mirror of
https://github.com/ilyakooo0/nixpkgs.git
synced 2024-09-30 17:49:58 +03:00
Merge master into haskell-updates
This commit is contained in:
commit
425871e878
1
.github/CODEOWNERS
vendored
1
.github/CODEOWNERS
vendored
@ -116,7 +116,6 @@
|
||||
/maintainers/scripts/update-python-libraries @FRidh
|
||||
/pkgs/development/interpreters/python @FRidh
|
||||
/doc/languages-frameworks/python.section.md @FRidh @mweinelt
|
||||
/pkgs/development/tools/poetry2nix @adisbladis
|
||||
/pkgs/development/interpreters/python/hooks @FRidh @jonringer
|
||||
|
||||
# Haskell
|
||||
|
@ -14,10 +14,10 @@ Fixing bit-by-bit reproducibility also has additional advantages, such as avoidi
|
||||
### Steps To Reproduce
|
||||
|
||||
```
|
||||
nix-build '<nixpkgs>' -A ... --check --keep-failed
|
||||
nix-build '<nixpkgs>' -A ... && nix-build '<nixpkgs>' -A ... --check --keep-failed
|
||||
```
|
||||
|
||||
You can use `diffoscope` to analyze the differences in the output of the two builds.
|
||||
If this command completes successfully, no differences where found. However, when it ends in `error: derivation '<X>' may not be deterministic: output '<Y>' differs from '<Z>'`, you can use `diffoscope <Y> <Z>` to analyze the differences in the output of the two builds.
|
||||
|
||||
To view the build log of the build that produced the artifact in the binary cache:
|
||||
|
||||
|
@ -243,21 +243,21 @@ or
|
||||
|
||||
***
|
||||
```
|
||||
## `fetchFromBittorrent` {#fetchfrombittorrent}
|
||||
## `fetchtorrent` {#fetchtorrent}
|
||||
|
||||
`fetchFromBittorrent` expects two arguments. `url` which can either be a Magnet URI (Magnet Link) such as `magnet:?xt=urn:btih:dd8255ecdc7ca55fb0bbf81323d87062db1f6d1c` or an HTTP URL pointing to a `.torrent` file. It can also take a `config` argument which will craft a `settings.json` configuration file and give it to `transmission`, the underlying program that is performing the fetch. The available config options for `transmission` can be found [here](https://github.com/transmission/transmission/blob/main/docs/Editing-Configuration-Files.md#options)
|
||||
`fetchtorrent` expects two arguments. `url` which can either be a Magnet URI (Magnet Link) such as `magnet:?xt=urn:btih:dd8255ecdc7ca55fb0bbf81323d87062db1f6d1c` or an HTTP URL pointing to a `.torrent` file. It can also take a `config` argument which will craft a `settings.json` configuration file and give it to `transmission`, the underlying program that is performing the fetch. The available config options for `transmission` can be found [here](https://github.com/transmission/transmission/blob/main/docs/Editing-Configuration-Files.md#options)
|
||||
|
||||
```
|
||||
{ fetchFromBittorrent }:
|
||||
{ fetchtorrent }:
|
||||
|
||||
fetchFromBittorrent {
|
||||
fetchtorrent {
|
||||
config = { peer-limit-global = 100; };
|
||||
url = "magnet:?xt=urn:btih:dd8255ecdc7ca55fb0bbf81323d87062db1f6d1c";
|
||||
sha256 = "";
|
||||
}
|
||||
```
|
||||
|
||||
### Parameters {#fetchfrombittorrent-parameters}
|
||||
### Parameters {#fetchtorrent-parameters}
|
||||
|
||||
- `url`: Magnet URI (Magnet Link) such as `magnet:?xt=urn:btih:dd8255ecdc7ca55fb0bbf81323d87062db1f6d1c` or an HTTP URL pointing to a `.torrent` file.
|
||||
|
||||
|
@ -1771,12 +1771,6 @@
|
||||
githubId = 1217745;
|
||||
name = "Aldwin Vlasblom";
|
||||
};
|
||||
aveltras = {
|
||||
email = "romain.viallard@outlook.fr";
|
||||
github = "aveltras";
|
||||
githubId = 790607;
|
||||
name = "Romain Viallard";
|
||||
};
|
||||
averelld = {
|
||||
email = "averell+nixos@rxd4.com";
|
||||
github = "averelld";
|
||||
@ -2769,6 +2763,12 @@
|
||||
githubId = 7435854;
|
||||
name = "Victor Calvert";
|
||||
};
|
||||
camelpunch = {
|
||||
email = "me@andrewbruce.net";
|
||||
github = "camelpunch";
|
||||
githubId = 141733;
|
||||
name = "Andrew Bruce";
|
||||
};
|
||||
cameronfyfe = {
|
||||
email = "cameron.j.fyfe@gmail.com";
|
||||
github = "cameronfyfe";
|
||||
@ -7460,6 +7460,12 @@
|
||||
githubId = 25505957;
|
||||
name = "Ilian";
|
||||
};
|
||||
iliayar = {
|
||||
email = "iliayar3@gmail.com";
|
||||
github = "iliayar";
|
||||
githubId = 17529355;
|
||||
name = "Ilya Yaroshevskiy";
|
||||
};
|
||||
ilikeavocadoes = {
|
||||
email = "ilikeavocadoes@hush.com";
|
||||
github = "ilikeavocadoes";
|
||||
@ -7872,6 +7878,12 @@
|
||||
githubId = 2212681;
|
||||
name = "Jakub Grzgorz Sokołowski";
|
||||
};
|
||||
jakuzure = {
|
||||
email = "shin@posteo.jp";
|
||||
github = "jakuzure";
|
||||
githubId = 11823547;
|
||||
name = "jakuzure";
|
||||
};
|
||||
jali-clarke = {
|
||||
email = "jinnah.ali-clarke@outlook.com";
|
||||
name = "Jinnah Ali-Clarke";
|
||||
@ -9776,6 +9788,11 @@
|
||||
}];
|
||||
name = "Joseph LaFreniere";
|
||||
};
|
||||
lagoja = {
|
||||
github = "Lagoja";
|
||||
githubId =750845;
|
||||
name = "John Lago";
|
||||
};
|
||||
laikq = {
|
||||
email = "gwen@quasebarth.de";
|
||||
github = "laikq";
|
||||
@ -13313,6 +13330,15 @@
|
||||
githubId = 75299;
|
||||
name = "Malcolm Matalka";
|
||||
};
|
||||
orhun = {
|
||||
email = "orhunparmaksiz@gmail.com";
|
||||
github = "orhun";
|
||||
githubId = 24392180;
|
||||
name = "Orhun Parmaksız";
|
||||
keys = [{
|
||||
fingerprint = "165E 0FF7 C48C 226E 1EC3 63A7 F834 2482 4B3E 4B90";
|
||||
}];
|
||||
};
|
||||
orichter = {
|
||||
email = "richter-oliver@gmx.net";
|
||||
github = "ORichterSec";
|
||||
|
@ -430,6 +430,7 @@ with lib.maintainers; {
|
||||
members = [
|
||||
cleeyv
|
||||
ryantm
|
||||
lassulus
|
||||
];
|
||||
scope = "Maintain Jitsi.";
|
||||
shortName = "Jitsi";
|
||||
@ -931,7 +932,6 @@ with lib.maintainers; {
|
||||
wdz = {
|
||||
members = [
|
||||
n0emis
|
||||
netali
|
||||
vidister
|
||||
johannwagner
|
||||
yuka
|
||||
|
@ -86,6 +86,8 @@
|
||||
|
||||
- [pgBouncer](https://www.pgbouncer.org), a PostgreSQL connection pooler. Available as [services.pgbouncer](#opt-services.pgbouncer.enable).
|
||||
|
||||
- [Goss](https://goss.rocks/), a YAML based serverspec alternative tool for validating a server's configuration. Available as [services.goss](#opt-services.goss.enable).
|
||||
|
||||
- [trust-dns](https://trust-dns.org/), a Rust based DNS server built to be safe and secure from the ground up. Available as [services.trust-dns](#opt-services.trust-dns.enable).
|
||||
|
||||
- [osquery](https://www.osquery.io/), a SQL powered operating system instrumentation, monitoring, and analytics.
|
||||
@ -238,8 +240,6 @@
|
||||
|
||||
- `baloo`, the file indexer/search engine used by KDE now has a patch to prevent files from constantly being reindexed when the device ids of the their underlying storage changes. This happens frequently when using btrfs or LVM. The patch has not yet been accepted upstream but it provides a significantly improved experience. When upgrading, reset baloo to get a clean index: `balooctl disable ; balooctl purge ; balooctl enable`.
|
||||
|
||||
- `services.ddclient` has been removed on the request of the upstream maintainer because it is unmaintained and has bugs. Please switch to a different software like `inadyn` or `knsupdate`.
|
||||
|
||||
- The `vlock` program from the `kbd` package has been moved into its own package output and should now be referenced explicitly as `kbd.vlock` or replaced with an alternative such as the standalone `vlock` package or `physlock`.
|
||||
|
||||
- `fileSystems.<name>.autoFormat` now uses `systemd-makefs`, which does not accept formatting options. Therefore, `fileSystems.<name>.formatOptions` has been removed.
|
||||
@ -339,6 +339,8 @@
|
||||
|
||||
- `mkDerivation` now rejects MD5 hashes.
|
||||
|
||||
- The `junicode` font package has been updated to [major version 2](https://github.com/psb1558/Junicode-font/releases/tag/v2.001), which is now a font family. In particular, plain `Junicode.ttf` no longer exists. In addition, TrueType font files are now placed in `font/truetype` instead of `font/junicode-ttf`; this change does not affect use via `fonts.packages` NixOS option.
|
||||
|
||||
## Other Notable Changes {#sec-release-23.11-notable-changes}
|
||||
|
||||
- The Cinnamon module now enables XDG desktop integration by default. If you are experiencing collisions related to xdg-desktop-portal-gtk you can safely remove `xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-gtk ];` from your NixOS configuration.
|
||||
|
@ -429,11 +429,11 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
# Activation script to append the password from the password file
|
||||
# preStart script to append the password from the password file
|
||||
# to the configuration files. It also fixes the owner of the
|
||||
# libnss-mysql-root.cfg because it is changed to root after the
|
||||
# password is appended.
|
||||
system.activationScripts.mysql-auth-passwords = ''
|
||||
systemd.services.mysql.preStart = ''
|
||||
if [[ -r ${cfg.passwordFile} ]]; then
|
||||
org_umask=$(umask)
|
||||
umask 0077
|
||||
|
@ -97,12 +97,9 @@ in
|
||||
|
||||
nix.settings.nix-path = mkIf (! cfg.channel.enable) (mkDefault "");
|
||||
|
||||
system.activationScripts.nix-channel = mkIf cfg.channel.enable
|
||||
(stringAfter [ "etc" "users" ] ''
|
||||
# Subscribe the root user to the NixOS channel by default.
|
||||
if [ ! -e "/root/.nix-channels" ]; then
|
||||
echo "${config.system.defaultChannel} nixos" > "/root/.nix-channels"
|
||||
fi
|
||||
'');
|
||||
systemd.tmpfiles.rules = lib.mkIf cfg.channel.enable [
|
||||
"f /root/.nix-channels -"
|
||||
''w "/root/.nix-channels" - - - - "${config.system.defaultChannel} nixos\n"''
|
||||
];
|
||||
};
|
||||
}
|
||||
|
@ -773,6 +773,7 @@
|
||||
./services/monitoring/datadog-agent.nix
|
||||
./services/monitoring/do-agent.nix
|
||||
./services/monitoring/fusion-inventory.nix
|
||||
./services/monitoring/goss.nix
|
||||
./services/monitoring/grafana-agent.nix
|
||||
./services/monitoring/grafana-image-renderer.nix
|
||||
./services/monitoring/grafana-reporter.nix
|
||||
|
@ -53,6 +53,19 @@ in {
|
||||
dbus.packages = [ pkgs.cdemu-daemon ];
|
||||
};
|
||||
|
||||
users.groups.${config.programs.cdemu.group} = {};
|
||||
|
||||
# Systemd User service
|
||||
# manually adapted from example in source package:
|
||||
# https://sourceforge.net/p/cdemu/code/ci/master/tree/cdemu-daemon/service-example/cdemu-daemon.service
|
||||
systemd.user.services.cdemu-daemon.description = "CDEmu daemon";
|
||||
systemd.user.services.cdemu-daemon.serviceConfig = {
|
||||
Type = "dbus";
|
||||
BusName = "net.sf.cdemu.CDEmuDaemon";
|
||||
ExecStart = "${pkgs.cdemu-daemon}/bin/cdemu-daemon --config-file \"%h/.config/cdemu-daemon\"";
|
||||
Restart = "no";
|
||||
};
|
||||
|
||||
environment.systemPackages =
|
||||
[ pkgs.cdemu-daemon pkgs.cdemu-client ]
|
||||
++ optional cfg.gui pkgs.gcdemu
|
||||
|
@ -193,8 +193,11 @@ in
|
||||
source = "${pkgs.duo-unix.out}/bin/login_duo";
|
||||
};
|
||||
|
||||
system.activationScripts = {
|
||||
login_duo = mkIf cfg.ssh.enable ''
|
||||
systemd.services.login-duo = lib.mkIf cfg.ssh.enable {
|
||||
wantedBy = [ "sysinit.target" ];
|
||||
before = [ "sysinit.target" ];
|
||||
unitConfig.DefaultDependencies = false;
|
||||
script = ''
|
||||
if test -f "${cfg.secretKeyFile}"; then
|
||||
mkdir -m 0755 -p /etc/duo
|
||||
|
||||
@ -209,7 +212,13 @@ in
|
||||
mv -fT "$conf" /etc/duo/login_duo.conf
|
||||
fi
|
||||
'';
|
||||
pam_duo = mkIf cfg.pam.enable ''
|
||||
};
|
||||
|
||||
systemd.services.pam-duo = lib.mkIf cfg.ssh.enable {
|
||||
wantedBy = [ "sysinit.target" ];
|
||||
before = [ "sysinit.target" ];
|
||||
unitConfig.DefaultDependencies = false;
|
||||
script = ''
|
||||
if test -f "${cfg.secretKeyFile}"; then
|
||||
mkdir -m 0755 -p /etc/duo
|
||||
|
||||
|
@ -275,33 +275,38 @@ in
|
||||
mrpx ${wrap.source},
|
||||
'') wrappers;
|
||||
|
||||
###### wrappers activation script
|
||||
system.activationScripts.wrappers =
|
||||
lib.stringAfter [ "specialfs" "users" ]
|
||||
''
|
||||
chmod 755 "${parentWrapperDir}"
|
||||
systemd.services.suid-sgid-wrappers = {
|
||||
description = "Create SUID/SGID Wrappers";
|
||||
wantedBy = [ "sysinit.target" ];
|
||||
before = [ "sysinit.target" ];
|
||||
unitConfig.DefaultDependencies = false;
|
||||
unitConfig.RequiresMountsFor = [ "/nix/store" "/run/wrappers" ];
|
||||
serviceConfig.Type = "oneshot";
|
||||
script = ''
|
||||
chmod 755 "${parentWrapperDir}"
|
||||
|
||||
# We want to place the tmpdirs for the wrappers to the parent dir.
|
||||
wrapperDir=$(mktemp --directory --tmpdir="${parentWrapperDir}" wrappers.XXXXXXXXXX)
|
||||
chmod a+rx "$wrapperDir"
|
||||
# We want to place the tmpdirs for the wrappers to the parent dir.
|
||||
wrapperDir=$(mktemp --directory --tmpdir="${parentWrapperDir}" wrappers.XXXXXXXXXX)
|
||||
chmod a+rx "$wrapperDir"
|
||||
|
||||
${lib.concatStringsSep "\n" mkWrappedPrograms}
|
||||
${lib.concatStringsSep "\n" mkWrappedPrograms}
|
||||
|
||||
if [ -L ${wrapperDir} ]; then
|
||||
# Atomically replace the symlink
|
||||
# See https://axialcorps.com/2013/07/03/atomically-replacing-files-and-directories/
|
||||
old=$(readlink -f ${wrapperDir})
|
||||
if [ -e "${wrapperDir}-tmp" ]; then
|
||||
rm --force --recursive "${wrapperDir}-tmp"
|
||||
fi
|
||||
ln --symbolic --force --no-dereference "$wrapperDir" "${wrapperDir}-tmp"
|
||||
mv --no-target-directory "${wrapperDir}-tmp" "${wrapperDir}"
|
||||
rm --force --recursive "$old"
|
||||
else
|
||||
# For initial setup
|
||||
ln --symbolic "$wrapperDir" "${wrapperDir}"
|
||||
if [ -L ${wrapperDir} ]; then
|
||||
# Atomically replace the symlink
|
||||
# See https://axialcorps.com/2013/07/03/atomically-replacing-files-and-directories/
|
||||
old=$(readlink -f ${wrapperDir})
|
||||
if [ -e "${wrapperDir}-tmp" ]; then
|
||||
rm --force --recursive "${wrapperDir}-tmp"
|
||||
fi
|
||||
'';
|
||||
ln --symbolic --force --no-dereference "$wrapperDir" "${wrapperDir}-tmp"
|
||||
mv --no-target-directory "${wrapperDir}-tmp" "${wrapperDir}"
|
||||
rm --force --recursive "$old"
|
||||
else
|
||||
# For initial setup
|
||||
ln --symbolic "$wrapperDir" "${wrapperDir}"
|
||||
fi
|
||||
'';
|
||||
};
|
||||
|
||||
###### wrappers consistency checks
|
||||
system.checks = lib.singleton (pkgs.runCommandLocal
|
||||
|
@ -81,7 +81,7 @@ in
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
warnings = []
|
||||
++ optional (cfg.settings != null && cfg.settings.location != null)
|
||||
++ optional (cfg.settings != null && cfg.settings ? location)
|
||||
"`services.borgmatic.settings.location` is deprecated, please move your options out of sections to the global scope"
|
||||
++ optional (catAttrs "location" (attrValues cfg.configurations) != [])
|
||||
"`services.borgmatic.configurations.<name>.location` is deprecated, please move your options out of sections to the global scope"
|
||||
|
@ -23,25 +23,13 @@ in
|
||||
|
||||
environmentFile = mkOption {
|
||||
type = with types; nullOr str;
|
||||
# added on 2021-08-28, s3CredentialsFile should
|
||||
# be removed in the future (+ remember the warning)
|
||||
default = config.s3CredentialsFile;
|
||||
default = null;
|
||||
description = lib.mdDoc ''
|
||||
file containing the credentials to access the repository, in the
|
||||
format of an EnvironmentFile as described by systemd.exec(5)
|
||||
'';
|
||||
};
|
||||
|
||||
s3CredentialsFile = mkOption {
|
||||
type = with types; nullOr str;
|
||||
default = null;
|
||||
description = lib.mdDoc ''
|
||||
file containing the AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY
|
||||
for an S3-hosted repository, in the format of an EnvironmentFile
|
||||
as described by systemd.exec(5)
|
||||
'';
|
||||
};
|
||||
|
||||
rcloneOptions = mkOption {
|
||||
type = with types; nullOr (attrsOf (oneOf [ str bool ]));
|
||||
default = null;
|
||||
@ -300,7 +288,6 @@ in
|
||||
};
|
||||
|
||||
config = {
|
||||
warnings = mapAttrsToList (n: v: "services.restic.backups.${n}.s3CredentialsFile is deprecated, please use services.restic.backups.${n}.environmentFile instead.") (filterAttrs (n: v: v.s3CredentialsFile != null) config.services.restic.backups);
|
||||
assertions = mapAttrsToList (n: v: {
|
||||
assertion = (v.repository == null) != (v.repositoryFile == null);
|
||||
message = "services.restic.backups.${n}: exactly one of repository or repositoryFile should be set";
|
||||
|
@ -143,13 +143,11 @@ in
|
||||
|
||||
environment.systemPackages = [ pkgs.mlmmj ];
|
||||
|
||||
system.activationScripts.mlmmj = ''
|
||||
${pkgs.coreutils}/bin/mkdir -p ${stateDir} ${spoolDir}/${cfg.listDomain}
|
||||
${pkgs.coreutils}/bin/chown -R ${cfg.user}:${cfg.group} ${spoolDir}
|
||||
${concatMapLines (createList cfg.listDomain) cfg.mailLists}
|
||||
${pkgs.postfix}/bin/postmap /etc/postfix/virtual
|
||||
${pkgs.postfix}/bin/postmap /etc/postfix/transport
|
||||
'';
|
||||
systemd.tmpfiles.rules = [
|
||||
''d "${stateDir}" -''
|
||||
''d "${spoolDir}/${cfg.listDomain}" -''
|
||||
''Z "${spoolDir}" - "${cfg.user}" "${cfg.group}" -''
|
||||
];
|
||||
|
||||
systemd.services.mlmmj-maintd = {
|
||||
description = "mlmmj maintenance daemon";
|
||||
@ -158,6 +156,11 @@ in
|
||||
Group = cfg.group;
|
||||
ExecStart = "${pkgs.mlmmj}/bin/mlmmj-maintd -F -d ${spoolDir}/${cfg.listDomain}";
|
||||
};
|
||||
preStart = ''
|
||||
${concatMapLines (createList cfg.listDomain) cfg.mailLists}
|
||||
${pkgs.postfix}/bin/postmap /etc/postfix/virtual
|
||||
${pkgs.postfix}/bin/postmap /etc/postfix/transport
|
||||
'';
|
||||
};
|
||||
|
||||
systemd.timers.mlmmj-maintd = {
|
||||
|
44
nixos/modules/services/monitoring/goss.md
Normal file
44
nixos/modules/services/monitoring/goss.md
Normal file
@ -0,0 +1,44 @@
|
||||
# Goss {#module-services-goss}
|
||||
|
||||
[goss](https://goss.rocks/) is a YAML based serverspec alternative tool
|
||||
for validating a server's configuration.
|
||||
|
||||
## Basic Usage {#module-services-goss-basic-usage}
|
||||
|
||||
A minimal configuration looks like this:
|
||||
|
||||
```
|
||||
{
|
||||
services.goss = {
|
||||
enable = true;
|
||||
|
||||
environment = {
|
||||
GOSS_FMT = "json";
|
||||
GOSS_LOGLEVEL = "TRACE";
|
||||
};
|
||||
|
||||
settings = {
|
||||
addr."tcp://localhost:8080" = {
|
||||
reachable = true;
|
||||
local-address = "127.0.0.1";
|
||||
};
|
||||
command."check-goss-version" = {
|
||||
exec = "${lib.getExe pkgs.goss} --version";
|
||||
exit-status = 0;
|
||||
};
|
||||
dns.localhost.resolvable = true;
|
||||
file."/nix" = {
|
||||
filetype = "directory";
|
||||
exists = true;
|
||||
};
|
||||
group.root.exists = true;
|
||||
kernel-param."kernel.ostype".value = "Linux";
|
||||
service.goss = {
|
||||
enabled = true;
|
||||
running = true;
|
||||
};
|
||||
user.root.exists = true;
|
||||
};
|
||||
};
|
||||
}
|
||||
```
|
86
nixos/modules/services/monitoring/goss.nix
Normal file
86
nixos/modules/services/monitoring/goss.nix
Normal file
@ -0,0 +1,86 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
cfg = config.services.goss;
|
||||
|
||||
settingsFormat = pkgs.formats.yaml { };
|
||||
configFile = settingsFormat.generate "goss.yaml" cfg.settings;
|
||||
|
||||
in {
|
||||
meta = {
|
||||
doc = ./goss.md;
|
||||
maintainers = [ lib.maintainers.anthonyroussel ];
|
||||
};
|
||||
|
||||
options = {
|
||||
services.goss = {
|
||||
enable = lib.mkEnableOption (lib.mdDoc "Goss daemon");
|
||||
|
||||
package = lib.mkPackageOptionMD pkgs "goss" { };
|
||||
|
||||
environment = lib.mkOption {
|
||||
type = lib.types.attrsOf lib.types.str;
|
||||
default = { };
|
||||
example = {
|
||||
GOSS_FMT = "json";
|
||||
GOSS_LOGLEVEL = "FATAL";
|
||||
GOSS_LISTEN = ":8080";
|
||||
};
|
||||
description = lib.mdDoc ''
|
||||
Environment variables to set for the goss service.
|
||||
|
||||
See <https://github.com/goss-org/goss/blob/master/docs/manual.md>
|
||||
'';
|
||||
};
|
||||
|
||||
settings = lib.mkOption {
|
||||
type = lib.types.submodule { freeformType = settingsFormat.type; };
|
||||
default = { };
|
||||
example = {
|
||||
addr."tcp://localhost:8080" = {
|
||||
reachable = true;
|
||||
local-address = "127.0.0.1";
|
||||
};
|
||||
service.goss = {
|
||||
enabled = true;
|
||||
running = true;
|
||||
};
|
||||
};
|
||||
description = lib.mdDoc ''
|
||||
The global options in `config` file in yaml format.
|
||||
|
||||
Refer to <https://github.com/goss-org/goss/blob/master/docs/goss-json-schema.yaml> for schema.
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
environment.systemPackages = [ cfg.package ];
|
||||
|
||||
systemd.services.goss = {
|
||||
description = "Goss - Quick and Easy server validation";
|
||||
unitConfig.Documentation = "https://github.com/goss-org/goss/blob/master/docs/manual.md";
|
||||
|
||||
after = [ "network-online.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
wants = [ "network-online.target" ];
|
||||
|
||||
environment = {
|
||||
GOSS_FILE = configFile;
|
||||
} // cfg.environment;
|
||||
|
||||
reloadTriggers = [ configFile ];
|
||||
|
||||
serviceConfig = {
|
||||
DynamicUser = true;
|
||||
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
|
||||
ExecStart = "${cfg.package}/bin/goss serve";
|
||||
Group = "goss";
|
||||
Restart = "on-failure";
|
||||
RestartSec = 5;
|
||||
User = "goss";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
@ -239,11 +239,9 @@ in
|
||||
|
||||
power.ups.schedulerRules = mkDefault "${pkgs.nut}/etc/upssched.conf.sample";
|
||||
|
||||
system.activationScripts.upsSetup = stringAfter [ "users" "groups" ]
|
||||
''
|
||||
# Used to store pid files of drivers.
|
||||
mkdir -p /var/state/ups
|
||||
'';
|
||||
systemd.tmpfiles.rules = [
|
||||
"d /var/state/ups -"
|
||||
];
|
||||
|
||||
|
||||
/*
|
||||
|
@ -52,25 +52,27 @@ in
|
||||
'';
|
||||
environment.etc."iscsi/initiatorname.iscsi".text = "InitiatorName=${cfg.name}";
|
||||
|
||||
system.activationScripts.iscsid = let
|
||||
extraCfgDumper = optionalString (cfg.extraConfigFile != null) ''
|
||||
if [ -f "${cfg.extraConfigFile}" ]; then
|
||||
printf "\n# The following is from ${cfg.extraConfigFile}:\n"
|
||||
cat "${cfg.extraConfigFile}"
|
||||
else
|
||||
echo "Warning: services.openiscsi.extraConfigFile ${cfg.extraConfigFile} does not exist!" >&2
|
||||
fi
|
||||
'';
|
||||
in ''
|
||||
(
|
||||
cat ${config.environment.etc."iscsi/iscsid.conf.fragment".source}
|
||||
${extraCfgDumper}
|
||||
) > /etc/iscsi/iscsid.conf
|
||||
'';
|
||||
|
||||
systemd.packages = [ cfg.package ];
|
||||
|
||||
systemd.services."iscsid".wantedBy = [ "multi-user.target" ];
|
||||
systemd.services."iscsid" = {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
preStart =
|
||||
let
|
||||
extraCfgDumper = optionalString (cfg.extraConfigFile != null) ''
|
||||
if [ -f "${cfg.extraConfigFile}" ]; then
|
||||
printf "\n# The following is from ${cfg.extraConfigFile}:\n"
|
||||
cat "${cfg.extraConfigFile}"
|
||||
else
|
||||
echo "Warning: services.openiscsi.extraConfigFile ${cfg.extraConfigFile} does not exist!" >&2
|
||||
fi
|
||||
'';
|
||||
in ''
|
||||
(
|
||||
cat ${config.environment.etc."iscsi/iscsid.conf.fragment".source}
|
||||
${extraCfgDumper}
|
||||
) > /etc/iscsi/iscsid.conf
|
||||
'';
|
||||
};
|
||||
systemd.sockets."iscsid".wantedBy = [ "sockets.target" ];
|
||||
|
||||
systemd.services."iscsi" = mkIf cfg.enableAutoLoginOut {
|
||||
|
@ -197,8 +197,9 @@ in
|
||||
script = "exec ${pkgs.spiped}/bin/spiped -F `cat /etc/spiped/$1.spec`";
|
||||
};
|
||||
|
||||
system.activationScripts.spiped = optionalString (cfg.config != {})
|
||||
"mkdir -p /var/lib/spiped";
|
||||
systemd.tmpfiles.rules = lib.mkIf (cfg.config != { }) [
|
||||
"d /var/lib/spiped -"
|
||||
];
|
||||
|
||||
# Setup spiped config files
|
||||
environment.etc = mapAttrs' (name: cfg: nameValuePair "spiped/${name}.spec"
|
||||
|
@ -43,21 +43,21 @@ in {
|
||||
|
||||
# The swanctl command complains when the following directories don't exist:
|
||||
# See: https://wiki.strongswan.org/projects/strongswan/wiki/Swanctldirectory
|
||||
system.activationScripts.strongswan-swanctl-etc = stringAfter ["etc"] ''
|
||||
mkdir -p '/etc/swanctl/x509' # Trusted X.509 end entity certificates
|
||||
mkdir -p '/etc/swanctl/x509ca' # Trusted X.509 Certificate Authority certificates
|
||||
mkdir -p '/etc/swanctl/x509ocsp'
|
||||
mkdir -p '/etc/swanctl/x509aa' # Trusted X.509 Attribute Authority certificates
|
||||
mkdir -p '/etc/swanctl/x509ac' # Attribute Certificates
|
||||
mkdir -p '/etc/swanctl/x509crl' # Certificate Revocation Lists
|
||||
mkdir -p '/etc/swanctl/pubkey' # Raw public keys
|
||||
mkdir -p '/etc/swanctl/private' # Private keys in any format
|
||||
mkdir -p '/etc/swanctl/rsa' # PKCS#1 encoded RSA private keys
|
||||
mkdir -p '/etc/swanctl/ecdsa' # Plain ECDSA private keys
|
||||
mkdir -p '/etc/swanctl/bliss'
|
||||
mkdir -p '/etc/swanctl/pkcs8' # PKCS#8 encoded private keys of any type
|
||||
mkdir -p '/etc/swanctl/pkcs12' # PKCS#12 containers
|
||||
'';
|
||||
systemd.tmpfiles.rules = [
|
||||
"d /etc/swanctl/x509 -" # Trusted X.509 end entity certificates
|
||||
"d /etc/swanctl/x509ca -" # Trusted X.509 Certificate Authority certificates
|
||||
"d /etc/swanctl/x509ocsp -"
|
||||
"d /etc/swanctl/x509aa -" # Trusted X.509 Attribute Authority certificates
|
||||
"d /etc/swanctl/x509ac -" # Attribute Certificates
|
||||
"d /etc/swanctl/x509crl -" # Certificate Revocation Lists
|
||||
"d /etc/swanctl/pubkey -" # Raw public keys
|
||||
"d /etc/swanctl/private -" # Private keys in any format
|
||||
"d /etc/swanctl/rsa -" # PKCS#1 encoded RSA private keys
|
||||
"d /etc/swanctl/ecdsa -" # Plain ECDSA private keys
|
||||
"d /etc/swanctl/bliss -"
|
||||
"d /etc/swanctl/pkcs8 -" # PKCS#8 encoded private keys of any type
|
||||
"d /etc/swanctl/pkcs12 -" # PKCS#12 containers
|
||||
];
|
||||
|
||||
systemd.services.strongswan-swanctl = {
|
||||
description = "strongSwan IPsec IKEv1/IKEv2 daemon using swanctl";
|
||||
|
@ -31,6 +31,12 @@ in {
|
||||
|
||||
package = lib.mkPackageOptionMD pkgs "tailscale" {};
|
||||
|
||||
openFirewall = mkOption {
|
||||
default = false;
|
||||
type = types.bool;
|
||||
description = lib.mdDoc "Whether to open the firewall for the specified port.";
|
||||
};
|
||||
|
||||
useRoutingFeatures = mkOption {
|
||||
type = types.enum [ "none" "client" "server" "both" ];
|
||||
default = "none";
|
||||
@ -113,6 +119,8 @@ in {
|
||||
"net.ipv6.conf.all.forwarding" = mkOverride 97 true;
|
||||
};
|
||||
|
||||
networking.firewall.allowedUDPPorts = mkIf cfg.openFirewall [ cfg.port ];
|
||||
|
||||
networking.firewall.checkReversePath = mkIf (cfg.useRoutingFeatures == "client" || cfg.useRoutingFeatures == "both") "loose";
|
||||
|
||||
networking.dhcpcd.denyInterfaces = [ cfg.interfaceName ];
|
||||
|
@ -6,9 +6,9 @@ let
|
||||
cmd = ''
|
||||
@${cfg.jrePackage}/bin/java java \
|
||||
${optionalString (lib.versionAtLeast (lib.getVersion cfg.jrePackage) "16")
|
||||
"--add-opens java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.time=ALL-UNNAMED "
|
||||
("--add-opens java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.time=ALL-UNNAMED "
|
||||
+ "--add-opens java.base/sun.security.util=ALL-UNNAMED --add-opens java.base/java.io=ALL-UNNAMED "
|
||||
+ "--add-opens java.rmi/sun.rmi.transport=ALL-UNNAMED"} \
|
||||
+ "--add-opens java.rmi/sun.rmi.transport=ALL-UNNAMED")} \
|
||||
${optionalString (cfg.initialJavaHeapSize != null) "-Xms${(toString cfg.initialJavaHeapSize)}m"} \
|
||||
${optionalString (cfg.maximumJavaHeapSize != null) "-Xmx${(toString cfg.maximumJavaHeapSize)}m"} \
|
||||
-jar ${stateDir}/lib/ace.jar
|
||||
|
@ -249,11 +249,6 @@ in
|
||||
|
||||
services.xserver.displayManager.hiddenUsers = attrNames nixbldUsers;
|
||||
|
||||
system.activationScripts.nix = stringAfter [ "etc" "users" ]
|
||||
''
|
||||
install -m 0755 -d /nix/var/nix/{gcroots,profiles}/per-user
|
||||
'';
|
||||
|
||||
# Legacy configuration conversion.
|
||||
nix.settings = mkMerge [
|
||||
(mkIf (isNixAtLeast "2.3pre") { sandbox-fallback = false; })
|
||||
|
@ -287,9 +287,9 @@ in
|
||||
|
||||
# The systemd service will fail to execute the preStart hook
|
||||
# if the WorkingDirectory does not exist
|
||||
system.activationScripts.mattermost = ''
|
||||
mkdir -p "${cfg.statePath}"
|
||||
'';
|
||||
systemd.tmpfiles.rules = [
|
||||
''d "${cfg.statePath}" -''
|
||||
];
|
||||
|
||||
systemd.services.mattermost = {
|
||||
description = "Mattermost chat service";
|
||||
|
@ -78,9 +78,9 @@ in {
|
||||
server = {
|
||||
disableRegistration = mkOption {
|
||||
default = true;
|
||||
type = types.bool;
|
||||
type = types.enum [true false "invite_only"];
|
||||
description = lib.mdDoc ''
|
||||
Whether to prohibit creating an account in plausible's UI.
|
||||
Whether to prohibit creating an account in plausible's UI or allow on `invite_only`.
|
||||
'';
|
||||
};
|
||||
secretKeybaseFile = mkOption {
|
||||
@ -209,7 +209,7 @@ in {
|
||||
# Configuration options from
|
||||
# https://plausible.io/docs/self-hosting-configuration
|
||||
PORT = toString cfg.server.port;
|
||||
DISABLE_REGISTRATION = boolToString cfg.server.disableRegistration;
|
||||
DISABLE_REGISTRATION = if isBool cfg.server.disableRegistration then boolToString cfg.server.disableRegistration else cfg.server.disableRegistration;
|
||||
|
||||
RELEASE_TMP = "/var/lib/plausible/tmp";
|
||||
# Home is needed to connect to the node with iex
|
||||
|
@ -29,6 +29,13 @@ in {
|
||||
default = 8080;
|
||||
description = lib.mdDoc "The port of the Shiori web application";
|
||||
};
|
||||
|
||||
webRoot = mkOption {
|
||||
type = types.str;
|
||||
default = "/";
|
||||
example = "/shiori";
|
||||
description = lib.mdDoc "The root of the Shiori web application";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
@ -40,7 +47,7 @@ in {
|
||||
environment.SHIORI_DIR = "/var/lib/shiori";
|
||||
|
||||
serviceConfig = {
|
||||
ExecStart = "${package}/bin/shiori serve --address '${address}' --port '${toString port}'";
|
||||
ExecStart = "${package}/bin/shiori serve --address '${address}' --port '${toString port}' --webroot '${webRoot}'";
|
||||
|
||||
DynamicUser = true;
|
||||
StateDirectory = "shiori";
|
||||
|
@ -86,7 +86,7 @@ in
|
||||
serviceConfig = {
|
||||
ExecStart = "${cfg.package}/bin/garage server";
|
||||
|
||||
StateDirectory = mkIf (hasPrefix "/var/lib/garage" cfg.settings.data_dir && hasPrefix "/var/lib/garage" cfg.settings.metadata_dir) "garage";
|
||||
StateDirectory = mkIf (hasPrefix "/var/lib/garage" cfg.settings.data_dir || hasPrefix "/var/lib/garage" cfg.settings.metadata_dir) "garage";
|
||||
DynamicUser = lib.mkDefault true;
|
||||
ProtectHome = true;
|
||||
NoNewPrivileges = true;
|
||||
|
@ -35,6 +35,7 @@ let
|
||||
compressMimeTypes = [
|
||||
"application/atom+xml"
|
||||
"application/geo+json"
|
||||
"application/javascript" # Deprecated by IETF RFC 9239, but still widely used
|
||||
"application/json"
|
||||
"application/ld+json"
|
||||
"application/manifest+json"
|
||||
|
@ -204,11 +204,9 @@ in
|
||||
};
|
||||
|
||||
# Create default cert store
|
||||
system.activationScripts.makeStargazerCertDir =
|
||||
lib.optionalAttrs (cfg.store == /var/lib/gemini/certs) ''
|
||||
mkdir -p /var/lib/gemini/certs
|
||||
chown -R ${cfg.user}:${cfg.group} /var/lib/gemini/certs
|
||||
'';
|
||||
systemd.tmpfiles.rules = lib.mkIf (cfg.store == /var/lib/gemini/certs) [
|
||||
''d /var/lib/gemini/certs - "${cfg.user}" "${cfg.group}" -''
|
||||
];
|
||||
|
||||
users.users = lib.optionalAttrs (cfg.user == "stargazer") {
|
||||
stargazer = {
|
||||
|
@ -55,10 +55,6 @@ let
|
||||
# used as a garbage collection root.
|
||||
ln -sfn "$(readlink -f "$systemConfig")" /run/current-system
|
||||
|
||||
# Prevent the current configuration from being garbage-collected.
|
||||
mkdir -p /nix/var/nix/gcroots
|
||||
ln -sfn /run/current-system /nix/var/nix/gcroots/current-system
|
||||
|
||||
exit $_status
|
||||
'';
|
||||
|
||||
@ -233,23 +229,16 @@ in
|
||||
config = {
|
||||
|
||||
system.activationScripts.stdio = ""; # obsolete
|
||||
system.activationScripts.var = ""; # obsolete
|
||||
system.activationScripts.specialfs = ""; # obsolete
|
||||
|
||||
system.activationScripts.var =
|
||||
''
|
||||
# Various log/runtime directories.
|
||||
|
||||
mkdir -p /var/tmp
|
||||
chmod 1777 /var/tmp
|
||||
|
||||
# Empty, immutable home directory of many system accounts.
|
||||
mkdir -p /var/empty
|
||||
# Make sure it's really empty
|
||||
${pkgs.e2fsprogs}/bin/chattr -f -i /var/empty || true
|
||||
find /var/empty -mindepth 1 -delete
|
||||
chmod 0555 /var/empty
|
||||
chown root:root /var/empty
|
||||
${pkgs.e2fsprogs}/bin/chattr -f +i /var/empty || true
|
||||
'';
|
||||
systemd.tmpfiles.rules = [
|
||||
# Prevent the current configuration from being garbage-collected.
|
||||
"d /nix/var/nix/gcroots -"
|
||||
"L+ /nix/var/nix/gcroots/current-system - - - - /run/current-system"
|
||||
"D /var/empty 0555 root root -"
|
||||
"h /var/empty - - - - +i"
|
||||
];
|
||||
|
||||
system.activationScripts.usrbinenv = if config.environment.usrbinenv != null
|
||||
then ''
|
||||
@ -263,25 +252,6 @@ in
|
||||
rmdir --ignore-fail-on-non-empty /usr/bin /usr
|
||||
'';
|
||||
|
||||
system.activationScripts.specialfs =
|
||||
''
|
||||
specialMount() {
|
||||
local device="$1"
|
||||
local mountPoint="$2"
|
||||
local options="$3"
|
||||
local fsType="$4"
|
||||
|
||||
if mountpoint -q "$mountPoint"; then
|
||||
local options="remount,$options"
|
||||
else
|
||||
mkdir -p "$mountPoint"
|
||||
chmod 0755 "$mountPoint"
|
||||
fi
|
||||
mount -t "$fsType" -o "$options" "$device" "$mountPoint"
|
||||
}
|
||||
source ${config.system.build.earlyMountScript}
|
||||
'';
|
||||
|
||||
systemd.user = {
|
||||
services.nixos-activation = {
|
||||
description = "Run user-specific NixOS activation";
|
||||
|
@ -20,17 +20,13 @@ let
|
||||
optionalString fixBinary "F";
|
||||
in ":${name}:${type}:${offset'}:${magicOrExtension}:${mask'}:${interpreter}:${flags}";
|
||||
|
||||
activationSnippet = name: { interpreter, wrapInterpreterInShell, ... }: if wrapInterpreterInShell then ''
|
||||
rm -f /run/binfmt/${name}
|
||||
cat > /run/binfmt/${name} << 'EOF'
|
||||
#!${pkgs.bash}/bin/sh
|
||||
exec -- ${interpreter} "$@"
|
||||
EOF
|
||||
chmod +x /run/binfmt/${name}
|
||||
'' else ''
|
||||
rm -f /run/binfmt/${name}
|
||||
ln -s ${interpreter} /run/binfmt/${name}
|
||||
'';
|
||||
mkInterpreter = name: { interpreter, wrapInterpreterInShell, ... }:
|
||||
if wrapInterpreterInShell
|
||||
then pkgs.writeShellScript "${name}-interpreter" ''
|
||||
#!${pkgs.bash}/bin/sh
|
||||
exec -- ${interpreter} "$@"
|
||||
''
|
||||
else interpreter;
|
||||
|
||||
getEmulator = system: (lib.systems.elaborate { inherit system; }).emulator pkgs;
|
||||
getQemuArch = system: (lib.systems.elaborate { inherit system; }).qemuArch;
|
||||
@ -318,18 +314,25 @@ in {
|
||||
|
||||
environment.etc."binfmt.d/nixos.conf".source = builtins.toFile "binfmt_nixos.conf"
|
||||
(lib.concatStringsSep "\n" (lib.mapAttrsToList makeBinfmtLine config.boot.binfmt.registrations));
|
||||
system.activationScripts.binfmt = stringAfter [ "specialfs" ] ''
|
||||
mkdir -p /run/binfmt
|
||||
chmod 0755 /run/binfmt
|
||||
${lib.concatStringsSep "\n" (lib.mapAttrsToList activationSnippet config.boot.binfmt.registrations)}
|
||||
'';
|
||||
systemd = lib.mkIf (config.boot.binfmt.registrations != {}) {
|
||||
additionalUpstreamSystemUnits = [
|
||||
"proc-sys-fs-binfmt_misc.automount"
|
||||
"proc-sys-fs-binfmt_misc.mount"
|
||||
"systemd-binfmt.service"
|
||||
];
|
||||
services.systemd-binfmt.restartTriggers = [ (builtins.toJSON config.boot.binfmt.registrations) ];
|
||||
};
|
||||
|
||||
systemd = lib.mkMerge [
|
||||
({ tmpfiles.rules = [
|
||||
"d /run/binfmt 0755 -"
|
||||
] ++ lib.mapAttrsToList
|
||||
(name: interpreter:
|
||||
"L+ /run/binfmt/${name} - - - - ${interpreter}"
|
||||
)
|
||||
(lib.mapAttrs mkInterpreter config.boot.binfmt.registrations);
|
||||
})
|
||||
|
||||
(lib.mkIf (config.boot.binfmt.registrations != {}) {
|
||||
additionalUpstreamSystemUnits = [
|
||||
"proc-sys-fs-binfmt_misc.automount"
|
||||
"proc-sys-fs-binfmt_misc.mount"
|
||||
"systemd-binfmt.service"
|
||||
];
|
||||
services.systemd-binfmt.restartTriggers = [ (builtins.toJSON config.boot.binfmt.registrations) ];
|
||||
})
|
||||
];
|
||||
};
|
||||
}
|
||||
|
@ -269,6 +269,9 @@ in
|
||||
"ata_piix"
|
||||
"pata_marvell"
|
||||
|
||||
# NVMe
|
||||
"nvme"
|
||||
|
||||
# Standard SCSI stuff.
|
||||
"sd_mod"
|
||||
"sr_mod"
|
||||
|
@ -46,6 +46,28 @@ with lib;
|
||||
wantedBy = [ "sysinit.target" ];
|
||||
aliases = [ "dbus-org.freedesktop.timesync1.service" ];
|
||||
restartTriggers = [ config.environment.etc."systemd/timesyncd.conf".source ];
|
||||
|
||||
preStart = (
|
||||
# Ensure that we have some stored time to prevent
|
||||
# systemd-timesyncd to resort back to the fallback time. If
|
||||
# the file doesn't exist we assume that our current system
|
||||
# clock is good enough to provide an initial value.
|
||||
''
|
||||
if ! [ -f /var/lib/systemd/timesync/clock ]; then
|
||||
test -d /var/lib/systemd/timesync || mkdir -p /var/lib/systemd/timesync
|
||||
touch /var/lib/systemd/timesync/clock
|
||||
fi
|
||||
'' +
|
||||
# workaround an issue of systemd-timesyncd not starting due to upstream systemd reverting their dynamic users changes
|
||||
# - https://github.com/NixOS/nixpkgs/pull/61321#issuecomment-492423742
|
||||
# - https://github.com/systemd/systemd/issues/12131
|
||||
(lib.optionalString (versionOlder config.system.stateVersion "19.09") ''
|
||||
if [ -L /var/lib/systemd/timesync ]; then
|
||||
rm /var/lib/systemd/timesync
|
||||
mv /var/lib/private/systemd/timesync /var/lib/systemd/timesync
|
||||
fi
|
||||
'')
|
||||
);
|
||||
};
|
||||
|
||||
environment.etc."systemd/timesyncd.conf".text = ''
|
||||
@ -59,28 +81,5 @@ with lib;
|
||||
group = "systemd-timesync";
|
||||
};
|
||||
users.groups.systemd-timesync.gid = config.ids.gids.systemd-timesync;
|
||||
|
||||
system.activationScripts.systemd-timesyncd-migration =
|
||||
# workaround an issue of systemd-timesyncd not starting due to upstream systemd reverting their dynamic users changes
|
||||
# - https://github.com/NixOS/nixpkgs/pull/61321#issuecomment-492423742
|
||||
# - https://github.com/systemd/systemd/issues/12131
|
||||
mkIf (versionOlder config.system.stateVersion "19.09") ''
|
||||
if [ -L /var/lib/systemd/timesync ]; then
|
||||
rm /var/lib/systemd/timesync
|
||||
mv /var/lib/private/systemd/timesync /var/lib/systemd/timesync
|
||||
fi
|
||||
'';
|
||||
system.activationScripts.systemd-timesyncd-init-clock =
|
||||
# Ensure that we have some stored time to prevent systemd-timesyncd to
|
||||
# resort back to the fallback time.
|
||||
# If the file doesn't exist we assume that our current system clock is
|
||||
# good enough to provide an initial value.
|
||||
''
|
||||
if ! [ -f /var/lib/systemd/timesync/clock ]; then
|
||||
test -d /var/lib/systemd/timesync || mkdir -p /var/lib/systemd/timesync
|
||||
touch /var/lib/systemd/timesync/clock
|
||||
fi
|
||||
'';
|
||||
};
|
||||
|
||||
}
|
||||
|
@ -5,8 +5,22 @@ with lib;
|
||||
let
|
||||
fileSystems = config.system.build.fileSystems ++ config.swapDevices;
|
||||
encDevs = filter (dev: dev.encrypted.enable) fileSystems;
|
||||
keyedEncDevs = filter (dev: dev.encrypted.keyFile != null) encDevs;
|
||||
keylessEncDevs = filter (dev: dev.encrypted.keyFile == null) encDevs;
|
||||
|
||||
# With scripted initrd, devices with a keyFile have to be opened
|
||||
# late, after file systems are mounted, because that could be where
|
||||
# the keyFile is located. With systemd initrd, each individual
|
||||
# systemd-cryptsetup@ unit has RequiresMountsFor= to delay until all
|
||||
# the mount units for the key file are done; i.e. no special
|
||||
# treatment is needed.
|
||||
lateEncDevs =
|
||||
if config.boot.initrd.systemd.enable
|
||||
then { }
|
||||
else filter (dev: dev.encrypted.keyFile != null) encDevs;
|
||||
earlyEncDevs =
|
||||
if config.boot.initrd.systemd.enable
|
||||
then encDevs
|
||||
else filter (dev: dev.encrypted.keyFile == null) encDevs;
|
||||
|
||||
anyEncrypted =
|
||||
foldr (j: v: v || j.encrypted.enable) false encDevs;
|
||||
|
||||
@ -39,11 +53,14 @@ let
|
||||
type = types.nullOr types.str;
|
||||
description = lib.mdDoc ''
|
||||
Path to a keyfile used to unlock the backing encrypted
|
||||
device. At the time this keyfile is accessed, the
|
||||
`neededForBoot` filesystems (see
|
||||
`fileSystems.<name?>.neededForBoot`)
|
||||
will have been mounted under `/mnt-root`,
|
||||
so the keyfile path should usually start with "/mnt-root/".
|
||||
device. When systemd stage 1 is not enabled, at the time
|
||||
this keyfile is accessed, the `neededForBoot` filesystems
|
||||
(see `utils.fsNeededForBoot`) will have been mounted under
|
||||
`/mnt-root`, so the keyfile path should usually start with
|
||||
"/mnt-root/". When systemd stage 1 is enabled,
|
||||
`fsNeededForBoot` file systems will be mounted as needed
|
||||
under `/sysroot`, and the keyfile will not be accessed until
|
||||
its requisite mounts are done.
|
||||
'';
|
||||
};
|
||||
};
|
||||
@ -62,26 +79,41 @@ in
|
||||
};
|
||||
|
||||
config = mkIf anyEncrypted {
|
||||
assertions = map (dev: {
|
||||
assertion = dev.encrypted.label != null;
|
||||
message = ''
|
||||
The filesystem for ${dev.mountPoint} has encrypted.enable set to true, but no encrypted.label set
|
||||
'';
|
||||
}) encDevs;
|
||||
assertions = concatMap (dev: [
|
||||
{
|
||||
assertion = dev.encrypted.label != null;
|
||||
message = ''
|
||||
The filesystem for ${dev.mountPoint} has encrypted.enable set to true, but no encrypted.label set
|
||||
'';
|
||||
}
|
||||
{
|
||||
assertion =
|
||||
config.boot.initrd.systemd.enable -> (
|
||||
dev.encrypted.keyFile == null
|
||||
|| !lib.any (x: lib.hasPrefix x dev.encrypted.keyFile) ["/mnt-root" "$targetRoot"]
|
||||
);
|
||||
message = ''
|
||||
Bad use of '/mnt-root' or '$targetRoot` in 'keyFile'.
|
||||
|
||||
When 'boot.initrd.systemd.enable' is enabled, file systems
|
||||
are mounted at '/sysroot' instead of '/mnt-root'.
|
||||
'';
|
||||
}
|
||||
]) encDevs;
|
||||
|
||||
boot.initrd = {
|
||||
luks = {
|
||||
devices =
|
||||
builtins.listToAttrs (map (dev: {
|
||||
name = dev.encrypted.label;
|
||||
value = { device = dev.encrypted.blkDev; };
|
||||
}) keylessEncDevs);
|
||||
value = { device = dev.encrypted.blkDev; inherit (dev.encrypted) keyFile; };
|
||||
}) earlyEncDevs);
|
||||
forceLuksSupportInInitrd = true;
|
||||
};
|
||||
postMountCommands =
|
||||
concatMapStrings (dev:
|
||||
"cryptsetup luksOpen --key-file ${dev.encrypted.keyFile} ${dev.encrypted.blkDev} ${dev.encrypted.label};\n"
|
||||
) keyedEncDevs;
|
||||
) lateEncDevs;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
@ -1406,18 +1406,12 @@ in
|
||||
val = tempaddrValues.${opt}.sysctl;
|
||||
in nameValuePair "net.ipv6.conf.${replaceStrings ["."] ["/"] i.name}.use_tempaddr" val));
|
||||
|
||||
# Set the host and domain names in the activation script. Don't
|
||||
# clear it if it's not configured in the NixOS configuration,
|
||||
# since it may have been set by dhcpcd in the meantime.
|
||||
system.activationScripts.hostname = let
|
||||
effectiveHostname = config.boot.kernel.sysctl."kernel.hostname" or cfg.hostName;
|
||||
in optionalString (effectiveHostname != "") ''
|
||||
hostname "${effectiveHostname}"
|
||||
'';
|
||||
system.activationScripts.domain =
|
||||
optionalString (cfg.domain != null) ''
|
||||
domainname "${cfg.domain}"
|
||||
'';
|
||||
systemd.services.domainname = lib.mkIf (cfg.domain != null) {
|
||||
wantedBy = [ "sysinit.target" ];
|
||||
before = [ "sysinit.target" ];
|
||||
unitConfig.DefaultDependencies = false;
|
||||
serviceConfig.ExecStart = ''domainname "${cfg.domain}"'';
|
||||
};
|
||||
|
||||
environment.etc.hostid = mkIf (cfg.hostId != null) { source = hostidFile; };
|
||||
boot.initrd.systemd.contents."/etc/hostid" = mkIf (cfg.hostId != null) { source = hostidFile; };
|
||||
|
@ -123,7 +123,7 @@ let
|
||||
build = configEvaled.config.system.build;
|
||||
kernelTarget = configEvaled.pkgs.stdenv.hostPlatform.linux-kernel.target;
|
||||
in
|
||||
pkgs.symlinkJoin {
|
||||
configEvaled.pkgs.symlinkJoin {
|
||||
name = "netboot";
|
||||
paths = [
|
||||
build.netbootRamdisk
|
||||
|
16
nixos/tests/activation/nix-channel.nix
Normal file
16
nixos/tests/activation/nix-channel.nix
Normal file
@ -0,0 +1,16 @@
|
||||
{ lib, ... }:
|
||||
|
||||
{
|
||||
|
||||
name = "activation-nix-channel";
|
||||
|
||||
meta.maintainers = with lib.maintainers; [ nikstur ];
|
||||
|
||||
nodes.machine = {
|
||||
nix.channel.enable = true;
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
print(machine.succeed("cat /root/.nix-channels"))
|
||||
'';
|
||||
}
|
18
nixos/tests/activation/var.nix
Normal file
18
nixos/tests/activation/var.nix
Normal file
@ -0,0 +1,18 @@
|
||||
{ lib, ... }:
|
||||
|
||||
{
|
||||
|
||||
name = "activation-var";
|
||||
|
||||
meta.maintainers = with lib.maintainers; [ nikstur ];
|
||||
|
||||
nodes.machine = { };
|
||||
|
||||
testScript = ''
|
||||
assert machine.succeed("stat -c '%a' /var/tmp") == "1777\n"
|
||||
assert machine.succeed("stat -c '%a' /var/empty") == "555\n"
|
||||
assert machine.succeed("stat -c '%U' /var/empty") == "root\n"
|
||||
assert machine.succeed("stat -c '%G' /var/empty") == "root\n"
|
||||
assert "i" in machine.succeed("lsattr -d /var/empty")
|
||||
'';
|
||||
}
|
@ -266,6 +266,8 @@ in {
|
||||
esphome = handleTest ./esphome.nix {};
|
||||
etc = pkgs.callPackage ../modules/system/etc/test.nix { inherit evalMinimalConfig; };
|
||||
activation = pkgs.callPackage ../modules/system/activation/test.nix { };
|
||||
activation-var = runTest ./activation/var.nix;
|
||||
activation-nix-channel = runTest ./activation/nix-channel.nix;
|
||||
etcd = handleTestOn ["x86_64-linux"] ./etcd.nix {};
|
||||
etcd-cluster = handleTestOn ["x86_64-linux"] ./etcd-cluster.nix {};
|
||||
etebase-server = handleTest ./etebase-server.nix {};
|
||||
@ -289,6 +291,7 @@ in {
|
||||
firewall-nftables = handleTest ./firewall.nix { nftables = true; };
|
||||
fish = handleTest ./fish.nix {};
|
||||
flannel = handleTestOn ["x86_64-linux"] ./flannel.nix {};
|
||||
floorp = handleTest ./firefox.nix { firefoxPackage = pkgs.floorp; };
|
||||
fluentd = handleTest ./fluentd.nix {};
|
||||
fluidd = handleTest ./fluidd.nix {};
|
||||
fontconfig-default-fonts = handleTest ./fontconfig-default-fonts.nix {};
|
||||
@ -328,6 +331,7 @@ in {
|
||||
gollum = handleTest ./gollum.nix {};
|
||||
gonic = handleTest ./gonic.nix {};
|
||||
google-oslogin = handleTest ./google-oslogin {};
|
||||
goss = handleTest ./goss.nix {};
|
||||
gotify-server = handleTest ./gotify-server.nix {};
|
||||
gotosocial = runTest ./web-apps/gotosocial.nix;
|
||||
grafana = handleTest ./grafana {};
|
||||
@ -848,6 +852,7 @@ in {
|
||||
trezord = handleTest ./trezord.nix {};
|
||||
trickster = handleTest ./trickster.nix {};
|
||||
trilium-server = handleTestOn ["x86_64-linux"] ./trilium-server.nix {};
|
||||
tsja = handleTest ./tsja.nix {};
|
||||
tsm-client-gui = handleTest ./tsm-client-gui.nix {};
|
||||
txredisapi = handleTest ./txredisapi.nix {};
|
||||
tuptime = handleTest ./tuptime.nix {};
|
||||
|
@ -148,7 +148,7 @@ in
|
||||
)
|
||||
|
||||
# Bring down the initial seeder.
|
||||
# tracker.stop_job("transmission")
|
||||
tracker.stop_job("transmission")
|
||||
|
||||
# Now download from the second client. This can only succeed if
|
||||
# the first client created a NAT hole in the router.
|
||||
|
53
nixos/tests/goss.nix
Normal file
53
nixos/tests/goss.nix
Normal file
@ -0,0 +1,53 @@
|
||||
import ./make-test-python.nix ({ pkgs, lib, ... }: {
|
||||
name = "goss";
|
||||
meta.maintainers = [ lib.maintainers.anthonyroussel ];
|
||||
|
||||
nodes.machine = {
|
||||
environment.systemPackages = [ pkgs.jq ];
|
||||
|
||||
services.goss = {
|
||||
enable = true;
|
||||
|
||||
environment = {
|
||||
GOSS_FMT = "json";
|
||||
};
|
||||
|
||||
settings = {
|
||||
addr."tcp://localhost:8080" = {
|
||||
reachable = true;
|
||||
local-address = "127.0.0.1";
|
||||
};
|
||||
command."check-goss-version" = {
|
||||
exec = "${lib.getExe pkgs.goss} --version";
|
||||
exit-status = 0;
|
||||
};
|
||||
dns.localhost.resolvable = true;
|
||||
file."/nix" = {
|
||||
filetype = "directory";
|
||||
exists = true;
|
||||
};
|
||||
group.root.exists = true;
|
||||
kernel-param."kernel.ostype".value = "Linux";
|
||||
service.goss = {
|
||||
enabled = true;
|
||||
running = true;
|
||||
};
|
||||
user.root.exists = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
import json
|
||||
|
||||
machine.wait_for_unit("goss.service")
|
||||
machine.wait_for_open_port(8080)
|
||||
|
||||
with subtest("returns health status"):
|
||||
result = json.loads(machine.succeed("curl -sS http://localhost:8080/healthz"))
|
||||
|
||||
assert len(result["results"]) == 10, f".results should be an array of 10 items, was {result['results']!r}"
|
||||
assert result["summary"]["failed-count"] == 0, f".summary.failed-count should be zero, was {result['summary']['failed-count']}"
|
||||
assert result["summary"]["test-count"] == 10, f".summary.test-count should be 10, was {result['summary']['test-count']}"
|
||||
'';
|
||||
})
|
@ -22,15 +22,14 @@ let
|
||||
};
|
||||
};
|
||||
|
||||
system.activationScripts.setup-grafana = {
|
||||
deps = [ "users" ];
|
||||
text = ''
|
||||
mkdir -p /var/lib/grafana/dashboards
|
||||
chown -R grafana:grafana /var/lib/grafana
|
||||
chmod 0700 -R /var/lib/grafana/dashboards
|
||||
cp ${pkgs.writeText "test.json" (builtins.readFile ./test_dashboard.json)} /var/lib/grafana/dashboards/
|
||||
'';
|
||||
};
|
||||
systemd.tmpfiles.rules =
|
||||
let
|
||||
dashboard = pkgs.writeText "test.json" (builtins.readFile ./test_dashboard.json);
|
||||
in
|
||||
[
|
||||
"d /var/lib/grafana/dashboards 0700 grafana grafana -"
|
||||
"C+ /var/lib/grafana/dashboards/test.json - - - - ${dashboard}"
|
||||
];
|
||||
};
|
||||
|
||||
extraNodeConfs = {
|
||||
|
@ -12,11 +12,11 @@
|
||||
btrfsSubvolDefault
|
||||
btrfsSubvolEscape
|
||||
btrfsSubvols
|
||||
# encryptedFSWithKeyfile
|
||||
encryptedFSWithKeyfile
|
||||
# grub1
|
||||
# luksroot
|
||||
# luksroot-format1
|
||||
# luksroot-format2
|
||||
luksroot
|
||||
luksroot-format1
|
||||
luksroot-format2
|
||||
# lvm
|
||||
separateBoot
|
||||
separateBootFat
|
||||
|
@ -515,7 +515,7 @@ let
|
||||
enableOCR = true;
|
||||
preBootCommands = ''
|
||||
machine.start()
|
||||
machine.wait_for_text("Passphrase for")
|
||||
machine.wait_for_text("[Pp]assphrase for")
|
||||
machine.send_chars("supersecret\n")
|
||||
'';
|
||||
};
|
||||
@ -781,7 +781,7 @@ in {
|
||||
encrypted.enable = true;
|
||||
encrypted.blkDev = "/dev/vda3";
|
||||
encrypted.label = "crypt";
|
||||
encrypted.keyFile = "/mnt-root/keyfile";
|
||||
encrypted.keyFile = "/${if systemdStage1 then "sysroot" else "mnt-root"}/keyfile";
|
||||
};
|
||||
'';
|
||||
};
|
||||
|
@ -31,14 +31,9 @@ in
|
||||
services.opensearch.dataDir = "/var/opensearch_test";
|
||||
services.opensearch.user = "open_search";
|
||||
services.opensearch.group = "open_search";
|
||||
system.activationScripts.createDirectory = {
|
||||
text = ''
|
||||
mkdir -p "/var/opensearch_test"
|
||||
chown open_search:open_search /var/opensearch_test
|
||||
chmod 0700 /var/opensearch_test
|
||||
'';
|
||||
deps = [ "users" "groups" ];
|
||||
};
|
||||
systemd.tmpfiles.rules = [
|
||||
"d /var/opensearch_test 0700 open_search open_search -"
|
||||
];
|
||||
users = {
|
||||
groups.open_search = {};
|
||||
users.open_search = {
|
||||
|
@ -17,11 +17,16 @@ let
|
||||
};
|
||||
};
|
||||
makeCert = { config, pkgs, ... }: {
|
||||
system.activationScripts.create-test-cert = stringAfter [ "users" ] ''
|
||||
${pkgs.openssl}/bin/openssl req -batch -x509 -newkey rsa -nodes -out /test-cert.pem -keyout /test-key.pem -subj /CN=${config.networking.hostName}
|
||||
( umask 077; cat /test-key.pem /test-cert.pem > /test-key-and-cert.pem )
|
||||
chown stunnel /test-key.pem /test-key-and-cert.pem
|
||||
systemd.services.create-test-cert = {
|
||||
wantedBy = [ "sysinit.target" ];
|
||||
before = [ "sysinit.target" ];
|
||||
unitConfig.DefaultDependencies = false;
|
||||
script = ''
|
||||
${pkgs.openssl}/bin/openssl req -batch -x509 -newkey rsa -nodes -out /test-cert.pem -keyout /test-key.pem -subj /CN=${config.networking.hostName}
|
||||
( umask 077; cat /test-key.pem /test-cert.pem > /test-key-and-cert.pem )
|
||||
chown stunnel /test-key.pem /test-key-and-cert.pem
|
||||
'';
|
||||
};
|
||||
};
|
||||
serverCommon = { pkgs, ... }: {
|
||||
networking.firewall.allowedTCPPorts = [ 443 ];
|
||||
|
@ -15,12 +15,13 @@ in {
|
||||
# create the path that should be migrated by our activation script when
|
||||
# upgrading to a newer nixos version
|
||||
system.stateVersion = "19.03";
|
||||
system.activationScripts.simulate-old-timesync-state-dir = lib.mkBefore ''
|
||||
rm -f /var/lib/systemd/timesync
|
||||
mkdir -p /var/lib/systemd /var/lib/private/systemd/timesync
|
||||
ln -s /var/lib/private/systemd/timesync /var/lib/systemd/timesync
|
||||
chown systemd-timesync: /var/lib/private/systemd/timesync
|
||||
'';
|
||||
systemd.tmpfiles.rules = [
|
||||
"r /var/lib/systemd/timesync -"
|
||||
"d /var/lib/systemd -"
|
||||
"d /var/lib/private/systemd/timesync -"
|
||||
"L /var/lib/systemd/timesync - - - - /var/lib/private/systemd/timesync"
|
||||
"d /var/lib/private/systemd/timesync - systemd-timesync systemd-timesync -"
|
||||
];
|
||||
});
|
||||
};
|
||||
|
||||
|
32
nixos/tests/tsja.nix
Normal file
32
nixos/tests/tsja.nix
Normal file
@ -0,0 +1,32 @@
|
||||
import ./make-test-python.nix ({ pkgs, lib, ...} : {
|
||||
name = "tsja";
|
||||
meta = {
|
||||
maintainers = with lib.maintainers; [ chayleaf ];
|
||||
};
|
||||
|
||||
nodes = {
|
||||
master =
|
||||
{ config, ... }:
|
||||
|
||||
{
|
||||
services.postgresql = {
|
||||
enable = true;
|
||||
extraPlugins = with config.services.postgresql.package.pkgs; [
|
||||
tsja
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
start_all()
|
||||
master.wait_for_unit("postgresql")
|
||||
master.succeed("sudo -u postgres psql -f /run/current-system/sw/share/postgresql/extension/libtsja_dbinit.sql")
|
||||
# make sure "日本語" is parsed as a separate lexeme
|
||||
master.succeed("""
|
||||
sudo -u postgres \\
|
||||
psql -c "SELECT * FROM ts_debug('japanese', 'PostgreSQLで日本語のテキスト検索ができます。')" \\
|
||||
| grep "{日本語}"
|
||||
""")
|
||||
'';
|
||||
})
|
@ -14,15 +14,19 @@
|
||||
, fftw
|
||||
, fftwSinglePrec
|
||||
, flac
|
||||
, fluidsynth
|
||||
, glibc
|
||||
, glibmm
|
||||
, graphviz
|
||||
, gtkmm2
|
||||
, harvid
|
||||
, hidapi
|
||||
, itstool
|
||||
, kissfft
|
||||
, libarchive
|
||||
, libjack2
|
||||
, liblo
|
||||
, libltc
|
||||
, libogg
|
||||
, libpulseaudio
|
||||
, librdf_raptor
|
||||
@ -43,6 +47,7 @@
|
||||
, perl
|
||||
, pkg-config
|
||||
, python3
|
||||
, qm-dsp
|
||||
, readline
|
||||
, rubberband
|
||||
, serd
|
||||
@ -59,14 +64,14 @@
|
||||
}:
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "ardour";
|
||||
version = "8.0";
|
||||
version = "8.1";
|
||||
|
||||
# We can't use `fetchFromGitea` here, as attempting to fetch release archives from git.ardour.org
|
||||
# result in an empty archive. See https://tracker.ardour.org/view.php?id=7328 for more info.
|
||||
src = fetchgit {
|
||||
url = "git://git.ardour.org/ardour/ardour.git";
|
||||
rev = version;
|
||||
hash = "sha256-ZL8aTq2OsCWwLUUx5XYbH4eRN+Xz+oMAj9IS07RfTag=";
|
||||
hash = "sha256-T1o1E5+974dNUwEFW/Pw0RzbGifva2FdJPrCusWMk0E=";
|
||||
};
|
||||
|
||||
bundledContent = fetchzip {
|
||||
@ -116,12 +121,16 @@ stdenv.mkDerivation rec {
|
||||
fftw
|
||||
fftwSinglePrec
|
||||
flac
|
||||
fluidsynth
|
||||
glibmm
|
||||
gtkmm2
|
||||
hidapi
|
||||
itstool
|
||||
kissfft
|
||||
libarchive
|
||||
libjack2
|
||||
liblo
|
||||
libltc
|
||||
libogg
|
||||
libpulseaudio
|
||||
librdf_raptor
|
||||
@ -140,6 +149,7 @@ stdenv.mkDerivation rec {
|
||||
pango
|
||||
perl
|
||||
python3
|
||||
qm-dsp
|
||||
readline
|
||||
rubberband
|
||||
serd
|
||||
@ -159,9 +169,8 @@ stdenv.mkDerivation rec {
|
||||
"--ptformat"
|
||||
"--run-tests"
|
||||
"--test"
|
||||
"--use-external-libs"
|
||||
] ++ lib.optional optimize "--optimize";
|
||||
# removed because it fixes https://tracker.ardour.org/view.php?id=8161 and https://tracker.ardour.org/view.php?id=8437
|
||||
# "--use-external-libs"
|
||||
|
||||
postInstall = ''
|
||||
# wscript does not install these for some reason
|
||||
@ -198,7 +207,7 @@ stdenv.mkDerivation rec {
|
||||
'';
|
||||
homepage = "https://ardour.org/";
|
||||
license = licenses.gpl2Plus;
|
||||
mainProgram = "ardour7";
|
||||
mainProgram = "ardour8";
|
||||
platforms = platforms.linux;
|
||||
maintainers = with maintainers; [ goibhniu magnetophon mitchmindtree ];
|
||||
};
|
||||
|
@ -1,112 +0,0 @@
|
||||
{ lib
|
||||
, libjack2
|
||||
, fetchpatch
|
||||
, fetchFromGitHub
|
||||
, jack_capture
|
||||
, pkg-config
|
||||
, pulseaudioFull
|
||||
, qtbase
|
||||
, mkDerivation
|
||||
, python3
|
||||
}:
|
||||
#ladish missing, claudia can't work.
|
||||
#pulseaudio needs fixes (patchShebangs .pa ...)
|
||||
#desktop needs icons and exec fixing.
|
||||
|
||||
mkDerivation rec {
|
||||
version = "0.9.1";
|
||||
pname = "cadence";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "falkTX";
|
||||
repo = "Cadence";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-QFC4wiVF8wphhrammxtc+VMZJpXY5OGHs6DNa21+6B8=";
|
||||
};
|
||||
|
||||
patches = [
|
||||
# Fix installation without DESTDIR
|
||||
(fetchpatch {
|
||||
url = "https://github.com/falkTX/Cadence/commit/1fd3275e7daf4b75f59ef1f85a9e2e93bd5c0731.patch";
|
||||
sha256 = "0q791jsh8vmjg678dzhbp1ykq8xrrlxl1mbgs3g8if1ccj210vd8";
|
||||
})
|
||||
# Fix build with Qt 5.15
|
||||
(fetchpatch {
|
||||
url = "https://github.com/falkTX/Cadence/commit/c167f35fbb76c4246c730b29262a59da73010412.patch";
|
||||
sha256 = "1gm9q6gx03sla5vcnisznc95pjdi2703f8b3mj2kby9rfx2pylyh";
|
||||
})
|
||||
];
|
||||
|
||||
postPatch = ''
|
||||
libjackso=$(realpath ${lib.makeLibraryPath [libjack2]}/libjack.so.0);
|
||||
substituteInPlace ./src/jacklib.py --replace libjack.so.0 $libjackso
|
||||
substituteInPlace ./src/cadence.py --replace "/usr/bin/pulseaudio" \
|
||||
"${lib.makeBinPath[pulseaudioFull]}/pulseaudio"
|
||||
substituteInPlace ./c++/jackbridge/JackBridge.cpp --replace libjack.so.0 $libjackso
|
||||
'';
|
||||
|
||||
nativeBuildInputs = [
|
||||
pkg-config
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
qtbase
|
||||
jack_capture
|
||||
pulseaudioFull
|
||||
(
|
||||
(python3.withPackages (ps: with ps; [
|
||||
pyqt5
|
||||
dbus-python
|
||||
]))
|
||||
)
|
||||
];
|
||||
|
||||
makeFlags = [
|
||||
"PREFIX=${placeholder "out"}"
|
||||
"SYSCONFDIR=${placeholder "out"}/etc"
|
||||
];
|
||||
|
||||
dontWrapQtApps = true;
|
||||
|
||||
# Replace with our own wrappers. They need to be changed manually since it wouldn't work otherwise.
|
||||
preFixup =
|
||||
let
|
||||
outRef = placeholder "out";
|
||||
prefix = "${outRef}/share/cadence/src";
|
||||
scriptAndSource = lib.mapAttrs'
|
||||
(script: source:
|
||||
lib.nameValuePair ("${outRef}/bin/" + script) ("${prefix}/" + source)
|
||||
)
|
||||
{
|
||||
"cadence" = "cadence.py";
|
||||
"claudia" = "claudia.py";
|
||||
"catarina" = "catarina.py";
|
||||
"catia" = "catia.py";
|
||||
"cadence-jacksettings" = "jacksettings.py";
|
||||
"cadence-aloop-daemon" = "cadence_aloop_daemon.py";
|
||||
"cadence-logs" = "logs.py";
|
||||
"cadence-render" = "render.py";
|
||||
"claudia-launcher" = "claudia_launcher.py";
|
||||
"cadence-session-start" = "cadence_session_start.py";
|
||||
};
|
||||
in
|
||||
lib.mapAttrsToList
|
||||
(script: source: ''
|
||||
rm -f ${script}
|
||||
makeQtWrapper ${source} ${script} \
|
||||
--prefix PATH : "${lib.makeBinPath [
|
||||
jack_capture # cadence-render
|
||||
pulseaudioFull # cadence, cadence-session-start
|
||||
]}"
|
||||
'')
|
||||
scriptAndSource;
|
||||
|
||||
meta = {
|
||||
homepage = "https://github.com/falkTX/Cadence/";
|
||||
description = "Collection of tools useful for audio production";
|
||||
license = lib.licenses.gpl2Plus;
|
||||
maintainers = with lib.maintainers; [ ];
|
||||
platforms = [ "x86_64-linux" ];
|
||||
mainProgram = "cadence";
|
||||
};
|
||||
}
|
53
pkgs/applications/audio/elektroid/default.nix
Normal file
53
pkgs/applications/audio/elektroid/default.nix
Normal file
@ -0,0 +1,53 @@
|
||||
{ alsa-lib
|
||||
, autoreconfHook
|
||||
, fetchFromGitHub
|
||||
, gtk3
|
||||
, json-glib
|
||||
, lib
|
||||
, libpulseaudio
|
||||
, libsamplerate
|
||||
, libsndfile
|
||||
, libzip
|
||||
, pkg-config
|
||||
, stdenv
|
||||
, zlib
|
||||
}:
|
||||
|
||||
let
|
||||
version = "2.5.2";
|
||||
in
|
||||
stdenv.mkDerivation {
|
||||
inherit version;
|
||||
|
||||
pname = "elektroid";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "dagargo";
|
||||
repo = "elektroid";
|
||||
rev = version;
|
||||
sha256 = "sha256-wpPHcrlCX7RD/TGH2Xrth+oCg98gMm035tfTBV70P+Y=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
autoreconfHook
|
||||
pkg-config
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
alsa-lib
|
||||
gtk3
|
||||
json-glib
|
||||
libpulseaudio
|
||||
libsamplerate
|
||||
libsndfile
|
||||
libzip
|
||||
zlib
|
||||
];
|
||||
|
||||
meta = with lib; {
|
||||
description = "Sample and MIDI device manager";
|
||||
homepage = "https://github.com/dagargo/elektroid";
|
||||
license = licenses.gpl3Only;
|
||||
maintainers = with maintainers; [ camelpunch ];
|
||||
};
|
||||
}
|
@ -5,12 +5,12 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "faustlive";
|
||||
version = "2.5.13";
|
||||
version = "2.5.16";
|
||||
src = fetchFromGitHub {
|
||||
owner = "grame-cncm";
|
||||
repo = "faustlive";
|
||||
rev = version;
|
||||
sha256 = "sha256-Tgb9UYj8mI4JsxA/PaTokm2NzQ14P8cOdKK8KCcnSIQ=";
|
||||
sha256 = "sha256-O3IWx6Ht/xcb8NFxI7Biwck3dIHbxyof/zDgYDdzozY=";
|
||||
fetchSubmodules = true;
|
||||
};
|
||||
|
||||
|
@ -5,7 +5,7 @@
|
||||
}:
|
||||
|
||||
mkDerivation rec {
|
||||
version = "0.9.11";
|
||||
version = "0.9.12";
|
||||
pname = "qjackctl";
|
||||
|
||||
# some dependencies such as killall have to be installed additionally
|
||||
@ -14,7 +14,7 @@ mkDerivation rec {
|
||||
owner = "rncbc";
|
||||
repo = "qjackctl";
|
||||
rev = "${pname}_${lib.replaceStrings ["."] ["_"] version}";
|
||||
sha256 = "sha256-dZW9bZ17O/1DxBr5faYSE+YkSuz7NIJSc1vqxzOOxyg=";
|
||||
sha256 = "sha256-S8fEg8joFHgk6MKWeSxPyTM8O6Ffx5NG90OabPPDs7s=";
|
||||
};
|
||||
|
||||
buildInputs = [
|
||||
|
@ -5,11 +5,11 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "snd";
|
||||
version = "23.6";
|
||||
version = "23.8";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://sourceforge/snd/snd-${version}.tar.gz";
|
||||
sha256 = "sha256-3oh2kFhCYe1sl4MN336Z6pEmpluiUnlcC5aAZxn0zIE=";
|
||||
sha256 = "sha256-g2+7i1+TgX17TpW1mHSdAzHKC/Gtm4NYZCmuVoPo2rg=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ pkg-config ];
|
||||
|
@ -4,6 +4,7 @@
|
||||
, makeWrapper
|
||||
, electron_25
|
||||
, python3
|
||||
, stdenv
|
||||
, copyDesktopItems
|
||||
, makeDesktopItem
|
||||
}:
|
||||
@ -22,10 +23,11 @@ let
|
||||
electron = electron_25;
|
||||
|
||||
in
|
||||
buildNpmPackage rec {
|
||||
buildNpmPackage {
|
||||
inherit pname version src;
|
||||
|
||||
nativeBuildInputs = [ makeWrapper python3 copyDesktopItems ];
|
||||
nativeBuildInputs = [ makeWrapper python3 ]
|
||||
++ lib.optionals (!stdenv.isDarwin) [ copyDesktopItems ];
|
||||
|
||||
npmDepsHash = "sha256-XGV0mTywYYxpMitojzIILB/Eu/8dfk/aCvUxIkx4SDQ=";
|
||||
makeCacheWritable = true;
|
||||
@ -34,16 +36,24 @@ buildNpmPackage rec {
|
||||
ELECTRON_SKIP_BINARY_DOWNLOAD = 1;
|
||||
};
|
||||
|
||||
postBuild = ''
|
||||
postBuild = lib.optionalString stdenv.isDarwin ''
|
||||
cp -R ${electron}/Applications/Electron.app Electron.app
|
||||
chmod -R u+w Electron.app
|
||||
'' + ''
|
||||
npm exec electron-builder -- \
|
||||
--dir \
|
||||
-c.electronDist=${electron}/libexec/electron \
|
||||
-c.electronDist=${if stdenv.isDarwin then "." else "${electron}/libexec/electron"} \
|
||||
-c.electronVersion=${electron.version}
|
||||
'';
|
||||
|
||||
installPhase = ''
|
||||
runHook preInstall
|
||||
|
||||
'' + lib.optionalString stdenv.isDarwin ''
|
||||
mkdir -p $out/{Applications,bin}
|
||||
mv pack/mac*/YouTube\ Music.app $out/Applications
|
||||
makeWrapper $out/Applications/YouTube\ Music.app/Contents/MacOS/YouTube\ Music $out/bin/youtube-music
|
||||
'' + lib.optionalString (!stdenv.isDarwin) ''
|
||||
mkdir -p "$out/share/lib/youtube-music"
|
||||
cp -r pack/*-unpacked/{locales,resources{,.pak}} "$out/share/lib/youtube-music"
|
||||
|
||||
@ -52,11 +62,12 @@ buildNpmPackage rec {
|
||||
install -Dm0644 $file $out/share/icons/hicolor/''${file//.png}/apps/youtube-music.png
|
||||
done
|
||||
popd
|
||||
'' + ''
|
||||
|
||||
runHook postInstall
|
||||
'';
|
||||
|
||||
postFixup = ''
|
||||
postFixup = lib.optionalString (!stdenv.isDarwin) ''
|
||||
makeWrapper ${electron}/bin/electron $out/bin/youtube-music \
|
||||
--add-flags $out/share/lib/youtube-music/resources/app.asar \
|
||||
--add-flags "\''${NIXOS_OZONE_WL:+\''${WAYLAND_DISPLAY:+--ozone-platform-hint=auto --enable-features=WaylandWindowDecorations}}" \
|
||||
@ -80,8 +91,8 @@ buildNpmPackage rec {
|
||||
description = "Electron wrapper around YouTube Music";
|
||||
homepage = "https://th-ch.github.io/youtube-music/";
|
||||
license = licenses.mit;
|
||||
inherit (electron.meta) platforms;
|
||||
maintainers = [ maintainers.aacebedo ];
|
||||
mainProgram = "youtube-music";
|
||||
platforms = platforms.all;
|
||||
};
|
||||
}
|
||||
|
@ -2,7 +2,7 @@
|
||||
|
||||
let
|
||||
pname = "erigon";
|
||||
version = "2.50.0";
|
||||
version = "2.53.1";
|
||||
in
|
||||
buildGoModule {
|
||||
inherit pname version;
|
||||
@ -11,11 +11,11 @@ buildGoModule {
|
||||
owner = "ledgerwatch";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
hash = "sha256-gZ01nmxzXRK8YRwnl5qGkU6dqBYKPUkNZmbClwgsuL0=";
|
||||
hash = "sha256-Gsrt/+6fhpwg3DzPtXPj9T9VPaMIaRcYBdWuFOotsbA=";
|
||||
fetchSubmodules = true;
|
||||
};
|
||||
|
||||
vendorHash = "sha256-4s5dXTfYlgzYQ2h30F6kxEF626iKYFRoZlNXeFDbn8s=";
|
||||
vendorHash = "sha256-zsLPqcLCZSnhlFWvNXZJwlfS+NsaTS07TmWd+x4ZPXA=";
|
||||
proxyVendor = true;
|
||||
|
||||
# Build errors in mdbx when format hardening is enabled:
|
||||
|
@ -9,16 +9,16 @@ let
|
||||
|
||||
in buildGoModule rec {
|
||||
pname = "go-ethereum";
|
||||
version = "1.13.0";
|
||||
version = "1.13.4";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "ethereum";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-tomzF0jM1tcxnnBHLfNWcR1XGECxU8Q/SQAWQBRAFW8=";
|
||||
sha256 = "sha256-RQlWWHoij3gtFwjJeEGsmd5YJNTGX0I84nOAQyWBx/M=";
|
||||
};
|
||||
|
||||
vendorHash = "sha256-VX2S7yjdcconPd8wisV+Cl6FVuEUGU7smIBKfTxpUVY=";
|
||||
vendorHash = "sha256-YmUgKO3JtVOE/YACqL/QBiyR1jT/jPCH+Gb0xYwkJEc=";
|
||||
|
||||
doCheck = false;
|
||||
|
||||
|
@ -17,6 +17,8 @@ stdenv.mkDerivation rec {
|
||||
};
|
||||
src = [ ftesrc ftecommon ];
|
||||
|
||||
env.NIX_CFLAGS_COMPILE = "-DHAVE_STRLCAT -DHAVE_STRLCPY";
|
||||
|
||||
buildFlags = [ "PREFIX=$(out)" ];
|
||||
|
||||
installFlags = [ "PREFIX=$(out)" "INSTALL_NONROOT=1" ];
|
||||
|
@ -2,13 +2,13 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "ne";
|
||||
version = "3.3.2";
|
||||
version = "3.3.3";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "vigna";
|
||||
repo = pname;
|
||||
rev = version;
|
||||
sha256 = "sha256-mRMACfWcUW6/R43riRGNce4Ac5IRo4YEML8H0oGSH5o=";
|
||||
sha256 = "sha256-lbXb/ZY0+vkOB8mXkHDaehXZMzrpx3A0jWnLpCjhMDE=";
|
||||
};
|
||||
|
||||
postPatch = ''
|
||||
|
@ -2,13 +2,13 @@
|
||||
|
||||
mkDerivation rec {
|
||||
pname = "notepad-next";
|
||||
version = "0.6.3";
|
||||
version = "0.6.4";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "dail8859";
|
||||
repo = "NotepadNext";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-1ci1g+qBDsw9IkqjI3tRvMsLBvnPU+nn7heYuid/e5M=";
|
||||
sha256 = "sha256-m8+kM9uz3gJ3kvpgZdoonSvYlh/f1WiGZlB8JKMTXh4=";
|
||||
# External dependencies - https://github.com/dail8859/NotepadNext/issues/135
|
||||
fetchSubmodules = true;
|
||||
};
|
||||
|
@ -1,13 +1,13 @@
|
||||
{
|
||||
"version": "3.173.4",
|
||||
"version": "3.178.4",
|
||||
"deb": {
|
||||
"x86_64-linux": {
|
||||
"url": "https://github.com/standardnotes/app/releases/download/%40standardnotes/desktop%403.173.4/standard-notes-3.173.4-linux-amd64.deb",
|
||||
"hash": "sha512-8GDzj7Xm61rF5xybLE74D4yMbT2HgEG0ez1gQio/qWtWSqY72+GSKWlCA+3wz8Mz2jThRDlka9s2fHBBUvG+fg=="
|
||||
"url": "https://github.com/standardnotes/app/releases/download/%40standardnotes/desktop%403.178.4/standard-notes-3.178.4-linux-amd64.deb",
|
||||
"hash": "sha512-6er/a9PqhKU4aagAxsbVdoXbRBNUr3Fa8BPWfuQ74Q4ai+iYlPjd4q50cTJQ4wJ5ucGyopgBEJq4/xYNunw6Ig=="
|
||||
},
|
||||
"aarch64-linux": {
|
||||
"url": "https://github.com/standardnotes/app/releases/download/%40standardnotes/desktop%403.173.4/standard-notes-3.173.4-linux-arm64.deb",
|
||||
"hash": "sha512-yJ8yZK+RkPUzkjbscCXT5yv9BxeHGQsZsCrKwOJRdd/XbcVPnKWQm00JVZmMuz17d8rhm8Km/EW81JufZByM0Q=="
|
||||
"url": "https://github.com/standardnotes/app/releases/download/%40standardnotes/desktop%403.178.4/standard-notes-3.178.4-linux-arm64.deb",
|
||||
"hash": "sha512-lvvXCK3XOIH9HS1EU5eVBo4W8VoE4iM1Ve1XkZ/CysYBYLaXojXyybeN5Iw1Rmuk3trq/7RebjkNx/rxhsU0LQ=="
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -1,4 +1,4 @@
|
||||
{ callPackage, glib, libao, intltool, libmirage }:
|
||||
{ callPackage, glib, libao, intltool, libmirage, coreutils }:
|
||||
let pkg = import ./base.nix {
|
||||
version = "3.2.5";
|
||||
pname = "cdemu-daemon";
|
||||
@ -7,4 +7,12 @@ let pkg = import ./base.nix {
|
||||
in callPackage pkg {
|
||||
nativeBuildInputs = [ intltool ];
|
||||
buildInputs = [ glib libao libmirage ];
|
||||
drvParams.postInstall = ''
|
||||
mkdir -p $out/share/dbus-1/services
|
||||
cp -R ../$pname-$version/service-example $out/share/cdemu
|
||||
substitute \
|
||||
$out/share/cdemu/net.sf.cdemu.CDEmuDaemon.service \
|
||||
$out/share/dbus-1/services/net.sf.cdemu.CDEmuDaemon.service \
|
||||
--replace /bin/true ${coreutils}/bin/true
|
||||
'';
|
||||
}
|
||||
|
@ -164,16 +164,6 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
beetle-snes = mkLibretroCore {
|
||||
core = "mednafen-snes";
|
||||
src = getCoreSrc "beetle-snes";
|
||||
makefile = "Makefile";
|
||||
meta = {
|
||||
description = "Port of Mednafen's SNES core to libretro";
|
||||
license = lib.licenses.gpl2Only;
|
||||
};
|
||||
};
|
||||
|
||||
beetle-supafaust = mkLibretroCore {
|
||||
core = "mednafen-supafaust";
|
||||
src = getCoreSrc "beetle-supafaust";
|
||||
|
@ -59,12 +59,6 @@
|
||||
"rev": "cd395e9e3ee407608450ebc565e871b24e7ffed6",
|
||||
"hash": "sha256-EIZRv1EydfLWFoBb8TzvAY3kkL9Qr2OrwrljOnnM92A="
|
||||
},
|
||||
"beetle-snes": {
|
||||
"owner": "libretro",
|
||||
"repo": "beetle-bsnes-libretro",
|
||||
"rev": "d770563fc3c4bd9abb522952cefb4aa923ba0b91",
|
||||
"hash": "sha256-zHPtfgp9hc8Q4gXJ5VgfJLWLeYjCsQhkfU1T5RM7AL0="
|
||||
},
|
||||
"beetle-supafaust": {
|
||||
"owner": "libretro",
|
||||
"repo": "supafaust",
|
||||
|
@ -1,5 +1,5 @@
|
||||
#!/usr/bin/env nix-shell
|
||||
#!nix-shell -I nixpkgs=../../../../ -i python3 -p "python3.withPackages (ps: with ps; [ requests nix-prefetch-github ])" -p "git"
|
||||
#!nix-shell -I nixpkgs=../../../../ -i python3 -p "python3.withPackages (ps: with ps; [ nix-prefetch-github ])" -p "git"
|
||||
|
||||
import json
|
||||
import os
|
||||
@ -22,7 +22,6 @@ CORES = {
|
||||
"beetle-pcfx": {"repo": "beetle-pcfx-libretro"},
|
||||
"beetle-psx": {"repo": "beetle-psx-libretro"},
|
||||
"beetle-saturn": {"repo": "beetle-saturn-libretro"},
|
||||
"beetle-snes": {"repo": "beetle-bsnes-libretro"},
|
||||
"beetle-supafaust": {"repo": "supafaust"},
|
||||
"beetle-supergrafx": {"repo": "beetle-supergrafx-libretro"},
|
||||
"beetle-vb": {"repo": "beetle-vb-libretro"},
|
||||
|
@ -4,7 +4,6 @@
|
||||
, fetchYarnDeps
|
||||
, makeDesktopItem
|
||||
, copyDesktopItems
|
||||
, desktopToDarwinBundle
|
||||
, fixup_yarn_lock
|
||||
, makeWrapper
|
||||
, nodejs
|
||||
@ -14,28 +13,29 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "drawio";
|
||||
version = "22.0.2";
|
||||
version = "22.0.3";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "jgraph";
|
||||
repo = "drawio-desktop";
|
||||
rev = "v${version}";
|
||||
fetchSubmodules = true;
|
||||
hash = "sha256-L+tbNCokVoiS2KkaPVBjG7H/8cqz1e8dlXC5H8BkPvU=";
|
||||
hash = "sha256-Im0T+1jm1IZT3UILsOJ4Rp5P5IiBUKcJJ+cqv3WsqXw=";
|
||||
};
|
||||
|
||||
offlineCache = fetchYarnDeps {
|
||||
yarnLock = src + "/yarn.lock";
|
||||
hash = "sha256-d8AquOKdrPQHBhRG9o1GB18LpwlwQK6ZaM1gLAcjilM=";
|
||||
hash = "sha256-Abyu/WoNOPAIfRIThG7vKFECW9NQMgcBAkLgEPwdJDQ=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
copyDesktopItems
|
||||
fixup_yarn_lock
|
||||
makeWrapper
|
||||
nodejs
|
||||
yarn
|
||||
] ++ lib.optional stdenv.isDarwin desktopToDarwinBundle;
|
||||
] ++ lib.optionals (!stdenv.isDarwin) [
|
||||
copyDesktopItems
|
||||
];
|
||||
|
||||
ELECTRON_SKIP_BINARY_DOWNLOAD = true;
|
||||
|
||||
@ -54,9 +54,15 @@ stdenv.mkDerivation rec {
|
||||
buildPhase = ''
|
||||
runHook preBuild
|
||||
|
||||
'' + lib.optionalString stdenv.isDarwin ''
|
||||
cp -R ${electron}/Applications/Electron.app Electron.app
|
||||
chmod -R u+w Electron.app
|
||||
export CSC_IDENTITY_AUTO_DISCOVERY=false
|
||||
sed -i "/afterSign/d" electron-builder-linux-mac.json
|
||||
'' + ''
|
||||
yarn --offline run electron-builder --dir \
|
||||
--config electron-builder-linux-mac.json \
|
||||
-c.electronDist=${electron}/libexec/electron \
|
||||
-c.electronDist=${if stdenv.isDarwin then "." else "${electron}/libexec/electron"} \
|
||||
-c.electronVersion=${electron.version}
|
||||
|
||||
runHook postBuild
|
||||
@ -65,6 +71,13 @@ stdenv.mkDerivation rec {
|
||||
installPhase = ''
|
||||
runHook preInstall
|
||||
|
||||
'' + lib.optionalString stdenv.isDarwin ''
|
||||
mkdir -p $out/{Applications,bin}
|
||||
mv dist/mac*/draw.io.app $out/Applications
|
||||
|
||||
# Symlinking `draw.io` doesn't work; seems to look for files in the wrong place.
|
||||
makeWrapper $out/Applications/draw.io.app/Contents/MacOS/draw.io $out/bin/drawio
|
||||
'' + lib.optionalString (!stdenv.isDarwin) ''
|
||||
mkdir -p "$out/share/lib/drawio"
|
||||
cp -r dist/*-unpacked/{locales,resources{,.pak}} "$out/share/lib/drawio"
|
||||
|
||||
@ -74,6 +87,7 @@ stdenv.mkDerivation rec {
|
||||
--add-flags "$out/share/lib/drawio/resources/app.asar" \
|
||||
--add-flags "\''${NIXOS_OZONE_WL:+\''${WAYLAND_DISPLAY:+--ozone-platform-hint=auto --enable-features=WaylandWindowDecorations}}" \
|
||||
--inherit-argv0
|
||||
'' + ''
|
||||
|
||||
runHook postInstall
|
||||
'';
|
||||
@ -98,6 +112,5 @@ stdenv.mkDerivation rec {
|
||||
changelog = "https://github.com/jgraph/drawio-desktop/releases/tag/v${version}";
|
||||
maintainers = with maintainers; [ qyliss darkonion0 ];
|
||||
platforms = platforms.darwin ++ platforms.linux;
|
||||
broken = stdenv.isDarwin;
|
||||
};
|
||||
}
|
||||
|
@ -74,5 +74,6 @@ stdenv.mkDerivation (finalAttrs: {
|
||||
platforms = [ "x86_64-linux" ];
|
||||
license = licenses.gpl2;
|
||||
maintainers = with maintainers; [ ercao kashw2 ];
|
||||
knownVulnerabilities = [ "CVE-2023-5217" ];
|
||||
};
|
||||
})
|
||||
|
@ -5,13 +5,13 @@
|
||||
|
||||
stdenv.mkDerivation {
|
||||
pname = "hello-wayland";
|
||||
version = "unstable-2023-04-23";
|
||||
version = "unstable-2023-10-26";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "emersion";
|
||||
repo = "hello-wayland";
|
||||
rev = "77e270c19672f3ad863e466093f429cde8eb1f16";
|
||||
sha256 = "NMQE2zU858b6OZhdS2oZnGvLK+eb7yU0nFaMAcpNw04=";
|
||||
rev = "b631afa4f6fd86560ccbdb8c7b6fe42851c06a57";
|
||||
sha256 = "MaBzGZ05uCoeeiglFYHC40hQlPvtDw5sQhqXgtVDySc=";
|
||||
};
|
||||
|
||||
separateDebugInfo = true;
|
||||
|
@ -1,14 +1,14 @@
|
||||
{ lib, stdenv, fetchFromGitHub, cmake, pkg-config, libpng, zlib, nasm }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
version = "4.1.4";
|
||||
version = "4.1.5";
|
||||
pname = "mozjpeg";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "mozilla";
|
||||
repo = "mozjpeg";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-F9W7tWfcNP2UNuwMbYiSvS8BnFq4ob//b8AXXrRjVuA=";
|
||||
sha256 = "sha256-k8qWtU4j3ipIHvY60ae7kdNnPvWnUa0qgacqlSIJijo=";
|
||||
};
|
||||
|
||||
cmakeFlags = [ "-DENABLE_STATIC=NO" "-DPNG_SUPPORTED=TRUE" ]; # See https://github.com/mozilla/mozjpeg/issues/351
|
||||
|
@ -14,17 +14,17 @@
|
||||
|
||||
rustPlatform.buildRustPackage rec {
|
||||
pname = "pizarra";
|
||||
version = "1.7.4";
|
||||
version = "1.7.5";
|
||||
|
||||
src = fetchFromGitLab {
|
||||
owner = "categulario";
|
||||
repo = "pizarra-gtk";
|
||||
rev = "v${version}";
|
||||
fetchSubmodules = true;
|
||||
sha256 = "sha256-fWwAmzF3ppCvJZ0K4EDrmP8SVPVRayEQTtbhNscZIF0=";
|
||||
sha256 = "sha256-vnjhveX3EVIfJLiHWhlvhoPcRx1a8Nnjj7hIaPgU3Zw=";
|
||||
};
|
||||
|
||||
cargoSha256 = "sha256-pxRJXUeFGdVj6iCFZ4Y8b9z5hw83g8YywpKztTZ0g+4=";
|
||||
cargoHash = "sha256-btvMUKADGHlXLmeKF1K9Js44SljZ0MejGId8aDwPhVU=";
|
||||
|
||||
nativeBuildInputs = [ wrapGAppsHook pkg-config gdk-pixbuf ];
|
||||
|
||||
|
@ -4,11 +4,11 @@
|
||||
lib,
|
||||
}: let
|
||||
pname = "upscayl";
|
||||
version = "2.8.6";
|
||||
version = "2.9.1";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/upscayl/upscayl/releases/download/v${version}/upscayl-${version}-linux.AppImage";
|
||||
hash = "sha256-w5rjLqdlPOZWgdc2t0Y3tl24qZqpjBV6I9gruLaI+qc=";
|
||||
hash = "sha256-x7tNGWXrg4hkr4d5QK4Z/cOmGGdbWLJ/GIASZjmiL4w=";
|
||||
};
|
||||
|
||||
appimageContents = appimageTools.extractType2 {
|
||||
|
@ -2,22 +2,22 @@
|
||||
|
||||
let
|
||||
inherit (stdenv.hostPlatform) system;
|
||||
fetch = srcPlatform: sha256: extension:
|
||||
fetch = srcPlatform: hash: extension:
|
||||
let
|
||||
args = {
|
||||
url = "https://cache.agilebits.com/dist/1P/op2/pkg/v${version}/op_${srcPlatform}_v${version}.${extension}";
|
||||
inherit sha256;
|
||||
inherit hash;
|
||||
} // lib.optionalAttrs (extension == "zip") { stripRoot = false; };
|
||||
in
|
||||
if extension == "zip" then fetchzip args else fetchurl args;
|
||||
|
||||
pname = "1password-cli";
|
||||
version = "2.21.0";
|
||||
version = "2.22.0";
|
||||
sources = rec {
|
||||
aarch64-linux = fetch "linux_arm64" "sha256-pXGBlduNOvxpPMd/BObHVXXGQ0ZTlIkqZ3jYyoGXnqA=" "zip";
|
||||
i686-linux = fetch "linux_386" "sha256-iePA4nzwBtAlYWybmQdV7Zvvnv+jPqrndB4aabf/JMM=" "zip";
|
||||
x86_64-linux = fetch "linux_amd64" "sha256-wevv0KYe01ZL70zL4BNti/oCcAzNJ3EO97QIU1BYQRE=" "zip";
|
||||
aarch64-darwin = fetch "apple_universal" "sha256-AViR53q1/jZtzpFZ7FaBwoZAGuXsGHfULEIuIrTqgSs=" "pkg";
|
||||
aarch64-linux = fetch "linux_arm64" "sha256-MWNbwCJ5ltAV1qmy8LPYkb6VTH0UVi2S5QEZZfpcnGM=" "zip";
|
||||
i686-linux = fetch "linux_386" "sha256-lqwEm7fCiM2WNZvlAt/HeqI2zxnal/OMbTMGvvmXkvY=" "zip";
|
||||
x86_64-linux = fetch "linux_amd64" "sha256-GfQ441a5mIgCTtxnk6L9UXodNGXek7f/jxJXWYJUb+0=" "zip";
|
||||
aarch64-darwin = fetch "apple_universal" "sha256-yF0dy4MUgvSJUremXFfxCIHcGmYrCcjofcv1sBD9qyI=" "pkg";
|
||||
x86_64-darwin = aarch64-darwin;
|
||||
};
|
||||
platforms = builtins.attrNames sources;
|
||||
|
1091
pkgs/applications/misc/faircamp/Cargo.lock
generated
1091
pkgs/applications/misc/faircamp/Cargo.lock
generated
File diff suppressed because it is too large
Load Diff
@ -1,7 +1,7 @@
|
||||
{ lib
|
||||
, stdenv
|
||||
, rustPlatform
|
||||
, fetchgit
|
||||
, fetchFromGitea
|
||||
, makeWrapper
|
||||
, pkg-config
|
||||
, glib
|
||||
@ -9,29 +9,32 @@
|
||||
, vips
|
||||
, ffmpeg
|
||||
, callPackage
|
||||
, unstableGitUpdater
|
||||
, darwin
|
||||
, testers
|
||||
, faircamp
|
||||
}:
|
||||
|
||||
rustPlatform.buildRustPackage {
|
||||
rustPlatform.buildRustPackage rec {
|
||||
pname = "faircamp";
|
||||
version = "unstable-2023-04-10";
|
||||
version = "0.8.0";
|
||||
|
||||
# TODO when switching to a stable release, use fetchFromGitea and add a
|
||||
# version test. Meanwhile, fetchgit is used to make unstableGitUpdater work.
|
||||
src = fetchgit {
|
||||
url = "https://codeberg.org/simonrepp/faircamp.git";
|
||||
rev = "21f775dc35a88c54015694f9757e81c97fa860ea";
|
||||
hash = "sha256-aMSMMIGfoiqtg8Dj8QiCbUE40OKQXMXt4hvlvbXQLls=";
|
||||
src = fetchFromGitea {
|
||||
domain = "codeberg.org";
|
||||
owner = "simonrepp";
|
||||
repo = "faircamp";
|
||||
rev = version;
|
||||
hash = "sha256-Rz/wMlVNjaGhk26QMnS4+W3oA/RSdB6FuigC84L8eDg=";
|
||||
};
|
||||
|
||||
cargoLock = {
|
||||
lockFile = ./Cargo.lock;
|
||||
outputHashes = {
|
||||
"enolib-0.1.0" = "sha256-0+T8RRQnqbIiIup/aDJgvxeV8sRV4YrlA9JVbQxMfF0=";
|
||||
"enolib-0.2.1" = "sha256-ryB5Tk90BvsstdXgYw7F0BJymWWetAIijhVpLeVBOa8=";
|
||||
};
|
||||
};
|
||||
|
||||
buildFeatures = [ "libvips" ];
|
||||
|
||||
nativeBuildInputs = [
|
||||
makeWrapper
|
||||
pkg-config
|
||||
@ -50,9 +53,10 @@ rustPlatform.buildRustPackage {
|
||||
--prefix PATH : ${lib.makeBinPath [ ffmpeg ]}
|
||||
'';
|
||||
|
||||
passthru.tests.wav = callPackage ./test-wav.nix { };
|
||||
|
||||
passthru.updateScript = unstableGitUpdater { };
|
||||
passthru.tests = {
|
||||
wav = callPackage ./test-wav.nix { };
|
||||
version = testers.testVersion { package = faircamp; };
|
||||
};
|
||||
|
||||
meta = with lib; {
|
||||
description = "A self-hostable, statically generated bandcamp alternative";
|
||||
|
@ -2,12 +2,12 @@
|
||||
|
||||
stdenvNoCC.mkDerivation rec {
|
||||
pname = "fluidd";
|
||||
version = "1.25.3";
|
||||
version = "1.26.0";
|
||||
|
||||
src = fetchurl {
|
||||
name = "fluidd-v${version}.zip";
|
||||
url = "https://github.com/cadriel/fluidd/releases/download/v${version}/fluidd.zip";
|
||||
sha256 = "sha256-raslLhVbeUL6Zoz5cw+fKtqdUvAkd7frAncd+q1AVxs=";
|
||||
sha256 = "sha256-Y0d3TgSLrxA2kPWlHrNC8GlEcD7s4VZR2YZlderZ3gI=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ unzip ];
|
||||
|
@ -18,13 +18,13 @@ let
|
||||
in
|
||||
stdenv.mkDerivation (finalAttrs: {
|
||||
pname = "gpxsee";
|
||||
version = "13.9";
|
||||
version = "13.10";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "tumic0";
|
||||
repo = "GPXSee";
|
||||
rev = finalAttrs.version;
|
||||
hash = "sha256-vzbZN+0lDSmvZnQCuvNJCYHTYKqErFhW4RI5Mfbgr6o=";
|
||||
hash = "sha256-84F4B2yQREPosH1bK74nOby3o/C0isKq4t2CJprsblU=";
|
||||
};
|
||||
|
||||
buildInputs = [
|
||||
|
@ -10,11 +10,11 @@
|
||||
}:
|
||||
let
|
||||
pname = "jetbrains-toolbox";
|
||||
version = "2.0.4.17212";
|
||||
version = "2.0.5.17700";
|
||||
|
||||
src = fetchzip {
|
||||
url = "https://download.jetbrains.com/toolbox/jetbrains-toolbox-${version}.tar.gz";
|
||||
sha256 = "sha256-lnTYLZJBiM8nnUvMqtcp/i/VNek/9zlxYyZFa+hew5g=";
|
||||
sha256 = "sha256-BO9W9miQUltsg1tCyTl9j5xRCJUCsO02hUKDCYt7hd8=";
|
||||
stripRoot = false;
|
||||
};
|
||||
|
||||
|
@ -23,12 +23,12 @@ let
|
||||
|
||||
in stdenv.mkDerivation rec {
|
||||
pname = "k40-whisperer";
|
||||
version = "0.62";
|
||||
version = "0.67";
|
||||
|
||||
src = fetchzip {
|
||||
url = "https://www.scorchworks.com/K40whisperer/K40_Whisperer-${version}_src.zip";
|
||||
stripRoot = true;
|
||||
sha256 = "sha256-3O+lCpmsCCu61REuxhrV8Uy01AgEGq/1DlMhjo45URM=";
|
||||
sha256 = "sha256-jyny5uNZ5eL4AV47uAgOhBe4Zqg8GK3e86Z9gZbC68s=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ makeWrapper ];
|
||||
|
@ -88,7 +88,14 @@ stdenv.mkDerivation rec {
|
||||
runHook postCheck
|
||||
'';
|
||||
|
||||
nativeBuildInputs = [ asciidoctor cmake wrapGAppsHook wrapQtAppsHook qttools pkg-config ];
|
||||
nativeBuildInputs = [
|
||||
asciidoctor
|
||||
cmake
|
||||
wrapQtAppsHook
|
||||
qttools
|
||||
pkg-config
|
||||
]
|
||||
++ lib.optional (!stdenv.isDarwin) wrapGAppsHook;
|
||||
|
||||
dontWrapGApps = true;
|
||||
preFixup = ''
|
||||
|
@ -9,13 +9,13 @@
|
||||
|
||||
buildGoModule rec {
|
||||
pname = "nwg-bar";
|
||||
version = "0.1.3";
|
||||
version = "0.1.4";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "nwg-piotr";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-/GkusNhHprXwGMNDruEEuFC2ULVIHBN5F00GNex/uq4=";
|
||||
sha256 = "sha256-kqLQwqZ2RPSKNdw1yzKUfqSe8hQcJe/6/8UzTT/Gz/8=";
|
||||
};
|
||||
|
||||
patches = [ ./fix-paths.patch ];
|
||||
@ -24,7 +24,7 @@ buildGoModule rec {
|
||||
substituteInPlace tools.go --subst-var out
|
||||
'';
|
||||
|
||||
vendorHash = "sha256-mqcXhnja8ed7vXIqOKBsNrcbrcaycTQXG1jqdc6zcyI=";
|
||||
vendorHash = "sha256-vdDlPsjfHl7w1ufosLYquHAKOvkolNBr04bt+OQBlFE=";
|
||||
|
||||
nativeBuildInputs = [ pkg-config wrapGAppsHook ];
|
||||
|
||||
|
@ -1,5 +1,5 @@
|
||||
{ lib, stdenv, fetchFromGitHub, pkg-config, gettext, python3, python3Packages
|
||||
, meson, cmake, ninja, udev, appstream, appstream-glib, desktop-file-utils, gtk3
|
||||
, meson, ninja, udev, appstream, appstream-glib, desktop-file-utils, gtk3
|
||||
, wrapGAppsHook, gobject-introspection, bash, }:
|
||||
let
|
||||
python = python3.withPackages (p:
|
||||
@ -14,7 +14,7 @@ let
|
||||
pygobject3
|
||||
]);
|
||||
|
||||
version = "0.7.2";
|
||||
version = "0.8.0";
|
||||
in stdenv.mkDerivation {
|
||||
inherit version;
|
||||
|
||||
@ -24,7 +24,7 @@ in stdenv.mkDerivation {
|
||||
owner = "berarma";
|
||||
repo = "oversteer";
|
||||
rev = version;
|
||||
sha256 = "sha256-9MWRb0NXUbB8c+pH0mjUzsz849PmEjsZMhQr4wsmlKI=";
|
||||
sha256 = "sha256-fkf6sa4yYbxGOehyLzuFj5nZiPK3B1D/VVvobhKB4Uo=";
|
||||
};
|
||||
|
||||
buildInputs = [ bash gtk3 ];
|
||||
@ -64,12 +64,13 @@ in stdenv.mkDerivation {
|
||||
--replace /bin/sh ${bash}/bin/sh
|
||||
'';
|
||||
|
||||
patches = [ ./fix-install-dir.patch ];
|
||||
patches = [ ];
|
||||
|
||||
meta = with lib; {
|
||||
homepage = "https://github.com/berarma/oversteer";
|
||||
changelog = "https://github.com/berarma/oversteer/releases/tag/${version}";
|
||||
description = "Steering Wheel Manager for Linux";
|
||||
license = licenses.gpl3;
|
||||
license = licenses.gpl3Plus;
|
||||
maintainers = [ maintainers.srounce ];
|
||||
platforms = platforms.unix;
|
||||
};
|
||||
|
@ -1,13 +0,0 @@
|
||||
diff --git a/meson.build b/meson.build
|
||||
index 239acf9..6a06c83 100644
|
||||
--- a/meson.build
|
||||
+++ b/meson.build
|
||||
@@ -8,7 +8,7 @@ pymod = import('python')
|
||||
prefix = get_option('prefix')
|
||||
pkgdatadir = join_paths(prefix, get_option('datadir'), meson.project_name())
|
||||
py_installation = pymod.find_installation(get_option('python'))
|
||||
-py_path = py_installation.get_path('purelib')
|
||||
+py_path = py_installation.get_install_dir()
|
||||
|
||||
python3_required_modules = ['gi', 'pyudev', 'xdg', 'evdev', 'gettext', 'matplotlib', 'scipy', 'numpy']
|
||||
foreach p : python3_required_modules
|
@ -8,13 +8,13 @@
|
||||
|
||||
python3Packages.buildPythonApplication rec {
|
||||
pname = "pdfarranger";
|
||||
version = "1.10.0";
|
||||
version = "1.10.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = pname;
|
||||
repo = pname;
|
||||
rev = "refs/tags/${version}";
|
||||
hash = "sha256-tNLy3HeHh8nBtmfJS5XhKX+KhIBnuUV2C8LwQl3mQLU=";
|
||||
hash = "sha256-l//DeaIqUl6FdGFxM8yTKcTjVNvYMllorcoXoK33Iy4=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
@ -2,16 +2,16 @@
|
||||
|
||||
buildGoModule rec {
|
||||
pname = "spicetify-cli";
|
||||
version = "2.24.2";
|
||||
version = "2.25.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "spicetify";
|
||||
repo = "spicetify-cli";
|
||||
rev = "v${version}";
|
||||
hash = "sha256-jzEtXmlpt6foldLW57ZcpevX8CDc+c8iIynT5nOD9qY=";
|
||||
hash = "sha256-81dfAekWvMcp1Jar+jlXRiJr6UmHCdJZ0ML/6fFnvRs=";
|
||||
};
|
||||
|
||||
vendorHash = "sha256-rMMTUT7HIgYvxGcqR02VmxOh1ihE6xuIboDsnuOo09g=";
|
||||
vendorHash = "sha256-VktAO3yKCdm5yz/RRLeLv6zzyGrwuHC/i8WdJtqZoYc=";
|
||||
|
||||
ldflags = [
|
||||
"-s -w"
|
||||
|
@ -6,13 +6,13 @@
|
||||
|
||||
rustPlatform.buildRustPackage rec {
|
||||
pname = "system76-keyboard-configurator";
|
||||
version = "1.3.9";
|
||||
version = "1.3.10";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "pop-os";
|
||||
repo = "keyboard-configurator";
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-06qiJ3NZZSvDBH7r6K1qnz0q4ngB45wBoaG6eTFiRtk=";
|
||||
sha256 = "sha256-5U9LWFaCwszvT1reu6NflPKQUrsQkP/NdSO4LBHWm2g=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
@ -28,7 +28,7 @@ rustPlatform.buildRustPackage rec {
|
||||
udev
|
||||
];
|
||||
|
||||
cargoHash = "sha256-tcyLoXOrC+lrFVRzxWfWpvHpfA6tbEBXFj9mSeTLcbc=";
|
||||
cargoHash = "sha256-S4+cS4m69nqDN2h0vwyO35fFFBEa0Rcxx0XDBfSNLp0=";
|
||||
|
||||
meta = with lib; {
|
||||
description = "Keyboard configuration application for System76 keyboards and laptops";
|
||||
|
@ -21,11 +21,11 @@
|
||||
|
||||
python3Packages.buildPythonApplication rec {
|
||||
pname = "ulauncher";
|
||||
version = "5.15.3";
|
||||
version = "5.15.4";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/Ulauncher/Ulauncher/releases/download/${version}/ulauncher_${version}.tar.gz";
|
||||
sha256 = "sha256-unAic6GTgvZFFJwPERh164vfDiFE0zLEUjgADR94w5w=";
|
||||
sha256 = "sha256-5pEpYnJFHQKEfTve07ngFVDAOM9+kwrx6hc30gEwsko=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = with python3Packages; [
|
||||
|
@ -10,18 +10,18 @@
|
||||
|
||||
buildGoModule rec {
|
||||
pname = "usql";
|
||||
version = "0.15.1";
|
||||
version = "0.15.2";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "xo";
|
||||
repo = "usql";
|
||||
rev = "v${version}";
|
||||
hash = "sha256-thpVcJ1HRhoOAli7829zM4fermEcS9FwzKX7ZjHGhZg=";
|
||||
hash = "sha256-SJypezOTQr+TiG/rePXxgjrspeErqj6qw9TBen41e4Q=";
|
||||
};
|
||||
|
||||
buildInputs = [ unixODBC icu ];
|
||||
|
||||
vendorHash = "sha256-S7fahA+ykviQoWc7p0CcTGfouswxQNBn4HH+tbl0fbI=";
|
||||
vendorHash = "sha256-i2lH6ajRmfJHsh7nzCjt7mi3issA4kSBdG42w67pOC4=";
|
||||
proxyVendor = true;
|
||||
|
||||
# Exclude broken genji, hive & impala drivers (bad group)
|
||||
|
@ -35,31 +35,31 @@
|
||||
};
|
||||
deps = {
|
||||
gn = {
|
||||
rev = "cc56a0f98bb34accd5323316e0292575ff17a5d4";
|
||||
hash = "sha256-SwlET5h5xtDlQvlt8wbG73ZfUWJr4hlWc+uQsBH5x9M=";
|
||||
rev = "cc56a0f98bb34accd5323316e0292575ff17a5d4";
|
||||
url = "https://gn.googlesource.com/gn";
|
||||
version = "2023-08-10";
|
||||
};
|
||||
};
|
||||
hash = "sha256-CTkw92TiRD2tkYu5a5dy8fjpR2MMOMCvcbxXhJ36Bp8=";
|
||||
hash_deb_amd64 = "sha256-Y4IUVJIBlt2kcrK5c8SiUyvetC3aBhQQIBTCSaDUKxs=";
|
||||
version = "118.0.5993.88";
|
||||
hash = "sha256-65rN17DIF+9FgZu7ohc9dM8ni6Qmqc9l1oyOcloip44=";
|
||||
hash_deb_amd64 = "sha256-RJcyIA0TdXWRk+K2GVcHSv4OSq5c6Y7InUblao3uusc=";
|
||||
version = "118.0.5993.117";
|
||||
};
|
||||
ungoogled-chromium = {
|
||||
deps = {
|
||||
gn = {
|
||||
rev = "cc56a0f98bb34accd5323316e0292575ff17a5d4";
|
||||
hash = "sha256-SwlET5h5xtDlQvlt8wbG73ZfUWJr4hlWc+uQsBH5x9M=";
|
||||
rev = "cc56a0f98bb34accd5323316e0292575ff17a5d4";
|
||||
url = "https://gn.googlesource.com/gn";
|
||||
version = "2023-08-10";
|
||||
};
|
||||
ungoogled-patches = {
|
||||
rev = "118.0.5993.88-1";
|
||||
hash = "sha256-Tv/DSvVHa/xU5SXNtobaJPOSrbMMwYIu0+okSkw7RJ4=";
|
||||
hash = "sha256-10kSaLteFtvg3nGffslRpAxmc7nFsp0rA8gwm8jqt/8=";
|
||||
rev = "118.0.5993.117-1";
|
||||
};
|
||||
};
|
||||
hash = "sha256-CTkw92TiRD2tkYu5a5dy8fjpR2MMOMCvcbxXhJ36Bp8=";
|
||||
hash_deb_amd64 = "sha256-Y4IUVJIBlt2kcrK5c8SiUyvetC3aBhQQIBTCSaDUKxs=";
|
||||
version = "118.0.5993.88";
|
||||
hash = "sha256-65rN17DIF+9FgZu7ohc9dM8ni6Qmqc9l1oyOcloip44=";
|
||||
hash_deb_amd64 = "sha256-RJcyIA0TdXWRk+K2GVcHSv4OSq5c6Y7InUblao3uusc=";
|
||||
version = "118.0.5993.117";
|
||||
};
|
||||
}
|
||||
|
@ -1,5 +1,6 @@
|
||||
{ pname
|
||||
, version
|
||||
, packageVersion ? version
|
||||
, meta
|
||||
, updateScript ? null
|
||||
, binaryName ? "firefox"
|
||||
@ -206,7 +207,7 @@ in
|
||||
|
||||
buildStdenv.mkDerivation {
|
||||
pname = "${pname}-unwrapped";
|
||||
inherit version;
|
||||
version = packageVersion;
|
||||
|
||||
inherit src unpackPhase meta;
|
||||
|
||||
@ -557,7 +558,6 @@ buildStdenv.mkDerivation {
|
||||
passthru = {
|
||||
inherit application extraPatches;
|
||||
inherit updateScript;
|
||||
inherit version;
|
||||
inherit alsaSupport;
|
||||
inherit binaryName;
|
||||
inherit jackSupport;
|
||||
@ -569,6 +569,7 @@ buildStdenv.mkDerivation {
|
||||
inherit tests;
|
||||
inherit gtk3;
|
||||
inherit wasiSysRoot;
|
||||
version = packageVersion;
|
||||
} // extraPassthru;
|
||||
|
||||
hardeningDisable = [ "format" ]; # -Werror=format-security
|
||||
|
49
pkgs/applications/networking/browsers/floorp/default.nix
Normal file
49
pkgs/applications/networking/browsers/floorp/default.nix
Normal file
@ -0,0 +1,49 @@
|
||||
{ stdenv
|
||||
, lib
|
||||
, fetchFromGitHub
|
||||
, buildMozillaMach
|
||||
, nixosTests
|
||||
}:
|
||||
|
||||
((buildMozillaMach rec {
|
||||
pname = "floorp";
|
||||
packageVersion = "11.5.0";
|
||||
applicationName = "Floorp";
|
||||
binaryName = "floorp";
|
||||
version = "155.4.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "Floorp-Projects";
|
||||
repo = "Floorp";
|
||||
fetchSubmodules = true;
|
||||
rev = "v${packageVersion}";
|
||||
hash = "sha256-adK3LAu3cDh6d+GvtnkWmSnxansnSZoIgtA9TAqIMyA=";
|
||||
};
|
||||
|
||||
extraConfigureFlags = [
|
||||
"--with-app-name=${pname}"
|
||||
"--with-app-basename=${applicationName}"
|
||||
"--with-branding=browser/branding/official"
|
||||
"--with-distribution-id=app.floorp.Floorp"
|
||||
"--with-unsigned-addon-scopes=app,system"
|
||||
"--allow-addon-sideload"
|
||||
];
|
||||
|
||||
meta = {
|
||||
description = "A fork of Firefox, focused on keeping the Open, Private and Sustainable Web alive, built in Japan";
|
||||
homepage = "https://floorp.app/";
|
||||
maintainers = with lib.maintainers; [ christoph-heiss ];
|
||||
platforms = lib.platforms.unix;
|
||||
badPlatforms = lib.platforms.darwin;
|
||||
broken = stdenv.buildPlatform.is32bit; # since Firefox 60, build on 32-bit platforms fails with "out of memory".
|
||||
# not in `badPlatforms` because cross-compilation on 64-bit machine might work.
|
||||
maxSilent = 14400; # 4h, double the default of 7200s (c.f. #129212, #129115)
|
||||
license = lib.licenses.mpl20;
|
||||
};
|
||||
tests = [ nixosTests.floorp ];
|
||||
}).override {
|
||||
privacySupport = true;
|
||||
enableOfficialBranding = false;
|
||||
}).overrideAttrs (prev: {
|
||||
MOZ_REQUIRE_SIGNING = "";
|
||||
})
|
@ -78,7 +78,7 @@ let
|
||||
++ lib.optionals mediaSupport [ ffmpeg ]
|
||||
);
|
||||
|
||||
version = "13.0";
|
||||
version = "13.0.1";
|
||||
|
||||
sources = {
|
||||
x86_64-linux = fetchurl {
|
||||
@ -90,7 +90,7 @@ let
|
||||
"https://tor.eff.org/dist/mullvadbrowser/${version}/mullvad-browser-linux-x86_64-${version}.tar.xz"
|
||||
"https://tor.calyxinstitute.org/dist/mullvadbrowser/${version}/mullvad-browser-linux-x86_64-${version}.tar.xz"
|
||||
];
|
||||
hash = "sha256-YtkGgSnQVJ9wtamDOtLROufhPJ9KizV8j5kK26iJ+ZY=";
|
||||
hash = "sha256-VYkRHWyTAAt5P7jnNuf4s2bOv36LuqcTMMKOLRGE9FQ=";
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -2,12 +2,12 @@
|
||||
|
||||
let
|
||||
pname = "polypane";
|
||||
version = "15.0.0";
|
||||
version = "15.0.1";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/firstversionist/${pname}/releases/download/v${version}/${pname}-${version}.AppImage";
|
||||
name = "${pname}-${version}.AppImage";
|
||||
sha256 = "sha256-O0VWgx6FKulELZuJgMwFgGSo+EaCqb9dgneF2XFnq7U=";
|
||||
sha256 = "sha256-CU5PI+9iBcxZdhhs2QjfZTViU2xQ3i+T+4Wzp+yeKEE=";
|
||||
};
|
||||
|
||||
appimageContents = appimageTools.extractType2 {
|
||||
|
@ -24,7 +24,7 @@ let
|
||||
vivaldiName = if isSnapshot then "vivaldi-snapshot" else "vivaldi";
|
||||
in stdenv.mkDerivation rec {
|
||||
pname = "vivaldi";
|
||||
version = "6.2.3105.54";
|
||||
version = "6.2.3105.58";
|
||||
|
||||
suffix = {
|
||||
aarch64-linux = "arm64";
|
||||
@ -34,8 +34,8 @@ in stdenv.mkDerivation rec {
|
||||
src = fetchurl {
|
||||
url = "https://downloads.vivaldi.com/${branch}/vivaldi-${branch}_${version}-1_${suffix}.deb";
|
||||
hash = {
|
||||
aarch64-linux = "sha256-QqdCnwSrqJAEj++xcr3cOkKSbZIFkyvMutxsLNR/Moc=";
|
||||
x86_64-linux = "sha256-z5/l94MFhpHRLvbUdSwFSSt3n21mPZJzanYugXecLFk=";
|
||||
aarch64-linux = "sha256-PDy+cenU1D9UKlICgZgj/KKZFq5x8iSDpbtCr06ks70=";
|
||||
x86_64-linux = "sha256-uWv4odg/nEuY6B8Jzt5Br4pUFMlG0vGEt968PajxMUA=";
|
||||
}.${stdenv.hostPlatform.system} or (throw "Unsupported system: ${stdenv.hostPlatform.system}");
|
||||
};
|
||||
|
||||
|
@ -2,16 +2,16 @@
|
||||
|
||||
buildGoModule rec {
|
||||
pname = "circumflex";
|
||||
version = "3.2";
|
||||
version = "3.5";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "bensadeh";
|
||||
repo = "circumflex";
|
||||
rev = version;
|
||||
hash = "sha256-3cu5Y9Z20CbFN+4/2LLM3pcXofuc8oztoZVPhDzFLas=";
|
||||
hash = "sha256-w5QdFvF+kIxt27rg/uXjd+G0Dls7oYhmFew+O2NoaVg=";
|
||||
};
|
||||
|
||||
vendorHash = "sha256-w9WDbNvnaRgZ/rpI450C7AA244AXRE8u960xZnAiXn4=";
|
||||
vendorHash = "sha256-F9mzGP5b9dcmnT6TvjjbRq/isk1o8vM/5yxWUaZrnaw=";
|
||||
|
||||
nativeBuildInputs = [ makeWrapper ];
|
||||
|
||||
|
@ -2,17 +2,17 @@
|
||||
|
||||
buildGoModule rec {
|
||||
pname = "argocd";
|
||||
version = "2.8.4";
|
||||
version = "2.8.5";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "argoproj";
|
||||
repo = "argo-cd";
|
||||
rev = "v${version}";
|
||||
hash = "sha256-ETvAE9kegqtAduXm9/9fmPgJJ2Xq6ZY5J5iGcjHkyKM=";
|
||||
hash = "sha256-oYREaXUm60AkWO/2X6Cu55F+gCaPYpYqRigJW0ocDL0=";
|
||||
};
|
||||
|
||||
proxyVendor = true; # darwin/linux hash mismatch
|
||||
vendorHash = "sha256-4vGBi6P0xSfBheTg2/z28l9H07TasqqM8l6YjGgLhvs=";
|
||||
vendorHash = "sha256-KzH4GmOeurcEMIDN3B8QSMZY1Fk+tNqy0SYzCXiRVlo=";
|
||||
|
||||
# Set target as ./cmd per cli-local
|
||||
# https://github.com/argoproj/argo-cd/blob/master/Makefile#L227
|
||||
|
@ -6,16 +6,16 @@
|
||||
|
||||
buildGoModule rec {
|
||||
pname = "glooctl";
|
||||
version = "1.15.9";
|
||||
version = "1.15.14";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "solo-io";
|
||||
repo = "gloo";
|
||||
rev = "v${version}";
|
||||
hash = "sha256-P3NC1/ZujqSO2C4ToNLpxgbxqACXYYsAFQh1Xbbu7x4=";
|
||||
hash = "sha256-rQZOGM97mXKFFMQRw6+iiaDLugu0CM7OW2V7w0fgpDM=";
|
||||
};
|
||||
|
||||
vendorHash = "sha256-KaBq1VCGWv3K50DDelS0hOQkXnK1ufBiXBtbPQFzwMY=";
|
||||
vendorHash = "sha256-51s+C4P8xKp52qjr6LK3zWKWzwnuEQyKxi/Wzpha9Fs=";
|
||||
|
||||
subPackages = [ "projects/gloo/cli/cmd" ];
|
||||
|
||||
|
@ -2,16 +2,16 @@
|
||||
|
||||
buildGoModule rec {
|
||||
pname = "kubefirst";
|
||||
version = "2.2.17";
|
||||
version = "2.3.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "kubefirst";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
hash = "sha256-cqKnoGRW+IquuZ7wvCRipRJ6mO18w/yhf5nS094vs7c=";
|
||||
hash = "sha256-5znZMr0Dj6kpKJbypICN5+Fv/+3FgTLBok3YMrWaHdo=";
|
||||
};
|
||||
|
||||
vendorHash = "sha256-0J27JSewc0DCcc3xvl2DBZE/b0qKuozuP7tFdbrRX7I=";
|
||||
vendorHash = "sha256-/iAGUnIMH2+IrvvXig56SpZ0eTfVwaCgGMUDp5/MtEo=";
|
||||
|
||||
ldflags = [ "-s" "-w" "-X github.com/kubefirst/runtime/configs.K1Version=v${version}"];
|
||||
|
||||
|
@ -2,16 +2,16 @@
|
||||
|
||||
buildGoModule rec {
|
||||
pname = "kubelogin";
|
||||
version = "0.0.32";
|
||||
version = "0.0.33";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "Azure";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "sha256-pMen6ZL1S0xr5+h7gVBMG4XjlZUifIiqHvjKgg8AY5c=";
|
||||
sha256 = "sha256-bPxsXRXk8hlhIhj2tO7mJ5XYd6oNH25cwp5CUVo65mo=";
|
||||
};
|
||||
|
||||
vendorHash = "sha256-pNOCagxOcxhELSWO1GfbxGmopYXIgKD00XdZdVgawrc=";
|
||||
vendorHash = "sha256-WZTtu7T7aWOk3Q0HBjGcc+lsgOExmQQEs0lEEvP+Wb4=";
|
||||
|
||||
ldflags = [
|
||||
"-X main.version=${version}"
|
||||
|
@ -10,16 +10,16 @@
|
||||
|
||||
buildGoModule rec {
|
||||
pname = "nerdctl";
|
||||
version = "1.6.0";
|
||||
version = "1.6.2";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "containerd";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
hash = "sha256-O1N8+Gjo0EapRV5Z7Z27Cfs886cbwTmckJsSJ2OI5fM=";
|
||||
hash = "sha256-izFDqaJFJrgeb3YPP/7rIf/IjvrtlwjbktNy702zVTU=";
|
||||
};
|
||||
|
||||
vendorHash = "sha256-/4XFQagUbU8SgoBogK1hAsfGoTY+DaIVaNpSA3Enaho=";
|
||||
vendorHash = "sha256-4I+qCh/A/Yj5kUZLFvXTUV85l/2LVGPUCivTdDlA1ao=";
|
||||
|
||||
nativeBuildInputs = [ makeWrapper installShellFiles ];
|
||||
|
||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user