mirror of
https://github.com/ilyakooo0/nixpkgs.git
synced 2024-12-26 04:43:09 +03:00
Merge master into staging
This commit is contained in:
commit
1c268e0b8c
5
.mention-bot
Normal file
5
.mention-bot
Normal file
@ -0,0 +1,5 @@
|
||||
{
|
||||
"userBlacklist": [
|
||||
"civodul"
|
||||
]
|
||||
}
|
109
doc/configuration.xml
Normal file
109
doc/configuration.xml
Normal file
@ -0,0 +1,109 @@
|
||||
<chapter xmlns="http://docbook.org/ns/docbook"
|
||||
xmlns:xlink="http://www.w3.org/1999/xlink"
|
||||
xml:id="chap-packageconfig">
|
||||
|
||||
<title><filename>~/.nixpkgs/config.nix</filename>: global configuration</title>
|
||||
|
||||
<para>Nix packages can be configured to allow or deny certain options.</para>
|
||||
|
||||
<para>To apply the configuration edit
|
||||
<filename>~/.nixpkgs/config.nix</filename> and set it like
|
||||
|
||||
<programlisting>
|
||||
{
|
||||
allowUnfree = true;
|
||||
}
|
||||
</programlisting>
|
||||
|
||||
and will allow the Nix package manager to install unfree licensed packages.</para>
|
||||
|
||||
<para>The configuration as listed also applies to NixOS under
|
||||
<option>nixpkgs.config</option> set.</para>
|
||||
|
||||
<itemizedlist>
|
||||
|
||||
<listitem>
|
||||
<para>Allow installing of packages that are distributed under
|
||||
unfree license by setting <programlisting>allowUnfree =
|
||||
true;</programlisting> or deny them by setting it to
|
||||
<literal>false</literal>.</para>
|
||||
|
||||
<para>Same can be achieved by setting the environment variable:
|
||||
|
||||
<programlisting>
|
||||
$ export NIXPKGS_ALLOW_UNFREE=1
|
||||
</programlisting>
|
||||
|
||||
</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Whenever unfree packages are not allowed, single packages
|
||||
can still be allowed by a predicate function that accepts package
|
||||
as an argument and should return a boolean:
|
||||
|
||||
<programlisting>
|
||||
allowUnfreePredicate = (pkg: ...);
|
||||
</programlisting>
|
||||
|
||||
Example to allow flash player only:
|
||||
|
||||
<programlisting>
|
||||
allowUnfreePredicate = (pkg: pkgs.lib.hasPrefix "flashplayer-" pkg.name);
|
||||
</programlisting>
|
||||
|
||||
</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Whenever unfree packages are not allowed, packages can still
|
||||
be whitelisted by their license:
|
||||
|
||||
<programlisting>
|
||||
whitelistedLicenses = with stdenv.lib.licenses; [ amd wtfpl ];
|
||||
</programlisting>
|
||||
</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>In addition to whitelisting licenses which are denied by the
|
||||
<literal>allowUnfree</literal> setting, you can also explicitely
|
||||
deny installation of packages which have a certain license:
|
||||
|
||||
<programlisting>
|
||||
blacklistedLicenses = with stdenv.lib.licenses; [ agpl3 gpl3 ];
|
||||
</programlisting>
|
||||
</para>
|
||||
</listitem>
|
||||
|
||||
</itemizedlist>
|
||||
|
||||
<para>A complete list of licenses can be found in the file
|
||||
<filename>lib/licenses.nix</filename> of the nix package tree.</para>
|
||||
|
||||
|
||||
<!--============================================================-->
|
||||
|
||||
<section xml:id="sec-modify-via-packageOverrides"><title>Modify
|
||||
packages via <literal>packageOverrides</literal></title>
|
||||
|
||||
<para>You can define a function called
|
||||
<varname>packageOverrides</varname> in your local
|
||||
<filename>~/.nixpkgs/config</filename> to overide nix packages. It
|
||||
must be a function that takes pkgs as an argument and return modified
|
||||
set of packages.
|
||||
|
||||
<programlisting>
|
||||
{
|
||||
packageOverrides = pkgs: rec {
|
||||
foo = pkgs.foo.override { ... };
|
||||
};
|
||||
}
|
||||
</programlisting>
|
||||
|
||||
</para>
|
||||
|
||||
</section>
|
||||
|
||||
|
||||
</chapter>
|
@ -1,4 +1,3 @@
|
||||
|
||||
<chapter xmlns="http://docbook.org/ns/docbook"
|
||||
xmlns:xlink="http://www.w3.org/1999/xlink"
|
||||
xml:id="chap-language-support">
|
||||
|
@ -1,88 +0,0 @@
|
||||
<chapter xmlns="http://docbook.org/ns/docbook"
|
||||
xmlns:xlink="http://www.w3.org/1999/xlink"
|
||||
xml:id="chap-packageconfig">
|
||||
|
||||
<title><filename>~/.nixpkgs/config.nix</filename>: global configuration</title>
|
||||
|
||||
<para>
|
||||
Nix packages can be configured to allow or deny certain options.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
To apply the configuration edit <filename>~/.nixpkgs/config.nix</filename>
|
||||
and set it like
|
||||
<programlisting>{
|
||||
allowUnfree = true;
|
||||
}</programlisting>
|
||||
and will allow the Nix package manager to install unfree licensed packages.
|
||||
|
||||
The configuration as listed also applies to NixOS under <option>nixpkgs.config</option> set.
|
||||
</para>
|
||||
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
<para>
|
||||
Allow installing of packages that are distributed under unfree license by setting
|
||||
<programlisting>allowUnfree = true;</programlisting>
|
||||
or deny them by setting it to <literal>false</literal>.
|
||||
</para>
|
||||
<para>
|
||||
Same can be achieved by setting the environment variable:
|
||||
<programlisting>$ export NIXPKGS_ALLOW_UNFREE=1</programlisting>
|
||||
</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>
|
||||
Whenever unfree packages are not allowed, single packages can
|
||||
still be allowed by a predicate function that accepts package
|
||||
as an argument and should return a boolean:
|
||||
<programlisting>allowUnfreePredicate = (pkg: ...);</programlisting>
|
||||
|
||||
Example to allow flash player only:
|
||||
<programlisting>allowUnfreePredicate = (pkg: pkgs.lib.hasPrefix "flashplayer-" pkg.name);</programlisting>
|
||||
</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>
|
||||
Whenever unfree packages are not allowed, packages can still be
|
||||
whitelisted by their license:
|
||||
<programlisting>whitelistedLicenses = with stdenv.lib.licenses; [ amd wtfpl ];</programlisting>
|
||||
</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>
|
||||
In addition to whitelisting licenses which are denied by the
|
||||
<literal>allowUnfree</literal> setting, you can also explicitely
|
||||
deny installation of packages which have a certain license:
|
||||
<programlisting>blacklistedLicenses = with stdenv.lib.licenses; [ agpl3 gpl3 ];</programlisting>
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
|
||||
<para>
|
||||
A complete list of licenses can be found in the file
|
||||
<filename>lib/licenses.nix</filename> of the nix package tree.
|
||||
</para>
|
||||
|
||||
<section xml:id="sec-modify-via-packageOverrides"><title>Modify
|
||||
packages via <literal>packageOverrides</literal></title>
|
||||
|
||||
<para>
|
||||
|
||||
You can define a function called <varname>packageOverrides</varname>
|
||||
in your local <filename>~/.nixpkgs/config</filename> to overide nix
|
||||
packages. It must be a function that takes pkgs as an argument and
|
||||
return modified set of packages.
|
||||
|
||||
<programlisting>{
|
||||
packageOverrides = pkgs: rec {
|
||||
foo = pkgs.foo.override { ... };
|
||||
};
|
||||
}</programlisting>
|
||||
</para>
|
||||
</section>
|
||||
|
||||
</chapter>
|
@ -270,7 +270,7 @@ Additional information.
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>If staging is already in a broken state, please refrain from adding extra new breakages. Stabilize it for a few days, merge into master, then resume development on staging. <link xlink:href="http://hydra.nixos.org/jobset/nixpkgs/staging#tabs-evaluations">Keep an eye on the staging evaluations here</link>.</para>
|
||||
<para>If staging is already in a broken state, please refrain from adding extra new breakages. Stabilize it for a few days, merge into master, then resume development on staging. <link xlink:href="http://hydra.nixos.org/jobset/nixpkgs/staging#tabs-evaluations">Keep an eye on the staging evaluations here</link>. If any fixes for staging happen to be already in master, then master can be merged into staging.</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
|
@ -23,6 +23,17 @@ rec {
|
||||
then attrByPath (tail attrPath) default e.${attr}
|
||||
else default;
|
||||
|
||||
/* Return if an attribute from nested attribute set exists.
|
||||
For instance ["x" "y"] applied to some set e returns true, if e.x.y exists. False
|
||||
is returned otherwise. */
|
||||
hasAttrByPath = attrPath: e:
|
||||
let attr = head attrPath;
|
||||
in
|
||||
if attrPath == [] then true
|
||||
else if e ? ${attr}
|
||||
then hasAttrByPath (tail attrPath) e.${attr}
|
||||
else false;
|
||||
|
||||
|
||||
/* Return nested attribute set in which an attribute is set. For instance
|
||||
["x" "y"] applied with some value v returns `x.y = v;' */
|
||||
|
@ -92,8 +92,7 @@
|
||||
eikek = "Eike Kettner <eike.kettner@posteo.de>";
|
||||
elasticdog = "Aaron Bull Schaefer <aaron@elasticdog.com>";
|
||||
ellis = "Ellis Whitehead <nixos@ellisw.net>";
|
||||
emery = "Emery Hemingway <emery@vfemail.net>";
|
||||
enolan = "Echo Nolan <echo@echonolan.net>";
|
||||
ehmry = "Emery Hemingway <emery@vfemail.net>";
|
||||
epitrochoid = "Mabry Cervin <mpcervin@uncg.edu>";
|
||||
ericbmerritt = "Eric Merritt <eric@afiniate.com>";
|
||||
ericsagnes = "Eric Sagnes <eric.sagnes@gmail.com>";
|
||||
@ -119,6 +118,7 @@
|
||||
gebner = "Gabriel Ebner <gebner@gebner.org>";
|
||||
gfxmonk = "Tim Cuthbertson <tim@gfxmonk.net>";
|
||||
giogadi = "Luis G. Torres <lgtorres42@gmail.com>";
|
||||
gleber = "Gleb Peregud <gleber.p@gmail.com>";
|
||||
globin = "Robin Gloster <robin@glob.in>";
|
||||
goibhniu = "Cillian de Róiste <cillian.deroiste@gmail.com>";
|
||||
gridaphobe = "Eric Seidel <eric@seidel.io>";
|
||||
@ -142,6 +142,7 @@
|
||||
jefdaj = "Jeffrey David Johnson <jefdaj@gmail.com>";
|
||||
jfb = "James Felix Black <james@yamtime.com>";
|
||||
jgeerds = "Jascha Geerds <jg@ekby.de>";
|
||||
jgillich = "Jakob Gillich <jakob@gillich.me>";
|
||||
jirkamarsik = "Jirka Marsik <jiri.marsik89@gmail.com>";
|
||||
joachifm = "Joachim Fasting <joachifm@fastmail.fm>";
|
||||
joamaki = "Jussi Maki <joamaki@gmail.com>";
|
||||
@ -174,6 +175,7 @@
|
||||
lsix = "Lancelot SIX <lsix@lancelotsix.com>";
|
||||
ludo = "Ludovic Courtès <ludo@gnu.org>";
|
||||
lukego = "Luke Gorrie <luke@snabb.co>";
|
||||
luispedro = "Luis Pedro Coelho <luis@luispedro.org>";
|
||||
lw = "Sergey Sofeychuk <lw@fmap.me>";
|
||||
madjar = "Georges Dubus <georges.dubus@compiletoi.net>";
|
||||
magnetophon = "Bart Brouns <bart@magnetophon.nl>";
|
||||
@ -182,7 +184,7 @@
|
||||
malyn = "Michael Alyn Miller <malyn@strangeGizmo.com>";
|
||||
manveru = "Michael Fellinger <m.fellinger@gmail.com>";
|
||||
marcweber = "Marc Weber <marco-oweber@gmx.de>";
|
||||
markWot = "Markus Wotringer <markus@wotringer.de";
|
||||
markWot = "Markus Wotringer <markus@wotringer.de>";
|
||||
maurer = "Matthew Maurer <matthew.r.maurer+nix@gmail.com>";
|
||||
matejc = "Matej Cotman <cotman.matej@gmail.com>";
|
||||
mathnerd314 = "Mathnerd314 <mathnerd314.gph+hs@gmail.com>";
|
||||
@ -207,6 +209,7 @@
|
||||
muflax = "Stefan Dorn <mail@muflax.com>";
|
||||
nathan-gs = "Nathan Bijnens <nathan@nathan.gs>";
|
||||
nckx = "Tobias Geerinckx-Rice <tobias.geerinckx.rice@gmail.com>";
|
||||
nequissimus = "Tim Steinbach <tim@nequissimus.com>";
|
||||
nico202 = "Nicolò Balzarotti <anothersms@gmail.com>";
|
||||
notthemessiah = "Brian Cohen <brian.cohen.88@gmail.com>";
|
||||
np = "Nicolas Pouillard <np.nix@nicolaspouillard.fr>";
|
||||
@ -218,6 +221,7 @@
|
||||
olcai = "Erik Timan <dev@timan.info>";
|
||||
orbitz = "Malcolm Matalka <mmatalka@gmail.com>";
|
||||
osener = "Ozan Sener <ozan@ozansener.com>";
|
||||
oxij = "Jan Malakhovski <oxij@oxij.org>";
|
||||
page = "Carles Pagès <page@cubata.homelinux.net>";
|
||||
paholg = "Paho Lurie-Gregg <paho@paholg.com>";
|
||||
pakhfn = "Fedor Pakhomov <pakhfn@gmail.com>";
|
||||
@ -237,6 +241,7 @@
|
||||
pmahoney = "Patrick Mahoney <pat@polycrystal.org>";
|
||||
pmiddend = "Philipp Middendorf <pmidden@secure.mailbox.org>";
|
||||
prikhi = "Pavan Rikhi <pavan.rikhi@gmail.com>";
|
||||
profpatsch = "Profpatsch <mail@profpatsch.de>";
|
||||
psibi = "Sibi <sibi@psibi.in>";
|
||||
pSub = "Pascal Wittmann <mail@pascal-wittmann.de>";
|
||||
puffnfresh = "Brian McKenna <brian@brianmckenna.org>";
|
||||
@ -287,6 +292,7 @@
|
||||
tailhook = "Paul Colomiets <paul@colomiets.name>";
|
||||
taktoa = "Remy Goldschmidt <taktoa@gmail.com>";
|
||||
telotortium = "Robert Irelan <rirelan@gmail.com>";
|
||||
thall = "Niclas Thall <niclas.thall@gmail.com>";
|
||||
thammers = "Tobias Hammerschmidt <jawr@gmx.de>";
|
||||
the-kenny = "Moritz Ulrich <moritz@tarn-vedra.de>";
|
||||
theuni = "Christian Theune <ct@flyingcircus.io>";
|
||||
|
@ -52,6 +52,10 @@ rec {
|
||||
# libraries for a set of packages, e.g. "${pkg1}/lib:${pkg2}/lib:...".
|
||||
makeLibraryPath = makeSearchPath "lib";
|
||||
|
||||
# Construct a binary search path (such as $PATH) containing the
|
||||
# binaries for a set of packages, e.g. "${pkg1}/bin:${pkg2}/bin:...".
|
||||
makeBinPath = makeSearchPath "bin";
|
||||
|
||||
|
||||
# Idem for Perl search paths.
|
||||
makePerlPath = makeSearchPath "lib/perl5/site_perl";
|
||||
@ -231,4 +235,19 @@ rec {
|
||||
then may_be_int
|
||||
else throw "Could not convert ${str} to int.";
|
||||
|
||||
# Read a list of paths from `file', relative to the `rootPath'. Lines
|
||||
# beginning with `#' are treated as comments and ignored. Whitespace
|
||||
# is significant.
|
||||
readPathsFromFile = rootPath: file:
|
||||
let
|
||||
root = toString rootPath;
|
||||
lines =
|
||||
builtins.map (lib.removeSuffix "\n")
|
||||
(lib.splitString "\n" (builtins.readFile file));
|
||||
removeComments = lib.filter (line: !(lib.hasPrefix "#" line));
|
||||
relativePaths = removeComments lines;
|
||||
absolutePaths = builtins.map (path: builtins.toPath (root + "/" + path)) relativePaths;
|
||||
in
|
||||
absolutePaths;
|
||||
|
||||
}
|
||||
|
@ -120,4 +120,14 @@ runTests {
|
||||
expected = { success = false; value = false; };
|
||||
};
|
||||
|
||||
testHasAttrByPathTrue = {
|
||||
expr = hasAttrByPath ["a" "b"] { a = { b = "yey"; }; };
|
||||
expected = true;
|
||||
};
|
||||
|
||||
testHasAttrByPathFalse = {
|
||||
expr = hasAttrByPath ["a" "b"] { a = { c = "yey"; }; };
|
||||
expected = false;
|
||||
};
|
||||
|
||||
}
|
||||
|
18
maintainers/scripts/all-tarballs.nix
Normal file
18
maintainers/scripts/all-tarballs.nix
Normal file
@ -0,0 +1,18 @@
|
||||
/* Helper expression for copy-tarballs. This returns (nearly) all
|
||||
tarballs used the free packages in Nixpkgs.
|
||||
|
||||
Typical usage:
|
||||
|
||||
$ copy-tarballs.pl --expr 'import <nixpkgs/maintainers/scripts/all-tarballs.nix>'
|
||||
*/
|
||||
|
||||
removeAttrs (import ../../pkgs/top-level/release.nix
|
||||
{ # Don't apply ‘hydraJob’ to jobs, because then we can't get to the
|
||||
# dependency graph.
|
||||
scrubJobs = false;
|
||||
# No need to evaluate on i686.
|
||||
supportedSystems = [ "x86_64-linux" ];
|
||||
})
|
||||
[ # Remove jobs whose evaluation depends on a writable Nix store.
|
||||
"tarball" "unstable"
|
||||
]
|
@ -1,97 +1,171 @@
|
||||
#! /run/current-system/sw/bin/perl -w
|
||||
#! /usr/bin/env nix-shell
|
||||
#! nix-shell -i perl -p perl perlPackages.NetAmazonS3 perlPackages.FileSlurp nixUnstable
|
||||
|
||||
# This command uploads tarballs to tarballs.nixos.org, the
|
||||
# content-addressed cache used by fetchurl as a fallback for when
|
||||
# upstream tarballs disappear or change. Usage:
|
||||
#
|
||||
# 1) To upload a single file:
|
||||
#
|
||||
# $ copy-tarballs.pl --file /path/to/tarball.tar.gz
|
||||
#
|
||||
# 2) To upload all files obtained via calls to fetchurl in a Nix derivation:
|
||||
#
|
||||
# $ copy-tarballs.pl --expr '(import <nixpkgs> {}).hello'
|
||||
|
||||
use strict;
|
||||
use XML::Simple;
|
||||
use warnings;
|
||||
use File::Basename;
|
||||
use File::Path;
|
||||
use File::Copy 'cp';
|
||||
use IPC::Open2;
|
||||
use File::Slurp;
|
||||
use JSON;
|
||||
use Net::Amazon::S3;
|
||||
use Nix::Store;
|
||||
|
||||
my $myDir = dirname($0);
|
||||
# S3 setup.
|
||||
my $aws_access_key_id = $ENV{'AWS_ACCESS_KEY_ID'} or die;
|
||||
my $aws_secret_access_key = $ENV{'AWS_SECRET_ACCESS_KEY'} or die;
|
||||
|
||||
my $tarballsCache = $ENV{'NIX_TARBALLS_CACHE'} // "/tarballs";
|
||||
my $s3 = Net::Amazon::S3->new(
|
||||
{ aws_access_key_id => $aws_access_key_id,
|
||||
aws_secret_access_key => $aws_secret_access_key,
|
||||
retry => 1,
|
||||
});
|
||||
|
||||
my $xml = `nix-instantiate --eval-only --xml --strict '<nixpkgs/maintainers/scripts/find-tarballs.nix>'`;
|
||||
die "$0: evaluation failed\n" if $? != 0;
|
||||
my $bucket = $s3->bucket("nixpkgs-tarballs") or die;
|
||||
|
||||
my $data = XMLin($xml) or die;
|
||||
my $cacheFile = "/tmp/copy-tarballs-cache";
|
||||
my %cache;
|
||||
$cache{$_} = 1 foreach read_file($cacheFile, err_mode => 'quiet', chomp => 1);
|
||||
|
||||
mkpath($tarballsCache);
|
||||
mkpath("$tarballsCache/md5");
|
||||
mkpath("$tarballsCache/sha1");
|
||||
mkpath("$tarballsCache/sha256");
|
||||
|
||||
foreach my $file (@{$data->{list}->{attrs}}) {
|
||||
my $url = $file->{attr}->{url}->{string}->{value};
|
||||
my $algo = $file->{attr}->{type}->{string}->{value};
|
||||
my $hash = $file->{attr}->{hash}->{string}->{value};
|
||||
|
||||
if ($url !~ /^http:/ && $url !~ /^https:/ && $url !~ /^ftp:/ && $url !~ /^mirror:/) {
|
||||
print STDERR "skipping $url (unsupported scheme)\n";
|
||||
next;
|
||||
}
|
||||
|
||||
$url =~ /([^\/]+)$/;
|
||||
my $fn = $1;
|
||||
|
||||
if (!defined $fn) {
|
||||
print STDERR "skipping $url (no file name)\n";
|
||||
next;
|
||||
}
|
||||
|
||||
if ($fn =~ /[&?=%]/ || $fn =~ /^\./) {
|
||||
print STDERR "skipping $url (bad character in file name)\n";
|
||||
next;
|
||||
}
|
||||
|
||||
if ($fn !~ /[a-zA-Z]/) {
|
||||
print STDERR "skipping $url (no letter in file name)\n";
|
||||
next;
|
||||
}
|
||||
|
||||
if ($fn !~ /[0-9]/) {
|
||||
print STDERR "skipping $url (no digit in file name)\n";
|
||||
next;
|
||||
}
|
||||
|
||||
if ($fn !~ /[-_\.]/) {
|
||||
print STDERR "skipping $url (no dash/dot/underscore in file name)\n";
|
||||
next;
|
||||
}
|
||||
|
||||
my $dstPath = "$tarballsCache/$fn";
|
||||
|
||||
next if -e $dstPath;
|
||||
|
||||
print "downloading $url to $dstPath...\n";
|
||||
|
||||
next if $ENV{DRY_RUN};
|
||||
|
||||
$ENV{QUIET} = 1;
|
||||
$ENV{PRINT_PATH} = 1;
|
||||
my $fh;
|
||||
my $pid = open($fh, "-|", "nix-prefetch-url", "--type", $algo, $url, $hash) or die;
|
||||
waitpid($pid, 0) or die;
|
||||
if ($? != 0) {
|
||||
print STDERR "failed to fetch $url: $?\n";
|
||||
next;
|
||||
}
|
||||
<$fh>; my $storePath = <$fh>; chomp $storePath;
|
||||
|
||||
die unless -e $storePath;
|
||||
|
||||
cp($storePath, $dstPath) or die;
|
||||
|
||||
my $md5 = hashFile("md5", 0, $storePath) or die;
|
||||
symlink("../$fn", "$tarballsCache/md5/$md5");
|
||||
|
||||
my $sha1 = hashFile("sha1", 0, $storePath) or die;
|
||||
symlink("../$fn", "$tarballsCache/sha1/$sha1");
|
||||
|
||||
my $sha256 = hashFile("sha256", 0, $storePath) or die;
|
||||
symlink("../$fn", "$tarballsCache/sha256/$sha256");
|
||||
|
||||
$sha256 = hashFile("sha256", 1, $storePath) or die;
|
||||
symlink("../$fn", "$tarballsCache/sha256/$sha256");
|
||||
END() {
|
||||
write_file($cacheFile, map { "$_\n" } keys %cache);
|
||||
}
|
||||
|
||||
sub alreadyMirrored {
|
||||
my ($algo, $hash) = @_;
|
||||
my $key = "$algo/$hash";
|
||||
return 1 if defined $cache{$key};
|
||||
my $res = defined $bucket->get_key($key);
|
||||
$cache{$key} = 1 if $res;
|
||||
return $res;
|
||||
}
|
||||
|
||||
sub uploadFile {
|
||||
my ($fn, $name) = @_;
|
||||
|
||||
my $md5_16 = hashFile("md5", 0, $fn) or die;
|
||||
my $sha1_16 = hashFile("sha1", 0, $fn) or die;
|
||||
my $sha256_32 = hashFile("sha256", 1, $fn) or die;
|
||||
my $sha256_16 = hashFile("sha256", 0, $fn) or die;
|
||||
my $sha512_32 = hashFile("sha512", 1, $fn) or die;
|
||||
my $sha512_16 = hashFile("sha512", 0, $fn) or die;
|
||||
|
||||
my $mainKey = "sha512/$sha512_16";
|
||||
|
||||
# Create redirects from the other hash types.
|
||||
sub redirect {
|
||||
my ($name, $dest) = @_;
|
||||
#print STDERR "linking $name to $dest...\n";
|
||||
$bucket->add_key($name, "", { 'x-amz-website-redirect-location' => "/" . $dest })
|
||||
or die "failed to create redirect from $name to $dest\n";
|
||||
$cache{$name} = 1;
|
||||
}
|
||||
redirect "md5/$md5_16", $mainKey;
|
||||
redirect "sha1/$sha1_16", $mainKey;
|
||||
redirect "sha256/$sha256_32", $mainKey;
|
||||
redirect "sha256/$sha256_16", $mainKey;
|
||||
redirect "sha512/$sha512_32", $mainKey;
|
||||
|
||||
# Upload the file as sha512/<hash-in-base-16>.
|
||||
print STDERR "uploading $fn to $mainKey...\n";
|
||||
$bucket->add_key_filename($mainKey, $fn, { 'x-amz-meta-original-name' => $name })
|
||||
or die "failed to upload $fn to $mainKey\n";
|
||||
$cache{$mainKey} = 1;
|
||||
}
|
||||
|
||||
my $op = shift @ARGV;
|
||||
|
||||
if ($op eq "--file") {
|
||||
my $res = 0;
|
||||
foreach my $fn (@ARGV) {
|
||||
eval {
|
||||
if (alreadyMirrored("sha512", hashFile("sha512", 0, $fn))) {
|
||||
print STDERR "$fn is already mirrored\n";
|
||||
} else {
|
||||
uploadFile($fn, basename $fn);
|
||||
}
|
||||
};
|
||||
if ($@) {
|
||||
warn "$@\n";
|
||||
$res = 1;
|
||||
}
|
||||
}
|
||||
exit $res;
|
||||
}
|
||||
|
||||
elsif ($op eq "--expr") {
|
||||
|
||||
# Evaluate find-tarballs.nix.
|
||||
my $expr = $ARGV[0] // die "$0: --expr requires a Nix expression\n";
|
||||
my $pid = open(JSON, "-|", "nix-instantiate", "--eval", "--json", "--strict",
|
||||
"<nixpkgs/maintainers/scripts/find-tarballs.nix>",
|
||||
"--arg", "expr", $expr);
|
||||
my $stdout = <JSON>;
|
||||
waitpid($pid, 0);
|
||||
die "$0: evaluation failed\n" if $?;
|
||||
close JSON;
|
||||
|
||||
my $fetches = decode_json($stdout);
|
||||
|
||||
print STDERR "evaluation returned ", scalar(@{$fetches}), " tarballs\n";
|
||||
|
||||
# Check every fetchurl call discovered by find-tarballs.nix.
|
||||
my $mirrored = 0;
|
||||
my $have = 0;
|
||||
foreach my $fetch (@{$fetches}) {
|
||||
my $url = $fetch->{url};
|
||||
my $algo = $fetch->{type};
|
||||
my $hash = $fetch->{hash};
|
||||
|
||||
if (defined $ENV{DEBUG}) {
|
||||
print "$url $algo $hash\n";
|
||||
next;
|
||||
}
|
||||
|
||||
if ($url !~ /^http:/ && $url !~ /^https:/ && $url !~ /^ftp:/ && $url !~ /^mirror:/) {
|
||||
print STDERR "skipping $url (unsupported scheme)\n";
|
||||
next;
|
||||
}
|
||||
|
||||
if (alreadyMirrored($algo, $hash)) {
|
||||
$have++;
|
||||
next;
|
||||
}
|
||||
|
||||
print STDERR "mirroring $url...\n";
|
||||
|
||||
next if $ENV{DRY_RUN};
|
||||
|
||||
# Download the file using nix-prefetch-url.
|
||||
$ENV{QUIET} = 1;
|
||||
$ENV{PRINT_PATH} = 1;
|
||||
my $fh;
|
||||
my $pid = open($fh, "-|", "nix-prefetch-url", "--type", $algo, $url, $hash) or die;
|
||||
waitpid($pid, 0) or die;
|
||||
if ($? != 0) {
|
||||
print STDERR "failed to fetch $url: $?\n";
|
||||
next;
|
||||
}
|
||||
<$fh>; my $storePath = <$fh>; chomp $storePath;
|
||||
|
||||
uploadFile($storePath, $url);
|
||||
$mirrored++;
|
||||
}
|
||||
|
||||
print STDERR "mirrored $mirrored files, already have $have files\n";
|
||||
}
|
||||
|
||||
else {
|
||||
die "Syntax: $0 --file FILENAMES... | --expr EXPR\n";
|
||||
}
|
||||
|
@ -1,12 +1,13 @@
|
||||
# This expression returns a list of all fetchurl calls used by all
|
||||
# packages reachable from release.nix.
|
||||
# This expression returns a list of all fetchurl calls used by ‘expr’.
|
||||
|
||||
with import ../.. { };
|
||||
with lib;
|
||||
|
||||
{ expr }:
|
||||
|
||||
let
|
||||
|
||||
root = removeAttrs (import ../../pkgs/top-level/release.nix { }) [ "tarball" "unstable" ];
|
||||
root = expr;
|
||||
|
||||
uniqueUrls = map (x: x.file) (genericClosure {
|
||||
startSet = map (file: { key = file.url; inherit file; }) urls;
|
||||
@ -15,7 +16,10 @@ let
|
||||
|
||||
urls = map (drv: { url = head drv.urls; hash = drv.outputHash; type = drv.outputHashAlgo; }) fetchurlDependencies;
|
||||
|
||||
fetchurlDependencies = filter (drv: drv.outputHash or "" != "" && drv ? urls) dependencies;
|
||||
fetchurlDependencies =
|
||||
filter
|
||||
(drv: drv.outputHash or "" != "" && drv.outputHashMode == "flat" && drv.postFetch or "" == "" && drv ? urls)
|
||||
dependencies;
|
||||
|
||||
dependencies = map (x: x.value) (genericClosure {
|
||||
startSet = map keyDrv (derivationsIn' root);
|
||||
|
@ -12,7 +12,7 @@ git_data="$(echo "$raw_git_log" | grep 'Author:' |
|
||||
# Also there are a few manual entries
|
||||
maintainers="$(cat "$(dirname "$0")/../../lib/maintainers.nix" |
|
||||
grep '=' | sed -re 's/\\"/''/g;
|
||||
s/ *([^ =]*) *= *" *(.*[^ ]) *[<](.*)[>] *".*/\1\t\2\t\3/')"
|
||||
s/[ ]*([^ =]*)[ ]*=[ ]*" *(.*[^ ]) *[<](.*)[>] *".*/\1\t\2\t\3/')"
|
||||
git_lines="$( ( echo "$git_data";
|
||||
cat "$(dirname "$0")/vanity-manual-equalities.txt") | sort |uniq)"
|
||||
|
||||
|
@ -22,8 +22,10 @@ containers.database =
|
||||
</programlisting>
|
||||
|
||||
If you run <literal>nixos-rebuild switch</literal>, the container will
|
||||
be built and started. If the container was already running, it will be
|
||||
updated in place, without rebooting.</para>
|
||||
be built. If the container was already running, it will be
|
||||
updated in place, without rebooting. The container can be configured to
|
||||
start automatically by setting <literal>containers.database.autoStart = true</literal>
|
||||
in its configuration.</para>
|
||||
|
||||
<para>By default, declarative containers share the network namespace
|
||||
of the host, meaning that they can listen on (privileged)
|
||||
@ -41,13 +43,15 @@ containers.database =
|
||||
This gives the container a private virtual Ethernet interface with IP
|
||||
address <literal>192.168.100.11</literal>, which is hooked up to a
|
||||
virtual Ethernet interface on the host with IP address
|
||||
<literal>192.168.100.10</literal>. (See the next section for details
|
||||
<literal>192.168.100.10</literal>. (See the next section for details
|
||||
on container networking.)</para>
|
||||
|
||||
<para>To disable the container, just remove it from
|
||||
<filename>configuration.nix</filename> and run <literal>nixos-rebuild
|
||||
switch</literal>. Note that this will not delete the root directory of
|
||||
the container in <literal>/var/lib/containers</literal>.</para>
|
||||
the container in <literal>/var/lib/containers</literal>. Containers can be
|
||||
destroyed using the imperative method: <literal>nixos-container destroy
|
||||
foo</literal>.</para>
|
||||
|
||||
<para>Declarative containers can be started and stopped using the
|
||||
corresponding systemd service, e.g. <literal>systemctl start
|
||||
|
@ -26,6 +26,7 @@ effect after you run <command>nixos-rebuild</command>.</para>
|
||||
|
||||
<!-- FIXME: auto-include NixOS module docs -->
|
||||
<xi:include href="postgresql.xml" />
|
||||
<xi:include href="acme.xml" />
|
||||
<xi:include href="nixos.xml" />
|
||||
|
||||
<!-- Apache; libvirtd virtualisation -->
|
||||
|
@ -55,6 +55,7 @@ let
|
||||
cp -prd $sources/* . # */
|
||||
chmod -R u+w .
|
||||
cp ${../../modules/services/databases/postgresql.xml} configuration/postgresql.xml
|
||||
cp ${../../modules/security/acme.xml} configuration/acme.xml
|
||||
cp ${../../modules/misc/nixos.xml} configuration/nixos.xml
|
||||
ln -s ${optionsDocBook} options-db.xml
|
||||
echo "${version}" > version
|
||||
|
@ -104,6 +104,15 @@ nginx.override {
|
||||
You can (still) use the <literal>html-tidy</literal> package, which got updated
|
||||
to a stable release from this new upstream.</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para><literal>extraDeviceOptions</literal> argument is removed
|
||||
from <literal>bumblebee</literal> package. Instead there are
|
||||
now two separate arguments: <literal>extraNvidiaDeviceOptions</literal>
|
||||
and <literal>extraNouveauDeviceOptions</literal> for setting
|
||||
extra X11 options for nvidia and nouveau drivers, respectively.
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
|
||||
</section>
|
||||
|
@ -96,6 +96,15 @@ in
|
||||
example = "http://127.0.0.1:3128";
|
||||
};
|
||||
|
||||
allProxy = lib.mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = cfg.proxy.default;
|
||||
description = ''
|
||||
This option specifies the all_proxy environment variable.
|
||||
'';
|
||||
example = "http://127.0.0.1:3128";
|
||||
};
|
||||
|
||||
noProxy = lib.mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
@ -183,6 +192,8 @@ in
|
||||
rsync_proxy = cfg.proxy.rsyncProxy;
|
||||
} // optionalAttrs (cfg.proxy.ftpProxy != null) {
|
||||
ftp_proxy = cfg.proxy.ftpProxy;
|
||||
} // optionalAttrs (cfg.proxy.allProxy != null) {
|
||||
all_proxy = cfg.proxy.allProxy;
|
||||
} // optionalAttrs (cfg.proxy.noProxy != null) {
|
||||
no_proxy = cfg.proxy.noProxy;
|
||||
};
|
||||
|
@ -237,6 +237,7 @@
|
||||
calibre-server = 213;
|
||||
heapster = 214;
|
||||
bepasty = 215;
|
||||
pumpio = 216;
|
||||
|
||||
# When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399!
|
||||
|
||||
@ -451,6 +452,7 @@
|
||||
xtreemfs = 212;
|
||||
calibre-server = 213;
|
||||
bepasty = 215;
|
||||
pumpio = 216;
|
||||
|
||||
# When adding a gid, make sure it doesn't match an existing
|
||||
# uid. Users and groups with the same name should have equal
|
||||
|
@ -80,6 +80,7 @@
|
||||
./programs/xfs_quota.nix
|
||||
./programs/zsh/zsh.nix
|
||||
./rename.nix
|
||||
./security/acme.nix
|
||||
./security/apparmor.nix
|
||||
./security/apparmor-suid.nix
|
||||
./security/ca.nix
|
||||
@ -312,6 +313,7 @@
|
||||
./services/networking/lambdabot.nix
|
||||
./services/networking/mailpile.nix
|
||||
./services/networking/minidlna.nix
|
||||
./services/networking/miniupnpd.nix
|
||||
./services/networking/mstpd.nix
|
||||
./services/networking/murmur.nix
|
||||
./services/networking/namecoind.nix
|
||||
@ -342,6 +344,7 @@
|
||||
./services/networking/searx.nix
|
||||
./services/networking/seeks.nix
|
||||
./services/networking/skydns.nix
|
||||
./services/networking/shairport-sync.nix
|
||||
./services/networking/shout.nix
|
||||
./services/networking/softether.nix
|
||||
./services/networking/spiped.nix
|
||||
@ -401,6 +404,7 @@
|
||||
./services/ttys/agetty.nix
|
||||
./services/ttys/gpm.nix
|
||||
./services/ttys/kmscon.nix
|
||||
./services/web-apps/pump.io.nix
|
||||
./services/web-servers/apache-httpd/default.nix
|
||||
./services/web-servers/fcgiwrap.nix
|
||||
./services/web-servers/jboss/default.nix
|
||||
@ -506,6 +510,7 @@
|
||||
./virtualisation/amazon-options.nix
|
||||
./virtualisation/openvswitch.nix
|
||||
./virtualisation/parallels-guest.nix
|
||||
./virtualisation/rkt.nix
|
||||
./virtualisation/virtualbox-guest.nix
|
||||
./virtualisation/virtualbox-host.nix
|
||||
./virtualisation/vmware-guest.nix
|
||||
|
202
nixos/modules/security/acme.nix
Normal file
202
nixos/modules/security/acme.nix
Normal file
@ -0,0 +1,202 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
|
||||
cfg = config.security.acme;
|
||||
|
||||
certOpts = { ... }: {
|
||||
options = {
|
||||
webroot = mkOption {
|
||||
type = types.str;
|
||||
description = ''
|
||||
Where the webroot of the HTTP vhost is located.
|
||||
<filename>.well-known/acme-challenge/</filename> directory
|
||||
will be created automatically if it doesn't exist.
|
||||
<literal>http://example.org/.well-known/acme-challenge/</literal> must also
|
||||
be available (notice unencrypted HTTP).
|
||||
'';
|
||||
};
|
||||
|
||||
email = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
description = "Contact email address for the CA to be able to reach you.";
|
||||
};
|
||||
|
||||
user = mkOption {
|
||||
type = types.str;
|
||||
default = "root";
|
||||
description = "User running the ACME client.";
|
||||
};
|
||||
|
||||
group = mkOption {
|
||||
type = types.str;
|
||||
default = "root";
|
||||
description = "Group running the ACME client.";
|
||||
};
|
||||
|
||||
postRun = mkOption {
|
||||
type = types.lines;
|
||||
default = "";
|
||||
example = "systemctl reload nginx.service";
|
||||
description = ''
|
||||
Commands to run after certificates are re-issued. Typically
|
||||
the web server and other servers using certificates need to
|
||||
be reloaded.
|
||||
'';
|
||||
};
|
||||
|
||||
plugins = mkOption {
|
||||
type = types.listOf (types.enum [
|
||||
"cert.der" "cert.pem" "chain.der" "chain.pem" "external_pem.sh"
|
||||
"fullchain.der" "fullchain.pem" "key.der" "key.pem" "account_key.json"
|
||||
]);
|
||||
default = [ "fullchain.pem" "key.pem" "account_key.json" ];
|
||||
description = ''
|
||||
Plugins to enable. With default settings simp_le will
|
||||
store public certificate bundle in <filename>fullchain.pem</filename>
|
||||
and private key in <filename>key.pem</filename> in its state directory.
|
||||
'';
|
||||
};
|
||||
|
||||
extraDomains = mkOption {
|
||||
type = types.attrsOf (types.nullOr types.str);
|
||||
default = {};
|
||||
example = {
|
||||
"example.org" = "/srv/http/nginx";
|
||||
"mydomain.org" = null;
|
||||
};
|
||||
description = ''
|
||||
Extra domain names for which certificates are to be issued, with their
|
||||
own server roots if needed.
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
in
|
||||
|
||||
{
|
||||
|
||||
###### interface
|
||||
|
||||
options = {
|
||||
security.acme = {
|
||||
directory = mkOption {
|
||||
default = "/var/lib/acme";
|
||||
type = types.str;
|
||||
description = ''
|
||||
Directory where certs and other state will be stored by default.
|
||||
'';
|
||||
};
|
||||
|
||||
validMin = mkOption {
|
||||
type = types.int;
|
||||
default = 30 * 24 * 3600;
|
||||
description = "Minimum remaining validity before renewal in seconds.";
|
||||
};
|
||||
|
||||
renewInterval = mkOption {
|
||||
type = types.str;
|
||||
default = "weekly";
|
||||
description = ''
|
||||
Systemd calendar expression when to check for renewal. See
|
||||
<citerefentry><refentrytitle>systemd.time</refentrytitle>
|
||||
<manvolnum>5</manvolnum></citerefentry>.
|
||||
'';
|
||||
};
|
||||
|
||||
certs = mkOption {
|
||||
default = { };
|
||||
type = types.loaOf types.optionSet;
|
||||
description = ''
|
||||
Attribute set of certificates to get signed and renewed.
|
||||
'';
|
||||
options = [ certOpts ];
|
||||
example = {
|
||||
"example.com" = {
|
||||
webroot = "/var/www/challenges/";
|
||||
email = "foo@example.com";
|
||||
extraDomains = { "www.example.com" = null; "foo.example.com" = "/var/www/foo/"; };
|
||||
};
|
||||
"bar.example.com" = {
|
||||
webroot = "/var/www/challenges/";
|
||||
email = "bar@example.com";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
###### implementation
|
||||
config = mkMerge [
|
||||
(mkIf (cfg.certs != { }) {
|
||||
|
||||
systemd.services = flip mapAttrs' cfg.certs (cert: data:
|
||||
let
|
||||
cpath = "${cfg.directory}/${cert}";
|
||||
cmdline = [ "-v" "-d" cert "--default_root" data.webroot "--valid_min" cfg.validMin ]
|
||||
++ optionals (data.email != null) [ "--email" data.email ]
|
||||
++ concatMap (p: [ "-f" p ]) data.plugins
|
||||
++ concatLists (mapAttrsToList (name: root: [ "-d" (if root == null then name else "${name}:${root}")]) data.extraDomains);
|
||||
|
||||
in nameValuePair
|
||||
("acme-${cert}")
|
||||
({
|
||||
description = "ACME cert renewal for ${cert} using simp_le";
|
||||
after = [ "network.target" ];
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
SuccessExitStatus = [ "0" "1" ];
|
||||
PermissionsStartOnly = true;
|
||||
User = data.user;
|
||||
Group = data.group;
|
||||
PrivateTmp = true;
|
||||
};
|
||||
path = [ pkgs.simp_le ];
|
||||
preStart = ''
|
||||
mkdir -p '${cfg.directory}'
|
||||
if [ ! -d '${cpath}' ]; then
|
||||
mkdir -m 700 '${cpath}'
|
||||
chown '${data.user}:${data.group}' '${cpath}'
|
||||
fi
|
||||
'';
|
||||
script = ''
|
||||
cd '${cpath}'
|
||||
set +e
|
||||
simp_le ${concatMapStringsSep " " (arg: escapeShellArg (toString arg)) cmdline}
|
||||
EXITCODE=$?
|
||||
set -e
|
||||
echo "$EXITCODE" > /tmp/lastExitCode
|
||||
exit "$EXITCODE"
|
||||
'';
|
||||
postStop = ''
|
||||
if [ -e /tmp/lastExitCode ] && [ "$(cat /tmp/lastExitCode)" = "0" ]; then
|
||||
echo "Executing postRun hook..."
|
||||
${data.postRun}
|
||||
fi
|
||||
'';
|
||||
})
|
||||
);
|
||||
|
||||
systemd.timers = flip mapAttrs' cfg.certs (cert: data: nameValuePair
|
||||
("acme-${cert}")
|
||||
({
|
||||
description = "timer for ACME cert renewal of ${cert}";
|
||||
wantedBy = [ "timers.target" ];
|
||||
timerConfig = {
|
||||
OnCalendar = cfg.renewInterval;
|
||||
Unit = "acme-${cert}.service";
|
||||
};
|
||||
})
|
||||
);
|
||||
})
|
||||
|
||||
{ meta.maintainers = with lib.maintainers; [ abbradar fpletz globin ];
|
||||
meta.doc = ./acme.xml;
|
||||
}
|
||||
];
|
||||
|
||||
}
|
69
nixos/modules/security/acme.xml
Normal file
69
nixos/modules/security/acme.xml
Normal file
@ -0,0 +1,69 @@
|
||||
<chapter xmlns="http://docbook.org/ns/docbook"
|
||||
xmlns:xlink="http://www.w3.org/1999/xlink"
|
||||
xmlns:xi="http://www.w3.org/2001/XInclude"
|
||||
version="5.0"
|
||||
xml:id="module-security-acme">
|
||||
|
||||
<title>SSL/TLS Certificates with ACME</title>
|
||||
|
||||
<para>NixOS supports automatic domain validation & certificate
|
||||
retrieval and renewal using the ACME protocol. This is currently only
|
||||
implemented by and for Let's Encrypt. The alternative ACME client
|
||||
<literal>simp_le</literal> is used under the hood.</para>
|
||||
|
||||
<section><title>Prerequisites</title>
|
||||
|
||||
<para>You need to have a running HTTP server for verification. The server must
|
||||
have a webroot defined that can serve
|
||||
<filename>.well-known/acme-challenge</filename>. This directory must be
|
||||
writeable by the user that will run the ACME client.</para>
|
||||
|
||||
<para>For instance, this generic snippet could be used for Nginx:
|
||||
|
||||
<programlisting>
|
||||
http {
|
||||
server {
|
||||
server_name _;
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
|
||||
location /.well-known/acme-challenge {
|
||||
root /var/www/challenges;
|
||||
}
|
||||
|
||||
location / {
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
}
|
||||
}
|
||||
</programlisting>
|
||||
</para>
|
||||
|
||||
</section>
|
||||
|
||||
<section><title>Configuring</title>
|
||||
|
||||
<para>To enable ACME certificate retrieval & renewal for a certificate for
|
||||
<literal>foo.example.com</literal>, add the following in your
|
||||
<filename>configuration.nix</filename>:
|
||||
|
||||
<programlisting>
|
||||
security.acme.certs."foo.example.com" = {
|
||||
webroot = "/var/www/challenges";
|
||||
email = "foo@example.com";
|
||||
};
|
||||
</programlisting>
|
||||
</para>
|
||||
|
||||
<para>The private key <filename>key.pem</filename> and certificate
|
||||
<filename>fullchain.pem</filename> will be put into
|
||||
<filename>/var/lib/acme/foo.example.com</filename>. The target directory can
|
||||
be configured with the option <literal>security.acme.directory</literal>.
|
||||
</para>
|
||||
|
||||
<para>Refer to <xref linkend="ch-options" /> for all available configuration
|
||||
options for the <literal>security.acme</literal> module.</para>
|
||||
|
||||
</section>
|
||||
|
||||
</chapter>
|
@ -65,7 +65,7 @@ in {
|
||||
type = types.str;
|
||||
description = ''
|
||||
Verbatim configuration file contents.
|
||||
See http://www.rabbitmq.com/configure.htm
|
||||
See http://www.rabbitmq.com/configure.html
|
||||
'';
|
||||
};
|
||||
|
||||
|
@ -124,7 +124,7 @@ in {
|
||||
|
||||
assertions = [
|
||||
{ assertion = cfg.databasePassword != "";
|
||||
message = "databasePassword must be set";
|
||||
message = "services.redmine.databasePassword must be set";
|
||||
}
|
||||
];
|
||||
|
||||
|
@ -73,29 +73,28 @@ in
|
||||
###### implementation
|
||||
|
||||
config = mkIf config.services.cntlm.enable {
|
||||
|
||||
systemd.services.cntlm = {
|
||||
description = "CNTLM is an NTLM / NTLM Session Response / NTLMv2 authenticating HTTP proxy";
|
||||
after = [ "network.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
Type = "forking";
|
||||
User = "cntlm";
|
||||
ExecStart = ''
|
||||
${pkgs.cntlm}/bin/cntlm -U cntlm \
|
||||
-c ${pkgs.writeText "cntlm_config" cfg.extraConfig}
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
services.cntlm.netbios_hostname = mkDefault config.networking.hostName;
|
||||
|
||||
users.extraUsers = singleton {
|
||||
users.extraUsers.cntlm = {
|
||||
name = "cntlm";
|
||||
description = "cntlm system-wide daemon";
|
||||
home = "/var/empty";
|
||||
};
|
||||
|
||||
jobs.cntlm =
|
||||
{ description = "CNTLM is an NTLM / NTLM Session Response / NTLMv2 authenticating HTTP proxy";
|
||||
|
||||
startOn = "started network-interfaces";
|
||||
|
||||
daemonType = "fork";
|
||||
|
||||
exec =
|
||||
''
|
||||
${pkgs.cntlm}/bin/cntlm -U cntlm \
|
||||
-c ${pkgs.writeText "cntlm_config" cfg.extraConfig}
|
||||
'';
|
||||
};
|
||||
|
||||
services.cntlm.extraConfig =
|
||||
''
|
||||
# Cntlm Authentication Proxy Configuration
|
||||
@ -108,8 +107,7 @@ in
|
||||
${concatMapStrings (port: ''
|
||||
Listen ${toString port}
|
||||
'') cfg.port}
|
||||
'';
|
||||
|
||||
'';
|
||||
};
|
||||
|
||||
}
|
||||
|
@ -18,7 +18,7 @@ let
|
||||
password=${config.services.ddclient.password}
|
||||
protocol=${config.services.ddclient.protocol}
|
||||
server=${config.services.ddclient.server}
|
||||
ssl=${if config.services.ddclient.ssl then "yes" else "yes"}
|
||||
ssl=${if config.services.ddclient.ssl then "yes" else "no"}
|
||||
wildcard=YES
|
||||
${config.services.ddclient.domain}
|
||||
${config.services.ddclient.extraConfig}
|
||||
|
@ -53,11 +53,13 @@ in
|
||||
default = false;
|
||||
description = ''
|
||||
Enable putting a wireless interface into infrastructure mode,
|
||||
allowing other wireless devices to associate with the wireless interface and do
|
||||
wireless networking. A simple access point will enable hostapd.wpa, and
|
||||
hostapd.wpa_passphrase, hostapd.ssid, dhcpd on the wireless interface to
|
||||
provide IP addresses to the associated stations, and nat (from the wireless
|
||||
interface to an upstream interface).
|
||||
allowing other wireless devices to associate with the wireless
|
||||
interface and do wireless networking. A simple access point will
|
||||
<option>enable hostapd.wpa</option>,
|
||||
<option>hostapd.wpaPassphrase</option>, and
|
||||
<option>hostapd.ssid</option>, as well as DHCP on the wireless
|
||||
interface to provide IP addresses to the associated stations, and
|
||||
NAT (from the wireless interface to an upstream interface).
|
||||
'';
|
||||
};
|
||||
|
||||
@ -73,7 +75,10 @@ in
|
||||
default = "nl80211";
|
||||
example = "hostapd";
|
||||
type = types.string;
|
||||
description = "Which driver hostapd will use. Most things will probably use the default.";
|
||||
description = ''
|
||||
Which driver <command>hostapd</command> will use.
|
||||
Most applications will probably use the default.
|
||||
'';
|
||||
};
|
||||
|
||||
ssid = mkOption {
|
||||
@ -87,7 +92,10 @@ in
|
||||
default = "b";
|
||||
example = "g";
|
||||
type = types.string;
|
||||
description = "Operation mode (a = IEEE 802.11a, b = IEEE 802.11b, g = IEEE 802.11g";
|
||||
description = ''
|
||||
Operation mode.
|
||||
(a = IEEE 802.11a, b = IEEE 802.11b, g = IEEE 802.11g).
|
||||
'';
|
||||
};
|
||||
|
||||
channel = mkOption {
|
||||
@ -97,8 +105,9 @@ in
|
||||
description =
|
||||
''
|
||||
Channel number (IEEE 802.11)
|
||||
Please note that some drivers do not use this value from hostapd and the
|
||||
channel will need to be configured separately with iwconfig.
|
||||
Please note that some drivers do not use this value from
|
||||
<command>hostapd</command> and the channel will need to be configured
|
||||
separately with <command>iwconfig</command>.
|
||||
'';
|
||||
};
|
||||
|
||||
@ -106,12 +115,16 @@ in
|
||||
default = "wheel";
|
||||
example = "network";
|
||||
type = types.string;
|
||||
description = "members of this group can control hostapd";
|
||||
description = ''
|
||||
Members of this group can control <command>hostapd</command>.
|
||||
'';
|
||||
};
|
||||
|
||||
wpa = mkOption {
|
||||
default = true;
|
||||
description = "enable WPA (IEEE 802.11i/D3.0) to authenticate to the access point";
|
||||
description = ''
|
||||
Enable WPA (IEEE 802.11i/D3.0) to authenticate with the access point.
|
||||
'';
|
||||
};
|
||||
|
||||
wpaPassphrase = mkOption {
|
||||
@ -121,8 +134,9 @@ in
|
||||
description =
|
||||
''
|
||||
WPA-PSK (pre-shared-key) passphrase. Clients will need this
|
||||
passphrase to associate with this access point. Warning: This passphrase will
|
||||
get put into a world-readable file in the nix store.
|
||||
passphrase to associate with this access point.
|
||||
Warning: This passphrase will get put into a world-readable file in
|
||||
the Nix store!
|
||||
'';
|
||||
};
|
||||
|
||||
@ -134,7 +148,7 @@ in
|
||||
ht_capab=[HT40-][SHORT-GI-40][DSSS_CCK-40]
|
||||
'';
|
||||
type = types.string;
|
||||
description = "Extra configuration options to put in the hostapd.conf";
|
||||
description = "Extra configuration options to put in hostapd.conf.";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
99
nixos/modules/services/networking/miniupnpd.nix
Normal file
99
nixos/modules/services/networking/miniupnpd.nix
Normal file
@ -0,0 +1,99 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.miniupnpd;
|
||||
configFile = pkgs.writeText "miniupnpd.conf" ''
|
||||
ext_ifname=${cfg.externalInterface}
|
||||
enable_natpmp=${if cfg.natpmp then "yes" else "no"}
|
||||
enable_upnp=${if cfg.upnp then "yes" else "no"}
|
||||
|
||||
${concatMapStrings (range: ''
|
||||
listening_ip=${range}
|
||||
'') cfg.internalIPs}
|
||||
|
||||
${cfg.appendConfig}
|
||||
'';
|
||||
in
|
||||
{
|
||||
options = {
|
||||
services.miniupnpd = {
|
||||
enable = mkEnableOption "MiniUPnP daemon";
|
||||
|
||||
externalInterface = mkOption {
|
||||
type = types.str;
|
||||
description = ''
|
||||
Name of the external interface.
|
||||
'';
|
||||
};
|
||||
|
||||
internalIPs = mkOption {
|
||||
type = types.listOf types.str;
|
||||
example = [ "192.168.1.1/24" "enp1s0" ];
|
||||
description = ''
|
||||
The IP address ranges to listen on.
|
||||
'';
|
||||
};
|
||||
|
||||
natpmp = mkEnableOption "NAT-PMP support";
|
||||
|
||||
upnp = mkOption {
|
||||
default = true;
|
||||
type = types.bool;
|
||||
description = ''
|
||||
Whether to enable UPNP support.
|
||||
'';
|
||||
};
|
||||
|
||||
appendConfig = mkOption {
|
||||
type = types.lines;
|
||||
default = "";
|
||||
description = ''
|
||||
Configuration lines appended to the MiniUPnP config.
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
# from miniupnpd/netfilter/iptables_init.sh
|
||||
networking.firewall.extraCommands = ''
|
||||
iptables -t nat -N MINIUPNPD
|
||||
iptables -t nat -A PREROUTING -i ${cfg.externalInterface} -j MINIUPNPD
|
||||
iptables -t mangle -N MINIUPNPD
|
||||
iptables -t mangle -A PREROUTING -i ${cfg.externalInterface} -j MINIUPNPD
|
||||
iptables -t filter -N MINIUPNPD
|
||||
iptables -t filter -A FORWARD -i ${cfg.externalInterface} ! -o ${cfg.externalInterface} -j MINIUPNPD
|
||||
iptables -t nat -N MINIUPNPD-PCP-PEER
|
||||
iptables -t nat -A POSTROUTING -o ${cfg.externalInterface} -j MINIUPNPD-PCP-PEER
|
||||
'';
|
||||
|
||||
# from miniupnpd/netfilter/iptables_removeall.sh
|
||||
networking.firewall.extraStopCommands = ''
|
||||
iptables -t nat -F MINIUPNPD
|
||||
iptables -t nat -D PREROUTING -i ${cfg.externalInterface} -j MINIUPNPD
|
||||
iptables -t nat -X MINIUPNPD
|
||||
iptables -t mangle -F MINIUPNPD
|
||||
iptables -t mangle -D PREROUTING -i ${cfg.externalInterface} -j MINIUPNPD
|
||||
iptables -t mangle -X MINIUPNPD
|
||||
iptables -t filter -F MINIUPNPD
|
||||
iptables -t filter -D FORWARD -i ${cfg.externalInterface} ! -o ${cfg.externalInterface} -j MINIUPNPD
|
||||
iptables -t filter -X MINIUPNPD
|
||||
iptables -t nat -F MINIUPNPD-PCP-PEER
|
||||
iptables -t nat -D POSTROUTING -o ${cfg.externalInterface} -j MINIUPNPD-PCP-PEER
|
||||
iptables -t nat -X MINIUPNPD-PCP-PEER
|
||||
'';
|
||||
|
||||
systemd.services.miniupnpd = {
|
||||
description = "MiniUPnP daemon";
|
||||
after = [ "network.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
ExecStart = "${pkgs.miniupnpd}/bin/miniupnpd -f ${configFile}";
|
||||
PIDFile = "/var/run/miniupnpd.pid";
|
||||
Type = "forking";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
80
nixos/modules/services/networking/shairport-sync.nix
Normal file
80
nixos/modules/services/networking/shairport-sync.nix
Normal file
@ -0,0 +1,80 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
|
||||
cfg = config.services.shairport-sync;
|
||||
|
||||
in
|
||||
|
||||
{
|
||||
|
||||
###### interface
|
||||
|
||||
options = {
|
||||
|
||||
services.shairport-sync = {
|
||||
|
||||
enable = mkOption {
|
||||
default = false;
|
||||
description = ''
|
||||
Enable the shairport-sync daemon.
|
||||
|
||||
Running with a local system-wide or remote pulseaudio server
|
||||
is recommended.
|
||||
'';
|
||||
};
|
||||
|
||||
arguments = mkOption {
|
||||
default = "-v -o pulse";
|
||||
description = ''
|
||||
Arguments to pass to the daemon. Defaults to a local pulseaudio
|
||||
server.
|
||||
'';
|
||||
};
|
||||
|
||||
user = mkOption {
|
||||
default = "shairport";
|
||||
description = ''
|
||||
User account name under which to run shairport-sync. The account
|
||||
will be created.
|
||||
'';
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
|
||||
###### implementation
|
||||
|
||||
config = mkIf config.services.shairport-sync.enable {
|
||||
|
||||
services.avahi.enable = true;
|
||||
|
||||
users.extraUsers = singleton
|
||||
{ name = cfg.user;
|
||||
description = "Shairport user";
|
||||
isSystemUser = true;
|
||||
createHome = true;
|
||||
home = "/var/lib/shairport-sync";
|
||||
extraGroups = [ "audio" ] ++ optional config.hardware.pulseaudio.enable "pulse";
|
||||
};
|
||||
|
||||
systemd.services.shairport-sync =
|
||||
{
|
||||
description = "shairport-sync";
|
||||
after = [ "network.target" "avahi-daemon.service" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
User = cfg.user;
|
||||
ExecStart = "${pkgs.shairport-sync}/bin/shairport-sync ${cfg.arguments}";
|
||||
};
|
||||
};
|
||||
|
||||
environment.systemPackages = [ pkgs.shairport-sync ];
|
||||
|
||||
};
|
||||
|
||||
}
|
@ -57,7 +57,7 @@ in {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
wants = [ "network-online.target" ];
|
||||
after = [ "network-online.target" ];
|
||||
preStart = if isNull cfg.configFile then null
|
||||
preStart = if isNull cfg.configFile then ""
|
||||
else ''
|
||||
ln -sf ${pkgs.writeText "config.js" cfg.configFile} \
|
||||
${shoutHome}/config.js
|
||||
|
@ -3,78 +3,115 @@ with lib;
|
||||
let
|
||||
clamavUser = "clamav";
|
||||
stateDir = "/var/lib/clamav";
|
||||
runDir = "/var/run/clamav";
|
||||
logDir = "/var/log/clamav";
|
||||
clamavGroup = clamavUser;
|
||||
cfg = config.services.clamav;
|
||||
clamdConfigFile = pkgs.writeText "clamd.conf" ''
|
||||
DatabaseDirectory ${stateDir}
|
||||
LocalSocket ${runDir}/clamd.ctl
|
||||
LogFile ${logDir}/clamav.log
|
||||
PidFile ${runDir}/clamd.pid
|
||||
User clamav
|
||||
|
||||
${cfg.daemon.extraConfig}
|
||||
'';
|
||||
in
|
||||
{
|
||||
###### interface
|
||||
|
||||
options = {
|
||||
|
||||
services.clamav = {
|
||||
daemon = {
|
||||
enable = mkEnableOption "clamd daemon";
|
||||
|
||||
extraConfig = mkOption {
|
||||
type = types.lines;
|
||||
default = "";
|
||||
description = ''
|
||||
Extra configuration for clamd. Contents will be added verbatim to the
|
||||
configuration file.
|
||||
'';
|
||||
};
|
||||
};
|
||||
updater = {
|
||||
enable = mkOption {
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to enable automatic ClamAV virus definitions database updates.
|
||||
'';
|
||||
};
|
||||
enable = mkEnableOption "freshclam updater";
|
||||
|
||||
frequency = mkOption {
|
||||
default = 12;
|
||||
description = ''
|
||||
Number of database checks per day.
|
||||
'';
|
||||
};
|
||||
frequency = mkOption {
|
||||
default = 12;
|
||||
description = ''
|
||||
Number of database checks per day.
|
||||
'';
|
||||
};
|
||||
|
||||
config = mkOption {
|
||||
default = "";
|
||||
description = ''
|
||||
Extra configuration for freshclam. Contents will be added verbatim to the
|
||||
configuration file.
|
||||
'';
|
||||
};
|
||||
config = mkOption {
|
||||
default = "";
|
||||
description = ''
|
||||
Extra configuration for freshclam. Contents will be added verbatim to the
|
||||
configuration file.
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
###### implementation
|
||||
|
||||
config = mkIf cfg.updater.enable {
|
||||
config = mkIf cfg.updater.enable or cfg.daemon.enable {
|
||||
environment.systemPackages = [ pkgs.clamav ];
|
||||
users.extraUsers = singleton
|
||||
{ name = clamavUser;
|
||||
uid = config.ids.uids.clamav;
|
||||
description = "ClamAV daemon user";
|
||||
home = stateDir;
|
||||
};
|
||||
users.extraUsers = singleton {
|
||||
name = clamavUser;
|
||||
uid = config.ids.uids.clamav;
|
||||
description = "ClamAV daemon user";
|
||||
home = stateDir;
|
||||
};
|
||||
|
||||
users.extraGroups = singleton
|
||||
{ name = clamavGroup;
|
||||
gid = config.ids.gids.clamav;
|
||||
};
|
||||
users.extraGroups = singleton {
|
||||
name = clamavGroup;
|
||||
gid = config.ids.gids.clamav;
|
||||
};
|
||||
|
||||
services.clamav.updater.config = ''
|
||||
services.clamav.updater.config = mkIf cfg.updater.enable ''
|
||||
DatabaseDirectory ${stateDir}
|
||||
Foreground yes
|
||||
Checks ${toString cfg.updater.frequency}
|
||||
DatabaseMirror database.clamav.net
|
||||
'';
|
||||
|
||||
jobs = {
|
||||
clamav_updater = {
|
||||
name = "clamav-updater";
|
||||
startOn = "started network-interfaces";
|
||||
stopOn = "stopping network-interfaces";
|
||||
|
||||
preStart = ''
|
||||
mkdir -m 0755 -p ${stateDir}
|
||||
chown ${clamavUser}:${clamavGroup} ${stateDir}
|
||||
'';
|
||||
exec = "${pkgs.clamav}/bin/freshclam --daemon --config-file=${pkgs.writeText "freshclam.conf" cfg.updater.config}";
|
||||
};
|
||||
systemd.services.clamd = mkIf cfg.daemon.enable {
|
||||
description = "ClamAV daemon (clamd)";
|
||||
path = [ pkgs.clamav ];
|
||||
after = [ "network.target" "freshclam.service" ];
|
||||
requires = [ "freshclam.service" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
preStart = ''
|
||||
mkdir -m 0755 -p ${logDir}
|
||||
mkdir -m 0755 -p ${runDir}
|
||||
chown ${clamavUser}:${clamavGroup} ${logDir}
|
||||
chown ${clamavUser}:${clamavGroup} ${runDir}
|
||||
'';
|
||||
serviceConfig = {
|
||||
ExecStart = "${pkgs.clamav}/bin/clamd --config-file=${clamdConfigFile}";
|
||||
Type = "forking";
|
||||
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
|
||||
Restart = "on-failure";
|
||||
RestartSec = "10s";
|
||||
StartLimitInterval = "1min";
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.freshclam = mkIf cfg.updater.enable {
|
||||
description = "ClamAV updater (freshclam)";
|
||||
after = [ "network.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
path = [ pkgs.clamav ];
|
||||
preStart = ''
|
||||
mkdir -m 0755 -p ${stateDir}
|
||||
chown ${clamavUser}:${clamavGroup} ${stateDir}
|
||||
'';
|
||||
serviceConfig = {
|
||||
ExecStart = "${pkgs.clamav}/bin/freshclam --daemon --config-file=${pkgs.writeText "freshclam.conf" cfg.updater.config}";
|
||||
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
|
||||
Restart = "on-failure";
|
||||
RestartSec = "10s";
|
||||
StartLimitInterval = "1min";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
}
|
||||
|
@ -113,21 +113,26 @@ in
|
||||
#include <abstractions/base>
|
||||
#include <abstractions/nameservice>
|
||||
|
||||
${pkgs.glibc}/lib/*.so mr,
|
||||
${pkgs.libevent}/lib/libevent*.so* mr,
|
||||
${pkgs.curl}/lib/libcurl*.so* mr,
|
||||
${pkgs.openssl}/lib/libssl*.so* mr,
|
||||
${pkgs.openssl}/lib/libcrypto*.so* mr,
|
||||
${pkgs.zlib}/lib/libz*.so* mr,
|
||||
${pkgs.libssh2}/lib/libssh2*.so* mr,
|
||||
${pkgs.systemd}/lib/libsystemd*.so* mr,
|
||||
${pkgs.xz}/lib/liblzma*.so* mr,
|
||||
${pkgs.libgcrypt}/lib/libgcrypt*.so* mr,
|
||||
${pkgs.glibc}/lib/*.so mr,
|
||||
${pkgs.libevent}/lib/libevent*.so* mr,
|
||||
${pkgs.curl}/lib/libcurl*.so* mr,
|
||||
${pkgs.openssl}/lib/libssl*.so* mr,
|
||||
${pkgs.openssl}/lib/libcrypto*.so* mr,
|
||||
${pkgs.zlib}/lib/libz*.so* mr,
|
||||
${pkgs.libssh2}/lib/libssh2*.so* mr,
|
||||
${pkgs.systemd}/lib/libsystemd*.so* mr,
|
||||
${pkgs.xz}/lib/liblzma*.so* mr,
|
||||
${pkgs.libgcrypt}/lib/libgcrypt*.so* mr,
|
||||
${pkgs.libgpgerror}/lib/libgpg-error*.so* mr,
|
||||
${pkgs.libnghttp2}/lib/libnghttp2*.so* mr,
|
||||
${pkgs.c-ares}/lib/libcares*.so* mr,
|
||||
${pkgs.libcap}/lib/libcap*.so* mr,
|
||||
${pkgs.attr}/lib/libattr*.so* mr,
|
||||
|
||||
@{PROC}/sys/kernel/random/uuid r,
|
||||
@{PROC}/sys/vm/overcommit_memory r,
|
||||
|
||||
${pkgs.openssl}/etc/** r,
|
||||
${pkgs.transmission}/share/transmission/** r,
|
||||
|
||||
owner ${settingsDir}/** rw,
|
||||
|
364
nixos/modules/services/web-apps/pump.io.nix
Normal file
364
nixos/modules/services/web-apps/pump.io.nix
Normal file
@ -0,0 +1,364 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.pumpio;
|
||||
dataDir = "/var/lib/pump.io";
|
||||
user = "pumpio";
|
||||
|
||||
configOptions = {
|
||||
driver = if cfg.driver == "disk" then null else cfg.driver;
|
||||
params = ({ } //
|
||||
(if cfg.driver == "disk" then {
|
||||
dir = dataDir;
|
||||
} else { }) //
|
||||
(if cfg.driver == "mongodb" || cfg.driver == "redis" then {
|
||||
host = cfg.dbHost;
|
||||
port = cfg.dbPort;
|
||||
dbname = cfg.dbName;
|
||||
dbuser = cfg.dbUser;
|
||||
dbpass = cfg.dbPassword;
|
||||
} else { }) //
|
||||
(if cfg.driver == "memcached" then {
|
||||
host = cfg.dbHost;
|
||||
port = cfg.dbPort;
|
||||
} else { }) //
|
||||
cfg.driverParams);
|
||||
|
||||
secret = cfg.secret;
|
||||
|
||||
address = cfg.address;
|
||||
port = cfg.port;
|
||||
|
||||
noweb = false;
|
||||
urlPort = cfg.urlPort;
|
||||
hostname = cfg.hostname;
|
||||
favicon = cfg.favicon;
|
||||
|
||||
site = cfg.site;
|
||||
owner = cfg.owner;
|
||||
ownerURL = cfg.ownerURL;
|
||||
|
||||
key = cfg.sslKey;
|
||||
cert = cfg.sslCert;
|
||||
bounce = false;
|
||||
|
||||
spamhost = cfg.spamHost;
|
||||
spamclientid = cfg.spamClientId;
|
||||
spamclientsecret = cfg.spamClientSecret;
|
||||
|
||||
requireEmail = cfg.requireEmail;
|
||||
smtpserver = cfg.smtpHost;
|
||||
smtpport = cfg.smtpPort;
|
||||
smtpuser = cfg.smtpUser;
|
||||
smtppass = cfg.smtpPassword;
|
||||
smtpusessl = cfg.smtpUseSSL;
|
||||
smtpfrom = cfg.smtpFrom;
|
||||
|
||||
nologger = false;
|
||||
uploaddir = "${dataDir}/uploads";
|
||||
debugClient = false;
|
||||
firehose = cfg.firehose;
|
||||
disableRegistration = cfg.disableRegistration;
|
||||
} //
|
||||
(if cfg.port < 1024 then {
|
||||
serverUser = user; # have pump.io listen then drop privileges
|
||||
} else { }) //
|
||||
cfg.extraConfig;
|
||||
|
||||
in
|
||||
|
||||
{
|
||||
options = {
|
||||
|
||||
services.pumpio = {
|
||||
|
||||
enable = mkEnableOption "Pump.io social streams server";
|
||||
|
||||
secret = mkOption {
|
||||
type = types.str;
|
||||
example = "my dog has fleas";
|
||||
description = ''
|
||||
A session-generating secret, server-wide password. Warning:
|
||||
this is stored in cleartext in the Nix store!
|
||||
'';
|
||||
};
|
||||
|
||||
site = mkOption {
|
||||
type = types.str;
|
||||
example = "Awesome Sauce";
|
||||
description = "Name of the server";
|
||||
};
|
||||
|
||||
owner = mkOption {
|
||||
type = types.str;
|
||||
default = "";
|
||||
example = "Awesome Inc.";
|
||||
description = "Name of owning entity, if you want to link to it.";
|
||||
};
|
||||
|
||||
ownerURL = mkOption {
|
||||
type = types.str;
|
||||
default = "";
|
||||
example = "https://pump.io";
|
||||
description = "URL of owning entity, if you want to link to it.";
|
||||
};
|
||||
|
||||
address = mkOption {
|
||||
type = types.str;
|
||||
default = "localhost";
|
||||
description = ''
|
||||
Web server listen address.
|
||||
'';
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
type = types.int;
|
||||
default = 31337;
|
||||
description = ''
|
||||
Port to listen on. Defaults to 31337, which is suitable for
|
||||
running behind a reverse proxy. For a standalone server,
|
||||
use 443.
|
||||
'';
|
||||
};
|
||||
|
||||
hostname = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
description = ''
|
||||
The hostname of the server, used for generating
|
||||
URLs. Defaults to "localhost" which doesn't do much for you.
|
||||
'';
|
||||
};
|
||||
|
||||
urlPort = mkOption {
|
||||
type = types.int;
|
||||
default = 443;
|
||||
description = ''
|
||||
Port to use for generating URLs. This basically has to be
|
||||
either 80 or 443 because the host-meta and Webfinger
|
||||
protocols don't make any provision for HTTP/HTTPS servers
|
||||
running on other ports.
|
||||
'';
|
||||
};
|
||||
|
||||
favicon = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
default = null;
|
||||
description = ''
|
||||
Local filesystem path to the favicon.ico file to use. This
|
||||
will be served as "/favicon.ico" by the server.
|
||||
'';
|
||||
};
|
||||
|
||||
sslKey = mkOption {
|
||||
type = types.path;
|
||||
example = "${dataDir}/myserver.key";
|
||||
default = "";
|
||||
description = ''
|
||||
The path to the server certificate private key. The
|
||||
certificate is required, but it can be self-signed.
|
||||
'';
|
||||
};
|
||||
|
||||
sslCert = mkOption {
|
||||
type = types.path;
|
||||
example = "${dataDir}/myserver.crt";
|
||||
default = "";
|
||||
description = ''
|
||||
The path to the server certificate. The certificate is
|
||||
required, but it can be self-signed.
|
||||
'';
|
||||
};
|
||||
|
||||
firehose = mkOption {
|
||||
type = types.str;
|
||||
default = "ofirehose.com";
|
||||
description = ''
|
||||
Firehose host running the ofirehose software. Defaults to
|
||||
"ofirehose.com". Public notices will be ping this firehose
|
||||
server and from there go out to search engines and the
|
||||
world. If you want to disconnect from the public web, set
|
||||
this to something falsy.
|
||||
'';
|
||||
};
|
||||
|
||||
disableRegistration = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Disables registering new users on the site through the Web
|
||||
or the API.
|
||||
'';
|
||||
};
|
||||
|
||||
requireEmail = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = "Require an e-mail address to register.";
|
||||
};
|
||||
|
||||
extraConfig = mkOption {
|
||||
default = { };
|
||||
description = ''
|
||||
Extra configuration options which are serialized to json and added
|
||||
to the pump.io.json config file.
|
||||
'';
|
||||
};
|
||||
|
||||
driver = mkOption {
|
||||
type = types.enum [ "mongodb" "disk" "lrucache" "memcached" "redis" ];
|
||||
default = "mongodb";
|
||||
description = "Type of database. Corresponds to a nodejs databank driver.";
|
||||
};
|
||||
|
||||
driverParams = mkOption {
|
||||
default = { };
|
||||
description = "Extra parameters for the driver.";
|
||||
};
|
||||
|
||||
dbHost = mkOption {
|
||||
type = types.str;
|
||||
default = "localhost";
|
||||
description = "The database host to connect to.";
|
||||
};
|
||||
|
||||
dbPort = mkOption {
|
||||
type = types.int;
|
||||
default = 27017;
|
||||
description = "The port that the database is listening on.";
|
||||
};
|
||||
|
||||
dbName = mkOption {
|
||||
type = types.str;
|
||||
default = "pumpio";
|
||||
description = "The name of the database to use.";
|
||||
};
|
||||
|
||||
dbUser = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
description = ''
|
||||
The username. Defaults to null, meaning no authentication.
|
||||
'';
|
||||
};
|
||||
|
||||
dbPassword = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
description = ''
|
||||
The password corresponding to dbUser. Warning: this is
|
||||
stored in cleartext in the Nix store!
|
||||
'';
|
||||
};
|
||||
|
||||
smtpHost = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
example = "localhost";
|
||||
description = ''
|
||||
Server to use for sending transactional email. If it's not
|
||||
set up, no email is sent and features like password recovery
|
||||
and email notification won't work.
|
||||
'';
|
||||
};
|
||||
|
||||
smtpPort = mkOption {
|
||||
type = types.int;
|
||||
default = 25;
|
||||
description = ''
|
||||
Port to connect to on SMTP server.
|
||||
'';
|
||||
};
|
||||
|
||||
smtpUser = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
description = ''
|
||||
Username to use to connect to SMTP server. Might not be
|
||||
necessary for some servers.
|
||||
'';
|
||||
};
|
||||
|
||||
smtpPassword = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
description = ''
|
||||
Password to use to connect to SMTP server. Might not be
|
||||
necessary for some servers. Warning: this is stored in
|
||||
cleartext in the Nix store!
|
||||
'';
|
||||
};
|
||||
|
||||
smtpUseSSL = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Only use SSL with the SMTP server. By default, a SSL
|
||||
connection is negotiated using TLS. You may need to change
|
||||
the smtpPort value if you set this.
|
||||
'';
|
||||
};
|
||||
|
||||
smtpFrom = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
description = ''
|
||||
Email address to use in the "From:" header of outgoing
|
||||
notifications. Defaults to 'no-reply@' plus the site
|
||||
hostname.
|
||||
'';
|
||||
};
|
||||
|
||||
spamHost = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
description = ''
|
||||
Host running activityspam software to use to test updates
|
||||
for spam.
|
||||
'';
|
||||
};
|
||||
spamClientId = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
description = "OAuth pair for spam server.";
|
||||
};
|
||||
spamClientSecret = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
description = ''
|
||||
OAuth pair for spam server. Warning: this is
|
||||
stored in cleartext in the Nix store!
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
systemd.services."pump.io" =
|
||||
{ description = "pump.io social network stream server";
|
||||
after = [ "network.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig.ExecStart = "${pkgs.pumpio}/bin/pump -c /etc/pump.io.json";
|
||||
serviceConfig.User = if cfg.port < 1024 then "root" else user;
|
||||
serviceConfig.Group = user;
|
||||
};
|
||||
|
||||
environment.etc."pump.io.json" = {
|
||||
mode = "0440";
|
||||
gid = config.ids.gids.pumpio;
|
||||
text = builtins.toJSON configOptions;
|
||||
};
|
||||
|
||||
users.extraGroups.pumpio.gid = config.ids.gids.pumpio;
|
||||
users.extraUsers.pumpio = {
|
||||
group = "pumpio";
|
||||
uid = config.ids.uids.pumpio;
|
||||
description = "Pump.io user";
|
||||
home = dataDir;
|
||||
createHome = true;
|
||||
};
|
||||
};
|
||||
}
|
@ -8,9 +8,7 @@ let
|
||||
cfg = xcfg.desktopManager.kde5;
|
||||
xorg = pkgs.xorg;
|
||||
|
||||
kf5 = pkgs.kf5_stable;
|
||||
plasma5 = pkgs.plasma5_stable;
|
||||
kdeApps = pkgs.kdeApps_stable;
|
||||
kde5 = pkgs.kde5;
|
||||
|
||||
in
|
||||
|
||||
@ -57,12 +55,12 @@ in
|
||||
services.xserver.desktopManager.session = singleton {
|
||||
name = "kde5";
|
||||
bgSupport = true;
|
||||
start = ''exec ${plasma5.plasma-workspace}/bin/startkde;'';
|
||||
start = ''exec ${kde5.plasma-workspace}/bin/startkde;'';
|
||||
};
|
||||
|
||||
security.setuidOwners = singleton {
|
||||
program = "kcheckpass";
|
||||
source = "${plasma5.plasma-workspace}/lib/libexec/kcheckpass";
|
||||
source = "${kde5.plasma-workspace}/lib/libexec/kcheckpass";
|
||||
owner = "root";
|
||||
group = "root";
|
||||
setuid = true;
|
||||
@ -72,52 +70,62 @@ in
|
||||
[
|
||||
pkgs.qt4 # qtconfig is the only way to set Qt 4 theme
|
||||
|
||||
kf5.frameworkintegration
|
||||
kf5.kinit
|
||||
kde5.frameworkintegration
|
||||
kde5.kinit
|
||||
|
||||
plasma5.breeze
|
||||
plasma5.kde-cli-tools
|
||||
plasma5.kdeplasma-addons
|
||||
plasma5.kgamma5
|
||||
plasma5.khelpcenter
|
||||
plasma5.khotkeys
|
||||
plasma5.kinfocenter
|
||||
plasma5.kmenuedit
|
||||
plasma5.kscreen
|
||||
plasma5.ksysguard
|
||||
plasma5.kwayland
|
||||
plasma5.kwin
|
||||
plasma5.kwrited
|
||||
plasma5.milou
|
||||
plasma5.oxygen
|
||||
plasma5.polkit-kde-agent
|
||||
plasma5.systemsettings
|
||||
kde5.breeze
|
||||
kde5.kde-cli-tools
|
||||
kde5.kdeplasma-addons
|
||||
kde5.kgamma5
|
||||
kde5.khelpcenter
|
||||
kde5.khotkeys
|
||||
kde5.kinfocenter
|
||||
kde5.kmenuedit
|
||||
kde5.kscreen
|
||||
kde5.ksysguard
|
||||
kde5.kwayland
|
||||
kde5.kwin
|
||||
kde5.kwrited
|
||||
kde5.milou
|
||||
kde5.oxygen
|
||||
kde5.polkit-kde-agent
|
||||
kde5.systemsettings
|
||||
|
||||
plasma5.plasma-desktop
|
||||
plasma5.plasma-workspace
|
||||
plasma5.plasma-workspace-wallpapers
|
||||
kde5.plasma-desktop
|
||||
kde5.plasma-workspace
|
||||
kde5.plasma-workspace-wallpapers
|
||||
|
||||
kdeApps.ark
|
||||
kdeApps.dolphin
|
||||
kdeApps.dolphin-plugins
|
||||
kdeApps.ffmpegthumbs
|
||||
kdeApps.gwenview
|
||||
kdeApps.kate
|
||||
kdeApps.kdegraphics-thumbnailers
|
||||
kdeApps.konsole
|
||||
kdeApps.okular
|
||||
kdeApps.print-manager
|
||||
kde5.ark
|
||||
kde5.dolphin
|
||||
kde5.dolphin-plugins
|
||||
kde5.ffmpegthumbs
|
||||
kde5.gwenview
|
||||
kde5.kate
|
||||
kde5.kdegraphics-thumbnailers
|
||||
kde5.konsole
|
||||
kde5.okular
|
||||
kde5.print-manager
|
||||
|
||||
(kdeApps.oxygen-icons or kf5.oxygen-icons5)
|
||||
# Oxygen icons moved to KDE Frameworks 5.16 and later.
|
||||
(kde5.oxygen-icons or kde5.oxygen-icons5)
|
||||
pkgs.hicolor_icon_theme
|
||||
|
||||
plasma5.kde-gtk-config
|
||||
pkgs.orion # GTK theme, nearly identical to Breeze
|
||||
kde5.kde-gtk-config
|
||||
]
|
||||
++ lib.optional config.hardware.bluetooth.enable plasma5.bluedevil
|
||||
++ lib.optional config.networking.networkmanager.enable plasma5.plasma-nm
|
||||
++ lib.optional config.hardware.pulseaudio.enable plasma5.plasma-pa
|
||||
++ lib.optional config.powerManagement.enable plasma5.powerdevil
|
||||
|
||||
# Plasma 5.5 and later has a Breeze GTK theme.
|
||||
# If it is not available, Orion is very similar to Breeze.
|
||||
++ lib.optional (!(lib.hasAttr "breeze-gtk" kde5)) pkgs.orion
|
||||
|
||||
# Install Breeze icons if available
|
||||
++ lib.optional (lib.hasAttr "breeze-icons" kde5) kde5.breeze-icons
|
||||
|
||||
# Optional hardware support features
|
||||
++ lib.optional config.hardware.bluetooth.enable kde5.bluedevil
|
||||
++ lib.optional config.networking.networkmanager.enable kde5.plasma-nm
|
||||
++ lib.optional config.hardware.pulseaudio.enable kde5.plasma-pa
|
||||
++ lib.optional config.powerManagement.enable kde5.powerdevil
|
||||
|
||||
++ lib.optionals cfg.phonon.gstreamer.enable
|
||||
[
|
||||
pkgs.phonon_backend_gstreamer
|
||||
@ -135,6 +143,7 @@ in
|
||||
pkgs.gst_all_1.gst-plugins-bad
|
||||
pkgs.gst_all_1.gst-libav # for mp3 playback
|
||||
]
|
||||
|
||||
++ lib.optionals cfg.phonon.vlc.enable
|
||||
[
|
||||
pkgs.phonon_qt5_backend_vlc
|
||||
@ -155,9 +164,14 @@ in
|
||||
GST_PLUGIN_SYSTEM_PATH_1_0 = [ "/lib/gstreamer-1.0" ];
|
||||
};
|
||||
|
||||
fonts.fonts = [ (plasma5.oxygen-fonts or pkgs.noto-fonts) ];
|
||||
# Enable GTK applications to load SVG icons
|
||||
environment.variables = mkIf (lib.hasAttr "breeze-icons" kde5) {
|
||||
GDK_PIXBUF_MODULE_FILE = "${pkgs.librsvg}/lib/gdk-pixbuf-2.0/2.10.0/loaders.cache";
|
||||
};
|
||||
|
||||
programs.ssh.askPassword = "${plasma5.ksshaskpass}/bin/ksshaskpass";
|
||||
fonts.fonts = [ (kde5.oxygen-fonts or pkgs.noto-fonts) ];
|
||||
|
||||
programs.ssh.askPassword = "${kde5.ksshaskpass}/bin/ksshaskpass";
|
||||
|
||||
# Enable helpful DBus services.
|
||||
services.udisks2.enable = true;
|
||||
@ -166,6 +180,14 @@ in
|
||||
# Extra UDEV rules used by Solid
|
||||
services.udev.packages = [ pkgs.media-player-info ];
|
||||
|
||||
services.xserver.displayManager.sddm = {
|
||||
theme = "breeze";
|
||||
themes = [
|
||||
kde5.plasma-workspace
|
||||
(kde5.oxygen-icons or kde5.oxygen-icons5)
|
||||
];
|
||||
};
|
||||
|
||||
security.pam.services.kde = { allowNullPassword = true; };
|
||||
|
||||
};
|
||||
|
@ -37,7 +37,7 @@ let
|
||||
# file provided by services.xserver.displayManager.session.script
|
||||
xsession = wm: dm: pkgs.writeScript "xsession"
|
||||
''
|
||||
#! /bin/sh
|
||||
#! ${pkgs.bash}/bin/bash
|
||||
|
||||
. /etc/profile
|
||||
cd "$HOME"
|
||||
|
@ -13,9 +13,16 @@ let
|
||||
# lightdm runs with clearenv(), but we need a few things in the enviornment for X to startup
|
||||
xserverWrapper = writeScript "xserver-wrapper"
|
||||
''
|
||||
#! /bin/sh
|
||||
#! ${pkgs.bash}/bin/bash
|
||||
${concatMapStrings (n: "export ${n}=\"${getAttr n xEnv}\"\n") (attrNames xEnv)}
|
||||
exec ${dmcfg.xserverBin} ${dmcfg.xserverArgs}
|
||||
|
||||
display=$(echo "$@" | xargs -n 1 | grep -P ^:\\d\$ | head -n 1 | sed s/^://)
|
||||
if [ -z "$display" ]
|
||||
then additionalArgs=":0 -logfile /var/log/X.0.log"
|
||||
else additionalArgs="-logfile /var/log/X.$display.log"
|
||||
fi
|
||||
|
||||
exec ${dmcfg.xserverBin} ${dmcfg.xserverArgs} $additionalArgs "$@"
|
||||
'';
|
||||
|
||||
usersConf = writeText "users.conf"
|
||||
@ -39,7 +46,6 @@ let
|
||||
greeter-session = ${cfg.greeter.name}
|
||||
${cfg.extraSeatDefaults}
|
||||
'';
|
||||
|
||||
in
|
||||
{
|
||||
# Note: the order in which lightdm greeter modules are imported
|
||||
@ -98,7 +104,6 @@ in
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
services.xserver.displayManager.slim.enable = false;
|
||||
|
||||
services.xserver.displayManager.job = {
|
||||
@ -149,5 +154,7 @@ in
|
||||
|
||||
services.xserver.displayManager.lightdm.background = mkDefault "${pkgs.nixos-artwork}/share/artwork/gnome/Gnome_Dark.png";
|
||||
|
||||
services.xserver.tty = null; # We might start multiple X servers so let the tty increment themselves..
|
||||
services.xserver.display = null; # We specify our own display (and logfile) in xserver-wrapper up there
|
||||
};
|
||||
}
|
||||
|
@ -9,12 +9,24 @@ let
|
||||
cfg = dmcfg.sddm;
|
||||
xEnv = config.systemd.services."display-manager".environment;
|
||||
|
||||
sddm = pkgs.sddm.override { inherit (cfg) themes; };
|
||||
|
||||
xserverWrapper = pkgs.writeScript "xserver-wrapper" ''
|
||||
#!/bin/sh
|
||||
${concatMapStrings (n: "export ${n}=\"${getAttr n xEnv}\"\n") (attrNames xEnv)}
|
||||
exec ${dmcfg.xserverBin} ${dmcfg.xserverArgs} "$@"
|
||||
'';
|
||||
|
||||
Xsetup = pkgs.writeScript "Xsetup" ''
|
||||
#!/bin/sh
|
||||
${cfg.setupScript}
|
||||
'';
|
||||
|
||||
Xstop = pkgs.writeScript "Xstop" ''
|
||||
#!/bin/sh
|
||||
${cfg.stopScript}
|
||||
'';
|
||||
|
||||
cfgFile = pkgs.writeText "sddm.conf" ''
|
||||
[General]
|
||||
HaltCommand=${pkgs.systemd}/bin/systemctl poweroff
|
||||
@ -22,6 +34,8 @@ let
|
||||
|
||||
[Theme]
|
||||
Current=${cfg.theme}
|
||||
ThemeDir=${sddm}/share/sddm/themes
|
||||
FacesDir=${sddm}/share/sddm/faces
|
||||
|
||||
[Users]
|
||||
MaximumUid=${toString config.ids.uids.nixbld}
|
||||
@ -35,6 +49,8 @@ let
|
||||
SessionCommand=${dmcfg.session.script}
|
||||
SessionDir=${dmcfg.session.desktops}
|
||||
XauthPath=${pkgs.xorg.xauth}/bin/xauth
|
||||
DisplayCommand=${Xsetup}
|
||||
DisplayStopCommand=${Xstop}
|
||||
|
||||
${optionalString cfg.autoLogin.enable ''
|
||||
[Autologin]
|
||||
@ -86,6 +102,35 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
themes = mkOption {
|
||||
type = types.listOf types.package;
|
||||
default = [];
|
||||
description = ''
|
||||
Extra packages providing themes.
|
||||
'';
|
||||
};
|
||||
|
||||
setupScript = mkOption {
|
||||
type = types.str;
|
||||
default = "";
|
||||
example = ''
|
||||
# workaround for using NVIDIA Optimus without Bumblebee
|
||||
xrandr --setprovideroutputsource modesetting NVIDIA-0
|
||||
xrandr --auto
|
||||
'';
|
||||
description = ''
|
||||
A script to execute when starting the display server.
|
||||
'';
|
||||
};
|
||||
|
||||
stopScript = mkOption {
|
||||
type = types.str;
|
||||
default = "";
|
||||
description = ''
|
||||
A script to execute when stopping the display server.
|
||||
'';
|
||||
};
|
||||
|
||||
autoLogin = mkOption {
|
||||
default = {};
|
||||
description = ''
|
||||
@ -93,7 +138,7 @@ in
|
||||
'';
|
||||
|
||||
type = types.submodule {
|
||||
options = {
|
||||
options = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
@ -118,7 +163,7 @@ in
|
||||
will work only the first time.
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
@ -130,14 +175,16 @@ in
|
||||
|
||||
assertions = [
|
||||
{ assertion = cfg.autoLogin.enable -> cfg.autoLogin.user != null;
|
||||
message = "SDDM auto-login requires services.xserver.displayManager.sddm.autoLogin.user to be set";
|
||||
message = ''
|
||||
SDDM auto-login requires services.xserver.displayManager.sddm.autoLogin.user to be set
|
||||
'';
|
||||
}
|
||||
{ assertion = cfg.autoLogin.enable -> elem defaultSessionName dmcfg.session.names;
|
||||
message = ''
|
||||
SDDM auto-login requires that services.xserver.desktopManager.default and
|
||||
services.xserver.windowMananger.default are set to valid values. The current
|
||||
default session: ${defaultSessionName} is not valid.
|
||||
'';
|
||||
services.xserver.windowMananger.default are set to valid values. The current
|
||||
default session: ${defaultSessionName} is not valid.
|
||||
'';
|
||||
}
|
||||
];
|
||||
|
||||
@ -146,8 +193,7 @@ in
|
||||
services.xserver.displayManager.job = {
|
||||
logsXsession = true;
|
||||
|
||||
#execCmd = "${pkgs.sddm}/bin/sddm";
|
||||
execCmd = "exec ${pkgs.sddm}/bin/sddm";
|
||||
execCmd = "exec ${sddm}/bin/sddm";
|
||||
};
|
||||
|
||||
security.pam.services = {
|
||||
|
@ -12,6 +12,7 @@ in
|
||||
./bspwm.nix
|
||||
./clfswm.nix
|
||||
./compiz.nix
|
||||
./dwm.nix
|
||||
./fluxbox.nix
|
||||
./herbstluftwm.nix
|
||||
./i3.nix
|
||||
|
37
nixos/modules/services/x11/window-managers/dwm.nix
Normal file
37
nixos/modules/services/x11/window-managers/dwm.nix
Normal file
@ -0,0 +1,37 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
|
||||
cfg = config.services.xserver.windowManager.dwm;
|
||||
|
||||
in
|
||||
|
||||
{
|
||||
|
||||
###### interface
|
||||
|
||||
options = {
|
||||
services.xserver.windowManager.dwm.enable = mkEnableOption "dwm";
|
||||
};
|
||||
|
||||
|
||||
###### implementation
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
services.xserver.windowManager.session = singleton
|
||||
{ name = "dwm";
|
||||
start =
|
||||
''
|
||||
${pkgs.dwm}/bin/dwm &
|
||||
waitPID=$!
|
||||
'';
|
||||
};
|
||||
|
||||
environment.systemPackages = [ pkgs.dwm ];
|
||||
|
||||
};
|
||||
|
||||
}
|
@ -381,13 +381,13 @@ in
|
||||
};
|
||||
|
||||
tty = mkOption {
|
||||
type = types.int;
|
||||
type = types.nullOr types.int;
|
||||
default = 7;
|
||||
description = "Virtual console for the X server.";
|
||||
};
|
||||
|
||||
display = mkOption {
|
||||
type = types.int;
|
||||
type = types.nullOr types.int;
|
||||
default = 0;
|
||||
description = "Display number for the X server.";
|
||||
};
|
||||
@ -517,11 +517,12 @@ in
|
||||
services.xserver.displayManager.xserverArgs =
|
||||
[ "-ac"
|
||||
"-terminate"
|
||||
"-logfile" "/var/log/X.${toString cfg.display}.log"
|
||||
"-config ${configFile}"
|
||||
":${toString cfg.display}" "vt${toString cfg.tty}"
|
||||
"-xkbdir" "${pkgs.xkeyboard_config}/etc/X11/xkb"
|
||||
] ++ optional (!cfg.enableTCP) "-nolisten tcp";
|
||||
] ++ optional (cfg.display != null) ":${toString cfg.display}"
|
||||
++ optional (cfg.tty != null) "vt${toString cfg.tty}"
|
||||
++ optionals (cfg.display != null) [ "-logfile" "/var/log/X.${toString cfg.display}.log" ]
|
||||
++ optional (!cfg.enableTCP) "-nolisten tcp";
|
||||
|
||||
services.xserver.modules =
|
||||
concatLists (catAttrs "modules" cfg.drivers) ++
|
||||
|
@ -470,7 +470,7 @@ in
|
||||
] ++ flip concatMap cfg.mirroredBoots (args: [
|
||||
{
|
||||
assertion = args.devices != [ ];
|
||||
message = "A boot path cannot have an empty devices string in ${arg.path}";
|
||||
message = "A boot path cannot have an empty devices string in ${args.path}";
|
||||
}
|
||||
{
|
||||
assertion = hasPrefix "/" args.path;
|
||||
|
@ -148,6 +148,12 @@ let
|
||||
|
||||
# Misc.
|
||||
"systemd-sysctl.service"
|
||||
"dbus-org.freedesktop.timedate1.service"
|
||||
"dbus-org.freedesktop.locale1.service"
|
||||
"dbus-org.freedesktop.hostname1.service"
|
||||
"systemd-timedated.service"
|
||||
"systemd-localed.service"
|
||||
"systemd-hostnamed.service"
|
||||
]
|
||||
|
||||
++ cfg.additionalUpstreamSystemUnits;
|
||||
|
170
nixos/modules/virtualisation/azure-agent.nix
Normal file
170
nixos/modules/virtualisation/azure-agent.nix
Normal file
@ -0,0 +1,170 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
|
||||
cfg = config.virtualisation.azure.agent;
|
||||
|
||||
waagent = with pkgs; stdenv.mkDerivation rec {
|
||||
name = "waagent-2.0";
|
||||
src = pkgs.fetchgit {
|
||||
url = https://github.com/Phreedom/WALinuxAgent.git;
|
||||
rev = "9dba81c7b1239c7971ec96e405e403c7cd224e6b";
|
||||
sha256 = "0khxk3ns3z37v26f2qj6m3m698a0vqpc9bxg5p7fyr3xza5gzwhs";
|
||||
};
|
||||
buildInputs = [ makeWrapper python pythonPackages.wrapPython ];
|
||||
runtimeDeps = [ findutils gnugrep gawk coreutils openssl openssh
|
||||
nettools # for hostname
|
||||
procps # for pidof
|
||||
shadow # for useradd, usermod
|
||||
utillinux # for (u)mount, fdisk, sfdisk, mkswap
|
||||
parted
|
||||
];
|
||||
pythonPath = [ pythonPackages.pyasn1 ];
|
||||
|
||||
configurePhase = false;
|
||||
buildPhase = false;
|
||||
|
||||
installPhase = ''
|
||||
substituteInPlace config/99-azure-product-uuid.rules \
|
||||
--replace /bin/chmod "${coreutils}/bin/chmod"
|
||||
mkdir -p $out/lib/udev/rules.d
|
||||
cp config/*.rules $out/lib/udev/rules.d
|
||||
|
||||
mkdir -p $out/bin
|
||||
cp waagent $out/bin/
|
||||
chmod +x $out/bin/waagent
|
||||
|
||||
wrapProgram "$out/bin/waagent" \
|
||||
--prefix PYTHONPATH : $PYTHONPATH \
|
||||
--prefix PATH : "${makeSearchPath "bin" runtimeDeps}"
|
||||
'';
|
||||
};
|
||||
|
||||
provisionedHook = pkgs.writeScript "provisioned-hook" ''
|
||||
#!${pkgs.stdenv.shell}
|
||||
${config.systemd.package}/bin/systemctl start provisioned.target
|
||||
'';
|
||||
|
||||
in
|
||||
|
||||
{
|
||||
|
||||
###### interface
|
||||
|
||||
options.virtualisation.azure.agent.enable = mkOption {
|
||||
default = false;
|
||||
description = "Whether to enable the Windows Azure Linux Agent.";
|
||||
};
|
||||
|
||||
###### implementation
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
assertions = [ {
|
||||
assertion = pkgs.stdenv.isi686 || pkgs.stdenv.isx86_64;
|
||||
message = "Azure not currently supported on ${pkgs.stdenv.system}";
|
||||
} {
|
||||
assertion = config.networking.networkmanager.enable == false;
|
||||
message = "Windows Azure Linux Agent is not compatible with NetworkManager";
|
||||
} ];
|
||||
|
||||
boot.initrd.kernelModules = [ "ata_piix" ];
|
||||
networking.firewall.allowedUDPPorts = [ 68 ];
|
||||
|
||||
|
||||
environment.etc."waagent.conf".text = ''
|
||||
#
|
||||
# Windows Azure Linux Agent Configuration
|
||||
#
|
||||
|
||||
Role.StateConsumer=${provisionedHook}
|
||||
|
||||
# Enable instance creation
|
||||
Provisioning.Enabled=y
|
||||
|
||||
# Password authentication for root account will be unavailable.
|
||||
Provisioning.DeleteRootPassword=n
|
||||
|
||||
# Generate fresh host key pair.
|
||||
Provisioning.RegenerateSshHostKeyPair=y
|
||||
|
||||
# Supported values are "rsa", "dsa" and "ecdsa".
|
||||
Provisioning.SshHostKeyPairType=ed25519
|
||||
|
||||
# Monitor host name changes and publish changes via DHCP requests.
|
||||
Provisioning.MonitorHostName=y
|
||||
|
||||
# Decode CustomData from Base64.
|
||||
Provisioning.DecodeCustomData=n
|
||||
|
||||
# Execute CustomData after provisioning.
|
||||
Provisioning.ExecuteCustomData=n
|
||||
|
||||
# Format if unformatted. If 'n', resource disk will not be mounted.
|
||||
ResourceDisk.Format=y
|
||||
|
||||
# File system on the resource disk
|
||||
# Typically ext3 or ext4. FreeBSD images should use 'ufs2' here.
|
||||
ResourceDisk.Filesystem=ext4
|
||||
|
||||
# Mount point for the resource disk
|
||||
ResourceDisk.MountPoint=/mnt/resource
|
||||
|
||||
# Respond to load balancer probes if requested by Windows Azure.
|
||||
LBProbeResponder=y
|
||||
|
||||
# Enable logging to serial console (y|n)
|
||||
# When stdout is not enough...
|
||||
# 'y' if not set
|
||||
Logs.Console=y
|
||||
|
||||
# Enable verbose logging (y|n)
|
||||
Logs.Verbose=n
|
||||
|
||||
# Root device timeout in seconds.
|
||||
OS.RootDeviceScsiTimeout=300
|
||||
'';
|
||||
|
||||
services.udev.packages = [ waagent ];
|
||||
|
||||
networking.dhcpcd.persistent = true;
|
||||
|
||||
services.logrotate = {
|
||||
enable = true;
|
||||
config = ''
|
||||
/var/log/waagent.log {
|
||||
compress
|
||||
monthly
|
||||
rotate 6
|
||||
notifempty
|
||||
missingok
|
||||
}
|
||||
'';
|
||||
};
|
||||
|
||||
systemd.targets.provisioned = {
|
||||
description = "Services Requiring Azure VM provisioning to have finished";
|
||||
wantedBy = [ "sshd.service" ];
|
||||
before = [ "sshd.service" ];
|
||||
};
|
||||
|
||||
|
||||
systemd.services.waagent = {
|
||||
wantedBy = [ "sshd.service" ];
|
||||
before = [ "sshd.service" ];
|
||||
after = [ "ip-up.target" ];
|
||||
wants = [ "ip-up.target" ];
|
||||
|
||||
path = [ pkgs.e2fsprogs ];
|
||||
description = "Windows Azure Agent Service";
|
||||
unitConfig.ConditionPathExists = "/etc/waagent.conf";
|
||||
serviceConfig = {
|
||||
ExecStart = "${waagent}/bin/waagent -daemon";
|
||||
Type = "simple";
|
||||
};
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
}
|
@ -4,6 +4,9 @@ with lib;
|
||||
{
|
||||
imports = [ ../profiles/headless.nix ];
|
||||
|
||||
require = [ ./azure-agent.nix ];
|
||||
virtualisation.azure.agent.enable = true;
|
||||
|
||||
boot.kernelParams = [ "console=ttyS0" "earlyprintk=ttyS0" "rootdelay=300" "panic=1" "boot.panic_on_fail" ];
|
||||
boot.initrd.kernelModules = [ "hv_vmbus" "hv_netvsc" "hv_utils" "hv_storvsc" ];
|
||||
|
||||
|
@ -98,8 +98,8 @@ in
|
||||
systemd.services.fetch-ssh-keys =
|
||||
{ description = "Fetch host keys and authorized_keys for root user";
|
||||
|
||||
wantedBy = [ "sshd.service" ];
|
||||
before = [ "sshd.service" ];
|
||||
wantedBy = [ "sshd.service" "waagent.service" ];
|
||||
before = [ "sshd.service" "waagent.service" ];
|
||||
after = [ "local-fs.target" ];
|
||||
|
||||
path = [ pkgs.coreutils ];
|
||||
@ -108,14 +108,14 @@ in
|
||||
eval "$(base64 --decode /metadata/CustomData.bin)"
|
||||
if ! [ -z "$ssh_host_ecdsa_key" ]; then
|
||||
echo "downloaded ssh_host_ecdsa_key"
|
||||
echo "$ssh_host_ecdsa_key" > /etc/ssh/ssh_host_ecdsa_key
|
||||
chmod 600 /etc/ssh/ssh_host_ecdsa_key
|
||||
echo "$ssh_host_ecdsa_key" > /etc/ssh/ssh_host_ed25519_key
|
||||
chmod 600 /etc/ssh/ssh_host_ed25519_key
|
||||
fi
|
||||
|
||||
if ! [ -z "$ssh_host_ecdsa_key_pub" ]; then
|
||||
echo "downloaded ssh_host_ecdsa_key_pub"
|
||||
echo "$ssh_host_ecdsa_key_pub" > /etc/ssh/ssh_host_ecdsa_key.pub
|
||||
chmod 644 /etc/ssh/ssh_host_ecdsa_key.pub
|
||||
echo "$ssh_host_ecdsa_key_pub" > /etc/ssh/ssh_host_ed25519_key.pub
|
||||
chmod 644 /etc/ssh/ssh_host_ed25519_key.pub
|
||||
fi
|
||||
|
||||
if ! [ -z "$ssh_root_auth_key" ]; then
|
||||
|
@ -76,14 +76,14 @@ let
|
||||
-virtfs local,path=$TMPDIR/xchg,security_model=none,mount_tag=xchg \
|
||||
-virtfs local,path=''${SHARED_DIR:-$TMPDIR/xchg},security_model=none,mount_tag=shared \
|
||||
${if cfg.useBootLoader then ''
|
||||
-drive index=0,id=drive1,file=$NIX_DISK_IMAGE,if=${cfg.qemu.diskInterface},cache=writeback,werror=report \
|
||||
-drive index=0,id=drive1,file=$NIX_DISK_IMAGE,if=${cfg.qemu.diskInterface},cache=none,werror=report \
|
||||
-drive index=1,id=drive2,file=$TMPDIR/disk.img,media=disk \
|
||||
${if cfg.useEFIBoot then ''
|
||||
-pflash $TMPDIR/bios.bin \
|
||||
'' else ''
|
||||
''}
|
||||
'' else ''
|
||||
-drive index=0,id=drive1,file=$NIX_DISK_IMAGE,if=${cfg.qemu.diskInterface},cache=writeback,werror=report \
|
||||
-drive index=0,id=drive1,file=$NIX_DISK_IMAGE,if=${cfg.qemu.diskInterface},cache=none,werror=report \
|
||||
-kernel ${config.system.build.toplevel}/kernel \
|
||||
-initrd ${config.system.build.toplevel}/initrd \
|
||||
-append "$(cat ${config.system.build.toplevel}/kernel-params) init=${config.system.build.toplevel}/init regInfo=${regInfo} ${kernelConsole} $QEMU_KERNEL_PARAMS" \
|
||||
@ -297,6 +297,7 @@ in
|
||||
virtualisation.qemu = {
|
||||
options =
|
||||
mkOption {
|
||||
type = types.listOf types.unspecified;
|
||||
default = [];
|
||||
example = [ "-vga std" ];
|
||||
description = "Options passed to QEMU.";
|
||||
@ -425,19 +426,19 @@ in
|
||||
${if cfg.writableStore then "/nix/.ro-store" else "/nix/store"} =
|
||||
{ device = "store";
|
||||
fsType = "9p";
|
||||
options = "trans=virtio,version=9p2000.L,msize=1048576,cache=loose";
|
||||
options = "trans=virtio,version=9p2000.L,cache=loose";
|
||||
neededForBoot = true;
|
||||
};
|
||||
"/tmp/xchg" =
|
||||
{ device = "xchg";
|
||||
fsType = "9p";
|
||||
options = "trans=virtio,version=9p2000.L,msize=1048576,cache=loose";
|
||||
options = "trans=virtio,version=9p2000.L,cache=loose";
|
||||
neededForBoot = true;
|
||||
};
|
||||
"/tmp/shared" =
|
||||
{ device = "shared";
|
||||
fsType = "9p";
|
||||
options = "trans=virtio,version=9p2000.L,msize=1048576";
|
||||
options = "trans=virtio,version=9p2000.L";
|
||||
neededForBoot = true;
|
||||
};
|
||||
} // optionalAttrs cfg.writableStore
|
||||
|
62
nixos/modules/virtualisation/rkt.nix
Normal file
62
nixos/modules/virtualisation/rkt.nix
Normal file
@ -0,0 +1,62 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.virtualisation.rkt;
|
||||
in
|
||||
{
|
||||
options.virtualisation.rkt = {
|
||||
enable = mkEnableOption "rkt metadata service";
|
||||
|
||||
gc = {
|
||||
automatic = mkOption {
|
||||
default = true;
|
||||
type = types.bool;
|
||||
description = "Automatically run the garbage collector at a specific time.";
|
||||
};
|
||||
|
||||
dates = mkOption {
|
||||
default = "03:15";
|
||||
type = types.str;
|
||||
description = ''
|
||||
Specification (in the format described by
|
||||
<citerefentry><refentrytitle>systemd.time</refentrytitle>
|
||||
<manvolnum>5</manvolnum></citerefentry>) of the time at
|
||||
which the garbage collector will run.
|
||||
'';
|
||||
};
|
||||
|
||||
options = mkOption {
|
||||
default = "--grace-period=24h";
|
||||
type = types.str;
|
||||
description = ''
|
||||
Options given to <filename>rkt gc</filename> when the
|
||||
garbage collector is run automatically.
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
environment.systemPackages = [ pkgs.rkt ];
|
||||
|
||||
systemd.services.rkt = {
|
||||
description = "rkt metadata service";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "network.target" ];
|
||||
serviceConfig = {
|
||||
ExecStart = "${pkgs.rkt}/bin/rkt metadata-service";
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.rkt-gc = {
|
||||
description = "rkt garbage collection";
|
||||
startAt = optionalString cfg.gc.automatic cfg.gc.dates;
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
ExecStart = "${pkgs.rkt}/bin/rkt gc ${cfg.gc.options}";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
@ -83,6 +83,7 @@ in rec {
|
||||
(all nixos.tests.openssh)
|
||||
(all nixos.tests.printing)
|
||||
(all nixos.tests.proxy)
|
||||
(all nixos.tests.sddm)
|
||||
(all nixos.tests.simple)
|
||||
(all nixos.tests.udisks2)
|
||||
(all nixos.tests.xfce)
|
||||
|
@ -283,9 +283,11 @@ in rec {
|
||||
tests.peerflix = callTest tests/peerflix.nix {};
|
||||
tests.printing = callTest tests/printing.nix {};
|
||||
tests.proxy = callTest tests/proxy.nix {};
|
||||
tests.pumpio = callTest tests/pump.io.nix {};
|
||||
tests.quake3 = callTest tests/quake3.nix {};
|
||||
tests.runInMachine = callTest tests/run-in-machine.nix {};
|
||||
tests.sddm = callTest tests/sddm.nix {};
|
||||
tests.sddm-kde5 = callTest tests/sddm-kde5.nix {};
|
||||
tests.simple = callTest tests/simple.nix {};
|
||||
tests.tomcat = callTest tests/tomcat.nix {};
|
||||
tests.udisks2 = callTest tests/udisks2.nix {};
|
||||
|
@ -25,7 +25,7 @@ in
|
||||
import ./make-test.nix ({ pkgs, ...} : {
|
||||
name = "cjdns";
|
||||
meta = with pkgs.stdenv.lib.maintainers; {
|
||||
maintainers = [ emery ];
|
||||
maintainers = [ ehmry ];
|
||||
};
|
||||
|
||||
nodes = rec
|
||||
@ -122,4 +122,4 @@ import ./make-test.nix ({ pkgs, ...} : {
|
||||
|
||||
$bob->succeed("curl --fail -g http://[$aliceIp6]");
|
||||
'';
|
||||
})
|
||||
})
|
||||
|
94
nixos/tests/pump.io.nix
Normal file
94
nixos/tests/pump.io.nix
Normal file
@ -0,0 +1,94 @@
|
||||
# This test runs pump.io with mongodb, listing on port 443.
|
||||
|
||||
import ./make-test.nix ({ pkgs, ...} : let
|
||||
snakeOilKey = ''
|
||||
-----BEGIN PRIVATE KEY-----
|
||||
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCqVemio78R41Tz
|
||||
MnR2zFD/wFT0iScOpFkuytNmuPf28FLaa9wSBWmuAGbEi7wBIfw8/bUqFBTQp2G1
|
||||
m1cmcCKxhmvvOkGs89eM131s1lW/bXU3zYso4e7724kHwU65jRlQs6cFWIlmW7V5
|
||||
3HQobP05dy+zPpujPPSlOQ0qYViR1s+RgZI8r0wS2ZDsliNtQwBLJSIvX6XVnXLo
|
||||
F/HmF4/ySJ9pL2AxQXCwZE8SfCzHpArs9COIqTaAuwB79kxWSFQJewmab74BXiM6
|
||||
9FMCtHON24Pl7OR9sRJHH8rMEzUumppmUeCNEzABjzQQ7svR18cmbzRWetp0tT9Y
|
||||
7rj6URHHAgMBAAECggEAGmbCldDnlrAzxJY3cwpsK5f2EwkHIr/aiuQpLCzTUlUh
|
||||
onVBYRGxtaSeSSyXcV2BKTrxz5nZOBYZkPqI4Y5T8kwxgpz2/QW2jUABUtNN6yPe
|
||||
HU4gma+bSTJX5PnTZ/M0z0tpQezdLx5b3I2M+48ZGMUegZvcp8qU6N8U6VK5VbFD
|
||||
DMTGL4b+Kc9HScRkCJjU3FfQcqf9Ml5w9jzHSeHImYEDrG0nX8N8EImRCBXbgxCl
|
||||
5XT1h6LFUGdr+N6n2w56+6l8OZZVmwj1NdF6NJybUQl4Y7b0niA+5czzjRt/YUjZ
|
||||
HW0fXmx3XlbYGWYdMdS+VaIW6pkUpm8kZkqjngqLwQKBgQDfhbFQmg9lsJQ8/dQZ
|
||||
WzRNsozHKWkQiZbW5sXBWygJbAB3Hc8gvQkuZe9TVyF99cznRj6ro6pGZjP0rTdY
|
||||
3ACTL+ygRArcIR6VsJCIr6nPvBLpOoNb8TQeKPmHC2gnSP9zaT/K2lldYISKNaYQ
|
||||
0seB2gvZhIgMgWtZtmb3jdgl9wKBgQDDFdknXgvFgB+y96//9wTu2WWuE5yQ5yB7
|
||||
utAcHNO9rx5X1tJqxymYh+iE8HUN25By+96SpNMQFI+0wNGVB00YWNBKtyepimWN
|
||||
EUCojTy+MIXIjrLcvviEePsI4TPWYf8XtZeiYtcczYrt/wPQUYaDb8LBRfpIfmhr
|
||||
rCGW93s+sQKBgEDOKTeeQyKPjJsWWL01RTfVsZ04s155FcOeyu0heb0plAT1Ho12
|
||||
YUgTg8zc8Tfs4QiYxCjNXdvlW+Dvq6FWv8/s0CUzNRbXf1+U/oKys4AoHi+CqH0q
|
||||
tJqd9KKjuwHQ10dl13n/znMVPbg4j7pG8lMCnfblxvAhQbeT+8yAUo/HAoGBAL3t
|
||||
/n4KXNGK3NHDvXEp0H6t3wWsiEi3DPQJO+Wy1x8caCFCv5c/kaqz3tfWt0+njSm1
|
||||
N8tzdx13tzVWaHV8Jz3l8dxcFtxEJnxB6L5wy0urOAS7kT3DG3b1xgmuH2a//7fY
|
||||
jumE60NahcER/2eIh7pdS7IZbAO6NfVmH0m4Zh/xAoGAbquh60sAfLC/1O2/4Xom
|
||||
PHS7z2+TNpwu4ou3nspxfigNQcTWzzzTVFLnaTPg+HKbLRXSWysjssmmj5u3lCyc
|
||||
S2M9xuhApa9CrN/udz4gEojRVsTla/gyLifIZ3CtTn2QEQiIJEMxM+59KAlkgUBo
|
||||
9BeZ03xTaEZfhVZ9bEN30Ak=
|
||||
-----END PRIVATE KEY-----
|
||||
'';
|
||||
|
||||
snakeOilCert = ''
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIICvjCCAaagAwIBAgIJANhA6+PPhomZMA0GCSqGSIb3DQEBCwUAMBcxFTATBgNV
|
||||
BAMMDGIwOTM0YWMwYWZkNTAeFw0xNTExMzAxNzQ3MzVaFw0yNTExMjcxNzQ3MzVa
|
||||
MBcxFTATBgNVBAMMDGIwOTM0YWMwYWZkNTCCASIwDQYJKoZIhvcNAQEBBQADggEP
|
||||
ADCCAQoCggEBAKpV6aKjvxHjVPMydHbMUP/AVPSJJw6kWS7K02a49/bwUtpr3BIF
|
||||
aa4AZsSLvAEh/Dz9tSoUFNCnYbWbVyZwIrGGa+86Qazz14zXfWzWVb9tdTfNiyjh
|
||||
7vvbiQfBTrmNGVCzpwVYiWZbtXncdChs/Tl3L7M+m6M89KU5DSphWJHWz5GBkjyv
|
||||
TBLZkOyWI21DAEslIi9fpdWdcugX8eYXj/JIn2kvYDFBcLBkTxJ8LMekCuz0I4ip
|
||||
NoC7AHv2TFZIVAl7CZpvvgFeIzr0UwK0c43bg+Xs5H2xEkcfyswTNS6ammZR4I0T
|
||||
MAGPNBDuy9HXxyZvNFZ62nS1P1juuPpREccCAwEAAaMNMAswCQYDVR0TBAIwADAN
|
||||
BgkqhkiG9w0BAQsFAAOCAQEAd2w9rxi6qF9WV8L3rHnTE7uu0ldtdgJlCASx6ouj
|
||||
TleOnjfEg+kH8r8UbmRV5vsTDn1Qp5JGDYxfytRUQwLb1zTLde0xotx37E3LY8Wr
|
||||
sD6Al4t8sHywB/hc5dy29TgG0iyG8LKZrkwytLvDZ814W3OwpN2rpEz6pdizdHNn
|
||||
jsoDEngZiDHvLjIyE0cDkFXkeYMGXOnBUeOcu4nfu4C5eKs3nXGGAcNDbDRIuLoE
|
||||
BZExUBY+YSs6JBvh5tvRqLVW0Dz0akEcjb/jhwS2LmDip8Pdoxx4Q1jPKEu38zrr
|
||||
Vd5WD2HJhLb9u0UxVp9vfWIUDgydopV5ZmWCQ5YvNepb1w==
|
||||
-----END CERTIFICATE-----
|
||||
'';
|
||||
|
||||
makePump = { opts ? { } }:
|
||||
{
|
||||
enable = true;
|
||||
sslCert = pkgs.writeText "snakeoil.cert" snakeOilCert;
|
||||
sslKey = pkgs.writeText "snakeoil.pem" snakeOilKey;
|
||||
secret = "test";
|
||||
site = "test";
|
||||
} // opts;
|
||||
|
||||
in {
|
||||
name = "pumpio";
|
||||
meta = with pkgs.stdenv.lib.maintainers; {
|
||||
maintainers = [ rvl ];
|
||||
};
|
||||
|
||||
nodes = {
|
||||
one =
|
||||
{ config, pkgs, ... }:
|
||||
{
|
||||
services = {
|
||||
pumpio = makePump { opts = {
|
||||
port = 443;
|
||||
}; };
|
||||
mongodb.enable = true;
|
||||
mongodb.extraConfig = ''
|
||||
nojournal = true
|
||||
'';
|
||||
};
|
||||
systemd.services.mongodb.unitConfig.Before = "pump.io.service";
|
||||
systemd.services.mongodb.unitConfig.RequiredBy = "pump.io.service";
|
||||
};
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
startAll;
|
||||
|
||||
$one->waitForUnit("pump.io.service");
|
||||
$one->waitUntilSucceeds("curl -k https://localhost");
|
||||
'';
|
||||
})
|
29
nixos/tests/sddm-kde5.nix
Normal file
29
nixos/tests/sddm-kde5.nix
Normal file
@ -0,0 +1,29 @@
|
||||
import ./make-test.nix ({ pkgs, ...} : {
|
||||
name = "sddm";
|
||||
meta = with pkgs.stdenv.lib.maintainers; {
|
||||
maintainers = [ ttuegel ];
|
||||
};
|
||||
|
||||
machine = { lib, ... }: {
|
||||
imports = [ ./common/user-account.nix ];
|
||||
services.xserver.enable = true;
|
||||
services.xserver.displayManager.sddm = {
|
||||
enable = true;
|
||||
autoLogin = {
|
||||
enable = true;
|
||||
user = "alice";
|
||||
};
|
||||
};
|
||||
services.xserver.windowManager.default = "icewm";
|
||||
services.xserver.windowManager.icewm.enable = true;
|
||||
services.xserver.desktopManager.default = "none";
|
||||
services.xserver.desktopManager.kde5.enable = true;
|
||||
};
|
||||
|
||||
enableOCR = true;
|
||||
|
||||
testScript = { nodes, ... }: ''
|
||||
startAll;
|
||||
$machine->waitForWindow("^IceWM ");
|
||||
'';
|
||||
})
|
@ -1,13 +1,13 @@
|
||||
{ stdenv, fetchurl, db4, boost, openssl, miniupnpc, unzip }:
|
||||
{ stdenv, fetchzip, db4, boost, openssl, miniupnpc, unzip }:
|
||||
|
||||
with stdenv.lib;
|
||||
stdenv.mkDerivation rec {
|
||||
version = "0.3.80";
|
||||
name = "namecoind-${version}";
|
||||
|
||||
src = fetchurl {
|
||||
src = fetchzip {
|
||||
url = "https://github.com/namecoin/namecoin/archive/nc${version}.tar.gz";
|
||||
sha256 = "1755mqxpg91wg9hf0ibpj59sdzfmhh73yrpi7hfi2ipabkwmlpiz";
|
||||
sha256 = "0mbkhj7y3f4vbqp5q3zk27bzqlk2kq71rcgivvj06w29fzd64mw6";
|
||||
};
|
||||
|
||||
buildInputs = [ db4 boost openssl unzip miniupnpc ];
|
||||
|
@ -1,22 +1,120 @@
|
||||
{ stdenv, fetchgit, ncurses, pkgconfig, alsaLib, flac, libmad, ffmpeg, libvorbis, libmpc, mp4v2, libcue, libpulseaudio}:
|
||||
{ stdenv, fetchFromGitHub, ncurses, pkgconfig
|
||||
|
||||
, alsaSupport ? stdenv.isLinux, alsaLib ? null
|
||||
# simple fallback for everyone else
|
||||
, aoSupport ? !stdenv.isLinux, libao ? null
|
||||
, jackSupport ? false, libjack ? null
|
||||
, samplerateSupport ? jackSupport, libsamplerate ? null
|
||||
, ossSupport ? false, alsaOss ? null
|
||||
, pulseaudioSupport ? false, libpulseaudio ? null
|
||||
|
||||
# TODO: add these
|
||||
#, artsSupport
|
||||
#, roarSupport
|
||||
#, sndioSupport
|
||||
#, sunSupport
|
||||
#, waveoutSupport
|
||||
|
||||
, cddbSupport ? true, libcddb ? null
|
||||
, cdioSupport ? true, libcdio ? null
|
||||
, cueSupport ? true, libcue ? null
|
||||
, discidSupport ? true, libdiscid ? null
|
||||
, ffmpegSupport ? true, ffmpeg ? null
|
||||
, flacSupport ? true, flac ? null
|
||||
, madSupport ? true, libmad ? null
|
||||
, mikmodSupport ? true, libmikmod ? null
|
||||
, modplugSupport ? true, libmodplug ? null
|
||||
, mpcSupport ? true, libmpcdec ? null
|
||||
, tremorSupport ? false, tremor ? null
|
||||
, vorbisSupport ? true, libvorbis ? null
|
||||
, wavpackSupport ? true, wavpack ? null
|
||||
|
||||
# can't make these work, something is broken
|
||||
#, aacSupport ? true, faac ? null
|
||||
#, mp4Support ? true, mp4v2 ? null
|
||||
#, opusSupport ? true, opusfile ? null
|
||||
|
||||
# not in nixpkgs
|
||||
#, vtxSupport ? true, libayemu ? null
|
||||
}:
|
||||
|
||||
with stdenv.lib;
|
||||
|
||||
assert samplerateSupport -> jackSupport;
|
||||
|
||||
# vorbis and tremor are mutually exclusive
|
||||
assert vorbisSupport -> !tremorSupport;
|
||||
assert tremorSupport -> !vorbisSupport;
|
||||
|
||||
let
|
||||
|
||||
mkFlag = b: f: dep: if b
|
||||
then { flags = [ f ]; deps = [ dep ]; }
|
||||
else { flags = []; deps = []; };
|
||||
|
||||
opts = [
|
||||
# Audio output
|
||||
(mkFlag alsaSupport "CONFIG_ALSA=y" alsaLib)
|
||||
(mkFlag aoSupport "CONFIG_AO=y" libao)
|
||||
(mkFlag jackSupport "CONFIG_JACK=y" libjack)
|
||||
(mkFlag samplerateSupport "CONFIG_SAMPLERATE=y" libsamplerate)
|
||||
(mkFlag ossSupport "CONFIG_OSS=y" alsaOss)
|
||||
(mkFlag pulseaudioSupport "CONFIG_PULSE=y" libpulseaudio)
|
||||
|
||||
#(mkFlag artsSupport "CONFIG_ARTS=y")
|
||||
#(mkFlag roarSupport "CONFIG_ROAR=y")
|
||||
#(mkFlag sndioSupport "CONFIG_SNDIO=y")
|
||||
#(mkFlag sunSupport "CONFIG_SUN=y")
|
||||
#(mkFlag waveoutSupport "CONFIG_WAVEOUT=y")
|
||||
|
||||
# Input file formats
|
||||
(mkFlag cddbSupport "CONFIG_CDDB=y" libcddb)
|
||||
(mkFlag cdioSupport "CONFIG_CDIO=y" libcdio)
|
||||
(mkFlag cueSupport "CONFIG_CUE=y" libcue)
|
||||
(mkFlag discidSupport "CONFIG_DISCID=y" libdiscid)
|
||||
(mkFlag ffmpegSupport "CONFIG_FFMPEG=y" ffmpeg)
|
||||
(mkFlag flacSupport "CONFIG_FLAC=y" flac)
|
||||
(mkFlag madSupport "CONFIG_MAD=y" libmad)
|
||||
(mkFlag mikmodSupport "CONFIG_MIKMOD=y" libmikmod)
|
||||
(mkFlag modplugSupport "CONFIG_MODPLUG=y" libmodplug)
|
||||
(mkFlag mpcSupport "CONFIG_MPC=y" libmpcdec)
|
||||
(mkFlag tremorSupport "CONFIG_TREMOR=y" tremor)
|
||||
(mkFlag vorbisSupport "CONFIG_VORBIS=y" libvorbis)
|
||||
(mkFlag wavpackSupport "CONFIG_WAVPACK=y" wavpack)
|
||||
|
||||
#(mkFlag opusSupport "CONFIG_OPUS=y" opusfile)
|
||||
#(mkFlag mp4Support "CONFIG_MP4=y" mp4v2)
|
||||
#(mkFlag aacSupport "CONFIG_AAC=y" faac)
|
||||
|
||||
#(mkFlag vtxSupport "CONFIG_VTX=y" libayemu)
|
||||
];
|
||||
|
||||
in
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "cmus-${version}";
|
||||
version = "2.6.0";
|
||||
version = "2.7.0";
|
||||
|
||||
src = fetchgit {
|
||||
url = https://github.com/cmus/cmus.git;
|
||||
rev = "46b71032da827d22d4fae5bf2afcc4c9afef568c";
|
||||
sha256 = "1hkqifll5ryf3ljp3w1dxz1p8m6rk34fpazc6vwavis6ga310hka";
|
||||
src = fetchFromGitHub {
|
||||
owner = "cmus";
|
||||
repo = "cmus";
|
||||
rev = "0306cc74c5073a85cf8619c61da5b94a3f863eaa";
|
||||
sha256 = "18w9mznb843nzkrcqvshfha51mlpdl92zlvb5wfc5dpgrbf37728";
|
||||
};
|
||||
|
||||
configurePhase = "./configure prefix=$out";
|
||||
patches = [ ./option-debugging.patch ];
|
||||
|
||||
buildInputs = [ ncurses pkgconfig alsaLib flac libmad ffmpeg libvorbis libmpc mp4v2 libcue libpulseaudio ];
|
||||
configurePhase = "./configure " + concatStringsSep " " ([
|
||||
"prefix=$out"
|
||||
"CONFIG_WAV=y"
|
||||
] ++ concatMap (a: a.flags) opts);
|
||||
|
||||
buildInputs = [ ncurses pkgconfig ] ++ concatMap (a: a.deps) opts;
|
||||
|
||||
meta = {
|
||||
description = "Small, fast and powerful console music player for Linux and *BSD";
|
||||
homepage = https://cmus.github.io/;
|
||||
license = stdenv.lib.licenses.gpl2;
|
||||
maintainers = [ stdenv.lib.maintainers.oxij ];
|
||||
};
|
||||
}
|
||||
|
42
pkgs/applications/audio/cmus/option-debugging.patch
Normal file
42
pkgs/applications/audio/cmus/option-debugging.patch
Normal file
@ -0,0 +1,42 @@
|
||||
Shows build and link errors in configure for ease of debugging which
|
||||
options require what.
|
||||
diff --git a/scripts/checks.sh b/scripts/checks.sh
|
||||
index 64cbbf3..fab4d9b 100644
|
||||
--- a/scripts/checks.sh
|
||||
+++ b/scripts/checks.sh
|
||||
@@ -425,7 +425,7 @@ try_compile()
|
||||
echo "$1" > $__src || exit 1
|
||||
shift
|
||||
__cmd="$CC -c $CFLAGS $@ $__src -o $__obj"
|
||||
- $CC -c $CFLAGS "$@" $__src -o $__obj 2>/dev/null
|
||||
+ $CC -c $CFLAGS "$@" $__src -o $__obj
|
||||
;;
|
||||
cxx)
|
||||
__src=`tmp_file prog.cc`
|
||||
@@ -433,7 +433,7 @@ try_compile()
|
||||
echo "$1" > $__src || exit 1
|
||||
shift
|
||||
__cmd="$CXX -c $CXXFLAGS $@ $__src -o $__obj"
|
||||
- $CXX -c $CXXFLAGS "$@" $__src -o $__obj 2>/dev/null
|
||||
+ $CXX -c $CXXFLAGS "$@" $__src -o $__obj
|
||||
;;
|
||||
esac
|
||||
return $?
|
||||
@@ -451,7 +451,7 @@ try_compile_link()
|
||||
echo "$1" > $__src || exit 1
|
||||
shift
|
||||
__cmd="$CC $__src -o $__exe $CFLAGS $LDFLAGS $@"
|
||||
- $CC $__src -o $__exe $CFLAGS $LDFLAGS "$@" 2>/dev/null
|
||||
+ $CC $__src -o $__exe $CFLAGS $LDFLAGS "$@"
|
||||
;;
|
||||
cxx)
|
||||
__src=`tmp_file prog.cc`
|
||||
@@ -459,7 +459,7 @@ try_compile_link()
|
||||
echo "$1" > $__src || exit 1
|
||||
shift
|
||||
__cmd="$CXX $__src -o $__exe $CXXFLAGS $CXXLDFLAGS $@"
|
||||
- $CXX $__src -o $__exe $CXXFLAGS $CXXLDFLAGS "$@" 2>/dev/null
|
||||
+ $CXX $__src -o $__exe $CXXFLAGS $CXXLDFLAGS "$@"
|
||||
;;
|
||||
esac
|
||||
return $?
|
@ -11,7 +11,7 @@ stdenv.mkDerivation rec {
|
||||
{ description = "Auditory binaural-beat generator";
|
||||
homepage = http://gnaural.sourceforge.net/;
|
||||
license = licenses.gpl2;
|
||||
maintainers = [ maintainers.emery ];
|
||||
maintainers = [ maintainers.ehmry ];
|
||||
platforms = platforms.linux;
|
||||
};
|
||||
}
|
||||
|
@ -6,23 +6,24 @@ let
|
||||
archUrl = name: arch: "http://dl.google.com/linux/musicmanager/deb/pool/main/g/google-musicmanager-beta/${name}_${arch}.deb";
|
||||
in
|
||||
stdenv.mkDerivation rec {
|
||||
version = "beta_1.0.221.5230-r0"; # friendly to nix-env version sorting algo
|
||||
version = "beta_1.0.243.1116-r0"; # friendly to nix-env version sorting algo
|
||||
product = "google-musicmanager";
|
||||
name = "${product}-${version}";
|
||||
|
||||
# When looking for newer versions, since google doesn't let you list their repo dirs,
|
||||
# curl http://dl.google.com/linux/musicmanager/deb/dists/stable/Release
|
||||
# fetch an appropriate packages file eg main/binary-amd64/Packages
|
||||
# fetch an appropriate packages file such as main/binary-amd64/Packages:
|
||||
# curl http://dl.google.com/linux/musicmanager/deb/dists/stable/main/binary-amd64/Packages
|
||||
# which will contain the links to all available *.debs for the arch.
|
||||
|
||||
src = if stdenv.system == "x86_64-linux"
|
||||
then fetchurl {
|
||||
url = archUrl name "amd64";
|
||||
sha256 = "1h0ssbz6y9xi2szalgb5wcxi8m1ylg4qf2za6zgvi908hpan7q37";
|
||||
sha256 = "54f97f449136e173492d36084f2c01244b84f02d6e223fb8a40661093e0bec7c";
|
||||
}
|
||||
else fetchurl {
|
||||
url = archUrl name "i386";
|
||||
sha256 = "0q8cnzx7s25bpqlbp40d43mwd6m8kvhvdifkqlgc9phpydnqpd1i";
|
||||
sha256 = "121a7939015e2270afa3f1c73554102e2b4f2e6a31482ff7be5e7c28dd101d3c";
|
||||
};
|
||||
|
||||
unpackPhase = ''
|
||||
|
@ -40,7 +40,7 @@ stdenv.mkDerivation {
|
||||
meta = with stdenv.lib;
|
||||
{ description = "Collection of audio level meters with GUI in LV2 plugin format";
|
||||
homepage = http://x42.github.io/meters.lv2/;
|
||||
maintainers = with maintainers; [ emery ];
|
||||
maintainers = with maintainers; [ ehmry ];
|
||||
license = licenses.gpl2;
|
||||
platforms = platforms.linux;
|
||||
};
|
||||
|
23
pkgs/applications/audio/mopidy-gmusic/default.nix
Normal file
23
pkgs/applications/audio/mopidy-gmusic/default.nix
Normal file
@ -0,0 +1,23 @@
|
||||
{ stdenv, fetchurl, pythonPackages, mopidy }:
|
||||
|
||||
pythonPackages.buildPythonPackage rec {
|
||||
name = "mopidy-gmusic-${version}";
|
||||
version = "1.0.0";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/mopidy/mopidy-gmusic/archive/v${version}.tar.gz";
|
||||
sha256 = "0yfilzfamy1bxnmgb1xk56jrk4sz0i7vcnc0a8klrm9sc7agnm9i";
|
||||
};
|
||||
|
||||
propagatedBuildInputs = [ mopidy pythonPackages.requests2 pythonPackages.gmusicapi ];
|
||||
|
||||
doCheck = false;
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
homepage = http://www.mopidy.com/;
|
||||
description = "Mopidy extension for playing music from Google Play Music";
|
||||
license = licenses.asl20;
|
||||
maintainers = [ maintainers.jgillich ];
|
||||
hydraPlatforms = [];
|
||||
};
|
||||
}
|
@ -5,15 +5,15 @@
|
||||
pythonPackages.buildPythonPackage rec {
|
||||
name = "mopidy-${version}";
|
||||
|
||||
version = "1.0.5";
|
||||
version = "1.1.1";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/mopidy/mopidy/archive/v${version}.tar.gz";
|
||||
sha256 = "0lhmm2w2djf6mb3acw1yq1k4j74v1lf4kgx24dsdnpkgsycrv5q6";
|
||||
sha256 = "1xfyg8xqgnrb98wx7a4fzr4vlzkffjhkc1s36ka63rwmx86vqhyw";
|
||||
};
|
||||
|
||||
propagatedBuildInputs = with pythonPackages; [
|
||||
gst_python pygobject pykka tornado gst_plugins_base gst_plugins_good
|
||||
gst_python pygobject pykka tornado requests2 gst_plugins_base gst_plugins_good
|
||||
];
|
||||
|
||||
# There are no tests
|
||||
|
@ -35,7 +35,7 @@ buildPythonPackage {
|
||||
meta = with stdenv.lib; {
|
||||
homepage = "http://musicbrainz.org/doc/MusicBrainz_Picard";
|
||||
description = "The official MusicBrainz tagger";
|
||||
maintainers = with maintainers; [ emery ];
|
||||
maintainers = with maintainers; [ ehmry ];
|
||||
license = licenses.gpl2;
|
||||
platforms = platforms.all;
|
||||
};
|
||||
|
@ -1,12 +1,12 @@
|
||||
{ stdenv, fetchurl, alsaLib, gtk, pkgconfig }:
|
||||
|
||||
let version = "5417"; in
|
||||
stdenv.mkDerivation {
|
||||
stdenv.mkDerivation rec {
|
||||
name = "praat-${version}";
|
||||
version = "5.4.17";
|
||||
|
||||
src = fetchurl {
|
||||
url = "http://www.fon.hum.uva.nl/praat/praat${version}_sources.tar.gz";
|
||||
sha256 = "1bspl963pb1s6k3cd9p3g5j518pxg6hkrann945lqsrvbzaa20kl";
|
||||
url = "https://github.com/praat/praat/archive/v${version}.tar.gz";
|
||||
sha256 = "0s2hrksghg686059vc90h3ywhd2702pqcvy99icw27q5mdk6dqsx";
|
||||
};
|
||||
|
||||
configurePhase = ''
|
||||
|
@ -1,20 +1,20 @@
|
||||
{ stdenv, fetchurl, alsaLib, boost, cairo, cmake, fftwSinglePrec, fltk
|
||||
, libjack2, libsndfile, lv2, mesa, minixml, pkgconfig, zlib, xorg
|
||||
, libjack2, libsndfile, readline, lv2, mesa, minixml, pkgconfig, zlib, xorg
|
||||
}:
|
||||
|
||||
assert stdenv ? glibc;
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "yoshimi-${version}";
|
||||
version = "1.3.6";
|
||||
version = "1.3.7.1";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://sourceforge/yoshimi/${name}.tar.bz2";
|
||||
sha256 = "0c2y59m945rrspnwdxmixk92z9nfiayxdxh582gf15nj8bvkh1l6";
|
||||
sha256 = "13xc1x8jrr2rn26jx4dini692ww3771d5j5xf7f56ixqr7mmdhvz";
|
||||
};
|
||||
|
||||
buildInputs = [
|
||||
alsaLib boost cairo fftwSinglePrec fltk libjack2 libsndfile lv2 mesa
|
||||
alsaLib boost cairo fftwSinglePrec fltk libjack2 libsndfile readline lv2 mesa
|
||||
minixml zlib xorg.libpthreadstubs
|
||||
];
|
||||
|
||||
@ -22,7 +22,7 @@ stdenv.mkDerivation rec {
|
||||
|
||||
preConfigure = "cd src";
|
||||
|
||||
cmakeFlags = [ "-DFLTK_MATH_LIBRARY=${stdenv.glibc}/lib/libm.so" ];
|
||||
cmakeFlags = [ "-DFLTK_MATH_LIBRARY=${stdenv.glibc}/lib/libm.so -DCMAKE_INSTALL_DATAROOTDIR=$out" ];
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "high quality software synthesizer based on ZynAddSubFX";
|
||||
|
@ -8,7 +8,7 @@ stdenv.mkDerivation rec {
|
||||
url = "https://github.com/zamaudio/zam-plugins.git";
|
||||
deepClone = true;
|
||||
rev = "91fe56931a3e57b80f18c740d2dde6b44f962aee";
|
||||
sha256 = "17slpywjs04xbcylyqjg6kqbpqwqbigf843y437yfvj1ar6ir1jp";
|
||||
sha256 = "0n29zxg4l2m3jsnfw6q2alyzaw7ibbv9nvk57k07sv3lh2yy3f30";
|
||||
};
|
||||
|
||||
buildInputs = [ boost libX11 mesa liblo libjack2 ladspaH lv2 pkgconfig rubberband libsndfile ];
|
||||
|
@ -1,54 +1,85 @@
|
||||
{ stdenv, fetchpatch, makeQtWrapper, fetchFromGitHub, cmake, pkgconfig, libxcb, libpthreadstubs
|
||||
, libXdmcp, libXau, qtbase, qtdeclarative, qttools, pam, systemd }:
|
||||
{ stdenv, makeQtWrapper, fetchFromGitHub
|
||||
, cmake, pkgconfig, libxcb, libpthreadstubs, lndir
|
||||
, libXdmcp, libXau, qtbase, qtdeclarative, qttools, pam, systemd
|
||||
, themes
|
||||
}:
|
||||
|
||||
let
|
||||
version = "0.13.0";
|
||||
|
||||
unwrapped = stdenv.mkDerivation rec {
|
||||
name = "sddm-unwrapped-${version}";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "sddm";
|
||||
repo = "sddm";
|
||||
rev = "v${version}";
|
||||
sha256 = "0c3q8lpb123m9k5x3i71mm8lmyzhknw77zxh89yfl8qmn6zd61i1";
|
||||
};
|
||||
|
||||
patches = [
|
||||
./0001-ignore-config-mtime.patch
|
||||
./0002-fix-ConfigReader-QStringList-corruption.patch
|
||||
];
|
||||
|
||||
nativeBuildInputs = [ cmake pkgconfig qttools ];
|
||||
|
||||
buildInputs = [
|
||||
libxcb libpthreadstubs libXdmcp libXau qtbase qtdeclarative pam systemd
|
||||
];
|
||||
|
||||
cmakeFlags = [
|
||||
"-DCONFIG_FILE=/etc/sddm.conf"
|
||||
# Set UID_MIN and UID_MAX so that the build script won't try
|
||||
# to read them from /etc/login.defs (fails in chroot).
|
||||
# The values come from NixOS; they may not be appropriate
|
||||
# for running SDDM outside NixOS, but that configuration is
|
||||
# not supported anyway.
|
||||
"-DUID_MIN=1000"
|
||||
"-DUID_MAX=29999"
|
||||
];
|
||||
|
||||
preConfigure = ''
|
||||
export cmakeFlags="$cmakeFlags -DQT_IMPORTS_DIR=$out/lib/qt5/qml -DCMAKE_INSTALL_SYSCONFDIR=$out/etc -DSYSTEMD_SYSTEM_UNIT_DIR=$out/lib/systemd/system"
|
||||
'';
|
||||
|
||||
enableParallelBuilding = true;
|
||||
|
||||
postInstall = ''
|
||||
# remove empty scripts
|
||||
rm "$out/share/sddm/scripts/Xsetup" "$out/share/sddm/scripts/Xstop"
|
||||
'';
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "QML based X11 display manager";
|
||||
homepage = https://github.com/sddm/sddm;
|
||||
platforms = platforms.linux;
|
||||
maintainers = with maintainers; [ abbradar ttuegel ];
|
||||
};
|
||||
};
|
||||
|
||||
in
|
||||
stdenv.mkDerivation rec {
|
||||
|
||||
stdenv.mkDerivation {
|
||||
name = "sddm-${version}";
|
||||
phases = "installPhase";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "sddm";
|
||||
repo = "sddm";
|
||||
rev = "v${version}";
|
||||
sha256 = "0c3q8lpb123m9k5x3i71mm8lmyzhknw77zxh89yfl8qmn6zd61i1";
|
||||
};
|
||||
nativeBuildInputs = [ lndir makeQtWrapper ];
|
||||
buildInputs = [ unwrapped ] ++ themes;
|
||||
inherit themes;
|
||||
inherit unwrapped;
|
||||
|
||||
patches = [
|
||||
./0001-ignore-config-mtime.patch
|
||||
./0002-fix-ConfigReader-QStringList-corruption.patch
|
||||
];
|
||||
installPhase = ''
|
||||
makeQtWrapper "$unwrapped/bin/sddm" "$out/bin/sddm"
|
||||
|
||||
nativeBuildInputs = [ cmake makeQtWrapper pkgconfig qttools ];
|
||||
|
||||
buildInputs = [ libxcb libpthreadstubs libXdmcp libXau qtbase qtdeclarative pam systemd ];
|
||||
|
||||
cmakeFlags = [
|
||||
"-DCONFIG_FILE=/etc/sddm.conf"
|
||||
# Set UID_MIN and UID_MAX so that the build script won't try
|
||||
# to read them from /etc/login.defs (fails in chroot).
|
||||
# The values come from NixOS; they may not be appropriate
|
||||
# for running SDDM outside NixOS, but that configuration is
|
||||
# not supported anyway.
|
||||
"-DUID_MIN=1000"
|
||||
"-DUID_MAX=29999"
|
||||
];
|
||||
|
||||
preConfigure = ''
|
||||
export cmakeFlags="$cmakeFlags -DQT_IMPORTS_DIR=$out/lib/qt5/qml -DCMAKE_INSTALL_SYSCONFDIR=$out/etc -DSYSTEMD_SYSTEM_UNIT_DIR=$out/lib/systemd/system"
|
||||
mkdir -p "$out/share/sddm"
|
||||
for pkg in $unwrapped $themes; do
|
||||
local sddmDir="$pkg/share/sddm"
|
||||
if [[ -d "$sddmDir" ]]; then
|
||||
lndir -silent "$sddmDir" "$out/share/sddm"
|
||||
fi
|
||||
done
|
||||
'';
|
||||
|
||||
postInstall = ''
|
||||
wrapQtProgram $out/bin/sddm
|
||||
wrapQtProgram $out/bin/sddm-greeter
|
||||
'';
|
||||
|
||||
enableParallelBuilding = true;
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "QML based X11 display manager";
|
||||
homepage = https://github.com/sddm/sddm;
|
||||
platforms = platforms.linux;
|
||||
maintainers = with maintainers; [ abbradar ];
|
||||
};
|
||||
inherit (unwrapped) meta;
|
||||
}
|
||||
|
@ -16,11 +16,11 @@ let
|
||||
};
|
||||
in stdenv.mkDerivation rec {
|
||||
name = "atom-${version}";
|
||||
version = "1.2.0";
|
||||
version = "1.3.1";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/atom/atom/releases/download/v${version}/atom-amd64.deb";
|
||||
sha256 = "05s3kvsz6pzh4gm22aaps1nccp76skfshdzlqwg0qn0ljz58sdqh";
|
||||
sha256 = "17q5vrvjsyxcd8favp0sldfvhcwr0ba6ws32df6iv2iyla5h94y1";
|
||||
name = "${name}.deb";
|
||||
};
|
||||
|
||||
|
@ -335,16 +335,16 @@ rec {
|
||||
|
||||
testng = buildEclipsePlugin rec {
|
||||
name = "testng-${version}";
|
||||
version = "6.9.10.201511281504";
|
||||
version = "6.9.10.201512020421";
|
||||
|
||||
srcFeature = fetchurl {
|
||||
url = "http://beust.com/eclipse/features/org.testng.eclipse_${version}.jar";
|
||||
sha256 = "1kjaifa1fc16yh82bzp5xa5pn3kgrpgc5jq55lyvgz29vjj6ss97";
|
||||
url = "http://beust.com/eclipse-old/eclipse_${version}/features/org.testng.eclipse_${version}.jar";
|
||||
sha256 = "17y0cb1xprldjav14iy2sinv7lcw4xnjs2fwz9gl41m9m1c0hajk";
|
||||
};
|
||||
|
||||
srcPlugin = fetchurl {
|
||||
url = "http://beust.com/eclipse/plugins/org.testng.eclipse_${version}.jar";
|
||||
sha256 = "1njz4ynjwnhjjbsszfgqyjn2ixxzjv8qvnc7dqz8jldrz3jrjf07";
|
||||
url = "http://beust.com/eclipse-old/eclipse_${version}/plugins/org.testng.eclipse_${version}.jar";
|
||||
sha256 = "1iwq0ifk9l56z11vhy5yscvl8l1xk6igkp103v9vwvcx6nlmkfgc";
|
||||
};
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
|
13
pkgs/applications/editors/emacs-25/at-fdcwd.patch
Normal file
13
pkgs/applications/editors/emacs-25/at-fdcwd.patch
Normal file
@ -0,0 +1,13 @@
|
||||
diff --git a/lib/careadlinkat.h b/lib/careadlinkat.h
|
||||
index 5cdb813..7a272e8 100644
|
||||
--- a/lib/careadlinkat.h
|
||||
+++ b/lib/careadlinkat.h
|
||||
@@ -23,6 +23,8 @@
|
||||
#include <fcntl.h>
|
||||
#include <unistd.h>
|
||||
|
||||
+#define AT_FDCWD -2
|
||||
+
|
||||
struct allocator;
|
||||
|
||||
/* Assuming the current directory is FD, get the symbolic link value
|
38
pkgs/applications/editors/emacs-25/builder.sh
Normal file
38
pkgs/applications/editors/emacs-25/builder.sh
Normal file
@ -0,0 +1,38 @@
|
||||
source $stdenv/setup
|
||||
|
||||
# This hook is supposed to be run on Linux. It patches the proper locations of
|
||||
# the crt{1,i,n}.o files into the build to ensure that Emacs is linked with
|
||||
# *our* versions, not the ones found in the system, as it would do by default.
|
||||
# On other platforms, this appears to be unnecessary.
|
||||
preConfigure() {
|
||||
for i in Makefile.in ./src/Makefile.in ./lib-src/Makefile.in ./leim/Makefile.in; do
|
||||
substituteInPlace $i --replace /bin/pwd pwd
|
||||
done
|
||||
|
||||
case "${system}" in
|
||||
x86_64-linux) glibclibdir=lib64 ;;
|
||||
i686-linux) glibclibdir=lib ;;
|
||||
*) return;
|
||||
esac
|
||||
|
||||
libc=$(cat ${NIX_CC}/nix-support/orig-libc)
|
||||
echo "libc: $libc"
|
||||
|
||||
for i in src/s/*.h src/m/*.h; do
|
||||
substituteInPlace $i \
|
||||
--replace /usr/${glibclibdir}/crt1.o $libc/${glibclibdir}/crt1.o \
|
||||
--replace /usr/${glibclibdir}/crti.o $libc/${glibclibdir}/crti.o \
|
||||
--replace /usr/${glibclibdir}/crtn.o $libc/${glibclibdir}/crtn.o \
|
||||
--replace /usr/lib/crt1.o $libc/${glibclibdir}/crt1.o \
|
||||
--replace /usr/lib/crti.o $libc/${glibclibdir}/crti.o \
|
||||
--replace /usr/lib/crtn.o $libc/${glibclibdir}/crtn.o
|
||||
done
|
||||
}
|
||||
|
||||
preInstall () {
|
||||
for i in Makefile.in ./src/Makefile.in ./lib-src/Makefile.in ./leim/Makefile.in; do
|
||||
substituteInPlace $i --replace /bin/pwd pwd
|
||||
done
|
||||
}
|
||||
|
||||
genericBuild
|
113
pkgs/applications/editors/emacs-25/default.nix
Normal file
113
pkgs/applications/editors/emacs-25/default.nix
Normal file
@ -0,0 +1,113 @@
|
||||
{ stdenv, fetchgit, ncurses, xlibsWrapper, libXaw, libXpm, Xaw3d
|
||||
, pkgconfig, gettext, libXft, dbus, libpng, libjpeg, libungif
|
||||
, libtiff, librsvg, texinfo, gconf, libxml2, imagemagick, gnutls
|
||||
, alsaLib, cairo, acl, gpm, AppKit, Foundation, libobjc
|
||||
, autoconf, automake
|
||||
, withX ? !stdenv.isDarwin
|
||||
, withGTK3 ? false, gtk3 ? null
|
||||
, withGTK2 ? true, gtk2
|
||||
}:
|
||||
|
||||
assert (libXft != null) -> libpng != null; # probably a bug
|
||||
assert stdenv.isDarwin -> libXaw != null; # fails to link otherwise
|
||||
assert withGTK2 -> withX || stdenv.isDarwin;
|
||||
assert withGTK3 -> withX || stdenv.isDarwin;
|
||||
assert withGTK2 -> !withGTK3 && gtk2 != null;
|
||||
assert withGTK3 -> !withGTK2 && gtk3 != null;
|
||||
|
||||
let
|
||||
toolkit =
|
||||
if withGTK3 then "gtk3"
|
||||
else if withGTK2 then "gtk2"
|
||||
else "lucid";
|
||||
in
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "emacs-25.0.50-1b5630e";
|
||||
|
||||
builder = ./builder.sh;
|
||||
|
||||
src = fetchgit {
|
||||
url = "git://git.savannah.gnu.org/emacs.git";
|
||||
rev = "1b5630eb47d3f4bade09708c958ab006b83b3fc0";
|
||||
sha256 = "0n3qbri84akmy7ad1pbv89j4jn4x9pnkz0p4nbhh6m1c37cbz58l";
|
||||
};
|
||||
|
||||
patches = stdenv.lib.optionals stdenv.isDarwin [
|
||||
./at-fdcwd.patch
|
||||
];
|
||||
|
||||
postPatch = ''
|
||||
sed -i 's|/usr/share/locale|${gettext}/share/locale|g' lisp/international/mule-cmds.el
|
||||
'';
|
||||
|
||||
buildInputs =
|
||||
[ ncurses gconf libxml2 gnutls alsaLib pkgconfig texinfo acl gpm gettext
|
||||
autoconf automake ]
|
||||
++ stdenv.lib.optional stdenv.isLinux dbus
|
||||
++ stdenv.lib.optionals withX
|
||||
[ xlibsWrapper libXaw Xaw3d libXpm libpng libjpeg libungif libtiff librsvg libXft
|
||||
imagemagick gconf ]
|
||||
++ stdenv.lib.optional (withX && withGTK2) gtk2
|
||||
++ stdenv.lib.optional (withX && withGTK3) gtk3
|
||||
++ stdenv.lib.optional (stdenv.isDarwin && withX) cairo;
|
||||
|
||||
propagatedBuildInputs = stdenv.lib.optionals stdenv.isDarwin [ AppKit Foundation libobjc
|
||||
];
|
||||
|
||||
NIX_LDFLAGS = stdenv.lib.optional stdenv.isDarwin
|
||||
"/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation";
|
||||
|
||||
configureFlags =
|
||||
if stdenv.isDarwin
|
||||
then [ "--with-ns" "--disable-ns-self-contained" ]
|
||||
else if withX
|
||||
then [ "--with-x-toolkit=${toolkit}" "--with-xft" ]
|
||||
else [ "--with-x=no" "--with-xpm=no" "--with-jpeg=no" "--with-png=no"
|
||||
"--with-gif=no" "--with-tiff=no" ];
|
||||
|
||||
NIX_CFLAGS_COMPILE = stdenv.lib.optionalString (stdenv.isDarwin && withX)
|
||||
"-I${cairo}/include/cairo";
|
||||
|
||||
preBuild = ''
|
||||
find . -name '*.elc' -delete
|
||||
'';
|
||||
|
||||
postInstall = ''
|
||||
mkdir -p $out/share/emacs/site-lisp/
|
||||
cp ${./site-start.el} $out/share/emacs/site-lisp/site-start.el
|
||||
'' + stdenv.lib.optionalString stdenv.isDarwin ''
|
||||
mkdir -p $out/Applications
|
||||
mv nextstep/Emacs.app $out/Applications
|
||||
'';
|
||||
|
||||
doCheck = !stdenv.isDarwin;
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "GNU Emacs 25 (pre), the extensible, customizable text editor";
|
||||
homepage = http://www.gnu.org/software/emacs/;
|
||||
license = licenses.gpl3Plus;
|
||||
maintainers = with maintainers; [ chaoflow lovek323 simons the-kenny ];
|
||||
platforms = platforms.all;
|
||||
|
||||
# So that Exuberant ctags is preferred
|
||||
priority = 1;
|
||||
|
||||
longDescription = ''
|
||||
GNU Emacs is an extensible, customizable text editor—and more. At its
|
||||
core is an interpreter for Emacs Lisp, a dialect of the Lisp
|
||||
programming language with extensions to support text editing.
|
||||
|
||||
The features of GNU Emacs include: content-sensitive editing modes,
|
||||
including syntax coloring, for a wide variety of file types including
|
||||
plain text, source code, and HTML; complete built-in documentation,
|
||||
including a tutorial for new users; full Unicode support for nearly all
|
||||
human languages and their scripts; highly customizable, using Emacs
|
||||
Lisp code or a graphical interface; a large number of extensions that
|
||||
add other functionality, including a project planner, mail and news
|
||||
reader, debugger interface, calendar, and more. Many of these
|
||||
extensions are distributed with GNU Emacs; others are available
|
||||
separately.
|
||||
'';
|
||||
};
|
||||
}
|
17
pkgs/applications/editors/emacs-25/site-start.el
Normal file
17
pkgs/applications/editors/emacs-25/site-start.el
Normal file
@ -0,0 +1,17 @@
|
||||
;; NixOS specific load-path
|
||||
(setq load-path
|
||||
(append (reverse (mapcar (lambda (x) (concat x "/share/emacs/site-lisp/"))
|
||||
(split-string (or (getenv "NIX_PROFILES") ""))))
|
||||
load-path))
|
||||
|
||||
;;; Make `woman' find the man pages
|
||||
(eval-after-load 'woman
|
||||
'(setq woman-manpath
|
||||
(append (reverse (mapcar (lambda (x) (concat x "/share/man/"))
|
||||
(split-string (or (getenv "NIX_PROFILES") ""))))
|
||||
woman-manpath)))
|
||||
|
||||
;; Make tramp work for remote NixOS machines
|
||||
;;; NOTE: You might want to add
|
||||
(eval-after-load 'tramp
|
||||
'(add-to-list 'tramp-remote-path "/run/current-system/sw/bin"))
|
1337
pkgs/applications/editors/emacs-modes/elpa-packages.json
Normal file
1337
pkgs/applications/editors/emacs-modes/elpa-packages.json
Normal file
File diff suppressed because it is too large
Load Diff
42
pkgs/applications/editors/emacs-modes/elpa-packages.nix
Normal file
42
pkgs/applications/editors/emacs-modes/elpa-packages.nix
Normal file
@ -0,0 +1,42 @@
|
||||
pkgs: with pkgs;
|
||||
|
||||
let
|
||||
|
||||
inherit (stdenv.lib) makeScope mapAttrs;
|
||||
|
||||
json = builtins.readFile ./elpa-packages.json;
|
||||
manifest = builtins.fromJSON json;
|
||||
|
||||
mkPackage = self: name: recipe:
|
||||
let drv =
|
||||
{ elpaBuild, stdenv, fetchurl }:
|
||||
let fetch = { inherit fetchurl; }."${recipe.fetch.tag}"
|
||||
or (abort "emacs-${name}: unknown fetcher '${recipe.fetch.tag}'");
|
||||
args = builtins.removeAttrs recipe.fetch [ "tag" ];
|
||||
src = fetch args;
|
||||
in elpaBuild {
|
||||
pname = name;
|
||||
inherit (recipe) version;
|
||||
inherit src;
|
||||
deps =
|
||||
let lookupDep = d:
|
||||
self."${d}" or (abort "emacs-${name}: missing dependency ${d}");
|
||||
in map lookupDep recipe.deps;
|
||||
meta = {
|
||||
homepage = "http://elpa.gnu.org/packages/${name}.html";
|
||||
license = stdenv.lib.licenses.free;
|
||||
};
|
||||
};
|
||||
in self.callPackage drv {};
|
||||
|
||||
packages = self:
|
||||
let
|
||||
elpaPackages = mapAttrs (mkPackage self) manifest;
|
||||
|
||||
elpaBuild = import ../../../build-support/emacs/melpa.nix {
|
||||
inherit (pkgs) lib stdenv fetchurl texinfo;
|
||||
inherit (self) emacs;
|
||||
};
|
||||
in elpaPackages // { inherit elpaBuild elpaPackages; };
|
||||
|
||||
in makeScope pkgs.newScope packages
|
@ -297,13 +297,13 @@ in
|
||||
|
||||
phpstorm = buildPhpStorm rec {
|
||||
name = "phpstorm-${version}";
|
||||
version = "9.0";
|
||||
build = "PS-141.1912";
|
||||
version = "10.0.1";
|
||||
build = "PS-143.382";
|
||||
description = "Professional IDE for Web and PHP developers";
|
||||
license = stdenv.lib.licenses.unfree;
|
||||
src = fetchurl {
|
||||
url = "https://download.jetbrains.com/webide/PhpStorm-${version}.tar.gz";
|
||||
sha256 = "1n6p8xiv0nrs6yf0250mpga291msnrfamv573dva9f17cc3df2pp";
|
||||
sha256 = "12bqil8pxzmbv8a7pxn2529ph2x7szr3wvkvgxaisydm463kpdk8";
|
||||
};
|
||||
};
|
||||
|
||||
@ -311,7 +311,7 @@ in
|
||||
name = "webstorm-${version}";
|
||||
version = "10.0.4";
|
||||
build = "141.1550";
|
||||
description = "Professional IDE for Web and JavaScript devlopment";
|
||||
description = "Professional IDE for Web and JavaScript development";
|
||||
license = stdenv.lib.licenses.unfree;
|
||||
src = fetchurl {
|
||||
url = "https://download.jetbrains.com/webstorm/WebStorm-${version}.tar.gz";
|
||||
|
@ -15,15 +15,15 @@ with stdenv.lib;
|
||||
|
||||
let
|
||||
|
||||
version = "0.1.0";
|
||||
version = "0.1.1";
|
||||
|
||||
# Note: this is NOT the libvterm already in nixpkgs, but some NIH silliness:
|
||||
neovimLibvterm = let version = "2015-02-23"; in stdenv.mkDerivation {
|
||||
neovimLibvterm = let version = "2015-11-06"; in stdenv.mkDerivation {
|
||||
name = "neovim-libvterm-${version}";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
sha256 = "0i2h74jrx4fy90sv57xj8g4lbjjg4nhrq2rv6rz576fmqfpllcc5";
|
||||
rev = "20ad1396c178c72873aeeb2870bd726f847acb70";
|
||||
sha256 = "0f9r0wnr9ajcdd6as24igmch0n8s1annycb9f4k0vg6fngwaypy9";
|
||||
rev = "04781d37ce5af3f580376dc721bd3b89c434966b";
|
||||
repo = "libvterm";
|
||||
owner = "neovim";
|
||||
};
|
||||
@ -63,7 +63,7 @@ let
|
||||
name = "neovim-${version}";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
sha256 = "1704f3dqf5p6hicpzf0pi21n6ymylra9prsm4azvqp86allmvnfx";
|
||||
sha256 = "0crswjslp687yp1cpn7nmm0j2sccqhcxryzxv1s81cgpai0fzf60";
|
||||
rev = "v${version}";
|
||||
repo = "neovim";
|
||||
owner = "neovim";
|
||||
|
@ -69,7 +69,7 @@ stdenv.mkDerivation {
|
||||
{ description = "Set of integrated tools for the R language";
|
||||
homepage = http://www.rstudio.com/;
|
||||
license = licenses.agpl3;
|
||||
maintainers = [ maintainers.emery ];
|
||||
maintainers = [ maintainers.ehmry ];
|
||||
platforms = platforms.linux;
|
||||
};
|
||||
}
|
||||
|
@ -49,6 +49,6 @@ stdenv.mkDerivation rec {
|
||||
|
||||
maintainers = with maintainers; [ pSub ];
|
||||
|
||||
platforms = platforms.linux;
|
||||
platforms = platforms.unix;
|
||||
};
|
||||
}
|
||||
|
39
pkgs/applications/graphics/awesomebump/default.nix
Normal file
39
pkgs/applications/graphics/awesomebump/default.nix
Normal file
@ -0,0 +1,39 @@
|
||||
{ lib, stdenv, fetchurl, qt5, makeWrapper }:
|
||||
|
||||
stdenv.mkDerivation {
|
||||
name = "awesomebump-4.0";
|
||||
|
||||
src = fetchurl {
|
||||
url = https://github.com/kmkolasinski/AwesomeBump/archive/Linuxv4.0.tar.gz;
|
||||
sha256 = "1rp4m4y2ld49hibzwqwy214cbiin80i882d9l0y1znknkdcclxf2";
|
||||
};
|
||||
|
||||
setSourceRoot = "sourceRoot=$(echo */Sources)";
|
||||
|
||||
buildInputs = [ qt5.base makeWrapper ];
|
||||
|
||||
preBuild = "qmake";
|
||||
|
||||
enableParallelBuilding = true;
|
||||
|
||||
installPhase =
|
||||
''
|
||||
d=$out/libexec/AwesomeBump
|
||||
mkdir -p $d $out/bin
|
||||
cp AwesomeBump $d/
|
||||
cp -prd ../Bin/Configs ../Bin/Core $d/
|
||||
|
||||
# AwesomeBump expects to find Core and Configs in its current
|
||||
# directory.
|
||||
makeWrapper $d/AwesomeBump $out/bin/AwesomeBump \
|
||||
--run "cd $d"
|
||||
'';
|
||||
|
||||
meta = {
|
||||
homepage = https://github.com/kmkolasinski/AwesomeBump;
|
||||
description = "A program to generate normal, height, specular or ambient occlusion textures from a single image";
|
||||
license = lib.licenses.gpl3Plus;
|
||||
maintainers = [ lib.maintainers.eelco ];
|
||||
platforms = lib.platforms.linux;
|
||||
};
|
||||
}
|
19
pkgs/applications/graphics/fontmatrix/default.nix
Normal file
19
pkgs/applications/graphics/fontmatrix/default.nix
Normal file
@ -0,0 +1,19 @@
|
||||
{ stdenv, fetchurl, cmake, qt4 }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "fontmatrix-0.6.0";
|
||||
src = fetchurl {
|
||||
url = "http://fontmatrix.be/archives/${name}-Source.tar.gz";
|
||||
sha256 = "bcc5e929d95d2a0c9481d185144095c4e660255220a7ae6640298163ee77042c";
|
||||
};
|
||||
|
||||
buildInputs = [ qt4 ];
|
||||
|
||||
nativeBuildInputs = [ cmake ];
|
||||
|
||||
meta = {
|
||||
description = "Fontmatrix is a free/libre font explorer for Linux, Windows and Mac";
|
||||
homepage = http://fontmatrix.be/;
|
||||
license = stdenv.lib.licenses.gpl2;
|
||||
};
|
||||
}
|
@ -4,13 +4,13 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "imv-${version}";
|
||||
version = "1.0.0";
|
||||
version = "1.1.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "eXeC64";
|
||||
repo = "imv";
|
||||
rev = "f2ce793d628e88825eff3364b293104cb0bdb582";
|
||||
sha256 = "1xqaqbfjgksbjmy1yy7q4sv5bak7w8va60xa426jzscy9cib2sgh";
|
||||
rev = "4d1a6d581b70b25d9533c5c788aab6900ebf82bb";
|
||||
sha256 = "1c5r4pqqypir8ymicxyn2k7mhq8nl88b3x6giaafd77ssjn0vz9r";
|
||||
};
|
||||
|
||||
buildInputs = [ SDL2 freeimage ];
|
||||
@ -20,7 +20,7 @@ stdenv.mkDerivation rec {
|
||||
meta = with stdenv.lib; {
|
||||
description = "A command line image viewer for tiling window managers";
|
||||
homepage = https://github.com/eXeC64/imv;
|
||||
license = licenses.mit;
|
||||
license = licenses.gpl2;
|
||||
maintainers = with maintainers; [ rnhmjoj ];
|
||||
platforms = platforms.unix;
|
||||
};
|
||||
|
@ -1,13 +1,14 @@
|
||||
{ stdenv, fetchurl, pkgconfig, zlib, qt4, freetype, cairo, lua5, texLive, ghostscriptX
|
||||
, libjpeg
|
||||
, makeWrapper }:
|
||||
let ghostscript = ghostscriptX; in
|
||||
{ stdenv, fetchurl, pkgconfig, zlib, freetype, cairo, lua5, texlive, ghostscript
|
||||
, libjpeg, qtbase
|
||||
, makeQtWrapper
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "ipe-7.1.8";
|
||||
name = "ipe-7.1.10";
|
||||
|
||||
src = fetchurl {
|
||||
url = "http://github.com/otfried/ipe/raw/master/releases/7.1/${name}-src.tar.gz";
|
||||
sha256 = "1zx6dyr1rb6m6rvawagg9f8bc2li9nbighv2dglzjbh11bxqsyva";
|
||||
url = "https://dl.bintray.com/otfried/generic/ipe/7.1/${name}-src.tar.gz";
|
||||
sha256 = "0kwk8l2jasb4fdixaca08g661d0sdmx2jkk3ch7pxh0f4xkdxkkz";
|
||||
};
|
||||
|
||||
# changes taken from Gentoo portage
|
||||
@ -21,16 +22,18 @@ stdenv.mkDerivation rec {
|
||||
'';
|
||||
|
||||
IPEPREFIX="$$out";
|
||||
URWFONTDIR="${texLive}/texmf-dist/fonts/type1/urw/";
|
||||
URWFONTDIR="${texlive}/texmf-dist/fonts/type1/urw/";
|
||||
LUA_PACKAGE = "lua";
|
||||
|
||||
buildInputs = [
|
||||
libjpeg pkgconfig zlib qt4 freetype cairo lua5 texLive ghostscript makeWrapper
|
||||
libjpeg pkgconfig zlib qtbase freetype cairo lua5 texlive ghostscript
|
||||
];
|
||||
|
||||
postInstall = ''
|
||||
nativeBuildInputs = [ makeQtWrapper ];
|
||||
|
||||
postFixup = ''
|
||||
for prog in $out/bin/*; do
|
||||
wrapProgram "$prog" --prefix PATH : "${texLive}/bin"
|
||||
wrapQtProgram "$prog" --prefix PATH : "${texlive}/bin"
|
||||
done
|
||||
'';
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
{ stdenv, fetchurl, buildPythonPackage, pygtk, pil, python27Packages }:
|
||||
{ stdenv, fetchurl, buildPythonPackage, python27Packages }:
|
||||
|
||||
buildPythonPackage rec {
|
||||
namePrefix = "";
|
||||
@ -9,7 +9,7 @@ buildPythonPackage rec {
|
||||
sha256 = "0k3pqbvk08kb1nr0qldaj9bc7ca6rvcycgfi2n7gqmsirq5kscys";
|
||||
};
|
||||
|
||||
pythonPath = [ pygtk pil python27Packages.sqlite3 ];
|
||||
propagatedBuildInputs = with python27Packages; [ pygtk pillow sqlite3 ];
|
||||
|
||||
meta = {
|
||||
description = "Image viewer designed to handle comic books";
|
||||
|
@ -1,4 +1,4 @@
|
||||
{ stdenv, fetchurl, buildPythonPackage, python, pygtk, pil, libX11, gettext }:
|
||||
{ stdenv, fetchurl, buildPythonPackage, python, pygtk, pillow, libX11, gettext }:
|
||||
|
||||
buildPythonPackage rec {
|
||||
namePrefix = "";
|
||||
@ -17,7 +17,7 @@ buildPythonPackage rec {
|
||||
sed -i "s@/usr/local/share/locale@$out/share/locale@" mirage.py
|
||||
'';
|
||||
|
||||
pythonPath = [ pygtk pil ];
|
||||
propagatedBuildInputs = [ pygtk pillow ];
|
||||
|
||||
meta = {
|
||||
description = "Simple image viewer written in PyGTK";
|
||||
|
@ -1,13 +1,12 @@
|
||||
{ stdenv, fetchurl, makeWrapper, xulrunner }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
version = "2.0.14";
|
||||
version = "2.0.15";
|
||||
name = "pencil-${version}";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/prikhi/pencil/releases/download/v${version}/Pencil-${version}-linux-pkg.tar.gz";
|
||||
sha256 = "59f46db863e6d95ee6987e600d658ad4b58b03b0744c5c6d17ce04f5ae92d260";
|
||||
|
||||
sha256 = "be338558b613f51506337a2c7c80f209e8644656c2925f41c294e2872feabc3b";
|
||||
};
|
||||
|
||||
buildPhase = "";
|
||||
|
@ -2,11 +2,11 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "potrace-${version}";
|
||||
version = "1.12";
|
||||
version = "1.13";
|
||||
|
||||
src = fetchurl {
|
||||
url = "http://potrace.sourceforge.net/download/${version}/potrace-${version}.tar.gz";
|
||||
sha256 = "0fqpfq5wwqz8j6pfh4p2pbflf6r86s4h63r8jawzrsyvpbbz3fxh";
|
||||
sha256 = "115p2vgyq7p2mf4nidk2x3aa341nvv2v8ml056vbji36df5l6lk2";
|
||||
};
|
||||
|
||||
configureFlags = [ "--with-libpotrace" ];
|
||||
|
@ -7,12 +7,12 @@ in
|
||||
assert hotplugSupport -> (stdenv.system == "i686-linux" || stdenv.system == "x86_64-linux");
|
||||
|
||||
stdenv.mkDerivation {
|
||||
name = "sane-backends-1.0.24.73-g6c4f6bc";
|
||||
name = "sane-backends-1.0.25-180-g6d8b8d5";
|
||||
|
||||
src = fetchgit {
|
||||
url = "git://alioth.debian.org/git/sane/sane-backends.git";
|
||||
rev = "6c4f6bc58615755dc734281703b594cea3ebf848";
|
||||
sha256 = "0f7lbv1rnr53n4rpihcd8dkfm01xvwfnx9i1nqaadrzbpvgkjrfa";
|
||||
rev = "6d8b8d5aa6e8da2b24e1caa42b9ea75e9624b45d";
|
||||
sha256 = "b5b2786eef835550e4a4522db05c8c81075b1a7aff5a66f1d4a498f6efe0ef03";
|
||||
};
|
||||
|
||||
udevSupport = hotplugSupport;
|
||||
@ -38,12 +38,19 @@ stdenv.mkDerivation {
|
||||
"echo epson2 > \${out}/etc/sane.d/dll.conf"
|
||||
else "";
|
||||
|
||||
meta = {
|
||||
meta = with stdenv.lib; {
|
||||
homepage = "http://www.sane-project.org/";
|
||||
description = "Scanner Access Now Easy";
|
||||
license = stdenv.lib.licenses.gpl2Plus;
|
||||
description = "SANE (Scanner Access Now Easy) backends";
|
||||
longDescription = ''
|
||||
Collection of open-source SANE backends (device drivers).
|
||||
SANE is a universal scanner interface providing standardized access to
|
||||
any raster image scanner hardware: flatbed scanners, hand-held scanners,
|
||||
video- and still-cameras, frame-grabbers, etc. For a list of supported
|
||||
scanners, see http://www.sane-project.org/sane-backends.html.
|
||||
'';
|
||||
license = licenses.gpl2Plus;
|
||||
|
||||
maintainers = [ stdenv.lib.maintainers.simons ];
|
||||
platforms = stdenv.lib.platforms.linux;
|
||||
maintainers = with maintainers; [ nckx simons ];
|
||||
platforms = platforms.linux;
|
||||
};
|
||||
}
|
||||
|
@ -8,16 +8,16 @@ let
|
||||
firmware = gt68xxFirmware { inherit fetchurl; };
|
||||
in
|
||||
stdenv.mkDerivation rec {
|
||||
version = "1.0.24";
|
||||
version = "1.0.25";
|
||||
name = "sane-backends-${version}";
|
||||
|
||||
src = fetchurl {
|
||||
urls = [
|
||||
"http://pkgs.fedoraproject.org/repo/pkgs/sane-backends/sane-backends-1.0.24.tar.gz/1ca68e536cd7c1852322822f5f6ac3a4/${name}.tar.gz"
|
||||
"https://alioth.debian.org/frs/download.php/file/3958/${name}.tar.gz"
|
||||
"http://pkgs.fedoraproject.org/repo/pkgs/sane-backends/sane-backends-1.0.25.tar.gz/f9ed5405b3c12f07c6ca51ee60225fe7/${name}.tar.gz"
|
||||
"https://alioth.debian.org/frs/download.php/file/4146/${name}.tar.gz"
|
||||
];
|
||||
curlOpts = "--insecure";
|
||||
sha256 = "0ba68m6bzni54axjk15i51rya7hfsdliwvqyan5msl7iaid0iir7";
|
||||
sha256 = "0b3fvhrxl4l82bf3v0j47ypjv6a0k5lqbgknrq1agpmjca6vmmx4";
|
||||
};
|
||||
|
||||
outputs = [ "out" "doc" "man" ];
|
||||
@ -49,12 +49,19 @@ stdenv.mkDerivation rec {
|
||||
" \${out}/share/sane/snapscan/your-firmwarefile.bin"
|
||||
else "";
|
||||
|
||||
meta = {
|
||||
meta = with stdenv.lib; {
|
||||
homepage = "http://www.sane-project.org/";
|
||||
description = "Scanner Access Now Easy";
|
||||
license = stdenv.lib.licenses.gpl2Plus;
|
||||
description = "SANE (Scanner Access Now Easy) backends";
|
||||
longDescription = ''
|
||||
Collection of open-source SANE backends (device drivers).
|
||||
SANE is a universal scanner interface providing standardized access to
|
||||
any raster image scanner hardware: flatbed scanners, hand-held scanners,
|
||||
video- and still-cameras, frame-grabbers, etc. For a list of supported
|
||||
scanners, see http://www.sane-project.org/sane-backends.html.
|
||||
'';
|
||||
license = licenses.gpl2Plus;
|
||||
|
||||
maintainers = [ stdenv.lib.maintainers.simons ];
|
||||
platforms = stdenv.lib.platforms.linux;
|
||||
maintainers = with maintainers; [ nckx simons ];
|
||||
platforms = platforms.linux;
|
||||
};
|
||||
}
|
||||
|
@ -1,18 +1,18 @@
|
||||
{ stdenv, fetchurl, cairo, colord, glib, gtk3, gusb, intltool, itstool, libusb
|
||||
, libxml2, makeWrapper, pkgconfig, saneBackends, systemd, vala }:
|
||||
{ stdenv, fetchurl, cairo, colord, glib, gtk3, gusb, intltool, itstool
|
||||
, libusb, libxml2, pkgconfig, saneBackends, vala, wrapGAppsHook }:
|
||||
|
||||
let version = "3.19.2"; in
|
||||
let version = "3.19.3"; in
|
||||
stdenv.mkDerivation rec {
|
||||
name = "simple-scan-${version}";
|
||||
|
||||
src = fetchurl {
|
||||
sha256 = "08454ky855iaiq5wn9rdbfal3i4fjss5fn5mg6cmags50wy9spsg";
|
||||
sha256 = "0il7ikd5hj9mgzrivm01g572g9101w8la58h3hjyakwcfw3jp976";
|
||||
url = "https://launchpad.net/simple-scan/3.19/${version}/+download/${name}.tar.xz";
|
||||
};
|
||||
|
||||
buildInputs = [ cairo colord glib gusb gtk3 libusb libxml2 saneBackends
|
||||
systemd vala ];
|
||||
nativeBuildInputs = [ intltool itstool makeWrapper pkgconfig ];
|
||||
vala ];
|
||||
nativeBuildInputs = [ intltool itstool pkgconfig wrapGAppsHook ];
|
||||
|
||||
configureFlags = [ "--disable-packagekit" ];
|
||||
|
||||
@ -25,11 +25,6 @@ stdenv.mkDerivation rec {
|
||||
|
||||
doCheck = true;
|
||||
|
||||
preFixup = ''
|
||||
wrapProgram "$out/bin/simple-scan" \
|
||||
--prefix XDG_DATA_DIRS : "$GSETTINGS_SCHEMAS_PATH"
|
||||
'';
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
inherit version;
|
||||
description = "Simple scanning utility";
|
||||
|
63
pkgs/applications/graphics/swingsane/default.nix
Normal file
63
pkgs/applications/graphics/swingsane/default.nix
Normal file
@ -0,0 +1,63 @@
|
||||
{ stdenv, fetchurl, makeDesktopItem, unzip, jre }:
|
||||
|
||||
let version = "0.2"; in
|
||||
stdenv.mkDerivation rec {
|
||||
name = "swingsane-${version}";
|
||||
|
||||
src = fetchurl {
|
||||
sha256 = "15pgqgyw46yd2i367ax9940pfyvinyw2m8apmwhrn0ix5nywa7ni";
|
||||
url = "mirror://sourceforge/swingsane/swingsane-${version}-bin.zip";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ unzip ];
|
||||
|
||||
phases = [ "unpackPhase" "installPhase" ];
|
||||
|
||||
installPhase = let
|
||||
|
||||
execWrapper = ''
|
||||
#!/bin/sh
|
||||
exec ${jre}/bin/java -jar $out/share/java/swingsane/swingsane-${version}.jar "$@"
|
||||
'';
|
||||
|
||||
desktopItem = makeDesktopItem {
|
||||
name = "swingsane";
|
||||
exec = "swingsane";
|
||||
icon = "swingsane";
|
||||
desktopName = "SwingSane";
|
||||
genericName = "Scan from local or remote SANE servers";
|
||||
comment = meta.description;
|
||||
categories = "Office;Application;";
|
||||
};
|
||||
|
||||
in ''
|
||||
install -v -m 755 -d $out/share/java/swingsane/
|
||||
install -v -m 644 *.jar $out/share/java/swingsane/
|
||||
|
||||
echo "${execWrapper}" > swingsane
|
||||
install -v -D -m 755 swingsane $out/bin/swingsane
|
||||
|
||||
unzip -j swingsane-${version}.jar "com/swingsane/images/*.png"
|
||||
install -v -D -m 644 swingsane_512x512.png $out/share/pixmaps/swingsane.png
|
||||
|
||||
cp -v -r ${desktopItem}/share/applications $out/share
|
||||
'';
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
inherit version;
|
||||
description = "Java GUI for SANE scanner servers (saned)";
|
||||
longDescription = ''
|
||||
SwingSane is a powerful, cross platform, open source Java front-end for
|
||||
using both local and remote Scanner Access Now Easy (SANE) servers.
|
||||
The most powerful feature is its ability to query back-ends for scanner
|
||||
specific options which can be set by the user as a scanner profile.
|
||||
It also has support for authentication, mutlicast DNS discovery,
|
||||
simultaneous scan jobs, image transformation jobs (deskew, binarize,
|
||||
crop, etc), PDF and PNG output.
|
||||
'';
|
||||
homepage = http://swingsane.com/;
|
||||
license = licenses.asl20;
|
||||
platforms = platforms.all;
|
||||
maintainers = with maintainers; [ nckx ];
|
||||
};
|
||||
}
|
@ -1,58 +0,0 @@
|
||||
{ kdeApp
|
||||
, lib
|
||||
, extra-cmake-modules
|
||||
, kdoctools
|
||||
, karchive
|
||||
, kconfig
|
||||
, kcrash
|
||||
, kdbusaddons
|
||||
, ki18n
|
||||
, kiconthemes
|
||||
, khtml
|
||||
, kio
|
||||
, kservice
|
||||
, kpty
|
||||
, kwidgetsaddons
|
||||
, libarchive
|
||||
, p7zip
|
||||
, unrar
|
||||
, unzipNLS
|
||||
, zip
|
||||
}:
|
||||
|
||||
let PATH = lib.makeSearchPath "bin" [
|
||||
p7zip unrar unzipNLS zip
|
||||
];
|
||||
in
|
||||
|
||||
kdeApp {
|
||||
name = "ark";
|
||||
nativeBuildInputs = [
|
||||
extra-cmake-modules
|
||||
kdoctools
|
||||
];
|
||||
buildInputs = [
|
||||
karchive
|
||||
kconfig
|
||||
kcrash
|
||||
kdbusaddons
|
||||
kiconthemes
|
||||
kservice
|
||||
kpty
|
||||
kwidgetsaddons
|
||||
libarchive
|
||||
];
|
||||
propagatedBuildInputs = [
|
||||
khtml
|
||||
ki18n
|
||||
kio
|
||||
];
|
||||
postInstall = ''
|
||||
wrapQtProgram "$out/bin/ark" \
|
||||
--prefix PATH : "${PATH}"
|
||||
'';
|
||||
meta = {
|
||||
license = with lib.licenses; [ gpl2 lgpl3 ];
|
||||
maintainers = [ lib.maintainers.ttuegel ];
|
||||
};
|
||||
}
|
@ -1,35 +0,0 @@
|
||||
{ kdeApp
|
||||
, lib
|
||||
, extra-cmake-modules
|
||||
, kdoctools
|
||||
, kconfig
|
||||
, kio
|
||||
, ki18n
|
||||
, kservice
|
||||
, kfilemetadata
|
||||
, baloo
|
||||
, kdelibs4support
|
||||
}:
|
||||
|
||||
kdeApp {
|
||||
name = "baloo-widgets";
|
||||
nativeBuildInputs = [
|
||||
extra-cmake-modules
|
||||
kdoctools
|
||||
];
|
||||
buildInputs = [
|
||||
kconfig
|
||||
kservice
|
||||
];
|
||||
propagatedBuildInputs = [
|
||||
baloo
|
||||
kdelibs4support
|
||||
kfilemetadata
|
||||
ki18n
|
||||
kio
|
||||
];
|
||||
meta = {
|
||||
license = [ lib.licenses.lgpl21 ];
|
||||
maintainers = [ lib.maintainers.ttuegel ];
|
||||
};
|
||||
}
|
@ -1,56 +0,0 @@
|
||||
# Maintainer's Notes:
|
||||
#
|
||||
# Minor updates:
|
||||
# 1. Edit ./manifest.sh to point to the updated URL. Upstream sometimes
|
||||
# releases updates that include only the changed packages; in this case,
|
||||
# multiple URLs can be provided and the results will be merged.
|
||||
# 2. Run ./manifest.sh and ./dependencies.sh.
|
||||
# 3. Build and enjoy.
|
||||
#
|
||||
# Major updates:
|
||||
# We prefer not to immediately overwrite older versions with major updates, so
|
||||
# make a copy of this directory first. After copying, be sure to delete ./tmp
|
||||
# if it exists. Then follow the minor update instructions.
|
||||
|
||||
{ pkgs, debug ? false }:
|
||||
|
||||
let
|
||||
|
||||
inherit (pkgs) lib stdenv;
|
||||
|
||||
srcs = import ./srcs.nix { inherit (pkgs) fetchurl; inherit mirror; };
|
||||
mirror = "mirror://kde";
|
||||
|
||||
kdeApp = import ./kde-app.nix {
|
||||
inherit stdenv lib;
|
||||
inherit debug srcs;
|
||||
};
|
||||
|
||||
packages = self: with self; {
|
||||
kdelibs = callPackage ./kdelibs { inherit (pkgs) attica phonon; };
|
||||
|
||||
ark = callPackage ./ark.nix {};
|
||||
baloo-widgets = callPackage ./baloo-widgets.nix {};
|
||||
dolphin = callPackage ./dolphin.nix {};
|
||||
dolphin-plugins = callPackage ./dolphin-plugins.nix {};
|
||||
ffmpegthumbs = callPackage ./ffmpegthumbs.nix {};
|
||||
gpgmepp = callPackage ./gpgmepp.nix {};
|
||||
gwenview = callPackage ./gwenview.nix {};
|
||||
kate = callPackage ./kate.nix {};
|
||||
kdegraphics-thumbnailers = callPackage ./kdegraphics-thumbnailers.nix {};
|
||||
kgpg = callPackage ./kgpg.nix { inherit (pkgs.kde4) kdepimlibs; };
|
||||
konsole = callPackage ./konsole.nix {};
|
||||
ksnapshot = callPackage ./ksnapshot.nix {};
|
||||
libkdcraw = callPackage ./libkdcraw.nix {};
|
||||
libkexiv2 = callPackage ./libkexiv2.nix {};
|
||||
libkipi = callPackage ./libkipi.nix {};
|
||||
okular = callPackage ./okular.nix {};
|
||||
oxygen-icons = callPackage ./oxygen-icons.nix {};
|
||||
print-manager = callPackage ./print-manager.nix {};
|
||||
|
||||
l10n = pkgs.recurseIntoAttrs (import ./l10n.nix { inherit callPackage lib pkgs; });
|
||||
};
|
||||
|
||||
newScope = scope: pkgs.kf515.newScope ({ inherit kdeApp; } // scope);
|
||||
|
||||
in lib.makeScope newScope packages
|
@ -1,31 +0,0 @@
|
||||
{ kdeApp
|
||||
, lib
|
||||
, extra-cmake-modules
|
||||
, kdoctools
|
||||
, kxmlgui
|
||||
, ki18n
|
||||
, kio
|
||||
, kdelibs4support
|
||||
, dolphin
|
||||
}:
|
||||
|
||||
kdeApp {
|
||||
name = "dolphin-plugins";
|
||||
nativeBuildInputs = [
|
||||
extra-cmake-modules
|
||||
kdoctools
|
||||
];
|
||||
buildInputs = [
|
||||
kxmlgui
|
||||
dolphin
|
||||
];
|
||||
propagatedBuildInputs = [
|
||||
kdelibs4support
|
||||
ki18n
|
||||
kio
|
||||
];
|
||||
meta = {
|
||||
license = [ lib.licenses.gpl2 ];
|
||||
maintainers = [ lib.maintainers.ttuegel ];
|
||||
};
|
||||
}
|
@ -1,70 +0,0 @@
|
||||
{ kdeApp
|
||||
, lib
|
||||
, extra-cmake-modules
|
||||
, kdoctools
|
||||
, makeQtWrapper
|
||||
, kinit
|
||||
, kcmutils
|
||||
, kcoreaddons
|
||||
, knewstuff
|
||||
, ki18n
|
||||
, kdbusaddons
|
||||
, kbookmarks
|
||||
, kconfig
|
||||
, kio
|
||||
, kparts
|
||||
, solid
|
||||
, kiconthemes
|
||||
, kcompletion
|
||||
, ktexteditor
|
||||
, kwindowsystem
|
||||
, knotifications
|
||||
, kactivities
|
||||
, phonon
|
||||
, baloo
|
||||
, baloo-widgets
|
||||
, kfilemetadata
|
||||
, kdelibs4support
|
||||
}:
|
||||
|
||||
kdeApp {
|
||||
name = "dolphin";
|
||||
nativeBuildInputs = [
|
||||
extra-cmake-modules
|
||||
kdoctools
|
||||
makeQtWrapper
|
||||
];
|
||||
buildInputs = [
|
||||
kinit
|
||||
kcmutils
|
||||
kcoreaddons
|
||||
knewstuff
|
||||
kdbusaddons
|
||||
kbookmarks
|
||||
kconfig
|
||||
kparts
|
||||
solid
|
||||
kiconthemes
|
||||
kcompletion
|
||||
knotifications
|
||||
phonon
|
||||
baloo-widgets
|
||||
];
|
||||
propagatedBuildInputs = [
|
||||
baloo
|
||||
kactivities
|
||||
kdelibs4support
|
||||
kfilemetadata
|
||||
ki18n
|
||||
kio
|
||||
ktexteditor
|
||||
kwindowsystem
|
||||
];
|
||||
postInstall = ''
|
||||
wrapQtProgram "$out/bin/dolphin"
|
||||
'';
|
||||
meta = {
|
||||
license = with lib.licenses; [ gpl2 fdl12 ];
|
||||
maintainers = [ lib.maintainers.ttuegel ];
|
||||
};
|
||||
}
|
@ -1,56 +0,0 @@
|
||||
#! /usr/bin/env nix-shell
|
||||
#! nix-shell -i bash -p coreutils findutils gnused nix wget
|
||||
|
||||
set -x
|
||||
|
||||
# The trailing slash at the end is necessary!
|
||||
WGET_ARGS='http://download.kde.org/stable/applications/15.08.3/ http://download.kde.org/stable/applications/15.04.3/src/oxygen-icons-15.04.3.tar.xz -A *.tar.xz'
|
||||
|
||||
mkdir tmp; cd tmp
|
||||
|
||||
rm -f ../srcs.csv
|
||||
|
||||
wget -nH -r -c --no-parent $WGET_ARGS
|
||||
|
||||
find . | while read src; do
|
||||
if [[ -f "${src}" ]]; then
|
||||
# Sanitize file name
|
||||
filename=$(basename "$src" | tr '@' '_')
|
||||
nameVersion="${filename%.tar.*}"
|
||||
name=$(echo "$nameVersion" | sed -e 's,-[[:digit:]].*,,' | sed -e 's,-opensource-src$,,')
|
||||
version=$(echo "$nameVersion" | sed -e 's,^\([[:alpha:]][[:alnum:]]*-\)\+,,')
|
||||
echo "$name,$version,$src,$filename" >>../srcs.csv
|
||||
fi
|
||||
done
|
||||
|
||||
cat >../srcs.nix <<EOF
|
||||
# DO NOT EDIT! This file is generated automatically by fetchsrcs.sh
|
||||
{ fetchurl, mirror }:
|
||||
|
||||
{
|
||||
EOF
|
||||
|
||||
gawk -F , "{ print \$1 }" ../srcs.csv | sort | uniq | while read name; do
|
||||
versions=$(gawk -F , "/^$name,/ { print \$2 }" ../srcs.csv)
|
||||
latestVersion=$(echo "$versions" | sort -rV | head -n 1)
|
||||
src=$(gawk -F , "/^$name,$latestVersion,/ { print \$3 }" ../srcs.csv)
|
||||
filename=$(gawk -F , "/^$name,$latestVersion,/ { print \$4 }" ../srcs.csv)
|
||||
url="${src:2}"
|
||||
sha256=$(nix-hash --type sha256 --base32 --flat "$src")
|
||||
cat >>../srcs.nix <<EOF
|
||||
$name = {
|
||||
version = "$latestVersion";
|
||||
src = fetchurl {
|
||||
url = "\${mirror}/$url";
|
||||
sha256 = "$sha256";
|
||||
name = "$filename";
|
||||
};
|
||||
};
|
||||
EOF
|
||||
done
|
||||
|
||||
echo "}" >>../srcs.nix
|
||||
|
||||
rm -f ../srcs.csv
|
||||
|
||||
cd ..
|
@ -1,27 +0,0 @@
|
||||
{ kdeApp
|
||||
, lib
|
||||
, automoc4
|
||||
, cmake
|
||||
, perl
|
||||
, pkgconfig
|
||||
, kdelibs
|
||||
, ffmpeg
|
||||
}:
|
||||
|
||||
kdeApp {
|
||||
name = "ffmpegthumbs";
|
||||
nativeBuildInputs = [
|
||||
automoc4
|
||||
cmake
|
||||
perl
|
||||
pkgconfig
|
||||
];
|
||||
buildInputs = [
|
||||
kdelibs
|
||||
ffmpeg
|
||||
];
|
||||
meta = {
|
||||
license = with lib.licenses; [ gpl2 bsd3 ];
|
||||
maintainers = [ lib.maintainers.ttuegel ];
|
||||
};
|
||||
}
|
@ -1,21 +0,0 @@
|
||||
{ kdeApp
|
||||
, lib
|
||||
, extra-cmake-modules
|
||||
, boost
|
||||
, gpgme
|
||||
}:
|
||||
|
||||
kdeApp {
|
||||
name = "gpgmepp";
|
||||
nativeBuildInputs = [
|
||||
extra-cmake-modules
|
||||
];
|
||||
buildInputs = [
|
||||
boost
|
||||
gpgme
|
||||
];
|
||||
meta = {
|
||||
license = with lib.licenses; [ lgpl21 bsd3 ];
|
||||
maintainers = [ lib.maintainers.ttuegel ];
|
||||
};
|
||||
}
|
@ -1,44 +0,0 @@
|
||||
{ kdeApp
|
||||
, lib
|
||||
, extra-cmake-modules
|
||||
, kdoctools
|
||||
, makeQtWrapper
|
||||
, baloo
|
||||
, exiv2
|
||||
, kactivities
|
||||
, kdelibs4support
|
||||
, kio
|
||||
, lcms2
|
||||
, phonon
|
||||
, qtsvg
|
||||
, qtx11extras
|
||||
}:
|
||||
|
||||
kdeApp {
|
||||
name = "gwenview";
|
||||
nativeBuildInputs = [
|
||||
extra-cmake-modules
|
||||
kdoctools
|
||||
makeQtWrapper
|
||||
];
|
||||
buildInputs = [
|
||||
exiv2
|
||||
lcms2
|
||||
phonon
|
||||
qtsvg
|
||||
];
|
||||
propagatedBuildInputs = [
|
||||
baloo
|
||||
kactivities
|
||||
kdelibs4support
|
||||
kio
|
||||
qtx11extras
|
||||
];
|
||||
postInstall = ''
|
||||
wrapQtProgram "$out/bin/gwenview"
|
||||
'';
|
||||
meta = {
|
||||
license = with lib.licenses; [ gpl2 fdl12 ];
|
||||
maintainers = [ lib.maintainers.ttuegel ];
|
||||
};
|
||||
}
|
@ -1,69 +0,0 @@
|
||||
{ kdeApp
|
||||
, lib
|
||||
, extra-cmake-modules
|
||||
, kdoctools
|
||||
, qtscript
|
||||
, kactivities
|
||||
, kconfig
|
||||
, kcrash
|
||||
, kguiaddons
|
||||
, kiconthemes
|
||||
, ki18n
|
||||
, kinit
|
||||
, kjobwidgets
|
||||
, kio
|
||||
, kparts
|
||||
, ktexteditor
|
||||
, kwindowsystem
|
||||
, kxmlgui
|
||||
, kdbusaddons
|
||||
, kwallet
|
||||
, plasma-framework
|
||||
, kitemmodels
|
||||
, knotifications
|
||||
, threadweaver
|
||||
, knewstuff
|
||||
, libgit2
|
||||
}:
|
||||
|
||||
kdeApp {
|
||||
name = "kate";
|
||||
nativeBuildInputs = [
|
||||
extra-cmake-modules
|
||||
kdoctools
|
||||
];
|
||||
buildInputs = [
|
||||
qtscript
|
||||
kconfig
|
||||
kcrash
|
||||
kguiaddons
|
||||
kiconthemes
|
||||
kinit
|
||||
kjobwidgets
|
||||
kparts
|
||||
kxmlgui
|
||||
kdbusaddons
|
||||
kwallet
|
||||
kitemmodels
|
||||
knotifications
|
||||
threadweaver
|
||||
knewstuff
|
||||
libgit2
|
||||
];
|
||||
propagatedBuildInputs = [
|
||||
kactivities
|
||||
ki18n
|
||||
kio
|
||||
ktexteditor
|
||||
kwindowsystem
|
||||
plasma-framework
|
||||
];
|
||||
postInstall = ''
|
||||
wrapQtProgram "$out/bin/kate"
|
||||
wrapQtProgram "$out/bin/kwrite"
|
||||
'';
|
||||
meta = {
|
||||
license = with lib.licenses; [ gpl3 lgpl3 lgpl2 ];
|
||||
maintainers = [ lib.maintainers.ttuegel ];
|
||||
};
|
||||
}
|
@ -1,23 +0,0 @@
|
||||
{ stdenv, lib, debug, srcs }:
|
||||
|
||||
args:
|
||||
|
||||
let
|
||||
inherit (args) name;
|
||||
sname = args.sname or name;
|
||||
inherit (srcs."${sname}") src version;
|
||||
in
|
||||
stdenv.mkDerivation (args // {
|
||||
name = "${name}-${version}";
|
||||
inherit src;
|
||||
|
||||
cmakeFlags =
|
||||
(args.cmakeFlags or [])
|
||||
++ [ "-DBUILD_TESTING=OFF" ]
|
||||
++ lib.optional debug "-DCMAKE_BUILD_TYPE=Debug";
|
||||
|
||||
meta = {
|
||||
platforms = lib.platforms.linux;
|
||||
homepage = "http://www.kde.org";
|
||||
} // (args.meta or {});
|
||||
})
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user