstra @nbp @Profpatsch
/lib/path.* @infinisil @fricklerhandwerk
# Nixpkgs Internals
/default.nix @nbp
@ -106,7 +107,7 @@
/pkgs/top-level/python-packages.nix @FRidh @jonringer
/pkgs/development/interpreters/python @FRidh
/pkgs/development/python-modules @FRidh @jonringer
/doc/languages-frameworks/python.section.md @FRidh
/doc/languages-frameworks/python.section.md @FRidh @mweinelt
/pkgs/development/tools/poetry2nix @adisbladis
/pkgs/development/interpreters/python/hooks @FRidh @jonringer

View file

@ -2,7 +2,7 @@
name: Unreproducible package
about: A package that does not produce a bit-by-bit reproducible result each time it is built
title: ''
labels: '0.kind: enhancement', '6.topic: reproducible builds'
labels: [ '0.kind: enhancement', '6.topic: reproducible builds' ]
assignees: ''
---

View file

@ -19,6 +19,11 @@
- pkgs/build-support/emacs/**/*
- pkgs/top-level/emacs-packages.nix
"6.topic: Enlightenment DE":
- nixos/modules/services/x11/desktop-managers/enlightenment.nix
- pkgs/desktops/enlightenment/**/*
- pkgs/development/python-modules/python-efl/*
"6.topic: erlang":
- doc/languages-frameworks/beam.section.md
- pkgs/development/beam-modules/**/*
@ -65,6 +70,19 @@
- pkgs/development/lua-modules/**/*
- pkgs/top-level/lua-packages.nix
"6.topic: Lumina DE":
- nixos/modules/services/x11/desktop-managers/lumina.nix
- pkgs/desktops/lumina/**/*
"6.topic: LXQt":
- nixos/modules/services/x11/desktop-managers/lxqt.nix
- pkgs/desktops/lxqt/**/*
"6.topic: mate":
- nixos/modules/services/x11/desktop-managers/mate.nix
- nixos/tests/mate.nix
- pkgs/desktops/mate/**/*
"6.topic: nixos":
- nixos/**/*
- pkgs/os-specific/linux/nixos-rebuild/**/*

View file

@ -14,23 +14,19 @@ permissions:
jobs:
backport:
permissions:
contents: write # for zeebe-io/backport-action to create branch
pull-requests: write # for zeebe-io/backport-action to create PR to backport
contents: write # for korthout/backport-action to create branch
pull-requests: write # for korthout/backport-action to create PR to backport
name: Backport Pull Request
if: github.repository_owner == 'NixOS' && github.event.pull_request.merged == true && (github.event_name != 'labeled' || startsWith('backport', github.event.label.name))
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
# required to find all branches
fetch-depth: 0
ref: ${{ github.event.pull_request.head.sha }}
- name: Create backport PRs
uses: zeebe-io/backport-action@v0.0.9
uses: korthout/backport-action@v1.0.1
with:
# Config README: https://github.com/zeebe-io/backport-action#backport-action
github_token: ${{ secrets.GITHUB_TOKEN }}
github_workspace: ${{ github.workspace }}
# Config README: https://github.com/korthout/backport-action#backport-action
pull_description: |-
Bot-based backport to `${target_branch}`, triggered by a label in #${pull_number}.

View file

@ -38,10 +38,6 @@ jobs:
into: staging-next-22.11
- from: staging-next-22.11
into: staging-22.11
- from: release-22.05
into: staging-next-22.05
- from: staging-next-22.05
into: staging-22.05
name: ${{ matrix.pairs.from }} → ${{ matrix.pairs.into }}
steps:
- uses: actions/checkout@v3

View file

@ -11,8 +11,8 @@ permissions:
jobs:
tf-providers:
permissions:
contents: write # for peter-evans/create-pull-request to create branch
pull-requests: write # for peter-evans/create-pull-request to create a PR, for peter-evans/create-or-update-comment to create or update comment
contents: write # for peter-evans/create-pull-request to create branch
pull-requests: write # for peter-evans/create-pull-request to create a PR, for peter-evans/create-or-update-comment to create or update comment
if: github.repository_owner == 'NixOS' && github.ref == 'refs/heads/master' # ensure workflow_dispatch only runs on master
runs-on: ubuntu-latest
steps:
@ -25,6 +25,8 @@ jobs:
run: |
echo "title=terraform-providers: update $(date -u +"%Y-%m-%d")" >> $GITHUB_OUTPUT
- name: update terraform-providers
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
git config user.name "github-actions[bot]"

View file

@ -38,11 +38,14 @@ Below is a short excerpt of some points in there:
The old config generation system used impure shell scripts and could break in specific circumstances (see #1234).
* `meta.description` should:
* Be short, just one sentence.
* Be capitalized.
* Not start with the package name.
* Not have a period at the end.
* More generally, it should not refer to the package name.
* Not end with a period (or any punctuation for that matter).
* `meta.license` must be set and fit the upstream license.
* If there is no upstream license, `meta.license` should default to `lib.licenses.unfree`.
* If in doubt, try to contact the upstream developers for clarification.
* `meta.maintainers` must be set.
See the nixpkgs manual for more details on [standard meta-attributes](https://nixos.org/nixpkgs/manual/#sec-standard-meta-attributes).

View file

@ -1,4 +1,4 @@
Copyright (c) 2003-2022 Eelco Dolstra and the Nixpkgs/NixOS contributors
Copyright (c) 2003-2023 Eelco Dolstra and the Nixpkgs/NixOS contributors
Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the

View file

@ -11,7 +11,7 @@ pandoc_commonmark_enabled_extensions = +attributes+fenced_divs+footnotes+bracket
pandoc_flags = --extract-media=$(pandoc_media_dir) \
--lua-filter=$(PANDOC_LUA_FILTERS_DIR)/diagram-generator.lua \
--lua-filter=build-aux/pandoc-filters/myst-reader/roles.lua \
--lua-filter=build-aux/pandoc-filters/link-unix-man-references.lua \
--lua-filter=$(PANDOC_LINK_MANPAGES_FILTER) \
--lua-filter=build-aux/pandoc-filters/docbook-writer/rst-roles.lua \
--lua-filter=build-aux/pandoc-filters/docbook-writer/labelless-link-is-xref.lua \
-f commonmark$(pandoc_commonmark_enabled_extensions)+smart

View file

@ -0,0 +1,28 @@
{ pkgs ? import ../../.. {} }:
let
inherit (pkgs) lib;
manpageURLs = builtins.fromJSON (builtins.readFile (pkgs.path + "/doc/manpage-urls.json"));
in pkgs.writeText "link-manpages.lua" ''
--[[
Adds links to known man pages that aren't already in a link.
]]
local manpage_urls = {
${lib.concatStringsSep "\n" (lib.mapAttrsToList (man: url:
" [${builtins.toJSON man}] = ${builtins.toJSON url},") manpageURLs)}
}
traverse = 'topdown'
-- Returning false as the second value aborts processing of child elements.
function Link(elem)
return elem, false
end
function Code(elem)
local is_man_role = elem.classes:includes('interpreted-text') and elem.attributes['role'] == 'manpage'
if is_man_role and manpage_urls[elem.text] ~= nil then
return pandoc.Link(elem, manpage_urls[elem.text]), false
end
end
''

View file

@ -1,38 +0,0 @@
--[[
Turns a manpage reference into a link, when a mapping is defined below.
]]
local man_urls = {
["nix.conf(5)"] = "https://nixos.org/manual/nix/stable/#sec-conf-file",
["journald.conf(5)"] = "https://www.freedesktop.org/software/systemd/man/journald.conf.html",
["logind.conf(5)"] = "https://www.freedesktop.org/software/systemd/man/logind.conf.html",
["networkd.conf(5)"] = "https://www.freedesktop.org/software/systemd/man/networkd.conf.html",
["systemd.automount(5)"] = "https://www.freedesktop.org/software/systemd/man/systemd.automount.html",
["systemd.exec(5)"] = "https://www.freedesktop.org/software/systemd/man/systemd.exec.html",
["systemd.link(5)"] = "https://www.freedesktop.org/software/systemd/man/systemd.link.html",
["systemd.mount(5)"] = "https://www.freedesktop.org/software/systemd/man/systemd.mount.html",
["systemd.netdev(5)"] = "https://www.freedesktop.org/software/systemd/man/systemd.netdev.html",
["systemd.network(5)"] = "https://www.freedesktop.org/software/systemd/man/systemd.network.html",
["systemd.nspawn(5)"] = "https://www.freedesktop.org/software/systemd/man/systemd.nspawn.html",
["systemd.path(5)"] = "https://www.freedesktop.org/software/systemd/man/systemd.path.html",
["systemd.resource-control(5)"] = "https://www.freedesktop.org/software/systemd/man/systemd.resource-control.html",
["systemd.scope(5)"] = "https://www.freedesktop.org/software/systemd/man/systemd.scope.html",
["systemd.service(5)"] = "https://www.freedesktop.org/software/systemd/man/systemd.service.html",
["systemd.slice(5)"] = "https://www.freedesktop.org/software/systemd/man/systemd.slice.html",
["systemd.socket(5)"] = "https://www.freedesktop.org/software/systemd/man/systemd.socket.html",
["systemd.timer(5)"] = "https://www.freedesktop.org/software/systemd/man/systemd.timer.html",
["systemd.unit(5)"] = "https://www.freedesktop.org/software/systemd/man/systemd.unit.html",
["timesyncd.conf(5)"] = "https://www.freedesktop.org/software/systemd/man/timesyncd.conf.html",
["tmpfiles.d(5)"] = "https://www.freedesktop.org/software/systemd/man/tmpfiles.d.html",
["systemd.time(7)"] = "https://www.freedesktop.org/software/systemd/man/systemd.time.html",
["systemd-fstab-generator(8)"] = "https://www.freedesktop.org/software/systemd/man/systemd-fstab-generator.html",
["systemd-networkd-wait-online.service(8)"] = "https://www.freedesktop.org/software/systemd/man/systemd-networkd-wait-online.service.html",
}
function Code(elem)
local is_man_role = elem.classes:includes('interpreted-text') and elem.attributes['role'] == 'manpage'
if is_man_role and man_urls[elem.text] ~= nil then
return pandoc.Link(elem, man_urls[elem.text])
end
end

View file

@ -20,7 +20,7 @@ Features are separated in various sections depending on if you opt for a Nix-sto
### Common
- arbitrary NixOS configuration
- automatic or bound disk size: `diskSize` parameter, `additionalSpace` can be set when `diskSize` is `auto` to add a constant of disk space
- automatic or bound disk size: `diskSize` parameter, `additionalSpace` can be set when `diskSize` is `auto` to add a constant of disk space
- multiple partition table layouts: EFI, legacy, legacy + GPT, hybrid, none through `partitionTableType` parameter
- OVMF or EFI firmwares and variables templates can be customized
- root filesystem `fsType` can be customized to whatever `mkfs.${fsType}` exist during operations

View file

@ -28,18 +28,21 @@ Password:
```
… so that it can install a private key used to `ssh` into the build server.
After that the script will launch the virtual machine:
After that the script will launch the virtual machine and automatically log you
in as the `builder` user:
```
<<< Welcome to NixOS 22.11.20220901.1bd8d11 (aarch64) - ttyAMA0 >>>
Run 'nixos-help' for the NixOS manual.
nixos login:
nixos login: builder (automatic login)
[builder@nixos:~]$
```
> Note: When you need to stop the VM, type `Ctrl`-`a` + `c` to open the `qemu`
> prompt and then type `quit` followed by `Enter`
> Note: When you need to stop the VM, run `shutdown now` as the `builder` user.
To delegate builds to the remote builder, add the following options to your
`nix.conf` file:
@ -47,7 +50,7 @@ To delegate builds to the remote builder, add the following options to your
```
# - Replace ${ARCH} with either aarch64 or x86_64 to match your host machine
# - Replace ${MAX_JOBS} with the maximum number of builds (pick 4 if you're not sure)
builders = ssh-ng://builder@localhost ${ARCH}-linux /etc/nix/builder_ed25519 ${MAX_JOBS} - - - c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUpCV2N4Yi9CbGFxdDFhdU90RStGOFFVV3JVb3RpQzVxQkorVXVFV2RWQ2Igcm9vdEBuaXhvcwo='
builders = ssh-ng://builder@localhost ${ARCH}-linux /etc/nix/builder_ed25519 ${MAX_JOBS} - - - c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUpCV2N4Yi9CbGFxdDFhdU90RStGOFFVV3JVb3RpQzVxQkorVXVFV2RWQ2Igcm9vdEBuaXhvcwo=
# Not strictly necessary, but this will reduce your disk utilization
builders-use-substitutes = true

View file

@ -62,7 +62,7 @@ runCommand "example" {
'';
```
While `testBuildFailure` is designed to keep changes to the original builder's
While `testBuildFailure` is designed to keep changes to the original builder's
environment to a minimum, some small changes are inevitable.
- The file `$TMPDIR/testBuildFailure.log` is present. It should not be deleted.

View file

@ -53,7 +53,7 @@ Additional syntax extensions are available, though not all extensions can be use
This syntax is taken from [MyST](https://myst-parser.readthedocs.io/en/latest/using/syntax.html#targets-and-cross-referencing).
- []{#ssec-contributing-markup-inline-roles}
If you want to link to a man page, you can use `` {manpage}`nix.conf(5)` ``, which will turn into {manpage}`nix.conf(5)`. The references will turn into links when a mapping exists in {file}`doc/build-aux/pandoc-filters/link-unix-man-references.lua`.
If you want to link to a man page, you can use `` {manpage}`nix.conf(5)` ``, which will turn into {manpage}`nix.conf(5)`. The references will turn into links when a mapping exists in {file}`doc/manpage-urls.json`.
A few markups for other kinds of literals are also available:

View file

@ -34,7 +34,7 @@ To add a package to Nixpkgs:
- Apache HTTPD: [`pkgs/servers/http/apache-httpd/2.4.nix`](https://github.com/NixOS/nixpkgs/blob/master/pkgs/servers/http/apache-httpd/2.4.nix). A bunch of optional features, variable substitutions in the configure flags, a post-install hook, and miscellaneous hackery.
- Thunderbird: [`pkgs/applications/networking/mailreaders/thunderbird/default.nix`](https://github.com/NixOS/nixpkgs/blob/master/pkgs/applications/networking/mailreaders/thunderbird/default.nix). Lots of dependencies.
- buildMozillaMach: [`pkgs/applications/networking/browser/firefox/common.nix`](https://github.com/NixOS/nixpkgs/blob/master/pkgs/applications/networking/browsers/firefox/common.nix). A reusable build function for Firefox, Thunderbird and Librewolf.
- JDiskReport, a Java utility: [`pkgs/tools/misc/jdiskreport/default.nix`](https://github.com/NixOS/nixpkgs/blob/master/pkgs/tools/misc/jdiskreport/default.nix). Nixpkgs doesnt have a decent `stdenv` for Java yet so this is pretty ad-hoc.

View file

@ -36,4 +36,5 @@ in pkgs.stdenv.mkDerivation {
# Environment variables
PANDOC_LUA_FILTERS_DIR = "${pkgs.pandoc-lua-filters}/share/pandoc/filters";
PANDOC_LINK_MANPAGES_FILTER = import build-aux/pandoc-filters/link-manpages.nix { inherit pkgs; };
}

View file

@ -12,6 +12,7 @@ let
{ name = "lists"; description = "list manipulation functions"; }
{ name = "debug"; description = "debugging functions"; }
{ name = "options"; description = "NixOS / nixpkgs option handling"; }
{ name = "path"; description = "path functions"; }
{ name = "filesystem"; description = "filesystem functions"; }
{ name = "sources"; description = "source filtering functions"; }
{ name = "cli"; description = "command-line serialization functions"; }

View file

@ -10,7 +10,11 @@ with pkgs; stdenv.mkDerivation {
installPhase = ''
function docgen {
# TODO: wrap lib.$1 in <literal>, make nixdoc not escape it
nixdoc -c "$1" -d "lib.$1: $2" -f "$1.nix" > "$out/$1.xml"
if [[ -e "../lib/$1.nix" ]]; then
nixdoc -c "$1" -d "lib.$1: $2" -f "$1.nix" > "$out/$1.xml"
else
nixdoc -c "$1" -d "lib.$1: $2" -f "$1/default.nix" > "$out/$1.xml"
fi
echo "<xi:include href='$1.xml' />" >> "$out/index.xml"
}

View file

@ -2,19 +2,21 @@
let
revision = pkgs.lib.trivial.revisionWithDefault (nixpkgs.revision or "master");
libDefPos = set:
builtins.map
(name: {
name = name;
libDefPos = prefix: set:
builtins.concatMap
(name: [{
name = builtins.concatStringsSep "." (prefix ++ [name]);
location = builtins.unsafeGetAttrPos name set;
})
(builtins.attrNames set);
}] ++ nixpkgsLib.optionals
(builtins.length prefix == 0 && builtins.isAttrs set.${name})
(libDefPos (prefix ++ [name]) set.${name})
) (builtins.attrNames set);
libset = toplib:
builtins.map
(subsetname: {
subsetname = subsetname;
functions = libDefPos toplib.${subsetname};
functions = libDefPos [] toplib.${subsetname};
})
(builtins.map (x: x.name) libsets);

View file

@ -16,7 +16,8 @@ In the following is an example expression using `buildGoModule`, the following a
`vendorHash` can also be set to `null`.
In that case, rather than fetching the dependencies and vendoring them, the dependencies vendored in the source repo will be used.
To avoid updating this field when dependencies change, run `go mod vendor` in your source repo and set `vendorHash = null;`
To avoid updating this field when dependencies change, run `go mod vendor` in your source repo and set `vendorHash = null;`
To obtain the actual hash, set `vendorHash = lib.fakeSha256;` and run the build ([more details here](#sec-source-hashes)).
- `proxyVendor`: Fetches (go mod download) and proxies the vendor directory. This is useful if your code depends on c code and go mod tidy does not include the needed sources to build or if any dependency has case-insensitive conflicts which will produce platform dependant `vendorHash` checksums.

View file

@ -570,7 +570,13 @@ test run would be:
```
checkInputs = [ pytest ];
checkPhase = "pytest";
checkPhase = ''
runHook preCheck
pytest
runHook postCheck
'';
```
However, many repositories' test suites do not translate well to nix's build
@ -582,7 +588,11 @@ To filter tests using pytest, one can do the following:
checkInputs = [ pytest ];
# avoid tests which need additional data or touch network
checkPhase = ''
runHook preCheck
pytest tests/ --ignore=tests/integration -k 'not download and not update'
runHook postCheck
'';
```
@ -1408,7 +1418,11 @@ example of such a situation is when `py.test` is used.
# assumes the tests are located in tests
checkInputs = [ pytest ];
checkPhase = ''
runHook preCheck
py.test -k 'not function_name and not other_function' tests
runHook postCheck
'';
}
```

View file

@ -0,0 +1,29 @@
{
"nix.conf(5)": "https://nixos.org/manual/nix/stable/#sec-conf-file",
"journald.conf(5)": "https://www.freedesktop.org/software/systemd/man/journald.conf.html",
"logind.conf(5)": "https://www.freedesktop.org/software/systemd/man/logind.conf.html",
"networkd.conf(5)": "https://www.freedesktop.org/software/systemd/man/networkd.conf.html",
"systemd.automount(5)": "https://www.freedesktop.org/software/systemd/man/systemd.automount.html",
"systemd.exec(5)": "https://www.freedesktop.org/software/systemd/man/systemd.exec.html",
"systemd.link(5)": "https://www.freedesktop.org/software/systemd/man/systemd.link.html",
"systemd.mount(5)": "https://www.freedesktop.org/software/systemd/man/systemd.mount.html",
"systemd.netdev(5)": "https://www.freedesktop.org/software/systemd/man/systemd.netdev.html",
"systemd.network(5)": "https://www.freedesktop.org/software/systemd/man/systemd.network.html",
"systemd.nspawn(5)": "https://www.freedesktop.org/software/systemd/man/systemd.nspawn.html",
"systemd.path(5)": "https://www.freedesktop.org/software/systemd/man/systemd.path.html",
"systemd.resource-control(5)": "https://www.freedesktop.org/software/systemd/man/systemd.resource-control.html",
"systemd.scope(5)": "https://www.freedesktop.org/software/systemd/man/systemd.scope.html",
"systemd.service(5)": "https://www.freedesktop.org/software/systemd/man/systemd.service.html",
"systemd.slice(5)": "https://www.freedesktop.org/software/systemd/man/systemd.slice.html",
"systemd.socket(5)": "https://www.freedesktop.org/software/systemd/man/systemd.socket.html",
"systemd.timer(5)": "https://www.freedesktop.org/software/systemd/man/systemd.timer.html",
"systemd.unit(5)": "https://www.freedesktop.org/software/systemd/man/systemd.unit.html",
"systemd-system.conf(5)": "https://www.freedesktop.org/software/systemd/man/systemd-system.conf.html",
"systemd-user.conf(5)": "https://www.freedesktop.org/software/systemd/man/systemd-user.conf.html",
"timesyncd.conf(5)": "https://www.freedesktop.org/software/systemd/man/timesyncd.conf.html",
"tmpfiles.d(5)": "https://www.freedesktop.org/software/systemd/man/tmpfiles.d.html",
"systemd.time(7)": "https://www.freedesktop.org/software/systemd/man/systemd.time.html",
"systemd-fstab-generator(8)": "https://www.freedesktop.org/software/systemd/man/systemd-fstab-generator.html",
"systemd-networkd-wait-online.service(8)": "https://www.freedesktop.org/software/systemd/man/systemd-networkd-wait-online.service.html"
}

View file

@ -24,8 +24,8 @@ Packages, including the Nix packages collection, are distributed through
[channels](https://nixos.org/nix/manual/#sec-channels). The collection is
distributed for users of Nix on non-NixOS distributions through the channel
`nixpkgs`. Users of NixOS generally use one of the `nixos-*` channels, e.g.
`nixos-19.09`, which includes all packages and modules for the stable NixOS
19.09. Stable NixOS releases are generally only given
`nixos-22.11`, which includes all packages and modules for the stable NixOS
22.11. Stable NixOS releases are generally only given
security updates. More up to date packages and modules are available via the
`nixos-unstable` channel.
@ -43,4 +43,4 @@ The binaries are made available via a [binary cache](https://cache.nixos.org).
The current Nix expressions of the channels are available in the
[`nixpkgs`](https://github.com/NixOS/nixpkgs) repository in branches
that correspond to the channel names (e.g. `nixos-19.09-small`).
that correspond to the channel names (e.g. `nixos-22.11-small`).

View file

@ -66,7 +66,7 @@ For details, see [Licenses](#sec-meta-license).
### `maintainers` {#var-meta-maintainers}
A list of the maintainers of this Nix expression. Maintainers are defined in [`nixpkgs/maintainers/maintainer-list.nix`](https://github.com/NixOS/nixpkgs/blob/master/maintainers/maintainer-list.nix). There is no restriction to becoming a maintainer, just add yourself to that list in a separate commit titled “maintainers: add alice”, and reference maintainers with `maintainers = with lib.maintainers; [ alice bob ]`.
A list of the maintainers of this Nix expression. Maintainers are defined in [`nixpkgs/maintainers/maintainer-list.nix`](https://github.com/NixOS/nixpkgs/blob/master/maintainers/maintainer-list.nix). There is no restriction to becoming a maintainer, just add yourself to that list in a separate commit titled “maintainers: add alice” in the same pull request, and reference maintainers with `maintainers = with lib.maintainers; [ alice bob ]`.
### `mainProgram` {#var-meta-mainProgram}

View file

@ -837,6 +837,10 @@ The distribution phase is intended to produce a source distribution of the packa
#### Variables controlling the distribution phase {#variables-controlling-the-distribution-phase}
##### `doDist` {#var-stdenv-doDist}
If set, the distribution phase is executed.
##### `distTarget` {#var-stdenv-distTarget}
The make target that produces the distribution. Defaults to `dist`.

View file

@ -63,7 +63,7 @@ You should prefer `overrideAttrs` in almost all cases, see its documentation for
:::
::: {.warning}
Do not use this function in Nixpkgs as it evaluates a Derivation before modifying it, which breaks package abstraction and removes error-checking of function arguments. In addition, this evaluation-per-function application incurs a performance penalty, which can become a problem if many overrides are used. It is only intended for ad-hoc customisation, such as in `~/.config/nixpkgs/config.nix`.
Do not use this function in Nixpkgs as it evaluates a derivation before modifying it, which breaks package abstraction. In addition, this evaluation-per-function application incurs a performance penalty, which can become a problem if many overrides are used. It is only intended for ad-hoc customisation, such as in `~/.config/nixpkgs/config.nix`.
:::
The function `overrideDerivation` creates a new derivation based on an existing one by overriding the original's attributes with the attribute set produced by the specified function. This function is available on all derivations defined using the `makeOverridable` function. Most standard derivation-producing functions, such as `stdenv.mkDerivation`, are defined using this function, which means most packages in the nixpkgs expression, `pkgs`, have this function.

View file

@ -88,7 +88,7 @@ rec {
else { ${elemAt attrPath n} = atDepth (n + 1); };
in atDepth 0;
/* Like `attrByPath', but without a default value. If it doesn't find the
/* Like `attrByPath`, but without a default value. If it doesn't find the
path it will throw an error.
Example:
@ -274,7 +274,7 @@ rec {
# The set to get the named attributes from
attrs: genAttrs names (name: attrs.${name});
/* Collect each attribute named `attr' from a list of attribute
/* Collect each attribute named `attr` from a list of attribute
sets. Sets that don't contain the named attribute are ignored.
Example:
@ -357,8 +357,8 @@ rec {
) {} list_of_attrs;
/* Recursively collect sets that verify a given predicate named `pred'
from the set `attrs'. The recursion is stopped when the predicate is
/* Recursively collect sets that verify a given predicate named `pred`
from the set `attrs`. The recursion is stopped when the predicate is
verified.
Example:
@ -439,9 +439,9 @@ rec {
listToAttrs (map (attr: { name = attr; value = f attr set.${attr}; }) (attrNames set)));
/* Like `mapAttrs', but allows the name of each attribute to be
/* Like `mapAttrs`, but allows the name of each attribute to be
changed in addition to the value. The applied function should
return both the new name and value as a `nameValuePair'.
return both the new name and value as a `nameValuePair`.
Example:
mapAttrs' (name: value: nameValuePair ("foo_" + name) ("bar-" + value))
@ -479,7 +479,7 @@ rec {
map (name: f name attrs.${name}) (attrNames attrs);
/* Like `mapAttrs', except that it recursively applies itself to
/* Like `mapAttrs`, except that it recursively applies itself to
attribute sets. Also, the first argument of the argument
function is a *list* of the names of the containing attributes.
@ -499,9 +499,9 @@ rec {
mapAttrsRecursiveCond (as: true) f set;
/* Like `mapAttrsRecursive', but it takes an additional predicate
/* Like `mapAttrsRecursive`, but it takes an additional predicate
function that tells it whether to recurse into an attribute
set. If it returns false, `mapAttrsRecursiveCond' does not
set. If it returns false, `mapAttrsRecursiveCond` does not
recurse, but does apply the map function. If it returns true, it
does recurse, and does not apply the map function.
@ -655,7 +655,7 @@ rec {
/* Merge sets of attributes and combine each attribute value in to a list.
Like `lib.attrsets.zipAttrsWith' with `(name: values: values)' as the function.
Like `lib.attrsets.zipAttrsWith` with `(name: values: values)` as the function.
Example:
zipAttrs [{a = "x";} {a = "y"; b = "z";}]

View file

@ -3,13 +3,13 @@
rec {
/* `overrideDerivation drv f' takes a derivation (i.e., the result
of a call to the builtin function `derivation') and returns a new
/* `overrideDerivation drv f` takes a derivation (i.e., the result
of a call to the builtin function `derivation`) and returns a new
derivation in which the attributes of the original are overridden
according to the function `f'. The function `f' is called with
according to the function `f`. The function `f` is called with
the original derivation attributes.
`overrideDerivation' allows certain "ad-hoc" customisation
`overrideDerivation` allows certain "ad-hoc" customisation
scenarios (e.g. in ~/.config/nixpkgs/config.nix). For instance,
if you want to "patch" the derivation returned by a package
function in Nixpkgs to build another version than what the
@ -27,11 +27,19 @@ rec {
For another application, see build-support/vm, where this
function is used to build arbitrary derivations inside a QEMU
virtual machine.
Note that in order to preserve evaluation errors, the new derivation's
outPath depends on the old one's, which means that this function cannot
be used in circular situations when the old derivation also depends on the
new one.
You should in general prefer `drv.overrideAttrs` over this function;
see the nixpkgs manual for more information on overriding.
*/
overrideDerivation = drv: f:
let
newDrv = derivation (drv.drvAttrs // (f drv));
in lib.flip (extendDerivation true) newDrv (
in lib.flip (extendDerivation (builtins.seq drv.drvPath true)) newDrv (
{ meta = drv.meta or {};
passthru = if drv ? passthru then drv.passthru else {};
}
@ -96,10 +104,10 @@ rec {
else result;
/* Call the package function in the file `fn' with the required
/* Call the package function in the file `fn` with the required
arguments automatically. The function is called with the
arguments `args', but any missing arguments are obtained from
`autoArgs'. This function is intended to be partially
arguments `args`, but any missing arguments are obtained from
`autoArgs`. This function is intended to be partially
parameterised, e.g.,
callPackage = callPackageWith pkgs;
@ -108,9 +116,9 @@ rec {
libbar = callPackage ./bar.nix { };
};
If the `libbar' function expects an argument named `libfoo', it is
If the `libbar` function expects an argument named `libfoo`, it is
automatically passed as an argument. Overrides or missing
arguments can be supplied in `args', e.g.
arguments can be supplied in `args`, e.g.
libbar = callPackage ./bar.nix {
libfoo = null;
@ -247,13 +255,13 @@ rec {
in lib.deepSeq drv' drv';
/* Make a set of packages with a common scope. All packages called
with the provided `callPackage' will be evaluated with the same
with the provided `callPackage` will be evaluated with the same
arguments. Any package in the set may depend on any other. The
`overrideScope'` function allows subsequent modification of the package
set in a consistent way, i.e. all packages in the set will be
called with the overridden packages. The package sets may be
hierarchical: the packages in the set are called with the scope
provided by `newScope' and the set provides a `newScope' attribute
provided by `newScope` and the set provides a `newScope` attribute
which can form the parent scope for later package sets. */
makeScope = newScope: f:
let self = f self // {

View file

@ -1,7 +1,7 @@
/* Library of low-level helper functions for nix expressions.
*
* Please implement (mostly) exhaustive unit tests
* for new functions in `./tests.nix'.
* for new functions in `./tests.nix`.
*/
let
@ -27,7 +27,6 @@ let
maintainers = import ../maintainers/maintainer-list.nix;
teams = callLibs ../maintainers/team-list.nix;
meta = callLibs ./meta.nix;
sources = callLibs ./sources.nix;
versions = callLibs ./versions.nix;
# module system
@ -53,7 +52,9 @@ let
fetchers = callLibs ./fetchers.nix;
# Eval-time filesystem handling
path = callLibs ./path;
filesystem = callLibs ./filesystem.nix;
sources = callLibs ./sources.nix;
# back-compat aliases
platforms = self.systems.doubles;
@ -63,7 +64,7 @@ let
inherit (builtins) add addErrorContext attrNames concatLists
deepSeq elem elemAt filter genericClosure genList getAttr
hasAttr head isAttrs isBool isInt isList isString length
hasAttr head isAttrs isBool isInt isList isPath isString length
lessThan listToAttrs pathExists readFile replaceStrings seq
stringLength sub substring tail trace;
inherit (self.trivial) id const pipe concat or and bitAnd bitOr bitXor
@ -96,14 +97,16 @@ let
concatImapStringsSep makeSearchPath makeSearchPathOutput
makeLibraryPath makeBinPath optionalString
hasInfix hasPrefix hasSuffix stringToCharacters stringAsChars escape
escapeShellArg escapeShellArgs isValidPosixName toShellVar toShellVars
escapeShellArg escapeShellArgs
isStorePath isStringLike
isValidPosixName toShellVar toShellVars
escapeRegex escapeXML replaceChars lowerChars
upperChars toLower toUpper addContextFrom splitString
removePrefix removeSuffix versionOlder versionAtLeast
getName getVersion
mesonOption mesonBool mesonEnable
nameFromURL enableFeature enableFeatureAs withFeature
withFeatureAs fixedWidthString fixedWidthNumber isStorePath
withFeatureAs fixedWidthString fixedWidthNumber
toInt toIntBase10 readPathsFromFile fileContents;
inherit (self.stringsWithDeps) textClosureList textClosureMap
noDepEntry fullDepEntry packEntry stringAfter;
@ -128,14 +131,15 @@ let
mkAliasAndWrapDefinitions fixMergeModules mkRemovedOptionModule
mkRenamedOptionModule mkRenamedOptionModuleWith
mkMergedOptionModule mkChangedOptionModule
mkAliasOptionModule mkDerivedConfig doRename;
mkAliasOptionModule mkDerivedConfig doRename
mkAliasOptionModuleMD;
inherit (self.options) isOption mkEnableOption mkSinkUndeclaredOptions
mergeDefaultOption mergeOneOption mergeEqualOption mergeUniqueOption
getValues getFiles
optionAttrSetToDocList optionAttrSetToDocList'
scrubOptionValue literalExpression literalExample literalDocBook
showOption showOptionWithDefLocs showFiles
unknownModule mkOption mkPackageOption
unknownModule mkOption mkPackageOption mkPackageOptionMD
mdDoc literalMD;
inherit (self.types) isType setType defaultTypeMerge defaultFunctor
isOptionType mkOptionType;

View file

@ -289,7 +289,9 @@ rec {
(This means fn is type Val -> String.) */
allowPrettyValues ? false,
/* If this option is true, the output is indented with newlines for attribute sets and lists */
multiline ? true
multiline ? true,
/* Initial indentation level */
indent ? ""
}:
let
go = indent: v: with builtins;
@ -348,7 +350,7 @@ rec {
};") v)
+ outroSpace + "}"
else abort "generators.toPretty: should never happen (v = ${v})";
in go "";
in go indent;
# PLIST handling
toPlist = {}: v: let

View file

@ -842,6 +842,12 @@ in mkLicense lset) ({
fullName = "SGI Free Software License B v2.0";
};
# Gentoo seems to treat it as a license:
# https://gitweb.gentoo.org/repo/gentoo.git/tree/licenses/SGMLUG?id=7d999af4a47bf55e53e54713d98d145f935935c1
sgmlug = {
fullName = "SGML UG SGML Parser Materials license";
};
sleepycat = {
spdxId = "Sleepycat";
fullName = "Sleepycat License";

View file

@ -242,7 +242,7 @@ rec {
/* Return a singleton list or an empty list, depending on a boolean
value. Useful when building lists with optional elements
(e.g. `++ optional (system == "i686-linux") firefox').
(e.g. `++ optional (system == "i686-linux") firefox`).
Type: optional :: bool -> a -> [a]
@ -283,7 +283,7 @@ rec {
*/
toList = x: if isList x then x else [x];
/* Return a list of integers from `first' up to and including `last'.
/* Return a list of integers from `first` up to and including `last`.
Type: range :: int -> int -> [int]
@ -320,7 +320,7 @@ rec {
) { right = []; wrong = []; });
/* Splits the elements of a list into many lists, using the return value of a predicate.
Predicate should return a string which becomes keys of attrset `groupBy' returns.
Predicate should return a string which becomes keys of attrset `groupBy` returns.
`groupBy'` allows to customise the combining function and initial value

View file

@ -27,7 +27,7 @@ rec {
setName = name: drv: drv // {inherit name;};
/* Like `setName', but takes the previous name as an argument.
/* Like `setName`, but takes the previous name as an argument.
Example:
updateName (oldName: oldName + "-experimental") somePkg
@ -92,12 +92,13 @@ rec {
A package is available on a platform if both
1. One of `meta.platforms` pattern matches the given platform.
1. One of `meta.platforms` pattern matches the given
platform, or `meta.platforms` is not present.
2. None of `meta.badPlatforms` pattern matches the given platform.
*/
availableOn = platform: pkg:
lib.any (platformMatch platform) pkg.meta.platforms &&
((!pkg?meta.platforms) || lib.any (platformMatch platform) pkg.meta.platforms) &&
lib.all (elem: !platformMatch platform elem) (pkg.meta.badPlatforms or []);
/* Get the corresponding attribute in lib.licenses

View file

@ -157,6 +157,11 @@ rec {
${if prefix == []
then null # unset => visible
else "internal"} = true;
# TODO: hidden during the markdown transition to not expose downstream
# users of the docs infra to markdown if they're not ready for it.
# we don't make this visible conditionally because it can impact
# performance (https://github.com/NixOS/nixpkgs/pull/208407#issuecomment-1368246192)
visible = false;
# TODO: Change the type of this option to a submodule with a
# freeformType, so that individual arguments can be documented
# separately
@ -1110,6 +1115,15 @@ rec {
use = id;
};
/* Transitional version of mkAliasOptionModule that uses MD docs. */
mkAliasOptionModuleMD = from: to: doRename {
inherit from to;
visible = true;
warn = false;
use = id;
markdown = true;
};
/* mkDerivedConfig : Option a -> (a -> Definition b) -> Definition b
Create config definitions with the same priority as the definition of another option.
@ -1130,7 +1144,7 @@ rec {
(opt.highestPrio or defaultOverridePriority)
(f opt.value);
doRename = { from, to, visible, warn, use, withPriority ? true }:
doRename = { from, to, visible, warn, use, withPriority ? true, markdown ? false }:
{ config, options, ... }:
let
fromOpt = getAttrFromPath from options;
@ -1141,7 +1155,9 @@ rec {
{
options = setAttrByPath from (mkOption {
inherit visible;
description = lib.mdDoc "Alias of {option}`${showOption to}`.";
description = if markdown
then lib.mdDoc "Alias of {option}`${showOption to}`."
else "Alias of <option>${showOption to}</option>.";
apply = x: use (toOf config);
} // optionalAttrs (toType != null) {
type = toType;

View file

@ -136,7 +136,7 @@ rec {
let default' = if !isList default then [ default ] else default;
in mkOption {
type = lib.types.package;
description = lib.mdDoc "The ${name} package to use.";
description = "The ${name} package to use.";
default = attrByPath default'
(throw "${concatStringsSep "." default'} cannot be found in pkgs") pkgs;
defaultText = literalExpression ("pkgs." + concatStringsSep "." default');
@ -144,6 +144,11 @@ rec {
(if isList example then "pkgs." + concatStringsSep "." example else example);
};
/* Like mkPackageOption, but emit an mdDoc description instead of DocBook. */
mkPackageOptionMD = args: name: extra:
let option = mkPackageOption args name extra;
in option // { description = lib.mdDoc option.description; };
/* This option accepts anything, but it does not produce any result.
This is useful for sharing a module across different module sets

196
third_party/nixpkgs/lib/path/README.md vendored Normal file
View file

@ -0,0 +1,196 @@
# Path library
This document explains why the `lib.path` library is designed the way it is.
The purpose of this library is to process [filesystem paths]. It does not read files from the filesystem.
It exists to support the native Nix [path value type] with extra functionality.
[filesystem paths]: https://en.m.wikipedia.org/wiki/Path_(computing)
[path value type]: https://nixos.org/manual/nix/stable/language/values.html#type-path
As an extension of the path value type, it inherits the same intended use cases and limitations:
- Only use paths to access files at evaluation time, such as the local project source.
- Paths cannot point to derivations, so they are unfit to represent dependencies.
- A path implicitly imports the referenced files into the Nix store when interpolated to a string. Therefore paths are not suitable to access files at build- or run-time, as you risk importing the path from the evaluation system instead.
Overall, this library works with two types of paths:
- Absolute paths are represented with the Nix [path value type]. Nix automatically normalises these paths.
- Subpaths are represented with the [string value type] since path value types don't support relative paths. This library normalises these paths as safely as possible. Absolute paths in strings are not supported.
A subpath refers to a specific file or directory within an absolute base directory.
It is a stricter form of a relative path, notably [without support for `..` components][parents] since those could escape the base directory.
[string value type]: https://nixos.org/manual/nix/stable/language/values.html#type-string
This library is designed to be as safe and intuitive as possible, throwing errors when operations are attempted that would produce surprising results, and giving the expected result otherwise.
This library is designed to work well as a dependency for the `lib.filesystem` and `lib.sources` library components. Contrary to these library components, `lib.path` does not read any paths from the filesystem.
This library makes only these assumptions about paths and no others:
- `dirOf path` returns the path to the parent directory of `path`, unless `path` is the filesystem root, in which case `path` is returned.
- There can be multiple filesystem roots: `p == dirOf p` and `q == dirOf q` does not imply `p == q`.
- While there's only a single filesystem root in stable Nix, the [lazy trees feature](https://github.com/NixOS/nix/pull/6530) introduces [additional filesystem roots](https://github.com/NixOS/nix/pull/6530#discussion_r1041442173).
- `path + ("/" + string)` returns the path to the `string` subdirectory in `path`.
- If `string` contains no `/` characters, then `dirOf (path + ("/" + string)) == path`.
- If `string` contains no `/` characters, then `baseNameOf (path + ("/" + string)) == string`.
- `path1 == path2` returns `true` only if `path1` points to the same filesystem path as `path2`.
Notably we do not make the assumption that we can turn paths into strings using `toString path`.
## Design decisions
Each subsection here contains a decision along with arguments and counter-arguments for (+) and against (-) that decision.
### Leading dots for relative paths
[leading-dots]: #leading-dots-for-relative-paths
Observing: Since subpaths are a form of relative paths, they can have a leading `./` to indicate it being a relative path, this is generally not necessary for tools though.
Considering: Paths should be as explicit, consistent and unambiguous as possible.
Decision: Returned subpaths should always have a leading `./`.
<details>
<summary>Arguments</summary>
- (+) In shells, just running `foo` as a command wouldn't execute the file `foo`, whereas `./foo` would execute the file. In contrast, `foo/bar` does execute that file without the need for `./`. This can lead to confusion about when a `./` needs to be prefixed. If a `./` is always included, this becomes a non-issue. This effectively then means that paths don't overlap with command names.
- (+) Prepending with `./` makes the subpaths always valid as relative Nix path expressions.
- (+) Using paths in command line arguments could give problems if not escaped properly, e.g. if a path was `--version`. This is not a problem with `./--version`. This effectively then means that paths don't overlap with GNU-style command line options.
- (-) `./` is not required to resolve relative paths, resolution always has an implicit `./` as prefix.
- (-) It's less noisy without the `./`, e.g. in error messages.
- (+) But similarly, it could be confusing whether something was even a path.
e.g. `foo` could be anything, but `./foo` is more clearly a path.
- (+) Makes it more uniform with absolute paths (those always start with `/`).
- (-) That is not relevant for practical purposes.
- (+) `find` also outputs results with `./`.
- (-) But only if you give it an argument of `.`. If you give it the argument `some-directory`, it won't prefix that.
- (-) `realpath --relative-to` doesn't prefix relative paths with `./`.
- (+) There is no need to return the same result as `realpath`.
</details>
### Representation of the current directory
[curdir]: #representation-of-the-current-directory
Observing: The subpath that produces the base directory can be represented with `.` or `./` or `./.`.
Considering: Paths should be as consistent and unambiguous as possible.
Decision: It should be `./.`.
<details>
<summary>Arguments</summary>
- (+) `./` would be inconsistent with [the decision to not persist trailing slashes][trailing-slashes].
- (-) `.` is how `realpath` normalises paths.
- (+) `.` can be interpreted as a shell command (it's a builtin for sourcing files in `bash` and `zsh`).
- (+) `.` would be the only path without a `/`. It could not be used as a Nix path expression, since those require at least one `/` to be parsed as such.
- (-) `./.` is rather long.
- (-) We don't require users to type this though, as it's only output by the library.
As inputs all three variants are supported for subpaths (and we can't do anything about absolute paths)
- (-) `builtins.dirOf "foo" == "."`, so `.` would be consistent with that.
- (+) `./.` is consistent with the [decision to have leading `./`][leading-dots].
- (+) `./.` is a valid Nix path expression, although this property does not hold for every relative path or subpath.
</details>
### Subpath representation
[relrepr]: #subpath-representation
Observing: Subpaths such as `foo/bar` can be represented in various ways:
- string: `"foo/bar"`
- list with all the components: `[ "foo" "bar" ]`
- attribute set: `{ type = "relative-path"; components = [ "foo" "bar" ]; }`
Considering: Paths should be as safe to use as possible. We should generate string outputs in the library and not encourage users to do that themselves.
Decision: Paths are represented as strings.
<details>
<summary>Arguments</summary>
- (+) It's simpler for the users of the library. One doesn't have to convert a path a string before it can be used.
- (+) Naively converting the list representation to a string with `concatStringsSep "/"` would break for `[]`, requiring library users to be more careful.
- (+) It doesn't encourage people to do their own path processing and instead use the library.
With a list representation it would seem easy to just use `lib.lists.init` to get the parent directory, but then it breaks for `.`, which would be represented as `[ ]`.
- (+) `+` is convenient and doesn't work on lists and attribute sets.
- (-) Shouldn't use `+` anyways, we export safer functions for path manipulation.
</details>
### Parent directory
[parents]: #parent-directory
Observing: Relative paths can have `..` components, which refer to the parent directory.
Considering: Paths should be as safe and unambiguous as possible.
Decision: `..` path components in string paths are not supported, neither as inputs nor as outputs. Hence, string paths are called subpaths, rather than relative paths.
<details>
<summary>Arguments</summary>
- (+) If we wanted relative paths to behave according to the "physical" interpretation (as a directory tree with relations between nodes), it would require resolving symlinks, since e.g. `foo/..` would not be the same as `.` if `foo` is a symlink.
- (-) The "logical" interpretation is also valid (treating paths as a sequence of names), and is used by some software. It is simpler, and not using symlinks at all is safer.
- (+) Mixing both models can lead to surprises.
- (+) We can't resolve symlinks without filesystem access.
- (+) Nix also doesn't support reading symlinks at evaluation time.
- (-) We could just not handle such cases, e.g. `equals "foo" "foo/bar/.. == false`. The paths are different, we don't need to check whether the paths point to the same thing.
- (+) Assume we said `relativeTo /foo /bar == "../bar"`. If this is used like `/bar/../foo` in the end, and `bar` turns out to be a symlink to somewhere else, this won't be accurate.
- (-) We could decide to not support such ambiguous operations, or mark them as such, e.g. the normal `relativeTo` will error on such a case, but there could be `extendedRelativeTo` supporting that.
- (-) `..` are a part of paths, a path library should therefore support it.
- (+) If we can convincingly argue that all such use cases are better done e.g. with runtime tools, the library not supporting it can nudge people towards using those.
- (-) We could allow "..", but only in the prefix.
- (+) Then we'd have to throw an error for doing `append /some/path "../foo"`, making it non-composable.
- (+) The same is for returning paths with `..`: `relativeTo /foo /bar => "../bar"` would produce a non-composable path.
- (+) We argue that `..` is not needed at the Nix evaluation level, since we'd always start evaluation from the project root and don't go up from there.
- (+) `..` is supported in Nix paths, turning them into absolute paths.
- (-) This is ambiguous in the presence of symlinks.
- (+) If you need `..` for building or runtime, you can use build-/run-time tooling to create those (e.g. `realpath` with `--relative-to`), or use absolute paths instead.
This also gives you the ability to correctly handle symlinks.
</details>
### Trailing slashes
[trailing-slashes]: #trailing-slashes
Observing: Subpaths can contain trailing slashes, like `foo/`, indicating that the path points to a directory and not a file.
Considering: Paths should be as consistent as possible, there should only be a single normalisation for the same path.
Decision: All functions remove trailing slashes in their results.
<details>
<summary>Arguments</summary>
- (+) It allows normalisations to be unique, in that there's only a single normalisation for the same path. If trailing slashes were preserved, both `foo/bar` and `foo/bar/` would be valid but different normalisations for the same path.
- Comparison to other frameworks to figure out the least surprising behavior:
- (+) Nix itself doesn't support trailing slashes when parsing and doesn't preserve them when appending paths.
- (-) [Rust's std::path](https://doc.rust-lang.org/std/path/index.html) does preserve them during [construction](https://doc.rust-lang.org/std/path/struct.Path.html#method.new).
- (+) Doesn't preserve them when returning individual [components](https://doc.rust-lang.org/std/path/struct.Path.html#method.components).
- (+) Doesn't preserve them when [canonicalizing](https://doc.rust-lang.org/std/path/struct.Path.html#method.canonicalize).
- (+) [Python 3's pathlib](https://docs.python.org/3/library/pathlib.html#module-pathlib) doesn't preserve them during [construction](https://docs.python.org/3/library/pathlib.html#pathlib.PurePath).
- Notably it represents the individual components as a list internally.
- (-) [Haskell's filepath](https://hackage.haskell.org/package/filepath-1.4.100.0) has [explicit support](https://hackage.haskell.org/package/filepath-1.4.100.0/docs/System-FilePath.html#g:6) for handling trailing slashes.
- (-) Does preserve them for [normalisation](https://hackage.haskell.org/package/filepath-1.4.100.0/docs/System-FilePath.html#v:normalise).
- (-) [NodeJS's Path library](https://nodejs.org/api/path.html) preserves trailing slashes for [normalisation](https://nodejs.org/api/path.html#pathnormalizepath).
- (+) For [parsing a path](https://nodejs.org/api/path.html#pathparsepath) into its significant elements, trailing slashes are not preserved.
- (+) Nix's builtin function `dirOf` gives an unexpected result for paths with trailing slashes: `dirOf "foo/bar/" == "foo/bar"`.
Inconsistently, `baseNameOf` works correctly though: `baseNameOf "foo/bar/" == "bar"`.
- (-) We are writing a path library to improve handling of paths though, so we shouldn't use these functions and discourage their use.
- (-) Unexpected result when normalising intermediate paths, like `relative.normalise ("foo" + "/") + "bar" == "foobar"`.
- (+) This is not a practical use case though.
- (+) Don't use `+` to append paths, this library has a `join` function for that.
- (-) Users might use `+` out of habit though.
- (+) The `realpath` command also removes trailing slashes.
- (+) Even with a trailing slash, the path is the same, it's only an indication that it's a directory.
</details>
## Other implementations and references
- [Rust](https://doc.rust-lang.org/std/path/struct.Path.html)
- [Python](https://docs.python.org/3/library/pathlib.html)
- [Haskell](https://hackage.haskell.org/package/filepath-1.4.100.0/docs/System-FilePath.html)
- [Nodejs](https://nodejs.org/api/path.html)
- [POSIX.1-2017](https://pubs.opengroup.org/onlinepubs/9699919799/nframe.html)

218
third_party/nixpkgs/lib/path/default.nix vendored Normal file
View file

@ -0,0 +1,218 @@
# Functions for working with paths, see ./path.md
{ lib }:
let
inherit (builtins)
isString
split
match
;
inherit (lib.lists)
length
head
last
genList
elemAt
;
inherit (lib.strings)
concatStringsSep
substring
;
inherit (lib.asserts)
assertMsg
;
# Return the reason why a subpath is invalid, or `null` if it's valid
subpathInvalidReason = value:
if ! isString value then
"The given value is of type ${builtins.typeOf value}, but a string was expected"
else if value == "" then
"The given string is empty"
else if substring 0 1 value == "/" then
"The given string \"${value}\" starts with a `/`, representing an absolute path"
# We don't support ".." components, see ./path.md#parent-directory
else if match "(.*/)?\\.\\.(/.*)?" value != null then
"The given string \"${value}\" contains a `..` component, which is not allowed in subpaths"
else null;
# Split and normalise a relative path string into its components.
# Error for ".." components and doesn't include "." components
splitRelPath = path:
let
# Split the string into its parts using regex for efficiency. This regex
# matches patterns like "/", "/./", "/././", with arbitrarily many "/"s
# together. These are the main special cases:
# - Leading "./" gets split into a leading "." part
# - Trailing "/." or "/" get split into a trailing "." or ""
# part respectively
#
# These are the only cases where "." and "" parts can occur
parts = split "/+(\\./+)*" path;
# `split` creates a list of 2 * k + 1 elements, containing the k +
# 1 parts, interleaved with k matches where k is the number of
# (non-overlapping) matches. This calculation here gets the number of parts
# back from the list length
# floor( (2 * k + 1) / 2 ) + 1 == floor( k + 1/2 ) + 1 == k + 1
partCount = length parts / 2 + 1;
# To assemble the final list of components we want to:
# - Skip a potential leading ".", normalising "./foo" to "foo"
# - Skip a potential trailing "." or "", normalising "foo/" and "foo/." to
# "foo". See ./path.md#trailing-slashes
skipStart = if head parts == "." then 1 else 0;
skipEnd = if last parts == "." || last parts == "" then 1 else 0;
# We can now know the length of the result by removing the number of
# skipped parts from the total number
componentCount = partCount - skipEnd - skipStart;
in
# Special case of a single "." path component. Such a case leaves a
# componentCount of -1 due to the skipStart/skipEnd not verifying that
# they don't refer to the same character
if path == "." then []
# Generate the result list directly. This is more efficient than a
# combination of `filter`, `init` and `tail`, because here we don't
# allocate any intermediate lists
else genList (index:
# To get to the element we need to add the number of parts we skip and
# multiply by two due to the interleaved layout of `parts`
elemAt parts ((skipStart + index) * 2)
) componentCount;
# Join relative path components together
joinRelPath = components:
# Always return relative paths with `./` as a prefix (./path.md#leading-dots-for-relative-paths)
"./" +
# An empty string is not a valid relative path, so we need to return a `.` when we have no components
(if components == [] then "." else concatStringsSep "/" components);
in /* No rec! Add dependencies on this file at the top. */ {
/* Whether a value is a valid subpath string.
- The value is a string
- The string is not empty
- The string doesn't start with a `/`
- The string doesn't contain any `..` path components
Type:
subpath.isValid :: String -> Bool
Example:
# Not a string
subpath.isValid null
=> false
# Empty string
subpath.isValid ""
=> false
# Absolute path
subpath.isValid "/foo"
=> false
# Contains a `..` path component
subpath.isValid "../foo"
=> false
# Valid subpath
subpath.isValid "foo/bar"
=> true
# Doesn't need to be normalised
subpath.isValid "./foo//bar/"
=> true
*/
subpath.isValid = value:
subpathInvalidReason value == null;
/* Normalise a subpath. Throw an error if the subpath isn't valid, see
`lib.path.subpath.isValid`
- Limit repeating `/` to a single one
- Remove redundant `.` components
- Remove trailing `/` and `/.`
- Add leading `./`
Laws:
- (Idempotency) Normalising multiple times gives the same result:
subpath.normalise (subpath.normalise p) == subpath.normalise p
- (Uniqueness) There's only a single normalisation for the paths that lead to the same file system node:
subpath.normalise p != subpath.normalise q -> $(realpath ${p}) != $(realpath ${q})
- Don't change the result when appended to a Nix path value:
base + ("/" + p) == base + ("/" + subpath.normalise p)
- Don't change the path according to `realpath`:
$(realpath ${p}) == $(realpath ${subpath.normalise p})
- Only error on invalid subpaths:
builtins.tryEval (subpath.normalise p)).success == subpath.isValid p
Type:
subpath.normalise :: String -> String
Example:
# limit repeating `/` to a single one
subpath.normalise "foo//bar"
=> "./foo/bar"
# remove redundant `.` components
subpath.normalise "foo/./bar"
=> "./foo/bar"
# add leading `./`
subpath.normalise "foo/bar"
=> "./foo/bar"
# remove trailing `/`
subpath.normalise "foo/bar/"
=> "./foo/bar"
# remove trailing `/.`
subpath.normalise "foo/bar/."
=> "./foo/bar"
# Return the current directory as `./.`
subpath.normalise "."
=> "./."
# error on `..` path components
subpath.normalise "foo/../bar"
=> <error>
# error on empty string
subpath.normalise ""
=> <error>
# error on absolute path
subpath.normalise "/foo"
=> <error>
*/
subpath.normalise = path:
assert assertMsg (subpathInvalidReason path == null)
"lib.path.subpath.normalise: Argument is not a valid subpath string: ${subpathInvalidReason path}";
joinRelPath (splitRelPath path);
}

View file

@ -0,0 +1,34 @@
{
nixpkgs ? ../../..,
system ? builtins.currentSystem,
pkgs ? import nixpkgs {
config = {};
overlays = [];
inherit system;
},
libpath ? ../..,
# Random seed
seed ? null,
}:
pkgs.runCommand "lib-path-tests" {
nativeBuildInputs = with pkgs; [
nix
jq
bc
];
} ''
# Needed to make Nix evaluation work
export NIX_STATE_DIR=$(mktemp -d)
cp -r ${libpath} lib
export TEST_LIB=$PWD/lib
echo "Running unit tests lib/path/tests/unit.nix"
nix-instantiate --eval lib/path/tests/unit.nix \
--argstr libpath "$TEST_LIB"
echo "Running property tests lib/path/tests/prop.sh"
bash lib/path/tests/prop.sh ${toString seed}
touch $out
''

View file

@ -0,0 +1,64 @@
# Generate random path-like strings, separated by null characters.
#
# Invocation:
#
# awk -f ./generate.awk -v <variable>=<value> | tr '\0' '\n'
#
# Customizable variables (all default to 0):
# - seed: Deterministic random seed to use for generation
# - count: Number of paths to generate
# - extradotweight: Give extra weight to dots being generated
# - extraslashweight: Give extra weight to slashes being generated
# - extranullweight: Give extra weight to null being generated, making paths shorter
BEGIN {
# Random seed, passed explicitly for reproducibility
srand(seed)
# Don't include special characters below 32
minascii = 32
# Don't include DEL at 128
maxascii = 127
upperascii = maxascii - minascii
# add extra weight for ., in addition to the one weight from the ascii range
upperdot = upperascii + extradotweight
# add extra weight for /, in addition to the one weight from the ascii range
upperslash = upperdot + extraslashweight
# add extra weight for null, indicating the end of the string
# Must be at least 1 to have strings end at all
total = upperslash + 1 + extranullweight
# new=1 indicates that it's a new string
new=1
while (count > 0) {
# Random integer between [0, total)
value = int(rand() * total)
if (value < upperascii) {
# Ascii range
printf("%c", value + minascii)
new=0
} else if (value < upperdot) {
# Dot range
printf "."
new=0
} else if (value < upperslash) {
# If it's the start of a new path, only generate a / in 10% of cases
# This is always an invalid subpath, which is not a very interesting case
if (new && rand() > 0.1) continue
printf "/"
} else {
# Do not generate empty strings
if (new) continue
printf "\x00"
count--
new=1
}
}
}

View file

@ -0,0 +1,60 @@
# Given a list of path-like strings, check some properties of the path library
# using those paths and return a list of attribute sets of the following form:
#
# { <string> = <lib.path.subpath.normalise string>; }
#
# If `normalise` fails to evaluate, the attribute value is set to `""`.
# If not, the resulting value is normalised again and an appropriate attribute set added to the output list.
{
# The path to the nixpkgs lib to use
libpath,
# A flat directory containing files with randomly-generated
# path-like values
dir,
}:
let
lib = import libpath;
# read each file into a string
strings = map (name:
builtins.readFile (dir + "/${name}")
) (builtins.attrNames (builtins.readDir dir));
inherit (lib.path.subpath) normalise isValid;
inherit (lib.asserts) assertMsg;
normaliseAndCheck = str:
let
originalValid = isValid str;
tryOnce = builtins.tryEval (normalise str);
tryTwice = builtins.tryEval (normalise tryOnce.value);
absConcatOrig = /. + ("/" + str);
absConcatNormalised = /. + ("/" + tryOnce.value);
in
# Check the lib.path.subpath.normalise property to only error on invalid subpaths
assert assertMsg
(originalValid -> tryOnce.success)
"Even though string \"${str}\" is valid as a subpath, the normalisation for it failed";
assert assertMsg
(! originalValid -> ! tryOnce.success)
"Even though string \"${str}\" is invalid as a subpath, the normalisation for it succeeded";
# Check normalisation idempotency
assert assertMsg
(originalValid -> tryTwice.success)
"For valid subpath \"${str}\", the normalisation \"${tryOnce.value}\" was not a valid subpath";
assert assertMsg
(originalValid -> tryOnce.value == tryTwice.value)
"For valid subpath \"${str}\", normalising it once gives \"${tryOnce.value}\" but normalising it twice gives a different result: \"${tryTwice.value}\"";
# Check that normalisation doesn't change a string when appended to an absolute Nix path value
assert assertMsg
(originalValid -> absConcatOrig == absConcatNormalised)
"For valid subpath \"${str}\", appending to an absolute Nix path value gives \"${absConcatOrig}\", but appending the normalised result \"${tryOnce.value}\" gives a different value \"${absConcatNormalised}\"";
# Return an empty string when failed
if tryOnce.success then tryOnce.value else "";
in lib.genAttrs strings normaliseAndCheck

179
third_party/nixpkgs/lib/path/tests/prop.sh vendored Executable file
View file

@ -0,0 +1,179 @@
#!/usr/bin/env bash
# Property tests for the `lib.path` library
#
# It generates random path-like strings and runs the functions on
# them, checking that the expected laws of the functions hold
set -euo pipefail
shopt -s inherit_errexit
# https://stackoverflow.com/a/246128
SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
if test -z "${TEST_LIB:-}"; then
TEST_LIB=$SCRIPT_DIR/../..
fi
tmp="$(mktemp -d)"
clean_up() {
rm -rf "$tmp"
}
trap clean_up EXIT
mkdir -p "$tmp/work"
cd "$tmp/work"
# Defaulting to a random seed but the first argument can override this
seed=${1:-$RANDOM}
echo >&2 "Using seed $seed, use \`lib/path/tests/prop.sh $seed\` to reproduce this result"
# The number of random paths to generate. This specific number was chosen to
# be fast enough while still generating enough variety to detect bugs.
count=500
debug=0
# debug=1 # print some extra info
# debug=2 # print generated values
# Fine tuning parameters to balance the number of generated invalid paths
# to the variance in generated paths.
extradotweight=64 # Larger value: more dots
extraslashweight=64 # Larger value: more slashes
extranullweight=16 # Larger value: shorter strings
die() {
echo >&2 "test case failed: " "$@"
exit 1
}
if [[ "$debug" -ge 1 ]]; then
echo >&2 "Generating $count random path-like strings"
fi
# Read stream of null-terminated strings entry-by-entry into bash,
# write it to a file and the `strings` array.
declare -a strings=()
mkdir -p "$tmp/strings"
while IFS= read -r -d $'\0' str; do
printf "%s" "$str" > "$tmp/strings/${#strings[@]}"
strings+=("$str")
done < <(awk \
-f "$SCRIPT_DIR"/generate.awk \
-v seed="$seed" \
-v count="$count" \
-v extradotweight="$extradotweight" \
-v extraslashweight="$extraslashweight" \
-v extranullweight="$extranullweight")
if [[ "$debug" -ge 1 ]]; then
echo >&2 "Trying to normalise the generated path-like strings with Nix"
fi
# Precalculate all normalisations with a single Nix call. Calling Nix for each
# string individually would take way too long
nix-instantiate --eval --strict --json \
--argstr libpath "$TEST_LIB" \
--argstr dir "$tmp/strings" \
"$SCRIPT_DIR"/prop.nix \
>"$tmp/result.json"
# Uses some jq magic to turn the resulting attribute set into an associative
# bash array assignment
declare -A normalised_result="($(jq '
to_entries
| map("[\(.key | @sh)]=\(.value | @sh)")
| join(" \n")' -r < "$tmp/result.json"))"
# Looks up a normalisation result for a string
# Checks that the normalisation is only failing iff it's an invalid subpath
# For valid subpaths, returns 0 and prints the normalisation result
# For invalid subpaths, returns 1
normalise() {
local str=$1
# Uses the same check for validity as in the library implementation
if [[ "$str" == "" || "$str" == /* || "$str" =~ ^(.*/)?\.\.(/.*)?$ ]]; then
valid=
else
valid=1
fi
normalised=${normalised_result[$str]}
# An empty string indicates failure, this is encoded in ./prop.nix
if [[ -n "$normalised" ]]; then
if [[ -n "$valid" ]]; then
echo "$normalised"
else
die "For invalid subpath \"$str\", lib.path.subpath.normalise returned this result: \"$normalised\""
fi
else
if [[ -n "$valid" ]]; then
die "For valid subpath \"$str\", lib.path.subpath.normalise failed"
else
if [[ "$debug" -ge 2 ]]; then
echo >&2 "String \"$str\" is not a valid subpath"
fi
# Invalid and it correctly failed, we let the caller continue if they catch the exit code
return 1
fi
fi
}
# Intermediate result populated by test_idempotency_realpath
# and used in test_normalise_uniqueness
#
# Contains a mapping from a normalised subpath to the realpath result it represents
declare -A norm_to_real
test_idempotency_realpath() {
if [[ "$debug" -ge 1 ]]; then
echo >&2 "Checking idempotency of each result and making sure the realpath result isn't changed"
fi
# Count invalid subpaths to display stats
invalid=0
for str in "${strings[@]}"; do
if ! result=$(normalise "$str"); then
((invalid++)) || true
continue
fi
# Check the law that it doesn't change the result of a realpath
mkdir -p -- "$str" "$result"
real_orig=$(realpath -- "$str")
real_norm=$(realpath -- "$result")
if [[ "$real_orig" != "$real_norm" ]]; then
die "realpath of the original string \"$str\" (\"$real_orig\") is not the same as realpath of the normalisation \"$result\" (\"$real_norm\")"
fi
if [[ "$debug" -ge 2 ]]; then
echo >&2 "String \"$str\" gets normalised to \"$result\" and file path \"$real_orig\""
fi
norm_to_real["$result"]="$real_orig"
done
if [[ "$debug" -ge 1 ]]; then
echo >&2 "$(bc <<< "scale=1; 100 / $count * $invalid")% of the total $count generated strings were invalid subpath strings, and were therefore ignored"
fi
}
test_normalise_uniqueness() {
if [[ "$debug" -ge 1 ]]; then
echo >&2 "Checking for the uniqueness law"
fi
for norm_p in "${!norm_to_real[@]}"; do
real_p=${norm_to_real["$norm_p"]}
for norm_q in "${!norm_to_real[@]}"; do
real_q=${norm_to_real["$norm_q"]}
# Checks normalisation uniqueness law for each pair of values
if [[ "$norm_p" != "$norm_q" && "$real_p" == "$real_q" ]]; then
die "Normalisations \"$norm_p\" and \"$norm_q\" are different, but the realpath of them is the same: \"$real_p\""
fi
done
done
}
test_idempotency_realpath
test_normalise_uniqueness
echo >&2 tests ok

View file

@ -0,0 +1,125 @@
# Unit tests for lib.path functions. Use `nix-build` in this directory to
# run these
{ libpath }:
let
lib = import libpath;
inherit (lib.path) subpath;
cases = lib.runTests {
testSubpathIsValidExample1 = {
expr = subpath.isValid null;
expected = false;
};
testSubpathIsValidExample2 = {
expr = subpath.isValid "";
expected = false;
};
testSubpathIsValidExample3 = {
expr = subpath.isValid "/foo";
expected = false;
};
testSubpathIsValidExample4 = {
expr = subpath.isValid "../foo";
expected = false;
};
testSubpathIsValidExample5 = {
expr = subpath.isValid "foo/bar";
expected = true;
};
testSubpathIsValidExample6 = {
expr = subpath.isValid "./foo//bar/";
expected = true;
};
testSubpathIsValidTwoDotsEnd = {
expr = subpath.isValid "foo/..";
expected = false;
};
testSubpathIsValidTwoDotsMiddle = {
expr = subpath.isValid "foo/../bar";
expected = false;
};
testSubpathIsValidTwoDotsPrefix = {
expr = subpath.isValid "..foo";
expected = true;
};
testSubpathIsValidTwoDotsSuffix = {
expr = subpath.isValid "foo..";
expected = true;
};
testSubpathIsValidTwoDotsPrefixComponent = {
expr = subpath.isValid "foo/..bar/baz";
expected = true;
};
testSubpathIsValidTwoDotsSuffixComponent = {
expr = subpath.isValid "foo/bar../baz";
expected = true;
};
testSubpathIsValidThreeDots = {
expr = subpath.isValid "...";
expected = true;
};
testSubpathIsValidFourDots = {
expr = subpath.isValid "....";
expected = true;
};
testSubpathIsValidThreeDotsComponent = {
expr = subpath.isValid "foo/.../bar";
expected = true;
};
testSubpathIsValidFourDotsComponent = {
expr = subpath.isValid "foo/..../bar";
expected = true;
};
testSubpathNormaliseExample1 = {
expr = subpath.normalise "foo//bar";
expected = "./foo/bar";
};
testSubpathNormaliseExample2 = {
expr = subpath.normalise "foo/./bar";
expected = "./foo/bar";
};
testSubpathNormaliseExample3 = {
expr = subpath.normalise "foo/bar";
expected = "./foo/bar";
};
testSubpathNormaliseExample4 = {
expr = subpath.normalise "foo/bar/";
expected = "./foo/bar";
};
testSubpathNormaliseExample5 = {
expr = subpath.normalise "foo/bar/.";
expected = "./foo/bar";
};
testSubpathNormaliseExample6 = {
expr = subpath.normalise ".";
expected = "./.";
};
testSubpathNormaliseExample7 = {
expr = (builtins.tryEval (subpath.normalise "foo/../bar")).success;
expected = false;
};
testSubpathNormaliseExample8 = {
expr = (builtins.tryEval (subpath.normalise "")).success;
expected = false;
};
testSubpathNormaliseExample9 = {
expr = (builtins.tryEval (subpath.normalise "/foo")).success;
expected = false;
};
testSubpathNormaliseIsValidDots = {
expr = subpath.normalise "./foo/.bar/.../baz...qux";
expected = "./foo/.bar/.../baz...qux";
};
testSubpathNormaliseWrongType = {
expr = (builtins.tryEval (subpath.normalise null)).success;
expected = false;
};
testSubpathNormaliseTwoDots = {
expr = (builtins.tryEval (subpath.normalise "..")).success;
expected = false;
};
};
in
if cases == [] then "Unit tests successful"
else throw "Path unit tests failed: ${lib.generators.toPretty {} cases}"

View file

@ -18,6 +18,7 @@ rec {
isInt
isList
isAttrs
isPath
isString
match
parseDrvName
@ -395,7 +396,7 @@ rec {
*/
toShellVar = name: value:
lib.throwIfNot (isValidPosixName name) "toShellVar: ${name} is not a valid shell variable name" (
if isAttrs value && ! isCoercibleToString value then
if isAttrs value && ! isStringLike value then
"declare -A ${name}=(${
concatStringsSep " " (lib.mapAttrsToList (n: v:
"[${escapeShellArg n}]=${escapeShellArg v}"
@ -798,10 +799,31 @@ rec {
in lib.warnIf (!precise) "Imprecise conversion from float to string ${result}"
result;
/* Check whether a value can be coerced to a string */
isCoercibleToString = x:
elem (typeOf x) [ "path" "string" "null" "int" "float" "bool" ] ||
(isList x && lib.all isCoercibleToString x) ||
/* Soft-deprecated function. While the original implementation is available as
isConvertibleWithToString, consider using isStringLike instead, if suitable. */
isCoercibleToString = lib.warnIf (lib.isInOldestRelease 2305)
"lib.strings.isCoercibleToString is deprecated in favor of either isStringLike or isConvertibleWithToString. Only use the latter if it needs to return true for null, numbers, booleans and list of similarly coercibles."
isConvertibleWithToString;
/* Check whether a list or other value can be passed to toString.
Many types of value are coercible to string this way, including int, float,
null, bool, list of similarly coercible values.
*/
isConvertibleWithToString = x:
isStringLike x ||
elem (typeOf x) [ "null" "int" "float" "bool" ] ||
(isList x && lib.all isConvertibleWithToString x);
/* Check whether a value can be coerced to a string.
The value must be a string, path, or attribute set.
String-like values can be used without explicit conversion in
string interpolations and in most functions that expect a string.
*/
isStringLike = x:
isString x ||
isPath x ||
x ? outPath ||
x ? __toString;
@ -818,7 +840,7 @@ rec {
=> false
*/
isStorePath = x:
if !(isList x) && isCoercibleToString x then
if isStringLike x then
let str = toString x; in
substring 0 1 str == "/"
&& dirOf str == storeDir

View file

@ -101,7 +101,14 @@ rec {
}.${final.parsed.kernel.name} or null;
# uname -m
processor = final.parsed.cpu.name;
processor =
if final.isPower64
then "ppc64${lib.optionalString final.isLittleEndian "le"}"
else if final.isPower
then "ppc${lib.optionalString final.isLittleEndian "le"}"
else if final.isMips64
then "mips64" # endianness is *not* included on mips64
else final.parsed.cpu.name;
# uname -r
release = null;
@ -135,12 +142,7 @@ rec {
if final.isAarch32 then "arm"
else if final.isx86_64 then "x86_64"
else if final.isx86 then "i386"
else {
powerpc = "ppc";
powerpcle = "ppc";
powerpc64 = "ppc64";
powerpc64le = "ppc64le";
}.${final.parsed.cpu.name} or final.parsed.cpu.name;
else final.uname.processor;
# Name used by UEFI for architectures.
efiArch =

View file

@ -48,6 +48,7 @@ rec {
is32bit = { cpu = { bits = 32; }; };
is64bit = { cpu = { bits = 64; }; };
isILP32 = map (a: { abi = { abi = a; }; }) [ "n32" "ilp32" "x32" ];
isBigEndian = { cpu = { significantByte = significantBytes.bigEndian; }; };
isLittleEndian = { cpu = { significantByte = significantBytes.littleEndian; }; };

View file

@ -91,10 +91,14 @@ rec {
microblaze = { bits = 32; significantByte = bigEndian; family = "microblaze"; };
microblazeel = { bits = 32; significantByte = littleEndian; family = "microblaze"; };
mips = { bits = 32; significantByte = bigEndian; family = "mips"; };
mipsel = { bits = 32; significantByte = littleEndian; family = "mips"; };
mips64 = { bits = 64; significantByte = bigEndian; family = "mips"; };
mips64el = { bits = 64; significantByte = littleEndian; family = "mips"; };
mips = { bits = 32; significantByte = bigEndian; family = "mips"; };
mipsel = { bits = 32; significantByte = littleEndian; family = "mips"; };
mipsisa32r6 = { bits = 32; significantByte = bigEndian; family = "mips"; };
mipsisa32r6el = { bits = 32; significantByte = littleEndian; family = "mips"; };
mips64 = { bits = 64; significantByte = bigEndian; family = "mips"; };
mips64el = { bits = 64; significantByte = littleEndian; family = "mips"; };
mipsisa64r6 = { bits = 64; significantByte = bigEndian; family = "mips"; };
mipsisa64r6el = { bits = 64; significantByte = littleEndian; family = "mips"; };
mmix = { bits = 64; significantByte = bigEndian; family = "mmix"; };

View file

@ -15,6 +15,9 @@ pkgs.runCommand "nixpkgs-lib-tests" {
inherit pkgs;
lib = import ../.;
})
(import ../path/tests {
inherit pkgs;
})
];
} ''
datadir="${pkgs.nix}/share"

View file

@ -179,7 +179,7 @@ rec {
they take effect as soon as the oldest release reaches end of life. */
oldestSupportedRelease =
# Update on master only. Do not backport.
2205;
2211;
/* Whether a feature is supported in all supported releases (at the time of
release branch-off, if applicable). See `oldestSupportedRelease`. */

View file

@ -54,7 +54,7 @@ let
concatStringsSep
escapeNixString
hasInfix
isCoercibleToString
isStringLike
;
inherit (lib.trivial)
boolToString
@ -227,7 +227,7 @@ rec {
merge = loc: defs:
let
getType = value:
if isAttrs value && isCoercibleToString value
if isAttrs value && isStringLike value
then "stringCoercibleSet"
else builtins.typeOf value;
@ -479,7 +479,7 @@ rec {
path = mkOptionType {
name = "path";
descriptionClass = "noun";
check = x: isCoercibleToString x && builtins.substring 0 1 (toString x) == "/";
check = x: isStringLike x && builtins.substring 0 1 (toString x) == "/";
merge = mergeEqualOption;
};
@ -558,6 +558,15 @@ rec {
nestedTypes.elemType = elemType;
};
# TODO: deprecate this in the future:
loaOf = elemType: types.attrsOf elemType // {
name = "loaOf";
deprecationMessage = "Mixing lists with attribute values is no longer"
+ " possible; please use `types.attrsOf` instead. See"
+ " https://github.com/NixOS/nixpkgs/issues/1800 for the motivation.";
nestedTypes.elemType = elemType;
};
# Value of given type but with no merging (i.e. `uniq list`s are not concatenated).
uniq = elemType: mkOptionType rec {
name = "uniq";

View file

@ -121,6 +121,12 @@
githubId = 7414843;
name = "Nicholas von Klitzing";
};
_3JlOy-PYCCKUi = {
name = "3JlOy-PYCCKUi";
email = "3jl0y_pycckui@riseup.net";
github = "3JlOy-PYCCKUi";
githubId = 46464602;
};
_360ied = {
name = "Brian Zhu";
email = "therealbarryplayer@gmail.com";
@ -1975,6 +1981,12 @@
githubId = 1743184;
name = "Boris Babić";
};
borlaag = {
email = "borlaag@proton.me";
github = "Borlaag";
githubId = 114830266;
name = "Børlaag";
};
bosu = {
email = "boriss@gmail.com";
github = "bosu";
@ -3025,6 +3037,15 @@
githubId = 16950437;
name = "cwyc";
};
cynerd = {
name = "Karel Kočí";
email = "cynerd@email.cz";
github = "Cynerd";
githubId = 3811900;
keys = [{
fingerprint = "2B1F 70F9 5F1B 48DA 2265 A7FA A6BC 8B8C EB31 659B";
}];
};
cyounkins = {
name = "Craig Younkins";
email = "cyounkins@gmail.com";
@ -3454,6 +3475,13 @@
githubId = 10042482;
name = "Louis Pearson";
};
Dettorer = {
name = "Paul Hervot";
email = "paul.hervot@dettorer.net";
matrix = "@dettorer:matrix.org";
github = "Dettorer";
githubId = 2761682;
};
devhell = {
email = ''"^"@regexmail.net'';
github = "devhell";
@ -3871,6 +3899,16 @@
githubId = 15128988;
name = "Maksim Dzabraev";
};
e1mo = {
email = "nixpkgs@e1mo.de";
matrix = "@e1mo:chaos.jetzt";
github = "e1mo";
githubId = 61651268;
name = "Moritz Fromm";
keys = [{
fingerprint = "67BE E563 43B6 420D 550E DF2A 6D61 7FD0 A85B AADA";
}];
};
eadwu = {
email = "edmund.wu@protonmail.com";
github = "eadwu";
@ -4537,6 +4575,12 @@
githubId = 225893;
name = "James Cook";
};
farcaller = {
name = "Vladimir Pouzanov";
email = "farcaller@gmail.com";
github = "farcaller";
githubId = 693;
};
fare = {
email = "fahree@gmail.com";
github = "fare";
@ -4579,6 +4623,16 @@
githubId = 541748;
name = "Felipe Espinoza";
};
federicoschonborn = {
name = "Federico Damián Schonborn";
email = "fdschonborn@gmail.com";
github = "FedericoSchonborn";
githubId = 62166915;
matrix = "@FedericoDSchonborn:matrix.org";
keys = [
{ fingerprint = "517A 8A6A 09CA A11C 9667 CEE3 193F 70F1 5C9A B0A0"; }
];
};
fedx-sudo = {
email = "fedx-sudo@pm.me";
github = "FedX-sudo";
@ -4600,10 +4654,11 @@
};
felipeqq2 = {
name = "Felipe Silva";
email = "felipeqq2@outlook.com";
email = "nixpkgs@felipeqq2.rocks";
github = "felipeqq2";
githubId = 71830138;
keys = [{ fingerprint = "F5F0 2BCE 3580 BF2B 707A AA8C 2FD3 4A9E 2671 91B8"; }];
matrix = "@felipeqq2:pub.solar";
};
felixscheinost = {
name = "Felix Scheinost";
@ -5123,6 +5178,12 @@
githubId = 15957973;
name = "Jeffry Molanus";
};
gilice = {
email = "gilice@proton.me";
github = "gilice";
githubId = 104317939;
name = "gilice";
};
gilligan = {
email = "tobias.pflug@gmail.com";
github = "gilligan";
@ -6791,6 +6852,12 @@
githubId = 3967312;
name = "Jocelyn Thode";
};
joedevivo = {
email = "55951+joedevivo@users.noreply.github.com";
github = "joedevivo";
githubId = 55951;
name = "Joe DeVivo";
};
joelancaster = {
email = "joe.a.lancas@gmail.com";
github = "JoeLancaster";
@ -7814,6 +7881,15 @@
}];
name = "Yaroslav Bolyukin";
};
lafrenierejm = {
email = "joseph@lafreniere.xyz";
github = "lafrenierejm";
githubId = 11155300;
keys = [{
fingerprint = "0375 DD9A EDD1 68A3 ADA3 9EBA EE23 6AA0 141E FCA3";
}];
name = "Joseph LaFreniere";
};
laikq = {
email = "gwen@quasebarth.de";
github = "laikq";
@ -7959,6 +8035,15 @@
fingerprint = "CC50 F82C 985D 2679 0703 AF15 19B0 82B3 DEFE 5451";
}];
};
leifhelm = {
email = "jakob.leifhelm@gmail.com";
github = "leifhelm";
githubId = 31693262;
name = "Jakob Leifhelm";
keys =[{
fingerprint = "4A82 F68D AC07 9FFD 8BF0 89C4 6817 AA02 3810 0822";
}];
};
leixb = {
email = "abone9999+nixpkgs@gmail.com";
matrix = "@leix_b:matrix.org";
@ -9170,6 +9255,12 @@
githubId = 1575834;
name = "Michael Adler";
};
michaelBelsanti = {
email = "mbels03@protonmail.com";
name = "Mike Belsanti";
github = "michaelBelsanti";
githubId = 62124625;
};
michaelpj = {
email = "michaelpj@gmail.com";
github = "michaelpj";
@ -12661,6 +12752,15 @@
githubId = 893474;
name = "Stefan Wiehler";
};
sephi = {
name = "Sylvain Fankhauser";
email = "sephi@fhtagn.top";
github = "sephii";
githubId = 754333;
keys = [{
fingerprint = "2A9D 8E76 5EE2 237D 7B6B A2A5 4228 AB9E C061 2ADA";
}];
};
sepi = {
email = "raffael@mancini.lu";
github = "sepi";
@ -13261,6 +13361,12 @@
githubId = 6362238;
name = "Christoph Honal";
};
stasjok = {
name = "Stanislav Asunkin";
email = "nixpkgs@stasjok.ru";
github = "stasjok";
githubId = 1353637;
};
steamwalker = {
email = "steamwalker@xs4all.nl";
github = "steamwalker";
@ -13718,6 +13824,12 @@
githubId = 66133083;
name = "Tomas Bravo";
};
tchab = {
email = "dev@chabs.name";
github = "t-chab";
githubId = 2120966;
name = "t-chab";
};
tchekda = {
email = "contact@tchekda.fr";
github = "Tchekda";
@ -14196,6 +14308,13 @@
githubId = 13155277;
name = "Tom Houle";
};
tomodachi94 = {
email = "tomodachi94+nixpkgs@protonmail.com";
matrix = "@tomodachi94:matrix.org";
github = "tomodachi94";
githubId = 68489118;
name = "Tomodachi94";
};
tomsmeets = {
email = "tom.tsmeets@gmail.com";
github = "TomSmeets";
@ -16041,7 +16160,7 @@
githubId = 17733984;
};
wesleyjrz = {
email = "wesleyjr2002@gmail.com";
email = "dev@wesleyjrz.com";
name = "Wesley V. Santos Jr.";
github = "wesleyjrz";
githubId = 60184588;
@ -16128,12 +16247,6 @@
github = "zuzuleinen";
githubId = 944919;
};
quasigod-io = {
email = "quasigod-io@protonmail.com";
name = "Michael Belsanti";
github = "quasigod-io";
githubId = 62124625;
};
waelwindows = {
email = "waelwindows9922@gmail.com";
github = "Waelwindows";
@ -16152,4 +16265,10 @@
github = "ziguana";
githubId = 45833444;
};
detegr = {
name = "Antti Keränen";
email = "detegr@rbx.email";
github = "Detegr";
githubId = 724433;
};
}

View file

@ -41,7 +41,7 @@ pandoc_flags=(
# - diagram-generator.lua (we do not support that in NixOS manual to limit dependencies)
# - media extraction (was only required for diagram generator)
# - myst-reader/roles.lua (only relevant for MyST → DocBook)
# - link-unix-man-references.lua (links should only be added to display output)
# - link-manpages.lua (links should only be added to display output)
# - docbook-writer/rst-roles.lua (only relevant for → DocBook)
# - docbook-writer/labelless-link-is-xref.lua (only relevant for → DocBook)
"--lua-filter=$DIR/../../doc/build-aux/pandoc-filters/docbook-reader/citerefentry-to-rst-role.lua"

View file

@ -112,7 +112,8 @@ main = do
["get-report"] -> getBuildReports
["ping-maintainers"] -> printMaintainerPing
["mark-broken-list"] -> printMarkBrokenList
_ -> putStrLn "Usage: get-report | ping-maintainers | mark-broken-list"
["eval-info"] -> printEvalInfo
_ -> putStrLn "Usage: get-report | ping-maintainers | mark-broken-list | eval-info"
reportFileName :: IO FilePath
reportFileName = getXdgDirectory XdgCache "haskell-updates-build-report.json"
@ -396,12 +397,22 @@ jobTotals (summaryBuilds -> Table mapping) = getSum <$> Table (Map.foldMapWithKe
details :: Text -> [Text] -> [Text]
details summary content = ["<details><summary>" <> summary <> " </summary>", ""] <> content <> ["</details>", ""]
evalLine :: Eval -> UTCTime -> Text
evalLine Eval{id, jobsetevalinputs = JobsetEvalInputs{nixpkgs = Nixpkgs{revision}}} fetchTime =
"*evaluation ["
<> showT id
<> "](https://hydra.nixos.org/eval/"
<> showT id
<> ") of nixpkgs commit ["
<> Text.take 7 revision
<> "](https://github.com/NixOS/nixpkgs/commits/"
<> revision
<> ") as of "
<> Text.pack (formatTime defaultTimeLocale "%Y-%m-%d %H:%M UTC" fetchTime)
<> "*"
printBuildSummary :: Eval -> UTCTime -> StatusSummary -> [(Text, Int)] -> Text
printBuildSummary
Eval{id, jobsetevalinputs = JobsetEvalInputs{nixpkgs = Nixpkgs{revision}}}
fetchTime
summary
topBrokenRdeps =
printBuildSummary eval@Eval{id} fetchTime summary topBrokenRdeps =
Text.unlines $
headline <> [""] <> tldr <> ((" * "<>) <$> (errors <> warnings)) <> [""]
<> totals
@ -416,25 +427,14 @@ printBuildSummary
<> footer
where
footer = ["*Report generated with [maintainers/scripts/haskell/hydra-report.hs](https://github.com/NixOS/nixpkgs/blob/haskell-updates/maintainers/scripts/haskell/hydra-report.hs)*"]
headline =
[ "### [haskell-updates build report from hydra](https://hydra.nixos.org/jobset/nixpkgs/haskell-updates)"
, evalLine eval fetchTime ]
totals =
[ "#### Build summary"
, ""
]
<> printTable "Platform" (\x -> makeSearchLink id (platform x <> " " <> platformIcon x) ("." <> platform x)) (\x -> showT x <> " " <> icon x) showT numSummary
headline =
[ "### [haskell-updates build report from hydra](https://hydra.nixos.org/jobset/nixpkgs/haskell-updates)"
, "*evaluation ["
<> showT id
<> "](https://hydra.nixos.org/eval/"
<> showT id
<> ") of nixpkgs commit ["
<> Text.take 7 revision
<> "](https://github.com/NixOS/nixpkgs/commits/"
<> revision
<> ") as of "
<> Text.pack (formatTime defaultTimeLocale "%Y-%m-%d %H:%M UTC" fetchTime)
<> "*"
]
brokenLine (name, rdeps) = "[" <> name <> "](https://packdeps.haskellers.com/reverse/" <> name <> ") :arrow_heading_up: " <> Text.pack (show rdeps) <> " "
numSummary = statusToNumSummary summary
jobsByState predicate = Map.filter (predicate . worstState) summary
@ -469,6 +469,11 @@ printBuildSummary
maintainedJob = Map.lookup "maintained" summary
mergeableJob = Map.lookup "mergeable" summary
printEvalInfo :: IO ()
printEvalInfo = do
(eval, fetchTime, _) <- readBuildReports
putStrLn (Text.unpack $ evalLine eval fetchTime)
printMaintainerPing :: IO ()
printMaintainerPing = do
(maintainerMap, (reverseDependencyMap, topBrokenRdeps)) <- concurrently getMaintainerMap do

View file

@ -34,6 +34,7 @@ clear="env -u HOME -u NIXPKGS_CONFIG"
$clear maintainers/scripts/haskell/regenerate-hackage-packages.sh
$clear maintainers/scripts/haskell/regenerate-transitive-broken-packages.sh
$clear maintainers/scripts/haskell/regenerate-hackage-packages.sh
evalline=$(maintainers/scripts/haskell/hydra-report.hs eval-info)
if [[ "${1:-}" == "--do-commit" ]]; then
git add $broken_config
@ -42,6 +43,8 @@ git add pkgs/development/haskell-modules/hackage-packages.nix
git commit -F - << EOF
haskellPackages: mark builds failing on hydra as broken
This commit has been generated by maintainers/scripts/haskell/mark-broken.sh
This commit has been generated by maintainers/scripts/haskell/mark-broken.sh based on
$evalline
from the haskell-updates jobset on hydra under https://hydra.nixos.org/jobset/nixpkgs/haskell-updates
EOF
fi

View file

@ -62,10 +62,12 @@ sed -r \
-e '/ lsp-types /d' \
-e '/ lsp-test /d' \
-e '/ hie-bios /d' \
-e '/ ShellCheck /d' \
< "${tmpfile_new}" >> $stackage_config
# Explanations:
# cabal2nix, distribution-nixpkgs, jailbreak-cabal, language-nix: These are our packages and we know what we are doing.
# lsp, lsp-types, lsp-test, hie-bios: These are tightly coupled to hls which is not in stackage. They have no rdeps in stackage.
# ShellCheck: latest version of command-line dev tool.
if [[ "${1:-}" == "--do-commit" ]]; then
git add $stackage_config

View file

@ -199,9 +199,9 @@ GTK themes can be installed either to user profile or system-wide (via
GTK ones, you can use the following configuration:
```nix
qt5.enable = true;
qt5.platformTheme = "gtk2";
qt5.style = "gtk2";
qt.enable = true;
qt.platformTheme = "gtk2";
qt.style = "gtk2";
```
## Custom XKB layouts {#custom-xkb-layouts .unnumbered}

View file

@ -88,7 +88,7 @@ lib.mkOption {
}
```
### `mkPackageOption` {#sec-option-declarations-util-mkPackageOption}
### `mkPackageOption`, `mkPackageOptionMD` {#sec-option-declarations-util-mkPackageOption}
Usage:
@ -106,6 +106,8 @@ The second argument is the name of the option, used in the description "The \<na
You can omit the default path if the name of the option is also attribute path in nixpkgs.
During the transition to CommonMark documentation `mkPackageOption` creates an option with a DocBook description attribute, once the transition is completed it will create a CommonMark description instead. `mkPackageOptionMD` always creates an option with a CommonMark description attribute and will be removed some time after the transition is completed.
::: {#ex-options-declarations-util-mkPackageOption .title}
Examples:

View file

@ -273,12 +273,13 @@ The following methods are available on machine objects:
`wait_for_open_port`
: Wait until a process is listening on the given TCP port (on
`localhost`, at least).
: Wait until a process is listening on the given TCP port and IP address
(default `localhost`).
`wait_for_closed_port`
: Wait until nobody is listening on the given TCP port.
: Wait until nobody is listening on the given TCP port and IP address
(default `localhost`).
`wait_for_x`

View file

@ -223,9 +223,9 @@ services.xserver.libinput.touchpad.tapping = false;
configuration:
</para>
<programlisting language="nix">
qt5.enable = true;
qt5.platformTheme = &quot;gtk2&quot;;
qt5.style = &quot;gtk2&quot;;
qt.enable = true;
qt.platformTheme = &quot;gtk2&quot;;
qt.style = &quot;gtk2&quot;;
</programlisting>
</section>
<section xml:id="custom-xkb-layouts">

View file

@ -138,7 +138,8 @@ lib.mkOption {
}
</programlisting>
<section xml:id="sec-option-declarations-util-mkPackageOption">
<title><literal>mkPackageOption</literal></title>
<title><literal>mkPackageOption</literal>,
<literal>mkPackageOptionMD</literal></title>
<para>
Usage:
</para>
@ -172,6 +173,15 @@ mkPackageOption pkgs &quot;name&quot; { default = [ &quot;path&quot; &quot;in&qu
You can omit the default path if the name of the option is
also attribute path in nixpkgs.
</para>
<para>
During the transition to CommonMark documentation
<literal>mkPackageOption</literal> creates an option with a
DocBook description attribute, once the transition is
completed it will create a CommonMark description instead.
<literal>mkPackageOptionMD</literal> always creates an option
with a CommonMark description attribute and will be removed
some time after the transition is completed.
</para>
<anchor xml:id="ex-options-declarations-util-mkPackageOption" />
<para>
Examples:

View file

@ -483,8 +483,8 @@ start_all()
</term>
<listitem>
<para>
Wait until a process is listening on the given TCP port (on
<literal>localhost</literal>, at least).
Wait until a process is listening on the given TCP port and
IP address (default <literal>localhost</literal>).
</para>
</listitem>
</varlistentry>
@ -494,7 +494,8 @@ start_all()
</term>
<listitem>
<para>
Wait until nobody is listening on the given TCP port.
Wait until nobody is listening on the given TCP port and IP
address (default <literal>localhost</literal>).
</para>
</listitem>
</varlistentry>

View file

@ -12,7 +12,7 @@
<listitem>
<para>
<emphasis>Stable channels</emphasis>, such as
<link xlink:href="https://nixos.org/channels/nixos-22.05"><literal>nixos-22.11</literal></link>.
<link xlink:href="https://nixos.org/channels/nixos-22.11"><literal>nixos-22.11</literal></link>.
These only get conservative bug fixes and package upgrades. For
instance, a channel update may cause the Linux kernel on your
system to be upgraded from 4.19.34 to 4.19.38 (a minor bug fix),
@ -33,7 +33,7 @@
<listitem>
<para>
<emphasis>Small channels</emphasis>, such as
<link xlink:href="https://nixos.org/channels/nixos-22.05-small"><literal>nixos-22.11-small</literal></link>
<link xlink:href="https://nixos.org/channels/nixos-22.11-small"><literal>nixos-22.11-small</literal></link>
or
<link xlink:href="https://nixos.org/channels/nixos-unstable-small"><literal>nixos-unstable-small</literal></link>.
These are identical to the stable and unstable channels

View file

@ -16,8 +16,20 @@
</para>
<itemizedlist>
<listitem>
<literallayout>Nix has been updated from 2.3 to 2.8. This mainly brings experimental support for Flakes, but also marks the <literal>nix</literal> command as experimental which now has to be enabled via the configuration explicitly. For more information and instructions for upgrades, see the relase notes for <link xlink:href="https://nixos.org/manual/nix/stable/release-notes/rl-2.4.html">nix-2.4</link>,
<link xlink:href="https://nixos.org/manual/nix/stable/release-notes/rl-2.5.html">nix-2.5</link>, <link xlink:href="https://nixos.org/manual/nix/stable/release-notes/rl-2.6.html">nix-2.6</link>, <link xlink:href="https://nixos.org/manual/nix/stable/release-notes/rl-2.7.html">nix-2.7</link> and <link xlink:href="https://nixos.org/manual/nix/stable/release-notes/rl-2.8.html">nix-2.8</link></literallayout>
<para>
Nix has been updated from 2.3 to 2.8. This mainly brings
experimental support for Flakes, but also marks the
<literal>nix</literal> command as experimental which now has
to be enabled via the configuration explicitly. For more
information and instructions for upgrades, see the relase
notes for
<link xlink:href="https://nixos.org/manual/nix/stable/release-notes/rl-2.4.html">nix-2.4</link>,
<link xlink:href="https://nixos.org/manual/nix/stable/release-notes/rl-2.5.html">nix-2.5</link>,
<link xlink:href="https://nixos.org/manual/nix/stable/release-notes/rl-2.6.html">nix-2.6</link>,
<link xlink:href="https://nixos.org/manual/nix/stable/release-notes/rl-2.7.html">nix-2.7</link>
and
<link xlink:href="https://nixos.org/manual/nix/stable/release-notes/rl-2.8.html">nix-2.8</link>
</para>
</listitem>
<listitem>
<para>

View file

@ -37,6 +37,13 @@
<link linkend="opt-programs.bash.blesh.enable">programs.bash.blesh</link>.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://github.com/adnanh/webhook">webhook</link>,
a lightweight webhook server. Available as
<link linkend="opt-services.webhook.enable">services.webhook</link>.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://github.com/alexivkin/CUPS-PDF-to-PDF">cups-pdf-to-pdf</link>,
@ -53,6 +60,14 @@
<link linkend="opt-programs.fzf.fuzzyCompletion">programs.fzf</link>.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://github.com/StevenBlack/hosts">stevenblack-blocklist</link>,
A unified hosts file with base extensions for blocking
unwanted websites. Available as
<link xlink:href="options.html#opt-networking.stevenblack.enable">networking.stevenblack</link>.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://github.com/ellie/atuin">atuin</link>,
@ -76,6 +91,14 @@
<link xlink:href="options.html#opt-services.v2raya.enable">services.v2raya</link>.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://www.netfilter.org/projects/ulogd/index.html">ulogd</link>,
a userspace logging daemon for netfilter/iptables related
logging. Available as
<link xlink:href="options.html#opt-services.ulogd.enable">services.ulogd</link>.
</para>
</listitem>
</itemizedlist>
</section>
<section xml:id="sec-release-23.05-incompatibilities">
@ -100,6 +123,23 @@
<link linkend="opt-services.borgbackup.jobs._name_.inhibitsSleep"><literal>services.borgbackup.jobs.&lt;name&gt;.inhibitsSleep</literal></link>.
</para>
</listitem>
<listitem>
<para>
<literal>podman</literal> now uses the
<literal>netavark</literal> network stack. Users will need to
delete all of their local containers, images, volumes, etc, by
running <literal>podman system reset --force</literal> once
before upgrading their systems.
</para>
</listitem>
<listitem>
<para>
<literal>git-bug</literal> has been updated to at least
version 0.8.0, which includes backwards incompatible changes.
The <literal>git-bug-migration</literal> package can be used
to upgrade existing repositories.
</para>
</listitem>
<listitem>
<para>
The EC2 image module no longer fetches instance metadata in
@ -283,6 +323,20 @@
deprecated when NixOS 22.11 reaches end of life.
</para>
</listitem>
<listitem>
<para>
The <literal>dokuwiki</literal> service now takes
configuration via the
<literal>services.dokuwiki.sites.&lt;name&gt;.settings</literal>
attribute set, <literal>extraConfig</literal> is deprecated
and will be removed. The
<literal>{aclUse,superUser,disableActions}</literal>
attributes have been renamed, <literal>pluginsConfig</literal>
now also accepts an attribute set of booleans, passing plain
PHP is deprecated. Same applies to <literal>acl</literal>
which now also accepts structured settings.
</para>
</listitem>
<listitem>
<para>
To reduce closure size in
@ -324,6 +378,13 @@
And backup your data.
</para>
</listitem>
<listitem>
<para>
<literal>services.chronyd</literal> is now started with
additional systemd sandbox/hardening options for better
security.
</para>
</listitem>
<listitem>
<para>
The module <literal>services.headscale</literal> was
@ -355,6 +416,14 @@
NixOS manual.
</para>
</listitem>
<listitem>
<para>
<literal>services.grafana</literal> listens only on localhost
by default again. This was changed to upstreams default of
<literal>0.0.0.0</literal> by accident in the freeform setting
conversion.
</para>
</listitem>
<listitem>
<para>
A new <literal>virtualisation.rosetta</literal> module was
@ -383,6 +452,29 @@
option.
</para>
</listitem>
<listitem>
<para>
A new option <literal>recommendedBrotliSettings</literal> has
been added to <literal>services.nginx</literal>. Learn more
about compression in Brotli format
<link xlink:href="https://github.com/google/ngx_brotli/blob/master/README.md">here</link>.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://garagehq.deuxfleurs.fr/">Garage</link>
version is based on
<link xlink:href="options.html#opt-system.stateVersion">system.stateVersion</link>,
existing installations will keep using version 0.7. New
installations will use version 0.8. In order to upgrade a
Garage cluster, please follow
<link xlink:href="https://garagehq.deuxfleurs.fr/documentation/cookbook/upgrading/">upstream
instructions</link> and force
<link xlink:href="options.html#opt-services.garage.package">services.garage.package</link>
or upgrade accordingly
<link xlink:href="options.html#opt-system.stateVersion">system.stateVersion</link>.
</para>
</listitem>
<listitem>
<para>
Resilio sync secret keys can now be provided using a secrets
@ -433,6 +525,13 @@
<literal>libax25</literal> package.
</para>
</listitem>
<listitem>
<para>
<literal>nixos-version</literal> now accepts
<literal>--configuration-revision</literal> to display more
information about the current generation revision
</para>
</listitem>
</itemizedlist>
</section>
</section>

View file

@ -6,7 +6,7 @@ expressions and associated binaries. The NixOS channels are updated
automatically from NixOS's Git repository after certain tests have
passed and all packages have been built. These channels are:
- *Stable channels*, such as [`nixos-22.11`](https://nixos.org/channels/nixos-22.05).
- *Stable channels*, such as [`nixos-22.11`](https://nixos.org/channels/nixos-22.11).
These only get conservative bug fixes and package upgrades. For
instance, a channel update may cause the Linux kernel on your system
to be upgraded from 4.19.34 to 4.19.38 (a minor bug fix), but not
@ -19,7 +19,7 @@ passed and all packages have been built. These channels are:
radical changes between channel updates. It's not recommended for
production systems.
- *Small channels*, such as [`nixos-22.11-small`](https://nixos.org/channels/nixos-22.05-small)
- *Small channels*, such as [`nixos-22.11-small`](https://nixos.org/channels/nixos-22.11-small)
or [`nixos-unstable-small`](https://nixos.org/channels/nixos-unstable-small).
These are identical to the stable and unstable channels described above,
except that they contain fewer binary packages. This means they get updated

View file

@ -21,6 +21,10 @@
<option>--revision</option>
</arg>
<arg>
<option>--configuration-revision</option>
</arg>
<arg>
<option>--json</option>
</arg>
@ -118,6 +122,23 @@
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>--configuration-revision</option>
</term>
<listitem>
<para>
Show the configuration revision if available. This could be the full SHA1
hash of the Git commit of the system flake, if you add
<screen>{ system.configurationRevision = self.rev or "dirty"; }</screen>
to the <screen>modules</screen> array of your flake.nix system configuration e.g.
<screen><prompt>$ </prompt>nixos-version --configuration-revision
aa314ebd1592f6cdd53cb5bba8bcae97d9323de8
</screen>
</para>
</listitem>
</varlistentry>
<varlistentry>
<term>
<option>--json</option>

View file

@ -8,6 +8,8 @@
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
pushd "$DIR"
link_manpages_filter=$(nix-build --no-out-link "$DIR/../../../doc/build-aux/pandoc-filters/link-manpages.nix")
# NOTE: Keep in sync with Nixpkgs manual (/doc/Makefile).
# TODO: Remove raw-attribute when we can get rid of DocBook altogether.
pandoc_commonmark_enabled_extensions=+attributes+fenced_divs+footnotes+bracketed_spans+definition_lists+pipe_tables+raw_attribute
@ -17,7 +19,7 @@ pandoc_flags=(
# - media extraction (was only required for diagram generator)
# - docbook-reader/citerefentry-to-rst-role.lua (only relevant for DocBook → MarkDown/rST/MyST)
"--lua-filter=$DIR/../../../doc/build-aux/pandoc-filters/myst-reader/roles.lua"
"--lua-filter=$DIR/../../../doc/build-aux/pandoc-filters/link-unix-man-references.lua"
"--lua-filter=$link_manpages_filter"
"--lua-filter=$DIR/../../../doc/build-aux/pandoc-filters/docbook-writer/rst-roles.lua"
"--lua-filter=$DIR/../../../doc/build-aux/pandoc-filters/docbook-writer/html-elements.lua"
"--lua-filter=$DIR/../../../doc/build-aux/pandoc-filters/docbook-writer/labelless-link-is-xref.lua"

View file

@ -9,8 +9,8 @@ In addition to numerous new and upgraded packages, this release has the followin
- Nix has been updated from 2.3 to 2.8. This mainly brings experimental support
for Flakes, but also marks the `nix` command as experimental which now has to
be enabled via the configuration explicitly. For more information and
instructions for upgrades, see the
relase notes for [nix-2.4](https://nixos.org/manual/nix/stable/release-notes/rl-2.4.html),
instructions for upgrades, see the
relase notes for [nix-2.4](https://nixos.org/manual/nix/stable/release-notes/rl-2.4.html),
[nix-2.5](https://nixos.org/manual/nix/stable/release-notes/rl-2.5.html),
[nix-2.6](https://nixos.org/manual/nix/stable/release-notes/rl-2.6.html),
[nix-2.7](https://nixos.org/manual/nix/stable/release-notes/rl-2.7.html) and
@ -30,7 +30,7 @@ In addition to numerous new and upgraded packages, this release has the followin
- Systemd has been upgraded to the version 250.
- Pulseaudio has been updated to version 15.0 and now optionally
- Pulseaudio has been updated to version 15.0 and now optionally
[supports additional Bluetooth audio codecs](https://www.freedesktop.org/wiki/Software/PulseAudio/Notes/15.0/#supportforldacandaptxbluetoothcodecsplussbcxqsbcwithhigher-qualityparameters)
such as aptX or LDAC, with codec switching available in `pavucontrol`. This
feature is disabled by default, but can be enabled with the option
@ -50,7 +50,7 @@ In addition to numerous new and upgraded packages, this release has the followin
settings for many certificates at once. This also opens up the option to use
DNS-01 validation when using `enableACME` web server virtual hosts (e.g.
`services.nginx.virtualHosts.*.enableACME`).
## New Services {#sec-release-22.05-new-services}
- [1password](https://1password.com/), command-lines and graphic interface for 1Password. Available as [programs._1password](#opt-programs._1password.enable) and [programs._1password-gui](#opt-programs._1password.enable).
@ -743,11 +743,11 @@ In addition to numerous new and upgraded packages, this release has the followin
- The configuration portion of the `nix-daemon` module has been reworked and exposed as [nix.settings](options.html#opt-nix-settings):
* Legacy options have been mapped to the corresponding options under under [nix.settings](options.html#opt-nix.settings) and will be deprecated when NixOS 21.11 reaches end of life.
* [nix.buildMachines.publicHostKey](options.html#opt-nix.buildMachines.publicHostKey) has been added.
- [`kops`](https://kops.sigs.k8s.io) defaults to 1.23.2, which will enable [Instance Metadata Service Version 2](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html) and require tokens on new clusters with Kubernetes >= 1.22. This will increase security by default, but may break some types of workloads. The default behaviour for `spec.kubeDNS.nodeLocalDNS.forwardToKubeDNS` has changed from `true` to `false`. Cilium now has `disable-cnp-status-updates: true` by default. Set this to false if you rely on the CiliumNetworkPolicy status fields. Support for Kubernetes 1.17, the Lyft CNI, Weave CNI on Kubernetes >= 1.23, CentOS 7 and 8, Debian 9, RHEL 7, and Ubuntu 16.05 (Xenial) has been removed. See the [1.22 release notes](https://kops.sigs.k8s.io/releases/1.22-notes/) and [1.23 release notes](https://kops.sigs.k8s.io/releases/1.23-notes/) for more details, including other significant changes.
- Mattermost has been upgraded to extended support version 6.3 as the previously
packaged extended support version 5.37 is [reaching end of life](https://docs.mattermost.com/upgrade/extended-support-release.html).
packaged extended support version 5.37 is [reaching end of life](https://docs.mattermost.com/upgrade/extended-support-release.html).
Migration may take some time, see the [changelog](https://docs.mattermost.com/install/self-managed-changelog.html#release-v6-3-extended-support-release)
and [important upgrade notes](https://docs.mattermost.com/upgrade/important-upgrade-notes.html).
@ -762,14 +762,14 @@ In addition to numerous new and upgraded packages, this release has the followin
By default auto-upgrade will now run immediately if it would have been triggered at least
once during the time when the timer was inactive.
- Mastodon now uses `services.redis.servers` to start a new redis server, instead of using a global redis server.
- Mastodon now uses `services.redis.servers` to start a new redis server, instead of using a global redis server.
This improves compatibility with other services that use redis.
Note that this will recreate the redis database, although according to the [Mastodon docs](https://docs.joinmastodon.org/admin/backups/),
Note that this will recreate the redis database, although according to the [Mastodon docs](https://docs.joinmastodon.org/admin/backups/),
this is almost harmless:
> Losing the Redis database is almost harmless: The only irrecoverable data will be the contents of the Sidekiq queues and scheduled retries of previously failed jobs.
> Losing the Redis database is almost harmless: The only irrecoverable data will be the contents of the Sidekiq queues and scheduled retries of previously failed jobs.
> The home and list feeds are stored in Redis, but can be regenerated with tootctl.
If you do want to save the redis database, you can use the following commands:
```bash
redis-cli save
@ -980,7 +980,7 @@ In addition to numerous new and upgraded packages, this release has the followin
or `wl*` with priority 99 (which means that it doesn't have any effect if such an interface is matched
by a `.network-`unit with a lower priority). In case of scripted networking, no behavior
was changed.
- The new [`postgresqlTestHook`](https://nixos.org/manual/nixpkgs/stable/#sec-postgresqlTestHook) runs a PostgreSQL server for the duration of package checks.
- `zfs` was updated from 2.1.4 to 2.1.5, enabling it to be used with Linux kernel 5.18.

View file

@ -18,23 +18,33 @@ In addition to numerous new and upgraded packages, this release has the followin
- [blesh](https://github.com/akinomyoga/ble.sh), a line editor written in pure bash. Available as [programs.bash.blesh](#opt-programs.bash.blesh.enable).
- [webhook](https://github.com/adnanh/webhook), a lightweight webhook server. Available as [services.webhook](#opt-services.webhook.enable).
- [cups-pdf-to-pdf](https://github.com/alexivkin/CUPS-PDF-to-PDF), a pdf-generating cups backend based on [cups-pdf](https://www.cups-pdf.de/). Available as [services.printing.cups-pdf](#opt-services.printing.cups-pdf.enable).
- [fzf](https://github.com/junegunn/fzf), a command line fuzzyfinder. Available as [programs.fzf](#opt-programs.fzf.fuzzyCompletion).
- [stevenblack-blocklist](https://github.com/StevenBlack/hosts), A unified hosts file with base extensions for blocking unwanted websites. Available as [networking.stevenblack](options.html#opt-networking.stevenblack.enable).
- [atuin](https://github.com/ellie/atuin), a sync server for shell history. Available as [services.atuin](#opt-services.atuin.enable).
- [mmsd](https://gitlab.com/kop316/mmsd), a lower level daemon that transmits and recieves MMSes. Available as [services.mmsd](#opt-services.mmsd.enable).
- [v2rayA](https://v2raya.org), a Linux web GUI client of Project V which supports V2Ray, Xray, SS, SSR, Trojan and Pingtunnel. Available as [services.v2raya](options.html#opt-services.v2raya.enable).
- [ulogd](https://www.netfilter.org/projects/ulogd/index.html), a userspace logging daemon for netfilter/iptables related logging. Available as [services.ulogd](options.html#opt-services.ulogd.enable).
## Backward Incompatibilities {#sec-release-23.05-incompatibilities}
<!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. -->
- `carnix` and `cratesIO` has been removed due to being unmaintained, use alternatives such as [naersk](https://github.com/nix-community/naersk) and [crate2nix](https://github.com/kolloch/crate2nix) instead.
- `borgbackup` module now has an option for inhibiting system sleep while backups are running, defaulting to off (not inhibiting sleep), available as [`services.borgbackup.jobs.<name>.inhibitsSleep`](#opt-services.borgbackup.jobs._name_.inhibitsSleep).
- `borgbackup` module now has an option for inhibiting system sleep while backups are running, defaulting to off (not inhibiting sleep), available as [`services.borgbackup.jobs.<name>.inhibitsSleep`](#opt-services.borgbackup.jobs._name_.inhibitsSleep).
- `podman` now uses the `netavark` network stack. Users will need to delete all of their local containers, images, volumes, etc, by running `podman system reset --force` once before upgrading their systems.
- `git-bug` has been updated to at least version 0.8.0, which includes backwards incompatible changes. The `git-bug-migration` package can be used to upgrade existing repositories.
- The EC2 image module no longer fetches instance metadata in stage-1. This results in a significantly smaller initramfs, since network drivers no longer need to be included, and faster boots, since metadata fetching can happen in parallel with startup of other services.
This breaks services which rely on metadata being present by the time stage-2 is entered. Anything which reads EC2 metadata from `/etc/ec2-metadata` should now have an `after` dependency on `fetch-ec2-metadata.service`
@ -78,6 +88,10 @@ In addition to numerous new and upgraded packages, this release has the followin
`services.dnsmasq.extraConfig` will be deprecated when NixOS 22.11 reaches
end of life.
- The `dokuwiki` service now takes configuration via the `services.dokuwiki.sites.<name>.settings` attribute set, `extraConfig` is deprecated and will be removed.
The `{aclUse,superUser,disableActions}` attributes have been renamed, `pluginsConfig` now also accepts an attribute set of booleans, passing plain PHP is deprecated.
Same applies to `acl` which now also accepts structured settings.
- To reduce closure size in `nixos/modules/profiles/minimal.nix` profile disabled installation documentations and manuals. Also disabled `logrotate` and `udisks2` services.
- The minimal ISO image now uses the `nixos/modules/profiles/minimal.nix` profile.
@ -90,6 +104,8 @@ In addition to numerous new and upgraded packages, this release has the followin
And backup your data.
- `services.chronyd` is now started with additional systemd sandbox/hardening options for better security.
- The module `services.headscale` was refactored to be compliant with [RFC 0042](https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md). To be precise, this means that the following things have changed:
- Most settings has been migrated under [services.headscale.settings](#opt-services.headscale.settings) which is an attribute-set that
@ -99,12 +115,18 @@ In addition to numerous new and upgraded packages, this release has the followin
- `nixos/lib/make-disk-image.nix` can now mutate EFI variables, run user-provided EFI firmware or variable templates. This is now extensively documented in the NixOS manual.
- `services.grafana` listens only on localhost by default again. This was changed to upstreams default of `0.0.0.0` by accident in the freeform setting conversion.
- A new `virtualisation.rosetta` module was added to allow running `x86_64` binaries through [Rosetta](https://developer.apple.com/documentation/apple-silicon/about-the-rosetta-translation-environment) inside virtualised NixOS guests on Apple silicon. This feature works by default with the [UTM](https://docs.getutm.app/) virtualisation [package](https://search.nixos.org/packages?channel=unstable&show=utm&from=0&size=1&sort=relevance&type=packages&query=utm).
- The new option `users.motdFile` allows configuring a Message Of The Day that can be updated dynamically.
- Enabling global redirect in `services.nginx.virtualHosts` now allows one to add exceptions with the `locations` option.
- A new option `recommendedBrotliSettings` has been added to `services.nginx`. Learn more about compression in Brotli format [here](https://github.com/google/ngx_brotli/blob/master/README.md).
- [Garage](https://garagehq.deuxfleurs.fr/) version is based on [system.stateVersion](options.html#opt-system.stateVersion), existing installations will keep using version 0.7. New installations will use version 0.8. In order to upgrade a Garage cluster, please follow [upstream instructions](https://garagehq.deuxfleurs.fr/documentation/cookbook/upgrading/) and force [services.garage.package](options.html#opt-services.garage.package) or upgrade accordingly [system.stateVersion](options.html#opt-system.stateVersion).
- Resilio sync secret keys can now be provided using a secrets file at runtime, preventing these secrets from ending up in the Nix store.
- The `firewall` and `nat` module now has a nftables based implementation. Enable `networking.nftables` to use it.
@ -116,3 +138,5 @@ In addition to numerous new and upgraded packages, this release has the followin
- The new option `services.tailscale.useRoutingFeatures` controls various settings for using Tailscale features like exit nodes and subnet routers. If you wish to use your machine as an exit node, you can set this setting to `server`, otherwise if you wish to use an exit node you can set this setting to `client`. The strict RPF warning has been removed as the RPF will be loosened automatically based on the value of this setting.
- [Xastir](https://xastir.org/index.php/Main_Page) can now access AX.25 interfaces via the `libax25` package.
- `nixos-version` now accepts `--configuration-revision` to display more information about the current generation revision

View file

@ -41,6 +41,7 @@
# characteristics but (hopefully) indistinguishable output.
, allowDocBook ? true
# whether lib.mdDoc is required for descriptions to be read as markdown.
# !!! when this is eventually flipped to true, `lib.doRename` should also default to emitting Markdown
, markdownByDefault ? false
}:
@ -130,6 +131,8 @@ in rec {
if baseOptionsJSON == null
then builtins.toFile "base.json" "{}"
else baseOptionsJSON;
MANPAGE_URLS = pkgs.path + "/doc/manpage-urls.json";
}
''
# Export list of options in different format.

View file

@ -21,18 +21,22 @@ parser.add_argument(
args = parser.parse_args()
# Pretty-print certain Nix types, like literal expressions.
def render_types(obj):
if '_type' not in obj: return obj
class OptionsEncoder(json.JSONEncoder):
def encode(self, obj):
# Unpack literal expressions and other Nix types.
# Don't escape the strings: they were escaped when initially serialized to JSON.
if isinstance(obj, dict):
_type = obj.get('_type')
if _type is not None:
if _type == 'literalExpression' or _type == 'literalDocBook':
return obj['text']
_type = obj['_type']
if _type == 'literalExpression' or _type == 'literalDocBook':
return obj['text']
if _type == 'derivation':
return obj['name']
if _type == 'derivation':
return obj['name']
raise Exception(f'Unexpected type `{_type}` in {json.dumps(obj)}')
raise Exception(f'Unexpected type `{_type}` in {json.dumps(obj)}')
return super().encode(obj)
def generate_commonmark(options):
for (name, value) in options.items():
@ -49,14 +53,14 @@ def generate_commonmark(options):
if 'default' in value:
print('*_Default_*')
print('```')
print(json.dumps(value['default'], ensure_ascii=False, separators=(',', ':')))
print(json.dumps(value['default'], cls=OptionsEncoder, ensure_ascii=False, separators=(',', ':')))
print('```')
print()
print()
if 'example' in value:
print('*_Example_*')
print('```')
print(json.dumps(value['example'], ensure_ascii=False, separators=(',', ':')))
print(json.dumps(value['example'], cls=OptionsEncoder, ensure_ascii=False, separators=(',', ':')))
print('```')
print()
print()
@ -76,7 +80,7 @@ def generate_asciidoc(options):
print('Default::')
print('+')
print('----')
print(json.dumps(value['default'], ensure_ascii=False, separators=(',', ':')))
print(json.dumps(value['default'], cls=OptionsEncoder, ensure_ascii=False, separators=(',', ':')))
print('----')
print()
else:
@ -89,7 +93,7 @@ def generate_asciidoc(options):
print('Example::')
print('+')
print('----')
print(json.dumps(value['example'], ensure_ascii=False, separators=(',', ':')))
print(json.dumps(value['example'], cls=OptionsEncoder, ensure_ascii=False, separators=(',', ':')))
print('----')
print()
else:
@ -97,7 +101,7 @@ def generate_asciidoc(options):
print()
with open(args.nix_options_path) as nix_options_json:
options = json.load(nix_options_json, object_hook=render_types)
options = json.load(nix_options_json)
if args.format == 'commonmark':
generate_commonmark(options)

View file

@ -1,5 +1,6 @@
import collections
import json
import os
import sys
from typing import Any, Dict, List
@ -46,6 +47,8 @@ def unpivot(options: Dict[Key, Option]) -> Dict[str, JSON]:
result[opt.name] = opt.value
return result
manpage_urls = json.load(open(os.getenv('MANPAGE_URLS')))
admonitions = {
'.warning': 'warning',
'.important': 'important',
@ -119,9 +122,14 @@ class Renderer(mistune.renderers.BaseRenderer):
def env(self, text):
return f"<envar>{escape(text)}</envar>"
def manpage(self, page, section):
man = f"{page}({section})"
title = f"<refentrytitle>{escape(page)}</refentrytitle>"
vol = f"<manvolnum>{escape(section)}</manvolnum>"
return f"<citerefentry>{title}{vol}</citerefentry>"
ref = f"<citerefentry>{title}{vol}</citerefentry>"
if man in manpage_urls:
return self.link(manpage_urls[man], text=ref)
else:
return ref
def finalize(self, data):
return "".join(data)
@ -306,14 +314,17 @@ if hasDocBookErrors:
print("Explanation: The documentation contains descriptions, examples, or defaults written in DocBook. " +
"NixOS is in the process of migrating from DocBook to Markdown, and " +
"DocBook is disallowed for in-tree modules. To change your contribution to "+
"use Markdown, apply mdDoc and literalMD. For example:\n" +
"use Markdown, apply mdDoc and literalMD and use the *MD variants of option creation " +
"functions where they are available. For example:\n" +
"\n" +
" example.foo = mkOption {\n" +
" description = lib.mdDoc ''your description'';\n" +
" defaultText = lib.literalMD ''your description of default'';\n" +
" }\n" +
" };\n" +
"\n" +
" example.enable = mkEnableOption (lib.mdDoc ''your thing'');",
" example.enable = mkEnableOption (lib.mdDoc ''your thing'');\n" +
" example.package = mkPackageOptionMD pkgs \"your-package\" {};\n" +
" imports = [ (mkAliasOptionModuleMD [ \"example\" \"args\" ] [ \"example\" \"settings\" ]) ];",
file = sys.stderr)
if hasErrors:

View file

@ -60,7 +60,7 @@ in rec {
`asDropin` creates a drop-in file named `overrides.conf`.
Mainly needed to define instances for systemd template units (e.g. `systemd-nspawn@mycontainer.service`).
See also systemd.unit(1).
See also {manpage}`systemd.unit(5)`.
'';
};
@ -86,7 +86,7 @@ in rec {
This option creates a `.wants` symlink in the given target that exists
statelessly without the need for running `systemctl enable`.
The in systemd.unit(5) manpage described `[Install]` section however is
The `[Install]` section described in {manpage}`systemd.unit(5)` however is
not supported because it is a stateful process that does not fit well
into the NixOS design.
'';

View file

@ -41,11 +41,9 @@ def writeable_dir(arg: str) -> Path:
"""
path = Path(arg)
if not path.is_dir():
raise argparse.ArgumentTypeError("{0} is not a directory".format(path))
raise argparse.ArgumentTypeError(f"{path} is not a directory")
if not os.access(path, os.W_OK):
raise argparse.ArgumentTypeError(
"{0} is not a writeable directory".format(path)
)
raise argparse.ArgumentTypeError(f"{path} is not a writeable directory")
return path

View file

@ -19,15 +19,11 @@ def get_tmp_dir() -> Path:
tmp_dir.mkdir(mode=0o700, exist_ok=True)
if not tmp_dir.is_dir():
raise NotADirectoryError(
"The directory defined by TMPDIR, TEMP, TMP or CWD: {0} is not a directory".format(
tmp_dir
)
f"The directory defined by TMPDIR, TEMP, TMP or CWD: {tmp_dir} is not a directory"
)
if not os.access(tmp_dir, os.W_OK):
raise PermissionError(
"The directory defined by TMPDIR, TEMP, TMP, or CWD: {0} is not writeable".format(
tmp_dir
)
f"The directory defined by TMPDIR, TEMP, TMP, or CWD: {tmp_dir} is not writeable"
)
return tmp_dir

View file

@ -36,7 +36,7 @@ class Logger:
def maybe_prefix(self, message: str, attributes: Dict[str, str]) -> str:
if "machine" in attributes:
return "{}: {}".format(attributes["machine"], message)
return f"{attributes['machine']}: {message}"
return message
def log_line(self, message: str, attributes: Dict[str, str]) -> None:
@ -62,9 +62,7 @@ class Logger:
def log_serial(self, message: str, machine: str) -> None:
self.enqueue({"msg": message, "machine": machine, "type": "serial"})
if self._print_serial_logs:
self._eprint(
Style.DIM + "{} # {}".format(machine, message) + Style.RESET_ALL
)
self._eprint(Style.DIM + f"{machine} # {message}" + Style.RESET_ALL)
def enqueue(self, item: Dict[str, str]) -> None:
self.queue.put(item)
@ -97,7 +95,7 @@ class Logger:
yield
self.drain_log_queue()
toc = time.time()
self.log("(finished: {}, in {:.2f} seconds)".format(message, toc - tic))
self.log(f"(finished: {message}, in {toc - tic:.2f} seconds)")
self.xml.endElement("nest")

View file

@ -101,14 +101,14 @@ def _perform_ocr_on_screenshot(
tess_args = f"-c debug_file=/dev/null --psm 11"
cmd = f"convert {magick_args} {screenshot_path} tiff:{screenshot_path}.tiff"
cmd = f"convert {magick_args} '{screenshot_path}' 'tiff:{screenshot_path}.tiff'"
ret = subprocess.run(cmd, shell=True, capture_output=True)
if ret.returncode != 0:
raise Exception(f"TIFF conversion failed with exit code {ret.returncode}")
model_results = []
for model_id in model_ids:
cmd = f"tesseract {screenshot_path}.tiff - {tess_args} --oem {model_id}"
cmd = f"tesseract '{screenshot_path}.tiff' - {tess_args} --oem '{model_id}'"
ret = subprocess.run(cmd, shell=True, capture_output=True)
if ret.returncode != 0:
raise Exception(f"OCR failed with exit code {ret.returncode}")
@ -420,8 +420,8 @@ class Machine:
def send_monitor_command(self, command: str) -> str:
self.run_callbacks()
with self.nested("sending monitor command: {}".format(command)):
message = ("{}\n".format(command)).encode()
with self.nested(f"sending monitor command: {command}"):
message = f"{command}\n".encode()
assert self.monitor is not None
self.monitor.send(message)
return self.wait_for_monitor_prompt()
@ -438,7 +438,7 @@ class Machine:
info = self.get_unit_info(unit, user)
state = info["ActiveState"]
if state == "failed":
raise Exception('unit "{}" reached state "{}"'.format(unit, state))
raise Exception(f'unit "{unit}" reached state "{state}"')
if state == "inactive":
status, jobs = self.systemctl("list-jobs --full 2>&1", user)
@ -446,27 +446,24 @@ class Machine:
info = self.get_unit_info(unit, user)
if info["ActiveState"] == state:
raise Exception(
(
'unit "{}" is inactive and there ' "are no pending jobs"
).format(unit)
f'unit "{unit}" is inactive and there are no pending jobs'
)
return state == "active"
with self.nested(
"waiting for unit {}{}".format(
unit, f" with user {user}" if user is not None else ""
)
f"waiting for unit {unit}"
+ (f" with user {user}" if user is not None else "")
):
retry(check_active, timeout)
def get_unit_info(self, unit: str, user: Optional[str] = None) -> Dict[str, str]:
status, lines = self.systemctl('--no-pager show "{}"'.format(unit), user)
status, lines = self.systemctl(f'--no-pager show "{unit}"', user)
if status != 0:
raise Exception(
'retrieving systemctl info for unit "{}" {} failed with exit code {}'.format(
unit, "" if user is None else 'under user "{}"'.format(user), status
)
f'retrieving systemctl info for unit "{unit}"'
+ ("" if user is None else f' under user "{user}"')
+ f" failed with exit code {status}"
)
line_pattern = re.compile(r"^([^=]+)=(.*)$")
@ -486,24 +483,22 @@ class Machine:
if user is not None:
q = q.replace("'", "\\'")
return self.execute(
(
"su -l {} --shell /bin/sh -c "
"$'XDG_RUNTIME_DIR=/run/user/`id -u` "
"systemctl --user {}'"
).format(user, q)
f"su -l {user} --shell /bin/sh -c "
"$'XDG_RUNTIME_DIR=/run/user/`id -u` "
f"systemctl --user {q}'"
)
return self.execute("systemctl {}".format(q))
return self.execute(f"systemctl {q}")
def require_unit_state(self, unit: str, require_state: str = "active") -> None:
with self.nested(
"checking if unit {} has reached state '{}'".format(unit, require_state)
f"checking if unit '{unit}' has reached state '{require_state}'"
):
info = self.get_unit_info(unit)
state = info["ActiveState"]
if state != require_state:
raise Exception(
"Expected unit {} to to be in state ".format(unit)
+ "'{}' but it is in state {}".format(require_state, state)
f"Expected unit '{unit}' to to be in state "
f"'{require_state}' but it is in state '{state}'"
)
def _next_newline_closed_block_from_shell(self) -> str:
@ -593,13 +588,11 @@ class Machine:
"""Execute each command and check that it succeeds."""
output = ""
for command in commands:
with self.nested("must succeed: {}".format(command)):
with self.nested(f"must succeed: {command}"):
(status, out) = self.execute(command, timeout=timeout)
if status != 0:
self.log("output: {}".format(out))
raise Exception(
"command `{}` failed (exit code {})".format(command, status)
)
self.log(f"output: {out}")
raise Exception(f"command `{command}` failed (exit code {status})")
output += out
return output
@ -607,12 +600,10 @@ class Machine:
"""Execute each command and check that it fails."""
output = ""
for command in commands:
with self.nested("must fail: {}".format(command)):
with self.nested(f"must fail: {command}"):
(status, out) = self.execute(command, timeout=timeout)
if status == 0:
raise Exception(
"command `{}` unexpectedly succeeded".format(command)
)
raise Exception(f"command `{command}` unexpectedly succeeded")
output += out
return output
@ -627,7 +618,7 @@ class Machine:
status, output = self.execute(command, timeout=timeout)
return status == 0
with self.nested("waiting for success: {}".format(command)):
with self.nested(f"waiting for success: {command}"):
retry(check_success, timeout)
return output
@ -642,7 +633,7 @@ class Machine:
status, output = self.execute(command, timeout=timeout)
return status != 0
with self.nested("waiting for failure: {}".format(command)):
with self.nested(f"waiting for failure: {command}"):
retry(check_failure)
return output
@ -661,8 +652,8 @@ class Machine:
def get_tty_text(self, tty: str) -> str:
status, output = self.execute(
"fold -w$(stty -F /dev/tty{0} size | "
"awk '{{print $2}}') /dev/vcs{0}".format(tty)
f"fold -w$(stty -F /dev/tty{tty} size | "
f"awk '{{print $2}}') /dev/vcs{tty}"
)
return output
@ -681,11 +672,11 @@ class Machine:
)
return len(matcher.findall(text)) > 0
with self.nested("waiting for {} to appear on tty {}".format(regexp, tty)):
with self.nested(f"waiting for {regexp} to appear on tty {tty}"):
retry(tty_matches)
def send_chars(self, chars: str, delay: Optional[float] = 0.01) -> None:
with self.nested("sending keys {}".format(chars)):
with self.nested(f"sending keys '{chars}'"):
for char in chars:
self.send_key(char, delay)
@ -693,33 +684,33 @@ class Machine:
"""Waits until the file exists in machine's file system."""
def check_file(_: Any) -> bool:
status, _ = self.execute("test -e {}".format(filename))
status, _ = self.execute(f"test -e {filename}")
return status == 0
with self.nested("waiting for file {}".format(filename)):
with self.nested(f"waiting for file '{filename}'"):
retry(check_file)
def wait_for_open_port(self, port: int) -> None:
def wait_for_open_port(self, port: int, addr: str = "localhost") -> None:
def port_is_open(_: Any) -> bool:
status, _ = self.execute("nc -z localhost {}".format(port))
status, _ = self.execute(f"nc -z {addr} {port}")
return status == 0
with self.nested("waiting for TCP port {}".format(port)):
with self.nested(f"waiting for TCP port {port} on {addr}"):
retry(port_is_open)
def wait_for_closed_port(self, port: int) -> None:
def wait_for_closed_port(self, port: int, addr: str = "localhost") -> None:
def port_is_closed(_: Any) -> bool:
status, _ = self.execute("nc -z localhost {}".format(port))
status, _ = self.execute(f"nc -z {addr} {port}")
return status != 0
with self.nested("waiting for TCP port {} to be closed".format(port)):
with self.nested(f"waiting for TCP port {port} on {addr} to be closed"):
retry(port_is_closed)
def start_job(self, jobname: str, user: Optional[str] = None) -> Tuple[int, str]:
return self.systemctl("start {}".format(jobname), user)
return self.systemctl(f"start {jobname}", user)
def stop_job(self, jobname: str, user: Optional[str] = None) -> Tuple[int, str]:
return self.systemctl("stop {}".format(jobname), user)
return self.systemctl(f"stop {jobname}", user)
def wait_for_job(self, jobname: str) -> None:
self.wait_for_unit(jobname)
@ -739,21 +730,21 @@ class Machine:
toc = time.time()
self.log("connected to guest root shell")
self.log("(connecting took {:.2f} seconds)".format(toc - tic))
self.log(f"(connecting took {toc - tic:.2f} seconds)")
self.connected = True
def screenshot(self, filename: str) -> None:
word_pattern = re.compile(r"^\w+$")
if word_pattern.match(filename):
filename = os.path.join(self.out_dir, "{}.png".format(filename))
tmp = "{}.ppm".format(filename)
filename = os.path.join(self.out_dir, f"{filename}.png")
tmp = f"{filename}.ppm"
with self.nested(
"making screenshot {}".format(filename),
f"making screenshot {filename}",
{"image": os.path.basename(filename)},
):
self.send_monitor_command("screendump {}".format(tmp))
ret = subprocess.run("pnmtopng {} > {}".format(tmp, filename), shell=True)
self.send_monitor_command(f"screendump {tmp}")
ret = subprocess.run(f"pnmtopng '{tmp}' > '{filename}'", shell=True)
os.unlink(tmp)
if ret.returncode != 0:
raise Exception("Cannot convert screenshot")
@ -815,7 +806,7 @@ class Machine:
def dump_tty_contents(self, tty: str) -> None:
"""Debugging: Dump the contents of the TTY<n>"""
self.execute("fold -w 80 /dev/vcs{} | systemd-cat".format(tty))
self.execute(f"fold -w 80 /dev/vcs{tty} | systemd-cat")
def _get_screen_text_variants(self, model_ids: Iterable[int]) -> List[str]:
with tempfile.TemporaryDirectory() as tmpdir:
@ -837,15 +828,15 @@ class Machine:
return True
if last:
self.log("Last OCR attempt failed. Text was: {}".format(variants))
self.log(f"Last OCR attempt failed. Text was: {variants}")
return False
with self.nested("waiting for {} to appear on screen".format(regex)):
with self.nested(f"waiting for {regex} to appear on screen"):
retry(screen_matches)
def wait_for_console_text(self, regex: str) -> None:
with self.nested("waiting for {} to appear on console".format(regex)):
with self.nested(f"waiting for {regex} to appear on console"):
# Buffer the console output, this is needed
# to match multiline regexes.
console = io.StringIO()
@ -862,7 +853,7 @@ class Machine:
def send_key(self, key: str, delay: Optional[float] = 0.01) -> None:
key = CHAR_TO_KEY.get(key, key)
self.send_monitor_command("sendkey {}".format(key))
self.send_monitor_command(f"sendkey {key}")
if delay is not None:
time.sleep(delay)
@ -921,7 +912,7 @@ class Machine:
self.pid = self.process.pid
self.booted = True
self.log("QEMU running (pid {})".format(self.pid))
self.log(f"QEMU running (pid {self.pid})")
def cleanup_statedir(self) -> None:
shutil.rmtree(self.state_dir)
@ -975,7 +966,7 @@ class Machine:
names = self.get_window_names()
if last_try:
self.log(
"Last chance to match {} on the window list,".format(regexp)
f"Last chance to match {regexp} on the window list,"
+ " which currently contains: "
+ ", ".join(names)
)
@ -992,9 +983,7 @@ class Machine:
"""Forward a TCP port on the host to a TCP port on the guest.
Useful during interactive testing.
"""
self.send_monitor_command(
"hostfwd_add tcp::{}-:{}".format(host_port, guest_port)
)
self.send_monitor_command(f"hostfwd_add tcp::{host_port}-:{guest_port}")
def block(self) -> None:
"""Make the machine unreachable by shutting down eth1 (the multicast

View file

@ -4,7 +4,7 @@ with lib;
let
cfg = config.qt5;
cfg = config.qt;
isQGnome = cfg.platformTheme == "gnome" && builtins.elem cfg.style ["adwaita" "adwaita-dark"];
isQtStyle = cfg.platformTheme == "gtk2" && !(builtins.elem cfg.style ["adwaita" "adwaita-dark"]);
@ -12,22 +12,34 @@ let
isLxqt = cfg.platformTheme == "lxqt";
isKde = cfg.platformTheme == "kde";
packages = if isQGnome then [ pkgs.qgnomeplatform pkgs.adwaita-qt ]
packages =
if isQGnome then [
pkgs.qgnomeplatform
pkgs.adwaita-qt
pkgs.qgnomeplatform-qt6
pkgs.adwaita-qt6
]
else if isQtStyle then [ pkgs.libsForQt5.qtstyleplugins ]
else if isQt5ct then [ pkgs.libsForQt5.qt5ct ]
else if isLxqt then [ pkgs.lxqt.lxqt-qtplugin pkgs.lxqt.lxqt-config ]
else if isKde then [ pkgs.libsForQt5.plasma-integration pkgs.libsForQt5.systemsettings ]
else throw "`qt5.platformTheme` ${cfg.platformTheme} and `qt5.style` ${cfg.style} are not compatible.";
else throw "`qt.platformTheme` ${cfg.platformTheme} and `qt.style` ${cfg.style} are not compatible.";
in
{
meta.maintainers = [ maintainers.romildo ];
options = {
qt5 = {
imports = [
(mkRenamedOptionModule ["qt5" "enable" ] ["qt" "enable" ])
(mkRenamedOptionModule ["qt5" "platformTheme" ] ["qt" "platformTheme" ])
(mkRenamedOptionModule ["qt5" "style" ] ["qt" "style" ])
];
enable = mkEnableOption (lib.mdDoc "Qt5 theming configuration");
options = {
qt = {
enable = mkEnableOption (lib.mdDoc "Qt theming configuration");
platformTheme = mkOption {
type = types.enum [
@ -40,13 +52,14 @@ in
example = "gnome";
relatedPackages = [
"qgnomeplatform"
"qgnomeplatform-qt6"
["libsForQt5" "qtstyleplugins"]
["libsForQt5" "qt5ct"]
["lxqt" "lxqt-qtplugin"]
["libsForQt5" "plasma-integration"]
];
description = lib.mdDoc ''
Selects the platform theme to use for Qt5 applications.
Selects the platform theme to use for Qt applications.
The options are
- `gtk`: Use GTK theme with [qtstyleplugins](https://github.com/qt/qtstyleplugins)
@ -71,10 +84,11 @@ in
example = "adwaita";
relatedPackages = [
"adwaita-qt"
"adwaita-qt6"
["libsForQt5" "qtstyleplugins"]
];
description = lib.mdDoc ''
Selects the style to use for Qt5 applications.
Selects the style to use for Qt applications.
The options are
- `adwaita`, `adwaita-dark`: Use Adwaita Qt style with

View file

@ -0,0 +1,34 @@
{ config, lib, pkgs, ... }:
let
inherit (lib) optionals mkOption mkEnableOption types mkIf elem concatStringsSep maintainers mdDoc;
cfg = config.networking.stevenblack;
# needs to be in a specific order
activatedHosts = with cfg; [ ]
++ optionals (elem "fakenews" block) [ "fakenews" ]
++ optionals (elem "gambling" block) [ "gambling" ]
++ optionals (elem "porn" block) [ "porn" ]
++ optionals (elem "social" block) [ "social" ];
hostsPath = "${pkgs.stevenblack-blocklist}/alternates/" + concatStringsSep "-" activatedHosts + "/hosts";
in
{
options.networking.stevenblack = {
enable = mkEnableOption (mdDoc "Enable the stevenblack hosts file blocklist.");
block = mkOption {
type = types.listOf (types.enum [ "fakenews" "gambling" "porn" "social" ]);
default = [ ];
description = mdDoc "Additional blocklist extensions.";
};
};
config = mkIf cfg.enable {
networking.hostFiles = [ ]
++ optionals (activatedHosts != [ ]) [ hostsPath ]
++ optionals (activatedHosts == [ ]) [ "${pkgs.stevenblack-blocklist}/hosts" ];
};
meta.maintainers = [ maintainers.fortuneteller2k maintainers.artturin ];
}

View file

@ -444,8 +444,8 @@ let
in {
imports = [
(mkAliasOptionModule [ "users" "extraUsers" ] [ "users" "users" ])
(mkAliasOptionModule [ "users" "extraGroups" ] [ "users" "groups" ])
(mkAliasOptionModuleMD [ "users" "extraUsers" ] [ "users" "users" ])
(mkAliasOptionModuleMD [ "users" "extraGroups" ] [ "users" "groups" ])
(mkRenamedOptionModule ["security" "initialRootPassword"] ["users" "users" "root" "initialHashedPassword"])
];

View file

@ -61,7 +61,7 @@ in
serviceConfig = {
Type = "simple";
ExecStart = "${cfg.package}/bin/otd-daemon -c ${cfg.package}/lib/OpenTabletDriver/Configurations";
ExecStart = "${cfg.package}/bin/otd-daemon";
Restart = "on-failure";
};
};

View file

@ -31,7 +31,7 @@
};
# Theme calamares with GNOME theme
qt5 = {
qt = {
enable = true;
platformTheme = "gnome";
};

View file

@ -77,6 +77,14 @@ let
else
config.boot.loader.timeout * 10;
# Timeout in grub is in seconds.
# null means max timeout (infinity)
# 0 means disable timeout
grubEfiTimeout = if config.boot.loader.timeout == null then
-1
else
config.boot.loader.timeout;
# The configuration file for syslinux.
# Notes on syslinux configuration and UNetbootin compatibility:
@ -284,7 +292,7 @@ let
if serial; then set with_serial=yes ;fi
export with_serial
clear
set timeout=10
set timeout=${toString grubEfiTimeout}
# This message will only be viewable when "gfxterm" is not used.
echo ""

5
third_party/nixpkgs/nixos/modules/installer/tools/nixos-enter.sh vendored Normal file → Executable file
View file

@ -100,8 +100,9 @@ chroot_add_resolv_conf "$mountPoint" || echo "$0: failed to set up resolv.conf"
# Run the activation script. Set $LOCALE_ARCHIVE to supress some Perl locale warnings.
LOCALE_ARCHIVE="$system/sw/lib/locale/locale-archive" IN_NIXOS_ENTER=1 chroot "$mountPoint" "$system/activate" 1>&2 || true
# Create /tmp
chroot "$mountPoint" systemd-tmpfiles --create --remove --exclude-prefix=/dev 1>&2 || true
# Create /tmp. This is needed for nix-build and the NixOS activation script to work.
# Hide the unhelpful "failed to replace specifiers" errors caused by missing /etc/machine-id.
chroot "$mountPoint" "$system/sw/bin/systemd-tmpfiles" --create --remove -E 2> /dev/null || true
)
unset TMPDIR

View file

@ -8,11 +8,18 @@ case "$1" in
;;
--hash|--revision)
if ! [[ @revision@ =~ ^[0-9a-f]+$ ]]; then
echo "$0: Nixpkgs commit hash is unknown"
echo "$0: Nixpkgs commit hash is unknown" >&2
exit 1
fi
echo "@revision@"
;;
--configuration-revision)
if [[ "@configurationRevision@" =~ "@" ]]; then
echo "$0: configuration revision is unknown" >&2
exit 1
fi
echo "@configurationRevision@"
;;
--json)
cat <<EOF
@json@

View file

@ -50,7 +50,7 @@ let
(name: value:
let
wholeName = "${namePrefix}.${name}";
guard = lib.warn "Attempt to evaluate package ${wholeName} in option documentation; this is not supported and will eventually be an error. Use `mkPackageOption` or `literalExpression` instead.";
guard = lib.warn "Attempt to evaluate package ${wholeName} in option documentation; this is not supported and will eventually be an error. Use `mkPackageOption{,MD}` or `literalExpression` instead.";
in if isAttrs value then
scrubDerivations wholeName value
// optionalAttrs (isDerivation value) {

View file

@ -28,6 +28,8 @@ let
DOCUMENTATION_URL = "https://nixos.org/learn.html";
SUPPORT_URL = "https://nixos.org/community.html";
BUG_REPORT_URL = "https://github.com/NixOS/nixpkgs/issues";
} // lib.optionalAttrs (cfg.variant_id != null) {
VARIANT_ID = cfg.variant_id;
};
initrdReleaseContents = osReleaseContents // {
@ -87,6 +89,13 @@ in
description = lib.mdDoc "The NixOS release code name (e.g. `Emu`).";
};
nixos.variant_id = mkOption {
type = types.nullOr (types.strMatching "^[a-z0-9._-]+$");
default = null;
description = lib.mdDoc "A lower-case string identifying a specific variant or edition of the operating system";
example = "installer";
};
stateVersion = mkOption {
type = types.str;
# TODO Remove this and drop the default of the option so people are forced to set it.

View file

@ -20,9 +20,10 @@
./config/nsswitch.nix
./config/power-management.nix
./config/pulseaudio.nix
./config/qt5.nix
./config/qt.nix
./config/resolvconf.nix
./config/shells-environment.nix
./config/stevenblack.nix
./config/swap.nix
./config/sysctl.nix
./config/system-environment.nix
@ -179,6 +180,7 @@
./programs/haguichi.nix
./programs/hamster.nix
./programs/htop.nix
./programs/iay.nix
./programs/iftop.nix
./programs/i3lock.nix
./programs/iotop.nix
@ -520,6 +522,7 @@
./services/logging/syslog-ng.nix
./services/logging/syslogd.nix
./services/logging/vector.nix
./services/logging/ulogd.nix
./services/mail/clamsmtp.nix
./services/mail/davmail.nix
./services/mail/dkimproxy-out.nix
@ -1012,6 +1015,7 @@
./services/networking/wasabibackend.nix
./services/networking/websockify.nix
./services/networking/wg-netmanager.nix
./services/networking/webhook.nix
./services/networking/wg-quick.nix
./services/networking/wireguard.nix
./services/networking/wpa_supplicant.nix
@ -1138,6 +1142,7 @@
./services/web-apps/isso.nix
./services/web-apps/jirafeau.nix
./services/web-apps/jitsi-meet.nix
./services/web-apps/kasmweb/default.nix
./services/web-apps/keycloak.nix
./services/web-apps/komga.nix
./services/web-apps/lemmy.nix

View file

@ -20,6 +20,7 @@ with lib;
];
config = {
system.nixos.variant_id = lib.mkDefault "installer";
# Enable in installer, even if the minimal profile disables it.
documentation.enable = mkImageMediaOverride true;

View file

@ -9,7 +9,8 @@ let
in
{ imports = [
{
imports = [
../virtualisation/qemu-vm.nix
# Avoid a dependency on stateVersion
@ -18,8 +19,7 @@ in
../virtualisation/nixos-containers.nix
../services/x11/desktop-managers/xterm.nix
];
config = {
};
config = { };
options.boot.isContainer = lib.mkOption { default = false; internal = true; };
}
];
@ -59,10 +59,14 @@ in
trusted-users = [ "root" user ];
};
services.openssh = {
enable = true;
services = {
getty.autologinUser = user;
authorizedKeysFiles = [ "${keysDirectory}/%u_${keyType}.pub" ];
openssh = {
enable = true;
authorizedKeysFiles = [ "${keysDirectory}/%u_${keyType}.pub" ];
};
};
system.build.macos-builder-installer =
@ -98,11 +102,11 @@ in
'';
in
script.overrideAttrs (old: {
meta = (old.meta or { }) // {
platforms = lib.platforms.darwin;
};
});
script.overrideAttrs (old: {
meta = (old.meta or { }) // {
platforms = lib.platforms.darwin;
};
});
system = {
# To prevent gratuitous rebuilds on each change to Nixpkgs
@ -118,10 +122,22 @@ in
'');
};
users.users."${user}"= {
users.users."${user}" = {
isNormalUser = true;
};
security.polkit.enable = true;
security.polkit.extraConfig = ''
polkit.addRule(function(action, subject) {
if (action.id === "org.freedesktop.login1.power-off" && subject.user === "${user}") {
return "yes";
} else {
return "no";
}
})
'';
virtualisation = {
diskSize = 20 * 1024;

View file

@ -27,7 +27,7 @@ in
'';
};
package = mkPackageOption pkgs "1Password GUI" {
package = mkPackageOptionMD pkgs "1Password GUI" {
default = [ "_1password-gui" ];
};
};

View file

@ -18,7 +18,7 @@ in
programs._1password = {
enable = mkEnableOption (lib.mdDoc "the 1Password CLI tool");
package = mkPackageOption pkgs "1Password CLI" {
package = mkPackageOptionMD pkgs "1Password CLI" {
default = [ "_1password" ];
};
};

View file

@ -16,7 +16,7 @@ in
group.
'';
};
package = mkPackageOption pkgs "flashrom" { };
package = mkPackageOptionMD pkgs "flashrom" { };
};
config = mkIf cfg.enable {

View file

@ -135,7 +135,7 @@ in
# The SSH agent protocol doesn't have support for changing TTYs; however we
# can simulate this with the `exec` feature of openssh (see ssh_config(5))
# that hooks a command to the shell currently running the ssh program.
Match host * exec "${cfg.package}/bin/gpg-connect-agent --quiet updatestartuptty /bye >/dev/null 2>&1"
Match host * exec "${pkgs.runtimeShell} -c '${cfg.package}/bin/gpg-connect-agent --quiet updatestartuptty /bye >/dev/null 2>&1'"
'';
environment.extraInit = mkIf cfg.agent.enableSSHSupport ''

View file

@ -0,0 +1,37 @@
{ config, lib, pkgs, ... }:
let
cfg = config.programs.iay;
inherit (lib) mkEnableOption mkIf mkOption mkPackageOptionMD optionalString types;
in {
options.programs.iay = {
enable = mkEnableOption (lib.mdDoc "iay");
package = mkPackageOptionMD pkgs "iay" {};
minimalPrompt = mkOption {
type = types.bool;
default = false;
description = lib.mdDoc "Use minimal one-liner prompt.";
};
};
config = mkIf cfg.enable {
programs.bash.promptInit = ''
if [[ $TERM != "dumb" && (-z $INSIDE_EMACS || $INSIDE_EMACS == "vterm") ]]; then
PS1='$(iay ${optionalString cfg.minimalPrompt "-m"})'
fi
'';
programs.zsh.promptInit = ''
if [[ $TERM != "dumb" && (-z $INSIDE_EMACS || $INSIDE_EMACS == "vterm") ]]; then
autoload -Uz add-zsh-hook
_iay_prompt() {
PROMPT="$(iay -z ${optionalString cfg.minimalPrompt "-m"})"
}
add-zsh-hook precmd _iay_prompt
fi
'';
};
meta.maintainers = pkgs.iay.meta.maintainers;
}

View file

@ -36,23 +36,22 @@ let
in
{
meta.maintainers = [ lib.maintainers.mic92 ];
options = {
programs.nix-ld = {
enable = lib.mkEnableOption (lib.mdDoc ''nix-ld, Documentation: <https://github.com/Mic92/nix-ld>'');
package = lib.mkOption {
type = lib.types.package;
description = lib.mdDoc "Which package to use for the nix-ld.";
default = pkgs.nix-ld;
defaultText = lib.mdDoc "pkgs.nix-ld";
};
libraries = lib.mkOption {
type = lib.types.listOf lib.types.package;
description = lib.mdDoc "Libraries that automatically become available to all programs. The default set includes common libraries.";
default = baseLibraries;
defaultText = lib.mdDoc "baseLibraries";
};
options.programs.nix-ld = {
enable = lib.mkEnableOption (lib.mdDoc ''nix-ld, Documentation: <https://github.com/Mic92/nix-ld>'');
package = lib.mkOption {
type = lib.types.package;
description = lib.mdDoc "Which package to use for the nix-ld.";
default = pkgs.nix-ld;
defaultText = lib.literalExpression "pkgs.nix-ld";
};
libraries = lib.mkOption {
type = lib.types.listOf lib.types.package;
description = lib.mdDoc "Libraries that automatically become available to all programs. The default set includes common libraries.";
default = baseLibraries;
defaultText = lib.literalExpression "baseLibraries derived from systemd and nix dependencies.";
};
};
config = lib.mkIf config.programs.nix-ld.enable {
systemd.tmpfiles.packages = [ cfg.package ];

View file

@ -1,6 +1,6 @@
{ pkgs, config, lib, ... }:
let
inherit (lib) mdDoc mkEnableOption mkPackageOption optional optionalString;
inherit (lib) mdDoc mkEnableOption mkPackageOptionMD optional optionalString;
cfg = config.programs.skim;
in
{
@ -8,7 +8,7 @@ in
programs.skim = {
fuzzyCompletion = mkEnableOption (mdDoc "fuzzy completion with skim");
keybindings = mkEnableOption (mdDoc "skim keybindings");
package = mkPackageOption pkgs "skim" {};
package = mkPackageOptionMD pkgs "skim" {};
};
};

Some files were not shown because too many files have changed in this diff Show more