Merge remote-tracking branch 'origin/master' into systemd-219

Conflicts: pkgs/os-specific/linux/systemd/fixes.patch pkgs/os-specific/linux/upower/0.99.nix pkgs/top-level/all-packages.nix
2015-09-21 12:57:30 +02:00 · 2015-09-21 12:57:30 +02:00 · 01f19f54e0
commit 01f19f54e0
parent e70593389f 2d21e1e4ff
794 changed files with 508502 additions and 8908 deletions
--- a/doc/haskell-users-guide.xml
+++ b/doc/haskell-users-guide.xml
@ -119,7 +119,7 @@ $ nix-env -f &quot;&lt;nixpkgs&gt;&quot; -qaP -A haskell.packages.ghc763
 </programlisting>
  <para>
    The name <literal>haskellPackages</literal> is really just a synonym
-    for <literal>haskell.packages.ghc7101</literal>, because we prefer
+    for <literal>haskell.packages.ghc7102</literal>, because we prefer
    that package set internally and recommend it to our users as their
    default choice, but ultimately you are free to compile your Haskell
    packages with any GHC version you please. The following command
@ -134,7 +134,7 @@ haskell.compiler.ghc722         ghc-7.2.2
 haskell.compiler.ghc742         ghc-7.4.2
 haskell.compiler.ghc763         ghc-7.6.3
 haskell.compiler.ghc784         ghc-7.8.4
-haskell.compiler.ghc7101        ghc-7.10.1
+haskell.compiler.ghc7102        ghc-7.10.2
 haskell.compiler.ghcHEAD        ghc-7.11.20150402
 haskell.compiler.ghcNokinds     ghc-nokinds-7.11.20150704
 haskell.compiler.ghcjs          ghcjs-0.1.0
@ -167,7 +167,7 @@ $ nix-env -f &quot;&lt;nixpkgs&gt;&quot; -iA haskellPackages.ghc haskellPackages
    <para>
      Instead of the default package set
      <literal>haskellPackages</literal>, you can also use the more
-      precise name <literal>haskell.compiler.ghc7101</literal>, which
+      precise name <literal>haskell.compiler.ghc7102</literal>, which
      has the advantage that it refers to the same GHC version
      regardless of what Nixpkgs considers &quot;default&quot; at any
      given time.
@ -254,7 +254,7 @@ $ nix-shell -p haskell.compiler.ghc784 --command &quot;cabal configure&quot;
 $ nix-shell -p &quot;haskellPackages.ghcWithPackages (pkgs: [pkgs.mtl])&quot;
 [nix-shell:~]$ ghc-pkg list mtl
-/nix/store/zy79...-ghc-7.10.1/lib/ghc-7.10.1/package.conf.d:
+/nix/store/zy79...-ghc-7.10.2/lib/ghc-7.10.2/package.conf.d:
    mtl-2.2.1
 </programlisting>
    <para>
@ -266,7 +266,7 @@ $ nix-shell -p &quot;haskellPackages.ghcWithPackages (pkgs: [pkgs.mtl])&quot;
 {
  packageOverrides = super: let self = super.pkgs; in
  {
-    myHaskellEnv = self.haskell.packages.ghc7101.ghcWithPackages
+    myHaskellEnv = self.haskell.packages.ghc7102.ghcWithPackages
                     (haskellPackages: with haskellPackages; [
                       # libraries
                       arrows async cgi criterion
@ -281,7 +281,7 @@ $ nix-shell -p &quot;haskellPackages.ghcWithPackages (pkgs: [pkgs.mtl])&quot;
      <literal>nix-env -f &quot;&lt;nixpkgs&gt;&quot; -iA myHaskellEnv</literal>.
      If you'd like to switch that development environment to a
      different version of GHC, just replace the
-      <literal>ghc7101</literal> bit in the previous definition with the
+      <literal>ghc7102</literal> bit in the previous definition with the
      appropriate name. Of course, it's also possible to define any
      number of these development environments! (You can't install two
      of them into the same profile at the same time, though, because
@ -296,11 +296,11 @@ $ nix-shell -p &quot;haskellPackages.ghcWithPackages (pkgs: [pkgs.mtl])&quot;
    <programlisting>
 $ cat $(type -p ghc)
 #! /nix/store/xlxj...-bash-4.3-p33/bin/bash -e
-export NIX_GHC=/nix/store/19sm...-ghc-7.10.1/bin/ghc
+export NIX_GHC=/nix/store/19sm...-ghc-7.10.2/bin/ghc
-export NIX_GHCPKG=/nix/store/19sm...-ghc-7.10.1/bin/ghc-pkg
+export NIX_GHCPKG=/nix/store/19sm...-ghc-7.10.2/bin/ghc-pkg
-export NIX_GHC_DOCDIR=/nix/store/19sm...-ghc-7.10.1/share/doc/ghc/html
+export NIX_GHC_DOCDIR=/nix/store/19sm...-ghc-7.10.2/share/doc/ghc/html
-export NIX_GHC_LIBDIR=/nix/store/19sm...-ghc-7.10.1/lib/ghc-7.10.1
+export NIX_GHC_LIBDIR=/nix/store/19sm...-ghc-7.10.2/lib/ghc-7.10.2
-exec /nix/store/j50p...-ghc-7.10.1/bin/ghc &quot;-B$NIX_GHC_LIBDIR&quot; &quot;$@&quot;
+exec /nix/store/j50p...-ghc-7.10.2/bin/ghc &quot;-B$NIX_GHC_LIBDIR&quot; &quot;$@&quot;
 </programlisting>
    <para>
      The variables <literal>$NIX_GHC</literal>,
@ -354,6 +354,90 @@ if [ -e ~/.nix-profile/bin/ghc ]; then
 fi
 </programlisting>
  </section>
  <section xml:id="how-to-install-a-compiler-with-indexes">
    <title>How to install a compiler with libraries, hoogle and documentation indexes</title>
    <para>
      If you plan to use your environment for interactive programming,
      not just compiling random Haskell code, you might want to
      replace <literal>ghcWithPackages</literal> in all the listings
      above with <literal>ghcWithHoogle</literal>.
    </para>
    <para>
      This environment generator not only produces an environment with
      GHC and all the specified libraries, but also generates a
      <literal>hoogle</literal> and <literal>haddock</literal> indexes
      for all the packages, and provides a wrapper script around
      <literal>hoogle</literal> binary that uses all those things. A
      precise name for this thing would be
      "<literal>ghcWithPackagesAndHoogleAndDocumentationIndexes</literal>",
      which is, regrettably, too long and scary.
    </para>
    <para>
      For example, installing the following environment
    </para>
    <programlisting>
 {
  packageOverrides = super: let self = super.pkgs; in
  {
    myHaskellEnv = self.haskellPackages.ghcWithHoogle
                     (haskellPackages: with haskellPackages; [
                       # libraries
                       arrows async cgi criterion
                       # tools
                       cabal-install haskintex
                     ]);
  };
 }
 </programlisting>
    <para>
      allows one to browse module documentation index <link
      xlink:href="https://downloads.haskell.org/~ghc/latest/docs/html/libraries/index.html">not
      too dissimilar to this</link> for all the specified packages and
      their dependencies by directing a browser of choice to
      <literal>~/.nix-profiles/share/doc/hoogle/index.html</literal>
      (or
      <literal>/run/current-system/sw/share/doc/hoogle/index.html</literal>
      in case you put it in
      <literal>environment.systemPackages</literal> in NixOS).
    </para>
    <para>
      After you've marveled enough at that try adding the following to
      your <literal>~/.ghc/ghci.conf</literal>
    </para>
    <programlisting>
 :def hoogle \s -> return $ ":! hoogle search -cl --count=15 \"" ++ s ++ "\""
 :def doc \s -> return $ ":! hoogle search -cl --info \"" ++ s ++ "\""
 </programlisting>
    <para>
      and test it by typing into <literal>ghci</literal>:
    </para>
    <programlisting>
 :hoogle a -> a
 :doc a -> a
 </programlisting>
    <para>
      Be sure to note the links to <literal>haddock</literal> files in
      the output. With any modern and properly configured terminal
      emulator you can just click those links to navigate there.
    </para>
    <para>
      Finally, you can run
    </para>
    <programlisting>
 hoogle server -p 8080
 </programlisting>
    <para>
      and navigate to <link xlink:href="http://localhost:8080/"/> for
      your own local <link
      xlink:href="https://www.haskell.org/hoogle/">Hoogle</link>.
      Note, however, that Firefox and possibly other browsers disallow
      navigation from <literal>http:</literal> to
      <literal>file:</literal> URIs for security reasons, which might
      be quite an inconvenience. See <link
      xlink:href="http://kb.mozillazine.org/Links_to_local_pages_do_not_work">this
      page</link> for workarounds.
    </para>
  </section>
  <section xml:id="how-to-create-ad-hoc-environments-for-nix-shell">
    <title>How to create ad hoc environments for
    <literal>nix-shell</literal></title>
@ -371,7 +455,7 @@ nix-shell -p &quot;haskellPackages.ghcWithPackages (pkgs: with pkgs; [mtl pandoc
      <literal>shell.nix</literal> that looks like this:
    </para>
    <programlisting>
-{ nixpkgs ? import &lt;nixpkgs&gt; {}, compiler ? &quot;ghc7101&quot; }:
+{ nixpkgs ? import &lt;nixpkgs&gt; {}, compiler ? &quot;ghc7102&quot; }:
 let
  inherit (nixpkgs) pkgs;
  ghc = pkgs.haskell.packages.${compiler}.ghcWithPackages (ps: with ps; [
@ -451,7 +535,7 @@ $ cabal2nix . &gt;foo.nix
      <literal>default.nix</literal>:
    </para>
    <programlisting>
-{ nixpkgs ? import &lt;nixpkgs&gt; {}, compiler ? &quot;ghc7101&quot; }:
+{ nixpkgs ? import &lt;nixpkgs&gt; {}, compiler ? &quot;ghc7102&quot; }:
 nixpkgs.pkgs.haskell.packages.${compiler}.callPackage ./foo.nix { }
 </programlisting>
    <para>
@ -459,7 +543,7 @@ nixpkgs.pkgs.haskell.packages.${compiler}.callPackage ./foo.nix { }
      <literal>shell.nix</literal>:
    </para>
    <programlisting>
-{ nixpkgs ? import &lt;nixpkgs&gt; {}, compiler ? &quot;ghc7101&quot; }:
+{ nixpkgs ? import &lt;nixpkgs&gt; {}, compiler ? &quot;ghc7102&quot; }:
 (import ./default.nix { inherit nixpkgs compiler; }).env
 </programlisting>
    <para>
--- a/doc/stdenv.xml
+++ b/doc/stdenv.xml
@ -899,6 +899,34 @@ following:
    phase.</para></listitem>
  </varlistentry>
  <varlistentry>
    <term><varname>separateDebugInfo</varname></term>
    <listitem><para>If set to <literal>true</literal>, the standard
    environment will enable debug information in C/C++ builds. After
    installation, the debug information will be separated from the
    executables and stored in the output named
    <literal>debug</literal>. (This output is enabled automatically;
    you don’t need to set the <varname>outputs</varname> attribute
    explicitly.) To be precise, the debug information is stored in
    <filename><replaceable>debug</replaceable>/lib/debug/.build-id/<replaceable>XX</replaceable>/<replaceable>YYYY…</replaceable></filename>,
    where <replaceable>XXYYYY…</replaceable> is the <replaceable>build
    ID</replaceable> of the binary — a SHA-1 hash of the contents of
    the binary. Debuggers like GDB use the build ID to look up the
    separated debug information.</para>
    <para>For example, with GDB, you can add
 <programlisting>
 set debug-file-directory ~/.nix-profile/lib/debug
 </programlisting>
    to <filename>~/.gdbinit</filename>. GDB will then be able to find
    debug information installed via <literal>nix-env
    -i</literal>.</para>
    </listitem>
  </varlistentry>
 </variablelist>
 </section>
--- a/lib/attrsets.nix
+++ b/lib/attrsets.nix
@ -78,6 +78,26 @@ rec {
    listToAttrs (concatMap (name: let v = set.${name}; in if pred name v then [(nameValuePair name v)] else []) (attrNames set));
  /* Filter an attribute set recursivelly by removing all attributes for
     which the given predicate return false.
     Example:
       filterAttrsRecursive (n: v: v != null) { foo = { bar = null; }; }
       => { foo = {}; }
  */
  filterAttrsRecursive = pred: set:
    listToAttrs (
      concatMap (name:
        let v = set.${name}; in
        if pred name v then [
          (nameValuePair name (
            if isAttrs v then filterAttrsRecursive pred v
            else v
          ))
        ] else []
      ) (attrNames set)
    );
  /* foldAttrs: apply fold functions to values grouped by key. Eg accumulate values as list:
     foldAttrs (n: a: [n] ++ a) [] [{ a = 2; } { a = 3; }]
     => { a = [ 2 3 ]; }
--- a/lib/maintainers.nix
+++ b/lib/maintainers.nix
@ -7,6 +7,7 @@
     so it's easy to ping a package @maintainer.
  */
  a1russell = "Adam Russell <adamlr6+pub@gmail.com>";
  abaldeau = "Andreas Baldeau <andreas@baldeau.net>";
  abbradar = "Nikolay Amiantov <ab@fmap.me>";
  adev	   = "Adrien Devresse <adev@adev.name>";
@ -69,6 +70,7 @@
  cstrahan = "Charles Strahan <charles.c.strahan@gmail.com>";
  cwoac = "Oliver Matthews <oliver@codersoffortune.net>";
  DamienCassou = "Damien Cassou <damien@cassou.me>";
  davidak = "David Kleuker <post@davidak.de>";
  davidrusu = "David Rusu <davidrusu.me@gmail.com>";
  dbohdan = "Danyil Bohdan <danyil.bohdan@gmail.com>";
  DerGuteMoritz = "Moritz Heidkamp <moritz@twoticketsplease.de>";
@ -79,6 +81,7 @@
  dfoxfranke = "Daniel Fox Franke <dfoxfranke@gmail.com>";
  dmalikov = "Dmitry Malikov <malikov.d.y@gmail.com>";
  doublec = "Chris Double <chris.double@double.co.nz>";
  ebzzry = "Rommel Martinez <ebzzry@gmail.com>";
  ederoyd46 = "Matthew Brown <matt@ederoyd.co.uk>";
  eduarrrd = "Eduard Bachmakov <e.bachmakov@gmail.com>";
  edwtjo = "Edward Tjörnhammar <ed@cflags.cc>";
@ -88,6 +91,7 @@
  emery = "Emery Hemingway <emery@vfemail.net>";
  epitrochoid = "Mabry Cervin <mpcervin@uncg.edu>";
  ericbmerritt = "Eric Merritt <eric@afiniate.com>";
  erikryb = "Erik Rybakken <erik.rybakken@math.ntnu.no>";
  ertes = "Ertugrul Söylemez <ertesx@gmx.de>";
  exlevan = "Alexey Levan <exlevan@gmail.com>";
  falsifian = "James Cook <james.cook@utoronto.ca>";
@ -95,6 +99,7 @@
  fluffynukeit = "Daniel Austin <dan@fluffynukeit.com>";
  forkk = "Andrew Okin <forkk@forkk.net>";
  fpletz = "Franz Pletz <fpletz@fnordicwalking.de>";
  fridh = "Frederik Rietdijk <fridh@fridh.nl>";
  fro_ozen = "fro_ozen <fro_ozen@gmx.de>";
  ftrvxmtrx = "Siarhei Zirukin <ftrvxmtrx@gmail.com>";
  funfunctor = "Edward O'Callaghan <eocallaghan@alterapraxis.com>";
@ -104,6 +109,7 @@
  garrison = "Jim Garrison <jim@garrison.cc>";
  gavin = "Gavin Rogers <gavin@praxeology.co.uk>";
  gebner = "Gabriel Ebner <gebner@gebner.org>";
  gfxmonk = "Tim Cuthbertson <tim@gfxmonk.net>";
  giogadi = "Luis G. Torres <lgtorres42@gmail.com>";
  globin = "Robin Gloster <robin@glob.in>";
  goibhniu = "Cillian de Róiste <cillian.deroiste@gmail.com>";
@ -137,6 +143,7 @@
  jwilberding = "Jordan Wilberding <jwilberding@afiniate.com>";
  jzellner = "Jeff Zellner <jeffz@eml.cc>";
  kamilchm = "Kamil Chmielewski <kamil.chm@gmail.com>";
  khumba = "Bryan Gardiner <bog@khumba.net>";
  kkallio = "Karn Kallio <tierpluspluslists@gmail.com>";
  koral = "Koral <koral@mailoo.org>";
  kovirobi = "Kovacsics Robert <kovirobi@gmail.com>";
@ -229,6 +236,7 @@
  rszibele = "Richard Szibele <richard_szibele@hotmail.com>";
  rushmorem = "Rushmore Mushambi <rushmore@webenchanter.com>";
  rycee = "Robert Helgesson <robert@rycee.net>";
  samuelrivas = "Samuel Rivas <samuelrivas@gmail.com>";
  sander = "Sander van der Burg <s.vanderburg@tudelft.nl>";
  schmitthenner = "Fabian Schmitthenner <development@schmitthenner.eu>";
  schristo = "Scott Christopher <schristopher@konputa.com>";
--- a/lib/types.nix
+++ b/lib/types.nix
@ -6,7 +6,7 @@ with import ./attrsets.nix;
 with import ./options.nix;
 with import ./trivial.nix;
 with import ./strings.nix;
-with {inherit (import ./modules.nix) mergeDefinitions; };
+with {inherit (import ./modules.nix) mergeDefinitions filterOverrides; };
 rec {
@ -166,6 +166,23 @@ rec {
        substSubModules = m: loaOf (elemType.substSubModules m);
      };
    # List or element of ...
    loeOf = elemType: mkOptionType {
      name = "element or list of ${elemType.name}s";
      check = x: isList x || elemType.check x;
      merge = loc: defs:
        let
          defs' = filterOverrides defs;
          res = (head defs').value;
        in
        if isList res then concatLists (getValues defs')
        else if lessThan 1 (length defs') then
          throw "The option `${showOption loc}' is defined multiple times, in ${showFiles (getFiles defs)}."
        else if !isString res then
          throw "The option `${showOption loc}' does not have a string value, in ${showFiles (getFiles defs)}."
        else res;
    };
    uniq = elemType: mkOptionType {
      inherit (elemType) name check;
      merge = mergeOneOption;
--- a/maintainers/scripts/gnome-latest.sh
+++ b/maintainers/scripts/gnome-latest.sh
@ -1,95 +0,0 @@
 #!/usr/bin/env bash
 GNOME_FTP="ftp.gnome.org/pub/GNOME/sources"
 project=$1
 if [ "$project" == "--help" ]; then
  echo "Usage: $0 project [major.minor]"
  exit 0
 fi
 baseVersion=$2
 if [ -z "$project" ]; then
  echo "No project specified, exiting"
  exit 1
 fi
 # curl -l ftp://... doesn't work from my office in HSE, and I don't want to have
 # any conversations with sysadmin. Somehow lftp works.
 if [ "$FTP_CLIENT" = "lftp" ]; then
  ls_ftp() {
    lftp -c "open $1; cls"
  }
 else
  ls_ftp() {
    curl -l "$1"/
  }
 fi
 if [ -z "$baseVersion" ]; then
  echo "Looking for available versions..." >&2
  available_baseversions=( `ls_ftp ftp://${GNOME_FTP}/${project} | grep '[0-9]\.[0-9]' | sort -t. -k1,1n -k 2,2n` )
  echo -e "The following versions are available:\n ${available_baseversions[@]}" >&2
  echo -en "Choose one of them: " >&2
  read baseVersion
 fi
 FTPDIR="${GNOME_FTP}/${project}/${baseVersion}"
 #version=`curl -l ${FTPDIR}/ 2>/dev/null | grep LATEST-IS | sed -e s/LATEST-IS-//`
 # gnome's LATEST-IS is broken. Do not trust it.
 files=$(ls_ftp "${FTPDIR}")
 declare -A versions
 for f in $files; do
  case $f in
    (LATEST-IS-*|*.news|*.changes|*.sha256sum|*.diff*):
      ;;
    ($project-*.*.9*.tar.*):
      tmp=${f#$project-}
      tmp=${tmp%.tar*}
      echo "Ignored unstable version ${tmp}" >&2
      ;;
    ($project-*.tar.*):
      tmp=${f#$project-}
      tmp=${tmp%.tar*}
      versions[${tmp}]=1
      ;;
    (*):
      echo "UNKNOWN FILE $f"
      ;;
  esac
 done
 echo "Found versions ${!versions[@]}" >&2
 version=`echo ${!versions[@]} | sed -e 's/ /\n/g' | sort -t. -k1,1n -k 2,2n -k 3,3n | tail -n1`
 echo "Latest version is: ${version}" >&2
 name=${project}-${version}
 echo "Fetching .sha256 file" >&2
 curl -O http://${FTPDIR}/${name}.sha256sum
 extensions=( "xz" "bz2" "gz" )
 echo "Choosing archive extension (known are ${extensions[@]})..." >&2
 for ext in ${extensions[@]}; do
  if grep "\\.tar\\.${ext}$" ${name}.sha256sum >& /dev/null; then
    ext_pref=$ext
    sha256=$(grep "\\.tar\\.${ext}$" ${name}.sha256sum | cut -f1 -d\ )
    break
  fi
 done
 sha256=`nix-hash --to-base32 --type sha256 $sha256`
 echo "Chosen ${ext_pref}, hash is ${sha256}" >&2
 cat <<EOF
  name = "${project}-${version}";
  src = fetchurl {
    url = mirror://gnome/sources/${project}/${baseVersion}/${project}-${version}.tar.${ext_pref};
    sha256 = "${sha256}";
  };
 EOF
 rm -v ${name}.sha256sum >&2
--- a/maintainers/scripts/gnome.sh
+++ b/maintainers/scripts/gnome.sh
@ -0,0 +1,138 @@
 #!/usr/bin/env bash
 set -o pipefail
 GNOME_FTP="ftp.gnome.org/pub/GNOME/sources"
 usage() {
  echo "Usage: $0 show|update project [major.minor]" >&2
  exit 0
 }
 if [ "$#" -lt 1 ]; then
  usage
 fi
 action="$1"
 project="$2"
 majorVersion="$3"
 if [ "$action" != "show" ] && [ "$action" != "update" ]; then
  echo "Unknown action $action" >&2
  usage
 fi
 if [ -z "$project" ]; then
  echo "No project specified, exiting"
  exit 1
 fi
 # curl -l ftp://... doesn't work from my office in HSE, and I don't want to have
 # any conversations with sysadmin. Somehow lftp works.
 if [ "$FTP_CLIENT" = "lftp" ]; then
  ls_ftp() {
    lftp -c "open $1; cls"
  }
 else
  ls_ftp() {
    curl -s -l "$1"/
  }
 fi
 if [ -z "$majorVersion" ]; then
  echo "Looking for available versions..." >&2
  available_baseversions=( `ls_ftp ftp://${GNOME_FTP}/${project} | grep '[0-9]\.[0-9]' | sort -t. -k1,1n -k 2,2n` )
  if [ "$?" -ne "0" ]; then
    echo "Project $project not found" >&2
    exit 1
  fi
  echo -e "The following versions are available:\n ${available_baseversions[@]}" >&2
  echo -en "Choose one of them: " >&2
  read majorVersion
 fi
 if echo "$majorVersion" | grep -q "[0-9]\+\.[0-9]\+\.[0-9]\+"; then
 	# not a major version
 	version="$majorVersion"
 	majorVersion=$(echo "$majorVersion" | cut -d '.' -f 1,2)
 fi
 FTPDIR="${GNOME_FTP}/${project}/${majorVersion}"
 #version=`curl -l ${FTPDIR}/ 2>/dev/null | grep LATEST-IS | sed -e s/LATEST-IS-//`
 # gnome's LATEST-IS is broken. Do not trust it.
 if [ -z "$version" ]; then
 	files=$(ls_ftp "${FTPDIR}")
 	declare -A versions
 	for f in $files; do
 		case $f in
    (LATEST-IS-*|*.news|*.changes|*.sha256sum|*.diff*):
 		;;
    ($project-*.*.9*.tar.*):
 		tmp=${f#$project-}
 		tmp=${tmp%.tar*}
 		echo "Ignored unstable version ${tmp}" >&2
 		;;
    ($project-*.tar.*):
 		tmp=${f#$project-}
 		tmp=${tmp%.tar*}
 		versions[${tmp}]=1
 		;;
    (*):
 		echo "UNKNOWN FILE $f"
 		;;
 		esac
 	done
 	echo "Found versions ${!versions[@]}" >&2
 	version=`echo ${!versions[@]} | sed -e 's/ /\n/g' | sort -t. -k1,1n -k 2,2n -k 3,3n | tail -n1`
 	echo "Latest version is: ${version}" >&2
 fi
 name=${project}-${version}
 echo "Fetching .sha256 file" >&2
 sha256out=$(curl -s -f http://${FTPDIR}/${name}.sha256sum)
 if [ "$?" -ne "0" ]; then
 	echo "Version not found" >&2
 	exit 1
 fi
 extensions=( "xz" "bz2" "gz" )
 echo "Choosing archive extension (known are ${extensions[@]})..." >&2
 for ext in ${extensions[@]}; do
  if echo -e "$sha256out" | grep -q "\\.tar\\.${ext}$"; then
    ext_pref=$ext
    sha256=$(echo -e "$sha256out" | grep "\\.tar\\.${ext}$" | cut -f1 -d\ )
    break
  fi
 done
 echo "Chosen ${ext_pref}, hash is ${sha256}" >&2
 src="# Autogenerated by maintainers/scripts/gnome.sh update
 fetchurl: {
  name = \"${project}-${version}\";
  src = fetchurl {
    url = mirror://gnome/sources/${project}/${majorVersion}/${project}-${version}.tar.${ext_pref};
    sha256 = \"${sha256}\";
  };
 }"
 if [ "$action" == "update" ]; then
  # find project in nixpkgs tree
  GNOME_TOP=$(readlink -e $(dirname "${BASH_SOURCE[0]}")"/../../pkgs/desktops/gnome-3/")
  projectPath=$(find "$GNOME_TOP" -name "$project" -print)
  if [ -z "$projectPath" ]; then
    echo "Project $project not found under $GNOME_TOP"
    exit 1
  fi
  echo "Updating $projectPath/src.nix"
  echo -e "$src" > "$projectPath/src.nix"
 else
  echo -e "\n$src"
 fi
--- a/nixos/doc/manual/release-notes/rl-1509.xml
+++ b/nixos/doc/manual/release-notes/rl-1509.xml
@ -6,35 +6,48 @@
 <title>Release 15.09 (“Dingo”, 2015/09/??)</title>
-<para>In addition to numerous new and upgraded packages, this release has the following highlights:
+<para>In addition to numerous new and upgraded packages, this release
 has the following highlights:</para>
-  <itemizedlist>
+<itemizedlist>
    <listitem>
      <para>
        The Haskell packages infrastructure has been re-designed from the ground up.
        NixOS now distributes the latest version of every single package registered on
        <link xlink:href="http://hackage.haskell.org/">Hackage</link>, i.e. well over
        8000 Haskell packages. Further information and usage instructions for the
        improved infrastructure are available at <link
        xlink:href="https://nixos.org/wiki/Haskell">https://nixos.org/wiki/Haskell</link>.
        Users migrating from an earlier release will find also find helpful information
        below, in the list of backwards-incompatible changes.
      </para>
    </listitem>
-    <listitem>
+  <listitem>
-      <para>
+    <para>The Haskell packages infrastructure has been re-designed
-        Users running an SSH server who worry about the quality of their
+    from the ground up.  NixOS now distributes the latest version of
-        <literal>/etc/ssh/moduli</literal> file with respect to the <link
+    every single package registered on <link
-        xlink:href="https://stribika.github.io/2015/01/04/secure-secure-shell.html">vulnerabilities
+    xlink:href="http://hackage.haskell.org/">Hackage</link>, i.e. well
-        discovered in the Diffie-Hellman key exchange</link> can now replace OpenSSH's
+    over 8000 Haskell packages. Further information and usage
-        default version with one they generated themselves using the new
+    instructions for the improved infrastructure are available at
-        <literal>services.openssh.moduliFile</literal> option.
+    <link
-      </para>
+    xlink:href="https://nixos.org/wiki/Haskell">https://nixos.org/wiki/Haskell</link>.
-    </listitem>
+    Users migrating from an earlier release will also find helpful
-  </itemizedlist>
+    information below, in the list of backwards-incompatible changes.</para>
  </listitem>
-</para>
+  <listitem>
    <para>Nix has been updated to version 1.10, which among other
    improvements enables cryptographic signatures on binary caches for
    improved security.</para>
  </listitem>
  <listitem>
    <para>You can now keep your NixOS system up to date automatically
    by setting
 <programlisting>
 system.autoUpgrade.enable = true;
 </programlisting>
    This will cause the system to periodically check for updates in
    your current channel and run <command>nixos-rebuild</command>.</para>
  </listitem>
  <listitem>
    <para>This release is based on Glibc 2.21, GCC 4.9 and Linux
    3.18.</para>
  </listitem>
 </itemizedlist>
 <para>When upgrading from a previous release, please be aware of the
@ -50,10 +63,11 @@ and want to continue to use them, please set
 system.stateVersion = "14.12";
 </programlisting>
-(The new option <option>system.stateVersion</option> ensures that
+The new option <option>system.stateVersion</option> ensures that
 certain configuration changes that could break existing systems (such
 as the <command>sshd</command> host key setting) will maintain
-compatibility with the specified NixOS release.)</para></listitem>
+compatibility with the specified NixOS release. NixOps sets the state
 version of existing deployments automatically.</para></listitem>
 <listitem><para><command>cron</command> is no longer enabled by
 default, unless you have a non-empty
@ -72,9 +86,9 @@ false</option>.</para></listitem>
 and old <literal>steam</literal> package -- to <literal>steamOriginal</literal>.
 </para></listitem>
-<listitem><para>CMPlayer has been renamed to bomi upstream. Package <literal>cmplayer</literal>
+<listitem><para>CMPlayer has been renamed to bomi upstream. Package
-was accordingly renamed to <literal>bomi</literal>
+<literal>cmplayer</literal> was accordingly renamed to
-</para></listitem>
+<literal>bomi</literal> </para></listitem>
 <listitem><para>Atom Shell has been renamed to Electron upstream.  Package <literal>atom-shell</literal>
 was accordingly renamed to <literal>electron</literal>
@ -84,21 +98,20 @@ was accordingly renamed to <literal>electron</literal>
 which contains the latest Elm platform.</para></listitem>
 <listitem>
-  <para>
+  <para>The CUPS printing service has been updated to version
-	The CUPS printing service has been updated to version <literal>2.0.2</literal>.
+  <literal>2.0.2</literal>.  Furthermore its systemd service has been
-	Furthermore its systemd service has been renamed to <literal>cups.service</literal>.
+  renamed to <literal>cups.service</literal>.</para>
-  </para>
+
-  <para>
+  <para>Local printers are no longer shared or advertised by
-	Local printers are no longer shared or advertised by default. This behavior
+  default. This behavior can be changed by enabling
-	can be changed by enabling <literal>services.printing.defaultShared</literal>
+  <literal>services.printing.defaultShared</literal> or
-	or <literal>services.printing.browsing</literal> respectively.
+  <literal>services.printing.browsing</literal> respectively.</para>
  </para>
 </listitem>
 <listitem>
  <para>
-    The VirtualBox host and guest options have been moved/renamed more
+    The VirtualBox host and guest options have been named more
-    consistently and less confusing to be now found in
+    consistently. They can now found in
    <literal>virtualisation.virtualbox.host.*</literal> instead of
    <literal>services.virtualboxHost.*</literal> and
    <literal>virtualisation.virtualbox.guest.*</literal> instead of
@ -207,25 +220,31 @@ nix-env -f &quot;&lt;nixpkgs&gt;&quot; -iA haskellPackages.cabal-install
 </para>
 <para>The following new services were added since the last release:
 <itemizedlist>
 <listitem><para><literal>brltty</literal></para></listitem>
 <listitem><para><literal>marathon</literal></para></listitem>
 <listitem><para><literal>tvheadend</literal></para></listitem>
 </itemizedlist>
 </para>
 <para>Other notable improvements:
 <itemizedlist>
  <listitem><para>The nixos and nixpkgs channels were unified,
    so one <emphasis>can</emphasis> use <literal>nix-env -iA nixos.bash</literal>
    instead of <literal>nix-env -iA nixos.pkgs.bash</literal>.
    See <link xlink:href="https://github.com/NixOS/nixpkgs/commit/2cd7c1f198">the commit</link> for details.
  </para></listitem>
  <listitem>
    <para>
      Users running an SSH server who worry about the quality of their
      <literal>/etc/ssh/moduli</literal> file with respect to the
      <link
      xlink:href="https://stribika.github.io/2015/01/04/secure-secure-shell.html">vulnerabilities
      discovered in the Diffie-Hellman key exchange</link> can now
      replace OpenSSH's default version with one they generated
      themselves using the new
      <literal>services.openssh.moduliFile</literal> option.
      </para>
  </listitem>
 </itemizedlist>
 </para>
 </section>
--- a/nixos/doc/manual/release-notes/rl-unstable.xml
+++ b/nixos/doc/manual/release-notes/rl-unstable.xml
@ -7,21 +7,39 @@
 <title>Unstable</title>
 <para>When upgrading from a previous release, please be aware of the
-  following incompatible changes:
+following incompatible changes:</para>
 <itemizedlist>
  <listitem>
    <para><command>wmiiSnap</command> has been replaced with
    <command>wmii_hg</command>, but
    <command>services.xserver.windowManager.wmii.enable</command> has
    been updated respectively so this only affects you if you have
    explicitly installed <command>wmiiSnap</command>.
    </para>
  </listitem>
  <listitem>
    <para><command>wmiimenu</command> is removed, as it has been
    removed by the developers upstream. Use <command>wimenu</command>
    from the <command>wmii-hg</command> package.</para>
  </listitem>
  <listitem>
    <para>Gitit is no longer automatically added to the module list in
    NixOS and as such there will not be any manual entries for it. You
    will need to add an import statement to your NixOS configuration
    in order to use it, e.g.
 <programlisting><![CDATA[
 {
  imports = [ <nixos/modules/services/misc/gitit.nix> ];
 }
 ]]></programlisting>
    will include the Gitit service configuration options.</para>
  </listitem>
 </itemizedlist>
  <itemizedlist>
    <listitem><para>
        <command>wmiiSnap</command> has been replaced with
        <command>wmii_hg</command>, but
        <command>services.xserver.windowManager.wmii.enable</command>
        has been updated respectively so this only affects you if you
        have explicitly installed <command>wmiiSnap</command>.
    </para></listitem>
    <listitem><para>
        <command>wmiimenu</command> is removed, as it has been removed by
        the developers upstream. Use <command>wimenu</command> from the
        <command>wmii-hg</command> package.
    </para></listitem>
  </itemizedlist>
 </para>
 </section>
--- a/nixos/modules/config/fonts/fontconfig.nix
+++ b/nixos/modules/config/fonts/fontconfig.nix
@ -108,10 +108,8 @@ with lib;
        subpixel = {
          rgba = mkOption {
            type = types.string // {
              check = flip elem ["rgb" "bgr" "vrgb" "vbgr" "none"];
            };
            default = "rgb";
            type = types.enum ["rgb" "bgr" "vrgb" "vbgr" "none"];
            description = ''
              Subpixel order, one of <literal>none</literal>,
              <literal>rgb</literal>, <literal>bgr</literal>,
@ -120,10 +118,8 @@ with lib;
          };
          lcdfilter = mkOption {
            type = types.str // {
              check = flip elem ["none" "default" "light" "legacy"];
            };
            default = "default";
            type = types.enum ["none" "default" "light" "legacy"];
            description = ''
              FreeType LCD filter, one of <literal>none</literal>,
              <literal>default</literal>, <literal>light</literal>, or
--- a/nixos/modules/config/i18n.nix
+++ b/nixos/modules/config/i18n.nix
@ -52,6 +52,15 @@ in
        '';
      };
      consoleUseXkbConfig = mkOption {
        type = types.bool;
        default = false;
        description = ''
          If set, configure the console keymap from the xserver keyboard
          settings.
        '';
      };
      consoleKeyMap = mkOption {
        type = mkOptionType {
          name = "string or path";
@ -74,6 +83,13 @@ in
  config = {
    i18n.consoleKeyMap = with config.services.xserver;
      mkIf config.i18n.consoleUseXkbConfig
        (pkgs.runCommand "xkb-console-keymap" { preferLocalBuild = true; } ''
          '${pkgs.ckbcomp}/bin/ckbcomp' -model '${xkbModel}' -layout '${layout}' \
            -option '${xkbOptions}' -variant '${xkbVariant}' > "$out"
        '');
    environment.systemPackages =
      optional (config.i18n.supportedLocales != []) glibcLocales;
--- a/nixos/modules/config/ldap.nix
+++ b/nixos/modules/config/ldap.nix
@ -108,7 +108,7 @@ in
        extraConfig = mkOption {
          default =  "";
-          type = types.string;
+          type = types.lines;
          description = ''
            Extra configuration options that will be added verbatim at
            the end of the nslcd configuration file (nslcd.conf).
@ -120,7 +120,7 @@ in
        distinguishedName = mkOption {
          default = "";
          example = "cn=admin,dc=example,dc=com";
-          type = types.string;
+          type = types.str;
          description = ''
            The distinguished name to bind to the LDAP server with. If this
            is not specified, an anonymous bind will be done.
@ -129,7 +129,7 @@ in
        password = mkOption {
          default = "/etc/ldap/bind.password";
-          type = types.string;
+          type = types.str;
          description = ''
            The path to a file containing the credentials to use when binding
            to the LDAP server (if not binding anonymously).
@ -149,7 +149,7 @@ in
        policy = mkOption {
          default = "hard_open";
-          type = types.string;
+          type = types.enum [ "hard_open" "hard_init" "soft" ];
          description = ''
            Specifies the policy to use for reconnecting to an unavailable
            LDAP server. The default is <literal>hard_open</literal>, which
@ -168,7 +168,7 @@ in
      extraConfig = mkOption {
        default = "";
-        type = types.string;
+        type = types.lines;
        description = ''
          Extra configuration options that will be added verbatim at
          the end of the ldap configuration file (ldap.conf).
--- a/nixos/modules/config/shells-environment.nix
+++ b/nixos/modules/config/shells-environment.nix
@ -41,20 +41,7 @@ in
        strings.  The latter is concatenated, interspersed with colon
        characters.
      '';
-      type = types.attrsOf (mkOptionType {
+      type = types.attrsOf (types.loeOf types.str);
        name = "a string or a list of strings";
        merge = loc: defs:
          let
            defs' = filterOverrides defs;
            res = (head defs').value;
          in
          if isList res then concatLists (getValues defs')
          else if lessThan 1 (length defs') then
            throw "The option `${showOption loc}' is defined multiple times, in ${showFiles (getFiles defs)}."
          else if !isString res then
            throw "The option `${showOption loc}' does not have a string value, in ${showFiles (getFiles defs)}."
          else res;
      });
      apply = mapAttrs (n: v: if isList v then concatStringsSep ":" v else v);
    };
--- a/nixos/modules/config/system-environment.nix
+++ b/nixos/modules/config/system-environment.nix
@ -23,20 +23,7 @@ in
        strings.  The latter is concatenated, interspersed with colon
        characters.
      '';
-      type = types.attrsOf (mkOptionType {
+      type = types.attrsOf (types.loeOf types.str);
        name = "a string or a list of strings";
        merge = loc: defs:
          let
            defs' = filterOverrides defs;
            res = (head defs').value;
          in
          if isList res then concatLists (getValues defs')
          else if lessThan 1 (length defs') then
            throw "The option `${showOption loc}' is defined multiple times, in ${showFiles (getFiles defs)}."
          else if !isString res then
            throw "The option `${showOption loc}' does not have a string value, in ${showFiles (getFiles defs)}."
          else res;
      });
      apply = mapAttrs (n: v: if isList v then concatStringsSep ":" v else v);
    };
--- a/nixos/modules/config/system-path.nix
+++ b/nixos/modules/config/system-path.nix
@ -103,16 +103,23 @@ in
      [ "/bin"
        "/etc/xdg"
        "/info"
-        "/lib"
+        "/lib" # FIXME: remove
        #"/lib/debug/.build-id" # enables GDB to find separated debug info
        "/man"
        "/sbin"
        "/share/applications"
        "/share/desktop-directories"
        "/share/doc"
        "/share/emacs"
        "/share/icons"
        "/share/info"
        "/share/man"
        "/share/menus"
        "/share/mime"
        "/share/nano"
        "/share/org"
        "/share/terminfo"
        "/share/themes"
        "/share/vim-plugins"
      ];
--- a/nixos/modules/misc/ids.nix
+++ b/nixos/modules/misc/ids.nix
@ -229,6 +229,10 @@
      riak = 205;
      shout = 206;
      gateone = 207;
      namecoin = 208;
      dnschain = 209;
      #lxd = 210; # unused
      kibana = 211;
      # When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399!
@ -436,6 +440,10 @@
      riak = 205;
      #shout = 206; #unused
      gateone = 207;
      namecoin = 208;
      #dnschain = 209; #unused
      lxd = 210; # unused
      #kibana = 211;
      # When adding a gid, make sure it doesn't match an existing
      # uid. Users and groups with the same name should have equal
--- a/nixos/modules/module-list.nix
+++ b/nixos/modules/module-list.nix
@ -197,7 +197,7 @@
  ./services/misc/etcd.nix
  ./services/misc/felix.nix
  ./services/misc/folding-at-home.nix
-  ./services/misc/gitit.nix
+  #./services/misc/gitit.nix
  ./services/misc/gitlab.nix
  ./services/misc/gitolite.nix
  ./services/misc/gpsd.nix
@ -275,6 +275,7 @@
  ./services/networking/ddclient.nix
  ./services/networking/dhcpcd.nix
  ./services/networking/dhcpd.nix
  ./services/networking/dnschain.nix
  ./services/networking/dnscrypt-proxy.nix
  ./services/networking/dnsmasq.nix
  ./services/networking/docker-registry-server.nix
@ -303,6 +304,7 @@
  ./services/networking/minidlna.nix
  ./services/networking/mstpd.nix
  ./services/networking/murmur.nix
  ./services/networking/namecoind.nix
  ./services/networking/nat.nix
  ./services/networking/networkmanager.nix
  ./services/networking/ngircd.nix
@ -363,6 +365,7 @@
  ./services/scheduling/fcron.nix
  ./services/scheduling/marathon.nix
  ./services/search/elasticsearch.nix
  ./services/search/kibana.nix
  ./services/search/solr.nix
  ./services/security/clamav.nix
  ./services/security/fail2ban.nix
@ -372,6 +375,7 @@
  ./services/security/haveged.nix
  ./services/security/hologram.nix
  ./services/security/munge.nix
  ./services/security/physlock.nix
  ./services/security/torify.nix
  ./services/security/tor.nix
  ./services/security/torsocks.nix
@ -393,7 +397,6 @@
  ./services/web-servers/lighttpd/default.nix
  ./services/web-servers/lighttpd/gitweb.nix
  ./services/web-servers/nginx/default.nix
  ./services/web-servers/nginx/reverse_proxy.nix
  ./services/web-servers/phpfpm.nix
  ./services/web-servers/shellinabox.nix
  ./services/web-servers/tomcat.nix
@ -486,6 +489,7 @@
  ./virtualisation/docker.nix
  ./virtualisation/libvirtd.nix
  ./virtualisation/lxc.nix
  ./virtualisation/lxd.nix
  ./virtualisation/amazon-options.nix
  ./virtualisation/openvswitch.nix
  ./virtualisation/parallels-guest.nix
--- a/nixos/modules/profiles/base.nix
+++ b/nixos/modules/profiles/base.nix
@ -47,7 +47,7 @@
  ];
  # Include support for various filesystems.
-  boot.supportedFilesystems = [ "btrfs" "reiserfs" "vfat" "f2fs" "zfs" "ntfs" "cifs" ];
+  boot.supportedFilesystems = [ "btrfs" "reiserfs" "vfat" "f2fs" "xfs" "zfs" "ntfs" "cifs" ];
  # Configure host id for ZFS to work
  networking.hostId = "8425e349";
--- a/nixos/modules/programs/cdemu.nix
+++ b/nixos/modules/programs/cdemu.nix
@ -9,19 +9,28 @@ in {
    programs.cdemu = {
      enable = mkOption {
        default = false;
-        description = "Whether to enable cdemu for users of appropriate group (default cdrom)";
+        description = ''
          <command>cdemu</command> for members of
          <option>programs.cdemu.group</option>.
        '';
      };
      group = mkOption {
        default = "cdrom";
-        description = "Required group for users of cdemu";
+        description = ''
          Group that users must be in to use <command>cdemu</command>.
        '';
      };
      gui = mkOption {
        default = true;
-        description = "Whether to install cdemu GUI (gCDEmu)";
+        description = ''
          Whether to install the <command>cdemu</command> GUI (gCDEmu).
        '';
      };
      image-analyzer = mkOption {
        default = true;
-        description = "Whether to install image analyzer";
+        description = ''
          Whether to install the image analyzer.
        '';
      };
    };
  };
--- a/nixos/modules/programs/venus.nix
+++ b/nixos/modules/programs/venus.nix
@ -41,7 +41,7 @@ in
      dates = mkOption {
        default = "*:0/15";
-        type = types.string;
+        type = types.str;
        description = ''
          Specification (in the format described by
          <citerefentry><refentrytitle>systemd.time</refentrytitle>
@ -52,7 +52,7 @@ in
      user = mkOption {
        default = "root";
-        type = types.string;
+        type = types.str;
        description = ''
          User for running venus script.
        '';
@ -60,7 +60,7 @@ in
      group = mkOption {
        default = "root";
-        type = types.string;
+        type = types.str;
        description = ''
          Group for running venus script.
        '';
@ -68,7 +68,7 @@ in
      name = mkOption {
        default = "NixOS Planet";
-        type = types.string;
+        type = types.str;
        description = ''
          Your planet's name.
        '';
@ -76,7 +76,7 @@ in
      link = mkOption {
        default = "http://planet.nixos.org";
-        type = types.string;
+        type = types.str;
        description = ''
          Link to the main page.
        '';
@ -84,7 +84,7 @@ in
      ownerName = mkOption {
        default = "Rok Garbas";
-        type = types.string;
+        type = types.str;
        description = ''
          Your name.
        '';
@ -92,7 +92,7 @@ in
      ownerEmail = mkOption {
        default = "some@example.com";
-        type = types.string;
+        type = types.str;
        description = ''
          Your e-mail address.
        '';
--- a/nixos/modules/programs/wvdial.nix
+++ b/nixos/modules/programs/wvdial.nix
@ -24,7 +24,7 @@ in
      dialerDefaults = mkOption {
        default = "";
-        type = types.string;
+        type = types.str;
        example = ''Init1 = AT+CGDCONT=1,"IP","internet.t-mobile"'';
        description = ''
          Contents of the "Dialer Defaults" section of
@ -40,7 +40,7 @@ in
          persist
          noauth
        '';
-        type = types.string;
+        type = types.str;
        description = "Default ppp settings for wvdial.";
      };
--- a/nixos/modules/programs/xfs_quota.nix
+++ b/nixos/modules/programs/xfs_quota.nix
@ -32,25 +32,25 @@ in
            };
            fileSystem = mkOption {
-              type = types.string;
+              type = types.str;
              description = "XFS filesystem hosting the xfs_quota project.";
              default = "/";
            };
            path = mkOption {
-              type = types.string;
+              type = types.str;
              description = "Project directory.";
            };
            sizeSoftLimit = mkOption {
-              type = types.nullOr types.string;
+              type = types.nullOr types.str;
              default = null;
              example = "30g";
              description = "Soft limit of the project size";
            };
            sizeHardLimit = mkOption {
-              type = types.nullOr types.string;
+              type = types.nullOr types.str;
              default = null;
              example = "50g";
              description = "Hard limit of the project size.";
--- a/nixos/modules/rename.nix
+++ b/nixos/modules/rename.nix
@ -165,5 +165,6 @@ in zipModules ([]
 ++ obsolete' [ "services" "syslog-ng" "serviceName" ]
 ++ obsolete' [ "services" "syslog-ng" "listenToJournal" ]
 ++ obsolete' [ "ec2" "metadata" ]
 ++ obsolete' [ "services" "openvpn" "enable" ]
 )
--- a/nixos/modules/security/pam.nix
+++ b/nixos/modules/security/pam.nix
@ -419,7 +419,7 @@ in
    users.motd = mkOption {
      default = null;
      example = "Today is Sweetmorn, the 4th day of The Aftermath in the YOLD 3178.";
-      type = types.nullOr types.string;
+      type = types.nullOr types.lines;
      description = "Message of the day shown to users when they log in.";
    };
--- a/nixos/modules/security/prey.nix
+++ b/nixos/modules/security/prey.nix
@ -16,19 +16,28 @@ in {
        default = false;
        type = types.bool;
        description = ''
-          Enables http://preyproject.com/ bash client. Be sure to specify api and device keys.
+          Enables the <link xlink:href="http://preyproject.com/" />
-          Once setup, cronjob will run evert 15 minutes and report status.
+          shell client. Be sure to specify both API and device keys.
          Once enabled, a <command>cron</command> job will run every 15
          minutes to report status information.
        '';
      };
      deviceKey = mkOption {
-        type = types.string;
+        type = types.str;
-        description = "Device Key obtained from https://panel.preyproject.com/devices (and clicking on the device)";
+        description = ''
          <literal>Device key</literal> obtained by visiting
          <link xlink:href="https://panel.preyproject.com/devices" />
          and clicking on your device.
        '';
      };
      apiKey = mkOption {
-        type = types.string;
+        type = types.str;
-        description = "API key obtained from https://panel.preyproject.com/profile";
+        description = ''
          <literal>API key</literal> obtained from
          <link xlink:href="https://panel.preyproject.com/profile" />.
        '';
      };
    };
--- a/nixos/modules/services/backup/bacula.nix
+++ b/nixos/modules/services/backup/bacula.nix
@ -169,14 +169,17 @@ in {
        type = types.bool;
        default = false;
        description = ''
-          Whether to enable Bacula File Daemon.
+          Whether to enable the Bacula File Daemon.
        '';
      };
      name = mkOption {
        default = "${config.networking.hostName}-fd";
        description = ''
-        	The client name that must be used by the Director when connecting. Generally, it is a good idea to use a name related to the machine so that error messages can be easily identified if you have multiple Clients. This directive is required.
+          The client name that must be used by the Director when connecting.
          Generally, it is a good idea to use a name related to the machine
          so that error messages can be easily identified if you have multiple
          Clients. This directive is required.
        '';
      };
@ -184,7 +187,9 @@ in {
        default = 9102;
        type = types.int;
        description = ''
-        	This specifies the port number on which the Client listens for Director connections. It must agree with the FDPort specified in the Client resource of the Director's configuration file. The default is 9102.
+          This specifies the port number on which the Client listens for
          Director connections. It must agree with the FDPort specified in
          the Client resource of the Director's configuration file.
        '';
      };
@ -202,7 +207,7 @@ in {
        description = ''
          Extra configuration to be passed in Client directive.
        '';
-        example = ''
+        example = literalExample ''
          Maximum Concurrent Jobs = 20;
          Heartbeat Interval = 30;
        '';
@ -213,7 +218,7 @@ in {
        description = ''
          Extra configuration to be passed in Messages directive.
        '';
-        example = ''
+        example = literalExample ''
          console = all
        '';
      };
--- a/nixos/modules/services/backup/sitecopy-backup.nix
+++ b/nixos/modules/services/backup/sitecopy-backup.nix
@ -21,15 +21,16 @@ in
      enable = mkOption {
        default = false;
        description = ''
-          Whether to enable sitecopy backups of specified directories.
+          Whether to enable <command>sitecopy</command> backups of specified
          directories.
        '';
      };
      period = mkOption {
        default = "15 04 * * *";
        description = ''
-          This option defines (in the format used by cron) when the
+          This option defines (in the format used by <command>cron</command>)
-          sitecopy backup are being run.
+          when the <command>sitecopy</command> backups are to be run.
          The default is to update at 04:15 (at night) every day.
        '';
      };
@ -47,9 +48,10 @@ in
        ];
        default = [];
        description = ''
-           List of attributesets describing the backups.
+           List of attribute sets describing the backups.
-           Username/password are extracted from <filename>${stateDir}/sitecopy.secrets</filename> at activation
+           Username/password are extracted from
           <filename>${stateDir}/sitecopy.secrets</filename> at activation
           time. The secrets file lines should have the following structure:
           <screen>
             server username password
--- a/nixos/modules/services/cluster/kubernetes.nix
+++ b/nixos/modules/services/cluster/kubernetes.nix
@ -73,7 +73,7 @@ in {
      };
      port = mkOption {
-        description = "Kubernets apiserver listening port.";
+        description = "Kubernetes apiserver listening port.";
        default = 8080;
        type = types.int;
      };
@ -211,7 +211,7 @@ in {
      };
      port = mkOption {
-        description = "Kubernets scheduler listening port.";
+        description = "Kubernetes scheduler listening port.";
        default = 10251;
        type = types.int;
      };
@ -243,7 +243,7 @@ in {
      };
      port = mkOption {
-        description = "Kubernets controller manager listening port.";
+        description = "Kubernetes controller manager listening port.";
        default = 10252;
        type = types.int;
      };
@ -299,7 +299,7 @@ in {
      };
      port = mkOption {
-        description = "Kubernets kubelet info server listening port.";
+        description = "Kubernetes kubelet info server listening port.";
        default = 10250;
        type = types.int;
      };
--- a/nixos/modules/services/databases/mysql.nix
+++ b/nixos/modules/services/databases/mysql.nix
@ -167,6 +167,12 @@ in
        unitConfig.RequiresMountsFor = "${cfg.dataDir}";
        path = [
          # Needed for the mysql_install_db command in the preStart script
          # which calls the hostname command.
          pkgs.nettools
        ];
        preStart =
          ''
            if ! test -e ${cfg.dataDir}/mysql; then
--- a/nixos/modules/services/hardware/brltty.nix
+++ b/nixos/modules/services/hardware/brltty.nix
@ -4,10 +4,6 @@ with lib;
 let
  cfg = config.services.brltty;
  stateDir = "/run/brltty";
  pidFile = "${stateDir}/brltty.pid";
 in {
@ -24,14 +20,24 @@ in {
  config = mkIf cfg.enable {
    systemd.services.brltty = {
-      description = "Braille console driver";
+      description = "Braille Device Support";
-      preStart = ''
+      unitConfig = {
-        mkdir -p ${stateDir}
+        Documentation = "http://mielke.cc/brltty/";
-      '';
+        DefaultDependencies = "no";
        RequiresMountsFor = "${pkgs.brltty}/var/lib/brltty";
      };
      serviceConfig = {
-        ExecStart = "${pkgs.brltty}/bin/brltty --pid-file=${pidFile}";
+        ExecStart = "${pkgs.brltty}/bin/brltty --no-daemon";
-        Type = "forking";
+        Type = "simple";        # Change to notidy after next releae
-        PIDFile = pidFile;
+        TimeoutStartSec = 5;
        TimeoutStopSec = 10;
        Restart = "always";
        RestartSec = 30;
        Nice = -10;
        OOMScoreAdjust = -900;
        ProtectHome = "read-only";
        ProtectSystem = "full";
        SystemCallArchitectures = "native";
      };
      before = [ "sysinit.target" ];
      wantedBy = [ "sysinit.target" ];
--- a/nixos/modules/services/hardware/freefall.nix
+++ b/nixos/modules/services/hardware/freefall.nix
@ -2,40 +2,42 @@
 with lib;
-{
+let
-  ###### interface
+  cfg = config.services.freefall;
-  options = with types; {
+in {
-    services.freefall = {
+  options.services.freefall = {
-      enable = mkOption {
+    enable = mkOption {
-        default = false;
+      type = types.bool;
-        description = ''
+      default = false;
-          Whether to protect HP/Dell laptop hard drives (not SSDs) in free fall.
+      description = ''
-        '';
+        Whether to protect HP/Dell laptop hard drives (not SSDs) in free fall.
-        type = bool;
+      '';
-      };
+    };
-      devices = mkOption {
+    package = mkOption {
-        default = [ "/dev/sda" ];
+      type = types.package;
-        description = ''
+      default = pkgs.freefall;
-          Device paths to all internal spinning hard drives.
+      description = ''
-        '';
+        freefall derivation to use.
-        type = listOf string;
+      '';
-      };
+    };
    devices = mkOption {
      type = types.listOf types.string;
      default = [ "/dev/sda" ];
      description = ''
        Device paths to all internal spinning hard drives.
      '';
    };
  };
  ###### implementation
  config = let
    cfg = config.services.freefall;
    mkService = dev:
      assert dev != "";
      let dev' = utils.escapeSystemdPath dev; in
@ -43,12 +45,8 @@ with lib;
        description = "Free-fall protection for ${dev}";
        after = [ "${dev'}.device" ];
        wantedBy = [ "${dev'}.device" ];
        path = [ pkgs.freefall ];
        unitConfig = {
          DefaultDependencies = false;
        };
        serviceConfig = {
-          ExecStart = "${pkgs.freefall}/bin/freefall ${dev}";
+          ExecStart = "${cfg.package}/bin/freefall ${dev}";
          Restart = "on-failure";
          Type = "forking";
        };
@ -56,9 +54,9 @@ with lib;
  in mkIf cfg.enable {
-    environment.systemPackages = [ pkgs.freefall ];
+    environment.systemPackages = [ cfg.package ];
-    systemd.services = listToAttrs (map mkService cfg.devices);
+    systemd.services = builtins.listToAttrs (map mkService cfg.devices);
  };
--- a/nixos/modules/services/hardware/udev.nix
+++ b/nixos/modules/services/hardware/udev.nix
@ -180,9 +180,7 @@ in
        firmware to function).  If multiple packages contain firmware
        files with the same name, the first package in the list takes
        precedence.  Note that you must rebuild your system if you add
-        files to any of these directories.  For quick testing,
+        files to any of these directories.
        put firmware files in <filename>/root/test-firmware</filename>
        and add that directory to the list.
      '';
      apply = list: pkgs.buildEnv {
        name = "firmware";
--- a/nixos/modules/services/logging/logstash.nix
+++ b/nixos/modules/services/logging/logstash.nix
@ -132,6 +132,7 @@ in
      description = "Logstash Daemon";
      wantedBy = [ "multi-user.target" ];
      environment = { JAVA_HOME = jre; };
      path = [ pkgs.bash ];
      serviceConfig = {
        ExecStart =
          "${cfg.package}/bin/logstash agent " +
--- a/nixos/modules/services/mail/mlmmj.nix
+++ b/nixos/modules/services/mail/mlmmj.nix
@ -14,7 +14,7 @@ let
  alias = domain: list: "${list}: \"|${pkgs.mlmmj}/bin/mlmmj-receive -L ${listDir domain list}/\"";
  subjectPrefix = list: "[${list}]";
  listAddress = domain: list: "${list}@${domain}";
-  customHeaders = list: domain: [ "List-Id: ${list}" "Reply-To: ${list}@${domain}" ];
+  customHeaders = domain: list: [ "List-Id: ${list}" "Reply-To: ${list}@${domain}" ];
  footer = domain: list: "To unsubscribe send a mail to ${list}+unsubscribe@${domain}";
  createList = d: l: ''
    ${pkgs.coreutils}/bin/mkdir -p ${listCtl d l}
@ -90,14 +90,15 @@ in
      enable = true;
      recipientDelimiter= "+";
      extraMasterConf = ''
-        mlmmj unix - n n - - pipe flags=ORhu user=mlmmj argv=${pkgs.mlmmj}/bin/mlmmj-receive -F -L ${spoolDir}/$nextHop
+        mlmmj unix - n n - - pipe flags=ORhu user=mlmmj argv=${pkgs.mlmmj}/bin/mlmmj-receive -F -L ${spoolDir}/$nexthop
      '';
      extraAliases = concatMapStrings (alias cfg.listDomain) cfg.mailLists;
      extraConfig = ''
-        transport = hash:${stateDir}/transports
+        transport_maps = hash:${stateDir}/transports
-        virtual = hash:${stateDir}/virtuals
+        virtual_alias_maps = hash:${stateDir}/virtuals
        propagate_unmatched_extensions = virtual
      '';
    };
@ -108,9 +109,10 @@ in
          ${pkgs.coreutils}/bin/chown -R ${cfg.user}:${cfg.group} ${spoolDir}
          ${lib.concatMapStrings (createList cfg.listDomain) cfg.mailLists}
          echo ${lib.concatMapStrings (virtual cfg.listDomain) cfg.mailLists} > ${stateDir}/virtuals
-          echo ${cfg.listDomain} mailman: > ${stateDir}/transports
+          echo ${lib.concatMapStrings (transport cfg.listDomain) cfg.mailLists} > ${stateDir}/transports
-          echo ${lib.concatMapStrings (transport cfg.listDomain) cfg.mailLists} >> ${stateDir}/transports
+          ${pkgs.postfix}/bin/postmap ${stateDir}/virtuals
-    '';
+          ${pkgs.postfix}/bin/postmap ${stateDir}/transports
      '';
    systemd.services."mlmmj-maintd" = {
      description = "mlmmj maintenance daemon";
--- a/nixos/modules/services/misc/gitit.nix
+++ b/nixos/modules/services/misc/gitit.nix
@ -35,6 +35,7 @@ let
      };
      haskellPackages = mkOption {
        default = pkgs.haskellPackages;
        defaultText = "pkgs.haskellPackages";
        example = literalExample "pkgs.haskell.packages.ghc784";
        description = "haskellPackages used to build gitit and plugins.";
@ -99,7 +100,7 @@ let
      };
      authenticationMethod = mkOption {
-        type = types.enum [ "form" "http" "generic"];
+        type = types.enum [ "form" "http" "generic" "github" ];
        default = "form";
        description = ''
          'form' means that users will be logged in and registered using forms
@ -137,6 +138,7 @@ let
      staticDir = mkOption {
        type = types.path;
        default = gititShared + "/data/static";
        description = ''
          Specifies the path of the static directory (containing javascript,
          css, and images).  If it does not exist, gitit will create it and
@ -207,6 +209,7 @@ let
      templatesDir = mkOption {
        type = types.path;
        default = gititShared + "/data/templates";
        description = ''
          Specifies the path of the directory containing page templates.  If it
          does not exist, gitit will create it with default templates.  Users
@ -288,6 +291,7 @@ let
      plugins = mkOption {
        type = with types; listOf str;
        default = [ (gititShared + "/plugins/Dot.hs") ];
        description = ''
          Specifies a list of plugins to load. Plugins may be specified either
          by their path or by their module name. If the plugin name starts
@ -537,6 +541,42 @@ video/x-ms-wmx  wmx
          through xss-sanitize.  Set to no only if you trust all of your users.
        '';
      };
      oauthClientId = mkOption {
        type = with types; nullOr str;
        default = null;
        description = "OAuth client ID";
      };
      oauthClientSecret = mkOption {
        type = with types; nullOr str;
        default = null;
        description = "OAuth client secret";
      };
      oauthCallback = mkOption {
        type = with types; nullOr str;
        default = null;
        description = "OAuth callback URL";
      };
      oauthAuthorizeEndpoint = mkOption {
        type = with types; nullOr str;
        default = null;
        description = "OAuth authorize endpoint";
      };
      oauthAccessTokenEndpoint = mkOption {
        type = with types; nullOr str;
        default = null;
        description = "OAuth access token endpoint";
      };
      githubOrg = mkOption {
        type = with types; nullOr str;
        default = null;
        description = "Github organization";
      };
  };
  configFile = pkgs.writeText "gitit.conf" ''
@ -587,6 +627,14 @@ video/x-ms-wmx  wmx
    pdf-export: ${toYesNo cfg.pdfExport}
    pandoc-user-data: ${toString cfg.pandocUserData}
    xss-sanitize: ${toYesNo cfg.xssSanitize}
    [Github]
    oauthclientid: ${toString cfg.oauthClientId}
    oauthclientsecret: ${toString cfg.oauthClientSecret}
    oauthcallback: ${toString cfg.oauthCallback}
    oauthauthorizeendpoint: ${toString cfg.oauthAuthorizeEndpoint}
    oauthaccesstokenendpoint: ${toString cfg.oauthAccessTokenEndpoint}
    github-org: ${toString cfg.githubOrg}
  '';
 in
@ -597,13 +645,6 @@ in
  config = mkIf cfg.enable {
    services.gitit = {
      haskellPackages = mkDefault pkgs.haskellPackages;
      staticDir = gititShared + "/data/static";
      templatesDir = gititShared + "/data/templates";
      plugins = [ ];
    };
    users.extraUsers.gitit = {
      group = config.users.extraGroups.gitit.name;
      description = "Gitit user";
@ -681,4 +722,3 @@ NAMED
    };
  };
 }
--- a/nixos/modules/services/misc/nix-gc.nix
+++ b/nixos/modules/services/misc/nix-gc.nix
@ -52,7 +52,7 @@ in
    systemd.services.nix-gc =
      { description = "Nix Garbage Collector";
-        script = "exec ${config.nix.package}/bin/nix-store --gc ${cfg.options}";
+        script = "exec ${config.nix.package}/bin/nix-collect-garbage ${cfg.options}";
        startAt = optionalString cfg.automatic cfg.dates;
      };
--- a/nixos/modules/services/monitoring/bosun.nix
+++ b/nixos/modules/services/monitoring/bosun.nix
@ -30,6 +30,7 @@ in {
      package = mkOption {
        type = types.package;
        default = pkgs.bosun;
        example = literalExample "pkgs.bosun";
        description = ''
          bosun binary to use.
@ -95,8 +96,6 @@ in {
  config = mkIf cfg.enable {
    services.bosun.package = mkDefault pkgs.bosun; 
    systemd.services.bosun = {
      description = "bosun metrics collector (part of Bosun)";
      wantedBy = [ "multi-user.target" ];
--- a/nixos/modules/services/monitoring/grafana.nix
+++ b/nixos/modules/services/monitoring/grafana.nix
@ -206,7 +206,7 @@ in {
    package = mkOption {
      description = "Package to use.";
-      default = pkgs.grafana-backend;
+      default = pkgs.grafana;
      type = types.package;
    };
--- a/nixos/modules/services/monitoring/smartd.nix
+++ b/nixos/modules/services/monitoring/smartd.nix
@ -119,7 +119,7 @@ in
          recipient = mkOption {
            default = "root";
-            type = types.string;
+            type = types.str;
            description = "Recipient of the notification messages.";
          };
@ -153,7 +153,7 @@ in
          display = mkOption {
            default = ":${toString config.services.xserver.display}";
-            type = types.string;
+            type = types.str;
            description = "DISPLAY to send X11 notifications to.";
          };
        };
--- a/nixos/modules/services/network-filesystems/samba.nix
+++ b/nixos/modules/services/network-filesystems/samba.nix
@ -97,8 +97,8 @@ in
        description = ''
          Enabling this will add a line directly after pam_unix.so.
          Whenever a password is changed the samba password will be updated as well.
-          However you still yave to add the samba password once using smbpasswd -a user
+          However, you still have to add the samba password once, using smbpasswd -a user.
-          If you don't want to maintain an extra pwd database you still can send plain text
+          If you don't want to maintain an extra password database, you still can send plain text
          passwords which is not secure.
        '';
      };
--- a/nixos/modules/services/networking/bitlbee.nix
+++ b/nixos/modules/services/networking/bitlbee.nix
@ -16,11 +16,12 @@ let
    ''
    [settings]
    RunMode = Daemon
-    User = bitlbee  
+    User = bitlbee
    ConfigDir = ${cfg.configDir}
    DaemonInterface = ${cfg.interface}
    DaemonPort = ${toString cfg.portNumber}
    AuthMode = ${cfg.authMode}
    Plugindir = ${pkgs.bitlbee-plugins cfg.plugins}/lib/bitlbee
    ${lib.optionalString (cfg.hostName != "") "HostName = ${cfg.hostName}"}
    ${lib.optionalString (cfg.protocols != "") "Protocols = ${cfg.protocols}"}
    ${cfg.extraSettings}
@ -72,7 +73,7 @@ in
            Open -- Accept connections from anyone, use NickServ for user authentication.
            Closed -- Require authorization (using the PASS command during login) before allowing the user to connect at all.
            Registered -- Only allow registered users to use this server; this disables the register- and the account command until the user identifies himself.
-        ''; 
+        '';
      };
      hostName = mkOption {
@ -85,6 +86,15 @@ in
        '';
      };
      plugins = mkOption {
        type = types.listOf types.package;
        default = [];
        example = literalExample "[ pkgs.bitlbee-facebook ]";
        description = ''
          The list of bitlbee plugins to install.
        '';
      };
      configDir = mkOption {
        default = "/var/lib/bitlbee";
        type = types.path;
@ -107,14 +117,14 @@ in
        default = "";
        description = ''
          Will be inserted in the Settings section of the config file.
-        ''; 
+        '';
      };
      extraDefaults = mkOption {
        default = "";
        description = ''
          Will be inserted in the Default section of the config file.
-        ''; 
+        '';
      };
    };
@ -138,7 +148,7 @@ in
        gid = config.ids.gids.bitlbee;
      };
-    systemd.services.bitlbee = 
+    systemd.services.bitlbee =
      { description = "BitlBee IRC to other chat networks gateway";
        after = [ "network.target" ];
        wantedBy = [ "multi-user.target" ];
--- a/nixos/modules/services/networking/connman.nix
+++ b/nixos/modules/services/networking/connman.nix
@ -5,7 +5,12 @@ with lib;
 let
  cfg = config.networking.connman;
  configFile = pkgs.writeText "connman.conf" ''
    [General]
    NetworkInterfaceBlacklist=${concatStringsSep "," cfg.networkInterfaceBlacklist}
    ${cfg.extraConfig}
  '';
 in {
  ###### interface
@ -22,6 +27,23 @@ in {
        '';
      };
      extraConfig = mkOption {
        type = types.lines;
        default = ''
        '';
        description = ''
          Configuration lines appended to the generated connman configuration file.
        '';
      };
      networkInterfaceBlacklist = mkOption {
        type = with types; listOf string;
        default = [ "vmnet" "vboxnet" "virbr" "ifb" "ve" ];
        description = ''
          Default blacklisted interfaces, this includes NixOS containers interfaces (ve).
        '';
      };
    };
  };
@ -51,7 +73,7 @@ in {
        Type = "dbus";
        BusName = "net.connman";
        Restart = "on-failure";
-        ExecStart = "${pkgs.connman}/sbin/connmand --nodaemon";
+        ExecStart = "${pkgs.connman}/sbin/connmand --config=${configFile} --nodaemon";
        StandardOutput = "null";
      };
    };
--- a/nixos/modules/services/networking/dnschain.nix
+++ b/nixos/modules/services/networking/dnschain.nix
@ -0,0 +1,110 @@
 { config, lib, pkgs, ... }:
 with lib;
 let
  cfg = config.services;
  dnschainConf = pkgs.writeText "dnschain.conf" ''
    [log]
    level=info
    [dns]
    host = 127.0.0.1
    port = 5333
    oldDNSMethod = NO_OLD_DNS
    # TODO: check what that address is acutally used for
    externalIP = 127.0.0.1
    [http]
    host = 127.0.0.1
    port=8088
    tlsPort=4443
  '';
 in
 {
  ###### interface
  options = {
    services.dnschain = {
      enable = mkOption {
        type = types.bool;
        default = false;
        description = ''
          Whether to run dnschain. That implies running
          namecoind as well, so make sure to configure
          it appropriately.
        '';
      };
    };
    services.dnsmasq = {
      resolveDnschainQueries = mkOption {
        type = types.bool;
        default = false;
        description = ''
          Resolve <literal>.bit</literal> top-level domains
          with dnschain and namecoind.
        '';
      };
    };
  };
  ###### implementation
  config = mkIf cfg.dnschain.enable {
    services.namecoind.enable = true;
    services.dnsmasq.servers = optionals cfg.dnsmasq.resolveDnschainQueries [ "/.bit/127.0.0.1#5333" ];
    users.extraUsers = singleton
      { name = "dnschain";
        uid = config.ids.uids.dnschain;
        extraGroups = [ "namecoin" ];
        description = "Dnschain daemon user";
        home = "/var/lib/dnschain";
        createHome = true;
      };
    systemd.services.dnschain = {
        description = "Dnschain Daemon";
        after = [ "namecoind.target" ];
        wantedBy = [ "multi-user.target" ];
        path = [ pkgs.openssl ];
        preStart = ''
          # Link configuration file into dnschain HOME directory
          if [ "$(${pkgs.coreutils}/bin/realpath /var/lib/dnschain/.dnschain.conf)" != "${dnschainConf}" ]; then
              rm -rf /var/lib/dnschain/.dnschain.conf
              ln -s ${dnschainConf} /var/lib/dnschain/.dnschain.conf
          fi
          # Create empty namecoin.conf so that dnschain is not
          # searching for /etc/namecoin/namecoin.conf
          if [ ! -e /var/lib/dnschain/.namecoin/namecoin.conf ]; then
              mkdir -p /var/lib/dnschain/.namecoin
              touch /var/lib/dnschain/.namecoin/namecoin.conf
          fi
        '';
        serviceConfig = {
          Type = "simple";
          User = "dnschain";
          EnvironmentFile = config.services.namecoind.userFile;
          ExecStart = "${pkgs.dnschain}/bin/dnschain --rpcuser=\${USER} --rpcpassword=\${PASSWORD} --rpcport=8336";
          ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
          ExecStop = "${pkgs.coreutils}/bin/kill -KILL $MAINPID";
        };
    };
  };
 }
--- a/nixos/modules/services/networking/dnsmasq.nix
+++ b/nixos/modules/services/networking/dnsmasq.nix
@ -96,7 +96,7 @@ in
          Type = "dbus";
          BusName = "uk.org.thekelleys.dnsmasq";
          ExecStart = "${dnsmasq}/bin/dnsmasq -k --enable-dbus --user=dnsmasq -C ${dnsmasqConf}";
-          ExecReload = "${dnsmasq}/bin/kill -HUP $MAINPID";
+          ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
        };
        restartTriggers = [ config.environment.etc.hosts.source ];
    };
--- a/nixos/modules/services/networking/namecoind.nix
+++ b/nixos/modules/services/networking/namecoind.nix
@ -0,0 +1,150 @@
 { config, lib, pkgs, ... }:
 with lib;
 let
  cfg = config.services.namecoind;
  namecoinConf =
  let
    useSSL = (cfg.rpcCertificate != null) && (cfg.rpcKey != null);
  in
  pkgs.writeText "namecoin.conf" ''
    server=1
    daemon=0
    rpcallowip=127.0.0.1
    walletpath=${cfg.wallet}
    gen=${if cfg.generate then "1" else "0"}
    rpcssl=${if useSSL then "1" else "0"}
    ${optionalString useSSL "rpcsslcertificatechainfile=${cfg.rpcCertificate}"}
    ${optionalString useSSL "rpcsslprivatekeyfile=${cfg.rpcKey}"}
    ${optionalString useSSL "rpcsslciphers=TLSv1.2+HIGH:TLSv1+HIGH:!SSLv2:!aNULL:!eNULL:!3DES:@STRENGTH"}
    txindex=1
    txprevcache=1
  '';
 in
 {
  ###### interface
  options = {
    services.namecoind = {
      enable = mkOption {
        type = types.bool;
        default = false;
        description = ''
          Whether to run namecoind.
        '';
      };
      wallet = mkOption {
        type = types.path;
        example = "/etc/namecoin/wallet.dat";
        description = ''
          Wallet file. The ownership of the file has to be
          namecoin:namecoin, and the permissions must be 0640.
        '';
      };
      userFile = mkOption {
        type = types.nullOr types.path;
        default = null;
        example = "/etc/namecoin/user";
        description = ''
          File containing the user name and user password to
          authenticate RPC connections to namecoind.
          The content of the file is of the form:
          <literal>
          USER=namecoin
          PASSWORD=secret
          </literal>
          The ownership of the file has to be namecoin:namecoin,
          and the permissions must be 0640.
        '';
      };
      generate = mkOption {
        type = types.bool;
        default = false;
        description = ''
          Whether to generate (mine) Namecoins.
        '';
      };
      rpcCertificate = mkOption {
        type = types.nullOr types.path;
        default = null;
        example = "/etc/namecoin/server.cert";
        description = ''
          Certificate file for securing RPC connections.
        '';
      };
      rpcKey = mkOption {
        type = types.nullOr types.path;
        default = null;
        example = "/etc/namecoin/server.pem";
        description = ''
          Key file for securing RPC connections.
        '';
      };
    };
  };
  ###### implementation
  config = mkIf cfg.enable {
    users.extraUsers = singleton
      { name = "namecoin";
        uid = config.ids.uids.namecoin;
        description = "Namecoin daemon user";
        home = "/var/lib/namecoin";
        createHome = true;
      };
    users.extraGroups = singleton
      { name = "namecoin";
        gid = config.ids.gids.namecoin;
      };
    systemd.services.namecoind = {
        description = "Namecoind Daemon";
        after = [ "network.target" ];
        wantedBy = [ "multi-user.target" ];
        preStart = ''
          if [  "$(stat --printf '%u' ${cfg.userFile})" != "${toString config.ids.uids.namecoin}" \
             -o "$(stat --printf '%g' ${cfg.userFile})" != "${toString config.ids.gids.namecoin}" \
             -o "$(stat --printf '%a' ${cfg.userFile})" != "640" ]; then
             echo "ERROR: bad ownership or rights on ${cfg.userFile}" >&2
             exit 1
          fi
          if [  "$(stat --printf '%u' ${cfg.wallet})" != "${toString config.ids.uids.namecoin}" \
             -o "$(stat --printf '%g' ${cfg.wallet})" != "${toString config.ids.gids.namecoin}" \
             -o "$(stat --printf '%a' ${cfg.wallet})" != "640" ]; then
             echo "ERROR: bad ownership or rights on ${cfg.wallet}" >&2
             exit 1
          fi
        '';
        serviceConfig = {
          Type = "simple";
          User = "namecoin";
          EnvironmentFile = cfg.userFile;
          ExecStart = "${pkgs.altcoins.namecoind}/bin/namecoind -conf=${namecoinConf} -rpcuser=\${USER} -rpcpassword=\${PASSWORD} -printtoconsole";
          ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
          ExecStop = "${pkgs.coreutils}/bin/kill -KILL $MAINPID";
          StandardOutput = "null";
          Nice = "10";
        };
    };
  };
 }
--- a/nixos/modules/services/networking/ntpd.nix
+++ b/nixos/modules/services/networking/ntpd.nix
@ -6,6 +6,8 @@ let
  inherit (pkgs) ntp;
  cfg = config.services.ntp;
  stateDir = "/var/lib/ntp";
  ntpUser = "ntp";
@ -16,10 +18,10 @@ let
    restrict 127.0.0.1
    restrict -6 ::1
-    ${toString (map (server: "server " + server + " iburst\n") config.services.ntp.servers)}
+    ${toString (map (server: "server " + server + " iburst\n") cfg.servers)}
  '';
-  ntpFlags = "-c ${configFile} -u ${ntpUser}:nogroup";
+  ntpFlags = "-c ${configFile} -u ${ntpUser}:nogroup ${toString cfg.extraFlags}";
 in
@ -51,6 +53,12 @@ in
        '';
      };
      extraFlags = mkOption {
        type = types.listOf types.str;
        description = "Extra flags passed to the ntpd command.";
        default = [];
      };
    };
  };
--- a/nixos/modules/services/networking/oidentd.nix
+++ b/nixos/modules/services/networking/oidentd.nix
@ -28,7 +28,9 @@ with lib;
    jobs.oidentd =
      { startOn = "started network-interfaces";
        daemonType = "fork";
-        exec = "${pkgs.oidentd}/sbin/oidentd -u oidentd -g nogroup";
+        exec = "${pkgs.oidentd}/sbin/oidentd -u oidentd -g nogroup" +
          optionalString config.networking.enableIPv6 " -a ::"
        ;
      };
    users.extraUsers.oidentd = {
--- a/nixos/modules/services/networking/openvpn.nix
+++ b/nixos/modules/services/networking/openvpn.nix
@ -67,12 +67,6 @@ in
  options = {
    /* !!! Obsolete. */
    services.openvpn.enable = mkOption {
      default = true;
      description = "Whether to enable OpenVPN.";
    };
    services.openvpn.servers = mkOption {
      default = {};
--- a/nixos/modules/services/search/elasticsearch.nix
+++ b/nixos/modules/services/search/elasticsearch.nix
@ -37,6 +37,12 @@ in {
      type = types.bool;
    };
    package = mkOption {
      description = "Elasticsearch package to use.";
      default = pkgs.elasticsearch;
      type = types.package;
    };
    host = mkOption {
      description = "Elasticsearch listen address.";
      default = "127.0.0.1";
@ -123,7 +129,7 @@ in {
      after = [ "network-interfaces.target" ];
      environment = { ES_HOME = cfg.dataDir; };
      serviceConfig = {
-        ExecStart = "${pkgs.elasticsearch}/bin/elasticsearch -Des.path.conf=${configDir} ${toString cfg.extraCmdLineOptions}";
+        ExecStart = "${cfg.package}/bin/elasticsearch -Des.path.conf=${configDir} ${toString cfg.extraCmdLineOptions}";
        User = "elasticsearch";
        PermissionsStartOnly = true;
      };
@ -142,7 +148,7 @@ in {
      '';
    };
-    environment.systemPackages = [ pkgs.elasticsearch ];
+    environment.systemPackages = [ cfg.package ];
    users.extraUsers = singleton {
      name = "elasticsearch";
--- a/nixos/modules/services/search/kibana.nix
+++ b/nixos/modules/services/search/kibana.nix
@ -0,0 +1,168 @@
 { config, lib, pkgs, ... }:
 with lib;
 let
  cfg = config.services.kibana;
  cfgFile = pkgs.writeText "kibana.json" (builtins.toJSON (
    (filterAttrsRecursive (n: v: v != null) ({
      server = {
        host = cfg.host;
        port = cfg.port;
        ssl = {
          cert = cfg.cert;
          key = cfg.key;
        };
      };
      kibana = {
        index = cfg.index;
        defaultAppId = cfg.defaultAppId;
      };
      elasticsearch = {
        url = cfg.elasticsearch.url;
        username = cfg.elasticsearch.username;
        password = cfg.elasticsearch.password;
        ssl = {
          cert = cfg.elasticsearch.cert;
          key = cfg.elasticsearch.key;
          ca = cfg.elasticsearch.ca;
        };
      };
      logging = {
        verbose = cfg.logLevel == "verbose";
        quiet = cfg.logLevel == "quiet";
        silent = cfg.logLevel == "silent";
        dest = "stdout";
      };
    } // cfg.extraConf)
  )));
 in {
  options.services.kibana = {
    enable = mkEnableOption "enable kibana service";
    host = mkOption {
      description = "Kibana listening host";
      default = "127.0.0.1";
      type = types.str;
    };
    port = mkOption {
      description = "Kibana listening port";
      default = 5601;
      type = types.int;
    };
    cert = mkOption {
      description = "Kibana ssl certificate.";
      default = null;
      type = types.nullOr types.path;
    };
    key = mkOption {
      description = "Kibana ssl key.";
      default = null;
      type = types.nullOr types.path;
    };
    index = mkOption {
      description = "Elasticsearch index to use for saving kibana config.";
      default = ".kibana";
      type = types.str;
    };
    defaultAppId = mkOption {
      description = "Elasticsearch default application id.";
      default = "discover";
      type = types.str;
    };
    elasticsearch = {
      url = mkOption {
        description = "Elasticsearch url";
        default = "http://localhost:9200";
        type = types.str;
      };
      username = mkOption {
        description = "Username for elasticsearch basic auth.";
        default = null;
        type = types.nullOr types.str;
      };
      password = mkOption {
        description = "Password for elasticsearch basic auth.";
        default = null;
        type = types.nullOr types.str;
      };
      ca = mkOption {
        description = "CA file to auth against elasticsearch.";
        default = null;
        type = types.nullOr types.path;
      };
      cert = mkOption {
        description = "Certificate file to auth against elasticsearch.";
        default = null;
        type = types.nullOr types.path;
      };
      key = mkOption {
        description = "Key file to auth against elasticsearch.";
        default = null;
        type = types.nullOr types.path;
      };
    };
    logLevel = mkOption {
      description = "Kibana log level";
      default = "normal";
      type = types.enum ["verbose" "normal" "silent" "quiet"];
    };
    package = mkOption {
      description = "Kibana package to use";
      default = pkgs.kibana;
      type = types.package;
    };
    dataDir = mkOption {
      description = "Kibana data directory";
      default = "/var/lib/kibana";
      type = types.path;
    };
    extraConf = mkOption {
      description = "Kibana extra configuration";
      default = {};
      type = types.attrs;
    };
  };
  config = mkIf (cfg.enable) {
    systemd.services.kibana = {
      description = "Kibana Service";
      wantedBy = [ "multi-user.target" ];
      after = [ "network-interfaces.target" "elasticsearch.service" ];
      serviceConfig = {
        ExecStart = "${cfg.package}/bin/kibana --config ${cfgFile}";
        User = "kibana";
        WorkingDirectory = cfg.dataDir;
      };
    };
    environment.systemPackages = [ cfg.package ];
    users.extraUsers = singleton {
      name = "kibana";
      uid = config.ids.uids.kibana;
      description = "Kibana service user";
      home = cfg.dataDir;
      createHome = true;
    };
  };
 }
--- a/nixos/modules/services/security/physlock.nix
+++ b/nixos/modules/services/security/physlock.nix
@ -0,0 +1,114 @@
 { config, lib, pkgs, ... }:
 with lib;
 let
  cfg = config.services.physlock;
 in
 {
  ###### interface
  options = {
    services.physlock = {
      enable = mkOption {
        type = types.bool;
        default = false;
        description = ''
          Whether to enable the <command>physlock</command> screen locking mechanism.
          Enable this and then run <command>systemctl start physlock</command>
          to securely lock the screen.
          This will switch to a new virtual terminal, turn off console
          switching and disable SysRq mechanism (when
          <option>services.physlock.disableSysRq</option> is set)
          until the root or <option>services.physlock.user</option>
          password is given.
        '';
      };
      user = mkOption {
        type = types.nullOr types.str;
        default = null;
        description = ''
          User whose password will be used to unlock the screen on par
          with the root password.
        '';
      };
      disableSysRq = mkOption {
        type = types.bool;
        default = true;
        description = ''
          Whether to disable SysRq when locked with physlock.
        '';
      };
      lockOn = {
        suspend = mkOption {
          type = types.bool;
          default = true;
          description = ''
            Whether to lock screen with physlock just before suspend.
          '';
        };
        hibernate = mkOption {
          type = types.bool;
          default = true;
          description = ''
            Whether to lock screen with physlock just before hibernate.
          '';
        };
        extraTargets = mkOption {
          type = types.listOf types.str;
          default = [];
          example = [ "display-manager.service" ];
          description = ''
            Other targets to lock the screen just before.
            Useful if you want to e.g. both autologin to X11 so that
            your <filename>~/.xsession</filename> gets executed and
            still to have the screen locked so that the system can be
            booted relatively unattended.
          '';
        };
      };
    };
  };
  ###### implementation
  config = mkIf cfg.enable {
    # for physlock -l and physlock -L
    environment.systemPackages = [ pkgs.physlock ];
    systemd.services."physlock" = {
      enable = true;
      description = "Physlock";
      wantedBy = optional cfg.lockOn.suspend   "suspend.target"
              ++ optional cfg.lockOn.hibernate "hibernate.target"
              ++ cfg.lockOn.extraTargets;
      before   = optional cfg.lockOn.suspend   "systemd-suspend.service"
              ++ optional cfg.lockOn.hibernate "systemd-hibernate.service"
              ++ cfg.lockOn.extraTargets;
      serviceConfig.Type = "forking";
      script = ''
        ${pkgs.physlock}/bin/physlock -d${optionalString cfg.disableSysRq "s"}${optionalString (cfg.user != null) " -u ${cfg.user}"}
      '';
    };
  };
 }
--- a/nixos/modules/services/torrent/deluge.nix
+++ b/nixos/modules/services/torrent/deluge.nix
@ -36,6 +36,8 @@ in {
      wantedBy = [ "multi-user.target" ];
      path = [ pkgs.pythonPackages.deluge ];
      serviceConfig.ExecStart = "${pkgs.pythonPackages.deluge}/bin/deluged -d";
      # To prevent "Quit & shutdown daemon" from working; we want systemd to manage it!
      serviceConfig.Restart = "on-success";
      serviceConfig.User = "deluge";
      serviceConfig.Group = "deluge";
    };
--- a/nixos/modules/services/web-servers/apache-httpd/wordpress.nix
+++ b/nixos/modules/services/web-servers/apache-httpd/wordpress.nix
@ -5,8 +5,8 @@ with lib;
 let
-  version = "4.2";
+  version = "4.3";
-  fullversion = "${version}.2";
+  fullversion = "${version}";
  # Our bare-bones wp-config.php file using the above settings
  wordpressConfig = pkgs.writeText "wp-config.php" ''
@ -40,6 +40,8 @@ let
    RewriteRule ^(.*\.php)$ $1 [L]
    RewriteRule . index.php [L]
    </IfModule>
    ${config.extraHtaccess}
  '';
  # WP translation can be found here:
@ -72,7 +74,7 @@ let
      owner = "WordPress";
      repo = "WordPress";
      rev = "${fullversion}";
-      sha256 = "0gq1j9b0d0rykql3jzdb2yn4adj0rrcsvqrmj3dzx11ir57ilsgc";
+      sha256 = "0sz5jjhjpwqis8336gyq9a77cr4sf8zahd1y4pzmpvpzn9cn503y";
    };
    installPhase = ''
      mkdir -p $out
@ -220,7 +222,18 @@ in
        settings, see <link xlink:href='http://codex.wordpress.org/Editing_wp-config.php'/>.
      '';
    };
-  }; 
+    extraHtaccess = mkOption {
      default = "";
      example =
        ''
          php_value upload_max_filesize 20M
          php_value post_max_size 20M
        '';
      description = ''
        Any additional text to be appended to Wordpress's .htaccess file.
      '';
    };
  };
  documentRoot = wordpressRoot;
--- a/nixos/modules/services/web-servers/nginx/default.nix
+++ b/nixos/modules/services/web-servers/nginx/default.nix
@ -8,12 +8,13 @@ let
  configFile = pkgs.writeText "nginx.conf" ''
    user ${cfg.user} ${cfg.group};
    daemon off;
    ${cfg.config}
    ${optionalString (cfg.httpConfig != "") ''
    http {
-    ${cfg.httpConfig}
+      include ${cfg.package}/conf/mime.types;
-    ${cfg.httpServers}
+      ${cfg.httpConfig}
    ${cfg.httpDefaultServer}
    }
    ''}
    ${cfg.appendConfig}
@ -62,32 +63,7 @@ in
      httpConfig = mkOption {
        type = types.lines;
        default = "";
-        description = ''
+        description = "Configuration lines to be appended inside of the http {} block.";
          Configuration lines to be placed at the top inside of
          the http {} block. The option is intended to be used for
          the default configuration of the servers.
        '';
      };
      httpServers = mkOption {
        type = types.lines;
        default = "";
        description = ''
          Configuration lines to be placed inside of the http {}
          block. The option is intended to be used for defining
          individual servers.
        '';
      };
      httpDefaultServer = mkOption {
        type = types.lines;
        default = "";
        description = ''
          Configuration lines to be placed at the bottom inside of
          the http {} block. The option is intended to be used for
          setting up the default servers. The default server is used
          if no previously specified server matches a request.
        '';
      };
      stateDir = mkOption {
--- a/nixos/modules/services/web-servers/nginx/reverse_proxy.nix
+++ b/nixos/modules/services/web-servers/nginx/reverse_proxy.nix
@ -1,233 +0,0 @@
 { config, lib, pkgs, ... }:
 with lib;
 let
  cfg = config.services.nginx;
  defaultSSL = cfg.httpDefaultKey != null || cfg.httpDefaultCertificate != null;
  validSSL = key: cert: cert != null && key != null || cert == null && key == null;
 in
 {
  options = {
    services.nginx = {
      reverseProxies = mkOption {
        type = types.attrsOf (types.submodule (
          {
            options = {
              proxy = mkOption {
                type = types.str;
                default = [];
                description = ''
                  Exclude files and directories matching these patterns.
                '';
              };
              key = mkOption {
                type = types.nullOr types.path;
                default = null;
                description = ''
                  Exclude files and directories matching these patterns.
                '';
              };
              certificate = mkOption {
                type = types.nullOr types.path;
                default = null;
                description = ''
                  Exclude files and directories matching these patterns.
                '';
              };
            };
          }
        ));
        default = {};
        example = literalExample ''
          {
            "hydra.yourdomain.org" =
              { proxy = "localhost:3000";
                key = "/etc/nixos/certs/hydra_key.key";
                certificate = "/etc/nixos/certs/hydra_cert.crt";
              };
          }
        '';
        description = ''
          A reverse proxy server configuration is created for every attribute.
          The attribute name corresponds to the name the server is listening to,
          and the proxy option defines the target to forward the requests to.
          If a key and certificate are given, then the server is secured through
          a SSL connection. Non-SSL requests on port 80 are automatically
          re-directed to the SSL server on port 443.
        '';
      };
      httpDefaultKey = mkOption {
        type = types.nullOr types.path;
        default = null;
        example = "/etc/nixos/certs/defaut_key.key";
        description = ''
           Key of SSL certificate for default server.
           The default certificate is presented by the default server during
           the SSL handshake when no specialized server configuration matches
           a request.
           A default SSL certificate is also helpful if browsers do not
           support the TLS Server Name Indication extension (SNI, RFC 6066).
        '';
      };
      httpDefaultCertificate = mkOption {
        type = types.nullOr types.path;
        default = null;
        example = "/etc/nixos/certs/defaut_key.crt";
        description = ''
           SSL certificate for default server.
           The default certificate is presented by the default server during
           the SSL handshake when no specialized server configuration matches
           a request.
           A default SSL certificate is also helpful if browsers do not
           support the TLS Server Name Indication extension (SNI, RFC 6066).
        '';
      };
    };
  };
  config = mkIf (cfg.reverseProxies != {}) {
    assertions = [
      { assertion = all id (mapAttrsToList (n: v: validSSL v.certificate v.key) cfg.reverseProxies);
        message = ''
          One (or more) reverse proxy configurations specify only either
          the key option or the certificate option. Both certificate
          with associated key have to be configured to enable SSL for a
          server configuration.
          services.nginx.reverseProxies: ${toString cfg.reverseProxies}
        '';
      }
      { assertion = validSSL cfg.httpDefaultCertificate cfg.httpDefaultKey;
        message = ''
          The default server configuration specifies only either the key
          option or the certificate option. Both httpDefaultCertificate
          with associated httpDefaultKey have to be configured to enable
          SSL for the default server configuration.
          services.nginx.httpDefaultCertificate: ${toString cfg.httpDefaultCertificate}
          services.nginx.httpDefaultKey : ${toString cfg.httpDefaultKey}
        '';
      }
    ];
    services.nginx.config = mkBefore ''
      worker_processes 1;
      error_log logs/error.log debug;
      pid logs/nginx.pid;
      events {
         worker_connections  1024;
      }
    '';
    services.nginx.httpConfig = mkBefore ''
      log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                '$status $body_bytes_sent "$http_referer" '
                '"$http_user_agent" "$http_x_forwarded_for"';
      access_log  logs/access.log  main;
      sendfile        on;
      tcp_nopush      on;
      keepalive_timeout  10;
      gzip            on;
      ${lib.optionalString defaultSSL ''
      ssl_session_cache    shared:SSL:10m;
      ssl_session_timeout  10m;
      ssl_protocols        TLSv1 TLSv1.1 TLSv1.2;
      ssl_ciphers          HIGH:!aNULL:!MD5;
      ssl_certificate      ${cfg.httpDefaultCertificate};
      ssl_certificate_key  ${cfg.httpDefaultKey};
      ''}
    '';
    services.nginx.httpDefaultServer = mkBefore ''
      # reject as default policy
      server {
          listen 80 default_server;
          listen [::]:80 default_server;
          ${lib.optionalString defaultSSL "listen 443 default_server ssl;"}
          return      444;
      }
    '';
    services.nginx.httpServers =
      let
        useSSL = certificate: key: certificate != null && key != null;
        server = servername: proxy: certificate: key: useSSL: ''
          server {
            server_name ${servername};
            keepalive_timeout    70;
            ${if !useSSL then ''
            listen 80;
            listen [::]:80;
            '' else ''
            listen 443 ssl;
            ssl_session_cache    shared:SSL:10m;
            ssl_session_timeout  10m;
            ssl_certificate      ${certificate};
            ssl_certificate_key  ${key};
            ''}
            location / {
              proxy_pass ${proxy};
              ### force timeouts if one of backend is dead ##
              proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
              ### Set headers ####
              proxy_set_header        Accept-Encoding   "";
              proxy_set_header        Host            $host;
              proxy_set_header        X-Real-IP       $remote_addr;
              proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
              ${lib.optionalString useSSL ''
              ### Most PHP, Python, Rails, Java App can use this header ###
              #proxy_set_header X-Forwarded-Proto https;##
              #This is better##
              proxy_set_header        X-Forwarded-Proto $scheme;
              add_header              Front-End-Https   on;
              ''}
              ### By default we don't want to redirect it ####
              proxy_redirect     off;
              proxy_buffering    off;
            }
          }
          ${lib.optionalString useSSL ''
          # redirect http to https
          server {
              listen 80;
              listen [::]:80;
              server_name ${servername};
              return 301 https://$server_name$request_uri;
          }
          ''}
        '';
      in
      concatStrings (mapAttrsToList (n: v: server n v.proxy v.certificate v.key (useSSL v.proxy v.certificate)) cfg.reverseProxies);
  };
 }
--- a/nixos/modules/services/x11/desktop-managers/e19.nix
+++ b/nixos/modules/services/x11/desktop-managers/e19.nix
@ -62,7 +62,6 @@ in
        waitPID=$!
      '';
    }];
    services.xserver.displayManager.desktopManagerHandlesLidAndPower = true;
    security.setuidPrograms = [ "e19_freqset" ];
--- a/nixos/modules/services/x11/desktop-managers/gnome3.nix
+++ b/nixos/modules/services/x11/desktop-managers/gnome3.nix
@ -99,7 +99,6 @@ in {
    networking.networkmanager.enable = mkDefault true;
    services.upower.enable = config.powerManagement.enable;
    hardware.bluetooth.enable = mkDefault true;
    services.xserver.displayManager.desktopManagerHandlesLidAndPower = false; # true doesn't make sense here, GNOME just doesn't handle it anymore
    fonts.fonts = [ pkgs.dejavu_fonts pkgs.cantarell_fonts ];
--- a/nixos/modules/services/x11/desktop-managers/kde4.nix
+++ b/nixos/modules/services/x11/desktop-managers/kde4.nix
@ -111,7 +111,6 @@ in
            exec ${kde_workspace}/bin/startkde
          '';
      };
    services.xserver.displayManager.desktopManagerHandlesLidAndPower = true;
    security.setuidOwners = singleton
      { program = "kcheckpass";
--- a/nixos/modules/services/x11/desktop-managers/kde5.nix
+++ b/nixos/modules/services/x11/desktop-managers/kde5.nix
@ -78,7 +78,6 @@ in
      bgSupport = true;
      start = ''exec ${plasma5.plasma-workspace}/bin/startkde;'';
    };
    services.xserver.displayManager.desktopManagerHandlesLidAndPower = true;
    security.setuidOwners = singleton {
      program = "kcheckpass";
--- a/nixos/modules/services/x11/desktop-managers/kodi.nix
+++ b/nixos/modules/services/x11/desktop-managers/kodi.nix
@ -25,7 +25,6 @@ in
        waitPID=$!
      '';
    }];
    services.xserver.displayManager.desktopManagerHandlesLidAndPower = true;
    environment.systemPackages = [ pkgs.kodi ];
  };
--- a/nixos/modules/services/x11/desktop-managers/xfce.nix
+++ b/nixos/modules/services/x11/desktop-managers/xfce.nix
@ -37,7 +37,6 @@ in
            exec ${pkgs.stdenv.shell} ${pkgs.xfce.xinitrc}
          '';
      };
    services.xserver.displayManager.desktopManagerHandlesLidAndPower = true;
    environment.systemPackages =
      [ pkgs.gtk # To get GTK+'s themes.
--- a/nixos/modules/services/x11/display-managers/gdm.nix
+++ b/nixos/modules/services/x11/display-managers/gdm.nix
@ -23,6 +23,10 @@ in
        <emphasis>GDM is very experimental and may render system unusable.</emphasis>
      '';
      debug = mkEnableOption ''
        debugging messages in GDM
      '';
      autoLogin = mkOption {
        default = {};
        description = ''
@ -69,8 +73,7 @@ in
  config = mkIf cfg.gdm.enable {
    assertions = [
-      { assertion = let autoLogin = cfg.gdm.autoLogin; in
+      { assertion = cfg.gdm.autoLogin.enable -> cfg.gdm.autoLogin.user != null;
          if autoLogin.enable then autoLogin.user != null else true;
        message = "GDM auto-login requires services.xserver.displayManager.gdm.autoLogin.user to be set";
      }
    ];
@ -109,13 +112,21 @@ in
    programs.dconf.profiles.gdm = "${gdm}/share/dconf/profile/gdm";
    # Use AutomaticLogin if delay is zero, because it's immediate.
    # Otherwise with TimedLogin with zero seconds the prompt is still
    # presented and there's a little delay.
    environment.etc."gdm/custom.conf".text = ''
      [daemon]
-      ${optionalString cfg.gdm.autoLogin.enable ''
+      ${optionalString cfg.gdm.autoLogin.enable (
-      TimedLoginEnable=true
+        if cfg.gdm.autoLogin.delay > 0 then ''
-      TimedLogin=${cfg.gdm.autoLogin.user}
+          TimedLoginEnable=true
-      TimedLoginDelay=${toString cfg.gdm.autoLogin.delay}
+          TimedLogin=${cfg.gdm.autoLogin.user}
-      ''}
+          TimedLoginDelay=${toString cfg.gdm.autoLogin.delay}
        '' else ''
          AutomaticLoginEnable=true
          AutomaticLogin=${cfg.gdm.autoLogin.user}
        '')
      }
      [security]
@ -126,6 +137,7 @@ in
      [chooser]
      [debug]
      ${optionalString cfg.gdm.debug "Enable=true"}
    '';
    # GDM LFS PAM modules, adapted somehow to NixOS
--- a/nixos/modules/services/x11/redshift.nix
+++ b/nixos/modules/services/x11/redshift.nix
@ -1,58 +1,90 @@
 { config, lib, pkgs, ... }:
 with lib;
 let
  cfg = config.services.redshift;
 in {
-  options = {
+
-    services.redshift.enable = mkOption {
+  options.services.redshift = {
    enable = mkOption {
      type = types.bool;
      default = false;
      example = true;
-      description = "Enable Redshift to change your screen's colour temperature depending on the time of day";
+      description = ''
        Enable Redshift to change your screen's colour temperature depending on
        the time of day.
      '';
    };
-    services.redshift.latitude = mkOption {
+    latitude = mkOption {
      description = "Your current latitude";
      type = types.str;
      description = ''
        Your current latitude.
      '';
    };
-    services.redshift.longitude = mkOption {
+    longitude = mkOption {
      description = "Your current longitude";
      type = types.str;
      description = ''
        Your current longitude.
      '';
    };
-    services.redshift.temperature = {
+    temperature = {
      day = mkOption {
-        description = "Colour temperature to use during day time";
+        type = types.int;
        default = 5500;
-        type = types.int;
+        description = ''
          Colour temperature to use during the day.
        '';
      };
      night = mkOption {
-        description = "Colour temperature to use during night time";
+        type = types.int;
        default = 3700;
-        type = types.int;
+        description = ''
          Colour temperature to use at night.
        '';
      };
    };
-    services.redshift.brightness = {
+    brightness = {
      day = mkOption {
        description = "Screen brightness to apply during the day (between 0.1 and 1.0)";
        default = "1";
        type = types.str;
        default = "1";
        description = ''
          Screen brightness to apply during the day,
          between <literal>0.1</literal> and <literal>1.0</literal>.
        '';
      };
      night = mkOption {
        description = "Screen brightness to apply during the night (between 0.1 and 1.0)";
        default = "1";
        type = types.str;
        default = "1";
        description = ''
          Screen brightness to apply during the night,
          between <literal>0.1</literal> and <literal>1.0</literal>.
        '';
      };
    };
-    services.redshift.extraOptions = mkOption {
+    package = mkOption {
      type = types.package;
      default = pkgs.redshift;
      description = ''
        redshift derivation to use.
      '';
    };
    extraOptions = mkOption {
      type = types.listOf types.str;
      default = [];
      example = [ "-v" "-m randr" ];
-      description = "Additional command-line arguments to pass to the redshift(1) command";
+      description = ''
        Additional command-line arguments to pass to
        <command>redshift</command>.
      '';
    };
  };
@ -63,7 +95,7 @@ in {
      after = [ "display-manager.service" ];
      wantedBy = [ "graphical.target" ];
      serviceConfig.ExecStart = ''
-        ${pkgs.redshift}/bin/redshift \
+        ${cfg.package}/bin/redshift \
          -l ${cfg.latitude}:${cfg.longitude} \
          -t ${toString cfg.temperature.day}:${toString cfg.temperature.night} \
          -b ${toString cfg.brightness.day}:${toString cfg.brightness.night} \
@ -73,4 +105,5 @@ in {
      serviceConfig.Restart = "always";
    };
  };
 }
--- a/nixos/modules/services/x11/xserver.nix
+++ b/nixos/modules/services/x11/xserver.nix
@ -13,7 +13,6 @@ let
  # Map video driver names to driver packages. FIXME: move into card-specific modules.
  knownVideoDrivers = {
    nouveau       = { modules = [ pkgs.xf86_video_nouveau ]; };
    unichrome    = { modules = [ pkgs.xorgVideoUnichrome ]; };
    virtualbox   = { modules = [ kernelPackages.virtualboxGuestAdditions ]; driverName = "vboxvideo"; };
    ati = { modules = [ pkgs.xorg.xf86videoati pkgs.xorg.glamoregl ]; };
--- a/nixos/modules/system/activation/top-level.nix
+++ b/nixos/modules/system/activation/top-level.nix
@ -99,7 +99,9 @@ let
  # makes it bootable.
  baseSystem = showWarnings (
    if [] == failed then pkgs.stdenv.mkDerivation {
-      name = "nixos-${config.system.nixosVersion}";
+      name = let hn = config.networking.hostName;
                 nn = if (hn != "") then hn else "unnamed";
          in "nixos-system-${nn}-${config.system.nixosVersion}";
      preferLocalBuild = true;
      allowSubstitutes = false;
      buildCommand = systemBuilder;
--- a/nixos/modules/system/boot/loader/efi.nix
+++ b/nixos/modules/system/boot/loader/efi.nix
@ -15,7 +15,7 @@ with lib;
    efiSysMountPoint = mkOption {
      default = "/boot";
-      type = types.string;
+      type = types.str;
      description = "Where the EFI System Partition is mounted.";
    };
--- a/nixos/modules/system/boot/luksroot.nix
+++ b/nixos/modules/system/boot/luksroot.nix
@ -242,20 +242,20 @@ in
        name = mkOption {
          example = "luksroot";
-          type = types.string;
+          type = types.str;
          description = "Named to be used for the generated device in /dev/mapper.";
        };
        device = mkOption {
          example = "/dev/sda2";
-          type = types.string;
+          type = types.str;
          description = "Path of the underlying block device.";
        };
        header = mkOption {
          default = null;
          example = "/root/header.img";
-          type = types.nullOr types.string;
+          type = types.nullOr types.str;
          description = ''
            The name of the file or block device that
            should be used as header for the encrypted device.
@ -265,7 +265,7 @@ in
        keyFile = mkOption {
          default = null;
          example = "/dev/sdb1";
-          type = types.nullOr types.string;
+          type = types.nullOr types.str;
          description = ''
            The name of the file (can be a raw device or a partition) that
            should be used as the decryption key for the encrypted device. If
@ -349,7 +349,7 @@ in
            ramfsMountPoint = mkOption {
              default = "/crypt-ramfs";
-              type = types.string;
+              type = types.str;
              description = "Path where the ramfs used to update the LUKS key will be mounted during early boot.";
            };
@ -369,19 +369,19 @@ in
              fsType = mkOption {
                default = "vfat";
-                type = types.string;
+                type = types.str;
                description = "The filesystem of the unencrypted device.";
              };
              mountPoint = mkOption {
                default = "/crypt-storage";
-                type = types.string;
+                type = types.str;
                description = "Path where the unencrypted device will be mounted during early boot.";
              };
              path = mkOption {
                default = "/crypt-storage/default";
-                type = types.string;
+                type = types.str;
                description = ''
                  Absolute path of the salt on the unencrypted device with
                  that device's root directory as "/".
--- a/nixos/modules/system/boot/modprobe.nix
+++ b/nixos/modules/system/boot/modprobe.nix
@ -85,11 +85,7 @@ with lib;
        '')}
        ${config.boot.extraModprobeConfig}
      '';
-    environment.etc."modprobe.d/usb-load-ehci-first.conf".text =
+    environment.etc."modprobe.d/debian.conf".source = pkgs.kmod-debian-aliases;
      ''
        softdep uhci_hcd pre: ehci_hcd
        softdep ohci_hcd pre: ehci_hcd
      '';
    environment.systemPackages = [ config.system.sbin.modprobe pkgs.kmod ];
--- a/nixos/modules/system/boot/stage-1.nix
+++ b/nixos/modules/system/boot/stage-1.nix
@ -241,6 +241,9 @@ let
          };
          symlink = "/etc/modprobe.d/ubuntu.conf";
        }
        { object = pkgs.kmod-debian-aliases;
          symlink = "/etc/modprobe.d/debian.conf";
        }
      ];
  };
--- a/nixos/modules/tasks/encrypted-devices.nix
+++ b/nixos/modules/tasks/encrypted-devices.nix
@ -22,21 +22,21 @@ let
      blkDev = mkOption {
        default = null;
        example = "/dev/sda1";
-        type = types.uniq (types.nullOr types.string);
+        type = types.nullOr types.str;
        description = "Location of the backing encrypted device.";
      };
      label = mkOption {
        default = null;
        example = "rootfs";
-        type = types.uniq (types.nullOr types.string);
+        type = types.nullOr types.str;
        description = "Label of the backing encrypted device.";
      };
      keyFile = mkOption {
        default = null;
        example = "/root/.swapkey";
-        type = types.uniq (types.nullOr types.string);
+        type = types.nullOr types.str;
        description = "File system location of keyfile.";
      };
    };
--- a/nixos/modules/tasks/filesystems.nix
+++ b/nixos/modules/tasks/filesystems.nix
@ -22,14 +22,14 @@ let
      device = mkOption {
        default = null;
        example = "/dev/sda";
-        type = types.uniq (types.nullOr types.string);
+        type = types.nullOr types.str;
        description = "Location of the device.";
      };
      label = mkOption {
        default = null;
        example = "root-partition";
-        type = types.uniq (types.nullOr types.string);
+        type = types.nullOr types.str;
        description = "Label of the device (if any).";
      };
--- a/nixos/modules/tasks/network-interfaces.nix
+++ b/nixos/modules/tasks/network-interfaces.nix
@ -499,7 +499,7 @@ in
        interface = mkOption {
          example = "enp4s0";
-          type = types.string;
+          type = types.str;
          description = "The interface the macvlan will transmit packets through.";
        };
@ -605,7 +605,7 @@ in
        interface = mkOption {
          example = "enp4s0";
-          type = types.string;
+          type = types.str;
          description = "The interface the vlan will transmit packets through.";
        };
--- a/nixos/modules/virtualisation/azure-image.nix
+++ b/nixos/modules/virtualisation/azure-image.nix
@ -26,7 +26,7 @@ in
              ${pkgs.vmTools.qemu}/bin/qemu-img convert -f raw -O vpc $diskImage $out/disk.vhd
              rm $diskImage
            '';
-          diskImageBase = "nixos-${config.system.nixosVersion}-${pkgs.stdenv.system}.raw";
+          diskImageBase = "nixos-image-${config.system.nixosVersion}-${pkgs.stdenv.system}.raw";
          buildInputs = [ pkgs.utillinux pkgs.perl ];
          exportReferencesGraph =
            [ "closure" config.system.build.toplevel ];
--- a/nixos/modules/virtualisation/brightbox-image.nix
+++ b/nixos/modules/virtualisation/brightbox-image.nix
@ -26,7 +26,7 @@ in
              rm $diskImageBase
              popd
            '';
-          diskImageBase = "nixos-${config.system.nixosVersion}-${pkgs.stdenv.system}.raw";
+          diskImageBase = "nixos-image-${config.system.nixosVersion}-${pkgs.stdenv.system}.raw";
          buildInputs = [ pkgs.utillinux pkgs.perl ];
          exportReferencesGraph =
            [ "closure" config.system.build.toplevel ];
--- a/nixos/modules/virtualisation/containers.nix
+++ b/nixos/modules/virtualisation/containers.nix
@ -12,6 +12,12 @@ let
    perl = "${pkgs.perl}/bin/perl -I${pkgs.perlPackages.FileSlurp}/lib/perl5/site_perl";
    su = "${pkgs.shadow.su}/bin/su";
    inherit (pkgs) utillinux;
    postInstall = ''
      t=$out/etc/bash_completion.d
      mkdir -p $t
      cp ${./nixos-container-completion.sh} $t/nixos-container
    '';
  };
  # The container's init script, a small wrapper around the regular
@ -102,7 +108,7 @@ in
            };
            hostAddress = mkOption {
-              type = types.nullOr types.string;
+              type = types.nullOr types.str;
              default = null;
              example = "10.231.136.1";
              description = ''
@ -111,7 +117,7 @@ in
            };
            localAddress = mkOption {
-              type = types.nullOr types.string;
+              type = types.nullOr types.str;
              default = null;
              example = "10.231.136.2";
              description = ''
@ -299,7 +305,7 @@ in
            ''
              #! ${pkgs.stdenv.shell} -e
              ${nixos-container}/bin/nixos-container run "$INSTANCE" -- \
-                bash --login -c "/nix/var/nix/profiles/system/bin/switch-to-configuration test"
+                bash --login -c "''${SYSTEM_PATH:-/nix/var/nix/profiles/system}/bin/switch-to-configuration test"
            '';
          SyslogIdentifier = "container %i";
--- a/nixos/modules/virtualisation/docker.nix
+++ b/nixos/modules/virtualisation/docker.nix
@ -67,7 +67,7 @@ in
    postStart =
      mkOption {
-        type = types.string;
+        type = types.lines;
        default = ''
          while ! [ -e /var/run/docker.sock ]; do
            sleep 0.1
--- a/nixos/modules/virtualisation/google-compute-image.nix
+++ b/nixos/modules/virtualisation/google-compute-image.nix
@ -30,7 +30,7 @@ in
              rm $out/disk.raw
              popd
            '';
-          diskImageBase = "nixos-${config.system.nixosVersion}-${pkgs.stdenv.system}.raw";
+          diskImageBase = "nixos-image-${config.system.nixosVersion}-${pkgs.stdenv.system}.raw";
          buildInputs = [ pkgs.utillinux pkgs.perl ];
          exportReferencesGraph =
            [ "closure" config.system.build.toplevel ];
--- a/nixos/modules/virtualisation/lxd.nix
+++ b/nixos/modules/virtualisation/lxd.nix
@ -0,0 +1,64 @@
 # Systemd services for lxd.
 { config, lib, pkgs, ... }:
 with lib;
 let
  cfg = config.virtualisation.lxd;
 in
 {
  ###### interface
  options = {
    virtualisation.lxd.enable =
      mkOption {
        type = types.bool;
        default = false;
        description =
          ''
            This option enables lxd, a daemon that manages
            containers. Users in the "lxd" group can interact with
            the daemon (e.g. to start or stop containers) using the
            <command>lxc</command> command line tool, among others.
          '';
      };
  };
  ###### implementation
  config = mkIf cfg.enable {
    environment.systemPackages =
      [ pkgs.lxd ];
    systemd.services.lxd =
      { description = "LXD Container Management Daemon";
        wantedBy = [ "multi-user.target" ];
        after = [ "systemd-udev-settle.service" ];
        # TODO(wkennington): Add lvm2 and thin-provisioning-tools
        path = with pkgs; [ acl rsync gnutar xz btrfsProgs ];
        serviceConfig.ExecStart = "@${pkgs.lxd}/bin/lxd lxd --syslog --group lxd";
        serviceConfig.Type = "simple";
        serviceConfig.KillMode = "process"; # when stopping, leave the containers alone
      };
    users.extraGroups.lxd.gid = config.ids.gids.lxd;
    users.extraUsers.root = {
      subUidRanges = [ { startUid = 1000000; count = 65536; } ];
      subGidRanges = [ { startGid = 1000000; count = 65536; } ];
    };
  };
 }
--- a/nixos/modules/virtualisation/nixos-container-completion.sh
+++ b/nixos/modules/virtualisation/nixos-container-completion.sh
@ -0,0 +1,33 @@
 #!/usr/bin/env bash
 _nixos-container() {
    local cur prev opts
    COMPREPLY=()
    cur="${COMP_WORDS[COMP_CWORD]}"
    prev="${COMP_WORDS[COMP_CWORD-1]}"
    opts="list create destroy start stop status update login root-login run show-ip show-host-key"
    startstop_opts=$(nixos-container list)
    update_opts="--config"
    if [[ "$prev" == "nixos-container" ]]
    then
        COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) )
        return 0
    fi
    if [[ $(echo "$opts" | grep "$prev") ]]
    then
        if [[ "$prev" == "start" || "$prev" == "stop" ]]
        then
            COMPREPLY=( $(compgen -W "${startstop_opts}" -- ${cur}) )
            return 0
        elif [[ "$prev" == "update" ]]
        then
            COMPREPLY=( $(compgen -W "${update_opts}" -- ${cur}) )
            return 0
        fi
    fi
 }
 complete -F _nixos-container nixos-container
--- a/nixos/modules/virtualisation/nixos-container.pl
+++ b/nixos/modules/virtualisation/nixos-container.pl
@ -290,7 +290,8 @@ elsif ($action eq "show-ip") {
 }
 elsif ($action eq "show-host-key") {
-    my $fn = "$root/etc/ssh/ssh_host_ecdsa_key.pub";
+    my $fn = "$root/etc/ssh/ssh_host_ed25519_key.pub";
    $fn = "$root/etc/ssh/ssh_host_ecdsa_key.pub" unless -e $fn;
    exit 1 if ! -f $fn;
    print read_file($fn);
 }
--- a/nixos/modules/virtualisation/parallels-guest.nix
+++ b/nixos/modules/virtualisation/parallels-guest.nix
@ -17,7 +17,7 @@ in
        type = types.bool;
        default = false;
        description = ''
-          This enables Parallel Tools for Linux guests, along with provided
+          This enables Parallels Tools for Linux guests, along with provided
          video, mouse and other hardware drivers.
        '';
      };
--- a/nixos/modules/virtualisation/virtualbox-image.nix
+++ b/nixos/modules/virtualisation/virtualbox-image.nix
@ -101,7 +101,7 @@ in {
    system.build.virtualBoxOVA = pkgs.runCommand "virtualbox-ova"
      { buildInputs = [ pkgs.linuxPackages.virtualbox ];
        vmName = "NixOS ${config.system.nixosVersion} (${pkgs.stdenv.system})";
-        fileName = "nixos-${config.system.nixosVersion}-${pkgs.stdenv.system}.ova";
+        fileName = "nixos-image-${config.system.nixosVersion}-${pkgs.stdenv.system}.ova";
      }
      ''
        echo "creating VirtualBox VM..."
@ -109,7 +109,8 @@ in {
        VBoxManage createvm --name "$vmName" --register \
          --ostype ${if pkgs.stdenv.system == "x86_64-linux" then "Linux26_64" else "Linux26"}
        VBoxManage modifyvm "$vmName" \
-          --memory 1536 --acpi on --vram 10 \
+          --memory 1536 --acpi on --vram 32 \
          ${optionalString (pkgs.stdenv.system == "i686-linux") "--pae on"} \
          --nictype1 virtio --nic1 nat \
          --audiocontroller ac97 --audio alsa \
          --rtcuseutc on \
--- a/nixos/release.nix
+++ b/nixos/release.nix
@ -226,6 +226,7 @@ in rec {
  tests.fleet = hydraJob (import tests/fleet.nix { system = "x86_64-linux"; });
  #tests.gitlab = callTest tests/gitlab.nix {};
  tests.gnome3 = callTest tests/gnome3.nix {};
  tests.gnome3-gdm = callTest tests/gnome3-gdm.nix {};
  tests.i3wm = callTest tests/i3wm.nix {};
  tests.installer.grub1 = forAllSystems (system: hydraJob (import tests/installer.nix { inherit system; }).grub1.test);
  tests.installer.lvm = forAllSystems (system: hydraJob (import tests/installer.nix { inherit system; }).lvm.test);
--- a/nixos/tests/chromium.nix
+++ b/nixos/tests/chromium.nix
@ -44,6 +44,8 @@ import ./make-test.nix (
          search --onlyvisible --name "startup done"
          windowfocus --sync
          windowactivate --sync
        ''}");
        $machine->execute("${xdo "new-window" ''
          key Ctrl+n
        ''}");
      });
@ -55,6 +57,8 @@ import ./make-test.nix (
          search --onlyvisible --name "new tab"
          windowfocus --sync
          windowactivate --sync
        ''}");
        $machine->execute("${xdo "close-window" ''
          key Ctrl+w
        ''}");
        for (1..20) {
@ -155,6 +159,8 @@ import ./make-test.nix (
          $machine->succeed("${xdo "submit-url" ''
            search --sync --onlyvisible --name "sandbox status"
            windowfocus --sync
          ''}");
          $machine->succeed("${xdo "submit-url" ''
            key --delay 1000 Ctrl+a Ctrl+c
          ''}");
--- a/nixos/tests/etcd.nix
+++ b/nixos/tests/etcd.nix
@ -82,7 +82,7 @@ import ./make-test.nix ({ pkgs, ... } : {
    subtest "single node", sub {
      $simple->start();
      $simple->waitForUnit("etcd.service");
-      $simple->succeed("etcdctl set /foo/bar 'Hello world'");
+      $simple->waitUntilSucceeds("etcdctl set /foo/bar 'Hello world'");
      $simple->waitUntilSucceeds("etcdctl get /foo/bar | grep 'Hello world'");
    };
@ -91,7 +91,7 @@ import ./make-test.nix ({ pkgs, ... } : {
      $node2->start();
      $node1->waitForUnit("etcd.service");
      $node2->waitForUnit("etcd.service");
-      $node1->succeed("etcdctl set /foo/bar 'Hello world'");
+      $node1->waitUntilSucceeds("etcdctl set /foo/bar 'Hello world'");
      $node2->waitUntilSucceeds("etcdctl get /foo/bar | grep 'Hello world'");
      $node1->shutdown();
      $node2->shutdown();
@ -104,7 +104,7 @@ import ./make-test.nix ({ pkgs, ... } : {
      $discovery2->start();
      $discovery1->waitForUnit("etcd.service");
      $discovery2->waitForUnit("etcd.service");
-      $discovery1->succeed("etcdctl set /foo/bar 'Hello world'");
+      $discovery1->waitUntilSucceeds("etcdctl set /foo/bar 'Hello world'");
      $discovery2->waitUntilSucceeds("etcdctl get /foo/bar | grep 'Hello world'");
    };
  '';
--- a/nixos/tests/gnome3-gdm.nix
+++ b/nixos/tests/gnome3-gdm.nix
@ -0,0 +1,39 @@
 import ./make-test.nix ({ pkgs, ...} : {
  name = "gnome3-gdm";
  meta = with pkgs.stdenv.lib.maintainers; {
    maintainers = [ lethalman ];
  };
  machine =
    { config, pkgs, ... }:
    { imports = [ ./common/user-account.nix ];
      services.xserver.enable = true;
      services.xserver.displayManager.gdm = {
        enable = true;
        autoLogin = {
          enable = true;
          user = "alice";
        };
      };
      services.xserver.desktopManager.gnome3.enable = true;
      virtualisation.memorySize = 512;
    };
  testScript =
    ''
      $machine->waitForX;
      $machine->sleep(15);
      # Check that logging in has given the user ownership of devices.
      $machine->succeed("getfacl /dev/snd/timer | grep -q alice");
      $machine->succeed("su - alice -c 'DISPLAY=:0.0 gnome-terminal &'");
      $machine->waitForWindow(qr/Terminal/);
      $machine->sleep(20);
      $machine->screenshot("screen");
    '';
 })
--- a/nixos/tests/logstash.nix
+++ b/nixos/tests/logstash.nix
@ -19,8 +19,8 @@ import ./make-test.nix ({ pkgs, ...} : {
                exec { command => "echo dragons" interval => 1 type => "test" }
              '';
              filterConfig = ''
-                if [type] == "test" {
+                if [message] =~ /dragons/ {
-                  grep { match => ["message", "flowers"] drop => true }
+                  drop {}
                }
              '';
              outputConfig = ''
--- a/nixos/tests/virtualbox.nix
+++ b/nixos/tests/virtualbox.nix
@ -1,26 +1,41 @@
 { debug ? false, ... } @ args:
 import ./make-test.nix ({ pkgs, ... }: with pkgs.lib; let
-  debug = false;
+  testVMConfig = vmName: attrs: { config, pkgs, ... }: let
    guestAdditions = pkgs.linuxPackages.virtualboxGuestAdditions;
-  testVMConfig = vmName: attrs: { config, pkgs, ... }: {
+    miniInit = ''
-    boot.kernelParams = let
+      #!${pkgs.stdenv.shell} -xe
-      miniInit = ''
+      export PATH="${pkgs.coreutils}/bin:${pkgs.utillinux}/bin"
        #!${pkgs.stdenv.shell} -xe
        export PATH="${pkgs.coreutils}/bin:${pkgs.utillinux}/bin"
-        ${pkgs.linuxPackages.virtualboxGuestAdditions}/bin/VBoxService
+      mkdir -p /etc/dbus-1 /var/run/dbus
-        ${(attrs.vmScript or (const "")) pkgs}
+      cat > /etc/passwd <<EOF
      root:x:0:0::/root:/bin/false
      messagebus:x:1:1::/var/run/dbus:/bin/false
      EOF
      cat > /etc/group <<EOF
      root:x:0:
      messagebus:x:1:
      EOF
      cp -v "${pkgs.dbus.daemon}/etc/dbus-1/system.conf" \
        /etc/dbus-1/system.conf
      "${pkgs.dbus.daemon}/bin/dbus-daemon" --fork --system
-        i=0
+      ${guestAdditions}/bin/VBoxService
-        while [ ! -e /mnt-root/shutdown ]; do
+      ${(attrs.vmScript or (const "")) pkgs}
          sleep 10
          i=$(($i + 10))
          [ $i -le 120 ] || fail
        done
-        rm -f /mnt-root/boot-done /mnt-root/shutdown
+      i=0
-      '';
+      while [ ! -e /mnt-root/shutdown ]; do
-    in [
+        sleep 10
        i=$(($i + 10))
        [ $i -le 120 ] || fail
      done
      rm -f /mnt-root/boot-done /mnt-root/shutdown
    '';
  in {
    boot.kernelParams = [
      "console=tty0" "console=ttyS0" "ignore_loglevel"
      "boot.trace" "panic=1" "boot.panic_on_fail"
      "init=${pkgs.writeScript "mini-init.sh" miniInit}"
@ -39,7 +54,7 @@ import ./make-test.nix ({ pkgs, ... }: with pkgs.lib; let
    ];
    boot.initrd.extraUtilsCommands = ''
-      copy_bin_and_libs "${pkgs.linuxPackages.virtualboxGuestAdditions}/bin/mount.vboxsf"
+      copy_bin_and_libs "${guestAdditions}/bin/mount.vboxsf"
      copy_bin_and_libs "${pkgs.utillinux}/bin/unshare"
      ${(attrs.extraUtilsCommands or (const "")) pkgs}
    '';
@ -156,30 +171,26 @@ import ./make-test.nix ({ pkgs, ... }: with pkgs.lib; let
    ];
  in {
    machine = {
-      systemd.sockets = listToAttrs (singleton {
+      systemd.sockets."vboxtestlog-${name}" = {
-        name = "vboxtestlog-${name}";
+        description = "VirtualBox Test Machine Log Socket For ${name}";
-        value = {
+        wantedBy = [ "sockets.target" ];
-          description = "VirtualBox Test Machine Log Socket";
+        before = [ "multi-user.target" ];
-          wantedBy = [ "sockets.target" ];
+        socketConfig.ListenStream = "/run/virtualbox-log-${name}.sock";
-          before = [ "multi-user.target" ];
+        socketConfig.Accept = true;
-          socketConfig.ListenStream = "/run/virtualbox-log-${name}.sock";
+      };
          socketConfig.Accept = true;
        };
      });
-      systemd.services = listToAttrs (singleton {
+      systemd.services."vboxtestlog-${name}@" = {
-        name = "vboxtestlog-${name}@";
+        description = "VirtualBox Test Machine Log For ${name}";
-        value = {
+        serviceConfig.StandardInput = "socket";
-          description = "VirtualBox Test Machine Log";
+        serviceConfig.StandardOutput = "syslog";
-          serviceConfig.StandardInput = "socket";
+        serviceConfig.SyslogIdentifier = "GUEST-${name}";
-          serviceConfig.StandardOutput = "syslog";
+        serviceConfig.ExecStart = "${pkgs.coreutils}/bin/cat";
-          serviceConfig.SyslogIdentifier = "GUEST-${name}";
+      };
          serviceConfig.ExecStart = "${pkgs.coreutils}/bin/cat";
        };
      });
    };
    testSubs = ''
      my ${"$" + name}_sharepath = '${sharePath}';
      sub checkRunning_${name} {
        my $cmd = 'VBoxManage list runningvms | grep -q "^\"${name}\""';
        my ($status, $out) = $machine->execute(ru $cmd);
@ -286,9 +297,15 @@ import ./make-test.nix ({ pkgs, ... }: with pkgs.lib; let
    echo "$otherIP reachable" | ${pkgs.netcat}/bin/netcat -clp 5678 || :
  '';
  sysdDetectVirt = pkgs: ''
    ${pkgs.systemd}/bin/systemd-detect-virt > /mnt-root/result
  '';
  vboxVMs = mapAttrs createVM {
    simple = {};
    detectvirt.vmScript = sysdDetectVirt;
    test1.vmFlags = hostonlyVMFlags;
    test1.vmScript = dhcpScript;
@ -307,7 +324,7 @@ in {
      mkVMConf = name: val: val.machine // { key = "${name}-config"; };
      vmConfigs = mapAttrsToList mkVMConf vboxVMs;
    in [ ./common/user-account.nix ./common/x11.nix ] ++ vmConfigs;
-    virtualisation.memorySize = 768;
+    virtualisation.memorySize = 1024;
    virtualisation.virtualbox.host.enable = true;
    users.extraUsers.alice.extraGroups = let
      inherit (config.virtualisation.virtualbox.host) enableHardening;
@ -372,6 +389,18 @@ in {
    destroyVM_simple;
    subtest "systemd-detect-virt", sub {
      createVM_detectvirt;
      vbm("startvm detectvirt");
      waitForStartup_detectvirt;
      waitForVMBoot_detectvirt;
      shutdownVM_detectvirt;
      my $result = $machine->succeed("cat '$detectvirt_sharepath/result'");
      chomp $result;
      die "systemd-detect-virt returned \"$result\" instead of \"oracle\""
        if $result ne "oracle";
    };
    subtest "net-hostonlyif", sub {
      createVM_test1;
      createVM_test2;
@ -403,4 +432,4 @@ in {
      destroyVM_test2;
    };
  '';
-})
+}) args
--- a/pkgs/applications/audio/beast/default.nix
+++ b/pkgs/applications/audio/beast/default.nix
@ -1,11 +1,11 @@
 { stdenv, fetchurl, zlib, guile, libart_lgpl, pkgconfig, intltool
 , gtk, glib, libogg, libvorbis, libgnomecanvas, gettext, perl }:
-stdenv.mkDerivation {
+stdenv.mkDerivation rec {
  name = "beast-0.7.1";
  src = fetchurl {
-    url = ftp://beast.gtk.org/pub/beast/v0.7/beast-0.7.1.tar.bz2;
+    url = "http://ftp.gtk.org/pub/beast/v0.7/${name}.tar.bz2";
    sha256 = "0jyl1i1918rsn4296w07fsf6wx3clvad522m3bzgf8ms7gxivg5l";
  };
--- a/pkgs/applications/audio/dfasma/default.nix
+++ b/pkgs/applications/audio/dfasma/default.nix
@ -1,16 +1,58 @@
 { stdenv, fetchFromGitHub, fftw, libsndfile, qt5 }:
-let version = "1.1.2"; in
+let
-stdenv.mkDerivation {
+
  version = "1.2.5";
  rev = "v${version}";
  sha256 = "0mgy2bkmyp7lvaqsr7hkndwdgjf26mlpsj6smrmn1vp0cqyrw72d";
  reaperFork = {
    src = fetchFromGitHub {
      sha256 = "07m2wf2gqyya95b65gawrnr4pvc9jyzmg6h8sinzgxlpskz93wwc";
      rev = "39053e8896eedd7b3e8a9e9a9ffd80f1fc6ceb16";
      repo = "reaper";
      owner = "gillesdegottex";
    };
    meta = with stdenv.lib; {
     license = licenses.asl20;
    };
  };
  libqaudioextra = {
    src = fetchFromGitHub {
      sha256 = "17pvlij8cc4lwzf6f1cnygj3m3ci6xfa3lv5bgcr5i1gzyjxqpq1";
      rev = "b7d187cd9a1fd76ea94151e2e02453508d0151d3";
      repo = "libqaudioextra";
      owner = "gillesdegottex";
    };
    meta = with stdenv.lib; {
     license = licenses.gpl3Plus;
    };
  };
 in stdenv.mkDerivation {
  name = "dfasma-${version}";
  src = fetchFromGitHub {
-    sha256 = "0xqam5hm4kvfksdlyz1rviijv386fk3px4lhz6glfsimbcvvzl0r";
+    inherit sha256 rev;
    rev = "v${version}";
    repo = "dfasma";
    owner = "gillesdegottex";
  };
  buildInputs = [ fftw libsndfile qt5.base qt5.multimedia ];
  postPatch = ''
    substituteInPlace dfasma.pro --replace '$$DFASMAVERSIONGITPRO' '${version}'
    cp -Rv "${reaperFork.src}"/* external/REAPER
    cp -Rv "${libqaudioextra.src}"/* external/libqaudioextra
  '';
  configurePhase = ''
    qmake PREFIX=$out PREFIXSHORTCUT=$out dfasma.pro
  '';
  enableParallelBuilding = true;
  meta = with stdenv.lib; {
    inherit version;
    description = "Analyse and compare audio files in time and frequency";
@ -23,25 +65,8 @@ stdenv.mkDerivation {
      amplitude, this software does not aim to be an audio editor.
    '';
    homepage = http://gillesdegottex.github.io/dfasma/;
-    license = licenses.gpl3Plus;
+    license = [ licenses.gpl3Plus reaperFork.meta.license ];
-    platforms = with platforms; linux;
+    platforms = platforms.linux;
    maintainers = with maintainers; [ nckx ];
  };
  buildInputs = [ fftw libsndfile qt5.base qt5.multimedia ];
  postPatch = ''
    substituteInPlace dfasma.pro --replace '$$DFASMAVERSIONGITPRO' '${version}'
  '';
  configurePhase = ''
    qmake DESTDIR=$out/bin dfasma.pro
  '';
  enableParallelBuilding = true;
  postInstall = ''
    install -Dm644 distrib/dfasma.desktop $out/share/applications/dfasma.desktop
    install -Dm644 icons/dfasma.png $out/share/pixmaps/dfasma.png
  '';
 }
--- a/pkgs/applications/audio/foo-yc20/default.nix
+++ b/pkgs/applications/audio/foo-yc20/default.nix
@ -21,7 +21,7 @@ stdenv.mkDerivation rec {
    description = "A Faust implementation of a 1969 designed Yamaha combo organ, the YC-20";
    homepage = https://github.com/sampov2/foo-yc20;
    license     = "BSD";
-    maintainers = stdenv.lib.maintainers.magnetophon;
+    maintainers = [ stdenv.lib.maintainers.magnetophon ];
    platforms = stdenv.lib.platforms.linux;
  };
 }
--- a/pkgs/applications/audio/keyfinder-cli/default.nix
+++ b/pkgs/applications/audio/keyfinder-cli/default.nix
@ -1,16 +1,22 @@
-{ stdenv, fetchFromGitHub, libav, libkeyfinder_0_11 }:
+{ stdenv, fetchFromGitHub, libav, libkeyfinder }:
-let version = "20150201"; in
+let version = "2015-09-13"; in
 stdenv.mkDerivation rec {
  name = "keyfinder-cli-${version}";
  src = fetchFromGitHub {
    repo = "keyfinder-cli";
    owner = "EvanPurkhiser";
-    rev = "e8a20e73f8a465a6c3c9e71dabf4b636244a9b0c";
+    rev = "8579282f15ab3ebad937fed398ec5c88843be03d";
-    sha256 = "0x198ijr6wgzq24642s4pz5zxn4gvcc7dxmb6d1bfn3dwzi3j8lp";
+    sha256 = "0jylykigxmsqvdny265k58vpxa4cqs1hq2f7mph1nl3apfx2shrh";
  };
  buildInputs = [ libav libkeyfinder ];
  makeFlagsArray = "PREFIX=$(out)";
  enableParallelBuilding = true;
  meta = with stdenv.lib; {
    inherit version;
    inherit (src.meta) homepage;
@ -21,13 +27,7 @@ stdenv.mkDerivation rec {
      used to estimate the musical key of many different audio formats.
    '';
    license = licenses.gpl3Plus;
-    platforms = with platforms; linux;
+    platforms = platforms.linux;
    maintainers = with maintainers; [ nckx ];
  };
  buildInputs = [ libav libkeyfinder_0_11 ];
  makeFlagsArray = "PREFIX=$(out)";
  enableParallelBuilding = true;
 }
--- a/pkgs/applications/audio/renoise/default.nix
+++ b/pkgs/applications/audio/renoise/default.nix
@ -0,0 +1,61 @@
 { stdenv, lib, requireFile, demo, fetchurl, libX11, libXext, libXcursor, libXrandr, libjack2, alsaLib, ... }:
 stdenv.mkDerivation rec {
  name = "renoise";
  buildInputs = [ libX11 libXext libXcursor libXrandr alsaLib libjack2 ];
  src =
    if builtins.currentSystem == "x86_64-linux" then
        if demo then
        fetchurl {
            url = "http://files.renoise.com/demo/Renoise_3_0_1_Demo_x86_64.tar.bz2";
            sha256 = "1q7f94wz2dbz659kpp53a3n1qyndsk0pkb29lxdff4pc3ddqwykg";
        }
        else
        requireFile {
            url = "http://backstage.renoise.com/frontend/app/index.html#/login";
            name = "rns_3_0_1_reg_x86_64.tar.gz";
            sha256 = "1swax2jz0gswdpzz8alwjfd8rhigc2yfspj7p8wvdvylqrf7n8q7";
        }
    else if builtins.currentSystem == "i686-linux" then
        if demo then
        fetchurl {
            url = "http://files.renoise.com/demo/Renoise_3_0_1_Demo_x86.tar.bz2";
            sha256 = "0dgqvib4xh2yhgh2wajj11wsb6xiiwgfkhyz32g8vnyaij5q8f58";
        }
        else
        requireFile {
            url = "http://backstage.renoise.com/frontend/app/index.html#/login";
            name = "rns_3_0_1_reg_x86.tar.gz";
            sha256 = "1swax2jz0gswdpzz8alwjfd8rhigc2yfspj7p8wvdvylqrf7n8q7";
        }
    else throw "platform is not suppored by Renoise";
  installPhase = ''
    cp -r Resources $out
    mkdir -p $out/lib/
    mv $out/AudioPluginServer* $out/lib/
    cp renoise $out/renoise
    for path in ${toString buildInputs}; do
      ln -s $path/lib/*.so* $out/lib/
    done
    ln -s ${stdenv.cc.cc}/lib/libstdc++.so.6 $out/lib/
    mkdir $out/bin
    ln -s $out/renoise $out/bin/renoise
    patchelf --set-interpreter $(cat $NIX_CC/nix-support/dynamic-linker) --set-rpath $out/lib $out/renoise
  '';
  meta = {
    description = "modern tracker-based DAW";
    homepage = http://www.renoise.com/;
    license = stdenv.lib.licenses.unfree;
  };
 }
--- a/pkgs/applications/display-managers/lightdm/default.nix
+++ b/pkgs/applications/display-managers/lightdm/default.nix
@ -1,30 +1,31 @@
 { stdenv, fetchurl, pam, pkgconfig, libxcb, glib, libXdmcp, itstool, libxml2
-, intltool, x11, libxklavier, libgcrypt
+, intltool, x11, libxklavier, libgcrypt, libaudit
 , qt4 ? null, qt5 ? null
 }:
 let
-  ver_branch = "1.14";
+  ver_branch = "1.16";
-  version = "1.14.2";
+  version = "1.16.2";
 in
 stdenv.mkDerivation rec {
  name = "lightdm-${version}";
  src = fetchurl {
    url = "${meta.homepage}/${ver_branch}/${version}/+download/${name}.tar.xz";
-    sha256 = "18dvipdkp6hc1hysyiwpd5nwq6db3mg98rwi3am2ly3hk2bpic18";
+    sha256 = "062jj21bjrl29mk66lpihwhrff038h2wny3p6b5asacf2mklf0hq";
  };
  patches = [ ./fix-paths.patch ];
  buildInputs = [
    pkgconfig pam libxcb glib libXdmcp itstool libxml2 intltool libxklavier libgcrypt
-    qt4
+    qt4 libaudit
  ] ++ stdenv.lib.optional (qt5 != null) qt5.base;
  configureFlags = [
    "--localstatedir=/var"
    "--sysconfdir=/etc"
    "--disable-tests"
  ] ++ stdenv.lib.optional (qt4 != null) "--enable-liblightdm-qt"
    ++ stdenv.lib.optional ((qt5.base or null) != null) "--enable-liblightdm-qt5";
--- a/pkgs/applications/editors/atom/default.nix
+++ b/pkgs/applications/editors/atom/default.nix
@ -16,11 +16,11 @@ let
  };
 in stdenv.mkDerivation rec {
  name = "atom-${version}";
-  version = "1.0.10";
+  version = "1.0.4";
  src = fetchurl {
    url = "https://github.com/atom/atom/releases/download/v${version}/atom-amd64.deb";
-    sha256 = "16rbp76c46n24a9a3cygg94bx6y7j038h34w4qr7j24aiy5bfzwv";
+    sha256 = "0jki2ca12mazvszy05xc7zy8nfpavl0rnzcyksvvic32l3w2yxj7";
    name = "${name}.deb";
  };
--- a/pkgs/applications/editors/codeblocks/default.nix
+++ b/pkgs/applications/editors/codeblocks/default.nix
@ -23,6 +23,10 @@ stdenv.mkDerivation rec {
  configureFlags = [ "--enable-pch=no" ]
    ++ optional contribPlugins "--with-contrib-plugins";
  # Fix boost 1.59 compat
  # Try removing in the next version
  CPPFLAGS = "-DBOOST_ERROR_CODE_HEADER_ONLY -DBOOST_SYSTEM_NO_DEPRECATED";
  meta = with stdenv.lib; {
    maintainers = [ maintainers.linquize ];
    platforms = platforms.all;
--- a/pkgs/applications/editors/eclipse/plugins.nix
+++ b/pkgs/applications/editors/eclipse/plugins.nix
@ -127,6 +127,29 @@ rec {
    };
  };
  bytecode-outline = buildEclipsePlugin rec {
    name = "bytecode-outline-${version}";
    version = "2.4.3";
    srcFeature = fetchurl {
      url = "http://andrei.gmxhome.de/eclipse/features/de.loskutov.BytecodeOutline.feature_${version}.jar";
      sha256 = "0imhwp73gxy1y5d5gpjgd05ywn0xg3vqc5980wcx3fd51g4ifc67";
    };
    srcPlugin = fetchurl {
      url = "http://dl.bintray.com/iloveeclipse/plugins/de.loskutov.BytecodeOutline_${version}.jar";
      sha256 = "0230i88mvvxhn11m9c5mv3494zhh1xkxyfyva9qahck0wbqwpzkw";
    };
    meta = with stdenv.lib; {
      homepage = http://andrei.gmxhome.de/bytecode/;
      description = "Shows disassembled bytecode of current java editor or class file";
      license = licenses.bsd2;
      platforms = platforms.all;
      maintainers = [ maintainers.rycee ];
    };
  };
  cdt = buildEclipseUpdateSite rec {
    name = "cdt-${version}";
    version = "8.7.0";
@ -148,12 +171,12 @@ rec {
  checkstyle = buildEclipseUpdateSite rec {
    name = "checkstyle-${version}";
-    version = "6.5.0.201504121610";
+    version = "6.9.0.201508291549";
    src = fetchzip {
      stripRoot = false;
-      url = "mirror://sourceforge/project/eclipse-cs/Eclipse%20Checkstyle%20Plug-in/6.5.0/net.sf.eclipsecs-updatesite_6.5.0.201504121610-bin.zip";
+      url = "mirror://sourceforge/project/eclipse-cs/Eclipse%20Checkstyle%20Plug-in/6.9.0/net.sf.eclipsecs-updatesite_${version}-bin.zip";
-      sha256 = "1zikpkss0c3l460ipvznp22kpak8w31n7k6yk41nc1w49zflvcf0";
+      sha256 = "0r6lfbyhqcwa628i6wjp9d6mfp4jnc46bmwp9j7v02m79f8wx74g";
    };
    meta = with stdenv.lib; {
--- a/pkgs/applications/editors/emacs-modes/color-theme-solarized/default.nix
+++ b/pkgs/applications/editors/emacs-modes/color-theme-solarized/default.nix
@ -1,12 +1,14 @@
-{stdenv, fetchgit, emacs, colorTheme}:
+{stdenv, fetchzip, emacs, colorTheme}:
-
+let
  commit = "412713a0fcedd520d208a7b783fea03d710bcc61";
 in
 stdenv.mkDerivation rec {
-  name = "color-theme-6.5.5";
+  name = "color-theme-solarized-1.0.0";
-  src = fetchgit {
+  src = fetchzip {
-    url = https://github.com/sellout/emacs-color-theme-solarized.git;
+
-    rev = "6a2c7ca0181585858e6e8054cb99db837e2ef72f";
+    url = "https://github.com/sellout/emacs-color-theme-solarized/archive/${commit}.zip";
-    sha256 = "3c46a3d66c75ec4456209eeafdb03282148b289b12e8474f6a8962f3894796e8";
+    sha256 = "1xd2yk7p39zxgcf91s80pqknzdxw9d09cppjb87g7ihj6f0wxqjv";
  };
  buildInputs = [ emacs ];
@ -25,6 +27,7 @@ stdenv.mkDerivation rec {
  meta = {
    description = "Precision colors for machines and people";
    homepage = http://ethanschoonover.com/solarized;
    maintainer = "Samuel Rivas <samuelrivas@gmail.com>";
    license = stdenv.lib.licenses.mit;
    platforms = stdenv.lib.platforms.all;
--- a/pkgs/applications/editors/emacs-modes/erlang/default.nix
+++ b/pkgs/applications/editors/emacs-modes/erlang/default.nix
@ -0,0 +1,25 @@
 { stdenv, erlang }:
 stdenv.mkDerivation {
  name = "erlang-mode-${erlang.version}";
  buildInputs = [ ];
  inherit erlang;
  buildCommand = ''
    mkdir -p "$out/share/emacs/site-lisp"
    cp "$erlang/lib/erlang/lib/tools"*/emacs/*.el $out/share/emacs/site-lisp/
  '';
  # emacs highlighting */
  meta = with stdenv.lib; {
    homepage = "http://github.com/erlang/otp";
    description = "Erlang mode for Emacs";
    license = licenses.asl20;
    platforms = platforms.unix;
    maintainers = [ maintainers.samuelrivas ];
  };
 }
--- a/pkgs/applications/editors/emacs-modes/ido-ubiquitous/default.nix
+++ b/pkgs/applications/editors/emacs-modes/ido-ubiquitous/default.nix
@ -0,0 +1,26 @@
 { stdenv, fetchFromGitHub, emacs }:
 let
  version = "3.6-4-gb659bf8";
 in
 stdenv.mkDerivation {
  name = "ido-ubiquitous-${version}";
  src = fetchFromGitHub {
    owner = "DarwinAwardWinner";
    repo = "ido-ubiquitous";
    rev = version;
    sha256 = "06r8qpfr60gc673w881m0nplj91b6bfw77bxgl6irz1z9bp7cc4y";
  };
  buildInputs = [ emacs ];
  buildPhase = ''
    emacs -L . --batch -f batch-byte-compile *.el
  '';
  installPhase = ''
    install -d $out/share/emacs/site-lisp
    install *.el *.elc $out/share/emacs/site-lisp
  '';
 }
--- a/Show More
+++ b/Show More