Project import generated by Copybara.

GitOrigin-RevId: ff96a0fa5635770390b184ae74debea75c3fd534
This commit is contained in:
Default email 2021-02-13 15:23:35 +01:00
parent 7c4334591a
commit fcc03dbfc5
1028 changed files with 36856 additions and 13840 deletions

View file

@ -1 +1 @@
21.03
21.05

View file

@ -0,0 +1,11 @@
# Elm {#sec-elm}
To start a development environment do
```ShellSession
nix-shell -p elmPackages.elm elmPackages.elm-format
```
To update the Elm compiler, see <filename>nixpkgs/pkgs/development/compilers/elm/README.md</filename>.
To package Elm applications, [read about elm2nix](https://github.com/hercules-ci/elm2nix#elm2nix).

View file

@ -1,17 +0,0 @@
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xml:id="sec-elm">
<title>Elm</title>
<para>
To start a development environment do <command>nix-shell -p elmPackages.elm elmPackages.elm-format</command>
</para>
<para>
To update Elm compiler, see <filename>nixpkgs/pkgs/development/compilers/elm/README.md</filename>.
</para>
<para>
To package Elm applications, <link xlink:href="https://github.com/hercules-ci/elm2nix#elm2nix">read about elm2nix</link>.
</para>
</section>

View file

@ -8,7 +8,7 @@
<xi:include href="citrix.xml" />
<xi:include href="dlib.xml" />
<xi:include href="eclipse.xml" />
<xi:include href="elm.xml" />
<xi:include href="elm.section.xml" />
<xi:include href="emacs.section.xml" />
<xi:include href="firefox.section.xml" />
<xi:include href="fish.section.xml" />

View file

@ -15,7 +15,7 @@ in pkgs.stdenv.mkDerivation {
xmlformat
];
src = ./.;
src = lib.cleanSource ./.;
makeFlags = [
"PANDOC_LUA_FILTERS_DIR=${pkgs.pandoc-lua-filters}/share/pandoc/filters"

View file

@ -103,7 +103,7 @@ stderr> assert failed
<title>Ensuring a user provided a possible value</title>
<programlisting><![CDATA[
let sslLibrary = "bearssl";
in lib.asserts.assertOneOf "sslLibrary" sslLibrary [ "openssl" "bearssl" ];
in lib.asserts.assertOneOf "sslLibrary" sslLibrary [ "openssl" "libressl" ];
=> false
stderr> trace: sslLibrary must be one of "openssl", "libressl", but is: "bearssl"
]]></programlisting>

View file

@ -75,7 +75,7 @@ hello-2.3 A program that produces a familiar, friendly greeting
</para>
<variablelist>
<varlistentry>
<varlistentry xml:id="var-meta-description">
<term>
<varname>description</varname>
</term>
@ -94,7 +94,7 @@ hello-2.3 A program that produces a familiar, friendly greeting
</para>
</listitem>
</varlistentry>
<varlistentry>
<varlistentry xml:id="var-meta-longDescription">
<term>
<varname>longDescription</varname>
</term>
@ -104,7 +104,7 @@ hello-2.3 A program that produces a familiar, friendly greeting
</para>
</listitem>
</varlistentry>
<varlistentry>
<varlistentry xml:id="var-meta-branch">
<term>
<varname>branch</varname>
</term>
@ -114,7 +114,7 @@ hello-2.3 A program that produces a familiar, friendly greeting
</para>
</listitem>
</varlistentry>
<varlistentry>
<varlistentry xml:id="var-meta-homepage">
<term>
<varname>homepage</varname>
</term>
@ -124,7 +124,7 @@ hello-2.3 A program that produces a familiar, friendly greeting
</para>
</listitem>
</varlistentry>
<varlistentry>
<varlistentry xml:id="var-meta-downloadPage">
<term>
<varname>downloadPage</varname>
</term>
@ -134,7 +134,7 @@ hello-2.3 A program that produces a familiar, friendly greeting
</para>
</listitem>
</varlistentry>
<varlistentry>
<varlistentry xml:id="var-meta-changelog">
<term>
<varname>changelog</varname>
</term>
@ -144,7 +144,7 @@ hello-2.3 A program that produces a familiar, friendly greeting
</para>
</listitem>
</varlistentry>
<varlistentry>
<varlistentry xml:id="var-meta-license">
<term>
<varname>license</varname>
</term>
@ -183,7 +183,7 @@ hello-2.3 A program that produces a familiar, friendly greeting
</para>
</listitem>
</varlistentry>
<varlistentry>
<varlistentry xml:id="var-meta-maintainers">
<term>
<varname>maintainers</varname>
</term>
@ -193,7 +193,7 @@ hello-2.3 A program that produces a familiar, friendly greeting
</para>
</listitem>
</varlistentry>
<varlistentry>
<varlistentry xml:id="var-meta-priority">
<term>
<varname>priority</varname>
</term>
@ -203,7 +203,7 @@ hello-2.3 A program that produces a familiar, friendly greeting
</para>
</listitem>
</varlistentry>
<varlistentry>
<varlistentry xml:id="var-meta-platforms">
<term>
<varname>platforms</varname>
</term>
@ -217,7 +217,7 @@ meta.platforms = lib.platforms.linux;
</para>
</listitem>
</varlistentry>
<varlistentry>
<varlistentry xml:id="var-meta-tests">
<term>
<varname>tests</varname>
</term>
@ -244,7 +244,7 @@ meta.platforms = lib.platforms.linux;
</para>
</listitem>
</varlistentry>
<varlistentry>
<varlistentry xml:id="var-meta-timeout">
<term>
<varname>timeout</varname>
</term>
@ -254,7 +254,7 @@ meta.platforms = lib.platforms.linux;
</para>
</listitem>
</varlistentry>
<varlistentry>
<varlistentry xml:id="var-meta-hydraPlatforms">
<term>
<varname>hydraPlatforms</varname>
</term>
@ -268,7 +268,7 @@ meta.hydraPlatforms = [];
</para>
</listitem>
</varlistentry>
<varlistentry>
<varlistentry xml:id="var-meta-broken">
<term>
<varname>broken</varname>
</term>
@ -278,7 +278,7 @@ meta.hydraPlatforms = [];
</para>
</listitem>
</varlistentry>
<varlistentry>
<varlistentry xml:id="var-meta-updateWalker">
<term>
<varname>updateWalker</varname>
</term>

View file

@ -138,11 +138,11 @@
</programlisting>
</para>
<para>
For a more useful example, try the following. This configuration only allows unfree packages named flash player and visual studio code:
For a more useful example, try the following. This configuration only allows unfree packages named roon-server and visual studio code:
<programlisting>
{
allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
"flashplayer"
"roon-server"
"vscode"
];
}

View file

@ -236,10 +236,11 @@ self: super:
{
blas = super.blas.override {
blasProvider = self.mkl;
}
};
lapack = super.lapack.override {
lapackProvider = self.mkl;
}
};
}
</programlisting>
<para>

View file

@ -306,6 +306,11 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
fullName = "GNU Free Documentation License v1.1 only";
};
fdl11Plus = spdx {
spdxId = "GFDL-1.1-or-later";
fullName = "GNU Free Documentation License v1.1 or later";
};
fdl12Only = spdx {
spdxId = "GFDL-1.2-only";
fullName = "GNU Free Documentation License v1.2 only";

View file

@ -241,7 +241,7 @@ rec {
/* Return a singleton list or an empty list, depending on a boolean
value. Useful when building lists with optional elements
(e.g. `++ optional (system == "i686-linux") flashplayer').
(e.g. `++ optional (system == "i686-linux") firefox').
Type: optional :: bool -> a -> [a]

View file

@ -300,7 +300,7 @@ rec {
baseConfig = "multi_v7_defconfig";
DTB = true;
autoModules = true;
PreferBuiltin = true;
preferBuiltin = true;
target = "zImage";
extraConfig = ''
# Serial port for Raspberry Pi 3. Upstream forgot to add it to the ARMv7 defconfig.

View file

@ -48,6 +48,12 @@
See `./scripts/check-maintainer-github-handles.sh` for an example on how to work with this data.
*/
{
_0qq = {
email = "0qqw0qqw@gmail.com";
github = "0qq";
githubId = 64707304;
name = "Dmitry Kulikov";
};
_0x4A6F = {
email = "mail-maintainer@0x4A6F.dev";
name = "Joachim Ernst";
@ -538,12 +544,6 @@
githubId = 638836;
name = "Andreas Rammhold";
};
andreabedini = {
email = "andrea@kzn.io";
github = "andreabedini";
githubId = 69135;
name = "Andrea Bedini";
};
andreasfelix = {
email = "fandreas@physik.hu-berlin.de";
github = "andreasfelix";
@ -904,6 +904,12 @@
githubId = 687218;
name = "averelld";
};
avh4 = {
email = "gruen0aermel@gmail.com";
github = "avh4";
githubId = 1222;
name = "Aaron VonderHaar";
};
avitex = {
email = "theavitex@gmail.com";
github = "avitex";
@ -2279,6 +2285,12 @@
githubId = 265220;
name = "David Leung";
};
DianaOlympos = {
email = "DianaOlympos@noreply.github.com";
github = "DianaOlympos";
githubId = 15774340;
name = "Thomas Depierre";
};
dipinhora = {
email = "dipinhora+github@gmail.com";
github = "dipinhora";
@ -3043,6 +3055,12 @@
githubId = 9959940;
name = "Andreas Fehn";
};
felixsinger = {
email = "felixsinger@posteo.net";
github = "felixsinger";
githubId = 628359;
name = "Felix Singer";
};
felschr = {
email = "dev@felschr.com";
github = "felschr";
@ -3065,6 +3083,12 @@
githubId = 8182846;
name = "Francesco Gazzetta";
};
figsoda = {
email = "figsoda@pm.me";
github = "figsoda";
githubId = 40620903;
name = "figsoda";
};
fionera = {
email = "nix@fionera.de";
github = "fionera";
@ -3591,6 +3615,12 @@
githubId = 5317234;
name = "Raphael Megzari";
};
happy-river = {
email = "happyriver93@runbox.com";
github = "happy-river";
githubId = 54728477;
name = "Happy River";
};
haslersn = {
email = "haslersn@fius.informatik.uni-stuttgart.de";
github = "haslersn";
@ -3789,6 +3819,12 @@
githubId = 15371828;
name = "Hugo Lageneste";
};
hypersw = {
email = "baltic@hypersw.net";
github = "hypersw";
githubId = 2332070;
name = "Serge Baltic";
};
hyphon81 = {
email = "zero812n@gmail.com";
github = "hyphon81";
@ -7101,6 +7137,12 @@
githubId = 15645854;
name = "Brad Christensen";
};
payas = {
email = "relekarpayas@gmail.com";
github = "payasrelekar";
githubId = 24254289;
name = "Payas Relekar";
};
pawelpacana = {
email = "pawel.pacana@gmail.com";
github = "pawelpacana";
@ -7150,7 +7192,7 @@
name = "Paulus Esterhazy";
};
petabyteboy = {
email = "me@pbb.lc";
email = "milan@petabyte.dev";
github = "petabyteboy";
githubId = 3250809;
name = "Milan Pässler";
@ -7561,6 +7603,12 @@
githubId = 115877;
name = "Kenny Shen";
};
queezle = {
email = "git@queezle.net";
github = "qzle";
githubId = 1024891;
name = "Jens Nolte";
};
quentini = {
email = "quentini@airmail.cc";
github = "QuentinI";
@ -9385,6 +9433,12 @@
fingerprint = "556A 403F B0A2 D423 F656 3424 8489 B911 F9ED 617B";
}];
};
tmountain = {
email = "tinymountain@gmail.com";
github = "tmountain";
githubId = 135297;
name = "Travis Whitton";
};
tmplt = {
email = "tmplt@dragons.rocks";
github = "tmplt";
@ -9970,6 +10024,12 @@
githubId = 6016963;
name = "Patrick Winter";
};
winterqt = {
email = "nixos@winter.cafe";
github = "winterqt";
githubId = 78392041;
name = "Winter";
};
wishfort36 = {
email = "42300264+wishfort36@users.noreply.github.com";
github = "wishfort36";
@ -10632,4 +10692,10 @@
github = "zupo";
githubId = 311580;
};
felixscheinost = {
name = "Felix Scheinost";
email = "felix.scheinost@posteo.de";
github = "felixscheinost";
githubId = 31761492;
};
}

View file

@ -29,6 +29,18 @@ with lib.maintainers; {
scope = "Maintain ACME-related packages and modules.";
};
beam = {
members = [
ankhers
Br1ght0ne
DianaOlympos
gleber
happysalada
yurrriq
];
scope = "Maintain BEAM-related packages and modules.";
};
cinnamon = {
members = [
mkg20001

View file

@ -8,7 +8,7 @@
This section lists the release notes for each stable version of NixOS and
current unstable revision.
</para>
<xi:include href="rl-2103.xml" />
<xi:include href="rl-2105.xml" />
<xi:include href="rl-2009.xml" />
<xi:include href="rl-2003.xml" />
<xi:include href="rl-1909.xml" />

View file

@ -6,7 +6,9 @@
<title>Release 20.09 (“Nightingale”, 2020.10/27)</title>
<para>
Support is planned until the end of April 2021, handing over to 21.03.
Support is planned until the end of June 2021, handing over to 21.05.
(Plans <link xlink:href="https://github.com/NixOS/rfcs/blob/master/rfcs/0080-nixos-release-schedule.md#core-changes">
have shifted</link> by two months since release of 20.09.)
</para>
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
@ -1538,7 +1540,7 @@ services.transmission.settings.rpc-bind-address = "0.0.0.0";
<listitem>
<para>
Specifying <link linkend="opt-services.dovecot2.mailboxes">mailboxes</link> in the <package>dovecot2</package> module
as a list is deprecated and will break eval in 21.03. Instead, an attribute-set should be specified where the <literal>name</literal>
as a list is deprecated and will break eval in 21.05. Instead, an attribute-set should be specified where the <literal>name</literal>
should be the key of the attribute.
</para>
<para>

View file

@ -2,14 +2,14 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-release-21.03">
<title>Release 21.03 (“Okapi”, 2021.03/??)</title>
xml:id="sec-release-21.05">
<title>Release 21.05 (“Okapi”, 2021.05/??)</title>
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-release-21.03-highlights">
xml:id="sec-release-21.05-highlights">
<title>Highlights</title>
<para>
@ -20,7 +20,7 @@
<itemizedlist>
<listitem>
<para>
Support is planned until the end of October 2021, handing over to 21.09.
Support is planned until the end of December 2021, handing over to 21.11.
</para>
</listitem>
<listitem>
@ -46,7 +46,7 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-release-21.03-new-services">
xml:id="sec-release-21.05-new-services">
<title>New Services</title>
<para>
@ -82,7 +82,7 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-release-21.03-incompatibilities">
xml:id="sec-release-21.05-incompatibilities">
<title>Backward Incompatibilities</title>
<para>
@ -466,6 +466,34 @@ self: super:
ALSA OSS emulation (<varname>sound.enableOSSEmulation</varname>) is now disabled by default.
</para>
</listitem>
<listitem>
<para>
Thinkfan as been updated to <literal>1.2.x</literal>, which comes with a
new YAML based configuration format. For this reason, several NixOS options
of the thinkfan module have been changed to non-backward compatible types.
In addition, a new <xref linkend="opt-services.thinkfan.settings"/> option has
been added.
</para>
<para>
Please read the <link xlink:href="https://github.com/vmatare/thinkfan#readme">
thinkfan documentation</link> before updating.
</para>
</listitem>
<listitem>
<para>
Adobe Flash Player support has been dropped from the tree. In particular,
the following packages no longer support it:
<itemizedlist>
<listitem><simpara><package>chromium</package></simpara></listitem>
<listitem><simpara><package>firefox</package></simpara></listitem>
<listitem><simpara><package>qt48</package></simpara></listitem>
<listitem><simpara><package>qt5.qtwebkit</package></simpara></listitem>
</itemizedlist>
Additionally, packages <package>flashplayer</package> and
<package>hal-flash</package> were removed along with the
<varname>services.flashpolicyd</varname> module.
</para>
</listitem>
</itemizedlist>
</section>
@ -473,7 +501,7 @@ self: super:
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-release-21.03-notable-changes">
xml:id="sec-release-21.05-notable-changes">
<title>Other Notable Changes</title>
<itemizedlist>

View file

@ -29,6 +29,7 @@ with lib;
nixpkgs.overlays = singleton (const (super: {
cairo = super.cairo.override { x11Support = false; };
dbus = super.dbus.override { x11Support = false; };
beam = super.beam_nox;
networkmanager-fortisslvpn = super.networkmanager-fortisslvpn.override { withGnome = false; };
networkmanager-iodine = super.networkmanager-iodine.override { withGnome = false; };
networkmanager-l2tp = super.networkmanager-l2tp.override { withGnome = false; };

View file

@ -0,0 +1,43 @@
{ config, lib, ... }:
with lib;
let
cfg = config.hardware.i2c;
in
{
options.hardware.i2c = {
enable = mkEnableOption ''
i2c devices support. By default access is granted to users in the "i2c"
group (will be created if non-existent) and any user with a seat, meaning
logged on the computer locally.
'';
group = mkOption {
type = types.str;
default = "i2c";
description = ''
Grant access to i2c devices (/dev/i2c-*) to users in this group.
'';
};
};
config = mkIf cfg.enable {
boot.kernelModules = [ "i2c-dev" ];
users.groups = mkIf (cfg.group == "i2c") {
i2c = { };
};
services.udev.extraRules = ''
# allow group ${cfg.group} and users with a seat use of i2c devices
ACTION=="add", KERNEL=="i2c-[0-9]*", TAG+="uaccess", GROUP="${cfg.group}", MODE="660"
'';
};
meta.maintainers = [ maintainers.rnhmjoj ];
}

View file

@ -46,6 +46,7 @@
./hardware/cpu/intel-microcode.nix
./hardware/digitalbitbox.nix
./hardware/device-tree.nix
./hardware/i2c.nix
./hardware/sensor/hddtemp.nix
./hardware/sensor/iio.nix
./hardware/keyboard/zsa.nix
@ -177,7 +178,6 @@
./programs/tsm-client.nix
./programs/udevil.nix
./programs/usbtop.nix
./programs/venus.nix
./programs/vim.nix
./programs/wavemon.nix
./programs/waybar.nix
@ -359,6 +359,7 @@
./services/games/terraria.nix
./services/hardware/acpid.nix
./services/hardware/actkbd.nix
./services/hardware/auto-cpufreq.nix
./services/hardware/bluetooth.nix
./services/hardware/bolt.nix
./services/hardware/brltty.nix
@ -373,6 +374,7 @@
./services/hardware/nvidia-optimus.nix
./services/hardware/pcscd.nix
./services/hardware/pommed.nix
./services/hardware/power-profiles-daemon.nix
./services/hardware/ratbagd.nix
./services/hardware/sane.nix
./services/hardware/sane_extra_backends/brscan4.nix
@ -456,6 +458,7 @@
./services/misc/domoticz.nix
./services/misc/errbot.nix
./services/misc/etcd.nix
./services/misc/etebase-server.nix
./services/misc/ethminer.nix
./services/misc/exhibitor.nix
./services/misc/felix.nix
@ -648,7 +651,6 @@
./services/networking/fireqos.nix
./services/networking/firewall.nix
./services/networking/flannel.nix
./services/networking/flashpolicyd.nix
./services/networking/freenet.nix
./services/networking/freeradius.nix
./services/networking/gale.nix
@ -889,6 +891,7 @@
./services/web-apps/jitsi-meet.nix
./services/web-apps/keycloak.nix
./services/web-apps/limesurvey.nix
./services/web-apps/mastodon.nix
./services/web-apps/mattermost.nix
./services/web-apps/mediawiki.nix
./services/web-apps/miniflux.nix

View file

@ -1,7 +1,6 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.programs.captive-browser;
in
@ -27,15 +26,17 @@ in
# the options below are the same as in "captive-browser.toml"
browser = mkOption {
type = types.str;
default = concatStringsSep " " [ "${pkgs.chromium}/bin/chromium"
"--user-data-dir=\${XDG_DATA_HOME:-$HOME/.local/share}/chromium-captive"
''--proxy-server="socks5://$PROXY"''
''--host-resolver-rules="MAP * ~NOTFOUND , EXCLUDE localhost"''
"--no-first-run"
"--new-window"
"--incognito"
"http://cache.nixos.org/"
];
default = concatStringsSep " " [
''${pkgs.chromium}/bin/chromium''
''--user-data-dir=''${XDG_DATA_HOME:-$HOME/.local/share}/chromium-captive''
''--proxy-server="socks5://$PROXY"''
''--host-resolver-rules="MAP * ~NOTFOUND , EXCLUDE localhost"''
''--no-first-run''
''--new-window''
''--incognito''
''-no-default-browser-check''
''http://cache.nixos.org/''
];
description = ''
The shell (/bin/sh) command executed once the proxy starts.
When browser exits, the proxy exits. An extra env var PROXY is available.
@ -81,42 +82,45 @@ in
config = mkIf cfg.enable {
programs.captive-browser.dhcp-dns = mkOptionDefault (
if config.networking.networkmanager.enable then
"${pkgs.networkmanager}/bin/nmcli dev show ${escapeShellArg cfg.interface} | ${pkgs.gnugrep}/bin/fgrep IP4.DNS"
else if config.networking.dhcpcd.enable then
"${pkgs.dhcpcd}/bin/dhcpcd -U ${escapeShellArg cfg.interface} | ${pkgs.gnugrep}/bin/fgrep domain_name_servers"
else if config.networking.useNetworkd then
"${cfg.package}/bin/systemd-networkd-dns ${escapeShellArg cfg.interface}"
else
"${config.security.wrapperDir}/udhcpc --quit --now -f -i ${escapeShellArg cfg.interface} -O dns --script ${
pkgs.writeScript "udhcp-script" ''
#!/bin/sh
if [ "$1" = bound ]; then
echo "$dns"
fi
''}"
);
programs.captive-browser.dhcp-dns =
let
iface = prefix:
optionalString cfg.bindInterface (concatStringsSep " " (map escapeShellArg [ prefix cfg.interface ]));
in
mkOptionDefault (
if config.networking.networkmanager.enable then
"${pkgs.networkmanager}/bin/nmcli dev show ${iface ""} | ${pkgs.gnugrep}/bin/fgrep IP4.DNS"
else if config.networking.dhcpcd.enable then
"${pkgs.dhcpcd}/bin/dhcpcd ${iface "-U"} | ${pkgs.gnugrep}/bin/fgrep domain_name_servers"
else if config.networking.useNetworkd then
"${cfg.package}/bin/systemd-networkd-dns ${iface ""}"
else
"${config.security.wrapperDir}/udhcpc --quit --now -f ${iface "-i"} -O dns --script ${
pkgs.writeShellScript "udhcp-script" ''
if [ "$1" = bound ]; then
echo "$dns"
fi
''}"
);
security.wrappers.udhcpc = {
capabilities = "cap_net_raw+p";
source = "${pkgs.busybox}/bin/udhcpc";
capabilities = "cap_net_raw+p";
source = "${pkgs.busybox}/bin/udhcpc";
};
security.wrappers.captive-browser = {
capabilities = "cap_net_raw+p";
source = pkgs.writeScript "captive-browser" ''
#!${pkgs.bash}/bin/bash
export XDG_CONFIG_HOME=${pkgs.writeTextDir "captive-browser.toml" ''
browser = """${cfg.browser}"""
dhcp-dns = """${cfg.dhcp-dns}"""
socks5-addr = """${cfg.socks5-addr}"""
${optionalString cfg.bindInterface ''
bind-device = """${cfg.interface}"""
''}
''}
exec ${cfg.package}/bin/captive-browser
'';
capabilities = "cap_net_raw+p";
source = pkgs.writeShellScript "captive-browser" ''
export XDG_CONFIG_HOME=${pkgs.writeTextDir "captive-browser.toml" ''
browser = """${cfg.browser}"""
dhcp-dns = """${cfg.dhcp-dns}"""
socks5-addr = """${cfg.socks5-addr}"""
${optionalString cfg.bindInterface ''
bind-device = """${cfg.interface}"""
''}
''}
exec ${cfg.package}/bin/captive-browser
'';
};
};
}

View file

@ -1,173 +0,0 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.venus;
configFile = pkgs.writeText "venus.ini"
''
[Planet]
name = ${cfg.name}
link = ${cfg.link}
owner_name = ${cfg.ownerName}
owner_email = ${cfg.ownerEmail}
output_theme = ${cfg.cacheDirectory}/theme
output_dir = ${cfg.outputDirectory}
cache_directory = ${cfg.cacheDirectory}
items_per_page = ${toString cfg.itemsPerPage}
${(concatStringsSep "\n\n"
(map ({ name, feedUrl, homepageUrl }:
''
[${feedUrl}]
name = ${name}
link = ${homepageUrl}
'') cfg.feeds))}
'';
in
{
options = {
services.venus = {
enable = mkOption {
default = false;
type = types.bool;
description = ''
Planet Venus is an awesome river of news feed reader. It downloads
news feeds published by web sites and aggregates their content
together into a single combined feed, latest news first.
'';
};
dates = mkOption {
default = "*:0/15";
type = types.str;
description = ''
Specification (in the format described by
<citerefentry><refentrytitle>systemd.time</refentrytitle>
<manvolnum>7</manvolnum></citerefentry>) of the time at
which the Venus will collect feeds.
'';
};
user = mkOption {
default = "root";
type = types.str;
description = ''
User for running venus script.
'';
};
group = mkOption {
default = "root";
type = types.str;
description = ''
Group for running venus script.
'';
};
name = mkOption {
default = "NixOS Planet";
type = types.str;
description = ''
Your planet's name.
'';
};
link = mkOption {
default = "https://planet.nixos.org";
type = types.str;
description = ''
Link to the main page.
'';
};
ownerName = mkOption {
default = "Rok Garbas";
type = types.str;
description = ''
Your name.
'';
};
ownerEmail = mkOption {
default = "some@example.com";
type = types.str;
description = ''
Your e-mail address.
'';
};
outputTheme = mkOption {
default = "${pkgs.venus}/themes/classic_fancy";
type = types.path;
description = ''
Directory containing a config.ini file which is merged with this one.
This is typically used to specify templating and bill of material
information.
'';
};
outputDirectory = mkOption {
type = types.path;
description = ''
Directory to place output files.
'';
};
cacheDirectory = mkOption {
default = "/var/cache/venus";
type = types.path;
description = ''
Where cached feeds are stored.
'';
};
itemsPerPage = mkOption {
default = 15;
type = types.int;
description = ''
How many items to put on each page.
'';
};
feeds = mkOption {
default = [];
example = [
{
name = "Rok Garbas";
feedUrl= "http://url/to/rss/feed.xml";
homepageUrl = "http://garbas.si";
}
];
description = ''
List of feeds.
'';
};
};
};
config = mkIf cfg.enable {
system.activationScripts.venus =
''
mkdir -p ${cfg.outputDirectory}
chown ${cfg.user}:${cfg.group} ${cfg.outputDirectory} -R
rm -rf ${cfg.cacheDirectory}/theme
mkdir -p ${cfg.cacheDirectory}/theme
cp -R ${cfg.outputTheme}/* ${cfg.cacheDirectory}/theme
chown ${cfg.user}:${cfg.group} ${cfg.cacheDirectory} -R
'';
systemd.services.venus =
{ description = "Planet Venus Feed Reader";
path = [ pkgs.venus ];
script = "exec venus-planet ${configFile}";
serviceConfig.User = "${cfg.user}";
serviceConfig.Group = "${cfg.group}";
startAt = cfg.dates;
};
};
}

View file

@ -70,6 +70,8 @@ with lib;
'')
(mkRemovedOptionModule [ "services" "seeks" ] "")
(mkRemovedOptionModule [ "services" "venus" ] "The corresponding package was removed from nixpkgs.")
(mkRemovedOptionModule [ "services" "flashpolicyd" ] "The flashpolicyd module has been removed. Adobe Flash Player is deprecated.")
# Do NOT add any option renames here, see top of the file
];

View file

@ -48,8 +48,8 @@ let
++ [ "--stream.port ${toString cfg.port}" ]
++ optionalNull cfg.sampleFormat "--stream.sampleformat ${cfg.sampleFormat}"
++ optionalNull cfg.codec "--stream.codec ${cfg.codec}"
++ optionalNull cfg.streamBuffer "--stream.stream_buffer ${cfg.streamBuffer}"
++ optionalNull cfg.buffer "--stream.buffer ${cfg.buffer}"
++ optionalNull cfg.streamBuffer "--stream.stream_buffer ${toString cfg.streamBuffer}"
++ optionalNull cfg.buffer "--stream.buffer ${toString cfg.buffer}"
++ optional cfg.sendToMuted "--stream.send_to_muted"
# tcp json rpc
++ [ "--tcp.enabled ${toString cfg.tcp.enable}" ]
@ -198,13 +198,14 @@ in {
type = with types; attrsOf (submodule {
options = {
location = mkOption {
type = types.path;
type = types.oneOf [ types.path types.str ];
description = ''
The location of the pipe.
The location of the pipe, file, Librespot/Airplay/process binary, or a TCP address.
Use an empty string for alsa.
'';
};
type = mkOption {
type = types.enum [ "pipe" "file" "process" "spotify" "airplay" ];
type = types.enum [ "pipe" "librespot" "airplay" "file" "process" "tcp" "alsa" "spotify" ];
default = "pipe";
description = ''
The type of input stream.
@ -219,13 +220,21 @@ in {
example = literalExample ''
# for type == "pipe":
{
mode = "listen";
mode = "create";
};
# for type == "process":
{
params = "--param1 --param2";
logStderr = "true";
};
# for type == "tcp":
{
mode = "client";
}
# for type == "alsa":
{
device = "hw:0,0";
}
'';
};
inherit sampleFormat;
@ -255,6 +264,11 @@ in {
config = mkIf cfg.enable {
# https://github.com/badaix/snapcast/blob/98ac8b2fb7305084376607b59173ce4097c620d8/server/streamreader/stream_manager.cpp#L85
warnings = filter (w: w != "") (mapAttrsToList (k: v: if v.type == "spotify" then ''
services.snapserver.streams.${k}.type = "spotify" is deprecated, use services.snapserver.streams.${k}.type = "librespot" instead.
'' else "") cfg.streams);
systemd.services.snapserver = {
after = [ "network.target" ];
description = "Snapserver";
@ -272,7 +286,7 @@ in {
ProtectKernelTunables = true;
ProtectControlGroups = true;
ProtectKernelModules = true;
RestrictAddressFamilies = "AF_INET AF_INET6 AF_UNIX";
RestrictAddressFamilies = "AF_INET AF_INET6 AF_UNIX AF_NETLINK";
RestrictNamespaces = true;
RuntimeDirectory = name;
StateDirectory = name;

View file

@ -7,14 +7,21 @@ Platform-specific code is in the respective default.nix files.
*/
{ config, lib, options, pkgs, ... }:
let
inherit (lib) mkOption mkIf types filterAttrs literalExample mkRenamedOptionModule;
inherit (lib)
filterAttrs
literalExample
mkIf
mkOption
mkRemovedOptionModule
mkRenamedOptionModule
types
;
cfg =
config.services.hercules-ci-agent;
format = pkgs.formats.toml {};
format = pkgs.formats.toml { };
settingsModule = { config, ... }: {
freeformType = format.type;
@ -28,10 +35,14 @@ let
};
concurrentTasks = mkOption {
description = ''
Number of tasks to perform simultaneously, such as evaluations, derivations.
Number of tasks to perform simultaneously.
You must have a total capacity across agents of at least 2 concurrent tasks on <literal>x86_64-linux</literal>
to allow for import from derivation.
A task is a single derivation build or an evaluation.
At minimum, you need 2 concurrent tasks for <literal>x86_64-linux</literal>
in your cluster, to allow for import from derivation.
<literal>concurrentTasks</literal> can be around the CPU core count or lower if memory is
the bottleneck.
'';
type = types.int;
default = 4;
@ -77,61 +88,39 @@ let
};
};
# TODO (roberth, >=2022) remove
checkNix =
if !cfg.checkNix
then ""
else if lib.versionAtLeast config.nix.package.version "2.4.0"
else if lib.versionAtLeast config.nix.package.version "2.3.10"
then ""
else pkgs.stdenv.mkDerivation {
name = "hercules-ci-check-system-nix-src";
inherit (config.nix.package) src patches;
configurePhase = ":";
buildPhase = ''
echo "Checking in-memory pathInfoCache expiry"
if ! grep 'struct PathInfoCacheValue' src/libstore/store-api.hh >/dev/null; then
cat 1>&2 <<EOF
else
pkgs.stdenv.mkDerivation {
name = "hercules-ci-check-system-nix-src";
inherit (config.nix.package) src patches;
configurePhase = ":";
buildPhase = ''
echo "Checking in-memory pathInfoCache expiry"
if ! grep 'PathInfoCacheValue' src/libstore/store-api.hh >/dev/null; then
cat 1>&2 <<EOF
You are deploying Hercules CI Agent on a system with an incompatible
nix-daemon. Please
- either upgrade Nix to version 2.4.0 (when released),
- or set option services.hercules-ci-agent.patchNix = true;
- or set option nix.package to a build of Nix 2.3 with this patch applied:
https://github.com/NixOS/nix/pull/3405
You are deploying Hercules CI Agent on a system with an incompatible
nix-daemon. Please make sure nix.package is set to a Nix version of at
least 2.3.10 or a master version more recent than Mar 12, 2020.
EOF
exit 1
fi
'';
installPhase = "touch $out";
};
The patch is required for Nix-daemon clients that expect a change in binary
cache contents while running, like the agent's evaluator. Without it, import
from derivation will fail if your cluster has more than one machine.
We are conservative with changes to the overall system, which is why we
keep changes to a minimum and why we ask for confirmation in the form of
services.hercules-ci-agent.patchNix = true before applying.
EOF
exit 1
fi
'';
installPhase = "touch $out";
};
patchedNix = lib.mkIf (!lib.versionAtLeast pkgs.nix.version "2.4.0") (
if lib.versionAtLeast pkgs.nix.version "2.4pre"
then lib.warn "Hercules CI Agent module will not patch 2.4 pre-release. Make sure it includes (equivalently) PR #3043, commit d048577909 or is no older than 2020-03-13." pkgs.nix
else pkgs.nix.overrideAttrs (
o: {
patches = (o.patches or []) ++ [ backportNix3398 ];
}
)
);
backportNix3398 = pkgs.fetchurl {
url = "https://raw.githubusercontent.com/hercules-ci/hercules-ci-agent/hercules-ci-agent-0.7.3/for-upstream/issue-3398-path-info-cache-ttls-backport-2.3.patch";
sha256 = "0jfckqjir9il2il7904yc1qyadw366y7xqzg81sp9sl3f1pw70ib";
};
in
{
imports = [
(mkRenamedOptionModule ["services" "hercules-ci-agent" "extraOptions"] ["services" "hercules-ci-agent" "settings"])
(mkRenamedOptionModule ["services" "hercules-ci-agent" "baseDirectory"] ["services" "hercules-ci-agent" "settings" "baseDirectory"])
(mkRenamedOptionModule ["services" "hercules-ci-agent" "concurrentTasks"] ["services" "hercules-ci-agent" "settings" "concurrentTasks"])
(mkRenamedOptionModule [ "services" "hercules-ci-agent" "extraOptions" ] [ "services" "hercules-ci-agent" "settings" ])
(mkRenamedOptionModule [ "services" "hercules-ci-agent" "baseDirectory" ] [ "services" "hercules-ci-agent" "settings" "baseDirectory" ])
(mkRenamedOptionModule [ "services" "hercules-ci-agent" "concurrentTasks" ] [ "services" "hercules-ci-agent" "settings" "concurrentTasks" ])
(mkRemovedOptionModule [ "services" "hercules-ci-agent" "patchNix" ] "Nix versions packaged in this version of Nixpkgs don't need a patched nix-daemon to work correctly in Hercules CI Agent clusters.")
];
options.services.hercules-ci-agent = {
@ -147,15 +136,6 @@ in
Support is available at <link xlink:href="mailto:help@hercules-ci.com">help@hercules-ci.com</link>.
'';
};
patchNix = mkOption {
type = types.bool;
default = false;
description = ''
Fix Nix 2.3 cache path metadata caching behavior. Has the effect of <literal>nix.package = patch pkgs.nix;</literal>
This option will be removed when Hercules CI Agent moves to Nix 2.4 (upcoming Nix release).
'';
};
checkNix = mkOption {
type = types.bool;
default = true;
@ -206,7 +186,6 @@ in
# even shortly after the previous lookup. This *also* applies to the daemon.
narinfo-cache-negative-ttl = 0
'';
nix.package = mkIf cfg.patchNix patchedNix;
services.hercules-ci-agent.tomlFile =
format.generate "hercules-ci-agent.toml" cfg.settings;
};

View file

@ -7,9 +7,7 @@ Code that is shared with nix-darwin goes in common.nix.
*/
{ pkgs, config, lib, ... }:
let
inherit (lib) mkIf mkDefault;
cfg = config.services.hercules-ci-agent;
@ -21,7 +19,7 @@ in
{
imports = [
./common.nix
(lib.mkRenamedOptionModule ["services" "hercules-ci-agent" "user"] ["systemd" "services" "hercules-ci-agent" "serviceConfig" "User"])
(lib.mkRenamedOptionModule [ "services" "hercules-ci-agent" "user" ] [ "systemd" "services" "hercules-ci-agent" "serviceConfig" "User" ])
];
config = mkIf cfg.enable {
@ -80,6 +78,8 @@ in
isSystemUser = true;
};
users.groups.hercules-ci-agent = {};
users.groups.hercules-ci-agent = { };
};
meta.maintainers = [ lib.maintainers.roberth ];
}

View file

@ -0,0 +1,18 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.auto-cpufreq;
in {
options = {
services.auto-cpufreq = {
enable = mkEnableOption "auto-cpufreq daemon";
};
};
config = mkIf cfg.enable {
environment.systemPackages = [ pkgs.auto-cpufreq ];
systemd.packages = [ pkgs.auto-cpufreq ];
systemd.services.auto-cpufreq.path = with pkgs; [ bash coreutils ];
};
}

View file

@ -0,0 +1,53 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.power-profiles-daemon;
package = pkgs.power-profiles-daemon;
in
{
###### interface
options = {
services.power-profiles-daemon = {
enable = mkOption {
type = types.bool;
default = false;
description = ''
Whether to enable power-profiles-daemon, a DBus daemon that allows
changing system behavior based upon user-selected power profiles.
'';
};
};
};
###### implementation
config = mkIf cfg.enable {
assertions = [
{ assertion = !config.services.tlp.enable;
message = ''
You have set services.power-profiles-daemon.enable = true;
which conflicts with services.tlp.enable = true;
'';
}
];
services.dbus.packages = [ package ];
services.udev.packages = [ package ];
systemd.packages = [ package ];
};
}

View file

@ -5,50 +5,96 @@ with lib;
let
cfg = config.services.thinkfan;
configFile = pkgs.writeText "thinkfan.conf" ''
# ATTENTION: There is only very basic sanity checking on the configuration.
# That means you can set your temperature limits as insane as you like. You
# can do anything stupid, e.g. turn off your fan when your CPU reaches 70°C.
#
# That's why this program is called THINKfan: You gotta think for yourself.
#
######################################################################
#
# IBM/Lenovo Thinkpads (thinkpad_acpi, /proc/acpi/ibm)
# ====================================================
#
# IMPORTANT:
#
# To keep your HD from overheating, you have to specify a correction value for
# the sensor that has the HD's temperature. You need to do this because
# thinkfan uses only the highest temperature it can find in the system, and
# that'll most likely never be your HD, as most HDs are already out of spec
# when they reach 55 °C.
# Correction values are applied from left to right in the same order as the
# temperatures are read from the file.
#
# For example:
# tp_thermal /proc/acpi/ibm/thermal (0, 0, 10)
# will add a fixed value of 10 °C the 3rd value read from that file. Check out
# http://www.thinkwiki.org/wiki/Thermal_Sensors to find out how much you may
# want to add to certain temperatures.
settingsFormat = pkgs.formats.yaml { };
configFile = settingsFormat.generate "thinkfan.yaml" cfg.settings;
thinkfan = pkgs.thinkfan.override { inherit (cfg) smartSupport; };
${cfg.fan}
${cfg.sensors}
# fan-speed and temperature levels
levelType = with types;
let
tuple = ts: mkOptionType {
name = "tuple";
merge = mergeOneOption;
check = xs: all id (zipListsWith (t: x: t.check x) ts xs);
description = "tuple of" + concatMapStrings (t: " (${t.description})") ts;
};
level = ints.unsigned;
special = enum [ "level auto" "level full-speed" "level disengage" ];
in
tuple [ (either level special) level level ];
# Syntax:
# (LEVEL, LOW, HIGH)
# LEVEL is the fan level to use (0-7 with thinkpad_acpi)
# LOW is the temperature at which to step down to the previous level
# HIGH is the temperature at which to step up to the next level
# All numbers are integers.
#
# sensor or fan config
sensorType = name: types.submodule {
freeformType = types.attrsOf settingsFormat.type;
options = {
type = mkOption {
type = types.enum [ "hwmon" "atasmart" "tpacpi" "nvml" ];
description = ''
The ${name} type, can be
<literal>hwmon</literal> for standard ${name}s,
${cfg.levels}
<literal>atasmart</literal> to read the temperature via
S.M.A.R.T (requires smartSupport to be enabled),
<literal>tpacpi</literal> for the legacy thinkpac_acpi driver, or
<literal>nvml</literal> for the (proprietary) nVidia driver.
'';
};
query = mkOption {
type = types.str;
description = ''
The query string used to match one or more ${name}s: can be
a fullpath to the temperature file (single ${name}) or a fullpath
to a driver directory (multiple ${name}s).
<note><para>
When multiple ${name}s match, the query can be restricted using the
<option>name</option> or <option>indices</option> options.
</para></note>
'';
};
indices = mkOption {
type = with types; nullOr (listOf ints.unsigned);
default = null;
description = ''
A list of ${name}s to pick in case multiple ${name}s match the query.
<note><para>Indices start from 0.</para></note>
'';
};
} // optionalAttrs (name == "sensor") {
correction = mkOption {
type = with types; nullOr (listOf int);
default = null;
description = ''
A list of values to be added to the temperature of each sensor,
can be used to equalize small discrepancies in temperature ratings.
'';
};
};
};
# removes NixOS special and unused attributes
sensorToConf = { type, query, ... }@args:
(filterAttrs (k: v: v != null && !(elem k ["type" "query"])) args)
// { "${type}" = query; };
syntaxNote = name: ''
<note><para>
This section slightly departs from the thinkfan.conf syntax.
The type and path must be specified like this:
<literal>
type = "tpacpi";
query = "/proc/acpi/ibm/${name}";
</literal>
instead of a single declaration like:
<literal>
- tpacpi: /proc/acpi/ibm/${name}
</literal>
</para></note>
'';
thinkfan = pkgs.thinkfan.override { smartSupport = cfg.smartSupport; };
in {
options = {
@ -59,76 +105,93 @@ in {
type = types.bool;
default = false;
description = ''
Whether to enable thinkfan, fan controller for IBM/Lenovo ThinkPads.
Whether to enable thinkfan, a fan control program.
<note><para>
This module targets IBM/Lenovo thinkpads by default, for
other hardware you will have configure it more carefully.
</para></note>
'';
relatedPackages = [ "thinkfan" ];
};
smartSupport = mkOption {
type = types.bool;
default = false;
description = ''
Whether to build thinkfan with SMART support to read temperatures
Whether to build thinkfan with S.M.A.R.T. support to read temperatures
directly from hard disks.
'';
};
sensors = mkOption {
type = types.lines;
default = ''
tp_thermal /proc/acpi/ibm/thermal (0,0,10)
'';
description =''
thinkfan can read temperatures from three possible sources:
/proc/acpi/ibm/thermal
Which is provided by the thinkpad_acpi kernel
module (keyword tp_thermal)
/sys/class/hwmon/*/temp*_input
Which may be provided by any hwmon drivers (keyword
hwmon)
S.M.A.R.T. (requires smartSupport to be enabled)
Which reads the temperature directly from the hard
disk using libatasmart (keyword atasmart)
Multiple sensors may be added, in which case they will be
numbered in their order of appearance.
'';
type = types.listOf (sensorType "sensor");
default = [
{ type = "tpacpi";
query = "/proc/acpi/ibm/thermal";
}
];
description = ''
List of temperature sensors thinkfan will monitor.
'' + syntaxNote "thermal";
};
fan = mkOption {
type = types.str;
default = "tp_fan /proc/acpi/ibm/fan";
description =''
Specifies the fan we want to use.
On anything other than a Thinkpad you'll probably
use some PWM control file in /sys/class/hwmon.
A sysfs fan would be specified like this:
pwm_fan /sys/class/hwmon/hwmon2/device/pwm1
'';
fans = mkOption {
type = types.listOf (sensorType "fan");
default = [
{ type = "tpacpi";
query = "/proc/acpi/ibm/fan";
}
];
description = ''
List of fans thinkfan will control.
'' + syntaxNote "fan";
};
levels = mkOption {
type = types.lines;
default = ''
(0, 0, 55)
(1, 48, 60)
(2, 50, 61)
(3, 52, 63)
(6, 56, 65)
(7, 60, 85)
(127, 80, 32767)
'';
type = types.listOf levelType;
default = [
[0 0 55]
[1 48 60]
[2 50 61]
[3 52 63]
[6 56 65]
[7 60 85]
["level auto" 80 32767]
];
description = ''
(LEVEL, LOW, HIGH)
LEVEL is the fan level to use (0-7 with thinkpad_acpi).
[LEVEL LOW HIGH]
LEVEL is the fan level to use: it can be an integer (0-7 with thinkpad_acpi),
"level auto" (to keep the default firmware behavior), "level full-speed" or
"level disengage" (to run the fan as fast as possible).
LOW is the temperature at which to step down to the previous level.
HIGH is the temperature at which to step up to the next level.
All numbers are integers.
'';
};
extraArgs = mkOption {
type = types.listOf types.str;
default = [ ];
example = [ "-b" "0" ];
description = ''
A list of extra command line arguments to pass to thinkfan.
Check the thinkfan(1) manpage for available arguments.
'';
};
settings = mkOption {
type = types.attrsOf settingsFormat.type;
default = { };
description = ''
Thinkfan settings. Use this option to configure thinkfan
settings not exposed in a NixOS option or to bypass one.
Before changing this, read the <literal>thinkfan.conf(5)</literal>
manpage and take a look at the example config file at
<link xlink:href="https://github.com/vmatare/thinkfan/blob/master/examples/thinkfan.yaml"/>
'';
};
};
@ -138,12 +201,21 @@ in {
environment.systemPackages = [ thinkfan ];
systemd.services.thinkfan = {
description = "Thinkfan";
after = [ "basic.target" ];
wantedBy = [ "multi-user.target" ];
path = [ thinkfan ];
serviceConfig.ExecStart = "${thinkfan}/bin/thinkfan -n -c ${configFile}";
services.thinkfan.settings = mapAttrs (k: v: mkDefault v) {
sensors = map sensorToConf cfg.sensors;
fans = map sensorToConf cfg.fans;
levels = cfg.levels;
};
systemd.packages = [ thinkfan ];
systemd.services = {
thinkfan.environment.THINKFAN_ARGS = escapeShellArgs ([ "-c" configFile ] ++ cfg.extraArgs);
# must be added manually, see issue #81138
thinkfan.wantedBy = [ "multi-user.target" ];
thinkfan-wakeup.wantedBy = [ "sleep.target" ];
thinkfan-sleep.wantedBy = [ "sleep.target" ];
};
boot.extraModprobeConfig = "options thinkpad_acpi experimental=1 fan_control=1";

View file

@ -463,7 +463,7 @@ in
environment.systemPackages = [ dovecotPkg ];
warnings = mkIf (any isList options.services.dovecot2.mailboxes.definitions) [
"Declaring `services.dovecot2.mailboxes' as a list is deprecated and will break eval in 21.03! See the release notes for more info for migration."
"Declaring `services.dovecot2.mailboxes' as a list is deprecated and will break eval in 21.05! See the release notes for more info for migration."
];
assertions = [

View file

@ -0,0 +1,205 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.etebase-server;
pythonEnv = pkgs.python3.withPackages (ps: with ps;
[ etebase-server daphne ]);
dbConfig = {
sqlite3 = ''
engine = django.db.backends.sqlite3
name = ${cfg.dataDir}/db.sqlite3
'';
};
defaultConfigIni = toString (pkgs.writeText "etebase-server.ini" ''
[global]
debug = false
secret_file = ${if cfg.secretFile != null then cfg.secretFile else ""}
media_root = ${cfg.dataDir}/media
[allowed_hosts]
allowed_host1 = ${cfg.host}
[database]
${dbConfig."${cfg.database.type}"}
'');
configIni = if cfg.customIni != null then cfg.customIni else defaultConfigIni;
defaultUser = "etebase-server";
in
{
options = {
services.etebase-server = {
enable = mkOption {
type = types.bool;
default = false;
example = true;
description = ''
Whether to enable the Etebase server.
Once enabled you need to create an admin user using the
shell command <literal>etebase-server createsuperuser</literal>.
Then you can login and create accounts on your-etebase-server.com/admin
'';
};
secretFile = mkOption {
default = null;
type = with types; nullOr str;
description = ''
The path to a file containing the secret
used as django's SECRET_KEY.
'';
};
dataDir = mkOption {
type = types.str;
default = "/var/lib/etebase-server";
description = "Directory to store the Etebase server data.";
};
port = mkOption {
type = with types; nullOr port;
default = 8001;
description = "Port to listen on.";
};
openFirewall = mkOption {
type = types.bool;
default = false;
description = ''
Whether to open ports in the firewall for the server.
'';
};
host = mkOption {
type = types.str;
default = "0.0.0.0";
example = "localhost";
description = ''
Host to listen on.
'';
};
unixSocket = mkOption {
type = with types; nullOr str;
default = null;
description = "The path to the socket to bind to.";
example = "/run/etebase-server/etebase-server.sock";
};
database = {
type = mkOption {
type = types.enum [ "sqlite3" ];
default = "sqlite3";
description = ''
Database engine to use.
Currently only sqlite3 is supported.
Other options can be configured using <literal>extraConfig</literal>.
'';
};
};
customIni = mkOption {
type = with types; nullOr str;
default = null;
description = ''
Custom etebase-server.ini.
See <literal>etebase-src/etebase-server.ini.example</literal> for available options.
Setting this option overrides the default config which is generated from the options
<literal>secretFile</literal>, <literal>host</literal> and <literal>database</literal>.
'';
example = literalExample ''
[global]
debug = false
secret_file = /path/to/secret
media_root = /path/to/media
[allowed_hosts]
allowed_host1 = example.com
[database]
engine = django.db.backends.sqlite3
name = db.sqlite3
'';
};
user = mkOption {
type = types.str;
default = defaultUser;
description = "User under which Etebase server runs.";
};
};
};
config = mkIf cfg.enable {
environment.systemPackages = with pkgs; [
(runCommand "etebase-server" {
buildInputs = [ makeWrapper ];
} ''
makeWrapper ${pythonEnv}/bin/etebase-server \
$out/bin/etebase-server \
--run "cd ${cfg.dataDir}" \
--prefix ETEBASE_EASY_CONFIG_PATH : "${configIni}"
'')
];
systemd.tmpfiles.rules = [
"d '${cfg.dataDir}' - ${cfg.user} ${config.users.users.${cfg.user}.group} - -"
];
systemd.services.etebase-server = {
description = "An Etebase (EteSync 2.0) server";
after = [ "network.target" "systemd-tmpfiles-setup.service" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
User = cfg.user;
Restart = "always";
WorkingDirectory = cfg.dataDir;
};
environment = {
PYTHONPATH="${pythonEnv}/${pkgs.python3.sitePackages}";
ETEBASE_EASY_CONFIG_PATH="${configIni}";
};
preStart = ''
# Auto-migrate on first run or if the package has changed
versionFile="${cfg.dataDir}/src-version"
if [[ $(cat "$versionFile" 2>/dev/null) != ${pkgs.etebase-server} ]]; then
${pythonEnv}/bin/etebase-server migrate
echo ${pkgs.etebase-server} > "$versionFile"
fi
'';
script =
let
networking = if cfg.unixSocket != null
then "-u ${cfg.unixSocket}"
else "-b 0.0.0.0 -p ${toString cfg.port}";
in ''
cd "${pythonEnv}/lib/etebase-server";
${pythonEnv}/bin/daphne ${networking} \
etebase_server.asgi:application
'';
};
users = optionalAttrs (cfg.user == defaultUser) {
users.${defaultUser} = {
group = defaultUser;
home = cfg.dataDir;
};
groups.${defaultUser} = {};
};
networking.firewall = mkIf cfg.openFirewall {
allowedTCPPorts = [ cfg.port ];
};
};
}

View file

@ -56,6 +56,7 @@ let
"unifi-poller"
"varnish"
"wireguard"
"flow"
] (name:
import (./. + "/exporters/${name}.nix") { inherit config lib pkgs options; }
);
@ -238,9 +239,6 @@ in
services.prometheus.exporters.minio.minioAccessSecret = mkDefault config.services.minio.secretKey;
})] ++ [(mkIf config.services.prometheus.exporters.rtl_433.enable {
hardware.rtl-sdr.enable = mkDefault true;
})] ++ [(mkIf config.services.nginx.enable {
systemd.services.prometheus-nginx-exporter.after = [ "nginx.service" ];
systemd.services.prometheus-nginx-exporter.requires = [ "nginx.service" ];
})] ++ [(mkIf config.services.postfix.enable {
services.prometheus.exporters.postfix.group = mkDefault config.services.postfix.setgidGroup;
})] ++ (mapAttrsToList (name: conf:

View file

@ -0,0 +1,50 @@
{ config, lib, pkgs, options }:
with lib;
let
cfg = config.services.prometheus.exporters.flow;
in {
port = 9590;
extraOpts = {
brokers = mkOption {
type = types.listOf types.str;
example = literalExample ''[ "kafka.example.org:19092" ]'';
description = "List of Kafka brokers to connect to.";
};
asn = mkOption {
type = types.ints.positive;
example = 65542;
description = "The ASN being monitored.";
};
partitions = mkOption {
type = types.listOf types.int;
default = [];
description = ''
The number of the partitions to consume, none means all.
'';
};
topic = mkOption {
type = types.str;
example = "pmacct.acct";
description = "The Kafka topic to consume from.";
};
};
serviceOpts = {
serviceConfig = {
DynamicUser = true;
ExecStart = ''
${pkgs.prometheus-flow-exporter}/bin/flow-exporter \
-asn ${toString cfg.asn} \
-topic ${cfg.topic} \
-brokers ${concatStringsSep "," cfg.brokers} \
${optionalString (cfg.partitions != []) "-partitions ${concatStringsSep "," cfg.partitions}"} \
-addr ${cfg.listenAddress}:${toString cfg.port} ${concatStringsSep " " cfg.extraFlags}
'';
};
};
}

View file

@ -42,7 +42,7 @@ in
'';
};
};
serviceOpts = {
serviceOpts = mkMerge ([{
serviceConfig = {
ExecStart = ''
${pkgs.prometheus-nginx-exporter}/bin/nginx-prometheus-exporter \
@ -54,7 +54,10 @@ in
${concatStringsSep " \\\n " cfg.extraFlags}
'';
};
};
}] ++ [(mkIf config.services.nginx.enable {
after = [ "nginx.service" ];
requires = [ "nginx.service" ];
})]);
imports = [
(mkRenamedOptionModule [ "telemetryEndpoint" ] [ "telemetryPath" ])
(mkRemovedOptionModule [ "insecure" ] ''

View file

@ -87,6 +87,7 @@ in
NoNewPrivileges = true;
NonBlocking = true;
PrivateDevices = true;
ProtectClock = true;
ProtectControlGroups = true;
ProtectHome = true;
ProtectHostname = true;
@ -107,8 +108,13 @@ in
SystemCallFilter = [
"@system-service"
"@chown"
"~@aio"
"~@keyring"
"~@memlock"
"~@resources"
"@privileged"
"~@setuid"
"~@sync"
"~@timer"
];
};
};

View file

@ -53,4 +53,6 @@ in
};
};
};
meta.maintainers = teams.beam.members;
}

View file

@ -1,86 +0,0 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.flashpolicyd;
flashpolicyd = pkgs.stdenv.mkDerivation {
name = "flashpolicyd-0.6";
src = pkgs.fetchurl {
name = "flashpolicyd_v0.6.zip";
url = "https://download.adobe.com/pub/adobe/devnet/flashplayer/articles/socket_policy_files/flashpolicyd_v0.6.zip";
sha256 = "16zk237233npwfq1m4ksy4g5lzy1z9fp95w7pz0cdlpmv0fv9sm3";
};
buildInputs = [ pkgs.unzip pkgs.perl ];
installPhase = "mkdir $out; cp -pr * $out/; chmod +x $out/*/*.pl";
};
flashpolicydWrapper = pkgs.writeScriptBin "flashpolicyd"
''
#! ${pkgs.runtimeShell}
exec ${flashpolicyd}/Perl_xinetd/in.flashpolicyd.pl \
--file=${pkgs.writeText "flashpolixy.xml" cfg.policy} \
2> /dev/null
'';
in
{
###### interface
options = {
services.flashpolicyd = {
enable = mkOption {
type = types.bool;
default = false;
description =
''
Whether to enable the Flash Policy server. This is
necessary if you want Flash applications to make
connections to your server.
'';
};
policy = mkOption {
type = types.lines;
default =
''
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only"/>
<allow-access-from domain="*" to-ports="*" />
</cross-domain-policy>
'';
description = "The policy to be served. The default is to allow connections from any domain to any port.";
};
};
};
###### implementation
config = mkIf cfg.enable {
services.xinetd.enable = true;
services.xinetd.services = singleton
{ name = "flashpolicy";
port = 843;
unlisted = true;
server = "${flashpolicydWrapper}/bin/flashpolicyd";
};
};
}

View file

@ -191,6 +191,16 @@ in
Whether to open ports in the firewall for the videobridge.
'';
};
apis = mkOption {
type = with types; listOf str;
description = ''
What is passed as --apis= parameter. If this is empty, "none" is passed.
Needed for monitoring jitsi.
'';
default = [];
example = literalExample "[ \"colibri\" \"rest\" ]";
};
};
config = mkIf cfg.enable {
@ -221,7 +231,7 @@ in
"export ${toVarName name}=$(cat ${xmppConfig.passwordFile})\n"
) cfg.xmppConfigs))
+ ''
${pkgs.jitsi-videobridge}/bin/jitsi-videobridge --apis=none
${pkgs.jitsi-videobridge}/bin/jitsi-videobridge --apis=${if (cfg.apis == []) then "none" else concatStringsSep "," cfg.apis}
'';
serviceConfig = {

View file

@ -140,7 +140,7 @@ in {
# Try cleaning up the previously default location of cache file.
# Note that /var/cache/* should always be safe to remove.
# TODO: remove later, probably between 20.09 and 21.03
# TODO: remove later, probably between 20.09 and 21.05
systemd.tmpfiles.rules = [ "R /var/cache/kresd" ];
};
}

View file

@ -31,7 +31,7 @@ in
proxyPass = cfg.proxy;
extraConfig = ''
proxy_set_header X-Scheme $scheme;
proxy_set_header X-Auth-Request-Redirect $request_uri;
proxy_set_header X-Auth-Request-Redirect $scheme://$host$request_uri;
'';
};
locations."/oauth2/auth" = {

View file

@ -5,6 +5,10 @@ with lib;
let
cfg = config.services.hedgedoc;
# 21.03 will not be an official release - it was instead 21.05. This
# versionAtLeast statement remains set to 21.03 for backwards compatibility.
# See https://github.com/NixOS/nixpkgs/pull/108899 and
# https://github.com/NixOS/rfcs/blob/master/rfcs/0080-nixos-release-schedule.md.
name = if versionAtLeast config.system.stateVersion "21.03"
then "hedgedoc"
else "codimd";

View file

@ -0,0 +1,542 @@
{ config, lib, pkgs, ... }:
let
cfg = config.services.mastodon;
# We only want to create a database if we're actually going to connect to it.
databaseActuallyCreateLocally = cfg.database.createLocally && cfg.database.host == "/run/postgresql";
env = {
RAILS_ENV = "production";
NODE_ENV = "production";
DB_USER = cfg.database.user;
REDIS_HOST = cfg.redis.host;
REDIS_PORT = toString(cfg.redis.port);
DB_HOST = cfg.database.host;
DB_PORT = toString(cfg.database.port);
DB_NAME = cfg.database.name;
LOCAL_DOMAIN = cfg.localDomain;
SMTP_SERVER = cfg.smtp.host;
SMTP_PORT = toString(cfg.smtp.port);
SMTP_FROM_ADDRESS = cfg.smtp.fromAddress;
PAPERCLIP_ROOT_PATH = "/var/lib/mastodon/public-system";
PAPERCLIP_ROOT_URL = "/system";
ES_ENABLED = if (cfg.elasticsearch.host != null) then "true" else "false";
ES_HOST = cfg.elasticsearch.host;
ES_PORT = toString(cfg.elasticsearch.port);
}
// (if cfg.smtp.authenticate then { SMTP_LOGIN = cfg.smtp.user; } else {})
// cfg.extraConfig;
envFile = pkgs.writeText "mastodon.env" (lib.concatMapStrings (s: s + "\n") (
(lib.concatLists (lib.mapAttrsToList (name: value:
if value != null then [
"${name}=\"${toString value}\""
] else []
) env))));
mastodonEnv = pkgs.writeShellScriptBin "mastodon-env" ''
set -a
source "${envFile}"
source /var/lib/mastodon/.secrets_env
eval -- "\$@"
'';
in {
options = {
services.mastodon = {
enable = lib.mkEnableOption "Mastodon, a federated social network server";
configureNginx = lib.mkOption {
description = ''
Configure nginx as a reverse proxy for mastodon.
Note that this makes some assumptions on your setup, and sets settings that will
affect other virtualHosts running on your nginx instance, if any.
Alternatively you can configure a reverse-proxy of your choice to serve these paths:
<code>/ -> $(nix-instantiate --eval '&lt;nixpkgs&gt;' -A mastodon.outPath)/public</code>
<code>/ -> 127.0.0.1:{{ webPort }} </code>(If there was no file in the directory above.)
<code>/system/ -> /var/lib/mastodon/public-system/</code>
<code>/api/v1/streaming/ -> 127.0.0.1:{{ streamingPort }}</code>
Make sure that websockets are forwarded properly. You might want to set up caching
of some requests. Take a look at mastodon's provided nginx configuration at
<code>https://github.com/tootsuite/mastodon/blob/master/dist/nginx.conf</code>.
'';
type = lib.types.bool;
default = false;
};
user = lib.mkOption {
description = ''
User under which mastodon runs. If it is set to "mastodon",
that user will be created, otherwise it should be set to the
name of a user created elsewhere. In both cases,
<package>mastodon</package> and a package containing only
the shell script <code>mastodon-env</code> will be added to
the user's package set. To run a command from
<package>mastodon</package> such as <code>tootctl</code>
with the environment configured by this module use
<code>mastodon-env</code>, as in:
<code>mastodon-env tootctl accounts create newuser --email newuser@example.com</code>
'';
type = lib.types.str;
default = "mastodon";
};
group = lib.mkOption {
description = ''
Group under which mastodon runs.
If it is set to "mastodon", a group will be created.
'';
type = lib.types.str;
default = "mastodon";
};
streamingPort = lib.mkOption {
description = "TCP port used by the mastodon-streaming service.";
type = lib.types.port;
default = 55000;
};
webPort = lib.mkOption {
description = "TCP port used by the mastodon-web service.";
type = lib.types.port;
default = 55001;
};
sidekiqPort = lib.mkOption {
description = "TCP port used by the mastodon-sidekiq service";
type = lib.types.port;
default = 55002;
};
vapidPublicKeyFile = lib.mkOption {
description = ''
Path to file containing the public key used for Web Push
Voluntary Application Server Identification. A new keypair can
be generated by running:
<code>nix build -f '&lt;nixpkgs&gt;' mastodon; cd result; bin/rake webpush:generate_keys</code>
If <option>mastodon.vapidPrivateKeyFile</option>does not
exist, it and this file will be created with a new keypair.
'';
default = "/var/lib/mastodon/secrets/vapid-public-key";
type = lib.types.str;
};
localDomain = lib.mkOption {
description = "The domain serving your Mastodon instance.";
example = "social.example.org";
type = lib.types.str;
};
secretKeyBaseFile = lib.mkOption {
description = ''
Path to file containing the secret key base.
A new secret key base can be generated by running:
<code>nix build -f '&lt;nixpkgs&gt;' mastodon; cd result; bin/rake secret</code>
If this file does not exist, it will be created with a new secret key base.
'';
default = "/var/lib/mastodon/secrets/secret-key-base";
type = lib.types.str;
};
otpSecretFile = lib.mkOption {
description = ''
Path to file containing the OTP secret.
A new OTP secret can be generated by running:
<code>nix build -f '&lt;nixpkgs&gt;' mastodon; cd result; bin/rake secret</code>
If this file does not exist, it will be created with a new OTP secret.
'';
default = "/var/lib/mastodon/secrets/otp-secret";
type = lib.types.str;
};
vapidPrivateKeyFile = lib.mkOption {
description = ''
Path to file containing the private key used for Web Push
Voluntary Application Server Identification. A new keypair can
be generated by running:
<code>nix build -f '&lt;nixpkgs&gt;' mastodon; cd result; bin/rake webpush:generate_keys</code>
If this file does not exist, it will be created with a new
private key.
'';
default = "/var/lib/mastodon/secrets/vapid-private-key";
type = lib.types.str;
};
redis = {
createLocally = lib.mkOption {
description = "Configure local Redis server for Mastodon.";
type = lib.types.bool;
default = true;
};
host = lib.mkOption {
description = "Redis host.";
type = lib.types.str;
default = "127.0.0.1";
};
port = lib.mkOption {
description = "Redis port.";
type = lib.types.port;
default = 6379;
};
};
database = {
createLocally = lib.mkOption {
description = "Configure local PostgreSQL database server for Mastodon.";
type = lib.types.bool;
default = true;
};
host = lib.mkOption {
type = lib.types.str;
default = "/run/postgresql";
example = "192.168.23.42";
description = "Database host address or unix socket.";
};
port = lib.mkOption {
type = lib.types.int;
default = 5432;
description = "Database host port.";
};
name = lib.mkOption {
type = lib.types.str;
default = "mastodon";
description = "Database name.";
};
user = lib.mkOption {
type = lib.types.str;
default = "mastodon";
description = "Database user.";
};
passwordFile = lib.mkOption {
type = lib.types.nullOr lib.types.path;
default = "/var/lib/mastodon/secrets/db-password";
example = "/run/keys/mastodon-db-password";
description = ''
A file containing the password corresponding to
<option>database.user</option>.
'';
};
};
smtp = {
createLocally = lib.mkOption {
description = "Configure local Postfix SMTP server for Mastodon.";
type = lib.types.bool;
default = true;
};
authenticate = lib.mkOption {
description = "Authenticate with the SMTP server using username and password.";
type = lib.types.bool;
default = true;
};
host = lib.mkOption {
description = "SMTP host used when sending emails to users.";
type = lib.types.str;
default = "127.0.0.1";
};
port = lib.mkOption {
description = "SMTP port used when sending emails to users.";
type = lib.types.port;
default = 25;
};
fromAddress = lib.mkOption {
description = ''"From" address used when sending Emails to users.'';
type = lib.types.str;
};
user = lib.mkOption {
description = "SMTP login name.";
type = lib.types.str;
};
passwordFile = lib.mkOption {
description = ''
Path to file containing the SMTP password.
'';
default = "/var/lib/mastodon/secrets/smtp-password";
example = "/run/keys/mastodon-smtp-password";
type = lib.types.str;
};
};
elasticsearch = {
host = lib.mkOption {
description = ''
Elasticsearch host.
If it is not null, Elasticsearch full text search will be enabled.
'';
type = lib.types.nullOr lib.types.str;
default = null;
};
port = lib.mkOption {
description = "Elasticsearch port.";
type = lib.types.port;
default = 9200;
};
};
package = lib.mkOption {
type = lib.types.package;
default = pkgs.mastodon;
defaultText = "pkgs.mastodon";
description = "Mastodon package to use.";
};
extraConfig = lib.mkOption {
type = lib.types.attrs;
default = {};
description = ''
Extra environment variables to pass to all mastodon services.
'';
};
automaticMigrations = lib.mkOption {
type = lib.types.bool;
default = true;
description = ''
Do automatic database migrations.
'';
};
};
};
config = lib.mkIf cfg.enable {
assertions = [
{
assertion = databaseActuallyCreateLocally -> (cfg.user == cfg.database.user);
message = ''For local automatic database provisioning (services.mastodon.database.createLocally == true) with peer authentication (services.mastodon.database.host == "/run/postgresql") to work services.mastodon.user and services.mastodon.database.user must be identical.'';
}
];
systemd.services.mastodon-init-dirs = {
script = ''
umask 077
if ! test -f ${cfg.secretKeyBaseFile}; then
mkdir -p $(dirname ${cfg.secretKeyBaseFile})
bin/rake secret > ${cfg.secretKeyBaseFile}
fi
if ! test -f ${cfg.otpSecretFile}; then
mkdir -p $(dirname ${cfg.otpSecretFile})
bin/rake secret > ${cfg.otpSecretFile}
fi
if ! test -f ${cfg.vapidPrivateKeyFile}; then
mkdir -p $(dirname ${cfg.vapidPrivateKeyFile}) $(dirname ${cfg.vapidPublicKeyFile})
keypair=$(bin/rake webpush:generate_keys)
echo $keypair | grep --only-matching "Private -> [^ ]\+" | sed 's/^Private -> //' > ${cfg.vapidPrivateKeyFile}
echo $keypair | grep --only-matching "Public -> [^ ]\+" | sed 's/^Public -> //' > ${cfg.vapidPublicKeyFile}
fi
cat > /var/lib/mastodon/.secrets_env <<EOF
SECRET_KEY_BASE="$(cat ${cfg.secretKeyBaseFile})"
OTP_SECRET="$(cat ${cfg.otpSecretFile})"
VAPID_PRIVATE_KEY="$(cat ${cfg.vapidPrivateKeyFile})"
VAPID_PUBLIC_KEY="$(cat ${cfg.vapidPublicKeyFile})"
DB_PASS="$(cat ${cfg.database.passwordFile})"
'' + (if cfg.smtp.authenticate then ''
SMTP_PASSWORD="$(cat ${cfg.smtp.passwordFile})"
'' else "") + ''
EOF
'';
environment = env;
serviceConfig = {
Type = "oneshot";
User = cfg.user;
Group = cfg.group;
WorkingDirectory = cfg.package;
LogsDirectory = "mastodon";
StateDirectory = "mastodon";
};
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
};
systemd.services.mastodon-init-db = lib.mkIf cfg.automaticMigrations {
script = ''
if [ `psql mastodon -c \
"select count(*) from pg_class c \
join pg_namespace s on s.oid = c.relnamespace \
where s.nspname not in ('pg_catalog', 'pg_toast', 'information_schema') \
and s.nspname not like 'pg_temp%';" | sed -n 3p` -eq 0 ]; then
SAFETY_ASSURED=1 rake db:schema:load
rake db:seed
else
rake db:migrate
fi
'';
path = [ cfg.package pkgs.postgresql ];
environment = env;
serviceConfig = {
Type = "oneshot";
User = cfg.user;
Group = cfg.group;
EnvironmentFile = "/var/lib/mastodon/.secrets_env";
PrivateTmp = true;
LogsDirectory = "mastodon";
StateDirectory = "mastodon";
WorkingDirectory = cfg.package;
};
after = [ "mastodon-init-dirs.service" "network.target" ] ++ (if databaseActuallyCreateLocally then [ "postgresql.service" ] else []);
wantedBy = [ "multi-user.target" ];
};
systemd.services.mastodon-streaming = {
after = [ "network.target" ]
++ (if databaseActuallyCreateLocally then [ "postgresql.service" ] else [])
++ (if cfg.automaticMigrations then [ "mastodon-init-db.service" ] else [ "mastodon-init-dirs.service" ]);
description = "Mastodon streaming";
wantedBy = [ "multi-user.target" ];
environment = env // {
PORT = toString(cfg.streamingPort);
};
serviceConfig = {
ExecStart = "${pkgs.nodejs-slim}/bin/node streaming";
Restart = "always";
RestartSec = 20;
User = cfg.user;
Group = cfg.group;
WorkingDirectory = cfg.package;
EnvironmentFile = "/var/lib/mastodon/.secrets_env";
PrivateTmp = true;
LogsDirectory = "mastodon";
StateDirectory = "mastodon";
};
};
systemd.services.mastodon-web = {
after = [ "network.target" ]
++ (if databaseActuallyCreateLocally then [ "postgresql.service" ] else [])
++ (if cfg.automaticMigrations then [ "mastodon-init-db.service" ] else [ "mastodon-init-dirs.service" ]);
description = "Mastodon web";
wantedBy = [ "multi-user.target" ];
environment = env // {
PORT = toString(cfg.webPort);
};
serviceConfig = {
ExecStart = "${cfg.package}/bin/puma -C config/puma.rb";
Restart = "always";
RestartSec = 20;
User = cfg.user;
Group = cfg.group;
WorkingDirectory = cfg.package;
EnvironmentFile = "/var/lib/mastodon/.secrets_env";
PrivateTmp = true;
LogsDirectory = "mastodon";
StateDirectory = "mastodon";
};
path = with pkgs; [ file imagemagick ffmpeg ];
};
systemd.services.mastodon-sidekiq = {
after = [ "network.target" ]
++ (if databaseActuallyCreateLocally then [ "postgresql.service" ] else [])
++ (if cfg.automaticMigrations then [ "mastodon-init-db.service" ] else [ "mastodon-init-dirs.service" ]);
description = "Mastodon sidekiq";
wantedBy = [ "multi-user.target" ];
environment = env // {
PORT = toString(cfg.sidekiqPort);
};
serviceConfig = {
ExecStart = "${cfg.package}/bin/sidekiq -c 25 -r ${cfg.package}";
Restart = "always";
RestartSec = 20;
User = cfg.user;
Group = cfg.group;
WorkingDirectory = cfg.package;
EnvironmentFile = "/var/lib/mastodon/.secrets_env";
PrivateTmp = true;
LogsDirectory = "mastodon";
StateDirectory = "mastodon";
};
path = with pkgs; [ file imagemagick ffmpeg ];
};
services.nginx = lib.mkIf cfg.configureNginx {
enable = true;
recommendedProxySettings = true; # required for redirections to work
virtualHosts."${cfg.localDomain}" = {
root = "${cfg.package}/public/";
forceSSL = true; # mastodon only supports https
enableACME = true;
locations."/system/".alias = "/var/lib/mastodon/public-system/";
locations."/" = {
tryFiles = "$uri @proxy";
};
locations."@proxy" = {
proxyPass = "http://127.0.0.1:${toString(cfg.webPort)}";
proxyWebsockets = true;
};
locations."/api/v1/streaming/" = {
proxyPass = "http://127.0.0.1:${toString(cfg.streamingPort)}/";
proxyWebsockets = true;
};
};
};
services.postfix = lib.mkIf (cfg.smtp.createLocally && cfg.smtp.host == "127.0.0.1") {
enable = true;
};
services.redis = lib.mkIf (cfg.redis.createLocally && cfg.redis.host == "127.0.0.1") {
enable = true;
};
services.postgresql = lib.mkIf databaseActuallyCreateLocally {
enable = true;
ensureUsers = [
{
name = cfg.database.user;
ensurePermissions."DATABASE ${cfg.database.name}" = "ALL PRIVILEGES";
}
];
ensureDatabases = [ cfg.database.name ];
};
users.users = lib.mkMerge [
(lib.mkIf (cfg.user == "mastodon") {
mastodon = {
isSystemUser = true;
home = cfg.package;
inherit (cfg) group;
};
})
(lib.attrsets.setAttrByPath [ cfg.user "packages" ] [ cfg.package mastodonEnv ])
];
users.groups.mastodon = lib.mkIf (cfg.group == "mastodon") { };
};
meta.maintainers = with lib.maintainers; [ happy-river erictapen ];
}

View file

@ -368,7 +368,7 @@ in {
'')
++ (optional (versionOlder cfg.package.version "18") (upgradeWarning 17 "20.03"))
++ (optional (versionOlder cfg.package.version "19") (upgradeWarning 18 "20.09"))
++ (optional (versionOlder cfg.package.version "20") (upgradeWarning 19 "21.03"));
++ (optional (versionOlder cfg.package.version "20") (upgradeWarning 19 "21.05"));
services.nextcloud.package = with pkgs;
mkDefault (
@ -380,6 +380,10 @@ in {
''
else if versionOlder stateVersion "20.03" then nextcloud17
else if versionOlder stateVersion "20.09" then nextcloud18
# 21.03 will not be an official release - it was instead 21.05.
# This versionOlder statement remains set to 21.03 for backwards compatibility.
# See https://github.com/NixOS/nixpkgs/pull/108899 and
# https://github.com/NixOS/rfcs/blob/master/rfcs/0080-nixos-release-schedule.md.
else if versionOlder stateVersion "21.03" then nextcloud19
else nextcloud20
);
@ -483,6 +487,28 @@ in {
path = [ occ ];
script = ''
chmod og+x ${cfg.home}
${optionalString (c.dbpassFile != null) ''
if [ ! -r "${c.dbpassFile}" ]; then
echo "dbpassFile ${c.dbpassFile} is not readable by nextcloud:nextcloud! Aborting..."
exit 1
fi
if [ -z "$(<${c.dbpassFile})" ]; then
echo "dbpassFile ${c.dbpassFile} is empty!"
exit 1
fi
''}
${optionalString (c.adminpassFile != null) ''
if [ ! -r "${c.adminpassFile}" ]; then
echo "adminpassFile ${c.adminpassFile} is not readable by nextcloud:nextcloud! Aborting..."
exit 1
fi
if [ -z "$(<${c.adminpassFile})" ]; then
echo "adminpassFile ${c.adminpassFile} is empty!"
exit 1
fi
''}
ln -sf ${cfg.package}/apps ${cfg.home}/
# create nextcloud directories.

View file

@ -126,10 +126,14 @@ let
</IfModule>
'';
luaSetPaths = ''
luaSetPaths = let
# support both lua and lua.withPackages derivations
luaversion = cfg.package.lua5.lua.luaversion or cfg.package.lua5.luaversion;
in
''
<IfModule mod_lua.c>
LuaPackageCPath ${cfg.package.lua5}/lib/lua/${cfg.package.lua5.lua.luaversion}/?.so
LuaPackagePath ${cfg.package.lua5}/share/lua/${cfg.package.lua5.lua.luaversion}/?.lua
LuaPackageCPath ${cfg.package.lua5}/lib/lua/${luaversion}/?.so
LuaPackagePath ${cfg.package.lua5}/share/lua/${luaversion}/?.lua
</IfModule>
'';
@ -333,7 +337,7 @@ let
${sslConf}
${if cfg.package.luaSupport then luaSetPaths else ""}
${optionalString cfg.package.luaSupport luaSetPaths}
# Fascist default - deny access to everything.
<Directory />

View file

@ -79,6 +79,8 @@ let
include ${pkgs.mailcap}/etc/nginx/mime.types;
include ${cfg.package}/conf/fastcgi.conf;
include ${cfg.package}/conf/uwsgi_params;
default_type application/octet-stream;
'';
configFile = pkgs.writers.writeNginxConfig "nginx.conf" ''

View file

@ -11,6 +11,15 @@ in
services.xserver.windowManager.herbstluftwm = {
enable = mkEnableOption "herbstluftwm";
package = mkOption {
type = types.package;
default = pkgs.herbstluftwm;
defaultText = "pkgs.herbstluftwm";
description = ''
Herbstluftwm package to use.
'';
};
configFile = mkOption {
default = null;
type = with types; nullOr path;
@ -31,8 +40,8 @@ in
(cfg.configFile != null)
''-c "${cfg.configFile}"''
;
in "${pkgs.herbstluftwm}/bin/herbstluftwm ${configFileClause}";
in "${cfg.package}/bin/herbstluftwm ${configFileClause}";
};
environment.systemPackages = [ pkgs.herbstluftwm ];
environment.systemPackages = [ cfg.package ];
};
}

View file

@ -156,6 +156,16 @@ in
description = "List of modules that are always loaded by the initrd.";
};
boot.initrd.includeDefaultModules = mkOption {
type = types.bool;
default = true;
description = ''
This option, if set, adds a collection of default kernel modules
to <option>boot.initrd.availableKernelModules</option> and
<option>boot.initrd.kernelModules</option>.
'';
};
system.modulesTree = mkOption {
type = types.listOf types.path;
internal = true;
@ -195,7 +205,8 @@ in
config = mkMerge
[ (mkIf config.boot.initrd.enable {
boot.initrd.availableKernelModules =
[ # Note: most of these (especially the SATA/PATA modules)
optionals config.boot.initrd.includeDefaultModules ([
# Note: most of these (especially the SATA/PATA modules)
# shouldn't be included by default since nixos-generate-config
# detects them, but I'm keeping them for now for backwards
# compatibility.
@ -235,10 +246,11 @@ in
# x86 RTC needed by the stage 2 init script.
"rtc_cmos"
];
]);
boot.initrd.kernelModules =
[ # For LVM.
optionals config.boot.initrd.includeDefaultModules [
# For LVM.
"dm_mod"
];
})

View file

@ -92,10 +92,12 @@ in rec {
checkUnitConfig = group: checks: attrs: let
# We're applied at the top-level type (attrsOf unitOption), so the actual
# unit options might contain attributes from mkOverride that we need to
# unit options might contain attributes from mkOverride and mkIf that we need to
# convert into single values before checking them.
defs = mapAttrs (const (v:
if v._type or "" == "override" then v.content else v
if v._type or "" == "override" then v.content
else if v._type or "" == "if" then v.content
else v
)) attrs;
errors = concatMap (c: c group defs) checks;
in if errors == [] then true

View file

@ -326,30 +326,36 @@ in
};
};
services.zfs.zed.settings = mkOption {
type = with types; attrsOf (oneOf [ str int bool (listOf str) ]);
example = literalExample ''
{
ZED_DEBUG_LOG = "/tmp/zed.debug.log";
services.zfs.zed = {
enableMail = mkEnableOption "ZED's ability to send emails" // {
default = cfgZfs.package.enableMail;
};
ZED_EMAIL_ADDR = [ "root" ];
ZED_EMAIL_PROG = "mail";
ZED_EMAIL_OPTS = "-s '@SUBJECT@' @ADDRESS@";
settings = mkOption {
type = with types; attrsOf (oneOf [ str int bool (listOf str) ]);
example = literalExample ''
{
ZED_DEBUG_LOG = "/tmp/zed.debug.log";
ZED_NOTIFY_INTERVAL_SECS = 3600;
ZED_NOTIFY_VERBOSE = false;
ZED_EMAIL_ADDR = [ "root" ];
ZED_EMAIL_PROG = "mail";
ZED_EMAIL_OPTS = "-s '@SUBJECT@' @ADDRESS@";
ZED_USE_ENCLOSURE_LEDS = true;
ZED_SCRUB_AFTER_RESILVER = false;
}
'';
description = ''
ZFS Event Daemon /etc/zfs/zed.d/zed.rc content
ZED_NOTIFY_INTERVAL_SECS = 3600;
ZED_NOTIFY_VERBOSE = false;
See
<citerefentry><refentrytitle>zed</refentrytitle><manvolnum>8</manvolnum></citerefentry>
for details on ZED and the scripts in /etc/zfs/zed.d to find the possible variables
'';
ZED_USE_ENCLOSURE_LEDS = true;
ZED_SCRUB_AFTER_RESILVER = false;
}
'';
description = ''
ZFS Event Daemon /etc/zfs/zed.d/zed.rc content
See
<citerefentry><refentrytitle>zed</refentrytitle><manvolnum>8</manvolnum></citerefentry>
for details on ZED and the scripts in /etc/zfs/zed.d to find the possible variables
'';
};
};
};
@ -358,6 +364,14 @@ in
config = mkMerge [
(mkIf cfgZfs.enabled {
assertions = [
{
assertion = cfgZED.enableMail -> cfgZfs.package.enableMail;
message = ''
To allow ZED to send emails, ZFS needs to be configured to enable
this. To do so, one must override the `zfs` package and set
`enableMail` to true.
'';
}
{
assertion = config.networking.hostId != null;
message = "ZFS requires networking.hostId to be set";
@ -437,7 +451,7 @@ in
};
services.zfs.zed.settings = {
ZED_EMAIL_PROG = mkDefault "${pkgs.mailutils}/bin/mail";
ZED_EMAIL_PROG = mkIf cfgZED.enableMail (mkDefault "${pkgs.mailutils}/bin/mail");
PATH = lib.makeBinPath [
cfgZfs.package
pkgs.coreutils

View file

@ -52,7 +52,7 @@ let
# Run the ExecStartPre program. FIXME: this could be a list.
my $preStart = <<END_CMD;
${service.serviceConfig.ExecStartPre or ""}
${concatStringsSep "\n" (service.serviceConfig.ExecStartPre or [])}
END_CMD
if (defined $preStart && $preStart ne "\n") {
print STDERR "running ExecStartPre: $preStart\n";
@ -79,7 +79,7 @@ let
# Run the ExecStartPost program.
my $postStart = <<END_CMD;
${service.serviceConfig.ExecStartPost or ""}
${concatStringsSep "\n" (service.serviceConfig.ExecStartPost or [])}
END_CMD
if (defined $postStart && $postStart ne "\n") {
print STDERR "running ExecStartPost: $postStart\n";

View file

@ -103,7 +103,10 @@ in
cgroup_manager = "systemd"
log_level = "${cfg.logLevel}"
pinns_path = "${cfg.package}/bin/pinns"
hooks_dir = []
hooks_dir = [
${lib.optionalString config.virtualisation.containers.ociSeccompBpfHook.enable
''"${config.boot.kernelPackages.oci-seccomp-bpf-hook}",''}
]
${optionalString (cfg.runtime != null) ''
default_runtime = "${cfg.runtime}"

View file

@ -46,14 +46,6 @@ in {
'';
};
package = mkOption {
type = types.package;
default = pkgs.libvirt;
description = ''
libvirt package to use.
'';
};
qemuPackage = mkOption {
type = types.package;
default = pkgs.qemu;
@ -177,26 +169,26 @@ in {
source = "/run/${dirName}/nix-helpers/qemu-bridge-helper";
};
systemd.packages = [ cfg.package ];
systemd.packages = [ pkgs.libvirt ];
systemd.services.libvirtd-config = {
description = "Libvirt Virtual Machine Management Daemon - configuration";
script = ''
# Copy default libvirt network config .xml files to /var/lib
# Files modified by the user will not be overwritten
for i in $(cd ${cfg.package}/var/lib && echo \
for i in $(cd ${pkgs.libvirt}/var/lib && echo \
libvirt/qemu/networks/*.xml libvirt/qemu/networks/autostart/*.xml \
libvirt/nwfilter/*.xml );
do
mkdir -p /var/lib/$(dirname $i) -m 755
cp -npd ${cfg.package}/var/lib/$i /var/lib/$i
cp -npd ${pkgs.libvirt}/var/lib/$i /var/lib/$i
done
# Copy generated qemu config to libvirt directory
cp -f ${qemuConfigFile} /var/lib/${dirName}/qemu.conf
# stable (not GC'able as in /nix/store) paths for using in <emulator> section of xml configs
for emulator in ${cfg.package}/libexec/libvirt_lxc ${cfg.qemuPackage}/bin/qemu-kvm ${cfg.qemuPackage}/bin/qemu-system-*; do
for emulator in ${pkgs.libvirt}/libexec/libvirt_lxc ${cfg.qemuPackage}/bin/qemu-kvm ${cfg.qemuPackage}/bin/qemu-system-*; do
ln -s --force "$emulator" /run/${dirName}/nix-emulators/
done
@ -257,7 +249,7 @@ in {
systemd.services.virtlogd = {
description = "Virtual machine log manager";
serviceConfig.ExecStart = "@${cfg.package}/sbin/virtlogd virtlogd";
serviceConfig.ExecStart = "@${pkgs.libvirt}/sbin/virtlogd virtlogd";
restartIfChanged = false;
};
@ -269,7 +261,7 @@ in {
systemd.services.virtlockd = {
description = "Virtual machine lock manager";
serviceConfig.ExecStart = "@${cfg.package}/sbin/virtlockd virtlockd";
serviceConfig.ExecStart = "@${pkgs.libvirt}/sbin/virtlockd virtlockd";
restartIfChanged = false;
};

View file

@ -463,21 +463,15 @@ in
{ config, options, name, ... }:
{
options = {
config = mkOption {
description = ''
A specification of the desired configuration of this
container, as a NixOS module.
'';
type = let
confPkgs = if config.pkgs == null then pkgs else config.pkgs;
in lib.mkOptionType {
type = lib.mkOptionType {
name = "Toplevel NixOS config";
merge = loc: defs: (import (confPkgs.path + "/nixos/lib/eval-config.nix") {
merge = loc: defs: (import "${toString config.nixpkgs}/nixos/lib/eval-config.nix" {
inherit system;
pkgs = confPkgs;
baseModules = import (confPkgs.path + "/nixos/modules/module-list.nix");
inherit (confPkgs) lib;
modules =
let
extraConfig = {
@ -526,12 +520,18 @@ in
'';
};
pkgs = mkOption {
type = types.nullOr types.attrs;
default = null;
example = literalExample "pkgs";
nixpkgs = mkOption {
type = types.path;
default = pkgs.path;
defaultText = "pkgs.path";
description = ''
Customise which nixpkgs to use for this container.
A path to the nixpkgs that provide the modules, pkgs and lib for evaluating the container.
To only change the <literal>pkgs</literal> argument used inside the container modules,
set the <literal>nixpkgs.*</literal> options in the container <option>config</option>.
Setting <literal>config.nixpkgs.pkgs = pkgs</literal> speeds up the container evaluation
by reusing the system pkgs, but the <literal>nixpkgs.config</literal> option in the
container config is ignored in this case.
'';
};
@ -672,14 +672,31 @@ in
'';
};
# Removed option. See `checkAssertion` below for the accompanying error message.
pkgs = mkOption { visible = false; };
} // networkOptions;
config = mkMerge
[
(mkIf options.config.isDefined {
path = config.config.system.build.toplevel;
})
];
config = let
# Throw an error when removed option `pkgs` is used.
# Because this is a submodule we cannot use `mkRemovedOptionModule` or option `assertions`.
optionPath = "containers.${name}.pkgs";
files = showFiles options.pkgs.files;
checkAssertion = if options.pkgs.isDefined then throw ''
The option definition `${optionPath}' in ${files} no longer has any effect; please remove it.
Alternatively, you can use the following options:
- containers.${name}.nixpkgs
This sets the nixpkgs (and thereby the modules, pkgs and lib) that
are used for evaluating the container.
- containers.${name}.config.nixpkgs.pkgs
This only sets the `pkgs` argument used inside the container modules.
''
else null;
in {
path = builtins.seq checkAssertion
mkIf options.config.isDefined config.config.system.build.toplevel;
};
}));
default = {};

View file

@ -413,6 +413,7 @@ in
vector = handleTest ./vector.nix {};
victoriametrics = handleTest ./victoriametrics.nix {};
virtualbox = handleTestOn ["x86_64-linux"] ./virtualbox.nix {};
vscodium = handleTest ./vscodium.nix {};
wasabibackend = handleTest ./wasabibackend.nix {};
wireguard = handleTest ./wireguard {};
wordpress = handleTest ./wordpress.nix {};

View file

@ -1,42 +1,34 @@
# Test for NixOS' container support.
import ./make-test-python.nix ({ pkgs, lib, ...} : let
customPkgs = pkgs // {
hello = pkgs.hello.overrideAttrs(old: {
name = "custom-hello";
customPkgs = pkgs.appendOverlays [ (self: super: {
hello = super.hello.overrideAttrs (old: {
name = "custom-hello";
});
};
}) ];
in {
name = "containers-hosts";
name = "containers-custom-pkgs";
meta = with lib.maintainers; {
maintainers = [ adisbladis ];
maintainers = [ adisbladis earvstedt ];
};
machine =
{ ... }:
{
virtualisation.memorySize = 256;
virtualisation.vlans = [];
machine = { config, ... }: {
assertions = let
helloName = (builtins.head config.containers.test.config.system.extraDependencies).name;
in [ {
assertion = helloName == "custom-hello";
message = "Unexpected value: ${helloName}";
} ];
containers.simple = {
autoStart = true;
pkgs = customPkgs;
config = {pkgs, config, ... }: {
environment.systemPackages = [
pkgs.hello
];
};
containers.test = {
autoStart = true;
config = { pkgs, config, ... }: {
nixpkgs.pkgs = customPkgs;
system.extraDependencies = [ pkgs.hello ];
};
};
};
testScript = ''
start_all()
machine.wait_for_unit("default.target")
machine.succeed(
"test $(nixos-container run simple -- readlink -f /run/current-system/sw/bin/hello) = ${customPkgs.hello}/bin/hello"
)
'';
# This test only consists of evaluating the test machine
testScript = "";
})

View file

@ -0,0 +1,45 @@
import ./make-test-python.nix ({ pkgs, ... }:
{
name = "power-profiles-daemon";
meta = with pkgs.lib.maintainers; {
maintainers = [ mvnetbiz ];
};
machine = { pkgs, ... }: {
services.power-profiles-daemon.enable = true;
environment.systemPackages = [ pkgs.glib ];
};
testScript = ''
def get_profile():
return machine.succeed(
"""gdbus call --system --dest net.hadess.PowerProfiles --object-path /net/hadess/PowerProfiles \
--method org.freedesktop.DBus.Properties.Get 'net.hadess.PowerProfiles' 'ActiveProfile'
"""
)
def set_profile(profile):
return machine.succeed(
"""gdbus call --system --dest net.hadess.PowerProfiles --object-path /net/hadess/PowerProfiles \
--method org.freedesktop.DBus.Properties.Set 'net.hadess.PowerProfiles' 'ActiveProfile' "<'{profile}'>"
""".format(
profile=profile
)
)
machine.wait_for_unit("multi-user.target")
set_profile("power-saver")
profile = get_profile()
if not "power-saver" in profile:
raise Exception("Unable to set power-saver profile")
set_profile("balanced")
profile = get_profile()
if not "balanced" in profile:
raise Exception("Unable to set balanced profile")
'';
})

View file

@ -4,6 +4,8 @@ let
port = 10004;
tcpPort = 10005;
httpPort = 10080;
tcpStreamPort = 10006;
bufferSize = 742;
in {
name = "snapcast";
meta = with pkgs.lib.maintainers; {
@ -17,18 +19,27 @@ in {
port = port;
tcp.port = tcpPort;
http.port = httpPort;
buffer = bufferSize;
streams = {
mpd = {
type = "pipe";
location = "/run/snapserver/mpd";
query.mode = "create";
};
bluetooth = {
type = "pipe";
location = "/run/snapserver/bluetooth";
};
tcp = {
type = "tcp";
location = "127.0.0.1:${toString tcpStreamPort}";
};
};
};
};
client = {
environment.systemPackages = [ pkgs.snapcast ];
};
};
testScript = ''
@ -42,6 +53,7 @@ in {
server.wait_until_succeeds("ss -ntl | grep -q ${toString port}")
server.wait_until_succeeds("ss -ntl | grep -q ${toString tcpPort}")
server.wait_until_succeeds("ss -ntl | grep -q ${toString httpPort}")
server.wait_until_succeeds("ss -ntl | grep -q ${toString tcpStreamPort}")
with subtest("check that pipes are created"):
server.succeed("test -p /run/snapserver/mpd")
@ -54,5 +66,12 @@ in {
server.succeed(
"curl --fail http://localhost:${toString httpPort}/jsonrpc -d '{json.dumps(get_rpc_version)}'"
)
with subtest("test a connection"):
client.execute("systemd-run snapclient -h server -p ${toString port}")
server.wait_until_succeeds(
"journalctl -o cat -u snapserver.service | grep -q 'Hello from'"
)
client.wait_until_succeeds("journalctl -o cat -u run-\* | grep -q ${toString bufferSize}")
'';
})

View file

@ -0,0 +1,47 @@
import ./make-test-python.nix ({ pkgs, ...} :
{
name = "vscodium";
meta = with pkgs.lib.maintainers; {
maintainers = [ turion ];
};
machine = { ... }:
{
imports = [
./common/user-account.nix
./common/x11.nix
];
virtualisation.memorySize = 2047;
services.xserver.enable = true;
test-support.displayManager.auto.user = "alice";
environment.systemPackages = with pkgs; [
vscodium
];
};
enableOCR = true;
testScript = { nodes, ... }: ''
# Start up X
start_all()
machine.wait_for_x()
# Start VSCodium with a file that doesn't exist yet
machine.fail("ls /home/alice/foo.txt")
machine.succeed("su - alice -c 'codium foo.txt' &")
# Wait for the window to appear
machine.wait_for_text("VSCodium")
# Save file
machine.send_key("ctrl-s")
# Wait until the file has been saved
machine.wait_for_file("/home/alice/foo.txt")
machine.screenshot("VSCodium")
'';
})

View file

@ -85,7 +85,7 @@ in import ../make-test-python.nix {
server.succeed('prosodyctl status | grep "Prosody is running"')
server.succeed("create-prosody-users")
client.succeed('send-message 2>&1 | grep "XMPP SCRIPT TEST SUCCESS"')
client.succeed("send-message")
server.succeed("delete-prosody-users")
'';
}

View file

@ -23,8 +23,26 @@ class CthonTest(ClientXMPP):
def __init__(self, jid, password):
ClientXMPP.__init__(self, jid, password)
self.add_event_handler("session_start", self.session_start)
self.test_succeeded = False
async def session_start(self, event):
try:
# Exceptions in event handlers are printed to stderr but not
# propagated, they do not make the script terminate with a non-zero
# exit code. We use the `test_succeeded` flag as a workaround and
# check it later at the end of the script to exit with a proper
# exit code.
# Additionally, this flag ensures that this event handler has been
# actually run by ClientXMPP, which may well not be the case.
await self.test_xmpp_server()
self.test_succeeded = True
finally:
# Even if an exception happens in `test_xmpp_server()`, we still
# need to disconnect explicitly, otherwise the process will hang
# forever.
self.disconnect(wait=True)
async def test_xmpp_server(self):
log = logging.getLogger(__name__)
self.send_presence()
self.get_roster()
@ -42,11 +60,12 @@ class CthonTest(ClientXMPP):
log.error("ERROR: Cannot run upload command. XEP_0363 seems broken")
sys.exit(1)
log.info('Upload success!')
# Test MUC
self.plugin['xep_0045'].join_muc('testMucRoom', 'cthon98', wait=True)
# TODO: use join_muc_wait() after slixmpp 1.8.0 is released.
self.plugin['xep_0045'].join_muc('testMucRoom', 'cthon98')
log.info('MUC join success!')
log.info('XMPP SCRIPT TEST SUCCESS')
self.disconnect(wait=True)
if __name__ == '__main__':
@ -62,4 +81,7 @@ if __name__ == '__main__':
ct.register_plugin('xep_0045')
ct.connect(("server", 5222))
ct.process(forever=False)
if not ct.test_succeeded:
sys.exit(1)
''

View file

@ -1,11 +1,23 @@
{ lib, stdenv, fetchurl, pkg-config, gettext, gtk3, intltool,
wrapGAppsHook, libxml2, curl, mpd_clientlib, dbus-glib,
libsoup, avahi, taglib
}:
{ lib
, stdenv
, fetchurl
, pkg-config
, intltool
, avahi
, curl
, dbus-glib
, gettext
, gtk3
, libmpdclient
, libsoup
, libxml2
, taglib
, wrapGAppsHook
}:
stdenv.mkDerivation rec {
version = "1.6";
pname = "ario";
version = "1.6";
src = fetchurl {
url = "mirror://sourceforge/ario-player/${pname}-${version}.tar.gz";
@ -14,14 +26,21 @@ stdenv.mkDerivation rec {
nativeBuildInputs = [ pkg-config gettext intltool wrapGAppsHook ];
buildInputs = [
gtk3 libxml2 curl mpd_clientlib dbus-glib libsoup avahi taglib
avahi
curl
dbus-glib
gtk3
libmpdclient
libsoup
libxml2
taglib
];
meta = {
meta = with lib; {
description = "GTK client for MPD (Music player daemon)";
homepage = "http://ario-player.sourceforge.net/";
license = lib.licenses.gpl2Plus;
maintainers = [ lib.maintainers.garrison ];
platforms = lib.platforms.all;
license = licenses.gpl2Plus;
maintainers = [ maintainers.garrison ];
platforms = platforms.all;
};
}

View file

@ -8,7 +8,7 @@ stdenv.mkDerivation rec {
src = fetchFromGitHub {
owner = "openAVproductions";
repo = "openAV-ArtyFX";
rev = "492587461b50d140455aa3c98d915eb8673bebf0";
rev = "8c542627d936a01b1d97825e7f26a8e95633f7aa";
sha256 = "0wwg8ivnpyy0235bapjy4g0ij85zq355jwi6c1nkrac79p4z9ail";
};

View file

@ -1,4 +1,12 @@
{ lib, stdenv, fetchFromGitHub, cmake, pkg-config, mpd_clientlib, meson, ninja }:
{ lib
, stdenv
, fetchFromGitHub
, cmake
, pkg-config
, meson
, ninja
, libmpdclient
}:
stdenv.mkDerivation rec {
pname = "ashuffle";
@ -14,7 +22,7 @@ stdenv.mkDerivation rec {
dontUseCmakeConfigure = true;
nativeBuildInputs = [ cmake pkg-config meson ninja ];
buildInputs = [ mpd_clientlib ];
buildInputs = [ libmpdclient ];
meta = with lib; {
homepage = "https://github.com/joshkunz/ashuffle";

View file

@ -1,50 +1,45 @@
{ mkDerivation
, lib, stdenv
, lib
, stdenv
, fetchFromGitHub
, qmake
, qtbase
, pkg-config
, qttools
, alsaSupport ? stdenv.hostPlatform.isLinux
, alsaLib
, pulseSupport ? stdenv.hostPlatform.isLinux
, libpulseaudio
, jackSupport ? stdenv.hostPlatform.isUnix
, libjack2
, qtbase
, rtaudio
, rtmidi
}:
let
inherit (lib) optional optionals;
in
mkDerivation rec {
pname = "bambootracker";
version = "0.4.5";
version = "0.4.6";
src = fetchFromGitHub {
owner = "rerrahkr";
repo = "BambooTracker";
rev = "v${version}";
sha256 = "0ibi0sykxf6cp5la2c4pgxf5gvy56yv259fbmdwdrdyv6vlddf42";
sha256 = "0iddqfw951dw9xpl4w7310sl4z544507ppb12i8g4fzvlxfw2ifc";
};
sourceRoot = "source/BambooTracker";
postPatch = lib.optionalString stdenv.hostPlatform.isDarwin ''
substituteInPlace BambooTracker/BambooTracker.pro \
--replace '# Temporary known-error downgrades here' 'CPP_WARNING_FLAGS += -Wno-missing-braces'
'';
nativeBuildInputs = [ qmake qttools ];
nativeBuildInputs = [ qmake qttools pkg-config ];
buildInputs = [ qtbase ]
++ optional alsaSupport alsaLib
++ optional pulseSupport libpulseaudio
++ optional jackSupport libjack2;
buildInputs = [ qtbase rtaudio rtmidi ];
qmakeFlags = [ "CONFIG+=release" "CONFIG-=debug" ]
++ optional pulseSupport "CONFIG+=use_pulse"
++ optionals jackSupport [ "CONFIG+=use_jack" "CONFIG+=jack_has_rename" ];
qmakeFlags = [ "CONFIG+=system_rtaudio" "CONFIG+=system_rtmidi" ];
postConfigure = "make qmake_all";
meta = with lib; {
description = "A tracker for YM2608 (OPNA) which was used in NEC PC-8801/9801 series computers";
homepage = "https://github.com/rerrahkr/BambooTracker";
homepage = "https://rerrahkr.github.io/BambooTracker";
license = licenses.gpl2Only;
platforms = platforms.all;
maintainers = with maintainers; [ OPNA2608 ];
broken = stdenv.isDarwin;
};
}

View file

@ -6,11 +6,11 @@
stdenv.mkDerivation rec {
pname = "bitwig-studio";
version = "3.3.1";
version = "3.3.2";
src = fetchurl {
url = "https://downloads.bitwig.com/stable/${version}/${pname}-${version}.deb";
sha256 = "0f7xysk0cl48q7i28m25hasmrp30grgm3kah0s7xmkjgm33887pi";
sha256 = "sha256-R1e+eTheS9KqPIHw1QoMJgpSB1ss0gwTUGAojdJM0Zw=";
};
nativeBuildInputs = [ dpkg makeWrapper wrapGAppsHook ];

View file

@ -1,5 +1,5 @@
{ config, lib, stdenv, fetchFromGitHub, runCommand, ncurses, pkg-config
, libiconv, CoreAudio
, libiconv, CoreAudio, AudioUnit
, alsaSupport ? stdenv.isLinux, alsaLib ? null
# simple fallback for everyone else
@ -121,7 +121,7 @@ stdenv.mkDerivation rec {
nativeBuildInputs = [ pkg-config ];
buildInputs = [ ncurses ]
++ lib.optional stdenv.cc.isClang clangGCC
++ lib.optionals stdenv.isDarwin [ libiconv CoreAudio ]
++ lib.optionals stdenv.isDarwin [ libiconv CoreAudio AudioUnit ]
++ flatten (concatMap (a: a.deps) opts);
makeFlags = [ "LD=$(CC)" ];

View file

@ -1,24 +1,41 @@
{ lib, stdenv, fetchurl, pkg-config, mpd_clientlib, dbus-glib, audacious, gtk2, gsl
, libaudclient }:
{ lib
, stdenv
, fetchurl
, pkg-config
, dbus-glib
, audacious
, gtk2
, gsl
, libaudclient
, libmpdclient
}:
stdenv.mkDerivation {
name = "gjay-0.3.2";
stdenv.mkDerivation rec {
pname = "gjay";
version = "0.3.2";
src = fetchurl {
url = "mirror://sourceforge/project/gjay/gjay-0.3.2.tar.gz";
url = "mirror://sourceforge/project/gjay/${pname}-${version}.tar.gz";
sha256 = "1a1vv4r0vnxjdyl0jyv7gga3zfd5azxlwjm1l6hjrf71lb228zn8";
};
nativeBuildInputs = [ pkg-config ];
buildInputs = [ mpd_clientlib dbus-glib audacious gtk2 gsl libaudclient ];
buildInputs = [
libmpdclient
dbus-glib
audacious
gtk2
gsl
libaudclient
];
hardeningDisable = [ "format" ];
meta = with lib; {
description = "Generates playlists such that each song sounds good following the previous song";
homepage = "http://gjay.sourceforge.net/";
license = licenses.gpl2;
license = licenses.gpl2Plus;
maintainers = with maintainers; [ pSub ];
platforms = with platforms; linux;
};

View file

@ -1,6 +1,22 @@
{ lib, stdenv, fetchurl, libtool, intltool, pkg-config, glib
, gtk2, curl, mpd_clientlib, libsoup, gob2, vala, libunique
, libSM, libICE, sqlite, hicolor-icon-theme, wrapGAppsHook
{ lib
, stdenv
, fetchurl
, libtool
, intltool
, pkg-config
, glib
, gtk2
, curl
, libmpdclient
, libsoup
, gob2
, vala
, libunique
, libSM
, libICE
, sqlite
, hicolor-icon-theme
, wrapGAppsHook
}:
stdenv.mkDerivation rec {
@ -26,8 +42,17 @@ stdenv.mkDerivation rec {
nativeBuildInputs = [ pkg-config libtool intltool gob2 vala wrapGAppsHook ];
buildInputs = [
glib gtk2 curl mpd_clientlib libsoup
libunique libmpd libSM libICE sqlite hicolor-icon-theme
glib
gtk2
curl
libmpdclient
libsoup
libunique
libmpd
libSM
libICE
sqlite
hicolor-icon-theme
];
meta = with lib; {
@ -38,3 +63,4 @@ stdenv.mkDerivation rec {
platforms = platforms.linux;
};
}
# TODO: what is this libmpd derivation embedded above?

View file

@ -17,7 +17,6 @@
, hicolor-icon-theme
, intltool
, ladspaH
, libav
, libjack2
, libsndfile
, lilv
@ -74,7 +73,6 @@ stdenv.mkDerivation rec {
gtk3
gtkmm3
ladspaH
libav
libjack2
libsndfile
lilv

View file

@ -3,11 +3,11 @@
stdenv.mkDerivation rec {
pname = "jalv";
version = "1.6.4";
version = "1.6.6";
src = fetchurl {
url = "https://download.drobilla.net/${pname}-${version}.tar.bz2";
sha256 = "1wwfn7yzbs37s2rdlfjgks63svd5g14yyzd2gdl7h0z12qncwsy2";
sha256 = "sha256-ktFBeBtmQ3MgfDQ868XpuM7UYfryb9zLld8AB7BjnhY=";
};
nativeBuildInputs = [ pkg-config wafHook ];

View file

@ -1,17 +1,17 @@
{ lib, stdenv, fetchFromGitHub, libav, libkeyfinder }:
{ lib, stdenv, fetchFromGitHub, ffmpeg, libkeyfinder }:
stdenv.mkDerivation rec {
pname = "keyfinder-cli";
version = "2015-09-13";
version = "1.1.1";
src = fetchFromGitHub {
repo = "keyfinder-cli";
owner = "EvanPurkhiser";
rev = "8579282f15ab3ebad937fed398ec5c88843be03d";
sha256 = "0jylykigxmsqvdny265k58vpxa4cqs1hq2f7mph1nl3apfx2shrh";
rev = "v${version}";
sha256 = "1mlcygbj3gqii3cz8jd6ks1lz612i4jp0343qjg293xm39fg47ns";
};
buildInputs = [ libav libkeyfinder ];
buildInputs = [ ffmpeg libkeyfinder ];
makeFlags = [ "PREFIX=$(out)" ];

View file

@ -1,12 +1,12 @@
{ lib, stdenv, fetchFromGitHub, libav_0_8, libkeyfinder, qtbase, qtxmlpatterns, qmake, taglib }:
{ lib, mkDerivation, fetchFromGitHub, libav_0_8, libkeyfinder, qtbase, qtxmlpatterns, qmake, taglib }:
stdenv.mkDerivation rec {
mkDerivation rec {
pname = "keyfinder";
version = "2.2";
version = "2.4";
src = fetchFromGitHub {
sha256 = "0vjszk1h8vj2qycgbffzy6k7amg75jlvlnzwaqhz9nll2pcvw0zl";
rev = version;
sha256 = "11yhdwan7bz8nn8vxr54drckyrnlxynhx5s981i475bbccg8g7ls";
rev = "530034d6fe86d185f6a68b817f8db5f552f065d7"; # tag is missing
repo = "is_KeyFinder";
owner = "ibsh";
};

View file

@ -0,0 +1,23 @@
{ fetchFromGitHub, lib, rustPlatform }:
rustPlatform.buildRustPackage rec {
pname = "mmtc";
version = "0.2.12";
src = fetchFromGitHub {
owner = "figsoda";
repo = pname;
rev = "v${version}";
sha256 = "1chcnv8wql6v2vckpzvq6sxgpss7mnxaj008jdm8xalhw9d496s4";
};
cargoSha256 = "06b0hag3s5irvi57n0hc97agfw4sw783lkkl1b26iap6mfbvrqma";
meta = with lib; {
description = "Minimal mpd terminal client that aims to be simple yet highly configurable";
homepage = "https://github.com/figsoda/mmtc";
changelog = "https://github.com/figsoda/mmtc/blob/v${version}/CHANGELOG.md";
license = licenses.mpl20;
maintainers = with maintainers; [ figsoda ];
};
}

View file

@ -41,6 +41,8 @@ let
mopidy-tunein = callPackage ./tunein.nix { };
mopidy-youtube = callPackage ./youtube.nix { };
mopidy-subidy = callPackage ./subidy.nix { };
};
in self

View file

@ -0,0 +1,24 @@
{ lib, fetchFromGitHub, pythonPackages, mopidy }:
pythonPackages.buildPythonApplication rec {
pname = "mopidy-subidy";
version = "1.0.0";
src = fetchFromGitHub {
owner = "Prior99";
repo = pname;
rev = version;
sha256 = "0c5ghhhrj5v3yp4zmll9ari6r5c6ha8c1izwqshvadn40b02q7xz";
};
propagatedBuildInputs = [ mopidy pythonPackages.py-sonic ];
checkInputs = with pythonPackages; [ pytestCheckHook ];
meta = with lib; {
homepage = "https://www.mopidy.com/";
description = "Mopidy extension for playing music from a Subsonic-compatible Music Server";
license = licenses.bsd3;
maintainers = with maintainers; [ wenngle ];
};
}

View file

@ -1,4 +1,13 @@
{ lib, stdenv, fetchFromGitHub, meson, ninja, pkg-config, mpd_clientlib, sphinx, libiconv }:
{ lib
, stdenv
, fetchFromGitHub
, meson
, ninja
, pkg-config
, libmpdclient
, sphinx
, libiconv
}:
stdenv.mkDerivation rec {
pname = "mpc";
@ -11,7 +20,7 @@ stdenv.mkDerivation rec {
sha256 = "1qbi0i9cq54rj8z2kapk8x8g1jkw2jz781niwb9i7kw4xfhvy5zx";
};
buildInputs = [ mpd_clientlib ] ++ lib.optionals stdenv.isDarwin [ libiconv ];
buildInputs = [ libmpdclient ] ++ lib.optionals stdenv.isDarwin [ libiconv ];
nativeBuildInputs = [ meson ninja pkg-config sphinx ];

View file

@ -1,4 +1,4 @@
{ lib, stdenv, fetchFromGitHub, cmake, eigen, libav }:
{ lib, stdenv, fetchFromGitHub, cmake, eigen, ffmpeg }:
stdenv.mkDerivation {
pname = "musly";
version = "unstable-2017-04-26";
@ -9,7 +9,7 @@ stdenv.mkDerivation {
sha256 = "1q42wvdwy2pac7bhfraqqj2czw7w2m33ms3ifjl8phm7d87i8825";
};
nativeBuildInputs = [ cmake ];
buildInputs = [ eigen (libav.override { vaapiSupport = stdenv.isLinux; }) ];
buildInputs = [ eigen ffmpeg ];
fixupPhase = if stdenv.isDarwin then ''
install_name_tool -change libmusly.dylib $out/lib/libmusly.dylib $out/bin/musly
install_name_tool -change libmusly_resample.dylib $out/lib/libmusly_resample.dylib $out/bin/musly

View file

@ -1,8 +1,9 @@
{ lib, stdenv
{ lib
, stdenv
, fetchFromGitHub
, cmake
, pkg-config
, mpd_clientlib
, libmpdclient
, openssl
, lua5_3
, libid3tag
@ -21,12 +22,9 @@ stdenv.mkDerivation rec {
sha256 = "sha256-QGJti1tKKJlumLgABPmROplF0UVGMWMnyRXLb2cEieQ=";
};
nativeBuildInputs = [
pkg-config
cmake
];
nativeBuildInputs = [ pkg-config cmake ];
buildInputs = [
mpd_clientlib
libmpdclient
openssl
lua5_3
libid3tag

View file

@ -1,7 +1,15 @@
{ lib, stdenv, fetchFromGitHub, meson, ninja, pkg-config, glib, ncurses
, mpd_clientlib, gettext, boost
, pcreSupport ? false
, pcre ? null
{ lib
, stdenv
, fetchFromGitHub
, meson
, ninja
, pkg-config
, glib
, ncurses
, libmpdclient
, gettext
, boost
, pcreSupport ? false, pcre ? null
}:
with lib;
@ -10,16 +18,16 @@ assert pcreSupport -> pcre != null;
stdenv.mkDerivation rec {
pname = "ncmpc";
version = "0.43";
version = "0.44";
src = fetchFromGitHub {
owner = "MusicPlayerDaemon";
repo = "ncmpc";
rev = "v${version}";
sha256 = "sha256-/bynLU4/QtUawBjhcaajjuUDUwaSt6zk4/4TZqfQX3c=";
sha256 = "sha256-Qu41TL8KSKC9L25D6Z8bEbJUJQ9QI08grTGZ+0qGdUQ=";
};
buildInputs = [ glib ncurses mpd_clientlib boost ]
buildInputs = [ glib ncurses libmpdclient boost ]
++ optional pcreSupport pcre;
nativeBuildInputs = [ meson ninja pkg-config gettext ];

View file

@ -1,5 +1,14 @@
{ lib, stdenv, fetchurl, boost, mpd_clientlib, ncurses, pkg-config, readline
, libiconv, icu, curl
{ lib
, stdenv
, fetchurl
, boost
, libmpdclient
, ncurses
, pkg-config
, readline
, libiconv
, icu
, curl
, outputsSupport ? true # outputs screen
, visualizerSupport ? false, fftw ? null # visualizer screen
, clockSupport ? true # clock screen
@ -27,7 +36,7 @@ stdenv.mkDerivation rec {
nativeBuildInputs = [ pkg-config ];
buildInputs = [ boost mpd_clientlib ncurses readline libiconv icu curl ]
buildInputs = [ boost libmpdclient ncurses readline libiconv icu curl ]
++ optional visualizerSupport fftw
++ optional taglibSupport taglib;

View file

@ -1,7 +1,6 @@
{ lib, stdenv, fetchFromGitHub, cmake, ncurses, libpulseaudio, pkg-config }:
stdenv.mkDerivation rec {
pname = "ncpamixer";
version = "1.3.3.1";
@ -12,15 +11,12 @@ stdenv.mkDerivation rec {
sha256 = "1v3bz0vpgh18257hdnz3yvbnl51779g1h5b265zgc21ks7m1jw5z";
};
buildInputs = [ ncurses libpulseaudio ];
nativeBuildInputs = [ cmake pkg-config ];
configurePhase = ''
make PREFIX=$out build/Makefile
'';
buildInputs = [ ncurses libpulseaudio ];
buildPhase = ''
make build
configurePhase = ''
make PREFIX=$out USE_WIDE=1 RELEASE=1 build/Makefile
'';
meta = with lib; {
@ -28,6 +24,6 @@ stdenv.mkDerivation rec {
homepage = "https://github.com/fulhax/ncpamixer";
license = licenses.mit;
platforms = platforms.linux;
maintainers = with maintainers; [ StijnDW ];
maintainers = with maintainers; [ StijnDW SuperSandro2000 ];
};
}

View file

@ -2,14 +2,14 @@
, usePulseAudio ? config.pulseaudio or false, libpulseaudio }:
let
version = "0.5.4";
version = "0.5.5";
in stdenv.mkDerivation {
pname = "openmpt123";
inherit version;
src = fetchurl {
url = "https://lib.openmpt.org/files/libopenmpt/src/libopenmpt-${version}+release.autotools.tar.gz";
sha256 = "0h7gpjx1221jwsq3k91p8zhf1h77qaxyasakc88s3g57vawhckgk";
sha256 = "sha256-8eAUg+vxpoDZ7AMMmvIPXypawPHgZCwYvVWTz6qc62s=";
};
enableParallelBuilding = true;

View file

@ -0,0 +1,115 @@
{ lib, stdenv
, fetchFromGitHub
, meson
, ninja
, pkg-config
, itstool
, python3
, libxml2
, desktop-file-utils
, wrapGAppsHook
, gst_all_1
, pulseaudio
, gtk3
, glib
, glibmm
, gtkmm3
, lilv
, lv2
, serd
, sord
, sratom
, libbs2b
, libsamplerate
, libsndfile
, libebur128
, rnnoise
, boost
, dbus
, fftwFloat
, calf
, zita-convolver
, zam-plugins
, rubberband
, lsp-plugins
}:
let
lv2Plugins = [
calf # limiter, compressor exciter, bass enhancer and others
lsp-plugins # delay
];
ladspaPlugins = [
rubberband # pitch shifting
zam-plugins # maximizer
];
in stdenv.mkDerivation rec {
pname = "pulseeffects";
version = "4.8.4";
src = fetchFromGitHub {
owner = "wwmm";
repo = "pulseeffects";
rev = "v${version}";
sha256 = "19sndxvszafbd1l2033g2irpx2jrwi5bpbx8r35047wi0z7djiag";
};
nativeBuildInputs = [
meson
ninja
pkg-config
libxml2
itstool
python3
desktop-file-utils
wrapGAppsHook
];
buildInputs = [
pulseaudio
glib
glibmm
gtk3
gtkmm3
gst_all_1.gstreamer
gst_all_1.gst-plugins-base # gst-fft
gst_all_1.gst-plugins-good # pulsesrc
gst_all_1.gst-plugins-bad
lilv lv2 serd sord sratom
libbs2b
libebur128
libsamplerate
libsndfile
rnnoise
boost
dbus
fftwFloat
zita-convolver
];
postPatch = ''
chmod +x meson_post_install.py
patchShebangs meson_post_install.py
'';
preFixup = ''
gappsWrapperArgs+=(
--set LV2_PATH "${lib.makeSearchPath "lib/lv2" lv2Plugins}"
--set LADSPA_PATH "${lib.makeSearchPath "lib/ladspa" ladspaPlugins}"
)
'';
# Meson is no longer able to pick up Boost automatically.
# https://github.com/NixOS/nixpkgs/issues/86131
BOOST_INCLUDEDIR = "${lib.getDev boost}/include";
BOOST_LIBRARYDIR = "${lib.getLib boost}/lib";
meta = with lib; {
description = "Limiter, compressor, reverberation, equalizer and auto volume effects for Pulseaudio applications";
homepage = "https://github.com/wwmm/pulseeffects";
license = licenses.gpl3Plus;
maintainers = with maintainers; [ jtojnar ];
platforms = platforms.linux;
badPlatforms = [ "aarch64-linux" ];
};
}

View file

@ -9,7 +9,7 @@
, desktop-file-utils
, wrapGAppsHook
, gst_all_1
, pulseaudio
, pipewire
, gtk3
, glib
, glibmm
@ -45,13 +45,13 @@ let
];
in stdenv.mkDerivation rec {
pname = "pulseeffects";
version = "4.8.4";
version = "5.0.0";
src = fetchFromGitHub {
owner = "wwmm";
repo = "pulseeffects";
rev = "v${version}";
sha256 = "19sndxvszafbd1l2033g2irpx2jrwi5bpbx8r35047wi0z7djiag";
sha256 = "1zs13bivxlgcb24lz1pgmgy2chcjxnmn4lz7g1n0ygiaaj4c30xj";
};
nativeBuildInputs = [
@ -66,14 +66,14 @@ in stdenv.mkDerivation rec {
];
buildInputs = [
pulseaudio
pipewire
glib
glibmm
gtk3
gtkmm3
gst_all_1.gstreamer
gst_all_1.gst-plugins-base # gst-fft
gst_all_1.gst-plugins-good # pulsesrc
gst_all_1.gst-plugins-good # spectrum plugin
gst_all_1.gst-plugins-bad
lilv lv2 serd sord sratom
libbs2b
@ -107,7 +107,7 @@ in stdenv.mkDerivation rec {
meta = with lib; {
description = "Limiter, compressor, reverberation, equalizer and auto volume effects for Pulseaudio applications";
homepage = "https://github.com/wwmm/pulseeffects";
license = licenses.gpl3;
license = licenses.gpl3Plus;
maintainers = with maintainers; [ jtojnar ];
platforms = platforms.linux;
badPlatforms = [ "aarch64-linux" ];

View file

@ -20,8 +20,8 @@ let
aixlog = dependency {
name = "aixlog";
version = "1.2.1";
sha256 = "1rh4jib5g41b85bqrxkl5g74hk5ryf187y9fw0am76g59xlymfpr";
version = "1.4.0";
sha256 = "0f2bs5j1jjajcpa251dslnwkgglaam3b0cm6wdx5l7mbwvnmib2g";
};
popl = dependency {
@ -34,13 +34,13 @@ in
stdenv.mkDerivation rec {
pname = "snapcast";
version = "0.20.0";
version = "0.23.0";
src = fetchFromGitHub {
owner = "badaix";
repo = "snapcast";
rev = "v${version}";
sha256 = "152ic8hlyawcmj9pykb33xc6yx7il6yb9ilmsy6m9nlh40m8yxls";
sha256 = "0183hhghzn0fhw2qzc1s009q7miabpcf0pxaqjdscsl8iivxqknd";
};
nativeBuildInputs = [ cmake pkg-config boost170.dev ];

View file

@ -1,5 +1,14 @@
{ lib, stdenv, fetchFromGitHub, autoreconfHook, mpd_clientlib, ncurses, pcre, pkg-config
, taglib, curl }:
{ lib
, stdenv
, fetchFromGitHub
, autoreconfHook
, libmpdclient
, ncurses
, pcre
, pkg-config
, taglib
, curl
}:
stdenv.mkDerivation rec {
version = "0.09.2";
@ -13,7 +22,7 @@ stdenv.mkDerivation rec {
};
nativeBuildInputs = [ autoreconfHook pkg-config ];
buildInputs = [ mpd_clientlib ncurses pcre taglib curl ];
buildInputs = [ libmpdclient ncurses pcre taglib curl ];
postInstall = ''
mkdir -p $out/etc

View file

@ -1,26 +1,17 @@
{ lib, stdenv, fetchurl, fetchzip, libogg, libvorbis, libao, pkg-config, curl
, speex, flac }:
{ lib, stdenv, fetchurl, libogg, libvorbis, libao, pkg-config, curl
, speex, flac
, autoreconfHook }:
stdenv.mkDerivation rec {
pname = "vorbis-tools";
version = "1.4.2";
let
debPatch = fetchzip {
url = "mirror://debian/pool/main/v/vorbis-tools/vorbis-tools_1.4.0-11.debian.tar.xz";
sha256 = "0kvmd5nslyqplkdb7pnmqj47ir3y5lmaxd12wmrnqh679a8jhcyi";
};
in
stdenv.mkDerivation {
name = "vorbis-tools-1.4.0";
src = fetchurl {
url = "http://downloads.xiph.org/releases/vorbis/vorbis-tools-1.4.0.tar.gz";
sha256 = "1g12bnh5ah08v529y72kfdz5lhvy75iaz7f9jskyby23m9dkk2d3";
url = "http://downloads.xiph.org/releases/vorbis/vorbis-tools-${version}.tar.gz";
sha256 = "1c7h4ivgfdyygz2hyh6nfibxlkz8kdk868a576qkkjgj5gn78xyv";
};
postPatch = ''
for patch in $(ls "${debPatch}"/patches/*.{diff,patch} | grep -v debian_subdir)
do patch -p1 < "$patch"
done
'';
nativeBuildInputs = [ pkg-config ];
nativeBuildInputs = [ autoreconfHook pkg-config ];
buildInputs = [ libogg libvorbis libao curl speex flac ];
meta = with lib; {

View file

@ -1,4 +1,11 @@
{ lib, stdenv, fetchFromGitHub, cmake, pkg-config, mpd_clientlib, openssl }:
{ lib
, stdenv
, fetchFromGitHub
, cmake
, pkg-config
, libmpdclient
, openssl
}:
stdenv.mkDerivation rec {
pname = "ympd";
@ -12,13 +19,13 @@ stdenv.mkDerivation rec {
};
nativeBuildInputs = [ cmake pkg-config ];
buildInputs = [ mpd_clientlib openssl ];
buildInputs = [ libmpdclient openssl ];
meta = {
meta = with lib; {
homepage = "https://www.ympd.org";
description = "Standalone MPD Web GUI written in C, utilizing Websockets and Bootstrap/JS";
maintainers = [ lib.maintainers.siddharthist ];
platforms = lib.platforms.unix;
license = lib.licenses.gpl2;
maintainers = [ maintainers.siddharthist ];
platforms = platforms.unix;
license = licenses.gpl2Plus;
};
}

View file

@ -6,20 +6,20 @@
rustPlatform.buildRustPackage rec {
pname = "electrs";
version = "0.8.6";
version = "0.8.7";
src = fetchFromGitHub {
owner = "romanz";
repo = pname;
rev = "v${version}";
sha256 = "0nnblxz4xr8k083wy3whx8qxqmdzbxsh5gd91161mrnvidganvgb";
sha256 = "101prhxg7dr701gwm4s15maxb7cf65hf85hc7ai53b404v39vm71";
};
# needed for librocksdb-sys
nativeBuildInputs = [ llvmPackages.clang ];
LIBCLANG_PATH = "${llvmPackages.libclang}/lib";
cargoSha256 = "11xwjcfc3kqjyp94qzmyb26xwynf4f1q3ac3rp7l7qq1njly07gr";
cargoSha256 = "12ypx0rkpbjl4awzx8ga30qhiqqd56a24q4jwlxxnfpw9ks1z252";
meta = with lib; {
description = "An efficient re-implementation of Electrum Server in Rust";

View file

@ -2,12 +2,12 @@
let
pname = "ledger-live-desktop";
version = "2.20.0";
version = "2.21.3";
name = "${pname}-${version}";
src = fetchurl {
url = "https://github.com/LedgerHQ/${pname}/releases/download/v${version}/${pname}-${version}-linux-x86_64.AppImage";
sha256 = "10gi29mcvs4d5flqycwid190pnlciznzbvg36250mxaxxs58rq7j";
sha256 = "11r6gwzg5qym7h40d8mrpw8c6zbdi534c2y7ghy2k0a4k3ybk8x1";
};
appimageContents = appimageTools.extractType2 {

View file

@ -7,16 +7,16 @@
}:
rustPlatform.buildRustPackage rec {
pname = "polkadot";
version = "0.8.27";
version = "0.8.28-1";
src = fetchFromGitHub {
owner = "paritytech";
repo = "polkadot";
rev = "v${version}";
sha256 = "1zkqmsclhnv14s4mxz7h49kfx8wyi3lyi0dik6jn1fh6w8zr962c";
sha256 = "sha256-a+w/909PZuHsgIQEtO2IWQijsERfAKJUZ8K30+PhD3k=";
};
cargoSha256 = "1j0pr09y5pc43a4rz1zq3h9vmd874zz6z0wd279lpm6p2m0077cs";
cargoSha256 = "sha256-Zz844XDx5qj2hQlf99uvHV6e5wmDAlYh3zBvcpdoiIo=";
nativeBuildInputs = [ clang ];

View file

@ -0,0 +1,53 @@
{ lib
, fetchurl
, appimageTools
, tor
, trezord
}:
let
pname = "trezor-suite";
version = "21.2.2";
name = "${pname}-${version}";
src = fetchurl {
url = "https://github.com/trezor/${pname}/releases/download/v${version}/Trezor-Suite-${version}-linux-x86_64.AppImage";
sha256 = "0dj3azx9jvxchrpm02w6nkcis6wlnc6df04z7xc6f66fwn6r3kkw";
};
appimageContents = appimageTools.extractType2 {
inherit name src;
};
in
appimageTools.wrapType2 rec {
inherit name src;
extraInstallCommands = ''
mv $out/bin/${name} $out/bin/${pname}
mkdir -p $out/bin $out/share/${pname} $out/share/${pname}/resources
cp -a ${appimageContents}/locales/ $out/share/${pname}
cp -a ${appimageContents}/resources/app*.* $out/share/${pname}/resources
cp -a ${appimageContents}/resources/images/ $out/share/${pname}/resources
install -m 444 -D ${appimageContents}/${pname}.desktop $out/share/applications/${pname}.desktop
install -m 444 -D ${appimageContents}/${pname}.png $out/share/icons/hicolor/512x512/apps/${pname}.png
install -m 444 -D ${appimageContents}/resources/images/icons/512x512.png $out/share/icons/hicolor/512x512/apps/${pname}.png
substituteInPlace $out/share/applications/trezor-suite.desktop --replace 'Exec=AppRun' 'Exec=${pname}'
# symlink system binaries instead bundled ones
mkdir -p $out/share/${pname}/resources/bin/{bridge,tor}
ln -sf ${trezord}/bin/trezord-go $out/share/${pname}/resources/bin/bridge/trezord
ln -sf ${tor}/bin/tor $out/share/${pname}/resources/bin/tor/tor
'';
meta = with lib; {
description = "Trezor Suite - Desktop App for managing crypto";
homepage = "https://suite.trezor.io";
license = licenses.unfree;
maintainers = with maintainers; [ prusnak ];
platforms = [ "x86_64-linux" ];
};
}

View file

@ -2,16 +2,16 @@
buildGoModule rec {
pname = "turbo-geth";
version = "2021.01.01";
version = "2021.02.01";
src = fetchFromGitHub {
owner = "ledgerwatch";
repo = pname;
rev = "v${version}";
sha256 = "0a570570cmyngbz645728jdd0d2xmnyrnln2gbxnngiv4v62dxls";
sha256 = "sha256-9z0Hogu/VgGxvgQMKIImv+qyTqTmR40JS4NNIOk5EZI=";
};
vendorSha256 = "1x3mhfc16slaamp51rbscfwll25qj6ama1xkysidy7rscmmsj392";
vendorSha256 = "sha256-Ho68+SzYELQN4DE57LNSXeHIu43zAOb7HK/jx7PFdXk=";
runVend = true;
subPackages = [

View file

@ -35,6 +35,7 @@
, libXrender
, libXtst
, makeWrapper
, ncurses5
, nspr
, nss
, pciutils
@ -72,6 +73,9 @@ let
cp -r . $out
wrapProgram $out/bin/studio.sh \
--set ANDROID_EMULATOR_USE_SYSTEM_LIBS 1 \
--set JAVA_HOME "$out/jre" \
--set QT_XKB_CONFIG_ROOT "${xkeyboard_config}/share/X11/xkb" \
--set FONTCONFIG_FILE ${fontsConf} \
--prefix PATH : "${lib.makeBinPath [
# Checked in studio.sh
@ -138,12 +142,19 @@ let
gnome_vfs
glib
GConf
]}" \
--set QT_XKB_CONFIG_ROOT "${xkeyboard_config}/share/X11/xkb" \
--set FONTCONFIG_FILE ${fontsConf}
]}"
# AS launches LLDBFrontend with a custom LD_LIBRARY_PATH
wrapProgram $out/bin/lldb/bin/LLDBFrontend --prefix LD_LIBRARY_PATH : "${lib.makeLibraryPath [
ncurses5
zlib
]}"
'';
};
# Causes the shebangs in interpreter scripts deployed to mobile devices to be patched, which Android does not understand
dontPatchShebangs = true;
desktopItem = makeDesktopItem {
name = drvName;
exec = pname;
@ -161,7 +172,7 @@ let
fhsEnv = buildFHSUserEnv {
name = "${drvName}-fhs-env";
multiPkgs = pkgs: [
pkgs.ncurses5
ncurses5
# Flutter can only search for certs Fedora-way.
(runCommand "fedoracert" {}

View file

@ -14,13 +14,13 @@ let
sha256Hash = "1f9bclvyvm3sg9an7wxlfwd8jwnb9cl726dvggmysa6r7shc7xw9";
};
betaVersion = {
version = "4.2.0.19"; # "Android Studio 4.2 Beta 3"
build = "202.7033425";
sha256Hash = "037r99hn16y0fy6z6k90qf6yx5a4vvx6bl9rdyagdm16ry4bpiw4";
version = "4.2.0.20"; # "Android Studio 4.2 Beta 4"
build = "202.7094744";
sha256Hash = "10c4qfq6d9ggs88s8h3pryhlnzw17m60qci78rjbh32wmm02sciz";
};
latestVersion = { # canary & dev
version = "2020.3.1.4"; # "Android Studio Arctic Fox Canary 4"
sha256Hash = "05drh4grq0b37qg5nspf2c6vmvcc9x71al3xwc2ddjhmyj0f9sk4";
version = "2020.3.1.5"; # "Android Studio Arctic Fox (2020.3.1) Canary 5"
sha256Hash = "0x749sbg7qa5ncwwaywcldlhyyyyfh05bms2czz1rv6h7zgq16vq";
};
in {
# Attributes are named by their corresponding release channels

View file

@ -0,0 +1,22 @@
{ trivialBuild, lib, fetchurl }:
trivialBuild rec {
pname = "jam-mode";
version = "0.3";
src = fetchurl {
url = "https://dev.gentoo.org/~ulm/distfiles/jam-mode-${version}.el.xz";
sha256 = "1jchgiy2rgvnb3swr6ar72yas6pj4inpgpcq78q01q6snflmi2fh";
};
unpackPhase = ''
xz -cd $src > jam-mode.el
'';
meta = with lib; {
description = "An Emacs major mode for editing Jam files";
license = licenses.gpl2Plus;
maintainers = with maintainers; [ qyliss ];
platforms = platforms.all;
};
}

View file

@ -111,6 +111,8 @@
helm-words = callPackage ./helm-words { };
jam-mode = callPackage ./jam-mode { };
org-mac-link =
callPackage ./org-mac-link { };

View file

@ -610,7 +610,7 @@ let
};
# Deprecated legacy aliases for backwards compat
aliases = lib.listToAttrs (lib.attrValues (lib.mapAttrs (n: v: { name = v; value = builtins.trace "Melpa attribute '${v}' is a legacy alias that will be removed in 21.03, use '${n}' instead" melpaPackages.${n}; }) (lib.filterAttrs (n: v: lib.hasAttr n melpaPackages) {
aliases = lib.listToAttrs (lib.attrValues (lib.mapAttrs (n: v: { name = v; value = builtins.trace "Melpa attribute '${v}' is a legacy alias that will be removed in 21.05, use '${n}' instead" melpaPackages.${n}; }) (lib.filterAttrs (n: v: lib.hasAttr n melpaPackages) {
"auto-complete-clang-async" = "emacsClangCompleteAsync";
"vterm" = "emacs-libvterm";
"0xc" = "_0xc";

View file

@ -19,6 +19,7 @@
, withGTK2 ? false, gtk2-x11 ? null
, withGTK3 ? true, gtk3-x11 ? null, gsettings-desktop-schemas ? null
, withXwidgets ? false, webkitgtk ? null, wrapGAppsHook ? null, glib-networking ? null
, withMotif ? false, motif ? null
, withCsrc ? true
, srcRepo ? false, autoreconfHook ? null, texinfo ? null
, siteStart ? ./site-start.el
@ -27,6 +28,7 @@
, toolkit ? (
if withGTK2 then "gtk2"
else if withGTK3 then "gtk3"
else if withMotif then "motif"
else "lucid")
}:
@ -107,6 +109,7 @@ let emacs = stdenv.mkDerivation (lib.optionalAttrs nativeComp {
++ lib.optionals (stdenv.isLinux && withX) [ m17n_lib libotf ]
++ lib.optional (withX && withGTK2) gtk2-x11
++ lib.optionals (withX && withGTK3) [ gtk3-x11 gsettings-desktop-schemas ]
++ lib.optional (withX && withMotif) motif
++ lib.optionals (withX && withXwidgets) [ webkitgtk glib-networking ]
++ lib.optionals withNS [ AppKit GSS ImageIO ]
++ lib.optionals nativeComp [ libgccjit ]

View file

@ -17,6 +17,8 @@ stdenv.mkDerivation rec {
patches = [ ./gcc7.patch ];
NIX_CFLAGS_COMPILE = [ "-Wno-narrowing" ];
meta = with lib; {
description = "File editor/viewer/analyzer for executables";
homepage = "http://hte.sourceforge.net";

Some files were not shown because too many files have changed in this diff Show more