diff --git a/nixos/modules/services/networking/tinc.nix b/nixos/modules/services/networking/tinc.nix
index b4b544a2413d..b6afd83a9abd 100644
--- a/nixos/modules/services/networking/tinc.nix
+++ b/nixos/modules/services/networking/tinc.nix
@@ -1,13 +1,156 @@
{ config, lib, pkgs, ... }:
with lib;
-
let
-
cfg = config.services.tinc;
-in
+ mkValueString = value:
+ if value == true then "yes"
+ else if value == false then "no"
+ else generators.mkValueStringDefault { } value;
+ toTincConf = generators.toKeyValue {
+ listsAsDuplicateKeys = true;
+ mkKeyValue = generators.mkKeyValueDefault { inherit mkValueString; } "=";
+ };
+
+ tincConfType = with types;
+ let
+ valueType = oneOf [ bool str int ];
+ in
+ attrsOf (either valueType (listOf valueType));
+
+ addressSubmodule = {
+ options = {
+ address = mkOption {
+ type = types.str;
+ description = "The external IP address or hostname where the host can be reached.";
+ };
+
+ port = mkOption {
+ type = types.nullOr types.port;
+ default = null;
+ description = ''
+ The port where the host can be reached.
+
+ If no port is specified, the default Port is used.
+ '';
+ };
+ };
+ };
+
+ subnetSubmodule = {
+ options = {
+ address = mkOption {
+ type = types.str;
+ description = ''
+ The subnet of this host.
+
+ Subnets can either be single MAC, IPv4 or IPv6 addresses, in which case
+ a subnet consisting of only that single address is assumed, or they can
+ be a IPv4 or IPv6 network address with a prefix length.
+
+ IPv4 subnets are notated like 192.168.1.0/24, IPv6 subnets are notated
+ like fec0:0:0:1::/64. MAC addresses are notated like 0:1a:2b:3c:4d:5e.
+
+ Note that subnets like 192.168.1.1/24 are invalid.
+ '';
+ };
+
+ prefixLength = mkOption {
+ type = with types; nullOr (addCheck int (n: n >= 0 && n <= 128));
+ default = null;
+ description = ''
+ The prefix length of the subnet.
+
+ If null, a subnet consisting of only that single address is assumed.
+
+ This conforms to standard CIDR notation as described in RFC1519.
+ '';
+ };
+
+ weight = mkOption {
+ type = types.ints.unsigned;
+ default = 10;
+ description = ''
+ Indicates the priority over identical Subnets owned by different nodes.
+
+ Lower values indicate higher priority. Packets will be sent to the
+ node with the highest priority, unless that node is not reachable, in
+ which case the node with the next highest priority will be tried, and
+ so on.
+ '';
+ };
+ };
+ };
+
+ hostSubmodule = { config, ... }: {
+ options = {
+ addresses = mkOption {
+ type = types.listOf (types.submodule addressSubmodule);
+ default = [ ];
+ description = ''
+ The external address where the host can be reached. This will set this
+ host's option.
+
+ This variable is only required if you want to connect to this host.
+ '';
+ };
+
+ subnets = mkOption {
+ type = types.listOf (types.submodule subnetSubmodule);
+ default = [ ];
+ description = ''
+ The subnets which this tinc daemon will serve. This will set this
+ host's option.
+
+ Tinc tries to look up which other daemon it should send a packet to by
+ searching the appropriate subnet. If the packet matches a subnet, it
+ will be sent to the daemon who has this subnet in his host
+ configuration file.
+ '';
+ };
+
+ rsaPublicKey = mkOption {
+ type = types.str;
+ default = "";
+ description = ''
+ Legacy RSA public key of the host in PEM format, including start and
+ end markers.
+
+ This will be appended as-is in the host's configuration file.
+
+ The ed25519 public key can be specified using the
+ option instead.
+ '';
+ };
+
+ settings = mkOption {
+ default = { };
+ type = types.submodule { freeformType = tincConfType; };
+ description = ''
+ Configuration for this host.
+
+ See
+ for supported values.
+ '';
+ };
+ };
+
+ config.settings = {
+ Address = mkDefault (map
+ (address: "${address.address} ${toString address.port}")
+ config.addresses);
+
+ Subnet = mkDefault (map
+ (subnet:
+ if subnet.prefixLength == null then "${subnet.address}#${toString subnet.weight}"
+ else "${subnet.address}/${toString subnet.prefixLength}#${toString subnet.weight}")
+ config.subnets);
+ };
+ };
+
+in
{
###### interface
@@ -18,7 +161,7 @@ in
networks = mkOption {
default = { };
- type = with types; attrsOf (submodule {
+ type = with types; attrsOf (submodule ({ config, ... }: {
options = {
extraConfig = mkOption {
@@ -26,6 +169,9 @@ in
type = types.lines;
description = ''
Extra lines to add to the tinc service configuration file.
+
+ Note that using the declarative
+ option is preferred.
'';
};
@@ -69,6 +215,40 @@ in
hosts = mkOption {
default = { };
type = types.attrsOf types.lines;
+ description = ''
+ The name of the host in the network as well as the configuration for that host.
+ This name should only contain alphanumerics and underscores.
+
+ Note that using the declarative
+ option is preferred.
+ '';
+ };
+
+ hostSettings = mkOption {
+ default = { };
+ example = literalExample ''
+ {
+ host1 = {
+ addresses = [
+ { address = "192.168.1.42"; }
+ { address = "192.168.1.42"; port = 1655; }
+ ];
+ subnets = [ { address = "10.0.0.42"; } ];
+ rsaPublicKey = "...";
+ settings = {
+ Ed25519PublicKey = "...";
+ };
+ };
+ host2 = {
+ subnets = [ { address = "10.0.1.0"; prefixLength = 24; weight = 2; } ];
+ rsaPublicKey = "...";
+ settings = {
+ Compression = 10;
+ };
+ };
+ }
+ '';
+ type = types.attrsOf (types.submodule hostSubmodule);
description = ''
The name of the host in the network as well as the configuration for that host.
This name should only contain alphanumerics and underscores.
@@ -79,7 +259,7 @@ in
default = "tun";
type = types.enum [ "tun" "tap" ];
description = ''
- The type of virtual interface used for the network connection
+ The type of virtual interface used for the network connection.
'';
};
@@ -118,8 +298,44 @@ in
Note that tinc can't run scripts anymore (such as tinc-down or host-up), unless it is setup to be runnable inside chroot environment.
'';
};
+
+ settings = mkOption {
+ default = { };
+ type = types.submodule { freeformType = tincConfType; };
+ example = literalExample ''
+ {
+ Interface = "custom.interface";
+ DirectOnly = true;
+ Mode = "switch";
+ }
+ '';
+ description = ''
+ Configuration of the Tinc daemon for this network.
+
+ See
+ for supported values.
+ '';
+ };
};
- });
+
+ config = {
+ hosts = mapAttrs
+ (hostname: host: ''
+ ${toTincConf host.settings}
+ ${host.rsaPublicKey}
+ '')
+ config.hostSettings;
+
+ settings = {
+ DeviceType = mkDefault config.interfaceType;
+ Name = mkDefault (if config.name == null then "$HOST" else config.name);
+ Ed25519PrivateKeyFile = mkIf (config.ed25519PrivateKeyFile != null) (mkDefault config.ed25519PrivateKeyFile);
+ PrivateKeyFile = mkIf (config.rsaPrivateKeyFile != null) (mkDefault config.rsaPrivateKeyFile);
+ ListenAddress = mkIf (config.listenAddress != null) (mkDefault config.listenAddress);
+ BindToAddress = mkIf (config.bindToAddress != null) (mkDefault config.bindToAddress);
+ };
+ };
+ }));
description = ''
Defines the tinc networks which will be started.
@@ -144,13 +360,7 @@ in
"tinc/${network}/tinc.conf" = {
mode = "0444";
text = ''
- Name = ${if data.name == null then "$HOST" else data.name}
- DeviceType = ${data.interfaceType}
- ${optionalString (data.ed25519PrivateKeyFile != null) "Ed25519PrivateKeyFile = ${data.ed25519PrivateKeyFile}"}
- ${optionalString (data.rsaPrivateKeyFile != null) "PrivateKeyFile = ${data.rsaPrivateKeyFile}"}
- ${optionalString (data.listenAddress != null) "ListenAddress = ${data.listenAddress}"}
- ${optionalString (data.bindToAddress != null) "BindToAddress = ${data.bindToAddress}"}
- Interface = tinc.${network}
+ ${toTincConf ({ Interface = "tinc.${network}"; } // data.settings)}
${data.extraConfig}
'';
};
@@ -222,4 +432,5 @@ in
};
+ meta.maintainers = with maintainers; [ minijackson ];
}
diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix
index e4f4b891ceb2..3e134c7544a5 100644
--- a/nixos/tests/all-tests.nix
+++ b/nixos/tests/all-tests.nix
@@ -375,6 +375,7 @@ in
telegraf = handleTest ./telegraf.nix {};
tiddlywiki = handleTest ./tiddlywiki.nix {};
timezone = handleTest ./timezone.nix {};
+ tinc = handleTest ./tinc {};
tinydns = handleTest ./tinydns.nix {};
tor = handleTest ./tor.nix {};
# traefik test relies on docker-containers
diff --git a/nixos/tests/tinc/default.nix b/nixos/tests/tinc/default.nix
new file mode 100644
index 000000000000..31b675ad35c0
--- /dev/null
+++ b/nixos/tests/tinc/default.nix
@@ -0,0 +1,139 @@
+import ../make-test-python.nix ({ lib, ... }:
+ let
+ snakeoil-keys = import ./snakeoil-keys.nix;
+
+ hosts = lib.attrNames snakeoil-keys;
+
+ subnetOf = name: config:
+ let
+ subnets = config.services.tinc.networks.myNetwork.hostSettings.${name}.subnets;
+ in
+ (builtins.head subnets).address;
+
+ makeTincHost = name: { subnet, extraConfig ? { } }: lib.mkMerge [
+ {
+ subnets = [{ address = subnet; }];
+ settings = {
+ Ed25519PublicKey = snakeoil-keys.${name}.ed25519Public;
+ };
+ rsaPublicKey = snakeoil-keys.${name}.rsaPublic;
+ }
+ extraConfig
+ ];
+
+ makeTincNode = { config, ... }: name: extraConfig: lib.mkMerge [
+ {
+ services.tinc.networks.myNetwork = {
+ inherit name;
+ rsaPrivateKeyFile =
+ builtins.toFile "rsa.priv" snakeoil-keys.${name}.rsaPrivate;
+ ed25519PrivateKeyFile =
+ builtins.toFile "ed25519.priv" snakeoil-keys.${name}.ed25519Private;
+
+ hostSettings = lib.mapAttrs makeTincHost {
+ static = {
+ subnet = "10.0.0.11";
+ # Only specify the addresses in the node's vlans, Tinc does not
+ # seem to try each one, unlike the documentation suggests...
+ extraConfig.addresses = map
+ (vlan: { address = "192.168.${toString vlan}.11"; port = 655; })
+ config.virtualisation.vlans;
+ };
+ dynamic1 = { subnet = "10.0.0.21"; };
+ dynamic2 = { subnet = "10.0.0.22"; };
+ };
+ };
+
+ networking.useDHCP = false;
+
+ networking.interfaces."tinc.myNetwork" = {
+ virtual = true;
+ virtualType = "tun";
+ ipv4.addresses = [{
+ address = subnetOf name config;
+ prefixLength = 24;
+ }];
+ };
+
+ # Prevents race condition between NixOS service and tinc creating the
+ # interface.
+ # See: https://github.com/NixOS/nixpkgs/issues/27070
+ systemd.services."tinc.myNetwork" = {
+ after = [ "network-addresses-tinc.myNetwork.service" ];
+ requires = [ "network-addresses-tinc.myNetwork.service" ];
+ };
+
+ networking.firewall.allowedTCPPorts = [ 655 ];
+ networking.firewall.allowedUDPPorts = [ 655 ];
+ }
+ extraConfig
+ ];
+
+ in
+ {
+ name = "tinc";
+ meta.maintainers = with lib.maintainers; [ minijackson ];
+
+ nodes = {
+
+ static = { ... } @ args:
+ makeTincNode args "static" {
+ virtualisation.vlans = [ 1 2 ];
+
+ networking.interfaces.eth1.ipv4.addresses = [{
+ address = "192.168.1.11";
+ prefixLength = 24;
+ }];
+
+ networking.interfaces.eth2.ipv4.addresses = [{
+ address = "192.168.2.11";
+ prefixLength = 24;
+ }];
+ };
+
+
+ dynamic1 = { ... } @ args:
+ makeTincNode args "dynamic1" {
+ virtualisation.vlans = [ 1 ];
+ };
+
+ dynamic2 = { ... } @ args:
+ makeTincNode args "dynamic2" {
+ virtualisation.vlans = [ 2 ];
+ };
+
+ };
+
+ testScript = ''
+ start_all()
+
+ static.wait_for_unit("tinc.myNetwork.service")
+ dynamic1.wait_for_unit("tinc.myNetwork.service")
+ dynamic2.wait_for_unit("tinc.myNetwork.service")
+
+ # Static is accessible by the other hosts
+ dynamic1.succeed("ping -c5 192.168.1.11")
+ dynamic2.succeed("ping -c5 192.168.2.11")
+
+ # The other hosts are in separate vlans
+ dynamic1.fail("ping -c5 192.168.2.11")
+ dynamic2.fail("ping -c5 192.168.1.11")
+
+ # Each host can ping themselves through Tinc
+ static.succeed("ping -c5 10.0.0.11")
+ dynamic1.succeed("ping -c5 10.0.0.21")
+ dynamic2.succeed("ping -c5 10.0.0.22")
+
+ # Static is accessible by the other hosts through Tinc
+ dynamic1.succeed("ping -c5 10.0.0.11")
+ dynamic2.succeed("ping -c5 10.0.0.11")
+
+ # Static can access the other hosts through Tinc
+ static.succeed("ping -c5 10.0.0.21")
+ static.succeed("ping -c5 10.0.0.22")
+
+ # The other hosts in separate vlans can access each other through Tinc
+ dynamic1.succeed("ping -c5 10.0.0.22")
+ dynamic2.succeed("ping -c5 10.0.0.21")
+ '';
+ })
diff --git a/nixos/tests/tinc/snakeoil-keys.nix b/nixos/tests/tinc/snakeoil-keys.nix
new file mode 100644
index 000000000000..650e57d61d4a
--- /dev/null
+++ b/nixos/tests/tinc/snakeoil-keys.nix
@@ -0,0 +1,157 @@
+{
+ static = {
+ ed25519Private = ''
+ -----BEGIN ED25519 PRIVATE KEY-----
+ IPR+ur5LfVdm6VlR1+FGIkbkL8Enkb9sejBa/JP6tXkg/vHoraIp70srb6jAUFm5
+ 3YbCJiBjLW3dy16qM5PovBoWtr5hoqYYA9dFLOys8FBUFFsIGfKhnbk7g25iwxbO
+ -----END ED25519 PRIVATE KEY-----
+ '';
+
+ ed25519Public = "AqV7aeIqKGGQfXxijMLfRAVRBLixnS45G5OoduIc8mD";
+
+ rsaPrivate = ''
+ -----BEGIN RSA PRIVATE KEY-----
+ MIIEpAIBAAKCAQEAxDHl0TIhhT2yH5rT+Q7MLnj+Ir8bbs3uaPqnzcxWzN1EfVP8
+ TWt5fSTrF2Dc78Kyu5ZNALrp7tUj0GZAegp1YeYJ28p3qTwCveywtCwbB4dI987S
+ yJwq95kE9aoyLa+cT99VwSTdb2YowQv2tWj/idxE3oJ+qZjy9tE5mysXm7jmTQDx
+ +U0XmNe6MHjKXc01Ener41u0ykJLeUfdgJ1zEyM2rQGtaHpIXfMT6kmxCaMcAMLg
+ YFpI38/1pQGQtROKdGOaUomx2m058bkMsJhTiBjESiLRDElRGxmMJ732crGJP0GR
+ ChJkaX/CnxHq7R0daZfwoTVHRu6N7WDbFQL5twIDAQABAoIBAQCM/fLTIHyYXRr5
+ vXFhxXGUYBz56W6UdWdEiAU5TwR92vFSQ53IIVlARtyvg0ui/b8mMcAKq0hb+03u
+ gN0LFyL+BKvHCLxvoRGzXTorcJrIET+t3jL6OchjANNgnDvNOytQ9wWQdKaxXLAi
+ 8y8LdXZWozXW1d6ikKjiGL+WNCSWIcq83ktSJZcohihptU9Un16FYQzdolSC8RtI
+ XyT7i1ye6hW/wJTJxqZ4taX3EPat85kXS234VGSqg9bb2A1yE+U8Rq37bf8AKldJ
+ NUQB3JyxnkYGJcqvzDmz139+744VWxDRvXDA5vU29LC6f8bGBvwEttD98QW+pgmB
+ 1NBU1Uo5AoGBAOzUk6k74h1RarwXaftjh/9Pures0CfNNnrkJApzFCh4bAoHNxq6
+ SSXqLcc/vvX2+YaZ72nn5YTo+JLQP6evM9oUaqRMAxa3nzoNCtF8U2r48UWmoUQE
+ aZCYbD3m7IVWFacCKRVaVTMZMTTicypSnXcbCSIEH8PRs9+L4jkHgql9AoGBANQT
+ TZECVhIaQnyRiKWlUE8G1QKzXIxjmfyirBe+ftlIG2XMXasAtQ4VRxpnorgqUnIH
+ BVrIbvRx21zlqwZbrZvyb1jHWRoyi1cqBPijpYBUm5LbV2jgHPhnfhRVqdD4CDKj
+ NQzIQrNymFaMWAoOQv/DE3g+Txr0fm9Ztu8ZRXZDAoGAHh3SQT0aPfwyhIS9t3gq
+ vS7YYa8aMVWJTgthAessbxERPB06xq1Vy/qBo8rZb9HeXV2J8n/I0iQGKDVPQvWm
+ tF7QSOBZrDPhjbJG4+jZesr5c5ADBfFBs1+OtDh/b11JF5nQu6RnHT5g4YbCemlT
+ GOhZOvgnSfGK3CyfsfzggskCgYEAmpKDK5kPUNxw70hH16v5L9Bj+zbt0qlZ+Ag8
+ 9IV1ATuMNJNTBitay6v4iidVM3QtaUzyuytxq5s87qW7FMRHcm2ueH+70ttaMiq/
+ OtZT74g7aDuUpy0KEIemHn4dauENYJMSPIHOE+sHW7WpCZNBhBcUHsUTdSsU6GX0
+ bqr1tO8CgYBpZdR2OoX/rn8nwjmtBOH38aPnCpaAfdI2Eq2Lg6DjksP6TBt53a+R
+ m1lk6Kt37BPPZQ85SBr7ywvDgUzfoD7uSmHujF2JUHPsdrg9nx7pNIGlW6DlS9OU
+ oNXGAJ/6/y6F8uDbToUfrwFq5tKMypEEa32kFtxb9f0XQ5fSgHrBEw==
+ -----END RSA PRIVATE KEY-----
+ '';
+
+ rsaPublic = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIIBCgKCAQEAxDHl0TIhhT2yH5rT+Q7MLnj+Ir8bbs3uaPqnzcxWzN1EfVP8TWt5
+ fSTrF2Dc78Kyu5ZNALrp7tUj0GZAegp1YeYJ28p3qTwCveywtCwbB4dI987SyJwq
+ 95kE9aoyLa+cT99VwSTdb2YowQv2tWj/idxE3oJ+qZjy9tE5mysXm7jmTQDx+U0X
+ mNe6MHjKXc01Ener41u0ykJLeUfdgJ1zEyM2rQGtaHpIXfMT6kmxCaMcAMLgYFpI
+ 38/1pQGQtROKdGOaUomx2m058bkMsJhTiBjESiLRDElRGxmMJ732crGJP0GRChJk
+ aX/CnxHq7R0daZfwoTVHRu6N7WDbFQL5twIDAQAB
+ -----END RSA PUBLIC KEY-----
+ '';
+ };
+
+ dynamic1 = {
+ ed25519Private = ''
+ -----BEGIN ED25519 PRIVATE KEY-----
+ wHNC2IMXfYtL4ehdsCX154HBvlIZYEiTOnXtckWMUtEAiX9fu7peyBkp9q+yOy9c
+ xsNyssLL78lt0GoweCxlu3Sza2oBQAcwb+6tuv7P/bqzcG005uCwquyCz8LVymXA
+ -----END ED25519 PRIVATE KEY-----
+ '';
+
+ ed25519Public = "t0smNaAEAH8mver77+z/m6MnBNdurAsqrswM/Sls5FA";
+
+ rsaPrivate = ''
+ -----BEGIN RSA PRIVATE KEY-----
+ MIIEpAIBAAKCAQEApukYNGFNWvVlmx75LyOE7MEcd/ViV+yEyk+4cIBXYJ3Ouw+/
+ oEuh8ghQfsiUtbUPR6hPYhX2ZV8XGhuU2nAXVQV0sfZ8pdkbHQ6wHUqFcUIQAVvS
+ Wpm2DvZM8jkbCPP64/x5nukPwQ8VoNnb62rWGzbcj7rOeb7ndMK0TpX5Wwv8F297
+ nKTNCEDbK3DLTj3VD+QGnw6AoEt5i44vViAWZBXuHLHWTDC0Nq8GG+9TKODkEwt5
+ 4dgN2X9f+WTVAYhZT3SayHLqIFIMQunN89RpWwhHSW+JIRfAfuT1TbP+wA5ptDeI
+ ktCkJwWyv4hK6l800BJ9GW1nbId5LPa58ipaVwIDAQABAoIBAHcw3WgKVAMwWm57
+ n9ZZtwKapInFYYUIEYungj5UaBFGn+pVRLJjUDJWXaUr94YK1e6F8qpIpLufPBAY
+ wiN7CC5exwaOzlRgxUvqwTkpjkFiu6s8tuqb+baVjD0tKnEqSW+lS/R+2hEzhG5p
+ JPLoSB0HAFpjPC8UdJSctcWos3if3mvOGkGCKyTkrwaJgECDfD+lZ+NBIAiYLSps
+ jWLE+XlY1+nfPdLUQ+TRSv3IikJ/CWbvJLl9EE1tKhkY564KytwZrkIdJlc7NyRO
+ HpzhyMzHu1GLsr+OsBZByNNUxEPU+bzkDQluRXUSIUs9zZoBiCQr3o04qGPTEX9n
+ pNU60gECgYEA3Uf+c80eqzjDxv+O0YzC+9x6A+yMrV56siGkKRPMlrSqjX7iE2Yg
+ tUjD25kEvtaFuB3f/7zp3h4O/VLZgXreRtXHvdrfoyyJGHvHIyCGm8sw8CEWsKo4
+ 1LgZUzdPJRkXJq1zOgS0r1xsA1UDC4s02Ww2HwNeVWtmLUyCpA+B/ccCgYEAwRk9
+ tbe82eq1a85zZiPVXP2qvDH5+Vz9YiMky8xsBnoxmz2siR+NdvWBLcE2VDIY8MK1
+ 9a1dz2a7cAHQBrtWtACFVY4zvr69DumApjbQRClDYpJ42tp2VbzlMcUDIoKudRQV
+ CObhrE4w4yfVizXFyH9+4Tsg5NzVYuGg9fUJ/vECgYEAoRz7KouNqfMhsLF/5hkM
+ Gt9zw4mm/9ALm8kcwn/U9WHD0FQy/Rbd98BsQmaOavi80cqGvqhoyz2tgkqhbUHt
+ tzuOPDCxphgWFcqBupTDDYoLLruYzraRvGfyoIFj0coL7jBZ9kNY31l2l5J9LhmE
+ OE4utbP5Kk6RTagocpWL+x8CgYB48CwcIcWf3kZeDOFtuUeqhB1o3Qwox7rSuhwT
+ oCaQL/vdtNTY1PAu7zhGxdoXBYFlWS3JfxlgCoGedyQo8zAscJ8RpIx4DNIwAsLW
+ V0I9TnKry/zxZR30OOh7MV7zQFGvdjJubtwspJQt0QcHt1f2aRO4UOYbMMxcr9+1
+ 7BCkoQKBgQDBEtg1hx9zYGg1WN2TBSvh6NShi9S23r6IZ3Up8vz6Z2rcwB3UuhKi
+ xluI2ZFwM9s+7UOpaGC+hnc1aMHDEguYOPXoIzvebbYAdN4AkrsJ5d0r1GoEe64E
+ UXxrfuv5LeJ/vkUgWof+U3/jGOVvrjzi5y1xOC0r3kiSpMa85s1dhQ==
+ -----END RSA PRIVATE KEY-----
+ '';
+
+ rsaPublic = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIIBCgKCAQEApukYNGFNWvVlmx75LyOE7MEcd/ViV+yEyk+4cIBXYJ3Ouw+/oEuh
+ 8ghQfsiUtbUPR6hPYhX2ZV8XGhuU2nAXVQV0sfZ8pdkbHQ6wHUqFcUIQAVvSWpm2
+ DvZM8jkbCPP64/x5nukPwQ8VoNnb62rWGzbcj7rOeb7ndMK0TpX5Wwv8F297nKTN
+ CEDbK3DLTj3VD+QGnw6AoEt5i44vViAWZBXuHLHWTDC0Nq8GG+9TKODkEwt54dgN
+ 2X9f+WTVAYhZT3SayHLqIFIMQunN89RpWwhHSW+JIRfAfuT1TbP+wA5ptDeIktCk
+ JwWyv4hK6l800BJ9GW1nbId5LPa58ipaVwIDAQAB
+ -----END RSA PUBLIC KEY-----
+ '';
+ };
+
+ dynamic2 = {
+ ed25519Private = ''
+ -----BEGIN ED25519 PRIVATE KEY-----
+ oUx9JdIstZLMj3ZPD8mP3ITsUscCTIXhNF3VKFUVi/ma5uk50/1vrEohfDraiMxj
+ gAWthpkhnFzUbp+YlOHE7/Z3h1a/br2/tk8DoZ5PV6ufoV1MaBlGdu+TZgeZou0t
+ -----END ED25519 PRIVATE KEY-----
+ '';
+
+ ed25519Public = "f2dYt2/2q9fLJ/AaW+Tlu7HaVNjWQpRnr/UGoXGqLdL";
+
+ rsaPrivate = ''
+ -----BEGIN RSA PRIVATE KEY-----
+ MIIEpAIBAAKCAQEAtQfijPX3BwOAs2Y0EuNjcBmsI90uYqNAonrFgTtcVwERIVE6
+ p6alSEakazhByujBg3jI8oPKC8eO0IJ7x/BWcgxqaw8hsPfJZFnRlwEcU5kK4c+j
+ UNS+hJOXp0x97T1edLpSFHDK9bZ2necblHKG5MsI4UsxEa+CZ0yoIybwWCDmYuya
+ PvE7CeNNa+CIOUbtPVoN4p/aBj0vZeerNBBuodNkglKRxj4l9wD9uOx4S9sdK5lu
+ q/rkxlViBoXRAshT+G2d/u/7/WPoiKB3QJcF33z8UfrlsTRnDDqOMSGisTPSv2LK
+ 4QLN4hWOGXAYQqZcxTkvvjl62mCDuoy0TM+CKQIDAQABAoIBAFKpMAxXf52nPswr
+ /dkmFVCpmE2kADsv+iJ21tpkpYxgw1aoRZUp5cyz3P3MaVZio4IJ1A/Ql6B7Vb3l
+ 5ulr170p6CnMdgDdlAsLbEV8T1foyOxFKHiPPBNDZXsR1WpPnGLGdRY6TqKV12HQ
+ lmpZRTkRcJOXBufhcTUD7r5mWFaUoZ7so6VxR4L4Tzcgv1Rl4S6jgnHOQdO6lj47
+ BaPjpBb+hplJ4wsRm91dQ7JApYq25XZwyxnBwQ2zAwb46wsuFxDPHlSc4wU7qTt6
+ x2omm33Xy2cm8L1XQhrassZzldSnAyaLBh9DC3+vFPLODDxdz5M2kpHujYYctRhv
+ CICMYJUCgYEA7mWVYuw0S8FNjaLx6n9Q1hr9d9vAFDd3NEaegH586xvhYNxf6n+C
+ 2zZloVLEsX0UnBU/6ZtLAUfxUIqlvDS2r1VjSYG5SNxM6/vyGl17Niu1jC8nzf7M
+ V1WtDCHhT4ikZCuNkAldtgI7CXVdCVO/fTqVhjk4hDblJo7VsCZSZysCgYEAwmXp
+ TwlDHapDqA8UxClZuxS8k+2hthny3ihRPCuT34yqAz074zYG97ZBKwIa4Lm1vnkc
+ mwU7yR2aK7IYeU4ScfWm1mLjkW5iaNV/sG7iTz/RP4mBAs3KSGmuhhz8sFWcXByU
+ IZyvMJvC+FpgJQJn/Xc8ZmdImvXlZd6k8v4/kfsCgYEA6VzFPB2OH63slb4w42SX
+ o86t2dtiDigxZxnN5GhtLdSP7borpigF10JLf/y+kCOpvhRLCQk8Bdf/z+C41iAf
+ yEhktbrnvfvwzHxHhSmHCAMHZ19trodCTiePCrZLkQhoK6o6nAmfEyDh26NoXE3/
+ v71OSyLOQRZfgDwHz7PjrBsCgYAe0zojpjxWP+FqjLmmQUhROgCNFGlIDuVMBOic
+ uexAznVG/ja42KBSNzwuLa9FYy1Gfr3idvn78g24UA1BbvfNyj4iUJv1O6OvK+uL
+ dom8N0pe4NbsMuWYhel+qqoG7AxXLtDuY4IEGy7XYr1MIQ2MS5PwSQBiUguGE7/k
+ KBy8cQKBgQCyC9R8VWJxQLqJxZGa9Ful01bSuntB5OLRfEjFCCuGiY/3Vj+mCiQL
+ GOfMOi2jrcnSNgUm0uevmiFCq9m7QiPiAcSYKXPWhsz/55jJIGcZy8bwyhZ2s2Mg
+ BGeZgj4RFORidqkt5g/KJz0+Wp6Ks4sLoCvOzkpeXvLzFVyzGkihrw==
+ -----END RSA PRIVATE KEY-----
+ '';
+
+ rsaPublic = ''
+ -----BEGIN RSA PUBLIC KEY-----
+ MIIBCgKCAQEAtQfijPX3BwOAs2Y0EuNjcBmsI90uYqNAonrFgTtcVwERIVE6p6al
+ SEakazhByujBg3jI8oPKC8eO0IJ7x/BWcgxqaw8hsPfJZFnRlwEcU5kK4c+jUNS+
+ hJOXp0x97T1edLpSFHDK9bZ2necblHKG5MsI4UsxEa+CZ0yoIybwWCDmYuyaPvE7
+ CeNNa+CIOUbtPVoN4p/aBj0vZeerNBBuodNkglKRxj4l9wD9uOx4S9sdK5luq/rk
+ xlViBoXRAshT+G2d/u/7/WPoiKB3QJcF33z8UfrlsTRnDDqOMSGisTPSv2LK4QLN
+ 4hWOGXAYQqZcxTkvvjl62mCDuoy0TM+CKQIDAQAB
+ -----END RSA PUBLIC KEY-----
+ '';
+ };
+}
diff --git a/pkgs/applications/version-management/pijul/default.nix b/pkgs/applications/version-management/pijul/default.nix
index 0f7e2bc9486c..b09267fb9395 100644
--- a/pkgs/applications/version-management/pijul/default.nix
+++ b/pkgs/applications/version-management/pijul/default.nix
@@ -13,14 +13,14 @@
rustPlatform.buildRustPackage rec {
pname = "pijul";
- version = "1.0.0-alpha.17";
+ version = "1.0.0-alpha.21";
src = fetchCrate {
inherit version pname;
- sha256 = "03r383fkqx17sb2c0kz71lbn0rdas7nd9yw7ni5fbmrq8rlk9brv";
+ sha256 = "0csa2a8ci6b9vgq57hyz2ng0x8pv1p1ilw72z2b8rrpacdrzb633";
};
- cargoSha256 = "0dfmldklklax8nb3pry0h80kih1k1idfjgaxinxkk1iflcm3cwqn";
+ cargoSha256 = "05z5iqs63s6cvaq4sjfxhcg5ka3rwn6ikcjs26jyqcbkp2bd9z88";
cargoBuildFlags = stdenv.lib.optional gitImportSupport "--features=git";
diff --git a/pkgs/development/ocaml-modules/visitors/default.nix b/pkgs/development/ocaml-modules/visitors/default.nix
index 35cdfc3a9af4..c8d9436461aa 100644
--- a/pkgs/development/ocaml-modules/visitors/default.nix
+++ b/pkgs/development/ocaml-modules/visitors/default.nix
@@ -1,23 +1,29 @@
-{ stdenv, fetchurl, ocaml, findlib, ocamlbuild, cppo, ppx_tools, ppx_deriving, result }:
+{ lib, buildDunePackage, fetchFromGitLab, ppx_tools, ppx_deriving, result, cppo }:
-stdenv.mkDerivation {
- name = "ocaml${ocaml.version}-visitors-20190711";
+buildDunePackage rec {
+ pname = "visitors";
+ version = "20200210";
- src = fetchurl {
- url = "http://gallium.inria.fr/~fpottier/visitors/visitors-20190711.tar.gz";
- sha256 = "1h794xczfczf573mpwzm4ah9ir1rbbrkqipbh3aflfpdq2mgsbvg";
+ useDune2 = true;
+
+ minimumOCamlVersion = "4.02.3";
+
+ src = fetchFromGitLab {
+ owner = "fpottier";
+ repo = pname;
+ rev = version;
+ domain = "gitlab.inria.fr";
+ sha256 = "12i099h1hc1walabiwqbinnpgcxkc1wn72913v7v6vvyif21rb5a";
};
- buildInputs = [ ocaml findlib ocamlbuild cppo ];
+ buildInputs = [ cppo ];
+
propagatedBuildInputs = [ ppx_tools ppx_deriving result ];
- createFindlibDestdir = true;
-
- meta = with stdenv.lib; {
+ meta = with lib; {
homepage = "https://gitlab.inria.fr/fpottier/visitors";
license = licenses.lgpl21;
description = "An OCaml syntax extension (technically, a ppx_deriving plugin) which generates object-oriented visitors for traversing and transforming data structures";
- inherit (ocaml.meta) platforms;
maintainers = [ maintainers.marsam ];
};
}
diff --git a/pkgs/development/python-modules/boto3/default.nix b/pkgs/development/python-modules/boto3/default.nix
index 1688882e57e1..1667c49e1764 100644
--- a/pkgs/development/python-modules/boto3/default.nix
+++ b/pkgs/development/python-modules/boto3/default.nix
@@ -13,11 +13,11 @@
buildPythonPackage rec {
pname = "boto3";
- version = "1.16.31"; # N.B: if you change this, change botocore too
+ version = "1.16.35"; # N.B: if you change this, change botocore too
src = fetchPypi {
inherit pname version;
- sha256 = "0c9q7njargrhxcl99mdc7xbb29imp8kpyg3d0vwq2crlzxln8y49";
+ sha256 = "0ah1jhj68v6d8qm2mk64jjl6zi9qa3ssmj9jv3fmk9kyahahjpm3";
};
propagatedBuildInputs = [ botocore jmespath s3transfer ] ++ lib.optionals (!isPy3k) [ futures ];
diff --git a/pkgs/development/python-modules/botocore/default.nix b/pkgs/development/python-modules/botocore/default.nix
index add0f54e29d8..e0ecc77c3063 100644
--- a/pkgs/development/python-modules/botocore/default.nix
+++ b/pkgs/development/python-modules/botocore/default.nix
@@ -12,11 +12,11 @@
buildPythonPackage rec {
pname = "botocore";
- version = "1.19.31"; # N.B: if you change this, change boto3 and awscli to a matching version
+ version = "1.19.35"; # N.B: if you change this, change boto3 and awscli to a matching version
src = fetchPypi {
inherit pname version;
- sha256 = "0z8pmkr7j2w90qpd25wv0j1z4kqx90j6ch8c8irlyj84wx61skk2";
+ sha256 = "08vymgdv3d0394gqgmbzqk00248zhkigfc21vwbhf1lva08ajfk3";
};
propagatedBuildInputs = [
diff --git a/pkgs/development/python-modules/setuptools-rust/default.nix b/pkgs/development/python-modules/setuptools-rust/default.nix
index 84465cd475d0..5125e166a0ce 100644
--- a/pkgs/development/python-modules/setuptools-rust/default.nix
+++ b/pkgs/development/python-modules/setuptools-rust/default.nix
@@ -10,13 +10,13 @@
buildPythonPackage rec {
pname = "setuptools-rust";
- version = "0.11.5";
+ version = "0.11.6";
disabled = isPy27;
src = fetchPypi {
inherit pname version;
- sha256 = "04ea21f1bd029046fb87d098be4d7dc74663a58dd1f9fc6edcf8f3e4123ec4a8";
+ sha256 = "a5b5954909cbc5d66b914ee6763f81fa2610916041c7266105a469f504a7c4ca";
};
nativeBuildInputs = [ setuptools_scm ];
@@ -26,6 +26,7 @@ buildPythonPackage rec {
meta = with stdenv.lib; {
description = "Setuptools plugin for Rust support";
homepage = "https://github.com/PyO3/setuptools-rust";
+ changelog = "https://github.com/PyO3/setuptools-rust/releases/tag/v${version}";
license = licenses.mit;
maintainers = with maintainers; [ danieldk ];
};
diff --git a/pkgs/development/tools/misc/usbsdmux/default.nix b/pkgs/development/tools/misc/usbsdmux/default.nix
new file mode 100644
index 000000000000..59b5dc982391
--- /dev/null
+++ b/pkgs/development/tools/misc/usbsdmux/default.nix
@@ -0,0 +1,19 @@
+{ lib, python3Packages }:
+
+python3Packages.buildPythonApplication rec {
+ pname = "usbsdmux";
+ version = "0.1.8";
+
+ src = python3Packages.fetchPypi {
+ inherit pname version;
+ sha256 = "0m3d0rs9s5v5hnsjkfybmd8v54gn7rc1dbg5vc48rryhc969pr9f";
+ };
+
+ meta = with lib; {
+ description = "Control software for the LXA USB-SD-Mux";
+ homepage = "https://github.com/linux-automation/usbsdmux";
+ license = licenses.lgpl21;
+ maintainers = with maintainers; [ emantor ];
+ platforms = with platforms; linux;
+ };
+}
diff --git a/pkgs/games/super-tux-kart/default.nix b/pkgs/games/super-tux-kart/default.nix
index b3a7966071a7..2c686f5724de 100644
--- a/pkgs/games/super-tux-kart/default.nix
+++ b/pkgs/games/super-tux-kart/default.nix
@@ -1,14 +1,14 @@
-{ lib, stdenv, fetchFromGitHub, fetchsvn, cmake, pkgconfig, makeWrapper
-, openal, freealut, libGLU, libGL, libvorbis, libogg, gettext, curl, freetype, glew
-, fribidi, libtool, bluez, libjpeg, libpng, zlib, libX11, libXrandr, harfbuzz
+{ lib, stdenv, fetchFromGitHub, fetchsvn, cmake, pkg-config, makeWrapper
+, SDL2, glew, openal, libvorbis, libogg, curl, freetype, bluez, libjpeg, libpng, enet, harfbuzz
, mcpp, wiiuse, angelscript
}:
+
let
dir = "stk-code";
assets = fetchsvn {
url = "https://svn.code.sf.net/p/supertuxkart/code/stk-assets";
- rev = "18212";
- sha256 = "1dyj8r5rfifhnhayga8w8irkpa99vw57xjmy74cp8xz8g7zvdzqf";
+ rev = "18218";
+ sha256 = "11iv3cqzvbjg33zz5i5gkl2syn6mlw9wqv0jc7h36vjnjqjv17xw";
name = "stk-assets";
};
@@ -33,17 +33,19 @@ let
"libraqm"
# Not packaged to this date
"libsquish"
+ # Not packaged to this date
+ "sheenbidi"
];
in stdenv.mkDerivation rec {
pname = "supertuxkart";
- version = "1.1";
+ version = "1.2";
src = fetchFromGitHub {
owner = "supertuxkart";
repo = "stk-code";
rev = version;
- sha256 = "01vxxl94583ixswzmi4caz8dk64r56pn3zxh7v63zml60yfvxbvp";
+ sha256 = "1f98whk0v45jgwcsbdsb1qfambvrnbbgwq0w28kjz4278hinwzq6";
name = dir;
};
@@ -53,12 +55,10 @@ in stdenv.mkDerivation rec {
find lib -maxdepth 1 -type d | egrep -v "^lib$|${(lib.concatStringsSep "|" bundledLibraries)}" | xargs -n1 -L1 -r -I{} rm -rf {}
'';
- nativeBuildInputs = [ cmake gettext libtool pkgconfig makeWrapper ];
+ nativeBuildInputs = [ cmake pkg-config makeWrapper ];
buildInputs = [
- libX11 libXrandr
- openal freealut libGLU libGL libvorbis libogg zlib freetype glew
- curl fribidi bluez libjpeg libpng harfbuzz
+ SDL2 glew openal libvorbis libogg freetype curl bluez libjpeg libpng enet harfbuzz
mcpp wiiuse angelscript
];
@@ -68,6 +68,7 @@ in stdenv.mkDerivation rec {
"-DCHECK_ASSETS=OFF"
"-DUSE_SYSTEM_WIIUSE=ON"
"-DUSE_SYSTEM_ANGELSCRIPT=ON"
+ "-DOpenGL_GL_PREFERENCE=GLVND"
];
# Obtain the assets directly from the fetched store path, to avoid duplicating assets across multiple engine builds
diff --git a/pkgs/misc/barebox/default.nix b/pkgs/misc/barebox/default.nix
new file mode 100644
index 000000000000..78d4228abb3b
--- /dev/null
+++ b/pkgs/misc/barebox/default.nix
@@ -0,0 +1,96 @@
+{ stdenv
+, lib
+, fetchurl
+, bison
+, dtc
+, flex
+, libusb1
+, lzop
+, openssl
+, pkgconfig
+, buildPackages
+}:
+
+let
+ buildBarebox = {
+ filesToInstall
+ , installDir ? "$out"
+ , defconfig
+ , extraMeta ? {}
+ , ... } @ args: stdenv.mkDerivation rec {
+ pname = "barebox-${defconfig}";
+
+ version = "2020.12.0";
+
+ src = fetchurl {
+ url = "https://www.barebox.org/download/barebox-${version}.tar.bz2";
+ sha256 = "06vsd95ihaa2nywpqy6k0c7xwk2pzws4yvbp328yd2pfiigachrv";
+ };
+
+ postPatch = ''
+ patchShebangs scripts
+ '';
+
+ nativeBuildInputs = [
+ bison
+ dtc
+ flex
+ openssl
+ libusb1
+ lzop
+ pkgconfig
+ ];
+ depsBuildBuild = [ buildPackages.stdenv.cc ];
+
+ hardeningDisable = [ "all" ];
+
+ makeFlags = [
+ "DTC=dtc"
+ "CROSS_COMPILE=${stdenv.cc.targetPrefix}"
+ ];
+
+ configurePhase = ''
+ runHook preConfigure
+
+ make ${defconfig}
+
+ runHook postConfigure
+ '';
+
+ installPhase = ''
+ runHook preInstall
+
+ mkdir -p ${installDir}
+ cp ${lib.concatStringsSep " " filesToInstall} ${installDir}
+
+ runHook postInstall
+ '';
+
+ enableParallelBuilding = true;
+
+ dontStrip = true;
+
+ meta = with lib; {
+ homepage = "https://www.barebox.org";
+ description = "The Swiss Army Knive for bare metal";
+ license = licenses.gpl2;
+ maintainers = with maintainers; [ emantor ];
+ } // extraMeta;
+ } // removeAttrs args [ "extraMeta" ];
+
+in {
+ inherit buildBarebox;
+
+ bareboxTools = buildBarebox {
+ defconfig = "hosttools_defconfig";
+ installDir = "$out/bin";
+ extraMeta.platforms = lib.platforms.linux;
+ filesToInstall = [
+ "scripts/bareboximd"
+ "scripts/imx/imx-usb-loader"
+ "scripts/omap4_usbboot"
+ "scripts/omap3-usb-loader"
+ "scripts/kwboot"
+ ];
+ };
+}
diff --git a/pkgs/os-specific/linux/cifs-utils/default.nix b/pkgs/os-specific/linux/cifs-utils/default.nix
index ad136b811df8..11544d946662 100644
--- a/pkgs/os-specific/linux/cifs-utils/default.nix
+++ b/pkgs/os-specific/linux/cifs-utils/default.nix
@@ -1,4 +1,4 @@
-{ stdenv, fetchurl, autoreconfHook, docutils, pkgconfig
+{ stdenv, lib, fetchurl, autoreconfHook, docutils, pkgconfig
, kerberos, keyutils, pam, talloc }:
stdenv.mkDerivation rec {
@@ -14,6 +14,12 @@ stdenv.mkDerivation rec {
buildInputs = [ kerberos keyutils pam talloc ];
+ configureFlags = stdenv.lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [
+ # AC_FUNC_MALLOC is broken on cross builds.
+ "ac_cv_func_malloc_0_nonnull=yes"
+ "ac_cv_func_realloc_0_nonnull=yes"
+ ];
+
makeFlags = [ "root_sbindir=$(out)/sbin" ];
meta = with stdenv.lib; {
diff --git a/pkgs/os-specific/linux/kernel/linux-rt-5.9.nix b/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix
similarity index 75%
rename from pkgs/os-specific/linux/kernel/linux-rt-5.9.nix
rename to pkgs/os-specific/linux/kernel/linux-rt-5.10.nix
index 988335d0d3ba..4eec6c431b6c 100644
--- a/pkgs/os-specific/linux/kernel/linux-rt-5.9.nix
+++ b/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix
@@ -6,22 +6,26 @@
, ... } @ args:
let
- version = "5.9.1-rt20"; # updated by ./update-rt.sh
+ version = "5.10-rt17"; # updated by ./update-rt.sh
branch = lib.versions.majorMinor version;
kversion = builtins.elemAt (lib.splitString "-" version) 0;
in buildLinux (args // {
inherit version;
+ # modDirVersion needs a patch number, change X.Y-rtZ to X.Y.0-rtZ.
+ modDirVersion = if (builtins.match "[^.]*[.][^.]*-.*" version) == null then version
+ else lib.replaceStrings ["-"] [".0-"] version;
+
src = fetchurl {
url = "mirror://kernel/linux/kernel/v5.x/linux-${kversion}.tar.xz";
- sha256 = "0dn0xz81pphca5dkg6zh8c78p05f63rrr5ihqqsmhc4n73li2jms";
+ sha256 = "0hyav21vzz5v1kgb455pcz9ncg5qqzxmp60na290scwq7vj9kpyw";
};
kernelPatches = let rt-patch = {
name = "rt";
patch = fetchurl {
url = "mirror://kernel/linux/kernel/projects/rt/${branch}/older/patch-${version}.patch.xz";
- sha256 = "0ma3mv475qgg0dri4928gi6z00d7s59pdwj0d6dh0mfzs2xddnyv";
+ sha256 = "0baf7363f6h3smr4lgw88dbpf4977j6c1asifyhc8zhd7100ckhn";
};
}; in [ rt-patch ] ++ lib.remove rt-patch kernelPatches;
diff --git a/pkgs/os-specific/linux/kernel/update-rt.sh b/pkgs/os-specific/linux/kernel/update-rt.sh
index bcfa494d7e7a..4cbd45524a86 100755
--- a/pkgs/os-specific/linux/kernel/update-rt.sh
+++ b/pkgs/os-specific/linux/kernel/update-rt.sh
@@ -58,7 +58,7 @@ update-if-needed() {
msg="$nixattr: $cur -> $new"
else
msg="$nixattr: init at $new"
- prev=$(ls "$(dirname "$0")"/linux-rt-*.nix | tail -1)
+ prev=$(ls -v "$(dirname "$0")"/linux-rt-*.nix | tail -1)
cp "$prev" "$file"
cur=$(file-version "$file")
fi
diff --git a/pkgs/os-specific/linux/nfs-utils/default.nix b/pkgs/os-specific/linux/nfs-utils/default.nix
index 86b0981c5fa3..63a1a0d8f966 100644
--- a/pkgs/os-specific/linux/nfs-utils/default.nix
+++ b/pkgs/os-specific/linux/nfs-utils/default.nix
@@ -45,7 +45,7 @@ stdenv.mkDerivation rec {
"--with-systemd=${placeholder "out"}/etc/systemd/system"
"--enable-libmount-mount"
"--with-pluginpath=${placeholder "lib"}/lib/libnfsidmap" # this installs libnfsidmap
- "--with-rpcgen=${rpcsvc-proto}/bin/rpcgen"
+ "--with-rpcgen=${buildPackages.rpcsvc-proto}/bin/rpcgen"
];
patches = lib.optionals stdenv.hostPlatform.isMusl [
diff --git a/pkgs/tools/admin/awscli/default.nix b/pkgs/tools/admin/awscli/default.nix
index 2a8d5ab5e72b..42ee345cbaf9 100644
--- a/pkgs/tools/admin/awscli/default.nix
+++ b/pkgs/tools/admin/awscli/default.nix
@@ -28,11 +28,11 @@ let
in with py.pkgs; buildPythonApplication rec {
pname = "awscli";
- version = "1.18.191"; # N.B: if you change this, change botocore to a matching version too
+ version = "1.18.195"; # N.B: if you change this, change botocore to a matching version too
src = fetchPypi {
inherit pname version;
- sha256 = "1zsb9w0bpbwq093ydbh4b5r3287b5l9mrdx549vsv0rspmkr0d7c";
+ sha256 = "1969rzcqj3k81k0wbvq8fpklx1z9vjh6db7i81mkbqqfkjm9pq2k";
};
postPatch = ''
diff --git a/pkgs/tools/security/gopass/default.nix b/pkgs/tools/security/gopass/default.nix
index 80a9c40ebc2e..ff855cce240c 100644
--- a/pkgs/tools/security/gopass/default.nix
+++ b/pkgs/tools/security/gopass/default.nix
@@ -46,10 +46,12 @@ buildGoModule rec {
ln -s $out/bin/gopass $out/bin/pass
'';
+ # --run to work around WONTFIX in https://github.com/gopasspw/gopass/issues/1662
postFixup = ''
for bin in $out/bin/*; do
wrapProgram $bin \
- --prefix PATH : "${wrapperPath}"
+ --prefix PATH : "${wrapperPath}" \
+ --run 'rm -f "''${XDG_CONFIG_HOME:-~/.config}/gopass/gpg-binary.loc"'
done
'';
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 932563e031db..05f5c2685fc1 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -3017,6 +3017,8 @@ in
usb-modeswitch = callPackage ../development/tools/misc/usb-modeswitch { };
usb-modeswitch-data = callPackage ../development/tools/misc/usb-modeswitch/data.nix { };
+ usbsdmux = callPackage ../development/tools/misc/usbsdmux { };
+
anthy = callPackage ../tools/inputmethods/anthy { };
evdevremapkeys = callPackage ../tools/inputmethods/evdevremapkeys { };
@@ -18380,7 +18382,7 @@ in
];
};
- linux-rt_5_9 = callPackage ../os-specific/linux/kernel/linux-rt-5.9.nix {
+ linux-rt_5_10 = callPackage ../os-specific/linux/kernel/linux-rt-5.10.nix {
kernelPatches = [
kernelPatches.bridge_stp_helper
kernelPatches.request_key_helper
@@ -18639,9 +18641,9 @@ in
# Realtime kernel packages.
linuxPackages-rt_5_4 = linuxPackagesFor pkgs.linux-rt_5_4;
linuxPackages-rt_5_6 = linuxPackagesFor pkgs.linux-rt_5_6;
- linuxPackages-rt_5_9 = linuxPackagesFor pkgs.linux-rt_5_9;
+ linuxPackages-rt_5_10 = linuxPackagesFor pkgs.linux-rt_5_10;
linuxPackages-rt = linuxPackages-rt_5_4;
- linuxPackages-rt_latest = linuxPackages-rt_5_9;
+ linuxPackages-rt_latest = linuxPackages-rt_5_10;
linux-rt = linuxPackages-rt.kernel;
linux-rt_latest = linuxPackages-rt_latest.kernel;
@@ -19276,6 +19278,11 @@ in
ubootWandboard
;
+ # Upstream Barebox:
+ inherit (callPackage ../misc/barebox {})
+ buildBarebox
+ bareboxTools;
+
uclibc = callPackage ../os-specific/linux/uclibc { };
uclibcCross = callPackage ../os-specific/linux/uclibc {