Project import generated by Copybara.
GitOrigin-RevId: b3616bd96400ce0252c241d76fcafb64389defc6
This commit is contained in:
parent
d12fb60c20
commit
a5adf1ddd8
9177 changed files with 54612 additions and 40009 deletions
5
third_party/nixpkgs/.github/CODEOWNERS
vendored
5
third_party/nixpkgs/.github/CODEOWNERS
vendored
|
@ -37,6 +37,7 @@
|
|||
/pkgs/build-support/cc-wrapper @Ericson2314 @orivej
|
||||
/pkgs/build-support/bintools-wrapper @Ericson2314 @orivej
|
||||
/pkgs/build-support/setup-hooks @Ericson2314
|
||||
/pkgs/build-support/setup-hooks/auto-patchelf.sh @aszlig
|
||||
|
||||
# Nixpkgs build-support
|
||||
/pkgs/build-support/writers @lassulus @Profpatsch
|
||||
|
@ -157,8 +158,8 @@
|
|||
/nixos/modules/services/networking/ntp @thoughtpolice
|
||||
|
||||
# Dhall
|
||||
/pkgs/development/dhall-modules @Gabriel439 @Profpatsch
|
||||
/pkgs/development/interpreters/dhall @Gabriel439 @Profpatsch
|
||||
/pkgs/development/dhall-modules @Gabriel439 @Profpatsch @ehmry
|
||||
/pkgs/development/interpreters/dhall @Gabriel439 @Profpatsch @ehmry
|
||||
|
||||
# Idris
|
||||
/pkgs/development/idris-modules @Infinisil
|
||||
|
|
1
third_party/nixpkgs/.github/CONTRIBUTING.md
vendored
1
third_party/nixpkgs/.github/CONTRIBUTING.md
vendored
|
@ -57,6 +57,7 @@ Follow these steps to backport a change into a release branch in compliance with
|
|||
3. Create a branch for your change, e.g. `git checkout -b backport`.
|
||||
4. When the reason to backport is not obvious from the original commit message, use `git cherry-pick -xe <original commit>` and add a reason. Otherwise use `git cherry-pick -x <original commit>`. That's fine for minor version updates that only include security and bug fixes, commits that fixes an otherwise broken package or similar. Please also ensure the commits exists on the master branch; in the case of squashed or rebased merges, the commit hash will change and the new commits can be found in the merge message at the bottom of the master pull request.
|
||||
5. Push to GitHub and open a backport pull request. Make sure to select the release branch (e.g. `release-20.09`) as the target branch of the pull request, and link to the pull request in which the original change was comitted to `master`. The pull request title should be the commit title with the release version as prefix, e.g. `[20.09]`.
|
||||
6. When the backport pull request is merged and you have the necessary privileges you can also replace the label `9.needs: port to stable` with `8.has: port to stable` on the original pull request. This way maintainers can keep track of missing backports easier.
|
||||
|
||||
## Reviewing contributions
|
||||
|
||||
|
|
|
@ -25,7 +25,7 @@ jobs:
|
|||
- name: Fetch editorconfig-checker
|
||||
if: env.PR_DIFF
|
||||
env:
|
||||
ECC_VERSION: "2.2.0"
|
||||
ECC_VERSION: "2.3.1"
|
||||
ECC_URL: "https://github.com/editorconfig-checker/editorconfig-checker/releases/download"
|
||||
run: |
|
||||
curl -sSf -O -L -C - "$ECC_URL/$ECC_VERSION/ec-linux-amd64.tar.gz" && \
|
||||
|
|
|
@ -2,12 +2,12 @@
|
|||
|
||||
## Configuring Emacs {#sec-emacs-config}
|
||||
|
||||
The Emacs package comes with some extra helpers to make it easier to configure. `emacsWithPackages` allows you to manage packages from ELPA. This means that you will not have to install that packages from within Emacs. For instance, if you wanted to use `company` `counsel`, `flycheck`, `ivy`, `magit`, `projectile`, and `use-package` you could use this as a `~/.config/nixpkgs/config.nix` override:
|
||||
The Emacs package comes with some extra helpers to make it easier to configure. `emacs.pkgs.withPackages` allows you to manage packages from ELPA. This means that you will not have to install that packages from within Emacs. For instance, if you wanted to use `company` `counsel`, `flycheck`, `ivy`, `magit`, `projectile`, and `use-package` you could use this as a `~/.config/nixpkgs/config.nix` override:
|
||||
|
||||
```nix
|
||||
{
|
||||
packageOverrides = pkgs: with pkgs; {
|
||||
myEmacs = emacsWithPackages (epkgs: (with epkgs.melpaStablePackages; [
|
||||
myEmacs = emacs.pkgs.withPackages (epkgs: (with epkgs.melpaStablePackages; [
|
||||
company
|
||||
counsel
|
||||
flycheck
|
||||
|
@ -84,7 +84,7 @@ You can install it like any other packages via `nix-env -iA myEmacs`. However, t
|
|||
(projectile-global-mode))
|
||||
'';
|
||||
|
||||
myEmacs = emacsWithPackages (epkgs: (with epkgs.melpaStablePackages; [
|
||||
myEmacs = emacs.pkgs.withPackages (epkgs: (with epkgs.melpaStablePackages; [
|
||||
(runCommand "default.el" {} ''
|
||||
mkdir -p $out/share/emacs/site-lisp
|
||||
cp ${myEmacsConfig} $out/share/emacs/site-lisp/default.el
|
||||
|
@ -103,14 +103,14 @@ You can install it like any other packages via `nix-env -iA myEmacs`. However, t
|
|||
|
||||
This provides a fairly full Emacs start file. It will load in addition to the user's presonal config. You can always disable it by passing `-q` to the Emacs command.
|
||||
|
||||
Sometimes `emacsWithPackages` is not enough, as this package set has some priorities imposed on packages (with the lowest priority assigned to Melpa Unstable, and the highest for packages manually defined in `pkgs/top-level/emacs-packages.nix`). But you can't control this priorities when some package is installed as a dependency. You can override it on per-package-basis, providing all the required dependencies manually - but it's tedious and there is always a possibility that an unwanted dependency will sneak in through some other package. To completely override such a package you can use `overrideScope'`.
|
||||
Sometimes `emacs.pkgs.withPackages` is not enough, as this package set has some priorities imposed on packages (with the lowest priority assigned to Melpa Unstable, and the highest for packages manually defined in `pkgs/top-level/emacs-packages.nix`). But you can't control this priorities when some package is installed as a dependency. You can override it on per-package-basis, providing all the required dependencies manually - but it's tedious and there is always a possibility that an unwanted dependency will sneak in through some other package. To completely override such a package you can use `overrideScope'`.
|
||||
|
||||
```nix
|
||||
overrides = self: super: rec {
|
||||
haskell-mode = self.melpaPackages.haskell-mode;
|
||||
...
|
||||
};
|
||||
((emacsPackagesGen emacs).overrideScope' overrides).emacsWithPackages
|
||||
((emacsPackagesFor emacs).overrideScope' overrides).emacs.pkgs.withPackages
|
||||
(p: with p; [
|
||||
# here both these package will use haskell-mode of our own choice
|
||||
ghc-mod
|
||||
|
|
50
third_party/nixpkgs/doc/builders/packages/fish.section.md
vendored
Normal file
50
third_party/nixpkgs/doc/builders/packages/fish.section.md
vendored
Normal file
|
@ -0,0 +1,50 @@
|
|||
# Fish {#sec-fish}
|
||||
|
||||
Fish is a "smart and user-friendly command line shell" with support for plugins.
|
||||
|
||||
|
||||
## Vendor Fish scripts {#sec-fish-vendor}
|
||||
|
||||
Any package may ship its own Fish completions, configuration snippets, and
|
||||
functions. Those should be installed to
|
||||
`$out/share/fish/vendor_{completions,conf,functions}.d` respectively.
|
||||
|
||||
When the `programs.fish.enable` and
|
||||
`programs.fish.vendor.{completions,config,functions}.enable` options from the
|
||||
NixOS Fish module are set to true, those paths are symlinked in the current
|
||||
system environment and automatically loaded by Fish.
|
||||
|
||||
|
||||
## Packaging Fish plugins {#sec-fish-plugins-pkg}
|
||||
|
||||
While packages providing standalone executables belong to the top level,
|
||||
packages which have the sole purpose of extending Fish belong to the
|
||||
`fishPlugins` scope and should be registered in
|
||||
`pkgs/shells/fish/plugins/default.nix`.
|
||||
|
||||
The `buildFishPlugin` utility function can be used to automatically copy Fish
|
||||
scripts from `$src/{completions,conf,conf.d,functions}` to the standard vendor
|
||||
installation paths. It also sets up the test environment so that the optional
|
||||
`checkPhase` is executed in a Fish shell with other already packaged plugins
|
||||
and package-local Fish functions specified in `checkPlugins` and
|
||||
`checkFunctionDirs` respectively.
|
||||
|
||||
See `pkgs/shells/fish/plugins/pure.nix` for an example of Fish plugin package
|
||||
using `buildFishPlugin` and running unit tests with the `fishtape` test runner.
|
||||
|
||||
|
||||
## Fish wrapper {#sec-fish-wrapper}
|
||||
|
||||
The `wrapFish` package is a wrapper around Fish which can be used to create
|
||||
Fish shells initialised with some plugins as well as completions, configuration
|
||||
snippets and functions sourced from the given paths. This provides a convenient
|
||||
way to test Fish plugins and scripts without having to alter the environment.
|
||||
|
||||
```nix
|
||||
wrapFish {
|
||||
pluginPkgs = with fishPlugins; [ pure foreign-env ];
|
||||
completionDirs = [];
|
||||
functionDirs = [];
|
||||
confDirs = [ "/path/to/some/fish/init/dir/" ];
|
||||
}
|
||||
```
|
|
@ -11,6 +11,7 @@
|
|||
<xi:include href="elm.xml" />
|
||||
<xi:include href="emacs.section.xml" />
|
||||
<xi:include href="firefox.section.xml" />
|
||||
<xi:include href="fish.section.xml" />
|
||||
<xi:include href="ibus.xml" />
|
||||
<xi:include href="kakoune.section.xml" />
|
||||
<xi:include href="linux.section.xml" />
|
||||
|
|
|
@ -178,6 +178,15 @@ args.stdenv.mkDerivation (args // {
|
|||
</programlisting>
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
Prefer using the top-level <varname>lib</varname> over its alias
|
||||
<literal>stdenv.lib</literal>. <varname>lib</varname> is unrelated to
|
||||
<varname>stdenv</varname>, and so <literal>stdenv.lib</literal> should only
|
||||
be used as a convenience alias when developing to avoid having to modify
|
||||
the function inputs just to test something out.
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</section>
|
||||
<section xml:id="sec-package-naming">
|
||||
|
|
|
@ -13,21 +13,19 @@ with import <nixpkgs> {};
|
|||
|
||||
let
|
||||
androidComposition = androidenv.composeAndroidPackages {
|
||||
toolsVersion = "25.2.5";
|
||||
platformToolsVersion = "27.0.1";
|
||||
buildToolsVersions = [ "27.0.3" ];
|
||||
toolsVersion = "26.1.1";
|
||||
platformToolsVersion = "30.0.5";
|
||||
buildToolsVersions = [ "30.0.3" ];
|
||||
includeEmulator = false;
|
||||
emulatorVersion = "27.2.0";
|
||||
platformVersions = [ "24" ];
|
||||
emulatorVersion = "30.3.4";
|
||||
platformVersions = [ "28" "29" "30" ];
|
||||
includeSources = false;
|
||||
includeDocs = false;
|
||||
includeSystemImages = false;
|
||||
systemImageTypes = [ "default" ];
|
||||
abiVersions = [ "armeabi-v7a" ];
|
||||
lldbVersions = [ "2.0.2558144" ];
|
||||
cmakeVersions = [ "3.6.4111459" ];
|
||||
includeNDK = false;
|
||||
ndkVersion = "16.1.4479499";
|
||||
systemImageTypes = [ "google_apis_playstore" ];
|
||||
abiVersions = [ "armeabi-v7a" "arm64-v8a" ];
|
||||
cmakeVersions = [ "3.10.2" ];
|
||||
includeNDK = true;
|
||||
ndkVersion = "22.0.7026061";
|
||||
useGoogleAPIs = false;
|
||||
useGoogleTVAddOns = false;
|
||||
includeExtras = [
|
||||
|
@ -46,13 +44,11 @@ The following parameters are supported:
|
|||
|
||||
* `toolsVersion`, specifies the version of the tools package to use
|
||||
* `platformsToolsVersion` specifies the version of the `platform-tools` plugin
|
||||
* `buildToolsVersion` specifies the versions of the `build-tools` plugins to
|
||||
* `buildToolsVersions` specifies the versions of the `build-tools` plugins to
|
||||
use.
|
||||
* `includeEmulator` specifies whether to deploy the emulator package (`false`
|
||||
by default). When enabled, the version of the emulator to deploy can be
|
||||
specified by setting the `emulatorVersion` parameter.
|
||||
* `includeDocs` specifies whether the documentation catalog should be included.
|
||||
* `lldbVersions` specifies what LLDB versions should be deployed.
|
||||
* `cmakeVersions` specifies which CMake versions should be deployed.
|
||||
* `includeNDK` specifies that the Android NDK bundle should be included.
|
||||
Defaults to: `false`.
|
||||
|
@ -82,6 +78,38 @@ For each requested system image we can specify the following options:
|
|||
|
||||
Most of the function arguments have reasonable default settings.
|
||||
|
||||
You can specify license names:
|
||||
|
||||
* `extraLicenses` is a list of of license names.
|
||||
You can get these names from repo.json or `querypackages.sh licenses`. The SDK
|
||||
license (`android-sdk-license`) is accepted for you if you set accept_license
|
||||
to true. If you are doing something like working with preview SDKs, you will
|
||||
want to add `android-sdk-preview-license` or whichever license applies here.
|
||||
|
||||
Additionally, you can override the repositories that composeAndroidPackages will
|
||||
pull from:
|
||||
|
||||
* `repoJson` specifies a path to a generated repo.json file. You can generate this
|
||||
by running `generate.sh`, which in turn will call into `mkrepo.rb`.
|
||||
* `repoXmls` is an attribute set containing paths to repo XML files. If specified,
|
||||
it takes priority over `repoJson`, and will trigger a local build writing out a
|
||||
repo.json to the Nix store based on the given repository XMLs.
|
||||
|
||||
```nix
|
||||
repoXmls = {
|
||||
packages = [ ./xml/repository2-1.xml ];
|
||||
images = [
|
||||
./xml/android-sys-img2-1.xml
|
||||
./xml/android-tv-sys-img2-1.xml
|
||||
./xml/android-wear-sys-img2-1.xml
|
||||
./xml/android-wear-cn-sys-img2-1.xml
|
||||
./xml/google_apis-sys-img2-1.xml
|
||||
./xml/google_apis_playstore-sys-img2-1.xml
|
||||
];
|
||||
addons = [ ./xml/addon2-1.xml ];
|
||||
};
|
||||
```
|
||||
|
||||
When building the above expression with:
|
||||
|
||||
```bash
|
||||
|
@ -104,8 +132,8 @@ in
|
|||
androidComposition.platform-tools
|
||||
```
|
||||
|
||||
Using predefine Android package compositions
|
||||
--------------------------------------------
|
||||
Using predefined Android package compositions
|
||||
---------------------------------------------
|
||||
In addition to composing an Android package set manually, it is also possible
|
||||
to use a predefined composition that contains all basic packages for a specific
|
||||
Android version, such as version 9.0 (API-level 28).
|
||||
|
@ -209,27 +237,104 @@ androidenv.emulateApp {
|
|||
In addition to prebuilt APKs, you can also bind the APK parameter to a
|
||||
`buildApp {}` function invocation shown in the previous example.
|
||||
|
||||
Notes on environment variables in Android projects
|
||||
--------------------------------------------------
|
||||
* `ANDROID_SDK_ROOT` should point to the Android SDK. In your Nix expressions, this should be
|
||||
`${androidComposition.androidsdk}/libexec/android-sdk`. Note that `ANDROID_HOME` is deprecated,
|
||||
but if you rely on tools that need it, you can export it too.
|
||||
* `ANDROID_NDK_ROOT` should point to the Android NDK, if you're doing NDK development.
|
||||
In your Nix expressions, this should be `${ANDROID_SDK_ROOT}/ndk-bundle`.
|
||||
|
||||
If you are running the Android Gradle plugin, you need to export GRADLE_OPTS to override aapt2
|
||||
to point to the aapt2 binary in the Nix store as well, or use a FHS environment so the packaged
|
||||
aapt2 can run. If you don't want to use a FHS environment, something like this should work:
|
||||
|
||||
```nix
|
||||
let
|
||||
buildToolsVersion = "30.0.3";
|
||||
|
||||
# Use buildToolsVersion when you define androidComposition
|
||||
androidComposition = <...>;
|
||||
in
|
||||
pkgs.mkShell rec {
|
||||
ANDROID_SDK_ROOT = "${androidComposition.androidsdk}/libexec/android-sdk";
|
||||
ANDROID_NDK_ROOT = "${ANDROID_SDK_ROOT}/ndk-bundle";
|
||||
|
||||
# Use the same buildToolsVersion here
|
||||
GRADLE_OPTS = "-Dorg.gradle.project.android.aapt2FromMavenOverride=${ANDROID_SDK_ROOT}/build-tools/${buildToolsVersion}/aapt2";
|
||||
}
|
||||
```
|
||||
|
||||
If you are using cmake, you need to add it to PATH in a shell hook or FHS env profile.
|
||||
The path is suffixed with a build number, but properly prefixed with the version.
|
||||
So, something like this should suffice:
|
||||
|
||||
```nix
|
||||
let
|
||||
cmakeVersion = "3.10.2";
|
||||
|
||||
# Use cmakeVersion when you define androidComposition
|
||||
androidComposition = <...>;
|
||||
in
|
||||
pkgs.mkShell rec {
|
||||
ANDROID_SDK_ROOT = "${androidComposition.androidsdk}/libexec/android-sdk";
|
||||
ANDROID_NDK_ROOT = "${ANDROID_SDK_ROOT}/ndk-bundle";
|
||||
|
||||
# Use the same cmakeVersion here
|
||||
shellHook = ''
|
||||
export PATH="$(echo "$ANDROID_SDK_ROOT/cmake/${cmakeVersion}".*/bin):$PATH"
|
||||
'';
|
||||
}
|
||||
```
|
||||
|
||||
Note that running Android Studio with ANDROID_SDK_ROOT set will automatically write a
|
||||
`local.properties` file with `sdk.dir` set to $ANDROID_SDK_ROOT if one does not already
|
||||
exist. If you are using the NDK as well, you may have to add `ndk.dir` to this file.
|
||||
|
||||
An example shell.nix that does all this for you is provided in examples/shell.nix.
|
||||
This shell.nix includes a shell hook that overwrites local.properties with the correct
|
||||
sdk.dir and ndk.dir values. This will ensure that the SDK and NDK directories will
|
||||
both be correct when you run Android Studio inside nix-shell.
|
||||
|
||||
Notes on improving build.gradle compatibility
|
||||
---------------------------------------------
|
||||
Ensure that your buildToolsVersion and ndkVersion match what is declared in androidenv.
|
||||
If you are using cmake, make sure its declared version is correct too.
|
||||
|
||||
Otherwise, you may get cryptic errors from aapt2 and the Android Gradle plugin warning
|
||||
that it cannot install the build tools because the SDK directory is not writeable.
|
||||
|
||||
```gradle
|
||||
android {
|
||||
buildToolsVersion "30.0.3"
|
||||
ndkVersion = "22.0.7026061"
|
||||
externalNativeBuild {
|
||||
cmake {
|
||||
version "3.10.2"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
```
|
||||
|
||||
Querying the available versions of each plugin
|
||||
----------------------------------------------
|
||||
When using any of the previously shown functions, it may be a bit inconvenient
|
||||
to find out what options are supported, since the Android SDK provides many
|
||||
plugins.
|
||||
repo.json provides all the options in one file now.
|
||||
|
||||
A shell script in the `pkgs/development/mobile/androidenv/` sub directory can be used to retrieve all
|
||||
A shell script in the `pkgs/development/mobile/androidenv/` subdirectory can be used to retrieve all
|
||||
possible options:
|
||||
|
||||
```bash
|
||||
sh ./querypackages.sh packages build-tools
|
||||
./querypackages.sh packages
|
||||
```
|
||||
|
||||
The above command-line instruction queries all build-tools versions in the
|
||||
generated `packages.nix` expression.
|
||||
The above command-line instruction queries all package versions in repo.json.
|
||||
|
||||
Updating the generated expressions
|
||||
----------------------------------
|
||||
Most of the Nix expressions are generated from XML files that the Android
|
||||
package manager uses. To update the expressions run the `generate.sh` script
|
||||
that is stored in the `pkgs/development/mobile/androidenv/` sub directory:
|
||||
repo.json is generated from XML files that the Android Studio package manager uses.
|
||||
To update the expressions run the `generate.sh` script that is stored in the
|
||||
`pkgs/development/mobile/androidenv/` subdirectory:
|
||||
|
||||
```bash
|
||||
./generate.sh
|
||||
|
|
|
@ -3,37 +3,39 @@
|
|||
## Coq derivation: `coq`
|
||||
|
||||
The Coq derivation is overridable through the `coq.override overrides`, where overrides is an attribute set which contains the arguments to override. We recommend overriding either of the following
|
||||
+ `version` (optional, defaults to the latest version of Coq selected for nixpkgs, see `pkgs/top-level/coq-packages` to witness this choice), which follows the conventions explained in the `coqPackages` section below,
|
||||
+ `customOCamlPackage` (optional, defaults to `null`, which lets Coq choose a version automatically), which can be set to any of the ocaml packages attribute of `ocaml-ng` (such as `ocaml-ng.ocamlPackages_4_10` which is the default for Coq 8.11 for example).
|
||||
+ `coq-version` (optional, defaults to the short version e.g. "8.10"), is a version number of the form "x.y" that indicates which Coq's version build behavior to mimic when using a source which is not a release. E.g. `coq.override { version = "d370a9d1328a4e1cdb9d02ee032f605a9d94ec7a"; coq-version = "8.10"; }`.
|
||||
|
||||
* `version` (optional, defaults to the latest version of Coq selected for nixpkgs, see `pkgs/top-level/coq-packages` to witness this choice), which follows the conventions explained in the `coqPackages` section below,
|
||||
* `customOCamlPackage` (optional, defaults to `null`, which lets Coq choose a version automatically), which can be set to any of the ocaml packages attribute of `ocaml-ng` (such as `ocaml-ng.ocamlPackages_4_10` which is the default for Coq 8.11 for example).
|
||||
* `coq-version` (optional, defaults to the short version e.g. "8.10"), is a version number of the form "x.y" that indicates which Coq's version build behavior to mimic when using a source which is not a release. E.g. `coq.override { version = "d370a9d1328a4e1cdb9d02ee032f605a9d94ec7a"; coq-version = "8.10"; }`.
|
||||
|
||||
## Coq packages attribute sets: `coqPackages`
|
||||
|
||||
The recommended way of defining a derivation for a Coq library, is to use the `coqPackages.mkCoqDerivation` function, which is essentially a specialization of `mkDerivation` taking into account most of the specifics of Coq libraries. The following attributes are supported:
|
||||
- `pname` (required) is the name of the package,
|
||||
- `version` (optional, defaults to `null`), is the version to fetch and build,
|
||||
|
||||
* `pname` (required) is the name of the package,
|
||||
* `version` (optional, defaults to `null`), is the version to fetch and build,
|
||||
this attribute is interpreted in several ways depending on its type and pattern:
|
||||
+ if it is a known released version string, i.e. from the `release` attribute below, the according release is picked, and the `version` attribute of the resulting derivation is set to this release string,
|
||||
+ if it is a majorMinor `"x.y"` prefix of a known released version (as defined above), then the latest `"x.y.z"` known released version is selected (for the ordering given by `versionAtLeast`),
|
||||
+ if it is a path or a string representing an absolute path (i.e. starting with `"/"`), the provided path is selected as a source, and the `version` attribute of the resulting derivation is set to `"dev"`,
|
||||
+ if it is a string of the form `owner:branch` then it tries to download the `branch` of owner `owner` for a project of the same name using the same vcs, and the `version` attribute of the resulting derivation is set to `"dev"`, additionally if the owner is not provided (i.e. if the `owner:` prefix is missing), it defaults to the original owner of the package (see below),
|
||||
+ if it is a string of the form `"#N"`, and the domain is github, then it tries to download the current head of the pull request `#N` from github,
|
||||
- `defaultVersion` (optional). Coq libraries may be compatible with some specific versions of Coq only. The `defaultVersion` attribute is used when no `version` is provided (or if `version = null`) to select the version of the library to use by default, depending on the context. This selection will mainly depend on a `coq` version number but also possibly on other packages versions (e.g. `mathcomp`). If its value ends up to be `null`, the package is marked for removal in end-user `coqPackages` attribute set.
|
||||
- `release` (optional, defaults to `{}`), lists all the known releases of the library and for each of them provides an attribute set with at least a `sha256` attribute (you may use the shell command `nix-prefetch-url --unpack <archive-url>` to find it, where `<archive-url>` is for example `https://github.com/owner/repo/archive/version.tar.gz`), each attribute set of the list of releases also takes optional overloading arguments for the fetcher as below (i.e.`domain`, `owner`, `repo`, `rev` assuming the default fetcher is used) and optional overrides for the result of the fetcher (i.e. `version` and `src`).
|
||||
- `fetcher` (optional, default to a generic fetching mechanism supporting github or gitlab based infrastructures), is a function that takes at least an `owner`, a `repo`, a `rev`, and a `sha256` and returns an attribute set with a `version` and `src`.
|
||||
- `repo` (optional, defaults to the value of `pname`),
|
||||
- `owner` (optional, defaults to `"coq-community"`).
|
||||
- `domain` (optional, defaults to `"github.com"`), domains including the strings `"github"` or `"gitlab"` in their names are automatically supported, otherwise, one must change the `fetcher` argument to support them (cf `pkgs/development/coq-modules/heq/default.nix` for an example),
|
||||
- `releaseRev` (optional, defaults to `(v: v)`), provides a default mapping from release names to revision hashes/branch names/tags,
|
||||
- `displayVersion` (optional), provides a way to alter the computation of `name` from `pname`, by explaining how to display version numbers,
|
||||
- `namePrefix` (optional), provides a way to alter the computation of `name` from `pname`, by explaining which dependencies must occur in `name`,
|
||||
- `extraBuildInputs` (optional), by default `buildInputs` just contains `coq`, this allows to add more build inputs,
|
||||
- `mlPlugin` (optional, defaults to `false`). Some extensions (plugins) might require OCaml and sometimes other OCaml packages. Standard dependencies can be added by setting the current option to `true`. For a finer grain control, the `coq.ocamlPackages` attribute can be used in `extraBuildInputs` to depend on the same package set Coq was built against.
|
||||
- `enableParallelBuilding` (optional, defaults to `true`), since it is activated by default, we provide a way to disable it.
|
||||
- `extraInstallFlags` (optional), allows to extend `installFlags` which initializes the variable `COQMF_COQLIB` so as to install in the proper subdirectory. Indeed Coq libraries should be installed in `$(out)/lib/coq/${coq.coq-version}/user-contrib/`. Such directories are automatically added to the `$COQPATH` environment variable by the hook defined in the Coq derivation.
|
||||
- `setCOQBIN` (optional, defaults to `true`), by default, the environment variable `$COQBIN` is set to the current Coq's binary, but one can disable this behavior by setting it to `false`,
|
||||
- `useMelquiondRemake` (optional, default to `null`) is an attribute set, which, if given, overloads the `preConfigurePhases`, `configureFlags`, `buildPhase`, and `installPhase` attributes of the derivation for a specific use in libraries using `remake` as set up by Guillaume Melquiond for `flocq`, `gappalib`, `interval`, and `coquelicot` (see the corresponding derivation for concrete examples of use of this option). For backward compatibility, the attribute `useMelquiondRemake.logpath` must be set to the logical root of the library (otherwise, one can pass `useMelquiondRemake = {}` to activate this without backward compatibility).
|
||||
- `dropAttrs`, `keepAttrs`, `dropDerivationAttrs` are all optional and allow to tune which attribute is added or removed from the final call to `mkDerivation`.
|
||||
* if it is a known released version string, i.e. from the `release` attribute below, the according release is picked, and the `version` attribute of the resulting derivation is set to this release string,
|
||||
* if it is a majorMinor `"x.y"` prefix of a known released version (as defined above), then the latest `"x.y.z"` known released version is selected (for the ordering given by `versionAtLeast`),
|
||||
* if it is a path or a string representing an absolute path (i.e. starting with `"/"`), the provided path is selected as a source, and the `version` attribute of the resulting derivation is set to `"dev"`,
|
||||
* if it is a string of the form `owner:branch` then it tries to download the `branch` of owner `owner` for a project of the same name using the same vcs, and the `version` attribute of the resulting derivation is set to `"dev"`, additionally if the owner is not provided (i.e. if the `owner:` prefix is missing), it defaults to the original owner of the package (see below),
|
||||
* if it is a string of the form `"#N"`, and the domain is github, then it tries to download the current head of the pull request `#N` from github,
|
||||
* `defaultVersion` (optional). Coq libraries may be compatible with some specific versions of Coq only. The `defaultVersion` attribute is used when no `version` is provided (or if `version = null`) to select the version of the library to use by default, depending on the context. This selection will mainly depend on a `coq` version number but also possibly on other packages versions (e.g. `mathcomp`). If its value ends up to be `null`, the package is marked for removal in end-user `coqPackages` attribute set.
|
||||
* `release` (optional, defaults to `{}`), lists all the known releases of the library and for each of them provides an attribute set with at least a `sha256` attribute (you may use the shell command `nix-prefetch-url --unpack <archive-url>` to find it, where `<archive-url>` is for example `https://github.com/owner/repo/archive/version.tar.gz`), each attribute set of the list of releases also takes optional overloading arguments for the fetcher as below (i.e.`domain`, `owner`, `repo`, `rev` assuming the default fetcher is used) and optional overrides for the result of the fetcher (i.e. `version` and `src`).
|
||||
* `fetcher` (optional, default to a generic fetching mechanism supporting github or gitlab based infrastructures), is a function that takes at least an `owner`, a `repo`, a `rev`, and a `sha256` and returns an attribute set with a `version` and `src`.
|
||||
* `repo` (optional, defaults to the value of `pname`),
|
||||
* `owner` (optional, defaults to `"coq-community"`).
|
||||
* `domain` (optional, defaults to `"github.com"`), domains including the strings `"github"` or `"gitlab"` in their names are automatically supported, otherwise, one must change the `fetcher` argument to support them (cf `pkgs/development/coq-modules/heq/default.nix` for an example),
|
||||
* `releaseRev` (optional, defaults to `(v: v)`), provides a default mapping from release names to revision hashes/branch names/tags,
|
||||
* `displayVersion` (optional), provides a way to alter the computation of `name` from `pname`, by explaining how to display version numbers,
|
||||
* `namePrefix` (optional), provides a way to alter the computation of `name` from `pname`, by explaining which dependencies must occur in `name`,
|
||||
* `extraBuildInputs` (optional), by default `buildInputs` just contains `coq`, this allows to add more build inputs,
|
||||
* `mlPlugin` (optional, defaults to `false`). Some extensions (plugins) might require OCaml and sometimes other OCaml packages. Standard dependencies can be added by setting the current option to `true`. For a finer grain control, the `coq.ocamlPackages` attribute can be used in `extraBuildInputs` to depend on the same package set Coq was built against.
|
||||
* `enableParallelBuilding` (optional, defaults to `true`), since it is activated by default, we provide a way to disable it.
|
||||
* `extraInstallFlags` (optional), allows to extend `installFlags` which initializes the variable `COQMF_COQLIB` so as to install in the proper subdirectory. Indeed Coq libraries should be installed in `$(out)/lib/coq/${coq.coq-version}/user-contrib/`. Such directories are automatically added to the `$COQPATH` environment variable by the hook defined in the Coq derivation.
|
||||
* `setCOQBIN` (optional, defaults to `true`), by default, the environment variable `$COQBIN` is set to the current Coq's binary, but one can disable this behavior by setting it to `false`,
|
||||
* `useMelquiondRemake` (optional, default to `null`) is an attribute set, which, if given, overloads the `preConfigurePhases`, `configureFlags`, `buildPhase`, and `installPhase` attributes of the derivation for a specific use in libraries using `remake` as set up by Guillaume Melquiond for `flocq`, `gappalib`, `interval`, and `coquelicot` (see the corresponding derivation for concrete examples of use of this option). For backward compatibility, the attribute `useMelquiondRemake.logpath` must be set to the logical root of the library (otherwise, one can pass `useMelquiondRemake = {}` to activate this without backward compatibility).
|
||||
* `dropAttrs`, `keepAttrs`, `dropDerivationAttrs` are all optional and allow to tune which attribute is added or removed from the final call to `mkDerivation`.
|
||||
|
||||
It also takes other standard `mkDerivation` attributes, they are added as such, except for `meta` which extends an automatically computed `meta` (where the `platform` is the same as `coq` and the homepage is automatically computed).
|
||||
|
||||
|
|
|
@ -102,7 +102,7 @@ See the `zlib` example:
|
|||
echo "================= /testing zlib using node ================="
|
||||
'';
|
||||
|
||||
postPatch = pkgs.stdenv.lib.optionalString pkgs.stdenv.isDarwin ''
|
||||
postPatch = pkgs.lib.optionalString pkgs.stdenv.isDarwin ''
|
||||
substituteInPlace configure \
|
||||
--replace '/usr/bin/libtool' 'ar' \
|
||||
--replace 'AR="libtool"' 'AR="ar"' \
|
||||
|
|
|
@ -181,7 +181,7 @@ luaposix = buildLuarocksPackage {
|
|||
disabled = (luaOlder "5.1") || (luaAtLeast "5.4");
|
||||
propagatedBuildInputs = [ bit32 lua std_normalize ];
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
meta = with lib; {
|
||||
homepage = "https://github.com/luaposix/luaposix/";
|
||||
description = "Lua bindings for POSIX";
|
||||
maintainers = with maintainers; [ vyp lblasc ];
|
||||
|
@ -243,4 +243,3 @@ Following rules should be respected:
|
|||
|
||||
* Make sure libraries build for all Lua interpreters.
|
||||
* Commit names of Lua libraries should reflect that they are Lua libraries, so write for example `luaPackages.luafilesystem: 1.11 -> 1.12`.
|
||||
|
||||
|
|
|
@ -116,7 +116,7 @@ The first step will be to build the Maven project as a fixed-output derivation i
|
|||
> Traditionally the Maven repository is at `~/.m2/repository`. We will override this to be the `$out` directory.
|
||||
|
||||
```nix
|
||||
{ stdenv, maven }:
|
||||
{ stdenv, lib, maven }:
|
||||
stdenv.mkDerivation {
|
||||
name = "maven-repository";
|
||||
buildInputs = [ maven ];
|
||||
|
@ -139,7 +139,7 @@ stdenv.mkDerivation {
|
|||
outputHashAlgo = "sha256";
|
||||
outputHashMode = "recursive";
|
||||
# replace this with the correct SHA256
|
||||
outputHash = stdenv.lib.fakeSha256;
|
||||
outputHash = lib.fakeSha256;
|
||||
}
|
||||
```
|
||||
|
||||
|
|
|
@ -7,7 +7,7 @@ Given that most of the OCaml ecosystem is now built with dune, nixpkgs includes
|
|||
Here is a simple package example. It defines an (optional) attribute `minimumOCamlVersion` that will be used to throw a descriptive evaluation error if building with an older OCaml is attempted. It uses the `fetchFromGitHub` fetcher to get its source. It sets the `doCheck` (optional) attribute to `true` which means that tests will be run with `dune runtest -p angstrom` after the build (`dune build -p angstrom`) is complete. It uses `alcotest` as a build input (because it is needed to run the tests) and `bigstringaf` and `result` as propagated build inputs (thus they will also be available to libraries depending on this library). The library will be installed using the `angstrom.install` file that dune generates.
|
||||
|
||||
```nix
|
||||
{ stdenv
|
||||
{ lib
|
||||
, fetchFromGitHub
|
||||
, buildDunePackage
|
||||
, alcotest
|
||||
|
@ -35,8 +35,8 @@ buildDunePackage rec {
|
|||
meta = {
|
||||
homepage = "https://github.com/inhabitedtype/angstrom";
|
||||
description = "OCaml parser combinators built for speed and memory efficiency";
|
||||
license = stdenv.lib.licenses.bsd3;
|
||||
maintainers = with stdenv.lib.maintainers; [ sternenseemann ];
|
||||
license = lib.licenses.bsd3;
|
||||
maintainers = with lib.maintainers; [ sternenseemann ];
|
||||
};
|
||||
}
|
||||
```
|
||||
|
@ -44,7 +44,7 @@ buildDunePackage rec {
|
|||
Here is a second example, this time using a source archive generated with `dune-release`. It is a good idea to use this archive when it is available as it will usually contain substituted variables such as a `%%VERSION%%` field. This library does not depend on any other OCaml library and no tests are run after building it.
|
||||
|
||||
```nix
|
||||
{ stdenv
|
||||
{ lib
|
||||
, fetchurl
|
||||
, buildDunePackage
|
||||
}:
|
||||
|
@ -60,7 +60,7 @@ buildDunePackage rec {
|
|||
sha256 = "1msg3vycd3k8qqj61sc23qks541cxpb97vrnrvrhjnqxsqnh6ygq";
|
||||
};
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
meta = with lib; {
|
||||
homepage = "https://github.com/flowtype/ocaml-wtf8";
|
||||
description = "WTF-8 is a superset of UTF-8 that allows unpaired surrogates.";
|
||||
license = licenses.mit;
|
||||
|
|
|
@ -110,7 +110,7 @@ ClassC3Componentised = buildPerlPackage rec {
|
|||
On Darwin, if a script has too many `-Idir` flags in its first line (its “shebang line”), it will not run. This can be worked around by calling the `shortenPerlShebang` function from the `postInstall` phase:
|
||||
|
||||
```nix
|
||||
{ stdenv, buildPerlPackage, fetchurl, shortenPerlShebang }:
|
||||
{ stdenv, lib, buildPerlPackage, fetchurl, shortenPerlShebang }:
|
||||
|
||||
ImageExifTool = buildPerlPackage {
|
||||
pname = "Image-ExifTool";
|
||||
|
@ -121,8 +121,8 @@ ImageExifTool = buildPerlPackage {
|
|||
sha256 = "0d8v48y94z8maxkmw1rv7v9m0jg2dc8xbp581njb6yhr7abwqdv3";
|
||||
};
|
||||
|
||||
buildInputs = stdenv.lib.optional stdenv.isDarwin shortenPerlShebang;
|
||||
postInstall = stdenv.lib.optional stdenv.isDarwin ''
|
||||
buildInputs = lib.optional stdenv.isDarwin shortenPerlShebang;
|
||||
postInstall = lib.optional stdenv.isDarwin ''
|
||||
shortenPerlShebang $out/bin/exiftool
|
||||
'';
|
||||
};
|
||||
|
@ -151,7 +151,7 @@ $ nix-generate-from-cpan XML::Simple
|
|||
propagatedBuildInputs = [ XMLNamespaceSupport XMLSAX XMLSAXExpat ];
|
||||
meta = {
|
||||
description = "An API for simple XML files";
|
||||
license = with stdenv.lib.licenses; [ artistic1 gpl1Plus ];
|
||||
license = with lib.licenses; [ artistic1 gpl1Plus ];
|
||||
};
|
||||
};
|
||||
```
|
||||
|
|
|
@ -105,6 +105,12 @@ mv cran-packages.nix.new cran-packages.nix
|
|||
|
||||
Rscript generate-r-packages.R bioc > bioc-packages.nix.new
|
||||
mv bioc-packages.nix.new bioc-packages.nix
|
||||
|
||||
Rscript generate-r-packages.R bioc-annotation > bioc-annotation-packages.nix.new
|
||||
mv bioc-annotation-packages.nix.new bioc-annotation-packages.nix
|
||||
|
||||
Rscript generate-r-packages.R bioc-experiment > bioc-experiment-packages.nix.new
|
||||
mv bioc-experiment-packages.nix.new bioc-experiment-packages.nix
|
||||
```
|
||||
|
||||
`generate-r-packages.R <repo>` reads `<repo>-packages.nix`, therefor the renaming.
|
||||
|
|
|
@ -32,7 +32,7 @@ rustPlatform.buildRustPackage rec {
|
|||
|
||||
cargoSha256 = "03wf9r2csi6jpa7v5sw5lpxkrk4wfzwmzx7k3991q3bdjzcwnnwp";
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
meta = with lib; {
|
||||
description = "A fast line-oriented regex search tool, similar to ag and ack";
|
||||
homepage = "https://github.com/BurntSushi/ripgrep";
|
||||
license = licenses.unlicense;
|
||||
|
@ -58,13 +58,13 @@ then be taken from the failed build. A fake hash can be used for
|
|||
`cargoSha256` as follows:
|
||||
|
||||
```
|
||||
cargoSha256 = stdenv.lib.fakeSha256;
|
||||
cargoSha256 = lib.fakeSha256;
|
||||
```
|
||||
|
||||
For `cargoHash` you can use:
|
||||
|
||||
```
|
||||
cargoHash = stdenv.lib.fakeHash;
|
||||
cargoHash = lib.fakeHash;
|
||||
```
|
||||
|
||||
Per the instructions in the [Cargo Book](https://doc.rust-lang.org/cargo/guide/cargo-toml-vs-cargo-lock.html)
|
||||
|
|
22
third_party/nixpkgs/doc/stdenv/meta.xml
vendored
22
third_party/nixpkgs/doc/stdenv/meta.xml
vendored
|
@ -5,7 +5,7 @@
|
|||
<para>
|
||||
Nix packages can declare <emphasis>meta-attributes</emphasis> that contain information about a package such as a description, its homepage, its license, and so on. For instance, the GNU Hello package has a <varname>meta</varname> declaration like this:
|
||||
<programlisting>
|
||||
meta = with stdenv.lib; {
|
||||
meta = with lib; {
|
||||
description = "A program that produces a familiar, friendly greeting";
|
||||
longDescription = ''
|
||||
GNU Hello is a program that prints "Hello, world!" when you run it.
|
||||
|
@ -155,7 +155,7 @@ hello-2.3 A program that produces a familiar, friendly greeting
|
|||
<itemizedlist>
|
||||
<listitem>
|
||||
<para>
|
||||
Single license referenced by attribute (preferred) <literal>stdenv.lib.licenses.gpl3Only</literal>.
|
||||
Single license referenced by attribute (preferred) <literal>lib.licenses.gpl3Only</literal>.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
|
@ -170,7 +170,7 @@ hello-2.3 A program that produces a familiar, friendly greeting
|
|||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
Multiple licenses referenced by attribute (preferred) <literal>with stdenv.lib.licenses; [ asl20 free ofl ]</literal>.
|
||||
Multiple licenses referenced by attribute (preferred) <literal>with lib.licenses; [ asl20 free ofl ]</literal>.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
|
@ -211,9 +211,9 @@ hello-2.3 A program that produces a familiar, friendly greeting
|
|||
<para>
|
||||
The list of Nix platform types on which the package is supported. Hydra builds packages according to the platform specified. If no platform is specified, the package does not have prebuilt binaries. An example is:
|
||||
<programlisting>
|
||||
meta.platforms = stdenv.lib.platforms.linux;
|
||||
meta.platforms = lib.platforms.linux;
|
||||
</programlisting>
|
||||
Attribute Set <varname>stdenv.lib.platforms</varname> defines <link xlink:href="https://github.com/NixOS/nixpkgs/blob/master/lib/systems/doubles.nix"> various common lists</link> of platforms types.
|
||||
Attribute Set <varname>lib.platforms</varname> defines <link xlink:href="https://github.com/NixOS/nixpkgs/blob/master/lib/systems/doubles.nix"> various common lists</link> of platforms types.
|
||||
</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
@ -262,7 +262,7 @@ meta.platforms = stdenv.lib.platforms.linux;
|
|||
<para>
|
||||
The list of Nix platform types for which the Hydra instance at <literal>hydra.nixos.org</literal> will build the package. (Hydra is the Nix-based continuous build system.) It defaults to the value of <varname>meta.platforms</varname>. Thus, the only reason to set <varname>meta.hydraPlatforms</varname> is if you want <literal>hydra.nixos.org</literal> to build the package on a subset of <varname>meta.platforms</varname>, or not at all, e.g.
|
||||
<programlisting>
|
||||
meta.platforms = stdenv.lib.platforms.linux;
|
||||
meta.platforms = lib.platforms.linux;
|
||||
meta.hydraPlatforms = [];
|
||||
</programlisting>
|
||||
</para>
|
||||
|
@ -294,7 +294,7 @@ meta.hydraPlatforms = [];
|
|||
<title>Licenses</title>
|
||||
|
||||
<para>
|
||||
The <varname>meta.license</varname> attribute should preferrably contain a value from <varname>stdenv.lib.licenses</varname> defined in <link xlink:href="https://github.com/NixOS/nixpkgs/blob/master/lib/licenses.nix"> <filename>nixpkgs/lib/licenses.nix</filename></link>, or in-place license description of the same format if the license is unlikely to be useful in another expression.
|
||||
The <varname>meta.license</varname> attribute should preferrably contain a value from <varname>lib.licenses</varname> defined in <link xlink:href="https://github.com/NixOS/nixpkgs/blob/master/lib/licenses.nix"> <filename>nixpkgs/lib/licenses.nix</filename></link>, or in-place license description of the same format if the license is unlikely to be useful in another expression.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
|
@ -302,7 +302,7 @@ meta.hydraPlatforms = [];
|
|||
<variablelist>
|
||||
<varlistentry>
|
||||
<term>
|
||||
<varname>stdenv.lib.licenses.free</varname>, <varname>"free"</varname>
|
||||
<varname>lib.licenses.free</varname>, <varname>"free"</varname>
|
||||
</term>
|
||||
<listitem>
|
||||
<para>
|
||||
|
@ -312,7 +312,7 @@ meta.hydraPlatforms = [];
|
|||
</varlistentry>
|
||||
<varlistentry>
|
||||
<term>
|
||||
<varname>stdenv.lib.licenses.unfreeRedistributable</varname>, <varname>"unfree-redistributable"</varname>
|
||||
<varname>lib.licenses.unfreeRedistributable</varname>, <varname>"unfree-redistributable"</varname>
|
||||
</term>
|
||||
<listitem>
|
||||
<para>
|
||||
|
@ -325,7 +325,7 @@ meta.hydraPlatforms = [];
|
|||
</varlistentry>
|
||||
<varlistentry>
|
||||
<term>
|
||||
<varname>stdenv.lib.licenses.unfree</varname>, <varname>"unfree"</varname>
|
||||
<varname>lib.licenses.unfree</varname>, <varname>"unfree"</varname>
|
||||
</term>
|
||||
<listitem>
|
||||
<para>
|
||||
|
@ -335,7 +335,7 @@ meta.hydraPlatforms = [];
|
|||
</varlistentry>
|
||||
<varlistentry>
|
||||
<term>
|
||||
<varname>stdenv.lib.licenses.unfreeRedistributableFirmware</varname>, <varname>"unfree-redistributable-firmware"</varname>
|
||||
<varname>lib.licenses.unfreeRedistributableFirmware</varname>, <varname>"unfree-redistributable-firmware"</varname>
|
||||
</term>
|
||||
<listitem>
|
||||
<para>
|
||||
|
|
|
@ -32,7 +32,7 @@ stdenv.mkDerivation {
|
|||
stdenv.mkDerivation {
|
||||
name = "libfoo-1.2.3";
|
||||
# ...
|
||||
makeFlags = stdenv.lib.optional stdenv.isDarwin "LDFLAGS=-Wl,-install_name,$(out)/lib/libfoo.dylib";
|
||||
makeFlags = lib.optional stdenv.isDarwin "LDFLAGS=-Wl,-install_name,$(out)/lib/libfoo.dylib";
|
||||
}
|
||||
</programlisting>
|
||||
</listitem>
|
||||
|
|
|
@ -157,7 +157,7 @@
|
|||
The following example configuration whitelists the licenses <literal>amd</literal> and <literal>wtfpl</literal>:
|
||||
<programlisting>
|
||||
{
|
||||
whitelistedLicenses = with stdenv.lib.licenses; [ amd wtfpl ];
|
||||
whitelistedLicenses = with lib.licenses; [ amd wtfpl ];
|
||||
}
|
||||
</programlisting>
|
||||
</para>
|
||||
|
@ -165,7 +165,7 @@
|
|||
The following example configuration blacklists the <literal>gpl3Only</literal> and <literal>agpl3Only</literal> licenses:
|
||||
<programlisting>
|
||||
{
|
||||
blacklistedLicenses = with stdenv.lib.licenses; [ agpl3Only gpl3Only ];
|
||||
blacklistedLicenses = with lib.licenses; [ agpl3Only gpl3Only ];
|
||||
}
|
||||
</programlisting>
|
||||
</para>
|
||||
|
|
|
@ -3771,6 +3771,12 @@
|
|||
githubId = 7481521;
|
||||
name = "Balázs Lengyel";
|
||||
};
|
||||
ilian = {
|
||||
email = "ilian@tuta.io";
|
||||
github = "ilian";
|
||||
githubId = 25505957;
|
||||
name = "Ilian";
|
||||
};
|
||||
ilikeavocadoes = {
|
||||
email = "ilikeavocadoes@hush.com";
|
||||
github = "ilikeavocadoes";
|
||||
|
@ -4666,6 +4672,12 @@
|
|||
githubId = 494012;
|
||||
name = "Kevin Cox";
|
||||
};
|
||||
kevingriffin = {
|
||||
email = "me@kevin.jp";
|
||||
github = "kevingriffin";
|
||||
githubId = 209729;
|
||||
name = "Kevin Griffin";
|
||||
};
|
||||
kfollesdal = {
|
||||
email = "kfollesdal@gmail.com";
|
||||
github = "kfollesdal";
|
||||
|
@ -5490,6 +5502,12 @@
|
|||
githubId = 346094;
|
||||
name = "Michael Alyn Miller";
|
||||
};
|
||||
manojkarthick = {
|
||||
email = "smanojkarthick@gmail.com";
|
||||
github = "manojkarthick";
|
||||
githubId = 7802795;
|
||||
name = "Manoj Karthick";
|
||||
};
|
||||
manveru = {
|
||||
email = "m.fellinger@gmail.com";
|
||||
github = "manveru";
|
||||
|
@ -5690,6 +5708,12 @@
|
|||
githubId = 2971615;
|
||||
name = "Marius Bergmann";
|
||||
};
|
||||
mcaju = {
|
||||
email = "cajum.bugs@yandex.com";
|
||||
github = "CajuM";
|
||||
githubId = 10420834;
|
||||
name = "Mihai-Drosi Caju";
|
||||
};
|
||||
mcbeth = {
|
||||
email = "mcbeth@broggs.org";
|
||||
github = "mcbeth";
|
||||
|
@ -5911,6 +5935,12 @@
|
|||
githubId = 1387206;
|
||||
name = "Mike Sperber";
|
||||
};
|
||||
milesbreslin = {
|
||||
email = "milesbreslin@gmail.com";
|
||||
github = "milesbreslin";
|
||||
githubId = 38543128;
|
||||
name = "Miles Breslin";
|
||||
};
|
||||
millerjason = {
|
||||
email = "mailings-github@millerjason.com";
|
||||
github = "millerjason";
|
||||
|
@ -6385,6 +6415,12 @@
|
|||
githubId = 364510;
|
||||
name = "Tobias Geerinckx-Rice";
|
||||
};
|
||||
ndl = {
|
||||
email = "ndl@endl.ch";
|
||||
github = "ndl";
|
||||
githubId = 137805;
|
||||
name = "Alexander Tsvyashchenko";
|
||||
};
|
||||
neeasade = {
|
||||
email = "nathanisom27@gmail.com";
|
||||
github = "neeasade";
|
||||
|
@ -6529,12 +6565,6 @@
|
|||
github = "NobbZ";
|
||||
githubId = 58951;
|
||||
};
|
||||
nocent = {
|
||||
email = "nocent@protonmail.ch";
|
||||
github = "nocent";
|
||||
githubId = 25505957;
|
||||
name = "nocent";
|
||||
};
|
||||
nocoolnametom = {
|
||||
email = "nocoolnametom@gmail.com";
|
||||
github = "nocoolnametom";
|
||||
|
@ -6985,6 +7015,12 @@
|
|||
githubId = 28323;
|
||||
name = "Peter Simons";
|
||||
};
|
||||
petterstorvik = {
|
||||
email = "petterstorvik@gmail.com";
|
||||
github = "storvik";
|
||||
githubId = 3438604;
|
||||
name = "Petter Storvik";
|
||||
};
|
||||
philandstuff = {
|
||||
email = "philip.g.potter@gmail.com";
|
||||
github = "philandstuff";
|
||||
|
@ -7557,6 +7593,12 @@
|
|||
githubId = 395821;
|
||||
name = "rht";
|
||||
};
|
||||
rhoriguchi = {
|
||||
email = "ryan.horiguchi@gmail.com";
|
||||
github = "rhoriguchi ";
|
||||
githubId = 6047658;
|
||||
name = "Ryan Horiguchi";
|
||||
};
|
||||
richardipsum = {
|
||||
email = "richardipsum@fastmail.co.uk";
|
||||
github = "richardipsum";
|
||||
|
@ -8629,6 +8671,12 @@
|
|||
githubId = 2666479;
|
||||
name = "Y Nguyen";
|
||||
};
|
||||
superherointj = {
|
||||
name = "Sérgio G.";
|
||||
email = "5861043+superherointj@users.noreply.github.com";
|
||||
github = "superherointj";
|
||||
githubId = 5861043;
|
||||
};
|
||||
SuperSandro2000 = {
|
||||
email = "sandro.jaeckel@gmail.com";
|
||||
github = "SuperSandro2000";
|
||||
|
@ -8879,6 +8927,12 @@
|
|||
githubId = 649832;
|
||||
name = "Teo Klestrup Röijezon";
|
||||
};
|
||||
terin = {
|
||||
email = "terinjokes@gmail.com";
|
||||
github = "terinjokes";
|
||||
githubId = 273509;
|
||||
name = "Terin Stock";
|
||||
};
|
||||
terlar = {
|
||||
email = "terlar@gmail.com";
|
||||
github = "terlar";
|
||||
|
@ -9251,6 +9305,12 @@
|
|||
githubId = 303489;
|
||||
name = "Manuel Bärenz";
|
||||
};
|
||||
tu-maurice = {
|
||||
email = "valentin.gehrke+nixpkgs@zom.bi";
|
||||
github = "tu-maurice";
|
||||
githubId = 16151097;
|
||||
name = "Valentin Gehrke";
|
||||
};
|
||||
tv = {
|
||||
email = "tv@krebsco.de";
|
||||
github = "4z3";
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ stdenv, makeWrapper, perl, perlPackages }:
|
||||
{ stdenv, lib, makeWrapper, perl, perlPackages }:
|
||||
|
||||
stdenv.mkDerivation {
|
||||
name = "nix-generate-from-cpan-3";
|
||||
|
@ -18,8 +18,8 @@ stdenv.mkDerivation {
|
|||
'';
|
||||
|
||||
meta = {
|
||||
maintainers = with stdenv.lib.maintainers; [ eelco rycee ];
|
||||
maintainers = with lib.maintainers; [ eelco rycee ];
|
||||
description = "Utility to generate a Nix expression for a Perl package from CPAN";
|
||||
platforms = stdenv.lib.platforms.unix;
|
||||
platforms = lib.platforms.unix;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -309,7 +309,7 @@ sub render_license {
|
|||
# "GPL v2" or to "GPL v2 or later".
|
||||
my $amb = 0;
|
||||
|
||||
# Whether the license is available inside `stdenv.lib.licenses`.
|
||||
# Whether the license is available inside `lib.licenses`.
|
||||
my $in_set = 1;
|
||||
|
||||
my $nix_license = $LICENSE_MAP{$cpan_license};
|
||||
|
@ -331,7 +331,7 @@ sub render_license {
|
|||
# Avoid defining the license line.
|
||||
}
|
||||
elsif ($in_set) {
|
||||
my $lic = 'stdenv.lib.licenses';
|
||||
my $lic = 'lib.licenses';
|
||||
if ( @$licenses == 1 ) {
|
||||
$license_line = "$lic.$licenses->[0]";
|
||||
}
|
||||
|
@ -449,7 +449,7 @@ print <<EOF;
|
|||
meta = {
|
||||
EOF
|
||||
print <<EOF if defined $homepage;
|
||||
homepage = $homepage;
|
||||
homepage = "$homepage";
|
||||
EOF
|
||||
print <<EOF if defined $description && $description ne "Unknown";
|
||||
description = "$description";
|
||||
|
|
|
@ -1343,6 +1343,14 @@ CREATE ROLE postgres LOGIN SUPERUSER;
|
|||
It was chosen to do this as it has a usability breaking issue (see issue <link xlink:href="https://github.com/NixOS/nixpkgs/issues/98819">#98819</link>)
|
||||
that makes it unsuitable to be a default app.
|
||||
</para>
|
||||
<note>
|
||||
<para>
|
||||
Issue <link
|
||||
xlink:href="https://github.com/NixOS/nixpkgs/issues/98819">#98819</link>
|
||||
is now fixed and <package>gnome3.epiphany</package> is once
|
||||
again installed by default.
|
||||
</para>
|
||||
</note>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
|
|
|
@ -107,6 +107,15 @@
|
|||
user D-Bus session available also for non-graphical logins.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
The <varname>networking.wireless.iwd</varname> module now installs
|
||||
the upstream-provided 80-iwd.link file, which sets the NamePolicy=
|
||||
for all wlan devices to "keep kernel", to avoid race conditions
|
||||
between iwd and networkd. If you don't want this, you can set
|
||||
<literal>systemd.network.links."80-iwd" = lib.mkForce {}</literal>.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<literal>rubyMinimal</literal> was removed due to being unused and
|
||||
|
@ -176,6 +185,30 @@
|
|||
with <literal>mkfs.xfs -m reflink=0</literal>.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
The uWSGI server is now built with POSIX capabilities. As a consequence,
|
||||
root is no longer required in emperor mode and the service defaults to
|
||||
running as the unprivileged <literal>uwsgi</literal> user. Any additional
|
||||
capability can be added via the new option
|
||||
<xref linkend="opt-services.uwsgi.capabilities"/>.
|
||||
The previous behaviour can be restored by setting:
|
||||
<programlisting>
|
||||
<xref linkend="opt-services.uwsgi.user"/> = "root";
|
||||
<xref linkend="opt-services.uwsgi.group"/> = "root";
|
||||
<xref linkend="opt-services.uwsgi.instance"/> =
|
||||
{
|
||||
uid = "uwsgi";
|
||||
gid = "uwsgi";
|
||||
};
|
||||
</programlisting>
|
||||
</para>
|
||||
<para>
|
||||
Another incompatibility from the previous release is that vassals running under a
|
||||
different user or group need to use <literal>immediate-{uid,gid}</literal>
|
||||
instead of the usual <literal>uid,gid</literal> options.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<package>btc1</package> has been abandoned upstream, and removed.
|
||||
|
@ -223,6 +256,22 @@
|
|||
which is the new stable release. OpenAFS 1.6 was removed.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
MariaDB has been updated to 10.5.
|
||||
Before you upgrade, it would be best to take a backup of your database and read
|
||||
<link xlink:href="https://mariadb.com/kb/en/upgrading-from-mariadb-104-to-mariadb-105/#incompatible-changes-between-104-and-105">
|
||||
Incompatible Changes Between 10.4 and 10.5</link>.
|
||||
After the upgrade you will need to run <literal>mysql_upgrade</literal>.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
The TokuDB storage engine dropped in <package>mariadb</package> 10.5 and removed in <package>mariadb</package> 10.6.
|
||||
It is recommended to switch to RocksDB. See also <link xlink:href="https://mariadb.com/kb/en/tokudb/">TokuDB</link> and
|
||||
<link xlink:href="https://jira.mariadb.org/browse/MDEV-19780">MDEV-19780: Remove the TokuDB storage engine</link>.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
The <literal>openldap</literal> module now has support for OLC-style
|
||||
|
@ -321,8 +370,8 @@
|
|||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<package>fish-foreign-env</package> is now an alias for the
|
||||
<package>fishPlugins.foreign-env</package> package, in which the fish
|
||||
The <package>fish-foreign-env</package> package has been replaced with
|
||||
<package>fishPlugins.foreign-env</package>, in which the fish
|
||||
functions have been relocated to the
|
||||
<literal>vendor_functions.d</literal> directory to be loaded automatically.
|
||||
</para>
|
||||
|
@ -353,6 +402,34 @@ http://some.json-exporter.host:7979/probe?target=https://example.com/some/json/e
|
|||
official documentation</link> of the json_exporter.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
Androidenv was updated, removing the <literal>includeDocs</literal> and <literal>lldbVersions</literal>
|
||||
arguments. Docs only covered a single version of the Android SDK, LLDB is now bundled with the NDK,
|
||||
and both are no longer available to download from the Android package repositories. Additionally, since
|
||||
the package lists have been updated, some older versions of Android packages may not be bundled. If you
|
||||
depend on older versions of Android packages, we recommend overriding the repo.
|
||||
</para>
|
||||
<para>
|
||||
Android packages are now loaded from a repo.json file created by parsing Android repo XML files. The arguments
|
||||
<literal>repoJson</literal> and <literal>repoXmls</literal> have been added to allow overriding the built-in
|
||||
androidenv repo.json with your own. Additionally, license files are now written to allow compatibility
|
||||
with Gradle-based tools, and the <literal>extraLicenses</literal> argument has been added to accept more
|
||||
SDK licenses if your project requires it. See the androidenv documentation for more details.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
The Searx module has been updated with the ability to configure the
|
||||
service declaratively and uWSGI integration.
|
||||
The option <literal>services.searx.configFile</literal> has been renamed
|
||||
to <xref linkend="opt-services.searx.settingsFile"/> for consistency with
|
||||
the new <xref linkend="opt-services.searx.settings"/>. In addition, the
|
||||
<literal>searx</literal> uid and gid reservations have been removed
|
||||
since they were not necessary: the service is now running with a
|
||||
dynamically allocated uid.
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</section>
|
||||
|
||||
|
@ -504,6 +581,17 @@ http://some.json-exporter.host:7979/probe?target=https://example.com/some/json/e
|
|||
The option's description was incorrect regarding ownership management and has been simplified greatly.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
The GNOME desktop manager once again installs <package>gnome3.epiphany</package> by default.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
NixOS now generates empty <literal>/etc/netgroup</literal>.
|
||||
<literal>/etc/netgroup</literal> defines network-wide groups and may affect to setups using NIS.
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</section>
|
||||
</section>
|
||||
|
|
|
@ -219,7 +219,7 @@ upload_image() {
|
|||
log "Registering snapshot $snapshot_id as AMI"
|
||||
|
||||
local block_device_mappings=(
|
||||
"DeviceName=/dev/xvda,Ebs={SnapshotId=$snapshot_id,VolumeSize=$image_logical_gigabytes,DeleteOnTermination=true,VolumeType=gp2}"
|
||||
"DeviceName=/dev/xvda,Ebs={SnapshotId=$snapshot_id,VolumeSize=$image_logical_gigabytes,DeleteOnTermination=true,VolumeType=gp3}"
|
||||
)
|
||||
|
||||
local extra_flags=(
|
||||
|
|
|
@ -193,6 +193,10 @@ in
|
|||
cat ${escapeShellArgs cfg.hostFiles} > $out
|
||||
'';
|
||||
|
||||
# /etc/netgroup: Network-wide groups.
|
||||
netgroup.text = mkDefault ''
|
||||
'';
|
||||
|
||||
# /etc/host.conf: resolver configuration file
|
||||
"host.conf".text = ''
|
||||
multi on
|
||||
|
|
|
@ -29,7 +29,7 @@ in
|
|||
options.i18n = {
|
||||
inputMethod = {
|
||||
enabled = mkOption {
|
||||
type = types.nullOr (types.enum [ "ibus" "fcitx" "nabi" "uim" "hime" ]);
|
||||
type = types.nullOr (types.enum [ "ibus" "fcitx" "fcitx5" "nabi" "uim" "hime" ]);
|
||||
default = null;
|
||||
example = "fcitx";
|
||||
description = ''
|
||||
|
|
33
third_party/nixpkgs/nixos/modules/i18n/input-method/fcitx5.nix
vendored
Normal file
33
third_party/nixpkgs/nixos/modules/i18n/input-method/fcitx5.nix
vendored
Normal file
|
@ -0,0 +1,33 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
im = config.i18n.inputMethod;
|
||||
cfg = im.fcitx5;
|
||||
fcitx5Package = pkgs.fcitx5-with-addons.override { inherit (cfg) addons; };
|
||||
in
|
||||
{
|
||||
options = {
|
||||
i18n.inputMethod.fcitx5 = {
|
||||
addons = mkOption {
|
||||
type = with types; listOf package;
|
||||
default = [];
|
||||
example = with pkgs; [ fcitx5-rime ];
|
||||
description = ''
|
||||
Enabled Fcitx5 addons.
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf (im.enabled == "fcitx5") {
|
||||
i18n.inputMethod.package = fcitx5Package;
|
||||
|
||||
environment.variables = {
|
||||
GTK_IM_MODULE = "fcitx";
|
||||
QT_IM_MODULE = "fcitx";
|
||||
XMODIFIERS = "@im=fcitx";
|
||||
};
|
||||
};
|
||||
}
|
|
@ -425,7 +425,12 @@ in
|
|||
};
|
||||
|
||||
isoImage.squashfsCompression = mkOption {
|
||||
default = "xz -Xdict-size 100%";
|
||||
default = with pkgs.stdenv.targetPlatform; "xz -Xdict-size 100% "
|
||||
+ lib.optionalString (isx86_32 || isx86_64) "-Xbcj x86"
|
||||
# Untested but should also reduce size for these platforms
|
||||
+ lib.optionalString (isAarch32 || isAarch64) "-Xbcj arm"
|
||||
+ lib.optionalString (isPowerPC) "-Xbcj powerpc"
|
||||
+ lib.optionalString (isSparc) "-Xbcj sparc";
|
||||
description = ''
|
||||
Compression settings to use for the squashfs nix store.
|
||||
'';
|
||||
|
|
|
@ -143,7 +143,7 @@ in
|
|||
nix-ssh = 104;
|
||||
dictd = 105;
|
||||
couchdb = 106;
|
||||
searx = 107;
|
||||
#searx = 107; # dynamically allocated as of 2020-10-27
|
||||
kippo = 108;
|
||||
jenkins = 109;
|
||||
systemd-journal-gateway = 110;
|
||||
|
@ -457,7 +457,7 @@ in
|
|||
#nix-ssh = 104; # unused
|
||||
dictd = 105;
|
||||
couchdb = 106;
|
||||
searx = 107;
|
||||
#searx = 107; # dynamically allocated as of 2020-10-27
|
||||
kippo = 108;
|
||||
jenkins = 109;
|
||||
systemd-journal-gateway = 110;
|
||||
|
|
|
@ -82,6 +82,7 @@
|
|||
./hardware/xpadneo.nix
|
||||
./i18n/input-method/default.nix
|
||||
./i18n/input-method/fcitx.nix
|
||||
./i18n/input-method/fcitx5.nix
|
||||
./i18n/input-method/hime.nix
|
||||
./i18n/input-method/ibus.nix
|
||||
./i18n/input-method/nabi.nix
|
||||
|
@ -101,6 +102,7 @@
|
|||
./misc/version.nix
|
||||
./misc/nixops-autoluks.nix
|
||||
./programs/adb.nix
|
||||
./programs/appgate-sdp.nix
|
||||
./programs/atop.nix
|
||||
./programs/autojump.nix
|
||||
./programs/bandwhich.nix
|
||||
|
@ -226,6 +228,7 @@
|
|||
./services/audio/icecast.nix
|
||||
./services/audio/liquidsoap.nix
|
||||
./services/audio/mpd.nix
|
||||
./services/audio/mpdscribble.nix
|
||||
./services/audio/mopidy.nix
|
||||
./services/audio/roon-server.nix
|
||||
./services/audio/slimserver.nix
|
||||
|
@ -492,6 +495,7 @@
|
|||
./services/misc/nix-ssh-serve.nix
|
||||
./services/misc/novacomd.nix
|
||||
./services/misc/nzbget.nix
|
||||
./services/misc/nzbhydra2.nix
|
||||
./services/misc/octoprint.nix
|
||||
./services/misc/osrm.nix
|
||||
./services/misc/packagekit.nix
|
||||
|
@ -896,6 +900,7 @@
|
|||
./services/web-apps/selfoss.nix
|
||||
./services/web-apps/shiori.nix
|
||||
./services/web-apps/virtlyst.nix
|
||||
./services/web-apps/whitebophir.nix
|
||||
./services/web-apps/wordpress.nix
|
||||
./services/web-apps/youtrack.nix
|
||||
./services/web-apps/zabbix.nix
|
||||
|
@ -951,6 +956,7 @@
|
|||
./services/x11/urxvtd.nix
|
||||
./services/x11/window-managers/awesome.nix
|
||||
./services/x11/window-managers/default.nix
|
||||
./services/x11/window-managers/clfswm.nix
|
||||
./services/x11/window-managers/fluxbox.nix
|
||||
./services/x11/window-managers/icewm.nix
|
||||
./services/x11/window-managers/bspwm.nix
|
||||
|
|
|
@ -3,8 +3,10 @@
|
|||
# enabled in the initrd. Its primary use is in the NixOS installation
|
||||
# CDs.
|
||||
|
||||
{ ... }:
|
||||
|
||||
{ pkgs, lib,... }:
|
||||
let
|
||||
platform = pkgs.stdenv.hostPlatform;
|
||||
in
|
||||
{
|
||||
|
||||
# The initrd has to contain any module that might be necessary for
|
||||
|
@ -42,7 +44,10 @@
|
|||
"virtio_net" "virtio_pci" "virtio_blk" "virtio_scsi" "virtio_balloon" "virtio_console"
|
||||
|
||||
# VMware support.
|
||||
"mptspi" "vmw_balloon" "vmwgfx" "vmw_vmci" "vmw_vsock_vmci_transport" "vmxnet3" "vsock"
|
||||
"mptspi" "vmxnet3" "vsock"
|
||||
] ++ lib.optional platform.isx86 "vmw_balloon"
|
||||
++ lib.optionals (!platform.isAarch64) [ # not sure where else they're missing
|
||||
"vmw_vmci" "vmwgfx" "vmw_vsock_vmci_transport"
|
||||
|
||||
# Hyper-V support.
|
||||
"hv_storvsc"
|
||||
|
|
|
@ -40,7 +40,7 @@ let
|
|||
}
|
||||
''}
|
||||
|
||||
${credentialsPlaceholder cfg.credentials}
|
||||
${optionalString (cfg.credentials != []) (credentialsPlaceholder cfg.credentials)}
|
||||
|
||||
${cfg.extraConfig}
|
||||
'';
|
||||
|
@ -234,9 +234,10 @@ in {
|
|||
ExecStartPre = pkgs.writeShellScript "mpd-start-pre" ''
|
||||
set -euo pipefail
|
||||
install -m 600 ${mpdConf} /run/mpd/mpd.conf
|
||||
${pkgs.replace}/bin/replace-literal -fe ${
|
||||
${optionalString (cfg.credentials != [])
|
||||
"${pkgs.replace}/bin/replace-literal -fe ${
|
||||
concatStringsSep " -a " (imap0 (i: c: "\"{{password-${toString i}}}\" \"$(cat ${c.passwordFile})\"") cfg.credentials)
|
||||
} /run/mpd/mpd.conf
|
||||
} /run/mpd/mpd.conf"}
|
||||
'';
|
||||
RuntimeDirectory = "mpd";
|
||||
Type = "notify";
|
||||
|
|
202
third_party/nixpkgs/nixos/modules/services/audio/mpdscribble.nix
vendored
Normal file
202
third_party/nixpkgs/nixos/modules/services/audio/mpdscribble.nix
vendored
Normal file
|
@ -0,0 +1,202 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.mpdscribble;
|
||||
mpdCfg = config.services.mpd;
|
||||
|
||||
endpointUrls = {
|
||||
"last.fm" = "http://post.audioscrobbler.com";
|
||||
"libre.fm" = "http://turtle.libre.fm";
|
||||
"jamendo" = "http://postaudioscrobbler.jamendo.com";
|
||||
"listenbrainz" = "http://proxy.listenbrainz.org";
|
||||
};
|
||||
|
||||
mkSection = secname: secCfg: ''
|
||||
[${secname}]
|
||||
url = ${secCfg.url}
|
||||
username = ${secCfg.username}
|
||||
password = {{${secname}_PASSWORD}}
|
||||
journal = /var/lib/mpdscribble/${secname}.journal
|
||||
'';
|
||||
|
||||
endpoints = concatStringsSep "\n" (mapAttrsToList mkSection cfg.endpoints);
|
||||
cfgTemplate = pkgs.writeText "mpdscribble.conf" ''
|
||||
## This file was automatically genenrated by NixOS and will be overwritten.
|
||||
## Do not edit. Edit your NixOS configuration instead.
|
||||
|
||||
## mpdscribble - an audioscrobbler for the Music Player Daemon.
|
||||
## http://mpd.wikia.com/wiki/Client:mpdscribble
|
||||
|
||||
# HTTP proxy URL.
|
||||
${optionalString (cfg.proxy != null) "proxy = ${cfg.proxy}"}
|
||||
|
||||
# The location of the mpdscribble log file. The special value
|
||||
# "syslog" makes mpdscribble use the local syslog daemon. On most
|
||||
# systems, log messages will appear in /var/log/daemon.log then.
|
||||
# "-" means log to stderr (the current terminal).
|
||||
log = -
|
||||
|
||||
# How verbose mpdscribble's logging should be. Default is 1.
|
||||
verbose = ${toString cfg.verbose}
|
||||
|
||||
# How often should mpdscribble save the journal file? [seconds]
|
||||
journal_interval = ${toString cfg.journalInterval}
|
||||
|
||||
# The host running MPD, possibly protected by a password
|
||||
# ([PASSWORD@]HOSTNAME).
|
||||
host = ${(optionalString (cfg.passwordFile != null) "{{MPD_PASSWORD}}@") + cfg.host}
|
||||
|
||||
# The port that the MPD listens on and mpdscribble should try to
|
||||
# connect to.
|
||||
port = ${toString cfg.port}
|
||||
|
||||
${endpoints}
|
||||
'';
|
||||
|
||||
cfgFile = "/run/mpdscribble/mpdscribble.conf";
|
||||
|
||||
replaceSecret = secretFile: placeholder: targetFile:
|
||||
optionalString (secretFile != null) ''
|
||||
${pkgs.replace}/bin/replace-literal -ef ${placeholder} "$(cat ${secretFile})" ${targetFile}'';
|
||||
|
||||
preStart = pkgs.writeShellScript "mpdscribble-pre-start" ''
|
||||
cp -f "${cfgTemplate}" "${cfgFile}"
|
||||
${replaceSecret cfg.passwordFile "{{MPD_PASSWORD}}" cfgFile}
|
||||
${concatStringsSep "\n" (mapAttrsToList (secname: cfg:
|
||||
replaceSecret cfg.passwordFile "{{${secname}_PASSWORD}}" cfgFile)
|
||||
cfg.endpoints)}
|
||||
'';
|
||||
|
||||
localMpd = (cfg.host == "localhost" || cfg.host == "127.0.0.1");
|
||||
|
||||
in {
|
||||
###### interface
|
||||
|
||||
options.services.mpdscribble = {
|
||||
|
||||
enable = mkEnableOption "mpdscribble";
|
||||
|
||||
proxy = mkOption {
|
||||
default = null;
|
||||
type = types.nullOr types.str;
|
||||
description = ''
|
||||
HTTP proxy URL.
|
||||
'';
|
||||
};
|
||||
|
||||
verbose = mkOption {
|
||||
default = 1;
|
||||
type = types.int;
|
||||
description = ''
|
||||
Log level for the mpdscribble daemon.
|
||||
'';
|
||||
};
|
||||
|
||||
journalInterval = mkOption {
|
||||
default = 600;
|
||||
example = 60;
|
||||
type = types.int;
|
||||
description = ''
|
||||
How often should mpdscribble save the journal file? [seconds]
|
||||
'';
|
||||
};
|
||||
|
||||
host = mkOption {
|
||||
default = (if mpdCfg.network.listenAddress != "any" then
|
||||
mpdCfg.network.listenAddress
|
||||
else
|
||||
"localhost");
|
||||
type = types.str;
|
||||
description = ''
|
||||
Host for the mpdscribble daemon to search for a mpd daemon on.
|
||||
'';
|
||||
};
|
||||
|
||||
passwordFile = mkOption {
|
||||
default = if localMpd then
|
||||
(findFirst
|
||||
(c: any (x: x == "read") c.permissions)
|
||||
{ passwordFile = null; }
|
||||
mpdCfg.credentials).passwordFile
|
||||
else
|
||||
null;
|
||||
type = types.nullOr types.str;
|
||||
description = ''
|
||||
File containing the password for the mpd daemon.
|
||||
If there is a local mpd configured using <option>services.mpd.credentials</option>
|
||||
the default is automatically set to a matching passwordFile of the local mpd.
|
||||
'';
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
default = mpdCfg.network.port;
|
||||
type = types.port;
|
||||
description = ''
|
||||
Port for the mpdscribble daemon to search for a mpd daemon on.
|
||||
'';
|
||||
};
|
||||
|
||||
endpoints = mkOption {
|
||||
type = (let
|
||||
endpoint = { name, ... }: {
|
||||
options = {
|
||||
url = mkOption {
|
||||
type = types.str;
|
||||
default = endpointUrls.${name} or "";
|
||||
description =
|
||||
"The url endpoint where the scrobble API is listening.";
|
||||
};
|
||||
username = mkOption {
|
||||
type = types.str;
|
||||
description = ''
|
||||
Username for the scrobble service.
|
||||
'';
|
||||
};
|
||||
passwordFile = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
description =
|
||||
"File containing the password, either as MD5SUM or cleartext.";
|
||||
};
|
||||
};
|
||||
};
|
||||
in types.attrsOf (types.submodule endpoint));
|
||||
default = { };
|
||||
example = {
|
||||
"last.fm" = {
|
||||
username = "foo";
|
||||
passwordFile = "/run/secrets/lastfm_password";
|
||||
};
|
||||
};
|
||||
description = ''
|
||||
Endpoints to scrobble to.
|
||||
If the endpoint is one of "${
|
||||
concatStringsSep "\", \"" (attrNames endpointUrls)
|
||||
}" the url is set automatically.
|
||||
'';
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
###### implementation
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
systemd.services.mpdscribble = {
|
||||
after = [ "network.target" ] ++ (optional localMpd "mpd.service");
|
||||
description = "mpdscribble mpd scrobble client";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
DynamicUser = true;
|
||||
StateDirectory = "mpdscribble";
|
||||
RuntimeDirectory = "mpdscribble";
|
||||
RuntimeDirectoryMode = "700";
|
||||
# TODO use LoadCredential= instead of running preStart with full privileges?
|
||||
ExecStartPre = "+${preStart}";
|
||||
ExecStart =
|
||||
"${pkgs.mpdscribble}/bin/mpdscribble --no-daemon --conf ${cfgFile}";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
}
|
|
@ -29,13 +29,7 @@ in
|
|||
|
||||
options = {
|
||||
services.tarsnap = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Enable periodic tarsnap backups.
|
||||
'';
|
||||
};
|
||||
enable = mkEnableOption "periodic tarsnap backups";
|
||||
|
||||
keyfile = mkOption {
|
||||
type = types.str;
|
||||
|
@ -279,7 +273,8 @@ in
|
|||
Tarsnap archive configurations. Each attribute names an archive
|
||||
to be created at a given time interval, according to the options
|
||||
associated with it. When uploading to the tarsnap server,
|
||||
archive names are suffixed by a 1 second resolution timestamp.
|
||||
archive names are suffixed by a 1 second resolution timestamp,
|
||||
with the format <literal>%Y%m%d%H%M%S</literal>.
|
||||
|
||||
For each member of the set is created a timer which triggers the
|
||||
instanced <literal>tarsnap-archive-name</literal> service unit. You may use
|
||||
|
|
|
@ -59,6 +59,7 @@ in
|
|||
|
||||
port = mkOption {
|
||||
default = "3050";
|
||||
type = types.port;
|
||||
description = ''
|
||||
Port Firebird uses.
|
||||
'';
|
||||
|
@ -66,6 +67,7 @@ in
|
|||
|
||||
user = mkOption {
|
||||
default = "firebird";
|
||||
type = types.str;
|
||||
description = ''
|
||||
User account under which firebird runs.
|
||||
'';
|
||||
|
@ -73,6 +75,7 @@ in
|
|||
|
||||
baseDir = mkOption {
|
||||
default = "/var/db/firebird"; # ubuntu is using /var/lib/firebird/2.1/data/.. ?
|
||||
type = types.str;
|
||||
description = ''
|
||||
Location containing data/ and system/ directories.
|
||||
data/ stores the databases, system/ stores the password database security2.fdb.
|
||||
|
|
|
@ -17,39 +17,44 @@ in
|
|||
options = {
|
||||
|
||||
services.memcached = {
|
||||
|
||||
enable = mkEnableOption "Memcached";
|
||||
|
||||
user = mkOption {
|
||||
type = types.str;
|
||||
default = "memcached";
|
||||
description = "The user to run Memcached as";
|
||||
};
|
||||
|
||||
listen = mkOption {
|
||||
type = types.str;
|
||||
default = "127.0.0.1";
|
||||
description = "The IP address to bind to";
|
||||
description = "The IP address to bind to.";
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
default = 11211;
|
||||
description = "The port to bind to";
|
||||
description = "The port to bind to.";
|
||||
};
|
||||
|
||||
enableUnixSocket = mkEnableOption "unix socket at /run/memcached/memcached.sock";
|
||||
|
||||
maxMemory = mkOption {
|
||||
type = types.ints.unsigned;
|
||||
default = 64;
|
||||
description = "The maximum amount of memory to use for storage, in megabytes.";
|
||||
};
|
||||
|
||||
maxConnections = mkOption {
|
||||
type = types.ints.unsigned;
|
||||
default = 1024;
|
||||
description = "The maximum number of simultaneous connections";
|
||||
description = "The maximum number of simultaneous connections.";
|
||||
};
|
||||
|
||||
extraOptions = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [];
|
||||
description = "A list of extra options that will be added as a suffix when running memcached";
|
||||
description = "A list of extra options that will be added as a suffix when running memcached.";
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
@ -41,16 +41,19 @@ in
|
|||
};
|
||||
|
||||
user = mkOption {
|
||||
type = types.str;
|
||||
default = "mongodb";
|
||||
description = "User account under which MongoDB runs";
|
||||
};
|
||||
|
||||
bind_ip = mkOption {
|
||||
type = types.str;
|
||||
default = "127.0.0.1";
|
||||
description = "IP to bind to";
|
||||
};
|
||||
|
||||
quiet = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = "quieter output";
|
||||
};
|
||||
|
@ -68,16 +71,19 @@ in
|
|||
};
|
||||
|
||||
dbpath = mkOption {
|
||||
type = types.str;
|
||||
default = "/var/db/mongodb";
|
||||
description = "Location where MongoDB stores its files";
|
||||
};
|
||||
|
||||
pidFile = mkOption {
|
||||
type = types.str;
|
||||
default = "/run/mongodb.pid";
|
||||
description = "Location of MongoDB pid file";
|
||||
};
|
||||
|
||||
replSetName = mkOption {
|
||||
type = types.str;
|
||||
default = "";
|
||||
description = ''
|
||||
If this instance is part of a replica set, set its name here.
|
||||
|
@ -86,6 +92,7 @@ in
|
|||
};
|
||||
|
||||
extraConfig = mkOption {
|
||||
type = types.lines;
|
||||
default = "";
|
||||
example = ''
|
||||
storage.journal.enabled: false
|
||||
|
|
|
@ -244,7 +244,7 @@ in {
|
|||
};
|
||||
};
|
||||
|
||||
meta.maintainers = with lib.maintainters; [ mic92 kwohlfahrt ];
|
||||
meta.maintainers = with lib.maintainers; [ mic92 kwohlfahrt ];
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
assertions = map (opt: {
|
||||
|
|
|
@ -122,12 +122,29 @@ in
|
|||
};
|
||||
|
||||
slaveOf = mkOption {
|
||||
default = null; # { ip, port }
|
||||
description = "An attribute set with two attributes: ip and port to which this redis instance acts as a slave.";
|
||||
type = with types; nullOr (submodule ({ ... }: {
|
||||
options = {
|
||||
ip = mkOption {
|
||||
type = str;
|
||||
description = "IP of the Redis master";
|
||||
example = "192.168.1.100";
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
type = port;
|
||||
description = "port of the Redis master";
|
||||
default = 6379;
|
||||
};
|
||||
};
|
||||
}));
|
||||
|
||||
default = null;
|
||||
description = "IP and port to which this redis instance acts as a slave.";
|
||||
example = { ip = "192.168.1.100"; port = 6379; };
|
||||
};
|
||||
|
||||
masterAuth = mkOption {
|
||||
type = with types; nullOr str;
|
||||
default = null;
|
||||
description = ''If the master is password protected (using the requirePass configuration)
|
||||
it is possible to tell the slave to authenticate before starting the replication synchronization
|
||||
|
|
|
@ -16,28 +16,33 @@ with lib;
|
|||
enable = mkEnableOption "Virtuoso Opensource database server";
|
||||
|
||||
config = mkOption {
|
||||
type = types.lines;
|
||||
default = "";
|
||||
description = "Extra options to put into Virtuoso configuration file.";
|
||||
};
|
||||
|
||||
parameters = mkOption {
|
||||
type = types.lines;
|
||||
default = "";
|
||||
description = "Extra options to put into [Parameters] section of Virtuoso configuration file.";
|
||||
};
|
||||
|
||||
listenAddress = mkOption {
|
||||
type = types.str;
|
||||
default = "1111";
|
||||
example = "myserver:1323";
|
||||
description = "ip:port or port to listen on.";
|
||||
};
|
||||
|
||||
httpListenAddress = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
example = "myserver:8080";
|
||||
description = "ip:port or port for Virtuoso HTTP server to listen on.";
|
||||
};
|
||||
|
||||
dirsAllowed = mkOption {
|
||||
type = types.nullOr types.str; # XXX Maybe use a list in the future?
|
||||
default = null;
|
||||
example = "/www, /home/";
|
||||
description = "A list of directories Virtuoso is allowed to access";
|
||||
|
|
|
@ -156,7 +156,7 @@ $ ./result/bin/emacs
|
|||
|
||||
let
|
||||
myEmacs = pkgs.emacs; <co xml:id="ex-emacsNix-2" />
|
||||
emacsWithPackages = (pkgs.emacsPackagesGen myEmacs).emacsWithPackages; <co xml:id="ex-emacsNix-3" />
|
||||
emacsWithPackages = (pkgs.emacsPackagesFor myEmacs).emacsWithPackages; <co xml:id="ex-emacsNix-3" />
|
||||
in
|
||||
emacsWithPackages (epkgs: (with epkgs.melpaStablePackages; [ <co xml:id="ex-emacsNix-4" />
|
||||
magit # ; Integrate git <C-x g>
|
||||
|
@ -254,10 +254,10 @@ in
|
|||
<example xml:id="module-services-emacs-querying-packages">
|
||||
<title>Querying Emacs packages</title>
|
||||
<programlisting><![CDATA[
|
||||
nix-env -f "<nixpkgs>" -qaP -A emacsPackages.elpaPackages
|
||||
nix-env -f "<nixpkgs>" -qaP -A emacsPackages.melpaPackages
|
||||
nix-env -f "<nixpkgs>" -qaP -A emacsPackages.melpaStablePackages
|
||||
nix-env -f "<nixpkgs>" -qaP -A emacsPackages.orgPackages
|
||||
nix-env -f "<nixpkgs>" -qaP -A emacs.pkgs.elpaPackages
|
||||
nix-env -f "<nixpkgs>" -qaP -A emacs.pkgs.melpaPackages
|
||||
nix-env -f "<nixpkgs>" -qaP -A emacs.pkgs.melpaStablePackages
|
||||
nix-env -f "<nixpkgs>" -qaP -A emacs.pkgs.orgPackages
|
||||
]]></programlisting>
|
||||
</example>
|
||||
</para>
|
||||
|
|
|
@ -25,8 +25,6 @@ let
|
|||
|
||||
clientRestrictions = concatStringsSep ", " (clientAccess ++ dnsBl);
|
||||
|
||||
smtpTlsSecurityLevel = if cfg.useDane then "dane" else "may";
|
||||
|
||||
mainCf = let
|
||||
escape = replaceStrings ["$"] ["$$"];
|
||||
mkList = items: "\n " + concatStringsSep ",\n " items;
|
||||
|
@ -510,14 +508,6 @@ in
|
|||
'';
|
||||
};
|
||||
|
||||
useDane = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Sets smtp_tls_security_level to "dane" rather than "may". See postconf(5) for details.
|
||||
'';
|
||||
};
|
||||
|
||||
sslCert = mkOption {
|
||||
type = types.str;
|
||||
default = "";
|
||||
|
@ -819,13 +809,13 @@ in
|
|||
// optionalAttrs cfg.enableHeaderChecks { header_checks = [ "regexp:/etc/postfix/header_checks" ]; }
|
||||
// optionalAttrs (cfg.tlsTrustedAuthorities != "") {
|
||||
smtp_tls_CAfile = cfg.tlsTrustedAuthorities;
|
||||
smtp_tls_security_level = smtpTlsSecurityLevel;
|
||||
smtp_tls_security_level = mkDefault "may";
|
||||
}
|
||||
// optionalAttrs (cfg.sslCert != "") {
|
||||
smtp_tls_cert_file = cfg.sslCert;
|
||||
smtp_tls_key_file = cfg.sslKey;
|
||||
|
||||
smtp_tls_security_level = smtpTlsSecurityLevel;
|
||||
smtp_tls_security_level = mkDefault "may";
|
||||
|
||||
smtpd_tls_cert_file = cfg.sslCert;
|
||||
smtpd_tls_key_file = cfg.sslKey;
|
||||
|
@ -969,5 +959,9 @@ in
|
|||
imports = [
|
||||
(mkRemovedOptionModule [ "services" "postfix" "sslCACert" ]
|
||||
"services.postfix.sslCACert was replaced by services.postfix.tlsTrustedAuthorities. In case you intend that your server should validate requested client certificates use services.postfix.extraConfig.")
|
||||
|
||||
(mkChangedOptionModule [ "services" "postfix" "useDane" ]
|
||||
[ "services" "postfix" "config" "smtp_tls_security_level" ]
|
||||
(config: mkIf config.services.postfix.useDane "dane"))
|
||||
];
|
||||
}
|
||||
|
|
|
@ -349,7 +349,7 @@ in
|
|||
{
|
||||
DOMAIN = cfg.domain;
|
||||
STATIC_ROOT_PATH = cfg.staticRootPath;
|
||||
LFS_JWT_SECRET = "#jwtsecret#";
|
||||
LFS_JWT_SECRET = "#lfsjwtsecret#";
|
||||
ROOT_URL = cfg.rootUrl;
|
||||
}
|
||||
(mkIf cfg.enableUnixSocket {
|
||||
|
@ -381,6 +381,7 @@ in
|
|||
|
||||
security = {
|
||||
SECRET_KEY = "#secretkey#";
|
||||
INTERNAL_TOKEN = "#internaltoken#";
|
||||
INSTALL_LOCK = true;
|
||||
};
|
||||
|
||||
|
@ -396,6 +397,10 @@ in
|
|||
mailer = mkIf (cfg.mailerPasswordFile != null) {
|
||||
PASSWD = "#mailerpass#";
|
||||
};
|
||||
|
||||
oauth2 = {
|
||||
JWT_SECRET = "#oauth2jwtsecret#";
|
||||
};
|
||||
};
|
||||
|
||||
services.postgresql = optionalAttrs (usePostgresql && cfg.database.createDatabase) {
|
||||
|
@ -453,12 +458,22 @@ in
|
|||
description = "gitea";
|
||||
after = [ "network.target" ] ++ lib.optional usePostgresql "postgresql.service" ++ lib.optional useMysql "mysql.service";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
path = [ gitea pkgs.gitAndTools.git ];
|
||||
path = [ gitea pkgs.git ];
|
||||
|
||||
# In older versions the secret naming for JWT was kind of confusing.
|
||||
# The file jwt_secret hold the value for LFS_JWT_SECRET and JWT_SECRET
|
||||
# wasn't persistant at all.
|
||||
# To fix that, there is now the file oauth2_jwt_secret containing the
|
||||
# values for JWT_SECRET and the file jwt_secret gets renamed to
|
||||
# lfs_jwt_secret.
|
||||
# We have to consider this to stay compatible with older installations.
|
||||
preStart = let
|
||||
runConfig = "${cfg.stateDir}/custom/conf/app.ini";
|
||||
secretKey = "${cfg.stateDir}/custom/conf/secret_key";
|
||||
jwtSecret = "${cfg.stateDir}/custom/conf/jwt_secret";
|
||||
oauth2JwtSecret = "${cfg.stateDir}/custom/conf/oauth2_jwt_secret";
|
||||
oldLfsJwtSecret = "${cfg.stateDir}/custom/conf/jwt_secret"; # old file for LFS_JWT_SECRET
|
||||
lfsJwtSecret = "${cfg.stateDir}/custom/conf/lfs_jwt_secret"; # new file for LFS_JWT_SECRET
|
||||
internalToken = "${cfg.stateDir}/custom/conf/internal_token";
|
||||
in ''
|
||||
# copy custom configuration and generate a random secret key if needed
|
||||
${optionalString (cfg.useWizard == false) ''
|
||||
|
@ -468,24 +483,41 @@ in
|
|||
${gitea}/bin/gitea generate secret SECRET_KEY > ${secretKey}
|
||||
fi
|
||||
|
||||
if [ ! -e ${jwtSecret} ]; then
|
||||
${gitea}/bin/gitea generate secret LFS_JWT_SECRET > ${jwtSecret}
|
||||
# Migrate LFS_JWT_SECRET filename
|
||||
if [[ -e ${oldLfsJwtSecret} && ! -e ${lfsJwtSecret} ]]; then
|
||||
mv ${oldLfsJwtSecret} ${lfsJwtSecret}
|
||||
fi
|
||||
|
||||
KEY="$(head -n1 ${secretKey})"
|
||||
if [ ! -e ${oauth2JwtSecret} ]; then
|
||||
${gitea}/bin/gitea generate secret JWT_SECRET > ${oauth2JwtSecret}
|
||||
fi
|
||||
|
||||
if [ ! -e ${lfsJwtSecret} ]; then
|
||||
${gitea}/bin/gitea generate secret LFS_JWT_SECRET > ${lfsJwtSecret}
|
||||
fi
|
||||
|
||||
if [ ! -e ${internalToken} ]; then
|
||||
${gitea}/bin/gitea generate secret INTERNAL_TOKEN > ${internalToken}
|
||||
fi
|
||||
|
||||
SECRETKEY="$(head -n1 ${secretKey})"
|
||||
DBPASS="$(head -n1 ${cfg.database.passwordFile})"
|
||||
JWTSECRET="$(head -n1 ${jwtSecret})"
|
||||
OAUTH2JWTSECRET="$(head -n1 ${oauth2JwtSecret})"
|
||||
LFSJWTSECRET="$(head -n1 ${lfsJwtSecret})"
|
||||
INTERNALTOKEN="$(head -n1 ${internalToken})"
|
||||
${if (cfg.mailerPasswordFile == null) then ''
|
||||
MAILERPASSWORD="#mailerpass#"
|
||||
'' else ''
|
||||
MAILERPASSWORD="$(head -n1 ${cfg.mailerPasswordFile} || :)"
|
||||
''}
|
||||
sed -e "s,#secretkey#,$KEY,g" \
|
||||
sed -e "s,#secretkey#,$SECRETKEY,g" \
|
||||
-e "s,#dbpass#,$DBPASS,g" \
|
||||
-e "s,#jwtsecret#,$JWTSECRET,g" \
|
||||
-e "s,#oauth2jwtsecret#,$OAUTH2JWTSECRET,g" \
|
||||
-e "s,#lfsjwtsecret#,$LFSJWTSECRET,g" \
|
||||
-e "s,#internaltoken#,$INTERNALTOKEN,g" \
|
||||
-e "s,#mailerpass#,$MAILERPASSWORD,g" \
|
||||
-i ${runConfig}
|
||||
chmod 640 ${runConfig} ${secretKey} ${jwtSecret}
|
||||
chmod 640 ${runConfig} ${secretKey} ${oauth2JwtSecret} ${lfsJwtSecret} ${internalToken}
|
||||
''}
|
||||
|
||||
# update all hooks' binary paths
|
||||
|
@ -605,5 +637,5 @@ in
|
|||
timerConfig.OnCalendar = cfg.dump.interval;
|
||||
};
|
||||
};
|
||||
meta.maintainers = with lib.maintainers; [ srhb ];
|
||||
meta.maintainers = with lib.maintainers; [ srhb ma27 ];
|
||||
}
|
||||
|
|
|
@ -736,7 +736,7 @@ in {
|
|||
environment = gitlabEnv;
|
||||
path = with pkgs; [
|
||||
postgresqlPackage
|
||||
gitAndTools.git
|
||||
git
|
||||
ruby
|
||||
openssh
|
||||
nodejs
|
||||
|
@ -764,7 +764,7 @@ in {
|
|||
path = with pkgs; [
|
||||
openssh
|
||||
procps # See https://gitlab.com/gitlab-org/gitaly/issues/1562
|
||||
gitAndTools.git
|
||||
git
|
||||
cfg.packages.gitaly.rubyEnv
|
||||
cfg.packages.gitaly.rubyEnv.wrappedRuby
|
||||
gzip
|
||||
|
@ -806,7 +806,7 @@ in {
|
|||
wantedBy = [ "multi-user.target" ];
|
||||
path = with pkgs; [
|
||||
exiftool
|
||||
gitAndTools.git
|
||||
git
|
||||
gnutar
|
||||
gzip
|
||||
openssh
|
||||
|
@ -854,7 +854,7 @@ in {
|
|||
environment = gitlabEnv;
|
||||
path = with pkgs; [
|
||||
postgresqlPackage
|
||||
gitAndTools.git
|
||||
git
|
||||
openssh
|
||||
nodejs
|
||||
procps
|
||||
|
|
|
@ -227,6 +227,6 @@ in
|
|||
};
|
||||
|
||||
environment.systemPackages = [ pkgs.gitolite pkgs.git ]
|
||||
++ optional cfg.enableGitAnnex pkgs.gitAndTools.git-annex;
|
||||
++ optional cfg.enableGitAnnex pkgs.git-annex;
|
||||
});
|
||||
}
|
||||
|
|
|
@ -69,6 +69,9 @@ in {
|
|||
# i.e. to delegate from the host being accessible as ${config.networking.domain}
|
||||
# to another host actually running the Matrix homeserver.
|
||||
"${config.networking.domain}" = {
|
||||
<link linkend="opt-services.nginx.virtualHosts._name_.enableACME">enableACME</link> = true;
|
||||
<link linkend="opt-services.nginx.virtualHosts._name_.forceSSL">forceSSL</link> = true;
|
||||
|
||||
<link linkend="opt-services.nginx.virtualHosts._name_.locations._name_.extraConfig">locations."= /.well-known/matrix/server".extraConfig</link> =
|
||||
let
|
||||
# use 443 instead of the default 8448 port to unite
|
||||
|
|
78
third_party/nixpkgs/nixos/modules/services/misc/nzbhydra2.nix
vendored
Normal file
78
third_party/nixpkgs/nixos/modules/services/misc/nzbhydra2.nix
vendored
Normal file
|
@ -0,0 +1,78 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let cfg = config.services.nzbhydra2;
|
||||
|
||||
in {
|
||||
options = {
|
||||
services.nzbhydra2 = {
|
||||
enable = mkEnableOption "NZBHydra2";
|
||||
|
||||
dataDir = mkOption {
|
||||
type = types.str;
|
||||
default = "/var/lib/nzbhydra2";
|
||||
description = "The directory where NZBHydra2 stores its data files.";
|
||||
};
|
||||
|
||||
openFirewall = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description =
|
||||
"Open ports in the firewall for the NZBHydra2 web interface.";
|
||||
};
|
||||
|
||||
package = mkOption {
|
||||
type = types.package;
|
||||
default = pkgs.nzbhydra2;
|
||||
defaultText = "pkgs.nzbhydra2";
|
||||
description = "NZBHydra2 package to use.";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
systemd.tmpfiles.rules =
|
||||
[ "d '${cfg.dataDir}' 0700 nzbhydra2 nzbhydra2 - -" ];
|
||||
|
||||
systemd.services.nzbhydra2 = {
|
||||
description = "NZBHydra2";
|
||||
after = [ "network.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
serviceConfig = {
|
||||
Type = "simple";
|
||||
User = "nzbhydra2";
|
||||
Group = "nzbhydra2";
|
||||
ExecStart =
|
||||
"${cfg.package}/bin/nzbhydra2 --nobrowser --datafolder '${cfg.dataDir}'";
|
||||
Restart = "on-failure";
|
||||
# Hardening
|
||||
NoNewPrivileges = true;
|
||||
PrivateTmp = true;
|
||||
PrivateDevices = true;
|
||||
DevicePolicy = "closed";
|
||||
ProtectSystem = "strict";
|
||||
ReadWritePaths = cfg.dataDir;
|
||||
ProtectHome = "read-only";
|
||||
ProtectControlGroups = true;
|
||||
ProtectKernelModules = true;
|
||||
ProtectKernelTunables = true;
|
||||
RestrictAddressFamilies ="AF_UNIX AF_INET AF_INET6 AF_NETLINK";
|
||||
RestrictNamespaces = true;
|
||||
RestrictRealtime = true;
|
||||
RestrictSUIDSGID = true;
|
||||
LockPersonality = true;
|
||||
};
|
||||
};
|
||||
|
||||
networking.firewall = mkIf cfg.openFirewall { allowedTCPPorts = [ 5076 ]; };
|
||||
|
||||
users.users.nzbhydra2 = {
|
||||
group = "nzbhydra2";
|
||||
isSystemUser = true;
|
||||
};
|
||||
|
||||
users.groups.nzbhydra2 = {};
|
||||
};
|
||||
}
|
|
@ -230,7 +230,7 @@ in
|
|||
production = {
|
||||
scm_subversion_command = "${pkgs.subversion}/bin/svn";
|
||||
scm_mercurial_command = "${pkgs.mercurial}/bin/hg";
|
||||
scm_git_command = "${pkgs.gitAndTools.git}/bin/git";
|
||||
scm_git_command = "${pkgs.git}/bin/git";
|
||||
scm_cvs_command = "${pkgs.cvs}/bin/cvs";
|
||||
scm_bazaar_command = "${pkgs.breezy}/bin/bzr";
|
||||
scm_darcs_command = "${pkgs.darcs}/bin/darcs";
|
||||
|
@ -299,7 +299,7 @@ in
|
|||
breezy
|
||||
cvs
|
||||
darcs
|
||||
gitAndTools.git
|
||||
git
|
||||
mercurial
|
||||
subversion
|
||||
];
|
||||
|
|
|
@ -370,6 +370,14 @@ let
|
|||
List of file service discovery configurations.
|
||||
'';
|
||||
|
||||
gce_sd_configs = mkOpt (types.listOf promTypes.gce_sd_config) ''
|
||||
List of Google Compute Engine service discovery configurations.
|
||||
|
||||
See <link
|
||||
xlink:href="https://prometheus.io/docs/prometheus/latest/configuration/configuration/#gce_sd_config">the
|
||||
relevant Prometheus configuration docs</link> for more detail.
|
||||
'';
|
||||
|
||||
static_configs = mkOpt (types.listOf promTypes.static_config) ''
|
||||
List of labeled target groups for this job.
|
||||
'';
|
||||
|
@ -555,6 +563,52 @@ let
|
|||
};
|
||||
};
|
||||
|
||||
promTypes.gce_sd_config = types.submodule {
|
||||
options = {
|
||||
# Use `mkOption` instead of `mkOpt` for project and zone because they are
|
||||
# required configuration values for `gce_sd_config`.
|
||||
project = mkOption {
|
||||
type = types.str;
|
||||
description = ''
|
||||
The GCP Project.
|
||||
'';
|
||||
};
|
||||
|
||||
zone = mkOption {
|
||||
type = types.str;
|
||||
description = ''
|
||||
The zone of the scrape targets. If you need multiple zones use multiple
|
||||
gce_sd_configs.
|
||||
'';
|
||||
};
|
||||
|
||||
filter = mkOpt types.str ''
|
||||
Filter can be used optionally to filter the instance list by other
|
||||
criteria Syntax of this filter string is described here in the filter
|
||||
query parameter section: <link
|
||||
xlink:href="https://cloud.google.com/compute/docs/reference/latest/instances/list"
|
||||
/>.
|
||||
'';
|
||||
|
||||
refresh_interval = mkDefOpt types.str "60s" ''
|
||||
Refresh interval to re-read the cloud instance list.
|
||||
'';
|
||||
|
||||
port = mkDefOpt types.port "80" ''
|
||||
The port to scrape metrics from. If using the public IP address, this
|
||||
must instead be specified in the relabeling rule.
|
||||
'';
|
||||
|
||||
tag_separator = mkDefOpt types.str "," ''
|
||||
The tag separator used to separate concatenated GCE instance network tags.
|
||||
|
||||
See the GCP documentation on network tags for more information: <link
|
||||
xlink:href="https://cloud.google.com/vpc/docs/add-remove-network-tags"
|
||||
/>
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
promTypes.relabel_config = types.submodule {
|
||||
options = {
|
||||
source_labels = mkOpt (types.listOf types.str) ''
|
||||
|
|
|
@ -22,6 +22,11 @@ in {
|
|||
|
||||
systemd.packages = [ pkgs.iwd ];
|
||||
|
||||
systemd.network.links."80-iwd" = {
|
||||
matchConfig.Type = "wlan";
|
||||
linkConfig.NamePolicy = "keep kernel";
|
||||
};
|
||||
|
||||
systemd.services.iwd.wantedBy = [ "multi-user.target" ];
|
||||
};
|
||||
|
||||
|
|
|
@ -109,6 +109,13 @@ in
|
|||
description = "Host to bind to. Defaults binding on all addresses.";
|
||||
};
|
||||
|
||||
package = mkOption {
|
||||
type = types.package;
|
||||
default = pkgs.murmur;
|
||||
defaultText = "pkgs.murmur";
|
||||
description = "Overridable attribute of the murmur package to use.";
|
||||
};
|
||||
|
||||
password = mkOption {
|
||||
type = types.str;
|
||||
default = "";
|
||||
|
@ -299,7 +306,7 @@ in
|
|||
Type = if forking then "forking" else "simple";
|
||||
PIDFile = mkIf forking "/run/murmur/murmurd.pid";
|
||||
EnvironmentFile = mkIf (cfg.environmentFile != null) cfg.environmentFile;
|
||||
ExecStart = "${pkgs.murmur}/bin/murmurd -ini /run/murmur/murmurd.ini";
|
||||
ExecStart = "${cfg.package}/bin/murmurd -ini /run/murmur/murmurd.ini";
|
||||
Restart = "always";
|
||||
RuntimeDirectory = "murmur";
|
||||
RuntimeDirectoryMode = "0700";
|
||||
|
|
|
@ -1,34 +1,114 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
{ options, config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
|
||||
runDir = "/run/searx";
|
||||
cfg = config.services.searx;
|
||||
|
||||
configFile = cfg.configFile;
|
||||
generateConfig = ''
|
||||
cd ${runDir}
|
||||
|
||||
# write NixOS settings as JSON
|
||||
cat <<'EOF' > settings.yml
|
||||
${builtins.toJSON cfg.settings}
|
||||
EOF
|
||||
|
||||
# substitute environment variables
|
||||
env -0 | while IFS='=' read -r -d ''' n v; do
|
||||
sed "s#@$n@#$v#g" -i settings.yml
|
||||
done
|
||||
|
||||
# set strict permissions
|
||||
chmod 400 settings.yml
|
||||
'';
|
||||
|
||||
settingType = with types; (oneOf
|
||||
[ bool int float str
|
||||
(listOf settingType)
|
||||
(attrsOf settingType)
|
||||
]) // { description = "JSON value"; };
|
||||
|
||||
in
|
||||
|
||||
{
|
||||
|
||||
imports = [
|
||||
(mkRenamedOptionModule
|
||||
[ "services" "searx" "configFile" ]
|
||||
[ "services" "searx" "settingsFile" ])
|
||||
];
|
||||
|
||||
###### interface
|
||||
|
||||
options = {
|
||||
|
||||
services.searx = {
|
||||
|
||||
enable = mkEnableOption
|
||||
"the searx server. See https://github.com/asciimoo/searx";
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
relatedPackages = [ "searx" ];
|
||||
description = "Whether to enable Searx, the meta search engine.";
|
||||
};
|
||||
|
||||
configFile = mkOption {
|
||||
environmentFile = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
default = null;
|
||||
description = "
|
||||
The path of the Searx server configuration file. If no file
|
||||
is specified, a default file is used (default config file has
|
||||
debug mode enabled).
|
||||
";
|
||||
description = ''
|
||||
Environment file (see <literal>systemd.exec(5)</literal>
|
||||
"EnvironmentFile=" section for the syntax) to define variables for
|
||||
Searx. This option can be used to safely include secret keys into the
|
||||
Searx configuration.
|
||||
'';
|
||||
};
|
||||
|
||||
settings = mkOption {
|
||||
type = types.attrsOf settingType;
|
||||
default = { };
|
||||
example = literalExample ''
|
||||
{ server.port = 8080;
|
||||
server.bind_address = "0.0.0.0";
|
||||
server.secret_key = "@SEARX_SECRET_KEY@";
|
||||
|
||||
engines = lib.singleton
|
||||
{ name = "wolframalpha";
|
||||
shortcut = "wa";
|
||||
api_key = "@WOLFRAM_API_KEY@";
|
||||
engine = "wolframalpha_api";
|
||||
};
|
||||
}
|
||||
'';
|
||||
description = ''
|
||||
Searx settings. These will be merged with (taking precedence over)
|
||||
the default configuration. It's also possible to refer to
|
||||
environment variables
|
||||
(defined in <xref linkend="opt-services.searx.environmentFile"/>)
|
||||
using the syntax <literal>@VARIABLE_NAME@</literal>.
|
||||
<note>
|
||||
<para>
|
||||
For available settings, see the Searx
|
||||
<link xlink:href="https://searx.github.io/searx/admin/settings.html">docs</link>.
|
||||
</para>
|
||||
</note>
|
||||
'';
|
||||
};
|
||||
|
||||
settingsFile = mkOption {
|
||||
type = types.path;
|
||||
default = "${runDir}/settings.yml";
|
||||
description = ''
|
||||
The path of the Searx server settings.yml file. If no file is
|
||||
specified, a default file is used (default config file has debug mode
|
||||
enabled). Note: setting this options overrides
|
||||
<xref linkend="opt-services.searx.settings"/>.
|
||||
<warning>
|
||||
<para>
|
||||
This file, along with any secret key it contains, will be copied
|
||||
into the world-readable Nix store.
|
||||
</para>
|
||||
</warning>
|
||||
'';
|
||||
};
|
||||
|
||||
package = mkOption {
|
||||
|
@ -38,6 +118,38 @@ in
|
|||
description = "searx package to use.";
|
||||
};
|
||||
|
||||
runInUwsgi = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to run searx in uWSGI as a "vassal", instead of using its
|
||||
built-in HTTP server. This is the recommended mode for public or
|
||||
large instances, but is unecessary for LAN or local-only use.
|
||||
<warning>
|
||||
<para>
|
||||
The built-in HTTP server logs all queries by default.
|
||||
</para>
|
||||
</warning>
|
||||
'';
|
||||
};
|
||||
|
||||
uwsgiConfig = mkOption {
|
||||
type = options.services.uwsgi.instance.type;
|
||||
default = { http = ":8080"; };
|
||||
example = literalExample ''
|
||||
{
|
||||
disable-logging = true;
|
||||
http = ":8080"; # serve via HTTP...
|
||||
socket = "/run/searx/searx.sock"; # ...or UNIX socket
|
||||
}
|
||||
'';
|
||||
description = ''
|
||||
Additional configuration of the uWSGI vassal running searx. It
|
||||
should notably specify on which interfaces and ports the vassal
|
||||
should listen.
|
||||
'';
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
};
|
||||
|
@ -45,36 +157,74 @@ in
|
|||
|
||||
###### implementation
|
||||
|
||||
config = mkIf config.services.searx.enable {
|
||||
|
||||
users.users.searx =
|
||||
{ uid = config.ids.uids.searx;
|
||||
description = "Searx user";
|
||||
createHome = true;
|
||||
home = "/var/lib/searx";
|
||||
};
|
||||
|
||||
users.groups.searx =
|
||||
{ gid = config.ids.gids.searx;
|
||||
};
|
||||
|
||||
systemd.services.searx =
|
||||
{
|
||||
description = "Searx server, the meta search engine.";
|
||||
after = [ "network.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
User = "searx";
|
||||
ExecStart = "${cfg.package}/bin/searx-run";
|
||||
};
|
||||
} // (optionalAttrs (configFile != null) {
|
||||
environment.SEARX_SETTINGS_PATH = configFile;
|
||||
});
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
environment.systemPackages = [ cfg.package ];
|
||||
|
||||
users.users.searx =
|
||||
{ description = "Searx daemon user";
|
||||
group = "searx";
|
||||
isSystemUser = true;
|
||||
};
|
||||
|
||||
meta.maintainers = with lib.maintainers; [ rnhmjoj ];
|
||||
users.groups.searx = { };
|
||||
|
||||
systemd.services.searx-init = {
|
||||
description = "Initialise Searx settings";
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
RemainAfterExit = true;
|
||||
User = "searx";
|
||||
RuntimeDirectory = "searx";
|
||||
RuntimeDirectoryMode = "750";
|
||||
} // optionalAttrs (cfg.environmentFile != null)
|
||||
{ EnvironmentFile = builtins.toPath cfg.environmentFile; };
|
||||
script = generateConfig;
|
||||
};
|
||||
|
||||
systemd.services.searx = mkIf (!cfg.runInUwsgi) {
|
||||
description = "Searx server, the meta search engine.";
|
||||
wantedBy = [ "network.target" "multi-user.target" ];
|
||||
requires = [ "searx-init.service" ];
|
||||
after = [ "searx-init.service" ];
|
||||
serviceConfig = {
|
||||
User = "searx";
|
||||
Group = "searx";
|
||||
ExecStart = "${cfg.package}/bin/searx-run";
|
||||
} // optionalAttrs (cfg.environmentFile != null)
|
||||
{ EnvironmentFile = builtins.toPath cfg.environmentFile; };
|
||||
environment.SEARX_SETTINGS_PATH = cfg.settingsFile;
|
||||
};
|
||||
|
||||
systemd.services.uwsgi = mkIf (cfg.runInUwsgi)
|
||||
{ requires = [ "searx-init.service" ];
|
||||
after = [ "searx-init.service" ];
|
||||
};
|
||||
|
||||
services.searx.settings = {
|
||||
# merge NixOS settings with defaults settings.yml
|
||||
use_default_settings = mkDefault true;
|
||||
};
|
||||
|
||||
services.uwsgi = mkIf (cfg.runInUwsgi) {
|
||||
enable = true;
|
||||
plugins = [ "python3" ];
|
||||
|
||||
instance.type = "emperor";
|
||||
instance.vassals.searx = {
|
||||
type = "normal";
|
||||
strict = true;
|
||||
immediate-uid = "searx";
|
||||
immediate-gid = "searx";
|
||||
lazy-apps = true;
|
||||
enable-threads = true;
|
||||
module = "searx.webapp";
|
||||
env = [ "SEARX_SETTINGS_PATH=${cfg.settingsFile}" ];
|
||||
pythonPackages = self: [ cfg.package ];
|
||||
} // cfg.uwsgiConfig;
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
meta.maintainers = with maintainers; [ rnhmjoj ];
|
||||
|
||||
}
|
||||
|
|
|
@ -43,9 +43,9 @@ in
|
|||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
services.dbus.packages = [ pkgs.fprintd ];
|
||||
services.dbus.packages = [ cfg.package ];
|
||||
|
||||
environment.systemPackages = [ pkgs.fprintd ];
|
||||
environment.systemPackages = [ cfg.package ];
|
||||
|
||||
systemd.packages = [ cfg.package ];
|
||||
|
||||
|
|
|
@ -909,8 +909,11 @@ in
|
|||
|
||||
networking.firewall = mkIf cfg.openFirewall {
|
||||
allowedTCPPorts =
|
||||
concatMap (o: optional (isInt o && o > 0 || o ? "port" && isInt o.port && o.port > 0) o.port)
|
||||
(flatten [
|
||||
concatMap (o:
|
||||
if isInt o && o > 0 then [o]
|
||||
else if o ? "port" && isInt o.port && o.port > 0 then [o.port]
|
||||
else []
|
||||
) (flatten [
|
||||
cfg.settings.ORPort
|
||||
cfg.settings.DirPort
|
||||
]);
|
||||
|
|
|
@ -44,7 +44,7 @@ let
|
|||
in
|
||||
{
|
||||
options.services.ihatemoney = {
|
||||
enable = mkEnableOption "ihatemoney webapp. Note that this will set uwsgi to emperor mode running as root";
|
||||
enable = mkEnableOption "ihatemoney webapp. Note that this will set uwsgi to emperor mode";
|
||||
backend = mkOption {
|
||||
type = types.enum [ "sqlite" "postgresql" ];
|
||||
default = "sqlite";
|
||||
|
@ -116,16 +116,13 @@ in
|
|||
services.uwsgi = {
|
||||
enable = true;
|
||||
plugins = [ "python3" ];
|
||||
# the vassal needs to be able to setuid
|
||||
user = "root";
|
||||
group = "root";
|
||||
instance = {
|
||||
type = "emperor";
|
||||
vassals.ihatemoney = {
|
||||
type = "normal";
|
||||
strict = true;
|
||||
uid = user;
|
||||
gid = group;
|
||||
immediate-uid = user;
|
||||
immediate-gid = group;
|
||||
# apparently flask uses threads: https://github.com/spiral-project/ihatemoney/commit/c7815e48781b6d3a457eaff1808d179402558f8c
|
||||
enable-threads = true;
|
||||
module = "wsgi:application";
|
||||
|
|
45
third_party/nixpkgs/nixos/modules/services/web-apps/whitebophir.nix
vendored
Normal file
45
third_party/nixpkgs/nixos/modules/services/web-apps/whitebophir.nix
vendored
Normal file
|
@ -0,0 +1,45 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.whitebophir;
|
||||
in {
|
||||
options = {
|
||||
services.whitebophir = {
|
||||
enable = mkEnableOption "whitebophir, an online collaborative whiteboard server (persistent state will be maintained under <filename>/var/lib/whitebophir</filename>)";
|
||||
|
||||
package = mkOption {
|
||||
default = pkgs.whitebophir;
|
||||
defaultText = "pkgs.whitebophir";
|
||||
type = types.package;
|
||||
description = "Whitebophir package to use.";
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
default = 5001;
|
||||
description = "Port to bind to.";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
systemd.services.whitebophir = {
|
||||
description = "Whitebophir Service";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "network.target" ];
|
||||
environment = {
|
||||
PORT = "${toString cfg.port}";
|
||||
WBO_HISTORY_DIR = "/var/lib/whitebophir";
|
||||
};
|
||||
|
||||
serviceConfig = {
|
||||
DynamicUser = true;
|
||||
ExecStart = "${cfg.package}/bin/whitebophir";
|
||||
Restart = "always";
|
||||
StateDirectory = "whitebophir";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -5,11 +5,24 @@ with lib;
|
|||
let
|
||||
cfg = config.services.uwsgi;
|
||||
|
||||
isEmperor = cfg.instance.type == "emperor";
|
||||
|
||||
imperialPowers =
|
||||
[
|
||||
# spawn other user processes
|
||||
"CAP_SETUID" "CAP_SETGID"
|
||||
"CAP_SYS_CHROOT"
|
||||
# transfer capabilities
|
||||
"CAP_SETPCAP"
|
||||
# create other user sockets
|
||||
"CAP_CHOWN"
|
||||
];
|
||||
|
||||
buildCfg = name: c:
|
||||
let
|
||||
plugins =
|
||||
if any (n: !any (m: m == n) cfg.plugins) (c.plugins or [])
|
||||
then throw "`plugins` attribute in UWSGI configuration contains plugins not in config.services.uwsgi.plugins"
|
||||
then throw "`plugins` attribute in uWSGI configuration contains plugins not in config.services.uwsgi.plugins"
|
||||
else c.plugins or cfg.plugins;
|
||||
|
||||
hasPython = v: filter (n: n == "python${v}") plugins != [];
|
||||
|
@ -18,7 +31,7 @@ let
|
|||
|
||||
python =
|
||||
if hasPython2 && hasPython3 then
|
||||
throw "`plugins` attribute in UWSGI configuration shouldn't contain both python2 and python3"
|
||||
throw "`plugins` attribute in uWSGI configuration shouldn't contain both python2 and python3"
|
||||
else if hasPython2 then cfg.package.python2
|
||||
else if hasPython3 then cfg.package.python3
|
||||
else null;
|
||||
|
@ -43,7 +56,7 @@ let
|
|||
oldPaths = filter (x: x != null) (map getPath env');
|
||||
in env' ++ [ "PATH=${optionalString (oldPaths != []) "${last oldPaths}:"}${pythonEnv}/bin" ];
|
||||
}
|
||||
else if c.type == "emperor"
|
||||
else if isEmperor
|
||||
then {
|
||||
emperor = if builtins.typeOf c.vassals != "set" then c.vassals
|
||||
else pkgs.buildEnv {
|
||||
|
@ -51,7 +64,7 @@ let
|
|||
paths = mapAttrsToList buildCfg c.vassals;
|
||||
};
|
||||
} // removeAttrs c [ "type" "vassals" ]
|
||||
else throw "`type` attribute in UWSGI configuration should be either 'normal' or 'emperor'";
|
||||
else throw "`type` attribute in uWSGI configuration should be either 'normal' or 'emperor'";
|
||||
};
|
||||
|
||||
in pkgs.writeTextDir "${name}.json" (builtins.toJSON uwsgiCfg);
|
||||
|
@ -79,7 +92,7 @@ in {
|
|||
};
|
||||
|
||||
instance = mkOption {
|
||||
type = with lib.types; let
|
||||
type = with types; let
|
||||
valueType = nullOr (oneOf [
|
||||
bool
|
||||
int
|
||||
|
@ -137,31 +150,65 @@ in {
|
|||
user = mkOption {
|
||||
type = types.str;
|
||||
default = "uwsgi";
|
||||
description = "User account under which uwsgi runs.";
|
||||
description = "User account under which uWSGI runs.";
|
||||
};
|
||||
|
||||
group = mkOption {
|
||||
type = types.str;
|
||||
default = "uwsgi";
|
||||
description = "Group account under which uwsgi runs.";
|
||||
description = "Group account under which uWSGI runs.";
|
||||
};
|
||||
|
||||
capabilities = mkOption {
|
||||
type = types.listOf types.str;
|
||||
apply = caps: caps ++ optionals isEmperor imperialPowers;
|
||||
default = [ ];
|
||||
example = literalExample ''
|
||||
[
|
||||
"CAP_NET_BIND_SERVICE" # bind on ports <1024
|
||||
"CAP_NET_RAW" # open raw sockets
|
||||
]
|
||||
'';
|
||||
description = ''
|
||||
Grant capabilities to the uWSGI instance. See the
|
||||
<literal>capabilities(7)</literal> for available values.
|
||||
<note>
|
||||
<para>
|
||||
uWSGI runs as an unprivileged user (even as Emperor) with the minimal
|
||||
capabilities required. This option can be used to add fine-grained
|
||||
permissions without running the service as root.
|
||||
</para>
|
||||
<para>
|
||||
When in Emperor mode, any capability to be inherited by a vassal must
|
||||
be specified again in the vassal configuration using <literal>cap</literal>.
|
||||
See the uWSGI <link
|
||||
xlink:href="https://uwsgi-docs.readthedocs.io/en/latest/Capabilities.html">docs</link>
|
||||
for more information.
|
||||
</para>
|
||||
</note>
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
systemd.tmpfiles.rules = optional (cfg.runDir != "/run/uwsgi") ''
|
||||
d ${cfg.runDir} 775 ${cfg.user} ${cfg.group}
|
||||
'';
|
||||
|
||||
systemd.services.uwsgi = {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
preStart = ''
|
||||
mkdir -p ${cfg.runDir}
|
||||
chown ${cfg.user}:${cfg.group} ${cfg.runDir}
|
||||
'';
|
||||
serviceConfig = {
|
||||
User = cfg.user;
|
||||
Group = cfg.group;
|
||||
Type = "notify";
|
||||
ExecStart = "${cfg.package}/bin/uwsgi --uid ${cfg.user} --gid ${cfg.group} --json ${buildCfg "server" cfg.instance}/server.json";
|
||||
ExecStart = "${cfg.package}/bin/uwsgi --json ${buildCfg "server" cfg.instance}/server.json";
|
||||
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
|
||||
ExecStop = "${pkgs.coreutils}/bin/kill -INT $MAINPID";
|
||||
NotifyAccess = "main";
|
||||
KillSignal = "SIGQUIT";
|
||||
AmbientCapabilities = cfg.capabilities;
|
||||
CapabilityBoundingSet = cfg.capabilities;
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
@ -19,7 +19,7 @@ let
|
|||
|
||||
defaultFavoriteAppsOverride = ''
|
||||
[org.gnome.shell]
|
||||
favorite-apps=[ 'org.gnome.Geary.desktop', 'org.gnome.Calendar.desktop', 'org.gnome.Music.desktop', 'org.gnome.Photos.desktop', 'org.gnome.Nautilus.desktop' ]
|
||||
favorite-apps=[ 'org.gnome.Epiphany.desktop', 'org.gnome.Geary.desktop', 'org.gnome.Calendar.desktop', 'org.gnome.Music.desktop', 'org.gnome.Photos.desktop', 'org.gnome.Nautilus.desktop' ]
|
||||
'';
|
||||
|
||||
nixos-gsettings-desktop-schemas = let
|
||||
|
@ -409,9 +409,7 @@ in
|
|||
baobab
|
||||
cheese
|
||||
eog
|
||||
/* Not in good standing on nixos:
|
||||
* https://github.com/NixOS/nixpkgs/issues/98819
|
||||
/* epiphany */
|
||||
epiphany
|
||||
gedit
|
||||
gnome-calculator
|
||||
gnome-calendar
|
||||
|
|
|
@ -15,10 +15,10 @@ in
|
|||
services.xserver.windowManager.session = singleton {
|
||||
name = "clfswm";
|
||||
start = ''
|
||||
${pkgs.clfswm}/bin/clfswm &
|
||||
${pkgs.lispPackages.clfswm}/bin/clfswm &
|
||||
waitPID=$!
|
||||
'';
|
||||
};
|
||||
environment.systemPackages = [ pkgs.clfswm ];
|
||||
environment.systemPackages = [ pkgs.lispPackages.clfswm ];
|
||||
};
|
||||
}
|
||||
|
|
|
@ -13,6 +13,7 @@ in
|
|||
./berry.nix
|
||||
./bspwm.nix
|
||||
./cwm.nix
|
||||
./clfswm.nix
|
||||
./dwm.nix
|
||||
./evilwm.nix
|
||||
./exwm.nix
|
||||
|
|
|
@ -48,7 +48,7 @@ in
|
|||
description = ''
|
||||
Extra packages available to Emacs. The value must be a
|
||||
function which receives the attrset defined in
|
||||
<varname>emacsPackages</varname> as the sole argument.
|
||||
<varname>emacs.pkgs</varname> as the sole argument.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
|
|
@ -20,7 +20,7 @@ let
|
|||
timeoutStr = if blCfg.timeout == null then "-1" else toString blCfg.timeout;
|
||||
|
||||
isAarch64 = pkgs.stdenv.hostPlatform.isAarch64;
|
||||
optional = pkgs.stdenv.lib.optionalString;
|
||||
optional = pkgs.lib.optionalString;
|
||||
|
||||
configTxt =
|
||||
pkgs.writeText "config.txt" (''
|
||||
|
|
|
@ -22,7 +22,7 @@ let
|
|||
rootModules = config.boot.initrd.availableKernelModules ++ config.boot.initrd.kernelModules;
|
||||
kernel = modulesTree;
|
||||
firmware = firmware;
|
||||
allowMissing = true;
|
||||
allowMissing = false;
|
||||
};
|
||||
|
||||
|
||||
|
@ -513,7 +513,12 @@ in
|
|||
};
|
||||
|
||||
boot.initrd.compressor = mkOption {
|
||||
default = "gzip";
|
||||
default = (
|
||||
if lib.versionAtLeast config.boot.kernelPackages.kernel.version "5.9"
|
||||
then "zstd"
|
||||
else "gzip"
|
||||
);
|
||||
defaultText = "zstd if the kernel supports it (5.9+), gzip if not.";
|
||||
type = types.unspecified; # We don't have a function type...
|
||||
description = ''
|
||||
The compressor to use on the initrd image. May be any of:
|
||||
|
|
|
@ -34,6 +34,7 @@ with lib;
|
|||
{
|
||||
what = "tmpfs";
|
||||
where = "/tmp";
|
||||
type = "tmpfs";
|
||||
mountConfig.Options = [ "mode=1777" "strictatime" "rw" "nosuid" "nodev" "size=50%" ];
|
||||
}
|
||||
];
|
||||
|
|
|
@ -155,13 +155,11 @@ in
|
|||
users.groups.docker.gid = config.ids.gids.docker;
|
||||
systemd.packages = [ cfg.package ];
|
||||
|
||||
# TODO: remove once docker 20.10 is released
|
||||
systemd.enableUnifiedCgroupHierarchy = false;
|
||||
|
||||
systemd.services.docker = {
|
||||
wantedBy = optional cfg.enableOnBoot "multi-user.target";
|
||||
environment = proxy_env;
|
||||
serviceConfig = {
|
||||
Type = "notify";
|
||||
ExecStart = [
|
||||
""
|
||||
''
|
||||
|
@ -215,13 +213,10 @@ in
|
|||
message = "Option enableNvidia requires 32bit support libraries";
|
||||
}];
|
||||
}
|
||||
(mkIf cfg.enableNvidia {
|
||||
environment.etc."nvidia-container-runtime/config.toml".source = "${pkgs.nvidia-docker}/etc/config.toml";
|
||||
})
|
||||
]);
|
||||
|
||||
imports = [
|
||||
(mkRemovedOptionModule ["virtualisation" "docker" "socketActivation"] "This option was removed in favor of starting docker at boot")
|
||||
(mkRemovedOptionModule ["virtualisation" "docker" "socketActivation"] "This option was removed and socket activation is now always active")
|
||||
];
|
||||
|
||||
}
|
||||
|
|
|
@ -329,24 +329,24 @@ let self = {
|
|||
"20.03".ap-east-1.hvm-ebs = "ami-0d18fdd309cdefa86";
|
||||
"20.03".sa-east-1.hvm-ebs = "ami-09859378158ae971d";
|
||||
|
||||
# 20.09.1632.a6a3a368dda
|
||||
"20.09".eu-west-1.hvm-ebs = "ami-01a79d5ce435f4db3";
|
||||
"20.09".eu-west-2.hvm-ebs = "ami-0cbe14f32904e6331";
|
||||
"20.09".eu-west-3.hvm-ebs = "ami-07f493412d6213de6";
|
||||
"20.09".eu-central-1.hvm-ebs = "ami-01d4a0c2248cbfe38";
|
||||
"20.09".eu-north-1.hvm-ebs = "ami-0003f54dd99d68e0f";
|
||||
"20.09".us-east-1.hvm-ebs = "ami-068a62d478710462d";
|
||||
"20.09".us-east-2.hvm-ebs = "ami-01ac677ff61399caa";
|
||||
"20.09".us-west-1.hvm-ebs = "ami-04befdb203b4b17f6";
|
||||
"20.09".us-west-2.hvm-ebs = "ami-0fb7bd4a43261c6b2";
|
||||
"20.09".ca-central-1.hvm-ebs = "ami-06d5ee429f153f856";
|
||||
"20.09".ap-southeast-1.hvm-ebs = "ami-0db0304e23c535b2a";
|
||||
"20.09".ap-southeast-2.hvm-ebs = "ami-045983c4db7e36447";
|
||||
"20.09".ap-northeast-1.hvm-ebs = "ami-0beb18d632cf64e5a";
|
||||
"20.09".ap-northeast-2.hvm-ebs = "ami-0dd0316af578862db";
|
||||
"20.09".ap-south-1.hvm-ebs = "ami-008d15ced81c88aed";
|
||||
"20.09".ap-east-1.hvm-ebs = "ami-071f49713f86ea965";
|
||||
"20.09".sa-east-1.hvm-ebs = "ami-05ded1ae35209b5a8";
|
||||
# 20.09.2016.19db3e5ea27
|
||||
"20.09".eu-west-1.hvm-ebs = "ami-0057cb7d614329fa2";
|
||||
"20.09".eu-west-2.hvm-ebs = "ami-0d46f16e0bb0ec8fd";
|
||||
"20.09".eu-west-3.hvm-ebs = "ami-0e8985c3ea42f87fe";
|
||||
"20.09".eu-central-1.hvm-ebs = "ami-0eed77c38432886d2";
|
||||
"20.09".eu-north-1.hvm-ebs = "ami-0be5bcadd632bea14";
|
||||
"20.09".us-east-1.hvm-ebs = "ami-0a2cce52b42daccc8";
|
||||
"20.09".us-east-2.hvm-ebs = "ami-09378bf487b07a4d8";
|
||||
"20.09".us-west-1.hvm-ebs = "ami-09b4337b2a9e77485";
|
||||
"20.09".us-west-2.hvm-ebs = "ami-081d3bb5fbee0a1ac";
|
||||
"20.09".ca-central-1.hvm-ebs = "ami-020c24c6c607e7ac7";
|
||||
"20.09".ap-southeast-1.hvm-ebs = "ami-08f648d5db009e67d";
|
||||
"20.09".ap-southeast-2.hvm-ebs = "ami-0be390efaccbd40f9";
|
||||
"20.09".ap-northeast-1.hvm-ebs = "ami-0c3311601cbe8f927";
|
||||
"20.09".ap-northeast-2.hvm-ebs = "ami-0020146701f4d56cf";
|
||||
"20.09".ap-south-1.hvm-ebs = "ami-0117e2bd876bb40d1";
|
||||
"20.09".ap-east-1.hvm-ebs = "ami-0c42f97e5b1fda92f";
|
||||
"20.09".sa-east-1.hvm-ebs = "ami-021637976b094959d";
|
||||
|
||||
latest = self."20.09";
|
||||
}; in self
|
||||
|
|
|
@ -2,7 +2,6 @@
|
|||
let
|
||||
cfg = config.virtualisation.podman;
|
||||
toml = pkgs.formats.toml { };
|
||||
nvidia-docker = pkgs.nvidia-docker.override { containerRuntimePath = "${pkgs.runc}/bin/runc"; };
|
||||
|
||||
inherit (lib) mkOption types;
|
||||
|
||||
|
@ -100,8 +99,8 @@ in
|
|||
containersConf.extraConfig = lib.optionalString cfg.enableNvidia
|
||||
(builtins.readFile (toml.generate "podman.nvidia.containers.conf" {
|
||||
engine = {
|
||||
conmon_env_vars = [ "PATH=${lib.makeBinPath [ nvidia-docker ]}" ];
|
||||
runtimes.nvidia = [ "${nvidia-docker}/bin/nvidia-container-runtime" ];
|
||||
conmon_env_vars = [ "PATH=${lib.makeBinPath [ pkgs.nvidia-podman ]}" ];
|
||||
runtimes.nvidia = [ "${pkgs.nvidia-podman}/bin/nvidia-container-runtime" ];
|
||||
};
|
||||
}));
|
||||
};
|
||||
|
@ -111,14 +110,7 @@ in
|
|||
assertion = cfg.dockerCompat -> !config.virtualisation.docker.enable;
|
||||
message = "Option dockerCompat conflicts with docker";
|
||||
}
|
||||
{
|
||||
assertion = cfg.enableNvidia -> !config.virtualisation.docker.enableNvidia;
|
||||
message = "Option enableNvidia conflicts with docker.enableNvidia";
|
||||
}
|
||||
];
|
||||
}
|
||||
(lib.mkIf cfg.enableNvidia {
|
||||
environment.etc."nvidia-container-runtime/config.toml".source = "${nvidia-docker}/etc/podman-config.toml";
|
||||
})
|
||||
]);
|
||||
}
|
||||
|
|
2
third_party/nixpkgs/nixos/tests/3proxy.nix
vendored
2
third_party/nixpkgs/nixos/tests/3proxy.nix
vendored
|
@ -1,6 +1,6 @@
|
|||
import ./make-test-python.nix ({ pkgs, ...} : {
|
||||
name = "3proxy";
|
||||
meta = with pkgs.stdenv.lib.maintainers; {
|
||||
meta = with pkgs.lib.maintainers; {
|
||||
maintainers = [ misuzu ];
|
||||
};
|
||||
|
||||
|
|
2
third_party/nixpkgs/nixos/tests/agda.nix
vendored
2
third_party/nixpkgs/nixos/tests/agda.nix
vendored
|
@ -9,7 +9,7 @@ let
|
|||
in
|
||||
{
|
||||
name = "agda";
|
||||
meta = with pkgs.stdenv.lib.maintainers; {
|
||||
meta = with pkgs.lib.maintainers; {
|
||||
maintainers = [ alexarice turion ];
|
||||
};
|
||||
|
||||
|
|
|
@ -274,6 +274,7 @@ in
|
|||
novacomd = handleTestOn ["x86_64-linux"] ./novacomd.nix {};
|
||||
nsd = handleTest ./nsd.nix {};
|
||||
nzbget = handleTest ./nzbget.nix {};
|
||||
nzbhydra2 = handleTest ./nzbhydra2.nix {};
|
||||
oh-my-zsh = handleTest ./oh-my-zsh.nix {};
|
||||
openarena = handleTest ./openarena.nix {};
|
||||
openldap = handleTest ./openldap.nix {};
|
||||
|
@ -341,6 +342,7 @@ in
|
|||
sbt-extras = handleTest ./sbt-extras.nix {};
|
||||
scala = handleTest ./scala.nix {};
|
||||
sddm = handleTest ./sddm.nix {};
|
||||
searx = handleTest ./searx.nix {};
|
||||
service-runner = handleTest ./service-runner.nix {};
|
||||
shadow = handleTest ./shadow.nix {};
|
||||
shadowsocks = handleTest ./shadowsocks {};
|
||||
|
|
2
third_party/nixpkgs/nixos/tests/ammonite.nix
vendored
2
third_party/nixpkgs/nixos/tests/ammonite.nix
vendored
|
@ -1,6 +1,6 @@
|
|||
import ./make-test-python.nix ({ pkgs, ...} : {
|
||||
name = "ammonite";
|
||||
meta = with pkgs.stdenv.lib.maintainers; {
|
||||
meta = with pkgs.lib.maintainers; {
|
||||
maintainers = [ nequissimus ];
|
||||
};
|
||||
|
||||
|
|
2
third_party/nixpkgs/nixos/tests/atd.nix
vendored
2
third_party/nixpkgs/nixos/tests/atd.nix
vendored
|
@ -2,7 +2,7 @@ import ./make-test-python.nix ({ pkgs, ... }:
|
|||
|
||||
{
|
||||
name = "atd";
|
||||
meta = with pkgs.stdenv.lib.maintainers; {
|
||||
meta = with pkgs.lib.maintainers; {
|
||||
maintainers = [ bjornfor ];
|
||||
};
|
||||
|
||||
|
|
2
third_party/nixpkgs/nixos/tests/avahi.nix
vendored
2
third_party/nixpkgs/nixos/tests/avahi.nix
vendored
|
@ -8,7 +8,7 @@
|
|||
# Test whether `avahi-daemon' and `libnss-mdns' work as expected.
|
||||
import ./make-test-python.nix {
|
||||
name = "avahi";
|
||||
meta = with pkgs.stdenv.lib.maintainers; {
|
||||
meta = with pkgs.lib.maintainers; {
|
||||
maintainers = [ eelco ];
|
||||
};
|
||||
|
||||
|
|
2
third_party/nixpkgs/nixos/tests/awscli.nix
vendored
2
third_party/nixpkgs/nixos/tests/awscli.nix
vendored
|
@ -1,6 +1,6 @@
|
|||
import ./make-test-python.nix ({ pkgs, ...} : {
|
||||
name = "awscli";
|
||||
meta = with pkgs.stdenv.lib.maintainers; {
|
||||
meta = with pkgs.lib.maintainers; {
|
||||
maintainers = [ nequissimus ];
|
||||
};
|
||||
|
||||
|
|
2
third_party/nixpkgs/nixos/tests/babeld.nix
vendored
2
third_party/nixpkgs/nixos/tests/babeld.nix
vendored
|
@ -1,7 +1,7 @@
|
|||
|
||||
import ./make-test-python.nix ({ pkgs, lib, ...} : {
|
||||
name = "babeld";
|
||||
meta = with pkgs.stdenv.lib.maintainers; {
|
||||
meta = with pkgs.lib.maintainers; {
|
||||
maintainers = [ hexa ];
|
||||
};
|
||||
|
||||
|
|
2
third_party/nixpkgs/nixos/tests/bat.nix
vendored
2
third_party/nixpkgs/nixos/tests/bat.nix
vendored
|
@ -1,6 +1,6 @@
|
|||
import ./make-test-python.nix ({ pkgs, ... }: {
|
||||
name = "bat";
|
||||
meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ nequissimus ]; };
|
||||
meta = with pkgs.lib.maintainers; { maintainers = [ nequissimus ]; };
|
||||
|
||||
machine = { pkgs, ... }: { environment.systemPackages = [ pkgs.bat ]; };
|
||||
|
||||
|
|
2
third_party/nixpkgs/nixos/tests/bcachefs.nix
vendored
2
third_party/nixpkgs/nixos/tests/bcachefs.nix
vendored
|
@ -1,6 +1,6 @@
|
|||
import ./make-test-python.nix ({ pkgs, ... }: {
|
||||
name = "bcachefs";
|
||||
meta.maintainers = with pkgs.stdenv.lib.maintainers; [ chiiruno ];
|
||||
meta.maintainers = with pkgs.lib.maintainers; [ chiiruno ];
|
||||
|
||||
machine = { pkgs, ... }: {
|
||||
virtualisation.emptyDiskImages = [ 4096 ];
|
||||
|
|
2
third_party/nixpkgs/nixos/tests/bitcoind.nix
vendored
2
third_party/nixpkgs/nixos/tests/bitcoind.nix
vendored
|
@ -1,6 +1,6 @@
|
|||
import ./make-test-python.nix ({ pkgs, ... }: {
|
||||
name = "bitcoind";
|
||||
meta = with pkgs.stdenv.lib; {
|
||||
meta = with pkgs.lib; {
|
||||
maintainers = with maintainers; [ _1000101 ];
|
||||
};
|
||||
|
||||
|
|
|
@ -35,7 +35,7 @@ in
|
|||
|
||||
{
|
||||
name = "bittorrent";
|
||||
meta = with pkgs.stdenv.lib.maintainers; {
|
||||
meta = with pkgs.lib.maintainers; {
|
||||
maintainers = [ domenkozar eelco rob bobvanderlinden ];
|
||||
};
|
||||
|
||||
|
|
|
@ -27,7 +27,7 @@ let
|
|||
makeBitwardenTest = backend: makeTest {
|
||||
name = "bitwarden_rs-${backend}";
|
||||
meta = {
|
||||
maintainers = with pkgs.stdenv.lib.maintainers; [ jjjollyjim ];
|
||||
maintainers = with pkgs.lib.maintainers; [ jjjollyjim ];
|
||||
};
|
||||
|
||||
nodes = {
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
import ./make-test-python.nix ({ pkgs, ... }: {
|
||||
name = "blockbook-frontend";
|
||||
meta = with pkgs.stdenv.lib; {
|
||||
meta = with pkgs.lib; {
|
||||
maintainers = with maintainers; [ _1000101 ];
|
||||
};
|
||||
|
||||
|
|
|
@ -158,5 +158,5 @@ import ./make-test-python.nix ({ pkgs, ... }: {
|
|||
machine.succeed('pgrep -a -f "^kcanary$"')
|
||||
'';
|
||||
|
||||
meta.maintainers = with pkgs.stdenv.lib.maintainers; [ aszlig ];
|
||||
meta.maintainers = with pkgs.lib.maintainers; [ aszlig ];
|
||||
})
|
||||
|
|
|
@ -36,7 +36,7 @@ let
|
|||
|
||||
in {
|
||||
name = "borgbackup";
|
||||
meta = with pkgs.stdenv.lib; {
|
||||
meta = with pkgs.lib; {
|
||||
maintainers = with maintainers; [ dotlambda ];
|
||||
};
|
||||
|
||||
|
|
2
third_party/nixpkgs/nixos/tests/buildbot.nix
vendored
2
third_party/nixpkgs/nixos/tests/buildbot.nix
vendored
|
@ -109,5 +109,5 @@ import ./make-test-python.nix {
|
|||
bbworker.fail("nc -z bbmaster 8011")
|
||||
'';
|
||||
|
||||
meta.maintainers = with pkgs.stdenv.lib.maintainers; [ nand0p ];
|
||||
meta.maintainers = with pkgs.lib.maintainers; [ nand0p ];
|
||||
} {}
|
||||
|
|
|
@ -2,7 +2,7 @@ import ./make-test-python.nix ({ pkgs, ... }:
|
|||
|
||||
{
|
||||
name = "buildkite-agent";
|
||||
meta = with pkgs.stdenv.lib.maintainers; {
|
||||
meta = with pkgs.lib.maintainers; {
|
||||
maintainers = [ flokli ];
|
||||
};
|
||||
|
||||
|
|
2
third_party/nixpkgs/nixos/tests/caddy.nix
vendored
2
third_party/nixpkgs/nixos/tests/caddy.nix
vendored
|
@ -1,6 +1,6 @@
|
|||
import ./make-test-python.nix ({ pkgs, ... }: {
|
||||
name = "caddy";
|
||||
meta = with pkgs.stdenv.lib.maintainers; {
|
||||
meta = with pkgs.lib.maintainers; {
|
||||
maintainers = [ xfix Br1ght0ne ];
|
||||
};
|
||||
|
||||
|
|
2
third_party/nixpkgs/nixos/tests/cadvisor.nix
vendored
2
third_party/nixpkgs/nixos/tests/cadvisor.nix
vendored
|
@ -1,6 +1,6 @@
|
|||
import ./make-test-python.nix ({ pkgs, ... } : {
|
||||
name = "cadvisor";
|
||||
meta = with pkgs.stdenv.lib.maintainers; {
|
||||
meta = with pkgs.lib.maintainers; {
|
||||
maintainers = [ offline ];
|
||||
};
|
||||
|
||||
|
|
2
third_party/nixpkgs/nixos/tests/cage.nix
vendored
2
third_party/nixpkgs/nixos/tests/cage.nix
vendored
|
@ -2,7 +2,7 @@ import ./make-test-python.nix ({ pkgs, ...} :
|
|||
|
||||
{
|
||||
name = "cage";
|
||||
meta = with pkgs.stdenv.lib.maintainers; {
|
||||
meta = with pkgs.lib.maintainers; {
|
||||
maintainers = [ matthewbauer flokli ];
|
||||
};
|
||||
|
||||
|
|
|
@ -9,7 +9,7 @@ let
|
|||
in
|
||||
{
|
||||
name = "cagebreak";
|
||||
meta = with pkgs.stdenv.lib.maintainers; {
|
||||
meta = with pkgs.lib.maintainers; {
|
||||
maintainers = [ berbiche ];
|
||||
};
|
||||
|
||||
|
|
|
@ -218,7 +218,7 @@ let
|
|||
'';
|
||||
in {
|
||||
name = "basic-multi-node-ceph-cluster";
|
||||
meta = with pkgs.stdenv.lib.maintainers; {
|
||||
meta = with pkgs.lib.maintainers; {
|
||||
maintainers = [ lejonet ];
|
||||
};
|
||||
|
||||
|
|
|
@ -184,7 +184,7 @@ let
|
|||
'';
|
||||
in {
|
||||
name = "basic-single-node-ceph-cluster";
|
||||
meta = with pkgs.stdenv.lib.maintainers; {
|
||||
meta = with pkgs.lib.maintainers; {
|
||||
maintainers = [ lejonet johanot ];
|
||||
};
|
||||
|
||||
|
|
|
@ -11,7 +11,7 @@ import ./make-test-python.nix ({ pkgs, ...} : let
|
|||
|
||||
in {
|
||||
name = "charliecloud";
|
||||
meta = with pkgs.stdenv.lib.maintainers; {
|
||||
meta = with pkgs.lib.maintainers; {
|
||||
maintainers = [ bzizou ];
|
||||
};
|
||||
|
||||
|
|
2
third_party/nixpkgs/nixos/tests/cjdns.nix
vendored
2
third_party/nixpkgs/nixos/tests/cjdns.nix
vendored
|
@ -19,7 +19,7 @@ in
|
|||
|
||||
import ./make-test-python.nix ({ pkgs, ...} : {
|
||||
name = "cjdns";
|
||||
meta = with pkgs.stdenv.lib.maintainers; {
|
||||
meta = with pkgs.lib.maintainers; {
|
||||
maintainers = [ ehmry ];
|
||||
};
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
import ./make-test-python.nix ({ pkgs, ... }: {
|
||||
name = "clickhouse";
|
||||
meta.maintainers = with pkgs.stdenv.lib.maintainers; [ ma27 ];
|
||||
meta.maintainers = with pkgs.lib.maintainers; [ ma27 ];
|
||||
|
||||
machine = {
|
||||
services.clickhouse.enable = true;
|
||||
|
|
|
@ -40,7 +40,7 @@ let
|
|||
};
|
||||
in makeTest {
|
||||
name = "cloud-init";
|
||||
meta = with pkgs.stdenv.lib.maintainers; {
|
||||
meta = with pkgs.lib.maintainers; {
|
||||
maintainers = [ lewo ];
|
||||
};
|
||||
machine = { ... }:
|
||||
|
|
|
@ -99,7 +99,7 @@ let
|
|||
|
||||
in import ./make-test-python.nix ({ pkgs, ...} : {
|
||||
name = "cockroachdb";
|
||||
meta.maintainers = with pkgs.stdenv.lib.maintainers;
|
||||
meta.maintainers = with pkgs.lib.maintainers;
|
||||
[ thoughtpolice ];
|
||||
|
||||
nodes = {
|
||||
|
|
|
@ -9,7 +9,7 @@ in
|
|||
|
||||
import ./make-test-python.nix ({ pkgs, ...} : {
|
||||
name = "containers-bridge";
|
||||
meta = with pkgs.stdenv.lib.maintainers; {
|
||||
meta = with pkgs.lib.maintainers; {
|
||||
maintainers = [ aristid aszlig eelco kampfschlaefer ];
|
||||
};
|
||||
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
import ./make-test-python.nix ({ pkgs, ...} : {
|
||||
name = "containers-extra_veth";
|
||||
meta = with pkgs.stdenv.lib.maintainers; {
|
||||
meta = with pkgs.lib.maintainers; {
|
||||
maintainers = [ kampfschlaefer ];
|
||||
};
|
||||
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
import ./make-test-python.nix ({ pkgs, ...} : {
|
||||
name = "containers-hosts";
|
||||
meta = with pkgs.stdenv.lib.maintainers; {
|
||||
meta = with pkgs.lib.maintainers; {
|
||||
maintainers = [ montag451 ];
|
||||
};
|
||||
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue