ilyakooo0/nixpkgs
1
0
Fork 0
mirror of https://github.com/ilyakooo0/nixpkgs.git synced 2024-10-06 20:48:32 +03:00
Code Issues Projects Releases Wiki Activity

Merge master into haskell-updates

Browse Source
This commit is contained in:
github-actions[bot] 2024-05-11 00:13:11 +00:00 committed by GitHub
commit 40ecbaf140
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
249 changed files with 4797 additions and 10806 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.git-blame-ignore-revs
View File

@ -111,3 +111,6 @@ fb0e5be84331188a69b3edd31679ca6576edb75a
# pkgs/os-specific/bsd: Reformat with nixfmt-rfc-style 2024-03-01
3fe3b055adfc020e6a923c466b6bcd978a13069a
# k3s: format with nixfmt-rfc-style
0b7900d5e8e0bcac89e14a52d3e840f9201e9f47

9
.github/CODEOWNERS vendored
View File

@ -137,9 +137,9 @@ nixos/modules/installer/tools/nix-fallback-paths.nix @raitobezarius @ma27
/pkgs/top-level/haskell-packages.nix @sternenseemann @maralorn @ncfavier
# Perl
/pkgs/development/interpreters/perl @stigtsp @zakame @dasJ
/pkgs/top-level/perl-packages.nix @stigtsp @zakame @dasJ
/pkgs/development/perl-modules @stigtsp @zakame @dasJ
/pkgs/development/interpreters/perl @stigtsp @zakame @dasJ @marcusramberg
/pkgs/top-level/perl-packages.nix @stigtsp @zakame @dasJ @marcusramberg
/pkgs/development/perl-modules @stigtsp @zakame @dasJ @marcusramberg
# R
/pkgs/applications/science/math/R @jbedo
@ -345,8 +345,11 @@ pkgs/development/tools/continuous-integration/buildbot @Mic92 @zowoq
# Pretix
pkgs/by-name/pr/pretix/ @mweinelt
pkgs/by-name/pr/pretalx/ @mweinelt
nixos/modules/services/web-apps/pretix.nix @mweinelt
nixos/modules/services/web-apps/pretalx.nix @mweinelt
nixos/tests/web-apps/pretix.nix @mweinelt
nixos/tests/web-apps/pretalx.nix @mweinelt
# incus/lxc/lxd
nixos/maintainers/scripts/lxd/ @adamcstephens

4
.github/workflows/check-nix-format.yml vendored
View File

@ -39,6 +39,10 @@ jobs:
pkgs/development/cuda-modules
pkgs/test/cuda
pkgs/top-level/cuda-packages.nix
NIX_FMT_PATHS_K3S: |
nixos/modules/services/cluster/k3s
nixos/tests/k3s
pkgs/applications/networking/cluster/k3s
NIX_FMT_PATHS_VSCODE_EXTS: pkgs/applications/editors/vscode/extensions
NIX_FMT_PATHS_PHP_PACKAGES: pkgs/development/php-packages
NIX_FMT_PATHS_BUILD_SUPPORT_PHP: pkgs/build-support/php

2
maintainers/maintainer-list.nix
View File

@ -1962,7 +1962,7 @@
};
atry = {
name = "Bo Yang";
email = "atry@fb.com";
email = "yang-bo@yang-bo.com";
github = "Atry";
githubId = 601530;
};

53
nixos/doc/manual/release-notes/rl-2405.section.md
View File

@ -16,7 +16,7 @@ In addition to numerous new and upgraded packages, this release has the followin
- `linuxPackages_testing_bcachefs` is now fully deprecated by `linuxPackages_latest`, and is therefore no longer available.
- (TODO not sure what path to use here) The default kernel package has been updated from 6.1 to 6.6. All supported kernels remain available.
- The default kernel package has been updated from 6.1 to 6.6. All supported kernels remain available.
- NixOS now installs a stub ELF loader that prints an informative error message when users attempt to run binaries not made for NixOS.
- This can be disabled through the `environment.stub-ld.enable` option.
@ -98,13 +98,13 @@ Use `services.pipewire.extraConfig` or `services.pipewire.configPackages` for Pi
- [clatd](https://github.com/toreanderson/clatd), a CLAT / SIIT-DC Edge Relay implementation for Linux.
- [pyLoad](https://pyload.net/), a FOSS download manager written in Python. Available as [services.pyload](#opt-services.pyload.enable)
- [pyLoad](https://pyload.net/), a FOSS download manager written in Python. Available as [services.pyload](#opt-services.pyload.enable).
- [maubot](https://github.com/maubot/maubot), a plugin-based Matrix bot framework. Available as [services.maubot](#opt-services.maubot.enable).
- [ryzen-monitor-ng](https://github.com/mann1x/ryzen_monitor_ng), a desktop AMD CPU power monitor and controller, similar to Ryzen Master but for Linux. Available as [programs.ryzen-monitor-ng](#opt-programs.ryzen-monitor-ng.enable)
- [ryzen-monitor-ng](https://github.com/mann1x/ryzen_monitor_ng), a desktop AMD CPU power monitor and controller, similar to Ryzen Master but for Linux. Available as [programs.ryzen-monitor-ng](#opt-programs.ryzen-monitor-ng.enable).
- [ryzen-smu](https://gitlab.com/leogx9r/ryzen_smu), Linux kernel driver to expose the SMU (System Management Unit) for certain AMD Ryzen Processors. Includes the userspace program `monitor_cpu`. Available at [hardward.cpu.amd.ryzen-smu](#opt-hardware.cpu.amd.ryzen-smu.enable)
- [ryzen-smu](https://gitlab.com/leogx9r/ryzen_smu), Linux kernel driver to expose the SMU (System Management Unit) for certain AMD Ryzen Processors. Includes the userspace program `monitor_cpu`. Available at [hardward.cpu.amd.ryzen-smu](#opt-hardware.cpu.amd.ryzen-smu.enable).
- `systemd`'s `gateway`, `upload`, and `remote` services, which provide ways of sending journals across the network. Enable using [services.journald.gateway](#opt-services.journald.gateway.enable), [services.journald.upload](#opt-services.journald.upload.enable), and [services.journald.remote](#opt-services.journald.remote.enable).
@ -128,7 +128,7 @@ Use `services.pipewire.extraConfig` or `services.pipewire.configPackages` for Pi
- [Python Matter Server](https://github.com/home-assistant-libs/python-matter-server), a
Matter Controller Server exposing websocket connections for use with other services, notably Home Assistant.
Available as [services.matter-server](#opt-services.matter-server.enable)
Available as [services.matter-server](#opt-services.matter-server.enable).
- [db-rest](https://github.com/derhuerst/db-rest), a wrapper around Deutsche Bahn's internal API for public transport data. Available as [services.db-rest](#opt-services.db-rest.enable).
@ -137,7 +137,7 @@ Use `services.pipewire.extraConfig` or `services.pipewire.configPackages` for Pi
- [Anki Sync Server](https://docs.ankiweb.net/sync-server.html), the official sync server built into recent versions of Anki. Available as [services.anki-sync-server](#opt-services.anki-sync-server.enable).
The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been marked deprecated and will be dropped after 24.05 due to lack of maintenance of the anki-sync-server software.
- [mautrix-meta](https://github.com/mautrix/meta), a Matrix <-> Facebook and Matrix <-> Instagram hybrid puppeting/relaybot bridge. Available as services.mautrix-meta
- [mautrix-meta](https://github.com/mautrix/meta), a Matrix <-> Facebook and Matrix <-> Instagram hybrid puppeting/relaybot bridge. Available as services.mautrix-meta.
- [Jottacloud Command-line Tool](https://docs.jottacloud.com/en/articles/1436834-jottacloud-command-line-tool), a CLI for the [Jottacloud](https://jottacloud.com/) cloud storage provider. Available as [services.jotta-cli](#opt-services.jotta-cli.enable).
@ -161,7 +161,7 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
- [Monado](https://monado.freedesktop.org/), an open source XR runtime. Available as [services.monado](#opt-services.monado.enable).
- [intel-gpu-tools](https://drm.pages.freedesktop.org/igt-gpu-tools), tools for development and testing of the Intel DRM driver. Available as [hardware.intel-gpu-tools](#opt-hardware.intel-gpu-tools.enable)
- [intel-gpu-tools](https://drm.pages.freedesktop.org/igt-gpu-tools), tools for development and testing of the Intel DRM driver. Available as [hardware.intel-gpu-tools](#opt-hardware.intel-gpu-tools.enable).
- [Pretix](https://pretix.eu/about/en/), an open source ticketing software for events. Available as [services.pretix](#opt-services.pretix.enable).
@ -183,7 +183,7 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
- [nh](https://github.com/viperML/nh), yet another Nix CLI helper. Available as [programs.nh](#opt-programs.nh.enable).
- [ALVR](https://github.com/alvr-org/alvr), a VR desktop streamer. Available as [programs.alvr](#opt-programs.alvr.enable)
- [ALVR](https://github.com/alvr-org/alvr), a VR desktop streamer. Available as [programs.alvr](#opt-programs.alvr.enable).
- [xdg-terminal-exec](https://github.com/Vladimir-csp/xdg-terminal-exec), the proposed Default Terminal Execution Specification.
@ -193,17 +193,17 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
- [davis](https://github.com/tchapi/davis), a simple CardDav and CalDav server inspired by Baïkal. Available as [services.davis](#opt-services.davis.enable).
- [Firefly-iii](https://www.firefly-iii.org), a free and open source personal finance manager. Available as [services.firefly-iii](#opt-services.firefly-iii.enable)
- [Firefly-iii](https://www.firefly-iii.org), a free and open source personal finance manager. Available as [services.firefly-iii](#opt-services.firefly-iii.enable).
- [systemd-lock-handler](https://git.sr.ht/~whynothugo/systemd-lock-handler/), a bridge between logind D-Bus events and systemd targets. Available as [services.systemd-lock-handler.enable](#opt-services.systemd-lock-handler.enable).
- [wastebin](https://github.com/matze/wastebin), a pastebin server written in rust. Available as [services.wastebin](#opt-services.wastebin.enable).
- [Mealie](https://nightly.mealie.io/), a self-hosted recipe manager and meal planner with a RestAPI backend and a reactive frontend application built in NuxtJS for a pleasant user experience for the whole family. Available as [services.mealie](#opt-services.mealie.enable)
- [Mealie](https://nightly.mealie.io/), a self-hosted recipe manager and meal planner with a RestAPI backend and a reactive frontend application built in NuxtJS for a pleasant user experience for the whole family. Available as [services.mealie](#opt-services.mealie.enable).
- [Sunshine](https://app.lizardbyte.dev/Sunshine), a self-hosted game stream host for Moonlight. Available as [services.sunshine](#opt-services.sunshine.enable).
- [Uni-Sync](https://github.com/EightB1ts/uni-sync), a synchronization tool for Lian Li Uni Controllers. Available as [hardware.uni-sync](#opt-hardware.uni-sync.enable)
- [Uni-Sync](https://github.com/EightB1ts/uni-sync), a synchronization tool for Lian Li Uni Controllers. Available as [hardware.uni-sync](#opt-hardware.uni-sync.enable).
- [prometheus-nats-exporter](https://github.com/nats-io/prometheus-nats-exporter), a Prometheus exporter for NATS. Available as [services.prometheus.exporters.nats](#opt-services.prometheus.exporters.nats.enable).
@ -267,7 +267,7 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
- `idris2` was updated to v0.7.0. This version introduces breaking changes. Check out the [changelog](https://github.com/idris-lang/Idris2/blob/v0.7.0/CHANGELOG.md#v070) for details.
- `nvtop` family of packages was reorganized into nested attrset. `nvtop` has been renamed to `nvtopPackages.full`, and all `nvtop-{amd,nvidia,intel,msm}` packages are now named as `nvtopPackages.{amd,nvidia,intel,msm}`
- `nvtop` family of packages was reorganized into nested attrset. `nvtop` has been renamed to `nvtopPackages.full`, and all `nvtop-{amd,nvidia,intel,msm}` packages are now named as `nvtopPackages.{amd,nvidia,intel,msm}`.
- `neo4j` has been updated to version 5. You may want to read the [release notes for Neo4j 5](https://neo4j.com/release-notes/database/neo4j-5/).
@ -297,7 +297,7 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
- `buildGoModule` now throws an error when `vendorHash` is not specified. `vendorSha256`, deprecated in Nixpkgs 23.11, is now ignored and is no longer a `vendorHash` alias.
- `services.invidious.settings.db.user`, the default database username has changed from `kemal` to `invidious`. Setups involving an externally-provisioned database (i.e. `services.invidious.database.createLocally == false`) should adjust their configuration accordingly. The old `kemal` user will not be removed automatically even when the database is provisioned automatically.(https://github.com/NixOS/nixpkgs/pull/265857)
- `services.invidious.settings.db.user`, the default database username has changed from `kemal` to `invidious`. Setups involving an externally-provisioned database (i.e. `services.invidious.database.createLocally == false`) should adjust their configuration accordingly. The old `kemal` user will not be removed automatically even when the database is provisioned automatically.(https://github.com/NixOS/nixpkgs/pull/265857).
- `writeReferencesToFile` is deprecated in favour of the new trivial build helper `writeClosure`. The latter accepts a list of paths and has an unambiguous name and cleaner implementation.
@ -459,6 +459,11 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
- `firefox-devedition`, `firefox-beta`, `firefox-esr` executable file names for now match their package names, which is consistent with the `firefox-*-bin` packages. The desktop entries are also updated so that you can have multiple editions of firefox in your app launcher.
- `chromium` and `ungoogled-chromium` had a long stanging issue regarding Widevine DRM handling in nixpkgs fixed.
`chromium` now no longer automatically downloads Widevine when encountering DRM protected content.
To be able to play DRM protected content in `chromium` now, you have to explicitly opt-in as originally intended using `chromium.override { enableWideVine = true; }`.
This override has been added almost 10 years ago.
- switch-to-configuration does not directly call systemd-tmpfiles anymore.
Instead, the new artificial sysinit-reactivation.target is introduced which
allows to restart multiple services that are ordered before sysinit.target
@ -467,11 +472,11 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
- `systemd.oomd` module behavior is changed as:
- Raise ManagedOOMMemoryPressureLimit from 50% to 80%. This should make systemd-oomd kill things less often, and fix issues like [this](https://pagure.io/fedora-workstation/issue/358).
Reference: [commit](https://src.fedoraproject.org/rpms/systemd/c/806c95e1c70af18f81d499b24cd7acfa4c36ffd6?branch=806c95e1c70af18f81d499b24cd7acfa4c36ffd6)
Reference: [commit](https://src.fedoraproject.org/rpms/systemd/c/806c95e1c70af18f81d499b24cd7acfa4c36ffd6?branch=806c95e1c70af18f81d499b24cd7acfa4c36ffd6).
- Remove swap policy. This helps prevent killing processes when user's swap is small.
- Expand the memory pressure policy to system.slice, user-.slice, and all user owned slices. Reference: [commit](https://src.fedoraproject.org/rpms/systemd/c/7665e1796f915dedbf8e014f0a78f4f576d609bb)
- Expand the memory pressure policy to system.slice, user-.slice, and all user owned slices. Reference: [commit](https://src.fedoraproject.org/rpms/systemd/c/7665e1796f915dedbf8e014f0a78f4f576d609bb).
- `systemd.oomd.enableUserServices` is renamed to `systemd.oomd.enableUserSlices`.
@ -532,7 +537,7 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
- `cinnamon` has been updated to 6.0. Please beware that the [Wayland session](https://blog.linuxmint.com/?p=4591) is still experimental in this release and could potentially [affect Xorg sessions](https://blog.linuxmint.com/?p=4639). We suggest a reboot when switching between sessions.
- (TODO awaiting feedback on code-casing package names) MATE has been updated to 1.28.
- `mate` has been updated to 1.28.
- To properly support panel plugins built with Wayland (in-process) support, we are introducing `services.xserver.desktopManager.mate.extraPanelApplets` option, please use that for installing panel applets.
- Similarly, please use `services.xserver.desktopManager.mate.extraCajaExtensions` option for installing Caja extensions.
- To use the Wayland session, enable `services.xserver.desktopManager.mate.enableWaylandSession`. This is opt-in for now as it is in early stage and introduces a new set of Wayfire closure. Due to [known issues with LightDM](https://github.com/canonical/lightdm/issues/63), we suggest using SDDM for display manager.
@ -568,7 +573,7 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
The `nimPackages` and `nim2Packages` sets have been removed.
See https://nixos.org/manual/nixpkgs/unstable#nim for more information.
- [TODO: reword to place an attribute at the front] Programs written in [D](https://dlang.org/) using the `dub` build system and package manager can now be built using `buildDubPackage` utilizing lockfiles provided by the new `dub-to-nix` helper program.
- `buildDubPackage` can now be used to build Programs written in [D](https://dlang.org/) using the `dub` build system and package manager.
See the [D section](https://nixos.org/manual/nixpkgs/unstable#dlang) in the manual for more information.
- [`portunus`](https://github.com/majewsky/portunus) has been updated to major version 2.
@ -584,7 +589,7 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
- `garage` has been updated to v1.x.x. Users should read the [upstream release notes](https://git.deuxfleurs.fr/Deuxfleurs/garage/releases/tag/v1.0.0) and follow the documentation when changing over their `services.garage.package` and performing this manual upgrade.
- [TODO: reword to place an attribute at the front] The EC2 image module now enables the [Amazon SSM Agent](https://docs.aws.amazon.com/systems-manager/latest/userguide/ssm-agent.html) by default.
- The EC2 image module now enables the [Amazon SSM Agent](https://docs.aws.amazon.com/systems-manager/latest/userguide/ssm-agent.html) by default.
- The following options of the Nextcloud module were moved into [`services.nextcloud.settings`](#opt-services.nextcloud.settings) and renamed to match the name from Nextcloud's `config.php`:
- `logLevel` -> [`loglevel`](#opt-services.nextcloud.settings.loglevel),
@ -619,7 +624,7 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
- `sonarr` version bumped to from 3.0.10 to 4.0.3. Consequently existing config database files will be upgraded automatically, but note that some old apparently-working configs [might actually be corrupt and fail to upgrade cleanly](https://forums.sonarr.tv/t/sonarr-v4-released/33089).
- [TODO: reword to place an attribute at the front] The Yama LSM is now enabled by default in the kernel, which prevents ptracing
- The kernel Yama LSM is now enabled by default, which prevents ptracing
non-child processes. This means you will not be able to attach gdb to an
existing process, but will need to start that process from gdb (so it is a
child). Or you can set `boot.kernel.sysctl."kernel.yama.ptrace_scope"` to 0.
@ -637,7 +642,7 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
- [](#opt-boot.kernel.sysctl._net.core.wmem_max_) changed from a string to an integer because of the addition of a custom merge option (taking the highest value defined to avoid conflicts between 2 services trying to set that value), just as [](#opt-boot.kernel.sysctl._net.core.rmem_max_) since 22.11.
- [TODO: reword to place an attribute at the front] A new top-level package set, `pkgsExtraHardening` is added. This is a set of packages built with stricter hardening flags - those that have not yet received enough testing to be applied universally, those that are more likely to cause build failures or those that have drawbacks to their use (e.g. performance or required hardware features).
- `pkgsExtraHardening`, a new top-level package set, was added. This is a set of packages built with stricter hardening flags - those that have not yet received enough testing to be applied universally, those that are more likely to cause build failures or those that have drawbacks to their use (e.g. performance or required hardware features).
- `services.zfs.zed.enableMail` now uses the global `sendmail` wrapper defined by an email module
(such as msmtp or Postfix). It no longer requires using a special ZFS build with email support.
@ -693,16 +698,16 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
- `youtrack` is bumped to 2023.3. The update is not performed automatically, it requires manual interaction. See the YouTrack section in the manual for details.
- QtMultimedia has changed its default backend to `QT_MEDIA_BACKEND=ffmpeg` (previously `gstreamer` on Linux or `darwin` on MacOS).
- `qt6.qtmultimedia` has changed its default backend to `QT_MEDIA_BACKEND=ffmpeg` (previously `gstreamer` on Linux or `darwin` on MacOS).
The previous native backends remain available but are now minimally maintained. Refer to [upstream documentation](https://doc.qt.io/qt-6/qtmultimedia-index.html#ffmpeg-as-the-default-backend) for further details about each platform.
- `drbd` out-of-tree Linux kernel driver has been added in version 9.2.7. With it the DRBD 9.x features can be used instead of the 8.x features provided by the 8.4.11 in-tree driver.
- [TODO: reword to place an attribute at the front] The oil shell's c++ version is now available as `oils-for-unix`. The python version is still available as `oil`
- `oils-for-unix`, the oil shell's c++ version is now available. The python version is still available as `oil`.
- `documentation.man.mandoc` now by default uses `MANPATH` to set the directories where mandoc will search for manual pages.
This enables mandoc to find manual pages in Nix profiles. To set the manual search paths via the `mandoc.conf` configuration file like before, use `documentation.man.mandoc.settings.manpath` instead.
- `grafana-loki` package was updated to 3.0.0 which includes [breaking changes](https://github.com/grafana/loki/releases/tag/v3.0.0)
- `grafana-loki` package was updated to 3.0.0 which includes [breaking changes](https://github.com/grafana/loki/releases/tag/v3.0.0).
- `programs.fish.package` now allows you to override the package used in the `fish` module
- `programs.fish.package` now allows you to override the package used in the `fish` module.

162
nixos/modules/services/audio/navidrome.nix
View File

@ -1,11 +1,17 @@
{ config, lib, pkgs, ... }:
with lib;
{
config,
lib,
pkgs,
...
}:
let
inherit (lib) mkEnableOption mkPackageOption mkOption maintainers;
inherit (lib.types) bool str;
cfg = config.services.navidrome;
settingsFormat = pkgs.formats.json {};
in {
settingsFormat = pkgs.formats.json { };
in
{
options = {
services.navidrome = {
@ -13,9 +19,8 @@ in {
package = mkPackageOption pkgs "navidrome" { };
settings = mkOption rec {
settings = mkOption {
type = settingsFormat.type;
apply = recursiveUpdate default;
default = {
Address = "127.0.0.1";
Port = 4533;
@ -23,62 +28,111 @@ in {
example = {
MusicFolder = "/mnt/music";
};
description = ''
Configuration for Navidrome, see <https://www.navidrome.org/docs/usage/configuration-options/> for supported values.
'';
description = "Configuration for Navidrome, see <https://www.navidrome.org/docs/usage/configuration-options/> for supported values.";
};
user = mkOption {
type = str;
default = "navidrome";
description = "User under which Navidrome runs.";
};
group = mkOption {
type = str;
default = "navidrome";
description = "Group under which Navidrome runs.";
};
openFirewall = mkOption {
type = types.bool;
type = bool;
default = false;
description = "Whether to open the TCP port in the firewall";
};
};
};
config = mkIf cfg.enable {
networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [cfg.settings.Port];
systemd.services.navidrome = {
description = "Navidrome Media Server";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = ''
${cfg.package}/bin/navidrome --configfile ${settingsFormat.generate "navidrome.json" cfg.settings}
'';
DynamicUser = true;
StateDirectory = "navidrome";
WorkingDirectory = "/var/lib/navidrome";
RuntimeDirectory = "navidrome";
RootDirectory = "/run/navidrome";
ReadWritePaths = "";
BindPaths = lib.optional (cfg.settings ? DataFolder) cfg.settings.DataFolder;
BindReadOnlyPaths = [
# navidrome uses online services to download additional album metadata / covers
"${config.environment.etc."ssl/certs/ca-certificates.crt".source}:/etc/ssl/certs/ca-certificates.crt"
builtins.storeDir
"/etc"
] ++ lib.optional (cfg.settings ? MusicFolder) cfg.settings.MusicFolder;
CapabilityBoundingSet = "";
RestrictAddressFamilies = [ "AF_UNIX" "AF_INET" "AF_INET6" ];
RestrictNamespaces = true;
PrivateDevices = true;
PrivateUsers = true;
ProtectClock = true;
ProtectControlGroups = true;
ProtectHome = true;
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
SystemCallArchitectures = "native";
SystemCallFilter = [ "@system-service" "~@privileged" ];
RestrictRealtime = true;
LockPersonality = true;
MemoryDenyWriteExecute = true;
UMask = "0066";
ProtectHostname = true;
config =
let
inherit (lib) mkIf optional getExe;
WorkingDirectory = "/var/lib/navidrome";
in
mkIf cfg.enable {
systemd = {
tmpfiles.settings.navidromeDirs = {
"${cfg.settings.DataFolder or WorkingDirectory}"."d" = {
mode = "700";
inherit (cfg) user group;
};
"${cfg.settings.CacheFolder or (WorkingDirectory + "/cache")}"."d" = {
mode = "700";
inherit (cfg) user group;
};
};
services.navidrome = {
description = "Navidrome Media Server";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = ''
${getExe cfg.package} --configfile ${settingsFormat.generate "navidrome.json" cfg.settings}
'';
User = cfg.user;
Group = cfg.group;
StateDirectory = "navidrome";
inherit WorkingDirectory;
RuntimeDirectory = "navidrome";
RootDirectory = "/run/navidrome";
ReadWritePaths = "";
BindPaths =
optional (cfg.settings ? DataFolder) cfg.settings.DataFolder
++ optional (cfg.settings ? CacheFolder) cfg.settings.CacheFolder;
BindReadOnlyPaths = [
# navidrome uses online services to download additional album metadata / covers
"${
config.environment.etc."ssl/certs/ca-certificates.crt".source
}:/etc/ssl/certs/ca-certificates.crt"
builtins.storeDir
"/etc"
] ++ optional (cfg.settings ? MusicFolder) cfg.settings.MusicFolder;
CapabilityBoundingSet = "";
RestrictAddressFamilies = [
"AF_UNIX"
"AF_INET"
"AF_INET6"
];
RestrictNamespaces = true;
PrivateDevices = true;
PrivateUsers = true;
ProtectClock = true;
ProtectControlGroups = true;
ProtectHome = true;
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
SystemCallArchitectures = "native";
SystemCallFilter = [
"@system-service"
"~@privileged"
];
RestrictRealtime = true;
LockPersonality = true;
MemoryDenyWriteExecute = true;
UMask = "0066";
ProtectHostname = true;
};
};
};
users.users = mkIf (cfg.user == "navidrome") {
navidrome = {
inherit (cfg) group;
isSystemUser = true;
};
};
users.groups = mkIf (cfg.group == "navidrome") { navidrome = { }; };
networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ cfg.settings.Port ];
};
};
meta.maintainers = with maintainers; [ nu-nu-ko ];
}

44
nixos/modules/services/cluster/k3s/default.nix
View File

@ -1,15 +1,25 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
with lib;
let
cfg = config.services.k3s;
removeOption = config: instruction:
lib.mkRemovedOptionModule ([ "services" "k3s" ] ++ config) instruction;
removeOption =
config: instruction:
lib.mkRemovedOptionModule (
[
"services"
"k3s"
]
++ config
) instruction;
in
{
imports = [
(removeOption [ "docker" ] "k3s docker option is no longer supported.")
];
imports = [ (removeOption [ "docker" ] "k3s docker option is no longer supported.") ];
# interface
options.services.k3s = {
@ -33,7 +43,10 @@ in
- `serverAddr` is required.
'';
default = "server";
type = types.enum [ "server" "agent" ];
type = types.enum [
"server"
"agent"
];
};
serverAddr = mkOption {
@ -125,7 +138,8 @@ in
message = "serverAddr or configPath (with 'server' key) should be set if role is 'agent'";
}
{
assertion = cfg.role == "agent" -> cfg.configPath != null || cfg.tokenFile != null || cfg.token != "";
assertion =
cfg.role == "agent" -> cfg.configPath != null || cfg.tokenFile != null || cfg.token != "";
message = "token or tokenFile or configPath (with 'token' or 'token-file' keys) should be set if role is 'agent'";
}
{
@ -142,8 +156,14 @@ in
systemd.services.k3s = {
description = "k3s service";
after = [ "firewall.service" "network-online.target" ];
wants = [ "firewall.service" "network-online.target" ];
after = [
"firewall.service"
"network-online.target"
];
wants = [
"firewall.service"
"network-online.target"
];
wantedBy = [ "multi-user.target" ];
path = optional config.boot.zfs.enabled config.boot.zfs.package;
serviceConfig = {
@ -159,9 +179,7 @@ in
TasksMax = "infinity";
EnvironmentFile = cfg.environmentFile;
ExecStart = concatStringsSep " \\\n " (
[
"${cfg.package}/bin/k3s ${cfg.role}"
]
[ "${cfg.package}/bin/k3s ${cfg.role}" ]
++ (optional cfg.clusterInit "--cluster-init")
++ (optional cfg.disableAgent "--disable-agent")
++ (optional (cfg.serverAddr != "") "--server ${cfg.serverAddr}")

49
nixos/modules/services/web-apps/pretalx.nix
View File

@ -24,7 +24,7 @@ in
{
meta = with lib; {
maintainers = teams.c3d2.members;
maintainers = with maintainers; [ hexa] ++ teams.c3d2.members;
};
options.services.pretalx = {
@ -329,10 +329,47 @@ in
serviceConfig = {
User = "pretalx";
Group = "pretalx";
StateDirectory = [ "pretalx" "pretalx/media" ];
StateDirectory = [
"pretalx"
"pretalx/media"
];
StateDirectoryMode = "0750";
LogsDirectory = "pretalx";
WorkingDirectory = cfg.settings.filesystem.data;
SupplementaryGroups = [ "redis-pretalx" ];
AmbientCapabilities = "";
CapabilityBoundingSet = [ "" ];
DevicePolicy = "closed";
LockPersonality = true;
MemoryDenyWriteExecute = true;
NoNewPrivileges = true;
PrivateDevices = true;
PrivateTmp = true;
ProcSubset = "pid";
ProtectControlGroups = true;
ProtectHome = true;
ProtectHostname = true;
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
ProtectProc = "invisible";
ProtectSystem = "strict";
RemoveIPC = true;
RestrictAddressFamilies = [
"AF_INET"
"AF_INET6"
"AF_UNIX"
];
RestrictNamespaces = true;
RestrictRealtime = true;
RestrictSUIDSGID = true;
SystemCallArchitectures = "native";
SystemCallFilter = [
"@system-service"
"~@privileged"
"@chown"
];
UMask = "0027";
};
};
in {
@ -395,6 +432,8 @@ in
wantedBy = [ "multi-user.target" ];
serviceConfig.ExecStart = "${lib.getExe' pythonEnv "celery"} -A pretalx.celery_app worker ${cfg.celery.extraArgs}";
});
nginx.serviceConfig.SupplementaryGroups = lib.mkIf cfg.nginx.enable [ "pretalx" ];
};
systemd.sockets.pretalx-web.socketConfig = {
@ -403,11 +442,9 @@ in
};
users = {
groups."${cfg.group}" = {};
users."${cfg.user}" = {
groups.${cfg.group} = {};
users.${cfg.user} = {
isSystemUser = true;
createHome = true;
home = cfg.settings.filesystem.data;
inherit (cfg) group;
};
};

12
nixos/modules/services/web-apps/pretix.nix
View File

@ -468,7 +468,7 @@ in
StateDirectory = [
"pretix"
];
StateDirectoryMode = "0755";
StateDirectoryMode = "0750";
CacheDirectory = "pretix";
LogsDirectory = "pretix";
WorkingDirectory = cfg.settings.pretix.datadir;
@ -507,7 +507,7 @@ in
"~@privileged"
"@chown"
];
UMask = "0022";
UMask = "0027";
};
};
in {
@ -561,6 +561,8 @@ in
wantedBy = [ "multi-user.target" ];
serviceConfig.ExecStart = "${getExe' pythonEnv "celery"} -A pretix.celery_app worker ${cfg.celery.extraArgs}";
};
nginx.serviceConfig.SupplementaryGroups = mkIf cfg.nginx.enable [ "pretix" ];
};
systemd.sockets.pretix-web.socketConfig = {
@ -569,11 +571,9 @@ in
};
users = {
groups."${cfg.group}" = {};
users."${cfg.user}" = {
groups.${cfg.group} = {};
users.${cfg.user} = {
isSystemUser = true;
createHome = true;
home = cfg.settings.pretix.datadir;
inherit (cfg) group;
};
};

2
nixos/modules/services/web-servers/nginx/default.nix
View File

@ -352,7 +352,7 @@ let
# The acme-challenge location doesn't need to be added if we are not using any automated
# certificate provisioning and can also be omitted when we use a certificate obtained via a DNS-01 challenge
acmeName = if vhost.useACMEHost != null then vhost.useACMEHost else vhostName;
acmeName = if vhost.useACMEHost != null then vhost.useACMEHost else vhost.serverName;
acmeLocation = optionalString ((vhost.enableACME || vhost.useACMEHost != null) && config.security.acme.certs.${acmeName}.dnsProvider == null)
# Rule for legitimate ACME Challenge requests (like /.well-known/acme-challenge/xxxxxxxxx)
# We use ^~ here, so that we don't check any regexes (which could

2
nixos/modules/testing/test-instrumentation.nix
View File

@ -218,7 +218,7 @@ in
services.displayManager.logToJournal = true;
services.logrotate.enable = lib.mkDefault false;
services.logrotate.enable = mkOverride 150 false;
# Make sure we use the Guest Agent from the QEMU package for testing
# to reduce the closure size required for the tests.

32
nixos/tests/acme.nix
View File

@ -99,7 +99,14 @@
serverAliases = [ "${server}-wildcard-alias.example.test" ];
useACMEHost = "example.test";
};
};
} // (lib.optionalAttrs (server == "nginx") {
# The nginx module supports using a different key than the hostname
different-key = vhostBaseData // {
serverName = "${server}-different-key.example.test";
serverAliases = [ "${server}-different-key-alias.example.test" ];
enableACME = true;
};
});
};
# Used to determine if service reload was triggered
@ -653,20 +660,20 @@ in {
webserver.succeed("systemctl restart caddy.service")
check_connection_key_bits(client, "a.example.test", "384")
domains = ["http", "dns", "wildcard"]
for server, logsrc in [
("nginx", "journalctl -n 30 -u nginx.service"),
("httpd", "tail -n 30 /var/log/httpd/*.log"),
common_domains = ["http", "dns", "wildcard"]
for server, logsrc, domains in [
("nginx", "journalctl -n 30 -u nginx.service", common_domains + ["different-key"]),
("httpd", "tail -n 30 /var/log/httpd/*.log", common_domains),
]:
wait_for_server = lambda: webserver.wait_for_unit(f"{server}.service")
with subtest(f"Works with {server}"):
try:
switch_to(webserver, server)
# Skip wildcard domain for this check ([:-1])
for domain in domains[:-1]:
webserver.wait_for_unit(
f"acme-finished-{server}-{domain}.example.test.target"
)
for domain in domains:
if domain != "wildcard":
webserver.wait_for_unit(
f"acme-finished-{server}-{domain}.example.test.target"
)
except Exception as err:
_, output = webserver.execute(
f"{logsrc} && ls -al /var/lib/acme/acme-challenge"
@ -676,8 +683,9 @@ in {
wait_for_server()
for domain in domains[:-1]:
check_issuer(webserver, f"{server}-{domain}.example.test", "pebble")
for domain in domains:
if domain != "wildcard":
check_issuer(webserver, f"{server}-{domain}.example.test", "pebble")
for domain in domains:
check_connection(client, f"{server}-{domain}.example.test")
check_connection(client, f"{server}-{domain}-alias.example.test")

3
nixos/tests/all-tests.nix
View File

@ -424,7 +424,8 @@ in {
icingaweb2 = handleTest ./icingaweb2.nix {};
iftop = handleTest ./iftop.nix {};
incron = handleTest ./incron.nix {};
incus = pkgs.recurseIntoAttrs (handleTest ./incus { inherit handleTestOn; });
incus = pkgs.recurseIntoAttrs (handleTest ./incus { inherit handleTestOn; inherit (pkgs) incus; });
incus-lts = pkgs.recurseIntoAttrs (handleTest ./incus { inherit handleTestOn; });
influxdb = handleTest ./influxdb.nix {};
influxdb2 = handleTest ./influxdb2.nix {};
initrd-network-openvpn = handleTestOn [ "x86_64-linux" "i686-linux" ] ./initrd-network-openvpn {};

4
nixos/tests/firefox.nix
View File

@ -1,4 +1,4 @@
import ./make-test-python.nix ({ pkgs, firefoxPackage, ... }:
import ./make-test-python.nix ({ lib, pkgs, firefoxPackage, ... }:
{
name = firefoxPackage.pname;
@ -55,7 +55,7 @@ import ./make-test-python.nix ({ pkgs, firefoxPackage, ... }:
};
testScript = let
exe = firefoxPackage.unwrapped.binaryName;
exe = lib.getExe firefoxPackage;
in ''
from contextlib import contextmanager

7
nixos/tests/incus/container.nix
View File

@ -1,4 +1,4 @@
import ../make-test-python.nix ({ pkgs, lib, extra ? {}, name ? "incus-container", ... } :
import ../make-test-python.nix ({ pkgs, lib, extra ? {}, name ? "incus-container", incus ? pkgs.incus-lts, ... } :
let
releases = import ../../release.nix {
@ -28,7 +28,10 @@ in
memorySize = 1024;
diskSize = 4096;
incus.enable = true;
incus = {
enable = true;
package = incus;
};
};
networking.nftables.enable = true;
};

21
nixos/tests/incus/default.nix
View File

@ -3,24 +3,27 @@
config ? { },
pkgs ? import ../../.. { inherit system config; },
handleTestOn,
incus ? pkgs.incus-lts,
}:
{
container-legacy-init = import ./container.nix {
name = "container-legacy-init";
inherit system pkgs;
inherit incus system pkgs;
};
container-systemd-init = import ./container.nix {
name = "container-systemd-init";
inherit system pkgs;
inherit incus system pkgs;
extra = {
boot.initrd.systemd.enable = true;
};
};
incusd-options = import ./incusd-options.nix { inherit system pkgs; };
lxd-to-incus = import ./lxd-to-incus.nix { inherit system pkgs; };
openvswitch = import ./openvswitch.nix { inherit system pkgs; };
socket-activated = import ./socket-activated.nix { inherit system pkgs; };
storage = import ./storage.nix { inherit system pkgs; };
ui = import ./ui.nix { inherit system pkgs; };
virtual-machine = handleTestOn [ "x86_64-linux" ] ./virtual-machine.nix { inherit system pkgs; };
incusd-options = import ./incusd-options.nix { inherit incus system pkgs; };
lxd-to-incus = import ./lxd-to-incus.nix { inherit incus system pkgs; };
openvswitch = import ./openvswitch.nix { inherit incus system pkgs; };
socket-activated = import ./socket-activated.nix { inherit incus system pkgs; };
storage = import ./storage.nix { inherit incus system pkgs; };
ui = import ./ui.nix { inherit incus system pkgs; };
virtual-machine = handleTestOn [ "x86_64-linux" ] ./virtual-machine.nix {
inherit incus system pkgs;
};
}

8
nixos/tests/incus/incusd-options.nix
View File

@ -1,7 +1,12 @@
# this is a set of tests for non-default options. typically the default options
# will be handled by the other tests
import ../make-test-python.nix (
{ pkgs, lib, ... }:
{
pkgs,
lib,
incus ? pkgs.incus-lts,
...
}:
let
releases = import ../../release.nix {
@ -29,6 +34,7 @@ import ../make-test-python.nix (
incus = {
enable = true;
package = incus;
softDaemonRestart = false;
preseed = {

12
nixos/tests/incus/lxd-to-incus.nix
View File

@ -1,6 +1,11 @@
import ../make-test-python.nix (
{ pkgs, lib, ... }:
{
pkgs,
lib,
incus ? pkgs.incus-lts,
...
}:
let
releases = import ../../release.nix { configuration.documentation.enable = lib.mkForce false; };
@ -65,7 +70,10 @@ import ../make-test-python.nix (
];
};
incus.enable = true;
incus = {
enable = true;
package = incus;
};
};
networking.nftables.enable = true;
};

8
nixos/tests/incus/openvswitch.nix
View File

@ -1,4 +1,4 @@
import ../make-test-python.nix ({ pkgs, lib, ... } :
import ../make-test-python.nix ({ pkgs, lib, incus ? pkgs.incus-lts, ... } :
{
name = "incus-openvswitch";
@ -9,7 +9,11 @@ import ../make-test-python.nix ({ pkgs, lib, ... } :
nodes.machine = { lib, ... }: {
virtualisation = {
incus.enable = true;
incus = {
enable = true;
package = incus;
};
vswitch.enable = true;
incus.preseed = {
networks = [

9
nixos/tests/incus/socket-activated.nix
View File

@ -1,4 +1,4 @@
import ../make-test-python.nix ({ pkgs, lib, ... } :
import ../make-test-python.nix ({ pkgs, lib, incus ? pkgs.incus-lts, ... } :
{
name = "incus-socket-activated";
@ -9,8 +9,11 @@ import ../make-test-python.nix ({ pkgs, lib, ... } :
nodes.machine = { lib, ... }: {
virtualisation = {
incus.enable = true;
incus.socketActivation = true;
incus = {
enable = true;
package = incus;
socketActivation = true;
};
};
networking.nftables.enable = true;
};

12
nixos/tests/incus/storage.nix
View File

@ -1,5 +1,10 @@
import ../make-test-python.nix (
{ pkgs, lib, ... }:
{
pkgs,
lib,
incus ? pkgs.incus-lts,
...
}:
{
name = "incus-storage";
@ -19,7 +24,10 @@ import ../make-test-python.nix (
virtualisation = {
emptyDiskImages = [ 2048 ];
incus.enable = true;
incus = {
enable = true;
package = incus;
};
};
};

7
nixos/tests/incus/ui.nix
View File

@ -1,4 +1,4 @@
import ../make-test-python.nix ({ pkgs, lib, ... }: {
import ../make-test-python.nix ({ pkgs, lib, incus ? pkgs.incus-lts, ... }: {
name = "incus-ui";
meta = {
@ -7,7 +7,10 @@ import ../make-test-python.nix ({ pkgs, lib, ... }: {
nodes.machine = { lib, ... }: {
virtualisation = {
incus.enable = true;
incus = {
enable = true;
package = incus;
};
incus.ui.enable = true;
};
networking.nftables.enable = true;

7
nixos/tests/incus/virtual-machine.nix
View File

@ -1,4 +1,4 @@
import ../make-test-python.nix ({ pkgs, lib, ... }:
import ../make-test-python.nix ({ pkgs, lib, incus ? pkgs.incus-lts, ... }:
let
releases = import ../../release.nix {
@ -33,7 +33,10 @@ in
# Provide a TPM to test vTPM support for guests
tpm.enable = true;
incus.enable = true;
incus = {
enable = true;
package = incus;
};
};
networking.nftables.enable = true;
};

18
nixos/tests/k3s/default.nix
View File

@ -1,16 +1,20 @@
{ system ? builtins.currentSystem
, pkgs ? import ../../.. { inherit system; }
, lib ? pkgs.lib
{
system ? builtins.currentSystem,
pkgs ? import ../../.. { inherit system; },
lib ? pkgs.lib,
}:
let
allK3s = lib.filterAttrs (n: _: lib.strings.hasPrefix "k3s_" n) pkgs;
in
{
# Testing K3s with Etcd backend
etcd = lib.mapAttrs (_: k3s: import ./etcd.nix {
inherit system pkgs k3s;
inherit (pkgs) etcd;
}) allK3s;
etcd = lib.mapAttrs (
_: k3s:
import ./etcd.nix {
inherit system pkgs k3s;
inherit (pkgs) etcd;
}
) allK3s;
# Run a single node k3s cluster and verify a pod can run
single-node = lib.mapAttrs (_: k3s: import ./single-node.nix { inherit system pkgs k3s; }) allK3s;
# Run a multi-node k3s cluster and verify pod networking works across nodes

196
nixos/tests/k3s/etcd.nix
View File

@ -1,100 +1,130 @@
import ../make-test-python.nix ({ pkgs, lib, k3s, etcd, ... }:
import ../make-test-python.nix (
{
pkgs,
lib,
k3s,
etcd,
...
}:
{
name = "${k3s.name}-etcd";
{
name = "${k3s.name}-etcd";
nodes = {
nodes = {
etcd = { ... }: {
services.etcd = {
enable = true;
openFirewall = true;
listenClientUrls = [ "http://192.168.1.1:2379" "http://127.0.0.1:2379" ];
listenPeerUrls = [ "http://192.168.1.1:2380" ];
initialAdvertisePeerUrls = [ "http://192.168.1.1:2380" ];
initialCluster = [ "etcd=http://192.168.1.1:2380" ];
};
networking = {
useDHCP = false;
defaultGateway = "192.168.1.1";
interfaces.eth1.ipv4.addresses = pkgs.lib.mkForce [
{ address = "192.168.1.1"; prefixLength = 24; }
];
};
};
k3s = { pkgs, ... }: {
environment.systemPackages = with pkgs; [ jq ];
# k3s uses enough resources the default vm fails.
virtualisation.memorySize = 1536;
virtualisation.diskSize = 4096;
services.k3s = {
enable = true;
role = "server";
extraFlags = builtins.toString [
"--datastore-endpoint=\"http://192.168.1.1:2379\""
"--disable" "coredns"
"--disable" "local-storage"
"--disable" "metrics-server"
"--disable" "servicelb"
"--disable" "traefik"
"--node-ip" "192.168.1.2"
];
};
networking = {
firewall = {
allowedTCPPorts = [ 2379 2380 6443 ];
allowedUDPPorts = [ 8472 ];
etcd =
{ ... }:
{
services.etcd = {
enable = true;
openFirewall = true;
listenClientUrls = [
"http://192.168.1.1:2379"
"http://127.0.0.1:2379"
];
listenPeerUrls = [ "http://192.168.1.1:2380" ];
initialAdvertisePeerUrls = [ "http://192.168.1.1:2380" ];
initialCluster = [ "etcd=http://192.168.1.1:2380" ];
};
networking = {
useDHCP = false;
defaultGateway = "192.168.1.1";
interfaces.eth1.ipv4.addresses = pkgs.lib.mkForce [
{
address = "192.168.1.1";
prefixLength = 24;
}
];
};
};
k3s =
{ pkgs, ... }:
{
environment.systemPackages = with pkgs; [ jq ];
# k3s uses enough resources the default vm fails.
virtualisation.memorySize = 1536;
virtualisation.diskSize = 4096;
services.k3s = {
enable = true;
role = "server";
extraFlags = builtins.toString [
"--datastore-endpoint=\"http://192.168.1.1:2379\""
"--disable"
"coredns"
"--disable"
"local-storage"
"--disable"
"metrics-server"
"--disable"
"servicelb"
"--disable"
"traefik"
"--node-ip"
"192.168.1.2"
];
};
networking = {
firewall = {
allowedTCPPorts = [
2379
2380
6443
];
allowedUDPPorts = [ 8472 ];
};
useDHCP = false;
defaultGateway = "192.168.1.2";
interfaces.eth1.ipv4.addresses = pkgs.lib.mkForce [
{
address = "192.168.1.2";
prefixLength = 24;
}
];
};
};
useDHCP = false;
defaultGateway = "192.168.1.2";
interfaces.eth1.ipv4.addresses = pkgs.lib.mkForce [
{ address = "192.168.1.2"; prefixLength = 24; }
];
};
};
};
testScript = ''
with subtest("should start etcd"):
etcd.start()
etcd.wait_for_unit("etcd.service")
testScript = ''
with subtest("should start etcd"):
etcd.start()
etcd.wait_for_unit("etcd.service")
with subtest("should wait for etcdctl endpoint status to succeed"):
etcd.wait_until_succeeds("etcdctl endpoint status")
with subtest("should wait for etcdctl endpoint status to succeed"):
etcd.wait_until_succeeds("etcdctl endpoint status")
with subtest("should start k3s"):
k3s.start()
k3s.wait_for_unit("k3s")
with subtest("should start k3s"):
k3s.start()
k3s.wait_for_unit("k3s")
with subtest("should test if kubectl works"):
k3s.wait_until_succeeds("k3s kubectl get node")
with subtest("should test if kubectl works"):
k3s.wait_until_succeeds("k3s kubectl get node")
with subtest("should wait for service account to show up; takes a sec"):
k3s.wait_until_succeeds("k3s kubectl get serviceaccount default")
with subtest("should wait for service account to show up; takes a sec"):
k3s.wait_until_succeeds("k3s kubectl get serviceaccount default")
with subtest("should create a sample secret object"):
k3s.succeed("k3s kubectl create secret generic nixossecret --from-literal thesecret=abacadabra")
with subtest("should create a sample secret object"):
k3s.succeed("k3s kubectl create secret generic nixossecret --from-literal thesecret=abacadabra")
with subtest("should check if secret is correct"):
k3s.wait_until_succeeds("[[ $(kubectl get secrets nixossecret -o json | jq -r .data.thesecret | base64 -d) == abacadabra ]]")
with subtest("should check if secret is correct"):
k3s.wait_until_succeeds("[[ $(kubectl get secrets nixossecret -o json | jq -r .data.thesecret | base64 -d) == abacadabra ]]")
with subtest("should have a secret in database"):
etcd.wait_until_succeeds("[[ $(etcdctl get /registry/secrets/default/nixossecret | head -c1 | wc -c) -ne 0 ]]")
with subtest("should have a secret in database"):
etcd.wait_until_succeeds("[[ $(etcdctl get /registry/secrets/default/nixossecret | head -c1 | wc -c) -ne 0 ]]")
with subtest("should delete the secret"):
k3s.succeed("k3s kubectl delete secret nixossecret")
with subtest("should delete the secret"):
k3s.succeed("k3s kubectl delete secret nixossecret")
with subtest("should not have a secret in database"):
etcd.wait_until_fails("[[ $(etcdctl get /registry/secrets/default/nixossecret | head -c1 | wc -c) -ne 0 ]]")
with subtest("should not have a secret in database"):
etcd.wait_until_fails("[[ $(etcdctl get /registry/secrets/default/nixossecret | head -c1 | wc -c) -ne 0 ]]")
with subtest("should shutdown k3s and etcd"):
k3s.shutdown()
etcd.shutdown()
'';
with subtest("should shutdown k3s and etcd"):
k3s.shutdown()
etcd.shutdown()
'';
meta.maintainers = etcd.meta.maintainers ++ k3s.meta.maintainers;
})
meta.maintainers = etcd.meta.maintainers ++ k3s.meta.maintainers;
}
)

218
nixos/tests/k3s/multi-node.nix
View File

@ -1,14 +1,30 @@
import ../make-test-python.nix ({ pkgs, lib, k3s, ... }:
import ../make-test-python.nix (
{
pkgs,
lib,
k3s,
...
}:
let
imageEnv = pkgs.buildEnv {
name = "k3s-pause-image-env";
paths = with pkgs; [ tini bashInteractive coreutils socat ];
paths = with pkgs; [
tini
bashInteractive
coreutils
socat
];
};
pauseImage = pkgs.dockerTools.streamLayeredImage {
name = "test.local/pause";
tag = "local";
contents = imageEnv;
config.Entrypoint = [ "/bin/tini" "--" "/bin/sleep" "inf" ];
config.Entrypoint = [
"/bin/tini"
"--"
"/bin/sleep"
"inf"
];
};
# A daemonset that responds 'server' on port 8000
networkTestDaemonset = pkgs.writeText "test.yml" ''
@ -42,90 +58,135 @@ import ../make-test-python.nix ({ pkgs, lib, k3s, ... }:
name = "${k3s.name}-multi-node";
nodes = {
server = { pkgs, ... }: {
environment.systemPackages = with pkgs; [ gzip jq ];
# k3s uses enough resources the default vm fails.
virtualisation.memorySize = 1536;
virtualisation.diskSize = 4096;
server =
{ pkgs, ... }:
{
environment.systemPackages = with pkgs; [
gzip
jq
];
# k3s uses enough resources the default vm fails.
virtualisation.memorySize = 1536;
virtualisation.diskSize = 4096;
services.k3s = {
inherit tokenFile;
enable = true;
role = "server";
package = k3s;
clusterInit = true;
extraFlags = builtins.toString [
"--disable" "coredns"
"--disable" "local-storage"
"--disable" "metrics-server"
"--disable" "servicelb"
"--disable" "traefik"
"--node-ip" "192.168.1.1"
"--pause-image" "test.local/pause:local"
services.k3s = {
inherit tokenFile;
enable = true;
role = "server";
package = k3s;
clusterInit = true;
extraFlags = builtins.toString [
"--disable"
"coredns"
"--disable"
"local-storage"
"--disable"
"metrics-server"
"--disable"
"servicelb"
"--disable"
"traefik"
"--node-ip"
"192.168.1.1"
"--pause-image"
"test.local/pause:local"
];
};
networking.firewall.allowedTCPPorts = [
2379
2380
6443
];
networking.firewall.allowedUDPPorts = [ 8472 ];
networking.firewall.trustedInterfaces = [ "flannel.1" ];
networking.useDHCP = false;
networking.defaultGateway = "192.168.1.1";
networking.interfaces.eth1.ipv4.addresses = pkgs.lib.mkForce [
{
address = "192.168.1.1";
prefixLength = 24;
}
];
};
networking.firewall.allowedTCPPorts = [ 2379 2380 6443 ];
networking.firewall.allowedUDPPorts = [ 8472 ];
networking.firewall.trustedInterfaces = [ "flannel.1" ];
networking.useDHCP = false;
networking.defaultGateway = "192.168.1.1";
networking.interfaces.eth1.ipv4.addresses = pkgs.lib.mkForce [
{ address = "192.168.1.1"; prefixLength = 24; }
];
};
server2 = { pkgs, ... }: {
environment.systemPackages = with pkgs; [ gzip jq ];
virtualisation.memorySize = 1536;
virtualisation.diskSize = 4096;
server2 =
{ pkgs, ... }:
{
environment.systemPackages = with pkgs; [
gzip
jq
];
virtualisation.memorySize = 1536;
virtualisation.diskSize = 4096;
services.k3s = {
inherit tokenFile;
enable = true;
serverAddr = "https://192.168.1.1:6443";
clusterInit = false;
extraFlags = builtins.toString [
"--disable" "coredns"
"--disable" "local-storage"
"--disable" "metrics-server"
"--disable" "servicelb"
"--disable" "traefik"
"--node-ip" "192.168.1.3"
"--pause-image" "test.local/pause:local"
services.k3s = {
inherit tokenFile;
enable = true;
serverAddr = "https://192.168.1.1:6443";
clusterInit = false;
extraFlags = builtins.toString [
"--disable"
"coredns"
"--disable"
"local-storage"
"--disable"
"metrics-server"
"--disable"
"servicelb"
"--disable"
"traefik"
"--node-ip"
"192.168.1.3"
"--pause-image"
"test.local/pause:local"
];
};
networking.firewall.allowedTCPPorts = [
2379
2380
6443
];
networking.firewall.allowedUDPPorts = [ 8472 ];
networking.firewall.trustedInterfaces = [ "flannel.1" ];
networking.useDHCP = false;
networking.defaultGateway = "192.168.1.3";
networking.interfaces.eth1.ipv4.addresses = pkgs.lib.mkForce [
{
address = "192.168.1.3";
prefixLength = 24;
}
];
};
networking.firewall.allowedTCPPorts = [ 2379 2380 6443 ];
networking.firewall.allowedUDPPorts = [ 8472 ];
networking.firewall.trustedInterfaces = [ "flannel.1" ];
networking.useDHCP = false;
networking.defaultGateway = "192.168.1.3";
networking.interfaces.eth1.ipv4.addresses = pkgs.lib.mkForce [
{ address = "192.168.1.3"; prefixLength = 24; }
];
};
agent = { pkgs, ... }: {
virtualisation.memorySize = 1024;
virtualisation.diskSize = 2048;
services.k3s = {
inherit tokenFile;
enable = true;
role = "agent";
serverAddr = "https://192.168.1.3:6443";
extraFlags = lib.concatStringsSep " " [
"--pause-image" "test.local/pause:local"
"--node-ip" "192.168.1.2"
agent =
{ pkgs, ... }:
{
virtualisation.memorySize = 1024;
virtualisation.diskSize = 2048;
services.k3s = {
inherit tokenFile;
enable = true;
role = "agent";
serverAddr = "https://192.168.1.3:6443";
extraFlags = lib.concatStringsSep " " [
"--pause-image"
"test.local/pause:local"
"--node-ip"
"192.168.1.2"
];
};
networking.firewall.allowedTCPPorts = [ 6443 ];
networking.firewall.allowedUDPPorts = [ 8472 ];
networking.firewall.trustedInterfaces = [ "flannel.1" ];
networking.useDHCP = false;
networking.defaultGateway = "192.168.1.2";
networking.interfaces.eth1.ipv4.addresses = pkgs.lib.mkForce [
{
address = "192.168.1.2";
prefixLength = 24;
}
];
};
networking.firewall.allowedTCPPorts = [ 6443 ];
networking.firewall.allowedUDPPorts = [ 8472 ];
networking.firewall.trustedInterfaces = [ "flannel.1" ];
networking.useDHCP = false;
networking.defaultGateway = "192.168.1.2";
networking.interfaces.eth1.ipv4.addresses = pkgs.lib.mkForce [
{ address = "192.168.1.2"; prefixLength = 24; }
];
};
};
meta.maintainers = k3s.meta.maintainers;
@ -178,4 +239,5 @@ import ../make-test-python.nix ({ pkgs, lib, k3s, ... }:
for m in machines:
m.shutdown()
'';
})
}
)

139
nixos/tests/k3s/single-node.nix
View File

@ -1,14 +1,29 @@
import ../make-test-python.nix ({ pkgs, lib, k3s, ... }:
import ../make-test-python.nix (
{
pkgs,
lib,
k3s,
...
}:
let
imageEnv = pkgs.buildEnv {
name = "k3s-pause-image-env";
paths = with pkgs; [ tini (hiPrio coreutils) busybox ];
paths = with pkgs; [
tini
(hiPrio coreutils)
busybox
];
};
pauseImage = pkgs.dockerTools.streamLayeredImage {
name = "test.local/pause";
tag = "local";
contents = imageEnv;
config.Entrypoint = [ "/bin/tini" "--" "/bin/sleep" "inf" ];
config.Entrypoint = [
"/bin/tini"
"--"
"/bin/sleep"
"inf"
];
};
testPodYaml = pkgs.writeText "test.yml" ''
apiVersion: v1
@ -27,69 +42,83 @@ import ../make-test-python.nix ({ pkgs, lib, k3s, ... }:
name = "${k3s.name}-single-node";
meta.maintainers = k3s.meta.maintainers;
nodes.machine = { pkgs, ... }: {
environment.systemPackages = with pkgs; [ k3s gzip ];
nodes.machine =
{ pkgs, ... }:
{
environment.systemPackages = with pkgs; [
k3s
gzip
];
# k3s uses enough resources the default vm fails.
virtualisation.memorySize = 1536;
virtualisation.diskSize = 4096;
# k3s uses enough resources the default vm fails.
virtualisation.memorySize = 1536;
virtualisation.diskSize = 4096;
services.k3s.enable = true;
services.k3s.role = "server";
services.k3s.package = k3s;
# Slightly reduce resource usage
services.k3s.extraFlags = builtins.toString [
"--disable" "coredns"
"--disable" "local-storage"
"--disable" "metrics-server"
"--disable" "servicelb"
"--disable" "traefik"
"--pause-image" "test.local/pause:local"
];
services.k3s.enable = true;
services.k3s.role = "server";
services.k3s.package = k3s;
# Slightly reduce resource usage
services.k3s.extraFlags = builtins.toString [
"--disable"
"coredns"
"--disable"
"local-storage"
"--disable"
"metrics-server"
"--disable"
"servicelb"
"--disable"
"traefik"
"--pause-image"
"test.local/pause:local"
];
users.users = {
noprivs = {
isNormalUser = true;
description = "Can't access k3s by default";
password = "*";
users.users = {
noprivs = {
isNormalUser = true;
description = "Can't access k3s by default";
password = "*";
};
};
};
};
testScript = ''
start_all()
testScript =
''
start_all()
machine.wait_for_unit("k3s")
machine.succeed("kubectl cluster-info")
machine.fail("sudo -u noprivs kubectl cluster-info")
machine.wait_for_unit("k3s")
machine.succeed("kubectl cluster-info")
machine.fail("sudo -u noprivs kubectl cluster-info")
'' # Fix-Me: Tests fail for 'aarch64-linux' as: "CONFIG_CGROUP_FREEZER: missing (fail)"
+ lib.optionalString (!pkgs.stdenv.isAarch64) ''machine.succeed("k3s check-config")'' + ''
+ lib.optionalString (!pkgs.stdenv.isAarch64) ''machine.succeed("k3s check-config")''
+ ''
machine.succeed(
"${pauseImage} | ctr image import -"
)
machine.succeed(
"${pauseImage} | ctr image import -"
)
# Also wait for our service account to show up; it takes a sec
machine.wait_until_succeeds("kubectl get serviceaccount default")
machine.succeed("kubectl apply -f ${testPodYaml}")
machine.succeed("kubectl wait --for 'condition=Ready' pod/test")
machine.succeed("kubectl delete -f ${testPodYaml}")
# Also wait for our service account to show up; it takes a sec
machine.wait_until_succeeds("kubectl get serviceaccount default")
machine.succeed("kubectl apply -f ${testPodYaml}")
machine.succeed("kubectl wait --for 'condition=Ready' pod/test")
machine.succeed("kubectl delete -f ${testPodYaml}")
# regression test for #176445
machine.fail("journalctl -o cat -u k3s.service | grep 'ipset utility not found'")
# regression test for #176445
machine.fail("journalctl -o cat -u k3s.service | grep 'ipset utility not found'")
with subtest("Run k3s-killall"):
# Call the killall script with a clean path to assert that
# all required commands are wrapped
output = machine.succeed("PATH= ${k3s}/bin/k3s-killall.sh 2>&1 | tee /dev/stderr")
assert "command not found" not in output, "killall script contains unknown command"
with subtest("Run k3s-killall"):
# Call the killall script with a clean path to assert that
# all required commands are wrapped
output = machine.succeed("PATH= ${k3s}/bin/k3s-killall.sh 2>&1 | tee /dev/stderr")
assert "command not found" not in output, "killall script contains unknown command"
# Check that killall cleaned up properly
machine.fail("systemctl is-active k3s.service")
machine.fail("systemctl list-units | grep containerd")
machine.fail("ip link show | awk -F': ' '{print $2}' | grep -e flannel -e cni0")
machine.fail("ip netns show | grep cni-")
# Check that killall cleaned up properly
machine.fail("systemctl is-active k3s.service")
machine.fail("systemctl list-units | grep containerd")
machine.fail("ip link show | awk -F': ' '{print $2}' | grep -e flannel -e cni0")
machine.fail("ip netns show | grep cni-")
machine.shutdown()
'';
})
machine.shutdown()
'';
}
)

4
nixos/tests/web-apps/pretalx.nix
View File

@ -27,5 +27,9 @@
pretalx.wait_for_unit("pretalx-worker.service")
pretalx.wait_until_succeeds("curl -q --fail http://talks.local/orga/")
pretalx.succeed("pretalx-manage --help")
pretalx.log(pretalx.succeed("systemd-analyze security pretalx-web.service"))
'';
}

4
pkgs/applications/editors/vscode/extensions/default.nix
View File

@ -2205,8 +2205,8 @@ let
mktplcRef = {
name = "Ionide-fsharp";
publisher = "Ionide";
version = "7.18.2";
hash = "sha256-CEeTLiZktp5YzCRxDXa+s8W9N971iQla/FyCr8Co0SQ=";
version = "7.19.1";
hash = "sha256-QyGt3q00IEXw6YNvx7pFhLS1s44aeiB/U0m3Ow1UdlM=";
};
meta = {
changelog = "https://marketplace.visualstudio.com/items/Ionide.Ionide-fsharp/changelog";

16
pkgs/applications/editors/vscode/vscode.nix
View File

@ -30,21 +30,21 @@ let
archive_fmt = if stdenv.isDarwin then "zip" else "tar.gz";
sha256 = {
x86_64-linux = "0hy1ppv7wzyy581k3skmckaas0lwkx5l6w4hk1ml5f2cpkkxhq5w";
x86_64-darwin = "1mybfp2hg93wp3iwgwgkh84gcaj1vgs3gkmgb5yp38jhwxj5wrhk";
aarch64-linux = "16d0qqm7fm1bm58n7n2cscs619mbxr0bbglgz3prr2cmr7bwmx87";
aarch64-darwin = "1pp668rf5a06rdb8fd06ajrzxp02z7v6lmr3y77i5n2hs5xnpm0b";
armv7l-linux = "1cqhlm64gw08rn45ryizx1vypyybsrm9v8piapym5clwswbaxqs5";
x86_64-linux = "1zfh48g6prjhjcyrz5impsnm6khw7s75k8k54bp0cszl81ddsysx";
x86_64-darwin = "1w5fzq8dmzrs2ggxvcbcs03psxxi1dbzx5l0jn52szi1g5y3daxi";
aarch64-linux = "0rs4zzddfpwbf86cjl4r65cxccs4ypz1s7lw98vq0j8pfx8vkgqi";
aarch64-darwin = "0gha1b6q3k57yrbp7qrrknlbbbbhcjd6slbyrzlwjcz1ddvs7c8s";
armv7l-linux = "01s1vxbmg3zp47kwlsjr781v6c51l5bcpf9pc91id0qcrhax703k";
}.${system} or throwSystem;
in
callPackage ./generic.nix rec {
# Please backport all compatible updates to the stable release.
# This is important for the extension ecosystem.
version = "1.89.0";
version = "1.89.1";
pname = "vscode" + lib.optionalString isInsiders "-insiders";
# This is used for VS Code - Remote SSH test
rev = "b58957e67ee1e712cebf466b995adf4c5307b2bd";
rev = "dc96b837cf6bb4af9cd736aa3af08cf8279f7685";
executableName = "code" + lib.optionalString isInsiders "-insiders";
longName = "Visual Studio Code" + lib.optionalString isInsiders " - Insiders";
@ -68,7 +68,7 @@ in
src = fetchurl {
name = "vscode-server-${rev}.tar.gz";
url = "https://update.code.visualstudio.com/commit:${rev}/server-linux-x64/stable";
sha256 = "17563d413czlqpy3921gq5ja7mi3lgb8yjgvsqfn3fkaj70gr1hq";
sha256 = "05gvq96vw69lb8ip8pfd9g43j8kvfwlrdmm11b41fpdafhi45f89";
};
};

4
pkgs/applications/emulators/cemu/default.nix
View File

@ -46,13 +46,13 @@ let
in stdenv.mkDerivation rec {
pname = "cemu";
version = "2.0-80";
version = "2.0-82";
src = fetchFromGitHub {
owner = "cemu-project";
repo = "Cemu";
rev = "v${version}";
hash = "sha256-uNGRiotitt+fWpJFCno04XiCSD1p38QEqw042Bq/IGc=";
hash = "sha256-rmlkit7ZNUM0ErqoclivfBHolV0tRWyToLmsvoTslbI=";
};
patches = [

4
pkgs/applications/graphics/vengi-tools/default.nix
View File

@ -29,13 +29,13 @@
stdenv.mkDerivation (finalAttrs: {
pname = "vengi-tools";
version = "0.0.30";
version = "0.0.31";
src = fetchFromGitHub {
owner = "mgerhardy";
repo = "vengi";
rev = "v${finalAttrs.version}";
hash = "sha256-Qdjwop92udrPiczMInhvRUMn9uZu6iBMAWzqDWySy94=";
hash = "sha256-0ta7rBWc4qUqsKDU/KSzx2x+fF2GVw77lQvRgt4bkpI=";
};
nativeBuildInputs = [

6
pkgs/applications/misc/cotp/default.nix
View File

@ -8,16 +8,16 @@
rustPlatform.buildRustPackage rec {
pname = "cotp";
version = "1.6.0";
version = "1.6.1";
src = fetchFromGitHub {
owner = "replydev";
repo = "cotp";
rev = "v${version}";
hash = "sha256-X3o3KgTHnhekdiSFdrCwLOrd0HKvCd8Z5jR2WpY1D6Q=";
hash = "sha256-QWx42uSjN6Dev5JTa8vPTXOxr8qw5kerLepTWhJTb1I=";
};
cargoHash = "sha256-zaVNfgWXqHQaogGTaR1eE5u3gYU9SQ0nk0VO7NL5mvg=";
cargoHash = "sha256-5PUVg08D8cZdUIt1A9wjpi9bc/XsB9P7S6L8M054MCg=";
buildInputs = lib.optionals stdenv.isLinux [ libxcb ]
++ lib.optionals stdenv.isDarwin [ AppKit ];

4
pkgs/applications/misc/k40-whisperer/default.nix
View File

@ -23,12 +23,12 @@ let
in stdenv.mkDerivation rec {
pname = "k40-whisperer";
version = "0.67";
version = "0.68";
src = fetchzip {
url = "https://www.scorchworks.com/K40whisperer/K40_Whisperer-${version}_src.zip";
stripRoot = true;
sha256 = "sha256-jyny5uNZ5eL4AV47uAgOhBe4Zqg8GK3e86Z9gZbC68s=";
sha256 = "sha256-Pc6iqBQUoI0dsrf+2dA1ZbxX+4Eks/lVgMGC4SR+oFI=";
};
nativeBuildInputs = [ makeWrapper ];

4
pkgs/applications/misc/nwg-panel/default.nix
View File

@ -16,13 +16,13 @@
python3Packages.buildPythonApplication rec {
pname = "nwg-panel";
version = "0.9.27";
version = "0.9.31";
src = fetchFromGitHub {
owner = "nwg-piotr";
repo = "nwg-panel";
rev = "refs/tags/v${version}";
hash = "sha256-GCaqFqoZ7lfyE3VD3Dgz8jVt9TtUq3XVzVeI6g3SO5E=";
hash = "sha256-g3O+jWLwMBNfk0vAi/wq/YnGTAIscDJH2QV7bequyNU=";
};
# No tests

3
pkgs/applications/misc/remarkable/rmview/default.nix
View File

@ -3,6 +3,7 @@
python3Packages.buildPythonApplication rec {
pname = "rmview";
version = "3.1.3";
pyproject = true;
src = fetchFromGitHub {
owner = "bordaigorl";
@ -11,7 +12,7 @@ python3Packages.buildPythonApplication rec {
sha256 = "sha256-V26zmu8cQkLs0IMR7eFO8x34McnT3xYyzlZfntApYkk=";
};
nativeBuildInputs = with python3Packages; [ pyqt5 wrapQtAppsHook ];
nativeBuildInputs = with python3Packages; [ pyqt5 setuptools wrapQtAppsHook ];
propagatedBuildInputs = with python3Packages; [ pyqt5 paramiko twisted pyjwt pyopenssl service-identity sshtunnel ];
preBuild = ''

29
pkgs/applications/networking/browsers/chromium/common.nix
View File

@ -241,8 +241,26 @@ let
./patches/cross-compile.patch
# Optional patch to use SOURCE_DATE_EPOCH in compute_build_timestamp.py (should be upstreamed):
./patches/no-build-timestamps.patch
# For bundling Widevine (DRM), might be replaceable via bundle_widevine_cdm=true in gnFlags:
./patches/widevine-79.patch
] ++ lib.optionals (packageName == "chromium") [
# This patch is limited to chromium and ungoogled-chromium because electron-source sets
# enable_widevine to false.
#
# The patch disables the automatic Widevine download (component) that happens at runtime
# completely (~/.config/chromium/WidevineCdm/). This would happen if chromium encounters DRM
# protected content or when manually opening chrome://components.
#
# It also prevents previously downloaded Widevine blobs in that location from being loaded and
# used at all, while still allowing the use of our -wv wrapper. This is because those old
# versions are out of out our control and may be vulnerable, given we literally disable their
# auto updater.
#
# bundle_widevine_cdm is available as gn flag, but we cannot use it, as it expects a bunch of
# files Widevine files at configure/compile phase that we don't have. Changing the value of the
# BUNDLE_WIDEVINE_CDM build flag does work in the way we want though.
# We also need enable_widevine_cdm_component to be false. Unfortunately it isn't exposed as gn
# flag (declare_args) so we simply hardcode it to false.
./patches/widevine-disable-auto-download-allow-bundle.patch
] ++ [
# Required to fix the build with a more recent wayland-protocols version
# (we currently package 1.26 in Nixpkgs while Chromium bundles 1.21):
# Source: https://bugs.chromium.org/p/angleproject/issues/detail?id=7582#c1
@ -418,10 +436,11 @@ let
# Feature overrides:
# Native Client support was deprecated in 2020 and support will end in June 2021:
enable_nacl = false;
# Enabling the Widevine component here doesn't affect whether we can
# redistribute the chromium package; the Widevine component is either
# added later in the wrapped -wv build or downloaded from Google:
} // lib.optionalAttrs (packageName == "chromium") {
# Enabling the Widevine here doesn't affect whether we can redistribute the chromium package.
# Widevine in this drv is a bit more complex than just that. See Widevine patch somewhere above.
enable_widevine = true;
} // {
# Provides the enable-webrtc-pipewire-capturer flag to support Wayland screen capture:
rtc_use_pipewire = true;
# Disable PGO because the profile data requires a newer compiler version (LLVM 14 isn't sufficient):

13
pkgs/applications/networking/browsers/chromium/patches/widevine-79.patch
View File

@ -1,13 +0,0 @@
diff --git a/third_party/widevine/cdm/BUILD.gn b/third_party/widevine/cdm/BUILD.gn
index ed0e2f5208b..5b431a030d5 100644
--- a/third_party/widevine/cdm/BUILD.gn
+++ b/third_party/widevine/cdm/BUILD.gn
@@ -14,7 +14,7 @@ buildflag_header("buildflags") {
flags = [
"ENABLE_WIDEVINE=$enable_widevine",
- "BUNDLE_WIDEVINE_CDM=$bundle_widevine_cdm",
+ "BUNDLE_WIDEVINE_CDM=true",
"ENABLE_WIDEVINE_CDM_COMPONENT=$enable_widevine_cdm_component",
]
}

27
pkgs/applications/networking/browsers/chromium/patches/widevine-disable-auto-download-allow-bundle.patch Normal file
View File

@ -0,0 +1,27 @@
diff --git a/third_party/widevine/cdm/BUILD.gn b/third_party/widevine/cdm/BUILD.gn
index 525693b6c10ab..245491e137d39 100644
--- a/third_party/widevine/cdm/BUILD.gn
+++ b/third_party/widevine/cdm/BUILD.gn
@@ -22,7 +22,7 @@ buildflag_header("buildflags") {
flags = [
"ENABLE_WIDEVINE=$enable_widevine",
- "BUNDLE_WIDEVINE_CDM=$bundle_widevine_cdm",
+ "BUNDLE_WIDEVINE_CDM=true",
"ENABLE_WIDEVINE_CDM_COMPONENT=$enable_widevine_cdm_component",
"ENABLE_MEDIA_FOUNDATION_WIDEVINE_CDM=$enable_media_foundation_widevine_cdm",
]
diff --git a/third_party/widevine/cdm/widevine.gni b/third_party/widevine/cdm/widevine.gni
index 58f073ca562ca..4b242c2618dfb 100644
--- a/third_party/widevine/cdm/widevine.gni
+++ b/third_party/widevine/cdm/widevine.gni
@@ -41,8 +41,7 @@ enable_library_widevine_cdm =
# Widevine CDM can be deployed as a component. Currently only supported on
# desktop platforms. The CDM can be bundled regardless whether
# it's a component. See below.
-enable_widevine_cdm_component =
- enable_library_widevine_cdm && (is_win || is_mac || is_linux || is_chromeos)
+enable_widevine_cdm_component = false
# Enable (Windows) Media Foundation Widevine CDM component.
declare_args() {

24
pkgs/applications/networking/browsers/chromium/upstream-info.nix
View File

@ -1,11 +1,11 @@
{
stable = {
chromedriver = {
hash_darwin = "sha256-4MZwD2jgjOrBTtkjxW0XH+lZfP8wj7Z6eg7LwFziCPU=";
hash_darwin = "sha256-jnWmH6MzqZzzIAblvJFv5jKFJ2LILyGy+eOqb6sWmWc=";
hash_darwin_aarch64 =
"sha256-P9qi8rR8DW+WOT+ev2EgA93StnGrBiIHu2UbkEhS+0M=";
hash_linux = "sha256-eudgRu3OMuTBTeX8zrm6ShgmjcsNhzaBYEAP/4n1SJk=";
version = "124.0.6367.155";
"sha256-FO0kncAPj/cBwlGN2RdFGR7Bn5pKzTRlf2IQ422mm5c=";
hash_linux = "sha256-3khPV+WPcYHrlGNFXhmRrja2+wWsr77BVgHLbSe0IF8=";
version = "124.0.6367.201";
};
deps = {
gn = {
@ -15,9 +15,9 @@
version = "2024-03-14";
};
};
hash = "sha256-Qv1xYofY4Tgj+WT1a8ehOo7R52CwZz2vCK9MDSnjmsg=";
hash_deb_amd64 = "sha256-lFG5l3K2Yo1BYbXS9bK+9gWx6JxFrPxpT+zI7dBXQ6E=";
version = "124.0.6367.155";
hash = "sha256-nSI+tkJxOedMtYgtiqW37v0ZjgxxU5o/0sH9bPAchBg=";
hash_deb_amd64 = "sha256-RvQdpDmWRcsASh1b8M0Zg+AvZprE5qhi14shfo0WlfE=";
version = "124.0.6367.201";
};
ungoogled-chromium = {
deps = {
@ -28,12 +28,12 @@
version = "2024-03-14";
};
ungoogled-patches = {
hash = "sha256-RS6flauUQjd+NPqUIppwlgtjOKxJa5+OTnL4aI3gRcs=";
rev = "124.0.6367.155-1";
hash = "sha256-fy4SydGRRyDhJZ7IADG54+rGWh2i+2SrSkuCglphhm8=";
rev = "124.0.6367.201-1";
};
};
hash = "sha256-Qv1xYofY4Tgj+WT1a8ehOo7R52CwZz2vCK9MDSnjmsg=";
hash_deb_amd64 = "sha256-lFG5l3K2Yo1BYbXS9bK+9gWx6JxFrPxpT+zI7dBXQ6E=";
version = "124.0.6367.155";
hash = "sha256-nSI+tkJxOedMtYgtiqW37v0ZjgxxU5o/0sH9bPAchBg=";
hash_deb_amd64 = "sha256-RvQdpDmWRcsASh1b8M0Zg+AvZprE5qhi14shfo0WlfE=";
version = "124.0.6367.201";
};
}

63
pkgs/applications/networking/browsers/dillo/default.nix
View File

@ -1,63 +0,0 @@
{ lib
, stdenv
, fetchhg
, autoreconfHook
, fltk
, libXcursor
, libXi
, libXinerama
, libjpeg
, libpng
, mbedtls_2
, openssl
, perl
, pkg-config
, which
}:
stdenv.mkDerivation {
pname = "dillo";
version = "unstable-2021-02-09";
src = fetchhg {
url = "https://hg.sr.ht/~seirdy/dillo-mirror";
rev = "67b70f024568b505633524be61fcfbde5337849f";
sha256 = "sha256-lbn5u9oEL0zt9yBhznBS9Dz9/6kSwRDJeNXKEojty1g=";
};
nativeBuildInputs = [
autoreconfHook
pkg-config
which
];
buildInputs = [
fltk
libXcursor
libXi
libXinerama
libjpeg
libpng
mbedtls_2
openssl
perl
];
# Workaround build failure on -fno-common toolchains:
# ld: main.o:/build/dillo-3.0.5/dpid/dpid.h:64: multiple definition of `sock_set';
# dpid.o:/build/dillo-3.0.5/dpid/dpid.h:64: first defined here
env.NIX_CFLAGS_COMPILE = "-fcommon";
configureFlags = [ "--enable-ssl=yes" ];
meta = with lib; {
homepage = "https://hg.sr.ht/~seirdy/dillo-mirror";
description = "A fast graphical web browser with a small footprint";
longDescription = ''
Dillo is a small, fast web browser, tailored for older machines.
'';
maintainers = [ maintainers.AndersonTorres ];
platforms = platforms.linux;
license = licenses.gpl3Plus;
};
}

4
pkgs/applications/networking/cluster/arkade/default.nix
View File

@ -7,13 +7,13 @@
buildGoModule rec {
pname = "arkade";
version = "0.11.10";
version = "0.11.11";
src = fetchFromGitHub {
owner = "alexellis";
repo = "arkade";
rev = version;
hash = "sha256-Uw+/pVhbGYjFTcrh90Gstu5KddlkXKuzL2lbQ7CFLGs=";
hash = "sha256-Pevsq/u6sI00k874PiAVwzgTqzzja1D2zsfebIFJv/0=";
};
CGO_ENABLED = 0;

16
pkgs/applications/networking/cluster/k3s/1_26/chart-versions.nix
View File

@ -1,10 +1,10 @@
{
traefik-crd = {
url = "https://k3s.io/k3s-charts/assets/traefik-crd/traefik-crd-25.0.2+up25.0.0.tgz";
sha256 = "0jygzsn5pxzf7423x5iqfffgx5xvm7c7hfck46y7vpv1fdkiipcq";
};
traefik = {
url = "https://k3s.io/k3s-charts/assets/traefik/traefik-25.0.2+up25.0.0.tgz";
sha256 = "1g9n19lnqdkmbbr3rnbwc854awha0kqqfwyxanyx1lg5ww8ldp89";
};
traefik-crd = {
url = "https://k3s.io/k3s-charts/assets/traefik-crd/traefik-crd-25.0.2+up25.0.0.tgz";
sha256 = "0jygzsn5pxzf7423x5iqfffgx5xvm7c7hfck46y7vpv1fdkiipcq";
};
traefik = {
url = "https://k3s.io/k3s-charts/assets/traefik/traefik-25.0.2+up25.0.0.tgz";
sha256 = "1g9n19lnqdkmbbr3rnbwc854awha0kqqfwyxanyx1lg5ww8ldp89";
};
}

16
pkgs/applications/networking/cluster/k3s/1_27/chart-versions.nix
View File

@ -1,10 +1,10 @@
{
traefik-crd = {
url = "https://k3s.io/k3s-charts/assets/traefik-crd/traefik-crd-25.0.3+up25.0.0.tgz";
sha256 = "1z693i4kd3jyf26ccnb0sxjyxadipl6k13n7jyg5v4y93fv1rpdw";
};
traefik = {
url = "https://k3s.io/k3s-charts/assets/traefik/traefik-25.0.3+up25.0.0.tgz";
sha256 = "1a24qlp7c6iri72ka1i37l1lzn13xibrd26dy295z2wzr55gg7if";
};
traefik-crd = {
url = "https://k3s.io/k3s-charts/assets/traefik-crd/traefik-crd-25.0.3+up25.0.0.tgz";
sha256 = "1z693i4kd3jyf26ccnb0sxjyxadipl6k13n7jyg5v4y93fv1rpdw";
};
traefik = {
url = "https://k3s.io/k3s-charts/assets/traefik/traefik-25.0.3+up25.0.0.tgz";
sha256 = "1a24qlp7c6iri72ka1i37l1lzn13xibrd26dy295z2wzr55gg7if";
};
}

16
pkgs/applications/networking/cluster/k3s/1_28/chart-versions.nix
View File

@ -1,10 +1,10 @@
{
traefik-crd = {
url = "https://k3s.io/k3s-charts/assets/traefik-crd/traefik-crd-25.0.3+up25.0.0.tgz";
sha256 = "1z693i4kd3jyf26ccnb0sxjyxadipl6k13n7jyg5v4y93fv1rpdw";
};
traefik = {
url = "https://k3s.io/k3s-charts/assets/traefik/traefik-25.0.3+up25.0.0.tgz";
sha256 = "1a24qlp7c6iri72ka1i37l1lzn13xibrd26dy295z2wzr55gg7if";
};
traefik-crd = {
url = "https://k3s.io/k3s-charts/assets/traefik-crd/traefik-crd-25.0.3+up25.0.0.tgz";
sha256 = "1z693i4kd3jyf26ccnb0sxjyxadipl6k13n7jyg5v4y93fv1rpdw";
};
traefik = {
url = "https://k3s.io/k3s-charts/assets/traefik/traefik-25.0.3+up25.0.0.tgz";
sha256 = "1a24qlp7c6iri72ka1i37l1lzn13xibrd26dy295z2wzr55gg7if";
};
}

16
pkgs/applications/networking/cluster/k3s/1_29/chart-versions.nix
View File

@ -1,10 +1,10 @@
{
traefik-crd = {
url = "https://k3s.io/k3s-charts/assets/traefik-crd/traefik-crd-25.0.3+up25.0.0.tgz";
sha256 = "1z693i4kd3jyf26ccnb0sxjyxadipl6k13n7jyg5v4y93fv1rpdw";
};
traefik = {
url = "https://k3s.io/k3s-charts/assets/traefik/traefik-25.0.3+up25.0.0.tgz";
sha256 = "1a24qlp7c6iri72ka1i37l1lzn13xibrd26dy295z2wzr55gg7if";
};
traefik-crd = {
url = "https://k3s.io/k3s-charts/assets/traefik-crd/traefik-crd-25.0.3+up25.0.0.tgz";
sha256 = "1z693i4kd3jyf26ccnb0sxjyxadipl6k13n7jyg5v4y93fv1rpdw";
};
traefik = {
url = "https://k3s.io/k3s-charts/assets/traefik/traefik-25.0.3+up25.0.0.tgz";
sha256 = "1a24qlp7c6iri72ka1i37l1lzn13xibrd26dy295z2wzr55gg7if";
};
}

106
pkgs/applications/networking/cluster/k3s/builder.nix
View File

@ -29,41 +29,42 @@ lib:
# currently.
# It is likely we will have to split out additional builders for additional
# versions in the future, or customize this one further.
{ lib
, makeWrapper
, socat
, iptables
, iproute2
, ipset
, bridge-utils
, btrfs-progs
, conntrack-tools
, buildGoModule
, runc
, rsync
, kmod
, libseccomp
, pkg-config
, ethtool
, util-linux
, fetchFromGitHub
, fetchurl
, fetchzip
, fetchgit
, zstd
, yq-go
, sqlite
, nixosTests
, pkgsBuildBuild
, go
, runCommand
, bash
, procps
, coreutils
, gnugrep
, findutils
, gnused
, systemd
{
lib,
makeWrapper,
socat,
iptables,
iproute2,
ipset,
bridge-utils,
btrfs-progs,
conntrack-tools,
buildGoModule,
runc,
rsync,
kmod,
libseccomp,
pkg-config,
ethtool,
util-linux,
fetchFromGitHub,
fetchurl,
fetchzip,
fetchgit,
zstd,
yq-go,
sqlite,
nixosTests,
pkgsBuildBuild,
go,
runCommand,
bash,
procps,
coreutils,
gnugrep,
findutils,
gnused,
systemd,
}:
# k3s is a kinda weird derivation. One of the main points of k3s is the
@ -91,7 +92,13 @@ let
description = "A lightweight Kubernetes distribution";
license = licenses.asl20;
homepage = "https://k3s.io";
maintainers = with maintainers; [ euank mic92 superherointj yajo ];
maintainers = with maintainers; [
euank
mic92
superherointj
wrmilling
yajo
];
platforms = platforms.linux;
# resolves collisions with other installations of kubectl, crictl, ctr
@ -231,12 +238,19 @@ let
vendorHash = k3sVendorHash;
nativeBuildInputs = [ pkg-config ];
buildInputs = [ libseccomp sqlite.dev ];
buildInputs = [
libseccomp
sqlite.dev
];
subPackages = [ "cmd/server" ];
ldflags = versionldflags;
tags = [ "ctrd" "libsqlite3" "linux" ];
tags = [
"ctrd"
"libsqlite3"
"linux"
];
# create the multicall symlinks for k3s
postInstall = ''
@ -282,7 +296,11 @@ buildGoModule rec {
pname = "k3s";
version = k3sVersion;
tags = [ "libsqlite3" "linux" "ctrd" ];
tags = [
"libsqlite3"
"linux"
"ctrd"
];
src = k3sRepo;
vendorHash = k3sVendorHash;
@ -400,15 +418,17 @@ buildGoModule rec {
passthru.updateScript = updateScript;
passthru.mkTests = version:
let k3s_version = "k3s_" + lib.replaceStrings ["."] ["_"] (lib.versions.majorMinor version);
in {
passthru.mkTests =
version:
let
k3s_version = "k3s_" + lib.replaceStrings [ "." ] [ "_" ] (lib.versions.majorMinor version);
in
{
etcd = nixosTests.k3s.etcd.${k3s_version};
single-node = nixosTests.k3s.single-node.${k3s_version};
multi-node = nixosTests.k3s.multi-node.${k3s_version};
};
passthru.tests = passthru.mkTests k3sVersion;
meta = baseMeta;
}

48
pkgs/applications/networking/cluster/k3s/default.nix
View File

@ -12,22 +12,46 @@ let
extraArgs = builtins.removeAttrs args [ "callPackage" ];
in
{
k3s_1_26 = common ((import ./1_26/versions.nix) // {
updateScript = [ ./update-script.sh "26" ];
}) extraArgs;
k3s_1_26 = common (
(import ./1_26/versions.nix)
// {
updateScript = [
./update-script.sh
"26"
];
}
) extraArgs;
# 1_27 can be built with the same builder as 1_26
k3s_1_27 = common ((import ./1_27/versions.nix) // {
updateScript = [ ./update-script.sh "27" ];
}) extraArgs;
k3s_1_27 = common (
(import ./1_27/versions.nix)
// {
updateScript = [
./update-script.sh
"27"
];
}
) extraArgs;
# 1_28 can be built with the same builder as 1_26
k3s_1_28 = common ((import ./1_28/versions.nix) // {
updateScript = [ ./update-script.sh "28" ];
}) extraArgs;
k3s_1_28 = common (
(import ./1_28/versions.nix)
// {
updateScript = [
./update-script.sh
"28"
];
}
) extraArgs;
# 1_29 can be built with the same builder as 1_26
k3s_1_29 = common ((import ./1_29/versions.nix) // {
updateScript = [ ./update-script.sh "29" ];
}) extraArgs;
k3s_1_29 = common (
(import ./1_29/versions.nix)
// {
updateScript = [
./update-script.sh
"29"
];
}
) extraArgs;
}

16
pkgs/applications/networking/cluster/k3s/update-script.sh
View File

@ -57,14 +57,14 @@ CHARTS_URL=https://k3s.io/k3s-charts/assets
rm -f chart-versions.nix.update
cat > chart-versions.nix.update <<EOF
{
traefik-crd = {
url = "${CHARTS_URL}/traefik-crd/${CHART_FILES[0]}";
sha256 = "$(nix-prefetch-url --quiet "${CHARTS_URL}/traefik-crd/${CHART_FILES[0]}")";
};
traefik = {
url = "${CHARTS_URL}/traefik/${CHART_FILES[1]}";
sha256 = "$(nix-prefetch-url --quiet "${CHARTS_URL}/traefik/${CHART_FILES[1]}")";
};
traefik-crd = {
url = "${CHARTS_URL}/traefik-crd/${CHART_FILES[0]}";
sha256 = "$(nix-prefetch-url --quiet "${CHARTS_URL}/traefik-crd/${CHART_FILES[0]}")";
};
traefik = {
url = "${CHARTS_URL}/traefik/${CHART_FILES[1]}";
sha256 = "$(nix-prefetch-url --quiet "${CHARTS_URL}/traefik/${CHART_FILES[1]}")";
};
}
EOF
mv chart-versions.nix.update chart-versions.nix

6
pkgs/applications/networking/cluster/linkerd/edge.nix
View File

@ -2,7 +2,7 @@
(callPackage ./generic.nix { }) {
channel = "edge";
version = "24.4.5";
sha256 = "0cxjilxsvbwahqh3wb3cw4z8fmq6lhxi531abrncs74kgasgcfam";
vendorHash = "sha256-YxavLLYppV991AgFb2WaQDbqnsr3UfrvWefvkSf+W1Q=";
version = "24.5.1";
sha256 = "1l358gmivhpjyibcar8z4c3jlz6rwmlyzki71ar5j2k9irdjzqa3";
vendorHash = "sha256-sLLgTZN7Zvxkf9J1omh/YGMBUgAtvQD+nbhSuR7/PZg=";
}

3
pkgs/applications/networking/instant-messengers/signal-desktop/generic.nix
View File

@ -158,7 +158,8 @@ stdenv.mkDerivation rec {
# Fix the desktop link
substituteInPlace $out/share/applications/${pname}.desktop \
--replace "/opt/${dir}/${pname}" $out/bin/${pname}
--replace "/opt/${dir}/${pname}" $out/bin/${pname} \
--replace-fail "StartupWMClass=Signal" "StartupWMClass=signal"
# Note: The following path contains bundled libraries:
# $out/lib/${dir}/resources/app.asar.unpacked/node_modules/

8
pkgs/applications/networking/irc/srain/default.nix
View File

@ -4,7 +4,7 @@
, pkg-config
, gtk3
, libconfig
, libsoup
, libsoup_3
, libsecret
, libayatana-appindicator
, openssl
@ -21,13 +21,13 @@
stdenv.mkDerivation rec {
pname = "srain";
version = "1.6.0";
version = "1.7.0";
src = fetchFromGitHub {
owner = "SrainApp";
repo = "srain";
rev = version;
hash = "sha256-IGAb24aDeBXyxuyb/EWUetQZJg28GJLT0WK7ZmmHgyg=";
hash = "sha256-mhnlHnF23+VZvSPNuTYYUVcA6Md4y2AGqEuJphY1/IY=";
};
nativeBuildInputs = [
@ -46,7 +46,7 @@ stdenv.mkDerivation rec {
glib-networking
dbus-glib
libconfig
libsoup
libsoup_3
libsecret
libayatana-appindicator
openssl

4
pkgs/applications/networking/trayscale/default.nix
View File

@ -11,13 +11,13 @@
buildGoModule rec {
pname = "trayscale";
version = "0.12.0";
version = "0.12.3";
src = fetchFromGitHub {
owner = "DeedleFake";
repo = "trayscale";
rev = "v${version}";
hash = "sha256-GAK95XlRVGpoVcEmeFO3SddHpdn0qO7qs2IOj7qzRXQ=";
hash = "sha256-2mGPbH74a9d1uhRGMSEfrzCnwjgdgbopu20K9/g6wg0=";
};
vendorHash = "sha256-Iedd8WsJPAVQexRqDSLAmv7MAWc4IFQXHk6XpnStMps=";

4
pkgs/applications/office/timeular/default.nix
View File

@ -5,12 +5,12 @@
}:
let
version = "6.7.6";
version = "6.7.8";
pname = "timeular";
src = fetchurl {
url = "https://s3.amazonaws.com/timeular-desktop-packages/linux/production/Timeular-${version}.AppImage";
hash = "sha256-wQUR2jLJi1peXqXJJj/72X9xNaD2DzNiB0mGFiaEWBE=";
hash = "sha256-nMvbr2PQBWyrhY3mv/4wsdWPhNx5hLFaAp0Ey3nvp7g=";
};
appimageContents = appimageTools.extractType2 {

4
pkgs/applications/science/chemistry/octopus/default.nix
View File

@ -30,13 +30,13 @@ assert (blas.isILP64 == arpack.isILP64);
stdenv.mkDerivation rec {
pname = "octopus";
version = "14.0";
version = "14.1";
src = fetchFromGitLab {
owner = "octopus-code";
repo = "octopus";
rev = version;
sha256 = "sha256-wQ2I+10ZHLKamW3j6AUtq2KZVm6d29+JxYgwvBKz9DU=";
sha256 = "sha256-8wZR+bYdxJFsUPMWbIGYxRdNzjLgHm+KFLjY7fSN7io=";
};
nativeBuildInputs = [

4
pkgs/applications/science/electronics/nvc/default.nix
View File

@ -15,13 +15,13 @@
stdenv.mkDerivation rec {
pname = "nvc";
version = "1.12.0";
version = "1.12.1";
src = fetchFromGitHub {
owner = "nickg";
repo = "nvc";
rev = "r${version}";
hash = "sha256-7g4Ki5lhmX/13XCv0on1PgvEthCTfe9wh8EFjMcP1+c=";
hash = "sha256-9ZbX2G4IR/SYSA4DOsTBIRrJeYublyrDUXT+V+KgaC0=";
};
nativeBuildInputs = [

4
pkgs/applications/science/math/wxmaxima/default.nix
View File

@ -12,13 +12,13 @@
stdenv.mkDerivation (finalAttrs:{
pname = "wxmaxima";
version = "24.02.2";
version = "24.05.0";
src = fetchFromGitHub {
owner = "wxMaxima-developers";
repo = "wxmaxima";
rev = "Version-${finalAttrs.version}";
hash = "sha256-ewyg+ZhbRbPjJkYTZFuhbOWMDNZGW7ejmSv38zxcTsw=";
hash = "sha256-pl3sO28HANL9F41aaJznxUsH2Y7W/FO82Rik2/ik2Ag=";
};
buildInputs = [

6
pkgs/applications/version-management/hut/default.nix
View File

@ -6,16 +6,16 @@
buildGoModule rec {
pname = "hut";
version = "0.4.0";
version = "0.5.0";
src = fetchFromSourcehut {
owner = "~emersion";
repo = "hut";
rev = "v${version}";
sha256 = "sha256-9RSJ+SRXYBjdiuHScgFm5i0/Xi81pJfURPKAGCk+l04=";
sha256 = "sha256-Gkxe9B48nwHOlqkgjMdFLBy7OiR7cwDDE3qLvWxJK+Y=";
};
vendorHash = "sha256-OxnplvBx2sFctdNSVd0S0tgiRt5Yah3ga4mORT2Kz6U=";
vendorHash = "sha256-OYXRQEP4ACkypXmrorf2ew18819DB38SsYOM0u0steg=";
nativeBuildInputs = [
scdoc

6892
pkgs/applications/version-management/radicle-cli/Cargo.lock generated
View File

File diff suppressed because it is too large Load Diff

88
pkgs/applications/version-management/radicle-cli/default.nix
View File

@ -1,88 +0,0 @@
{ lib
, stdenv
, fetchFromGitHub
, rustPlatform
, pkg-config
, cmake
, installShellFiles
, asciidoctor
, DarwinTools
, openssl
, libusb1
, AppKit
, git
, openssh
, testers
, radicle-cli
}:
rustPlatform.buildRustPackage rec {
pname = "radicle-cli";
version = "0.6.1";
src = fetchFromGitHub {
owner = "radicle-dev";
repo = pname;
rev = "v${version}";
sha256 = "sha256-LS6zYpMg0LanRL2M8ioGG8Ys07TPT/3hP7geEGehwxg=";
};
cargoLock = {
lockFile = ./Cargo.lock;
outputHashes = {
"automerge-0.0.2" = "sha256-MZ1/rca8ZsEUhd3bhd502PHlBbvqAOtnWFEdp7XWmYE=";
"automerge-0.1.0" = "sha256-dwbmx3W13oZ1O0Uw3/D5Z0ht1BO1PmVVoWc/tLCm0/4=";
"cob-0.1.0" = "sha256-ewPJEx7OSr8X6e5QJ4dh2SbzZ2TDa8G4zBR5euBbABo=";
"libusb1-sys-0.6.2" = "sha256-577ld1xqJkHp2bqALNq5IuZivD8y+VO8vNy9Y+hfq6c=";
"walletconnect-0.1.0" = "sha256-fdgdhotTYBmWbR4r0OMplOwhYq1C7jkuOdhKASjH+Fs=";
};
};
# Otherwise, there are errors due to the `abigen` macro from `ethers`.
auditable = false;
nativeBuildInputs = [
pkg-config
cmake
installShellFiles
asciidoctor
] ++ lib.optionals stdenv.hostPlatform.isDarwin [
DarwinTools
];
buildInputs = [
openssl
] ++ lib.optionals stdenv.hostPlatform.isDarwin [
libusb1
AppKit
];
postInstall = ''
for f in $(find . -name '*.adoc'); do
mf=''${f%.*}
asciidoctor --doctype manpage --backend manpage $f -o $mf
installManPage $mf
done
'';
nativeCheckInputs = [
git
openssh
];
preCheck = ''
eval $(ssh-agent)
'';
passthru.tests = {
version = testers.testVersion { package = radicle-cli; };
};
meta = {
description = "Command-line tooling for Radicle, a decentralized code collaboration network";
homepage = "https://radicle.xyz";
license = lib.licenses.gpl3Plus;
maintainers = with lib.maintainers; [ amesgen ];
platforms = lib.platforms.unix;
mainProgram = "rad";
};
}

82
pkgs/applications/version-management/radicle-upstream/default.nix
View File

@ -1,82 +0,0 @@
{ lib, stdenv, appimageTools, autoPatchelfHook, zlib, fetchurl, undmg, libgcc }:
let
pname = "radicle-upstream";
version = "0.3.0";
srcs = {
x86_64-linux = fetchurl {
url = "https://releases.radicle.xyz/radicle-upstream-${version}.AppImage";
sha256 = "sha256-Y7V89G+nXRtknOukvBN8Q+sNx91YNPDT0p5hrFYe/Sk=";
};
x86_64-darwin = fetchurl {
url = "https://releases.radicle.xyz/radicle-upstream-${version}.dmg";
sha256 = "sha256-EuWGbn6qggi8/9Rci8iaXfuVKE+QXb1BHEYDvotR/q4=";
};
};
src = srcs.${stdenv.hostPlatform.system} or (throw "unsupported system ${stdenv.hostPlatform.system}");
contents = appimageTools.extract { inherit pname version src; };
git-remote-rad = stdenv.mkDerivation rec {
pname = "git-remote-rad";
inherit version;
src = contents;
nativeBuildInputs = [ autoPatchelfHook ];
buildInputs = [ libgcc zlib ];
installPhase = ''
mkdir -p $out/bin/
install -Dm755 ${contents}/resources/git-remote-rad $out/bin/git-remote-rad
'';
};
# FIXME: a dependency of the `proxy` component of radicle-upstream (radicle-macros
# v0.1.0) uses unstable rust features, making a from source build impossible at
# this time. See this PR for discussion: https://github.com/NixOS/nixpkgs/pull/105674
linux = appimageTools.wrapType2 {
inherit pname version src meta;
extraInstallCommands = ''
# this automatically adds the git-remote-rad binary to the users `PATH` so
# they don't need to mess around with shell profiles...
ln -s ${git-remote-rad}/bin/git-remote-rad $out/bin/git-remote-rad
# desktop item
install -m 444 -D ${contents}/${pname}.desktop $out/share/applications/${pname}.desktop
substituteInPlace $out/share/applications/${pname}.desktop \
--replace 'Exec=AppRun' 'Exec=${pname}'
# icon
install -m 444 -D ${contents}/${pname}.png \
$out/share/icons/hicolor/512x512/apps/${pname}.png
'';
};
darwin = stdenv.mkDerivation {
inherit pname version src meta;
nativeBuildInputs = [ undmg ];
sourceRoot = ".";
installPhase = ''
mkdir -p $out/Applications
cp -r *.app $out/Applications
'';
};
meta = with lib; {
description = "A decentralized app for code collaboration";
homepage = "https://radicle.xyz/";
license = licenses.gpl3Plus;
maintainers = with maintainers; [ d-xo ];
platforms = [ "x86_64-linux" "x86_64-darwin" ];
sourceProvenance = with sourceTypes; [ binaryNativeCode ];
broken = stdenv.isLinux; # last successful build 2023-04-11
};
in
if stdenv.isDarwin
then darwin
else linux

6
pkgs/applications/virtualization/singularity/packages.nix
View File

@ -41,20 +41,20 @@ let
callPackage
(import ./generic.nix rec {
pname = "singularity-ce";
version = "4.1.2";
version = "4.1.3";
projectName = "singularity";
src = fetchFromGitHub {
owner = "sylabs";
repo = "singularity";
rev = "refs/tags/v${version}";
hash = "sha256-/KTDdkCMkZ5hO+VYHzw9vB8FDWxg7PS1yb2waRJQngY=";
hash = "sha256-pR8zyMr23wcbDCXAysVEgGUDHkrfhLoVF3fjMLgZFYs=";
};
# Update by running
# nix-prefetch -E "{ sha256 }: ((import ./. { }).singularity.override { vendorHash = sha256; }).goModules"
# at the root directory of the Nixpkgs repository
vendorHash = "sha256-4Nxj2PzZmFdvouWKyXLFDk8iuRhFuvyPW/+VRTw75Zw=";
vendorHash = "sha256-332GFL04aE6B6vxgtJJH4TeI6YJCDBpCClJ3sc5gN3A=";
# Do not build conmon and squashfuse from the Git submodule sources,
# Use Nixpkgs provided version

89
pkgs/applications/window-managers/hyprwm/hyprland/default.nix
View File

@ -4,6 +4,7 @@
, pkg-config
, makeWrapper
, meson
, cmake
, ninja
, binutils
, cairo
@ -21,15 +22,19 @@
, mesa
, pango
, pciutils
, python3
, systemd
, tomlplusplus
, udis86-hyprland
, wayland
, wayland-protocols
, wayland-scanner
, wlroots-hyprland
, xcbutilwm
, xwayland
, hwdata
, seatd
, libdisplay-info
, libliftoff
, xorg
, debug ? false
, enableXWayland ? true
, legacyRenderer ? false
@ -44,24 +49,17 @@ assert lib.assertMsg (!nvidiaPatches) "The option `nvidiaPatches` has been remov
assert lib.assertMsg (!enableNvidiaPatches) "The option `enableNvidiaPatches` has been removed.";
assert lib.assertMsg (!hidpiXWayland) "The option `hidpiXWayland` has been removed. Please refer https://wiki.hyprland.org/Configuring/XWayland";
let
wlr = wlroots-hyprland.override { inherit enableXWayland; };
in
stdenv.mkDerivation (finalAttrs: {
pname = "hyprland" + lib.optionalString debug "-debug";
version = "0.39.1";
src = fetchFromGitHub {
owner = "hyprwm";
repo = finalAttrs.pname;
fetchSubmodules = true;
rev = "v${finalAttrs.version}";
hash = "sha256-Urb/njWiHYUudXpmK8EKl9Z58esTIG0PxXw5LuM2r5g=";
hash = "sha256-7L5rqQRYH2iyyP5g3IdXJSlATfgnKhuYMf65E48MVKw=";
};
patches = [
# make meson use the provided dependencies instead of the git submodules
"${finalAttrs.src}/nix/patches/meson-build.patch"
];
postPatch = ''
# Fix hardcoded paths to /usr installation
sed -i "s#/usr#$out#" src/render/OpenGL.cpp
@ -69,12 +67,12 @@ stdenv.mkDerivation (finalAttrs: {
# Generate version.h
cp src/version.h.in src/version.h
substituteInPlace src/version.h \
--replace "@HASH@" '${finalAttrs.src.rev}' \
--replace "@BRANCH@" "" \
--replace "@MESSAGE@" "" \
--replace "@DATE@" "2024-04-16" \
--replace "@TAG@" "" \
--replace "@DIRTY@" ""
--replace-fail "@HASH@" '${finalAttrs.src.rev}' \
--replace-fail "@BRANCH@" "" \
--replace-fail "@MESSAGE@" "" \
--replace-fail "@DATE@" "2024-04-16" \
--replace-fail "@TAG@" "" \
--replace-fail "@DIRTY@" ""
'';
depsBuildBuild = [
@ -89,6 +87,8 @@ stdenv.mkDerivation (finalAttrs: {
ninja
pkg-config
wayland-scanner
cmake # for subproject udis86
python3
];
outputs = [
@ -97,36 +97,40 @@ stdenv.mkDerivation (finalAttrs: {
"dev"
];
buildInputs =
wlr.buildInputs ++ [
cairo
git
hyprcursor
hyprland-protocols
hyprlang
libGL
libdrm
libinput
libxkbcommon
mesa
udis86-hyprland
wayland
wayland-protocols
pango
pciutils
tomlplusplus
wlr
]
++ lib.optionals stdenv.hostPlatform.isMusl [ libexecinfo ]
++ lib.optionals enableXWayland [ libxcb xcbutilwm xwayland ]
++ lib.optionals withSystemd [ systemd ];
buildInputs = [
cairo
git
hyprcursor
hyprland-protocols
hyprlang
libGL
libdrm
libinput
libxkbcommon
mesa
wayland
wayland-protocols
pango
pciutils
tomlplusplus
# for subproject wlroots-hyprland
hwdata
seatd
libliftoff
libdisplay-info
xorg.xcbutilerrors
xorg.xcbutilrenderutil
]
++ lib.optionals stdenv.hostPlatform.isMusl [ libexecinfo ]
++ lib.optionals enableXWayland [ libxcb xcbutilwm xwayland ]
++ lib.optionals withSystemd [ systemd ];
mesonBuildType =
if debug
then "debug"
else "release";
mesonAutoFeatures = "disabled";
mesonAutoFeatures = "enabled";
mesonFlags = [
(lib.mesonEnable "xwayland" enableXWayland)
@ -135,7 +139,6 @@ stdenv.mkDerivation (finalAttrs: {
];
postInstall = ''
ln -s ${wlr}/include/wlr $dev/include/hyprland/wlroots
${lib.optionalString wrapRuntimeDeps ''
wrapProgram $out/bin/Hyprland \
--suffix PATH : ${lib.makeBinPath [binutils pciutils stdenv.cc]}
@ -150,6 +153,6 @@ stdenv.mkDerivation (finalAttrs: {
license = licenses.bsd3;
maintainers = with maintainers; [ wozeparrot fufexan ];
mainProgram = "Hyprland";
platforms = wlr.meta.platforms;
platforms = lib.platforms.linux;
};
})

15
pkgs/applications/window-managers/hyprwm/hyprland/udis86.nix
View File

@ -1,15 +0,0 @@
{ udis86
, fetchFromGitHub
}:
udis86.overrideAttrs (old: {
version = "unstable-2022-10-13";
src = fetchFromGitHub {
owner = "canihavesomecoffee";
repo = "udis86";
rev = "5336633af70f3917760a6d441ff02d93477b0c86";
hash = "sha256-HifdUQPGsKQKQprByeIznvRLONdOXeolOsU5nkwIv3g=";
};
patches = [ ];
})

20
pkgs/applications/window-managers/hyprwm/hyprland/wlroots.nix
View File

@ -1,20 +0,0 @@
{ fetchFromGitHub
, wlroots
, enableXWayland ? true
}:
wlroots.overrideAttrs
(old: {
inherit enableXWayland;
version = "0.18.0-dev";
src = fetchFromGitHub {
owner = "hyprwm";
repo = "wlroots-hyprland";
rev = "611a4f24cd2384378f6e500253983107c6656c64";
hash = "sha256-vPeZCY+sdiGsz4fl3AVVujfyZyQBz6+vZdkUE4hQ+HI=";
};
patches = [ ]; # don't inherit old.patches
pname = "${old.pname}-hyprland";
})

6
pkgs/build-support/rust/build-rust-package/default.nix
View File

@ -156,9 +156,9 @@ stdenv.mkDerivation ((removeAttrs args [ "depsExtraArgs" "cargoUpdateHook" "carg
# Platforms without host tools from
# https://doc.rust-lang.org/nightly/rustc/platform-support.html
"armv7a-darwin"
"armv5tel-linux" "armv7a-linux" "m68k-linux" "mipsel-linux"
"mips64el-linux" "riscv32-linux"
"armv6l-netbsd"
"armv5tel-linux" "armv7a-linux" "m68k-linux" "mips-linux"
"mips64-linux" "mipsel-linux" "mips64el-linux" "riscv32-linux"
"armv6l-netbsd" "mipsel-netbsd" "riscv64-netbsd"
"x86_64-redox"
"wasm32-wasi"
];

4
pkgs/by-name/af/affine/package.nix
View File

@ -18,10 +18,10 @@ stdenvNoCC.mkDerivation (finalAttrs: let
};
in {
pname = "affine";
version = "0.13.3";
version = "0.14.3";
src = fetchurl {
url = "https://github.com/toeverything/AFFiNE/releases/download/v${finalAttrs.version}/affine-${finalAttrs.version}-stable-linux-x64.zip";
hash = "sha256-w/5X7PFLHVILg1XCYkGefBQ4c+Ko+ME0Lu8iAtCaTFg=";
hash = "sha256-/dKvRr0cH9mLF1y6FGFRDlsFXaymEmb55AZ37Ti0PU4=";
};
nativeBuildInputs = [
copyDesktopItems

4
pkgs/by-name/ar/arc-browser/package.nix
View File

@ -9,11 +9,11 @@
stdenvNoCC.mkDerivation (finalAttrs: {
pname = "arc-browser";
version = "1.41.0-49440";
version = "1.42.0-49714";
src = fetchurl {
url = "https://releases.arc.net/release/Arc-${finalAttrs.version}.dmg";
hash = "sha256-+3XK94LX2UBof7cUpVzc4DTyp9xMH2v5n7LQD4gdANA=";
hash = "sha256-fPb4g9rGJqeXuO2ytSo/8r0RB/h/EYa763JAFNqIPY8=";
};
nativeBuildInputs = [ undmg ];

52
pkgs/by-name/ar/aribb24/package.nix Normal file
View File

@ -0,0 +1,52 @@
{
lib,
stdenv,
fetchFromGitLab,
testers,
gitUpdater,
autoconf,
automake,
libtool,
pkg-config,
libpng,
}:
stdenv.mkDerivation (finalAttrs: {
pname = "aribb24";
version = "1.0.4";
src = fetchFromGitLab {
domain = "code.videolan.org";
owner = "jeeb";
repo = "aribb24";
rev = "v${finalAttrs.version}";
hash = "sha256-hq3LnLACZfV+E76ZDEHGlN51fS6AqFnNReE3JlWcv9M=";
};
buildInputs = [
libpng
];
nativeBuildInputs = [
autoconf
automake
libtool
pkg-config
];
preConfigure = "autoreconf --install";
passthru = {
updateScript = gitUpdater { rev-prefix = "v"; };
tests.pkg-config = testers.testMetaPkgConfig finalAttrs.finalPackage;
};
meta = with lib; {
description = "A library for ARIB STD-B24, decoding JIS 8 bit characters and parsing MPEG-TS stream";
homepage = "https://code.videolan.org/jeeb/aribb24/";
license = licenses.lgpl3Plus;
pkgConfigModules = [ "aribb24" ];
platforms = platforms.unix;
maintainers = with maintainers; [ jopejoe1 ];
};
})

6
pkgs/by-name/bl/blockbench/package.nix
View File

@ -14,13 +14,13 @@ let
in
buildNpmPackage rec {
pname = "blockbench";
version = "4.9.4";
version = "4.10.0";
src = fetchFromGitHub {
owner = "JannisX11";
repo = "blockbench";
rev = "v${version}";
hash = "sha256-z4hr1pQh7Jp/DB8+pxwuHvi4gvTHHVn0yrruwnXm2iM=";
hash = "sha256-pycRC+ZpN2P5Z66/aGA4gykLF7IwdeToRadaJSA1L9w=";
};
nativeBuildInputs = [
@ -29,7 +29,7 @@ buildNpmPackage rec {
copyDesktopItems
];
npmDepsHash = "sha256-onfz+J77jNIgdc7ALiyoXt1CdTyX/C7+bKwtpJm+H+I=";
npmDepsHash = "sha256-CHZdCiewkmToDHhTTvOqQfWrphOw1oGLgwSRRH3YFWE=";
env.ELECTRON_SKIP_BINARY_DOWNLOAD = 1;

75
pkgs/by-name/bt/btrfs-auto-snapshot/package.nix Normal file
View File

@ -0,0 +1,75 @@
{
lib,
stdenv,
fetchFromGitHub,
makeWrapper,
coreutils,
getopt,
gnugrep,
gnused,
gawk,
btrfs-progs,
syslogSupport ? true,
util-linux ? null,
}:
assert syslogSupport -> util-linux != null;
stdenv.mkDerivation rec {
version = "2.0.4";
pname = "btrfs-auto-snapshot";
src = fetchFromGitHub {
owner = "hunleyd";
repo = pname;
rev = "v${version}";
hash = "sha256-QpuwkGaYAkpu5hYyb360Mr5tHsZc2LzMlKtpS8CyyhI=";
};
dontBuild = true;
nativeBuildInputs = [ makeWrapper ];
installPhase = ''
install -Dm755 btrfs-auto-snapshot $out/bin/btrfs-auto-snapshot
'';
wrapperPath =
with lib;
makeBinPath (
[
coreutils
getopt
gnugrep
gnused
gawk
btrfs-progs
]
++ optional syslogSupport util-linux
);
postFixup = ''
wrapProgram $out/bin/btrfs-auto-snapshot \
--prefix PATH : "${wrapperPath}"
'';
meta = with lib; {
description = "BTRFS Automatic Snapshot Service for Linux";
homepage = "https://github.com/hunleyd/btrfs-auto-snapshot";
license = licenses.gpl2;
mainProgram = "btrfs-auto-snapshot";
maintainers = with maintainers; [ motiejus ];
platforms = platforms.linux;
longDescription = ''
btrfs-auto-snapshot is a Bash script designed to bring as much of the
functionality of the wonderful ZFS snapshot tool zfs-auto-snapshot to
BTRFS as possible. Designed to run from cron (using
/etc/cron.{daily,hourly,weekly}) it automatically creates a snapshot of
the specified BTRFS filesystem (or, optionally, all of them) and then
automatically purges the oldest snapshots of that type (hourly, daily, et
al) based on a user-defined retention policy.
Snapshots are stored in a '.btrfs' directory at the root of the BTRFS
filesystem being snapped and are read-only by default.
'';
};
}

6
pkgs/by-name/c2/c2fmzq/package.nix
View File

@ -6,20 +6,20 @@
buildGoModule rec {
pname = "c2FmZQ";
version = "0.4.19";
version = "0.4.20";
src = fetchFromGitHub {
owner = "c2FmZQ";
repo = "c2FmZQ";
rev = "v${version}";
hash = "sha256-9kCiV+v7RNFDrAbWRujTW9b9sbYX9fGEE37S9uDp0nY=";
hash = "sha256-ur1zZdDAGl97RDhs0ucc9UAvufI/DG49cn8HaXx3gxs=";
};
ldflags = [ "-s" "-w" ];
sourceRoot = "${src.name}/c2FmZQ";
vendorHash = "sha256-plORJl7KNsBP3tQSYX8829+sb8l0sO/TS8Bt25JXNgY=";
vendorHash = "sha256-wZ8+w1UFx55whodAXKhQ4EbtMXkbztYLjpqEVvdrAF8=";
subPackages = [ "c2FmZQ-client" "c2FmZQ-server" ];

6
pkgs/by-name/ca/cargo-bloat/package.nix
View File

@ -2,16 +2,16 @@
rustPlatform.buildRustPackage rec {
pname = "cargo-bloat";
version = "0.12.0";
version = "0.12.1";
src = fetchFromGitHub {
owner = "RazrFalcon";
repo = pname;
rev = "v${version}";
hash = "sha256-vPk6ERl0VM1TjK/JRMcXqCvKqSTuw78MsmQ0xImQyd4=";
hash = "sha256-B71VX7cJe1giOLmk3cQE8Zxr7fKGyQkoXRuM+NzBcb8=";
};
cargoHash = "sha256-6fMFGLH16Z1O+ETlr0685TXHup1vJetfzPdNC2Lw9uM=";
cargoHash = "sha256-BBFLyMx1OPT2XAM6pofs2kV/3n3FrNu0Jkyr/Y3smnI=";
meta = with lib; {
description = "A tool and Cargo subcommand that helps you find out what takes most of the space in your executable";

13
pkgs/development/libraries/coost/default.nix → pkgs/by-name/co/coost/package.nix
View File

@ -10,15 +10,15 @@
withOpenSSL ? true,
}:
stdenv.mkDerivation rec {
stdenv.mkDerivation (finalAttrs: {
pname = "coost";
version = "3.0.0";
version = "3.0.2";
src = fetchFromGitHub {
owner = "idealvin";
repo = pname;
rev = "v${version}";
sha256 = "sha256-qpJh1yl0lYYszNHGo5Jkbzal2hnVzg7UUxiyg/Grva8=";
repo = "coost";
rev = "v${finalAttrs.version}";
hash = "sha256-HbMenAL/UWsqQ1o7cMeWfwXkLh4GxIKV7iuZQD3hDA8=";
};
postPatch = ''
@ -34,6 +34,7 @@ stdenv.mkDerivation rec {
"-DBUILD_SHARED_LIBS=ON"
] ++ lib.optional withCurl "-DWITH_LIBCURL=ON" ++ lib.optional withOpenSSL "-DWITH_OPENSSL=ON";
outputs = [ "out" "dev" ];
passthru.updateScript = gitUpdater { };
meta = with lib; {
@ -43,4 +44,4 @@ stdenv.mkDerivation rec {
maintainers = [ maintainers.sigmanificient ];
platforms = platforms.unix;
};
}
})

2246
pkgs/by-name/co/coppwr/Cargo.lock generated
View File

File diff suppressed because it is too large Load Diff

11
pkgs/by-name/co/coppwr/package.nix
View File

@ -4,28 +4,28 @@
, pkg-config
, libxkbcommon
, pipewire
, stdenv
, libGL
, wayland
, xorg
, vulkan-loader
}:
rustPlatform.buildRustPackage rec {
pname = "coppwr";
version = "1.5.1";
version = "1.6.0";
src = fetchFromGitHub {
owner = "dimtpap";
repo = "coppwr";
rev = version;
hash = "sha256-azho/SVGEdHXt/t6VSA0NVVfhxK9bxy4Ud68faFh5zo=";
hash = "sha256-7z1b++itHoqVX5KB9gv6dMAzq1j7VDGYzuJArUDPlD4=";
};
cargoLock = {
lockFile = ./Cargo.lock;
outputHashes = {
"egui_node_graph-0.4.0" = "sha256-VJvALtPP/vPZQ4KLWu8diFar9vuVkbeD65Em6rod8ww=";
"libspa-0.7.2" = "sha256-0TGhxHL1mkktE263ln3jnPZRkXS6+C3aPUBg86J25oM=";
"egui_node_graph-0.4.0" = "sha256-VtHgKWh+bHSFltNgYaFmYhZW9tqwiWJjiCCspeKgSXQ=";
"libspa-0.8.0" = "sha256-X8mwLtuPuMxZY71GNPAgiJGJ9JNMj7AbCliXiBxJ4vQ=";
};
};
@ -43,6 +43,7 @@ rustPlatform.buildRustPackage rec {
xorg.libXi
xorg.libXrandr
xorg.libX11
vulkan-loader
];
preBuild = ''

87
pkgs/by-name/di/dillo/package.nix Normal file
View File

@ -0,0 +1,87 @@
{
lib,
autoreconfHook,
fetchFromGitHub,
fltk,
giflib,
libXcursor,
libXi,
libXinerama,
libjpeg,
libpng,
libressl,
mbedtls,
openssl,
perl,
pkg-config,
stdenv,
which,
# Configurable options
tlsLibrary? "libressl"
}:
let
ssl = {
"libressl" = libressl;
"mbedtls" = mbedtls;
"openssl" = openssl;
}.${tlsLibrary} or (throw "Unrecognized tlsLibrary option: ${tlsLibrary}");
in
stdenv.mkDerivation (finalAttrs: {
pname = "dillo";
version = "3.1.0";
src = fetchFromGitHub {
owner = "dillo-browser";
repo = "dillo";
rev = "v${finalAttrs.version}";
hash = "sha256-AqffkUPLvVSGq9iYksyvHf3HQ3DLWNlB3CYw4GCAAEI=";
};
nativeBuildInputs = [
autoreconfHook
pkg-config
fltk
which
];
buildInputs = [
fltk
giflib
libXcursor
libXi
libXinerama
libjpeg
libpng
perl
ssl
];
outputs = [ "out" "doc" "man" ];
strictDeps = true;
meta = {
homepage = "https://dillo-browser.github.io/";
description = "A fast graphical web browser with a small footprint";
longDescription = ''
Dillo is a fast and small graphical web browser with the following
features:
- Multi-platform, running on Linux, BSD, MacOS, Windows (via Cygwin) and
even Atari.
- Written in C and C++ with few dependencies.
- Implements its own real-time rendering engine.
- Low memory usage and fast rendering, even with large pages.
- Uses the fast and bloat-free FLTK GUI library.
- Support for HTTP, HTTPS, FTP and local files.
- Extensible with plugins written in any language.
- Is free software licensed with the GPLv3.
- Helps authors to comply with web standards by using the bug meter.
'';
mainProgram = "dillo";
maintainers = with lib.maintainers; [ AndersonTorres ];
license = lib.licenses.gpl3Plus;
platforms = lib.platforms.linux;
};
})

50
pkgs/applications/networking/browsers/dillong/default.nix → pkgs/by-name/di/dillong/package.nix
View File

@ -1,16 +1,17 @@
{ lib
, stdenv
, fetchFromGitHub
, autoreconfHook
, pkg-config
, which
, fltk
, mbedtls_2
{
lib,
autoreconfHook,
fetchFromGitHub,
fltk,
mbedtls_2,
pkg-config,
stdenv,
which,
}:
stdenv.mkDerivation {
pname = "dillong";
version = "unstable-2021-12-13";
version = "0-unstable-2021-12-13";
src = fetchFromGitHub {
owner = "w00fpack";
@ -21,6 +22,7 @@ stdenv.mkDerivation {
nativeBuildInputs = [
autoreconfHook
fltk
pkg-config
which
];
@ -30,6 +32,19 @@ stdenv.mkDerivation {
mbedtls_2
];
outputs = [ "out" "doc" "man" ];
configureFlags = [
(lib.enableFeature true "ssl")
];
strictDeps = true;
# Workaround build failure on -fno-common toolchains:
# ld: main.o:/build/dillo-3.0.5/dpid/dpid.h:64: multiple definition of `sock_set';
# dpid.o:/build/dillo-3.0.5/dpid/dpid.h:64: first defined here
env.NIX_CFLAGS_COMPILE = "-fcommon";
# The start_page and home settings refer to /usr.
# We can't change /usr to $out because dillorc is copied to the home directory
# on first launch, so the paths would quickly become outdated.
@ -40,19 +55,12 @@ stdenv.mkDerivation {
--replace "home=" "#home="
'';
configureFlags = [ "--enable-ssl=yes" ];
# Workaround build failure on -fno-common toolchains:
# ld: main.o:/build/dillo-3.0.5/dpid/dpid.h:64: multiple definition of `sock_set';
# dpid.o:/build/dillo-3.0.5/dpid/dpid.h:64: first defined here
env.NIX_CFLAGS_COMPILE = "-fcommon";
meta = with lib; {
description = "Fork of Dillo, a lightweight web browser";
meta = {
homepage = "https://github.com/w00fpack/dilloNG";
license = licenses.gpl3Plus;
platforms = platforms.linux;
maintainers = with maintainers; [ fgaz ];
description = "Fork of Dillo, a lightweight web browser";
license = lib.licenses.gpl3Plus;
mainProgram = "dillo";
maintainers = with lib.maintainers; [ fgaz ];
platforms = lib.platforms.linux;
};
}

21
pkgs/development/libraries/discord-gamesdk/default.nix → pkgs/by-name/di/discord-gamesdk/package.nix
View File

@ -1,7 +1,8 @@
{ lib
, stdenv
, fetchzip
, autoPatchelfHook
{
lib,
stdenv,
fetchzip,
autoPatchelfHook,
}:
stdenv.mkDerivation rec {
@ -14,7 +15,10 @@ stdenv.mkDerivation rec {
stripRoot = false;
};
outputs = [ "out" "dev" ];
outputs = [
"out"
"dev"
];
buildInputs = [ (stdenv.cc.cc.libgcc or null) ];
@ -41,6 +45,11 @@ stdenv.mkDerivation rec {
license = licenses.unfree;
maintainers = with maintainers; [ tomodachi94 ];
sourceProvenance = with sourceTypes; [ binaryNativeCode ];
platforms = [ "x86_64-linux" "x86_64-darwin" "aarch64-darwin" "x86_64-windows" ];
platforms = [
"x86_64-linux"
"x86_64-darwin"
"aarch64-darwin"
"x86_64-windows"
];
};
}

4
pkgs/by-name/do/door-knocker/package.nix
View File

@ -14,14 +14,14 @@
stdenv.mkDerivation (finalAttrs: {
pname = "door-knocker";
version = "0.4.4";
version = "0.5.0";
src = fetchFromGitea {
domain = "codeberg.org";
owner = "tytan652";
repo = "door-knocker";
rev = finalAttrs.version;
hash = "sha256-pC/Fv+GzHw0PTzJoDAUK/EzVVWXha2cflAqiznM9ZYM=";
hash = "sha256-932zUfCEN24hZxkCX9uJ2HpvmLNdTtbkXvv50Hu7KxE=";
};
nativeBuildInputs = [

13
pkgs/by-name/en/engage/package.nix
View File

@ -1,7 +1,7 @@
{ lib
, installShellFiles
, rustPlatform
, fetchgit
, fetchFromGitLab
}:
let
@ -11,9 +11,10 @@ in
rustPlatform.buildRustPackage {
inherit pname version;
# fetchFromGitLab doesn't work on GitLab's end for unknown reasons
src = fetchgit {
url = "https://or.computer.surgery/charles/${pname}";
src = fetchFromGitLab {
domain = "gitlab.computer.surgery";
owner = "charles";
repo = pname;
rev = "v${version}";
hash = "sha256-niXh63xTpXSp9Wqwfi8hUBKJSClOUSvB+TPCTaqHfZk=";
};
@ -39,8 +40,8 @@ rustPlatform.buildRustPackage {
meta = {
description = "A task runner with DAG-based parallelism";
mainProgram = "engage";
homepage = "https://or.computer.surgery/charles/engage";
changelog = "https://or.computer.surgery/charles/engage/-/blob/v${version}/CHANGELOG.md";
homepage = "https://gitlab.computer.surgery/charles/engage";
changelog = "https://gitlab.computer.surgery/charles/engage/-/blob/v${version}/CHANGELOG.md";
license = with lib.licenses; [ asl20 mit ];
maintainers = with lib.maintainers; [ CobaltCause ];
};

30
pkgs/by-name/go/go-landlock/package.nix Normal file
View File

@ -0,0 +1,30 @@
{ lib
, buildGoModule
, fetchFromGitHub
}:
buildGoModule rec {
pname = "go-landlock";
version = "0-unstable-2024-02-16";
src = fetchFromGitHub {
owner = "landlock-lsm";
repo = "go-landlock";
rev = "efb66220540a9ef86aa0160d15e55f429d5b94d9";
hash = "sha256-U0+364NIw3kVcfS8/RTcpSMrv4v2ATCcC1v+5IsxeXQ=";
};
vendorHash = "sha256-IOaFToz/66Z1DP5O6gLqTyEiiYyrwZ5At93qPLa7hg8=";
subPackages = [
"cmd/landlock-restrict-net"
"cmd/landlock-restrict"
];
meta = {
description = "A Go library for the Linux Landlock sandboxing feature";
homepage = "https://github.com/landlock-lsm/go-landlock";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ tomfitzhenry ];
};
}

12
pkgs/applications/networking/browsers/google-chrome/default.nix → pkgs/by-name/go/google-chrome/package.nix
View File

@ -64,11 +64,11 @@ let
in stdenv.mkDerivation (finalAttrs: {
pname = "google-chrome";
version = "124.0.6367.118";
version = "124.0.6367.201";
src = fetchurl {
url = "https://dl.google.com/linux/chrome/deb/pool/main/g/google-chrome-stable/google-chrome-stable_${finalAttrs.version}-1_amd64.deb";
hash = "sha256-H3bv6WiVBl4j38ROZ80+SD9UO9ok+xxcKFxDd9yjWNY=";
hash = "sha256-RvQdpDmWRcsASh1b8M0Zg+AvZprE5qhi14shfo0WlfE=";
};
nativeBuildInputs = [ patchelf makeWrapper ];
@ -142,12 +142,12 @@ in stdenv.mkDerivation (finalAttrs: {
runHook postInstall
'';
meta = with lib; {
meta = {
description = "A freeware web browser developed by Google";
homepage = "https://www.google.com/chrome/browser/";
license = licenses.unfree;
sourceProvenance = with sourceTypes; [ binaryNativeCode ];
maintainers = with maintainers; [ jnsgruk ];
license = lib.licenses.unfree;
sourceProvenance = with lib.sourceTypes; [ binaryNativeCode ];
maintainers = with lib.maintainers; [ jnsgruk johnrtitor ];
platforms = [ "x86_64-linux" ];
mainProgram = "google-chrome-stable";
};

6
pkgs/by-name/hu/hugo/package.nix
View File

@ -10,16 +10,16 @@
buildGoModule rec {
pname = "hugo";
version = "0.125.6";
version = "0.125.7";
src = fetchFromGitHub {
owner = "gohugoio";
repo = "hugo";
rev = "refs/tags/v${version}";
hash = "sha256-rOkvt+U8iju+oIb/BfPMHSqhZYM6XSUS2B8Oxd46cF8=";
hash = "sha256-aONA9qfoilte73wBTZFu8rrVz+O8xtnRk/rOxJLANS8=";
};
vendorHash = "sha256-UJoK73oQ1gH4Y1hxjE66Ou8o9jAeJpA4njgP3VHu68s=";
vendorHash = "sha256-ZEaByHlJIfzGbmdadDpCJGCybj9SOHRzrrzR/S/zRnc=";
doCheck = false;

2
pkgs/by-name/in/incus/generic.nix
View File

@ -115,7 +115,7 @@ buildGoModule rec {
;
};
tests = nixosTests.incus;
tests = if lts then nixosTests.incus-lts else nixosTests.incus;
ui = callPackage ./ui.nix { };

6
pkgs/by-name/in/incus/package.nix
View File

@ -1,6 +1,6 @@
import ./generic.nix {
hash = "sha256-+q5qP7w2RdtuwvxPThCryYYEJ7s5WDnWHRvjo4TuajA=";
version = "6.0.0";
vendorHash = "sha256-wcauzIbBcYpSWttZCVVE9m49AEQGolGYSsv9eEkhb7Y=";
hash = "sha256-BFB4bdfh3hI7D1m7a20ckPPyP9CYXW7mjqeTZ/21Gqs=";
version = "6.1.0";
vendorHash = "sha256-a8ZPhzs7sNIJLjQ9Y87Zf9SXAsmbdVn250Q0OQwy69A=";
patches = [ ];
}

14
pkgs/by-name/ko/komac/package.nix
View File

@ -1,6 +1,8 @@
{ lib
, stdenv
, fetchFromGitHub
, pkg-config
, openssl
, rustPlatform
, darwin
, testers
@ -8,12 +10,12 @@
}:
let
version = "2.1.0";
version = "2.2.1";
src = fetchFromGitHub {
owner = "russellbanks";
repo = "Komac";
rev = "v${version}";
hash = "sha256-L8UYpNqjRyqf4hPQwD9LaXWu6jYaP34yTwTxcqg+e2U=";
hash = "sha256-dPX8/JUQ+vugd+M/jIjBf4/sNbac0FVQ0obhyAAGI84=";
};
in
rustPlatform.buildRustPackage {
@ -21,9 +23,13 @@ rustPlatform.buildRustPackage {
pname = "komac";
cargoHash = "sha256-J4QZzbyDr4SDt6LlAy9ZdpqgIufZCZHmOC9eu70wMsM=";
cargoHash = "sha256-CDPN90X3m/9FRLolAVCIcAuajZbB5OAgLcFXq2ICS8g=";
buildInputs = lib.optionals stdenv.isDarwin [
nativeBuildInputs = lib.optionals stdenv.isLinux [ pkg-config ];
buildInputs = lib.optionals stdenv.isLinux [
openssl
] ++ lib.optionals stdenv.isDarwin [
darwin.apple_sdk.frameworks.SystemConfiguration
];

8
pkgs/by-name/ma/maa-assistant-arknights/pin.json
View File

@ -1,10 +1,10 @@
{
"stable": {
"version": "5.2.2",
"hash": "sha256-Tp8adn9cNtHmEdoA418b/KMsqluZWKO60u6kCtAmpbo="
"version": "5.2.3",
"hash": "sha256-fjlvP5PPmSSNYefYRrEBVdhbN3yZ0pCbvIe763U5y5o="
},
"beta": {
"version": "5.2.2",
"hash": "sha256-Tp8adn9cNtHmEdoA418b/KMsqluZWKO60u6kCtAmpbo="
"version": "5.2.3",
"hash": "sha256-fjlvP5PPmSSNYefYRrEBVdhbN3yZ0pCbvIe763U5y5o="
}
}

4
pkgs/by-name/ma/marwaita-x/package.nix
View File

@ -10,13 +10,13 @@
stdenvNoCC.mkDerivation (finalAttrs: {
pname = "marwaita-x";
version = "0.8.1";
version = "0.9";
src = fetchFromGitHub {
owner = "darkomarko42";
repo = "marwaita-x";
rev = finalAttrs.version;
sha256 = "sha256-AkhysmA7QTHiH6yLEHFHgXFhRXb3l0elvYfy+oXsvZE=";
sha256 = "sha256-yf/3ukb52rbCXMObeiHrMdD1cTRjY739p7Vg+DBFReo=";
};
buildInputs = [

4
pkgs/by-name/me/mediainfo-gui/package.nix
View File

@ -6,11 +6,11 @@ let
in
stdenv.mkDerivation rec {
pname = "mediainfo-gui";
version = "24.03";
version = "24.04";
src = fetchurl {
url = "https://mediaarea.net/download/source/mediainfo/${version}/mediainfo_${version}.tar.xz";
hash = "sha256-b/jx+i+FmhMJH3Wiz5E0hmRPbiWa0cJa+5qT5IRExWM=";
hash = "sha256-6+sctwGiMFnHNsszuRoxcsT5jnNB5EoLMKEZGRkaJ00=";
};
nativeBuildInputs = [ autoreconfHook pkg-config ];

1
pkgs/servers/misc/navidrome/default.nix → pkgs/by-name/na/navidrome/package.nix
View File

@ -10,7 +10,6 @@
, ffmpeg-headless
, taglib
, zlib
, makeWrapper
, nixosTests
, nix-update-script
, ffmpegSupport ? true

6
pkgs/by-name/ne/nekoray/package.nix
View File

@ -84,11 +84,12 @@ stdenv.mkDerivation (finalAttrs: {
fetchSubmodules = true;
};
strictDeps = true;
nativeBuildInputs = [
libsForQt5.wrapQtAppsHook
cmake
ninja
protobuf
copyDesktopItems
];
@ -96,8 +97,9 @@ stdenv.mkDerivation (finalAttrs: {
libsForQt5.qtbase
libsForQt5.qttools
libsForQt5.qtx11extras
zxing-cpp
protobuf
yaml-cpp
zxing-cpp
];
# NKR_PACKAGE makes sure the app uses the user's config directory to store it's non-static content

4
pkgs/by-name/on/onevpl-intel-gpu/package.nix
View File

@ -9,7 +9,7 @@
stdenv.mkDerivation rec {
pname = "onevpl-intel-gpu";
version = "23.4.3";
version = "24.2.2";
outputs = [ "out" "dev" ];
@ -17,7 +17,7 @@ stdenv.mkDerivation rec {
owner = "oneapi-src";
repo = "oneVPL-intel-gpu";
rev = "intel-onevpl-${version}";
sha256 = "sha256-oDwDMUq6JpRJH5nbANb7TJLW7HRYA9y0xZxEsoepx/U=";
sha256 = "sha256-JtvRh4p4wPRnqFfE86tJW+yS9AKMoi3TPZO+LZ2Q7Mo=";
};
nativeBuildInputs = [ cmake pkg-config ];

55
pkgs/by-name/op/openfga-cli/package.nix Normal file
View File

@ -0,0 +1,55 @@
{
lib,
buildGoModule,
fetchFromGitHub,
installShellFiles,
}:
let
pname = "openfga-cli";
version = "0.4.0";
in
buildGoModule {
inherit pname version;
src = fetchFromGitHub {
owner = "openfga";
repo = "cli";
rev = "v${version}";
hash = "sha256-nwzUBzu8c8kuSTbjwOB1mCFMLF1zoUReXofXeBOAO1U=";
};
vendorHash = "sha256-3fElvsy248lRwmIKWv8ac6BLJ1y5Qyr+kKh/1vprmvo=";
nativeBuildInputs = [ installShellFiles ];
ldflags =
let
buildInfoPkg = "github.com/openfga/cli/internal/build";
in
[
"-s"
"-w"
"-X ${buildInfoPkg}.Version=${version}"
"-X ${buildInfoPkg}.Commit=${version}"
"-X ${buildInfoPkg}.Date=19700101"
];
postInstall = ''
completions_dir=$TMPDIR/fga_completions
mkdir $completions_dir
$out/bin/fga completion bash > $completions_dir/fga.bash
$out/bin/fga completion zsh > $completions_dir/_fga.zsh
$out/bin/fga completion fish > $completions_dir/fga.fish
installShellCompletion $completions_dir/*
'';
meta = {
description = "A cross-platform CLI to interact with an OpenFGA server";
homepage = "https://github.com/openfga/cli";
license = lib.licenses.asl20;
mainProgram = "fga";
maintainers = with lib.maintainers; [ jlesquembre ];
};
}

58
pkgs/by-name/op/openfga/package.nix Normal file
View File

@ -0,0 +1,58 @@
{
lib,
buildGoModule,
fetchFromGitHub,
installShellFiles,
}:
let
pname = "openfga";
version = "1.5.3";
in
buildGoModule {
inherit pname version;
src = fetchFromGitHub {
owner = "openfga";
repo = "openfga";
rev = "v${version}";
hash = "sha256-+ECfBG0Z1XnopMPbq9jngcZ3lcSFOIomWo5iD0T1teQ=";
};
vendorHash = "sha256-MyoqdmNtpsoT08BKA9DPlpldIEXb82qzeXnW4KQXTiE=";
nativeBuildInputs = [ installShellFiles ];
ldflags =
let
buildInfoPkg = "github.com/openfga/openfga/internal/build";
in
[
"-s"
"-w"
"-X ${buildInfoPkg}.Version=${version}"
"-X ${buildInfoPkg}.Commit=${version}"
"-X ${buildInfoPkg}.Date=19700101"
];
# Tests depend on docker
doCheck = false;
postInstall = ''
completions_dir=$TMPDIR/openfga_completions
mkdir $completions_dir
$out/bin/openfga completion bash > $completions_dir/openfga.bash
$out/bin/openfga completion zsh > $completions_dir/_openfga.zsh
$out/bin/openfga completion fish > $completions_dir/openfga.fish
installShellCompletion $completions_dir/*
'';
meta = {
description = "A high performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar";
homepage = "https://openfga.dev/";
license = lib.licenses.asl20;
mainProgram = "openfga";
maintainers = with lib.maintainers; [ jlesquembre ];
};
}

1
pkgs/by-name/ot/oterm/package.nix
View File

@ -20,6 +20,7 @@ python3Packages.buildPythonApplication rec {
"pillow"
"httpx"
"packaging"
"typer"
];
propagatedBuildInputs = with python3Packages; [

97
pkgs/by-name/po/portablemc/package.nix Normal file
View File

@ -0,0 +1,97 @@
{
lib,
stdenv,
python3Packages,
fetchFromGitHub,
installShellFiles,
jre,
libX11,
libXext,
libXcursor,
libXrandr,
libXxf86vm,
libpulseaudio,
libGL,
glfw,
openal,
udev,
textToSpeechSupport ? stdenv.isLinux,
flite,
}:
let
# Copied from the `prismlauncher` package
runtimeLibs = [
libX11
libXext
libXcursor
libXrandr
libXxf86vm
# lwjgl
libpulseaudio
libGL
glfw
openal
stdenv.cc.cc.lib
# oshi
udev
] ++ lib.optional textToSpeechSupport flite;
in
python3Packages.buildPythonApplication rec {
pname = "portablemc";
version = "4.3.0";
pyproject = true;
disabled = python3Packages.pythonOlder "3.8";
src = fetchFromGitHub {
owner = "mindstorm38";
repo = "portablemc";
rev = "v${version}";
hash = "sha256-jCv4ncXUWbkWlBZr3P1hNeVpdQzY9HtrFz+pmKknL0I=";
};
patches = [
# Use the jre package provided by nixpkgs by default
./use-builtin-java.patch
];
nativeBuildInputs = [ installShellFiles ];
build-system = [ python3Packages.poetry-core ];
dependencies = [ python3Packages.certifi ];
# Note: Tests use networking, so we don't run them
postInstall = ''
installShellCompletion --cmd portablemc \
--bash <($out/bin/portablemc show completion bash) \
--zsh <($out/bin/portablemc show completion zsh)
'';
preFixup = ''
makeWrapperArgs+=(
--prefix LD_LIBRARY_PATH : ${lib.makeLibraryPath runtimeLibs}
--prefix PATH : ${lib.makeBinPath [ jre ]}
)
'';
meta = {
homepage = "https://github.com/mindstorm38/portablemc";
description = "A fast, reliable and cross-platform command-line Minecraft launcher and API for developers";
longDescription = ''
A fast, reliable and cross-platform command-line Minecraft launcher and API for developers.
Including fast and easy installation of common mod loaders such as Fabric, Forge, NeoForge and Quilt.
This launcher is compatible with the standard Minecraft directories.
'';
changelog = "https://github.com/mindstorm38/portablemc/releases/tag/${src.rev}";
license = lib.licenses.gpl3Only;
mainProgram = "portablemc";
maintainers = with lib.maintainers; [ tomasajt ];
};
}

47
pkgs/by-name/po/portablemc/use-builtin-java.patch Normal file
View File

@ -0,0 +1,47 @@
diff --git a/portablemc/standard.py b/portablemc/standard.py
index f59c55d..0f017e1 100644
--- a/portablemc/standard.py
+++ b/portablemc/standard.py
@@ -843,6 +843,8 @@ class Version:
if jvm_major_version is not None and not isinstance(jvm_major_version, int):
raise ValueError("metadata: /javaVersion/majorVersion must be an integer")
+ return self._resolve_builtin_jvm(watcher, JvmNotFoundError.UNSUPPORTED_ARCH, jvm_major_version)
+
if platform.system() == "Linux" and platform.libc_ver()[0] != "glibc":
return self._resolve_builtin_jvm(watcher, JvmNotFoundError.UNSUPPORTED_LIBC, jvm_major_version)
@@ -926,31 +928,10 @@ class Version:
builtin_path = shutil.which(jvm_bin_filename)
if builtin_path is None:
raise JvmNotFoundError(reason)
-
- try:
-
- # Get version of the JVM.
- process = Popen([builtin_path, "-version"], bufsize=1, stdout=PIPE, stderr=STDOUT, universal_newlines=True)
- stdout, _stderr = process.communicate(timeout=1)
-
- version_start = stdout.index(f"1.{major_version}" if major_version <= 8 else str(major_version))
- version = None
-
- # Parse version by getting all character that are numeric or '.'.
- for i, ch in enumerate(stdout[version_start:]):
- if not ch.isnumeric() and ch not in (".", "_"):
- version = stdout[version_start:i]
- break
-
- if version is None:
- raise ValueError()
-
- except (TimeoutExpired, ValueError):
- raise JvmNotFoundError(JvmNotFoundError.BUILTIN_INVALID_VERSION)
self._jvm_path = Path(builtin_path)
- self._jvm_version = version
- watcher.handle(JvmLoadedEvent(version, JvmLoadedEvent.BUILTIN))
+ self._jvm_version = "nixpkgs"
+ watcher.handle(JvmLoadedEvent("nixpkgs", JvmLoadedEvent.BUILTIN))
def _download(self, watcher: Watcher) -> None:

2
pkgs/by-name/pr/pretalx/package.nix
View File

@ -42,7 +42,7 @@ let
homepage = "https://github.com/pretalx/pretalx";
changelog = "https://docs.pretalx.org/en/latest/changelog.html";
license = licenses.asl20;
maintainers = teams.c3d2.members;
maintainers = with maintainers; [ hexa] ++ teams.c3d2.members;
platforms = platforms.linux;
};

4
pkgs/by-name/pr/protonmail-desktop/package.nix
View File

@ -10,11 +10,11 @@ let
mainProgram = "proton-mail";
in stdenv.mkDerivation rec {
pname = "protonmail-desktop";
version = "1.0.1";
version = "1.0.2";
src = fetchurl {
url = "https://github.com/ProtonMail/inbox-desktop/releases/download/v${version}/proton-mail_${version}_amd64.deb";
hash = "sha256-fNK//x3DOsynWSkG9N+nZ3wjYoC+RreaYVC6KEDXh4w=";
hash = "sha256-c+0iFBpcg+t983oOttPokA5sLGsIQFIsC+GbsVY6hmI=";
};
dontConfigure = true;

Some files were not shown because too many files have changed in this diff Show More