ilyakooo0/nixpkgs
1
0
Fork 0
mirror of https://github.com/ilyakooo0/nixpkgs.git synced 2024-11-19 11:00:19 +03:00
Code Issues Projects Releases Wiki Activity

Merge remote-tracking branch 'upstream/master' into hardened-stdenv

Browse Source
This commit is contained in:
Robin Gloster 2016-05-30 19:39:34 +00:00
commit 2d382f3d98
711 changed files with 49079 additions and 11672 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.github/PULL_REQUEST_TEMPLATE.md vendored
View File

@ -1,3 +1,6 @@
###### Motivation for this change
###### Things done
- [ ] Tested using sandboxing

4
doc/configuration.xml
View File

@ -46,10 +46,10 @@ $ export NIXPKGS_ALLOW_UNFREE=1
allowUnfreePredicate = (pkg: ...);
</programlisting>
Example to allow flash player only:
Example to allow flash player and visual studio code only:
<programlisting>
allowUnfreePredicate = (pkg: pkgs.lib.hasPrefix "flashplayer-" pkg.name);
allowUnfreePredicate = with builtins; (pkg: elem (parseDrvName pkg.name).name [ "flashplayer" "vscode" ]);
</programlisting>
</para>

6
doc/default.nix
View File

@ -27,6 +27,7 @@ stdenv.mkDerivation {
in ''
{
pandoc '${inputFile}' -w docbook ${optionalString useChapters "--chapters"} \
--smart \
| sed -e 's|<ulink url=|<link xlink:href=|' \
-e 's|</ulink>|</link>|' \
-e 's|<sect. id=|<section xml:id=|' \
@ -52,9 +53,8 @@ stdenv.mkDerivation {
outputFile = "./languages-frameworks/python.xml";
}
+ toDocbook {
inputFile = ./haskell-users-guide.md;
outputFile = "haskell-users-guide.xml";
useChapters = true;
inputFile = ./languages-frameworks/haskell.md;
outputFile = "./languages-frameworks/haskell.xml";
}
+ toDocbook {
inputFile = ./../pkgs/development/idris-modules/README.md;

9
doc/functions.xml
View File

@ -92,7 +92,14 @@ in ...</programlisting>
<para>Do not use this function in Nixpkgs. Because it breaks
package abstraction and doesnt provide error checking for
function arguments, it is only intended for ad-hoc customisation
(such as in <filename>~/.nixpkgs/config.nix</filename>).</para>
(such as in <filename>~/.nixpkgs/config.nix</filename>).
</para>
<para>
Additionally, <varname>overrideDerivation</varname> forces an evaluation
of the Derivation which can be quite a performance penalty if there are many
overrides used.
</para>
</warning>
<para>

10
doc/beam-users-guide.xml → doc/languages-frameworks/beam.xml
View File

@ -1,10 +1,10 @@
<chapter xmlns="http://docbook.org/ns/docbook"
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xml:id="users-guide-to-the-erlang-infrastructure">
xml:id="sec-beam">
<title>User's Guide to the Beam Infrastructure</title>
<title>Beam Languages (Erlang &amp; Elixir)</title>
<section xml:id="beam-introduction">
<title>Beam Languages (Erlang &amp; Elixir) on Nix</title>
<title>Introduction</title>
<para>
In this document and related Nix expressions we use the term
<emphasis>Beam</emphasis> to describe the environment. Beam is
@ -373,4 +373,4 @@ $ nix-build -A beamPackages
that.
</para>
</section>
</chapter>
</section>

2
doc/haskell-users-guide.md → doc/languages-frameworks/haskell.md
View File

@ -329,7 +329,7 @@ workarounds.
### How to build a Haskell project using Stack
[Stack][http://haskellstack.org] is a popular build tool for Haskell projects.
[Stack](http://haskellstack.org) is a popular build tool for Haskell projects.
It has first-class support for Nix. Stack can optionally use Nix to
automatically select the right version of GHC and other build tools to build,
test and execute apps in an existing project downloaded from somewhere on the

17
doc/languages-frameworks/index.xml
View File

@ -13,19 +13,20 @@ in Nixpkgs to easily build packages for other programming languages,
such as Perl or Haskell. These are described in this chapter.</para>
<xi:include href="perl.xml" />
<xi:include href="python.xml" />
<xi:include href="ruby.xml" />
<xi:include href="beam.xml" />
<xi:include href="bower.xml" />
<xi:include href="coq.xml" />
<xi:include href="go.xml" />
<xi:include href="haskell.xml" />
<xi:include href="idris.xml" /> <!-- generated from ../../pkgs/development/idris-modules/README.md -->
<xi:include href="java.xml" />
<xi:include href="lua.xml" />
<xi:include href="coq.xml" />
<xi:include href="idris.xml" /> <!-- generated from ../../pkgs/development/idris-modules/README.md -->
<xi:include href="r.xml" /> <!-- generated from ../../pkgs/development/r-modules/README.md -->
<xi:include href="perl.xml" />
<xi:include href="python.xml" />
<xi:include href="qt.xml" />
<xi:include href="r.xml" /> <!-- generated from ../../pkgs/development/r-modules/README.md -->
<xi:include href="ruby.xml" />
<xi:include href="texlive.xml" />
<xi:include href="bower.xml" />
</chapter>

74
doc/languages-frameworks/python.md
View File

@ -78,18 +78,16 @@ containing
```nix
with import <nixpkgs> {};
(pkgs.python35.buildEnv.override {
extraLibs = with pkgs.python35Packages; [ numpy toolz ];
}).env
(pkgs.python35.withPackages (ps: [ps.numpy ps.toolz])).env
```
executing `nix-shell` gives you again a Nix shell from which you can run Python.
What's happening here?
1. We begin with importing the Nix Packages collections. `import <nixpkgs>` import the `<nixpkgs>` function, `{}` calls it and the `with` statement brings all attributes of `nixpkgs` in the local scope. Therefore we can now use `pkgs`.
2. Then we create a Python 3.5 environment with `pkgs.buildEnv`. Because we want to use it with a custom set of Python packages, we override it.
3. The `extraLibs` argument of the original `buildEnv` function can be used to specify which packages should be included. We want `numpy` and `toolz`. Again, we use the `with` statement to bring a set of attributes into the local scope.
4. And finally, for in interactive use we return the environment.
2. Then we create a Python 3.5 environment with the `withPackages` function.
3. The `withPackages` function expects us to provide a function as an argument that takes the set of all python packages and returns a list of packages to include in the environment. Here, we select the packages `numpy` and `toolz` from the package set.
4. And finally, for in interactive use we return the environment by using the `env` attribute.
### Developing with Python
@ -187,10 +185,7 @@ with import <nixpkgs> {};
};
};
in pkgs.python35.buildEnv.override rec {
extraLibs = [ pkgs.python35Packages.numpy toolz ];
}
in pkgs.python35.withPackages (ps: [ps.numpy toolz])
).env
```
@ -199,8 +194,11 @@ locally defined package as well as `numpy` which is build according to the
definition in Nixpkgs. What did we do here? Well, we took the Nix expression
that we used earlier to build a Python environment, and said that we wanted to
include our own version of `toolz`. To introduce our own package in the scope of
`buildEnv.override` we used a
`withPackages` we used a
[`let`](http://nixos.org/nix/manual/#sec-constructs) expression.
You can see that we used `ps.numpy` to select numpy from the nixpkgs package set (`ps`).
But we do not take `toolz` from the nixpkgs package set this time.
Instead, `toolz` will resolve to our local definition that we introduced with `let`.
### Handling dependencies
@ -359,7 +357,7 @@ own packages. The important functions here are `import` and `callPackage`.
### Including a derivation using `callPackage`
Earlier we created a Python environment using `buildEnv`, and included the
Earlier we created a Python environment using `withPackages`, and included the
`toolz` package via a `let` expression.
Let's split the package definition from the environment definition.
@ -394,9 +392,7 @@ with import <nixpkgs> {};
( let
toolz = pkgs.callPackage ~/path/to/toolz/release.nix { pkgs=pkgs; buildPythonPackage=pkgs.python35Packages.buildPythonPackage; };
in pkgs.python35.buildEnv.override rec {
extraLibs = [ pkgs.python35Packages.numpy toolz ];
}
in pkgs.python35.withPackages (ps: [ ps.numpy toolz ])
).env
```
@ -450,6 +446,7 @@ Each interpreter has the following attributes:
- `libPrefix`. Name of the folder in `${python}/lib/` for corresponding interpreter.
- `interpreter`. Alias for `${python}/bin/${executable}`.
- `buildEnv`. Function to build python interpreter environments with extra packages bundled together. See section *python.buildEnv function* for usage and documentation.
- `withPackages`. Simpler interface to `buildEnv`. See section *python.withPackages function* for usage and documentation.
- `sitePackages`. Alias for `lib/${libPrefix}/site-packages`.
- `executable`. Name of the interpreter executable, ie `python3.4`.
@ -548,7 +545,7 @@ Python environments can be created using the low-level `pkgs.buildEnv` function.
This example shows how to create an environment that has the Pyramid Web Framework.
Saving the following as `default.nix`
with import {};
with import <nixpkgs> {};
python.buildEnv.override {
extraLibs = [ pkgs.pythonPackages.pyramid ];
@ -565,7 +562,7 @@ You can also use the `env` attribute to create local environments with needed
packages installed. This is somewhat comparable to `virtualenv`. For example,
running `nix-shell` with the following `shell.nix`
with import {};
with import <nixpkgs> {};
(python3.buildEnv.override {
extraLibs = with python3Packages; [ numpy requests ];
@ -581,6 +578,37 @@ specified packages in its path.
* `postBuild`: Shell command executed after the build of environment.
* `ignoreCollisions`: Ignore file collisions inside the environment (default is `false`).
#### python.withPackages function
The `python.withPackages` function provides a simpler interface to the `python.buildEnv` functionality.
It takes a function as an argument that is passed the set of python packages and returns the list
of the packages to be included in the environment. Using the `withPackages` function, the previous
example for the Pyramid Web Framework environment can be written like this:
with import <nixpkgs> {};
python.withPackages (ps: [ps.pyramid])
`withPackages` passes the correct package set for the specific interpreter version as an
argument to the function. In the above example, `ps` equals `pythonPackages`.
But you can also easily switch to using python3:
with import <nixpkgs> {};
python3.withPackages (ps: [ps.pyramid])
Now, `ps` is set to `python3Packages`, matching the version of the interpreter.
As `python.withPackages` simply uses `python.buildEnv` under the hood, it also supports the `env`
attribute. The `shell.nix` file from the previous section can thus be also written like this:
with import <nixpkgs> {};
(python33.withPackages (ps: [ps.numpy ps.requests])).env
In contrast to `python.buildEnv`, `python.withPackages` does not support the more advanced options
such as `ignoreCollisions = true` or `postBuild`. If you need them, you have to use `python.buildEnv`.
### Development mode
Development or editable mode is supported. To develop Python packages
@ -591,7 +619,7 @@ Warning: `shellPhase` is executed only if `setup.py` exists.
Given a `default.nix`:
with import {};
with import <nixpkgs> {};
buildPythonPackage { name = "myproject";
@ -649,9 +677,8 @@ newpkgs = pkgs.overridePackages(self: super: rec {
self = python35Packages // { pandas = python35Packages.pandas.override{name="foo";};};
};
});
in newpkgs.python35.buildEnv.override{
extraLibs = [newpkgs.python35Packages.blaze ];
}).env
in newpkgs.python35.withPackages (ps: [ps.blaze])
).env
```
A typical use case is to switch to another version of a certain package. For example, in the Nixpkgs repository we have multiple versions of `django` and `scipy`.
In the following example we use a different version of `scipy`. All packages in `newpkgs` will now use the updated `scipy` version.
@ -665,9 +692,8 @@ newpkgs = pkgs.overridePackages(self: super: rec {
self = python35Packages // { scipy = python35Packages.scipy_0_16;};
};
});
in pkgs.python35.buildEnv.override{
extraLibs = [newpkgs.python35Packages.blaze ];
}).env
in newpkgs.python35.withPackages (ps: [ps.blaze])
).env
```
The requested package `blaze` depends upon `pandas` which itself depends on `scipy`.

2
doc/manual.xml
View File

@ -20,8 +20,6 @@
<xi:include href="package-notes.xml" />
<xi:include href="coding-conventions.xml" />
<xi:include href="submitting-changes.xml" />
<xi:include href="haskell-users-guide.xml" />
<xi:include href="beam-users-guide.xml" />
<xi:include href="contributing.xml" />
</book>

2
lib/composable-derivation.nix
View File

@ -50,7 +50,7 @@ let inherit (lib) nv nvs; in
# nice features:
# declaring "optional featuers" is modular. For instance:
# flags.curl = {
# configureFlags = ["--with-curl=${curl}" "--with-curlwrappers"];
# configureFlags = ["--with-curl=${curl.dev}" "--with-curlwrappers"];
# buildInputs = [curl openssl];
# };
# flags.other = { .. }

2
lib/lists.nix
View File

@ -24,7 +24,7 @@ rec {
Example:
concat = fold (a: b: a + b) "z"
concat [ "a" "b" "c" ]
=> "abcnul"
=> "abcz"
*/
fold = op: nul: list:
let

9
lib/maintainers.nix
View File

@ -76,6 +76,7 @@
choochootrain = "Hurshal Patel <hurshal@imap.cc>";
christopherpoole = "Christopher Mark Poole <mail@christopherpoole.net>";
cleverca22 = "Michael Bishop <cleverca22@gmail.com>";
cmcdragonkai = "Roger Qiu <roger.qiu@matrix.ai>";
coconnor = "Corey O'Connor <coreyoconnor@gmail.com>";
codsl = "codsl <codsl@riseup.net>";
codyopel = "Cody Opel <codyopel@gmail.com>";
@ -85,7 +86,7 @@
couchemar = "Andrey Pavlov <couchemar@yandex.ru>";
cransom = "Casey Ransom <cransom@hubns.net>";
CrystalGamma = "Jona Stubbe <nixos@crystalgamma.de>";
cstrahan = "Charles Strahan <charles.c.strahan@gmail.com>";
cstrahan = "Charles Strahan <charles@cstrahan.com>";
cwoac = "Oliver Matthews <oliver@codersoffortune.net>";
DamienCassou = "Damien Cassou <damien@cassou.me>";
dasuxullebt = "Christoph-Simon Senjak <christoph.senjak@googlemail.com>";
@ -150,6 +151,7 @@
goibhniu = "Cillian de Róiste <cillian.deroiste@gmail.com>";
Gonzih = "Max Gonzih <gonzih@gmail.com>";
gpyh = "Yacine Hmito <yacine.hmito@gmail.com>";
grahamc = "Graham Christensen <graham@grahamc.com>";
gridaphobe = "Eric Seidel <eric@seidel.io>";
guibert = "David Guibert <david.guibert@gmail.com>";
havvy = "Ryan Scheel <ryan.havvy@gmail.com>";
@ -228,7 +230,7 @@
matthiasbeyer = "Matthias Beyer <mail@beyermatthias.de>";
maurer = "Matthew Maurer <matthew.r.maurer+nix@gmail.com>";
mbakke = "Marius Bakke <ymse@tuta.io>";
mbauer = "Matthew Bauer <mjbauer95@gmail.com>";
matthewbauer = "Matthew Bauer <mjbauer95@gmail.com>";
mbe = "Brandon Edens <brandonedens@gmail.com>";
mboes = "Mathieu Boespflug <mboes@tweag.net>";
mcmtroffaes = "Matthias C. M. Troffaes <matthias.troffaes@gmail.com>";
@ -259,6 +261,7 @@
nfjinjing = "Jinjing Wang <nfjinjing@gmail.com>";
nico202 = "Nicolò Balzarotti <anothersms@gmail.com>";
notthemessiah = "Brian Cohen <brian.cohen.88@gmail.com>";
NikolaMandic = "Ratko Mladic <nikola@mandic.email>";
np = "Nicolas Pouillard <np.nix@nicolaspouillard.fr>";
nslqqq = "Nikita Mikhailov <nslqqq@gmail.com>";
obadz = "obadz <obadz-nixos@obadz.com>";
@ -293,6 +296,7 @@
pmiddend = "Philipp Middendorf <pmidden@secure.mailbox.org>";
prikhi = "Pavan Rikhi <pavan.rikhi@gmail.com>";
profpatsch = "Profpatsch <mail@profpatsch.de>";
pshendry = "Paul Hendry <paul@pshendry.com>";
psibi = "Sibi <sibi@psibi.in>";
pSub = "Pascal Wittmann <mail@pascal-wittmann.de>";
puffnfresh = "Brian McKenna <brian@brianmckenna.org>";
@ -303,6 +307,7 @@
rasendubi = "Alexey Shmalko <rasen.dubi@gmail.com>";
raskin = "Michael Raskin <7c6f434c@mail.ru>";
redbaron = "Maxim Ivanov <ivanov.maxim@gmail.com>";
redvers = "Redvers Davies <red@infect.me>";
refnil = "Martin Lavoie <broemartino@gmail.com>";
relrod = "Ricky Elrod <ricky@elrod.me>";
renzo = "Renzo Carbonara <renzocarbonara@gmail.com>";

26
lib/sources.nix
View File

@ -29,4 +29,30 @@ rec {
in type == "directory" || lib.any (ext: lib.hasSuffix ext base) exts;
in builtins.filterSource filter path;
# Get the commit id of a git repo
# Example: commitIdFromGitRepo <nixpkgs/.git>
commitIdFromGitRepo =
let readCommitFromFile = path: file:
with builtins;
let fileName = toString path + "/" + file;
packedRefsName = toString path + "/packed-refs";
in if lib.pathExists fileName
then
let fileContent = readFile fileName;
# Sometimes git stores the commitId directly in the file but
# sometimes it stores something like: «ref: refs/heads/branch-name»
matchRef = match "^ref: (.*)\n$" fileContent;
in if isNull matchRef
then lib.removeSuffix "\n" fileContent
else readCommitFromFile path (lib.head matchRef)
# Sometimes, the file isn't there at all and has been packed away in the
# packed-refs file, so we have to grep through it:
else if lib.pathExists packedRefsName
then
let packedRefs = lib.splitString "\n" (readFile packedRefsName);
matchRule = match ("^(.*) " + file + "$");
matchedRefs = lib.flatten (lib.filter (m: ! (isNull m)) (map matchRule packedRefs));
in lib.head matchedRefs
else throw ("Not a .git directory: " + path);
in lib.flip readCommitFromFile "HEAD";
}

18
lib/types.nix
View File

@ -114,13 +114,17 @@ rec {
name = "list of ${elemType.name}s";
check = isList;
merge = loc: defs:
map (x: x.value) (filter (x: x ? value) (concatLists (imap (n: def: imap (m: def':
(mergeDefinitions
(loc ++ ["[definition ${toString n}-entry ${toString m}]"])
elemType
[{ inherit (def) file; value = def'; }]
).optionalValue
) def.value) defs)));
map (x: x.value) (filter (x: x ? value) (concatLists (imap (n: def:
if isList def.value then
imap (m: def':
(mergeDefinitions
(loc ++ ["[definition ${toString n}-entry ${toString m}]"])
elemType
[{ inherit (def) file; value = def'; }]
).optionalValue
) def.value
else
throw "The option value `${showOption loc}' in `${def.file}' is not a list.") defs)));
getSubOptions = prefix: elemType.getSubOptions (prefix ++ ["*"]);
getSubModules = elemType.getSubModules;
substSubModules = m: listOf (elemType.substSubModules m);

3
maintainers/scripts/nix-generate-from-cpan.nix
View File

@ -1,7 +1,7 @@
{ stdenv, makeWrapper, perl, perlPackages }:
stdenv.mkDerivation {
name = "nix-generate-from-cpan-2";
name = "nix-generate-from-cpan-3";
buildInputs = with perlPackages; [
makeWrapper perl CPANMeta GetoptLongDescriptive CPANPLUS Readonly Log4Perl
@ -20,5 +20,6 @@ stdenv.mkDerivation {
meta = {
maintainers = with stdenv.lib.maintainers; [ eelco rycee ];
description = "Utility to generate a Nix expression for a Perl package from CPAN";
platforms = stdenv.lib.platforms.unix;
};
}

14
maintainers/scripts/nix-generate-from-cpan.pl
View File

@ -278,13 +278,13 @@ sub get_deps {
foreach my $n ( $deps->required_modules ) {
next if $n eq "perl";
# Hacky way to figure out if this module is part of Perl.
if ( $n !~ /^JSON/ && $n !~ /^YAML/ && $n !~ /^Module::Pluggable/ && $n !~ /^if$/ ) {
eval "use $n;";
if ( !$@ ) {
DEBUG("skipping Perl-builtin module $n");
next;
}
# Figure out whether the module is a core module by attempting
# to `use` the module in a pure Perl interpreter and checking
# whether it succeeded. Note, $^X is a magic variable holding
# the path to the running Perl interpreter.
if ( system("env -i $^X -M$n -e1 >/dev/null 2>&1") == 0 ) {
DEBUG("skipping Perl-builtin module $n");
next;
}
my $pkg = module_to_pkg( $cb, $n );

23
nixos/doc/manual/configuration/linux-kernel.xml
View File

@ -19,7 +19,7 @@ kernel.</para>
<para>The default Linux kernel configuration should be fine for most users. You can see the configuration of your current kernel with the following command:
<programlisting>
cat /proc/config.gz | gunzip
zcat /proc/config.gz
</programlisting>
If you want to change the kernel configuration, you can use the
<option>packageOverrides</option> feature (see <xref
@ -66,4 +66,25 @@ boot.kernel.sysctl."net.ipv4.tcp_keepalive_time" = 120;
sets the kernels TCP keepalive time to 120 seconds. To see the
available parameters, run <command>sysctl -a</command>.</para>
<section>
<title>Developing kernel modules</title>
<para>When developing kernel modules it's often convenient to run
edit-compile-run loop as quickly as possible.
See below snippet as an example of developing <literal>mellanox</literal>
drivers.
</para>
<screen><![CDATA[
$ nix-build '<nixpkgs>' -A linuxPackages.kernel.dev
$ nix-shell '<nixpkgs>' -A linuxPackages.kernel
$ unpackPhase
$ cd linux-*
$ make -C $dev/lib/modules/*/build M=$(pwd)/drivers/net/ethernet/mellanox modules
$ sudo insmod ./drivers/net/ethernet/mellanox/mlx5/core/mlx5_core.ko
]]></screen>
</section>
</chapter>

12
nixos/doc/manual/configuration/luks-file-systems.xml
View File

@ -9,21 +9,21 @@
<para>NixOS supports file systems that are encrypted using
<emphasis>LUKS</emphasis> (Linux Unified Key Setup). For example,
here is how you create an encrypted Ext4 file system on the device
<filename>/dev/sda2</filename>:
<filename>/dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d</filename>:
<screen>
$ cryptsetup luksFormat /dev/sda2
$ cryptsetup luksFormat /dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d
WARNING!
========
This will overwrite data on /dev/sda2 irrevocably.
This will overwrite data on /dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d irrevocably.
Are you sure? (Type uppercase yes): YES
Enter LUKS passphrase: ***
Verify passphrase: ***
$ cryptsetup luksOpen /dev/sda2 crypted
Enter passphrase for /dev/sda2: ***
$ cryptsetup luksOpen /dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d crypted
Enter passphrase for /dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d: ***
$ mkfs.ext4 /dev/mapper/crypted
</screen>
@ -33,7 +33,7 @@ as <filename>/</filename>, add the following to
<filename>configuration.nix</filename>:
<programlisting>
boot.initrd.luks.devices = [ { device = "/dev/sda2"; name = "crypted"; } ];
boot.initrd.luks.devices.crypted.device = "/dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d";
fileSystems."/".device = "/dev/mapper/crypted";
</programlisting>

6
nixos/doc/manual/development/option-declarations.xml
View File

@ -7,8 +7,8 @@
<title>Option Declarations</title>
<para>An option declaration specifies the name, type and description
of a NixOS configuration option. It is illegal to define an option
that hasnt been declared in any module. A option declaration
of a NixOS configuration option. It is invalid to define an option
that hasnt been declared in any module. An option declaration
generally looks like this:
<programlisting>
@ -42,7 +42,7 @@ options = {
<listitem>
<para>The default value used if no value is defined by any
module. A default is not required; in that case, if the option
value is ever used, an error will be thrown.</para>
value is never used, an error will be thrown.</para>
</listitem>
</varlistentry>

4
nixos/doc/manual/man-nixos-generate-config.xml
View File

@ -113,8 +113,8 @@
<varlistentry>
<term><option>--no-filesystems</option></term>
<listitem>
<para>Omit everything concerning file system information
(which includes swap devices) from the hardware configuration.</para>
<para>Omit everything concerning file systems and swap devices
from the hardware configuration.</para>
</listitem>
</varlistentry>

2
nixos/doc/manual/release-notes/rl-1603.xml
View File

@ -279,7 +279,7 @@ fileSystems."/example" = {
<listitem>
<para><literal>services.xserver.vaapiDrivers</literal> has been removed. Use
<literal>services.hardware.opengl.extraPackages{,32}</literal> instead. You can
<literal>hardware.opengl.extraPackages{,32}</literal> instead. You can
also specify VDPAU drivers there.</para>
</listitem>

5
nixos/doc/manual/release-notes/rl-1609.xml
View File

@ -30,7 +30,10 @@ following incompatible changes:</para>
<itemizedlist>
<listitem>
<para>todo</para>
<para>Shell aliases for systemd sub-commands
<link xlink:href="https://github.com/NixOS/nixpkgs/pull/15598">were dropped</link>:
<command>start</command>, <command>stop</command>,
<command>restart</command>, <command>status</command>.</para>
</listitem>
</itemizedlist>

4
nixos/lib/test-driver/Logger.pm
View File

@ -3,6 +3,7 @@ package Logger;
use strict;
use Thread::Queue;
use XML::Writer;
use Encode qw(decode encode);
sub new {
my ($class) = @_;
@ -56,7 +57,8 @@ sub nest {
sub sanitise {
my ($s) = @_;
$s =~ s/[[:cntrl:]\xff]//g;
return $s;
$s = decode('UTF-8', $s, Encode::FB_DEFAULT);
return encode('UTF-8', $s, Encode::FB_CROAK);
}
sub log {

12
nixos/lib/test-driver/Machine.pm
View File

@ -382,9 +382,17 @@ sub waitForUnit {
my $state = $info->{ActiveState};
die "unit $unit reached state $state\n" if $state eq "failed";
if ($state eq "inactive") {
# If there are no pending jobs, then assume this unit
# will never reach active state.
my ($status, $jobs) = $self->execute("systemctl list-jobs --full 2>&1");
die "unit $unit is inactive and there are no pending jobs\n"
if $jobs =~ /No jobs/; # FIXME: fragile
if ($jobs =~ /No jobs/) { # FIXME: fragile
# Handle the case where the unit may have started
# between the previous getUnitInfo() and
# list-jobs.
my $info2 = $self->getUnitInfo($unit);
die "unit $unit is inactive and there are no pending jobs\n"
if $info2->{ActiveState} eq $state;
}
}
return 1 if $state eq "active";
};

54
nixos/modules/config/fonts/fontdir.nix
View File

@ -4,47 +4,17 @@ with lib;
let
fontDirs = config.fonts.fonts;
localDefs = with pkgs.builderDefs; pkgs.builderDefs.passthru.function rec {
src = "";/* put a fetchurl here */
buildInputs = [pkgs.xorg.mkfontdir pkgs.xorg.mkfontscale];
inherit fontDirs;
installPhase = fullDepEntry ("
list='';
for i in ${toString fontDirs} ; do
if [ -d \$i/ ]; then
list=\"\$list \$i\";
fi;
done
list=\$(find \$list -name fonts.dir -o -name '*.ttf' -o -name '*.otf');
fontDirs='';
for i in \$list ; do
fontDirs=\"\$fontDirs \$(dirname \$i)\";
done;
mkdir -p \$out/share/X11-fonts/;
find \$fontDirs -type f -o -type l | while read i; do
j=\"\${i##*/}\"
if ! test -e \"\$out/share/X11-fonts/\${j}\"; then
ln -s \"\$i\" \"\$out/share/X11-fonts/\${j}\";
fi;
done;
cd \$out/share/X11-fonts/
rm fonts.dir
rm fonts.scale
rm fonts.alias
mkfontdir
mkfontscale
cat \$( find ${pkgs.xorg.fontalias}/ -name fonts.alias) >fonts.alias
") ["minInit" "addInputs"];
};
x11Fonts = with localDefs; stdenv.mkDerivation rec {
name = "X11-fonts";
builder = writeScript (name + "-builder")
(textClosure localDefs
[installPhase doForceShare doPropagate]);
};
x11Fonts = pkgs.runCommand "X11-fonts" { } ''
mkdir -p "$out/share/X11-fonts"
find ${toString config.fonts.fonts} \
\( -name fonts.dir -o -name '*.ttf' -o -name '*.otf' \) \
-exec ln -sf -t "$out/share/X11-fonts" '{}' \;
cd "$out/share/X11-fonts"
rm -f fonts.dir fonts.scale fonts.alias
${pkgs.xorg.mkfontdir}/bin/mkfontdir
${pkgs.xorg.mkfontscale}/bin/mkfontscale
cat $(find ${pkgs.xorg.fontalias}/ -name fonts.alias) >fonts.alias
'';
in
@ -70,6 +40,8 @@ in
environment.systemPackages = [ x11Fonts ];
environment.pathsToLink = [ "/share/X11-fonts" ];
};
}

2
nixos/modules/config/ldap.nix
View File

@ -192,7 +192,7 @@ in
system.activationScripts = mkIf insertLdapPassword {
ldap = stringAfter [ "etc" "groups" "users" ] ''
if test -f "${cfg.bind.password}" ; then
echo "bindpw "$(cat ${cfg.bind.password})"" | cat ${ldapConfig} - > /etc/ldap.conf.bindpw
echo "bindpw "$(cat ${cfg.bind.password})"" | cat ${ldapConfig.source} - > /etc/ldap.conf.bindpw
mv -fT /etc/ldap.conf.bindpw /etc/ldap.conf
chmod 600 /etc/ldap.conf
fi

20
nixos/modules/config/networking.nix
View File

@ -11,6 +11,9 @@ let
config.services.dnsmasq.resolveLocalQueries;
hasLocalResolver = config.services.bind.enable || dnsmasqResolve;
resolvconfOptions = cfg.resolvconfOptions
++ optional cfg.dnsSingleRequest "single-request"
++ optional cfg.dnsExtensionMechanism "ends0";
in
{
@ -59,6 +62,14 @@ in
'';
};
networking.resolvconfOptions = lib.mkOption {
type = types.listOf types.str;
default = [];
example = [ "ndots:1" "rotate" ];
description = ''
Set the options in <filename>/etc/resolv.conf</filename>.
'';
};
networking.proxy = {
@ -171,12 +182,9 @@ in
# Invalidate the nscd cache whenever resolv.conf is
# regenerated.
libc_restart='${pkgs.systemd}/bin/systemctl try-restart --no-block nscd.service 2> /dev/null'
'' + optionalString cfg.dnsSingleRequest ''
# only send one DNS request at a time
resolv_conf_options+=' single-request'
'' + optionalString cfg.dnsExtensionMechanism ''
# enable extension mechanisms for DNS
resolv_conf_options+=' edns0'
'' + optionalString (length resolvconfOptions > 0) ''
# Options as described in resolv.conf(5)
resolv_conf_options='${concatStringsSep " " resolvconfOptions}'
'' + optionalString hasLocalResolver ''
# This hosts runs a full-blown DNS resolver.
name_servers='127.0.0.1'

4
nixos/modules/config/shells-environment.nix
View File

@ -150,10 +150,6 @@ in
system.build.binsh = pkgs.bashInteractive;
# Ensure TERMINFO is set appropriately *before* user shells are run,
# as they may depend on it
environment.sessionVariables.TERMINFO = "/run/current-system/sw/share/terminfo";
# Set session variables in the shell as well. This is usually
# unnecessary, but it allows changes to session variables to take
# effect without restarting the session (e.g. by opening a new

2
nixos/modules/installer/cd-dvd/iso-image.nix
View File

@ -79,7 +79,7 @@ let
echo "options init=${config.system.build.toplevel}/init ${toString config.boot.kernelParams} nomodeset" >> $out/loader/entries/nixos-livecd-nomodeset.conf
echo "default nixos-livecd" > $out/loader/loader.conf
echo "timeout ${builtins.toString config.boot.loader.gummiboot.timeout}" >> $out/loader/loader.conf
echo "timeout ${builtins.toString config.boot.loader.timeout}" >> $out/loader/loader.conf
'';
efiImg = pkgs.runCommand "efi-image_eltorito" { buildInputs = [ pkgs.mtools pkgs.libfaketime ]; }

33
nixos/modules/installer/tools/nixos-generate-config.pl
View File

@ -1,5 +1,6 @@
#! @perl@
use strict;
use Cwd 'abs_path';
use File::Spec;
use File::Path;
@ -69,6 +70,7 @@ for (my $n = 0; $n < scalar @ARGV; $n++) {
my @attrs = ();
my @kernelModules = ();
my @initrdKernelModules = ();
my @initrdAvailableKernelModules = ();
my @modulePackages = ();
my @imports;
@ -379,7 +381,7 @@ EOF
# Is this a btrfs filesystem?
if ($fsType eq "btrfs") {
my ($status, @id_info) = runCommand("btrfs subvol show $rootDir$mountPoint");
if ($status != 0 || join("", @msg) =~ /ERROR:/) {
if ($status != 0 || join("", @id_info) =~ /ERROR:/) {
die "Failed to retrieve subvolume info for $mountPoint\n";
}
my @ids = join("", @id_info) =~ m/Subvolume ID:[ \t\n]*([^ \t\n]*)/;
@ -408,7 +410,7 @@ EOF
EOF
if (scalar @extraOptions > 0) {
$fileSystems .= <<EOF;
$fileSystems .= <<EOF;
options = \[ ${\join " ", map { "\"" . $_ . "\"" } uniq(@extraOptions)} \];
EOF
}
@ -417,6 +419,25 @@ EOF
};
EOF
# If this filesystem is on a LUKS device, then add a
# boot.initrd.luks.devices entry.
if (-e $device) {
my $deviceName = basename(abs_path($device));
if (-e "/sys/class/block/$deviceName"
&& read_file("/sys/class/block/$deviceName/dm/uuid", err_mode => 'quiet') =~ /^CRYPT-LUKS/)
{
my @slaves = glob("/sys/class/block/$deviceName/slaves/*");
if (scalar @slaves == 1) {
my $slave = "/dev/" . basename($slaves[0]);
if (-e $slave) {
my $dmName = read_file("/sys/class/block/$deviceName/dm/name");
chomp $dmName;
$fileSystems .= " boot.initrd.luks.devices.\"$dmName\".device = \"${\(findStableDevPath $slave)}\";\n\n";
}
}
}
}
}
@ -440,7 +461,7 @@ sub toNixList {
sub multiLineList {
my $indent = shift;
return " [ ]" if !@_;
$res = "\n${indent}[ ";
my $res = "\n${indent}[ ";
my $first = 1;
foreach my $s (@_) {
$res .= "$indent " if !$first;
@ -457,7 +478,7 @@ my $modulePackages = toNixList(uniq @modulePackages);
my $fsAndSwap = "";
if (!$noFilesystems) {
$fsAndSwap = "\n${fileSystems} ";
$fsAndSwap = "\n$fileSystems ";
$fsAndSwap .= "swapDevices =" . multiLineList(" ", @swapDevices) . ";\n";
}
@ -494,7 +515,7 @@ if ($showHardwareConfig) {
if ($force || ! -e $fn) {
print STDERR "writing $fn...\n";
my $bootloaderConfig = "";
my $bootLoaderConfig = "";
if (-e "/sys/firmware/efi/efivars") {
$bootLoaderConfig = <<EOF;
# Use the gummiboot efi boot loader.
@ -568,7 +589,7 @@ $bootLoaderConfig
# };
# The NixOS release to be compatible with for stateful data such as databases.
system.stateVersion = "@nixosRelease@";
system.stateVersion = "${\(qw(@nixosRelease@))}";
}
EOF

4
nixos/modules/misc/ids.nix
View File

@ -267,6 +267,8 @@
graylog = 243;
sniproxy = 244;
nzbget = 245;
mosquitto = 246;
toxvpn = 247;
# When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399!
@ -504,6 +506,8 @@
emby = 242;
sniproxy = 244;
nzbget = 245;
mosquitto = 246;
#toxvpn = 247; # unused
# When adding a gid, make sure it doesn't match an existing
# uid. Users and groups with the same name should have equal

8
nixos/modules/misc/version.nix
View File

@ -5,9 +5,11 @@ with lib;
let
cfg = config.system;
releaseFile = "${toString pkgs.path}/.version";
suffixFile = "${toString pkgs.path}/.version-suffix";
releaseFile = "${toString pkgs.path}/.version";
suffixFile = "${toString pkgs.path}/.version-suffix";
revisionFile = "${toString pkgs.path}/.git-revision";
gitRepo = "${toString pkgs.path}/.git";
gitCommitId = lib.substring 0 7 (commitIdFromGitRepo gitRepo);
in
{
@ -102,6 +104,8 @@ in
# changing them would not rebuild the manual
nixosLabel = mkDefault (maybeEnv "NIXOS_LABEL" cfg.nixosVersion);
nixosVersion = mkDefault (maybeEnv "NIXOS_VERSION" (cfg.nixosRelease + cfg.nixosVersionSuffix));
nixosRevision = mkIf (pathExists gitRepo) (mkDefault gitCommitId);
nixosVersionSuffix = mkIf (pathExists gitRepo) (mkDefault (".git." + gitCommitId));
# Note: code names must only increase in alphabetical order.
nixosCodeName = "Flounder";

5
nixos/modules/module-list.nix
View File

@ -62,7 +62,8 @@
./programs/bash/bash.nix
./programs/blcr.nix
./programs/cdemu.nix
./programs/command-not-found/command-not-found.nix
# see https://github.com/NixOS/nixos-channel-scripts/issues/4
#./programs/command-not-found/command-not-found.nix
./programs/dconf.nix
./programs/environment.nix
./programs/freetds.nix
@ -346,6 +347,7 @@
./services/networking/mjpg-streamer.nix
./services/networking/minidlna.nix
./services/networking/miniupnpd.nix
./services/networking/mosquitto.nix
./services/networking/mstpd.nix
./services/networking/murmur.nix
./services/networking/namecoind.nix
@ -395,6 +397,7 @@
./services/networking/tftpd.nix
./services/networking/tlsdated.nix
./services/networking/tox-bootstrapd.nix
./services/networking/toxvpn.nix
./services/networking/tvheadend.nix
./services/networking/unbound.nix
./services/networking/unifi.nix

12
nixos/modules/programs/fish.nix
View File

@ -84,19 +84,19 @@ in
set fish_function_path $fish_function_path ${pkgs.fish-foreign-env}/share/fish-foreign-env/functions
fenv source ${config.system.build.setEnvironment} 1> /dev/null
fenv source /etc/fish/foreign-env/shellInit 1> /dev/null
fenv source ${config.system.build.setEnvironment} > /dev/null ^&1
fenv source /etc/fish/foreign-env/shellInit > /dev/null
${cfg.shellInit}
if builtin status --is-login
fenv source /etc/fish/foreign-env/loginShellInit 1> /dev/null
if status --is-login
fenv source /etc/fish/foreign-env/loginShellInit > /dev/null
${cfg.loginShellInit}
end
if builtin status --is-interactive
if status --is-interactive
${fishAliases}
fenv source /etc/fish/foreign-env/interactiveShellInit 1> /dev/null
fenv source /etc/fish/foreign-env/interactiveShellInit > /dev/null
${cfg.interactiveShellInit}
end
'';

2
nixos/modules/programs/man.nix
View File

@ -19,7 +19,7 @@ with lib;
config = mkIf config.programs.man.enable {
environment.systemPackages = [ pkgs.man ];
environment.systemPackages = [ pkgs.man-db ];
environment.pathsToLink = [ "/share/man" ];

143
nixos/modules/programs/tmux.nix
View File

@ -5,8 +5,57 @@ let
cfg = config.programs.tmux;
in
{
defaultKeyMode = "emacs";
defaultResize = 5;
defaultShortcut = "b";
defaultTerminal = "screen";
boolToStr = value: if value then "on" else "off";
tmuxConf = ''
set -g default-terminal "${cfg.terminal}"
set -g base-index ${toString cfg.baseIndex}
setw -g pane-base-index ${toString cfg.baseIndex}
${if cfg.newSession then "new-session" else ""}
${if cfg.reverseSplit then ''
bind v split-window -h
bind s split-window -v
'' else ""}
set -g status-keys ${cfg.keyMode}
set -g mode-keys ${cfg.keyMode}
${if cfg.keyMode == "vi" then ''
bind h select-pane -L
bind j select-pane -D
bind k select-pane -U
bind l select-pane -R
bind -r H resize-pane -L ${toString cfg.resizeAmount}
bind -r J resize-pane -D ${toString cfg.resizeAmount}
bind -r K resize-pane -U ${toString cfg.resizeAmount}
bind -r L resize-pane -R ${toString cfg.resizeAmount}
'' else ""}
${if (cfg.shortcut != defaultShortcut) then ''
# rebind main key: C-${cfg.shortcut}
unbind C-${defaultShortcut}
set -g prefix C-${cfg.shortcut}
bind ${cfg.shortcut} send-prefix
bind C-${cfg.shortcut} last-window
'' else ""}
setw -g aggressive-resize ${boolToStr cfg.aggressiveResize}
setw -g clock-mode-style ${if cfg.clock24 then "24" else "12"}
set -s escape-time ${toString cfg.escapeTime}
set -g history-limit ${toString cfg.historyLimit}
${cfg.extraTmuxConf}
'';
in {
###### interface
options = {
@ -14,13 +63,92 @@ in
enable = mkEnableOption "<command>tmux</command> - a <command>screen</command> replacement.";
tmuxconf = mkOption {
aggressiveResize = mkOption {
default = false;
example = true;
type = types.bool;
description = ''
Resize the window to the size of the smallest session for which it is the current window.
'';
};
baseIndex = mkOption {
default = 0;
example = 1;
type = types.int;
description = "Base index for windows and panes.";
};
clock24 = mkOption {
default = false;
example = true;
type = types.bool;
description = "Use 24 hour clock.";
};
escapeTime = mkOption {
default = 500;
example = 0;
type = types.int;
description = "Time in milliseconds for which tmux waits after an escape is input.";
};
extraTmuxConf = mkOption {
default = "";
description = ''
The contents of /etc/tmux.conf
Additional contents of /etc/tmux.conf
'';
type = types.lines;
};
historyLimit = mkOption {
default = 2000;
example = 5000;
type = types.int;
description = "Maximum number of lines held in window history.";
};
keyMode = mkOption {
default = defaultKeyMode;
example = "vi";
type = types.enum [ "emacs" "vi" ];
description = "VI or Emacs style shortcuts.";
};
newSession = mkOption {
default = false;
example = true;
type = types.bool;
description = "Automatically spawn a session if trying to attach and none are running.";
};
reverseSplit = mkOption {
default = false;
example = true;
type = types.bool;
description = "Reverse the window split shortcuts.";
};
resizeAmount = mkOption {
default = defaultResize;
example = 10;
type = types.int;
description = "Number of lines/columns when resizing.";
};
shortcut = mkOption {
default = defaultShortcut;
example = "a";
type = types.str;
description = "Ctrl following by this key is used as the main shortcut.";
};
terminal = mkOption {
default = defaultTerminal;
example = "screen-256color";
type = types.str;
description = "Set the $TERM variable.";
};
};
};
@ -28,8 +156,13 @@ in
config = mkIf cfg.enable {
environment = {
etc."tmux.conf".text = tmuxConf;
systemPackages = [ pkgs.tmux ];
etc."tmux.conf".text = cfg.tmuxconf;
variables = {
TMUX_TMPDIR = ''''${XDG_RUNTIME_DIR:-"/run/user/\$(id -u)"}'';
};
};
};
}

2
nixos/modules/rename.nix
View File

@ -34,6 +34,8 @@ with lib;
# Old Grub-related options.
(mkRenamedOptionModule [ "boot" "initrd" "extraKernelModules" ] [ "boot" "initrd" "kernelModules" ])
(mkRenamedOptionModule [ "boot" "extraKernelParams" ] [ "boot" "kernelParams" ])
(mkRenamedOptionModule [ "boot" "loader" "grub" "timeout" ] [ "boot" "loader" "timeout" ])
(mkRenamedOptionModule [ "boot" "loader" "gummiboot" "timeout" ] [ "boot" "loader" "timeout" ])
# smartd
(mkRenamedOptionModule [ "services" "smartd" "deviceOpts" ] [ "services" "smartd" "defaults" "monitored" ])

2
nixos/modules/security/setuid-wrappers.nix
View File

@ -96,7 +96,7 @@ in
}:
''
if ! source=${if source != "" then source else "$(PATH=$SETUID_PATH type -tP ${program})"}; then
if ! source=${if source != "" then source else "$(readlink -f $(PATH=$SETUID_PATH type -tP ${program}))"}; then
# If we can't find the program, fall back to the
# system profile.
source=/nix/var/nix/profiles/default/bin/${program}

4
nixos/modules/services/computing/slurm/slurm.nix
View File

@ -40,7 +40,7 @@ in
defaultText = "pkgs.slurm-llnl";
example = literalExample "pkgs.slurm-llnl-full";
description = ''
The packge to use for slurm binaries.
The package to use for slurm binaries.
'';
};
@ -111,7 +111,7 @@ in
builder = pkgs.writeText "builder.sh" ''
source $stdenv/setup
mkdir -p $out/bin
find ${cfg.package}/bin -type f -executable | while read EXE
find ${getBin cfg.package}/bin -type f -executable | while read EXE
do
exename="$(basename $EXE)"
wrappername="$out/bin/$exename"

24
nixos/modules/services/databases/redis.nix
View File

@ -68,6 +68,22 @@ in
description = "The port for Redis to listen to.";
};
vmOverCommit = mkOption {
type = types.bool;
default = false;
description = ''
Set vm.overcommit_memory to 1 (Suggested for Background Saving: http://redis.io/topics/faq)
'';
};
openFirewall = mkOption {
type = types.bool;
default = false;
description = ''
Whether to open ports in the firewall for the server.
'';
};
bind = mkOption {
type = with types; nullOr str;
default = null; # All interfaces
@ -193,6 +209,14 @@ in
config = mkIf config.services.redis.enable {
boot.kernel.sysctl = mkIf cfg.vmOverCommit {
"vm.overcommit_memory" = "1";
};
networking.firewall = mkIf cfg.openFirewall {
allowedTCPPorts = [ cfg.port ];
};
users.extraUsers.redis =
{ name = cfg.user;
uid = config.ids.uids.redis;

2
nixos/modules/services/desktops/gnome3/gnome-keyring.nix
View File

@ -36,7 +36,7 @@ in
environment.systemPackages = [ gnome3.gnome_keyring ];
services.dbus.packages = [ gnome3.gnome_keyring ];
services.dbus.packages = [ gnome3.gnome_keyring gnome3.gcr ];
};

11
nixos/modules/services/mail/opensmtpd.nix
View File

@ -107,7 +107,16 @@ in {
wantedBy = [ "multi-user.target" ];
wants = [ "network.target" ];
after = [ "network.target" ];
preStart = "mkdir -p /var/spool";
preStart = ''
mkdir -p /var/spool/smtpd
mkdir -p /var/spool/smtpd/offline
chown root.smtpq /var/spool/smtpd/offline
chmod 770 /var/spool/smtpd/offline
mkdir -p /var/spool/smtpd/purge
chmod 700 /var/spool/smtpd/purge
'';
serviceConfig.ExecStart = "${opensmtpd}/sbin/smtpd -d -f ${conf} ${args}";
environment.OPENSMTPD_PROC_PATH = "${procEnv}/libexec/opensmtpd";
};

2
nixos/modules/services/network-filesystems/diod.nix
View File

@ -153,7 +153,7 @@ in
after = [ "network.target" ];
serviceConfig = {
ExecStart = "${pkgs.diod}/sbin/diod -f -c ${diodConfig}";
Capabilities = "cap_net_bind_service+=ep";
CapabilityBoundingSet = "cap_net_bind_service+=ep";
};
};
};

6
nixos/modules/services/networking/chrony.nix
View File

@ -64,7 +64,7 @@ in
###### implementation
config = mkIf config.services.chrony.enable {
config = mkIf cfg.enable {
# Make chronyc available in the system path
environment.systemPackages = [ pkgs.chrony ];
@ -101,12 +101,14 @@ in
home = stateDir;
};
systemd.services.ntpd.enable = false;
systemd.services.ntpd.enable = mkForce false;
systemd.services.chronyd =
{ description = "chrony NTP daemon";
wantedBy = [ "multi-user.target" ];
wants = [ "time-sync.target" ];
before = [ "time-sync.target" ];
after = [ "network.target" ];
conflicts = [ "ntpd.service" "systemd-timesyncd.service" ];

2
nixos/modules/services/networking/dnscrypt-proxy.nix
View File

@ -90,7 +90,7 @@ in
example = literalExample "${pkgs.dnscrypt-proxy}/share/dnscrypt-proxy/dnscrypt-resolvers.csv";
default = pkgs.fetchurl {
url = "https://raw.githubusercontent.com/jedisct1/dnscrypt-proxy/master/dnscrypt-resolvers.csv";
sha256 = "07kbbisrvrqdxif3061hxj3whin3llg4nh50ln7prisi2vbd76xd";
sha256 = "0lac20qhcgjxxiiz8jzcn3hkqj4ywl58hahp5n2i6vf9akfyqp7c";
};
defaultText = "pkgs.fetchurl { url = ...; sha256 = ...; }";
};

219
nixos/modules/services/networking/mosquitto.nix Normal file
View File

@ -0,0 +1,219 @@
{ config, lib, pkgs, ...}:
with lib;
let
cfg = config.services.mosquitto;
listenerConf = optionalString cfg.ssl.enable ''
listener ${toString cfg.ssl.port} ${cfg.ssl.host}
cafile ${cfg.ssl.cafile}
certfile ${cfg.ssl.certfile}
keyfile ${cfg.ssl.keyfile}
'';
mosquittoConf = pkgs.writeText "mosquitto.conf" ''
pid_file /run/mosquitto/pid
acl_file ${aclFile}
persistence true
allow_anonymous ${if cfg.allowAnonymous then "true" else "false"}
bind_address ${cfg.host}
port ${toString cfg.port}
${listenerConf}
${cfg.extraConf}
'';
userAcl = (concatStringsSep "\n\n" (mapAttrsToList (n: c:
"user ${n}\n" + (concatStringsSep "\n" c.acl)) cfg.users
));
aclFile = pkgs.writeText "mosquitto.acl" ''
${cfg.aclExtraConf}
${userAcl}
'';
in
{
###### Interface
options = {
services.mosquitto = {
enable = mkEnableOption "Enable the MQTT Mosquitto broker.";
host = mkOption {
default = "127.0.0.1";
example = "0.0.0.0";
type = types.string;
description = ''
Host to listen on without SSL.
'';
};
port = mkOption {
default = 1883;
example = 1883;
type = types.int;
description = ''
Port on which to listen without SSL.
'';
};
ssl = {
enable = mkEnableOption "Enable SSL listener.";
cafile = mkOption {
type = types.nullOr types.path;
default = null;
description = "Path to PEM encoded CA certificates.";
};
certfile = mkOption {
type = types.nullOr types.path;
default = null;
description = "Path to PEM encoded server certificate.";
};
keyfile = mkOption {
type = types.nullOr types.path;
default = null;
description = "Path to PEM encoded server key.";
};
host = mkOption {
default = "0.0.0.0";
example = "localhost";
type = types.string;
description = ''
Host to listen on with SSL.
'';
};
port = mkOption {
default = 8883;
example = 8883;
type = types.int;
description = ''
Port on which to listen with SSL.
'';
};
};
dataDir = mkOption {
default = "/var/lib/mosquitto";
type = types.path;
description = ''
The data directory.
'';
};
users = mkOption {
type = types.attrsOf (types.submodule {
options = {
password = mkOption {
type = with types; uniq (nullOr str);
default = null;
description = ''
Specifies the (clear text) password for the MQTT User.
'';
};
hashedPassword = mkOption {
type = with types; uniq (nullOr str);
default = null;
description = ''
Specifies the hashed password for the MQTT User.
<option>hashedPassword</option> overrides <option>password</option>.
To generate hashed password install <literal>mkpasswd</literal>
package and run <literal>mkpasswd -m sha-512</literal>.
'';
};
acl = mkOption {
type = types.listOf types.string;
example = [ "topic read A/B" "topic A/#" ];
description = ''
Control client access to topics on the broker.
'';
};
};
});
example = { john = { password = "123456"; acl = [ "topic readwrite john/#" ]; }; };
description = ''
A set of users and their passwords and ACLs.
'';
};
allowAnonymous = mkOption {
default = false;
example = true;
type = types.bool;
description = ''
Allow clients to connect without authentication.
'';
};
extraConf = mkOption {
default = "";
type = types.lines;
description = ''
Extra config to append to `mosquitto.conf` file.
'';
};
aclExtraConf = mkOption {
default = "";
type = types.lines;
description = ''
Extra config to prepend to the ACL file.
'';
};
};
};
###### Implementation
config = mkIf cfg.enable {
systemd.services.mosquitto = {
description = "Mosquitto MQTT Broker Daemon";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig = {
Type = "forking";
User = "mosquitto";
Group = "mosquitto";
RuntimeDirectory = "mosquitto";
WorkingDirectory = cfg.dataDir;
Restart = "on-failure";
ExecStart = "${pkgs.mosquitto}/bin/mosquitto -c ${mosquittoConf} -d";
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
PIDFile = "/run/mosquitto/pid";
};
preStart = ''
rm -f ${cfg.dataDir}/passwd
touch ${cfg.dataDir}/passwd
'' + concatStringsSep "\n" (
mapAttrsToList (n: c:
if c.hashedPassword != null then
"echo '${n}:${c.hashedPassword}' > ${cfg.dataDir}/passwd"
else optionalString (c.password != null)
"${pkgs.mosquitto}/bin/mosquitto_passwd -b ${cfg.dataDir}/passwd ${n} ${c.password}"
) cfg.users);
};
users.extraUsers.mosquitto = {
description = "Mosquitto MQTT Broker Daemon owner";
group = "mosquitto";
uid = config.ids.uids.mosquitto;
home = cfg.dataDir;
createHome = true;
};
users.extraGroups.mosquitto.gid = config.ids.gids.mosquitto;
};
}

8
nixos/modules/services/networking/networkmanager.nix
View File

@ -114,12 +114,10 @@ in {
# Ugly hack for using the correct gnome3 packageSet
basePackages = mkOption {
type = types.attrsOf types.package;
default = { inherit modemmanager wpa_supplicant
default = { inherit networkmanager modemmanager wpa_supplicant
networkmanager_openvpn networkmanager_vpnc
networkmanager_openconnect
networkmanager_pptp networkmanager_l2tp;
networkmanager = networkmanager.out;
};
networkmanager_pptp networkmanager_l2tp; };
internal = true;
};
@ -189,7 +187,7 @@ in {
boot.kernelModules = [ "ppp_mppe" ]; # Needed for most (all?) PPTP VPN connections.
environment.etc = with mapAttrs (name: getBin) cfg.basePackages; [
environment.etc = with cfg.basePackages; [
{ source = ipUpScript;
target = "NetworkManager/dispatcher.d/01nixos-ip-up";
}

2
nixos/modules/services/networking/ntpd.nix
View File

@ -82,6 +82,8 @@ in
{ description = "NTP Daemon";
wantedBy = [ "multi-user.target" ];
wants = [ "time-sync.target" ];
before = [ "time-sync.target" ];
preStart =
''

3
nixos/modules/services/networking/openntpd.nix
View File

@ -64,7 +64,8 @@ in
systemd.services.openntpd = {
description = "OpenNTP Server";
wantedBy = [ "multi-user.target" ];
wants = [ "network-online.target" ];
wants = [ "network-online.target" "time-sync.target" ];
before = [ "time-sync.target" ];
after = [ "dnsmasq.service" "bind.service" "network-online.target" ];
serviceConfig.ExecStart = "${package}/sbin/ntpd -d -f ${cfgFile} ${cfg.extraOptions}";
};

4
nixos/modules/services/networking/syncthing.nix
View File

@ -121,7 +121,7 @@ in
User = cfg.user;
Group = cfg.group;
PermissionsStartOnly = true;
ExecStart = "${pkgs.syncthing}/bin/syncthing -no-browser -home=${cfg.dataDir}";
ExecStart = "${cfg.package}/bin/syncthing -no-browser -home=${cfg.dataDir}";
};
};
};
@ -129,7 +129,7 @@ in
systemd.user.services = {
syncthing = header // {
serviceConfig = service // {
ExecStart = "${pkgs.syncthing}/bin/syncthing -no-browser";
ExecStart = "${cfg.package}/bin/syncthing -no-browser";
};
};
};

54
nixos/modules/services/networking/toxvpn.nix Normal file
View File

@ -0,0 +1,54 @@
{ config, stdenv, pkgs, lib, ... }:
with lib;
{
options = {
services.toxvpn = {
enable = mkEnableOption "enable toxvpn running on startup";
localip = mkOption {
type = types.string;
default = "10.123.123.1";
description = "your ip on the vpn";
};
port = mkOption {
type = types.int;
default = 33445;
description = "udp port for toxcore, port-forward to help with connectivity if you run many nodes behind one NAT";
};
};
};
config = mkIf config.services.toxvpn.enable {
systemd.services.toxvpn = {
description = "toxvpn daemon";
requires = [ "network-online.target" ]; # consider replacing by NetworkManager-wait-online.service
wantedBy = [ "multi-user.target" ];
preStart = ''
mkdir -p /run/toxvpn || true
chown toxvpn /run/toxvpn
'';
serviceConfig = {
ExecStart = "${pkgs.toxvpn}/bin/toxvpn -i ${config.services.toxvpn.localip} -l /run/toxvpn/control -u toxvpn -p ${toString config.services.toxvpn.port}";
KillMode = "process";
Restart = "on-success";
Type = "notify";
};
restartIfChanged = false; # Likely to be used for remote admin
};
users.extraUsers = {
toxvpn = {
uid = config.ids.uids.toxvpn;
home = "/var/lib/toxvpn";
createHome = true;
};
};
};
}

2
nixos/modules/services/networking/unbound.nix
View File

@ -106,8 +106,10 @@ in
preStart = ''
mkdir -m 0755 -p ${stateDir}/dev/
cp ${confFile} ${stateDir}/unbound.conf
${optionalString cfg.enableRootTrustAnchor ''
${pkgs.unbound}/bin/unbound-anchor -a ${rootTrustAnchorFile}
chown unbound ${stateDir} ${rootTrustAnchorFile}
''}
touch ${stateDir}/dev/random
${pkgs.utillinux}/bin/mount --bind -n /dev/random ${stateDir}/dev/random
'';

2
nixos/modules/services/security/fail2ban.nix
View File

@ -102,7 +102,7 @@ in
partOf = optional config.networking.firewall.enable "firewall.service";
restartTriggers = [ fail2banConf jailConf ];
path = [ pkgs.fail2ban pkgs.iptables ];
path = [ pkgs.fail2ban pkgs.iptables pkgs.iproute ];
preStart =
''

2
nixos/modules/services/system/dbus.nix
View File

@ -110,7 +110,7 @@ in
};
services.dbus.packages = [
pkgs.dbus
pkgs.dbus.out
config.system.path
];

32
nixos/modules/services/torrent/transmission.nix
View File

@ -113,22 +113,22 @@ in
#include <abstractions/base>
#include <abstractions/nameservice>
${pkgs.glibc.out}/lib/*.so mr,
${pkgs.libevent.out}/lib/libevent*.so* mr,
${pkgs.curl.out}/lib/libcurl*.so* mr,
${pkgs.openssl.out}/lib/libssl*.so* mr,
${pkgs.openssl.out}/lib/libcrypto*.so* mr,
${pkgs.zlib.out}/lib/libz*.so* mr,
${pkgs.libssh2.out}/lib/libssh2*.so* mr,
${pkgs.systemd}/lib/libsystemd*.so* mr,
${pkgs.xz.out}/lib/liblzma*.so* mr,
${pkgs.libgcrypt.out}/lib/libgcrypt*.so* mr,
${pkgs.libgpgerror.out}/lib/libgpg-error*.so* mr,
${pkgs.nghttp2.lib}/lib/libnghttp2*.so* mr,
${pkgs.c-ares.out}/lib/libcares*.so* mr,
${pkgs.libcap.lib}/lib/libcap*.so* mr,
${pkgs.attr.out}/lib/libattr*.so* mr,
${pkgs.lz4}/lib/liblz4*.so* mr,
${getLib pkgs.glibc}/lib/*.so mr,
${getLib pkgs.libevent}/lib/libevent*.so* mr,
${getLib pkgs.curl}/lib/libcurl*.so* mr,
${getLib pkgs.openssl}/lib/libssl*.so* mr,
${getLib pkgs.openssl}/lib/libcrypto*.so* mr,
${getLib pkgs.zlib}/lib/libz*.so* mr,
${getLib pkgs.libssh2}/lib/libssh2*.so* mr,
${getLib pkgs.systemd}/lib/libsystemd*.so* mr,
${getLib pkgs.xz}/lib/liblzma*.so* mr,
${getLib pkgs.libgcrypt}/lib/libgcrypt*.so* mr,
${getLib pkgs.libgpgerror}/lib/libgpg-error*.so* mr,
${getLib pkgs.nghttp2}/lib/libnghttp2*.so* mr,
${getLib pkgs.c-ares}/lib/libcares*.so* mr,
${getLib pkgs.libcap}/lib/libcap*.so* mr,
${getLib pkgs.attr}/lib/libattr*.so* mr,
${getLib pkgs.lz4}/lib/liblz4*.so* mr,
@{PROC}/sys/kernel/random/uuid r,
@{PROC}/sys/vm/overcommit_memory r,

2
nixos/modules/services/web-servers/apache-httpd/mediawiki.nix
View File

@ -43,7 +43,7 @@ let
# Paths to external programs.
$wgDiff3 = "${pkgs.diffutils}/bin/diff3";
$wgDiff = "${pkgs.diffutils}/bin/diff";
$wgImageMagickConvertCommand = "${pkgs.imagemagick}/bin/convert";
$wgImageMagickConvertCommand = "${pkgs.imagemagick.out}/bin/convert";
#$wgDebugLogFile = "/tmp/mediawiki_debug_log.txt";

2
nixos/modules/services/x11/desktop-managers/gnome3.nix
View File

@ -44,7 +44,7 @@ let
${cfg.extraGSettingsOverrides}
EOF
${pkgs.glib}/bin/glib-compile-schemas $out/share/gsettings-schemas/nixos-gsettings-overrides/glib-2.0/schemas/
${pkgs.glib.dev}/bin/glib-compile-schemas $out/share/gsettings-schemas/nixos-gsettings-overrides/glib-2.0/schemas/
'';
};

20
nixos/modules/services/x11/display-managers/default.nix
View File

@ -32,6 +32,12 @@ let
''
#! ${pkgs.bash}/bin/bash
${optionalString cfg.displayManager.logToJournal ''
if [ -z "$_DID_SYSTEMD_CAT" ]; then
_DID_SYSTEMD_CAT=1 exec ${config.systemd.package}/bin/systemd-cat -t xsession -- "$0" "$1"
fi
''}
. /etc/profile
cd "$HOME"
@ -39,7 +45,7 @@ let
sessionType="$1"
if [ "$sessionType" = default ]; then sessionType=""; fi
${optionalString (!cfg.displayManager.job.logsXsession) ''
${optionalString (!cfg.displayManager.job.logsXsession && !cfg.displayManager.logToJournal) ''
exec > ~/.xsession-errors 2>&1
''}
@ -83,6 +89,8 @@ let
# .local/share doesn't exist yet.
mkdir -p $HOME/.local/share
unset _DID_SYSTEMD_CAT
${cfg.displayManager.sessionCommands}
# Allow the user to execute commands at the beginning of the X session.
@ -278,6 +286,16 @@ in
};
logToJournal = mkOption {
type = types.bool;
default = true;
description = ''
By default, the stdout/stderr of sessions is written
to <filename>~/.xsession-errors</filename>. When this option
is enabled, it will instead be written to the journal.
'';
};
};
};

2
nixos/modules/services/x11/display-managers/kdm.nix
View File

@ -139,7 +139,7 @@ in
mkdir -m 0755 -p /var/lib/kdm
chown kdm /var/lib/kdm
${(optionalString (config.system.boot.loader.id == "grub" && config.system.build.grub != null) "PATH=${config.system.build.grub}/sbin:$PATH ") +
"KDEDIRS=/run/current-system/sw exec ${kdebase_workspace}/bin/kdm -config ${kdmrc} -nodaemon"}
"KDEDIRS=/run/current-system/sw exec ${kdebase_workspace}/bin/kdm -config ${kdmrc} -nodaemon -logfile /dev/stderr"}
'';
logsXsession = true;
};

4
nixos/modules/services/x11/hardware/synaptics.nix
View File

@ -169,10 +169,10 @@ in {
config = mkIf cfg.enable {
services.xserver.modules = [ pkg ];
services.xserver.modules = [ pkg.out ];
environment.etc."${etcFile}".source =
"${pkg}/share/X11/xorg.conf.d/50-synaptics.conf";
"${pkg.out}/share/X11/xorg.conf.d/50-synaptics.conf";
environment.systemPackages = [ pkg ];

5
nixos/modules/services/x11/xserver.nix
View File

@ -16,6 +16,7 @@ let
virtualbox = { modules = [ kernelPackages.virtualboxGuestAdditions ]; driverName = "vboxvideo"; };
ati = { modules = with pkgs.xorg; [ xf86videoati glamoregl ]; };
intel = { modules = with pkgs.xorg; [ xf86videointel glamoregl ]; };
modesetting = { modules = []; };
};
fontsForXServer =
@ -519,6 +520,7 @@ in
serviceConfig = {
Restart = "always";
RestartSec = "200ms";
SyslogIdentifier = "display-manager";
};
};
@ -526,10 +528,11 @@ in
[ "-terminate"
"-config ${configFile}"
"-xkbdir" "${cfg.xkbDir}"
# Log at the default verbosity level to stderr rather than /var/log/X.*.log.
"-verbose" "3" "-logfile" "/dev/null"
] ++ optional (cfg.display != null) ":${toString cfg.display}"
++ optional (cfg.tty != null) "vt${toString cfg.tty}"
++ optional (cfg.dpi != null) "-dpi ${toString cfg.dpi}"
++ optionals (cfg.display != null) [ "-logfile" "/var/log/X.${toString cfg.display}.log" ]
++ optional (!cfg.enableTCP) "-nolisten tcp";
services.xserver.modules =

4
nixos/modules/system/boot/initrd-ssh.nix
View File

@ -85,6 +85,10 @@ in
};
config = mkIf (config.boot.initrd.network.enable && cfg.enable) {
assertions = [ {
assertion = cfg.hostRSAKey != null || cfg.hostDSSKey != null || cfg.hostECDSAKey != null;
message = "You should specify at least one host key for initrd SSH";
} ];
boot.initrd.extraUtilsCommands = ''
copy_bin_and_libs ${pkgs.dropbear}/bin/dropbear

11
nixos/modules/system/boot/loader/grub/grub.nix
View File

@ -48,12 +48,13 @@ let
bootPath = args.path;
storePath = config.boot.loader.grub.storePath;
bootloaderId = if args.efiBootloaderId == null then "NixOS${efiSysMountPoint'}" else args.efiBootloaderId;
timeout = if config.boot.loader.timeout == null then -1 else config.boot.loader.timeout;
inherit efiSysMountPoint;
inherit (args) devices;
inherit (efi) canTouchEfiVariables;
inherit (cfg)
version extraConfig extraPerEntryConfig extraEntries
extraEntriesBeforeNixOS extraPrepareConfig configurationLimit copyKernels timeout
extraEntriesBeforeNixOS extraPrepareConfig configurationLimit copyKernels
default fsIdentifier efiSupport gfxmodeEfi gfxmodeBios;
path = (makeBinPath ([
pkgs.coreutils pkgs.gnused pkgs.gnugrep pkgs.findutils pkgs.diffutils pkgs.btrfs-progs
@ -313,14 +314,6 @@ in
'';
};
timeout = mkOption {
default = if (config.boot.loader.timeout != null) then config.boot.loader.timeout else -1;
type = types.int;
description = ''
Timeout (in seconds) until GRUB boots the default menu item.
'';
};
default = mkOption {
default = 0;
type = types.int;

16
nixos/modules/system/boot/loader/gummiboot/gummiboot.nix
View File

@ -16,7 +16,7 @@ let
nix = config.nix.package.out;
timeout = if cfg.timeout != null then cfg.timeout else "";
timeout = if config.boot.loader.timeout != null then config.boot.loader.timeout else "";
inherit (efi) efiSysMountPoint canTouchEfiVariables;
};
@ -29,20 +29,6 @@ in {
description = "Whether to enable the gummiboot UEFI boot manager";
};
timeout = mkOption {
default = if config.boot.loader.timeout == null then 10000 else config.boot.loader.timeout;
example = 4;
type = types.nullOr types.int;
description = ''
Timeout (in seconds) for how long to show the menu (null if none).
Note that even with no timeout the menu can be forced if the space
key is pressed during bootup
'';
};
};
config = mkIf cfg.enable {

44
nixos/modules/system/boot/luksroot.nix
View File

@ -5,7 +5,7 @@ with lib;
let
luks = config.boot.initrd.luks;
openCommand = { name, device, header, keyFile, keyFileSize, allowDiscards, yubikey, ... }: ''
openCommand = name': { name, device, header, keyFile, keyFileSize, allowDiscards, yubikey, ... }: assert name' == name; ''
# Wait for luksRoot to appear, e.g. if on a usb drive.
# XXX: copied and adapted from stage-1-init.sh - should be
# available as a function.
@ -192,9 +192,8 @@ let
''}
'';
isPreLVM = f: f.preLVM;
preLVM = filter isPreLVM luks.devices;
postLVM = filter (f: !(isPreLVM f)) luks.devices;
preLVM = filterAttrs (n: v: v.preLVM) luks.devices;
postLVM = filterAttrs (n: v: !v.preLVM) luks.devices;
in
{
@ -228,31 +227,31 @@ in
};
boot.initrd.luks.devices = mkOption {
default = [ ];
example = literalExample ''[ { name = "luksroot"; device = "/dev/sda3"; preLVM = true; } ]'';
default = { };
example = { "luksroot".device = "/dev/disk/by-uuid/430e9eff-d852-4f68-aa3b-2fa3599ebe08"; };
description = ''
The list of devices that should be decrypted using LUKS before trying to mount the
root partition. This works for both LVM-over-LUKS and LUKS-over-LVM setups.
The devices are decrypted to the device mapper names defined.
Make sure that initrd has the crypto modules needed for decryption.
The encrypted disk that should be opened before the root
filesystem is mounted. Both LVM-over-LUKS and LUKS-over-LVM
setups are sypported. The unencrypted devices can be accessed as
<filename>/dev/mapper/<replaceable>name</replaceable></filename>.
'';
type = types.listOf types.optionSet;
type = types.loaOf types.optionSet;
options = {
options = { name, ... }: { options = {
name = mkOption {
visible = false;
default = name;
example = "luksroot";
type = types.str;
description = "Named to be used for the generated device in /dev/mapper.";
description = "Name of the unencrypted device in <filename>/dev/mapper</filename>.";
};
device = mkOption {
example = "/dev/sda2";
example = "/dev/disk/by-uuid/430e9eff-d852-4f68-aa3b-2fa3599ebe08";
type = types.str;
description = "Path of the underlying block device.";
description = "Path of the underlying encrypted block device.";
};
header = mkOption {
@ -289,6 +288,7 @@ in
'';
};
# FIXME: get rid of this option.
preLVM = mkOption {
default = true;
type = types.bool;
@ -394,7 +394,7 @@ in
};
};
};
}; };
};
boot.initrd.luks.yubikeySupport = mkOption {
@ -408,7 +408,7 @@ in
};
};
config = mkIf (luks.devices != []) {
config = mkIf (luks.devices != {}) {
# actually, sbp2 driver is the one enabling the DMA attack, but this needs to be tested
boot.blacklistedKernelModules = optionals luks.mitigateDMAAttacks
@ -438,7 +438,7 @@ in
copy_bin_and_libs ${pkgs.ykpers}/bin/ykinfo
copy_bin_and_libs ${pkgs.openssl.bin}/bin/openssl
cc -O3 -I${pkgs.openssl}/include -L${pkgs.openssl.out}/lib ${./pbkdf2-sha512.c} -o pbkdf2-sha512 -lcrypto
cc -O3 -I${pkgs.openssl.dev}/include -L${pkgs.openssl.out}/lib ${./pbkdf2-sha512.c} -o pbkdf2-sha512 -lcrypto
strip -s pbkdf2-sha512
copy_bin_and_libs pbkdf2-sha512
@ -463,8 +463,8 @@ in
''}
'';
boot.initrd.preLVMCommands = concatMapStrings openCommand preLVM;
boot.initrd.postDeviceCommands = concatMapStrings openCommand postLVM;
boot.initrd.preLVMCommands = concatStrings (mapAttrsToList openCommand preLVM);
boot.initrd.postDeviceCommands = concatStrings (mapAttrsToList openCommand postLVM);
environment.systemPackages = [ pkgs.cryptsetup ];
};

7
nixos/modules/system/boot/systemd.nix
View File

@ -753,13 +753,6 @@ in
"TMPFS_XATTR" "SECCOMP"
];
environment.shellAliases =
{ start = "systemctl start";
stop = "systemctl stop";
restart = "systemctl restart";
status = "systemctl status";
};
users.extraGroups.systemd-journal.gid = config.ids.gids.systemd-journal;
users.extraUsers.systemd-journal-gateway.uid = config.ids.uids.systemd-journal-gateway;
users.extraGroups.systemd-journal-gateway.gid = config.ids.gids.systemd-journal-gateway;

2
nixos/modules/tasks/cpu-freq.nix
View File

@ -38,7 +38,7 @@ in
description = "CPU Frequency Governor Setup";
after = [ "systemd-modules-load.service" ];
wantedBy = [ "multi-user.target" ];
path = [ cpupower ];
path = [ cpupower config.system.sbin.modprobe ];
unitConfig.ConditionVirtualization = false;
serviceConfig = {
Type = "oneshot";

10
nixos/modules/testing/test-instrumentation.nix
View File

@ -113,6 +113,16 @@ let kernel = config.boot.kernelPackages.kernel; in
# Make it easy to log in as root when running the test interactively.
users.extraUsers.root.initialHashedPassword = mkOverride 150 "";
services.xserver.displayManager.logToJournal = true;
# Bump kdm's X server start timeout to account for heavily loaded
# VM host systems.
services.xserver.displayManager.kdm.extraConfig =
''
[X-:*-Core]
ServerTimeout=240
'';
};
}

2
nixos/modules/virtualisation/amazon-image.nix
View File

@ -32,8 +32,8 @@ let cfg = config.ec2; in
# Generate a GRUB menu. Amazon's pv-grub uses this to boot our kernel/initrd.
boot.loader.grub.version = if cfg.hvm then 2 else 1;
boot.loader.grub.device = if cfg.hvm then "/dev/xvda" else "nodev";
boot.loader.grub.timeout = 0;
boot.loader.grub.extraPerEntryConfig = mkIf (!cfg.hvm) "root (hd0)";
boot.loader.timeout = 0;
boot.initrd.postDeviceCommands =
''

4
nixos/modules/virtualisation/azure-common.nix
View File

@ -10,10 +10,10 @@ with lib;
boot.kernelParams = [ "console=ttyS0" "earlyprintk=ttyS0" "rootdelay=300" "panic=1" "boot.panic_on_fail" ];
boot.initrd.kernelModules = [ "hv_vmbus" "hv_netvsc" "hv_utils" "hv_storvsc" ];
# Generate a GRUB menu.
# Generate a GRUB menu.
boot.loader.grub.device = "/dev/sda";
boot.loader.grub.version = 2;
boot.loader.grub.timeout = 0;
boot.loader.timeout = 0;
# Don't put old configurations in the GRUB menu. The user has no
# way to select them anyway.

2
nixos/modules/virtualisation/brightbox-image.nix
View File

@ -94,7 +94,7 @@ in
# Generate a GRUB menu. Amazon's pv-grub uses this to boot our kernel/initrd.
boot.loader.grub.device = "/dev/vda";
boot.loader.grub.timeout = 0;
boot.loader.timeout = 0;
# Don't put old configurations in the GRUB menu. The user has no
# way to select them anyway.

6
nixos/modules/virtualisation/containers.nix
View File

@ -309,6 +309,10 @@ in
touch "$root/etc/os-release"
fi
if ! [ -e "$root/etc/machine-id" ]; then
touch "$root/etc/machine-id"
fi
mkdir -p -m 0755 \
"/nix/var/nix/profiles/per-container/$INSTANCE" \
"/nix/var/nix/gcroots/per-container/$INSTANCE"
@ -338,7 +342,7 @@ in
fi
''}
rm -f $root/var/lib/private/host-notify
# Run systemd-nspawn without startup notification (we'll
# wait for the container systemd to signal readiness).

2
nixos/modules/virtualisation/google-compute-image.nix
View File

@ -102,7 +102,7 @@ in
# Generate a GRUB menu. Amazon's pv-grub uses this to boot our kernel/initrd.
boot.loader.grub.device = "/dev/sda";
boot.loader.grub.timeout = 0;
boot.loader.timeout = 0;
# Don't put old configurations in the GRUB menu. The user has no
# way to select them anyway.

2
nixos/modules/virtualisation/nova-image.nix
View File

@ -27,7 +27,7 @@ with lib;
boot.kernelParams = [ "console=ttyS0" ];
boot.loader.grub.device = "/dev/vda";
boot.loader.grub.timeout = 0;
boot.loader.timeout = 0;
# Allow root logins
services.openssh.enable = true;

2
nixos/modules/virtualisation/qemu-vm.nix
View File

@ -465,7 +465,7 @@ in
});
swapDevices = mkVMOverride [ ];
boot.initrd.luks.devices = mkVMOverride [];
boot.initrd.luks.devices = mkVMOverride {};
# Don't run ntpd in the guest. It should get the correct time from KVM.
services.ntp.enable = false;

1
nixos/release-combined.nix
View File

@ -69,6 +69,7 @@ in rec {
(all nixos.tests.boot.uefiUsb)
(all nixos.tests.boot-stage1)
(all nixos.tests.ipv6)
(all nixos.tests.i3wm)
(all nixos.tests.kde4)
#(all nixos.tests.lightdm)
(all nixos.tests.login)

6
nixos/tests/boot.nix
View File

@ -12,7 +12,6 @@ let
modules =
[ ../modules/installer/cd-dvd/installation-cd-minimal.nix
../modules/testing/test-instrumentation.nix
{ key = "serial"; }
];
}).config.system.build.isoImage;
@ -30,20 +29,25 @@ let
'';
};
in {
biosCdrom = makeBootTest "bios-cdrom" ''
cdrom => glob("${iso}/iso/*.iso")
'';
biosUsb = makeBootTest "bios-usb" ''
usb => glob("${iso}/iso/*.iso")
'';
uefiCdrom = makeBootTest "uefi-cdrom" ''
cdrom => glob("${iso}/iso/*.iso"),
bios => '${pkgs.OVMF}/FV/OVMF.fd'
'';
uefiUsb = makeBootTest "uefi-usb" ''
usb => glob("${iso}/iso/*.iso"),
bios => '${pkgs.OVMF}/FV/OVMF.fd'
'';
netboot = let
config = (import ../lib/eval-config.nix {
inherit system;

8
nixos/tests/installer.nix
View File

@ -360,14 +360,8 @@ in {
"mount LABEL=boot /mnt/boot",
);
'';
# XXX: Currently, generate-config doesn't detect LUKS yet.
extraConfig = ''
boot.kernelParams = lib.mkAfter [ "console=tty0" ];
boot.initrd.luks.devices = lib.singleton {
name = "cryptroot";
device = "/dev/vda3";
preLVM = true;
};
'';
enableOCR = true;
preBootCommands = ''
@ -403,8 +397,6 @@ in {
"mkdir /mnt/boot",
"mount LABEL=boot /mnt/boot",
"udevadm settle",
"mdadm --verbose -W /dev/md0", # wait for sync to finish; booting off an unsynced device tends to fail
"mdadm --verbose -W /dev/md1",
);
'';
preBootCommands = ''

13
nixos/tests/virtualbox.nix
View File

@ -11,7 +11,7 @@ let
#!${pkgs.stdenv.shell} -xe
export PATH="${pkgs.coreutils}/bin:${pkgs.utillinux}/bin"
mkdir -p /etc/dbus-1 /var/run/dbus
mkdir -p /var/run/dbus
cat > /etc/passwd <<EOF
root:x:0:0::/root:/bin/false
messagebus:x:1:1::/var/run/dbus:/bin/false
@ -20,9 +20,9 @@ let
root:x:0:
messagebus:x:1:
EOF
cp -v "${pkgs.dbus.daemon}/etc/dbus-1/system.conf" \
/etc/dbus-1/system.conf
"${pkgs.dbus.daemon}/bin/dbus-daemon" --fork --system
"${pkgs.dbus.daemon}/bin/dbus-daemon" --fork \
--config-file="${pkgs.dbus.daemon}/share/dbus-1/system.conf"
${guestAdditions}/bin/VBoxService
${(attrs.vmScript or (const "")) pkgs}
@ -326,6 +326,7 @@ let
in [ ./common/user-account.nix ./common/x11.nix ] ++ vmConfigs;
virtualisation.memorySize = 2048;
virtualisation.virtualbox.host.enable = true;
services.xserver.displayManager.auto.user = "alice";
users.extraUsers.alice.extraGroups = let
inherit (config.virtualisation.virtualbox.host) enableHardening;
in lib.mkIf enableHardening (lib.singleton "vboxusers");
@ -363,7 +364,9 @@ in mapAttrs mkVBoxTest {
simple-gui = ''
createVM_simple;
$machine->succeed(ru "VirtualBox &");
$machine->waitForWindow(qr/Oracle VM VirtualBox Manager/);
$machine->waitUntilSucceeds(
ru "xprop -name 'Oracle VM VirtualBox Manager'"
);
$machine->sleep(5);
$machine->screenshot("gui_manager_started");
$machine->sendKeys("ret");

9
pkgs/applications/audio/audacious/default.nix
View File

@ -1,7 +1,7 @@
{ stdenv, fetchurl, pkgconfig, glib, gtk3, libmowgli, libmcs
, gettext, dbus_glib, libxml2, libmad, xorg, alsaLib, libogg
, libvorbis, libcdio, libcddb, flac, ffmpeg, makeWrapper
, mpg123, neon, faad2
, mpg123, neon, faad2, gnome3
}:
let version = "3.5.2"; in
@ -22,7 +22,7 @@ stdenv.mkDerivation {
buildInputs =
[ gettext pkgconfig glib gtk3 libmowgli libmcs libxml2 dbus_glib
libmad xorg.libXcomposite libogg libvorbis flac alsaLib libcdio
libcddb ffmpeg makeWrapper mpg123 neon faad2
libcddb ffmpeg makeWrapper mpg123 neon faad2 gnome3.defaultIconTheme
];
# Here we build bouth audacious and audacious-plugins in one
@ -48,8 +48,11 @@ stdenv.mkDerivation {
(
source $stdenv/setup
# gsettings schemas for file dialogues
# XDG_ICON_DIRS is set by hook for gnome3.defaultIconTheme
for file in "$out/bin/"*; do
wrapProgram "$file" --prefix XDG_DATA_DIRS : "$XDG_ADD:$GSETTINGS_SCHEMAS_PATH"
wrapProgram "$file" \
--prefix XDG_DATA_DIRS : "$XDG_ADD:$GSETTINGS_SCHEMAS_PATH" \
--suffix XDG_DATA_DIRS : "$XDG_ICON_DIRS"
done
)
'';

3
pkgs/applications/audio/groovebasin/default.nix
View File

@ -1,9 +1,10 @@
{ stdenv, fetchFromGitHub, makeWrapper, callPackage, libgroove, python, utillinux }:
{ stdenv, fetchFromGitHub, makeWrapper, callPackage, libgroove, python, utillinux, nodejs }:
with stdenv.lib;
let
nodePackages = callPackage (import ../../../top-level/node-packages.nix) {
inherit nodejs;
neededNatives = [ libgroove python utillinux ];
self = nodePackages;
generated = ./package.nix;

27
pkgs/applications/audio/mp3splt/default.nix
View File

@ -1,20 +1,27 @@
{ fetchurl, stdenv, libmp3splt, pkgconfig }:
{ stdenv, fetchurl, pkgconfig, libmp3splt }:
stdenv.mkDerivation rec {
name = "mp3splt-2.6.1";
pname = "mp3splt";
version = "2.6.2";
name = "${pname}-${version}";
src = fetchurl {
url = "http://prdownloads.sourceforge.net/mp3splt/${name}.tar.gz";
sha256 = "783a903fafbcf47f06673136a78b78d32a8e616a6ae06b79b459a32090dd14f7";
url = "mirror://sourceforge/${pname}/${name}.tar.gz";
sha256 = "1aiv20gypb6r84qabz8gblk8vi42cg3x333vk2pi3fyqvl82phry";
};
buildInputs = [ libmp3splt pkgconfig ];
configureFlags = [ "--enable-oggsplt-symlink" "--enable-flacsplt-symlink" ];
nativeBuildInputs = [ pkgconfig ];
buildInputs = [ libmp3splt ];
meta = {
description = "utility to split mp3, ogg vorbis and FLAC files without decoding";
outputs = [ "out" "man" ];
meta = with stdenv.lib; {
description = "Utility to split mp3, ogg vorbis and FLAC files without decoding";
homepage = http://sourceforge.net/projects/mp3splt/;
license = stdenv.lib.licenses.gpl2;
maintainers = [ stdenv.lib.maintainers.bosu ];
platforms = stdenv.lib.platforms.unix;
license = licenses.gpl2;
maintainers = [ maintainers.bosu ];
platforms = platforms.unix;
};
}

5
pkgs/applications/audio/pithos/default.nix
View File

@ -6,8 +6,6 @@ pythonPackages.buildPythonApplication rec {
version = "1.1.2";
name = "${pname}-${version}";
namePrefix = "";
src = fetchFromGitHub {
owner = pname;
repo = pname;
@ -15,6 +13,9 @@ pythonPackages.buildPythonApplication rec {
sha256 = "0zk9clfawsnwmgjbk7y5d526ksxd1pkh09ln6sb06v4ygaiifcxp";
};
# No tests in repo
doCheck = false;
postPatch = ''
substituteInPlace setup.py --replace "/usr/share" "$out/share"
'';

0
pkgs/applications/audio/QmidiNet/default.nix → pkgs/applications/audio/qmidinet/default.nix
View File

4
pkgs/applications/audio/qmmp/default.nix
View File

@ -28,11 +28,11 @@
# handle that.
stdenv.mkDerivation rec {
name = "qmmp-0.8.4";
name = "qmmp-0.9.9";
src = fetchurl {
url = "http://qmmp.ylsoftware.com/files/${name}.tar.bz2";
sha256 = "1ld69xypyak3lzwmfvzbxsyd4fl841aaq0gmkfa7jpavbdlggydf";
sha256 = "1wv4kbjq50xflhrl1jjf1hm3rrw599xkd72dwm4rscm0sdvzhnc1";
};
buildInputs =

2
pkgs/applications/display-managers/slim/default.nix
View File

@ -28,7 +28,7 @@ stdenv.mkDerivation rec {
cmakeFlags = [ "-DUSE_PAM=1" ];
NIX_CFLAGS_COMPILE = "-I${freetype}/include/freetype -std=c++11";
NIX_CFLAGS_COMPILE = "-I${freetype.dev}/include/freetype -std=c++11";
enableParallelBuilding = true;

2
pkgs/applications/editors/emacs-25/default.nix
View File

@ -64,7 +64,7 @@ stdenv.mkDerivation rec {
"--with-gif=no" "--with-tiff=no" ];
NIX_CFLAGS_COMPILE = stdenv.lib.optionalString (stdenv.isDarwin && withX)
"-I${cairo}/include/cairo";
"-I${cairo.dev}/include/cairo";
preBuild = ''
find . -name '*.elc' -delete

47
pkgs/applications/editors/emacs-modes/elpa-generated.nix
View File

@ -81,10 +81,10 @@
aggressive-indent = callPackage ({ cl-lib ? null, elpaBuild, emacs, fetchurl, lib }:
elpaBuild {
pname = "aggressive-indent";
version = "1.7";
version = "1.8.1";
src = fetchurl {
url = "https://elpa.gnu.org/packages/aggressive-indent-1.7.el";
sha256 = "0z2zsw0qnzcabsz2frfsjhfg7qa4nbmprrd41yjfxq62d12wg70m";
url = "https://elpa.gnu.org/packages/aggressive-indent-1.8.1.el";
sha256 = "07d311dwg6rpzydh9bw9dn1djf4x4f00ma41jmsl35mcd2m0bpz8";
};
packageRequires = [ cl-lib emacs ];
meta = {
@ -95,10 +95,10 @@
ahungry-theme = callPackage ({ elpaBuild, emacs, fetchurl, lib }:
elpaBuild {
pname = "ahungry-theme";
version = "1.1.0";
version = "1.2.0";
src = fetchurl {
url = "https://elpa.gnu.org/packages/ahungry-theme-1.1.0.tar";
sha256 = "1jy2h4r72fr26yavs0s8dy1xnkxvaf2hsrlm63f6sng81njj9dgx";
url = "https://elpa.gnu.org/packages/ahungry-theme-1.2.0.tar";
sha256 = "04z9d8xszgsl6p02gf3yixgj8kwwb6rfc6bq1b3sz95n3v9wmg9d";
};
packageRequires = [ emacs ];
meta = {
@ -162,10 +162,10 @@
}) {};
async = callPackage ({ elpaBuild, fetchurl, lib }: elpaBuild {
pname = "async";
version = "1.6";
version = "1.9";
src = fetchurl {
url = "https://elpa.gnu.org/packages/async-1.6.tar";
sha256 = "17psvz75n42x33my967wkgi7r0blx46n3jdv510j0z5jswv66039";
url = "https://elpa.gnu.org/packages/async-1.9.tar";
sha256 = "1ip5nc8xyln5szvqwp6wqva9xr84pn8ssn3nnphrszr19y4js2bm";
};
packageRequires = [];
meta = {
@ -566,10 +566,10 @@
}) {};
el-search = callPackage ({ elpaBuild, emacs, fetchurl, lib }: elpaBuild {
pname = "el-search";
version = "0.1.3";
version = "0.2";
src = fetchurl {
url = "https://elpa.gnu.org/packages/el-search-0.1.3.el";
sha256 = "1iwglpzs78zy07k3ijbwgv9781bs5cpf088giyz6bn5amfpp1jks";
url = "https://elpa.gnu.org/packages/el-search-0.2.el";
sha256 = "1ps4p79xrvsdys9yh1wyk4zdly6c55agbqa6f8q3xkwc9sva9lw9";
};
packageRequires = [ emacs ];
meta = {
@ -850,8 +850,8 @@
pname = "javaimp";
version = "0.6";
src = fetchurl {
url = "https://elpa.gnu.org/packages/javaimp-0.6.el";
sha256 = "00a37jv9wbzy521a15vk7a66rsf463zzr57adc8ii2m4kcyldpqh";
url = "https://elpa.gnu.org/packages/javaimp-0.6.tar";
sha256 = "015kchx6brsjk7q6lz9y44a18n5imapd95czx50hqdscjczmj2ff";
};
packageRequires = [];
meta = {
@ -1505,6 +1505,19 @@
license = lib.licenses.free;
};
}) {};
smart-yank = callPackage ({ elpaBuild, emacs, fetchurl, lib }: elpaBuild {
pname = "smart-yank";
version = "0.1.1";
src = fetchurl {
url = "https://elpa.gnu.org/packages/smart-yank-0.1.1.el";
sha256 = "1v7hbn8pl4bzal31m132dn04rgsgjjcc7k2knd1jqzk1wq6azpdn";
};
packageRequires = [ emacs ];
meta = {
homepage = "https://elpa.gnu.org/packages/smart-yank.html";
license = lib.licenses.free;
};
}) {};
sml-mode = callPackage ({ elpaBuild, fetchurl, lib }: elpaBuild {
pname = "sml-mode";
version = "6.7";
@ -1905,10 +1918,10 @@
xelb = callPackage ({ cl-generic, elpaBuild, emacs, fetchurl, lib }:
elpaBuild {
pname = "xelb";
version = "0.6";
version = "0.7";
src = fetchurl {
url = "https://elpa.gnu.org/packages/xelb-0.6.tar";
sha256 = "1m91af5srxq8zs9w4gb44kl4bgka8fq7k33h7f2yn213h23kvvvh";
url = "https://elpa.gnu.org/packages/xelb-0.7.tar";
sha256 = "0i4336a8xns6zp82dj77w5gjgv3mfngcjsw7ghyf7bb7flh8ipw1";
};
packageRequires = [ cl-generic emacs ];
meta = {

6
pkgs/applications/editors/emacs-modes/emacs-w3m/default.nix
View File

@ -19,11 +19,11 @@ stdenv.mkDerivation rec {
patchPhase = ''
sed -i "w3m.el" \
-e 's|defcustom w3m-command nil|defcustom w3m-command "${w3m}/bin/w3m"|g ;
s|(w3m-which-command "display")|"${imagemagick}/bin/display"|g'
s|(w3m-which-command "display")|"${imagemagick.out}/bin/display"|g'
sed -i "w3m-image.el" \
-e 's|(w3m-which-command "convert")|"${imagemagick}/bin/convert"|g ;
s|(w3m-which-command "identify")|"${imagemagick}/bin/identify"|g'
-e 's|(w3m-which-command "convert")|"${imagemagick.out}/bin/convert"|g ;
s|(w3m-which-command "identify")|"${imagemagick.out}/bin/identify"|g'
'';
configureFlags = [

7721
pkgs/applications/editors/emacs-modes/melpa-generated.nix
View File

File diff suppressed because it is too large Load Diff

3
pkgs/applications/editors/emacs-modes/melpa-packages.nix
View File

@ -60,9 +60,6 @@ self:
# upstream issue: missing file header
connection = markBroken super.connection;
# upstream issue: missing file header
crux = markBroken super.crux;
# upstream issue: missing file header
dictionary = markBroken super.dictionary;

3380
pkgs/applications/editors/emacs-modes/melpa-stable-generated.nix
View File

File diff suppressed because it is too large Load Diff

5
pkgs/applications/editors/idea/common.nix
View File

@ -1,7 +1,7 @@
{ stdenv, fetchurl, makeDesktopItem, makeWrapper, patchelf, p7zip
, coreutils, gnugrep, which, git, python, unzip, jdk }:
{ name, product, version, build, src, meta } @ attrs:
{ name, product, version, build, src, wmClass, meta } @ attrs:
with stdenv.lib;
@ -20,6 +20,9 @@ with stdenv; lib.makeOverridable mkDerivation rec {
genericName = meta.description;
categories = "Application;Development;";
icon = execName;
extraEntries = ''
StartupWMClass=${wmClass}
'';
};
buildInputs = [ makeWrapper patchelf p7zip unzip ];

40
pkgs/applications/editors/idea/default.nix
View File

@ -10,9 +10,9 @@ let
bnumber = with stdenv.lib; build: last (splitString "-" build);
mkIdeaProduct = callPackage ./common.nix { };
buildAndroidStudio = { name, version, build, src, license, description }:
buildAndroidStudio = { name, version, build, src, license, description, wmClass }:
let drv = (mkIdeaProduct rec {
inherit name version build src;
inherit name version build src wmClass;
product = "Studio";
meta = with stdenv.lib; {
homepage = https://developer.android.com/sdk/installing/studio.html;
@ -35,9 +35,9 @@ let
'';
});
buildClion = { name, version, build, src, license, description }:
buildClion = { name, version, build, src, license, description, wmClass }:
(mkIdeaProduct rec {
inherit name version build src;
inherit name version build src wmClass;
product = "CLion";
meta = with stdenv.lib; {
homepage = "https://www.jetbrains.com/clion/";
@ -51,9 +51,9 @@ let
};
});
buildIdea = { name, version, build, src, license, description }:
buildIdea = { name, version, build, src, license, description, wmClass }:
(mkIdeaProduct rec {
inherit name version build src;
inherit name version build src wmClass;
product = "IDEA";
meta = with stdenv.lib; {
homepage = "https://www.jetbrains.com/idea/";
@ -68,9 +68,9 @@ let
};
});
buildRubyMine = { name, version, build, src, license, description }:
buildRubyMine = { name, version, build, src, license, description, wmClass }:
(mkIdeaProduct rec {
inherit name version build src;
inherit name version build src wmClass;
product = "RubyMine";
meta = with stdenv.lib; {
homepage = "https://www.jetbrains.com/ruby/";
@ -81,9 +81,9 @@ let
};
});
buildPhpStorm = { name, version, build, src, license, description }:
buildPhpStorm = { name, version, build, src, license, description, wmClass }:
(mkIdeaProduct {
inherit name version build src;
inherit name version build src wmClass;
product = "PhpStorm";
meta = with stdenv.lib; {
homepage = "https://www.jetbrains.com/phpstorm/";
@ -98,9 +98,9 @@ let
};
});
buildWebStorm = { name, version, build, src, license, description }:
buildWebStorm = { name, version, build, src, license, description, wmClass }:
(mkIdeaProduct {
inherit name version build src;
inherit name version build src wmClass;
product = "WebStorm";
meta = with stdenv.lib; {
homepage = "https://www.jetbrains.com/webstorm/";
@ -115,9 +115,9 @@ let
};
});
buildPycharm = { name, version, build, src, license, description }:
buildPycharm = { name, version, build, src, license, description, wmClass }:
(mkIdeaProduct rec {
inherit name version build src;
inherit name version build src wmClass;
product = "PyCharm";
meta = with stdenv.lib; {
homepage = "https://www.jetbrains.com/pycharm/";
@ -157,6 +157,7 @@ in
"/android-studio-ide-${buildNumber}-linux.zip";
sha256 = "1zxxzyhny7j4vzlydrhwz3g8l8zcml84mhkcf5ckx8xr50j3m101";
};
wmClass = "jetbrains-studio";
};
clion = buildClion rec {
@ -169,6 +170,7 @@ in
url = "https://download.jetbrains.com/cpp/${name}.tar.gz";
sha256 = "0ll1rcnnbd1if6x5rp3qw35lvp5zdzmvyg9n1lha89i34xiw36jp";
};
wmClass = "jetbrains-clion";
};
idea14-community = buildIdea rec {
@ -181,6 +183,7 @@ in
url = "https://download.jetbrains.com/idea/ideaIC-${version}.tar.gz";
sha256 = "1i4mdjm9dd6zvxlpdgd3bqg45ir0cfc9hl55cdc0hg5qwbz683fz";
};
wmClass = "jetbrains-idea-ce";
};
idea-community = buildIdea rec {
@ -193,6 +196,7 @@ in
url = "https://download.jetbrains.com/idea/ideaIC-${version}.tar.gz";
sha256 = "15c92wsfw16j48k12x4vw78886yf9yjx7hwwjamgf28lmzvc37iz";
};
wmClass = "jetbrains-idea-ce";
};
idea14-ultimate = buildIdea rec {
@ -205,6 +209,7 @@ in
url = "https://download.jetbrains.com/idea/ideaIU-${version}.tar.gz";
sha256 = "a2259249f6e7bf14ba17b0af90a18d24d9b4670af60d24f0bb51af2f62500fc2";
};
wmClass = "jetbrains-idea";
};
idea15-ultimate = buildIdea rec {
@ -217,6 +222,7 @@ in
url = "https://download.jetbrains.com/idea/ideaIU-${version}.tar.gz";
sha256 = "012aap2qn0jx4x34bdv9ivrsr86vvf683srb5vpj27hc4l6rw6ll";
};
wmClass = "jetbrains-idea";
};
idea-ultimate = buildIdea rec {
@ -229,6 +235,7 @@ in
url = "https://download.jetbrains.com/idea/ideaIU-${version}.tar.gz";
sha256 = "0dxpx4nx845vgqxl5qz029d3w3kn3hi98wgzympidplxrphgalgy";
};
wmClass = "jetbrains-idea";
};
ruby-mine = buildRubyMine rec {
@ -241,6 +248,7 @@ in
url = "https://download.jetbrains.com/ruby/RubyMine-${version}.tar.gz";
sha256 = "04fcxj1xlap9mxmwf051s926p2darlj5kwl4lms2gy5d8b2lhd5l";
};
wmClass = "jetbrains-rubymine";
};
pycharm-community = buildPycharm rec {
@ -253,6 +261,7 @@ in
url = "https://download.jetbrains.com/python/${name}.tar.gz";
sha256 = "1ks7crrfnhzkdxban2hh2pnr986vqwmac5zybmb1ighcyamhdi4q";
};
wmClass = "jetbrains-pycharm-ce";
};
pycharm-professional = buildPycharm rec {
@ -265,6 +274,7 @@ in
url = "https://download.jetbrains.com/python/${name}.tar.gz";
sha256 = "1rn0i5qbvfjbl4v571ngmyslispibcq5ab0fb7xjl38vr1y417f2";
};
wmClass = "jetbrains-pycharm";
};
phpstorm = buildPhpStorm rec {
@ -277,6 +287,7 @@ in
url = "https://download.jetbrains.com/webide/PhpStorm-${version}.tar.gz";
sha256 = "0fi042zvjpg5pn2mnhj3bbrdkl1b9vmhpf2l6ca4nr0rhjjv7dsm";
};
wmClass = "jetbrains-phpstorm";
};
webstorm = buildWebStorm rec {
@ -289,6 +300,7 @@ in
url = "https://download.jetbrains.com/webstorm/WebStorm-${version}.tar.gz";
sha256 = "0a5s6f99wyql5pgjl94pf4ljdbviik3b8dbr1s6b7c6jn1gk62ic";
};
wmClass = "jetbrains-webstorm";
};
}

10
pkgs/applications/editors/neovim/default.nix
View File

@ -1,6 +1,6 @@
{ stdenv, fetchFromGitHub, cmake, gettext, glib, libmsgpack, libtermkey
, libtool, libuv, lpeg, lua, luajit, luaMessagePack, luabitop, ncurses, perl
, pkgconfig, unibilium, makeWrapper, vimUtils
, libtool, libuv, lpeg, lua, luajit, luaMessagePack, luabitop, man, ncurses
, perl, pkgconfig, unibilium, makeWrapper, vimUtils, xsel
, withPython ? true, pythonPackages, extraPythonPackages ? []
, withPython3 ? true, python3Packages, extraPython3Packages ? []
@ -101,7 +101,10 @@ let
# triggers on buffer overflow bug while running tests
hardeningDisable = [ "fortify" ];
preConfigure = stdenv.lib.optionalString stdenv.isDarwin ''
preConfigure = ''
substituteInPlace runtime/autoload/man.vim \
--replace /usr/bin/man ${man}/bin/man
'' + stdenv.lib.optionalString stdenv.isDarwin ''
export DYLD_LIBRARY_PATH=${jemalloc}/lib
substituteInPlace src/nvim/CMakeLists.txt --replace " util" ""
'';
@ -111,6 +114,7 @@ let
install_name_tool -change libjemalloc.1.dylib \
${jemalloc}/lib/libjemalloc.1.dylib \
$out/bin/nvim
sed -i -e "s|'xsel|'${xsel}/bin/xsel|" share/nvim/runtime/autoload/provider/clipboard.vim
'' + optionalString withPython ''
ln -s ${pythonEnv}/bin/python $out/bin/nvim-python
'' + optionalString withPyGUI ''

21
pkgs/applications/editors/sublime/default.nix
View File

@ -1,4 +1,4 @@
{ fetchurl, stdenv, glib, xorg, cairo, gtk}:
{ fetchurl, stdenv, glib, xorg, cairo, gtk, makeDesktopItem }:
let
libPath = stdenv.lib.makeLibraryPath [glib xorg.libX11 gtk cairo];
in
@ -31,8 +31,27 @@ stdenv.mkDerivation rec {
--interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" \
--set-rpath ${libPath}:${stdenv.cc.cc.lib}/lib${stdenv.lib.optionalString stdenv.is64bit "64"} \
$out/sublime/sublime_text
mkdir -p $out/share/icons
for x in $(ls $out/sublime/Icon); do
mkdir -p $out/share/icons/hicolor/$x/apps
cp -v $out/sublime/Icon/$x/* $out/share/icons/hicolor/$x/apps
done
ln -sv "${desktopItem}/share/applications" $out/share
'';
desktopItem = makeDesktopItem {
name = "sublime2";
exec = "sublime2 %F";
comment = meta.description;
desktopName = "Sublime Text";
genericName = "Text Editor";
categories = "TextEditor;Development;";
icon = "sublime_text";
};
meta = {
description = "Sophisticated text editor for code, markup and prose";
license = stdenv.lib.licenses.unfree;

2
pkgs/applications/editors/texmaker/default.nix
View File

@ -12,7 +12,7 @@ stdenv.mkDerivation rec {
buildInputs = [ qt4 poppler_qt4 zlib ];
nativeBuildInputs = [ pkgconfig poppler qmake4Hook ];
NIX_CFLAGS_COMPILE="-I${poppler}/include/poppler";
NIX_CFLAGS_COMPILE="-I${poppler.dev}/include/poppler";
preConfigure = ''
qmakeFlags="$qmakeFlags DESKTOPDIR=$out/share/applications ICONDIR=$out/share/pixmaps"

16
pkgs/applications/graphics/ImageMagick/default.nix
View File

@ -43,7 +43,8 @@ stdenv.mkDerivation rec {
patches = [ ./imagetragick.patch ] ++ cfg.patches;
outputs = [ "out" "doc" ];
outputs = [ "dev" "out" "doc" ]; # bin/ isn't really big
outputMan = "out"; # it's tiny
enableParallelBuilding = true;
@ -76,18 +77,23 @@ stdenv.mkDerivation rec {
;
postInstall = ''
(cd "$out/include" && ln -s ImageMagick* ImageMagick)
(cd "$dev/include" && ln -s ImageMagick* ImageMagick)
moveToOutput "bin/*-config" "$dev"
moveToOutput "lib/ImageMagick-*/config-Q16" "$dev" # includes configure params
for file in "$dev"/bin/*-config; do
substituteInPlace "$file" --replace pkg-config \
"PKG_CONFIG_PATH='$dev/lib/pkgconfig' '${pkgconfig}/bin/pkg-config'"
done
'' + lib.optionalString (ghostscript != null) ''
for la in $out/lib/*.la; do
sed 's|-lgs|-L${ghostscript}/lib -lgs|' -i $la
sed 's|-lgs|-L${lib.getLib ghostscript}/lib -lgs|' -i $la
done
'';
meta = with stdenv.lib; {
homepage = http://www.imagemagick.org/;
description = "A software suite to create, edit, compose, or convert bitmap images";
platforms = platforms.linux ++ [ "x86_64-darwin" ];
platforms = platforms.linux ++ platforms.darwin;
maintainers = with maintainers; [ the-kenny wkennington ];
};
}

2
pkgs/applications/graphics/digikam/default.nix
View File

@ -71,7 +71,7 @@ let
# Help digiKam find libusb, otherwise gphoto2 support is disabled
cmakeFlags = [
"-DLIBUSB_LIBRARIES=${libusb1.out}/lib"
"-DLIBUSB_INCLUDE_DIR=${libusb1}/include/libusb-1.0"
"-DLIBUSB_INCLUDE_DIR=${libusb1.dev}/include/libusb-1.0"
"-DENABLE_BALOOSUPPORT=ON"
"-DENABLE_KDEPIMLIBSSUPPORT=ON"
"-DENABLE_LCMS2=ON" ]

30
pkgs/applications/graphics/exrdisplay/default.nix
View File

@ -1,27 +1,29 @@
{ stdenv, fetchurl, pkgconfig, fltk, openexr, mesa, which, openexr_ctl }:
{ stdenv, fetchurl, pkgconfig, fltk, openexr, mesa, openexr_ctl }:
assert fltk.glSupport;
stdenv.mkDerivation {
name ="openexr_viewers-1.0.1";
name ="openexr_viewers-2.2.0";
src = fetchurl {
url = "mirror://savannah/openexr/openexr_viewers-1.0.1.tar.gz";
sha256 = "1w5qbcdp7sw48z1wk2v07f7p14vqqb1m2ncxyxnbkm9f4ab0ymg6";
url = "mirror://savannah/openexr/openexr_viewers-2.2.0.tar.gz";
sha256 = "1s84vnas12ybx8zz0jcmpfbk9m4ab5bg2d3cglqwk3wys7jf4gzp";
};
configurePhase =
''
# don't know why.. adding these flags it works
#export CXXFLAGS=`fltk-config --use-gl --cxxflags --ldflags`
./configure --prefix=$out --with-fltk-config=${fltk}/bin/fltk-config
'';
configurePhase = ''
./configure --prefix=$out --with-fltk-config=${fltk}/bin/fltk-config
'';
buildInputs = [ openexr fltk pkgconfig mesa which openexr_ctl ];
buildPahse = ''
make LDFLAGS="`fltk-config --ldflags` -lGL -lfltk_gl"
'';
buildInputs = [ openexr fltk pkgconfig mesa openexr_ctl ];
meta = {
description = "Tool to view OpenEXR images";
homepage = http://openexr.com;
license = "BSD-like";
description = "Application for viewing OpenEXR images on a display at various exposure settings";
homepage = "http://openexr.com";
platforms = stdenv.lib.platforms.linux;
license = stdenv.lib.licenses.bsd3;
};
}

Some files were not shown because too many files have changed in this diff Show More