Project import generated by Copybara.

GitOrigin-RevId: a115bb9bd56831941be3776c8a94005867f316a7
This commit is contained in:
Default email 2022-11-27 10:42:12 +01:00
parent 6f77028a62
commit a71eb02b76
812 changed files with 41800 additions and 38607 deletions

View file

@ -1,4 +1,5 @@
**/deps.nix linguist-generated
**/deps.json linguist-generated
**/node-packages.nix linguist-generated
pkgs/applications/editors/emacs-modes/*-generated.nix linguist-generated

View file

@ -34,6 +34,10 @@ jobs:
pairs:
- from: master
into: haskell-updates
- from: release-22.11
into: staging-next-22.11
- from: staging-next-22.11
into: staging-22.11
- from: release-22.05
into: staging-next-22.05
- from: staging-next-22.05

View file

@ -1 +1 @@
22.11
23.05

View file

@ -100,10 +100,10 @@ stdenv.mkDerivation {
name = "hello";
src = fetchgit {
url = "https://...";
sparseCheckout = ''
directory/to/be/included
another/directory
'';
sparseCheckout = [
"directory/to/be/included"
"another/directory"
];
sha256 = "0000000000000000000000000000000000000000000000000000";
};
}

View file

@ -394,3 +394,142 @@ buildImage {
};
}
```
## buildNixShellImage {#ssec-pkgs-dockerTools-buildNixShellImage}
Create a Docker image that sets up an environment similar to that of running `nix-shell` on a derivation.
When run in Docker, this environment somewhat resembles the Nix sandbox typically used by `nix-build`, with a major difference being that access to the internet is allowed.
It additionally also behaves like an interactive `nix-shell`, running things like `shellHook` and setting an interactive prompt.
If the derivation is fully buildable (i.e. `nix-build` can be used on it), running `buildDerivation` inside such a Docker image will build the derivation, with all its outputs being available in the correct `/nix/store` paths, pointed to by the respective environment variables like `$out`, etc.
::: {.warning}
The behavior doesn't match `nix-shell` or `nix-build` exactly and this function is known not to work correctly for e.g. fixed-output derivations, content-addressed derivations, impure derivations and other special types of derivations.
:::
### Arguments
`drv`
: The derivation on which to base the Docker image.
Adding packages to the Docker image is possible by e.g. extending the list of `nativeBuildInputs` of this derivation like
```nix
buildNixShellImage {
drv = someDrv.overrideAttrs (old: {
nativeBuildInputs = old.nativeBuildInputs or [] ++ [
somethingExtra
];
});
# ...
}
```
Similarly, you can extend the image initialization script by extending `shellHook`
`name` _optional_
: The name of the resulting image.
*Default:* `drv.name + "-env"`
`tag` _optional_
: Tag of the generated image.
*Default:* the resulting image derivation output path's hash
`uid`/`gid` _optional_
: The user/group ID to run the container as. This is like a `nixbld` build user.
*Default:* 1000/1000
`homeDirectory` _optional_
: The home directory of the user the container is running as
*Default:* `/build`
`shell` _optional_
: The path to the `bash` binary to use as the shell. This shell is started when running the image.
*Default:* `pkgs.bashInteractive + "/bin/bash"`
`command` _optional_
: Run this command in the environment of the derivation, in an interactive shell. See the `--command` option in the [`nix-shell` documentation](https://nixos.org/manual/nix/stable/command-ref/nix-shell.html?highlight=nix-shell#options).
*Default:* (none)
`run` _optional_
: Same as `command`, but runs the command in a non-interactive shell instead. See the `--run` option in the [`nix-shell` documentation](https://nixos.org/manual/nix/stable/command-ref/nix-shell.html?highlight=nix-shell#options).
*Default:* (none)
### Example
The following shows how to build the `pkgs.hello` package inside a Docker container built with `buildNixShellImage`.
```nix
with import <nixpkgs> {};
dockerTools.buildNixShellImage {
drv = hello;
}
```
Build the derivation:
```console
nix-build hello.nix
```
these 8 derivations will be built:
/nix/store/xmw3a5ln29rdalavcxk1w3m4zb2n7kk6-nix-shell-rc.drv
...
Creating layer 56 from paths: ['/nix/store/crpnj8ssz0va2q0p5ibv9i6k6n52gcya-stdenv-linux']
Creating layer 57 with customisation...
Adding manifests...
Done.
/nix/store/cpyn1lc897ghx0rhr2xy49jvyn52bazv-hello-2.12-env.tar.gz
Load the image:
```console
docker load -i result
```
0d9f4c4cd109: Loading layer [==================================================>] 2.56MB/2.56MB
...
ab1d897c0697: Loading layer [==================================================>] 10.24kB/10.24kB
Loaded image: hello-2.12-env:pgj9h98nal555415faa43vsydg161bdz
Run the container:
```console
docker run -it hello-2.12-env:pgj9h98nal555415faa43vsydg161bdz
```
[nix-shell:/build]$
In the running container, run the build:
```console
buildDerivation
```
unpacking sources
unpacking source archive /nix/store/8nqv6kshb3vs5q5bs2k600xpj5bkavkc-hello-2.12.tar.gz
...
patching script interpreter paths in /nix/store/z5wwy5nagzy15gag42vv61c2agdpz2f2-hello-2.12
checking for references to /build/ in /nix/store/z5wwy5nagzy15gag42vv61c2agdpz2f2-hello-2.12...
Check the build result:
```console
$out/bin/hello
```
Hello, world!

View file

@ -177,7 +177,7 @@ buildNpmPackage rec {
patches = [ ./remove-prepack-script.patch ];
npmDepsHash = "sha256-s8SpZY/1tKZVd3vt7sA9vsqHvEaNORQBMrSyhWpj048=";
npmDepsHash = "sha256-tuEfyePwlOy2/mOPdXbqJskO6IowvAP4DWg8xSZwbJw=";
NODE_OPTIONS = "--openssl-legacy-provider";
@ -196,7 +196,7 @@ buildNpmPackage rec {
* `makeCacheWritable`: Whether to make the cache writable prior to installing dependencies. Don't set this unless npm tries to write to the cache directory, as it can slow down the build.
* `npmBuildScript`: The script to run to build the project. Defaults to `"build"`.
* `npmFlags`: Flags to pass to all npm commands.
* `npmInstallFlags`: Flags to pass to `npm ci`.
* `npmInstallFlags`: Flags to pass to `npm ci` and `npm prune`.
* `npmBuildFlags`: Flags to pass to `npm run ${npmBuildScript}`.
* `npmPackFlags`: Flags to pass to `npm pack`.

View file

@ -608,227 +608,6 @@ buildPythonPackage rec {
}
```
## `buildRustCrate`: Compiling Rust crates using Nix instead of Cargo {#compiling-rust-crates-using-nix-instead-of-cargo}
### Simple operation {#simple-operation}
When run, `cargo build` produces a file called `Cargo.lock`,
containing pinned versions of all dependencies. Nixpkgs contains a
tool called `carnix` (`nix-env -iA nixos.carnix`), which can be used
to turn a `Cargo.lock` into a Nix expression.
That Nix expression calls `rustc` directly (hence bypassing Cargo),
and can be used to compile a crate and all its dependencies. Here is
an example for a minimal `hello` crate:
```ShellSession
$ cargo new hello
$ cd hello
$ cargo build
Compiling hello v0.1.0 (file:///tmp/hello)
Finished dev [unoptimized + debuginfo] target(s) in 0.20 secs
$ carnix -o hello.nix --src ./. Cargo.lock --standalone
$ nix-build hello.nix -A hello_0_1_0
```
Now, the file produced by the call to `carnix`, called `hello.nix`, looks like:
```nix
# Generated by carnix 0.6.5: carnix -o hello.nix --src ./. Cargo.lock --standalone
{ stdenv, buildRustCrate, fetchgit }:
let kernel = stdenv.buildPlatform.parsed.kernel.name;
# ... (content skipped)
in
rec {
hello = f: hello_0_1_0 { features = hello_0_1_0_features { hello_0_1_0 = f; }; };
hello_0_1_0_ = { dependencies?[], buildDependencies?[], features?[] }: buildRustCrate {
crateName = "hello";
version = "0.1.0";
authors = [ "pe@pijul.org <pe@pijul.org>" ];
src = ./.;
inherit dependencies buildDependencies features;
};
hello_0_1_0 = { features?(hello_0_1_0_features {}) }: hello_0_1_0_ {};
hello_0_1_0_features = f: updateFeatures f (rec {
hello_0_1_0.default = (f.hello_0_1_0.default or true);
}) [ ];
}
```
In particular, note that the argument given as `--src` is copied
verbatim to the source. If we look at a more complicated
dependencies, for instance by adding a single line `libc="*"` to our
`Cargo.toml`, we first need to run `cargo build` to update the
`Cargo.lock`. Then, `carnix` needs to be run again, and produces the
following nix file:
```nix
# Generated by carnix 0.6.5: carnix -o hello.nix --src ./. Cargo.lock --standalone
{ stdenv, buildRustCrate, fetchgit }:
let kernel = stdenv.buildPlatform.parsed.kernel.name;
# ... (content skipped)
in
rec {
hello = f: hello_0_1_0 { features = hello_0_1_0_features { hello_0_1_0 = f; }; };
hello_0_1_0_ = { dependencies?[], buildDependencies?[], features?[] }: buildRustCrate {
crateName = "hello";
version = "0.1.0";
authors = [ "pe@pijul.org <pe@pijul.org>" ];
src = ./.;
inherit dependencies buildDependencies features;
};
libc_0_2_36_ = { dependencies?[], buildDependencies?[], features?[] }: buildRustCrate {
crateName = "libc";
version = "0.2.36";
authors = [ "The Rust Project Developers" ];
sha256 = "01633h4yfqm0s302fm0dlba469bx8y6cs4nqc8bqrmjqxfxn515l";
inherit dependencies buildDependencies features;
};
hello_0_1_0 = { features?(hello_0_1_0_features {}) }: hello_0_1_0_ {
dependencies = mapFeatures features ([ libc_0_2_36 ]);
};
hello_0_1_0_features = f: updateFeatures f (rec {
hello_0_1_0.default = (f.hello_0_1_0.default or true);
libc_0_2_36.default = true;
}) [ libc_0_2_36_features ];
libc_0_2_36 = { features?(libc_0_2_36_features {}) }: libc_0_2_36_ {
features = mkFeatures (features.libc_0_2_36 or {});
};
libc_0_2_36_features = f: updateFeatures f (rec {
libc_0_2_36.default = (f.libc_0_2_36.default or true);
libc_0_2_36.use_std =
(f.libc_0_2_36.use_std or false) ||
(f.libc_0_2_36.default or false) ||
(libc_0_2_36.default or false);
}) [];
}
```
Here, the `libc` crate has no `src` attribute, so `buildRustCrate`
will fetch it from [crates.io](https://crates.io). A `sha256`
attribute is still needed for Nix purity.
### Handling external dependencies {#handling-external-dependencies}
Some crates require external libraries. For crates from
[crates.io](https://crates.io), such libraries can be specified in
`defaultCrateOverrides` package in nixpkgs itself.
Starting from that file, one can add more overrides, to add features
or build inputs by overriding the hello crate in a separate file.
```nix
with import <nixpkgs> {};
((import ./hello.nix).hello {}).override {
crateOverrides = defaultCrateOverrides // {
hello = attrs: { buildInputs = [ openssl ]; };
};
}
```
Here, `crateOverrides` is expected to be a attribute set, where the
key is the crate name without version number and the value a function.
The function gets all attributes passed to `buildRustCrate` as first
argument and returns a set that contains all attribute that should be
overwritten.
For more complicated cases, such as when parts of the crate's
derivation depend on the crate's version, the `attrs` argument of
the override above can be read, as in the following example, which
patches the derivation:
```nix
with import <nixpkgs> {};
((import ./hello.nix).hello {}).override {
crateOverrides = defaultCrateOverrides // {
hello = attrs: lib.optionalAttrs (lib.versionAtLeast attrs.version "1.0") {
postPatch = ''
substituteInPlace lib/zoneinfo.rs \
--replace "/usr/share/zoneinfo" "${tzdata}/share/zoneinfo"
'';
};
};
}
```
Another situation is when we want to override a nested
dependency. This actually works in the exact same way, since the
`crateOverrides` parameter is forwarded to the crate's
dependencies. For instance, to override the build inputs for crate
`libc` in the example above, where `libc` is a dependency of the main
crate, we could do:
```nix
with import <nixpkgs> {};
((import hello.nix).hello {}).override {
crateOverrides = defaultCrateOverrides // {
libc = attrs: { buildInputs = []; };
};
}
```
### Options and phases configuration {#options-and-phases-configuration}
Actually, the overrides introduced in the previous section are more
general. A number of other parameters can be overridden:
- The version of `rustc` used to compile the crate:
```nix
(hello {}).override { rust = pkgs.rust; };
```
- Whether to build in release mode or debug mode (release mode by
default):
```nix
(hello {}).override { release = false; };
```
- Whether to print the commands sent to `rustc` when building
(equivalent to `--verbose` in cargo:
```nix
(hello {}).override { verbose = false; };
```
- Extra arguments to be passed to `rustc`:
```nix
(hello {}).override { extraRustcOpts = "-Z debuginfo=2"; };
```
- Phases, just like in any other derivation, can be specified using
the following attributes: `preUnpack`, `postUnpack`, `prePatch`,
`patches`, `postPatch`, `preConfigure` (in the case of a Rust crate,
this is run before calling the "build" script), `postConfigure`
(after the "build" script),`preBuild`, `postBuild`, `preInstall` and
`postInstall`. As an example, here is how to create a new module
before running the build script:
```nix
(hello {}).override {
preConfigure = ''
echo "pub const PATH=\"${hi.out}\";" >> src/path.rs"
'';
};
```
### Features {#features}
One can also supply features switches. For example, if we want to
compile `diesel_cli` only with the `postgres` feature, and no default
features, we would write:
```nix
(callPackage ./diesel.nix {}).diesel {
default = false;
postgres = true;
}
```
Where `diesel.nix` is the file generated by Carnix, as explained above.
## Setting Up `nix-shell` {#setting-up-nix-shell}
Oftentimes you want to develop code from within `nix-shell`. Unfortunately

View file

@ -422,29 +422,29 @@ rec {
else if (elemAt l 1) == "elf"
then { cpu = elemAt l 0; vendor = "unknown"; kernel = "none"; abi = elemAt l 1; }
else { cpu = elemAt l 0; kernel = elemAt l 1; };
"3" = # Awkward hacks, beware!
if elemAt l 1 == "apple"
then { cpu = elemAt l 0; vendor = "apple"; kernel = elemAt l 2; }
else if (elemAt l 1 == "linux") || (elemAt l 2 == "gnu")
then { cpu = elemAt l 0; kernel = elemAt l 1; abi = elemAt l 2; }
else if (elemAt l 2 == "mingw32") # autotools breaks on -gnu for window
then { cpu = elemAt l 0; vendor = elemAt l 1; kernel = "windows"; }
else if (elemAt l 2 == "wasi")
then { cpu = elemAt l 0; vendor = elemAt l 1; kernel = "wasi"; }
else if (elemAt l 2 == "redox")
then { cpu = elemAt l 0; vendor = elemAt l 1; kernel = "redox"; }
else if (elemAt l 2 == "mmixware")
then { cpu = elemAt l 0; vendor = elemAt l 1; kernel = "mmixware"; }
else if hasPrefix "freebsd" (elemAt l 2)
then { cpu = elemAt l 0; vendor = elemAt l 1; kernel = elemAt l 2; }
else if hasPrefix "netbsd" (elemAt l 2)
then { cpu = elemAt l 0; vendor = elemAt l 1; kernel = elemAt l 2; }
else if (elem (elemAt l 2) ["eabi" "eabihf" "elf"])
then { cpu = elemAt l 0; vendor = "unknown"; kernel = elemAt l 1; abi = elemAt l 2; }
else if (elemAt l 2 == "ghcjs")
then { cpu = elemAt l 0; vendor = "unknown"; kernel = elemAt l 2; }
else if hasPrefix "genode" (elemAt l 2)
then { cpu = elemAt l 0; vendor = elemAt l 1; kernel = elemAt l 2; }
"3" =
# cpu-kernel-environment
if elemAt l 1 == "linux" ||
elem (elemAt l 2) ["eabi" "eabihf" "elf" "gnu"]
then {
cpu = elemAt l 0;
kernel = elemAt l 1;
abi = elemAt l 2;
vendor = "unknown";
}
# cpu-vendor-os
else if elemAt l 1 == "apple" ||
elem (elemAt l 2) [ "wasi" "redox" "mmixware" "ghcjs" "mingw32" ] ||
hasPrefix "freebsd" (elemAt l 2) ||
hasPrefix "netbsd" (elemAt l 2) ||
hasPrefix "genode" (elemAt l 2)
then {
cpu = elemAt l 0;
vendor = elemAt l 1;
kernel = if elemAt l 2 == "mingw32"
then "windows" # autotools breaks on -gnu for window
else elemAt l 2;
}
else throw "Target specification with 3 components is ambiguous";
"4" = { cpu = elemAt l 0; vendor = elemAt l 1; kernel = elemAt l 2; abi = elemAt l 3; };
}.${toString (length l)}

View file

@ -195,7 +195,7 @@ rec {
On each release the first letter is bumped and a new animal is chosen
starting with that new letter.
*/
codeName = "Raccoon";
codeName = "Stoat";
/* Returns the current nixpkgs version suffix as string. */
versionSuffix =
@ -213,8 +213,8 @@ rec {
# Default value to return if revision can not be determined
default:
let
revisionFile = ./.. + "/.git-revision";
gitRepo = ./.. + "/.git";
revisionFile = "${toString ./..}/.git-revision";
gitRepo = "${toString ./..}/.git";
in if lib.pathIsGitRepo gitRepo
then lib.commitIdFromGitRepo gitRepo
else if lib.pathExists revisionFile then lib.fileContents revisionFile

View file

@ -2233,6 +2233,12 @@
github = "scaredmushroom";
githubId = 45340040;
};
CaptainJawZ = {
email = "CaptainJawZ@outlook.com";
name = "Danilo Reyes";
github = "CaptainJawZ";
githubId = 43111068;
};
carlosdagos = {
email = "m@cdagostino.io";
github = "carlosdagos";
@ -5413,6 +5419,12 @@
fingerprint = "3F35 E4CA CBF4 2DE1 2E90 53E5 03A6 E6F7 8693 6619";
}];
};
harrisonthorne = {
email = "harrisonthorne@proton.me";
github = "harrisonthorne";
githubId = 33523827;
name = "Harrison Thorne";
};
harvidsen = {
email = "harvidsen@gmail.com";
github = "harvidsen";
@ -6812,6 +6824,12 @@
githubId = 7673602;
name = "Jonathan Ringer";
};
jordanisaacs = {
name = "Jordan Isaacs";
email = "nix@jdisaacs.com";
github = "jordanisaacs";
githubId = 19742638;
};
jorise = {
email = "info@jorisengbers.nl";
github = "JorisE";
@ -10652,6 +10670,12 @@
githubId = 84886;
name = "Paul Baecher";
};
pbar = {
email = "piercebartine@gmail.com";
github = "pbar1";
githubId = 26949935;
name = "Pierce Bartine";
};
pbogdan = {
email = "ppbogdan@gmail.com";
github = "pbogdan";
@ -14287,6 +14311,12 @@
githubId = 32751441;
name = "urlordjames";
};
ursi = {
email = "masondeanm@aol.com";
github = "ursi";
githubId = 17836748;
name = "Mason Mackaman";
};
uskudnik = {
email = "urban.skudnik@gmail.com";
github = "uskudnik";
@ -15909,10 +15939,4 @@
github = "wuyoli";
githubId = 104238274;
};
jordanisaacs = {
name = "Jordan Isaacs";
email = "nix@jdisaacs.com";
github = "jordanisaacs";
githubId = 19742638;
};
}

View file

@ -211,7 +211,7 @@ $ sudo groupdel nixbld
Generate your NixOS configuration:
</para>
<programlisting>
$ sudo `which nixos-generate-config` --root /
$ sudo `which nixos-generate-config`
</programlisting>
<para>
Note that this will place the generated configuration files in

View file

@ -1435,7 +1435,7 @@ Superuser created successfully.
<para>
The default GNAT version has been changed: The
<literal>gnat</literal> attribute now points to
<literal>gnat11</literal> instead of <literal>gnat9</literal>.
<literal>gnat12</literal> instead of <literal>gnat9</literal>.
</para>
</listitem>
<listitem>

View file

@ -278,6 +278,16 @@
<link linkend="opt-services.prometheus.sachet.enable">services.prometheus.sachet</link>.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://evcc.io">EVCC</link> is an EV charge
controller with PV integration. It supports a multitude of
chargers, meters, vehicle APIs and more and ties that together
with a well-tested backend and a lightweight web frontend.
Available as
<link linkend="opt-services.evcc.enable">services.evcc</link>.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://github.com/leetronics/infnoise">infnoise</link>,
@ -580,6 +590,15 @@
future Git update without notice.
</para>
</listitem>
<listitem>
<para>
The <literal>fetchgit</literal> fetcher supports sparse
checkouts via the <literal>sparseCheckout</literal> option.
This used to accept a multi-line string with
directories/patterns to check out, but now requires a list of
strings.
</para>
</listitem>
<listitem>
<para>
<literal>openssh</literal> was updated to version 9.1,
@ -637,7 +656,7 @@
<literal>22.11</literal>. This is to make sure that people
using
<link xlink:href="https://docs.nextcloud.com/server/latest/admin_manual/configuration_files/encryption_configuration.html">server-side
encryption</link> dont loose access to their files.
encryption</link> dont lose access to their files.
</para>
<para>
In any other case its safe to use OpenSSL 3 for PHPs openssl
@ -690,6 +709,14 @@
<literal>emacs-gtk</literal>.
</para>
</listitem>
<listitem>
<para>
<literal>kanidm</literal> has been updated to 1.1.0-alpha.10
and now requires a tls certificate and key. It will always
start an https and if enabled an ldaps server and no http
and ldap server anymore.
</para>
</listitem>
<listitem>
<para>
riak package removed along with
@ -1383,6 +1410,14 @@ services.github-runner.serviceOverrides.SupplementaryGroups = [
for more details.
</para>
</listitem>
<listitem>
<para>
The <literal>netlify-cli</literal> package has been updated
from 6.13.2 to 12.2.4, see the
<link xlink:href="https://github.com/netlify/cli/releases">changelog</link>
for more details.
</para>
</listitem>
<listitem>
<para>
<literal>dockerTools.buildImage</literal> deprecates the
@ -1392,6 +1427,26 @@ services.github-runner.serviceOverrides.SupplementaryGroups = [
if you intend to add packages to <literal>/bin</literal>.
</para>
</listitem>
<listitem>
<para>
The <literal>proxmox.qemuConf.bios</literal> option was added,
it corresponds to <literal>Hardware-&gt;BIOS</literal> field
in Proxmox web interface. Use
<literal>&quot;ovmf&quot;</literal> value to build UEFI image,
default value remains <literal>&quot;bios&quot;</literal>. New
option <literal>proxmox.partitionTableType</literal> defaults
to either <literal>&quot;legacy&quot;</literal> or
<literal>&quot;efi&quot;</literal>, depending on the
<literal>bios</literal> value. Setting
<literal>partitionTableType</literal> to
<literal>&quot;hybrid&quot;</literal> results in an image,
which supports both methods
(<literal>&quot;bios&quot;</literal> and
<literal>&quot;ovmf&quot;</literal>), thereby remaining
bootable after change to Proxmox
<literal>Hardware-&gt;BIOS</literal> field.
</para>
</listitem>
<listitem>
<para>
memtest86+ was updated from 5.00-coreboot-002 to 6.00-beta2.
@ -1647,6 +1702,22 @@ services.github-runner.serviceOverrides.SupplementaryGroups = [
<literal>picom</literal> to quit instead.
</para>
</listitem>
<listitem>
<para>
<literal>haskellPackage.callHackage</literal> is not always
invalidated if <literal>all-cabal-hashes</literal> changes,
leading to less rebuilds of haskell dependencies.
</para>
</listitem>
<listitem>
<para>
<literal>haskellPackages.callHackage</literal> and
<literal>haskellPackages.callCabal2nix</literal> (and related
functions) no longer keep a reference to the
<literal>cabal2nix</literal> call used to generate them. As a
result, they will be garbage collected more often.
</para>
</listitem>
</itemizedlist>
</section>
</section>

View file

@ -0,0 +1,91 @@
<section xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" xml:id="sec-release-23.05">
<title>Release 23.05 (“Stoat”, 2023.05/??)</title>
<para>
Support is planned until the end of December 2023, handing over to
23.11.
</para>
<section xml:id="sec-release-23.05-highlights">
<title>Highlights</title>
<para>
In addition to numerous new and upgraded packages, this release
has the following highlights:
</para>
<itemizedlist spacing="compact">
<listitem>
<para>
Create the first release note entry in this section!
</para>
</listitem>
</itemizedlist>
</section>
<section xml:id="sec-release-23.05-new-services">
<title>New Services</title>
<itemizedlist spacing="compact">
<listitem>
<para>
Create the first release note entry in this section!
</para>
</listitem>
</itemizedlist>
</section>
<section xml:id="sec-release-23.05-incompatibilities">
<title>Backward Incompatibilities</title>
<itemizedlist>
<listitem>
<para>
<literal>carnix</literal> and <literal>cratesIO</literal> has
been removed due to being unmaintained, use alternatives such
as
<link xlink:href="https://github.com/nix-community/naersk">naersk</link>
and
<link xlink:href="https://github.com/kolloch/crate2nix">crate2nix</link>
instead.
</para>
</listitem>
<listitem>
<para>
The EC2 image module no longer fetches instance metadata in
stage-1. This results in a significantly smaller initramfs,
since network drivers no longer need to be included, and
faster boots, since metadata fetching can happen in parallel
with startup of other services. This breaks services which
rely on metadata being present by the time stage-2 is entered.
Anything which reads EC2 metadata from
<literal>/etc/ec2-metadata</literal> should now have an
<literal>after</literal> dependency on
<literal>fetch-ec2-metadata.service</literal>
</para>
</listitem>
<listitem>
<para>
The EC2 image module previously detected and automatically
mounted ext3-formatted instance store devices and partitions
in stage-1 (initramfs), storing <literal>/tmp</literal> on the
first discovered device. This behaviour, which only catered to
very specific use cases and could not be disabled, has been
removed. Users relying on this should provide their own
implementation, and probably use ext4 and perform the mount in
stage-2.
</para>
</listitem>
<listitem>
<para>
The EC2 image module previously detected and activated
swap-formatted instance store devices and partitions in
stage-1 (initramfs). This behaviour has been removed. Users
relying on this should provide their own implementation.
</para>
</listitem>
</itemizedlist>
</section>
<section xml:id="sec-release-23.05-notable-changes">
<title>Other Notable Changes</title>
<itemizedlist spacing="compact">
<listitem>
<para>
Create the first release note entry in this section!
</para>
</listitem>
</itemizedlist>
</section>
</section>

View file

@ -148,7 +148,7 @@ The first steps to all these are the same:
Generate your NixOS configuration:
```ShellSession
$ sudo `which nixos-generate-config` --root /
$ sudo `which nixos-generate-config`
```
Note that this will place the generated configuration files in

View file

@ -8,6 +8,7 @@
This section lists the release notes for each stable version of NixOS and
current unstable revision.
</para>
<xi:include href="../from_md/release-notes/rl-2305.section.xml" />
<xi:include href="../from_md/release-notes/rl-2211.section.xml" />
<xi:include href="../from_md/release-notes/rl-2205.section.xml" />
<xi:include href="../from_md/release-notes/rl-2111.section.xml" />

View file

@ -427,7 +427,7 @@ In addition to numerous new and upgraded packages, this release has the followin
- The `services.ddclient.password` option was removed, and replaced with `services.ddclient.passwordFile`.
- The default GNAT version has been changed: The `gnat` attribute now points to `gnat11`
- The default GNAT version has been changed: The `gnat` attribute now points to `gnat12`
instead of `gnat9`.
- `retroArchCores` has been removed. This means that using `nixpkgs.config.retroarch` to customize RetroArch cores is not supported anymore. Instead, use package overrides, for example: `retroarch.override { cores = with libretro; [ citra snes9x ]; };`. Also, `retroarchFull` derivation is available for those who want to have all RetroArch cores available.

View file

@ -98,6 +98,8 @@ In addition to numerous new and upgraded packages, this release has the followin
- [Sachet](https://github.com/messagebird/sachet/), an SMS alerting tool for the Prometheus Alertmanager. Available as [services.prometheus.sachet](#opt-services.prometheus.sachet.enable).
- [EVCC](https://evcc.io) is an EV charge controller with PV integration. It supports a multitude of chargers, meters, vehicle APIs and more and ties that together with a well-tested backend and a lightweight web frontend. Available as [services.evcc](#opt-services.evcc.enable).
- [infnoise](https://github.com/leetronics/infnoise), a hardware True Random Number Generator dongle.
Available as [services.infnoise](options.html#opt-services.infnoise.enable).
@ -191,6 +193,8 @@ Available as [services.patroni](options.html#opt-services.patroni.enable).
- The `fetchgit` fetcher now uses [cone mode](https://www.git-scm.com/docs/git-sparse-checkout/2.37.0#_internalscone_mode_handling) by default for sparse checkouts. [Non-cone mode](https://www.git-scm.com/docs/git-sparse-checkout/2.37.0#_internalsnon_cone_problems) can be enabled by passing `nonConeMode = true`, but note that non-cone mode is deprecated and this option may be removed alongside a future Git update without notice.
- The `fetchgit` fetcher supports sparse checkouts via the `sparseCheckout` option. This used to accept a multi-line string with directories/patterns to check out, but now requires a list of strings.
- `openssh` was updated to version 9.1, disabling the generation of DSA keys when using `ssh-keygen -A` as they are insecure. Also, `SetEnv` directives in `ssh_config` and `sshd_config` are now first-match-wins
- `bsp-layout` no longer uses the command `cycle` to switch to other window layouts, as it got replaced by the commands `previous` and `next`.
@ -206,7 +210,7 @@ Available as [services.patroni](options.html#opt-services.patroni.enable).
- The `openssl`-extension for the PHP interpreter used by Nextcloud is built against OpenSSL 1.1 if
[](#opt-system.stateVersion) is below `22.11`. This is to make sure that people using [server-side encryption](https://docs.nextcloud.com/server/latest/admin_manual/configuration_files/encryption_configuration.html)
don't loose access to their files.
don't lose access to their files.
In any other case it's safe to use OpenSSL 3 for PHP's openssl extension. This can be done by setting
[](#opt-services.nextcloud.enableBrokenCiphersForSSE) to `false`.
@ -227,6 +231,8 @@ Available as [services.patroni](options.html#opt-services.patroni.enable).
- Emacs now uses the Lucid toolkit by default instead of GTK because of stability and compatibility issues.
Users who still wish to remain using GTK can do so by using `emacs-gtk`.
- `kanidm` has been updated to 1.1.0-alpha.10 and now requires a tls certificate and key. It will always start an https and if enabled an ldaps server and no http and ldap server anymore.
- riak package removed along with `services.riak` module, due to lack of maintainer to update the package.
- ppd files in `pkgs.cups-drv-rastertosag-gdi` are now gzipped. If you refer to such a ppd file with its path (e.g. via [hardware.printers.ensurePrinters](options.html#opt-hardware.printers.ensurePrinters)) you will need to append `.gz` to the path.
@ -448,9 +454,13 @@ Available as [services.patroni](options.html#opt-services.patroni.enable).
- The `guake` package has been updated from 3.6.3 to 3.9.0, see the [changelog](https://github.com/Guake/guake/releases) for more details.
- The `netlify-cli` package has been updated from 6.13.2 to 12.2.4, see the [changelog](https://github.com/netlify/cli/releases) for more details.
- `dockerTools.buildImage` deprecates the misunderstood `contents` parameter, in favor of `copyToRoot`.
Use `copyToRoot = buildEnv { ... };` or similar if you intend to add packages to `/bin`.
- The `proxmox.qemuConf.bios` option was added, it corresponds to `Hardware->BIOS` field in Proxmox web interface. Use `"ovmf"` value to build UEFI image, default value remains `"bios"`. New option `proxmox.partitionTableType` defaults to either `"legacy"` or `"efi"`, depending on the `bios` value. Setting `partitionTableType` to `"hybrid"` results in an image, which supports both methods (`"bios"` and `"ovmf"`), thereby remaining bootable after change to Proxmox `Hardware->BIOS` field.
- memtest86+ was updated from 5.00-coreboot-002 to 6.00-beta2. It is now the upstream version from https://www.memtest.org/, as coreboot's fork is no longer available.
- Option descriptions, examples, and defaults writting in DocBook are now deprecated. Using CommonMark is preferred and will become the default in a future release.
@ -521,4 +531,8 @@ Available as [services.patroni](options.html#opt-services.patroni.enable).
- The option `services.picom.experimentalBackends` was removed since it is now the default and the option will cause `picom` to quit instead.
- `haskellPackage.callHackage` is not always invalidated if `all-cabal-hashes` changes, leading to less rebuilds of haskell dependencies.
- `haskellPackages.callHackage` and `haskellPackages.callCabal2nix` (and related functions) no longer keep a reference to the `cabal2nix` call used to generate them. As a result, they will be garbage collected more often.
<!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. -->

View file

@ -0,0 +1,36 @@
# Release 23.05 (“Stoat”, 2023.05/??) {#sec-release-23.05}
Support is planned until the end of December 2023, handing over to 23.11.
## Highlights {#sec-release-23.05-highlights}
In addition to numerous new and upgraded packages, this release has the following highlights:
<!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. -->
- Create the first release note entry in this section!
## New Services {#sec-release-23.05-new-services}
<!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. -->
- Create the first release note entry in this section!
## Backward Incompatibilities {#sec-release-23.05-incompatibilities}
<!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. -->
- `carnix` and `cratesIO` has been removed due to being unmaintained, use alternatives such as [naersk](https://github.com/nix-community/naersk) and [crate2nix](https://github.com/kolloch/crate2nix) instead.
- The EC2 image module no longer fetches instance metadata in stage-1. This results in a significantly smaller initramfs, since network drivers no longer need to be included, and faster boots, since metadata fetching can happen in parallel with startup of other services.
This breaks services which rely on metadata being present by the time stage-2 is entered. Anything which reads EC2 metadata from `/etc/ec2-metadata` should now have an `after` dependency on `fetch-ec2-metadata.service`
- The EC2 image module previously detected and automatically mounted ext3-formatted instance store devices and partitions in stage-1 (initramfs), storing `/tmp` on the first discovered device. This behaviour, which only catered to very specific use cases and could not be disabled, has been removed. Users relying on this should provide their own implementation, and probably use ext4 and perform the mount in stage-2.
- The EC2 image module previously detected and activated swap-formatted instance store devices and partitions in stage-1 (initramfs). This behaviour has been removed. Users relying on this should provide their own implementation.
## Other Notable Changes {#sec-release-23.05-notable-changes}
<!-- To avoid merge conflicts, consider adding your item at an arbitrary place in the list instead. -->
- Create the first release note entry in this section!

View file

@ -43,7 +43,7 @@ in {
sizeMB = mkOption {
type = with types; either (enum [ "auto" ]) int;
default = if config.ec2.hvm then 2048 else 8192;
default = 2048;
example = 8192;
description = lib.mdDoc "The size in MB of the image";
};
@ -60,9 +60,6 @@ in {
''
{ modulesPath, ... }: {
imports = [ "''${modulesPath}/virtualisation/amazon-image.nix" ];
${optionalString config.ec2.hvm ''
ec2.hvm = true;
''}
${optionalString config.ec2.efi ''
ec2.efi = true;
''}
@ -129,9 +126,7 @@ in {
pkgs = import ../../../.. { inherit (pkgs) system; }; # ensure we use the regular qemu-kvm package
fsType = "ext4";
partitionTableType = if config.ec2.efi then "efi"
else if config.ec2.hvm then "legacy+gpt"
else "none";
partitionTableType = if config.ec2.efi then "efi" else "legacy+gpt";
diskSize = cfg.sizeMB;

View file

@ -491,6 +491,7 @@
./services/hardware/vdr.nix
./services/home-automation/home-assistant.nix
./services/home-automation/zigbee2mqtt.nix
./services/home-automation/evcc.nix
./services/logging/SystemdJournal2Gelf.nix
./services/logging/awstats.nix
./services/logging/filebeat.nix

View file

@ -16,11 +16,12 @@ in
group.
'';
};
package = mkPackageOption pkgs "flashrom" { };
};
config = mkIf cfg.enable {
services.udev.packages = [ pkgs.flashrom ];
environment.systemPackages = [ pkgs.flashrom ];
services.udev.packages = [ cfg.package ];
environment.systemPackages = [ cfg.package ];
users.groups.flashrom = { };
};
}

View file

@ -247,6 +247,7 @@ in {
DynamicUser = true;
Restart = "on-failure";
StateDirectory = "lighthouse-beacon";
ReadWritePaths = [ cfg.beacon.dataDir ];
NoNewPrivileges = true;
PrivateTmp = true;
ProtectHome = true;
@ -287,6 +288,7 @@ in {
serviceConfig = {
Restart = "on-failure";
StateDirectory = "lighthouse-validator";
ReadWritePaths = [ cfg.validator.dataDir ];
CapabilityBoundingSet = "";
DynamicUser = true;
NoNewPrivileges = true;

View file

@ -361,8 +361,10 @@ in {
fi
echo 'include "${redisConfStore}"' > "${redisConfRun}"
${optionalString (conf.requirePassFile != null) ''
{echo -n "requirepass "
cat ${escapeShellArg conf.requirePassFile}} >> "${redisConfRun}"
{
echo -n "requirepass "
cat ${escapeShellArg conf.requirePassFile}
} >> "${redisConfRun}"
''}
'');
Type = "notify";

View file

@ -0,0 +1,92 @@
{ lib
, pkgs
, config
, ...
}:
with lib;
let
cfg = config.services.evcc;
format = pkgs.formats.yaml {};
configFile = format.generate "evcc.yml" cfg.settings;
package = pkgs.evcc;
in
{
meta.maintainers = with lib.maintainers; [ hexa ];
options.services.evcc = with types; {
enable = mkEnableOption (lib.mdDoc "EVCC, the extensible EV Charge Controller with PV integration");
extraArgs = mkOption {
type = listOf str;
default = [];
description = lib.mdDoc ''
Extra arguments to pass to the evcc executable.
'';
};
settings = mkOption {
type = format.type;
description = lib.mdDoc ''
evcc configuration as a Nix attribute set.
Check for possible options in the sample [evcc.dist.yaml](https://github.com/andig/evcc/blob/${package.version}/evcc.dist.yaml].
'';
};
};
config = mkIf cfg.enable {
systemd.services.evcc = {
after = [
"network-online.target"
"mosquitto.target"
];
wantedBy = [
"multi-user.target"
];
serviceConfig = {
ExecStart = "${package}/bin/evcc --config ${configFile} ${escapeShellArgs cfg.extraArgs}";
CapabilityBoundingSet = [ "" ];
DeviceAllow = [
"char-ttyUSB"
];
DevicePolicy = "closed";
DynamicUser = true;
LockPersonality = true;
MemoryDenyWriteExecute = true;
RestrictAddressFamilies = [
"AF_INET"
"AF_INET6"
"AF_UNIX"
];
RestrictNamespaces = true;
RestrictRealtime = true;
PrivateTmp = true;
PrivateUsers = true;
ProcSubset = "pid";
ProtectClock = true;
ProtectControlGroups= true;
ProtectHome = true;
ProtectHostname = true;
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
ProtectProc = "invisible";
SystemCallArchitectures = "native";
SystemCallFilter = [
"@system-service"
"~@privileged"
];
UMask = "0077";
User = "evcc";
};
};
};
meta.buildDocsInSandbox = false;
}

View file

@ -9,6 +9,7 @@ let
poller = { inherit (cfg.log) debug quiet; };
unifi = { inherit (cfg) controllers; };
influxdb.disable = true;
datadog.disable = true; # workaround for https://github.com/unpoller/unpoller/issues/442
prometheus = {
http_listen = "${cfg.listenAddress}:${toString cfg.port}";
report_errors = cfg.log.prometheusErrors;
@ -30,7 +31,7 @@ in {
};
serviceOpts.serviceConfig = {
ExecStart = "${pkgs.unifi-poller}/bin/unifi-poller --config ${configFile}";
ExecStart = "${pkgs.unifi-poller}/bin/unpoller --config ${configFile}";
DynamicUser = false;
};
}

View file

@ -100,6 +100,14 @@ in
readOnly = true;
type = lib.types.path;
};
tls_chain = lib.mkOption {
description = lib.mdDoc "TLS chain in pem format.";
type = lib.types.path;
};
tls_key = lib.mkOption {
description = lib.mdDoc "TLS key in pem format.";
type = lib.types.path;
};
log_level = lib.mkOption {
description = lib.mdDoc "Log level of the server.";
default = "default";

View file

@ -14,7 +14,7 @@ let
serviceDirectories = cfg.packages;
};
inherit (lib) mkOption types;
inherit (lib) mkOption mkIf mkMerge types;
in
@ -33,6 +33,18 @@ in
'';
};
implementation = mkOption {
type = types.enum [ "dbus" "broker" ];
default = "dbus";
description = lib.mdDoc ''
The implementation to use for the message bus defined by the D-Bus specification.
Can be either the classic dbus daemon or dbus-broker, which aims to provide high
performance and reliability, while keeping compatibility to the D-Bus
reference implementation.
'';
};
packages = mkOption {
type = types.listOf types.path;
default = [ ];
@ -66,13 +78,15 @@ in
};
};
config = lib.mkIf cfg.enable {
environment.systemPackages = [
pkgs.dbus
];
config = mkIf cfg.enable (mkMerge [
{
environment.etc."dbus-1".source = configDir;
environment.pathsToLink = [
"/etc/dbus-1"
"/share/dbus-1"
];
users.users.messagebus = {
uid = config.ids.uids.messagebus;
description = "D-Bus system message bus daemon user";
@ -82,10 +96,26 @@ in
users.groups.messagebus.gid = config.ids.gids.messagebus;
# You still need the dbus reference implementation installed to use dbus-broker
systemd.packages = [
pkgs.dbus
];
services.dbus.packages = [
pkgs.dbus
config.system.path
];
systemd.user.sockets.dbus.wantedBy = [
"sockets.target"
];
}
(mkIf (cfg.implementation == "dbus") {
environment.systemPackages = [
pkgs.dbus
];
security.wrappers.dbus-daemon-launch-helper = {
source = "${pkgs.dbus}/libexec/dbus-daemon-launch-helper";
owner = "root";
@ -95,11 +125,6 @@ in
permissions = "u+rx,g+rx,o-rx";
};
services.dbus.packages = [
pkgs.dbus
config.system.path
];
systemd.services.dbus = {
# Don't restart dbus-daemon. Bad things tend to happen if we do.
reloadIfChanged = true;
@ -119,13 +144,48 @@ in
];
};
systemd.user.sockets.dbus.wantedBy = [
"sockets.target"
})
(mkIf (cfg.implementation == "broker") {
environment.systemPackages = [
pkgs.dbus-broker
];
environment.pathsToLink = [
"/etc/dbus-1"
"/share/dbus-1"
systemd.packages = [
pkgs.dbus-broker
];
# Just to be sure we don't restart through the unit alias
systemd.services.dbus.reloadIfChanged = true;
systemd.user.services.dbus.reloadIfChanged = true;
# NixOS Systemd Module doesn't respect 'Install'
# https://github.com/NixOS/nixpkgs/issues/108643
systemd.services.dbus-broker = {
aliases = [
"dbus.service"
];
# Don't restart dbus. Bad things tend to happen if we do.
reloadIfChanged = true;
restartTriggers = [
configDir
];
environment = {
LD_LIBRARY_PATH = config.system.nssModules.path;
};
};
systemd.user.services.dbus-broker = {
aliases = [
"dbus.service"
];
# Don't restart dbus. Bad things tend to happen if we do.
reloadIfChanged = true;
restartTriggers = [
configDir
];
};
})
]);
}

View file

@ -98,11 +98,11 @@ in {
serviceConfig = {
ExecStart = "${cfg.package}/bin/alps ${escapeShellArgs cfg.args}";
AmbientCapabilities = "";
CapabilityBoundingSet = "";
DynamicUser = true;
## This is desirable but would restrict bindIP to 127.0.0.1
#IPAddressAllow = "localhost";
#IPAddressDeny = "any";
LockPersonality = true;
MemoryDenyWriteExecute = true;
NoNewPrivileges = true;
PrivateDevices = true;
PrivateIPC = true;
@ -122,8 +122,10 @@ in {
RestrictNamespaces = true;
RestrictRealtime = true;
RestrictSUIDSGID = true;
SocketBindAllow = cfg.port;
SocketBindDeny = "any";
SystemCallArchitectures = "native";
SystemCallFilter = [ "@system-service @resources" "~@privileged @obsolete" ];
SystemCallFilter = [ "@system-service" "~@privileged @obsolete" ];
};
};
};

View file

@ -999,8 +999,8 @@ in
```
# snippet of HedgeDoc-related config
services.hedgedoc.configuration.dbURL = "postgres://hedgedoc:\''${DB_PASSWORD}@db-host:5432/hedgedocdb";
services.hedgedoc.configuration.minio.secretKey = "$MINIO_SECRET_KEY";
services.hedgedoc.settings.dbURL = "postgres://hedgedoc:\''${DB_PASSWORD}@db-host:5432/hedgedocdb";
services.hedgedoc.settings.minio.secretKey = "$MINIO_SECRET_KEY";
```
```

View file

@ -6,10 +6,10 @@ let
in
{
# See here for a reference of all the options:
# https://github.com/outline/outline/blob/v0.65.2/.env.sample
# https://github.com/outline/outline/blob/v0.65.2/app.json
# https://github.com/outline/outline/blob/v0.65.2/server/env.ts
# https://github.com/outline/outline/blob/v0.65.2/shared/types.ts
# https://github.com/outline/outline/blob/v0.67.0/.env.sample
# https://github.com/outline/outline/blob/v0.67.0/app.json
# https://github.com/outline/outline/blob/v0.67.0/server/env.ts
# https://github.com/outline/outline/blob/v0.67.0/shared/types.ts
# The order is kept the same here to make updating easier.
options.services.outline = {
enable = lib.mkEnableOption (lib.mdDoc "outline");
@ -123,7 +123,7 @@ in
description = lib.mdDoc ''
To support uploading of images for avatars and document attachments an
s3-compatible storage must be provided. AWS S3 is recommended for
redundency however if you want to keep all file storage local an
redundancy however if you want to keep all file storage local an
alternative such as [minio](https://github.com/minio/minio)
can be used.
@ -435,6 +435,16 @@ in
'';
};
sentryTunnel = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
description = lib.mdDoc ''
Optionally add a
[Sentry proxy tunnel](https://docs.sentry.io/platforms/javascript/troubleshooting/#using-the-tunnel-option)
for bypassing ad blockers in the UI.
'';
};
logo = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
@ -621,6 +631,7 @@ in
DEBUG = cfg.debugOutput;
GOOGLE_ANALYTICS_ID = lib.optionalString (cfg.googleAnalyticsId != null) cfg.googleAnalyticsId;
SENTRY_DSN = lib.optionalString (cfg.sentryDsn != null) cfg.sentryDsn;
SENTRY_TUNNEL = lib.optionalString (cfg.sentryTunnel != null) cfg.sentryTunnel;
TEAM_LOGO = lib.optionalString (cfg.logo != null) cfg.logo;
DEFAULT_LANGUAGE = cfg.defaultLanguage;

View file

@ -199,10 +199,10 @@ in {
};
backend = mkOption {
type = types.enum [ "glx" "xrender" "xr_glx_hybrid" ];
type = types.enum [ "egl" "glx" "xrender" "xr_glx_hybrid" ];
default = "xrender";
description = lib.mdDoc ''
Backend to use: `glx`, `xrender` or `xr_glx_hybrid`.
Backend to use: `egl`, `glx`, `xrender` or `xr_glx_hybrid`.
'';
};

View file

@ -5,6 +5,10 @@ let
cfg = config.services.lvm;
in {
options.services.lvm = {
enable = mkEnableOption (lib.mdDoc "lvm2") // {
default = true;
};
package = mkOption {
type = types.package;
default = pkgs.lvm2;
@ -30,7 +34,7 @@ in {
# minimal configuration file to make lvmconfig/lvm2-activation-generator happy
environment.etc."lvm/lvm.conf".text = "config {}";
})
(mkIf (!config.boot.isContainer) {
(mkIf cfg.enable {
systemd.tmpfiles.packages = [ cfg.package.out ];
environment.systemPackages = [ cfg.package ];
systemd.packages = [ cfg.package ];

View file

@ -10,11 +10,6 @@ with lib;
let
cfg = config.ec2;
metadataFetcher = import ./ec2-metadata-fetcher.nix {
inherit (pkgs) curl;
targetRoot = "$targetRoot/";
wgetExtraOptions = "-q";
};
in
{
@ -31,18 +26,12 @@ in
config = {
assertions = [
{ assertion = cfg.hvm;
message = "Paravirtualized EC2 instances are no longer supported.";
}
{ assertion = cfg.efi -> cfg.hvm;
message = "EC2 instances using EFI must be HVM instances.";
}
{ assertion = versionOlder config.boot.kernelPackages.kernel.version "5.17";
message = "ENA driver fails to build with kernel >= 5.17";
}
];
boot.growPartition = cfg.hvm;
boot.growPartition = true;
fileSystems."/" = mkIf (!cfg.zfs.enable) {
device = "/dev/disk/by-label/nixos";
@ -64,9 +53,9 @@ in
boot.extraModulePackages = [
config.boot.kernelPackages.ena
];
boot.initrd.kernelModules = [ "xen-blkfront" "xen-netfront" ];
boot.initrd.availableKernelModules = [ "ixgbevf" "ena" "nvme" ];
boot.kernelParams = mkIf cfg.hvm [ "console=ttyS0,115200n8" "random.trust_cpu=on" ];
boot.initrd.kernelModules = [ "xen-blkfront" ];
boot.initrd.availableKernelModules = [ "nvme" ];
boot.kernelParams = [ "console=ttyS0,115200n8" "random.trust_cpu=on" ];
# Prevent the nouveau kernel module from being loaded, as it
# interferes with the nvidia/nvidia-uvm modules needed for CUDA.
@ -74,10 +63,7 @@ in
# boot.
boot.blacklistedKernelModules = [ "nouveau" "xen_fbfront" ];
# Generate a GRUB menu. Amazon's pv-grub uses this to boot our kernel/initrd.
boot.loader.grub.version = if cfg.hvm then 2 else 1;
boot.loader.grub.device = if (cfg.hvm && !cfg.efi) then "/dev/xvda" else "nodev";
boot.loader.grub.extraPerEntryConfig = mkIf (!cfg.hvm) "root (hd0)";
boot.loader.grub.device = if cfg.efi then "nodev" else "/dev/xvda";
boot.loader.grub.efiSupport = cfg.efi;
boot.loader.grub.efiInstallAsRemovable = cfg.efi;
boot.loader.timeout = 1;
@ -87,67 +73,14 @@ in
terminal_input console serial
'';
boot.initrd.network.enable = true;
# Mount all formatted ephemeral disks and activate all swap devices.
# We cannot do this with the fileSystems and swapDevices options
# because the set of devices is dependent on the instance type
# (e.g. "m1.small" has one ephemeral filesystem and one swap device,
# while "m1.large" has two ephemeral filesystems and no swap
# devices). Also, put /tmp and /var on /disk0, since it has a lot
# more space than the root device. Similarly, "move" /nix to /disk0
# by layering a unionfs-fuse mount on top of it so we have a lot more space for
# Nix operations.
boot.initrd.postMountCommands =
''
${metadataFetcher}
diskNr=0
diskForUnionfs=
for device in /dev/xvd[abcde]*; do
if [ "$device" = /dev/xvda -o "$device" = /dev/xvda1 ]; then continue; fi
fsType=$(blkid -o value -s TYPE "$device" || true)
if [ "$fsType" = swap ]; then
echo "activating swap device $device..."
swapon "$device" || true
elif [ "$fsType" = ext3 ]; then
mp="/disk$diskNr"
diskNr=$((diskNr + 1))
if mountFS "$device" "$mp" "" ext3; then
if [ -z "$diskForUnionfs" ]; then diskForUnionfs="$mp"; fi
fi
else
echo "skipping unknown device type $device"
fi
done
if [ -n "$diskForUnionfs" ]; then
mkdir -m 755 -p $targetRoot/$diskForUnionfs/root
mkdir -m 1777 -p $targetRoot/$diskForUnionfs/root/tmp $targetRoot/tmp
mount --bind $targetRoot/$diskForUnionfs/root/tmp $targetRoot/tmp
if [ "$(cat "$metaDir/ami-manifest-path")" != "(unknown)" ]; then
mkdir -m 755 -p $targetRoot/$diskForUnionfs/root/var $targetRoot/var
mount --bind $targetRoot/$diskForUnionfs/root/var $targetRoot/var
mkdir -p /unionfs-chroot/ro-nix
mount --rbind $targetRoot/nix /unionfs-chroot/ro-nix
mkdir -m 755 -p $targetRoot/$diskForUnionfs/root/nix
mkdir -p /unionfs-chroot/rw-nix
mount --rbind $targetRoot/$diskForUnionfs/root/nix /unionfs-chroot/rw-nix
unionfs -o allow_other,cow,nonempty,chroot=/unionfs-chroot,max_files=32768 /rw-nix=RW:/ro-nix=RO $targetRoot/nix
fi
fi
'';
boot.initrd.extraUtilsCommands =
''
# We need swapon in the initrd.
copy_bin_and_libs ${pkgs.util-linux}/sbin/swapon
'';
systemd.services.fetch-ec2-metadata = {
wantedBy = [ "multi-user.target" ];
after = ["network-online.target"];
path = [ pkgs.curl ];
script = builtins.readFile ./ec2-metadata-fetcher.sh;
serviceConfig.Type = "oneshot";
serviceConfig.StandardOutput = "journal+console";
};
# Allow root logins only using the SSH key that the user specified
# at instance creation time.
@ -166,8 +99,6 @@ in
# Always include cryptsetup so that Charon can use it.
environment.systemPackages = [ pkgs.cryptsetup ];
boot.initrd.supportedFilesystems = [ "unionfs-fuse" ];
# EC2 has its own NTP server provided by the hypervisor
networking.timeServers = [ "169.254.169.123" ];

View file

@ -2,6 +2,9 @@
let
inherit (lib) literalExpression types;
in {
imports = [
(lib.mkRemovedOptionModule [ "ec2" "hvm" ] "Only HVM instances are supported, so specifying it is no longer necessary.")
];
options = {
ec2 = {
zfs = {
@ -41,13 +44,6 @@ in {
});
};
};
hvm = lib.mkOption {
default = lib.versionAtLeast config.system.stateVersion "17.03";
internal = true;
description = lib.mdDoc ''
Whether the EC2 instance is a HVM instance.
'';
};
efi = lib.mkOption {
default = pkgs.stdenv.hostPlatform.isAarch64;
defaultText = literalExpression "pkgs.stdenv.hostPlatform.isAarch64";

View file

@ -24,6 +24,9 @@ with lib;
# containers do not need to setup devices
services.udev.enable = false;
# containers normally do not need to manage logical volumes
services.lvm.enable = lib.mkDefault false;
# Shut up warnings about not having a boot loader.
system.build.installBootLoader = lib.mkDefault "${pkgs.coreutils}/bin/true";

View file

@ -18,6 +18,7 @@ with lib;
wantedBy = [ "multi-user.target" "sshd.service" ];
before = [ "sshd.service" ];
after = ["fetch-ec2-metadata.service"];
path = [ pkgs.iproute2 ];

View file

@ -1,77 +0,0 @@
{ curl, targetRoot, wgetExtraOptions }:
# Note: be very cautious about dependencies, each dependency grows
# the closure of the initrd. Ideally we would not even require curl,
# but there is no reasonable way to send an HTTP PUT request without
# it. Note: do not be fooled: the wget referenced in this script
# is busybox's wget, not the fully featured one with --method support.
#
# Make sure that every package you depend on here is already listed as
# a channel blocker for both the full-sized and small channels.
# Otherwise, we risk breaking user deploys in released channels.
#
# Also note: OpenStack's metadata service for its instances aims to be
# compatible with the EC2 IMDS. Where possible, try to keep the set of
# fetched metadata in sync with ./openstack-metadata-fetcher.nix .
''
metaDir=${targetRoot}etc/ec2-metadata
mkdir -m 0755 -p "$metaDir"
rm -f "$metaDir/*"
get_imds_token() {
# retry-delay of 1 selected to give the system a second to get going,
# but not add a lot to the bootup time
${curl}/bin/curl \
-v \
--retry 3 \
--retry-delay 1 \
--fail \
-X PUT \
--connect-timeout 1 \
-H "X-aws-ec2-metadata-token-ttl-seconds: 600" \
http://169.254.169.254/latest/api/token
}
preflight_imds_token() {
# retry-delay of 1 selected to give the system a second to get going,
# but not add a lot to the bootup time
${curl}/bin/curl \
-v \
--retry 3 \
--retry-delay 1 \
--fail \
--connect-timeout 1 \
-H "X-aws-ec2-metadata-token: $IMDS_TOKEN" \
http://169.254.169.254/1.0/meta-data/instance-id
}
try=1
while [ $try -le 3 ]; do
echo "(attempt $try/3) getting an EC2 instance metadata service v2 token..."
IMDS_TOKEN=$(get_imds_token) && break
try=$((try + 1))
sleep 1
done
if [ "x$IMDS_TOKEN" == "x" ]; then
echo "failed to fetch an IMDS2v token."
fi
try=1
while [ $try -le 10 ]; do
echo "(attempt $try/10) validating the EC2 instance metadata service v2 token..."
preflight_imds_token && break
try=$((try + 1))
sleep 1
done
echo "getting EC2 instance metadata..."
wget_imds() {
wget ${wgetExtraOptions} --header "X-aws-ec2-metadata-token: $IMDS_TOKEN" "$@";
}
wget_imds -O "$metaDir/ami-manifest-path" http://169.254.169.254/1.0/meta-data/ami-manifest-path
(umask 077 && wget_imds -O "$metaDir/user-data" http://169.254.169.254/1.0/user-data)
wget_imds -O "$metaDir/hostname" http://169.254.169.254/1.0/meta-data/hostname
wget_imds -O "$metaDir/public-keys-0-openssh-key" http://169.254.169.254/1.0/meta-data/public-keys/0/openssh-key
''

View file

@ -0,0 +1,67 @@
metaDir=/etc/ec2-metadata
mkdir -m 0755 -p "$metaDir"
rm -f "$metaDir/*"
get_imds_token() {
# retry-delay of 1 selected to give the system a second to get going,
# but not add a lot to the bootup time
curl \
--silent \
--show-error \
--retry 3 \
--retry-delay 1 \
--fail \
-X PUT \
--connect-timeout 1 \
-H "X-aws-ec2-metadata-token-ttl-seconds: 600" \
http://169.254.169.254/latest/api/token
}
preflight_imds_token() {
# retry-delay of 1 selected to give the system a second to get going,
# but not add a lot to the bootup time
curl \
--silent \
--show-error \
--retry 3 \
--retry-delay 1 \
--fail \
--connect-timeout 1 \
-H "X-aws-ec2-metadata-token: $IMDS_TOKEN" \
-o /dev/null \
http://169.254.169.254/1.0/meta-data/instance-id
}
try=1
while [ $try -le 3 ]; do
echo "(attempt $try/3) getting an EC2 instance metadata service v2 token..."
IMDS_TOKEN=$(get_imds_token) && break
try=$((try + 1))
sleep 1
done
if [ "x$IMDS_TOKEN" == "x" ]; then
echo "failed to fetch an IMDS2v token."
fi
try=1
while [ $try -le 10 ]; do
echo "(attempt $try/10) validating the EC2 instance metadata service v2 token..."
preflight_imds_token && break
try=$((try + 1))
sleep 1
done
echo "getting EC2 instance metadata..."
get_imds() {
# Intentionally no --fail here, so that we proceed even if e.g. a
# 404 was returned (but we still fail if we can't reach the IMDS
# server).
curl --silent --show-error --header "X-aws-ec2-metadata-token: $IMDS_TOKEN" "$@"
}
get_imds -o "$metaDir/ami-manifest-path" http://169.254.169.254/1.0/meta-data/ami-manifest-path
(umask 077 && get_imds -o "$metaDir/user-data" http://169.254.169.254/1.0/user-data)
get_imds -o "$metaDir/hostname" http://169.254.169.254/1.0/meta-data/hostname
get_imds -o "$metaDir/public-keys-0-openssh-key" http://169.254.169.254/1.0/meta-data/public-keys/0/openssh-key

View file

@ -53,6 +53,13 @@ with lib;
Guest memory in MB
'';
};
bios = mkOption {
type = types.enum [ "seabios" "ovmf" ];
default = "seabios";
description = ''
Select BIOS implementation (seabios = Legacy BIOS, ovmf = UEFI).
'';
};
# optional configs
name = mkOption {
@ -99,6 +106,17 @@ with lib;
Additional options appended to qemu-server.conf
'';
};
partitionTableType = mkOption {
type = types.enum [ "efi" "hybrid" "legacy" "legacy+gpt" ];
description = ''
Partition table type to use. See make-disk-image.nix partitionTableType for details.
Defaults to 'legacy' for 'proxmox.qemuConf.bios="seabios"' (default), other bios values defaults to 'efi'.
Use 'hybrid' to build grub-based hybrid bios+efi images.
'';
default = if config.proxmox.qemuConf.bios == "seabios" then "legacy" else "efi";
defaultText = lib.literalExpression ''if config.proxmox.qemuConf.bios == "seabios" then "legacy" else "efi"'';
example = "hybrid";
};
filenameSuffix = mkOption {
type = types.str;
default = config.proxmox.qemuConf.name;
@ -122,9 +140,33 @@ with lib;
${lib.concatStrings (lib.mapAttrsToList cfgLine properties)}
#qmdump#map:virtio0:drive-virtio0:local-lvm:raw:
'';
inherit (cfg) partitionTableType;
supportEfi = partitionTableType == "efi" || partitionTableType == "hybrid";
supportBios = partitionTableType == "legacy" || partitionTableType == "hybrid" || partitionTableType == "legacy+gpt";
hasBootPartition = partitionTableType == "efi" || partitionTableType == "hybrid";
hasNoFsPartition = partitionTableType == "hybrid" || partitionTableType == "legacy+gpt";
in {
assertions = [
{
assertion = config.boot.loader.systemd-boot.enable -> config.proxmox.qemuConf.bios == "ovmf";
message = "systemd-boot requires 'ovmf' bios";
}
{
assertion = partitionTableType == "efi" -> config.proxmox.qemuConf.bios == "ovmf";
message = "'efi' disk partitioning requires 'ovmf' bios";
}
{
assertion = partitionTableType == "legacy" -> config.proxmox.qemuConf.bios == "seabios";
message = "'legacy' disk partitioning requires 'seabios' bios";
}
{
assertion = partitionTableType == "legacy+gpt" -> config.proxmox.qemuConf.bios == "seabios";
message = "'legacy+gpt' disk partitioning requires 'seabios' bios";
}
];
system.build.VMA = import ../../lib/make-disk-image.nix {
name = "proxmox-${cfg.filenameSuffix}";
inherit partitionTableType;
postVM = let
# Build qemu with PVE's patch that adds support for the VMA format
vma = (pkgs.qemu_kvm.override {
@ -181,7 +223,18 @@ with lib;
boot = {
growPartition = true;
kernelParams = [ "console=ttyS0" ];
loader.grub.device = lib.mkDefault "/dev/vda";
loader.grub = {
device = lib.mkDefault (if (hasNoFsPartition || supportBios) then
# Even if there is a separate no-fs partition ("/dev/disk/by-partlabel/no-fs" i.e. "/dev/vda2"),
# which will be used the bootloader, do not set it as loader.grub.device.
# GRUB installation fails, unless the whole disk is selected.
"/dev/vda"
else
"nodev");
efiSupport = lib.mkDefault supportEfi;
efiInstallAsRemovable = lib.mkDefault supportEfi;
};
loader.timeout = 0;
initrd.availableKernelModules = [ "uas" "virtio_blk" "virtio_pci" ];
};
@ -191,6 +244,10 @@ with lib;
autoResize = true;
fsType = "ext4";
};
fileSystems."/boot" = lib.mkIf hasBootPartition {
device = "/dev/disk/by-label/ESP";
fsType = "vfat";
};
services.qemuGuest.enable = lib.mkDefault true;
};

View file

@ -198,6 +198,7 @@ in {
etebase-server = handleTest ./etebase-server.nix {};
etesync-dav = handleTest ./etesync-dav.nix {};
extra-python-packages = handleTest ./extra-python-packages.nix {};
evcc = handleTest ./evcc.nix {};
fancontrol = handleTest ./fancontrol.nix {};
fcitx = handleTest ./fcitx {};
fenics = handleTest ./fenics.nix {};
@ -479,7 +480,7 @@ in {
pam-u2f = handleTest ./pam/pam-u2f.nix {};
pam-ussh = handleTest ./pam/pam-ussh.nix {};
pass-secret-service = handleTest ./pass-secret-service.nix {};
patroni = handleTest ./patroni.nix {};
patroni = handleTestOn ["x86_64-linux"] ./patroni.nix {};
pantalaimon = handleTest ./matrix/pantalaimon.nix {};
pantheon = handleTest ./pantheon.nix {};
paperless = handleTest ./paperless.nix {};
@ -688,6 +689,7 @@ in {
virtualbox = handleTestOn ["x86_64-linux"] ./virtualbox.nix {};
vscodium = discoverTests (import ./vscodium.nix);
vsftpd = handleTest ./vsftpd.nix {};
warzone2100 = handleTest ./warzone2100.nix {};
wasabibackend = handleTest ./wasabibackend.nix {};
wiki-js = handleTest ./wiki-js.nix {};
wine = handleTest ./wine.nix {};

View file

@ -90,7 +90,7 @@ import ./make-test-python.nix ({ pkgs, ... }: {
};
};
testScript = ''
testScript = { nodes, ... }: ''
server.start()
server.wait_for_unit("postfix.service")
server.wait_for_unit("dovecot2.service")
@ -99,6 +99,7 @@ import ./make-test-python.nix ({ pkgs, ... }: {
client.start()
client.wait_for_unit("alps.service")
client.wait_for_open_port(${toString nodes.client.config.services.alps.port})
client.succeed("test-alps-login")
'';
})

View file

@ -1,19 +1,19 @@
-----BEGIN CERTIFICATE-----
MIIDLDCCAhSgAwIBAgIIHvJkPAdMFGAwDQYJKoZIhvcNAQELBQAwIDEeMBwGA1UE
AxMVbWluaWNhIHJvb3QgY2EgNDYwMjMxMB4XDTIyMTEyMDE1MzcwNFoXDTI0MTIy
MDE1MzcwNFowFDESMBAGA1UEAxMJYWNtZS50ZXN0MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAs/Xad8Jn0YMI8nTjbVakGsFplxSKkgWs9Jv8tETC1FBV
KNo3yF6IElBhzKw3eF6piZqDwNFXobuMCZ3Ckaj+EOdSA0DhjwUSBmEok/0siIu4
WbAS2iKwZGuJlJRYOmfXRPt2nNSPhuNHtZJoTWufN5K1XS+4v1dsVUWdWvkUuaC5
/uoujcYd4D6XDhJCubDCE+WSYk0KBLtMQ8irbNu4FGoCn5T7kDq46XwVjulWxc5q
dZ/Z/zgKQkoLaHgWKLjvuu7/CZw6RXyBlwVJh36pljixRnpnLfMMykO9Sq7Z3cR2
aVcMRjjeH0uScfFHIb3hvqyZLd+NHw3SqE8la/Nq1wIDAQABo3YwdDAOBgNVHQ8B
MIIDLDCCAhSgAwIBAgIIajCXIUnozqQwDQYJKoZIhvcNAQELBQAwIDEeMBwGA1UE
AxMVbWluaWNhIHJvb3QgY2EgMjMwYjU4MB4XDTIyMTEyMTE3MTcxMFoXDTQyMTEy
MTE3MTcxMFowFDESMBAGA1UEAxMJYWNtZS50ZXN0MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEA5INxJwKDVYNfTnkXwvKM/SufBNjvxWZxlkaMFbkAN5wJ
6HwuesRZE9IgfRO9N+rSq1U2lDBm9gFPERqsQJVZHHJ5kkaNUr89h25+wgX5emGy
UV2KEpCFssDD4aSBF+b0sryguCa1ZRj9b+pdfRxiYaORjSh5UzlXZoRm9iwHdzHT
oKLlmqozqzEt0o9qpZL8gv+rv8C5BGOY6hfXAHYmkWRt87FN5BkSjgEWiY++DOAU
X0TdobdSTrs/xJP+IbadRchqTH2kiG0g2BoCSXUsl7Mdh4IOUeQGDz/F5tH8PAtz
p3dyjdQEFex2J5tlScLfVHoCBKV3gpCg+Keuum2j8QIDAQABo3YwdDAOBgNVHQ8B
Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMAwGA1UdEwEB
/wQCMAAwHwYDVR0jBBgwFoAUW4rxHHeasqLl7KMK+F3uVN0JGwYwFAYDVR0RBA0w
C4IJYWNtZS50ZXN0MA0GCSqGSIb3DQEBCwUAA4IBAQBDT8HY62N6YbG7Fp3gPD2L
Y0ZFHAAYM5l+Qn55aYkaTxpaRFPAeh0POmTIgSXfFSQYR00w3x2ni0K1ecBI814y
Mkgoki+jP6JhgV1fPTa5Wqm2x/Ufcr6LbTIDVqO5zFxTdkqZHfC7sMahDNULVrN2
RVkTLppDfmQ+oFcwNvZSgK9SDJNMlsNllOyGGUuMSd1KjWU4/Wr0AmaS+V3Cjf14
MsvgVhN66ECom1yyy3q9HZgAoZy6lnHOWHD4BVXOmbS2Y1lSVv/atmiGH7F9nvNN
Ggh/+RmkXGczV80wT2TnivEamJGHA4kwThL40SRKfaTTX7miImI25E6+390hBXyw
/wQCMAAwHwYDVR0jBBgwFoAUvTCE3Lj/P6OWkmOGtsjcTcIDzkAwFAYDVR0RBA0w
C4IJYWNtZS50ZXN0MA0GCSqGSIb3DQEBCwUAA4IBAQAvZM4Ik1NOXQfbPRgbolyL
b3afsSHbhHl9B2f0HGi5EAPdwyeWZsK3BF+SKFGAW5BlXr2SSlW/MQOMiUKTadnS
8xTOFc1Ws8JWWc82zQqWcOWEXhU+AI8p70sTVFeXPWwLFy3nBRwDH4ZPU8UFHeje
YXqbfxrsdEFXrbCfWSzPQP24xqVt7n9Am/5XFGtDkRsYlVgLwq/F6lN9hO0/gYIx
8NsZ8Xy+QvBlGL+z9Zo7EylB8bP9OBtOtEv9fZcnxgughieiTDs36GwdQRE2aI+d
cG3lQX8NGxgcpDoH8+rNx7Uw7odg0gVbI3agyyvax6DPht+/bzXmHm8ogklGTOoG
-----END CERTIFICATE-----

View file

@ -1,27 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAs/Xad8Jn0YMI8nTjbVakGsFplxSKkgWs9Jv8tETC1FBVKNo3
yF6IElBhzKw3eF6piZqDwNFXobuMCZ3Ckaj+EOdSA0DhjwUSBmEok/0siIu4WbAS
2iKwZGuJlJRYOmfXRPt2nNSPhuNHtZJoTWufN5K1XS+4v1dsVUWdWvkUuaC5/uou
jcYd4D6XDhJCubDCE+WSYk0KBLtMQ8irbNu4FGoCn5T7kDq46XwVjulWxc5qdZ/Z
/zgKQkoLaHgWKLjvuu7/CZw6RXyBlwVJh36pljixRnpnLfMMykO9Sq7Z3cR2aVcM
RjjeH0uScfFHIb3hvqyZLd+NHw3SqE8la/Nq1wIDAQABAoIBAG2s50FXjLgmONyz
Giv3wrm/qF94GF+X7+l/64nd4jNM5imonJiT7C/lJ0V6q6/DWWXQcn2f191slJMD
v6HQMU8R+2yaLR1hxLN4oSdYA70QEgEvCr5Ap+n7k/SmWAL4aDzVWFuKPBLED178
ZG7SqU1QLxIk1F5gpFhvvc/Ev7nE0KAzTJ3jGyWHZjJ1TKAWHx6oeKOw4OejRcGO
+rDBfQrV59fiCy8CFraGPDGie5Eb7ioXyt4cf4/odtLol7bSIwH4BLwfvKJbRobi
gSjvL5JJLjhjWzeoj+JC4o0sWQegytWpNCHSFETfHQ8rlcagTN8JaTcBg6+wrR2O
OPeoFqkCgYEA7o9jSk7i23SiKo3C+T9KFIL2OS7akwUqIQZehZJ6LXljYEDP1lcz
wjvWuLGVzlST3fmumHIMZLjjBU1cMYAPZrbUrEeayATD4jBxyiXbHqhB3DQ0W4CX
obUhcdsLGsKp0zXls8FeiQs6GOeEwSDU+1nAL9/hLK7w6cJ2zyj8HBUCgYEAwR3H
/ltIjD8tXNF05ayOguzrbivx2vaXusskZgn9QqntoGqqsXLOgsqcUH0dtiTyVOn+
Nba7w+o5NfaAfE9uR+oeZSo1IJU8oEi/EZqXTcYf5p3oAjXXZ9wXX8kl91EjCzKl
0kDpSpsMhUzdB2i5I9Oh1fLaW4iMwyuY1CgnqjsCgYBHIJFmEmcpL3k6XtIHJoub
2gA3xHR+6UdKWW/NO4MaE9tBU5GkQpO4EcdPggM8ZZNA17Tq1vZDAa0OY6ZdS+VL
pq96Pk8z29fblL4Ym3jdhyU71oTV011iZXL3U2vYKrofsy4tjjX1fldwHXdDbdqS
povaulGU1QQXblemJH4mkQKBgC3IUq6Rk4x0OdvkaFM+6nZNlq8Cyg7AIU6OdG2g
dqNER+qc/yScdCr7v70xPEb/UVgiNTskvDUBJVkOvH08E4gHD/ep3vh/iOTy+iFB
RheRHeT9kJBdlVixC/WQaWjNmoJAGqHS87vVME214Dyubh35QUfIkE3c/IoUnuHF
N0obAoGBANJpPBF36H1nb+TcVerOBXI8oqeIyoq7f4W/wbIirnZq/XfBaaOL5R6v
6+p4LEcQ1Mf33Yfr5M4aR0q7fgNDg/g4LcMg6fI3+UwPC6lJY+K8zzF4fmGDhheC
D+LsZG0Funl9kT0yxPBQhCJmmkJNIHiSNuRLt9Infne2408+YV+T
MIIEpQIBAAKCAQEA5INxJwKDVYNfTnkXwvKM/SufBNjvxWZxlkaMFbkAN5wJ6Hwu
esRZE9IgfRO9N+rSq1U2lDBm9gFPERqsQJVZHHJ5kkaNUr89h25+wgX5emGyUV2K
EpCFssDD4aSBF+b0sryguCa1ZRj9b+pdfRxiYaORjSh5UzlXZoRm9iwHdzHToKLl
mqozqzEt0o9qpZL8gv+rv8C5BGOY6hfXAHYmkWRt87FN5BkSjgEWiY++DOAUX0Td
obdSTrs/xJP+IbadRchqTH2kiG0g2BoCSXUsl7Mdh4IOUeQGDz/F5tH8PAtzp3dy
jdQEFex2J5tlScLfVHoCBKV3gpCg+Keuum2j8QIDAQABAoIBAHfnUHQ7qVYxfMzc
VU+BneEqBmKwwf8+ZdOIaPDtBeQoCDrpDip05Ji15T48IUk5+hjUubLAQwZKYYaE
DGZG918p4giS5IzKtCpgHDsKj4FbyglPn6dmFgFZjG7VtrcoBLXUrDB0fzHxDuqu
eyeuwSCihzkeR6sXp3iveKcrKy+rA31aqWvJZb24qyAu1y8KIcf2ZMUiYcJF2kpL
XZz4uyx4x/B9NE+PmLqo7x/9iS+p5aT2kWVCVUGmhII0ChFnWSnjxqecBMhWFY1O
3U0lKhloj6UKBya91hGospEJdaLHpHCWUgYPvA5mG+48kqYkPkecmTf8Xha3TxPf
g1qv3sECgYEA+hMO1qTlnqhBajCMcAGIlpRHwr97hQMdSylHBXob1xCnuTEJKHOo
7UmQw9hJgD4JgYxcivg/OFErXdefbSae9NqSNdOshxmrxz6DFTN3Ms3WR1I1be3c
B2mpGllMPbxJ3CKFet2CQSvOM9jfbK68R7Jlhiap0bESvWrT9ztUCWUCgYEA6e2Y
iMNNo1dWushSMVvCkWR9CLAsnWnjFG4FYIPz/iuxJjRXDiWyR6x4WYjUx3ZBhpf5
wVFUK7VaPJBfOn7KCan59dqOvL3LSB/5SupwRMecCEhYPQvSaxn4MNrx0Vi83O4C
togyD9/UJ4ji+TXwMj2eMzwRspmO/26hXkQGzZ0CgYEA0qlLTrYKWOUUdgf/xjsE
fRTcfsofm6VMAAz9rzd2TG3TXMZaGKGWJI5cTR7ejBG2oFNFgiwt1ZtLFPqXarOm
JE4b7QwrwoN1mZqngiygtUOAxwQRzlEZkYUI1xFykG8VKURLfX0sRQpJ4pNHY56v
LRazP5dCZ0rrpnVfql1oJaECgYEAxtvT728XcOOuNtpUBOGcZTynjds2EhsRjyx4
JbQGlutNjMyxtLUW+RcEuBg5ydYdne1Tw6L/iqiALTwNuAxQdCaq9vT0oj41sPp9
UdI53j5Rxji5yitilOlesylsqCpnYuhyJflhlV0RXQpg6LmRlyQKeEN4R/uCNGI3
i4sIvYECgYEA4DC2qObfB0UkN81uGluwwM5rR04qvIc5xX3QIvHuIJOs/uP54daD
OiEDTxTpiqDNsFL0Pyl07aL7jubHNqU/eQpQIEZRlDy4Mr31QSbQ9R2/NNBwHu22
BnnNKzZ97T0NVgxJXOqcOlRGjwb/5OUDpaIClJY+GqilEdOeu7Pl3aA=
-----END RSA PRIVATE KEY-----

View file

@ -1,20 +1,20 @@
-----BEGIN CERTIFICATE-----
MIIDSzCCAjOgAwIBAgIIRgIx/Q6DdK0wDQYJKoZIhvcNAQELBQAwIDEeMBwGA1UE
AxMVbWluaWNhIHJvb3QgY2EgNDYwMjMxMCAXDTIyMTEyMDE1MzcwNFoYDzIxMjIx
MTIwMTUzNzA0WjAgMR4wHAYDVQQDExVtaW5pY2Egcm9vdCBjYSA0NjAyMzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYxM/efiS7rNNzdu+AK+J57+om
QYsoteVpmwcU6Ul8Zr6pcsBSLetV2PCWGVKKfXdK1Ep+JdBoiuG8EY/wffYJy+So
WRRWX+bGIFly74urX2iOH/yimF8XMaHj4CzjMD1wM2rFLswL3VK2DM+wrCMO2zE2
BAiUAJ++ws99Dl74DQ9lGne8hMjFgzakINCNd948/t2+LMVxqCgQ7fI+iHA1X7QF
1AT5c86wd/GxLzfl343DxLSeMRFbGUVSH6NBBnIQdFDq1GjNGPbn8ZlDXw5WWeR5
ufnxcRRNpp3GnHG3/VOebFAr++5/0ze+QvF6XPXk9RZWvhh0dD14/8W/PMK1AgMB
MIIDSzCCAjOgAwIBAgIIIwtYp+WlBbswDQYJKoZIhvcNAQELBQAwIDEeMBwGA1UE
AxMVbWluaWNhIHJvb3QgY2EgMjMwYjU4MCAXDTIyMTEyMTE3MTcxMFoYDzIxMjIx
MTIxMTcxNzEwWjAgMR4wHAYDVQQDExVtaW5pY2Egcm9vdCBjYSAyMzBiNTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvqAoAyV8igrmBnU6T1nQDfkkQ
HjQp+ANCthNCi4kGPOoTxrYrUMWa6d/aSIv5hKO2A+r2GdTeM1RvSo6GUr3GmsJc
WUMbIsJ0SJSLQEyvmFPpzfV3NdfIt6vZRiqJbLt7yuDiZil33GdQEKYywJxIsCb2
CSd55V1cZSiLItWEIURAhHhSxHabMRmIF/xZWxKFEDeagzXOxUBPAvIwzzqQroBv
3vZhfgcAjCyS0crJ/E2Wa6GLKfFvaXGEj/KlXftwpbvFtnNBtmtJcNy9a8LJoOcA
E+ZjD21hidnCc+Yag7LaR3ZtAVkpeRJ9rRNBkVP4rv2mq2skIkgDfY/F8smPAgMB
AAGjgYYwgYMwDgYDVR0PAQH/BAQDAgKEMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
BgEFBQcDAjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBRbivEcd5qyouXs
owr4Xe5U3QkbBjAfBgNVHSMEGDAWgBRbivEcd5qyouXsowr4Xe5U3QkbBjANBgkq
hkiG9w0BAQsFAAOCAQEAdSudxwrpXf/nxXJ8THob63UEvvof0o7uENbNPjqt7VZZ
lQeKnZOrzjYbTcsbyDpm/zsniT9620ntVcL4/IG2eeuSPA9btHNiFM6R3Nby8Op4
emqNzrS0DFqV/CAOAue+C44Vb9IS+ibFxEpI3GTH0FVWpEglLuesXKV+boy1aCNq
BYvk6lVplmnTtyfEUAQxyjJhTHu0+ZDwmw1+/NY9Wn2aeile+/G8ao+MBXARELmq
aoGKfFfrMGRT/KDSyODBEdJ1XkLr0TYjNvyctsaYBp9FhVQiuNMOyCku7EB8y+tZ
odYtLw6ecNnrjgQAnxSDg1ChrQ0wNSdPyjvycNgvjQ==
BgEFBQcDAjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBS9MITcuP8/o5aS
Y4a2yNxNwgPOQDAfBgNVHSMEGDAWgBS9MITcuP8/o5aSY4a2yNxNwgPOQDANBgkq
hkiG9w0BAQsFAAOCAQEADCcgaxrI/pqjkYb0c3QHwfKCNz4khSWs/9tBpBfdxdUX
uvG7rZzVW7pkzML+m4tSo2wm9sHRAgG+dIpzbSoRTouMntWlvYEnrr1SCw4NyBo1
cwmNUz4JL+E3dnpI4FSOpyFyO87qL9ep0dxQEADWSppyCA762wfFpY+FvT6b/he8
eDEc/Umjfm+X0tqNWx3aVoeyIJT46AeElry2IRLAk7z/vEPGFFzgd2Jh6Qsdeagk
YkU0tFl9q9BotPYGlCMtVjmzbJtxh4uM9YCgiz1THzFjrUvfaTM8VjuBxbpoCZkS
85mNhFZvNq8/cgYc0kYZOg8+jRdy87xmTRp64LBd6w==
-----END CERTIFICATE-----

View file

@ -1,27 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAmMTP3n4ku6zTc3bvgCviee/qJkGLKLXlaZsHFOlJfGa+qXLA
Ui3rVdjwlhlSin13StRKfiXQaIrhvBGP8H32CcvkqFkUVl/mxiBZcu+Lq19ojh/8
ophfFzGh4+As4zA9cDNqxS7MC91StgzPsKwjDtsxNgQIlACfvsLPfQ5e+A0PZRp3
vITIxYM2pCDQjXfePP7dvizFcagoEO3yPohwNV+0BdQE+XPOsHfxsS835d+Nw8S0
njERWxlFUh+jQQZyEHRQ6tRozRj25/GZQ18OVlnkebn58XEUTaadxpxxt/1TnmxQ
K/vuf9M3vkLxelz15PUWVr4YdHQ9eP/FvzzCtQIDAQABAoIBAAMvJv4GNxHKWmXv
trI/N+s+uuytNQ9WKz/2QUGIU0XKhnLVt3h/CIazjOA0CupkDxZ6MktK0ns7WdUn
sI5cscImg8+We7wJJ7A9gF/K6mhaBr3foM5qyqCbIjqzs3vQx5cNG06c2RfuNwkg
XzvZeqmWnAH6N4uOL8Y0HUsH/6a/5rHEBTgUOnOidR8T1vdIN5vnpknef/H575ab
jTdDyb15Vns7nC4Q8lortkLsQzOt//LWpVuLZXGDm1Xi47ahNXM8Fo/MFK+xcBDF
onMFuclxImN3FqkyMH6PgJS392bZ1LLcmS4bqZ0oIwfUZ/kIEwAI2cTwEYfYmN7C
ekgvpsECgYEAxoJUcZW4iWvT8kznWKKT+YJAfTYmgwOxB1Dn3RxFA8cXocQQvwvM
mSl1AKOjWHFl/eW9s4zwy/fOnsN1m1tCTuWSNn5sudZSJfbd5CCiYaYTI66McCCm
5FGzqLM44Wm5y2qLa7l3in8Tza/645RpLXZyRfMInoW5In0XKbokLbkCgYEAxQM/
p63V5KuZYsm9BWNcCvAbS6G9NHjbeRrkAd171SSdibdwLIBeyn7A5JCiVqhZZbsO
1q1okO4m4j+JHzntWi63yXwG49sEVNaFbExPE4tfJeHD0Po8MJffoLNVTE+INT0B
fl1elhMpE9qpizFIHF7L8KnUf5Igi+yp0d6Amt0CgYACAhmGmKQoR736KosAm4xx
rr6mRaD4HFZzI39k/j84fZAgo9IjjKQCPKghXIZvg54rhmJ36YoaFiSx+Ho9Gxw9
nhbvlDHXY3KrTacLAsWBxWNWLhLfo4TstGLj5wRBS4eEpkxIx7SM4yI5J3mbScoS
mqsnSAEjUWkBD1DnrClniQKBgQCdfC9SNp+Yn6OJWIKE4Bwfkjf/iVbZrxKiCGDj
LM1kYFSeVciRijw72n8PNp7ObtyneZQu/4dq8zSZ/vf5wjB9uoKnyUEou1cHCkS1
gXpkwTBZ89K4JpAeuAjHSROSYLEc/ZtIDBMkHETl3hFRdx+RriWQR/HZ2FG0CIbn
gNmE8QKBgDlFu+TcspI2R9mKbHrbPTXOAlmi2g7RZ3jF1m4S/aZqSL/bqPRBb0OU
dY7MX4GHhJYR7RnMMROZQI0H4ZwWSMfokBDa96MDY107atK8TqZmYKaZQsEB8B4r
fMmKnQljYj91d/reowLJrQRf5SjBvtDIEIsiC8UgjQImAsZ8huEX
MIIEowIBAAKCAQEAr6gKAMlfIoK5gZ1Ok9Z0A35JEB40KfgDQrYTQouJBjzqE8a2
K1DFmunf2kiL+YSjtgPq9hnU3jNUb0qOhlK9xprCXFlDGyLCdEiUi0BMr5hT6c31
dzXXyLer2UYqiWy7e8rg4mYpd9xnUBCmMsCcSLAm9gkneeVdXGUoiyLVhCFEQIR4
UsR2mzEZiBf8WVsShRA3moM1zsVATwLyMM86kK6Ab972YX4HAIwsktHKyfxNlmuh
iynxb2lxhI/ypV37cKW7xbZzQbZrSXDcvWvCyaDnABPmYw9tYYnZwnPmGoOy2kd2
bQFZKXkSfa0TQZFT+K79pqtrJCJIA32PxfLJjwIDAQABAoIBAErEFJXnIIY47Cq+
QS7t7e16uDCTGpLujLy9cQ83AzjTfrKyNuHS/HkGqRBpJqMrEN+tZTohHpkBciP4
sRd9amd5gdb663RGZExIhGmNEdb/2F/BGYUHNvSpMQ1HL13VGSwE25mh8G6jMppC
q+sYTq0lxT+d/96DgSyNpicqyYT2S2CTCRkWGAsc6KQwRpBYqoEqUeakyGfe2k85
pj32H53Si/49fkWkQ9RciPdg7qcu7u/iegwAkkjKoATeEjNf0NqBlkWag1qU0UHR
r2xDin+3ffEU2GQEwSvnGwlo7uyAN0UsryEWa9suuhX5T4eSWAMgTL4iVkh8Aa24
+YEFOGkCgYEA0DUb++31+nuxU8N+GPaPQXiob8C0RmSzSzSHJ3daJpzq8k576jqs
3TgkhLDzQepcTYVU2ucn6+9ziXEsz4H06W3FNGktnyK4BRqYitt5TjZvPc+WTPhR
0U+iUqBZilCAhUkIsNUiGvnMhz9VfcS/gn+NqhL7kvYi11/jAc4bbB0CgYEA1/oh
+t1ZKVLkbANrma/M8AX27Vl3k4jgOWGzFwAVD10zN31gGyVjv1knmG22pmL2+N+Z
8CnVmdHQQQIWV1pYbgwRkvpnZWyH7AvHd9l1XLYyOU3VEpz+e2bpMtzesaza3UWW
k8NELNE5sBopY939XkQ9G3aMXtbkx01zX+0BZJsCgYB+MdJ2TfKrEVGXfYPuSXLm
seUVZu1dRSfOy1WnvBVuFenpV1yPyWSA6MhpjH7EUvIDIm8eBsERpZ6XjXslgpUY
7ql6bM10CK0UmtwePYw2tZOTGUD2AgRFI0k1X28mAEkFgBC+bVAwnXsz9lUw15Fj
3T/V9493savIcpu6uluwmQKBgQCE/I4jzFv0aAgiwlBlB6znNqT/LRHGFIgMjS4b
QX+2QCsjRd4BmRo8XodVAmlvNozgXb6J9RiDaIAVJ1XeX9EHogLIP8ue1h8zp2Uh
VRNBDScLxfMnTOgd0BZTrVCqkscJbKn1Pk0iU4pz9wf5aF10yAvgdzSjySqB1hzu
uh8bdQKBgEpFIyhqfXf/NzchI5y23Cok14LFIPJ1yERD/B8taS7muVQwpgffy+Ld
BH7dhafWSDVqIk1e6yl+82b4amleTEmDfopgc6FR7uPid1JoFxrwhnEfC3FjZamp
1OzXAOE/mX3jHf1spqpB2J/rDVPKi934ocQVoWnBeRopGTXxzbed
-----END RSA PRIVATE KEY-----

View file

@ -10,7 +10,11 @@ let
domain = conf.domain;
in mkDerivation {
name = "test-certs";
buildInputs = [ minica ];
buildInputs = [ (minica.overrideAttrs (old: {
prePatch = ''
sed -i 's_NotAfter: time.Now().AddDate(2, 0, 30),_NotAfter: time.Now().AddDate(20, 0, 0),_' main.go
'';
})) ];
phases = [ "buildPhase" "installPhase" ];
buildPhase = ''

View file

@ -431,5 +431,58 @@ import ./make-test-python.nix ({ pkgs, ... }: {
docker.succeed("docker run --rm image-with-certs:latest test -r /etc/pki/tls/certs/ca-bundle.crt")
docker.succeed("docker image rm image-with-certs:latest")
with subtest("buildNixShellImage: Can build a basic derivation"):
docker.succeed(
"${examples.nix-shell-basic} | docker load",
"docker run --rm nix-shell-basic bash -c 'buildDerivation && $out/bin/hello' | grep '^Hello, world!$'"
)
with subtest("buildNixShellImage: Runs the shell hook"):
docker.succeed(
"${examples.nix-shell-hook} | docker load",
"docker run --rm -it nix-shell-hook | grep 'This is the shell hook!'"
)
with subtest("buildNixShellImage: Sources stdenv, making build inputs available"):
docker.succeed(
"${examples.nix-shell-inputs} | docker load",
"docker run --rm -it nix-shell-inputs | grep 'Hello, world!'"
)
with subtest("buildNixShellImage: passAsFile works"):
docker.succeed(
"${examples.nix-shell-pass-as-file} | docker load",
"docker run --rm -it nix-shell-pass-as-file | grep 'this is a string'"
)
with subtest("buildNixShellImage: run argument works"):
docker.succeed(
"${examples.nix-shell-run} | docker load",
"docker run --rm -it nix-shell-run | grep 'This shell is not interactive'"
)
with subtest("buildNixShellImage: command argument works"):
docker.succeed(
"${examples.nix-shell-command} | docker load",
"docker run --rm -it nix-shell-command | grep 'This shell is interactive'"
)
with subtest("buildNixShellImage: home directory is writable by default"):
docker.succeed(
"${examples.nix-shell-writable-home} | docker load",
"docker run --rm -it nix-shell-writable-home"
)
with subtest("buildNixShellImage: home directory can be made non-existent"):
docker.succeed(
"${examples.nix-shell-nonexistent-home} | docker load",
"docker run --rm -it nix-shell-nonexistent-home"
)
with subtest("buildNixShellImage: can build derivations"):
docker.succeed(
"${examples.nix-shell-build-derivation} | docker load",
"docker run --rm -it nix-shell-build-derivation"
)
'';
})

View file

@ -16,8 +16,6 @@ let
../modules/testing/test-instrumentation.nix
../modules/profiles/qemu-guest.nix
{
ec2.hvm = true;
# Hack to make the partition resizing work in QEMU.
boot.initrd.postDeviceCommands = mkBefore ''
ln -s vda /dev/xvda

View file

@ -0,0 +1,96 @@
import ./make-test-python.nix ({ pkgs, lib, ...} :
{
name = "evcc";
meta.maintainers = with lib.maintainers; [ hexa ];
nodes = {
machine = { config, ... }: {
services.evcc = {
enable = true;
settings = {
network = {
schema = "http";
host = "localhost";
port = 7070;
};
log = "info";
site = {
title = "NixOS Test";
meters = {
grid = "grid";
pv = "pv";
};
};
meters = [ {
type = "custom";
name = "grid";
power = {
source = "script";
cmd = "/bin/sh -c 'echo -4500'";
};
} {
type = "custom";
name = "pv";
power = {
source = "script";
cmd = "/bin/sh -c 'echo 7500'";
};
} ];
chargers = [ {
name = "dummy-charger";
type = "custom";
status = {
source = "script";
cmd = "/bin/sh -c 'echo charger status F'";
};
enabled = {
source = "script";
cmd = "/bin/sh -c 'echo charger enabled state false'";
};
enable = {
source = "script";
cmd = "/bin/sh -c 'echo set charger enabled state true'";
};
maxcurrent = {
source = "script";
cmd = "/bin/sh -c 'echo set charger max current 7200'";
};
} ];
loadpoints = [ {
title = "Dummy";
charger = "dummy-charger";
} ];
};
};
};
};
testScript = ''
start_all()
machine.wait_for_unit("evcc.service")
machine.wait_for_open_port(7070)
with subtest("Check package version propagates into frontend"):
machine.fail(
"curl --fail http://localhost:7070 | grep '0.0.1-alpha'"
)
machine.succeed(
"curl --fail http://localhost:7070 | grep '${pkgs.evcc.version}'"
)
with subtest("Check journal for errors"):
_, output = machine.execute("journalctl -o cat -u evcc.service")
assert "ERROR" not in output
with subtest("Check systemd hardening"):
_, output = machine.execute("systemd-analyze security evcc.service | grep -v ''")
machine.log(output)
'';
})

View file

@ -13,26 +13,17 @@ import ./make-test-python.nix ({ pkgs, ... }:
serverSettings = {
origin = "https://${serverDomain}";
domain = serverDomain;
bindaddress = "[::1]:8443";
bindaddress = "[::]:443";
ldapbindaddress = "[::1]:636";
};
};
services.nginx = {
enable = true;
recommendedProxySettings = true;
virtualHosts."${serverDomain}" = {
forceSSL = true;
sslCertificate = certs."${serverDomain}".cert;
sslCertificateKey = certs."${serverDomain}".key;
locations."/".proxyPass = "http://[::1]:8443";
tls_chain = certs."${serverDomain}".cert;
tls_key = certs."${serverDomain}".key;
};
};
security.pki.certificateFiles = [ certs.ca.cert ];
networking.hosts."::1" = [ serverDomain ];
networking.firewall.allowedTCPPorts = [ 80 443 ];
networking.firewall.allowedTCPPorts = [ 443 ];
users.users.kanidm.shell = pkgs.bashInteractive;
@ -73,7 +64,7 @@ import ./make-test-python.nix ({ pkgs, ... }:
start_all()
server.wait_for_unit("kanidm.service")
server.wait_until_succeeds("curl -sf https://${serverDomain} | grep Kanidm")
server.succeed("ldapsearch -H ldap://[::1]:636 -b '${ldapBaseDN}' -x '(name=test)'")
server.succeed("ldapsearch -H ldaps://${serverDomain}:636 -b '${ldapBaseDN}' -x '(name=test)'")
client.succeed("kanidm login -D anonymous && kanidm self whoami | grep anonymous@${serverDomain}")
rv, result = server.execute("kanidmd recover_account -c ${serverConfigFile} idm_admin 2>&1 | rg -o '[A-Za-z0-9]{48}'")
assert rv == 0

View file

@ -1,6 +1,6 @@
f: {
system ? builtins.currentSystem,
pkgs ? import ../.. { inherit system; },
pkgs ? import ../.. { inherit system; config = {}; overlays = []; },
...
} @ args:

View file

@ -166,6 +166,8 @@ import ./make-test-python.nix ({ pkgs, lib, ... }:
start_all()
etcd.wait_for_unit("etcd.service")
with subtest("should bootstrap a new patroni cluster"):
wait_for_all_nodes_ready()

View file

@ -61,5 +61,10 @@ in {
phone.wait_for_text("All Apps")
phone.screenshot("03launcher")
with subtest("Check the on-screen keyboard shows"):
phone.send_chars("setting", delay=0.2)
phone.wait_for_text("123") # A button on the OSK
phone.screenshot("04osk")
'';
})

View file

@ -0,0 +1,26 @@
import ./make-test-python.nix ({ pkgs, ... }: {
name = "warzone2100";
meta = with pkgs.lib.maintainers; {
maintainers = [ fgaz ];
};
nodes.machine = { config, pkgs, ... }: {
imports = [
./common/x11.nix
];
services.xserver.enable = true;
environment.systemPackages = [ pkgs.warzone2100 ];
};
enableOCR = true;
testScript =
''
machine.wait_for_x()
machine.execute("warzone2100 >&2 &")
machine.wait_for_window("Warzone 2100")
machine.wait_for_text(r"(Single Player|Multi Player|Tutorial|Options|Quit Game)")
machine.screenshot("screen")
'';
})

View file

@ -1,16 +1,13 @@
import ../make-test-python.nix ({pkgs, ...}:
let
test-certificates = pkgs.runCommandLocal "test-certificates" { } ''
cert = pkgs: pkgs.runCommand "selfSignedCerts" { buildInputs = [ pkgs.openssl ]; } ''
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -nodes -subj '/CN=mastodon.local' -days 36500
mkdir -p $out
echo insecure-root-password > $out/root-password-file
echo insecure-intermediate-password > $out/intermediate-password-file
${pkgs.step-cli}/bin/step certificate create "Example Root CA" $out/root_ca.crt $out/root_ca.key --password-file=$out/root-password-file --profile root-ca
${pkgs.step-cli}/bin/step certificate create "Example Intermediate CA 1" $out/intermediate_ca.crt $out/intermediate_ca.key --password-file=$out/intermediate-password-file --ca-password-file=$out/root-password-file --profile intermediate-ca --ca $out/root_ca.crt --ca-key $out/root_ca.key
cp key.pem cert.pem $out
'';
hosts = ''
192.168.2.10 ca.local
192.168.2.11 mastodon.local
192.168.2.101 mastodon.local
'';
in
@ -19,42 +16,6 @@ in
meta.maintainers = with pkgs.lib.maintainers; [ erictapen izorkin turion ];
nodes = {
ca = { pkgs, ... }: {
networking = {
interfaces.eth1 = {
ipv4.addresses = [
{ address = "192.168.2.10"; prefixLength = 24; }
];
};
extraHosts = hosts;
};
services.step-ca = {
enable = true;
address = "0.0.0.0";
port = 8443;
openFirewall = true;
intermediatePasswordFile = "${test-certificates}/intermediate-password-file";
settings = {
dnsNames = [ "ca.local" ];
root = "${test-certificates}/root_ca.crt";
crt = "${test-certificates}/intermediate_ca.crt";
key = "${test-certificates}/intermediate_ca.key";
db = {
type = "badger";
dataSource = "/var/lib/step-ca/db";
};
authority = {
provisioners = [
{
type = "ACME";
name = "acme";
}
];
};
};
};
};
server = { pkgs, ... }: {
virtualisation.memorySize = 2048;
@ -62,7 +23,7 @@ in
networking = {
interfaces.eth1 = {
ipv4.addresses = [
{ address = "192.168.2.11"; prefixLength = 24; }
{ address = "192.168.2.101"; prefixLength = 24; }
];
};
extraHosts = hosts;
@ -70,12 +31,7 @@ in
};
security = {
acme = {
acceptTerms = true;
defaults.server = "https://ca.local:8443/acme/acme/directory";
defaults.email = "mastodon@mastodon.local";
};
pki.certificateFiles = [ "${test-certificates}/root_ca.crt" ];
pki.certificateFiles = [ "${cert pkgs}/cert.pem" ];
};
services.redis.servers.mastodon = {
@ -89,16 +45,6 @@ in
configureNginx = true;
localDomain = "mastodon.local";
enableUnixSocket = false;
redis = {
createLocally = true;
host = "127.0.0.1";
port = 31637;
};
database = {
createLocally = true;
host = "/run/postgresql";
port = 5432;
};
smtp = {
createLocally = false;
fromAddress = "mastodon@mastodon.local";
@ -107,6 +53,14 @@ in
EMAIL_DOMAIN_ALLOWLIST = "example.com";
};
};
services.nginx = {
virtualHosts."mastodon.local" = {
enableACME = pkgs.lib.mkForce false;
sslCertificate = "${cert pkgs}/cert.pem";
sslCertificateKey = "${cert pkgs}/key.pem";
};
};
};
client = { pkgs, ... }: {
@ -114,14 +68,14 @@ in
networking = {
interfaces.eth1 = {
ipv4.addresses = [
{ address = "192.168.2.12"; prefixLength = 24; }
{ address = "192.168.2.102"; prefixLength = 24; }
];
};
extraHosts = hosts;
};
security = {
pki.certificateFiles = [ "${test-certificates}/root_ca.crt" ];
pki.certificateFiles = [ "${cert pkgs}/cert.pem" ];
};
};
};
@ -129,12 +83,6 @@ in
testScript = ''
start_all()
ca.wait_for_unit("step-ca.service")
ca.wait_for_open_port(8443)
# Check that mastodon-media-auto-remove is scheduled
server.succeed("systemctl status mastodon-media-auto-remove.timer")
server.wait_for_unit("nginx.service")
server.wait_for_unit("redis-mastodon.service")
server.wait_for_unit("postgresql.service")
@ -144,10 +92,17 @@ in
server.wait_for_open_port(55000)
server.wait_for_open_port(55001)
# Check that mastodon-media-auto-remove is scheduled
server.succeed("systemctl status mastodon-media-auto-remove.timer")
# Check Mastodon version from remote client
client.succeed("curl --fail https://mastodon.local/api/v1/instance | jq -r '.version' | grep '${pkgs.mastodon.version}'")
# Check using admin CLI
# Check access from remote client
client.succeed("curl --fail https://mastodon.local/about | grep 'Mastodon hosted on mastodon.local'")
client.succeed("curl --fail $(curl https://mastodon.local/api/v1/instance 2> /dev/null | jq -r .thumbnail) --output /dev/null")
# Simple check tootctl commands
# Check Mastodon version
server.succeed("su - mastodon -s /bin/sh -c 'mastodon-env tootctl version' | grep '${pkgs.mastodon.version}'")
@ -164,12 +119,11 @@ in
# Manage IP access
server.succeed("su - mastodon -s /bin/sh -c 'mastodon-env tootctl ip_blocks add 192.168.0.0/16 --severity=no_access'")
server.succeed("su - mastodon -s /bin/sh -c 'mastodon-env tootctl ip_blocks export' | grep '192.168.0.0/16'")
server.fail("su - mastodon -s /bin/sh -c 'mastodon-env tootctl p_blocks export' | grep '172.16.0.0/16'")
server.fail("su - mastodon -s /bin/sh -c 'mastodon-env tootctl ip_blocks export' | grep '172.16.0.0/16'")
client.fail("curl --fail https://mastodon.local/about")
server.succeed("su - mastodon -s /bin/sh -c 'mastodon-env tootctl ip_blocks remove 192.168.0.0/16'")
client.succeed("curl --fail https://mastodon.local/about")
ca.shutdown()
server.shutdown()
client.shutdown()
'';

View file

@ -42,7 +42,7 @@ in import ../make-test-python.nix {
${nodes.server.config.networking.primaryIPAddress} uploads.example.com
'';
environment.systemPackages = [
(pkgs.callPackage ./xmpp-sendmessage.nix { connectTo = nodes.server.config.networking.primaryIPAddress; })
(pkgs.callPackage ./xmpp-sendmessage.nix { connectTo = "example.com"; })
];
};
server = { config, pkgs, ... }: {
@ -82,6 +82,7 @@ in import ../make-test-python.nix {
testScript = { nodes, ... }: ''
# Check with sqlite storage
start_all()
server.wait_for_unit("prosody.service")
server.succeed('prosodyctl status | grep "Prosody is running"')

View file

@ -12,6 +12,7 @@ in writeScriptBin "send-message" ''
#!${(python3.withPackages (ps: [ ps.slixmpp ])).interpreter}
import logging
import sys
import signal
from types import MethodType
from slixmpp import ClientXMPP
@ -64,8 +65,13 @@ class CthonTest(ClientXMPP):
log.info('MUC join success!')
log.info('XMPP SCRIPT TEST SUCCESS')
def timeout_handler(signalnum, stackframe):
print('ERROR: xmpp-sendmessage timed out')
sys.exit(1)
if __name__ == '__main__':
signal.signal(signal.SIGALRM, timeout_handler)
signal.alarm(120)
logging.basicConfig(level=logging.DEBUG,
format='%(levelname)-8s %(message)s')
@ -76,7 +82,7 @@ if __name__ == '__main__':
ct.register_plugin('xep_0363')
# MUC
ct.register_plugin('xep_0045')
ct.connect(("server", 5222))
ct.connect(("${connectTo}", 5222))
ct.process(forever=False)
if not ct.test_succeeded:

View file

@ -16,6 +16,7 @@
, feedbackd
, wrapGAppsHook
, fetchpatch
, nixosTests
}:
stdenv.mkDerivation rec {
@ -68,6 +69,8 @@ stdenv.mkDerivation rec {
feedbackd
];
passthru.tests.phosh = nixosTests.phosh;
meta = with lib; {
description = "A virtual keyboard supporting Wayland";
homepage = "https://source.puri.sm/Librem5/squeekboard";

View file

@ -15,6 +15,7 @@ stdenv.mkDerivation rec {
sed -i 's@/usr/bin/install@install@g' Makefile
sed -i 's@/bin/rm@rm@g' Makefile
sed -i 's@/usr/lib/ladspa@$(out)/lib/ladspa@g' Makefile
sed -i 's@g++@$(CXX)@g' Makefile
'';
preInstall="mkdir -p $out/lib/ladspa";

View file

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "bchoppr";
version = "1.10.10";
version = "1.12.2";
src = fetchFromGitHub {
owner = "sjaehn";
repo = pname;
rev = version;
sha256 = "sha256-LNPG/ETRmgPv8LsYVHol4p5oRCvg+dSYVEe61i8Dvz8=";
sha256 = "sha256-P6sbxhgnlek1IJ4i9yTe/3g/2C8oLPKXI3zbLdswvl8=";
};
nativeBuildInputs = [ pkg-config ];

View file

@ -1,4 +1,6 @@
{ mkDerivation, lib, fetchFromGitHub, pkg-config, sconsPackages, qtbase, lash, libjack2, jack ? libjack2, alsa-lib }:
{ mkDerivation, lib, fetchFromGitHub, pkg-config, sconsPackages, qtbase, lash, libjack2, jack ? libjack2, alsa-lib
, fetchpatch
}:
mkDerivation rec {
pname = "jackmix";
@ -11,9 +13,16 @@ mkDerivation rec {
sha256 = "0p59411vk38lccn24r7nih10jpgg9i46yc26zpc3x13amxwwpd4h";
};
patches = [ ./no_error.patch ];
patches = [
./no_error.patch
(fetchpatch {
name = "sconstruct-python3.patch";
url = "https://github.com/kampfschlaefer/jackmix/commit/3a0c868b267728fdbc69cc3dc1941edac27d97f6.patch";
hash = "sha256-MLgxIiZ0+C1IVEci9Q347DR+SJUlPG2N3iPvuhRptJU=";
})
];
nativeBuildInputs = [ sconsPackages.scons_3_1_2 pkg-config ];
nativeBuildInputs = [ sconsPackages.scons_latest pkg-config ];
buildInputs = [
qtbase
lash

View file

@ -1,19 +1,34 @@
{ lib, stdenv, fetchurl, sconsPackages, pkg-config
, libsamplerate, libsndfile, liblo, libjack2, boost }:
{ lib
, stdenv
, fetchFromGitHub
, pkg-config
, sconsPackages
, rubberband
, boost
, libjack2
, liblo
, libsamplerate
, libsndfile
}:
stdenv.mkDerivation rec {
pname = "klick";
version = "0.12.2";
version = "0.14.2";
src = fetchurl {
url = "http://das.nasophon.de/download/${pname}-${version}.tar.gz";
sha256 = "1289533c0849b1b66463bf27f7ce5f71736b655cfb7672ef884c7e6eb957ac42";
src = fetchFromGitHub {
owner = "Allfifthstuning";
repo = "klick";
rev = version;
hash = "sha256-jHyeVCmyy9ipbVaF7GSW19DOVpU9EQJoLcGq9uos+eY=";
};
nativeBuildInputs = [ sconsPackages.scons_3_0_1 pkg-config ];
nativeBuildInputs = [
pkg-config
rubberband
sconsPackages.scons_latest
];
buildInputs = [ libsamplerate libsndfile liblo libjack2 boost ];
prefixKey = "PREFIX=";
NIX_CFLAGS_COMPILE = "-fpermissive";
meta = {
homepage = "http://das.nasophon.de/klick/";

View file

@ -6,12 +6,12 @@ with python3Packages;
buildPythonApplication rec {
pname = "miniplayer";
version = "1.7.1";
version = "1.8.1";
format = "pyproject";
src = fetchPypi {
inherit pname version;
hash = "sha256-NrIDv61mRDe9JWpSP8cvlU4CGoN6Ou6XuNOIn1p47Pw=";
hash = "sha256-iUUsVIDLQAiaMomfA2LvvJZ2ePhgADtC6GCwIpRC1MA=";
};
propagatedBuildInputs = [

View file

@ -0,0 +1,38 @@
{ lib, fetchurl, appimageTools }:
let
pname = "museeks";
version = "0.13.1";
src = fetchurl {
url = "https://github.com/martpie/museeks/releases/download/${version}/museeks-x86_64.AppImage";
hash = "sha256-LvunhCFmpv00TnXzWjp3kQUAhoKpmp6pqKgcaUqZV+o=";
};
appimageContents = appimageTools.extractType2 {
inherit pname version src;
};
in
appimageTools.wrapType2 {
inherit pname version src;
extraInstallCommands = ''
mv $out/bin/${pname}-${version} $out/bin/${pname}
mkdir -p $out/share/${pname}
cp -a ${appimageContents}/{locales,resources} $out/share/${pname}
cp -a ${appimageContents}/usr/share/icons $out/share/
install -Dm 444 ${appimageContents}/${pname}.desktop -t $out/share/applications
substituteInPlace $out/share/applications/${pname}.desktop \
--replace 'Exec=AppRun' 'Exec=${pname}'
'';
meta = with lib; {
description = "A simple, clean and cross-platform music player";
homepage = "https://github.com/martpie/museeks";
license = licenses.mit;
platforms = [ "x86_64-linux" ];
maintainers = with maintainers; [ zendo ];
};
}

View file

@ -11,12 +11,12 @@ buildNpmPackage rec {
hash = "sha256-XgwlRdwUSl4gIRKqk6BnMAKarVvp291zk8vmNkuRWKo=";
};
patches = [
# Use generated package-lock.json since upstream does not provide one in releases
./package-lock.json.patch
];
postPatch = ''
ln -sT ${./package-lock.json} ./package-lock.json
'';
npmDepsHash = "sha256-UF3pZ+SlrgDLqntciXRNbWfpPMtQw1DXl41x9r37QN4=";
npmDepsHash = "sha256-5KZXZ4agHcAh3gai5w9YodETIEGJtDq/kyEZOHb9dOc=";
nativeBuildInputs = [
copyDesktopItems
@ -38,7 +38,7 @@ buildNpmPackage rec {
runHook preInstall
# prune unused deps
npm prune --omit dev $npmFlags
npm prune --omit dev --no-save $npmFlags
# copy built app and node_modules directories
mkdir -p $out/lib/node_modules/open-stage-control

File diff suppressed because it is too large Load diff

View file

@ -47,10 +47,7 @@ curl -sSL https://raw.githubusercontent.com/jean-emmanuel/open-stage-control/v"$
# Lock dependencies with npm
(cd "$pkgdir" && npm install --package-lock-only --ignore-scripts --legacy-peer-deps)
# Turn lock file into patch file
(cd "$pkgdir" && (diff -u /dev/null ./package-lock.json || [ $? -eq 1 ])) >"$pkgdir"/package-lock.json.patch
rm -f "$pkgdir"/{package.json,package-lock.json}
rm -f "$pkgdir"/package.json
# Update FOD hash
curhash="$(nixeval "$attr.npmDeps.outputHash")"

View file

@ -19,24 +19,15 @@ let
in
pythonPackages.buildPythonApplication rec {
pname = "picard";
version = "2.8.3";
version = "2.8.4";
src = fetchFromGitHub {
owner = "metabrainz";
repo = pname;
rev = "refs/tags/release-${version}";
sha256 = "sha256-KUHciIlwaKXvyCCkAzdh1vpe9cunDizrMUl0SoCpxgY=";
rev = "release-${version}";
sha256 = "sha256-ygZkj7hZNm7XyqDEI7l49d36ZgCTwFiAuYZjlF9d5+8=";
};
patches = [
# fix for tests failing with newer mutagen, remove after >2.8.3
# https://tickets.metabrainz.org/browse/PICARD-2583
(fetchpatch {
url = "https://github.com/metabrainz/picard/commit/76c2dff6b61140bbc7675c9e9f62a086b885e539.patch";
hash = "sha256-V1/oq1tEcb1mtqbYAA9o7mJcw16vRO0IK3GGmJkwO1Q=";
})
];
nativeBuildInputs = [ gettext qt5.wrapQtAppsHook qt5.qtbase ]
++ lib.optionals (pyqt5.multimediaEnabled) [
qt5.qtmultimedia.bin
@ -71,6 +62,7 @@ pythonPackages.buildPythonApplication rec {
meta = with lib; {
homepage = "https://picard.musicbrainz.org/";
changelog = "https://picard.musicbrainz.org/changelog/";
description = "The official MusicBrainz tagger";
maintainers = with maintainers; [ ehmry ];
license = licenses.gpl2Plus;

View file

@ -1,4 +1,5 @@
{ lib, stdenv
{ lib
, stdenv
, fetchFromGitHub
, autoreconfHook
, pkg-config
@ -8,7 +9,7 @@
, libxml2
, libjack2
, libsndfile
, wxGTK30
, wxGTK30-gtk3
, libsigcxx
, libsamplerate
, rubberband
@ -34,14 +35,19 @@ stdenv.mkDerivation rec {
./autogen.sh
'';
nativeBuildInputs = [ autoreconfHook pkg-config which libtool ];
nativeBuildInputs = [
autoreconfHook
pkg-config
which
libtool
];
buildInputs = [
liblo
libxml2
libjack2
libsndfile
wxGTK30
wxGTK30-gtk3
libsigcxx
libsamplerate
rubberband

View file

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "stochas";
version = "1.3.5";
version = "1.3.8";
src = fetchFromGitHub {
owner = "surge-synthesizer";
repo = pname;
rev = "v${version}";
sha256 = "1z8q53qfigw6wwbvpca92b9pf9d0mv3nyb0fmszz5ikj3pcybi7m";
sha256 = "sha256-/YT2M/VbkABjFvtTjGPWaSKUZaznMIYKXV6gNSD2PeU=";
fetchSubmodules = true;
};

View file

@ -2,6 +2,7 @@
, python3
, fetchFromGitHub
, fetchpatch
, installShellFiles
, libcdio-paranoia
, cdrdao
, libsndfile
@ -35,6 +36,8 @@ in python3.pkgs.buildPythonApplication rec {
];
nativeBuildInputs = with python3.pkgs; [
installShellFiles
setuptools-scm
docutils
setuptoolsCheckHook
@ -65,6 +68,11 @@ in python3.pkgs.buildPythonApplication rec {
export SETUPTOOLS_SCM_PRETEND_VERSION="${version}"
'';
outputs = [ "out" "man" ];
postBuild = ''
make -C man
'';
preCheck = ''
# disable tests that require internet access
# https://github.com/JoeLametta/whipper/issues/291
@ -73,6 +81,10 @@ in python3.pkgs.buildPythonApplication rec {
export HOME=$TMPDIR
'';
postInstall = ''
installManPage man/*.1
'';
passthru.tests.version = testers.testVersion {
package = whipper;
command = "HOME=$TMPDIR whipper --version";

View file

@ -1,16 +1,29 @@
{ stdenv, lib, fetchzip, wxGTK30, zlib, zstd }:
{ stdenv
, lib
, fetchzip
, wxGTK32
, zlib
, zstd
}:
stdenv.mkDerivation rec {
pname = "urbackup-client";
version = "2.4.11";
version = "2.5.20";
src = fetchzip {
url = "https://hndl.urbackup.org/Client/${version}/urbackup-client-${version}.tar.gz";
sha256 = "0cciy9v1pxj9qaklpbhp2d5rdbkmfm74vhpqx6b4phww0f10wvzh";
sha256 = "sha256-i1g3xUhspqQRfIUhy6STOWNuncK3tMFocJw652r1X9g=";
};
configureFlags = [ "--enable-embedded-cryptopp" ];
buildInputs = [ wxGTK30 zlib zstd ];
buildInputs = [
wxGTK32
zlib
zstd
];
configureFlags = [
"--enable-embedded-cryptopp"
];
meta = with lib; {
description = "An easy to setup Open Source client/server backup system";

View file

@ -1,78 +0,0 @@
{ lib
, stdenv
, fetchFromGitHub
, pkg-config
, autoreconfHook
, openssl
, db48
, boost
, zlib
, miniupnpc
, qtbase ? null
, qttools ? null
, util-linux
, protobuf
, qrencode
, libevent
, withGui
}:
stdenv.mkDerivation rec {
pname = "bitcoin" + lib.optionalString (!withGui) "d" + "-classic";
version = "1.3.8uahf";
src = fetchFromGitHub {
owner = "bitcoinclassic";
repo = "bitcoinclassic";
rev = "v${version}";
sha256 = "sha256-fVmFD1B4kKoejd2cmPPF5TJJQTAA6AVsGlVY8IIUNK4=";
};
nativeBuildInputs = [ pkg-config autoreconfHook ];
buildInputs = [
openssl
db48
boost
zlib
miniupnpc
util-linux
protobuf
libevent
] ++ lib.optionals withGui [ qtbase qttools qrencode ];
configureFlags = [ "--with-boost-libdir=${boost.out}/lib" ]
++ lib.optionals withGui [
"--with-gui=qt5"
"--with-qt-bindir=${qtbase.dev}/bin:${qttools.dev}/bin"
];
CXXFLAGS = [ "-std=c++14" ];
enableParallelBuilding = true;
dontWrapQtApps = true;
meta = with lib; {
description = "Peer-to-peer electronic cash system (Classic client)";
longDescription = ''
Bitcoin is a free open source peer-to-peer electronic cash system that is
completely decentralized, without the need for a central server or trusted
parties. Users hold the crypto keys to their own money and transact directly
with each other, with the help of a P2P network to check for double-spending.
Bitcoin Classic stands for the original Bitcoin as Satoshi described it,
"A Peer-to-Peer Electronic Cash System". We are writing the software that
miners and users say they want. We will make sure it solves their needs, help
them deploy it, and gracefully upgrade the bitcoin network's capacity
together. The data shows that Bitcoin can grow, on-chain, to welcome many
more users onto our coin in a safe and distributed manner. In the future we
will continue to release updates that are in line with Satoshis whitepaper &
vision, and are agreed upon by the community.
'';
homepage = "https://bitcoinclassic.com/";
maintainers = with maintainers; [ jefdaj ];
license = licenses.mit;
broken = stdenv.isDarwin;
platforms = platforms.unix;
};
}

View file

@ -1,72 +0,0 @@
{ lib, stdenv
, fetchFromGitHub
, openssl
, boost
, libb2
, libevent
, autoreconfHook
, db4
, pkg-config
, protobuf
, hexdump
, zeromq
, libsodium
, withGui
, qtbase ? null
, qttools ? null
, wrapQtAppsHook ? null
}:
with lib;
stdenv.mkDerivation rec {
pname = "bitcoin" + toString (optional (!withGui) "d") + "-gold";
version = "0.17.3";
src = fetchFromGitHub {
owner = "BTCGPU";
repo = "BTCGPU";
rev = "v${version}";
sha256 = "sha256-1tFoUNsCPJkHSmNRl5gE3n2EQD6RZSry1zIM5hiTzEI=";
};
nativeBuildInputs = [
autoreconfHook
pkg-config
hexdump
] ++ optionals withGui [
wrapQtAppsHook
];
buildInputs = [
openssl
boost
libevent
db4
zeromq
libsodium
libb2
] ++ optionals withGui [
qtbase
qttools
protobuf
];
enableParallelBuilding = true;
configureFlags = [
"--with-boost-libdir=${boost.out}/lib"
] ++ optionals withGui [
"--with-gui=qt5"
"--with-qt-bindir=${qtbase.dev}/bin:${qttools.dev}/bin"
];
meta = {
description = "BTG is a cryptocurrency with Bitcoin fundamentals, mined on common GPUs instead of specialty ASICs";
homepage = "https://bitcoingold.org/";
license = licenses.mit;
maintainers = [ maintainers.mmahut ];
platforms = platforms.linux;
};
}

View file

@ -25,23 +25,21 @@
with lib;
let
version = "23.0";
majorVersion = versions.major version;
desktop = fetchurl {
url = "https://raw.githubusercontent.com/bitcoin-core/packaging/${majorVersion}.x/debian/bitcoin-qt.desktop";
# c2e5f3e is the last commit when the debian/bitcoin-qt.desktop file was changed
url = "https://raw.githubusercontent.com/bitcoin-core/packaging/c2e5f3e20a8093ea02b73cbaf113bc0947b4140e/debian/bitcoin-qt.desktop";
sha256 = "0cpna0nxcd1dw3nnzli36nf9zj28d2g9jf5y0zl9j18lvanvniha";
};
in
stdenv.mkDerivation rec {
pname = if withGui then "bitcoin" else "bitcoind";
inherit version;
version = "24.0";
src = fetchurl {
urls = [
"https://bitcoincore.org/bin/bitcoin-core-${version}/bitcoin-${version}.tar.gz"
"https://bitcoin.org/bin/bitcoin-core-${version}/bitcoin-${version}.tar.gz"
];
sha256 = "26748bf49d6d6b4014d0fedccac46bf2bcca42e9d34b3acfd9e3467c415acc05";
sha256 = "9cfa4a9f4acb5093e85b8b528392f0f05067f3f8fafacd4dcfe8a396158fd9f4";
};
nativeBuildInputs =
@ -74,10 +72,6 @@ stdenv.mkDerivation rec {
"--with-qt-bindir=${qtbase.dev}/bin:${qttools.dev}/bin"
];
# fix "Killed: 9 test/test_bitcoin"
# https://github.com/NixOS/nixpkgs/issues/179474
hardeningDisable = lib.optionals (stdenv.isAarch64 && stdenv.isDarwin) [ "fortify" "stackprotector" ];
checkInputs = [ python3 ];
doCheck = true;

View file

@ -2,13 +2,13 @@
python3Packages.buildPythonApplication rec {
pname = "charge-lnd";
version = "0.2.12";
version = "0.2.13";
src = fetchFromGitHub {
owner = "accumulator";
repo = pname;
rev = "v${version}";
sha256 = "uiXmLdQAglgLxOX6IoF1iNZvje4EM7Tr25Okx9TPyzI=";
rev = "refs/tags/v${version}";
sha256 = "sha256-mNU8bhiZqvYbNUU8vJNk9WbpAVrCTi9Fy3hlIpb06ac=";
};
propagatedBuildInputs = with python3Packages; [

View file

@ -19,15 +19,15 @@ with lib;
stdenv.mkDerivation rec {
pname = "digibyte";
version = "7.17.2";
version = "7.17.3";
name = pname + toString (optional (!withGui) "d") + "-" + version;
src = fetchFromGitHub {
owner = pname;
owner = "digibyte-core";
repo = pname;
rev = "v${version}";
sha256 = "04czj7mx3wpbx4832npk686p9pg5zb6qwlcvnmvqf31hm5qylbxj";
sha256 = "zPwnC2qd28fA1saG4nysPlKU1nnXhfuSG3DpCY6T+kM=";
};
nativeBuildInputs = [

View file

@ -9,6 +9,7 @@
, protobuf
, hexdump
, zeromq
, gmp
, withGui
, qtbase ? null
, qttools ? null
@ -19,15 +20,15 @@ with lib;
stdenv.mkDerivation rec {
pname = "vertcoin";
version = "0.15.0.1";
version = "0.18.0";
name = pname + toString (optional (!withGui) "d") + "-" + version;
src = fetchFromGitHub {
owner = pname + "-project";
repo = pname + "-core";
rev = version;
sha256 = "09q7qicw52gv225hq6wlpsf4zr4hjc8miyim5cygi5nxxrlw7kd3";
rev = "2bd6dba7a822400581d5a6014afd671fb7e61f36";
sha256 = "ua9xXA+UQHGVpCZL0srX58DDUgpfNa+AAIKsxZbhvMk=";
};
nativeBuildInputs = [
@ -44,6 +45,7 @@ stdenv.mkDerivation rec {
libevent
db4
zeromq
gmp
] ++ optionals withGui [
qtbase
qttools

View file

@ -1,8 +1,11 @@
{ lib, stdenv
, autoPatchelfHook
, makeWrapper
, fetchurl
, makeDesktopItem
, curl
, dotnetCorePackages
, lttng-ust_2_12
, fontconfig
, krb5
, openssl
@ -11,29 +14,31 @@
}:
let
dotnet-runtime = dotnetCorePackages.runtime_5_0;
libPath = lib.makeLibraryPath [
dotnet-runtime = dotnetCorePackages.runtime_6_0;
# These libraries are dynamically loaded by the application,
# and need to be present in LD_LIBRARY_PATH
runtimeLibs = [
curl
dotnet-runtime
fontconfig.lib
krb5
openssl
stdenv.cc.cc.lib
xorg.libX11
xorg.libICE
xorg.libSM
zlib
];
in
stdenv.mkDerivation rec {
pname = "wasabiwallet";
version = "2.0.1.3";
version = "2.0.2";
src = fetchurl {
url = "https://github.com/zkSNACKs/WalletWasabi/releases/download/v${version}/Wasabi-${version}.tar.gz";
sha256 = "sha256-cATqg/n4/BDQtuCVjHAx3EfMLmlX5EjeQ01gavy/L8o=";
sha256 = "sha256-0DFl+UFxQckRM2qXFqDpKaRQ5sIMUbNj7l3zKPKAOnQ=";
};
dontBuild = true;
dontPatchELF = true;
desktopItem = makeDesktopItem {
name = "wasabi";
@ -44,16 +49,19 @@ stdenv.mkDerivation rec {
categories = [ "Network" "Utility" ];
};
nativeBuildInputs = [ autoPatchelfHook makeWrapper ];
buildInputs = runtimeLibs ++ [
lttng-ust_2_12
];
installPhase = ''
mkdir -p $out/opt/${pname} $out/bin $out/share/applications
cp -Rv . $out/opt/${pname}
cd $out/opt/${pname}
for i in $(find . -type f -name '*.so') wassabee
do
patchelf --set-rpath ${libPath} $i
done
patchelf --set-interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" wassabee
ln -s $out/opt/${pname}/wassabee $out/bin/${pname}
makeWrapper "${dotnet-runtime}/bin/dotnet" "$out/bin/${pname}" \
--add-flags "$out/opt/${pname}/WalletWasabi.Fluent.Desktop.dll" \
--suffix "LD_LIBRARY_PATH" : "${lib.makeLibraryPath runtimeLibs}"
cp -v $desktopItem/share/applications/* $out/share/applications
'';

View file

@ -144,9 +144,10 @@ let emacs = (if withMacport then llvmPackages_6.stdenv else stdenv).mkDerivation
++ lib.optionals stdenv.isLinux [ dbus libselinux alsa-lib acl gpm ]
++ lib.optionals withSystemd [ systemd ]
++ lib.optionals withX
[ xlibsWrapper libXaw Xaw3d libXpm libpng libjpeg giflib libtiff libXft
gconf cairo ]
++ lib.optionals (withX || withNS) [ librsvg ]
[ xlibsWrapper libXaw Xaw3d gconf cairo ]
++ lib.optionals (withX || withPgtk)
[ libXpm libpng libjpeg giflib libtiff ]
++ lib.optionals (withX || withNS || withPgtk ) [ librsvg ]
++ lib.optionals withImageMagick [ imagemagick ]
++ lib.optionals (stdenv.isLinux && withX) [ m17n_lib libotf ]
++ lib.optional (withX && withGTK2) gtk2-x11
@ -178,6 +179,8 @@ let emacs = (if withMacport then llvmPackages_6.stdenv else stdenv).mkDerivation
then [ "--disable-ns-self-contained" ]
else if withX
then [ "--with-x-toolkit=${toolkit}" "--with-xft" "--with-cairo" ]
else if withPgtk
then [ "--with-pgtk" ]
else [ "--with-x=no" "--with-xpm=no" "--with-jpeg=no" "--with-png=no"
"--with-gif=no" "--with-tiff=no" ])
++ lib.optionals withMacport [
@ -189,7 +192,6 @@ let emacs = (if withMacport then llvmPackages_6.stdenv else stdenv).mkDerivation
++ lib.optional withXwidgets "--with-xwidgets"
++ lib.optional nativeComp "--with-native-compilation"
++ lib.optional withImageMagick "--with-imagemagick"
++ lib.optional withPgtk "--with-pgtk"
++ lib.optional withXinput2 "--with-xinput2"
++ lib.optional (!withToolkitScrollBars) "--without-toolkit-scroll-bars"
;

View file

@ -63,7 +63,8 @@ with stdenv; lib.makeOverridable mkDerivation (rec {
mkdir -p $out/{bin,$pname,share/pixmaps,libexec/${pname}}
cp -a . $out/$pname
ln -s $out/$pname/bin/${loName}.png $out/share/pixmaps/${pname}.png
[[ -f $out/$pname/bin/${loName}.png ]] && ln -s $out/$pname/bin/${loName}.png $out/share/pixmaps/${pname}.png
[[ -f $out/$pname/bin/${loName}.svg ]] && ln -s $out/$pname/bin/${loName}.svg $out/share/pixmaps/${pname}.svg
mv bin/fsnotifier* $out/libexec/${pname}/.
jdk=${jdk.home}

View file

@ -57,11 +57,11 @@
"mps": {
"update-channel": "MPS RELEASE",
"url-template": "https://download.jetbrains.com/mps/{versionMajorMinor}/MPS-{version}.tar.gz",
"version": "2021.3.1",
"sha256": "b7d41c4362e71f30adeaed9f0ec30afd5ac0e6eea9650ee4a19d70a5783db3e6",
"url": "https://download.jetbrains.com/mps/2021.3.1/MPS-2021.3.1.tar.gz",
"version-major-minor": "2021.3",
"build_number": "213.7172.958"
"version": "2022.2",
"sha256": "aaee4d2bb9bc34d0b4bc62c7ef08139cc6144b433ba1675ef306e6d3d95e37a1",
"url": "https://download.jetbrains.com/mps/2022.2/MPS-2022.2.tar.gz",
"version-major-minor": "2022.2",
"build_number": "222.3345.1295"
},
"phpstorm": {
"update-channel": "PhpStorm RELEASE",
@ -176,11 +176,11 @@
"mps": {
"update-channel": "MPS RELEASE",
"url-template": "https://download.jetbrains.com/mps/{versionMajorMinor}/MPS-{version}-macos.dmg",
"version": "2021.3.1",
"sha256": "2c5517518fec31ac960e4309fa848ad831f9048ef15df1b362e12aa8f41d9dbd",
"url": "https://download.jetbrains.com/mps/2021.3.1/MPS-2021.3.1-macos.dmg",
"version-major-minor": "2021.3",
"build_number": "213.7172.958"
"version": "2022.2",
"sha256": "4e36c60d281596c220287ab2191165be37ef01c3c54ab5f5e4e535c8b81bc754",
"url": "https://download.jetbrains.com/mps/2022.2/MPS-2022.2-macos.dmg",
"version-major-minor": "2022.2",
"build_number": "222.3345.1295"
},
"phpstorm": {
"update-channel": "PhpStorm RELEASE",
@ -295,11 +295,11 @@
"mps": {
"update-channel": "MPS RELEASE",
"url-template": "https://download.jetbrains.com/mps/{versionMajorMinor}/MPS-{version}-macos-aarch64.dmg",
"version": "2021.3.1",
"url": "https://download.jetbrains.com/mps/2021.3.1/MPS-2021.3.1-macos-aarch64.dmg",
"sha256": "3ace6d45db718dffd80bf126a76735fb65099de292112a01cc078aa61c475a70",
"version-major-minor": "2021.3",
"build_number": "213.7172.958"
"version": "2022.2",
"url": "https://download.jetbrains.com/mps/2022.2/MPS-2022.2-macos-aarch64.dmg",
"sha256": "bdc83d9c7a3430cc2b0b0361a9e4eab82e951bfe87f0e4754106d09850947077",
"version-major-minor": "2022.2",
"build_number": "222.3345.1295"
},
"phpstorm": {
"update-channel": "PhpStorm RELEASE",

View file

@ -2,13 +2,13 @@
mkDerivation rec {
pname = "notepad-next";
version = "0.5.5";
version = "0.5.6";
src = fetchFromGitHub {
owner = "dail8859";
repo = "NotepadNext";
rev = "v${version}";
sha256 = "sha256-ZjDvAN/NNz1GY7/0eKlxogYPg2Ba7Ncg6TXyKQEdWrU=";
sha256 = "sha256-0ZmyEtyVpqQ05FOYdFbnFqfPJKNkrweflSl+irOzcuk=";
# External dependencies - https://github.com/dail8859/NotepadNext/issues/135
fetchSubmodules = true;
};

File diff suppressed because it is too large Load diff

View file

@ -348,12 +348,12 @@
};
fish = buildGrammar {
language = "fish";
version = "84436cf";
version = "6675b56";
source = fetchFromGitHub {
owner = "ram02z";
repo = "tree-sitter-fish";
rev = "84436cf24c2b3176bfbb220922a0fdbd0141e406";
hash = "sha256-oJuCd+2mTCEP/rNQzweShc7TZiqwKBIDRQqnV8VqQ4s=";
rev = "6675b56266b3f615fb112205b6b83a79315309c4";
hash = "sha256-hU2QMiNfO5/Drjl0QoUb9ERaK/3ETGaIsDBHMZ70n/A=";
};
meta.homepage = "https://github.com/ram02z/tree-sitter-fish";
};
@ -414,15 +414,26 @@
};
gitattributes = buildGrammar {
language = "gitattributes";
version = "cee9f88";
version = "577a075";
source = fetchFromGitHub {
owner = "ObserverOfTime";
repo = "tree-sitter-gitattributes";
rev = "cee9f8865694b29bb9e85e0b90805f92ad3fc47e";
hash = "sha256-Ne9D4c58AWvZz/2ytP0lJzKIss2hJtZFgSKsot9MOJE=";
rev = "577a075d46ea109905c5cb6179809df88da61ce9";
hash = "sha256-gBfLmNf7aaqMY3yMF7svFuqif43BAmmY1yYkvVcNUhI=";
};
meta.homepage = "https://github.com/ObserverOfTime/tree-sitter-gitattributes";
};
gitcommit = buildGrammar {
language = "gitcommit";
version = "f6e7f24";
source = fetchFromGitHub {
owner = "gbprod";
repo = "tree-sitter-gitcommit";
rev = "f6e7f24fd12e1d01f9bf23f7625800ace134030c";
hash = "sha256-1MPb2JuBFfckh4sRMxwBWySwS5xHhQSaXx2Sl1Kfuso=";
};
meta.homepage = "https://github.com/gbprod/tree-sitter-gitcommit";
};
gitignore = buildGrammar {
language = "gitignore";
version = "f4685bf";
@ -459,12 +470,12 @@
};
glsl = buildGrammar {
language = "glsl";
version = "a743ada";
version = "e2c2214";
source = fetchFromGitHub {
owner = "theHamsta";
repo = "tree-sitter-glsl";
rev = "a743ada24fa17da9acc5665133f07d56e03530be";
hash = "sha256-l2t2U4fZYMMpc1Nkv8JODtDny0/kSUsbiJ/VVD5VyhI=";
rev = "e2c2214045de2628b81089b1a739962f59654558";
hash = "sha256-GrbheFLeJLAvm3LE4WOfmYnIjVcRkD9pfugJJuIc25A=";
};
meta.homepage = "https://github.com/theHamsta/tree-sitter-glsl";
};
@ -570,12 +581,12 @@
};
help = buildGrammar {
language = "help";
version = "49cdef5";
version = "ce20f13";
source = fetchFromGitHub {
owner = "neovim";
repo = "tree-sitter-vimdoc";
rev = "49cdef52ded4a886bf34bc474876b09f9270d48f";
hash = "sha256-szNY2yw5i9pgF+MpaEAkP8BgSYEe6nrFW+17sbSZ6Yc=";
rev = "ce20f13c3f12506185754888feaae3f2ad54c287";
hash = "sha256-XklORrP4ToX4klXFYxMv2s63INWugDyjl3mtLDdUHlg=";
};
meta.homepage = "https://github.com/neovim/tree-sitter-vimdoc";
};
@ -592,12 +603,12 @@
};
hlsl = buildGrammar {
language = "hlsl";
version = "384b26e";
version = "329e3c8";
source = fetchFromGitHub {
owner = "theHamsta";
repo = "tree-sitter-hlsl";
rev = "384b26ec65e10f26cf147bfcde772c50ca5ef0d0";
hash = "sha256-f6jKhC1vPpNTY0Rv1WMdJMNXRFiLsCApy/kIv7CBesA=";
rev = "329e3c8bd6f696a6128e0dccba34b2799dc3037e";
hash = "sha256-unxcw0KTlMDtcdjvIZidU/QckjfHBtc+LzAR7SukdU0=";
};
meta.homepage = "https://github.com/theHamsta/tree-sitter-hlsl";
};
@ -856,6 +867,17 @@
};
meta.homepage = "https://github.com/Kerl13/tree-sitter-menhir";
};
mermaid = buildGrammar {
language = "mermaid";
version = "d787c66";
source = fetchFromGitHub {
owner = "monaqa";
repo = "tree-sitter-mermaid";
rev = "d787c66276e7e95899230539f556e8b83ee16f6d";
hash = "sha256-JwQ3jfwwOvM9eJWP/D3wXUBDysRxpa+mktYFajwA3IA=";
};
meta.homepage = "https://github.com/monaqa/tree-sitter-mermaid";
};
meson = buildGrammar {
language = "meson";
version = "153d225";
@ -1114,12 +1136,12 @@
};
rasi = buildGrammar {
language = "rasi";
version = "1239134";
version = "5f04634";
source = fetchFromGitHub {
owner = "Fymyte";
repo = "tree-sitter-rasi";
rev = "12391343979463a2484e6353e5afb6dcb8c31e8b";
hash = "sha256-JmL2Ei2DZhsZ4jFQ8s6B0ig9bflDs9dLr5/QknDqqRc=";
rev = "5f04634dd4e12de4574c4a3dc9d6d5d4da4a2a1b";
hash = "sha256-2n8nHinlgtLKBlDLiphu7vqPi7W02brRY1h8BGkcoZc=";
};
meta.homepage = "https://github.com/Fymyte/tree-sitter-rasi";
};
@ -1301,12 +1323,12 @@
};
swift = buildGrammar {
language = "swift";
version = "25f8de3";
version = "cff1c9a";
source = fetchFromGitHub {
owner = "alex-pinkus";
repo = "tree-sitter-swift";
rev = "25f8de356e3c33099ed691bd3b8b5c0fe3a11e15";
hash = "sha256-x9m5QFQY33NWdkq0lkWiskfKxqRPz5ePSbVUDY7IBLU=";
rev = "cff1c9a62df89e8900d53ff48bc42862e6522dcf";
hash = "sha256-tfpqnutY8uLzhPWPsDzsvwaRWOS8vIxAOPlcyPoSwNU=";
};
generate = true;
meta.homepage = "https://github.com/alex-pinkus/tree-sitter-swift";
@ -1336,12 +1358,12 @@
};
tiger = buildGrammar {
language = "tiger";
version = "eb1d371";
version = "a233ebe";
source = fetchFromGitHub {
owner = "ambroisie";
repo = "tree-sitter-tiger";
rev = "eb1d3714998977ae76ca7c6a102b10ee37efc2b5";
hash = "sha256-kbwERaTHk5Pj5AfpbXPuRS6speB+xLMfrhRXTVOyMNw=";
rev = "a233ebe360a73a92c50978e5c4e9e471bc59ff42";
hash = "sha256-lQ3WkA1v3J2FuK2zPUwqahPnHPkAuevpBJrLtrlqaEs=";
};
meta.homepage = "https://github.com/ambroisie/tree-sitter-tiger";
};
@ -1380,12 +1402,12 @@
};
tsx = buildGrammar {
language = "tsx";
version = "0ab9d99";
version = "0ae3828";
source = fetchFromGitHub {
owner = "tree-sitter";
repo = "tree-sitter-typescript";
rev = "0ab9d99867435a7667c5548a6617a6bf73dbd830";
hash = "sha256-Nx+K7Ic/ePKAXPIMlrRn6zELYE59f/FnnZ/LM5ELaU8=";
rev = "0ae382803abce0807e90f498105c713b9233e0b2";
hash = "sha256-we8jkX8Nl9+eGw8c6ZmH5hW7yfzFaNhQ+WDzRvMMx9A=";
};
location = "tsx";
meta.homepage = "https://github.com/tree-sitter/tree-sitter-typescript";
@ -1414,12 +1436,12 @@
};
typescript = buildGrammar {
language = "typescript";
version = "0ab9d99";
version = "0ae3828";
source = fetchFromGitHub {
owner = "tree-sitter";
repo = "tree-sitter-typescript";
rev = "0ab9d99867435a7667c5548a6617a6bf73dbd830";
hash = "sha256-Nx+K7Ic/ePKAXPIMlrRn6zELYE59f/FnnZ/LM5ELaU8=";
rev = "0ae382803abce0807e90f498105c713b9233e0b2";
hash = "sha256-we8jkX8Nl9+eGw8c6ZmH5hW7yfzFaNhQ+WDzRvMMx9A=";
};
location = "typescript";
meta.homepage = "https://github.com/tree-sitter/tree-sitter-typescript";
@ -1471,12 +1493,12 @@
};
vim = buildGrammar {
language = "vim";
version = "4ae7bd6";
version = "55ff1b0";
source = fetchFromGitHub {
owner = "vigoux";
repo = "tree-sitter-viml";
rev = "4ae7bd67706d7e10afed827ce2ded884ab41650f";
hash = "sha256-5gNqs6ykt2m48ghFv9y5OxsHDPTWRicdT9eR+DDiXiA=";
rev = "55ff1b080c09edeced9b748cf4c16d0b49d17fb9";
hash = "sha256-bMh6RPP0+zpNkMS/mpbKTaug9EL6u4kTcztnEXaNGyA=";
};
meta.homepage = "https://github.com/vigoux/tree-sitter-viml";
};
@ -1515,12 +1537,12 @@
};
yang = buildGrammar {
language = "yang";
version = "8e9d175";
version = "2c0e6be";
source = fetchFromGitHub {
owner = "Hubro";
repo = "tree-sitter-yang";
rev = "8e9d175982afcefa3dac8ca20d40d1643accd2bd";
hash = "sha256-QSOy5wLb52hKkfW8bJY827zGrXTsMO5sZtl2NaNLmBA=";
rev = "2c0e6be8dd4dcb961c345fa35c309ad4f5bd3502";
hash = "sha256-6EIK1EStHrUHBLZBsZqd1LL05ZAJ6PKUyIzBBsTVjO8=";
};
meta.homepage = "https://github.com/Hubro/tree-sitter-yang";
};

View file

@ -62,6 +62,10 @@ let
in
{
postPatch = ''
rm -r parser
'';
passthru = {
inherit builtGrammars allGrammars withPlugins withAllGrammars;

View file

@ -749,6 +749,10 @@ self: super: {
'';
});
ssr = super.ssr-nvim.overrideAttrs (old: {
dependencies = with self; [ nvim-treesitter ];
});
statix = buildVimPluginFrom2Nix rec {
inherit (statix) pname src meta;
version = "0.1.0";

View file

@ -415,6 +415,7 @@ https://github.com/Shougo/neco-syntax/,,
https://github.com/Shougo/neco-vim/,,
https://github.com/nvim-neo-tree/neo-tree.nvim/,HEAD,
https://github.com/Shougo/neocomplete.vim/,,
https://github.com/folke/neoconf.nvim/,HEAD,
https://github.com/KeitaNakamura/neodark.vim/,,
https://github.com/folke/neodev.nvim/,HEAD,
https://github.com/sbdchd/neoformat/,,
@ -617,6 +618,7 @@ https://github.com/AndrewRadev/splitjoin.vim/,,
https://github.com/tami5/sqlite.lua/,,
https://github.com/srcery-colors/srcery-vim/,,
https://github.com/chr4/sslsecure.vim/,,
https://github.com/cshuaimin/ssr.nvim/,HEAD,
https://github.com/luukvbaal/stabilize.nvim/,,
https://github.com/eigenfoo/stan-vim/,,
https://github.com/darfink/starsearch.vim/,,

View file

@ -1406,8 +1406,8 @@ let
mktplcRef = {
name = "elixir-ls";
publisher = "JakeBecker";
version = "0.11.0";
sha256 = "sha256-okvwyD0m2r8ar85VtuBUNMUZGGrCfJ4DB9v7aSX5PjM=";
version = "0.12.0";
sha256 = "sha256-ZwdGcsvmEKDH5ZAkKiLEV/3ru74BittnxibMWbdkaco=";
};
meta = with lib; {
changelog = "https://marketplace.visualstudio.com/items/JakeBecker.elixir-ls/changelog";
@ -1451,8 +1451,8 @@ let
mktplcRef = {
name = "latex-workshop";
publisher = "James-Yu";
version = "8.29.0";
sha256 = "sha256-khAlxN+y06aneZE97fqNg2esj/wvIUINiMdVc/exd38=";
version = "9.0.0";
sha256 = "sha256-aXDYRLbDZGul2mG+jZs6o5Z5QVhEiOCaLhHpj/zVt6E=";
};
meta = with lib; {
changelog = "https://marketplace.visualstudio.com/items/James-Yu.latex-workshop/changelog";
@ -2451,6 +2451,16 @@ let
};
};
sonarsource.sonarlint-vscode = buildVscodeMarketplaceExtension {
mktplcRef = {
name = "sonarlint-vscode";
publisher = "sonarsource";
version = "3.12.0";
sha256 = "sha256-vVOmqb0iEIGgN+LkJfazNN+KNWvnWRbIsqetXfeabJU=";
};
meta.license = lib.licenses.lgpl3Only;
};
spywhere.guides = buildVscodeMarketplaceExtension {
mktplcRef = {
name = "guides";
@ -2517,8 +2527,8 @@ let
mktplcRef = {
name = "code-spell-checker";
publisher = "streetsidesoftware";
version = "2.11.0";
sha256 = "sha256-ZYbkCe/FdSxmipV9TTq0AF/Ft01+LTUeo3sVyKMP3iQ=";
version = "2.11.1";
sha256 = "sha256-o6Se+xpqwrdJIMnVE/HaDGIoDqZkeX0nTGHa8GjaqVQ=";
};
meta = with lib; {
changelog = "https://marketplace.visualstudio.com/items/streetsidesoftware.code-spell-checker/changelog";
@ -2947,8 +2957,8 @@ let
mktplcRef = {
name = "markdown-all-in-one";
publisher = "yzhang";
version = "3.4.0";
sha256 = "0ihfrsg2sc8d441a2lkc453zbw1jcpadmmkbkaf42x9b9cipd5qb";
version = "3.4.4";
sha256 = "2lZfWP+yk0Dp8INLjlJY5ROGu0sLaWhb4fT+O9xGg0s=";
};
meta = {
license = lib.licenses.mit;

View file

@ -28,13 +28,13 @@
stdenv.mkDerivation rec {
pname = "cemu";
version = "2.0-13";
version = "2.0-17";
src = fetchFromGitHub {
owner = "cemu-project";
repo = "Cemu";
rev = "v${version}";
hash = "sha256-0yomEJoXMKZV2PAjINegSvtDB6gbYxQ6XcXA60/ZkEM=";
hash = "sha256-ryFph55o7s3eiqQ8kx5+3Et5S2U9H5i3fmZTc1CaCnA=";
};
patches = [
@ -106,7 +106,13 @@ stdenv.mkDerivation rec {
preFixup = let
libs = [ vulkan-loader ] ++ cubeb.passthru.backendLibs;
in ''
gappsWrapperArgs+=(--prefix LD_LIBRARY_PATH : "${lib.makeLibraryPath libs}")
gappsWrapperArgs+=(
--prefix LD_LIBRARY_PATH : "${lib.makeLibraryPath libs}"
# Force X11 to be used until Wayland is natively supported
# <https://github.com/cemu-project/Cemu/pull/143>
--set GDK_BACKEND x11
)
'';
meta = with lib; {

View file

@ -6,7 +6,7 @@
, bluez
, ffmpeg
, libao
, gtk2
, gtk3
, glib
, libGLU
, libGL
@ -21,7 +21,7 @@
, fetchFromGitHub
, libusb1
, libevdev
, wxGTK30
, wxGTK30-gtk3
, soundtouch
, miniupnpc
, mbedtls
@ -43,29 +43,33 @@ stdenv.mkDerivation rec {
};
patches = [
# Fix build with soundtouch 2.1.2
# Fix FTBFS with glibc 2.26
(fetchpatch {
url = "https://src.fedoraproject.org/rpms/dolphin-emu/raw/a1b91fdf94981e12c8889a02cba0ec2267d0f303/f/dolphin-emu-5.0-soundtouch-exception-fix.patch";
name = "dolphin-emu-5.0-soundtouch-exception-fix.patch";
sha256 = "0yd3l46nja5qiknnl30ryad98f3v8911jwnr67hn61dzx2kwbbaw";
url = "https://salsa.debian.org/games-team/dolphin-emu/raw/8c952b1fcd46259e9d8cce836df433e0a8b88f8c/debian/patches/02_glibc-2.26.patch";
name = "02_glibc-2.26.patch";
sha256 = "sha256-LBXT3rf5klwmX9YQXt4/iv06GghsWZprNhLGYlKiDqk=";
})
# Fix build with gcc 8
# Fix FTBFS with GCC 8
(fetchpatch {
url = "https://salsa.debian.org/games-team/dolphin-emu/raw/9b7b4aeac1b60dcf28bdcafbed6bc498b2aeb0ad/debian/patches/03_gcc8.patch";
url = "https://salsa.debian.org/games-team/dolphin-emu/raw/8c952b1fcd46259e9d8cce836df433e0a8b88f8c/debian/patches/03_gcc8.patch";
name = "03_gcc8.patch";
sha256 = "1da95gb8c95kd5cjhdvg19cv2z863lj3va5gx3bqc7g8r36glqxr";
sha256 = "sha256-uWP6zMjoHYbX6K+oPSQdBn2xWQpvNyhZabMkhtYrSbU=";
})
# Fix FTBFS with SoundTouch 2.1.2
(fetchpatch {
url = "https://salsa.debian.org/games-team/dolphin-emu/raw/8c952b1fcd46259e9d8cce836df433e0a8b88f8c/debian/patches/05_soundtouch-2.1.2.patch";
name = "05_soundtouch-2.1.2.patch";
sha256 = "sha256-Y7CNM6GQC9GRhlOBLZlxkIpj1CFhIwA5L8lGXur/bwY=";
})
# Use GTK+3 wxWidgets backend
(fetchpatch {
url = "https://salsa.debian.org/games-team/dolphin-emu/raw/8c952b1fcd46259e9d8cce836df433e0a8b88f8c/debian/patches/06_gtk3.patch";
name = "06_gtk3.patch";
sha256 = "sha256-pu5Q0+8kNwmpf2DoXCXHFqxF0EGTnFXJipkBz1Vh2cs=";
})
];
postPatch = ''
substituteInPlace Source/Core/VideoBackends/OGL/RasterFont.cpp \
--replace " CHAR_WIDTH " " CHARWIDTH "
'';
cmakeFlags = [
"-DGTK2_GLIBCONFIG_INCLUDE_DIR=${glib.out}/lib/glib-2.0/include"
"-DGTK2_GDKCONFIG_INCLUDE_DIR=${gtk2.out}/lib/gtk-2.0/include"
"-DGTK2_INCLUDE_DIRS=${gtk2.dev}/include/gtk-2.0"
"-DENABLE_LTO=True"
];
@ -80,7 +84,7 @@ stdenv.mkDerivation rec {
libao
libGLU
libGL
gtk2
gtk3
glib
gettext
libpthreadstubs
@ -97,7 +101,7 @@ stdenv.mkDerivation rec {
portaudio
libusb1
libpulseaudio
wxGTK30
wxGTK30-gtk3
soundtouch
miniupnpc
mbedtls
@ -117,6 +121,6 @@ stdenv.mkDerivation rec {
maintainers = with maintainers; [ MP2E ashkitten ];
# x86_32 is an unsupported platform.
# Enable generic build if you really want a JIT-less binary.
platforms = [ "x86_64-linux" ];
platforms = [ "x86_64-linux" "aarch64-linux" ];
};
}

View file

@ -6,7 +6,6 @@
, cmake
, curl
, fetchFromGitHub
, fetchpatch
, ffmpeg
, fluidsynth
, gettext
@ -50,7 +49,7 @@ let
mkLibretroCore =
{ core
, src ? (getCoreSrc core)
, version ? "unstable-2022-10-18"
, version ? "unstable-2022-11-21"
, ...
}@args:
import ./mkLibretroCore.nix ({
@ -796,11 +795,6 @@ in
puae = mkLibretroCore {
core = "puae";
makefile = "Makefile";
# https://github.com/libretro/libretro-uae/pull/529
patches = fetchpatch {
url = "https://github.com/libretro/libretro-uae/commit/90ba4c9bb940e566781c3590553270ad69cf212e.patch";
sha256 = "sha256-9xkRravvyFZc0xsIj0OSm2ux5BqYogfQ1TDnH9l6jKw=";
};
meta = {
description = "Amiga emulator based on WinUAE";
license = lib.licenses.gpl2Only;

View file

@ -45,12 +45,12 @@ let
in
stdenv.mkDerivation rec {
pname = "retroarch-bare";
version = "1.12.0";
version = "1.13.0";
src = fetchFromGitHub {
owner = "libretro";
repo = "RetroArch";
hash = "sha256-doLWNA8aTAllxx3zABtvZaegBQEPIi8276zbytPSdBU=";
hash = "sha256-eEe0mM9gUWgEzoRH1Iuet20US9eXNtCVSBi2kX1njVw=";
rev = "v${version}";
};

View file

@ -38,8 +38,8 @@
"beetle-psx": {
"owner": "libretro",
"repo": "beetle-psx-libretro",
"rev": "bd6b9ef3049fe3f70a18ee6f752a935ae83c2f2b",
"sha256": "CXcLMOF6IXUrp14nyTQ5KK2LR+FyWcF0UcvHTxEVSo0="
"rev": "798fab9d5bc82dde26442d9b4861d377d4689e31",
"sha256": "wHCUSMdPbIudmNm4XXW/zH6TDz7x9DrMNV/L8H3aO/w="
},
"beetle-saturn": {
"owner": "libretro",
@ -129,8 +129,8 @@
"dolphin": {
"owner": "libretro",
"repo": "dolphin",
"rev": "9810e29a1f3633d32b6643b97a1147d83311d73a",
"sha256": "iIaVSJSC3mD1k751vQvWI6x0C/HhfjEaMwfX53FpZv4="
"rev": "a8188dbc4e63d6c0867ed2196f5125130955f012",
"sha256": "gf9OjeDazDPDnQ9S2+hV4CNxPAkCCaEhJDZF97a1//U="
},
"dosbox": {
"owner": "libretro",
@ -141,8 +141,8 @@
"eightyone": {
"owner": "libretro",
"repo": "81-libretro",
"rev": "73f6cca62dabc84df946aea71cf457ce5ae5ea9d",
"sha256": "oovIKMZXxtLc+zmbguagTVoMPngokdN3xTBnb/+KUjY="
"rev": "340a51b250fb8fbf1a9e5d3ad3924044250064e0",
"sha256": "Cz3gPwbME8lDMKju3dn8hM8O2u9h9+8EUg7Nf6a7epA="
},
"fbalpha2012": {
"owner": "libretro",
@ -153,14 +153,14 @@
"fbneo": {
"owner": "libretro",
"repo": "fbneo",
"rev": "758f24740d81ff833c1868befd98ccd11909255f",
"sha256": "VhfsvohRWICWqKWry0fgUS76kiXBsnjY9DytxEvulKA="
"rev": "a12455af75e60765da134b83051700e0fbe3803a",
"sha256": "ujO9KVn7o6xueeEr5GHfOy7NimwNIvYxgMM9xJvtjvo="
},
"fceumm": {
"owner": "libretro",
"repo": "libretro-fceumm",
"rev": "3d3cc53c0177e296af2427c29bbb31902b26f3b8",
"sha256": "Z5LqP6IBq0H6uM0027PSkW6JLvVDA/4CrO6bI478Z1o="
"rev": "8c3f690e61a1d65dfb25510426ae88eeae93e1ae",
"sha256": "vzPrAEII8SWj3Ki2OaZb0/9gbQDz04rp2dXf2LE1sXg="
},
"flycast": {
"owner": "libretro",
@ -189,8 +189,8 @@
"genesis-plus-gx": {
"owner": "libretro",
"repo": "Genesis-Plus-GX",
"rev": "5cdb31854074de1662266a0a675866ea7b787b42",
"sha256": "vMswSKM5aYlPZu5y4Z1L/+eaPBdQaLPPMKoC7B/xzqc="
"rev": "3abf975785fe77267a399cc583ccf1469e081b86",
"sha256": "QdiWKS7j80Sw0L+hf6efmQ40lQi/f95pFLQfoohoUKg="
},
"gpsp": {
"owner": "libretro",
@ -219,8 +219,8 @@
"mame": {
"owner": "libretro",
"repo": "mame",
"rev": "0d935696dce53a13eaf0705f4a108ee348f3c613",
"sha256": "HnJ3eHzTpR7Lsi1ATn3B314y0KNKJ0+qNGcDbFvmZEA="
"rev": "57622367cb780013690d6ef23b2066b500f6ce92",
"sha256": "0iR1JGAhwYXXLnv8BDW1bsxfFywEI82aov2+MHw5w6Q="
},
"mame2000": {
"owner": "libretro",
@ -231,14 +231,14 @@
"mame2003": {
"owner": "libretro",
"repo": "mame2003-libretro",
"rev": "cb0c89304b2cd584cda7105c6be4e69fa304f0e0",
"sha256": "ob/aUh5NZCfQvpA+nEs2QhVXeNBBVZesX/xQfatY9wU="
"rev": "dbdda8e7189d63061ac42f502c0cd2dc7f1f8651",
"sha256": "XED/gunYOc+NnQ8YORw/ALP2eCTyvRdIxPiFpNf5nuA="
},
"mame2003-plus": {
"owner": "libretro",
"repo": "mame2003-plus-libretro",
"rev": "d88d5c118e8d7075ec0a4e6deebb4cd3f18a8dd1",
"sha256": "9offucQMCpMqo4StYscS6kivXCYHy4Sn+Cs/3MoNwsw="
"rev": "5dd4a30500edc0b00c712750093aa287c9bb4ce2",
"sha256": "Nvm5U6rpsDZdUJONtvZ6YmztuupLaXz2QT0SBJtzO/4="
},
"mame2010": {
"owner": "libretro",
@ -285,14 +285,14 @@
"mgba": {
"owner": "libretro",
"repo": "mgba",
"rev": "199a03e719436018779fe9299706c597fb2e9231",
"sha256": "3Q3MBzezCvl1Er45AeUM/QI0a+JiGn/PfYpqMaaiuds="
"rev": "ec5ecb26deba8d7ac830fc66ade9fac0eeaeb4ae",
"sha256": "kDDs+M7TPu6UhFnj9+XGI9whQFQ5/+7fSb0YUN7oMsg="
},
"mupen64plus": {
"owner": "libretro",
"repo": "mupen64plus-libretro-nx",
"rev": "c10546e333d57eb2e5a6ccef1e84cb6f9274c526",
"sha256": "dbS32slJBfz8DHeIQy20lAYw0+ig0LRgIaGfqW082xs="
"rev": "1b67122ff6a923c93a56ff94273e3768a6da5dff",
"sha256": "qORxhy7hXVdGUkQumOmGVXnF1kW0BShMNBVlaRu3a1w="
},
"neocd": {
"owner": "libretro",
@ -303,8 +303,8 @@
"nestopia": {
"owner": "libretro",
"repo": "nestopia",
"rev": "a9ee6ca84f04990e209880fe47144e62b14253db",
"sha256": "q3pD2Cm/a62x3xW8JymU9w82zHlT0BoPlaSfzjZzh/c="
"rev": "5c360e55d5437ecd3520568ee44cf1af63d4696a",
"sha256": "+1QQc4gVZ5ZHt/I0bjRkW+kbPaeGUNrjbrzUoVz4drM="
},
"np2kai": {
"owner": "AZO234",
@ -316,8 +316,8 @@
"nxengine": {
"owner": "libretro",
"repo": "nxengine-libretro",
"rev": "aa32afb8df8461920037bdbbddbff00bf465c6de",
"sha256": "Ic5YsNLoEZJ/vkjthwypwLN3ntB/5EX8bU92V80S7R4="
"rev": "e271c6262d73f07e5d92d285503f1c049801c51a",
"sha256": "PfzHV6/nGUdbnfZ8+aHuoIQhvKcxdbuKnjIMWIIFt7Q="
},
"o2em": {
"owner": "libretro",
@ -346,8 +346,8 @@
"pcsx_rearmed": {
"owner": "libretro",
"repo": "pcsx_rearmed",
"rev": "5ced3945423cda0010597b27b7da6bce77b12baa",
"sha256": "8O2XyEr40HqQf8mHxmvB6/UT837HZw8SrKBy/JH66p4="
"rev": "a4e249a1373cf6269e1e4e0d60105e72210e67d3",
"sha256": "NOz2NQonVWEhEhAgSFHSWv6bmuTPcw0R9ihISlGwkb0="
},
"picodrive": {
"owner": "libretro",
@ -359,15 +359,15 @@
"play": {
"owner": "jpd002",
"repo": "Play-",
"rev": "1126c39cd8ebf56af347c475139d4db97fc7cc19",
"sha256": "H/cYFWl8rA/ZdoygEjr7h1y6Z0n29Z+OCzzVMvIuVyo=",
"rev": "ad3b855c6d8cc62c85e2a5d2f659159fdfaa8d80",
"sha256": "+uTf/xv2JHuNGx0bxFNXf0akRzonzRMT7gSvT2n12+o=",
"fetchSubmodules": true
},
"ppsspp": {
"owner": "hrydgard",
"repo": "ppsspp",
"rev": "4af4b0dddc638b00205d9943f17a2806e438fe83",
"sha256": "5n+Mg2ZDTJd5fk1OZAiYnCT13G3LAWahXPA+MwaOF08=",
"rev": "e654f6937a02f4a2ac8cce3574ab4f2db99f77d4",
"sha256": "LTqRA3KMV/VuQH0eTWjpOqy0U944c4ofPNEsexf93Kc=",
"fetchSubmodules": true
},
"prboom": {
@ -385,8 +385,8 @@
"puae": {
"owner": "libretro",
"repo": "libretro-uae",
"rev": "4d8ebafe3f91c4998e8d73940e9558d863ecf93b",
"sha256": "dzfZFm7L+Qe3WwSYiMLp3cQm8zk0pWVB68nBe/H1Hvc="
"rev": "d9a8dfbde7f6967fea3cffe09cd87e1d79a1a3fd",
"sha256": "uMn9ejknjwGmbc0JOu/xl30z3ff7vpxtA3qr2sv0glI="
},
"quicknes": {
"owner": "libretro",
@ -415,8 +415,8 @@
"snes9x": {
"owner": "snes9xgit",
"repo": "snes9x",
"rev": "28be1a196d2c59ed4b6489d487187569a7370aff",
"sha256": "FW4ynSS+R1ygQaCS0UrWGktfHGtcy0P/Mp/BXKfmII0="
"rev": "3c4982edddfdba482204ed48cf0b1d41ccae5493",
"sha256": "d4luyBSU/4PdsDd2jLwWSyckBPAqXMJ3C1sNmLO+E6U="
},
"snes9x2002": {
"owner": "libretro",
@ -439,8 +439,8 @@
"stella": {
"owner": "stella-emu",
"repo": "stella",
"rev": "7193c405327e0f2156d24d53836162f4b44af079",
"sha256": "A9icQON+0WrknjGp/0wiFNSWs2ot2s0X5lucCdk4O/s="
"rev": "fa49e034101a22344c7bd01648d514b6cc61ac7f",
"sha256": "Svv+j7/9PvZ6djk2kfpbr9iUC8xqX8B4Plnf43Hj62A="
},
"stella2014": {
"owner": "libretro",
@ -451,8 +451,8 @@
"swanstation": {
"owner": "libretro",
"repo": "swanstation",
"rev": "ff0b451a573885a5b3a4f291f7b22f3ffc667a17",
"sha256": "jz8tkvgonc4icRt12tt1BBCCiwec0ucix7Hp7PNPl8E="
"rev": "27a224fc9e86e0f061504878d1c0cbf3fd6891af",
"sha256": "5kW9/4gMfyvo3ExlJVivx8LhW5as3Mq5fhlNrIFDUVM="
},
"tgbdual": {
"owner": "libretro",
@ -494,8 +494,8 @@
"virtualjaguar": {
"owner": "libretro",
"repo": "virtualjaguar-libretro",
"rev": "263c979be4ca757c43fb525bd6f0887998e57041",
"sha256": "6Q6Y0IFUWS9ZPhnAK3EUo4hMGPdBn8eNEYCK/zLgAKU="
"rev": "2cc06899b839639397b8b30384a191424b6f529d",
"sha256": "7FiU5/n1hVePttkz7aVfXXx88+zX06/5SJk3EaRYvhQ="
},
"yabause": {
"owner": "libretro",

View file

@ -5,12 +5,12 @@
stdenvNoCC.mkDerivation rec {
pname = "libretro-core-info";
version = "1.12.0";
version = "1.13.0";
src = fetchFromGitHub {
owner = "libretro";
repo = "libretro-core-info";
hash = "sha256-ByATDM0V40UJxigqVLyTWkHY5tiCC2dvZebksl8GsUI=";
hash = "sha256-rTq2h+IGJduBkP4qCACmm3T2PvbZ0mOmwD1jLkJ2j/Q=";
rev = "v${version}";
};

View file

@ -2,13 +2,13 @@
buildGoModule rec {
pname = "llama";
version = "1.1.1";
version = "1.2.0";
src = fetchFromGitHub {
owner = "antonmedv";
repo = "llama";
rev = "v${version}";
sha256 = "sha256-/YnaKodMkuHrB0xH1UNRq+a6VknKRqcbBIehaYM6Gyc=";
sha256 = "sha256-32UyFy269rifw4Hjw18FO0F79sDNW8dgJ2MdGXSzLWo=";
};
vendorSha256 = "sha256-nngto104p/qJpWM1NlmEqcrJThXSeCfcoXCzV1CClYQ=";

View file

@ -5,7 +5,7 @@
, perl
, makeWrapper
, writeText
, jdk11
, jdk
, gsettings-desktop-schemas
}:
@ -96,7 +96,7 @@ stdenv.mkDerivation rec {
makeWrapper $out/share/mucommander/mucommander.sh $out/bin/mucommander \
--prefix XDG_DATA_DIRS : ${gsettings-desktop-schemas}/share/gsettings-schemas/${gsettings-desktop-schemas.name} \
--set JAVA_HOME ${jdk11}
--set JAVA_HOME ${jdk}
'';
meta = with lib; {

View file

@ -19,19 +19,19 @@
assert withIcons -> withNerdIcons == false;
assert withNerdIcons -> withIcons == false;
stdenv.mkDerivation rec {
stdenv.mkDerivation (finalAttrs: {
pname = "nnn";
version = "4.6";
version = "4.7";
src = fetchFromGitHub {
owner = "jarun";
repo = pname;
rev = "v${version}";
sha256 = "sha256-+EAKOXZp1kxA2X3e16ItjPT7Sa3WZuP2oxOdXkceTIY=";
repo = "nnn";
rev = "v${finalAttrs.version}";
hash = "sha256-ttG0aEqMlNyJaMhcVfrxbxlrhr1GSydrV58CYSq4CTM=";
};
configFile = lib.optionalString (conf != null) (builtins.toFile "nnn.h" conf);
preBuild = lib.optionalString (conf != null) "cp ${configFile} src/nnn.h";
preBuild = lib.optionalString (conf != null) "cp ${finalAttrs.configFile} src/nnn.h";
nativeBuildInputs = [ installShellFiles makeWrapper pkg-config ];
buildInputs = [ readline ncurses ] ++ lib.optional stdenv.hostPlatform.isMusl musl-fts;
@ -39,7 +39,7 @@ stdenv.mkDerivation rec {
NIX_CFLAGS_COMPILE = lib.optionalString stdenv.hostPlatform.isMusl "-I${musl-fts}/include";
NIX_LDFLAGS = lib.optionalString stdenv.hostPlatform.isMusl "-lfts";
makeFlags = [ "PREFIX=${placeholder "out"}" ]
makeFlags = [ "PREFIX=$(out)" ]
++ lib.optionals withIcons [ "O_ICONS=1" ]
++ lib.optionals withNerdIcons [ "O_NERD=1" ];
@ -61,4 +61,4 @@ stdenv.mkDerivation rec {
platforms = platforms.all;
maintainers = with maintainers; [ jfrankenau Br1ght0ne ];
};
}
})

Some files were not shown because too many files have changed in this diff Show more