ilyakooo0/nixpkgs
1
0
Fork 0
mirror of https://github.com/ilyakooo0/nixpkgs.git synced 2024-11-11 04:02:55 +03:00
Code Issues Projects Releases Wiki Activity

Merge branch 'master' into update-ios-gnu-config

Browse Source
This commit is contained in:
Matthew Bauer 2019-05-07 14:25:33 -04:00 committed by GitHub
commit 424f467e06
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1343 changed files with 22995 additions and 13346 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.github/CODEOWNERS vendored
View File

@ -47,8 +47,8 @@
/nixos/doc/manual/man-nixos-option.xml @nbp
/nixos/modules/installer/tools/nixos-option.sh @nbp
# NixOS modules
/nixos/modules @Infinisil
# New NixOS modules
/nixos/modules/module-list.nix @Infinisil
# Python-related code and docs
/maintainers/scripts/update-python-libraries @FRidh

8
README.md
View File

@ -12,12 +12,12 @@ build daemon as so-called channels. To get channel information via git, add
```
For stability and maximum binary package support, it is recommended to maintain
custom changes on top of one of the channels, e.g. `nixos-18.09` for the latest
custom changes on top of one of the channels, e.g. `nixos-19.03` for the latest
release and `nixos-unstable` for the latest successful build of master:
```
% git remote update channels
% git rebase channels/nixos-18.09
% git rebase channels/nixos-19.03
```
For pull requests, please rebase onto nixpkgs `master`.
@ -31,9 +31,9 @@ For pull requests, please rebase onto nixpkgs `master`.
* [Manual (NixOS)](https://nixos.org/nixos/manual/)
* [Community maintained wiki](https://nixos.wiki/)
* [Continuous package builds for unstable/master](https://hydra.nixos.org/jobset/nixos/trunk-combined)
* [Continuous package builds for 18.09 release](https://hydra.nixos.org/jobset/nixos/release-18.09)
* [Continuous package builds for 19.03 release](https://hydra.nixos.org/jobset/nixos/release-19.03)
* [Tests for unstable/master](https://hydra.nixos.org/job/nixos/trunk-combined/tested#tabs-constituents)
* [Tests for 18.09 release](https://hydra.nixos.org/job/nixos/release-18.09/tested#tabs-constituents)
* [Tests for 19.03 release](https://hydra.nixos.org/job/nixos/release-19.03/tested#tabs-constituents)
Communication:

6
doc/languages-frameworks/haskell.section.md
View File

@ -55,7 +55,7 @@ package `haskell-pandoc`, for example, installs both a library and an
application. You can install and use Haskell executables just like any other
program in Nixpkgs, but using Haskell libraries for development is a bit
trickier and we'll address that subject in great detail in section [How to
create a development environment].
create a development environment](#how-to-create-a-development-environment).
Attribute paths are deterministic inside of Nixpkgs, but the path necessary to
reach Nixpkgs varies from system to system. We dodged that problem by giving
@ -127,7 +127,7 @@ Also, the attributes `haskell.compiler.ghcXYC` and
A simple development environment consists of a Haskell compiler and one or both
of the tools `cabal-install` and `stack`. We saw in section
[How to install Haskell packages] how you can install those programs into your
[How to install Haskell packages](#how-to-install-haskell-packages) how you can install those programs into your
user profile:
```shell
nix-env -f "<nixpkgs>" -iA haskellPackages.ghc haskellPackages.cabal-install
@ -162,7 +162,7 @@ nix-shell -p haskell.compiler.ghc784
to bring GHC 7.8.4 into `$PATH`. Alternatively, you can use Stack instead of
`nix-shell` directly to select compiler versions and other build tools
per-project. It uses `nix-shell` under the hood when Nix support is turned on.
See [How to build a Haskell project using Stack].
See [How to build a Haskell project using Stack](#how-to-build-a-haskell-project-using-stack).
If you're using `cabal-install`, re-running `cabal configure` inside the spawned
shell switches your build to use that compiler instead. If you're working on

7
lib/systems/default.nix
View File

@ -30,6 +30,7 @@ rec {
libc =
/**/ if final.isDarwin then "libSystem"
else if final.isMinGW then "msvcrt"
else if final.isWasi then "wasilibc"
else if final.isMusl then "musl"
else if final.isUClibc then "uclibc"
else if final.isAndroid then "bionic"
@ -62,7 +63,7 @@ rec {
"netbsd" = "NetBSD";
"freebsd" = "FreeBSD";
"openbsd" = "OpenBSD";
"wasm" = "Wasm";
"wasi" = "Wasi";
}.${final.parsed.kernel.name} or null;
# uname -p
@ -114,8 +115,8 @@ rec {
then "${wine}/bin/${wine-name}"
else if final.isLinux && pkgs.stdenv.hostPlatform.isLinux
then "${qemu-user}/bin/qemu-${final.qemuArch}"
else if final.isWasm
then "${pkgs.v8}/bin/d8"
else if final.isWasi
then "${pkgs.wasmtime}/bin/wasmtime"
else throw "Don't know how to run ${final.config} executables.";
} // mapAttrs (n: v: v final.parsed) inspect.predicates

3
lib/systems/doubles.nix
View File

@ -17,6 +17,8 @@ let
"x86_64-netbsd" "x86_64-openbsd" "x86_64-solaris"
"x86_64-windows" "i686-windows"
"wasm64-wasi" "wasm32-wasi"
];
allParsed = map parse.mkSystemFromString all;
@ -45,6 +47,7 @@ in rec {
netbsd = filterDoubles predicates.isNetBSD;
openbsd = filterDoubles predicates.isOpenBSD;
unix = filterDoubles predicates.isUnix;
wasi = filterDoubles predicates.isWasi;
windows = filterDoubles predicates.isWindows;
mesaPlatforms = ["i686-linux" "x86_64-linux" "x86_64-darwin" "armv5tel-linux" "armv6l-linux" "armv7l-linux" "armv7a-linux" "aarch64-linux" "powerpc64le-linux"];

10
lib/systems/examples.nix
View File

@ -211,4 +211,14 @@ rec {
config = "x86_64-unknown-netbsd";
libc = "nblibc";
};
#
# WASM
#
wasi32 = {
config = "wasm32-unknown-wasi";
useLLVM = true;
};
}

1
lib/systems/for-meta.nix
View File

@ -32,6 +32,7 @@ in rec {
openbsd = [ patterns.isOpenBSD ];
unix = patterns.isUnix; # Actually a list
windows = [ patterns.isWindows ];
wasi = [ patterns.isWasi ];
inherit (lib.systems.doubles) mesaPlatforms;
}

1
lib/systems/inspect.nix
View File

@ -43,6 +43,7 @@ rec {
isWindows = { kernel = kernels.windows; };
isCygwin = { kernel = kernels.windows; abi = abis.cygnus; };
isMinGW = { kernel = kernels.windows; abi = abis.gnu; };
isWasi = { kernel = kernels.wasi; };
isAndroid = [ { abi = abis.android; } { abi = abis.androideabi; } ];
isMusl = with abis; map (a: { abi = a; }) [ musl musleabi musleabihf ];

38
lib/systems/parse.nix
View File

@ -69,24 +69,24 @@ rec {
cpuTypes = with significantBytes; setTypes types.openCpuType {
arm = { bits = 32; significantByte = littleEndian; family = "arm"; };
armv5tel = { bits = 32; significantByte = littleEndian; family = "arm"; version = "5"; };
armv6m = { bits = 32; significantByte = littleEndian; family = "arm"; version = "6"; };
armv6l = { bits = 32; significantByte = littleEndian; family = "arm"; version = "6"; };
armv7a = { bits = 32; significantByte = littleEndian; family = "arm"; version = "7"; };
armv7r = { bits = 32; significantByte = littleEndian; family = "arm"; version = "7"; };
armv7m = { bits = 32; significantByte = littleEndian; family = "arm"; version = "7"; };
armv7l = { bits = 32; significantByte = littleEndian; family = "arm"; version = "7"; };
armv8a = { bits = 32; significantByte = littleEndian; family = "arm"; version = "8"; };
armv8r = { bits = 32; significantByte = littleEndian; family = "arm"; version = "8"; };
armv8m = { bits = 32; significantByte = littleEndian; family = "arm"; version = "8"; };
aarch64 = { bits = 64; significantByte = littleEndian; family = "arm"; version = "8"; };
aarch64_be = { bits = 64; significantByte = bigEndian; family = "arm"; version = "8"; };
armv5tel = { bits = 32; significantByte = littleEndian; family = "arm"; version = "5"; arch = "armv5t"; };
armv6m = { bits = 32; significantByte = littleEndian; family = "arm"; version = "6"; arch = "armv6-m"; };
armv6l = { bits = 32; significantByte = littleEndian; family = "arm"; version = "6"; arch = "armv6"; };
armv7a = { bits = 32; significantByte = littleEndian; family = "arm"; version = "7"; arch = "armv7-a"; };
armv7r = { bits = 32; significantByte = littleEndian; family = "arm"; version = "7"; arch = "armv7-r"; };
armv7m = { bits = 32; significantByte = littleEndian; family = "arm"; version = "7"; arch = "armv7-m"; };
armv7l = { bits = 32; significantByte = littleEndian; family = "arm"; version = "7"; arch = "armv7"; };
armv8a = { bits = 32; significantByte = littleEndian; family = "arm"; version = "8"; arch = "armv8-a"; };
armv8r = { bits = 32; significantByte = littleEndian; family = "arm"; version = "8"; arch = "armv8-a"; };
armv8m = { bits = 32; significantByte = littleEndian; family = "arm"; version = "8"; arch = "armv8-m"; };
aarch64 = { bits = 64; significantByte = littleEndian; family = "arm"; version = "8"; arch = "armv8-a"; };
aarch64_be = { bits = 64; significantByte = bigEndian; family = "arm"; version = "8"; arch = "armv8-a"; };
i386 = { bits = 32; significantByte = littleEndian; family = "x86"; };
i486 = { bits = 32; significantByte = littleEndian; family = "x86"; };
i586 = { bits = 32; significantByte = littleEndian; family = "x86"; };
i686 = { bits = 32; significantByte = littleEndian; family = "x86"; };
x86_64 = { bits = 64; significantByte = littleEndian; family = "x86"; };
i386 = { bits = 32; significantByte = littleEndian; family = "x86"; arch = "i386"; };
i486 = { bits = 32; significantByte = littleEndian; family = "x86"; arch = "i486"; };
i586 = { bits = 32; significantByte = littleEndian; family = "x86"; arch = "i586"; };
i686 = { bits = 32; significantByte = littleEndian; family = "x86"; arch = "i686"; };
x86_64 = { bits = 64; significantByte = littleEndian; family = "x86"; arch = "x86-64"; };
mips = { bits = 32; significantByte = bigEndian; family = "mips"; };
mipsel = { bits = 32; significantByte = littleEndian; family = "mips"; };
@ -226,6 +226,7 @@ rec {
elf = {};
macho = {};
pe = {};
wasm = {};
unknown = {};
};
@ -268,6 +269,7 @@ rec {
none = { execFormat = unknown; families = { }; };
openbsd = { execFormat = elf; families = { inherit bsd; }; };
solaris = { execFormat = elf; families = { }; };
wasi = { execFormat = wasm; families = { }; };
windows = { execFormat = pe; families = { }; };
} // { # aliases
# 'darwin' is the kernel for all of them. We choose macOS by default.
@ -376,6 +378,8 @@ rec {
then { cpu = elemAt l 0; kernel = elemAt l 1; abi = elemAt l 2; }
else if (elemAt l 2 == "mingw32") # autotools breaks on -gnu for window
then { cpu = elemAt l 0; vendor = elemAt l 1; kernel = "windows"; }
else if (elemAt l 2 == "wasi")
then { cpu = elemAt l 0; vendor = elemAt l 1; kernel = "wasi"; }
else if hasPrefix "netbsd" (elemAt l 2)
then { cpu = elemAt l 0; vendor = elemAt l 1; kernel = elemAt l 2; }
else if (elem (elemAt l 2) ["eabi" "eabihf" "elf"])

2
lib/tests/systems.nix
View File

@ -12,7 +12,7 @@ let
expected = lib.sort lib.lessThan y;
};
in with lib.systems.doubles; lib.runTests {
testall = mseteq all (linux ++ darwin ++ freebsd ++ openbsd ++ netbsd ++ illumos ++ windows);
testall = mseteq all (linux ++ darwin ++ freebsd ++ openbsd ++ netbsd ++ illumos ++ wasi ++ windows);
testarm = mseteq arm [ "armv5tel-linux" "armv6l-linux" "armv7l-linux" ];
testi686 = mseteq i686 [ "i686-linux" "i686-freebsd" "i686-netbsd" "i686-openbsd" "i686-cygwin" "i686-windows" ];

47
maintainers/maintainer-list.nix
View File

@ -157,6 +157,11 @@
github = "aespinosa";
name = "Allan Espinosa";
};
aethelz = {
email = "aethelz@protonmail.com";
github = "aethelz";
name = "Eugene";
};
aflatter = {
email = "flatter@fastmail.fm";
github = "aflatter";
@ -197,6 +202,11 @@
github = "aij";
name = "Ivan Jager";
};
ajs124 = {
email = "nix@ajs124.de";
github = "ajs124";
name = "Andreas Schrägle";
};
ajgrf = {
email = "a@ajgrf.com";
github = "ajgrf";
@ -509,6 +519,11 @@
github = "avnik";
name = "Alexander V. Nikolaev";
};
aw = {
email = "aw-nixos@meterriblecrew.net";
github = "herrwiese";
name = "Andreas Wiese";
};
aycanirican = {
email = "iricanaycan@gmail.com";
github = "aycanirican";
@ -578,6 +593,11 @@
github = "bbarker";
name = "Brandon Elam Barker";
};
bbigras = {
email = "bigras.bruno@gmail.com";
github = "bbigras";
name = "Bruno Bigras";
};
bcarrell = {
email = "brandoncarrell@gmail.com";
github = "bcarrell";
@ -588,6 +608,11 @@
github = "bcdarwin";
name = "Ben Darwin";
};
bdesham = {
email = "benjamin@esham.io";
github = "bdesham";
name = "Benjamin Esham";
};
bdimcheff = {
email = "brandon@dimcheff.com";
github = "bdimcheff";
@ -915,6 +940,11 @@
github = "chris-martin";
name = "Chris Martin";
};
chrisaw = {
email = "home@chrisaw.com";
github = "cawilliamson";
name = "Christopher A. Williamson";
};
chrisjefferson = {
email = "chris@bubblescope.net";
github = "chrisjefferson";
@ -1134,6 +1164,11 @@
github = "davorb";
name = "Davor Babic";
};
dawidsowa = {
email = "dawid_sowa@posteo.net";
github = "dawidsowa";
name = "Dawid Sowa";
};
dbohdan = {
email = "dbohdan@dbohdan.com";
github = "dbohdan";
@ -2540,7 +2575,7 @@
klntsky = {
email = "klntsky@gmail.com";
name = "Vladimir Kalnitsky";
github = "8084";
github = "klntsky";
};
kmeakin = {
email = "karlwfmeakin@gmail.com";
@ -2648,6 +2683,11 @@
github = "league";
name = "Christopher League";
};
leahneukirchen = {
email = "leah@vuxu.org";
github = "leahneukirchen";
name = "Leah Neukirchen";
};
lebastr = {
email = "lebastr@gmail.com";
github = "lebastr";
@ -2911,6 +2951,11 @@
github = "marcweber";
name = "Marc Weber";
};
marenz = {
email = "marenz@arkom.men";
github = "marenz2569";
name = "Markus Schmidl";
};
markus1189 = {
email = "markus1189@gmail.com";
github = "markus1189";

5
maintainers/scripts/luarocks-packages.csv
View File

@ -14,14 +14,19 @@ ltermbox,
lua-cmsgpack,
lua_cliargs,
lua-iconv,
lua-messagepack,
lua-term,
lua-toml,
luabitop,
luaevent,
luacheck
luaffi,,http://luarocks.org/dev,
luuid,
penlight,
rapidjson,
say,
std__debug,std._debug,
std_normalize,std.normalize,
luv,
luasystem,
mediator_lua,,http://luarocks.org/manifests/teto

1 # nix name, luarocks name, server, version/additionnal args
14 lua-cmsgpack,
15 lua_cliargs,
16 lua-iconv,
17 lua-messagepack,
18 lua-term,
19 lua-toml,
20 luabitop,
21 luaevent,
22 luacheck
23 luaffi,,http://luarocks.org/dev,
24 luuid,
25 penlight,
26 rapidjson,
27 say,
28 std__debug,std._debug,
29 std_normalize,std.normalize,
30 luv,
31 luasystem,
32 mediator_lua,,http://luarocks.org/manifests/teto

2
maintainers/scripts/update-luarocks-packages
View File

@ -81,7 +81,7 @@ function convert_pkg () {
server=" --server=$3"
fi
version="${3:-}"
version="${4:-}"
echo "looking at $lua_pkg_name (version $version) from server [$server]" >&2
cmd="luarocks nix $server $lua_pkg_name $version"

26
nixos/doc/manual/configuration/x-windows.xml
View File

@ -67,6 +67,32 @@
<xref linkend="opt-hardware.opengl.driSupport32Bit"/> = true;
</programlisting>
</para>
<simplesect xml:id="sec-x11-auto-login">
<title>Auto-login</title>
<para>
The x11 login screen can be skipped entirely, automatically logging you into
your window manager and desktop environment when you boot your computer.
</para>
<para>
This is especially helpful if you have disk encryption enabled. Since you
already have to provide a password to decrypt your disk, entering a second
password to login can be redundant.
</para>
<para>
To enable auto-login, you need to define your default window manager and
desktop environment. If you wanted no desktop environment and i3 as your your
window manager, you'd define:
<programlisting>
<xref linkend="opt-services.xserver.desktopManager.default"/> = "none";
<xref linkend="opt-services.xserver.windowManager.default"/> = "i3";
</programlisting>
And, finally, to enable auto-login for a user <literal>johndoe</literal>:
<programlisting>
<xref linkend="opt-services.xserver.displayManager.auto.enable"/> = true;
<xref linkend="opt-services.xserver.displayManager.auto.user"/> = "johndoe";
</programlisting>
</para>
</simplesect>
<simplesect xml:id="sec-x11-graphics-cards-nvidia">
<title>Proprietary NVIDIA drivers</title>
<para>

19
nixos/doc/manual/release-notes/rl-1909.xml
View File

@ -83,6 +83,25 @@
The same applies to ModemManager where modem-manager.service is now called ModemManager.service again.
</para>
</listitem>
<listitem>
<para>
The <option>services.nzbget.configFile</option> and <option>services.nzbget.openFirewall</option>
options were removed as they are managed internally by the nzbget. The
<option>services.nzbget.dataDir</option> option hadn't actually been used by
the module for some time and so was removed as cleanup.
</para>
</listitem>
<listitem>
<para>
The <option>services.emby.enable</option> module has been removed, see
<option>services.jellyfin.enable</option> instead for a free software fork of Emby.
See the Jellyfin documentation:
<link xlink:href="https://jellyfin.readthedocs.io/en/latest/administrator-docs/migrate-from-emby/">
Migrating from Emby to Jellyfin
</link>
</para>
</listitem>
</itemizedlist>
</section>

9
nixos/modules/hardware/video/nvidia.nix
View File

@ -79,6 +79,14 @@ in
'';
};
hardware.nvidia.optimus_prime.allowExternalGpu = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Configure X to allow external NVIDIA GPUs when using optimus.
'';
};
hardware.nvidia.optimus_prime.nvidiaBusId = lib.mkOption {
type = lib.types.string;
default = "";
@ -134,6 +142,7 @@ in
deviceSection = optionalString optimusCfg.enable
''
BusID "${optimusCfg.nvidiaBusId}"
${optionalString optimusCfg.allowExternalGpu "Option \"AllowExternalGpus\""}
'';
screenSection =
''

4
nixos/modules/misc/ids.nix
View File

@ -266,7 +266,7 @@
caddy = 239;
taskd = 240;
factorio = 241;
emby = 242;
# emby = 242; # unusued, removed 2019-05-01
graylog = 243;
sniproxy = 244;
nzbget = 245;
@ -567,7 +567,7 @@
caddy = 239;
taskd = 240;
factorio = 241;
emby = 242;
# emby = 242; # unused, removed 2019-05-01
sniproxy = 244;
nzbget = 245;
mosquitto = 246;

7
nixos/modules/misc/nixpkgs.nix
View File

@ -127,13 +127,14 @@ in
default = [];
example = literalExample
''
[ (self: super: {
[
(self: super: {
openssh = super.openssh.override {
hpnSupport = true;
kerberos = self.libkrb5;
};
};
) ]
})
]
'';
type = types.listOf overlayType;
description = ''

6
nixos/modules/module-list.nix
View File

@ -256,8 +256,7 @@
./services/databases/virtuoso.nix
./services/desktops/accountsservice.nix
./services/desktops/bamf.nix
./services/desktops/deepin/dde-daemon.nix
./services/desktops/deepin/deepin-menu.nix
./services/desktops/deepin/deepin.nix
./services/desktops/dleyna-renderer.nix
./services/desktops/dleyna-server.nix
./services/desktops/pantheon/contractor.nix
@ -392,9 +391,9 @@
./services/misc/dysnomia.nix
./services/misc/disnix.nix
./services/misc/docker-registry.nix
./services/misc/emby.nix
./services/misc/errbot.nix
./services/misc/etcd.nix
./services/misc/ethminer.nix
./services/misc/exhibitor.nix
./services/misc/felix.nix
./services/misc/folding-at-home.nix
@ -414,6 +413,7 @@
./services/misc/ihaskell.nix
./services/misc/irkerd.nix
./services/misc/jackett.nix
./services/misc/jellyfin.nix
./services/misc/logkeys.nix
./services/misc/leaps.nix
./services/misc/lidarr.nix

10
nixos/modules/programs/browserpass.nix
View File

@ -26,16 +26,6 @@ with lib;
# brave
"opt/brave/native-messaging-hosts/${appId}".source = source "hosts/chromium";
"opt/brave/policies/managed/${appId}".source = source "policies/chromium";
}
# As with the v2 backwards compatibility in the pkgs.browserpass
# declaration, this part can be removed once the browser extension
# auto-updates to v3 (planned 2019-04-13, see
# https://github.com/browserpass/browserpass-native/issues/31)
// {
"chromium/native-messaging-hosts/com.dannyvankooten.browserpass.json".source = "${pkgs.browserpass}/etc/chrome-host.json";
"chromium/policies/managed/com.dannyvankooten.browserpass.json".source = "${pkgs.browserpass}/etc/chrome-policy.json";
"opt/chrome/native-messaging-hosts/com.dannyvankooten.browserpass.json".source = "${pkgs.browserpass}/etc/chrome-host.json";
"opt/chrome/policies/managed/com.dannyvankooten.browserpass.json".source = "${pkgs.browserpass}/etc/chrome-policy.json";
};
nixpkgs.config.firefox.enableBrowserpass = true;
};

2
nixos/modules/programs/dconf.nix
View File

@ -38,7 +38,7 @@ in
"${pkgs.gnome3.dconf.lib}/lib/gio/modules";
# https://github.com/NixOS/nixpkgs/pull/31891
#environment.variables.XDG_DATA_DIRS = optional cfg.enable
# "$(echo ${pkgs.gnome3.gsettings-desktop-schemas}/share/gsettings-schemas/gsettings-desktop-schemas-*)";
# "$(echo ${pkgs.gsettings-desktop-schemas}/share/gsettings-schemas/gsettings-desktop-schemas-*)";
};
}

6
nixos/modules/programs/sway.nix
View File

@ -78,9 +78,9 @@ in {
environment = {
systemPackages = [ swayJoined ] ++ cfg.extraPackages;
etc = {
"sway/config".source = "${swayPackage}/etc/sway/config";
#"sway/security.d".source = "${swayPackage}/etc/sway/security.d/";
#"sway/config.d".source = "${swayPackage}/etc/sway/config.d/";
"sway/config".source = mkOptionDefault "${swayPackage}/etc/sway/config";
#"sway/security.d".source = mkOptionDefault "${swayPackage}/etc/sway/security.d/";
#"sway/config.d".source = mkOptionDefault "${swayPackage}/etc/sway/config.d/";
};
};
security.pam.services.swaylock = {};

3
nixos/modules/rename.nix
View File

@ -45,6 +45,9 @@ with lib;
(mkRemovedOptionModule [ "services" "neo4j" "port" ] "Use services.neo4j.http.listenAddress instead.")
(mkRemovedOptionModule [ "services" "neo4j" "boltPort" ] "Use services.neo4j.bolt.listenAddress instead.")
(mkRemovedOptionModule [ "services" "neo4j" "httpsPort" ] "Use services.neo4j.https.listenAddress instead.")
(mkRemovedOptionModule [ "services" "misc" "nzbget" "configFile" ] "The configuration of nzbget is now managed by users through the web interface.")
(mkRemovedOptionModule [ "services" "misc" "nzbget" "dataDir" ] "The data directory for nzbget is now /var/lib/nzbget.")
(mkRemovedOptionModule [ "services" "misc" "nzbget" "openFirewall" ] "The port used by nzbget is managed through the web interface so you should adjust your firewall rules accordingly.")
(mkRemovedOptionModule [ "services" "prometheus" "alertmanager" "user" ] "The alertmanager service is now using systemd's DynamicUser mechanism which obviates a user setting.")
(mkRemovedOptionModule [ "services" "prometheus" "alertmanager" "group" ] "The alertmanager service is now using systemd's DynamicUser mechanism which obviates a group setting.")
(mkRenamedOptionModule [ "services" "tor" "relay" "portSpec" ] [ "services" "tor" "relay" "port" ])

10
nixos/modules/security/apparmor.nix
View File

@ -33,7 +33,12 @@ in
paths = concatMapStrings (s: " -I ${s}/etc/apparmor.d")
([ pkgs.apparmor-profiles ] ++ cfg.packages);
in {
wantedBy = [ "local-fs.target" ];
after = [ "local-fs.target" ];
before = [ "sysinit.target" ];
wantedBy = [ "multi-user.target" ];
unitConfig = {
DefaultDependencies = "no";
};
serviceConfig = {
Type = "oneshot";
RemainAfterExit = "yes";
@ -43,6 +48,9 @@ in
ExecStop = map (p:
''${pkgs.apparmor-parser}/bin/apparmor_parser -Rv "${p}"''
) cfg.profiles;
ExecReload = map (p:
''${pkgs.apparmor-parser}/bin/apparmor_parser --reload ${paths} "${p}"''
) cfg.profiles;
};
};
};

6
nixos/modules/services/backup/znapzend.nix
View File

@ -382,8 +382,10 @@ in
| xargs -I{} ${pkgs.znapzend}/bin/znapzendzetup delete "{}"
'' + concatStringsSep "\n" (mapAttrsToList (dataset: config: ''
echo Importing znapzend zetup ${config} for dataset ${dataset}
${pkgs.znapzend}/bin/znapzendzetup import --write ${dataset} ${config}
'') files);
${pkgs.znapzend}/bin/znapzendzetup import --write ${dataset} ${config} &
'') files) + ''
wait
'';
serviceConfig = {
ExecStart = let

7
nixos/modules/services/cluster/kubernetes/default.nix
View File

@ -273,11 +273,10 @@ in {
wantedBy = [ "kube-control-plane-online.target" ];
after = [ "kube-scheduler.service" "kube-controller-manager.service" ];
before = [ "kube-control-plane-online.target" ];
environment.KUBECONFIG = cfg.lib.mkKubeConfig "default" cfg.kubeconfig;
path = [ pkgs.kubectl ];
path = [ pkgs.curl ];
preStart = ''
until kubectl get --raw=/healthz 2>/dev/null; do
echo kubectl get --raw=/healthz: exit status $?
until curl -Ssf ${cfg.apiserverAddress}/healthz do
echo curl -Ssf ${cfg.apiserverAddress}/healthz: exit status $?
sleep 3
done
'';

27
nixos/modules/services/databases/openldap.nix
View File

@ -18,7 +18,11 @@ let
database ${cfg.database}
suffix ${cfg.suffix}
rootdn ${cfg.rootdn}
rootpw ${cfg.rootpw}
${if (cfg.rootpw != null) then ''
rootpw ${cfg.rootpw}
'' else ''
include ${cfg.rootpwFile}
''}
directory ${cfg.dataDir}
${cfg.extraDatabaseConfig}
'');
@ -106,10 +110,23 @@ in
};
rootpw = mkOption {
type = types.str;
type = types.nullOr types.str;
default = null;
description = ''
Password for the root user.
This setting will be ignored if configDir is set.
Using this option will store the root password in plain text in the
world-readable nix store. To avoid this the <literal>rootpwFile</literal> can be used.
'';
};
rootpwFile = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
Password file for the root user.
The file should contain the string <literal>rootpw</literal> followed by the password.
e.g.: <literal>rootpw mysecurepassword</literal>
'';
};
@ -218,6 +235,12 @@ in
###### implementation
config = mkIf cfg.enable {
assertions = [
{
assertion = cfg.rootpwFile != null || cfg.rootpw != null;
message = "Either services.openldap.rootpw or services.openldap.rootpwFile must be set";
}
];
environment.systemPackages = [ openldap ];

41
nixos/modules/services/desktops/deepin/dde-daemon.nix
View File

@ -1,41 +0,0 @@
# dde-daemon
{ config, pkgs, lib, ... }:
{
###### interface
options = {
services.deepin.dde-daemon = {
enable = lib.mkEnableOption
"A daemon for handling Deepin Desktop Environment session settings";
};
};
###### implementation
config = lib.mkIf config.services.deepin.dde-daemon.enable {
environment.systemPackages = [ pkgs.deepin.dde-daemon ];
services.dbus.packages = [ pkgs.deepin.dde-daemon ];
systemd.packages = [ pkgs.deepin.dde-daemon ];
users.groups.dde-daemon = { };
users.users.dde-daemon = {
description = "Deepin daemon user";
group = "dde-daemon";
isSystemUser = true;
};
};
}

29
nixos/modules/services/desktops/deepin/deepin-menu.nix
View File

@ -1,29 +0,0 @@
# deepin-menu
{ config, pkgs, lib, ... }:
{
###### interface
options = {
services.deepin.deepin-menu = {
enable = lib.mkEnableOption
"DBus service for unified menus in Deepin Desktop Environment";
};
};
###### implementation
config = lib.mkIf config.services.deepin.deepin-menu.enable {
services.dbus.packages = [ pkgs.deepin.deepin-menu ];
};
}

118
nixos/modules/services/desktops/deepin/deepin.nix Normal file
View File

@ -0,0 +1,118 @@
# deepin
{ config, pkgs, lib, ... }:
{
###### interface
options = {
services.deepin.core.enable = lib.mkEnableOption "
Basic dbus and systemd services, groups and users needed by the
Deepin Desktop Environment.
";
services.deepin.deepin-menu.enable = lib.mkEnableOption "
DBus service for unified menus in Deepin Desktop Environment.
";
services.deepin.deepin-turbo.enable = lib.mkEnableOption "
Turbo service for the Deepin Desktop Environment. It is a daemon
that helps to launch applications faster.
";
};
###### implementation
config = lib.mkMerge [
(lib.mkIf config.services.deepin.core.enable {
environment.systemPackages = [
pkgs.deepin.dde-api
pkgs.deepin.dde-calendar
pkgs.deepin.dde-daemon
pkgs.deepin.dde-dock
pkgs.deepin.dde-session-ui
pkgs.deepin.deepin-anything
pkgs.deepin.deepin-image-viewer
pkgs.deepin.deepin-screenshot
];
services.dbus.packages = [
pkgs.deepin.dde-api
pkgs.deepin.dde-calendar
pkgs.deepin.dde-daemon
pkgs.deepin.dde-dock
pkgs.deepin.dde-session-ui
pkgs.deepin.deepin-anything
pkgs.deepin.deepin-image-viewer
pkgs.deepin.deepin-screenshot
];
systemd.packages = [
pkgs.deepin.dde-api
pkgs.deepin.dde-daemon
pkgs.deepin.deepin-anything
];
boot.extraModulePackages = [ config.boot.kernelPackages.deepin-anything ];
boot.kernelModules = [ "vfs_monitor" ];
users.groups.deepin-sound-player = { };
users.users.deepin-sound-player = {
description = "Deepin sound player";
group = "deepin-sound-player";
isSystemUser = true;
};
users.groups.deepin-daemon = { };
users.users.deepin-daemon = {
description = "Deepin daemon user";
group = "deepin-daemon";
isSystemUser = true;
};
users.groups.deepin_anything_server = { };
users.users.deepin_anything_server = {
description = "Deepin Anything Server";
group = "deepin_anything_server";
isSystemUser = true;
};
security.pam.services.deepin-auth-keyboard.text = ''
# original at ${pkgs.deepin.dde-daemon}/etc/pam.d/deepin-auth-keyboard
auth [success=2 default=ignore] pam_lsass.so
auth [success=1 default=ignore] pam_unix.so nullok_secure try_first_pass
auth requisite pam_deny.so
auth required pam_permit.so
'';
environment.etc = {
"polkit-1/localauthority/10-vendor.d/com.deepin.api.device.pkla".source = "${pkgs.deepin.dde-api}/etc/polkit-1/localauthority/10-vendor.d/com.deepin.api.device.pkla";
"polkit-1/localauthority/10-vendor.d/com.deepin.daemon.Accounts.pkla".source = "${pkgs.deepin.dde-daemon}/etc/polkit-1/localauthority/10-vendor.d/com.deepin.daemon.Accounts.pkla";
"polkit-1/localauthority/10-vendor.d/com.deepin.daemon.Grub2.pkla".source = "${pkgs.deepin.dde-daemon}/etc/polkit-1/localauthority/10-vendor.d/com.deepin.daemon.Grub2.pkla";
};
services.deepin.deepin-menu.enable = true;
services.deepin.deepin-turbo.enable = true;
})
(lib.mkIf config.services.deepin.deepin-menu.enable {
services.dbus.packages = [ pkgs.deepin.deepin-menu ];
})
(lib.mkIf config.services.deepin.deepin-turbo.enable {
environment.systemPackages = [ pkgs.deepin.deepin-turbo ];
systemd.packages = [ pkgs.deepin.deepin-turbo ];
})
];
}

5
nixos/modules/services/desktops/gnome3/gnome-keyring.nix
View File

@ -37,6 +37,11 @@ with lib;
security.pam.services.login.enableGnomeKeyring = true;
security.wrappers.gnome-keyring-daemon = {
source = "${pkgs.gnome3.gnome-keyring}/bin/gnome-keyring-daemon";
capabilities = "cap_ipc_lock=ep";
};
};
}

42
nixos/modules/services/logging/journalwatch.nix
View File

@ -4,6 +4,8 @@ with lib;
let
cfg = config.services.journalwatch;
user = "journalwatch";
# for journal access
group = "systemd-journal";
dataDir = "/var/lib/${user}";
journalwatchConfig = pkgs.writeText "config" (''
@ -31,6 +33,17 @@ let
'') filterBlocks);
# can't use joinSymlinks directly, because when we point $XDG_CONFIG_HOME
# to the /nix/store path, we still need the subdirectory "journalwatch" inside that
# to match journalwatch's expectations
journalwatchConfigDir = pkgs.runCommand "journalwatch-config"
{ preferLocalBuild = true; allowSubstitutes = false; }
''
mkdir -p $out/journalwatch
ln -sf ${journalwatchConfig} $out/journalwatch/config
ln -sf ${journalwatchPatterns} $out/journalwatch/patterns
'';
in {
options = {
@ -199,33 +212,38 @@ in {
users.users.${user} = {
isSystemUser = true;
createHome = true;
home = dataDir;
# for journal access
group = "systemd-journal";
group = group;
};
systemd.tmpfiles.rules = [
# present since NixOS 19.09: remove old stateful symlink join directory,
# which has been replaced with the journalwatchConfigDir store path
"R ${dataDir}/config"
];
systemd.services.journalwatch = {
environment = {
# journalwatch stores the last processed timpestamp here
# the share subdirectory is historic now that config home lives in /nix/store,
# but moving this in a backwards-compatible way is much more work than what's justified
# for cleaning that up.
XDG_DATA_HOME = "${dataDir}/share";
XDG_CONFIG_HOME = "${dataDir}/config";
XDG_CONFIG_HOME = journalwatchConfigDir;
};
serviceConfig = {
User = user;
Group = group;
Type = "oneshot";
PermissionsStartOnly = true;
# requires a relative directory name to create beneath /var/lib
StateDirectory = user;
StateDirectoryMode = 0750;
ExecStart = "${pkgs.python3Packages.journalwatch}/bin/journalwatch mail";
# lowest CPU and IO priority, but both still in best-effort class to prevent starvation
Nice=19;
IOSchedulingPriority=7;
};
preStart = ''
chown -R ${user}:systemd-journal ${dataDir}
chmod -R u+rwX,go-w ${dataDir}
mkdir -p ${dataDir}/config/journalwatch
ln -sf ${journalwatchConfig} ${dataDir}/config/journalwatch/config
ln -sf ${journalwatchPatterns} ${dataDir}/config/journalwatch/patterns
'';
};
systemd.timers.journalwatch = {

76
nixos/modules/services/misc/emby.nix
View File

@ -1,76 +0,0 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.emby;
in
{
options = {
services.emby = {
enable = mkEnableOption "Emby Media Server";
user = mkOption {
type = types.str;
default = "emby";
description = "User account under which Emby runs.";
};
group = mkOption {
type = types.str;
default = "emby";
description = "Group under which emby runs.";
};
dataDir = mkOption {
type = types.path;
default = "/var/lib/emby/ProgramData-Server";
description = "Location where Emby stores its data.";
};
};
};
config = mkIf cfg.enable {
systemd.services.emby = {
description = "Emby Media Server";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
preStart = ''
if [ -d ${cfg.dataDir} ]
then
for plugin in ${cfg.dataDir}/plugins/*
do
echo "Correcting permissions of plugin: $plugin"
chmod u+w $plugin
done
else
echo "Creating initial Emby data directory in ${cfg.dataDir}"
mkdir -p ${cfg.dataDir}
chown -R ${cfg.user}:${cfg.group} ${cfg.dataDir}
fi
'';
serviceConfig = {
Type = "simple";
User = cfg.user;
Group = cfg.group;
PermissionsStartOnly = "true";
ExecStart = "${pkgs.emby}/bin/emby -programdata ${cfg.dataDir}";
Restart = "on-failure";
};
};
users.users = mkIf (cfg.user == "emby") {
emby = {
group = cfg.group;
uid = config.ids.uids.emby;
};
};
users.groups = mkIf (cfg.group == "emby") {
emby = {
gid = config.ids.gids.emby;
};
};
};
}

115
nixos/modules/services/misc/ethminer.nix Normal file
View File

@ -0,0 +1,115 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.ethminer;
poolUrl = escapeShellArg "stratum1+tcp://${cfg.wallet}@${cfg.pool}:${toString cfg.stratumPort}/${cfg.rig}/${cfg.registerMail}";
in
{
###### interface
options = {
services.ethminer = {
enable = mkOption {
type = types.bool;
default = false;
description = "Enable ethminer ether mining.";
};
recheckInterval = mkOption {
type = types.int;
default = 2000;
description = "Interval in milliseconds between farm rechecks.";
};
toolkit = mkOption {
type = types.enum [ "cuda" "opencl" ];
default = "cuda";
description = "Cuda or opencl toolkit.";
};
apiPort = mkOption {
type = types.int;
default = -3333;
description = "Ethminer api port. minus sign puts api in read-only mode.";
};
wallet = mkOption {
type = types.str;
example = "0x0123456789abcdef0123456789abcdef01234567";
description = "Ethereum wallet address.";
};
pool = mkOption {
type = types.str;
example = "eth-us-east1.nanopool.org";
description = "Mining pool address.";
};
stratumPort = mkOption {
type = types.port;
default = 9999;
description = "Stratum protocol tcp port.";
};
rig = mkOption {
type = types.str;
default = "mining-rig-name";
description = "Mining rig name.";
};
registerMail = mkOption {
type = types.str;
example = "email%40example.org";
description = "Url encoded email address to register with pool.";
};
maxPower = mkOption {
type = types.int;
default = 115;
description = "Miner max watt usage.";
};
};
};
###### implementation
config = mkIf cfg.enable {
systemd.services.ethminer = {
path = [ pkgs.cudatoolkit ];
description = "ethminer ethereum mining service";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig = {
DynamicUser = true;
ExecStartPost = optional (cfg.toolkit == "cuda") "+${getBin config.boot.kernelPackages.nvidia_x11}/bin/nvidia-smi -pl ${toString cfg.maxPower}";
};
environment = {
LD_LIBRARY_PATH = "${config.boot.kernelPackages.nvidia_x11}/lib";
};
script = ''
${pkgs.ethminer}/bin/.ethminer-wrapped \
--farm-recheck ${toString cfg.recheckInterval} \
--report-hashrate \
--${cfg.toolkit} \
--api-port ${toString cfg.apiPort} \
--pool ${poolUrl}
'';
};
};
}

15
nixos/modules/services/misc/gitea.nix
View File

@ -8,6 +8,7 @@ let
pg = config.services.postgresql;
useMysql = cfg.database.type == "mysql";
usePostgresql = cfg.database.type == "postgres";
useSqlite = cfg.database.type == "sqlite3";
configFile = pkgs.writeText "app.ini" ''
APP_NAME = ${cfg.appName}
RUN_USER = ${cfg.user}
@ -15,11 +16,15 @@ let
[database]
DB_TYPE = ${cfg.database.type}
HOST = ${if cfg.database.socket != null then cfg.database.socket else cfg.database.host + ":" + toString cfg.database.port}
NAME = ${cfg.database.name}
USER = ${cfg.database.user}
PASSWD = #dbpass#
PATH = ${cfg.database.path}
${optionalString (usePostgresql || useMysql) ''
HOST = ${if cfg.database.socket != null then cfg.database.socket else cfg.database.host + ":" + toString cfg.database.port}
NAME = ${cfg.database.name}
USER = ${cfg.database.user}
PASSWD = #dbpass#
''}
${optionalString useSqlite ''
PATH = ${cfg.database.path}
''}
${optionalString usePostgresql ''
SSL_MODE = disable
''}

54
nixos/modules/services/misc/jellyfin.nix Normal file
View File

@ -0,0 +1,54 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.jellyfin;
in
{
options = {
services.jellyfin = {
enable = mkEnableOption "Jellyfin Media Server";
user = mkOption {
type = types.str;
default = "jellyfin";
description = "User account under which Jellyfin runs.";
};
group = mkOption {
type = types.str;
default = "jellyfin";
description = "Group under which jellyfin runs.";
};
};
};
config = mkIf cfg.enable {
systemd.services.jellyfin = {
description = "Jellyfin Media Server";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = rec {
User = cfg.user;
Group = cfg.group;
StateDirectory = "jellyfin";
CacheDirectory = "jellyfin";
ExecStart = "${pkgs.jellyfin}/bin/jellyfin --datadir '/var/lib/${StateDirectory}' --cachedir '/var/cache/${CacheDirectory}'";
Restart = "on-failure";
};
};
users.users = mkIf (cfg.user == "jellyfin") {
jellyfin.group = cfg.group;
};
users.groups = mkIf (cfg.group == "jellyfin") {
jellyfin = {};
};
};
meta.maintainers = with lib.maintainers; [ minijackson ];
}

24
nixos/modules/services/misc/nix-daemon.nix
View File

@ -60,6 +60,7 @@ let
${optionalString (isNix20 && !cfg.distributedBuilds) ''
builders =
''}
system-features = ${toString cfg.systemFeatures}
$extraOptions
END
'' + optionalString cfg.checkConfig (
@ -360,6 +361,14 @@ in
'';
};
systemFeatures = mkOption {
type = types.listOf types.str;
example = [ "kvm" "big-parallel" "gccarch-skylake" ];
description = ''
The supported features of a machine
'';
};
checkConfig = mkOption {
type = types.bool;
default = true;
@ -478,6 +487,21 @@ in
/nix/var/nix/gcroots/tmp
'';
nix.systemFeatures = mkDefault (
[ "nixos-test" "benchmark" "big-parallel" "kvm" ] ++
optionals (pkgs.stdenv.isx86_64 && pkgs.hostPlatform.platform ? gcc.arch) (
# a x86_64 builder can run code for `platform.gcc.arch` and minor architectures:
[ "gccarch-${pkgs.hostPlatform.platform.gcc.arch}" ] ++ {
"sandybridge" = [ "gccarch-westmere" ];
"ivybridge" = [ "gccarch-westmere" "gccarch-sandybridge" ];
"haswell" = [ "gccarch-westmere" "gccarch-sandybridge" "gccarch-ivybridge" ];
"broadwell" = [ "gccarch-westmere" "gccarch-sandybridge" "gccarch-ivybridge" "gccarch-haswell" ];
"skylake" = [ "gccarch-westmere" "gccarch-sandybridge" "gccarch-ivybridge" "gccarch-haswell" "gccarch-broadwell" ];
"skylake-avx512" = [ "gccarch-westmere" "gccarch-sandybridge" "gccarch-ivybridge" "gccarch-haswell" "gccarch-broadwell" "gccarch-skylake" ];
}.${pkgs.hostPlatform.platform.gcc.arch} or []
)
);
};
}

96
nixos/modules/services/misc/nzbget.nix
View File

@ -4,33 +4,35 @@ with lib;
let
cfg = config.services.nzbget;
dataDir = builtins.dirOf cfg.configFile;
in {
pkg = pkgs.nzbget;
stateDir = "/var/lib/nzbget";
configFile = "${stateDir}/nzbget.conf";
configOpts = concatStringsSep " " (mapAttrsToList (name: value: "-o ${name}=${value}") nixosOpts);
nixosOpts = {
# allows nzbget to run as a "simple" service
OutputMode = "loggable";
# use journald for logging
WriteLog = "none";
ErrorTarget = "screen";
WarningTarget = "screen";
InfoTarget = "screen";
DetailTarget = "screen";
# required paths
ConfigTemplate = "${pkg}/share/nzbget/nzbget.conf";
WebDir = "${pkg}/share/nzbget/webui";
# nixos handles package updates
UpdateCheck = "none";
};
in
{
# interface
options = {
services.nzbget = {
enable = mkEnableOption "NZBGet";
package = mkOption {
type = types.package;
default = pkgs.nzbget;
defaultText = "pkgs.nzbget";
description = "The NZBGet package to use";
};
dataDir = mkOption {
type = types.str;
default = "/var/lib/nzbget";
description = "The directory where NZBGet stores its configuration files.";
};
openFirewall = mkOption {
type = types.bool;
default = false;
description = ''
Open ports in the firewall for the NZBGet web interface
'';
};
user = mkOption {
type = types.str;
default = "nzbget";
@ -42,15 +44,11 @@ in {
default = "nzbget";
description = "Group under which NZBGet runs";
};
configFile = mkOption {
type = types.str;
default = "/var/lib/nzbget/nzbget.conf";
description = "Path for NZBGet's config file. (If this doesn't exist, the default config template is copied here.)";
};
};
};
# implementation
config = mkIf cfg.enable {
systemd.services.nzbget = {
description = "NZBGet Daemon";
@ -61,50 +59,26 @@ in {
p7zip
];
preStart = ''
cfgtemplate=${cfg.package}/share/nzbget/nzbget.conf
if [ ! -f ${cfg.configFile} ]; then
echo "${cfg.configFile} not found. Copying default config $cfgtemplate to ${cfg.configFile}"
install -m 0700 $cfgtemplate ${cfg.configFile}
echo "Setting temporary \$MAINDIR variable in default config required in order to allow nzbget to complete initial start"
echo "Remember to change this to a proper value once NZBGet startup has been completed"
sed -i -e 's/MainDir=.*/MainDir=\/tmp/g' ${cfg.configFile}
if [ ! -f ${configFile} ]; then
${pkgs.coreutils}/bin/install -m 0700 ${pkg}/share/nzbget/nzbget.conf ${configFile}
fi
'';
script = ''
args="--daemon --configfile ${cfg.configFile}"
# The script in preStart (above) copies nzbget's config template to datadir on first run, containing paths that point to the nzbget derivation installed at the time.
# These paths break when nzbget is upgraded & the original derivation is garbage collected. If such broken paths are found in the config file, override them to point to
# the currently installed nzbget derivation.
cfgfallback () {
local hit=`grep -Po "(?<=^$1=).*+" "${cfg.configFile}" | sed 's/[ \t]*$//'` # Strip trailing whitespace
( test $hit && test -e $hit ) || {
echo "In ${cfg.configFile}, valid $1 not found; falling back to $1=$2"
args+=" -o $1=$2"
}
}
cfgfallback ConfigTemplate ${cfg.package}/share/nzbget/nzbget.conf
cfgfallback WebDir ${cfg.package}/share/nzbget/webui
${cfg.package}/bin/nzbget $args
'';
serviceConfig = {
StateDirectory = dataDir;
StateDirectoryMode = "0700";
Type = "forking";
StateDirectory = "nzbget";
StateDirectoryMode = "0750";
User = cfg.user;
Group = cfg.group;
PermissionsStartOnly = "true";
UMask = "0002";
Restart = "on-failure";
ExecStart = "${pkg}/bin/nzbget --server --configfile ${stateDir}/nzbget.conf ${configOpts}";
ExecStop = "${pkg}/bin/nzbget --quit";
};
};
networking.firewall = mkIf cfg.openFirewall {
allowedTCPPorts = [ 8989 ];
};
users.users = mkIf (cfg.user == "nzbget") {
nzbget = {
home = stateDir;
group = cfg.group;
uid = config.ids.uids.nzbget;
};

2
nixos/modules/services/monitoring/grafana-reporter.nix
View File

@ -52,7 +52,7 @@ in {
wantedBy = ["multi-user.target"];
after = ["network.target"];
serviceConfig = let
args = lib.concatSepString " " [
args = lib.concatStringsSep " " [
"-proto ${cfg.grafana.protocol}://"
"-ip ${cfg.grafana.addr}:${toString cfg.grafana.port}"
"-port :${toString cfg.port}"

2
nixos/modules/services/monitoring/grafana.nix
View File

@ -177,7 +177,7 @@ let
folder = mkOption {
type = types.str;
default = "";
description = "Add dashboards to the speciied folder";
description = "Add dashboards to the specified folder";
};
type = mkOption {
type = types.str;

28
nixos/modules/services/networking/ejabberd.nix
View File

@ -11,7 +11,7 @@ let
${cfg.ctlConfig}
'';
ectl = ''${cfg.package}/bin/ejabberdctl ${if cfg.configFile == null then "" else "--config ${cfg.configFile}"} --ctl-config "${ctlcfg}" --spool "${cfg.spoolDir}" --logs "${cfg.logsDir}"'';
ectl = ''${cfg.package}/bin/ejabberdctl ${optionalString (cfg.configFile != null) "--config ${cfg.configFile}"} --ctl-config "${ctlcfg}" --spool "${cfg.spoolDir}" --logs "${cfg.logsDir}"'';
dumps = lib.escapeShellArgs cfg.loadDumps;
@ -111,28 +111,17 @@ in {
description = "ejabberd server";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
path = [ pkgs.findutils pkgs.coreutils pkgs.runit ] ++ lib.optional cfg.imagemagick pkgs.imagemagick;
path = [ pkgs.findutils pkgs.coreutils ] ++ lib.optional cfg.imagemagick pkgs.imagemagick;
serviceConfig = {
ExecStart = ''${ectl} foreground'';
# FIXME: runit is used for `chpst` -- can we get rid of this?
ExecStop = ''${pkgs.runit}/bin/chpst -u "${cfg.user}:${cfg.group}" ${ectl} stop'';
ExecReload = ''${pkgs.runit}/bin/chpst -u "${cfg.user}:${cfg.group}" ${ectl} reload_config'';
User = cfg.user;
Group = cfg.group;
PermissionsStartOnly = true;
ExecStart = "${ectl} foreground";
ExecStop = "${ectl} stop";
ExecReload = "${ectl} reload_config";
};
preStart = ''
mkdir -p -m750 "${cfg.logsDir}"
chown "${cfg.user}:${cfg.group}" "${cfg.logsDir}"
mkdir -p -m750 "/var/lock/ejabberdctl"
chown "${cfg.user}:${cfg.group}" "/var/lock/ejabberdctl"
mkdir -p -m750 "${cfg.spoolDir}"
chown -R "${cfg.user}:${cfg.group}" "${cfg.spoolDir}"
if [ -z "$(ls -A '${cfg.spoolDir}')" ]; then
touch "${cfg.spoolDir}/.firstRun"
fi
@ -149,13 +138,18 @@ in {
for src in ${dumps}; do
find "$src" -type f | while read dump; do
echo "Loading configuration dump at $dump"
chpst -u "${cfg.user}:${cfg.group}" ${ectl} load "$dump"
${ectl} load "$dump"
done
done
fi
'';
};
systemd.tmpfiles.rules = [
"d '${cfg.logsDir}' 0750 ${cfg.user} ${cfg.group} -"
"d '${cfg.spoolDir}' 0700 ${cfg.user} ${cfg.group} -"
];
security.pam.services.ejabberd = {};
};

8
nixos/modules/services/networking/hostapd.nix
View File

@ -1,4 +1,4 @@
{ config, lib, pkgs, ... }:
{ config, lib, pkgs, utils, ... }:
# TODO:
#
@ -12,6 +12,8 @@ let
cfg = config.services.hostapd;
escapedInterface = utils.escapeSystemdPath cfg.interface;
configFile = pkgs.writeText "hostapd.conf" ''
interface=${cfg.interface}
driver=${cfg.driver}
@ -157,8 +159,8 @@ in
{ description = "hostapd wireless AP";
path = [ pkgs.hostapd ];
after = [ "sys-subsystem-net-devices-${cfg.interface}.device" ];
bindsTo = [ "sys-subsystem-net-devices-${cfg.interface}.device" ];
after = [ "sys-subsystem-net-devices-${escapedInterface}.device" ];
bindsTo = [ "sys-subsystem-net-devices-${escapedInterface}.device" ];
requiredBy = [ "network-link-${cfg.interface}.service" ];
serviceConfig =

2
nixos/modules/services/networking/softether.nix
View File

@ -70,6 +70,8 @@ in
systemd.services."softether-init" = {
description = "SoftEther VPN services initial task";
after = [ "keys.target" ];
wants = [ "keys.target" ];
wantedBy = [ "network.target" ];
serviceConfig = {
Type = "oneshot";

11
nixos/modules/services/networking/zeronet.nix
View File

@ -12,6 +12,8 @@ let
log_dir = ${cfg.logDir}
'' + lib.optionalString (cfg.port != null) ''
ui_port = ${toString cfg.port}
'' + lib.optionalString (cfg.fileserverPort != null) ''
fileserver_port = ${toString cfg.fileserverPort}
'' + lib.optionalString (cfg.torAlways) ''
tor = always
'' + cfg.extraConfig;
@ -41,6 +43,15 @@ in with lib; {
description = "Optional zeronet web UI port.";
};
fileserverPort = mkOption {
# Not optional: when absent zeronet tries to write one to the
# read-only config file and crashes
type = types.int;
default = 12261;
example = 12261;
description = "Zeronet fileserver port.";
};
tor = mkOption {
type = types.bool;
default = false;

4
nixos/modules/services/networking/znc/default.nix
View File

@ -47,11 +47,11 @@ let
# Baz=baz
# Qux=qux
# </Foo>
set = concatMap (subname: [
set = concatMap (subname: optionals (value.${subname} != null) ([
"<${name} ${subname}>"
] ++ map (line: "\t${line}") (toLines value.${subname}) ++ [
"</${name}>"
]) (filter (v: v != null) (attrNames value));
])) (filter (v: v != null) (attrNames value));
}.${builtins.typeOf value};

24
nixos/modules/services/security/sks.nix
View File

@ -116,20 +116,22 @@ in {
${lib.optionalString (cfg.webroot != null)
"ln -sfT \"${cfg.webroot}\" web"}
mkdir -p dump
# Check that both database configs are symlinks before overwriting them
if [ -e KDB/DB_CONFIG ] && [ ! -L KBD/DB_CONFIG ]; then
echo "KDB/DB_CONFIG exists but is not a symlink." >&2
exit 1
fi
if [ -e PTree/DB_CONFIG ] && [ ! -L PTree/DB_CONFIG ]; then
echo "PTree/DB_CONFIG exists but is not a symlink." >&2
exit 1
fi
ln -sf ${dbConfig} KDB/DB_CONFIG
ln -sf ${dbConfig} PTree/DB_CONFIG
${sksPkg}/bin/sks build dump/*.gpg -n 10 -cache 100 || true #*/
${sksPkg}/bin/sks cleandb || true
${sksPkg}/bin/sks pbuild -cache 20 -ptree_cache 70 || true
# Check that both database configs are symlinks before overwriting them
# TODO: The initial build will be without DB_CONFIG, but this will
# hopefully not cause any significant problems. It might be better to
# create both directories manually but we have to check that this does
# not affect the initial build of the DB.
for CONFIG_FILE in KDB/DB_CONFIG PTree/DB_CONFIG; do
if [ -e $CONFIG_FILE ] && [ ! -L $CONFIG_FILE ]; then
echo "$CONFIG_FILE exists but is not a symlink." >&2
echo "Please remove $PWD/$CONFIG_FILE manually to continue." >&2
exit 1
fi
ln -sf ${dbConfig} $CONFIG_FILE
done
'';
serviceConfig = {
WorkingDirectory = "~";

11
nixos/modules/services/security/tor.nix
View File

@ -81,7 +81,7 @@ let
${optionalString (elem cfg.relay.role ["bridge" "private-bridge"]) ''
BridgeRelay 1
ServerTransportPlugin obfs2,obfs3 exec ${pkgs.pythonPackages.obfsproxy}/bin/obfsproxy managed
ServerTransportPlugin ${concatStringsSep "," cfg.relay.bridgeTransports} exec ${obfs4}/bin/obfs4proxy managed
ExtORPort auto
${optionalString (cfg.relay.role == "private-bridge") ''
ExtraInfoStatistics 0
@ -355,7 +355,7 @@ in
<para>
Regular bridge. Works like a regular relay, but
doesn't list you in the public relay directory and
hides your Tor node behind obfsproxy.
hides your Tor node behind obfs4proxy.
</para>
<para>
@ -424,6 +424,13 @@ in
'';
};
bridgeTransports = mkOption {
type = types.listOf types.str;
default = ["obfs4"];
example = ["obfs2" "obfs3" "obfs4" "scramblesuit"];
description = "List of pluggable transports";
};
nickname = mkOption {
type = types.str;
default = "anonymous";

15
nixos/modules/services/system/earlyoom.nix
View File

@ -63,6 +63,17 @@ in
Enable debugging messages.
'';
};
notificationsCommand = mkOption {
type = types.nullOr types.str;
default = null;
example = "sudo -u example_user DISPLAY=:0 DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus notify-send";
description = ''
Command used to send notifications.
See <link xlink:href="https://github.com/rfjakob/earlyoom#notifications">README</link> for details.
'';
};
};
};
@ -88,7 +99,9 @@ in
-s ${toString ecfg.freeSwapThreshold} \
${optionalString ecfg.useKernelOOMKiller "-k"} \
${optionalString ecfg.ignoreOOMScoreAdjust "-i"} \
${optionalString ecfg.enableDebugInfo "-d"}
${optionalString ecfg.enableDebugInfo "-d"} \
${optionalString (ecfg.notificationsCommand != null)
"-N ${escapeShellArg ecfg.notificationsCommand}"}
'';
};
};

175
nixos/modules/services/web-apps/documize.nix
View File

@ -3,65 +3,136 @@
with lib;
let
cfg = config.services.documize;
in
mkParams = optional: concatMapStrings (name: let
predicate = optional -> cfg.${name} != null;
template = " -${name} '${toString cfg.${name}}'";
in optionalString predicate template);
{
options.services.documize = {
enable = mkEnableOption "Documize Wiki";
in {
options.services.documize = {
enable = mkEnableOption "Documize Wiki";
offline = mkEnableOption "Documize offline mode";
package = mkOption {
default = pkgs.documize-community;
type = types.package;
description = ''
Which package to use for documize.
'';
};
db = mkOption {
type = types.str;
example = "host=localhost port=5432 sslmode=disable user=admin password=secret dbname=documize";
description = ''
The DB connection string to use for the database.
'';
};
dbtype = mkOption {
type = types.enum [ "postgresql" "percona" "mariadb" "mysql" ];
description = ''
Which database to use for storage.
'';
};
port = mkOption {
type = types.port;
example = 3000;
description = ''
Which TCP port to serve.
'';
};
package = mkOption {
type = types.package;
default = pkgs.documize-community;
description = ''
Which package to use for documize.
'';
};
config = mkIf cfg.enable {
systemd.services.documize-server = {
wantedBy = [ "multi-user.target" ];
salt = mkOption {
type = types.nullOr types.str;
default = null;
example = "3edIYV6c8B28b19fh";
description = ''
The salt string used to encode JWT tokens, if not set a random value will be generated.
'';
};
script = ''
${cfg.package}/bin/documize \
-db "${cfg.db}" \
-dbtype ${cfg.dbtype} \
-port ${toString cfg.port} \
-offline ${if cfg.offline then "1" else "0"}
'';
cert = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
The <filename>cert.pem</filename> file used for https.
'';
};
serviceConfig = {
Restart = "always";
DynamicUser = "yes";
};
key = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
The <filename>key.pem</filename> file used for https.
'';
};
port = mkOption {
type = types.port;
default = 5001;
description = ''
The http/https port number.
'';
};
forcesslport = mkOption {
type = types.nullOr types.port;
default = null;
description = ''
Redirect given http port number to TLS.
'';
};
offline = mkOption {
type = types.bool;
default = false;
description = ''
Set <literal>true</literal> for offline mode.
'';
apply = v: if true == v then 1 else 0;
};
dbtype = mkOption {
type = types.enum [ "mysql" "percona" "mariadb" "postgresql" "sqlserver" ];
default = "postgresql";
description = ''
Specify the database provider:
<simplelist type='inline'>
<member><literal>mysql</literal></member>
<member><literal>percona</literal></member>
<member><literal>mariadb</literal></member>
<member><literal>postgresql</literal></member>
<member><literal>sqlserver</literal></member>
</simplelist>
'';
};
db = mkOption {
type = types.str;
description = ''
Database specific connection string for example:
<itemizedlist>
<listitem><para>MySQL/Percona/MariaDB:
<literal>user:password@tcp(host:3306)/documize</literal>
</para></listitem>
<listitem><para>MySQLv8+:
<literal>user:password@tcp(host:3306)/documize?allowNativePasswords=true</literal>
</para></listitem>
<listitem><para>PostgreSQL:
<literal>host=localhost port=5432 dbname=documize user=admin password=secret sslmode=disable</literal>
</para></listitem>
<listitem><para>MSSQL:
<literal>sqlserver://username:password@localhost:1433?database=Documize</literal> or
<literal>sqlserver://sa@localhost/SQLExpress?database=Documize</literal>
</para></listitem>
</itemizedlist>
'';
};
location = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
reserved
'';
};
};
config = mkIf cfg.enable {
systemd.services.documize-server = {
description = "Documize Wiki";
documentation = [ https://documize.com/ ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = concatStringsSep " " [
"${cfg.package}/bin/documize"
(mkParams false [ "db" "dbtype" "port" ])
(mkParams true [ "offline" "location" "forcesslport" "key" "cert" "salt" ])
];
Restart = "always";
DynamicUser = "yes";
};
};
}
};
}

4
nixos/modules/services/web-servers/nginx/default.nix
View File

@ -16,11 +16,11 @@ let
} // (optionalAttrs vhostConfig.enableACME {
sslCertificate = "${acmeDirectory}/${serverName}/fullchain.pem";
sslCertificateKey = "${acmeDirectory}/${serverName}/key.pem";
sslTrustedCertificate = "${acmeDirectory}/${serverName}/full.pem";
sslTrustedCertificate = "${acmeDirectory}/${serverName}/fullchain.pem";
}) // (optionalAttrs (vhostConfig.useACMEHost != null) {
sslCertificate = "${acmeDirectory}/${vhostConfig.useACMEHost}/fullchain.pem";
sslCertificateKey = "${acmeDirectory}/${vhostConfig.useACMEHost}/key.pem";
sslTrustedCertificate = "${acmeDirectory}/${vhostConfig.useACMEHost}/full.pem";
sslTrustedCertificate = "${acmeDirectory}/${vhostConfig.useACMEHost}/fullchain.pem";
})
) cfg.virtualHosts;
enableIPv6 = config.networking.enableIPv6;

2
nixos/modules/services/x11/desktop-managers/gnome3.nix
View File

@ -18,7 +18,7 @@ let
nixos-gsettings-desktop-schemas = pkgs.runCommand "nixos-gsettings-desktop-schemas" { preferLocalBuild = true; }
''
mkdir -p $out/share/gsettings-schemas/nixos-gsettings-overrides/glib-2.0/schemas
cp -rf ${pkgs.gnome3.gsettings-desktop-schemas}/share/gsettings-schemas/gsettings-desktop-schemas*/glib-2.0/schemas/*.xml $out/share/gsettings-schemas/nixos-gsettings-overrides/glib-2.0/schemas
cp -rf ${pkgs.gsettings-desktop-schemas}/share/gsettings-schemas/gsettings-desktop-schemas*/glib-2.0/schemas/*.xml $out/share/gsettings-schemas/nixos-gsettings-overrides/glib-2.0/schemas
${concatMapStrings (pkg: "cp -rf ${pkg}/share/gsettings-schemas/*/glib-2.0/schemas/*.xml $out/share/gsettings-schemas/nixos-gsettings-overrides/glib-2.0/schemas\n") cfg.extraGSettingsOverridePackages}

5
nixos/modules/services/x11/window-managers/i3.nix
View File

@ -60,12 +60,15 @@ in
${cfg.extraSessionCommands}
${cfg.package}/bin/i3 ${optionalString (cfg.configFile != null)
"-c \"${cfg.configFile}\""
"-c /etc/i3/config"
} &
waitPID=$!
'';
}];
environment.systemPackages = [ cfg.package ] ++ cfg.extraPackages;
environment.etc."i3/config" = mkIf (cfg.configFile != null) {
source = cfg.configFile;
};
};
imports = [

18
nixos/modules/system/activation/switch-to-configuration.pl
View File

@ -166,24 +166,6 @@ while (my ($unit, $state) = each %{$activePrev}) {
if (-e $prevUnitFile && ($state->{state} eq "active" || $state->{state} eq "activating")) {
if (! -e $newUnitFile || abs_path($newUnitFile) eq "/dev/null") {
# Ignore (i.e. never stop) these units:
if ($unit eq "system.slice") {
# TODO: This can be removed a few months after 18.09 is out
# (i.e. after everyone switched away from 18.03).
# Problem: Restarting (stopping) system.slice would not only
# stop X11 but also most system units/services. We obviously
# don't want this happening to users when they switch from 18.03
# to 18.09 or nixos-unstable.
# Reason: The following change in systemd:
# https://github.com/systemd/systemd/commit/d8e5a9338278d6602a0c552f01f298771a384798
# The commit adds system.slice to the perpetual units, which
# means removing the unit file and adding it to the source code.
# This is done so that system.slice can't be stopped anymore but
# in our case it ironically would cause this script to stop
# system.slice because the unit was removed (and an older
# systemd version is still running).
next;
}
my $unitInfo = parseUnit($prevUnitFile);
$unitsToStop{$unit} = 1 if boolIsTrue($unitInfo->{'X-StopOnRemoval'} // "yes");
}

12
nixos/modules/system/boot/kexec.nix
View File

@ -13,8 +13,18 @@
path = [ pkgs.kexectools ];
script =
''
# Don't load the current system profile if we already have a kernel loaded
if [[ 1 = "$(</sys/kernel/kexec_loaded)" ]] ; then
echo "kexec kernel has already been loaded, prepare-kexec skipped"
exit 0
fi
p=$(readlink -f /nix/var/nix/profiles/system)
if ! [ -d $p ]; then exit 1; fi
if ! [[ -d $p ]]; then
echo "Could not find system profile for prepare-kexec"
exit 1
fi
echo "Loading NixOS system via kexec."
exec kexec --load $p/kernel --initrd=$p/initrd --append="$(cat $p/kernel-params) init=$p/init"
'';
};

3
nixos/modules/system/boot/luksroot.nix
View File

@ -87,6 +87,9 @@ let
mkdir -p /crypt-ramfs
mount -t ramfs none /crypt-ramfs
# Cryptsetup locking directory
mkdir -p /run/cryptsetup
# For Yubikey salt storage
mkdir -p /crypt-storage

3
nixos/tests/all-tests.nix
View File

@ -72,6 +72,7 @@ in
#ec2-config = (handleTestOn ["x86_64-linux"] ./ec2.nix {}).boot-ec2-config or {};
ec2-nixops = (handleTestOn ["x86_64-linux"] ./ec2.nix {}).boot-ec2-nixops or {};
ecryptfs = handleTest ./ecryptfs.nix {};
ejabberd = handleTest ./ejabberd.nix {};
elk = handleTestOn ["x86_64-linux"] ./elk.nix {};
env = handleTest ./env.nix {};
etcd = handleTestOn ["x86_64-linux"] ./etcd.nix {};
@ -115,6 +116,7 @@ in
installer = handleTest ./installer.nix {};
ipv6 = handleTest ./ipv6.nix {};
jackett = handleTest ./jackett.nix {};
jellyfin = handleTest ./jellyfin.nix {};
jenkins = handleTest ./jenkins.nix {};
kafka = handleTest ./kafka.nix {};
kerberos = handleTest ./kerberos/default.nix {};
@ -172,6 +174,7 @@ in
nix-ssh-serve = handleTest ./nix-ssh-serve.nix {};
novacomd = handleTestOn ["x86_64-linux"] ./novacomd.nix {};
nsd = handleTest ./nsd.nix {};
nzbget = handleTest ./nzbget.nix {};
openldap = handleTest ./openldap.nix {};
opensmtpd = handleTest ./opensmtpd.nix {};
openssh = handleTest ./openssh.nix {};

262
nixos/tests/ejabberd.nix Normal file
View File

@ -0,0 +1,262 @@
import ./make-test.nix ({ pkgs, ... }: {
name = "ejabberd";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ ajs124 ];
};
nodes = {
client = { nodes, pkgs, ... }: {
environment.systemPackages = [
(pkgs.callPackage ./xmpp-sendmessage.nix { connectTo = nodes.server.config.networking.primaryIPAddress; })
];
};
server = { config, pkgs, ... }: {
networking.extraHosts = ''
${config.networking.primaryIPAddress} example.com
'';
services.ejabberd = {
enable = true;
configFile = "/etc/ejabberd.yml";
};
environment.etc."ejabberd.yml" = {
user = "ejabberd";
mode = "0600";
text = ''
loglevel: 3
hosts:
- "example.com"
listen:
-
port: 5222
module: ejabberd_c2s
zlib: false
max_stanza_size: 65536
shaper: c2s_shaper
access: c2s
-
port: 5269
ip: "::"
module: ejabberd_s2s_in
-
port: 5347
ip: "127.0.0.1"
module: ejabberd_service
access: local
shaper_rule: fast
ip: "127.0.0.1"
## Disabling digest-md5 SASL authentication. digest-md5 requires plain-text
## password storage (see auth_password_format option).
disable_sasl_mechanisms: "digest-md5"
## Outgoing S2S options
## Preferred address families (which to try first) and connect timeout
## in seconds.
outgoing_s2s_families:
- ipv4
- ipv6
## auth_method: Method used to authenticate the users.
## The default method is the internal.
## If you want to use a different method,
## comment this line and enable the correct ones.
auth_method: internal
## Store the plain passwords or hashed for SCRAM:
## auth_password_format: plain
auth_password_format: scram
###' TRAFFIC SHAPERS
shaper:
# in B/s
normal: 1000000
fast: 50000000
## This option specifies the maximum number of elements in the queue
## of the FSM. Refer to the documentation for details.
max_fsm_queue: 1000
###' ACCESS CONTROL LISTS
acl:
## The 'admin' ACL grants administrative privileges to XMPP accounts.
## You can put here as many accounts as you want.
admin:
user:
- "root": "example.com"
## Local users: don't modify this.
local:
user_regexp: ""
## Loopback network
loopback:
ip:
- "127.0.0.0/8"
- "::1/128"
- "::FFFF:127.0.0.1/128"
###' SHAPER RULES
shaper_rules:
## Maximum number of simultaneous sessions allowed for a single user:
max_user_sessions: 10
## Maximum number of offline messages that users can have:
max_user_offline_messages:
- 5000: admin
- 1024
## For C2S connections, all users except admins use the "normal" shaper
c2s_shaper:
- none: admin
- normal
## All S2S connections use the "fast" shaper
s2s_shaper: fast
###' ACCESS RULES
access_rules:
## This rule allows access only for local users:
local:
- allow: local
## Only non-blocked users can use c2s connections:
c2s:
- deny: blocked
- allow
## Only admins can send announcement messages:
announce:
- allow: admin
## Only admins can use the configuration interface:
configure:
- allow: admin
## Only accounts of the local ejabberd server can create rooms:
muc_create:
- allow: local
## Only accounts on the local ejabberd server can create Pubsub nodes:
pubsub_createnode:
- allow: local
## In-band registration allows registration of any possible username.
## To disable in-band registration, replace 'allow' with 'deny'.
register:
- allow
## Only allow to register from localhost
trusted_network:
- allow: loopback
## ===============
## API PERMISSIONS
## ===============
##
## This section allows you to define who and using what method
## can execute commands offered by ejabberd.
##
## By default "console commands" section allow executing all commands
## issued using ejabberdctl command, and "admin access" section allows
## users in admin acl that connect from 127.0.0.1 to execute all
## commands except start and stop with any available access method
## (ejabberdctl, http-api, xmlrpc depending what is enabled on server).
##
## If you remove "console commands" there will be one added by
## default allowing executing all commands, but if you just change
## permissions in it, version from config file will be used instead
## of default one.
##
api_permissions:
"console commands":
from:
- ejabberd_ctl
who: all
what: "*"
language: "en"
###' MODULES
## Modules enabled in all ejabberd virtual hosts.
modules:
mod_adhoc: {}
mod_announce: # recommends mod_adhoc
access: announce
mod_blocking: {} # requires mod_privacy
mod_caps: {}
mod_carboncopy: {}
mod_client_state: {}
mod_configure: {} # requires mod_adhoc
## mod_delegation: {} # for xep0356
mod_echo: {}
#mod_irc:
# host: "irc.@HOST@"
# default_encoding: "utf-8"
## mod_bosh: {}
## mod_http_fileserver:
## docroot: "/var/www"
## accesslog: "/var/log/ejabberd/access.log"
#mod_http_upload:
# thumbnail: false # otherwise needs the identify command from ImageMagick installed
# put_url: "https://@HOST@:5444"
## # docroot: "@HOME@/upload"
#mod_http_upload_quota:
# max_days: 14
mod_last: {}
## XEP-0313: Message Archive Management
## You might want to setup a SQL backend for MAM because the mnesia database is
## limited to 2GB which might be exceeded on large servers
mod_mam: {}
mod_muc:
host: "muc.@HOST@"
access:
- allow
access_admin:
- allow: admin
access_create: muc_create
access_persistent: muc_create
mod_muc_admin: {}
mod_muc_log: {}
mod_offline:
access_max_user_messages: max_user_offline_messages
mod_ping: {}
## mod_pres_counter:
## count: 5
## interval: 60
mod_privacy: {}
mod_private: {}
mod_roster:
versioning: true
mod_shared_roster: {}
mod_stats: {}
mod_time: {}
mod_vcard:
search: false
mod_vcard_xupdate: {}
## Convert all avatars posted by Android clients from WebP to JPEG
mod_avatar: {}
# convert:
# webp: jpeg
mod_version: {}
mod_stream_mgmt: {}
## The module for S2S dialback (XEP-0220). Please note that you cannot
## rely solely on dialback if you want to federate with other servers,
## because a lot of servers have dialback disabled and instead rely on
## PKIX authentication. Make sure you have proper certificates installed
## and check your accessibility at https://check.messaging.one/
mod_s2s_dialback: {}
mod_pubsub:
plugins:
- "pep"
mod_push: {}
'';
};
networking.firewall.enable = false;
};
};
testScript = { nodes, ... }: ''
$server->waitForUnit('ejabberd.service');
$server->succeed('su ejabberd -s $(which ejabberdctl) status|grep started') =~ /ejabberd is running/;
$server->succeed('su ejabberd -s $(which ejabberdctl) register azurediamond example.com hunter2');
$server->succeed('su ejabberd -s $(which ejabberdctl) register cthon98 example.com nothunter2');
$server->fail('su ejabberd -s $(which ejabberdctl) register asdf wrong.domain');
$client->succeed('send-message');
$server->succeed('su ejabberd -s $(which ejabberdctl) unregister cthon98 example.com');
$server->succeed('su ejabberd -s $(which ejabberdctl) unregister azurediamond example.com');
'';
})

16
nixos/tests/jellyfin.nix Normal file
View File

@ -0,0 +1,16 @@
import ./make-test.nix ({ lib, ...}:
{
name = "jellyfin";
meta.maintainers = with lib.maintainers; [ minijackson ];
machine =
{ ... }:
{ services.jellyfin.enable = true; };
testScript = ''
$machine->waitForUnit('jellyfin.service');
$machine->waitForOpenPort('8096');
$machine->succeed("curl --fail http://localhost:8096/");
'';
})

26
nixos/tests/nzbget.nix Normal file
View File

@ -0,0 +1,26 @@
import ./make-test.nix ({ pkgs, ...} : {
name = "nzbget";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ aanderse flokli ];
};
nodes = {
server = { ... }: {
services.nzbget.enable = true;
# hack, don't add (unfree) unrar to nzbget's path,
# so we can run this test in CI
systemd.services.nzbget.path = pkgs.stdenv.lib.mkForce [ pkgs.p7zip ];
};
};
testScript = ''
startAll;
$server->waitForUnit("nzbget.service");
$server->waitForUnit("network.target");
$server->waitForOpenPort(6789);
$server->succeed("curl -s -u nzbget:tegbzn6789 http://127.0.0.1:6789 | grep -q 'This file is part of nzbget'");
$server->succeed("${pkgs.nzbget}/bin/nzbget -n -o ControlIP=127.0.0.1 -o ControlPort=6789 -o ControlPassword=tegbzn6789 -V");
'';
})

68
nixos/tests/prosody.nix
View File

@ -9,70 +9,30 @@ import ./make-test.nix {
extraConfig = ''
storage = "sql"
'';
virtualHosts.test = {
domain = "example.com";
enabled = true;
};
};
environment.systemPackages = let
sendMessage = pkgs.writeScriptBin "send-message" ''
#!/usr/bin/env python3
# Based on the sleekxmpp send_client example, look there for more details:
# https://github.com/fritzy/SleekXMPP/blob/develop/examples/send_client.py
import sleekxmpp
class SendMsgBot(sleekxmpp.ClientXMPP):
"""
A basic SleekXMPP bot that will log in, send a message,
and then log out.
"""
def __init__(self, jid, password, recipient, message):
sleekxmpp.ClientXMPP.__init__(self, jid, password)
self.recipient = recipient
self.msg = message
self.add_event_handler("session_start", self.start, threaded=True)
def start(self, event):
self.send_presence()
self.get_roster()
self.send_message(mto=self.recipient,
mbody=self.msg,
mtype='chat')
self.disconnect(wait=True)
if __name__ == '__main__':
xmpp = SendMsgBot("test1@localhost", "test1", "test2@localhost", "Hello World!")
xmpp.register_plugin('xep_0030') # Service Discovery
xmpp.register_plugin('xep_0199') # XMPP Ping
# TODO: verify certificate
# If you want to verify the SSL certificates offered by a server:
# xmpp.ca_certs = "path/to/ca/cert"
if xmpp.connect(('localhost', 5222)):
xmpp.process(block=True)
else:
print("Unable to connect.")
sys.exit(1)
'';
in [ (pkgs.python3.withPackages (ps: [ ps.sleekxmpp ])) sendMessage ];
environment.systemPackages = [
(pkgs.callPackage ./xmpp-sendmessage.nix {})
];
};
testScript = ''
$machine->waitForUnit('prosody.service');
$machine->succeed('prosodyctl status') =~ /Prosody is running/;
# set password to 'test' (it's asked twice)
$machine->succeed('yes test1 | prosodyctl adduser test1@localhost');
# set password to 'nothunter2' (it's asked twice)
$machine->succeed('yes nothunter2 | prosodyctl adduser cthon98@example.com');
# set password to 'y'
$machine->succeed('yes | prosodyctl adduser test2@localhost');
# correct password to 'test2'
$machine->succeed('yes test2 | prosodyctl passwd test2@localhost');
$machine->succeed('yes | prosodyctl adduser azurediamond@example.com');
# correct password to 'hunter2'
$machine->succeed('yes hunter2 | prosodyctl passwd azurediamond@example.com');
$machine->succeed("send-message");
$machine->succeed('prosodyctl deluser test1@localhost');
$machine->succeed('prosodyctl deluser test2@localhost');
$machine->succeed('prosodyctl deluser cthon98@example.com');
$machine->succeed('prosodyctl deluser azurediamond@example.com');
'';
}

46
nixos/tests/xmpp-sendmessage.nix Normal file
View File

@ -0,0 +1,46 @@
{ writeScriptBin, python3, connectTo ? "localhost" }:
writeScriptBin "send-message" ''
#!${(python3.withPackages (ps: [ ps.sleekxmpp ])).interpreter}
# Based on the sleekxmpp send_client example, look there for more details:
# https://github.com/fritzy/SleekXMPP/blob/develop/examples/send_client.py
import sleekxmpp
class SendMsgBot(sleekxmpp.ClientXMPP):
"""
A basic SleekXMPP bot that will log in, send a message,
and then log out.
"""
def __init__(self, jid, password, recipient, message):
sleekxmpp.ClientXMPP.__init__(self, jid, password)
self.recipient = recipient
self.msg = message
self.add_event_handler("session_start", self.start, threaded=True)
def start(self, event):
self.send_presence()
self.get_roster()
self.send_message(mto=self.recipient,
mbody=self.msg,
mtype='chat')
self.disconnect(wait=True)
if __name__ == '__main__':
xmpp = SendMsgBot("cthon98@example.com", "nothunter2", "azurediamond@example.com", "hey, if you type in your pw, it will show as stars")
xmpp.register_plugin('xep_0030') # Service Discovery
xmpp.register_plugin('xep_0199') # XMPP Ping
# TODO: verify certificate
# If you want to verify the SSL certificates offered by a server:
# xmpp.ca_certs = "path/to/ca/cert"
if xmpp.connect(('${connectTo}', 5222)):
xmpp.process(block=True)
else:
print("Unable to connect.")
sys.exit(1)
''

49
pkgs/applications/accessibility/mousetweaks/default.nix Normal file
View File

@ -0,0 +1,49 @@
{ stdenv, fetchurl, pkgconfig
, glib, gtk3, gnome3, gsettings-desktop-schemas, wrapGAppsHook
, libX11, libXtst, libXfixes, libXcursor
}:
stdenv.mkDerivation rec {
pname = "mousetweaks";
version = "3.32.0";
src = fetchurl {
url = "mirror://gnome/sources/${pname}/${stdenv.lib.versions.majorMinor version}/${pname}-${version}.tar.xz";
sha256 = "005fhmvb45sa9mq17dpa23n1xnspiissx5rnpiy7hiqmy3g5rg8f";
};
nativeBuildInputs = [ pkgconfig wrapGAppsHook ];
buildInputs = [
glib gtk3 gsettings-desktop-schemas
libX11 libXtst libXfixes libXcursor
];
passthru = {
updateScript = gnome3.updateScript {
packageName = pname;
};
};
meta = with stdenv.lib; {
description = "Provides mouse accessibility enhancements for the GNOME desktop";
longDescription = ''
Mousetweaks provides mouse accessibility enhancements for the GNOME
desktop. These enhancements are:
- It offers a way to perform the various clicks without using any
physical mouse buttons. (Hover Click)
- It allows users to perform a secondary click by keeping the primary
mouse button pressed for a predetermined amount of time. (Simulated
Secondary Click)
The features can be activated and configured through the Universal Access
panel of the GNOME Control Center.
'';
homepage = https://wiki.gnome.org/Projects/Mousetweaks;
license = licenses.gpl2;
platforms = platforms.linux;
maintainers = [ maintainers.johnazoidberg ];
};
}

4
pkgs/applications/altcoins/bitcoin-abc.nix
View File

@ -7,13 +7,13 @@ with stdenv.lib;
stdenv.mkDerivation rec {
name = "bitcoin" + (toString (optional (!withGui) "d")) + "-abc-" + version;
version = "0.18.2";
version = "0.19.4";
src = fetchFromGitHub {
owner = "bitcoin-ABC";
repo = "bitcoin-abc";
rev = "v${version}";
sha256 = "1ha219xnd61qicf7r3j0wbfrifh7blwp3lyk3ycgdn381q1qln29";
sha256 = "1z4x25ygcw1pqml2ww02vqrvmihlv4f5gnnn1iyfirrjxgpfaxd7";
};
patches = [ ./fix-bitcoin-qt-build.patch ];

14
pkgs/applications/altcoins/bitcoin.nix
View File

@ -1,21 +1,20 @@
{ stdenv, fetchurl, pkgconfig, autoreconfHook, openssl, db48, boost, zeromq
{ stdenv, fetchurl, pkgconfig, autoreconfHook, openssl, db48, boost, zeromq, rapidcheck
, zlib, miniupnpc, qtbase ? null, qttools ? null, utillinux, protobuf, python3, qrencode, libevent
, withGui }:
with stdenv.lib;
stdenv.mkDerivation rec{
name = "bitcoin" + (toString (optional (!withGui) "d")) + "-" + version;
version = "0.17.1";
version = "0.18.0";
src = fetchurl {
urls = [ "https://bitcoincore.org/bin/bitcoin-core-${version}/bitcoin-${version}.tar.gz"
"https://bitcoin.org/bin/bitcoin-core-${version}/bitcoin-${version}.tar.gz"
];
sha256 = "0am4pnaf2cisv172jqx6jdpzx770agm8777163lkjbw3ryslymiy";
sha256 = "5e4e6890e07b620a93fdb24605dae2bb53e8435b2a93d37558e1db1913df405f";
};
nativeBuildInputs = [ pkgconfig autoreconfHook ]
++ optionals doCheck [ python3 ];
nativeBuildInputs = [ pkgconfig autoreconfHook ];
buildInputs = [ openssl db48 boost zlib zeromq
miniupnpc protobuf libevent]
++ optionals stdenv.isLinux [ utillinux ]
@ -31,11 +30,14 @@ stdenv.mkDerivation rec{
"--with-qt-bindir=${qtbase.dev}/bin:${qttools.dev}/bin"
];
checkInputs = [ rapidcheck python3 ];
doCheck = true;
# QT_PLUGIN_PATH needs to be set when executing QT, which is needed when testing Bitcoin's GUI.
# See also https://github.com/NixOS/nixpkgs/issues/24256
checkFlags = optionals withGui [ "QT_PLUGIN_PATH=${qtbase}/lib/qt-5.${versions.minor qtbase.version}/plugins" ];
checkFlags = optionals withGui [ "QT_PLUGIN_PATH=${qtbase}/lib/qt-5.${versions.minor qtbase.version}/plugins" ]
++ [ "LC_ALL=C.UTF-8" ];
enableParallelBuilding = true;

4
pkgs/applications/altcoins/fix-bitcoin-qt-build.patch
View File

@ -4,12 +4,12 @@
dnl Output: $1 is set to the path of $2 if found. $2 are searched in order.
AC_DEFUN([BITCOIN_QT_PATH_PROGS],[
BITCOIN_QT_CHECK([
- if test "x$3" != "x"; then
- if test "x$3" != x; then
- AC_PATH_PROGS($1,$2,,$3)
- else
- AC_PATH_PROGS($1,$2)
- fi
+ AC_PATH_PROGS($1,$2)
if test "x$$1" = "x" && test "x$4" != "xyes"; then
if test "x$$1" = x && test "x$4" != xyes; then
BITCOIN_QT_FAIL([$1 not found])
fi

13
pkgs/applications/audio/calf/default.nix
View File

@ -3,21 +3,14 @@
stdenv.mkDerivation rec {
name = "calf-${version}";
version = "0.90.0";
version = "0.90.2";
src = fetchurl {
url = "https://calf-studio-gear.org/files/${name}.tar.gz";
sha256 = "0dijv2j7vlp76l10s4v8gbav26ibaqk8s24ci74vrc398xy00cib";
sha256 = "0bn4j1klw2yfxz8clbmasaydifq25rdfsv0n6iisxrzcj1lx7sgh";
};
patches = [
# Fix memory leak in limiter
# https://github.com/flathub/com.github.wwmm.pulseeffects/issues/12
(fetchpatch {
url = https://github.com/calf-studio-gear/calf/commit/7afdefc0d0489a6227fd10f15843d81dc82afd62.patch;
sha256 = "056662iw6hp4ykwk4jyrzg5yarcn17ni97yc060y5kcnzy29ddg6";
})
];
enableParallelBuilding = true;
buildInputs = [
cairo expat fftwSinglePrec fluidsynth glib gtk2 libjack2 ladspaH

16
pkgs/applications/audio/dragonfly-reverb/default.nix
View File

@ -1,13 +1,14 @@
{ stdenv, fetchFromGitHub, libjack2, libGL, pkgconfig, xorg }:
stdenv.mkDerivation rec {
name = "dragonfly-reverb-${src.rev}";
pname = "dragonfly-reverb";
version = "1.1.4";
src = fetchFromGitHub {
owner = "michaelwillis";
repo = "dragonfly-reverb";
rev = "1.0.0";
sha256 = "05m4hd8lg0a7iiia6cbiw5qmc4p8vbkxp2qh7ywaabawiwa9r24x";
rev = version;
sha256 = "060g4ddh1z222n39wqj8jxj0zgmpjrgraw76qgyg6xkn15cn9q9y";
fetchSubmodules = true;
};
@ -21,15 +22,20 @@ stdenv.mkDerivation rec {
];
installPhase = ''
mkdir -p $out/bin
mkdir -p $out/lib/lv2/
cp -a bin/DragonflyReverb.lv2/ $out/lib/lv2/
mkdir -p $out/lib/vst/
cd bin
cp -a DragonflyReverb $out/bin/
cp -a DragonflyReverb-vst.so $out/lib/vst/
cp -a DragonflyReverb.lv2/ $out/lib/lv2/
'';
meta = with stdenv.lib; {
homepage = https://github.com/michaelwillis/dragonfly-reverb;
description = "A hall-style reverb based on freeverb3 algorithms";
maintainers = [ maintainers.magnetophon ];
license = licenses.gpl2;
license = licenses.gpl3;
platforms = ["x86_64-linux"];
};
}

4
pkgs/applications/audio/drumkv1/default.nix
View File

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
name = "drumkv1-${version}";
version = "0.9.6";
version = "0.9.7";
src = fetchurl {
url = "mirror://sourceforge/drumkv1/${name}.tar.gz";
sha256 = "0d0kskr9pzdckw7sz4djjkkkgz1fa83zrq5my6qlxn68wqdj6800";
sha256 = "1361dqdasrc98q9hcjdwsjx6agfimwnay430887fryi3pslkyd81";
};
buildInputs = [ libjack2 alsaLib libsndfile liblo lv2 qt5.qtbase qt5.qttools ];

4
pkgs/applications/audio/flacon/default.nix
View File

@ -5,13 +5,13 @@
stdenv.mkDerivation rec {
name = "flacon-${version}";
version = "5.2.0";
version = "5.4.0";
src = fetchFromGitHub {
owner = "flacon";
repo = "flacon";
rev = "v${version}";
sha256 = "0vmbwpfjq66qv3zp7mss3hsxy6dxjybqfm7k2xyc0w181qclg1ya";
sha256 = "1j8gzk92kn10yb7rmvrnyq0ipda2swnkmsavqsk5ws0z600p3k93";
};
nativeBuildInputs = [ cmake pkgconfig makeWrapper ];

6
pkgs/applications/audio/fluidsynth/default.nix
View File

@ -32,11 +32,11 @@ stdenv.mkDerivation rec {
nativeBuildInputs = [ pkgconfig cmake ];
buildInputs = [ glib libsndfile ]
++ lib.optionals (!stdenv.isDarwin) [ alsaLib libpulseaudio libjack2 ]
buildInputs = [ glib libsndfile libpulseaudio libjack2 ]
++ lib.optionals stdenv.isLinux [ alsaLib ]
++ lib.optionals stdenv.isDarwin [ AudioUnit CoreAudio CoreMIDI CoreServices ];
cmakeFlags = lib.optional stdenv.isDarwin "-Denable-framework=off";
cmakeFlags = [ "-Denable-framework=off" ];
meta = with lib; {
description = "Real-time software synthesizer based on the SoundFont 2 specifications";

4
pkgs/applications/audio/infamousPlugins/default.nix
View File

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
name = "infamousPlugins-${version}";
version = "0.2.04";
version = "0.3.0";
src = fetchFromGitHub {
owner = "ssj71";
repo = "infamousPlugins";
rev = "v${version}";
sha256 = "0hmqk80w4qxq09iag7b7srf2g0wigkyhzq0ywxvhz2iz0hq9k0dh";
sha256 = "1r72agk5nxf5k0mghcc2j90z43j5d9i7rqjmf49jfyqnd443isip";
};
nativeBuildInputs = [ pkgconfig cmake ];

6
pkgs/applications/audio/mixxx/default.nix
View File

@ -8,13 +8,13 @@
stdenv.mkDerivation rec {
name = "mixxx-${version}";
version = "2.2.0";
version = "2.2.1";
src = fetchFromGitHub {
owner = "mixxxdj";
repo = "mixxx";
rev = "release-${version}";
sha256 = "1rp2nyhz2j695k5kk0m94x30akwrlr9jgs0n4pi4snnvjpwmbfp9";
sha256 = "1q6c2wfpprsx7s7nz1w0mhm2yhikj54jxcv61kwylxx3n5k2na9r";
};
nativeBuildInputs = [ makeWrapper ];
@ -25,6 +25,8 @@ stdenv.mkDerivation rec {
qtx11extras rubberband scons sqlite taglib upower vampSDK
];
enableParallelBuilding = true;
sconsFlags = [
"build=release"
"qtdir=${qtbase}"

4
pkgs/applications/audio/mopidy/iris.nix
View File

@ -2,11 +2,11 @@
pythonPackages.buildPythonApplication rec {
pname = "Mopidy-Iris";
version = "3.36.0";
version = "3.37.0";
src = pythonPackages.fetchPypi {
inherit pname version;
sha256 = "1qxb3rfjxmwihcm0nrarrgp9x7zr3kjipzn5igj0d57gpi2bdwgv";
sha256 = "1fy802jx3817ldrm3g5inrfjbi7s8xcx96pnglbq54nvp41lzyh5";
};
propagatedBuildInputs = [

38
pkgs/applications/audio/munt/default.nix Normal file
View File

@ -0,0 +1,38 @@
{ stdenv, fetchFromGitHub, cmake, qtbase, alsaLib, makeDesktopItem }:
let
desktopItem = makeDesktopItem rec {
name = "Munt";
exec = "mt32emu-qt";
desktopName = name;
genericName = "Munt synthesiser";
categories = "Audio;AudioVideo;";
};
in stdenv.mkDerivation rec {
version = "2.3.0";
pname = "munt";
src = fetchFromGitHub {
owner = pname;
repo = pname;
rev = with stdenv.lib.versions; "${pname}_${major version}_${minor version}_${patch version}";
sha256 = "0fjhshs4w942rlfksalalqshflbq83pyz1z0hcq53falh9v54cyw";
};
postInstall = ''
ln -s ${desktopItem}/share/applications $out/share
'';
dontFixCmake = true;
nativeBuildInputs = [ cmake ];
buildInputs = [ qtbase alsaLib ];
meta = with stdenv.lib; {
description = "Multi-platform software synthesiser emulating Roland MT-32, CM-32L, CM-64 and LAPC-I devices";
homepage = "http://munt.sourceforge.net/";
license = licenses.gpl2;
platforms = platforms.linux;
maintainers = with maintainers; [ gnidorah ];
};
}

5
pkgs/applications/audio/pulseeffects/default.nix
View File

@ -47,13 +47,13 @@ let
];
in stdenv.mkDerivation rec {
pname = "pulseeffects";
version = "4.5.9";
version = "4.6.0";
src = fetchFromGitHub {
owner = "wwmm";
repo = "pulseeffects";
rev = "v${version}";
sha256 = "19pqi9wix359hdrslzmi9sz0dzz03pdwqvdyzw3i5rdny01skdfw";
sha256 = "1ap07sw4j1a0al2hqh781m8ivlplxlaw515gkf65q100q80kr0zj";
};
nativeBuildInputs = [
@ -107,5 +107,6 @@ in stdenv.mkDerivation rec {
license = licenses.gpl3;
maintainers = with maintainers; [ jtojnar ];
platforms = platforms.linux;
badPlatforms = [ "aarch64-linux" ];
};
}

4
pkgs/applications/audio/qjackctl/default.nix
View File

@ -1,14 +1,14 @@
{ stdenv, fetchurl, pkgconfig, alsaLib, libjack2, dbus, qtbase, qttools, qtx11extras }:
stdenv.mkDerivation rec {
version = "0.5.6";
version = "0.5.7";
name = "qjackctl-${version}";
# some dependencies such as killall have to be installed additionally
src = fetchurl {
url = "mirror://sourceforge/qjackctl/${name}.tar.gz";
sha256 = "0wlmbb9m7cf3wr7c2h2hji18592x2b119m7mx85wksjs6rjaq2mj";
sha256 = "1g6a5j74p45yisl28bw4fcc9nr6b710ikk459p4mp6djh9gs8v95";
};
buildInputs = [

4
pkgs/applications/audio/qmidinet/default.nix
View File

@ -1,12 +1,12 @@
{ stdenv, fetchurl, pkgconfig, qt5, alsaLib, libjack2 }:
stdenv.mkDerivation rec {
version = "0.5.3";
version = "0.5.4";
name = "qmidinet-${version}";
src = fetchurl {
url = "mirror://sourceforge/qmidinet/${name}.tar.gz";
sha256 = "0li6iz1anm8pzz7j12yrfyxlyslsfsksmz0kk0iapa4yx3kifn10";
sha256 = "1il4b8v3azb33yg4fy78npi56xlkz4n60f17sgvckyxb2yj57jwq";
};
hardeningDisable = [ "format" ];

4
pkgs/applications/audio/qsampler/default.nix
View File

@ -3,11 +3,11 @@
stdenv.mkDerivation rec {
name = "qsampler-${version}";
version = "0.5.4";
version = "0.5.5";
src = fetchurl {
url = "mirror://sourceforge/qsampler/${name}.tar.gz";
sha256 = "1hk0j63zzdyji5dd89spbyw79i74n28zjryyy0a4gsaq0m7j2dry";
sha256 = "1li2p8zknrdr62wlaassfvgski0rlbr3lvrzywbh32dq8j50w8zf";
};
nativeBuildInputs = [ autoconf automake libtool pkgconfig qttools ];

4
pkgs/applications/audio/qtractor/default.nix
View File

@ -5,11 +5,11 @@
stdenv.mkDerivation rec {
pname = "qtractor";
version = "0.9.6";
version = "0.9.7";
src = fetchurl {
url = "mirror://sourceforge/${pname}/${pname}-${version}.tar.gz";
sha256 = "06sa4wl8zr0k8dnjiil0gjwnhrkq95h50xv56ih1y8jgyzxchaxp";
sha256 = "0z97c8h0m7070bfq0qsbf8hwzwcqjs7dln7na4mngyhc6vqkg63s";
};
nativeBuildInputs = [

4
pkgs/applications/audio/radiotray-ng/default.nix
View File

@ -10,7 +10,7 @@
# GUI/Desktop
, dbus
, glibmm
, gnome3
, gsettings-desktop-schemas
, hicolor-icon-theme
, libappindicator-gtk3
, libnotify
@ -54,7 +54,7 @@ stdenv.mkDerivation rec {
buildInputs = [
curl
boost jsoncpp libbsd pcre
glibmm hicolor-icon-theme gnome3.gsettings-desktop-schemas libappindicator-gtk3 libnotify
glibmm hicolor-icon-theme gsettings-desktop-schemas libappindicator-gtk3 libnotify
libxdg_basedir
lsb-release
wxGTK

4
pkgs/applications/audio/reaper/default.nix
View File

@ -6,11 +6,11 @@
stdenv.mkDerivation rec {
name = "reaper-${version}";
version = "5.973";
version = "5.974";
src = fetchurl {
url = "https://www.reaper.fm/files/${stdenv.lib.versions.major version}.x/reaper${builtins.replaceStrings ["."] [""] version}_linux_x86_64.tar.xz";
sha256 = "02ymi2rn29zrb71krx43nrpfldhkcvwry4gz228apff2hb2lmqdx";
sha256 = "0pmjdh4d1jsplv99nrgjn437bgjp7hqk6fynvqk3lbn1zw3wk0i9";
};
nativeBuildInputs = [ autoPatchelfHook makeWrapper ];

4
pkgs/applications/audio/samplv1/default.nix
View File

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
name = "samplv1-${version}";
version = "0.9.6";
version = "0.9.7";
src = fetchurl {
url = "mirror://sourceforge/samplv1/${name}.tar.gz";
sha256 = "16a5xix9pn0gl3fr6bv6zl1l9vrzgvy1q7xd8yxzfr3vi5s8x4z9";
sha256 = "1vgmcjccpgqqlmmwfg6m91nph81p2xaxydjx82n4l1yrr9lidn9h";
};
buildInputs = [ libjack2 alsaLib liblo libsndfile lv2 qt5.qtbase qt5.qttools];

4
pkgs/applications/audio/snd/default.nix
View File

@ -4,11 +4,11 @@
}:
stdenv.mkDerivation rec {
name = "snd-19.2";
name = "snd-19.3";
src = fetchurl {
url = "mirror://sourceforge/snd/${name}.tar.gz";
sha256 = "1a6ls2hyvggss12idca22hq5vsq4jw2xkwrx22dx29i9926gdr6h";
sha256 = "16j3fqyw361wdsr1076f0p3va2y7wdzq1lvr4ijz1ajmbxdlc723";
};
nativeBuildInputs = [ pkgconfig ];

4
pkgs/applications/audio/sonata/default.nix
View File

@ -1,5 +1,5 @@
{ stdenv, fetchFromGitHub, pkgconfig, gettext, intltool, wrapGAppsHook
, python3Packages, gnome3, gtk3, gobject-introspection}:
, python3Packages, gnome3, gtk3, gsettings-desktop-schemas, gobject-introspection }:
let
inherit (python3Packages) buildPythonApplication isPy3k dbus-python pygobject3 mpd2;
@ -20,7 +20,7 @@ in buildPythonApplication rec {
buildInputs = [
intltool wrapGAppsHook
gnome3.adwaita-icon-theme
gnome3.gsettings-desktop-schemas
gsettings-desktop-schemas
];
postPatch = ''

4
pkgs/applications/audio/sound-juicer/default.nix
View File

@ -1,6 +1,6 @@
{ stdenv, fetchurl, pkgconfig, glib, gtk3, intltool, itstool, libxml2, brasero
, libcanberra-gtk3, gnome3, gst_all_1, libmusicbrainz5, libdiscid, isocodes
, wrapGAppsHook }:
, gsettings-desktop-schemas, wrapGAppsHook }:
let
pname = "sound-juicer";
@ -16,7 +16,7 @@ in stdenv.mkDerivation rec{
nativeBuildInputs = [ pkgconfig intltool itstool libxml2 wrapGAppsHook ];
buildInputs = [
glib gtk3 brasero libcanberra-gtk3 gnome3.adwaita-icon-theme
gnome3.gsettings-desktop-schemas libmusicbrainz5 libdiscid isocodes
gsettings-desktop-schemas libmusicbrainz5 libdiscid isocodes
gst_all_1.gstreamer gst_all_1.gst-plugins-base
gst_all_1.gst-plugins-good gst_all_1.gst-plugins-bad
gst_all_1.gst-libav

97
pkgs/applications/audio/soundkonverter/default.nix Normal file
View File

@ -0,0 +1,97 @@
# currently needs to be installed into an environment and needs a `kbuildsycoca5` run afterwards for plugin discovery
{
mkDerivation, fetchFromGitHub, lib, makeWrapper,
cmake, extra-cmake-modules, pkgconfig,
libkcddb, kconfig, kconfigwidgets, ki18n, kdelibs4support, kio, solid, kwidgetsaddons, kxmlgui,
qtbase, phonon,
taglib,
# optional backends
withCD ? true, cdparanoia,
withFlac ? true, flac,
withMidi ? true, fluidsynth, timidity,
withSpeex ? false, speex,
withVorbis ? true, vorbis-tools, vorbisgain,
withMp3 ? true, lame, mp3gain,
withAac ? true, faad2, aacgain,
withUnfreeAac ? false, faac,
withFfmpeg ? true, ffmpeg-full,
withMplayer ? false, mplayer,
withSox ? true, sox,
withOpus ? true, opusTools,
withTwolame ? false, twolame,
withApe ? false, mac,
withWavpack ? false, wavpack
}:
assert withAac -> withFfmpeg || withUnfreeAac;
assert withUnfreeAac -> withAac;
let runtimeDeps = []
++ lib.optional withCD cdparanoia
++ lib.optional withFlac flac
++ lib.optional withSpeex speex
++ lib.optional withFfmpeg ffmpeg-full
++ lib.optional withMplayer mplayer
++ lib.optional withSox sox
++ lib.optional withOpus opusTools
++ lib.optional withTwolame twolame
++ lib.optional withApe mac
++ lib.optional withWavpack wavpack
++ lib.optional withUnfreeAac faac
++ lib.optionals withMidi [ fluidsynth timidity ]
++ lib.optionals withVorbis [ vorbis-tools vorbisgain ]
++ lib.optionals withMp3 [ lame mp3gain ]
++ lib.optionals withAac [ faad2 aacgain ];
in
mkDerivation rec {
name = "soundkonverter";
version = "3.0.1";
src = fetchFromGitHub {
owner = "dfaust";
repo = "soundkonverter";
rev = "v" + version;
sha256 = "1g2khdsjmsi4zzynkq8chd11cbdhjzmi37r9jhpal0b730nq9x7l";
};
enableParallelBuilding = true;
nativeBuildInputs = [ cmake extra-cmake-modules pkgconfig kdelibs4support makeWrapper ];
propagatedBuildInputs = [ libkcddb kconfig kconfigwidgets ki18n kdelibs4support kio solid kwidgetsaddons kxmlgui qtbase phonon];
buildInputs = [ taglib ] ++ runtimeDeps;
# encoder plugins go to ${out}/lib so they're found by kbuildsycoca5
cmakeFlags = [ "-DCMAKE_INSTALL_PREFIX=$out" ];
sourceRoot = "source/src";
# add runt-time deps to PATH
postInstall = ''
wrapProgram $out/bin/soundkonverter --prefix PATH : ${lib.makeBinPath runtimeDeps }
'';
meta = {
license = lib.licenses.gpl2;
maintainers = [ lib.maintainers.schmittlauch ];
description = "Audio file converter, CD ripper and Replay Gain tool";
longDescription = ''
soundKonverter is a frontend to various audio converters.
The key features are:
- Audio file conversion
- Replay Gain calculation
- CD ripping
soundKonverter supports reading and writing tags and covers for many formats, so they are preserved when converting files.
It is extendable by plugins and supports many backends including:
- Audio file conversion
Backends: faac, faad, ffmpeg, flac, lame, mplayer, neroaac, timidity, fluidsynth, vorbistools, opustools, sox, twolame,
flake, mac, shorten, wavpack and speex
Formats: ogg vorbis, mp3, flac, wma, aac, ac3, opus, alac, mp2, als, amr nb, amr wb, ape, speex, m4a, mp1, musepack shorten,
tta, wavpack, ra, midi, mod, 3gp, rm, avi, mkv, ogv, mpeg, mov, mp4, flv, wmv and rv
- Replay Gain calculation
Backends: aacgain, metaflac, mp3gain, vorbisgain, wvgain, mpcgain
Formats: aac, mp3, flac, ogg vorbis, wavpack, musepack
- CD ripping
Backends: cdparanoia
'';
};
}

42
pkgs/applications/audio/speech-denoiser/default.nix Normal file
View File

@ -0,0 +1,42 @@
{ stdenv, fetchFromGitHub, autoreconfHook, pkgconfig, lv2, meson, ninja }:
let
speech-denoiser-src = fetchFromGitHub {
owner = "lucianodato";
repo = "speech-denoiser";
rev = "04cfba929630404f8d4f4ca5bac8d9b09a99152f";
sha256 = "189l6lz8sz5vr6bjyzgcsrvksl1w6crqsg0q65r94b5yjsmjnpr4";
};
rnnoise-nu = stdenv.mkDerivation rec {
pname = "rnnoise-nu";
version = "unstable-07-10-2019";
src = speech-denoiser-src;
sourceRoot = "source/rnnoise";
nativeBuildInputs = [ autoreconfHook ];
configureFlags = [ "--disable-examples" "--disable-doc" "--disable-shared" "--enable-static" ];
installTargets = [ "install-rnnoise-nu" ];
};
in
stdenv.mkDerivation rec {
pname = "speech-denoiser";
version = "unstable-07-10-2019";
src = speech-denoiser-src;
nativeBuildInputs = [ pkgconfig meson ninja ];
buildInputs = [ lv2 rnnoise-nu ];
postPatch = ''
substituteInPlace meson.build \
--replace "cc.find_library('rnnoise-nu',dirs: meson.current_source_dir() + '/rnnoise/.libs/',required : true)" "cc.find_library('rnnoise-nu', required : true)"
'';
meta = with stdenv.lib; {
description = "Speech denoise lv2 plugin based on RNNoise library";
homepage = https://github.com/lucianodato/speech-denoiser;
license = licenses.lgpl3;
maintainers = [ maintainers.magnetophon ];
platforms = platforms.linux;
};
}

4
pkgs/applications/audio/synthv1/default.nix
View File

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
name = "synthv1-${version}";
version = "0.9.6";
version = "0.9.7";
src = fetchurl {
url = "mirror://sourceforge/synthv1/${name}.tar.gz";
sha256 = "1hcngk7mxfrqf8v3r759x3wd0p02nc3q83j8m3k58p408y3mx7nr";
sha256 = "0i70wm430fvksi3g985farrkhgb7mwhi7j06dl66cdj1n12jzzk7";
};
buildInputs = [ qt5.qtbase qt5.qttools libjack2 alsaLib liblo lv2 ];

8
pkgs/applications/audio/timemachine/default.nix
View File

@ -3,13 +3,13 @@
}:
stdenv.mkDerivation rec {
name = "timemachine-${version}";
version = "0.3.1";
pname = "timemachine";
version = "0.3.3";
src = fetchFromGitHub {
owner = "swh";
repo = "timemachine";
rev = "1966d8524d4e4c47c525473bab3b010a168adc98";
sha256 = "0w5alysixnvlkfl79wf7vs5wsw2vgxl3gqxxcm0zbmhjdpmjpcal";
rev = "v${version}";
sha256 = "1jsvd29wiqigxyqxl2xjklla11fwyjy68vqivcnlr9f2af4ylym8";
};
nativeBuildInputs = [ pkgconfig ];

4
pkgs/applications/audio/zynaddsubfx/default.nix
View File

@ -4,11 +4,11 @@
stdenv.mkDerivation rec {
name = "zynaddsubfx-${version}";
version = "3.0.4";
version = "3.0.5";
src = fetchurl {
url = "mirror://sourceforge/zynaddsubfx/zynaddsubfx-${version}.tar.bz2";
sha256 = "18m4ax0x06y1hx4g2g3gf02v0bldkrrb5m7fsr5jlfp1kvjd2j1x";
sha256 = "0qwzg14h043rmyf9jqdylxhyfy4sl0vsr0gjql51wjhid0i34ivl";
};
buildInputs = [ alsaLib cairo libjack2 fftw fltk13 lash libjpeg libXpm minixml ntk zlib liblo ];

4
pkgs/applications/editors/atom/default.nix
View File

@ -3,8 +3,8 @@
let
versions = {
atom = {
version = "1.36.0";
sha256 = "1ljg39h5xjigk2njvxyinb1gd3sbja21v47c7va6vl9hjr5xb3fr";
version = "1.36.1";
sha256 = "1m7q2r3zx463k7kpqb364piqrr69wrhs033ibzxdx9y7r4204qp4";
};
atom-beta = {

28
pkgs/applications/editors/emacs-modes/emacs-libvterm/default.nix
View File

@ -17,25 +17,41 @@ let
};
libvterm = libvterm-neovim.overrideAttrs(old: rec {
pname = "libvterm-neovim";
version = "2019-04-27";
name = pname + "-" + version;
src = fetchFromGitHub {
owner = "neovim";
repo = "libvterm";
rev = "89675ffdda615ffc3f29d1c47a933f4f44183364";
sha256 = "0l9ixbj516vl41v78fi302ws655xawl7s94gmx1kb3fmfgamqisy";
};
});
in stdenv.mkDerivation rec {
name = "emacs-libvterm-${version}";
version = "unstable-2018-11-16";
version = "unstable-2019-04-28";
src = fetchFromGitHub {
owner = "akermu";
repo = "emacs-libvterm";
rev = "8be9316156be75a685c0636258b2fec2daaf5ab5";
sha256 = "059js4aa7xgqcpaicgy4gz683hppa1iyp1r98mnms5hd31a304k8";
rev = "6adcedf3e4aaadeeaff97437044fba17aeb466d4";
sha256 = "1j6qr5bmajig3idhwsaa3zm72w13q9zn77z2dlrhhx3p4bbds3f8";
};
nativeBuildInputs = [ cmake ];
buildInputs = [ emacs libvterm-neovim ];
buildInputs = [ emacs libvterm ];
cmakeFlags = [ "-DEMACS_SOURCE=${emacsSources}" ];
cmakeFlags = [
"-DEMACS_SOURCE=${emacsSources}"
"-DUSE_SYSTEM_LIBVTERM=True"
];
installPhase = ''
install -d $out/share/emacs/site-lisp
install ../*.el $out/share/emacs/site-lisp
install ./*.so $out/share/emacs/site-lisp
install ../*.so $out/share/emacs/site-lisp
'';
}

5
pkgs/applications/editors/emacs/default.nix
View File

@ -75,7 +75,10 @@ stdenv.mkDerivation rec {
hardeningDisable = [ "format" ];
configureFlags = [ "--with-modules" ] ++
configureFlags = [
"--disable-build-details" # for a (more) reproducible build
"--with-modules"
] ++
(lib.optional stdenv.isDarwin
(lib.withFeature withNS "ns")) ++
(if withNS

2
pkgs/applications/editors/emacs/macport.nix
View File

@ -68,7 +68,7 @@ stdenv.mkDerivation rec {
"--enable-mac-app=$$out/Applications"
];
CFLAGS = "-O3 -DMAC_OS_X_VERSION_MAX_ALLOWED=MAC_OS_X_VERSION_10_10 -DMAC_OS_X_VERSION_MIN_REQUIRED=MAC_OS_X_VERSION_10_10";
CFLAGS = "-O3";
LDFLAGS = "-O3 -L${ncurses.out}/lib";
postInstall = ''

4
pkgs/applications/editors/geany/default.nix
View File

@ -3,7 +3,7 @@
with stdenv.lib;
let
version = "1.34.1";
version = "1.35";
in
stdenv.mkDerivation rec {
@ -11,7 +11,7 @@ stdenv.mkDerivation rec {
src = fetchurl {
url = "https://download.geany.org/${name}.tar.bz2";
sha256 = "e765efd89e759defe3fd797d8a2052afbb4b23522efbcc72e3a72b7f1093ec11";
sha256 = "179xfnvhcxsv54v2mlrhykqv2j7klniln5sffvqqpjmdvwyivvim";
};
nativeBuildInputs = [ pkgconfig intltool libintl ];

8
pkgs/applications/editors/ghostwriter/default.nix
View File

@ -1,20 +1,20 @@
{ stdenv, fetchFromGitHub, qmake, pkgconfig, qttools, qtwebkit, hunspell }:
{ stdenv, fetchFromGitHub, qmake, pkgconfig, qttools, qtwebengine, hunspell }:
stdenv.mkDerivation rec {
pname = "ghostwriter";
version = "1.7.4";
version = "1.8.0";
name = "${pname}-${version}";
src = fetchFromGitHub {
owner = "wereturtle";
repo = pname;
rev = "v${version}";
sha256 = "1pqlr08z5syqcq5p282asxwzrrm7c1w94baxyb467swh8yp3fj5m";
sha256 = "13yn82m1l2pq93wbl569a2lzpc3sn8a8g30hsgdch1l9xlmhwran";
};
nativeBuildInputs = [ qmake pkgconfig qttools ];
buildInputs = [ qtwebkit hunspell ];
buildInputs = [ qtwebengine hunspell ];
meta = with stdenv.lib; {
description = "A cross-platform, aesthetic, distraction-free Markdown editor";

40
pkgs/applications/editors/jetbrains/default.nix
View File

@ -250,12 +250,12 @@ in
clion = buildClion rec {
name = "clion-${version}";
version = "2019.1"; /* updated by script */
version = "2019.1.2"; /* updated by script */
description = "C/C++ IDE. New. Intelligent. Cross-platform";
license = stdenv.lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/cpp/CLion-${version}.tar.gz";
sha256 = "1rlqnnv6b7lg18si31zd97ixnslwp8j6imkkjq0j5n9sydsr8xzj"; /* updated by script */
sha256 = "0x4fmbarckw60issrwk3cd65x5xjkxwrw4xq1qgfzmxfqhzbzvz8"; /* updated by script */
};
wmClass = "jetbrains-clion";
update-channel = "CLion RELEASE"; # channel's id as in http://www.jetbrains.com/updates/updates.xml
@ -263,12 +263,12 @@ in
datagrip = buildDataGrip rec {
name = "datagrip-${version}";
version = "2018.3.4"; /* updated by script */
version = "2019.1.1"; /* updated by script */
description = "Your Swiss Army Knife for Databases and SQL";
license = stdenv.lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/datagrip/${name}.tar.gz";
sha256 = "10sw41kkf2k60xjpwgc73i182y7px3dmqz2awnrl4gffdb9jgzmy"; /* updated by script */
sha256 = "0w6hasb8vcbxdqmb0pngwr2jg0w14prqb4v7blraa5jf1xyyiayd"; /* updated by script */
};
wmClass = "jetbrains-datagrip";
update-channel = "DataGrip RELEASE";
@ -276,12 +276,12 @@ in
goland = buildGoland rec {
name = "goland-${version}";
version = "2019.1"; /* updated by script */
version = "2019.1.1"; /* updated by script */
description = "Up and Coming Go IDE";
license = stdenv.lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/go/${name}.tar.gz";
sha256 = "0aq3x5aixh86h1zvvwrbr2f1nnqdpfvlsadd2ckmf5s5kghvg5r9"; /* updated by script */
sha256 = "0b8msq0raczm657rhbyqi702zv4zs66yd6dcm7s0l54hnas5ia9r"; /* updated by script */
};
wmClass = "jetbrains-goland";
update-channel = "GoLand RELEASE";
@ -289,12 +289,12 @@ in
idea-community = buildIdea rec {
name = "idea-community-${version}";
version = "2019.1"; /* updated by script */
version = "2019.1.1"; /* updated by script */
description = "Integrated Development Environment (IDE) by Jetbrains, community edition";
license = stdenv.lib.licenses.asl20;
src = fetchurl {
url = "https://download.jetbrains.com/idea/ideaIC-${version}.tar.gz";
sha256 = "0zyw88dd2v4igp080l99cyq6h0bmyri8a50fjp69ripiz9qaawx1"; /* updated by script */
sha256 = "0xbdn1q0a2ksb7z26n2l889m6z0lh3b45clya7rdfl4jv2gkiaaq"; /* updated by script */
};
wmClass = "jetbrains-idea-ce";
update-channel = "IntelliJ IDEA RELEASE";
@ -302,12 +302,12 @@ in
idea-ultimate = buildIdea rec {
name = "idea-ultimate-${version}";
version = "2019.1"; /* updated by script */
version = "2019.1.1"; /* updated by script */
description = "Integrated Development Environment (IDE) by Jetbrains, requires paid license";
license = stdenv.lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/idea/ideaIU-${version}-no-jbr.tar.gz";
sha256 = "0fsdf090cwwrsq3azknc9rpwwsl71cvsx4flivnqwfakb6rh4f1j"; /* updated by script */
sha256 = "1pglvklbj4w6pmc7ffbjwwfqh7fad54yfx87m9plqk80rmpjzxfi"; /* updated by script */
};
wmClass = "jetbrains-idea";
update-channel = "IntelliJ IDEA RELEASE";
@ -315,12 +315,12 @@ in
phpstorm = buildPhpStorm rec {
name = "phpstorm-${version}";
version = "2019.1"; /* updated by script */
version = "2019.1.1"; /* updated by script */
description = "Professional IDE for Web and PHP developers";
license = stdenv.lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/webide/PhpStorm-${version}.tar.gz";
sha256 = "1bv2a16wsc9j82w14qfrfjgszwkihk0jwp8bp8z9618q04c8vmgf"; /* updated by script */
sha256 = "100whawwj1kiq870dsmkx33qv5ygjpr9977jkbavhqjnc1zhwl1r"; /* updated by script */
};
wmClass = "jetbrains-phpstorm";
update-channel = "PhpStorm RELEASE";
@ -328,12 +328,12 @@ in
pycharm-community = buildPycharm rec {
name = "pycharm-community-${version}";
version = "2019.1"; /* updated by script */
version = "2019.1.1"; /* updated by script */
description = "PyCharm Community Edition";
license = stdenv.lib.licenses.asl20;
src = fetchurl {
url = "https://download.jetbrains.com/python/${name}.tar.gz";
sha256 = "173qm2g6pjga2jlw8sa59bxw543b56r56ikqwv2wp0jq5z61v26f"; /* updated by script */
sha256 = "1zz579kmskvgsjv2lriglxkdlx33mmfv2liw1b9iilspga59izld"; /* updated by script */
};
wmClass = "jetbrains-pycharm-ce";
update-channel = "PyCharm RELEASE";
@ -341,12 +341,12 @@ in
pycharm-professional = buildPycharm rec {
name = "pycharm-professional-${version}";
version = "2019.1"; /* updated by script */
version = "2019.1.1"; /* updated by script */
description = "PyCharm Professional Edition";
license = stdenv.lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/python/${name}.tar.gz";
sha256 = "0gjphdzdxgvflkzaakf3c1wnig86lxhxyx6xk6rg40yj6f2hzi47"; /* updated by script */
sha256 = "0hcij77j4zb1y1vls5nvxq3lmqrbppm3ml0p9nagbjipy2rmp838"; /* updated by script */
};
wmClass = "jetbrains-pycharm";
update-channel = "PyCharm RELEASE";
@ -367,12 +367,12 @@ in
ruby-mine = buildRubyMine rec {
name = "ruby-mine-${version}";
version = "2018.3.5"; /* updated by script */
version = "2019.1.1"; /* updated by script */
description = "The Most Intelligent Ruby and Rails IDE";
license = stdenv.lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/ruby/RubyMine-${version}.tar.gz";
sha256 = "1gykag8fsfqxv0d6fipn18hhpdvn4qxva2kkb0v330vp73wm2i2w"; /* updated by script */
sha256 = "0asg0x8xcjyydy0p1fdlhpcwfckdf9719460pv5zwc7yfd8z61yd"; /* updated by script */
};
wmClass = "jetbrains-rubymine";
update-channel = "RubyMine RELEASE";
@ -380,12 +380,12 @@ in
webstorm = buildWebStorm rec {
name = "webstorm-${version}";
version = "2019.1"; /* updated by script */
version = "2019.1.1"; /* updated by script */
description = "Professional IDE for Web and JavaScript development";
license = stdenv.lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/webstorm/WebStorm-${version}.tar.gz";
sha256 = "0r6a9g8ydnxf805gn2wajnwkcyfn0xksbsrs8wq6j4ghipkhscxj"; /* updated by script */
sha256 = "05lrsjk45l4xqjyinsqlnfr36qnv1nrgg2sskgi0bfjbdrfv9xrv"; /* updated by script */
};
wmClass = "jetbrains-webstorm";
update-channel = "WebStorm RELEASE";

4
pkgs/applications/editors/quilter/default.nix
View File

@ -4,13 +4,13 @@
stdenv.mkDerivation rec {
pname = "quilter";
version = "1.8.1";
version = "1.8.4";
src = fetchFromGitHub {
owner = "lainsce";
repo = pname;
rev = version;
sha256 = "0i8rvvc5g74bgfjgsmmgpj42xmhjaz14jjzl9s5nzwpy1fn7vv0p";
sha256 = "14qbkkz1l4zj6kwds5d82swnh3ynj6diyvjl0pafgp5i1i27j4rh";
};
nativeBuildInputs = [

6
pkgs/applications/editors/sublime/3/packages.nix
View File

@ -5,10 +5,10 @@ let
in
rec {
sublime3-dev = common {
buildVersion = "3203";
buildVersion = "3208";
dev = true;
x32sha256 = "004hnlm2dvcfagf3bkbfqxlnkgqk46jrm8w9yagpjwkpdy76mgyx";
x64sha256 = "0dp4vi39s2gq5a7snz0byrf44i0csbzwq6hn7i2zqa6rpvfywa1d";
x32sha256 = "09k04fjryc0dc6173i6nwhi5xaan89n4lp0n083crvkqwp0qlf2i";
x64sha256 = "12pn3yfm452m75dlyl0lyf82956j8raz2dglv328m81hbafflrj8";
} {};
sublime3 = common {

4
pkgs/applications/editors/typora/default.nix
View File

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
pname = "typora";
version = "0.9.68";
version = "0.9.70";
src = fetchurl {
url = "https://www.typora.io/linux/typora_${version}_amd64.deb";
sha256 = "09hkmnh9avzb7nc8i67vhbv6nc1v90kk88aq01mpmyibpdqp03zp";
sha256 = "08bgllbvgrpdkk9bryj4s16n274ps4igwrzdvsdbyw8wpp44vcy2";
};
nativeBuildInputs = [

Some files were not shown because too many files have changed in this diff Show More