mirror of
https://github.com/ilyakooo0/nixpkgs.git
synced 2024-10-06 20:48:32 +03:00
Merge master into haskell-updates
This commit is contained in:
commit
40ecbaf140
@ -111,3 +111,6 @@ fb0e5be84331188a69b3edd31679ca6576edb75a
|
||||
|
||||
# pkgs/os-specific/bsd: Reformat with nixfmt-rfc-style 2024-03-01
|
||||
3fe3b055adfc020e6a923c466b6bcd978a13069a
|
||||
|
||||
# k3s: format with nixfmt-rfc-style
|
||||
0b7900d5e8e0bcac89e14a52d3e840f9201e9f47
|
||||
|
9
.github/CODEOWNERS
vendored
9
.github/CODEOWNERS
vendored
@ -137,9 +137,9 @@ nixos/modules/installer/tools/nix-fallback-paths.nix @raitobezarius @ma27
|
||||
/pkgs/top-level/haskell-packages.nix @sternenseemann @maralorn @ncfavier
|
||||
|
||||
# Perl
|
||||
/pkgs/development/interpreters/perl @stigtsp @zakame @dasJ
|
||||
/pkgs/top-level/perl-packages.nix @stigtsp @zakame @dasJ
|
||||
/pkgs/development/perl-modules @stigtsp @zakame @dasJ
|
||||
/pkgs/development/interpreters/perl @stigtsp @zakame @dasJ @marcusramberg
|
||||
/pkgs/top-level/perl-packages.nix @stigtsp @zakame @dasJ @marcusramberg
|
||||
/pkgs/development/perl-modules @stigtsp @zakame @dasJ @marcusramberg
|
||||
|
||||
# R
|
||||
/pkgs/applications/science/math/R @jbedo
|
||||
@ -345,8 +345,11 @@ pkgs/development/tools/continuous-integration/buildbot @Mic92 @zowoq
|
||||
|
||||
# Pretix
|
||||
pkgs/by-name/pr/pretix/ @mweinelt
|
||||
pkgs/by-name/pr/pretalx/ @mweinelt
|
||||
nixos/modules/services/web-apps/pretix.nix @mweinelt
|
||||
nixos/modules/services/web-apps/pretalx.nix @mweinelt
|
||||
nixos/tests/web-apps/pretix.nix @mweinelt
|
||||
nixos/tests/web-apps/pretalx.nix @mweinelt
|
||||
|
||||
# incus/lxc/lxd
|
||||
nixos/maintainers/scripts/lxd/ @adamcstephens
|
||||
|
4
.github/workflows/check-nix-format.yml
vendored
4
.github/workflows/check-nix-format.yml
vendored
@ -39,6 +39,10 @@ jobs:
|
||||
pkgs/development/cuda-modules
|
||||
pkgs/test/cuda
|
||||
pkgs/top-level/cuda-packages.nix
|
||||
NIX_FMT_PATHS_K3S: |
|
||||
nixos/modules/services/cluster/k3s
|
||||
nixos/tests/k3s
|
||||
pkgs/applications/networking/cluster/k3s
|
||||
NIX_FMT_PATHS_VSCODE_EXTS: pkgs/applications/editors/vscode/extensions
|
||||
NIX_FMT_PATHS_PHP_PACKAGES: pkgs/development/php-packages
|
||||
NIX_FMT_PATHS_BUILD_SUPPORT_PHP: pkgs/build-support/php
|
||||
|
@ -1962,7 +1962,7 @@
|
||||
};
|
||||
atry = {
|
||||
name = "Bo Yang";
|
||||
email = "atry@fb.com";
|
||||
email = "yang-bo@yang-bo.com";
|
||||
github = "Atry";
|
||||
githubId = 601530;
|
||||
};
|
||||
|
@ -16,7 +16,7 @@ In addition to numerous new and upgraded packages, this release has the followin
|
||||
|
||||
- `linuxPackages_testing_bcachefs` is now fully deprecated by `linuxPackages_latest`, and is therefore no longer available.
|
||||
|
||||
- (TODO not sure what path to use here) The default kernel package has been updated from 6.1 to 6.6. All supported kernels remain available.
|
||||
- The default kernel package has been updated from 6.1 to 6.6. All supported kernels remain available.
|
||||
|
||||
- NixOS now installs a stub ELF loader that prints an informative error message when users attempt to run binaries not made for NixOS.
|
||||
- This can be disabled through the `environment.stub-ld.enable` option.
|
||||
@ -98,13 +98,13 @@ Use `services.pipewire.extraConfig` or `services.pipewire.configPackages` for Pi
|
||||
|
||||
- [clatd](https://github.com/toreanderson/clatd), a CLAT / SIIT-DC Edge Relay implementation for Linux.
|
||||
|
||||
- [pyLoad](https://pyload.net/), a FOSS download manager written in Python. Available as [services.pyload](#opt-services.pyload.enable)
|
||||
- [pyLoad](https://pyload.net/), a FOSS download manager written in Python. Available as [services.pyload](#opt-services.pyload.enable).
|
||||
|
||||
- [maubot](https://github.com/maubot/maubot), a plugin-based Matrix bot framework. Available as [services.maubot](#opt-services.maubot.enable).
|
||||
|
||||
- [ryzen-monitor-ng](https://github.com/mann1x/ryzen_monitor_ng), a desktop AMD CPU power monitor and controller, similar to Ryzen Master but for Linux. Available as [programs.ryzen-monitor-ng](#opt-programs.ryzen-monitor-ng.enable)
|
||||
- [ryzen-monitor-ng](https://github.com/mann1x/ryzen_monitor_ng), a desktop AMD CPU power monitor and controller, similar to Ryzen Master but for Linux. Available as [programs.ryzen-monitor-ng](#opt-programs.ryzen-monitor-ng.enable).
|
||||
|
||||
- [ryzen-smu](https://gitlab.com/leogx9r/ryzen_smu), Linux kernel driver to expose the SMU (System Management Unit) for certain AMD Ryzen Processors. Includes the userspace program `monitor_cpu`. Available at [hardward.cpu.amd.ryzen-smu](#opt-hardware.cpu.amd.ryzen-smu.enable)
|
||||
- [ryzen-smu](https://gitlab.com/leogx9r/ryzen_smu), Linux kernel driver to expose the SMU (System Management Unit) for certain AMD Ryzen Processors. Includes the userspace program `monitor_cpu`. Available at [hardward.cpu.amd.ryzen-smu](#opt-hardware.cpu.amd.ryzen-smu.enable).
|
||||
|
||||
- `systemd`'s `gateway`, `upload`, and `remote` services, which provide ways of sending journals across the network. Enable using [services.journald.gateway](#opt-services.journald.gateway.enable), [services.journald.upload](#opt-services.journald.upload.enable), and [services.journald.remote](#opt-services.journald.remote.enable).
|
||||
|
||||
@ -128,7 +128,7 @@ Use `services.pipewire.extraConfig` or `services.pipewire.configPackages` for Pi
|
||||
|
||||
- [Python Matter Server](https://github.com/home-assistant-libs/python-matter-server), a
|
||||
Matter Controller Server exposing websocket connections for use with other services, notably Home Assistant.
|
||||
Available as [services.matter-server](#opt-services.matter-server.enable)
|
||||
Available as [services.matter-server](#opt-services.matter-server.enable).
|
||||
|
||||
- [db-rest](https://github.com/derhuerst/db-rest), a wrapper around Deutsche Bahn's internal API for public transport data. Available as [services.db-rest](#opt-services.db-rest.enable).
|
||||
|
||||
@ -137,7 +137,7 @@ Use `services.pipewire.extraConfig` or `services.pipewire.configPackages` for Pi
|
||||
- [Anki Sync Server](https://docs.ankiweb.net/sync-server.html), the official sync server built into recent versions of Anki. Available as [services.anki-sync-server](#opt-services.anki-sync-server.enable).
|
||||
The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been marked deprecated and will be dropped after 24.05 due to lack of maintenance of the anki-sync-server software.
|
||||
|
||||
- [mautrix-meta](https://github.com/mautrix/meta), a Matrix <-> Facebook and Matrix <-> Instagram hybrid puppeting/relaybot bridge. Available as services.mautrix-meta
|
||||
- [mautrix-meta](https://github.com/mautrix/meta), a Matrix <-> Facebook and Matrix <-> Instagram hybrid puppeting/relaybot bridge. Available as services.mautrix-meta.
|
||||
|
||||
- [Jottacloud Command-line Tool](https://docs.jottacloud.com/en/articles/1436834-jottacloud-command-line-tool), a CLI for the [Jottacloud](https://jottacloud.com/) cloud storage provider. Available as [services.jotta-cli](#opt-services.jotta-cli.enable).
|
||||
|
||||
@ -161,7 +161,7 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
|
||||
|
||||
- [Monado](https://monado.freedesktop.org/), an open source XR runtime. Available as [services.monado](#opt-services.monado.enable).
|
||||
|
||||
- [intel-gpu-tools](https://drm.pages.freedesktop.org/igt-gpu-tools), tools for development and testing of the Intel DRM driver. Available as [hardware.intel-gpu-tools](#opt-hardware.intel-gpu-tools.enable)
|
||||
- [intel-gpu-tools](https://drm.pages.freedesktop.org/igt-gpu-tools), tools for development and testing of the Intel DRM driver. Available as [hardware.intel-gpu-tools](#opt-hardware.intel-gpu-tools.enable).
|
||||
|
||||
- [Pretix](https://pretix.eu/about/en/), an open source ticketing software for events. Available as [services.pretix](#opt-services.pretix.enable).
|
||||
|
||||
@ -183,7 +183,7 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
|
||||
|
||||
- [nh](https://github.com/viperML/nh), yet another Nix CLI helper. Available as [programs.nh](#opt-programs.nh.enable).
|
||||
|
||||
- [ALVR](https://github.com/alvr-org/alvr), a VR desktop streamer. Available as [programs.alvr](#opt-programs.alvr.enable)
|
||||
- [ALVR](https://github.com/alvr-org/alvr), a VR desktop streamer. Available as [programs.alvr](#opt-programs.alvr.enable).
|
||||
|
||||
- [xdg-terminal-exec](https://github.com/Vladimir-csp/xdg-terminal-exec), the proposed Default Terminal Execution Specification.
|
||||
|
||||
@ -193,17 +193,17 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
|
||||
|
||||
- [davis](https://github.com/tchapi/davis), a simple CardDav and CalDav server inspired by Baïkal. Available as [services.davis](#opt-services.davis.enable).
|
||||
|
||||
- [Firefly-iii](https://www.firefly-iii.org), a free and open source personal finance manager. Available as [services.firefly-iii](#opt-services.firefly-iii.enable)
|
||||
- [Firefly-iii](https://www.firefly-iii.org), a free and open source personal finance manager. Available as [services.firefly-iii](#opt-services.firefly-iii.enable).
|
||||
|
||||
- [systemd-lock-handler](https://git.sr.ht/~whynothugo/systemd-lock-handler/), a bridge between logind D-Bus events and systemd targets. Available as [services.systemd-lock-handler.enable](#opt-services.systemd-lock-handler.enable).
|
||||
|
||||
- [wastebin](https://github.com/matze/wastebin), a pastebin server written in rust. Available as [services.wastebin](#opt-services.wastebin.enable).
|
||||
|
||||
- [Mealie](https://nightly.mealie.io/), a self-hosted recipe manager and meal planner with a RestAPI backend and a reactive frontend application built in NuxtJS for a pleasant user experience for the whole family. Available as [services.mealie](#opt-services.mealie.enable)
|
||||
- [Mealie](https://nightly.mealie.io/), a self-hosted recipe manager and meal planner with a RestAPI backend and a reactive frontend application built in NuxtJS for a pleasant user experience for the whole family. Available as [services.mealie](#opt-services.mealie.enable).
|
||||
|
||||
- [Sunshine](https://app.lizardbyte.dev/Sunshine), a self-hosted game stream host for Moonlight. Available as [services.sunshine](#opt-services.sunshine.enable).
|
||||
|
||||
- [Uni-Sync](https://github.com/EightB1ts/uni-sync), a synchronization tool for Lian Li Uni Controllers. Available as [hardware.uni-sync](#opt-hardware.uni-sync.enable)
|
||||
- [Uni-Sync](https://github.com/EightB1ts/uni-sync), a synchronization tool for Lian Li Uni Controllers. Available as [hardware.uni-sync](#opt-hardware.uni-sync.enable).
|
||||
|
||||
- [prometheus-nats-exporter](https://github.com/nats-io/prometheus-nats-exporter), a Prometheus exporter for NATS. Available as [services.prometheus.exporters.nats](#opt-services.prometheus.exporters.nats.enable).
|
||||
|
||||
@ -267,7 +267,7 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
|
||||
|
||||
- `idris2` was updated to v0.7.0. This version introduces breaking changes. Check out the [changelog](https://github.com/idris-lang/Idris2/blob/v0.7.0/CHANGELOG.md#v070) for details.
|
||||
|
||||
- `nvtop` family of packages was reorganized into nested attrset. `nvtop` has been renamed to `nvtopPackages.full`, and all `nvtop-{amd,nvidia,intel,msm}` packages are now named as `nvtopPackages.{amd,nvidia,intel,msm}`
|
||||
- `nvtop` family of packages was reorganized into nested attrset. `nvtop` has been renamed to `nvtopPackages.full`, and all `nvtop-{amd,nvidia,intel,msm}` packages are now named as `nvtopPackages.{amd,nvidia,intel,msm}`.
|
||||
|
||||
- `neo4j` has been updated to version 5. You may want to read the [release notes for Neo4j 5](https://neo4j.com/release-notes/database/neo4j-5/).
|
||||
|
||||
@ -297,7 +297,7 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
|
||||
|
||||
- `buildGoModule` now throws an error when `vendorHash` is not specified. `vendorSha256`, deprecated in Nixpkgs 23.11, is now ignored and is no longer a `vendorHash` alias.
|
||||
|
||||
- `services.invidious.settings.db.user`, the default database username has changed from `kemal` to `invidious`. Setups involving an externally-provisioned database (i.e. `services.invidious.database.createLocally == false`) should adjust their configuration accordingly. The old `kemal` user will not be removed automatically even when the database is provisioned automatically.(https://github.com/NixOS/nixpkgs/pull/265857)
|
||||
- `services.invidious.settings.db.user`, the default database username has changed from `kemal` to `invidious`. Setups involving an externally-provisioned database (i.e. `services.invidious.database.createLocally == false`) should adjust their configuration accordingly. The old `kemal` user will not be removed automatically even when the database is provisioned automatically.(https://github.com/NixOS/nixpkgs/pull/265857).
|
||||
|
||||
- `writeReferencesToFile` is deprecated in favour of the new trivial build helper `writeClosure`. The latter accepts a list of paths and has an unambiguous name and cleaner implementation.
|
||||
|
||||
@ -459,6 +459,11 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
|
||||
|
||||
- `firefox-devedition`, `firefox-beta`, `firefox-esr` executable file names for now match their package names, which is consistent with the `firefox-*-bin` packages. The desktop entries are also updated so that you can have multiple editions of firefox in your app launcher.
|
||||
|
||||
- `chromium` and `ungoogled-chromium` had a long stanging issue regarding Widevine DRM handling in nixpkgs fixed.
|
||||
`chromium` now no longer automatically downloads Widevine when encountering DRM protected content.
|
||||
To be able to play DRM protected content in `chromium` now, you have to explicitly opt-in as originally intended using `chromium.override { enableWideVine = true; }`.
|
||||
This override has been added almost 10 years ago.
|
||||
|
||||
- switch-to-configuration does not directly call systemd-tmpfiles anymore.
|
||||
Instead, the new artificial sysinit-reactivation.target is introduced which
|
||||
allows to restart multiple services that are ordered before sysinit.target
|
||||
@ -467,11 +472,11 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
|
||||
- `systemd.oomd` module behavior is changed as:
|
||||
|
||||
- Raise ManagedOOMMemoryPressureLimit from 50% to 80%. This should make systemd-oomd kill things less often, and fix issues like [this](https://pagure.io/fedora-workstation/issue/358).
|
||||
Reference: [commit](https://src.fedoraproject.org/rpms/systemd/c/806c95e1c70af18f81d499b24cd7acfa4c36ffd6?branch=806c95e1c70af18f81d499b24cd7acfa4c36ffd6)
|
||||
Reference: [commit](https://src.fedoraproject.org/rpms/systemd/c/806c95e1c70af18f81d499b24cd7acfa4c36ffd6?branch=806c95e1c70af18f81d499b24cd7acfa4c36ffd6).
|
||||
|
||||
- Remove swap policy. This helps prevent killing processes when user's swap is small.
|
||||
|
||||
- Expand the memory pressure policy to system.slice, user-.slice, and all user owned slices. Reference: [commit](https://src.fedoraproject.org/rpms/systemd/c/7665e1796f915dedbf8e014f0a78f4f576d609bb)
|
||||
- Expand the memory pressure policy to system.slice, user-.slice, and all user owned slices. Reference: [commit](https://src.fedoraproject.org/rpms/systemd/c/7665e1796f915dedbf8e014f0a78f4f576d609bb).
|
||||
|
||||
- `systemd.oomd.enableUserServices` is renamed to `systemd.oomd.enableUserSlices`.
|
||||
|
||||
@ -532,7 +537,7 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
|
||||
|
||||
- `cinnamon` has been updated to 6.0. Please beware that the [Wayland session](https://blog.linuxmint.com/?p=4591) is still experimental in this release and could potentially [affect Xorg sessions](https://blog.linuxmint.com/?p=4639). We suggest a reboot when switching between sessions.
|
||||
|
||||
- (TODO awaiting feedback on code-casing package names) MATE has been updated to 1.28.
|
||||
- `mate` has been updated to 1.28.
|
||||
- To properly support panel plugins built with Wayland (in-process) support, we are introducing `services.xserver.desktopManager.mate.extraPanelApplets` option, please use that for installing panel applets.
|
||||
- Similarly, please use `services.xserver.desktopManager.mate.extraCajaExtensions` option for installing Caja extensions.
|
||||
- To use the Wayland session, enable `services.xserver.desktopManager.mate.enableWaylandSession`. This is opt-in for now as it is in early stage and introduces a new set of Wayfire closure. Due to [known issues with LightDM](https://github.com/canonical/lightdm/issues/63), we suggest using SDDM for display manager.
|
||||
@ -568,7 +573,7 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
|
||||
The `nimPackages` and `nim2Packages` sets have been removed.
|
||||
See https://nixos.org/manual/nixpkgs/unstable#nim for more information.
|
||||
|
||||
- [TODO: reword to place an attribute at the front] Programs written in [D](https://dlang.org/) using the `dub` build system and package manager can now be built using `buildDubPackage` utilizing lockfiles provided by the new `dub-to-nix` helper program.
|
||||
- `buildDubPackage` can now be used to build Programs written in [D](https://dlang.org/) using the `dub` build system and package manager.
|
||||
See the [D section](https://nixos.org/manual/nixpkgs/unstable#dlang) in the manual for more information.
|
||||
|
||||
- [`portunus`](https://github.com/majewsky/portunus) has been updated to major version 2.
|
||||
@ -584,7 +589,7 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
|
||||
|
||||
- `garage` has been updated to v1.x.x. Users should read the [upstream release notes](https://git.deuxfleurs.fr/Deuxfleurs/garage/releases/tag/v1.0.0) and follow the documentation when changing over their `services.garage.package` and performing this manual upgrade.
|
||||
|
||||
- [TODO: reword to place an attribute at the front] The EC2 image module now enables the [Amazon SSM Agent](https://docs.aws.amazon.com/systems-manager/latest/userguide/ssm-agent.html) by default.
|
||||
- The EC2 image module now enables the [Amazon SSM Agent](https://docs.aws.amazon.com/systems-manager/latest/userguide/ssm-agent.html) by default.
|
||||
|
||||
- The following options of the Nextcloud module were moved into [`services.nextcloud.settings`](#opt-services.nextcloud.settings) and renamed to match the name from Nextcloud's `config.php`:
|
||||
- `logLevel` -> [`loglevel`](#opt-services.nextcloud.settings.loglevel),
|
||||
@ -619,7 +624,7 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
|
||||
|
||||
- `sonarr` version bumped to from 3.0.10 to 4.0.3. Consequently existing config database files will be upgraded automatically, but note that some old apparently-working configs [might actually be corrupt and fail to upgrade cleanly](https://forums.sonarr.tv/t/sonarr-v4-released/33089).
|
||||
|
||||
- [TODO: reword to place an attribute at the front] The Yama LSM is now enabled by default in the kernel, which prevents ptracing
|
||||
- The kernel Yama LSM is now enabled by default, which prevents ptracing
|
||||
non-child processes. This means you will not be able to attach gdb to an
|
||||
existing process, but will need to start that process from gdb (so it is a
|
||||
child). Or you can set `boot.kernel.sysctl."kernel.yama.ptrace_scope"` to 0.
|
||||
@ -637,7 +642,7 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
|
||||
|
||||
- [](#opt-boot.kernel.sysctl._net.core.wmem_max_) changed from a string to an integer because of the addition of a custom merge option (taking the highest value defined to avoid conflicts between 2 services trying to set that value), just as [](#opt-boot.kernel.sysctl._net.core.rmem_max_) since 22.11.
|
||||
|
||||
- [TODO: reword to place an attribute at the front] A new top-level package set, `pkgsExtraHardening` is added. This is a set of packages built with stricter hardening flags - those that have not yet received enough testing to be applied universally, those that are more likely to cause build failures or those that have drawbacks to their use (e.g. performance or required hardware features).
|
||||
- `pkgsExtraHardening`, a new top-level package set, was added. This is a set of packages built with stricter hardening flags - those that have not yet received enough testing to be applied universally, those that are more likely to cause build failures or those that have drawbacks to their use (e.g. performance or required hardware features).
|
||||
|
||||
- `services.zfs.zed.enableMail` now uses the global `sendmail` wrapper defined by an email module
|
||||
(such as msmtp or Postfix). It no longer requires using a special ZFS build with email support.
|
||||
@ -693,16 +698,16 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
|
||||
|
||||
- `youtrack` is bumped to 2023.3. The update is not performed automatically, it requires manual interaction. See the YouTrack section in the manual for details.
|
||||
|
||||
- QtMultimedia has changed its default backend to `QT_MEDIA_BACKEND=ffmpeg` (previously `gstreamer` on Linux or `darwin` on MacOS).
|
||||
- `qt6.qtmultimedia` has changed its default backend to `QT_MEDIA_BACKEND=ffmpeg` (previously `gstreamer` on Linux or `darwin` on MacOS).
|
||||
The previous native backends remain available but are now minimally maintained. Refer to [upstream documentation](https://doc.qt.io/qt-6/qtmultimedia-index.html#ffmpeg-as-the-default-backend) for further details about each platform.
|
||||
|
||||
- `drbd` out-of-tree Linux kernel driver has been added in version 9.2.7. With it the DRBD 9.x features can be used instead of the 8.x features provided by the 8.4.11 in-tree driver.
|
||||
|
||||
- [TODO: reword to place an attribute at the front] The oil shell's c++ version is now available as `oils-for-unix`. The python version is still available as `oil`
|
||||
- `oils-for-unix`, the oil shell's c++ version is now available. The python version is still available as `oil`.
|
||||
|
||||
- `documentation.man.mandoc` now by default uses `MANPATH` to set the directories where mandoc will search for manual pages.
|
||||
This enables mandoc to find manual pages in Nix profiles. To set the manual search paths via the `mandoc.conf` configuration file like before, use `documentation.man.mandoc.settings.manpath` instead.
|
||||
|
||||
- `grafana-loki` package was updated to 3.0.0 which includes [breaking changes](https://github.com/grafana/loki/releases/tag/v3.0.0)
|
||||
- `grafana-loki` package was updated to 3.0.0 which includes [breaking changes](https://github.com/grafana/loki/releases/tag/v3.0.0).
|
||||
|
||||
- `programs.fish.package` now allows you to override the package used in the `fish` module
|
||||
- `programs.fish.package` now allows you to override the package used in the `fish` module.
|
||||
|
@ -1,11 +1,17 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
|
||||
let
|
||||
inherit (lib) mkEnableOption mkPackageOption mkOption maintainers;
|
||||
inherit (lib.types) bool str;
|
||||
cfg = config.services.navidrome;
|
||||
settingsFormat = pkgs.formats.json {};
|
||||
in {
|
||||
settingsFormat = pkgs.formats.json { };
|
||||
in
|
||||
{
|
||||
options = {
|
||||
services.navidrome = {
|
||||
|
||||
@ -13,9 +19,8 @@ in {
|
||||
|
||||
package = mkPackageOption pkgs "navidrome" { };
|
||||
|
||||
settings = mkOption rec {
|
||||
settings = mkOption {
|
||||
type = settingsFormat.type;
|
||||
apply = recursiveUpdate default;
|
||||
default = {
|
||||
Address = "127.0.0.1";
|
||||
Port = 4533;
|
||||
@ -23,62 +28,111 @@ in {
|
||||
example = {
|
||||
MusicFolder = "/mnt/music";
|
||||
};
|
||||
description = ''
|
||||
Configuration for Navidrome, see <https://www.navidrome.org/docs/usage/configuration-options/> for supported values.
|
||||
'';
|
||||
description = "Configuration for Navidrome, see <https://www.navidrome.org/docs/usage/configuration-options/> for supported values.";
|
||||
};
|
||||
|
||||
user = mkOption {
|
||||
type = str;
|
||||
default = "navidrome";
|
||||
description = "User under which Navidrome runs.";
|
||||
};
|
||||
|
||||
group = mkOption {
|
||||
type = str;
|
||||
default = "navidrome";
|
||||
description = "Group under which Navidrome runs.";
|
||||
};
|
||||
|
||||
openFirewall = mkOption {
|
||||
type = types.bool;
|
||||
type = bool;
|
||||
default = false;
|
||||
description = "Whether to open the TCP port in the firewall";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [cfg.settings.Port];
|
||||
|
||||
systemd.services.navidrome = {
|
||||
description = "Navidrome Media Server";
|
||||
after = [ "network.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
ExecStart = ''
|
||||
${cfg.package}/bin/navidrome --configfile ${settingsFormat.generate "navidrome.json" cfg.settings}
|
||||
'';
|
||||
DynamicUser = true;
|
||||
StateDirectory = "navidrome";
|
||||
WorkingDirectory = "/var/lib/navidrome";
|
||||
RuntimeDirectory = "navidrome";
|
||||
RootDirectory = "/run/navidrome";
|
||||
ReadWritePaths = "";
|
||||
BindPaths = lib.optional (cfg.settings ? DataFolder) cfg.settings.DataFolder;
|
||||
BindReadOnlyPaths = [
|
||||
# navidrome uses online services to download additional album metadata / covers
|
||||
"${config.environment.etc."ssl/certs/ca-certificates.crt".source}:/etc/ssl/certs/ca-certificates.crt"
|
||||
builtins.storeDir
|
||||
"/etc"
|
||||
] ++ lib.optional (cfg.settings ? MusicFolder) cfg.settings.MusicFolder;
|
||||
CapabilityBoundingSet = "";
|
||||
RestrictAddressFamilies = [ "AF_UNIX" "AF_INET" "AF_INET6" ];
|
||||
RestrictNamespaces = true;
|
||||
PrivateDevices = true;
|
||||
PrivateUsers = true;
|
||||
ProtectClock = true;
|
||||
ProtectControlGroups = true;
|
||||
ProtectHome = true;
|
||||
ProtectKernelLogs = true;
|
||||
ProtectKernelModules = true;
|
||||
ProtectKernelTunables = true;
|
||||
SystemCallArchitectures = "native";
|
||||
SystemCallFilter = [ "@system-service" "~@privileged" ];
|
||||
RestrictRealtime = true;
|
||||
LockPersonality = true;
|
||||
MemoryDenyWriteExecute = true;
|
||||
UMask = "0066";
|
||||
ProtectHostname = true;
|
||||
config =
|
||||
let
|
||||
inherit (lib) mkIf optional getExe;
|
||||
WorkingDirectory = "/var/lib/navidrome";
|
||||
in
|
||||
mkIf cfg.enable {
|
||||
systemd = {
|
||||
tmpfiles.settings.navidromeDirs = {
|
||||
"${cfg.settings.DataFolder or WorkingDirectory}"."d" = {
|
||||
mode = "700";
|
||||
inherit (cfg) user group;
|
||||
};
|
||||
"${cfg.settings.CacheFolder or (WorkingDirectory + "/cache")}"."d" = {
|
||||
mode = "700";
|
||||
inherit (cfg) user group;
|
||||
};
|
||||
};
|
||||
services.navidrome = {
|
||||
description = "Navidrome Media Server";
|
||||
after = [ "network.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
ExecStart = ''
|
||||
${getExe cfg.package} --configfile ${settingsFormat.generate "navidrome.json" cfg.settings}
|
||||
'';
|
||||
User = cfg.user;
|
||||
Group = cfg.group;
|
||||
StateDirectory = "navidrome";
|
||||
inherit WorkingDirectory;
|
||||
RuntimeDirectory = "navidrome";
|
||||
RootDirectory = "/run/navidrome";
|
||||
ReadWritePaths = "";
|
||||
BindPaths =
|
||||
optional (cfg.settings ? DataFolder) cfg.settings.DataFolder
|
||||
++ optional (cfg.settings ? CacheFolder) cfg.settings.CacheFolder;
|
||||
BindReadOnlyPaths = [
|
||||
# navidrome uses online services to download additional album metadata / covers
|
||||
"${
|
||||
config.environment.etc."ssl/certs/ca-certificates.crt".source
|
||||
}:/etc/ssl/certs/ca-certificates.crt"
|
||||
builtins.storeDir
|
||||
"/etc"
|
||||
] ++ optional (cfg.settings ? MusicFolder) cfg.settings.MusicFolder;
|
||||
CapabilityBoundingSet = "";
|
||||
RestrictAddressFamilies = [
|
||||
"AF_UNIX"
|
||||
"AF_INET"
|
||||
"AF_INET6"
|
||||
];
|
||||
RestrictNamespaces = true;
|
||||
PrivateDevices = true;
|
||||
PrivateUsers = true;
|
||||
ProtectClock = true;
|
||||
ProtectControlGroups = true;
|
||||
ProtectHome = true;
|
||||
ProtectKernelLogs = true;
|
||||
ProtectKernelModules = true;
|
||||
ProtectKernelTunables = true;
|
||||
SystemCallArchitectures = "native";
|
||||
SystemCallFilter = [
|
||||
"@system-service"
|
||||
"~@privileged"
|
||||
];
|
||||
RestrictRealtime = true;
|
||||
LockPersonality = true;
|
||||
MemoryDenyWriteExecute = true;
|
||||
UMask = "0066";
|
||||
ProtectHostname = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
users.users = mkIf (cfg.user == "navidrome") {
|
||||
navidrome = {
|
||||
inherit (cfg) group;
|
||||
isSystemUser = true;
|
||||
};
|
||||
};
|
||||
|
||||
users.groups = mkIf (cfg.group == "navidrome") { navidrome = { }; };
|
||||
|
||||
networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ cfg.settings.Port ];
|
||||
};
|
||||
};
|
||||
meta.maintainers = with maintainers; [ nu-nu-ko ];
|
||||
}
|
||||
|
@ -1,15 +1,25 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
|
||||
with lib;
|
||||
let
|
||||
cfg = config.services.k3s;
|
||||
removeOption = config: instruction:
|
||||
lib.mkRemovedOptionModule ([ "services" "k3s" ] ++ config) instruction;
|
||||
removeOption =
|
||||
config: instruction:
|
||||
lib.mkRemovedOptionModule (
|
||||
[
|
||||
"services"
|
||||
"k3s"
|
||||
]
|
||||
++ config
|
||||
) instruction;
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
(removeOption [ "docker" ] "k3s docker option is no longer supported.")
|
||||
];
|
||||
imports = [ (removeOption [ "docker" ] "k3s docker option is no longer supported.") ];
|
||||
|
||||
# interface
|
||||
options.services.k3s = {
|
||||
@ -33,7 +43,10 @@ in
|
||||
- `serverAddr` is required.
|
||||
'';
|
||||
default = "server";
|
||||
type = types.enum [ "server" "agent" ];
|
||||
type = types.enum [
|
||||
"server"
|
||||
"agent"
|
||||
];
|
||||
};
|
||||
|
||||
serverAddr = mkOption {
|
||||
@ -125,7 +138,8 @@ in
|
||||
message = "serverAddr or configPath (with 'server' key) should be set if role is 'agent'";
|
||||
}
|
||||
{
|
||||
assertion = cfg.role == "agent" -> cfg.configPath != null || cfg.tokenFile != null || cfg.token != "";
|
||||
assertion =
|
||||
cfg.role == "agent" -> cfg.configPath != null || cfg.tokenFile != null || cfg.token != "";
|
||||
message = "token or tokenFile or configPath (with 'token' or 'token-file' keys) should be set if role is 'agent'";
|
||||
}
|
||||
{
|
||||
@ -142,8 +156,14 @@ in
|
||||
|
||||
systemd.services.k3s = {
|
||||
description = "k3s service";
|
||||
after = [ "firewall.service" "network-online.target" ];
|
||||
wants = [ "firewall.service" "network-online.target" ];
|
||||
after = [
|
||||
"firewall.service"
|
||||
"network-online.target"
|
||||
];
|
||||
wants = [
|
||||
"firewall.service"
|
||||
"network-online.target"
|
||||
];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
path = optional config.boot.zfs.enabled config.boot.zfs.package;
|
||||
serviceConfig = {
|
||||
@ -159,9 +179,7 @@ in
|
||||
TasksMax = "infinity";
|
||||
EnvironmentFile = cfg.environmentFile;
|
||||
ExecStart = concatStringsSep " \\\n " (
|
||||
[
|
||||
"${cfg.package}/bin/k3s ${cfg.role}"
|
||||
]
|
||||
[ "${cfg.package}/bin/k3s ${cfg.role}" ]
|
||||
++ (optional cfg.clusterInit "--cluster-init")
|
||||
++ (optional cfg.disableAgent "--disable-agent")
|
||||
++ (optional (cfg.serverAddr != "") "--server ${cfg.serverAddr}")
|
||||
|
@ -24,7 +24,7 @@ in
|
||||
|
||||
{
|
||||
meta = with lib; {
|
||||
maintainers = teams.c3d2.members;
|
||||
maintainers = with maintainers; [ hexa] ++ teams.c3d2.members;
|
||||
};
|
||||
|
||||
options.services.pretalx = {
|
||||
@ -329,10 +329,47 @@ in
|
||||
serviceConfig = {
|
||||
User = "pretalx";
|
||||
Group = "pretalx";
|
||||
StateDirectory = [ "pretalx" "pretalx/media" ];
|
||||
StateDirectory = [
|
||||
"pretalx"
|
||||
"pretalx/media"
|
||||
];
|
||||
StateDirectoryMode = "0750";
|
||||
LogsDirectory = "pretalx";
|
||||
WorkingDirectory = cfg.settings.filesystem.data;
|
||||
SupplementaryGroups = [ "redis-pretalx" ];
|
||||
AmbientCapabilities = "";
|
||||
CapabilityBoundingSet = [ "" ];
|
||||
DevicePolicy = "closed";
|
||||
LockPersonality = true;
|
||||
MemoryDenyWriteExecute = true;
|
||||
NoNewPrivileges = true;
|
||||
PrivateDevices = true;
|
||||
PrivateTmp = true;
|
||||
ProcSubset = "pid";
|
||||
ProtectControlGroups = true;
|
||||
ProtectHome = true;
|
||||
ProtectHostname = true;
|
||||
ProtectKernelLogs = true;
|
||||
ProtectKernelModules = true;
|
||||
ProtectKernelTunables = true;
|
||||
ProtectProc = "invisible";
|
||||
ProtectSystem = "strict";
|
||||
RemoveIPC = true;
|
||||
RestrictAddressFamilies = [
|
||||
"AF_INET"
|
||||
"AF_INET6"
|
||||
"AF_UNIX"
|
||||
];
|
||||
RestrictNamespaces = true;
|
||||
RestrictRealtime = true;
|
||||
RestrictSUIDSGID = true;
|
||||
SystemCallArchitectures = "native";
|
||||
SystemCallFilter = [
|
||||
"@system-service"
|
||||
"~@privileged"
|
||||
"@chown"
|
||||
];
|
||||
UMask = "0027";
|
||||
};
|
||||
};
|
||||
in {
|
||||
@ -395,6 +432,8 @@ in
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig.ExecStart = "${lib.getExe' pythonEnv "celery"} -A pretalx.celery_app worker ${cfg.celery.extraArgs}";
|
||||
});
|
||||
|
||||
nginx.serviceConfig.SupplementaryGroups = lib.mkIf cfg.nginx.enable [ "pretalx" ];
|
||||
};
|
||||
|
||||
systemd.sockets.pretalx-web.socketConfig = {
|
||||
@ -403,11 +442,9 @@ in
|
||||
};
|
||||
|
||||
users = {
|
||||
groups."${cfg.group}" = {};
|
||||
users."${cfg.user}" = {
|
||||
groups.${cfg.group} = {};
|
||||
users.${cfg.user} = {
|
||||
isSystemUser = true;
|
||||
createHome = true;
|
||||
home = cfg.settings.filesystem.data;
|
||||
inherit (cfg) group;
|
||||
};
|
||||
};
|
||||
|
@ -468,7 +468,7 @@ in
|
||||
StateDirectory = [
|
||||
"pretix"
|
||||
];
|
||||
StateDirectoryMode = "0755";
|
||||
StateDirectoryMode = "0750";
|
||||
CacheDirectory = "pretix";
|
||||
LogsDirectory = "pretix";
|
||||
WorkingDirectory = cfg.settings.pretix.datadir;
|
||||
@ -507,7 +507,7 @@ in
|
||||
"~@privileged"
|
||||
"@chown"
|
||||
];
|
||||
UMask = "0022";
|
||||
UMask = "0027";
|
||||
};
|
||||
};
|
||||
in {
|
||||
@ -561,6 +561,8 @@ in
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig.ExecStart = "${getExe' pythonEnv "celery"} -A pretix.celery_app worker ${cfg.celery.extraArgs}";
|
||||
};
|
||||
|
||||
nginx.serviceConfig.SupplementaryGroups = mkIf cfg.nginx.enable [ "pretix" ];
|
||||
};
|
||||
|
||||
systemd.sockets.pretix-web.socketConfig = {
|
||||
@ -569,11 +571,9 @@ in
|
||||
};
|
||||
|
||||
users = {
|
||||
groups."${cfg.group}" = {};
|
||||
users."${cfg.user}" = {
|
||||
groups.${cfg.group} = {};
|
||||
users.${cfg.user} = {
|
||||
isSystemUser = true;
|
||||
createHome = true;
|
||||
home = cfg.settings.pretix.datadir;
|
||||
inherit (cfg) group;
|
||||
};
|
||||
};
|
||||
|
@ -352,7 +352,7 @@ let
|
||||
|
||||
# The acme-challenge location doesn't need to be added if we are not using any automated
|
||||
# certificate provisioning and can also be omitted when we use a certificate obtained via a DNS-01 challenge
|
||||
acmeName = if vhost.useACMEHost != null then vhost.useACMEHost else vhostName;
|
||||
acmeName = if vhost.useACMEHost != null then vhost.useACMEHost else vhost.serverName;
|
||||
acmeLocation = optionalString ((vhost.enableACME || vhost.useACMEHost != null) && config.security.acme.certs.${acmeName}.dnsProvider == null)
|
||||
# Rule for legitimate ACME Challenge requests (like /.well-known/acme-challenge/xxxxxxxxx)
|
||||
# We use ^~ here, so that we don't check any regexes (which could
|
||||
|
@ -218,7 +218,7 @@ in
|
||||
|
||||
services.displayManager.logToJournal = true;
|
||||
|
||||
services.logrotate.enable = lib.mkDefault false;
|
||||
services.logrotate.enable = mkOverride 150 false;
|
||||
|
||||
# Make sure we use the Guest Agent from the QEMU package for testing
|
||||
# to reduce the closure size required for the tests.
|
||||
|
@ -99,7 +99,14 @@
|
||||
serverAliases = [ "${server}-wildcard-alias.example.test" ];
|
||||
useACMEHost = "example.test";
|
||||
};
|
||||
};
|
||||
} // (lib.optionalAttrs (server == "nginx") {
|
||||
# The nginx module supports using a different key than the hostname
|
||||
different-key = vhostBaseData // {
|
||||
serverName = "${server}-different-key.example.test";
|
||||
serverAliases = [ "${server}-different-key-alias.example.test" ];
|
||||
enableACME = true;
|
||||
};
|
||||
});
|
||||
};
|
||||
|
||||
# Used to determine if service reload was triggered
|
||||
@ -653,20 +660,20 @@ in {
|
||||
webserver.succeed("systemctl restart caddy.service")
|
||||
check_connection_key_bits(client, "a.example.test", "384")
|
||||
|
||||
domains = ["http", "dns", "wildcard"]
|
||||
for server, logsrc in [
|
||||
("nginx", "journalctl -n 30 -u nginx.service"),
|
||||
("httpd", "tail -n 30 /var/log/httpd/*.log"),
|
||||
common_domains = ["http", "dns", "wildcard"]
|
||||
for server, logsrc, domains in [
|
||||
("nginx", "journalctl -n 30 -u nginx.service", common_domains + ["different-key"]),
|
||||
("httpd", "tail -n 30 /var/log/httpd/*.log", common_domains),
|
||||
]:
|
||||
wait_for_server = lambda: webserver.wait_for_unit(f"{server}.service")
|
||||
with subtest(f"Works with {server}"):
|
||||
try:
|
||||
switch_to(webserver, server)
|
||||
# Skip wildcard domain for this check ([:-1])
|
||||
for domain in domains[:-1]:
|
||||
webserver.wait_for_unit(
|
||||
f"acme-finished-{server}-{domain}.example.test.target"
|
||||
)
|
||||
for domain in domains:
|
||||
if domain != "wildcard":
|
||||
webserver.wait_for_unit(
|
||||
f"acme-finished-{server}-{domain}.example.test.target"
|
||||
)
|
||||
except Exception as err:
|
||||
_, output = webserver.execute(
|
||||
f"{logsrc} && ls -al /var/lib/acme/acme-challenge"
|
||||
@ -676,8 +683,9 @@ in {
|
||||
|
||||
wait_for_server()
|
||||
|
||||
for domain in domains[:-1]:
|
||||
check_issuer(webserver, f"{server}-{domain}.example.test", "pebble")
|
||||
for domain in domains:
|
||||
if domain != "wildcard":
|
||||
check_issuer(webserver, f"{server}-{domain}.example.test", "pebble")
|
||||
for domain in domains:
|
||||
check_connection(client, f"{server}-{domain}.example.test")
|
||||
check_connection(client, f"{server}-{domain}-alias.example.test")
|
||||
|
@ -424,7 +424,8 @@ in {
|
||||
icingaweb2 = handleTest ./icingaweb2.nix {};
|
||||
iftop = handleTest ./iftop.nix {};
|
||||
incron = handleTest ./incron.nix {};
|
||||
incus = pkgs.recurseIntoAttrs (handleTest ./incus { inherit handleTestOn; });
|
||||
incus = pkgs.recurseIntoAttrs (handleTest ./incus { inherit handleTestOn; inherit (pkgs) incus; });
|
||||
incus-lts = pkgs.recurseIntoAttrs (handleTest ./incus { inherit handleTestOn; });
|
||||
influxdb = handleTest ./influxdb.nix {};
|
||||
influxdb2 = handleTest ./influxdb2.nix {};
|
||||
initrd-network-openvpn = handleTestOn [ "x86_64-linux" "i686-linux" ] ./initrd-network-openvpn {};
|
||||
|
@ -1,4 +1,4 @@
|
||||
import ./make-test-python.nix ({ pkgs, firefoxPackage, ... }:
|
||||
import ./make-test-python.nix ({ lib, pkgs, firefoxPackage, ... }:
|
||||
{
|
||||
name = firefoxPackage.pname;
|
||||
|
||||
@ -55,7 +55,7 @@ import ./make-test-python.nix ({ pkgs, firefoxPackage, ... }:
|
||||
};
|
||||
|
||||
testScript = let
|
||||
exe = firefoxPackage.unwrapped.binaryName;
|
||||
exe = lib.getExe firefoxPackage;
|
||||
in ''
|
||||
from contextlib import contextmanager
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
import ../make-test-python.nix ({ pkgs, lib, extra ? {}, name ? "incus-container", ... } :
|
||||
import ../make-test-python.nix ({ pkgs, lib, extra ? {}, name ? "incus-container", incus ? pkgs.incus-lts, ... } :
|
||||
|
||||
let
|
||||
releases = import ../../release.nix {
|
||||
@ -28,7 +28,10 @@ in
|
||||
memorySize = 1024;
|
||||
diskSize = 4096;
|
||||
|
||||
incus.enable = true;
|
||||
incus = {
|
||||
enable = true;
|
||||
package = incus;
|
||||
};
|
||||
};
|
||||
networking.nftables.enable = true;
|
||||
};
|
||||
|
@ -3,24 +3,27 @@
|
||||
config ? { },
|
||||
pkgs ? import ../../.. { inherit system config; },
|
||||
handleTestOn,
|
||||
incus ? pkgs.incus-lts,
|
||||
}:
|
||||
{
|
||||
container-legacy-init = import ./container.nix {
|
||||
name = "container-legacy-init";
|
||||
inherit system pkgs;
|
||||
inherit incus system pkgs;
|
||||
};
|
||||
container-systemd-init = import ./container.nix {
|
||||
name = "container-systemd-init";
|
||||
inherit system pkgs;
|
||||
inherit incus system pkgs;
|
||||
extra = {
|
||||
boot.initrd.systemd.enable = true;
|
||||
};
|
||||
};
|
||||
incusd-options = import ./incusd-options.nix { inherit system pkgs; };
|
||||
lxd-to-incus = import ./lxd-to-incus.nix { inherit system pkgs; };
|
||||
openvswitch = import ./openvswitch.nix { inherit system pkgs; };
|
||||
socket-activated = import ./socket-activated.nix { inherit system pkgs; };
|
||||
storage = import ./storage.nix { inherit system pkgs; };
|
||||
ui = import ./ui.nix { inherit system pkgs; };
|
||||
virtual-machine = handleTestOn [ "x86_64-linux" ] ./virtual-machine.nix { inherit system pkgs; };
|
||||
incusd-options = import ./incusd-options.nix { inherit incus system pkgs; };
|
||||
lxd-to-incus = import ./lxd-to-incus.nix { inherit incus system pkgs; };
|
||||
openvswitch = import ./openvswitch.nix { inherit incus system pkgs; };
|
||||
socket-activated = import ./socket-activated.nix { inherit incus system pkgs; };
|
||||
storage = import ./storage.nix { inherit incus system pkgs; };
|
||||
ui = import ./ui.nix { inherit incus system pkgs; };
|
||||
virtual-machine = handleTestOn [ "x86_64-linux" ] ./virtual-machine.nix {
|
||||
inherit incus system pkgs;
|
||||
};
|
||||
}
|
||||
|
@ -1,7 +1,12 @@
|
||||
# this is a set of tests for non-default options. typically the default options
|
||||
# will be handled by the other tests
|
||||
import ../make-test-python.nix (
|
||||
{ pkgs, lib, ... }:
|
||||
{
|
||||
pkgs,
|
||||
lib,
|
||||
incus ? pkgs.incus-lts,
|
||||
...
|
||||
}:
|
||||
|
||||
let
|
||||
releases = import ../../release.nix {
|
||||
@ -29,6 +34,7 @@ import ../make-test-python.nix (
|
||||
|
||||
incus = {
|
||||
enable = true;
|
||||
package = incus;
|
||||
softDaemonRestart = false;
|
||||
|
||||
preseed = {
|
||||
|
@ -1,6 +1,11 @@
|
||||
import ../make-test-python.nix (
|
||||
|
||||
{ pkgs, lib, ... }:
|
||||
{
|
||||
pkgs,
|
||||
lib,
|
||||
incus ? pkgs.incus-lts,
|
||||
...
|
||||
}:
|
||||
|
||||
let
|
||||
releases = import ../../release.nix { configuration.documentation.enable = lib.mkForce false; };
|
||||
@ -65,7 +70,10 @@ import ../make-test-python.nix (
|
||||
];
|
||||
};
|
||||
|
||||
incus.enable = true;
|
||||
incus = {
|
||||
enable = true;
|
||||
package = incus;
|
||||
};
|
||||
};
|
||||
networking.nftables.enable = true;
|
||||
};
|
||||
|
@ -1,4 +1,4 @@
|
||||
import ../make-test-python.nix ({ pkgs, lib, ... } :
|
||||
import ../make-test-python.nix ({ pkgs, lib, incus ? pkgs.incus-lts, ... } :
|
||||
|
||||
{
|
||||
name = "incus-openvswitch";
|
||||
@ -9,7 +9,11 @@ import ../make-test-python.nix ({ pkgs, lib, ... } :
|
||||
|
||||
nodes.machine = { lib, ... }: {
|
||||
virtualisation = {
|
||||
incus.enable = true;
|
||||
incus = {
|
||||
enable = true;
|
||||
package = incus;
|
||||
};
|
||||
|
||||
vswitch.enable = true;
|
||||
incus.preseed = {
|
||||
networks = [
|
||||
|
@ -1,4 +1,4 @@
|
||||
import ../make-test-python.nix ({ pkgs, lib, ... } :
|
||||
import ../make-test-python.nix ({ pkgs, lib, incus ? pkgs.incus-lts, ... } :
|
||||
|
||||
{
|
||||
name = "incus-socket-activated";
|
||||
@ -9,8 +9,11 @@ import ../make-test-python.nix ({ pkgs, lib, ... } :
|
||||
|
||||
nodes.machine = { lib, ... }: {
|
||||
virtualisation = {
|
||||
incus.enable = true;
|
||||
incus.socketActivation = true;
|
||||
incus = {
|
||||
enable = true;
|
||||
package = incus;
|
||||
socketActivation = true;
|
||||
};
|
||||
};
|
||||
networking.nftables.enable = true;
|
||||
};
|
||||
|
@ -1,5 +1,10 @@
|
||||
import ../make-test-python.nix (
|
||||
{ pkgs, lib, ... }:
|
||||
{
|
||||
pkgs,
|
||||
lib,
|
||||
incus ? pkgs.incus-lts,
|
||||
...
|
||||
}:
|
||||
|
||||
{
|
||||
name = "incus-storage";
|
||||
@ -19,7 +24,10 @@ import ../make-test-python.nix (
|
||||
|
||||
virtualisation = {
|
||||
emptyDiskImages = [ 2048 ];
|
||||
incus.enable = true;
|
||||
incus = {
|
||||
enable = true;
|
||||
package = incus;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
import ../make-test-python.nix ({ pkgs, lib, ... }: {
|
||||
import ../make-test-python.nix ({ pkgs, lib, incus ? pkgs.incus-lts, ... }: {
|
||||
name = "incus-ui";
|
||||
|
||||
meta = {
|
||||
@ -7,7 +7,10 @@ import ../make-test-python.nix ({ pkgs, lib, ... }: {
|
||||
|
||||
nodes.machine = { lib, ... }: {
|
||||
virtualisation = {
|
||||
incus.enable = true;
|
||||
incus = {
|
||||
enable = true;
|
||||
package = incus;
|
||||
};
|
||||
incus.ui.enable = true;
|
||||
};
|
||||
networking.nftables.enable = true;
|
||||
|
@ -1,4 +1,4 @@
|
||||
import ../make-test-python.nix ({ pkgs, lib, ... }:
|
||||
import ../make-test-python.nix ({ pkgs, lib, incus ? pkgs.incus-lts, ... }:
|
||||
|
||||
let
|
||||
releases = import ../../release.nix {
|
||||
@ -33,7 +33,10 @@ in
|
||||
# Provide a TPM to test vTPM support for guests
|
||||
tpm.enable = true;
|
||||
|
||||
incus.enable = true;
|
||||
incus = {
|
||||
enable = true;
|
||||
package = incus;
|
||||
};
|
||||
};
|
||||
networking.nftables.enable = true;
|
||||
};
|
||||
|
@ -1,16 +1,20 @@
|
||||
{ system ? builtins.currentSystem
|
||||
, pkgs ? import ../../.. { inherit system; }
|
||||
, lib ? pkgs.lib
|
||||
{
|
||||
system ? builtins.currentSystem,
|
||||
pkgs ? import ../../.. { inherit system; },
|
||||
lib ? pkgs.lib,
|
||||
}:
|
||||
let
|
||||
allK3s = lib.filterAttrs (n: _: lib.strings.hasPrefix "k3s_" n) pkgs;
|
||||
in
|
||||
{
|
||||
# Testing K3s with Etcd backend
|
||||
etcd = lib.mapAttrs (_: k3s: import ./etcd.nix {
|
||||
inherit system pkgs k3s;
|
||||
inherit (pkgs) etcd;
|
||||
}) allK3s;
|
||||
etcd = lib.mapAttrs (
|
||||
_: k3s:
|
||||
import ./etcd.nix {
|
||||
inherit system pkgs k3s;
|
||||
inherit (pkgs) etcd;
|
||||
}
|
||||
) allK3s;
|
||||
# Run a single node k3s cluster and verify a pod can run
|
||||
single-node = lib.mapAttrs (_: k3s: import ./single-node.nix { inherit system pkgs k3s; }) allK3s;
|
||||
# Run a multi-node k3s cluster and verify pod networking works across nodes
|
||||
|
@ -1,100 +1,130 @@
|
||||
import ../make-test-python.nix ({ pkgs, lib, k3s, etcd, ... }:
|
||||
import ../make-test-python.nix (
|
||||
{
|
||||
pkgs,
|
||||
lib,
|
||||
k3s,
|
||||
etcd,
|
||||
...
|
||||
}:
|
||||
|
||||
{
|
||||
name = "${k3s.name}-etcd";
|
||||
{
|
||||
name = "${k3s.name}-etcd";
|
||||
|
||||
nodes = {
|
||||
nodes = {
|
||||
|
||||
etcd = { ... }: {
|
||||
services.etcd = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
listenClientUrls = [ "http://192.168.1.1:2379" "http://127.0.0.1:2379" ];
|
||||
listenPeerUrls = [ "http://192.168.1.1:2380" ];
|
||||
initialAdvertisePeerUrls = [ "http://192.168.1.1:2380" ];
|
||||
initialCluster = [ "etcd=http://192.168.1.1:2380" ];
|
||||
};
|
||||
networking = {
|
||||
useDHCP = false;
|
||||
defaultGateway = "192.168.1.1";
|
||||
interfaces.eth1.ipv4.addresses = pkgs.lib.mkForce [
|
||||
{ address = "192.168.1.1"; prefixLength = 24; }
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
k3s = { pkgs, ... }: {
|
||||
environment.systemPackages = with pkgs; [ jq ];
|
||||
# k3s uses enough resources the default vm fails.
|
||||
virtualisation.memorySize = 1536;
|
||||
virtualisation.diskSize = 4096;
|
||||
|
||||
services.k3s = {
|
||||
enable = true;
|
||||
role = "server";
|
||||
extraFlags = builtins.toString [
|
||||
"--datastore-endpoint=\"http://192.168.1.1:2379\""
|
||||
"--disable" "coredns"
|
||||
"--disable" "local-storage"
|
||||
"--disable" "metrics-server"
|
||||
"--disable" "servicelb"
|
||||
"--disable" "traefik"
|
||||
"--node-ip" "192.168.1.2"
|
||||
];
|
||||
};
|
||||
|
||||
networking = {
|
||||
firewall = {
|
||||
allowedTCPPorts = [ 2379 2380 6443 ];
|
||||
allowedUDPPorts = [ 8472 ];
|
||||
etcd =
|
||||
{ ... }:
|
||||
{
|
||||
services.etcd = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
listenClientUrls = [
|
||||
"http://192.168.1.1:2379"
|
||||
"http://127.0.0.1:2379"
|
||||
];
|
||||
listenPeerUrls = [ "http://192.168.1.1:2380" ];
|
||||
initialAdvertisePeerUrls = [ "http://192.168.1.1:2380" ];
|
||||
initialCluster = [ "etcd=http://192.168.1.1:2380" ];
|
||||
};
|
||||
networking = {
|
||||
useDHCP = false;
|
||||
defaultGateway = "192.168.1.1";
|
||||
interfaces.eth1.ipv4.addresses = pkgs.lib.mkForce [
|
||||
{
|
||||
address = "192.168.1.1";
|
||||
prefixLength = 24;
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
k3s =
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
environment.systemPackages = with pkgs; [ jq ];
|
||||
# k3s uses enough resources the default vm fails.
|
||||
virtualisation.memorySize = 1536;
|
||||
virtualisation.diskSize = 4096;
|
||||
|
||||
services.k3s = {
|
||||
enable = true;
|
||||
role = "server";
|
||||
extraFlags = builtins.toString [
|
||||
"--datastore-endpoint=\"http://192.168.1.1:2379\""
|
||||
"--disable"
|
||||
"coredns"
|
||||
"--disable"
|
||||
"local-storage"
|
||||
"--disable"
|
||||
"metrics-server"
|
||||
"--disable"
|
||||
"servicelb"
|
||||
"--disable"
|
||||
"traefik"
|
||||
"--node-ip"
|
||||
"192.168.1.2"
|
||||
];
|
||||
};
|
||||
|
||||
networking = {
|
||||
firewall = {
|
||||
allowedTCPPorts = [
|
||||
2379
|
||||
2380
|
||||
6443
|
||||
];
|
||||
allowedUDPPorts = [ 8472 ];
|
||||
};
|
||||
useDHCP = false;
|
||||
defaultGateway = "192.168.1.2";
|
||||
interfaces.eth1.ipv4.addresses = pkgs.lib.mkForce [
|
||||
{
|
||||
address = "192.168.1.2";
|
||||
prefixLength = 24;
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
useDHCP = false;
|
||||
defaultGateway = "192.168.1.2";
|
||||
interfaces.eth1.ipv4.addresses = pkgs.lib.mkForce [
|
||||
{ address = "192.168.1.2"; prefixLength = 24; }
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
};
|
||||
testScript = ''
|
||||
with subtest("should start etcd"):
|
||||
etcd.start()
|
||||
etcd.wait_for_unit("etcd.service")
|
||||
|
||||
testScript = ''
|
||||
with subtest("should start etcd"):
|
||||
etcd.start()
|
||||
etcd.wait_for_unit("etcd.service")
|
||||
with subtest("should wait for etcdctl endpoint status to succeed"):
|
||||
etcd.wait_until_succeeds("etcdctl endpoint status")
|
||||
|
||||
with subtest("should wait for etcdctl endpoint status to succeed"):
|
||||
etcd.wait_until_succeeds("etcdctl endpoint status")
|
||||
with subtest("should start k3s"):
|
||||
k3s.start()
|
||||
k3s.wait_for_unit("k3s")
|
||||
|
||||
with subtest("should start k3s"):
|
||||
k3s.start()
|
||||
k3s.wait_for_unit("k3s")
|
||||
with subtest("should test if kubectl works"):
|
||||
k3s.wait_until_succeeds("k3s kubectl get node")
|
||||
|
||||
with subtest("should test if kubectl works"):
|
||||
k3s.wait_until_succeeds("k3s kubectl get node")
|
||||
with subtest("should wait for service account to show up; takes a sec"):
|
||||
k3s.wait_until_succeeds("k3s kubectl get serviceaccount default")
|
||||
|
||||
with subtest("should wait for service account to show up; takes a sec"):
|
||||
k3s.wait_until_succeeds("k3s kubectl get serviceaccount default")
|
||||
with subtest("should create a sample secret object"):
|
||||
k3s.succeed("k3s kubectl create secret generic nixossecret --from-literal thesecret=abacadabra")
|
||||
|
||||
with subtest("should create a sample secret object"):
|
||||
k3s.succeed("k3s kubectl create secret generic nixossecret --from-literal thesecret=abacadabra")
|
||||
with subtest("should check if secret is correct"):
|
||||
k3s.wait_until_succeeds("[[ $(kubectl get secrets nixossecret -o json | jq -r .data.thesecret | base64 -d) == abacadabra ]]")
|
||||
|
||||
with subtest("should check if secret is correct"):
|
||||
k3s.wait_until_succeeds("[[ $(kubectl get secrets nixossecret -o json | jq -r .data.thesecret | base64 -d) == abacadabra ]]")
|
||||
with subtest("should have a secret in database"):
|
||||
etcd.wait_until_succeeds("[[ $(etcdctl get /registry/secrets/default/nixossecret | head -c1 | wc -c) -ne 0 ]]")
|
||||
|
||||
with subtest("should have a secret in database"):
|
||||
etcd.wait_until_succeeds("[[ $(etcdctl get /registry/secrets/default/nixossecret | head -c1 | wc -c) -ne 0 ]]")
|
||||
with subtest("should delete the secret"):
|
||||
k3s.succeed("k3s kubectl delete secret nixossecret")
|
||||
|
||||
with subtest("should delete the secret"):
|
||||
k3s.succeed("k3s kubectl delete secret nixossecret")
|
||||
with subtest("should not have a secret in database"):
|
||||
etcd.wait_until_fails("[[ $(etcdctl get /registry/secrets/default/nixossecret | head -c1 | wc -c) -ne 0 ]]")
|
||||
|
||||
with subtest("should not have a secret in database"):
|
||||
etcd.wait_until_fails("[[ $(etcdctl get /registry/secrets/default/nixossecret | head -c1 | wc -c) -ne 0 ]]")
|
||||
with subtest("should shutdown k3s and etcd"):
|
||||
k3s.shutdown()
|
||||
etcd.shutdown()
|
||||
'';
|
||||
|
||||
with subtest("should shutdown k3s and etcd"):
|
||||
k3s.shutdown()
|
||||
etcd.shutdown()
|
||||
'';
|
||||
|
||||
meta.maintainers = etcd.meta.maintainers ++ k3s.meta.maintainers;
|
||||
})
|
||||
meta.maintainers = etcd.meta.maintainers ++ k3s.meta.maintainers;
|
||||
}
|
||||
)
|
||||
|
@ -1,14 +1,30 @@
|
||||
import ../make-test-python.nix ({ pkgs, lib, k3s, ... }:
|
||||
import ../make-test-python.nix (
|
||||
{
|
||||
pkgs,
|
||||
lib,
|
||||
k3s,
|
||||
...
|
||||
}:
|
||||
let
|
||||
imageEnv = pkgs.buildEnv {
|
||||
name = "k3s-pause-image-env";
|
||||
paths = with pkgs; [ tini bashInteractive coreutils socat ];
|
||||
paths = with pkgs; [
|
||||
tini
|
||||
bashInteractive
|
||||
coreutils
|
||||
socat
|
||||
];
|
||||
};
|
||||
pauseImage = pkgs.dockerTools.streamLayeredImage {
|
||||
name = "test.local/pause";
|
||||
tag = "local";
|
||||
contents = imageEnv;
|
||||
config.Entrypoint = [ "/bin/tini" "--" "/bin/sleep" "inf" ];
|
||||
config.Entrypoint = [
|
||||
"/bin/tini"
|
||||
"--"
|
||||
"/bin/sleep"
|
||||
"inf"
|
||||
];
|
||||
};
|
||||
# A daemonset that responds 'server' on port 8000
|
||||
networkTestDaemonset = pkgs.writeText "test.yml" ''
|
||||
@ -42,90 +58,135 @@ import ../make-test-python.nix ({ pkgs, lib, k3s, ... }:
|
||||
name = "${k3s.name}-multi-node";
|
||||
|
||||
nodes = {
|
||||
server = { pkgs, ... }: {
|
||||
environment.systemPackages = with pkgs; [ gzip jq ];
|
||||
# k3s uses enough resources the default vm fails.
|
||||
virtualisation.memorySize = 1536;
|
||||
virtualisation.diskSize = 4096;
|
||||
server =
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
environment.systemPackages = with pkgs; [
|
||||
gzip
|
||||
jq
|
||||
];
|
||||
# k3s uses enough resources the default vm fails.
|
||||
virtualisation.memorySize = 1536;
|
||||
virtualisation.diskSize = 4096;
|
||||
|
||||
services.k3s = {
|
||||
inherit tokenFile;
|
||||
enable = true;
|
||||
role = "server";
|
||||
package = k3s;
|
||||
clusterInit = true;
|
||||
extraFlags = builtins.toString [
|
||||
"--disable" "coredns"
|
||||
"--disable" "local-storage"
|
||||
"--disable" "metrics-server"
|
||||
"--disable" "servicelb"
|
||||
"--disable" "traefik"
|
||||
"--node-ip" "192.168.1.1"
|
||||
"--pause-image" "test.local/pause:local"
|
||||
services.k3s = {
|
||||
inherit tokenFile;
|
||||
enable = true;
|
||||
role = "server";
|
||||
package = k3s;
|
||||
clusterInit = true;
|
||||
extraFlags = builtins.toString [
|
||||
"--disable"
|
||||
"coredns"
|
||||
"--disable"
|
||||
"local-storage"
|
||||
"--disable"
|
||||
"metrics-server"
|
||||
"--disable"
|
||||
"servicelb"
|
||||
"--disable"
|
||||
"traefik"
|
||||
"--node-ip"
|
||||
"192.168.1.1"
|
||||
"--pause-image"
|
||||
"test.local/pause:local"
|
||||
];
|
||||
};
|
||||
networking.firewall.allowedTCPPorts = [
|
||||
2379
|
||||
2380
|
||||
6443
|
||||
];
|
||||
networking.firewall.allowedUDPPorts = [ 8472 ];
|
||||
networking.firewall.trustedInterfaces = [ "flannel.1" ];
|
||||
networking.useDHCP = false;
|
||||
networking.defaultGateway = "192.168.1.1";
|
||||
networking.interfaces.eth1.ipv4.addresses = pkgs.lib.mkForce [
|
||||
{
|
||||
address = "192.168.1.1";
|
||||
prefixLength = 24;
|
||||
}
|
||||
];
|
||||
};
|
||||
networking.firewall.allowedTCPPorts = [ 2379 2380 6443 ];
|
||||
networking.firewall.allowedUDPPorts = [ 8472 ];
|
||||
networking.firewall.trustedInterfaces = [ "flannel.1" ];
|
||||
networking.useDHCP = false;
|
||||
networking.defaultGateway = "192.168.1.1";
|
||||
networking.interfaces.eth1.ipv4.addresses = pkgs.lib.mkForce [
|
||||
{ address = "192.168.1.1"; prefixLength = 24; }
|
||||
];
|
||||
};
|
||||
|
||||
server2 = { pkgs, ... }: {
|
||||
environment.systemPackages = with pkgs; [ gzip jq ];
|
||||
virtualisation.memorySize = 1536;
|
||||
virtualisation.diskSize = 4096;
|
||||
server2 =
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
environment.systemPackages = with pkgs; [
|
||||
gzip
|
||||
jq
|
||||
];
|
||||
virtualisation.memorySize = 1536;
|
||||
virtualisation.diskSize = 4096;
|
||||
|
||||
services.k3s = {
|
||||
inherit tokenFile;
|
||||
enable = true;
|
||||
serverAddr = "https://192.168.1.1:6443";
|
||||
clusterInit = false;
|
||||
extraFlags = builtins.toString [
|
||||
"--disable" "coredns"
|
||||
"--disable" "local-storage"
|
||||
"--disable" "metrics-server"
|
||||
"--disable" "servicelb"
|
||||
"--disable" "traefik"
|
||||
"--node-ip" "192.168.1.3"
|
||||
"--pause-image" "test.local/pause:local"
|
||||
services.k3s = {
|
||||
inherit tokenFile;
|
||||
enable = true;
|
||||
serverAddr = "https://192.168.1.1:6443";
|
||||
clusterInit = false;
|
||||
extraFlags = builtins.toString [
|
||||
"--disable"
|
||||
"coredns"
|
||||
"--disable"
|
||||
"local-storage"
|
||||
"--disable"
|
||||
"metrics-server"
|
||||
"--disable"
|
||||
"servicelb"
|
||||
"--disable"
|
||||
"traefik"
|
||||
"--node-ip"
|
||||
"192.168.1.3"
|
||||
"--pause-image"
|
||||
"test.local/pause:local"
|
||||
];
|
||||
};
|
||||
networking.firewall.allowedTCPPorts = [
|
||||
2379
|
||||
2380
|
||||
6443
|
||||
];
|
||||
networking.firewall.allowedUDPPorts = [ 8472 ];
|
||||
networking.firewall.trustedInterfaces = [ "flannel.1" ];
|
||||
networking.useDHCP = false;
|
||||
networking.defaultGateway = "192.168.1.3";
|
||||
networking.interfaces.eth1.ipv4.addresses = pkgs.lib.mkForce [
|
||||
{
|
||||
address = "192.168.1.3";
|
||||
prefixLength = 24;
|
||||
}
|
||||
];
|
||||
};
|
||||
networking.firewall.allowedTCPPorts = [ 2379 2380 6443 ];
|
||||
networking.firewall.allowedUDPPorts = [ 8472 ];
|
||||
networking.firewall.trustedInterfaces = [ "flannel.1" ];
|
||||
networking.useDHCP = false;
|
||||
networking.defaultGateway = "192.168.1.3";
|
||||
networking.interfaces.eth1.ipv4.addresses = pkgs.lib.mkForce [
|
||||
{ address = "192.168.1.3"; prefixLength = 24; }
|
||||
];
|
||||
};
|
||||
|
||||
agent = { pkgs, ... }: {
|
||||
virtualisation.memorySize = 1024;
|
||||
virtualisation.diskSize = 2048;
|
||||
services.k3s = {
|
||||
inherit tokenFile;
|
||||
enable = true;
|
||||
role = "agent";
|
||||
serverAddr = "https://192.168.1.3:6443";
|
||||
extraFlags = lib.concatStringsSep " " [
|
||||
"--pause-image" "test.local/pause:local"
|
||||
"--node-ip" "192.168.1.2"
|
||||
agent =
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
virtualisation.memorySize = 1024;
|
||||
virtualisation.diskSize = 2048;
|
||||
services.k3s = {
|
||||
inherit tokenFile;
|
||||
enable = true;
|
||||
role = "agent";
|
||||
serverAddr = "https://192.168.1.3:6443";
|
||||
extraFlags = lib.concatStringsSep " " [
|
||||
"--pause-image"
|
||||
"test.local/pause:local"
|
||||
"--node-ip"
|
||||
"192.168.1.2"
|
||||
];
|
||||
};
|
||||
networking.firewall.allowedTCPPorts = [ 6443 ];
|
||||
networking.firewall.allowedUDPPorts = [ 8472 ];
|
||||
networking.firewall.trustedInterfaces = [ "flannel.1" ];
|
||||
networking.useDHCP = false;
|
||||
networking.defaultGateway = "192.168.1.2";
|
||||
networking.interfaces.eth1.ipv4.addresses = pkgs.lib.mkForce [
|
||||
{
|
||||
address = "192.168.1.2";
|
||||
prefixLength = 24;
|
||||
}
|
||||
];
|
||||
};
|
||||
networking.firewall.allowedTCPPorts = [ 6443 ];
|
||||
networking.firewall.allowedUDPPorts = [ 8472 ];
|
||||
networking.firewall.trustedInterfaces = [ "flannel.1" ];
|
||||
networking.useDHCP = false;
|
||||
networking.defaultGateway = "192.168.1.2";
|
||||
networking.interfaces.eth1.ipv4.addresses = pkgs.lib.mkForce [
|
||||
{ address = "192.168.1.2"; prefixLength = 24; }
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
meta.maintainers = k3s.meta.maintainers;
|
||||
@ -178,4 +239,5 @@ import ../make-test-python.nix ({ pkgs, lib, k3s, ... }:
|
||||
for m in machines:
|
||||
m.shutdown()
|
||||
'';
|
||||
})
|
||||
}
|
||||
)
|
||||
|
@ -1,14 +1,29 @@
|
||||
import ../make-test-python.nix ({ pkgs, lib, k3s, ... }:
|
||||
import ../make-test-python.nix (
|
||||
{
|
||||
pkgs,
|
||||
lib,
|
||||
k3s,
|
||||
...
|
||||
}:
|
||||
let
|
||||
imageEnv = pkgs.buildEnv {
|
||||
name = "k3s-pause-image-env";
|
||||
paths = with pkgs; [ tini (hiPrio coreutils) busybox ];
|
||||
paths = with pkgs; [
|
||||
tini
|
||||
(hiPrio coreutils)
|
||||
busybox
|
||||
];
|
||||
};
|
||||
pauseImage = pkgs.dockerTools.streamLayeredImage {
|
||||
name = "test.local/pause";
|
||||
tag = "local";
|
||||
contents = imageEnv;
|
||||
config.Entrypoint = [ "/bin/tini" "--" "/bin/sleep" "inf" ];
|
||||
config.Entrypoint = [
|
||||
"/bin/tini"
|
||||
"--"
|
||||
"/bin/sleep"
|
||||
"inf"
|
||||
];
|
||||
};
|
||||
testPodYaml = pkgs.writeText "test.yml" ''
|
||||
apiVersion: v1
|
||||
@ -27,69 +42,83 @@ import ../make-test-python.nix ({ pkgs, lib, k3s, ... }:
|
||||
name = "${k3s.name}-single-node";
|
||||
meta.maintainers = k3s.meta.maintainers;
|
||||
|
||||
nodes.machine = { pkgs, ... }: {
|
||||
environment.systemPackages = with pkgs; [ k3s gzip ];
|
||||
nodes.machine =
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
environment.systemPackages = with pkgs; [
|
||||
k3s
|
||||
gzip
|
||||
];
|
||||
|
||||
# k3s uses enough resources the default vm fails.
|
||||
virtualisation.memorySize = 1536;
|
||||
virtualisation.diskSize = 4096;
|
||||
# k3s uses enough resources the default vm fails.
|
||||
virtualisation.memorySize = 1536;
|
||||
virtualisation.diskSize = 4096;
|
||||
|
||||
services.k3s.enable = true;
|
||||
services.k3s.role = "server";
|
||||
services.k3s.package = k3s;
|
||||
# Slightly reduce resource usage
|
||||
services.k3s.extraFlags = builtins.toString [
|
||||
"--disable" "coredns"
|
||||
"--disable" "local-storage"
|
||||
"--disable" "metrics-server"
|
||||
"--disable" "servicelb"
|
||||
"--disable" "traefik"
|
||||
"--pause-image" "test.local/pause:local"
|
||||
];
|
||||
services.k3s.enable = true;
|
||||
services.k3s.role = "server";
|
||||
services.k3s.package = k3s;
|
||||
# Slightly reduce resource usage
|
||||
services.k3s.extraFlags = builtins.toString [
|
||||
"--disable"
|
||||
"coredns"
|
||||
"--disable"
|
||||
"local-storage"
|
||||
"--disable"
|
||||
"metrics-server"
|
||||
"--disable"
|
||||
"servicelb"
|
||||
"--disable"
|
||||
"traefik"
|
||||
"--pause-image"
|
||||
"test.local/pause:local"
|
||||
];
|
||||
|
||||
users.users = {
|
||||
noprivs = {
|
||||
isNormalUser = true;
|
||||
description = "Can't access k3s by default";
|
||||
password = "*";
|
||||
users.users = {
|
||||
noprivs = {
|
||||
isNormalUser = true;
|
||||
description = "Can't access k3s by default";
|
||||
password = "*";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
start_all()
|
||||
testScript =
|
||||
''
|
||||
start_all()
|
||||
|
||||
machine.wait_for_unit("k3s")
|
||||
machine.succeed("kubectl cluster-info")
|
||||
machine.fail("sudo -u noprivs kubectl cluster-info")
|
||||
machine.wait_for_unit("k3s")
|
||||
machine.succeed("kubectl cluster-info")
|
||||
machine.fail("sudo -u noprivs kubectl cluster-info")
|
||||
'' # Fix-Me: Tests fail for 'aarch64-linux' as: "CONFIG_CGROUP_FREEZER: missing (fail)"
|
||||
+ lib.optionalString (!pkgs.stdenv.isAarch64) ''machine.succeed("k3s check-config")'' + ''
|
||||
+ lib.optionalString (!pkgs.stdenv.isAarch64) ''machine.succeed("k3s check-config")''
|
||||
+ ''
|
||||
|
||||
machine.succeed(
|
||||
"${pauseImage} | ctr image import -"
|
||||
)
|
||||
machine.succeed(
|
||||
"${pauseImage} | ctr image import -"
|
||||
)
|
||||
|
||||
# Also wait for our service account to show up; it takes a sec
|
||||
machine.wait_until_succeeds("kubectl get serviceaccount default")
|
||||
machine.succeed("kubectl apply -f ${testPodYaml}")
|
||||
machine.succeed("kubectl wait --for 'condition=Ready' pod/test")
|
||||
machine.succeed("kubectl delete -f ${testPodYaml}")
|
||||
# Also wait for our service account to show up; it takes a sec
|
||||
machine.wait_until_succeeds("kubectl get serviceaccount default")
|
||||
machine.succeed("kubectl apply -f ${testPodYaml}")
|
||||
machine.succeed("kubectl wait --for 'condition=Ready' pod/test")
|
||||
machine.succeed("kubectl delete -f ${testPodYaml}")
|
||||
|
||||
# regression test for #176445
|
||||
machine.fail("journalctl -o cat -u k3s.service | grep 'ipset utility not found'")
|
||||
# regression test for #176445
|
||||
machine.fail("journalctl -o cat -u k3s.service | grep 'ipset utility not found'")
|
||||
|
||||
with subtest("Run k3s-killall"):
|
||||
# Call the killall script with a clean path to assert that
|
||||
# all required commands are wrapped
|
||||
output = machine.succeed("PATH= ${k3s}/bin/k3s-killall.sh 2>&1 | tee /dev/stderr")
|
||||
assert "command not found" not in output, "killall script contains unknown command"
|
||||
with subtest("Run k3s-killall"):
|
||||
# Call the killall script with a clean path to assert that
|
||||
# all required commands are wrapped
|
||||
output = machine.succeed("PATH= ${k3s}/bin/k3s-killall.sh 2>&1 | tee /dev/stderr")
|
||||
assert "command not found" not in output, "killall script contains unknown command"
|
||||
|
||||
# Check that killall cleaned up properly
|
||||
machine.fail("systemctl is-active k3s.service")
|
||||
machine.fail("systemctl list-units | grep containerd")
|
||||
machine.fail("ip link show | awk -F': ' '{print $2}' | grep -e flannel -e cni0")
|
||||
machine.fail("ip netns show | grep cni-")
|
||||
# Check that killall cleaned up properly
|
||||
machine.fail("systemctl is-active k3s.service")
|
||||
machine.fail("systemctl list-units | grep containerd")
|
||||
machine.fail("ip link show | awk -F': ' '{print $2}' | grep -e flannel -e cni0")
|
||||
machine.fail("ip netns show | grep cni-")
|
||||
|
||||
machine.shutdown()
|
||||
'';
|
||||
})
|
||||
machine.shutdown()
|
||||
'';
|
||||
}
|
||||
)
|
||||
|
@ -27,5 +27,9 @@
|
||||
pretalx.wait_for_unit("pretalx-worker.service")
|
||||
|
||||
pretalx.wait_until_succeeds("curl -q --fail http://talks.local/orga/")
|
||||
|
||||
pretalx.succeed("pretalx-manage --help")
|
||||
|
||||
pretalx.log(pretalx.succeed("systemd-analyze security pretalx-web.service"))
|
||||
'';
|
||||
}
|
||||
|
@ -2205,8 +2205,8 @@ let
|
||||
mktplcRef = {
|
||||
name = "Ionide-fsharp";
|
||||
publisher = "Ionide";
|
||||
version = "7.18.2";
|
||||
hash = "sha256-CEeTLiZktp5YzCRxDXa+s8W9N971iQla/FyCr8Co0SQ=";
|
||||
version = "7.19.1";
|
||||
hash = "sha256-QyGt3q00IEXw6YNvx7pFhLS1s44aeiB/U0m3Ow1UdlM=";
|
||||
};
|
||||
meta = {
|
||||
changelog = "https://marketplace.visualstudio.com/items/Ionide.Ionide-fsharp/changelog";
|
||||
|
@ -30,21 +30,21 @@ let
|
||||
archive_fmt = if stdenv.isDarwin then "zip" else "tar.gz";
|
||||
|
||||
sha256 = {
|
||||
x86_64-linux = "0hy1ppv7wzyy581k3skmckaas0lwkx5l6w4hk1ml5f2cpkkxhq5w";
|
||||
x86_64-darwin = "1mybfp2hg93wp3iwgwgkh84gcaj1vgs3gkmgb5yp38jhwxj5wrhk";
|
||||
aarch64-linux = "16d0qqm7fm1bm58n7n2cscs619mbxr0bbglgz3prr2cmr7bwmx87";
|
||||
aarch64-darwin = "1pp668rf5a06rdb8fd06ajrzxp02z7v6lmr3y77i5n2hs5xnpm0b";
|
||||
armv7l-linux = "1cqhlm64gw08rn45ryizx1vypyybsrm9v8piapym5clwswbaxqs5";
|
||||
x86_64-linux = "1zfh48g6prjhjcyrz5impsnm6khw7s75k8k54bp0cszl81ddsysx";
|
||||
x86_64-darwin = "1w5fzq8dmzrs2ggxvcbcs03psxxi1dbzx5l0jn52szi1g5y3daxi";
|
||||
aarch64-linux = "0rs4zzddfpwbf86cjl4r65cxccs4ypz1s7lw98vq0j8pfx8vkgqi";
|
||||
aarch64-darwin = "0gha1b6q3k57yrbp7qrrknlbbbbhcjd6slbyrzlwjcz1ddvs7c8s";
|
||||
armv7l-linux = "01s1vxbmg3zp47kwlsjr781v6c51l5bcpf9pc91id0qcrhax703k";
|
||||
}.${system} or throwSystem;
|
||||
in
|
||||
callPackage ./generic.nix rec {
|
||||
# Please backport all compatible updates to the stable release.
|
||||
# This is important for the extension ecosystem.
|
||||
version = "1.89.0";
|
||||
version = "1.89.1";
|
||||
pname = "vscode" + lib.optionalString isInsiders "-insiders";
|
||||
|
||||
# This is used for VS Code - Remote SSH test
|
||||
rev = "b58957e67ee1e712cebf466b995adf4c5307b2bd";
|
||||
rev = "dc96b837cf6bb4af9cd736aa3af08cf8279f7685";
|
||||
|
||||
executableName = "code" + lib.optionalString isInsiders "-insiders";
|
||||
longName = "Visual Studio Code" + lib.optionalString isInsiders " - Insiders";
|
||||
@ -68,7 +68,7 @@ in
|
||||
src = fetchurl {
|
||||
name = "vscode-server-${rev}.tar.gz";
|
||||
url = "https://update.code.visualstudio.com/commit:${rev}/server-linux-x64/stable";
|
||||
sha256 = "17563d413czlqpy3921gq5ja7mi3lgb8yjgvsqfn3fkaj70gr1hq";
|
||||
sha256 = "05gvq96vw69lb8ip8pfd9g43j8kvfwlrdmm11b41fpdafhi45f89";
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -46,13 +46,13 @@ let
|
||||
|
||||
in stdenv.mkDerivation rec {
|
||||
pname = "cemu";
|
||||
version = "2.0-80";
|
||||
version = "2.0-82";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "cemu-project";
|
||||
repo = "Cemu";
|
||||
rev = "v${version}";
|
||||
hash = "sha256-uNGRiotitt+fWpJFCno04XiCSD1p38QEqw042Bq/IGc=";
|
||||
hash = "sha256-rmlkit7ZNUM0ErqoclivfBHolV0tRWyToLmsvoTslbI=";
|
||||
};
|
||||
|
||||
patches = [
|
||||
|
@ -29,13 +29,13 @@
|
||||
|
||||
stdenv.mkDerivation (finalAttrs: {
|
||||
pname = "vengi-tools";
|
||||
version = "0.0.30";
|
||||
version = "0.0.31";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "mgerhardy";
|
||||
repo = "vengi";
|
||||
rev = "v${finalAttrs.version}";
|
||||
hash = "sha256-Qdjwop92udrPiczMInhvRUMn9uZu6iBMAWzqDWySy94=";
|
||||
hash = "sha256-0ta7rBWc4qUqsKDU/KSzx2x+fF2GVw77lQvRgt4bkpI=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
@ -8,16 +8,16 @@
|
||||
|
||||
rustPlatform.buildRustPackage rec {
|
||||
pname = "cotp";
|
||||
version = "1.6.0";
|
||||
version = "1.6.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "replydev";
|
||||
repo = "cotp";
|
||||
rev = "v${version}";
|
||||
hash = "sha256-X3o3KgTHnhekdiSFdrCwLOrd0HKvCd8Z5jR2WpY1D6Q=";
|
||||
hash = "sha256-QWx42uSjN6Dev5JTa8vPTXOxr8qw5kerLepTWhJTb1I=";
|
||||
};
|
||||
|
||||
cargoHash = "sha256-zaVNfgWXqHQaogGTaR1eE5u3gYU9SQ0nk0VO7NL5mvg=";
|
||||
cargoHash = "sha256-5PUVg08D8cZdUIt1A9wjpi9bc/XsB9P7S6L8M054MCg=";
|
||||
|
||||
buildInputs = lib.optionals stdenv.isLinux [ libxcb ]
|
||||
++ lib.optionals stdenv.isDarwin [ AppKit ];
|
||||
|
@ -23,12 +23,12 @@ let
|
||||
|
||||
in stdenv.mkDerivation rec {
|
||||
pname = "k40-whisperer";
|
||||
version = "0.67";
|
||||
version = "0.68";
|
||||
|
||||
src = fetchzip {
|
||||
url = "https://www.scorchworks.com/K40whisperer/K40_Whisperer-${version}_src.zip";
|
||||
stripRoot = true;
|
||||
sha256 = "sha256-jyny5uNZ5eL4AV47uAgOhBe4Zqg8GK3e86Z9gZbC68s=";
|
||||
sha256 = "sha256-Pc6iqBQUoI0dsrf+2dA1ZbxX+4Eks/lVgMGC4SR+oFI=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ makeWrapper ];
|
||||
|
@ -16,13 +16,13 @@
|
||||
|
||||
python3Packages.buildPythonApplication rec {
|
||||
pname = "nwg-panel";
|
||||
version = "0.9.27";
|
||||
version = "0.9.31";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "nwg-piotr";
|
||||
repo = "nwg-panel";
|
||||
rev = "refs/tags/v${version}";
|
||||
hash = "sha256-GCaqFqoZ7lfyE3VD3Dgz8jVt9TtUq3XVzVeI6g3SO5E=";
|
||||
hash = "sha256-g3O+jWLwMBNfk0vAi/wq/YnGTAIscDJH2QV7bequyNU=";
|
||||
};
|
||||
|
||||
# No tests
|
||||
|
@ -3,6 +3,7 @@
|
||||
python3Packages.buildPythonApplication rec {
|
||||
pname = "rmview";
|
||||
version = "3.1.3";
|
||||
pyproject = true;
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "bordaigorl";
|
||||
@ -11,7 +12,7 @@ python3Packages.buildPythonApplication rec {
|
||||
sha256 = "sha256-V26zmu8cQkLs0IMR7eFO8x34McnT3xYyzlZfntApYkk=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = with python3Packages; [ pyqt5 wrapQtAppsHook ];
|
||||
nativeBuildInputs = with python3Packages; [ pyqt5 setuptools wrapQtAppsHook ];
|
||||
propagatedBuildInputs = with python3Packages; [ pyqt5 paramiko twisted pyjwt pyopenssl service-identity sshtunnel ];
|
||||
|
||||
preBuild = ''
|
||||
|
@ -241,8 +241,26 @@ let
|
||||
./patches/cross-compile.patch
|
||||
# Optional patch to use SOURCE_DATE_EPOCH in compute_build_timestamp.py (should be upstreamed):
|
||||
./patches/no-build-timestamps.patch
|
||||
# For bundling Widevine (DRM), might be replaceable via bundle_widevine_cdm=true in gnFlags:
|
||||
./patches/widevine-79.patch
|
||||
] ++ lib.optionals (packageName == "chromium") [
|
||||
# This patch is limited to chromium and ungoogled-chromium because electron-source sets
|
||||
# enable_widevine to false.
|
||||
#
|
||||
# The patch disables the automatic Widevine download (component) that happens at runtime
|
||||
# completely (~/.config/chromium/WidevineCdm/). This would happen if chromium encounters DRM
|
||||
# protected content or when manually opening chrome://components.
|
||||
#
|
||||
# It also prevents previously downloaded Widevine blobs in that location from being loaded and
|
||||
# used at all, while still allowing the use of our -wv wrapper. This is because those old
|
||||
# versions are out of out our control and may be vulnerable, given we literally disable their
|
||||
# auto updater.
|
||||
#
|
||||
# bundle_widevine_cdm is available as gn flag, but we cannot use it, as it expects a bunch of
|
||||
# files Widevine files at configure/compile phase that we don't have. Changing the value of the
|
||||
# BUNDLE_WIDEVINE_CDM build flag does work in the way we want though.
|
||||
# We also need enable_widevine_cdm_component to be false. Unfortunately it isn't exposed as gn
|
||||
# flag (declare_args) so we simply hardcode it to false.
|
||||
./patches/widevine-disable-auto-download-allow-bundle.patch
|
||||
] ++ [
|
||||
# Required to fix the build with a more recent wayland-protocols version
|
||||
# (we currently package 1.26 in Nixpkgs while Chromium bundles 1.21):
|
||||
# Source: https://bugs.chromium.org/p/angleproject/issues/detail?id=7582#c1
|
||||
@ -418,10 +436,11 @@ let
|
||||
# Feature overrides:
|
||||
# Native Client support was deprecated in 2020 and support will end in June 2021:
|
||||
enable_nacl = false;
|
||||
# Enabling the Widevine component here doesn't affect whether we can
|
||||
# redistribute the chromium package; the Widevine component is either
|
||||
# added later in the wrapped -wv build or downloaded from Google:
|
||||
} // lib.optionalAttrs (packageName == "chromium") {
|
||||
# Enabling the Widevine here doesn't affect whether we can redistribute the chromium package.
|
||||
# Widevine in this drv is a bit more complex than just that. See Widevine patch somewhere above.
|
||||
enable_widevine = true;
|
||||
} // {
|
||||
# Provides the enable-webrtc-pipewire-capturer flag to support Wayland screen capture:
|
||||
rtc_use_pipewire = true;
|
||||
# Disable PGO because the profile data requires a newer compiler version (LLVM 14 isn't sufficient):
|
||||
|
@ -1,13 +0,0 @@
|
||||
diff --git a/third_party/widevine/cdm/BUILD.gn b/third_party/widevine/cdm/BUILD.gn
|
||||
index ed0e2f5208b..5b431a030d5 100644
|
||||
--- a/third_party/widevine/cdm/BUILD.gn
|
||||
+++ b/third_party/widevine/cdm/BUILD.gn
|
||||
@@ -14,7 +14,7 @@ buildflag_header("buildflags") {
|
||||
|
||||
flags = [
|
||||
"ENABLE_WIDEVINE=$enable_widevine",
|
||||
- "BUNDLE_WIDEVINE_CDM=$bundle_widevine_cdm",
|
||||
+ "BUNDLE_WIDEVINE_CDM=true",
|
||||
"ENABLE_WIDEVINE_CDM_COMPONENT=$enable_widevine_cdm_component",
|
||||
]
|
||||
}
|
@ -0,0 +1,27 @@
|
||||
diff --git a/third_party/widevine/cdm/BUILD.gn b/third_party/widevine/cdm/BUILD.gn
|
||||
index 525693b6c10ab..245491e137d39 100644
|
||||
--- a/third_party/widevine/cdm/BUILD.gn
|
||||
+++ b/third_party/widevine/cdm/BUILD.gn
|
||||
@@ -22,7 +22,7 @@ buildflag_header("buildflags") {
|
||||
|
||||
flags = [
|
||||
"ENABLE_WIDEVINE=$enable_widevine",
|
||||
- "BUNDLE_WIDEVINE_CDM=$bundle_widevine_cdm",
|
||||
+ "BUNDLE_WIDEVINE_CDM=true",
|
||||
"ENABLE_WIDEVINE_CDM_COMPONENT=$enable_widevine_cdm_component",
|
||||
"ENABLE_MEDIA_FOUNDATION_WIDEVINE_CDM=$enable_media_foundation_widevine_cdm",
|
||||
]
|
||||
diff --git a/third_party/widevine/cdm/widevine.gni b/third_party/widevine/cdm/widevine.gni
|
||||
index 58f073ca562ca..4b242c2618dfb 100644
|
||||
--- a/third_party/widevine/cdm/widevine.gni
|
||||
+++ b/third_party/widevine/cdm/widevine.gni
|
||||
@@ -41,8 +41,7 @@ enable_library_widevine_cdm =
|
||||
# Widevine CDM can be deployed as a component. Currently only supported on
|
||||
# desktop platforms. The CDM can be bundled regardless whether
|
||||
# it's a component. See below.
|
||||
-enable_widevine_cdm_component =
|
||||
- enable_library_widevine_cdm && (is_win || is_mac || is_linux || is_chromeos)
|
||||
+enable_widevine_cdm_component = false
|
||||
|
||||
# Enable (Windows) Media Foundation Widevine CDM component.
|
||||
declare_args() {
|
@ -1,11 +1,11 @@
|
||||
{
|
||||
stable = {
|
||||
chromedriver = {
|
||||
hash_darwin = "sha256-4MZwD2jgjOrBTtkjxW0XH+lZfP8wj7Z6eg7LwFziCPU=";
|
||||
hash_darwin = "sha256-jnWmH6MzqZzzIAblvJFv5jKFJ2LILyGy+eOqb6sWmWc=";
|
||||
hash_darwin_aarch64 =
|
||||
"sha256-P9qi8rR8DW+WOT+ev2EgA93StnGrBiIHu2UbkEhS+0M=";
|
||||
hash_linux = "sha256-eudgRu3OMuTBTeX8zrm6ShgmjcsNhzaBYEAP/4n1SJk=";
|
||||
version = "124.0.6367.155";
|
||||
"sha256-FO0kncAPj/cBwlGN2RdFGR7Bn5pKzTRlf2IQ422mm5c=";
|
||||
hash_linux = "sha256-3khPV+WPcYHrlGNFXhmRrja2+wWsr77BVgHLbSe0IF8=";
|
||||
version = "124.0.6367.201";
|
||||
};
|
||||
deps = {
|
||||
gn = {
|
||||
@ -15,9 +15,9 @@
|
||||
version = "2024-03-14";
|
||||
};
|
||||
};
|
||||
hash = "sha256-Qv1xYofY4Tgj+WT1a8ehOo7R52CwZz2vCK9MDSnjmsg=";
|
||||
hash_deb_amd64 = "sha256-lFG5l3K2Yo1BYbXS9bK+9gWx6JxFrPxpT+zI7dBXQ6E=";
|
||||
version = "124.0.6367.155";
|
||||
hash = "sha256-nSI+tkJxOedMtYgtiqW37v0ZjgxxU5o/0sH9bPAchBg=";
|
||||
hash_deb_amd64 = "sha256-RvQdpDmWRcsASh1b8M0Zg+AvZprE5qhi14shfo0WlfE=";
|
||||
version = "124.0.6367.201";
|
||||
};
|
||||
ungoogled-chromium = {
|
||||
deps = {
|
||||
@ -28,12 +28,12 @@
|
||||
version = "2024-03-14";
|
||||
};
|
||||
ungoogled-patches = {
|
||||
hash = "sha256-RS6flauUQjd+NPqUIppwlgtjOKxJa5+OTnL4aI3gRcs=";
|
||||
rev = "124.0.6367.155-1";
|
||||
hash = "sha256-fy4SydGRRyDhJZ7IADG54+rGWh2i+2SrSkuCglphhm8=";
|
||||
rev = "124.0.6367.201-1";
|
||||
};
|
||||
};
|
||||
hash = "sha256-Qv1xYofY4Tgj+WT1a8ehOo7R52CwZz2vCK9MDSnjmsg=";
|
||||
hash_deb_amd64 = "sha256-lFG5l3K2Yo1BYbXS9bK+9gWx6JxFrPxpT+zI7dBXQ6E=";
|
||||
version = "124.0.6367.155";
|
||||
hash = "sha256-nSI+tkJxOedMtYgtiqW37v0ZjgxxU5o/0sH9bPAchBg=";
|
||||
hash_deb_amd64 = "sha256-RvQdpDmWRcsASh1b8M0Zg+AvZprE5qhi14shfo0WlfE=";
|
||||
version = "124.0.6367.201";
|
||||
};
|
||||
}
|
||||
|
@ -1,63 +0,0 @@
|
||||
{ lib
|
||||
, stdenv
|
||||
, fetchhg
|
||||
, autoreconfHook
|
||||
, fltk
|
||||
, libXcursor
|
||||
, libXi
|
||||
, libXinerama
|
||||
, libjpeg
|
||||
, libpng
|
||||
, mbedtls_2
|
||||
, openssl
|
||||
, perl
|
||||
, pkg-config
|
||||
, which
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation {
|
||||
pname = "dillo";
|
||||
version = "unstable-2021-02-09";
|
||||
|
||||
src = fetchhg {
|
||||
url = "https://hg.sr.ht/~seirdy/dillo-mirror";
|
||||
rev = "67b70f024568b505633524be61fcfbde5337849f";
|
||||
sha256 = "sha256-lbn5u9oEL0zt9yBhznBS9Dz9/6kSwRDJeNXKEojty1g=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
autoreconfHook
|
||||
pkg-config
|
||||
which
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
fltk
|
||||
libXcursor
|
||||
libXi
|
||||
libXinerama
|
||||
libjpeg
|
||||
libpng
|
||||
mbedtls_2
|
||||
openssl
|
||||
perl
|
||||
];
|
||||
|
||||
# Workaround build failure on -fno-common toolchains:
|
||||
# ld: main.o:/build/dillo-3.0.5/dpid/dpid.h:64: multiple definition of `sock_set';
|
||||
# dpid.o:/build/dillo-3.0.5/dpid/dpid.h:64: first defined here
|
||||
env.NIX_CFLAGS_COMPILE = "-fcommon";
|
||||
|
||||
configureFlags = [ "--enable-ssl=yes" ];
|
||||
|
||||
meta = with lib; {
|
||||
homepage = "https://hg.sr.ht/~seirdy/dillo-mirror";
|
||||
description = "A fast graphical web browser with a small footprint";
|
||||
longDescription = ''
|
||||
Dillo is a small, fast web browser, tailored for older machines.
|
||||
'';
|
||||
maintainers = [ maintainers.AndersonTorres ];
|
||||
platforms = platforms.linux;
|
||||
license = licenses.gpl3Plus;
|
||||
};
|
||||
}
|
@ -7,13 +7,13 @@
|
||||
|
||||
buildGoModule rec {
|
||||
pname = "arkade";
|
||||
version = "0.11.10";
|
||||
version = "0.11.11";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "alexellis";
|
||||
repo = "arkade";
|
||||
rev = version;
|
||||
hash = "sha256-Uw+/pVhbGYjFTcrh90Gstu5KddlkXKuzL2lbQ7CFLGs=";
|
||||
hash = "sha256-Pevsq/u6sI00k874PiAVwzgTqzzja1D2zsfebIFJv/0=";
|
||||
};
|
||||
|
||||
CGO_ENABLED = 0;
|
||||
|
@ -1,10 +1,10 @@
|
||||
{
|
||||
traefik-crd = {
|
||||
url = "https://k3s.io/k3s-charts/assets/traefik-crd/traefik-crd-25.0.2+up25.0.0.tgz";
|
||||
sha256 = "0jygzsn5pxzf7423x5iqfffgx5xvm7c7hfck46y7vpv1fdkiipcq";
|
||||
};
|
||||
traefik = {
|
||||
url = "https://k3s.io/k3s-charts/assets/traefik/traefik-25.0.2+up25.0.0.tgz";
|
||||
sha256 = "1g9n19lnqdkmbbr3rnbwc854awha0kqqfwyxanyx1lg5ww8ldp89";
|
||||
};
|
||||
traefik-crd = {
|
||||
url = "https://k3s.io/k3s-charts/assets/traefik-crd/traefik-crd-25.0.2+up25.0.0.tgz";
|
||||
sha256 = "0jygzsn5pxzf7423x5iqfffgx5xvm7c7hfck46y7vpv1fdkiipcq";
|
||||
};
|
||||
traefik = {
|
||||
url = "https://k3s.io/k3s-charts/assets/traefik/traefik-25.0.2+up25.0.0.tgz";
|
||||
sha256 = "1g9n19lnqdkmbbr3rnbwc854awha0kqqfwyxanyx1lg5ww8ldp89";
|
||||
};
|
||||
}
|
||||
|
@ -1,10 +1,10 @@
|
||||
{
|
||||
traefik-crd = {
|
||||
url = "https://k3s.io/k3s-charts/assets/traefik-crd/traefik-crd-25.0.3+up25.0.0.tgz";
|
||||
sha256 = "1z693i4kd3jyf26ccnb0sxjyxadipl6k13n7jyg5v4y93fv1rpdw";
|
||||
};
|
||||
traefik = {
|
||||
url = "https://k3s.io/k3s-charts/assets/traefik/traefik-25.0.3+up25.0.0.tgz";
|
||||
sha256 = "1a24qlp7c6iri72ka1i37l1lzn13xibrd26dy295z2wzr55gg7if";
|
||||
};
|
||||
traefik-crd = {
|
||||
url = "https://k3s.io/k3s-charts/assets/traefik-crd/traefik-crd-25.0.3+up25.0.0.tgz";
|
||||
sha256 = "1z693i4kd3jyf26ccnb0sxjyxadipl6k13n7jyg5v4y93fv1rpdw";
|
||||
};
|
||||
traefik = {
|
||||
url = "https://k3s.io/k3s-charts/assets/traefik/traefik-25.0.3+up25.0.0.tgz";
|
||||
sha256 = "1a24qlp7c6iri72ka1i37l1lzn13xibrd26dy295z2wzr55gg7if";
|
||||
};
|
||||
}
|
||||
|
@ -1,10 +1,10 @@
|
||||
{
|
||||
traefik-crd = {
|
||||
url = "https://k3s.io/k3s-charts/assets/traefik-crd/traefik-crd-25.0.3+up25.0.0.tgz";
|
||||
sha256 = "1z693i4kd3jyf26ccnb0sxjyxadipl6k13n7jyg5v4y93fv1rpdw";
|
||||
};
|
||||
traefik = {
|
||||
url = "https://k3s.io/k3s-charts/assets/traefik/traefik-25.0.3+up25.0.0.tgz";
|
||||
sha256 = "1a24qlp7c6iri72ka1i37l1lzn13xibrd26dy295z2wzr55gg7if";
|
||||
};
|
||||
traefik-crd = {
|
||||
url = "https://k3s.io/k3s-charts/assets/traefik-crd/traefik-crd-25.0.3+up25.0.0.tgz";
|
||||
sha256 = "1z693i4kd3jyf26ccnb0sxjyxadipl6k13n7jyg5v4y93fv1rpdw";
|
||||
};
|
||||
traefik = {
|
||||
url = "https://k3s.io/k3s-charts/assets/traefik/traefik-25.0.3+up25.0.0.tgz";
|
||||
sha256 = "1a24qlp7c6iri72ka1i37l1lzn13xibrd26dy295z2wzr55gg7if";
|
||||
};
|
||||
}
|
||||
|
@ -1,10 +1,10 @@
|
||||
{
|
||||
traefik-crd = {
|
||||
url = "https://k3s.io/k3s-charts/assets/traefik-crd/traefik-crd-25.0.3+up25.0.0.tgz";
|
||||
sha256 = "1z693i4kd3jyf26ccnb0sxjyxadipl6k13n7jyg5v4y93fv1rpdw";
|
||||
};
|
||||
traefik = {
|
||||
url = "https://k3s.io/k3s-charts/assets/traefik/traefik-25.0.3+up25.0.0.tgz";
|
||||
sha256 = "1a24qlp7c6iri72ka1i37l1lzn13xibrd26dy295z2wzr55gg7if";
|
||||
};
|
||||
traefik-crd = {
|
||||
url = "https://k3s.io/k3s-charts/assets/traefik-crd/traefik-crd-25.0.3+up25.0.0.tgz";
|
||||
sha256 = "1z693i4kd3jyf26ccnb0sxjyxadipl6k13n7jyg5v4y93fv1rpdw";
|
||||
};
|
||||
traefik = {
|
||||
url = "https://k3s.io/k3s-charts/assets/traefik/traefik-25.0.3+up25.0.0.tgz";
|
||||
sha256 = "1a24qlp7c6iri72ka1i37l1lzn13xibrd26dy295z2wzr55gg7if";
|
||||
};
|
||||
}
|
||||
|
@ -29,41 +29,42 @@ lib:
|
||||
# currently.
|
||||
# It is likely we will have to split out additional builders for additional
|
||||
# versions in the future, or customize this one further.
|
||||
{ lib
|
||||
, makeWrapper
|
||||
, socat
|
||||
, iptables
|
||||
, iproute2
|
||||
, ipset
|
||||
, bridge-utils
|
||||
, btrfs-progs
|
||||
, conntrack-tools
|
||||
, buildGoModule
|
||||
, runc
|
||||
, rsync
|
||||
, kmod
|
||||
, libseccomp
|
||||
, pkg-config
|
||||
, ethtool
|
||||
, util-linux
|
||||
, fetchFromGitHub
|
||||
, fetchurl
|
||||
, fetchzip
|
||||
, fetchgit
|
||||
, zstd
|
||||
, yq-go
|
||||
, sqlite
|
||||
, nixosTests
|
||||
, pkgsBuildBuild
|
||||
, go
|
||||
, runCommand
|
||||
, bash
|
||||
, procps
|
||||
, coreutils
|
||||
, gnugrep
|
||||
, findutils
|
||||
, gnused
|
||||
, systemd
|
||||
{
|
||||
lib,
|
||||
makeWrapper,
|
||||
socat,
|
||||
iptables,
|
||||
iproute2,
|
||||
ipset,
|
||||
bridge-utils,
|
||||
btrfs-progs,
|
||||
conntrack-tools,
|
||||
buildGoModule,
|
||||
runc,
|
||||
rsync,
|
||||
kmod,
|
||||
libseccomp,
|
||||
pkg-config,
|
||||
ethtool,
|
||||
util-linux,
|
||||
fetchFromGitHub,
|
||||
fetchurl,
|
||||
fetchzip,
|
||||
fetchgit,
|
||||
zstd,
|
||||
yq-go,
|
||||
sqlite,
|
||||
nixosTests,
|
||||
pkgsBuildBuild,
|
||||
go,
|
||||
runCommand,
|
||||
bash,
|
||||
procps,
|
||||
coreutils,
|
||||
gnugrep,
|
||||
findutils,
|
||||
gnused,
|
||||
systemd,
|
||||
}:
|
||||
|
||||
# k3s is a kinda weird derivation. One of the main points of k3s is the
|
||||
@ -91,7 +92,13 @@ let
|
||||
description = "A lightweight Kubernetes distribution";
|
||||
license = licenses.asl20;
|
||||
homepage = "https://k3s.io";
|
||||
maintainers = with maintainers; [ euank mic92 superherointj yajo ];
|
||||
maintainers = with maintainers; [
|
||||
euank
|
||||
mic92
|
||||
superherointj
|
||||
wrmilling
|
||||
yajo
|
||||
];
|
||||
platforms = platforms.linux;
|
||||
|
||||
# resolves collisions with other installations of kubectl, crictl, ctr
|
||||
@ -231,12 +238,19 @@ let
|
||||
vendorHash = k3sVendorHash;
|
||||
|
||||
nativeBuildInputs = [ pkg-config ];
|
||||
buildInputs = [ libseccomp sqlite.dev ];
|
||||
buildInputs = [
|
||||
libseccomp
|
||||
sqlite.dev
|
||||
];
|
||||
|
||||
subPackages = [ "cmd/server" ];
|
||||
ldflags = versionldflags;
|
||||
|
||||
tags = [ "ctrd" "libsqlite3" "linux" ];
|
||||
tags = [
|
||||
"ctrd"
|
||||
"libsqlite3"
|
||||
"linux"
|
||||
];
|
||||
|
||||
# create the multicall symlinks for k3s
|
||||
postInstall = ''
|
||||
@ -282,7 +296,11 @@ buildGoModule rec {
|
||||
pname = "k3s";
|
||||
version = k3sVersion;
|
||||
|
||||
tags = [ "libsqlite3" "linux" "ctrd" ];
|
||||
tags = [
|
||||
"libsqlite3"
|
||||
"linux"
|
||||
"ctrd"
|
||||
];
|
||||
src = k3sRepo;
|
||||
vendorHash = k3sVendorHash;
|
||||
|
||||
@ -400,15 +418,17 @@ buildGoModule rec {
|
||||
|
||||
passthru.updateScript = updateScript;
|
||||
|
||||
passthru.mkTests = version:
|
||||
let k3s_version = "k3s_" + lib.replaceStrings ["."] ["_"] (lib.versions.majorMinor version);
|
||||
in {
|
||||
passthru.mkTests =
|
||||
version:
|
||||
let
|
||||
k3s_version = "k3s_" + lib.replaceStrings [ "." ] [ "_" ] (lib.versions.majorMinor version);
|
||||
in
|
||||
{
|
||||
etcd = nixosTests.k3s.etcd.${k3s_version};
|
||||
single-node = nixosTests.k3s.single-node.${k3s_version};
|
||||
multi-node = nixosTests.k3s.multi-node.${k3s_version};
|
||||
};
|
||||
passthru.tests = passthru.mkTests k3sVersion;
|
||||
|
||||
|
||||
meta = baseMeta;
|
||||
}
|
||||
|
@ -12,22 +12,46 @@ let
|
||||
extraArgs = builtins.removeAttrs args [ "callPackage" ];
|
||||
in
|
||||
{
|
||||
k3s_1_26 = common ((import ./1_26/versions.nix) // {
|
||||
updateScript = [ ./update-script.sh "26" ];
|
||||
}) extraArgs;
|
||||
k3s_1_26 = common (
|
||||
(import ./1_26/versions.nix)
|
||||
// {
|
||||
updateScript = [
|
||||
./update-script.sh
|
||||
"26"
|
||||
];
|
||||
}
|
||||
) extraArgs;
|
||||
|
||||
# 1_27 can be built with the same builder as 1_26
|
||||
k3s_1_27 = common ((import ./1_27/versions.nix) // {
|
||||
updateScript = [ ./update-script.sh "27" ];
|
||||
}) extraArgs;
|
||||
k3s_1_27 = common (
|
||||
(import ./1_27/versions.nix)
|
||||
// {
|
||||
updateScript = [
|
||||
./update-script.sh
|
||||
"27"
|
||||
];
|
||||
}
|
||||
) extraArgs;
|
||||
|
||||
# 1_28 can be built with the same builder as 1_26
|
||||
k3s_1_28 = common ((import ./1_28/versions.nix) // {
|
||||
updateScript = [ ./update-script.sh "28" ];
|
||||
}) extraArgs;
|
||||
k3s_1_28 = common (
|
||||
(import ./1_28/versions.nix)
|
||||
// {
|
||||
updateScript = [
|
||||
./update-script.sh
|
||||
"28"
|
||||
];
|
||||
}
|
||||
) extraArgs;
|
||||
|
||||
# 1_29 can be built with the same builder as 1_26
|
||||
k3s_1_29 = common ((import ./1_29/versions.nix) // {
|
||||
updateScript = [ ./update-script.sh "29" ];
|
||||
}) extraArgs;
|
||||
k3s_1_29 = common (
|
||||
(import ./1_29/versions.nix)
|
||||
// {
|
||||
updateScript = [
|
||||
./update-script.sh
|
||||
"29"
|
||||
];
|
||||
}
|
||||
) extraArgs;
|
||||
}
|
||||
|
@ -57,14 +57,14 @@ CHARTS_URL=https://k3s.io/k3s-charts/assets
|
||||
rm -f chart-versions.nix.update
|
||||
cat > chart-versions.nix.update <<EOF
|
||||
{
|
||||
traefik-crd = {
|
||||
url = "${CHARTS_URL}/traefik-crd/${CHART_FILES[0]}";
|
||||
sha256 = "$(nix-prefetch-url --quiet "${CHARTS_URL}/traefik-crd/${CHART_FILES[0]}")";
|
||||
};
|
||||
traefik = {
|
||||
url = "${CHARTS_URL}/traefik/${CHART_FILES[1]}";
|
||||
sha256 = "$(nix-prefetch-url --quiet "${CHARTS_URL}/traefik/${CHART_FILES[1]}")";
|
||||
};
|
||||
traefik-crd = {
|
||||
url = "${CHARTS_URL}/traefik-crd/${CHART_FILES[0]}";
|
||||
sha256 = "$(nix-prefetch-url --quiet "${CHARTS_URL}/traefik-crd/${CHART_FILES[0]}")";
|
||||
};
|
||||
traefik = {
|
||||
url = "${CHARTS_URL}/traefik/${CHART_FILES[1]}";
|
||||
sha256 = "$(nix-prefetch-url --quiet "${CHARTS_URL}/traefik/${CHART_FILES[1]}")";
|
||||
};
|
||||
}
|
||||
EOF
|
||||
mv chart-versions.nix.update chart-versions.nix
|
||||
|
@ -2,7 +2,7 @@
|
||||
|
||||
(callPackage ./generic.nix { }) {
|
||||
channel = "edge";
|
||||
version = "24.4.5";
|
||||
sha256 = "0cxjilxsvbwahqh3wb3cw4z8fmq6lhxi531abrncs74kgasgcfam";
|
||||
vendorHash = "sha256-YxavLLYppV991AgFb2WaQDbqnsr3UfrvWefvkSf+W1Q=";
|
||||
version = "24.5.1";
|
||||
sha256 = "1l358gmivhpjyibcar8z4c3jlz6rwmlyzki71ar5j2k9irdjzqa3";
|
||||
vendorHash = "sha256-sLLgTZN7Zvxkf9J1omh/YGMBUgAtvQD+nbhSuR7/PZg=";
|
||||
}
|
||||
|
@ -158,7 +158,8 @@ stdenv.mkDerivation rec {
|
||||
|
||||
# Fix the desktop link
|
||||
substituteInPlace $out/share/applications/${pname}.desktop \
|
||||
--replace "/opt/${dir}/${pname}" $out/bin/${pname}
|
||||
--replace "/opt/${dir}/${pname}" $out/bin/${pname} \
|
||||
--replace-fail "StartupWMClass=Signal" "StartupWMClass=signal"
|
||||
|
||||
# Note: The following path contains bundled libraries:
|
||||
# $out/lib/${dir}/resources/app.asar.unpacked/node_modules/
|
||||
|
@ -4,7 +4,7 @@
|
||||
, pkg-config
|
||||
, gtk3
|
||||
, libconfig
|
||||
, libsoup
|
||||
, libsoup_3
|
||||
, libsecret
|
||||
, libayatana-appindicator
|
||||
, openssl
|
||||
@ -21,13 +21,13 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "srain";
|
||||
version = "1.6.0";
|
||||
version = "1.7.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "SrainApp";
|
||||
repo = "srain";
|
||||
rev = version;
|
||||
hash = "sha256-IGAb24aDeBXyxuyb/EWUetQZJg28GJLT0WK7ZmmHgyg=";
|
||||
hash = "sha256-mhnlHnF23+VZvSPNuTYYUVcA6Md4y2AGqEuJphY1/IY=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
@ -46,7 +46,7 @@ stdenv.mkDerivation rec {
|
||||
glib-networking
|
||||
dbus-glib
|
||||
libconfig
|
||||
libsoup
|
||||
libsoup_3
|
||||
libsecret
|
||||
libayatana-appindicator
|
||||
openssl
|
||||
|
@ -11,13 +11,13 @@
|
||||
|
||||
buildGoModule rec {
|
||||
pname = "trayscale";
|
||||
version = "0.12.0";
|
||||
version = "0.12.3";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "DeedleFake";
|
||||
repo = "trayscale";
|
||||
rev = "v${version}";
|
||||
hash = "sha256-GAK95XlRVGpoVcEmeFO3SddHpdn0qO7qs2IOj7qzRXQ=";
|
||||
hash = "sha256-2mGPbH74a9d1uhRGMSEfrzCnwjgdgbopu20K9/g6wg0=";
|
||||
};
|
||||
|
||||
vendorHash = "sha256-Iedd8WsJPAVQexRqDSLAmv7MAWc4IFQXHk6XpnStMps=";
|
||||
|
@ -5,12 +5,12 @@
|
||||
}:
|
||||
|
||||
let
|
||||
version = "6.7.6";
|
||||
version = "6.7.8";
|
||||
pname = "timeular";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://s3.amazonaws.com/timeular-desktop-packages/linux/production/Timeular-${version}.AppImage";
|
||||
hash = "sha256-wQUR2jLJi1peXqXJJj/72X9xNaD2DzNiB0mGFiaEWBE=";
|
||||
hash = "sha256-nMvbr2PQBWyrhY3mv/4wsdWPhNx5hLFaAp0Ey3nvp7g=";
|
||||
};
|
||||
|
||||
appimageContents = appimageTools.extractType2 {
|
||||
|
@ -30,13 +30,13 @@ assert (blas.isILP64 == arpack.isILP64);
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "octopus";
|
||||
version = "14.0";
|
||||
version = "14.1";
|
||||
|
||||
src = fetchFromGitLab {
|
||||
owner = "octopus-code";
|
||||
repo = "octopus";
|
||||
rev = version;
|
||||
sha256 = "sha256-wQ2I+10ZHLKamW3j6AUtq2KZVm6d29+JxYgwvBKz9DU=";
|
||||
sha256 = "sha256-8wZR+bYdxJFsUPMWbIGYxRdNzjLgHm+KFLjY7fSN7io=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
@ -15,13 +15,13 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "nvc";
|
||||
version = "1.12.0";
|
||||
version = "1.12.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "nickg";
|
||||
repo = "nvc";
|
||||
rev = "r${version}";
|
||||
hash = "sha256-7g4Ki5lhmX/13XCv0on1PgvEthCTfe9wh8EFjMcP1+c=";
|
||||
hash = "sha256-9ZbX2G4IR/SYSA4DOsTBIRrJeYublyrDUXT+V+KgaC0=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
@ -12,13 +12,13 @@
|
||||
|
||||
stdenv.mkDerivation (finalAttrs:{
|
||||
pname = "wxmaxima";
|
||||
version = "24.02.2";
|
||||
version = "24.05.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "wxMaxima-developers";
|
||||
repo = "wxmaxima";
|
||||
rev = "Version-${finalAttrs.version}";
|
||||
hash = "sha256-ewyg+ZhbRbPjJkYTZFuhbOWMDNZGW7ejmSv38zxcTsw=";
|
||||
hash = "sha256-pl3sO28HANL9F41aaJznxUsH2Y7W/FO82Rik2/ik2Ag=";
|
||||
};
|
||||
|
||||
buildInputs = [
|
||||
|
@ -6,16 +6,16 @@
|
||||
|
||||
buildGoModule rec {
|
||||
pname = "hut";
|
||||
version = "0.4.0";
|
||||
version = "0.5.0";
|
||||
|
||||
src = fetchFromSourcehut {
|
||||
owner = "~emersion";
|
||||
repo = "hut";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-9RSJ+SRXYBjdiuHScgFm5i0/Xi81pJfURPKAGCk+l04=";
|
||||
sha256 = "sha256-Gkxe9B48nwHOlqkgjMdFLBy7OiR7cwDDE3qLvWxJK+Y=";
|
||||
};
|
||||
|
||||
vendorHash = "sha256-OxnplvBx2sFctdNSVd0S0tgiRt5Yah3ga4mORT2Kz6U=";
|
||||
vendorHash = "sha256-OYXRQEP4ACkypXmrorf2ew18819DB38SsYOM0u0steg=";
|
||||
|
||||
nativeBuildInputs = [
|
||||
scdoc
|
||||
|
6892
pkgs/applications/version-management/radicle-cli/Cargo.lock
generated
6892
pkgs/applications/version-management/radicle-cli/Cargo.lock
generated
File diff suppressed because it is too large
Load Diff
@ -1,88 +0,0 @@
|
||||
{ lib
|
||||
, stdenv
|
||||
, fetchFromGitHub
|
||||
, rustPlatform
|
||||
, pkg-config
|
||||
, cmake
|
||||
, installShellFiles
|
||||
, asciidoctor
|
||||
, DarwinTools
|
||||
, openssl
|
||||
, libusb1
|
||||
, AppKit
|
||||
, git
|
||||
, openssh
|
||||
, testers
|
||||
, radicle-cli
|
||||
}:
|
||||
|
||||
rustPlatform.buildRustPackage rec {
|
||||
pname = "radicle-cli";
|
||||
version = "0.6.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "radicle-dev";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-LS6zYpMg0LanRL2M8ioGG8Ys07TPT/3hP7geEGehwxg=";
|
||||
};
|
||||
|
||||
cargoLock = {
|
||||
lockFile = ./Cargo.lock;
|
||||
outputHashes = {
|
||||
"automerge-0.0.2" = "sha256-MZ1/rca8ZsEUhd3bhd502PHlBbvqAOtnWFEdp7XWmYE=";
|
||||
"automerge-0.1.0" = "sha256-dwbmx3W13oZ1O0Uw3/D5Z0ht1BO1PmVVoWc/tLCm0/4=";
|
||||
"cob-0.1.0" = "sha256-ewPJEx7OSr8X6e5QJ4dh2SbzZ2TDa8G4zBR5euBbABo=";
|
||||
"libusb1-sys-0.6.2" = "sha256-577ld1xqJkHp2bqALNq5IuZivD8y+VO8vNy9Y+hfq6c=";
|
||||
"walletconnect-0.1.0" = "sha256-fdgdhotTYBmWbR4r0OMplOwhYq1C7jkuOdhKASjH+Fs=";
|
||||
};
|
||||
};
|
||||
|
||||
# Otherwise, there are errors due to the `abigen` macro from `ethers`.
|
||||
auditable = false;
|
||||
|
||||
nativeBuildInputs = [
|
||||
pkg-config
|
||||
cmake
|
||||
installShellFiles
|
||||
asciidoctor
|
||||
] ++ lib.optionals stdenv.hostPlatform.isDarwin [
|
||||
DarwinTools
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
openssl
|
||||
] ++ lib.optionals stdenv.hostPlatform.isDarwin [
|
||||
libusb1
|
||||
AppKit
|
||||
];
|
||||
|
||||
postInstall = ''
|
||||
for f in $(find . -name '*.adoc'); do
|
||||
mf=''${f%.*}
|
||||
asciidoctor --doctype manpage --backend manpage $f -o $mf
|
||||
installManPage $mf
|
||||
done
|
||||
'';
|
||||
|
||||
nativeCheckInputs = [
|
||||
git
|
||||
openssh
|
||||
];
|
||||
preCheck = ''
|
||||
eval $(ssh-agent)
|
||||
'';
|
||||
|
||||
passthru.tests = {
|
||||
version = testers.testVersion { package = radicle-cli; };
|
||||
};
|
||||
|
||||
meta = {
|
||||
description = "Command-line tooling for Radicle, a decentralized code collaboration network";
|
||||
homepage = "https://radicle.xyz";
|
||||
license = lib.licenses.gpl3Plus;
|
||||
maintainers = with lib.maintainers; [ amesgen ];
|
||||
platforms = lib.platforms.unix;
|
||||
mainProgram = "rad";
|
||||
};
|
||||
}
|
@ -1,82 +0,0 @@
|
||||
{ lib, stdenv, appimageTools, autoPatchelfHook, zlib, fetchurl, undmg, libgcc }:
|
||||
|
||||
let
|
||||
pname = "radicle-upstream";
|
||||
version = "0.3.0";
|
||||
|
||||
srcs = {
|
||||
x86_64-linux = fetchurl {
|
||||
url = "https://releases.radicle.xyz/radicle-upstream-${version}.AppImage";
|
||||
sha256 = "sha256-Y7V89G+nXRtknOukvBN8Q+sNx91YNPDT0p5hrFYe/Sk=";
|
||||
};
|
||||
x86_64-darwin = fetchurl {
|
||||
url = "https://releases.radicle.xyz/radicle-upstream-${version}.dmg";
|
||||
sha256 = "sha256-EuWGbn6qggi8/9Rci8iaXfuVKE+QXb1BHEYDvotR/q4=";
|
||||
};
|
||||
};
|
||||
src = srcs.${stdenv.hostPlatform.system} or (throw "unsupported system ${stdenv.hostPlatform.system}");
|
||||
|
||||
contents = appimageTools.extract { inherit pname version src; };
|
||||
|
||||
git-remote-rad = stdenv.mkDerivation rec {
|
||||
pname = "git-remote-rad";
|
||||
inherit version;
|
||||
src = contents;
|
||||
|
||||
nativeBuildInputs = [ autoPatchelfHook ];
|
||||
buildInputs = [ libgcc zlib ];
|
||||
|
||||
installPhase = ''
|
||||
mkdir -p $out/bin/
|
||||
install -Dm755 ${contents}/resources/git-remote-rad $out/bin/git-remote-rad
|
||||
'';
|
||||
};
|
||||
|
||||
# FIXME: a dependency of the `proxy` component of radicle-upstream (radicle-macros
|
||||
# v0.1.0) uses unstable rust features, making a from source build impossible at
|
||||
# this time. See this PR for discussion: https://github.com/NixOS/nixpkgs/pull/105674
|
||||
linux = appimageTools.wrapType2 {
|
||||
inherit pname version src meta;
|
||||
|
||||
extraInstallCommands = ''
|
||||
# this automatically adds the git-remote-rad binary to the users `PATH` so
|
||||
# they don't need to mess around with shell profiles...
|
||||
ln -s ${git-remote-rad}/bin/git-remote-rad $out/bin/git-remote-rad
|
||||
|
||||
# desktop item
|
||||
install -m 444 -D ${contents}/${pname}.desktop $out/share/applications/${pname}.desktop
|
||||
substituteInPlace $out/share/applications/${pname}.desktop \
|
||||
--replace 'Exec=AppRun' 'Exec=${pname}'
|
||||
|
||||
# icon
|
||||
install -m 444 -D ${contents}/${pname}.png \
|
||||
$out/share/icons/hicolor/512x512/apps/${pname}.png
|
||||
'';
|
||||
};
|
||||
|
||||
darwin = stdenv.mkDerivation {
|
||||
inherit pname version src meta;
|
||||
|
||||
nativeBuildInputs = [ undmg ];
|
||||
|
||||
sourceRoot = ".";
|
||||
|
||||
installPhase = ''
|
||||
mkdir -p $out/Applications
|
||||
cp -r *.app $out/Applications
|
||||
'';
|
||||
};
|
||||
|
||||
meta = with lib; {
|
||||
description = "A decentralized app for code collaboration";
|
||||
homepage = "https://radicle.xyz/";
|
||||
license = licenses.gpl3Plus;
|
||||
maintainers = with maintainers; [ d-xo ];
|
||||
platforms = [ "x86_64-linux" "x86_64-darwin" ];
|
||||
sourceProvenance = with sourceTypes; [ binaryNativeCode ];
|
||||
broken = stdenv.isLinux; # last successful build 2023-04-11
|
||||
};
|
||||
in
|
||||
if stdenv.isDarwin
|
||||
then darwin
|
||||
else linux
|
@ -41,20 +41,20 @@ let
|
||||
callPackage
|
||||
(import ./generic.nix rec {
|
||||
pname = "singularity-ce";
|
||||
version = "4.1.2";
|
||||
version = "4.1.3";
|
||||
projectName = "singularity";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "sylabs";
|
||||
repo = "singularity";
|
||||
rev = "refs/tags/v${version}";
|
||||
hash = "sha256-/KTDdkCMkZ5hO+VYHzw9vB8FDWxg7PS1yb2waRJQngY=";
|
||||
hash = "sha256-pR8zyMr23wcbDCXAysVEgGUDHkrfhLoVF3fjMLgZFYs=";
|
||||
};
|
||||
|
||||
# Update by running
|
||||
# nix-prefetch -E "{ sha256 }: ((import ./. { }).singularity.override { vendorHash = sha256; }).goModules"
|
||||
# at the root directory of the Nixpkgs repository
|
||||
vendorHash = "sha256-4Nxj2PzZmFdvouWKyXLFDk8iuRhFuvyPW/+VRTw75Zw=";
|
||||
vendorHash = "sha256-332GFL04aE6B6vxgtJJH4TeI6YJCDBpCClJ3sc5gN3A=";
|
||||
|
||||
# Do not build conmon and squashfuse from the Git submodule sources,
|
||||
# Use Nixpkgs provided version
|
||||
|
@ -4,6 +4,7 @@
|
||||
, pkg-config
|
||||
, makeWrapper
|
||||
, meson
|
||||
, cmake
|
||||
, ninja
|
||||
, binutils
|
||||
, cairo
|
||||
@ -21,15 +22,19 @@
|
||||
, mesa
|
||||
, pango
|
||||
, pciutils
|
||||
, python3
|
||||
, systemd
|
||||
, tomlplusplus
|
||||
, udis86-hyprland
|
||||
, wayland
|
||||
, wayland-protocols
|
||||
, wayland-scanner
|
||||
, wlroots-hyprland
|
||||
, xcbutilwm
|
||||
, xwayland
|
||||
, hwdata
|
||||
, seatd
|
||||
, libdisplay-info
|
||||
, libliftoff
|
||||
, xorg
|
||||
, debug ? false
|
||||
, enableXWayland ? true
|
||||
, legacyRenderer ? false
|
||||
@ -44,24 +49,17 @@ assert lib.assertMsg (!nvidiaPatches) "The option `nvidiaPatches` has been remov
|
||||
assert lib.assertMsg (!enableNvidiaPatches) "The option `enableNvidiaPatches` has been removed.";
|
||||
assert lib.assertMsg (!hidpiXWayland) "The option `hidpiXWayland` has been removed. Please refer https://wiki.hyprland.org/Configuring/XWayland";
|
||||
|
||||
let
|
||||
wlr = wlroots-hyprland.override { inherit enableXWayland; };
|
||||
in
|
||||
stdenv.mkDerivation (finalAttrs: {
|
||||
pname = "hyprland" + lib.optionalString debug "-debug";
|
||||
version = "0.39.1";
|
||||
src = fetchFromGitHub {
|
||||
owner = "hyprwm";
|
||||
repo = finalAttrs.pname;
|
||||
fetchSubmodules = true;
|
||||
rev = "v${finalAttrs.version}";
|
||||
hash = "sha256-Urb/njWiHYUudXpmK8EKl9Z58esTIG0PxXw5LuM2r5g=";
|
||||
hash = "sha256-7L5rqQRYH2iyyP5g3IdXJSlATfgnKhuYMf65E48MVKw=";
|
||||
};
|
||||
|
||||
patches = [
|
||||
# make meson use the provided dependencies instead of the git submodules
|
||||
"${finalAttrs.src}/nix/patches/meson-build.patch"
|
||||
];
|
||||
|
||||
postPatch = ''
|
||||
# Fix hardcoded paths to /usr installation
|
||||
sed -i "s#/usr#$out#" src/render/OpenGL.cpp
|
||||
@ -69,12 +67,12 @@ stdenv.mkDerivation (finalAttrs: {
|
||||
# Generate version.h
|
||||
cp src/version.h.in src/version.h
|
||||
substituteInPlace src/version.h \
|
||||
--replace "@HASH@" '${finalAttrs.src.rev}' \
|
||||
--replace "@BRANCH@" "" \
|
||||
--replace "@MESSAGE@" "" \
|
||||
--replace "@DATE@" "2024-04-16" \
|
||||
--replace "@TAG@" "" \
|
||||
--replace "@DIRTY@" ""
|
||||
--replace-fail "@HASH@" '${finalAttrs.src.rev}' \
|
||||
--replace-fail "@BRANCH@" "" \
|
||||
--replace-fail "@MESSAGE@" "" \
|
||||
--replace-fail "@DATE@" "2024-04-16" \
|
||||
--replace-fail "@TAG@" "" \
|
||||
--replace-fail "@DIRTY@" ""
|
||||
'';
|
||||
|
||||
depsBuildBuild = [
|
||||
@ -89,6 +87,8 @@ stdenv.mkDerivation (finalAttrs: {
|
||||
ninja
|
||||
pkg-config
|
||||
wayland-scanner
|
||||
cmake # for subproject udis86
|
||||
python3
|
||||
];
|
||||
|
||||
outputs = [
|
||||
@ -97,36 +97,40 @@ stdenv.mkDerivation (finalAttrs: {
|
||||
"dev"
|
||||
];
|
||||
|
||||
buildInputs =
|
||||
wlr.buildInputs ++ [
|
||||
cairo
|
||||
git
|
||||
hyprcursor
|
||||
hyprland-protocols
|
||||
hyprlang
|
||||
libGL
|
||||
libdrm
|
||||
libinput
|
||||
libxkbcommon
|
||||
mesa
|
||||
udis86-hyprland
|
||||
wayland
|
||||
wayland-protocols
|
||||
pango
|
||||
pciutils
|
||||
tomlplusplus
|
||||
wlr
|
||||
]
|
||||
++ lib.optionals stdenv.hostPlatform.isMusl [ libexecinfo ]
|
||||
++ lib.optionals enableXWayland [ libxcb xcbutilwm xwayland ]
|
||||
++ lib.optionals withSystemd [ systemd ];
|
||||
buildInputs = [
|
||||
cairo
|
||||
git
|
||||
hyprcursor
|
||||
hyprland-protocols
|
||||
hyprlang
|
||||
libGL
|
||||
libdrm
|
||||
libinput
|
||||
libxkbcommon
|
||||
mesa
|
||||
wayland
|
||||
wayland-protocols
|
||||
pango
|
||||
pciutils
|
||||
tomlplusplus
|
||||
# for subproject wlroots-hyprland
|
||||
hwdata
|
||||
seatd
|
||||
libliftoff
|
||||
libdisplay-info
|
||||
xorg.xcbutilerrors
|
||||
xorg.xcbutilrenderutil
|
||||
]
|
||||
++ lib.optionals stdenv.hostPlatform.isMusl [ libexecinfo ]
|
||||
++ lib.optionals enableXWayland [ libxcb xcbutilwm xwayland ]
|
||||
++ lib.optionals withSystemd [ systemd ];
|
||||
|
||||
mesonBuildType =
|
||||
if debug
|
||||
then "debug"
|
||||
else "release";
|
||||
|
||||
mesonAutoFeatures = "disabled";
|
||||
mesonAutoFeatures = "enabled";
|
||||
|
||||
mesonFlags = [
|
||||
(lib.mesonEnable "xwayland" enableXWayland)
|
||||
@ -135,7 +139,6 @@ stdenv.mkDerivation (finalAttrs: {
|
||||
];
|
||||
|
||||
postInstall = ''
|
||||
ln -s ${wlr}/include/wlr $dev/include/hyprland/wlroots
|
||||
${lib.optionalString wrapRuntimeDeps ''
|
||||
wrapProgram $out/bin/Hyprland \
|
||||
--suffix PATH : ${lib.makeBinPath [binutils pciutils stdenv.cc]}
|
||||
@ -150,6 +153,6 @@ stdenv.mkDerivation (finalAttrs: {
|
||||
license = licenses.bsd3;
|
||||
maintainers = with maintainers; [ wozeparrot fufexan ];
|
||||
mainProgram = "Hyprland";
|
||||
platforms = wlr.meta.platforms;
|
||||
platforms = lib.platforms.linux;
|
||||
};
|
||||
})
|
||||
|
@ -1,15 +0,0 @@
|
||||
{ udis86
|
||||
, fetchFromGitHub
|
||||
}:
|
||||
udis86.overrideAttrs (old: {
|
||||
version = "unstable-2022-10-13";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "canihavesomecoffee";
|
||||
repo = "udis86";
|
||||
rev = "5336633af70f3917760a6d441ff02d93477b0c86";
|
||||
hash = "sha256-HifdUQPGsKQKQprByeIznvRLONdOXeolOsU5nkwIv3g=";
|
||||
};
|
||||
|
||||
patches = [ ];
|
||||
})
|
@ -1,20 +0,0 @@
|
||||
{ fetchFromGitHub
|
||||
, wlroots
|
||||
, enableXWayland ? true
|
||||
}:
|
||||
wlroots.overrideAttrs
|
||||
(old: {
|
||||
inherit enableXWayland;
|
||||
version = "0.18.0-dev";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "hyprwm";
|
||||
repo = "wlroots-hyprland";
|
||||
rev = "611a4f24cd2384378f6e500253983107c6656c64";
|
||||
hash = "sha256-vPeZCY+sdiGsz4fl3AVVujfyZyQBz6+vZdkUE4hQ+HI=";
|
||||
};
|
||||
|
||||
patches = [ ]; # don't inherit old.patches
|
||||
|
||||
pname = "${old.pname}-hyprland";
|
||||
})
|
@ -156,9 +156,9 @@ stdenv.mkDerivation ((removeAttrs args [ "depsExtraArgs" "cargoUpdateHook" "carg
|
||||
# Platforms without host tools from
|
||||
# https://doc.rust-lang.org/nightly/rustc/platform-support.html
|
||||
"armv7a-darwin"
|
||||
"armv5tel-linux" "armv7a-linux" "m68k-linux" "mipsel-linux"
|
||||
"mips64el-linux" "riscv32-linux"
|
||||
"armv6l-netbsd"
|
||||
"armv5tel-linux" "armv7a-linux" "m68k-linux" "mips-linux"
|
||||
"mips64-linux" "mipsel-linux" "mips64el-linux" "riscv32-linux"
|
||||
"armv6l-netbsd" "mipsel-netbsd" "riscv64-netbsd"
|
||||
"x86_64-redox"
|
||||
"wasm32-wasi"
|
||||
];
|
||||
|
@ -18,10 +18,10 @@ stdenvNoCC.mkDerivation (finalAttrs: let
|
||||
};
|
||||
in {
|
||||
pname = "affine";
|
||||
version = "0.13.3";
|
||||
version = "0.14.3";
|
||||
src = fetchurl {
|
||||
url = "https://github.com/toeverything/AFFiNE/releases/download/v${finalAttrs.version}/affine-${finalAttrs.version}-stable-linux-x64.zip";
|
||||
hash = "sha256-w/5X7PFLHVILg1XCYkGefBQ4c+Ko+ME0Lu8iAtCaTFg=";
|
||||
hash = "sha256-/dKvRr0cH9mLF1y6FGFRDlsFXaymEmb55AZ37Ti0PU4=";
|
||||
};
|
||||
nativeBuildInputs = [
|
||||
copyDesktopItems
|
||||
|
@ -9,11 +9,11 @@
|
||||
|
||||
stdenvNoCC.mkDerivation (finalAttrs: {
|
||||
pname = "arc-browser";
|
||||
version = "1.41.0-49440";
|
||||
version = "1.42.0-49714";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://releases.arc.net/release/Arc-${finalAttrs.version}.dmg";
|
||||
hash = "sha256-+3XK94LX2UBof7cUpVzc4DTyp9xMH2v5n7LQD4gdANA=";
|
||||
hash = "sha256-fPb4g9rGJqeXuO2ytSo/8r0RB/h/EYa763JAFNqIPY8=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ undmg ];
|
||||
|
52
pkgs/by-name/ar/aribb24/package.nix
Normal file
52
pkgs/by-name/ar/aribb24/package.nix
Normal file
@ -0,0 +1,52 @@
|
||||
{
|
||||
lib,
|
||||
stdenv,
|
||||
fetchFromGitLab,
|
||||
testers,
|
||||
gitUpdater,
|
||||
autoconf,
|
||||
automake,
|
||||
libtool,
|
||||
pkg-config,
|
||||
libpng,
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation (finalAttrs: {
|
||||
pname = "aribb24";
|
||||
version = "1.0.4";
|
||||
|
||||
src = fetchFromGitLab {
|
||||
domain = "code.videolan.org";
|
||||
owner = "jeeb";
|
||||
repo = "aribb24";
|
||||
rev = "v${finalAttrs.version}";
|
||||
hash = "sha256-hq3LnLACZfV+E76ZDEHGlN51fS6AqFnNReE3JlWcv9M=";
|
||||
};
|
||||
|
||||
buildInputs = [
|
||||
libpng
|
||||
];
|
||||
|
||||
nativeBuildInputs = [
|
||||
autoconf
|
||||
automake
|
||||
libtool
|
||||
pkg-config
|
||||
];
|
||||
|
||||
preConfigure = "autoreconf --install";
|
||||
|
||||
passthru = {
|
||||
updateScript = gitUpdater { rev-prefix = "v"; };
|
||||
tests.pkg-config = testers.testMetaPkgConfig finalAttrs.finalPackage;
|
||||
};
|
||||
|
||||
meta = with lib; {
|
||||
description = "A library for ARIB STD-B24, decoding JIS 8 bit characters and parsing MPEG-TS stream";
|
||||
homepage = "https://code.videolan.org/jeeb/aribb24/";
|
||||
license = licenses.lgpl3Plus;
|
||||
pkgConfigModules = [ "aribb24" ];
|
||||
platforms = platforms.unix;
|
||||
maintainers = with maintainers; [ jopejoe1 ];
|
||||
};
|
||||
})
|
@ -14,13 +14,13 @@ let
|
||||
in
|
||||
buildNpmPackage rec {
|
||||
pname = "blockbench";
|
||||
version = "4.9.4";
|
||||
version = "4.10.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "JannisX11";
|
||||
repo = "blockbench";
|
||||
rev = "v${version}";
|
||||
hash = "sha256-z4hr1pQh7Jp/DB8+pxwuHvi4gvTHHVn0yrruwnXm2iM=";
|
||||
hash = "sha256-pycRC+ZpN2P5Z66/aGA4gykLF7IwdeToRadaJSA1L9w=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
@ -29,7 +29,7 @@ buildNpmPackage rec {
|
||||
copyDesktopItems
|
||||
];
|
||||
|
||||
npmDepsHash = "sha256-onfz+J77jNIgdc7ALiyoXt1CdTyX/C7+bKwtpJm+H+I=";
|
||||
npmDepsHash = "sha256-CHZdCiewkmToDHhTTvOqQfWrphOw1oGLgwSRRH3YFWE=";
|
||||
|
||||
env.ELECTRON_SKIP_BINARY_DOWNLOAD = 1;
|
||||
|
||||
|
75
pkgs/by-name/bt/btrfs-auto-snapshot/package.nix
Normal file
75
pkgs/by-name/bt/btrfs-auto-snapshot/package.nix
Normal file
@ -0,0 +1,75 @@
|
||||
{
|
||||
lib,
|
||||
stdenv,
|
||||
fetchFromGitHub,
|
||||
makeWrapper,
|
||||
coreutils,
|
||||
getopt,
|
||||
gnugrep,
|
||||
gnused,
|
||||
gawk,
|
||||
btrfs-progs,
|
||||
syslogSupport ? true,
|
||||
util-linux ? null,
|
||||
}:
|
||||
assert syslogSupport -> util-linux != null;
|
||||
stdenv.mkDerivation rec {
|
||||
version = "2.0.4";
|
||||
pname = "btrfs-auto-snapshot";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "hunleyd";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
hash = "sha256-QpuwkGaYAkpu5hYyb360Mr5tHsZc2LzMlKtpS8CyyhI=";
|
||||
};
|
||||
|
||||
dontBuild = true;
|
||||
|
||||
nativeBuildInputs = [ makeWrapper ];
|
||||
|
||||
installPhase = ''
|
||||
install -Dm755 btrfs-auto-snapshot $out/bin/btrfs-auto-snapshot
|
||||
'';
|
||||
|
||||
wrapperPath =
|
||||
with lib;
|
||||
makeBinPath (
|
||||
[
|
||||
coreutils
|
||||
getopt
|
||||
gnugrep
|
||||
gnused
|
||||
gawk
|
||||
btrfs-progs
|
||||
]
|
||||
++ optional syslogSupport util-linux
|
||||
);
|
||||
|
||||
postFixup = ''
|
||||
wrapProgram $out/bin/btrfs-auto-snapshot \
|
||||
--prefix PATH : "${wrapperPath}"
|
||||
'';
|
||||
|
||||
meta = with lib; {
|
||||
description = "BTRFS Automatic Snapshot Service for Linux";
|
||||
homepage = "https://github.com/hunleyd/btrfs-auto-snapshot";
|
||||
license = licenses.gpl2;
|
||||
mainProgram = "btrfs-auto-snapshot";
|
||||
maintainers = with maintainers; [ motiejus ];
|
||||
platforms = platforms.linux;
|
||||
|
||||
longDescription = ''
|
||||
btrfs-auto-snapshot is a Bash script designed to bring as much of the
|
||||
functionality of the wonderful ZFS snapshot tool zfs-auto-snapshot to
|
||||
BTRFS as possible. Designed to run from cron (using
|
||||
/etc/cron.{daily,hourly,weekly}) it automatically creates a snapshot of
|
||||
the specified BTRFS filesystem (or, optionally, all of them) and then
|
||||
automatically purges the oldest snapshots of that type (hourly, daily, et
|
||||
al) based on a user-defined retention policy.
|
||||
|
||||
Snapshots are stored in a '.btrfs' directory at the root of the BTRFS
|
||||
filesystem being snapped and are read-only by default.
|
||||
'';
|
||||
};
|
||||
}
|
@ -6,20 +6,20 @@
|
||||
|
||||
buildGoModule rec {
|
||||
pname = "c2FmZQ";
|
||||
version = "0.4.19";
|
||||
version = "0.4.20";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "c2FmZQ";
|
||||
repo = "c2FmZQ";
|
||||
rev = "v${version}";
|
||||
hash = "sha256-9kCiV+v7RNFDrAbWRujTW9b9sbYX9fGEE37S9uDp0nY=";
|
||||
hash = "sha256-ur1zZdDAGl97RDhs0ucc9UAvufI/DG49cn8HaXx3gxs=";
|
||||
};
|
||||
|
||||
ldflags = [ "-s" "-w" ];
|
||||
|
||||
sourceRoot = "${src.name}/c2FmZQ";
|
||||
|
||||
vendorHash = "sha256-plORJl7KNsBP3tQSYX8829+sb8l0sO/TS8Bt25JXNgY=";
|
||||
vendorHash = "sha256-wZ8+w1UFx55whodAXKhQ4EbtMXkbztYLjpqEVvdrAF8=";
|
||||
|
||||
subPackages = [ "c2FmZQ-client" "c2FmZQ-server" ];
|
||||
|
||||
|
@ -2,16 +2,16 @@
|
||||
|
||||
rustPlatform.buildRustPackage rec {
|
||||
pname = "cargo-bloat";
|
||||
version = "0.12.0";
|
||||
version = "0.12.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "RazrFalcon";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
hash = "sha256-vPk6ERl0VM1TjK/JRMcXqCvKqSTuw78MsmQ0xImQyd4=";
|
||||
hash = "sha256-B71VX7cJe1giOLmk3cQE8Zxr7fKGyQkoXRuM+NzBcb8=";
|
||||
};
|
||||
|
||||
cargoHash = "sha256-6fMFGLH16Z1O+ETlr0685TXHup1vJetfzPdNC2Lw9uM=";
|
||||
cargoHash = "sha256-BBFLyMx1OPT2XAM6pofs2kV/3n3FrNu0Jkyr/Y3smnI=";
|
||||
|
||||
meta = with lib; {
|
||||
description = "A tool and Cargo subcommand that helps you find out what takes most of the space in your executable";
|
||||
|
@ -10,15 +10,15 @@
|
||||
withOpenSSL ? true,
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
stdenv.mkDerivation (finalAttrs: {
|
||||
pname = "coost";
|
||||
version = "3.0.0";
|
||||
version = "3.0.2";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "idealvin";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-qpJh1yl0lYYszNHGo5Jkbzal2hnVzg7UUxiyg/Grva8=";
|
||||
repo = "coost";
|
||||
rev = "v${finalAttrs.version}";
|
||||
hash = "sha256-HbMenAL/UWsqQ1o7cMeWfwXkLh4GxIKV7iuZQD3hDA8=";
|
||||
};
|
||||
|
||||
postPatch = ''
|
||||
@ -34,6 +34,7 @@ stdenv.mkDerivation rec {
|
||||
"-DBUILD_SHARED_LIBS=ON"
|
||||
] ++ lib.optional withCurl "-DWITH_LIBCURL=ON" ++ lib.optional withOpenSSL "-DWITH_OPENSSL=ON";
|
||||
|
||||
outputs = [ "out" "dev" ];
|
||||
passthru.updateScript = gitUpdater { };
|
||||
|
||||
meta = with lib; {
|
||||
@ -43,4 +44,4 @@ stdenv.mkDerivation rec {
|
||||
maintainers = [ maintainers.sigmanificient ];
|
||||
platforms = platforms.unix;
|
||||
};
|
||||
}
|
||||
})
|
2246
pkgs/by-name/co/coppwr/Cargo.lock
generated
2246
pkgs/by-name/co/coppwr/Cargo.lock
generated
File diff suppressed because it is too large
Load Diff
@ -4,28 +4,28 @@
|
||||
, pkg-config
|
||||
, libxkbcommon
|
||||
, pipewire
|
||||
, stdenv
|
||||
, libGL
|
||||
, wayland
|
||||
, xorg
|
||||
, vulkan-loader
|
||||
}:
|
||||
|
||||
rustPlatform.buildRustPackage rec {
|
||||
pname = "coppwr";
|
||||
version = "1.5.1";
|
||||
version = "1.6.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "dimtpap";
|
||||
repo = "coppwr";
|
||||
rev = version;
|
||||
hash = "sha256-azho/SVGEdHXt/t6VSA0NVVfhxK9bxy4Ud68faFh5zo=";
|
||||
hash = "sha256-7z1b++itHoqVX5KB9gv6dMAzq1j7VDGYzuJArUDPlD4=";
|
||||
};
|
||||
|
||||
cargoLock = {
|
||||
lockFile = ./Cargo.lock;
|
||||
outputHashes = {
|
||||
"egui_node_graph-0.4.0" = "sha256-VJvALtPP/vPZQ4KLWu8diFar9vuVkbeD65Em6rod8ww=";
|
||||
"libspa-0.7.2" = "sha256-0TGhxHL1mkktE263ln3jnPZRkXS6+C3aPUBg86J25oM=";
|
||||
"egui_node_graph-0.4.0" = "sha256-VtHgKWh+bHSFltNgYaFmYhZW9tqwiWJjiCCspeKgSXQ=";
|
||||
"libspa-0.8.0" = "sha256-X8mwLtuPuMxZY71GNPAgiJGJ9JNMj7AbCliXiBxJ4vQ=";
|
||||
};
|
||||
};
|
||||
|
||||
@ -43,6 +43,7 @@ rustPlatform.buildRustPackage rec {
|
||||
xorg.libXi
|
||||
xorg.libXrandr
|
||||
xorg.libX11
|
||||
vulkan-loader
|
||||
];
|
||||
|
||||
preBuild = ''
|
||||
|
87
pkgs/by-name/di/dillo/package.nix
Normal file
87
pkgs/by-name/di/dillo/package.nix
Normal file
@ -0,0 +1,87 @@
|
||||
{
|
||||
lib,
|
||||
autoreconfHook,
|
||||
fetchFromGitHub,
|
||||
fltk,
|
||||
giflib,
|
||||
libXcursor,
|
||||
libXi,
|
||||
libXinerama,
|
||||
libjpeg,
|
||||
libpng,
|
||||
libressl,
|
||||
mbedtls,
|
||||
openssl,
|
||||
perl,
|
||||
pkg-config,
|
||||
stdenv,
|
||||
which,
|
||||
# Configurable options
|
||||
tlsLibrary? "libressl"
|
||||
}:
|
||||
|
||||
let
|
||||
ssl = {
|
||||
"libressl" = libressl;
|
||||
"mbedtls" = mbedtls;
|
||||
"openssl" = openssl;
|
||||
}.${tlsLibrary} or (throw "Unrecognized tlsLibrary option: ${tlsLibrary}");
|
||||
in
|
||||
stdenv.mkDerivation (finalAttrs: {
|
||||
pname = "dillo";
|
||||
version = "3.1.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "dillo-browser";
|
||||
repo = "dillo";
|
||||
rev = "v${finalAttrs.version}";
|
||||
hash = "sha256-AqffkUPLvVSGq9iYksyvHf3HQ3DLWNlB3CYw4GCAAEI=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
autoreconfHook
|
||||
pkg-config
|
||||
fltk
|
||||
which
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
fltk
|
||||
giflib
|
||||
libXcursor
|
||||
libXi
|
||||
libXinerama
|
||||
libjpeg
|
||||
libpng
|
||||
perl
|
||||
ssl
|
||||
];
|
||||
|
||||
outputs = [ "out" "doc" "man" ];
|
||||
|
||||
strictDeps = true;
|
||||
|
||||
meta = {
|
||||
homepage = "https://dillo-browser.github.io/";
|
||||
description = "A fast graphical web browser with a small footprint";
|
||||
longDescription = ''
|
||||
Dillo is a fast and small graphical web browser with the following
|
||||
features:
|
||||
|
||||
- Multi-platform, running on Linux, BSD, MacOS, Windows (via Cygwin) and
|
||||
even Atari.
|
||||
- Written in C and C++ with few dependencies.
|
||||
- Implements its own real-time rendering engine.
|
||||
- Low memory usage and fast rendering, even with large pages.
|
||||
- Uses the fast and bloat-free FLTK GUI library.
|
||||
- Support for HTTP, HTTPS, FTP and local files.
|
||||
- Extensible with plugins written in any language.
|
||||
- Is free software licensed with the GPLv3.
|
||||
- Helps authors to comply with web standards by using the bug meter.
|
||||
'';
|
||||
mainProgram = "dillo";
|
||||
maintainers = with lib.maintainers; [ AndersonTorres ];
|
||||
license = lib.licenses.gpl3Plus;
|
||||
platforms = lib.platforms.linux;
|
||||
};
|
||||
})
|
@ -1,16 +1,17 @@
|
||||
{ lib
|
||||
, stdenv
|
||||
, fetchFromGitHub
|
||||
, autoreconfHook
|
||||
, pkg-config
|
||||
, which
|
||||
, fltk
|
||||
, mbedtls_2
|
||||
{
|
||||
lib,
|
||||
autoreconfHook,
|
||||
fetchFromGitHub,
|
||||
fltk,
|
||||
mbedtls_2,
|
||||
pkg-config,
|
||||
stdenv,
|
||||
which,
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation {
|
||||
pname = "dillong";
|
||||
version = "unstable-2021-12-13";
|
||||
version = "0-unstable-2021-12-13";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "w00fpack";
|
||||
@ -21,6 +22,7 @@ stdenv.mkDerivation {
|
||||
|
||||
nativeBuildInputs = [
|
||||
autoreconfHook
|
||||
fltk
|
||||
pkg-config
|
||||
which
|
||||
];
|
||||
@ -30,6 +32,19 @@ stdenv.mkDerivation {
|
||||
mbedtls_2
|
||||
];
|
||||
|
||||
outputs = [ "out" "doc" "man" ];
|
||||
|
||||
configureFlags = [
|
||||
(lib.enableFeature true "ssl")
|
||||
];
|
||||
|
||||
strictDeps = true;
|
||||
|
||||
# Workaround build failure on -fno-common toolchains:
|
||||
# ld: main.o:/build/dillo-3.0.5/dpid/dpid.h:64: multiple definition of `sock_set';
|
||||
# dpid.o:/build/dillo-3.0.5/dpid/dpid.h:64: first defined here
|
||||
env.NIX_CFLAGS_COMPILE = "-fcommon";
|
||||
|
||||
# The start_page and home settings refer to /usr.
|
||||
# We can't change /usr to $out because dillorc is copied to the home directory
|
||||
# on first launch, so the paths would quickly become outdated.
|
||||
@ -40,19 +55,12 @@ stdenv.mkDerivation {
|
||||
--replace "home=" "#home="
|
||||
'';
|
||||
|
||||
configureFlags = [ "--enable-ssl=yes" ];
|
||||
|
||||
# Workaround build failure on -fno-common toolchains:
|
||||
# ld: main.o:/build/dillo-3.0.5/dpid/dpid.h:64: multiple definition of `sock_set';
|
||||
# dpid.o:/build/dillo-3.0.5/dpid/dpid.h:64: first defined here
|
||||
env.NIX_CFLAGS_COMPILE = "-fcommon";
|
||||
|
||||
meta = with lib; {
|
||||
description = "Fork of Dillo, a lightweight web browser";
|
||||
meta = {
|
||||
homepage = "https://github.com/w00fpack/dilloNG";
|
||||
license = licenses.gpl3Plus;
|
||||
platforms = platforms.linux;
|
||||
maintainers = with maintainers; [ fgaz ];
|
||||
description = "Fork of Dillo, a lightweight web browser";
|
||||
license = lib.licenses.gpl3Plus;
|
||||
mainProgram = "dillo";
|
||||
maintainers = with lib.maintainers; [ fgaz ];
|
||||
platforms = lib.platforms.linux;
|
||||
};
|
||||
}
|
@ -1,7 +1,8 @@
|
||||
{ lib
|
||||
, stdenv
|
||||
, fetchzip
|
||||
, autoPatchelfHook
|
||||
{
|
||||
lib,
|
||||
stdenv,
|
||||
fetchzip,
|
||||
autoPatchelfHook,
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
@ -14,7 +15,10 @@ stdenv.mkDerivation rec {
|
||||
stripRoot = false;
|
||||
};
|
||||
|
||||
outputs = [ "out" "dev" ];
|
||||
outputs = [
|
||||
"out"
|
||||
"dev"
|
||||
];
|
||||
|
||||
buildInputs = [ (stdenv.cc.cc.libgcc or null) ];
|
||||
|
||||
@ -41,6 +45,11 @@ stdenv.mkDerivation rec {
|
||||
license = licenses.unfree;
|
||||
maintainers = with maintainers; [ tomodachi94 ];
|
||||
sourceProvenance = with sourceTypes; [ binaryNativeCode ];
|
||||
platforms = [ "x86_64-linux" "x86_64-darwin" "aarch64-darwin" "x86_64-windows" ];
|
||||
platforms = [
|
||||
"x86_64-linux"
|
||||
"x86_64-darwin"
|
||||
"aarch64-darwin"
|
||||
"x86_64-windows"
|
||||
];
|
||||
};
|
||||
}
|
@ -14,14 +14,14 @@
|
||||
|
||||
stdenv.mkDerivation (finalAttrs: {
|
||||
pname = "door-knocker";
|
||||
version = "0.4.4";
|
||||
version = "0.5.0";
|
||||
|
||||
src = fetchFromGitea {
|
||||
domain = "codeberg.org";
|
||||
owner = "tytan652";
|
||||
repo = "door-knocker";
|
||||
rev = finalAttrs.version;
|
||||
hash = "sha256-pC/Fv+GzHw0PTzJoDAUK/EzVVWXha2cflAqiznM9ZYM=";
|
||||
hash = "sha256-932zUfCEN24hZxkCX9uJ2HpvmLNdTtbkXvv50Hu7KxE=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
@ -1,7 +1,7 @@
|
||||
{ lib
|
||||
, installShellFiles
|
||||
, rustPlatform
|
||||
, fetchgit
|
||||
, fetchFromGitLab
|
||||
}:
|
||||
|
||||
let
|
||||
@ -11,9 +11,10 @@ in
|
||||
rustPlatform.buildRustPackage {
|
||||
inherit pname version;
|
||||
|
||||
# fetchFromGitLab doesn't work on GitLab's end for unknown reasons
|
||||
src = fetchgit {
|
||||
url = "https://or.computer.surgery/charles/${pname}";
|
||||
src = fetchFromGitLab {
|
||||
domain = "gitlab.computer.surgery";
|
||||
owner = "charles";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
hash = "sha256-niXh63xTpXSp9Wqwfi8hUBKJSClOUSvB+TPCTaqHfZk=";
|
||||
};
|
||||
@ -39,8 +40,8 @@ rustPlatform.buildRustPackage {
|
||||
meta = {
|
||||
description = "A task runner with DAG-based parallelism";
|
||||
mainProgram = "engage";
|
||||
homepage = "https://or.computer.surgery/charles/engage";
|
||||
changelog = "https://or.computer.surgery/charles/engage/-/blob/v${version}/CHANGELOG.md";
|
||||
homepage = "https://gitlab.computer.surgery/charles/engage";
|
||||
changelog = "https://gitlab.computer.surgery/charles/engage/-/blob/v${version}/CHANGELOG.md";
|
||||
license = with lib.licenses; [ asl20 mit ];
|
||||
maintainers = with lib.maintainers; [ CobaltCause ];
|
||||
};
|
||||
|
30
pkgs/by-name/go/go-landlock/package.nix
Normal file
30
pkgs/by-name/go/go-landlock/package.nix
Normal file
@ -0,0 +1,30 @@
|
||||
{ lib
|
||||
, buildGoModule
|
||||
, fetchFromGitHub
|
||||
}:
|
||||
|
||||
buildGoModule rec {
|
||||
pname = "go-landlock";
|
||||
version = "0-unstable-2024-02-16";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "landlock-lsm";
|
||||
repo = "go-landlock";
|
||||
rev = "efb66220540a9ef86aa0160d15e55f429d5b94d9";
|
||||
hash = "sha256-U0+364NIw3kVcfS8/RTcpSMrv4v2ATCcC1v+5IsxeXQ=";
|
||||
};
|
||||
|
||||
vendorHash = "sha256-IOaFToz/66Z1DP5O6gLqTyEiiYyrwZ5At93qPLa7hg8=";
|
||||
|
||||
subPackages = [
|
||||
"cmd/landlock-restrict-net"
|
||||
"cmd/landlock-restrict"
|
||||
];
|
||||
|
||||
meta = {
|
||||
description = "A Go library for the Linux Landlock sandboxing feature";
|
||||
homepage = "https://github.com/landlock-lsm/go-landlock";
|
||||
license = lib.licenses.mit;
|
||||
maintainers = with lib.maintainers; [ tomfitzhenry ];
|
||||
};
|
||||
}
|
@ -64,11 +64,11 @@ let
|
||||
|
||||
in stdenv.mkDerivation (finalAttrs: {
|
||||
pname = "google-chrome";
|
||||
version = "124.0.6367.118";
|
||||
version = "124.0.6367.201";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://dl.google.com/linux/chrome/deb/pool/main/g/google-chrome-stable/google-chrome-stable_${finalAttrs.version}-1_amd64.deb";
|
||||
hash = "sha256-H3bv6WiVBl4j38ROZ80+SD9UO9ok+xxcKFxDd9yjWNY=";
|
||||
hash = "sha256-RvQdpDmWRcsASh1b8M0Zg+AvZprE5qhi14shfo0WlfE=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ patchelf makeWrapper ];
|
||||
@ -142,12 +142,12 @@ in stdenv.mkDerivation (finalAttrs: {
|
||||
runHook postInstall
|
||||
'';
|
||||
|
||||
meta = with lib; {
|
||||
meta = {
|
||||
description = "A freeware web browser developed by Google";
|
||||
homepage = "https://www.google.com/chrome/browser/";
|
||||
license = licenses.unfree;
|
||||
sourceProvenance = with sourceTypes; [ binaryNativeCode ];
|
||||
maintainers = with maintainers; [ jnsgruk ];
|
||||
license = lib.licenses.unfree;
|
||||
sourceProvenance = with lib.sourceTypes; [ binaryNativeCode ];
|
||||
maintainers = with lib.maintainers; [ jnsgruk johnrtitor ];
|
||||
platforms = [ "x86_64-linux" ];
|
||||
mainProgram = "google-chrome-stable";
|
||||
};
|
@ -10,16 +10,16 @@
|
||||
|
||||
buildGoModule rec {
|
||||
pname = "hugo";
|
||||
version = "0.125.6";
|
||||
version = "0.125.7";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "gohugoio";
|
||||
repo = "hugo";
|
||||
rev = "refs/tags/v${version}";
|
||||
hash = "sha256-rOkvt+U8iju+oIb/BfPMHSqhZYM6XSUS2B8Oxd46cF8=";
|
||||
hash = "sha256-aONA9qfoilte73wBTZFu8rrVz+O8xtnRk/rOxJLANS8=";
|
||||
};
|
||||
|
||||
vendorHash = "sha256-UJoK73oQ1gH4Y1hxjE66Ou8o9jAeJpA4njgP3VHu68s=";
|
||||
vendorHash = "sha256-ZEaByHlJIfzGbmdadDpCJGCybj9SOHRzrrzR/S/zRnc=";
|
||||
|
||||
doCheck = false;
|
||||
|
||||
|
@ -115,7 +115,7 @@ buildGoModule rec {
|
||||
;
|
||||
};
|
||||
|
||||
tests = nixosTests.incus;
|
||||
tests = if lts then nixosTests.incus-lts else nixosTests.incus;
|
||||
|
||||
ui = callPackage ./ui.nix { };
|
||||
|
||||
|
@ -1,6 +1,6 @@
|
||||
import ./generic.nix {
|
||||
hash = "sha256-+q5qP7w2RdtuwvxPThCryYYEJ7s5WDnWHRvjo4TuajA=";
|
||||
version = "6.0.0";
|
||||
vendorHash = "sha256-wcauzIbBcYpSWttZCVVE9m49AEQGolGYSsv9eEkhb7Y=";
|
||||
hash = "sha256-BFB4bdfh3hI7D1m7a20ckPPyP9CYXW7mjqeTZ/21Gqs=";
|
||||
version = "6.1.0";
|
||||
vendorHash = "sha256-a8ZPhzs7sNIJLjQ9Y87Zf9SXAsmbdVn250Q0OQwy69A=";
|
||||
patches = [ ];
|
||||
}
|
||||
|
@ -1,6 +1,8 @@
|
||||
{ lib
|
||||
, stdenv
|
||||
, fetchFromGitHub
|
||||
, pkg-config
|
||||
, openssl
|
||||
, rustPlatform
|
||||
, darwin
|
||||
, testers
|
||||
@ -8,12 +10,12 @@
|
||||
}:
|
||||
|
||||
let
|
||||
version = "2.1.0";
|
||||
version = "2.2.1";
|
||||
src = fetchFromGitHub {
|
||||
owner = "russellbanks";
|
||||
repo = "Komac";
|
||||
rev = "v${version}";
|
||||
hash = "sha256-L8UYpNqjRyqf4hPQwD9LaXWu6jYaP34yTwTxcqg+e2U=";
|
||||
hash = "sha256-dPX8/JUQ+vugd+M/jIjBf4/sNbac0FVQ0obhyAAGI84=";
|
||||
};
|
||||
in
|
||||
rustPlatform.buildRustPackage {
|
||||
@ -21,9 +23,13 @@ rustPlatform.buildRustPackage {
|
||||
|
||||
pname = "komac";
|
||||
|
||||
cargoHash = "sha256-J4QZzbyDr4SDt6LlAy9ZdpqgIufZCZHmOC9eu70wMsM=";
|
||||
cargoHash = "sha256-CDPN90X3m/9FRLolAVCIcAuajZbB5OAgLcFXq2ICS8g=";
|
||||
|
||||
buildInputs = lib.optionals stdenv.isDarwin [
|
||||
nativeBuildInputs = lib.optionals stdenv.isLinux [ pkg-config ];
|
||||
|
||||
buildInputs = lib.optionals stdenv.isLinux [
|
||||
openssl
|
||||
] ++ lib.optionals stdenv.isDarwin [
|
||||
darwin.apple_sdk.frameworks.SystemConfiguration
|
||||
];
|
||||
|
||||
|
@ -1,10 +1,10 @@
|
||||
{
|
||||
"stable": {
|
||||
"version": "5.2.2",
|
||||
"hash": "sha256-Tp8adn9cNtHmEdoA418b/KMsqluZWKO60u6kCtAmpbo="
|
||||
"version": "5.2.3",
|
||||
"hash": "sha256-fjlvP5PPmSSNYefYRrEBVdhbN3yZ0pCbvIe763U5y5o="
|
||||
},
|
||||
"beta": {
|
||||
"version": "5.2.2",
|
||||
"hash": "sha256-Tp8adn9cNtHmEdoA418b/KMsqluZWKO60u6kCtAmpbo="
|
||||
"version": "5.2.3",
|
||||
"hash": "sha256-fjlvP5PPmSSNYefYRrEBVdhbN3yZ0pCbvIe763U5y5o="
|
||||
}
|
||||
}
|
||||
|
@ -10,13 +10,13 @@
|
||||
|
||||
stdenvNoCC.mkDerivation (finalAttrs: {
|
||||
pname = "marwaita-x";
|
||||
version = "0.8.1";
|
||||
version = "0.9";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "darkomarko42";
|
||||
repo = "marwaita-x";
|
||||
rev = finalAttrs.version;
|
||||
sha256 = "sha256-AkhysmA7QTHiH6yLEHFHgXFhRXb3l0elvYfy+oXsvZE=";
|
||||
sha256 = "sha256-yf/3ukb52rbCXMObeiHrMdD1cTRjY739p7Vg+DBFReo=";
|
||||
};
|
||||
|
||||
buildInputs = [
|
||||
|
@ -6,11 +6,11 @@ let
|
||||
in
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "mediainfo-gui";
|
||||
version = "24.03";
|
||||
version = "24.04";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://mediaarea.net/download/source/mediainfo/${version}/mediainfo_${version}.tar.xz";
|
||||
hash = "sha256-b/jx+i+FmhMJH3Wiz5E0hmRPbiWa0cJa+5qT5IRExWM=";
|
||||
hash = "sha256-6+sctwGiMFnHNsszuRoxcsT5jnNB5EoLMKEZGRkaJ00=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ autoreconfHook pkg-config ];
|
||||
|
@ -10,7 +10,6 @@
|
||||
, ffmpeg-headless
|
||||
, taglib
|
||||
, zlib
|
||||
, makeWrapper
|
||||
, nixosTests
|
||||
, nix-update-script
|
||||
, ffmpegSupport ? true
|
@ -84,11 +84,12 @@ stdenv.mkDerivation (finalAttrs: {
|
||||
fetchSubmodules = true;
|
||||
};
|
||||
|
||||
strictDeps = true;
|
||||
|
||||
nativeBuildInputs = [
|
||||
libsForQt5.wrapQtAppsHook
|
||||
cmake
|
||||
ninja
|
||||
protobuf
|
||||
copyDesktopItems
|
||||
];
|
||||
|
||||
@ -96,8 +97,9 @@ stdenv.mkDerivation (finalAttrs: {
|
||||
libsForQt5.qtbase
|
||||
libsForQt5.qttools
|
||||
libsForQt5.qtx11extras
|
||||
zxing-cpp
|
||||
protobuf
|
||||
yaml-cpp
|
||||
zxing-cpp
|
||||
];
|
||||
|
||||
# NKR_PACKAGE makes sure the app uses the user's config directory to store it's non-static content
|
||||
|
@ -9,7 +9,7 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "onevpl-intel-gpu";
|
||||
version = "23.4.3";
|
||||
version = "24.2.2";
|
||||
|
||||
outputs = [ "out" "dev" ];
|
||||
|
||||
@ -17,7 +17,7 @@ stdenv.mkDerivation rec {
|
||||
owner = "oneapi-src";
|
||||
repo = "oneVPL-intel-gpu";
|
||||
rev = "intel-onevpl-${version}";
|
||||
sha256 = "sha256-oDwDMUq6JpRJH5nbANb7TJLW7HRYA9y0xZxEsoepx/U=";
|
||||
sha256 = "sha256-JtvRh4p4wPRnqFfE86tJW+yS9AKMoi3TPZO+LZ2Q7Mo=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake pkg-config ];
|
||||
|
55
pkgs/by-name/op/openfga-cli/package.nix
Normal file
55
pkgs/by-name/op/openfga-cli/package.nix
Normal file
@ -0,0 +1,55 @@
|
||||
{
|
||||
lib,
|
||||
buildGoModule,
|
||||
fetchFromGitHub,
|
||||
installShellFiles,
|
||||
}:
|
||||
|
||||
let
|
||||
pname = "openfga-cli";
|
||||
version = "0.4.0";
|
||||
in
|
||||
|
||||
buildGoModule {
|
||||
inherit pname version;
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "openfga";
|
||||
repo = "cli";
|
||||
rev = "v${version}";
|
||||
hash = "sha256-nwzUBzu8c8kuSTbjwOB1mCFMLF1zoUReXofXeBOAO1U=";
|
||||
};
|
||||
|
||||
vendorHash = "sha256-3fElvsy248lRwmIKWv8ac6BLJ1y5Qyr+kKh/1vprmvo=";
|
||||
|
||||
nativeBuildInputs = [ installShellFiles ];
|
||||
|
||||
ldflags =
|
||||
let
|
||||
buildInfoPkg = "github.com/openfga/cli/internal/build";
|
||||
in
|
||||
[
|
||||
"-s"
|
||||
"-w"
|
||||
"-X ${buildInfoPkg}.Version=${version}"
|
||||
"-X ${buildInfoPkg}.Commit=${version}"
|
||||
"-X ${buildInfoPkg}.Date=19700101"
|
||||
];
|
||||
|
||||
postInstall = ''
|
||||
completions_dir=$TMPDIR/fga_completions
|
||||
mkdir $completions_dir
|
||||
$out/bin/fga completion bash > $completions_dir/fga.bash
|
||||
$out/bin/fga completion zsh > $completions_dir/_fga.zsh
|
||||
$out/bin/fga completion fish > $completions_dir/fga.fish
|
||||
installShellCompletion $completions_dir/*
|
||||
'';
|
||||
|
||||
meta = {
|
||||
description = "A cross-platform CLI to interact with an OpenFGA server";
|
||||
homepage = "https://github.com/openfga/cli";
|
||||
license = lib.licenses.asl20;
|
||||
mainProgram = "fga";
|
||||
maintainers = with lib.maintainers; [ jlesquembre ];
|
||||
};
|
||||
}
|
58
pkgs/by-name/op/openfga/package.nix
Normal file
58
pkgs/by-name/op/openfga/package.nix
Normal file
@ -0,0 +1,58 @@
|
||||
{
|
||||
lib,
|
||||
buildGoModule,
|
||||
fetchFromGitHub,
|
||||
installShellFiles,
|
||||
}:
|
||||
|
||||
let
|
||||
pname = "openfga";
|
||||
version = "1.5.3";
|
||||
in
|
||||
|
||||
buildGoModule {
|
||||
inherit pname version;
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "openfga";
|
||||
repo = "openfga";
|
||||
rev = "v${version}";
|
||||
hash = "sha256-+ECfBG0Z1XnopMPbq9jngcZ3lcSFOIomWo5iD0T1teQ=";
|
||||
};
|
||||
|
||||
vendorHash = "sha256-MyoqdmNtpsoT08BKA9DPlpldIEXb82qzeXnW4KQXTiE=";
|
||||
|
||||
nativeBuildInputs = [ installShellFiles ];
|
||||
|
||||
ldflags =
|
||||
let
|
||||
buildInfoPkg = "github.com/openfga/openfga/internal/build";
|
||||
in
|
||||
[
|
||||
"-s"
|
||||
"-w"
|
||||
"-X ${buildInfoPkg}.Version=${version}"
|
||||
"-X ${buildInfoPkg}.Commit=${version}"
|
||||
"-X ${buildInfoPkg}.Date=19700101"
|
||||
];
|
||||
|
||||
# Tests depend on docker
|
||||
doCheck = false;
|
||||
|
||||
postInstall = ''
|
||||
completions_dir=$TMPDIR/openfga_completions
|
||||
mkdir $completions_dir
|
||||
$out/bin/openfga completion bash > $completions_dir/openfga.bash
|
||||
$out/bin/openfga completion zsh > $completions_dir/_openfga.zsh
|
||||
$out/bin/openfga completion fish > $completions_dir/openfga.fish
|
||||
installShellCompletion $completions_dir/*
|
||||
'';
|
||||
|
||||
meta = {
|
||||
description = "A high performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar";
|
||||
homepage = "https://openfga.dev/";
|
||||
license = lib.licenses.asl20;
|
||||
mainProgram = "openfga";
|
||||
maintainers = with lib.maintainers; [ jlesquembre ];
|
||||
};
|
||||
}
|
@ -20,6 +20,7 @@ python3Packages.buildPythonApplication rec {
|
||||
"pillow"
|
||||
"httpx"
|
||||
"packaging"
|
||||
"typer"
|
||||
];
|
||||
|
||||
propagatedBuildInputs = with python3Packages; [
|
||||
|
97
pkgs/by-name/po/portablemc/package.nix
Normal file
97
pkgs/by-name/po/portablemc/package.nix
Normal file
@ -0,0 +1,97 @@
|
||||
{
|
||||
lib,
|
||||
stdenv,
|
||||
python3Packages,
|
||||
fetchFromGitHub,
|
||||
installShellFiles,
|
||||
jre,
|
||||
|
||||
libX11,
|
||||
libXext,
|
||||
libXcursor,
|
||||
libXrandr,
|
||||
libXxf86vm,
|
||||
libpulseaudio,
|
||||
libGL,
|
||||
glfw,
|
||||
openal,
|
||||
udev,
|
||||
|
||||
textToSpeechSupport ? stdenv.isLinux,
|
||||
flite,
|
||||
}:
|
||||
|
||||
let
|
||||
# Copied from the `prismlauncher` package
|
||||
runtimeLibs = [
|
||||
libX11
|
||||
libXext
|
||||
libXcursor
|
||||
libXrandr
|
||||
libXxf86vm
|
||||
|
||||
# lwjgl
|
||||
libpulseaudio
|
||||
libGL
|
||||
glfw
|
||||
openal
|
||||
stdenv.cc.cc.lib
|
||||
|
||||
# oshi
|
||||
udev
|
||||
] ++ lib.optional textToSpeechSupport flite;
|
||||
in
|
||||
python3Packages.buildPythonApplication rec {
|
||||
pname = "portablemc";
|
||||
version = "4.3.0";
|
||||
pyproject = true;
|
||||
|
||||
disabled = python3Packages.pythonOlder "3.8";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "mindstorm38";
|
||||
repo = "portablemc";
|
||||
rev = "v${version}";
|
||||
hash = "sha256-jCv4ncXUWbkWlBZr3P1hNeVpdQzY9HtrFz+pmKknL0I=";
|
||||
};
|
||||
|
||||
patches = [
|
||||
# Use the jre package provided by nixpkgs by default
|
||||
./use-builtin-java.patch
|
||||
];
|
||||
|
||||
nativeBuildInputs = [ installShellFiles ];
|
||||
|
||||
build-system = [ python3Packages.poetry-core ];
|
||||
|
||||
dependencies = [ python3Packages.certifi ];
|
||||
|
||||
# Note: Tests use networking, so we don't run them
|
||||
|
||||
postInstall = ''
|
||||
installShellCompletion --cmd portablemc \
|
||||
--bash <($out/bin/portablemc show completion bash) \
|
||||
--zsh <($out/bin/portablemc show completion zsh)
|
||||
'';
|
||||
|
||||
preFixup = ''
|
||||
makeWrapperArgs+=(
|
||||
--prefix LD_LIBRARY_PATH : ${lib.makeLibraryPath runtimeLibs}
|
||||
--prefix PATH : ${lib.makeBinPath [ jre ]}
|
||||
)
|
||||
'';
|
||||
|
||||
meta = {
|
||||
homepage = "https://github.com/mindstorm38/portablemc";
|
||||
description = "A fast, reliable and cross-platform command-line Minecraft launcher and API for developers";
|
||||
longDescription = ''
|
||||
A fast, reliable and cross-platform command-line Minecraft launcher and API for developers.
|
||||
Including fast and easy installation of common mod loaders such as Fabric, Forge, NeoForge and Quilt.
|
||||
This launcher is compatible with the standard Minecraft directories.
|
||||
'';
|
||||
changelog = "https://github.com/mindstorm38/portablemc/releases/tag/${src.rev}";
|
||||
license = lib.licenses.gpl3Only;
|
||||
mainProgram = "portablemc";
|
||||
maintainers = with lib.maintainers; [ tomasajt ];
|
||||
};
|
||||
}
|
47
pkgs/by-name/po/portablemc/use-builtin-java.patch
Normal file
47
pkgs/by-name/po/portablemc/use-builtin-java.patch
Normal file
@ -0,0 +1,47 @@
|
||||
diff --git a/portablemc/standard.py b/portablemc/standard.py
|
||||
index f59c55d..0f017e1 100644
|
||||
--- a/portablemc/standard.py
|
||||
+++ b/portablemc/standard.py
|
||||
@@ -843,6 +843,8 @@ class Version:
|
||||
if jvm_major_version is not None and not isinstance(jvm_major_version, int):
|
||||
raise ValueError("metadata: /javaVersion/majorVersion must be an integer")
|
||||
|
||||
+ return self._resolve_builtin_jvm(watcher, JvmNotFoundError.UNSUPPORTED_ARCH, jvm_major_version)
|
||||
+
|
||||
if platform.system() == "Linux" and platform.libc_ver()[0] != "glibc":
|
||||
return self._resolve_builtin_jvm(watcher, JvmNotFoundError.UNSUPPORTED_LIBC, jvm_major_version)
|
||||
|
||||
@@ -926,31 +928,10 @@ class Version:
|
||||
builtin_path = shutil.which(jvm_bin_filename)
|
||||
if builtin_path is None:
|
||||
raise JvmNotFoundError(reason)
|
||||
-
|
||||
- try:
|
||||
-
|
||||
- # Get version of the JVM.
|
||||
- process = Popen([builtin_path, "-version"], bufsize=1, stdout=PIPE, stderr=STDOUT, universal_newlines=True)
|
||||
- stdout, _stderr = process.communicate(timeout=1)
|
||||
-
|
||||
- version_start = stdout.index(f"1.{major_version}" if major_version <= 8 else str(major_version))
|
||||
- version = None
|
||||
-
|
||||
- # Parse version by getting all character that are numeric or '.'.
|
||||
- for i, ch in enumerate(stdout[version_start:]):
|
||||
- if not ch.isnumeric() and ch not in (".", "_"):
|
||||
- version = stdout[version_start:i]
|
||||
- break
|
||||
-
|
||||
- if version is None:
|
||||
- raise ValueError()
|
||||
-
|
||||
- except (TimeoutExpired, ValueError):
|
||||
- raise JvmNotFoundError(JvmNotFoundError.BUILTIN_INVALID_VERSION)
|
||||
|
||||
self._jvm_path = Path(builtin_path)
|
||||
- self._jvm_version = version
|
||||
- watcher.handle(JvmLoadedEvent(version, JvmLoadedEvent.BUILTIN))
|
||||
+ self._jvm_version = "nixpkgs"
|
||||
+ watcher.handle(JvmLoadedEvent("nixpkgs", JvmLoadedEvent.BUILTIN))
|
||||
|
||||
def _download(self, watcher: Watcher) -> None:
|
||||
|
@ -42,7 +42,7 @@ let
|
||||
homepage = "https://github.com/pretalx/pretalx";
|
||||
changelog = "https://docs.pretalx.org/en/latest/changelog.html";
|
||||
license = licenses.asl20;
|
||||
maintainers = teams.c3d2.members;
|
||||
maintainers = with maintainers; [ hexa] ++ teams.c3d2.members;
|
||||
platforms = platforms.linux;
|
||||
};
|
||||
|
||||
|
@ -10,11 +10,11 @@ let
|
||||
mainProgram = "proton-mail";
|
||||
in stdenv.mkDerivation rec {
|
||||
pname = "protonmail-desktop";
|
||||
version = "1.0.1";
|
||||
version = "1.0.2";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/ProtonMail/inbox-desktop/releases/download/v${version}/proton-mail_${version}_amd64.deb";
|
||||
hash = "sha256-fNK//x3DOsynWSkG9N+nZ3wjYoC+RreaYVC6KEDXh4w=";
|
||||
hash = "sha256-c+0iFBpcg+t983oOttPokA5sLGsIQFIsC+GbsVY6hmI=";
|
||||
};
|
||||
|
||||
dontConfigure = true;
|
||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user