From 6cf020fc29fa8a272e991e633e8372c424250e09 Mon Sep 17 00:00:00 2001 From: Michel Kuhlmann Date: Thu, 21 Jul 2016 08:17:44 +0200 Subject: [PATCH 01/97] gdal: 2.0.2 -> 2.1.1 --- pkgs/development/libraries/gdal/default.nix | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/pkgs/development/libraries/gdal/default.nix b/pkgs/development/libraries/gdal/default.nix index 36019bdd7f7..f19f760c748 100644 --- a/pkgs/development/libraries/gdal/default.nix +++ b/pkgs/development/libraries/gdal/default.nix @@ -6,24 +6,18 @@ }: composableDerivation.composableDerivation {} (fixed: rec { - version = "2.0.2"; + version = "2.1.1"; name = "gdal-${version}"; src = fetchurl { url = "http://download.osgeo.org/gdal/${version}/${name}.tar.gz"; - sha256 = "db7722caf8d9dd798ec18012b9cacf40a518918466126a88b9fd277bd7d40cc4"; + sha256 = "55fc6ffbe76e9d2e7e6cf637010e5d4bba6a966d065f40194ff798544198236b"; }; buildInputs = [ unzip libjpeg libtiff libpng proj openssl ] ++ (with pythonPackages; [ python numpy wrapPython ]) ++ (stdenv.lib.optionals netcdfSupport [ netcdf hdf5 curl ]); - patches = [ - # This ensures that the python package is installed into gdal's prefix, - # rather than trying to install into python's prefix. - ./python.patch - ]; - # Don't use optimization for gcc >= 4.3. That's said to be causing segfaults. # Unset CC and CXX as they confuse libtool. preConfigure = "export CFLAGS=-O0 CXXFLAGS=-O0; unset CC CXX"; From f298be9ef44657fdd267f7c296b40d4c97c9c1fc Mon Sep 17 00:00:00 2001 From: Robin Gloster Date: Sun, 24 Jan 2016 15:50:54 +0000 Subject: [PATCH 02/97] nginx module: declarative config --- .../services/web-servers/nginx/default.nix | 113 +++++++++++++++++- .../web-servers/nginx/location-options.nix | 32 +++++ .../web-servers/nginx/vhost-options.nix | 96 +++++++++++++++ 3 files changed, 237 insertions(+), 4 deletions(-) create mode 100644 nixos/modules/services/web-servers/nginx/location-options.nix create mode 100644 nixos/modules/services/web-servers/nginx/vhost-options.nix diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index 27a33f33ff9..ab5657a9aa9 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -7,18 +7,107 @@ let nginx = cfg.package; configFile = pkgs.writeText "nginx.conf" '' user ${cfg.user} ${cfg.group}; + error_log stderr; daemon off; ${cfg.config} - ${optionalString (cfg.httpConfig != "") '' http { include ${cfg.package}/conf/mime.types; + include ${cfg.package}/conf/fastcgi.conf; + + # optimisation + sendfile on; + tcp_nopush on; + tcp_nodelay on; + keepalive_timeout 65; + types_hash_max_size 2048; + + # use secure TLS defaults + ssl_protocols TLSv1.2; + ssl_session_cache shared:SSL:42m; + ssl_session_timeout 23m; + + ssl_ciphers EDH+aRSA+AES256:+AESGCM:ECDHE+aRSA+AES256; + ssl_ecdh_curve secp521r1; + ssl_prefer_server_ciphers on; + + ssl_stapling on; + ssl_stapling_verify on; + + gzip on; + gzip_disable "msie6"; + gzip_proxied any; + gzip_comp_level 9; + gzip_buffers 16 8k; + gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; + + # sane proxy settings/headers + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header Accept-Encoding ""; + + proxy_redirect off; + client_max_body_size 10m; + client_body_buffer_size 128k; + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_buffers 32 4k; + proxy_buffer_size 8k; + proxy_http_version 1.0; + + server_tokens ${if cfg.serverTokens then "on" else "off"}; + ${vhosts} ${cfg.httpConfig} } - ''} ${cfg.appendConfig} ''; + + vhosts = concatStringsSep "\n" (mapAttrsToList (serverName: vhost: + let + ssl = vhost.enableSSL || vhost.forceSSL; + port = if vhost.port != null then vhost.port else (if ssl then 443 else 80); + listenString = toString port + optionalString ssl " ssl spdy"; + in '' + ${if vhost.forceSSL then '' + server { + listen 80; + listen [::]:80; + + server_name ${serverName} ${concatStringsSep " " vhost.serverAliases}; + return 301 https://$host${optionalString (port != 443) ":${port}"}$request_uri; + } + '' else ""} + + server { + listen ${listenString}; + listen [::]:${listenString}; + + server_name ${serverName} ${concatStringsSep " " vhost.serverAliases}; + ${optionalString (vhost.root != null) "root ${vhost.root};"} + ${optionalString (vhost.globalRedirect != null) '' + return 301 https://${vhost.globalRedirect}$request_uri; + ''} + ${optionalString ssl '' + ssl_certificate ${vhost.sslCertificate}; + ssl_certificate_key ${vhost.sslCertificateKey}; + ''} + + ${genLocations vhost.locations} + + ${vhost.extraConfig} + } + '' + ) cfg.virtualHosts); + genLocations = locations: concatStringsSep "\n" (mapAttrsToList (location: config: '' + location ${location} { + ${optionalString (config.proxyPass != null) "proxy_pass ${config.proxyPass};"} + ${optionalString (config.root != null) "root ${config.root};"} + } + '') locations); in { @@ -86,8 +175,24 @@ in description = "Group account under which nginx runs."; }; - }; + serverTokens = mkOption { + type = types.bool; + default = false; + description = "Show nginx version in headers and error pages"; + }; + virtualHosts = mkOption { + type = types.attrsOf (types.submodule (import ./vhost-options.nix { + inherit lib; + })); + default = { + localhost = {}; + }; + example = []; + description = '' + ''; + }; + }; }; config = mkIf cfg.enable { @@ -107,7 +212,7 @@ in serviceConfig = { ExecStart = "${nginx}/bin/nginx -c ${configFile} -p ${cfg.stateDir}"; ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; - Restart = "on-failure"; + Restart = "always"; RestartSec = "10s"; StartLimitInterval = "1min"; }; diff --git a/nixos/modules/services/web-servers/nginx/location-options.nix b/nixos/modules/services/web-servers/nginx/location-options.nix new file mode 100644 index 00000000000..6537e45a459 --- /dev/null +++ b/nixos/modules/services/web-servers/nginx/location-options.nix @@ -0,0 +1,32 @@ +# This file defines the options that can be used both for the Apache +# main server configuration, and for the virtual hosts. (The latter +# has additional options that affect the web server as a whole, like +# the user/group to run under.) + +{ lib }: + +with lib; + +{ + options = { + proxyPass = mkOption { + type = types.nullOr types.str; + default = null; + example = "http://www.example.org/"; + description = '' + Adds proxy_pass directive and sets default proxy headers Host, X-Real-Ip + and X-Forwarded-For. + ''; + }; + + root = mkOption { + type = types.nullOr types.path; + default = null; + example = /your/root/directory; + description = '' + Root directory for requests. + ''; + }; + }; +} + diff --git a/nixos/modules/services/web-servers/nginx/vhost-options.nix b/nixos/modules/services/web-servers/nginx/vhost-options.nix new file mode 100644 index 00000000000..2acb3743677 --- /dev/null +++ b/nixos/modules/services/web-servers/nginx/vhost-options.nix @@ -0,0 +1,96 @@ +# This file defines the options that can be used both for the Apache +# main server configuration, and for the virtual hosts. (The latter +# has additional options that affect the web server as a whole, like +# the user/group to run under.) + +{ lib }: + +with lib; +{ + options = { + serverAliases = mkOption { + type = types.listOf types.str; + default = []; + example = ["www.example.org" "example.org"]; + description = '' + Additional names of virtual hosts served by this virtual host configuration. + ''; + }; + + port = mkOption { + type = types.nullOr types.int; + default = null; + description = '' + Port for the server. 80 for http + and 443 for https (i.e. when enableSSL is set). + ''; + }; + + enableSSL = mkOption { + type = types.bool; + default = false; + description = "Whether to enable SSL (https) support."; + }; + + forceSSL = mkOption { + type = types.bool; + default = false; + description = "Whether to always redirect to https."; + }; + + sslCertificate = mkOption { + type = types.path; + example = "/var/host.cert"; + description = "Path to server SSL certificate."; + }; + + sslCertificateKey= mkOption { + type = types.path; + example = "/var/host.key"; + description = "Path to server SSL certificate key."; + }; + + root = mkOption { + type = types.nullOr types.path; + default = null; + example = "/data/webserver/docs"; + description = '' + The path of the web root directory. + ''; + }; + + extraConfig = mkOption { + type = types.lines; + default = ""; + description = '' + These lines go to the end of the vhost verbatim. + ''; + }; + + globalRedirect = mkOption { + type = types.nullOr types.str; + default = null; + example = http://newserver.example.org/; + description = '' + If set, all requests for this host are redirected permanently to + the given URL. + ''; + }; + + basicAuth = mkOption { + type = types.attrsOf types.str; + default = {}; + description = "user = password"; + }; + + locations = mkOption { + type = types.attrsOf (types.submodule (import ./location-options.nix { + inherit lib; + })); + default = {}; + example = {}; + description = '' + ''; + }; + }; +} From 4676983990b1d35676eba19cee9e24a16e0f60d7 Mon Sep 17 00:00:00 2001 From: Tristan Helmich Date: Mon, 25 Jan 2016 19:36:21 +0100 Subject: [PATCH 03/97] nginx module: Add ACME support for ssl sites --- .../services/web-servers/nginx/default.nix | 27 ++++++++++++++----- .../web-servers/nginx/vhost-options.nix | 14 +++++++++- 2 files changed, 34 insertions(+), 7 deletions(-) diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index ab5657a9aa9..a84a3c9f2a2 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -4,7 +4,13 @@ with lib; let cfg = config.services.nginx; - nginx = cfg.package; + virtualHosts = mapAttrs (vhostName: vhostConfig: + vhostConfig // (optionalAttrs vhostConfig.enableACME { + sslCertificate = "/var/lib/acme/${vhostName}/fullchain.pem"; + sslCertificateKey = "/var/lib/acme/${vhostName}/key.pem"; + }) + ) cfg.virtualHosts; + configFile = pkgs.writeText "nginx.conf" '' user ${cfg.user} ${cfg.group}; error_log stderr; @@ -72,21 +78,23 @@ let port = if vhost.port != null then vhost.port else (if ssl then 443 else 80); listenString = toString port + optionalString ssl " ssl spdy"; in '' - ${if vhost.forceSSL then '' + ${optionalString vhost.forceSSL '' server { listen 80; listen [::]:80; server_name ${serverName} ${concatStringsSep " " vhost.serverAliases}; + ${optionalString vhost.enableACME "location /.well-known/acme-challenge { root ${vhost.acmeRoot}; }"} return 301 https://$host${optionalString (port != 443) ":${port}"}$request_uri; } - '' else ""} + ''} server { listen ${listenString}; listen [::]:${listenString}; server_name ${serverName} ${concatStringsSep " " vhost.serverAliases}; + ${optionalString vhost.enableACME "location /.well-known/acme-challenge { root ${vhost.acmeRoot}; }"} ${optionalString (vhost.root != null) "root ${vhost.root};"} ${optionalString (vhost.globalRedirect != null) '' return 301 https://${vhost.globalRedirect}$request_uri; @@ -101,7 +109,7 @@ let ${vhost.extraConfig} } '' - ) cfg.virtualHosts); + ) virtualHosts); genLocations = locations: concatStringsSep "\n" (mapAttrsToList (location: config: '' location ${location} { ${optionalString (config.proxyPass != null) "proxy_pass ${config.proxyPass};"} @@ -202,7 +210,6 @@ in description = "Nginx Web Server"; after = [ "network.target" ]; wantedBy = [ "multi-user.target" ]; - path = [ nginx ]; preStart = '' mkdir -p ${cfg.stateDir}/logs @@ -210,7 +217,7 @@ in chown -R ${cfg.user}:${cfg.group} ${cfg.stateDir} ''; serviceConfig = { - ExecStart = "${nginx}/bin/nginx -c ${configFile} -p ${cfg.stateDir}"; + ExecStart = "${cfg.package}/bin/nginx -c ${configFile} -p ${cfg.stateDir}"; ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; Restart = "always"; RestartSec = "10s"; @@ -218,6 +225,14 @@ in }; }; + security.acme.certs = mapAttrs (vhostName: vhostConfig: { + webroot = vhostConfig.acmeRoot; + extraDomains = genAttrs vhostConfig.serverAliases (alias: { + "${alias}" = null; + }); + }) virtualHosts; + + users.extraUsers = optionalAttrs (cfg.user == "nginx") (singleton { name = "nginx"; group = cfg.group; diff --git a/nixos/modules/services/web-servers/nginx/vhost-options.nix b/nixos/modules/services/web-servers/nginx/vhost-options.nix index 2acb3743677..5fa3b18c24f 100644 --- a/nixos/modules/services/web-servers/nginx/vhost-options.nix +++ b/nixos/modules/services/web-servers/nginx/vhost-options.nix @@ -26,6 +26,18 @@ with lib; ''; }; + enableACME = mkOption { + type = types.bool; + default = false; + description = "Whether to ask Let's Encrypt to sign a certificate for this vhost."; + }; + + acmeRoot = mkOption { + type = types.str; + default = "/var/lib/acme/acme-challenge"; + description = "Directory to store certificates and keys managed by the ACME service."; + }; + enableSSL = mkOption { type = types.bool; default = false; @@ -44,7 +56,7 @@ with lib; description = "Path to server SSL certificate."; }; - sslCertificateKey= mkOption { + sslCertificateKey = mkOption { type = types.path; example = "/var/host.key"; description = "Path to server SSL certificate key."; From 900b311a386b82ab66f209c1b9d4c292af08d6dc Mon Sep 17 00:00:00 2001 From: Tristan Helmich Date: Tue, 26 Jan 2016 14:29:30 +0100 Subject: [PATCH 04/97] nginx module: Fix ACME extraDomains, fix challenge url to not redirect to allow renewals --- nixos/modules/services/web-servers/nginx/default.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index a84a3c9f2a2..fb3f554bbf2 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -85,7 +85,9 @@ let server_name ${serverName} ${concatStringsSep " " vhost.serverAliases}; ${optionalString vhost.enableACME "location /.well-known/acme-challenge { root ${vhost.acmeRoot}; }"} - return 301 https://$host${optionalString (port != 443) ":${port}"}$request_uri; + location / { + return 301 https://$host${optionalString (port != 443) ":${port}"}$request_uri; + } } ''} @@ -227,9 +229,7 @@ in security.acme.certs = mapAttrs (vhostName: vhostConfig: { webroot = vhostConfig.acmeRoot; - extraDomains = genAttrs vhostConfig.serverAliases (alias: { - "${alias}" = null; - }); + extraDomains = genAttrs vhostConfig.serverAliases (alias: null); }) virtualHosts; From 8bd1f401bbacf7e6537528d3f2dfd9e610e346c8 Mon Sep 17 00:00:00 2001 From: Tristan Helmich Date: Mon, 1 Feb 2016 14:08:45 +0100 Subject: [PATCH 05/97] nginx module: Add sslProtocols option --- nixos/modules/services/web-servers/nginx/default.nix | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index fb3f554bbf2..75ce9e26a30 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -30,7 +30,7 @@ let types_hash_max_size 2048; # use secure TLS defaults - ssl_protocols TLSv1.2; + ssl_protocols ${cfg.sslProtocols}; ssl_session_cache shared:SSL:42m; ssl_session_timeout 23m; @@ -191,6 +191,13 @@ in description = "Show nginx version in headers and error pages"; }; + sslProtocols = mkOption { + type = types.str; + default = "TLSv1.2"; + example = "TLSv1 TLSv1.1 TLSv1.2"; + description = "Allowed TLS protocol versions."; + }; + virtualHosts = mkOption { type = types.attrsOf (types.submodule (import ./vhost-options.nix { inherit lib; From 35d76a72aba69108a369478be6cb21914d5075a5 Mon Sep 17 00:00:00 2001 From: Tristan Helmich Date: Mon, 1 Feb 2016 14:09:13 +0100 Subject: [PATCH 06/97] nginx module: Add sslCiphers option --- nixos/modules/services/web-servers/nginx/default.nix | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index 75ce9e26a30..b74a35f1e9f 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -34,7 +34,7 @@ let ssl_session_cache shared:SSL:42m; ssl_session_timeout 23m; - ssl_ciphers EDH+aRSA+AES256:+AESGCM:ECDHE+aRSA+AES256; + ssl_ciphers ${cfg.sslCiphers}; ssl_ecdh_curve secp521r1; ssl_prefer_server_ciphers on; @@ -191,6 +191,12 @@ in description = "Show nginx version in headers and error pages"; }; + sslCiphers = mkOption { + type = types.str; + default = "EDH+CHACHA20:EDH+AES:EECDHE+CHACHA20:ECDHE+AES:+AES128:-DSS"; + description = "Ciphers to choose from when negotiating tls handshakes."; + }; + sslProtocols = mkOption { type = types.str; default = "TLSv1.2"; From c61157b7e6512036a7abc04a45df334162b3b111 Mon Sep 17 00:00:00 2001 From: Tristan Helmich Date: Mon, 1 Feb 2016 17:30:43 +0100 Subject: [PATCH 07/97] nginx module: Add dhParams option --- nixos/modules/services/web-servers/nginx/default.nix | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index b74a35f1e9f..e369505fbc3 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -37,6 +37,7 @@ let ssl_ciphers ${cfg.sslCiphers}; ssl_ecdh_curve secp521r1; ssl_prefer_server_ciphers on; + ${optionalString (cfg.sslDhparam != null) "ssl_dhparam ${cfg.sslDhparam};"} ssl_stapling on; ssl_stapling_verify on; @@ -204,6 +205,13 @@ in description = "Allowed TLS protocol versions."; }; + sslDhparam = mkOption { + type = types.nullOr types.path; + default = null; + example = literalExample "/path/to/dhparams.pem"; + description = "Path to DH parameters file."; + }; + virtualHosts = mkOption { type = types.attrsOf (types.submodule (import ./vhost-options.nix { inherit lib; From d5a097fdb609ec5ffb09bcab632e4b2a03ae05ca Mon Sep 17 00:00:00 2001 From: Franz Pletz Date: Mon, 8 Feb 2016 06:12:49 +0100 Subject: [PATCH 08/97] nginx module: Don't create acme certs if acme is not enabled --- nixos/modules/services/web-servers/nginx/default.nix | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index e369505fbc3..18fce9672dd 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -248,10 +248,14 @@ in }; }; - security.acme.certs = mapAttrs (vhostName: vhostConfig: { - webroot = vhostConfig.acmeRoot; - extraDomains = genAttrs vhostConfig.serverAliases (alias: null); - }) virtualHosts; + security.acme.certs = filterAttrs (n: v: v != {}) ( + mapAttrs (vhostName: vhostConfig: + optionalAttrs vhostConfig.enableACME { + webroot = vhostConfig.acmeRoot; + extraDomains = genAttrs vhostConfig.serverAliases (alias: null); + } + ) virtualHosts + ); users.extraUsers = optionalAttrs (cfg.user == "nginx") (singleton From 811f243ce6f1ce82cf93bc5b45e5879513a2a305 Mon Sep 17 00:00:00 2001 From: Franz Pletz Date: Wed, 10 Feb 2016 16:02:38 +0100 Subject: [PATCH 09/97] nginx module: Add extraConfig for locations --- nixos/modules/services/web-servers/nginx/default.nix | 1 + .../services/web-servers/nginx/location-options.nix | 8 ++++++++ 2 files changed, 9 insertions(+) diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index 18fce9672dd..62348d48f5d 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -117,6 +117,7 @@ let location ${location} { ${optionalString (config.proxyPass != null) "proxy_pass ${config.proxyPass};"} ${optionalString (config.root != null) "root ${config.root};"} + ${config.extraConfig} } '') locations); in diff --git a/nixos/modules/services/web-servers/nginx/location-options.nix b/nixos/modules/services/web-servers/nginx/location-options.nix index 6537e45a459..ce3462bed0a 100644 --- a/nixos/modules/services/web-servers/nginx/location-options.nix +++ b/nixos/modules/services/web-servers/nginx/location-options.nix @@ -27,6 +27,14 @@ with lib; Root directory for requests. ''; }; + + extraConfig = mkOption { + type = types.lines; + default = ""; + description = '' + These lines go to the end of the location verbatim. + ''; + }; }; } From 4e5c7913e9db6906b031bb8310ba811f533854d3 Mon Sep 17 00:00:00 2001 From: Franz Pletz Date: Wed, 17 Feb 2016 04:01:50 +0100 Subject: [PATCH 10/97] nginx module: Add acmeFallbackHost vhost option --- .../modules/services/web-servers/nginx/default.nix | 13 +++++++++++-- .../services/web-servers/nginx/vhost-options.nix | 9 +++++++++ 2 files changed, 20 insertions(+), 2 deletions(-) diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index 62348d48f5d..e48e9b6cfd8 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -78,6 +78,15 @@ let ssl = vhost.enableSSL || vhost.forceSSL; port = if vhost.port != null then vhost.port else (if ssl then 443 else 80); listenString = toString port + optionalString ssl " ssl spdy"; + acmeLocation = optionalString vhost.enableACME '' + location /.well-known/acme-challenge { + try_files $uri @acme-fallback; + root ${vhost.acmeRoot}; + } + location @acme-fallback { + proxy_pass http://${vhost.acmeFallbackHost}; + } + ''; in '' ${optionalString vhost.forceSSL '' server { @@ -85,7 +94,7 @@ let listen [::]:80; server_name ${serverName} ${concatStringsSep " " vhost.serverAliases}; - ${optionalString vhost.enableACME "location /.well-known/acme-challenge { root ${vhost.acmeRoot}; }"} + ${acmeLocation} location / { return 301 https://$host${optionalString (port != 443) ":${port}"}$request_uri; } @@ -97,7 +106,7 @@ let listen [::]:${listenString}; server_name ${serverName} ${concatStringsSep " " vhost.serverAliases}; - ${optionalString vhost.enableACME "location /.well-known/acme-challenge { root ${vhost.acmeRoot}; }"} + ${acmeLocation} ${optionalString (vhost.root != null) "root ${vhost.root};"} ${optionalString (vhost.globalRedirect != null) '' return 301 https://${vhost.globalRedirect}$request_uri; diff --git a/nixos/modules/services/web-servers/nginx/vhost-options.nix b/nixos/modules/services/web-servers/nginx/vhost-options.nix index 5fa3b18c24f..61868d8890d 100644 --- a/nixos/modules/services/web-servers/nginx/vhost-options.nix +++ b/nixos/modules/services/web-servers/nginx/vhost-options.nix @@ -38,6 +38,15 @@ with lib; description = "Directory to store certificates and keys managed by the ACME service."; }; + acmeFallbackHost = mkOption { + type = types.str; + default = "0.0.0.0"; + description = '' + Host which to proxy requests to if acme challenge is not found. Useful + if you want multiple hosts to be able to verify the same domain name. + ''; + }; + enableSSL = mkOption { type = types.bool; default = false; From e18f8e8b6614499794ef704f0272bf986a906b78 Mon Sep 17 00:00:00 2001 From: Robin Gloster Date: Fri, 25 Mar 2016 00:58:45 +0000 Subject: [PATCH 11/97] nginx module: turn off basic auth on acme locations --- nixos/modules/services/web-servers/nginx/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index e48e9b6cfd8..b2bcb737a8f 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -82,8 +82,10 @@ let location /.well-known/acme-challenge { try_files $uri @acme-fallback; root ${vhost.acmeRoot}; + auth_basic off; } location @acme-fallback { + auth_basic off; proxy_pass http://${vhost.acmeFallbackHost}; } ''; From ff12ee35b702dca2ed3c3b6671ac232bc850e6d7 Mon Sep 17 00:00:00 2001 From: Robin Gloster Date: Fri, 25 Mar 2016 00:59:34 +0000 Subject: [PATCH 12/97] nginx module: redirect to same protocol --- nixos/modules/services/web-servers/nginx/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index b2bcb737a8f..37526255f8a 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -111,7 +111,7 @@ let ${acmeLocation} ${optionalString (vhost.root != null) "root ${vhost.root};"} ${optionalString (vhost.globalRedirect != null) '' - return 301 https://${vhost.globalRedirect}$request_uri; + return 301 http${optionalString ssl "s"}://${vhost.globalRedirect}$request_uri; ''} ${optionalString ssl '' ssl_certificate ${vhost.sslCertificate}; From 138945500ee71eaac71435a78f627f9c83d035f4 Mon Sep 17 00:00:00 2001 From: Robin Gloster Date: Fri, 25 Mar 2016 01:00:09 +0000 Subject: [PATCH 13/97] nginx module: implement basic auth --- .../services/web-servers/nginx/default.nix | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index 37526255f8a..d4c7cb08eef 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -118,19 +118,31 @@ let ssl_certificate_key ${vhost.sslCertificateKey}; ''} - ${genLocations vhost.locations} + ${optionalString (vhost.basicAuth != {}) (mkBasicAuth serverName vhost.basicAuth)} + + ${mkLocations vhost.locations} ${vhost.extraConfig} } '' ) virtualHosts); - genLocations = locations: concatStringsSep "\n" (mapAttrsToList (location: config: '' + mkLocations = locations: concatStringsSep "\n" (mapAttrsToList (location: config: '' location ${location} { ${optionalString (config.proxyPass != null) "proxy_pass ${config.proxyPass};"} ${optionalString (config.root != null) "root ${config.root};"} ${config.extraConfig} } '') locations); + mkBasicAuth = serverName: authDef: let + htpasswdFile = pkgs.writeText "${serverName}.htpasswd" ( + concatStringsSep "\n" (mapAttrsToList (user: password: '' + ${user}:{PLAIN}${password} + '') authDef) + ); + in '' + auth_basic secured; + auth_basic_user_file ${htpasswdFile}; + ''; in { From 3830a890ab42b35cd4da9991edef47b3c832cbdc Mon Sep 17 00:00:00 2001 From: Robin Gloster Date: Sun, 3 Apr 2016 10:58:34 +0000 Subject: [PATCH 14/97] nginx module: add option to make vhost default --- nixos/modules/services/web-servers/nginx/default.nix | 7 ++++--- .../modules/services/web-servers/nginx/vhost-options.nix | 8 ++++++++ 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index d4c7cb08eef..e912434e6b0 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -77,7 +77,8 @@ let let ssl = vhost.enableSSL || vhost.forceSSL; port = if vhost.port != null then vhost.port else (if ssl then 443 else 80); - listenString = toString port + optionalString ssl " ssl spdy"; + listenString = toString port + optionalString ssl " ssl spdy" + + optionalString vhost.default " default"; acmeLocation = optionalString vhost.enableACME '' location /.well-known/acme-challenge { try_files $uri @acme-fallback; @@ -92,8 +93,8 @@ let in '' ${optionalString vhost.forceSSL '' server { - listen 80; - listen [::]:80; + listen 80 ${optionalString vhost.default "default"}; + listen [::]:80 ${optionalString vhost.default "default"}; server_name ${serverName} ${concatStringsSep " " vhost.serverAliases}; ${acmeLocation} diff --git a/nixos/modules/services/web-servers/nginx/vhost-options.nix b/nixos/modules/services/web-servers/nginx/vhost-options.nix index 61868d8890d..d684d7c1ff6 100644 --- a/nixos/modules/services/web-servers/nginx/vhost-options.nix +++ b/nixos/modules/services/web-servers/nginx/vhost-options.nix @@ -80,6 +80,14 @@ with lib; ''; }; + default = mkOption { + type = types.bool; + default = false; + description = '' + Makes this vhost the default. + ''; + }; + extraConfig = mkOption { type = types.lines; default = ""; From e982aeae6a2ab4f414b1a505852d69271cb779ae Mon Sep 17 00:00:00 2001 From: Franz Pletz Date: Thu, 7 Apr 2016 17:27:31 +0200 Subject: [PATCH 15/97] nginx module: Add default proxy headers for tomcat --- nixos/modules/services/web-servers/nginx/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index e912434e6b0..1338f6aec22 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -54,6 +54,8 @@ let proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-Server $host; proxy_set_header Accept-Encoding ""; proxy_redirect off; From de8008a1b182ea2eb1740f8ca2aa2f7e3f37b5e1 Mon Sep 17 00:00:00 2001 From: Franz Pletz Date: Fri, 29 Apr 2016 09:17:30 +0200 Subject: [PATCH 16/97] nginx module: Enable http2 --- nixos/modules/services/web-servers/nginx/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index 1338f6aec22..1978de6da6e 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -35,7 +35,7 @@ let ssl_session_timeout 23m; ssl_ciphers ${cfg.sslCiphers}; - ssl_ecdh_curve secp521r1; + ssl_ecdh_curve secp384r1; ssl_prefer_server_ciphers on; ${optionalString (cfg.sslDhparam != null) "ssl_dhparam ${cfg.sslDhparam};"} @@ -79,7 +79,7 @@ let let ssl = vhost.enableSSL || vhost.forceSSL; port = if vhost.port != null then vhost.port else (if ssl then 443 else 80); - listenString = toString port + optionalString ssl " ssl spdy" + listenString = toString port + optionalString ssl " ssl http2" + optionalString vhost.default " default"; acmeLocation = optionalString vhost.enableACME '' location /.well-known/acme-challenge { @@ -221,7 +221,7 @@ in sslCiphers = mkOption { type = types.str; - default = "EDH+CHACHA20:EDH+AES:EECDHE+CHACHA20:ECDHE+AES:+AES128:-DSS"; + default = "EECDH+aRSA+AESGCM:EDH+aRSA:EECDH+aRSA:+AES256:+AES128:+SHA1:!CAMELLIA:!SEED:!3DES:!DES:!RC4:!eNULL"; description = "Ciphers to choose from when negotiating tls handshakes."; }; From 5dd7cf964ac4f65b4d4ae35fcd7f553b7cbae1c0 Mon Sep 17 00:00:00 2001 From: Robin Gloster Date: Mon, 9 May 2016 14:46:44 +0000 Subject: [PATCH 17/97] nginx module: improve documentation --- .../services/web-servers/nginx/default.nix | 15 +++++++++--- .../web-servers/nginx/vhost-options.nix | 23 +++++++++++++++---- 2 files changed, 31 insertions(+), 7 deletions(-) diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index 1978de6da6e..b3889cb0294 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -235,7 +235,7 @@ in sslDhparam = mkOption { type = types.nullOr types.path; default = null; - example = literalExample "/path/to/dhparams.pem"; + example = "/path/to/dhparams.pem"; description = "Path to DH parameters file."; }; @@ -246,9 +246,18 @@ in default = { localhost = {}; }; - example = []; - description = '' + example = literalExample '' + { + "hydra.example.com" = { + forceSSL = true; + enableACME = true; + locations."/" = { + proxyPass = "http://localhost:3000"; + }; + }; + }; ''; + description = "Declarative vhost config"; }; }; }; diff --git a/nixos/modules/services/web-servers/nginx/vhost-options.nix b/nixos/modules/services/web-servers/nginx/vhost-options.nix index d684d7c1ff6..ee3f68bf805 100644 --- a/nixos/modules/services/web-servers/nginx/vhost-options.nix +++ b/nixos/modules/services/web-servers/nginx/vhost-options.nix @@ -21,7 +21,7 @@ with lib; type = types.nullOr types.int; default = null; description = '' - Port for the server. 80 for http + Port for the server. Defaults to 80 for http and 443 for https (i.e. when enableSSL is set). ''; }; @@ -109,7 +109,17 @@ with lib; basicAuth = mkOption { type = types.attrsOf types.str; default = {}; - description = "user = password"; + example = literalExample '' + { + user = "password"; + }; + ''; + description = '' + Basic Auth protection for a vhost. + + WARNING: This is implemented to store the password in plain text in the + nix store. + ''; }; locations = mkOption { @@ -117,9 +127,14 @@ with lib; inherit lib; })); default = {}; - example = {}; - description = '' + example = literalExample '' + { + "/" = { + proxyPass = "http://localhost:3000"; + }; + }; ''; + description = "Declarative location config"; }; }; } From 186a8400ed80f08d977d8c2d94644d4027b11f45 Mon Sep 17 00:00:00 2001 From: Robin Gloster Date: Mon, 25 Jul 2016 15:10:36 +0000 Subject: [PATCH 18/97] nginx module: make httpConfig backward compatible --- nixos/modules/services/web-servers/nginx/default.nix | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index b3889cb0294..6b6ad0d9b98 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -70,8 +70,14 @@ let server_tokens ${if cfg.serverTokens then "on" else "off"}; ${vhosts} + } + ${optionalString (cfg.httpConfig != "") '' + http { + include ${cfg.package}/conf/mime.types; + include ${cfg.package}/conf/fastcgi.conf; ${cfg.httpConfig} } + ''} ${cfg.appendConfig} ''; From a294ad01b38d9108e02d18aa9788143c15d1e151 Mon Sep 17 00:00:00 2001 From: Robin Gloster Date: Mon, 25 Jul 2016 16:07:53 +0000 Subject: [PATCH 19/97] nginx module: make recommended settings optional --- .../services/web-servers/nginx/default.nix | 110 +++++++++++------- 1 file changed, 70 insertions(+), 40 deletions(-) diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index 6b6ad0d9b98..c8486d3bfcd 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -16,61 +16,65 @@ let error_log stderr; daemon off; - ${cfg.config} - http { include ${cfg.package}/conf/mime.types; include ${cfg.package}/conf/fastcgi.conf; - # optimisation - sendfile on; - tcp_nopush on; - tcp_nodelay on; - keepalive_timeout 65; - types_hash_max_size 2048; + ${optionalString (cfg.recommendedOptimisation) '' + # optimisation + sendfile on; + tcp_nopush on; + tcp_nodelay on; + keepalive_timeout 65; + types_hash_max_size 2048; + ''} - # use secure TLS defaults ssl_protocols ${cfg.sslProtocols}; - ssl_session_cache shared:SSL:42m; - ssl_session_timeout 23m; - ssl_ciphers ${cfg.sslCiphers}; - ssl_ecdh_curve secp384r1; - ssl_prefer_server_ciphers on; ${optionalString (cfg.sslDhparam != null) "ssl_dhparam ${cfg.sslDhparam};"} - ssl_stapling on; - ssl_stapling_verify on; + ${optionalString (cfg.recommendedTlsSettings) '' + ssl_session_cache shared:SSL:42m; + ssl_session_timeout 23m; + ssl_ecdh_curve secp384r1; + ssl_prefer_server_ciphers on; + ssl_stapling on; + ssl_stapling_verify on; + ''} - gzip on; - gzip_disable "msie6"; - gzip_proxied any; - gzip_comp_level 9; - gzip_buffers 16 8k; - gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; + ${optionalString (cfg.recommendedGzipSettings) '' + gzip on; + gzip_disable "msie6"; + gzip_proxied any; + gzip_comp_level 9; + gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; + ''} - # sane proxy settings/headers - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header X-Forwarded-Host $host; - proxy_set_header X-Forwarded-Server $host; - proxy_set_header Accept-Encoding ""; + ${optionalString (cfg.recommendedProxySettings) '' + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-Server $host; + proxy_set_header Accept-Encoding ""; + + proxy_redirect off; + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_http_version 1.0; + ''} - proxy_redirect off; client_max_body_size 10m; - client_body_buffer_size 128k; - proxy_connect_timeout 90; - proxy_send_timeout 90; - proxy_read_timeout 90; - proxy_buffers 32 4k; - proxy_buffer_size 8k; - proxy_http_version 1.0; server_tokens ${if cfg.serverTokens then "on" else "off"}; ${vhosts} } + + ${cfg.config} + + # Keep this seperate to allow overriding previous settings ${optionalString (cfg.httpConfig != "") '' http { include ${cfg.package}/conf/mime.types; @@ -157,11 +161,37 @@ in { options = { services.nginx = { - enable = mkOption { + enable = mkEnableOption "Nginx Web Server"; + + recommendedTlsSettings = mkOption { default = false; type = types.bool; description = " - Enable the nginx Web Server. + Enable recommended TLS settings. + "; + }; + + recommendedOptimisation = mkOption { + default = false; + type = types.bool; + description = " + Enable recommended optimisation settings. + "; + }; + + recommendedGzipSettings = mkOption { + default = false; + type = types.bool; + description = " + Enable recommended gzip settings. + "; + }; + + recommendedProxySettings = mkOption { + default = false; + type = types.bool; + description = " + Enable recommended proxy settings. "; }; From 91680de317b0a134c5a6b6bad441013aa6ed233a Mon Sep 17 00:00:00 2001 From: Robin Gloster Date: Tue, 26 Jul 2016 14:09:05 +0000 Subject: [PATCH 20/97] nginx module: add statusPage option --- .../services/web-servers/nginx/default.nix | 24 +++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index c8486d3bfcd..1e5a8b9bc35 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -69,7 +69,23 @@ let client_max_body_size 10m; server_tokens ${if cfg.serverTokens then "on" else "off"}; + ${vhosts} + + ${optionalString cfg.statusPage '' + server { + listen 80; + listen [::]:80; + + server_name localhost; + + location /nginx_status { + stub_status on; + allow 127.0.0.1; + deny all; + } + } + ''} } ${cfg.config} @@ -163,6 +179,14 @@ in services.nginx = { enable = mkEnableOption "Nginx Web Server"; + statusPage = mkOption { + default = false; + type = types.bool; + description = " + Enable status page reachable from localhost on http://127.0.0.1/nginx_status. + "; + }; + recommendedTlsSettings = mkOption { default = false; type = types.bool; From 8c61b3af0398b1ec93d2abb2b80fa97099155b1c Mon Sep 17 00:00:00 2001 From: Tristan Helmich Date: Tue, 26 Jul 2016 18:11:16 +0200 Subject: [PATCH 21/97] nginx: fixed duplicate http declaration --- nixos/modules/services/web-servers/nginx/default.nix | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-) diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index 1e5a8b9bc35..d6b9836498d 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -16,6 +16,8 @@ let error_log stderr; daemon off; + ${cfg.config} + http { include ${cfg.package}/conf/mime.types; include ${cfg.package}/conf/fastcgi.conf; @@ -86,18 +88,10 @@ let } } ''} - } - ${cfg.config} - - # Keep this seperate to allow overriding previous settings - ${optionalString (cfg.httpConfig != "") '' - http { - include ${cfg.package}/conf/mime.types; - include ${cfg.package}/conf/fastcgi.conf; ${cfg.httpConfig} } - ''} + ${cfg.appendConfig} ''; From 511410789be5ef0baa441b1a684b3dff63d33704 Mon Sep 17 00:00:00 2001 From: Robin Gloster Date: Wed, 27 Jul 2016 13:47:31 +0000 Subject: [PATCH 22/97] nginx module: make client_max_body_size configurable --- nixos/modules/services/web-servers/nginx/default.nix | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index d6b9836498d..62737a28935 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -68,7 +68,7 @@ let proxy_http_version 1.0; ''} - client_max_body_size 10m; + client_max_body_size ${cfg.clientMaxBodySize}; server_tokens ${if cfg.serverTokens then "on" else "off"}; @@ -270,7 +270,13 @@ in serverTokens = mkOption { type = types.bool; default = false; - description = "Show nginx version in headers and error pages"; + description = "Show nginx version in headers and error pages."; + }; + + clientMaxBodySize = mkOption { + type = types.string; + default = "10m"; + description = "Set nginx global client_max_body_size."; }; sslCiphers = mkOption { From 3ccfca7d6b6a642bbe7075d09e4ffc0a89743038 Mon Sep 17 00:00:00 2001 From: Robin Gloster Date: Wed, 27 Jul 2016 13:48:13 +0000 Subject: [PATCH 23/97] nginx module: httpConfig backward compatibility Revert httpConfig its old behaviour and make it mutually exclusive to the new structured configuration. Adds appendHttpConfig to have the ability to write custom config in the generated http block. --- .../services/web-servers/nginx/default.nix | 28 +++++++++++++++++-- 1 file changed, 25 insertions(+), 3 deletions(-) diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index 62737a28935..ba3618cc101 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -18,6 +18,7 @@ let ${cfg.config} + ${optionalString (cfg.httpConfig == "") '' http { include ${cfg.package}/conf/mime.types; include ${cfg.package}/conf/fastcgi.conf; @@ -89,8 +90,15 @@ let } ''} + ${cfg.appendHttpConfig} + }''} + + ${optionalString (cfg.httpConfig != "") '' + http { + include ${cfg.package}/conf/mime.types; + include ${cfg.package}/conf/fastcgi.conf; ${cfg.httpConfig} - } + }''} ${cfg.appendConfig} ''; @@ -245,7 +253,22 @@ in httpConfig = mkOption { type = types.lines; default = ""; - description = "Configuration lines to be appended inside of the http {} block."; + description = " + Configuration lines to be set inside the http block. + This is mutually exclusive with the structured configuration + via virtualHosts and the recommendedXyzSettings configuration + options. See appendHttpConfig for appending to the generated http block. + "; + }; + + appendHttpConfig = mkOption { + type = types.lines; + default = ""; + description = " + Configuration lines to be appended to the generated http block. + This is mutually exclusive with using httpConfig for specifying the whole + http block verbatim. + "; }; stateDir = mkOption { @@ -353,7 +376,6 @@ in ) virtualHosts ); - users.extraUsers = optionalAttrs (cfg.user == "nginx") (singleton { name = "nginx"; group = cfg.group; From a193fecf0ef3fb2d048981217d6de7a051212e44 Mon Sep 17 00:00:00 2001 From: Robin Gloster Date: Wed, 27 Jul 2016 13:49:46 +0000 Subject: [PATCH 24/97] nginx module: improve statusPage generated code Adds ::1 as allowed host and turns of access_log for the status page. --- nixos/modules/services/web-servers/nginx/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index ba3618cc101..8385d8e6026 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -84,7 +84,9 @@ let location /nginx_status { stub_status on; + access_log off; allow 127.0.0.1; + allow ::1; deny all; } } From 1da6775775e3695ff206bdcd3fca945bf5331101 Mon Sep 17 00:00:00 2001 From: Frederik Rietdijk Date: Thu, 7 Jul 2016 14:05:05 +0200 Subject: [PATCH 25/97] Python: move interpreters Move Python interpreters (CPython, PyPy) to same folder and share layout. --- .../python/{ => cpython}/2.6/default.nix | 4 ++-- .../{ => cpython}/2.6/nix-store-mtime.patch | 0 .../2.6/python2.6-fix-parallel-make.patch | 0 .../{ => cpython}/2.6/search-path.patch | 0 .../python/{ => cpython}/2.6/setup-hook.sh | 0 .../2.7/2.5.2-ctypes-util-find_library.patch | 0 .../{ => cpython}/2.7/2.5.2-tkinter-x11.patch | 0 .../{ => cpython}/2.7/2.6.2-ssl-threads.patch | 0 .../{ => cpython}/2.7/2.6.5-FD_SETSIZE.patch | 0 .../2.6.5-export-PySignal_SetWakeupFd.patch | 0 .../2.7/2.6.5-ncurses-abi6.patch | 0 .../python/{ => cpython}/2.7/2.7.3-dbm.patch | 0 .../{ => cpython}/2.7/2.7.3-dylib.patch | 0 .../2.7/2.7.3-getpath-exe-extension.patch | 0 .../{ => cpython}/2.7/2.7.3-no-libm.patch | 0 .../python/{ => cpython}/2.7/default.nix | 4 ++-- .../2.7/deterministic-build.patch | 0 .../{ => cpython}/2.7/nix-store-mtime.patch | 0 .../{ => cpython}/2.7/no-ldconfig.patch | 0 .../2.7/properly-detect-curses.patch | 0 .../{ => cpython}/2.7/search-path.patch | 0 .../python/{ => cpython}/2.7/setup-hook.sh | 0 .../python/{ => cpython}/3.3/default.nix | 4 ++-- .../python/{ => cpython}/3.3/setup-hook.sh | 0 .../python/{ => cpython}/3.4/default.nix | 4 ++-- .../python/{ => cpython}/3.4/setup-hook.sh | 0 .../python/{ => cpython}/3.5/default.nix | 4 ++-- .../python/{ => cpython}/3.5/setup-hook.sh | 0 .../python/{ => cpython}/3.6/default.nix | 4 ++-- .../python/{ => cpython}/3.6/setup-hook.sh | 0 .../python/{ => cpython}/docs/2.6-html.nix | 0 .../python/{ => cpython}/docs/2.6-pdf-a4.nix | 0 .../{ => cpython}/docs/2.6-pdf-letter.nix | 0 .../python/{ => cpython}/docs/2.6-text.nix | 0 .../python/{ => cpython}/docs/2.7-html.nix | 0 .../python/{ => cpython}/docs/2.7-pdf-a4.nix | 0 .../{ => cpython}/docs/2.7-pdf-letter.nix | 0 .../python/{ => cpython}/docs/2.7-text.nix | 0 .../python/{ => cpython}/docs/3.3-html.nix | 0 .../python/{ => cpython}/docs/3.3-pdf-a4.nix | 0 .../{ => cpython}/docs/3.3-pdf-letter.nix | 0 .../python/{ => cpython}/docs/3.3-text.nix | 0 .../python/{ => cpython}/docs/default.nix | 0 .../python/{ => cpython}/docs/generate.sh | 0 .../python/{ => cpython}/docs/template.nix | 0 .../{pypy => python/pypy/2.7}/default.nix | 4 ++-- .../{pypy => python/pypy/2.7}/setup-hook.sh | 0 pkgs/top-level/all-packages.nix | 21 +++++++++++-------- 48 files changed, 26 insertions(+), 23 deletions(-) rename pkgs/development/interpreters/python/{ => cpython}/2.6/default.nix (97%) rename pkgs/development/interpreters/python/{ => cpython}/2.6/nix-store-mtime.patch (100%) rename pkgs/development/interpreters/python/{ => cpython}/2.6/python2.6-fix-parallel-make.patch (100%) rename pkgs/development/interpreters/python/{ => cpython}/2.6/search-path.patch (100%) rename pkgs/development/interpreters/python/{ => cpython}/2.6/setup-hook.sh (100%) rename pkgs/development/interpreters/python/{ => cpython}/2.7/2.5.2-ctypes-util-find_library.patch (100%) rename pkgs/development/interpreters/python/{ => cpython}/2.7/2.5.2-tkinter-x11.patch (100%) rename pkgs/development/interpreters/python/{ => cpython}/2.7/2.6.2-ssl-threads.patch (100%) rename pkgs/development/interpreters/python/{ => cpython}/2.7/2.6.5-FD_SETSIZE.patch (100%) rename pkgs/development/interpreters/python/{ => cpython}/2.7/2.6.5-export-PySignal_SetWakeupFd.patch (100%) rename pkgs/development/interpreters/python/{ => cpython}/2.7/2.6.5-ncurses-abi6.patch (100%) rename pkgs/development/interpreters/python/{ => cpython}/2.7/2.7.3-dbm.patch (100%) rename pkgs/development/interpreters/python/{ => cpython}/2.7/2.7.3-dylib.patch (100%) rename pkgs/development/interpreters/python/{ => cpython}/2.7/2.7.3-getpath-exe-extension.patch (100%) rename pkgs/development/interpreters/python/{ => cpython}/2.7/2.7.3-no-libm.patch (100%) rename pkgs/development/interpreters/python/{ => cpython}/2.7/default.nix (98%) rename pkgs/development/interpreters/python/{ => cpython}/2.7/deterministic-build.patch (100%) rename pkgs/development/interpreters/python/{ => cpython}/2.7/nix-store-mtime.patch (100%) rename pkgs/development/interpreters/python/{ => cpython}/2.7/no-ldconfig.patch (100%) rename pkgs/development/interpreters/python/{ => cpython}/2.7/properly-detect-curses.patch (100%) rename pkgs/development/interpreters/python/{ => cpython}/2.7/search-path.patch (100%) rename pkgs/development/interpreters/python/{ => cpython}/2.7/setup-hook.sh (100%) rename pkgs/development/interpreters/python/{ => cpython}/3.3/default.nix (95%) rename pkgs/development/interpreters/python/{ => cpython}/3.3/setup-hook.sh (100%) rename pkgs/development/interpreters/python/{ => cpython}/3.4/default.nix (95%) rename pkgs/development/interpreters/python/{ => cpython}/3.4/setup-hook.sh (100%) rename pkgs/development/interpreters/python/{ => cpython}/3.5/default.nix (95%) rename pkgs/development/interpreters/python/{ => cpython}/3.5/setup-hook.sh (100%) rename pkgs/development/interpreters/python/{ => cpython}/3.6/default.nix (95%) rename pkgs/development/interpreters/python/{ => cpython}/3.6/setup-hook.sh (100%) rename pkgs/development/interpreters/python/{ => cpython}/docs/2.6-html.nix (100%) rename pkgs/development/interpreters/python/{ => cpython}/docs/2.6-pdf-a4.nix (100%) rename pkgs/development/interpreters/python/{ => cpython}/docs/2.6-pdf-letter.nix (100%) rename pkgs/development/interpreters/python/{ => cpython}/docs/2.6-text.nix (100%) rename pkgs/development/interpreters/python/{ => cpython}/docs/2.7-html.nix (100%) rename pkgs/development/interpreters/python/{ => cpython}/docs/2.7-pdf-a4.nix (100%) rename pkgs/development/interpreters/python/{ => cpython}/docs/2.7-pdf-letter.nix (100%) rename pkgs/development/interpreters/python/{ => cpython}/docs/2.7-text.nix (100%) rename pkgs/development/interpreters/python/{ => cpython}/docs/3.3-html.nix (100%) rename pkgs/development/interpreters/python/{ => cpython}/docs/3.3-pdf-a4.nix (100%) rename pkgs/development/interpreters/python/{ => cpython}/docs/3.3-pdf-letter.nix (100%) rename pkgs/development/interpreters/python/{ => cpython}/docs/3.3-text.nix (100%) rename pkgs/development/interpreters/python/{ => cpython}/docs/default.nix (100%) rename pkgs/development/interpreters/python/{ => cpython}/docs/generate.sh (100%) rename pkgs/development/interpreters/python/{ => cpython}/docs/template.nix (100%) rename pkgs/development/interpreters/{pypy => python/pypy/2.7}/default.nix (96%) rename pkgs/development/interpreters/{pypy => python/pypy/2.7}/setup-hook.sh (100%) diff --git a/pkgs/development/interpreters/python/2.6/default.nix b/pkgs/development/interpreters/python/cpython/2.6/default.nix similarity index 97% rename from pkgs/development/interpreters/python/2.6/default.nix rename to pkgs/development/interpreters/python/cpython/2.6/default.nix index 6641eb24b24..e5c33cd7b2b 100644 --- a/pkgs/development/interpreters/python/2.6/default.nix +++ b/pkgs/development/interpreters/python/cpython/2.6/default.nix @@ -99,8 +99,8 @@ let inherit zlibSupport; isPy2 = true; isPy26 = true; - buildEnv = callPackage ../wrapper.nix { python = self; }; - withPackages = import ../with-packages.nix { inherit buildEnv; pythonPackages = python26Packages; }; + buildEnv = callPackage ../../wrapper.nix { python = self; }; + withPackages = import ../../with-packages.nix { inherit buildEnv; pythonPackages = python26Packages; }; libPrefix = "python${majorVersion}"; executable = libPrefix; sitePackages = "lib/${libPrefix}/site-packages"; diff --git a/pkgs/development/interpreters/python/2.6/nix-store-mtime.patch b/pkgs/development/interpreters/python/cpython/2.6/nix-store-mtime.patch similarity index 100% rename from pkgs/development/interpreters/python/2.6/nix-store-mtime.patch rename to pkgs/development/interpreters/python/cpython/2.6/nix-store-mtime.patch diff --git a/pkgs/development/interpreters/python/2.6/python2.6-fix-parallel-make.patch b/pkgs/development/interpreters/python/cpython/2.6/python2.6-fix-parallel-make.patch similarity index 100% rename from pkgs/development/interpreters/python/2.6/python2.6-fix-parallel-make.patch rename to pkgs/development/interpreters/python/cpython/2.6/python2.6-fix-parallel-make.patch diff --git a/pkgs/development/interpreters/python/2.6/search-path.patch b/pkgs/development/interpreters/python/cpython/2.6/search-path.patch similarity index 100% rename from pkgs/development/interpreters/python/2.6/search-path.patch rename to pkgs/development/interpreters/python/cpython/2.6/search-path.patch diff --git a/pkgs/development/interpreters/python/2.6/setup-hook.sh b/pkgs/development/interpreters/python/cpython/2.6/setup-hook.sh similarity index 100% rename from pkgs/development/interpreters/python/2.6/setup-hook.sh rename to pkgs/development/interpreters/python/cpython/2.6/setup-hook.sh diff --git a/pkgs/development/interpreters/python/2.7/2.5.2-ctypes-util-find_library.patch b/pkgs/development/interpreters/python/cpython/2.7/2.5.2-ctypes-util-find_library.patch similarity index 100% rename from pkgs/development/interpreters/python/2.7/2.5.2-ctypes-util-find_library.patch rename to pkgs/development/interpreters/python/cpython/2.7/2.5.2-ctypes-util-find_library.patch diff --git a/pkgs/development/interpreters/python/2.7/2.5.2-tkinter-x11.patch b/pkgs/development/interpreters/python/cpython/2.7/2.5.2-tkinter-x11.patch similarity index 100% rename from pkgs/development/interpreters/python/2.7/2.5.2-tkinter-x11.patch rename to pkgs/development/interpreters/python/cpython/2.7/2.5.2-tkinter-x11.patch diff --git a/pkgs/development/interpreters/python/2.7/2.6.2-ssl-threads.patch b/pkgs/development/interpreters/python/cpython/2.7/2.6.2-ssl-threads.patch similarity index 100% rename from pkgs/development/interpreters/python/2.7/2.6.2-ssl-threads.patch rename to pkgs/development/interpreters/python/cpython/2.7/2.6.2-ssl-threads.patch diff --git a/pkgs/development/interpreters/python/2.7/2.6.5-FD_SETSIZE.patch b/pkgs/development/interpreters/python/cpython/2.7/2.6.5-FD_SETSIZE.patch similarity index 100% rename from pkgs/development/interpreters/python/2.7/2.6.5-FD_SETSIZE.patch rename to pkgs/development/interpreters/python/cpython/2.7/2.6.5-FD_SETSIZE.patch diff --git a/pkgs/development/interpreters/python/2.7/2.6.5-export-PySignal_SetWakeupFd.patch b/pkgs/development/interpreters/python/cpython/2.7/2.6.5-export-PySignal_SetWakeupFd.patch similarity index 100% rename from pkgs/development/interpreters/python/2.7/2.6.5-export-PySignal_SetWakeupFd.patch rename to pkgs/development/interpreters/python/cpython/2.7/2.6.5-export-PySignal_SetWakeupFd.patch diff --git a/pkgs/development/interpreters/python/2.7/2.6.5-ncurses-abi6.patch b/pkgs/development/interpreters/python/cpython/2.7/2.6.5-ncurses-abi6.patch similarity index 100% rename from pkgs/development/interpreters/python/2.7/2.6.5-ncurses-abi6.patch rename to pkgs/development/interpreters/python/cpython/2.7/2.6.5-ncurses-abi6.patch diff --git a/pkgs/development/interpreters/python/2.7/2.7.3-dbm.patch b/pkgs/development/interpreters/python/cpython/2.7/2.7.3-dbm.patch similarity index 100% rename from pkgs/development/interpreters/python/2.7/2.7.3-dbm.patch rename to pkgs/development/interpreters/python/cpython/2.7/2.7.3-dbm.patch diff --git a/pkgs/development/interpreters/python/2.7/2.7.3-dylib.patch b/pkgs/development/interpreters/python/cpython/2.7/2.7.3-dylib.patch similarity index 100% rename from pkgs/development/interpreters/python/2.7/2.7.3-dylib.patch rename to pkgs/development/interpreters/python/cpython/2.7/2.7.3-dylib.patch diff --git a/pkgs/development/interpreters/python/2.7/2.7.3-getpath-exe-extension.patch b/pkgs/development/interpreters/python/cpython/2.7/2.7.3-getpath-exe-extension.patch similarity index 100% rename from pkgs/development/interpreters/python/2.7/2.7.3-getpath-exe-extension.patch rename to pkgs/development/interpreters/python/cpython/2.7/2.7.3-getpath-exe-extension.patch diff --git a/pkgs/development/interpreters/python/2.7/2.7.3-no-libm.patch b/pkgs/development/interpreters/python/cpython/2.7/2.7.3-no-libm.patch similarity index 100% rename from pkgs/development/interpreters/python/2.7/2.7.3-no-libm.patch rename to pkgs/development/interpreters/python/cpython/2.7/2.7.3-no-libm.patch diff --git a/pkgs/development/interpreters/python/2.7/default.nix b/pkgs/development/interpreters/python/cpython/2.7/default.nix similarity index 98% rename from pkgs/development/interpreters/python/2.7/default.nix rename to pkgs/development/interpreters/python/cpython/2.7/default.nix index aca88f504a0..96c098c82dc 100644 --- a/pkgs/development/interpreters/python/2.7/default.nix +++ b/pkgs/development/interpreters/python/cpython/2.7/default.nix @@ -160,8 +160,8 @@ let inherit zlibSupport; isPy2 = true; isPy27 = true; - buildEnv = callPackage ../wrapper.nix { python = self; }; - withPackages = import ../with-packages.nix { inherit buildEnv; pythonPackages = python27Packages; }; + buildEnv = callPackage ../../wrapper.nix { python = self; }; + withPackages = import ../../with-packages.nix { inherit buildEnv; pythonPackages = python27Packages; }; libPrefix = "python${majorVersion}"; executable = libPrefix; sitePackages = "lib/${libPrefix}/site-packages"; diff --git a/pkgs/development/interpreters/python/2.7/deterministic-build.patch b/pkgs/development/interpreters/python/cpython/2.7/deterministic-build.patch similarity index 100% rename from pkgs/development/interpreters/python/2.7/deterministic-build.patch rename to pkgs/development/interpreters/python/cpython/2.7/deterministic-build.patch diff --git a/pkgs/development/interpreters/python/2.7/nix-store-mtime.patch b/pkgs/development/interpreters/python/cpython/2.7/nix-store-mtime.patch similarity index 100% rename from pkgs/development/interpreters/python/2.7/nix-store-mtime.patch rename to pkgs/development/interpreters/python/cpython/2.7/nix-store-mtime.patch diff --git a/pkgs/development/interpreters/python/2.7/no-ldconfig.patch b/pkgs/development/interpreters/python/cpython/2.7/no-ldconfig.patch similarity index 100% rename from pkgs/development/interpreters/python/2.7/no-ldconfig.patch rename to pkgs/development/interpreters/python/cpython/2.7/no-ldconfig.patch diff --git a/pkgs/development/interpreters/python/2.7/properly-detect-curses.patch b/pkgs/development/interpreters/python/cpython/2.7/properly-detect-curses.patch similarity index 100% rename from pkgs/development/interpreters/python/2.7/properly-detect-curses.patch rename to pkgs/development/interpreters/python/cpython/2.7/properly-detect-curses.patch diff --git a/pkgs/development/interpreters/python/2.7/search-path.patch b/pkgs/development/interpreters/python/cpython/2.7/search-path.patch similarity index 100% rename from pkgs/development/interpreters/python/2.7/search-path.patch rename to pkgs/development/interpreters/python/cpython/2.7/search-path.patch diff --git a/pkgs/development/interpreters/python/2.7/setup-hook.sh b/pkgs/development/interpreters/python/cpython/2.7/setup-hook.sh similarity index 100% rename from pkgs/development/interpreters/python/2.7/setup-hook.sh rename to pkgs/development/interpreters/python/cpython/2.7/setup-hook.sh diff --git a/pkgs/development/interpreters/python/3.3/default.nix b/pkgs/development/interpreters/python/cpython/3.3/default.nix similarity index 95% rename from pkgs/development/interpreters/python/3.3/default.nix rename to pkgs/development/interpreters/python/cpython/3.3/default.nix index 8a36e03c784..1d2312fdc15 100644 --- a/pkgs/development/interpreters/python/3.3/default.nix +++ b/pkgs/development/interpreters/python/cpython/3.3/default.nix @@ -88,8 +88,8 @@ stdenv.mkDerivation { tkSupport = (tk != null) && (tcl != null) && (libX11 != null) && (xproto != null); libPrefix = "python${majorVersion}"; executable = "python3.3m"; - buildEnv = callPackage ../wrapper.nix { python = self; }; - withPackages = import ../with-packages.nix { inherit buildEnv; pythonPackages = python33Packages; }; + buildEnv = callPackage ../../wrapper.nix { python = self; }; + withPackages = import ../../with-packages.nix { inherit buildEnv; pythonPackages = python33Packages; }; isPy3 = true; isPy33 = true; is_py3k = true; # deprecated diff --git a/pkgs/development/interpreters/python/3.3/setup-hook.sh b/pkgs/development/interpreters/python/cpython/3.3/setup-hook.sh similarity index 100% rename from pkgs/development/interpreters/python/3.3/setup-hook.sh rename to pkgs/development/interpreters/python/cpython/3.3/setup-hook.sh diff --git a/pkgs/development/interpreters/python/3.4/default.nix b/pkgs/development/interpreters/python/cpython/3.4/default.nix similarity index 95% rename from pkgs/development/interpreters/python/3.4/default.nix rename to pkgs/development/interpreters/python/cpython/3.4/default.nix index 7ea6adc4370..64c61e504b7 100644 --- a/pkgs/development/interpreters/python/3.4/default.nix +++ b/pkgs/development/interpreters/python/cpython/3.4/default.nix @@ -111,8 +111,8 @@ stdenv.mkDerivation { tkSupport = (tk != null) && (tcl != null) && (libX11 != null) && (xproto != null); libPrefix = "python${majorVersion}"; executable = "python3.4m"; - buildEnv = callPackage ../wrapper.nix { python = self; }; - withPackages = import ../with-packages.nix { inherit buildEnv; pythonPackages = python34Packages; }; + buildEnv = callPackage ../../wrapper.nix { python = self; }; + withPackages = import ../../with-packages.nix { inherit buildEnv; pythonPackages = python34Packages; }; isPy3 = true; isPy34 = true; is_py3k = true; # deprecated diff --git a/pkgs/development/interpreters/python/3.4/setup-hook.sh b/pkgs/development/interpreters/python/cpython/3.4/setup-hook.sh similarity index 100% rename from pkgs/development/interpreters/python/3.4/setup-hook.sh rename to pkgs/development/interpreters/python/cpython/3.4/setup-hook.sh diff --git a/pkgs/development/interpreters/python/3.5/default.nix b/pkgs/development/interpreters/python/cpython/3.5/default.nix similarity index 95% rename from pkgs/development/interpreters/python/3.5/default.nix rename to pkgs/development/interpreters/python/cpython/3.5/default.nix index 21716c87386..c36d7c2a6eb 100644 --- a/pkgs/development/interpreters/python/3.5/default.nix +++ b/pkgs/development/interpreters/python/cpython/3.5/default.nix @@ -111,8 +111,8 @@ stdenv.mkDerivation { tkSupport = (tk != null) && (tcl != null) && (libX11 != null) && (xproto != null); libPrefix = "python${majorVersion}"; executable = "python${majorVersion}m"; - buildEnv = callPackage ../wrapper.nix { python = self; }; - withPackages = import ../with-packages.nix { inherit buildEnv; pythonPackages = python35Packages; }; + buildEnv = callPackage ../../wrapper.nix { python = self; }; + withPackages = import ../../with-packages.nix { inherit buildEnv; pythonPackages = python35Packages; }; isPy3 = true; isPy35 = true; is_py3k = true; # deprecated diff --git a/pkgs/development/interpreters/python/3.5/setup-hook.sh b/pkgs/development/interpreters/python/cpython/3.5/setup-hook.sh similarity index 100% rename from pkgs/development/interpreters/python/3.5/setup-hook.sh rename to pkgs/development/interpreters/python/cpython/3.5/setup-hook.sh diff --git a/pkgs/development/interpreters/python/3.6/default.nix b/pkgs/development/interpreters/python/cpython/3.6/default.nix similarity index 95% rename from pkgs/development/interpreters/python/3.6/default.nix rename to pkgs/development/interpreters/python/cpython/3.6/default.nix index 9515e1587d7..a337b28859b 100644 --- a/pkgs/development/interpreters/python/3.6/default.nix +++ b/pkgs/development/interpreters/python/cpython/3.6/default.nix @@ -115,8 +115,8 @@ stdenv.mkDerivation { tkSupport = (tk != null) && (tcl != null) && (libX11 != null) && (xproto != null); libPrefix = "python${majorVersion}"; executable = "python${majorVersion}m"; - buildEnv = callPackage ../wrapper.nix { python = self; }; - withPackages = import ../with-packages.nix { inherit buildEnv; pythonPackages = python36Packages; }; + buildEnv = callPackage ../../wrapper.nix { python = self; }; + withPackages = import ../../with-packages.nix { inherit buildEnv; pythonPackages = python36Packages; }; isPy3 = true; isPy35 = true; is_py3k = true; # deprecated diff --git a/pkgs/development/interpreters/python/3.6/setup-hook.sh b/pkgs/development/interpreters/python/cpython/3.6/setup-hook.sh similarity index 100% rename from pkgs/development/interpreters/python/3.6/setup-hook.sh rename to pkgs/development/interpreters/python/cpython/3.6/setup-hook.sh diff --git a/pkgs/development/interpreters/python/docs/2.6-html.nix b/pkgs/development/interpreters/python/cpython/docs/2.6-html.nix similarity index 100% rename from pkgs/development/interpreters/python/docs/2.6-html.nix rename to pkgs/development/interpreters/python/cpython/docs/2.6-html.nix diff --git a/pkgs/development/interpreters/python/docs/2.6-pdf-a4.nix b/pkgs/development/interpreters/python/cpython/docs/2.6-pdf-a4.nix similarity index 100% rename from pkgs/development/interpreters/python/docs/2.6-pdf-a4.nix rename to pkgs/development/interpreters/python/cpython/docs/2.6-pdf-a4.nix diff --git a/pkgs/development/interpreters/python/docs/2.6-pdf-letter.nix b/pkgs/development/interpreters/python/cpython/docs/2.6-pdf-letter.nix similarity index 100% rename from pkgs/development/interpreters/python/docs/2.6-pdf-letter.nix rename to pkgs/development/interpreters/python/cpython/docs/2.6-pdf-letter.nix diff --git a/pkgs/development/interpreters/python/docs/2.6-text.nix b/pkgs/development/interpreters/python/cpython/docs/2.6-text.nix similarity index 100% rename from pkgs/development/interpreters/python/docs/2.6-text.nix rename to pkgs/development/interpreters/python/cpython/docs/2.6-text.nix diff --git a/pkgs/development/interpreters/python/docs/2.7-html.nix b/pkgs/development/interpreters/python/cpython/docs/2.7-html.nix similarity index 100% rename from pkgs/development/interpreters/python/docs/2.7-html.nix rename to pkgs/development/interpreters/python/cpython/docs/2.7-html.nix diff --git a/pkgs/development/interpreters/python/docs/2.7-pdf-a4.nix b/pkgs/development/interpreters/python/cpython/docs/2.7-pdf-a4.nix similarity index 100% rename from pkgs/development/interpreters/python/docs/2.7-pdf-a4.nix rename to pkgs/development/interpreters/python/cpython/docs/2.7-pdf-a4.nix diff --git a/pkgs/development/interpreters/python/docs/2.7-pdf-letter.nix b/pkgs/development/interpreters/python/cpython/docs/2.7-pdf-letter.nix similarity index 100% rename from pkgs/development/interpreters/python/docs/2.7-pdf-letter.nix rename to pkgs/development/interpreters/python/cpython/docs/2.7-pdf-letter.nix diff --git a/pkgs/development/interpreters/python/docs/2.7-text.nix b/pkgs/development/interpreters/python/cpython/docs/2.7-text.nix similarity index 100% rename from pkgs/development/interpreters/python/docs/2.7-text.nix rename to pkgs/development/interpreters/python/cpython/docs/2.7-text.nix diff --git a/pkgs/development/interpreters/python/docs/3.3-html.nix b/pkgs/development/interpreters/python/cpython/docs/3.3-html.nix similarity index 100% rename from pkgs/development/interpreters/python/docs/3.3-html.nix rename to pkgs/development/interpreters/python/cpython/docs/3.3-html.nix diff --git a/pkgs/development/interpreters/python/docs/3.3-pdf-a4.nix b/pkgs/development/interpreters/python/cpython/docs/3.3-pdf-a4.nix similarity index 100% rename from pkgs/development/interpreters/python/docs/3.3-pdf-a4.nix rename to pkgs/development/interpreters/python/cpython/docs/3.3-pdf-a4.nix diff --git a/pkgs/development/interpreters/python/docs/3.3-pdf-letter.nix b/pkgs/development/interpreters/python/cpython/docs/3.3-pdf-letter.nix similarity index 100% rename from pkgs/development/interpreters/python/docs/3.3-pdf-letter.nix rename to pkgs/development/interpreters/python/cpython/docs/3.3-pdf-letter.nix diff --git a/pkgs/development/interpreters/python/docs/3.3-text.nix b/pkgs/development/interpreters/python/cpython/docs/3.3-text.nix similarity index 100% rename from pkgs/development/interpreters/python/docs/3.3-text.nix rename to pkgs/development/interpreters/python/cpython/docs/3.3-text.nix diff --git a/pkgs/development/interpreters/python/docs/default.nix b/pkgs/development/interpreters/python/cpython/docs/default.nix similarity index 100% rename from pkgs/development/interpreters/python/docs/default.nix rename to pkgs/development/interpreters/python/cpython/docs/default.nix diff --git a/pkgs/development/interpreters/python/docs/generate.sh b/pkgs/development/interpreters/python/cpython/docs/generate.sh similarity index 100% rename from pkgs/development/interpreters/python/docs/generate.sh rename to pkgs/development/interpreters/python/cpython/docs/generate.sh diff --git a/pkgs/development/interpreters/python/docs/template.nix b/pkgs/development/interpreters/python/cpython/docs/template.nix similarity index 100% rename from pkgs/development/interpreters/python/docs/template.nix rename to pkgs/development/interpreters/python/cpython/docs/template.nix diff --git a/pkgs/development/interpreters/pypy/default.nix b/pkgs/development/interpreters/python/pypy/2.7/default.nix similarity index 96% rename from pkgs/development/interpreters/pypy/default.nix rename to pkgs/development/interpreters/python/pypy/2.7/default.nix index f07e53e592f..ba6f5706bbd 100644 --- a/pkgs/development/interpreters/pypy/default.nix +++ b/pkgs/development/interpreters/python/pypy/2.7/default.nix @@ -117,10 +117,10 @@ let inherit zlibSupport libPrefix; executable = "pypy"; isPypy = true; - buildEnv = callPackage ../python/wrapper.nix { python = self; }; + buildEnv = callPackage ../../wrapper.nix { python = self; }; interpreter = "${self}/bin/${executable}"; sitePackages = "site-packages"; - withPackages = import ../python/with-packages.nix { inherit buildEnv; pythonPackages = pypyPackages; }; + withPackages = import ../../with-packages.nix { inherit buildEnv; pythonPackages = pypyPackages; }; }; enableParallelBuilding = true; # almost no parallelization without STM diff --git a/pkgs/development/interpreters/pypy/setup-hook.sh b/pkgs/development/interpreters/python/pypy/2.7/setup-hook.sh similarity index 100% rename from pkgs/development/interpreters/pypy/setup-hook.sh rename to pkgs/development/interpreters/python/pypy/2.7/setup-hook.sh diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index dd5c5541462..b78dfb4bc26 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -5879,31 +5879,34 @@ in python2Packages = python27Packages; python3Packages = python35Packages; - python26 = callPackage ../development/interpreters/python/2.6 { + python26 = callPackage ../development/interpreters/python/cpython/2.6 { db = db47; self = python26; }; - python27 = callPackage ../development/interpreters/python/2.7 { + python27 = callPackage ../development/interpreters/python/cpython/2.7 { self = python27; inherit (darwin) CF configd; }; - python33 = callPackage ../development/interpreters/python/3.3 { + python33 = callPackage ../development/interpreters/python/cpython/3.3 { self = python33; }; - python34 = hiPrio (callPackage ../development/interpreters/python/3.4 { + python34 = hiPrio (callPackage ../development/interpreters/python/cpython/3.4 { inherit (darwin) CF configd; self = python34; }); - python35 = hiPrio (callPackage ../development/interpreters/python/3.5 { + python35 = hiPrio (callPackage ../development/interpreters/python/cpython/3.5 { inherit (darwin) CF configd; self = python35; }); - python36 = callPackage ../development/interpreters/python/3.6 { + python36 = callPackage ../development/interpreters/python/cpython/3.6 { inherit (darwin) CF configd; self = python36; }; - pypy = callPackage ../development/interpreters/pypy { - self = pypy; + + pypy = pypy27; + + pypy27 = callPackage ../development/interpreters/python/pypy/2.7 { + self = pypy27; }; pythonFull = python2Full; @@ -5919,7 +5922,7 @@ in python2nix = callPackage ../tools/package-management/python2nix { }; - pythonDocs = recurseIntoAttrs (callPackage ../development/interpreters/python/docs {}); + pythonDocs = recurseIntoAttrs (callPackage ../development/interpreters/python/cpython/docs {}); pypi2nix = callPackage ../development/tools/pypi2nix { python = python35; }; From 83a2d74a7ce8011e76f0dc5f0332b2a005249763 Mon Sep 17 00:00:00 2001 From: Christine Koppelt Date: Sat, 30 Jul 2016 21:50:34 +0200 Subject: [PATCH 26/97] redis: 3.0.7 -> 3.2.2 --- pkgs/servers/nosql/redis/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/servers/nosql/redis/default.nix b/pkgs/servers/nosql/redis/default.nix index 16a2ec21079..69d6377b664 100644 --- a/pkgs/servers/nosql/redis/default.nix +++ b/pkgs/servers/nosql/redis/default.nix @@ -1,12 +1,12 @@ { stdenv, fetchurl, lua }: stdenv.mkDerivation rec { - version = "3.0.7"; + version = "3.2.2"; name = "redis-${version}"; src = fetchurl { url = "http://download.redis.io/releases/${name}.tar.gz"; - sha256 = "08vzfdr67gp3lvk770qpax2c5g2sx8hn6p64jn3jddrvxb2939xj"; + sha256 = "05cf63502b2248b5d39588962100bfa4fcb47dabd56931a8cb60b301b1d8daea"; }; buildInputs = [ lua ]; From 86cf45338a7c43d9e2b2b2fb4cc41f14aca85398 Mon Sep 17 00:00:00 2001 From: Bart Brouns Date: Sat, 30 Jul 2016 21:51:41 +0200 Subject: [PATCH 27/97] zam-plugins: 3.6 -> 3.7 --- pkgs/applications/audio/zam-plugins/default.nix | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/pkgs/applications/audio/zam-plugins/default.nix b/pkgs/applications/audio/zam-plugins/default.nix index 70051e587cd..b79083ee402 100644 --- a/pkgs/applications/audio/zam-plugins/default.nix +++ b/pkgs/applications/audio/zam-plugins/default.nix @@ -2,20 +2,19 @@ stdenv.mkDerivation rec { name = "zam-plugins-${version}"; - version = "3.6"; + version = "3.7"; src = fetchgit { url = "https://github.com/zamaudio/zam-plugins.git"; deepClone = true; - rev = "91fe56931a3e57b80f18c740d2dde6b44f962aee"; - sha256 = "1ldrqh6nk0m1axb553wjp1gfznw8b6b3k0v0z1jdwy425sl6g07d"; + rev = "932046905a57f698406318765a60807a1f81257d"; + sha256 = "0zgkmq3jgysrsb6cm6sfbgqpgfpwv8nxlgkqm29zzvb97j56bm7z"; }; buildInputs = [ boost libX11 mesa liblo libjack2 ladspaH lv2 pkgconfig rubberband libsndfile ]; patchPhase = '' patchShebangs ./dpf/utils/generate-ttl.sh - substituteInPlace Makefile --replace "ZaMaximX2" "ZaMaximX2 ZamPiano ZamChild670" ''; makeFlags = [ From e809667b171da294dc4e9ce98f0901cd33210835 Mon Sep 17 00:00:00 2001 From: Maarten Hoogendoorn Date: Wed, 27 Jul 2016 11:29:18 +0200 Subject: [PATCH 28/97] vmTools.runInLinuxImage: add virtio_rng device This allows the QEMU VM's to use the /dev/random device, by getting entropy from the host. --- pkgs/build-support/vm/default.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pkgs/build-support/vm/default.nix b/pkgs/build-support/vm/default.nix index fa7107bd738..7ac1b2cc519 100644 --- a/pkgs/build-support/vm/default.nix +++ b/pkgs/build-support/vm/default.nix @@ -2,7 +2,7 @@ , kernel ? pkgs.linux , img ? "bzImage" , rootModules ? - [ "virtio_pci" "virtio_blk" "virtio_balloon" "ext4" "unix" "9p" "9pnet_virtio" "rtc_cmos" ] + [ "virtio_pci" "virtio_blk" "virtio_balloon" "virtio_rng" "ext4" "unix" "9p" "9pnet_virtio" "rtc_cmos" ] }: with pkgs; @@ -218,6 +218,7 @@ rec { ${qemuProg} \ ${lib.optionalString (pkgs.stdenv.system == "x86_64-linux") "-cpu kvm64"} \ -nographic -no-reboot \ + -device virtio-rng-pci \ -virtfs local,path=/nix/store,security_model=none,mount_tag=store \ -virtfs local,path=$TMPDIR/xchg,security_model=none,mount_tag=xchg \ -drive file=$diskImage,if=virtio,cache=unsafe,werror=report \ From 07ca9bd4bc7b7c57fbf628e60197cc8b7821404b Mon Sep 17 00:00:00 2001 From: Christine Koppelt Date: Sun, 31 Jul 2016 15:28:56 +0200 Subject: [PATCH 29/97] Redis: add entry to release notes --- nixos/doc/manual/release-notes/rl-1609.xml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/nixos/doc/manual/release-notes/rl-1609.xml b/nixos/doc/manual/release-notes/rl-1609.xml index 0bea6cbbf2d..8dbf03ee42b 100644 --- a/nixos/doc/manual/release-notes/rl-1609.xml +++ b/nixos/doc/manual/release-notes/rl-1609.xml @@ -33,12 +33,19 @@ has the following highlights: following incompatible changes: + Shell aliases for systemd sub-commands were dropped: start, stop, restart, status. + + + Redis now binds to 127.0.0.1 only instead of listening to all network interfaces. This is the default + behavior of Redis 3.2 + + From 8db2b2e2cd647a245c007226473ca7092f82fa9b Mon Sep 17 00:00:00 2001 From: Kranium Gikos Mendoza Date: Sun, 31 Jul 2016 23:10:41 +0800 Subject: [PATCH 30/97] cpuminer-multi: 20140723 -> 20160316 --- pkgs/tools/misc/cpuminer-multi/default.nix | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/pkgs/tools/misc/cpuminer-multi/default.nix b/pkgs/tools/misc/cpuminer-multi/default.nix index 5657703d3f2..9c8a54b5545 100644 --- a/pkgs/tools/misc/cpuminer-multi/default.nix +++ b/pkgs/tools/misc/cpuminer-multi/default.nix @@ -2,8 +2,8 @@ , aesni ? true }: let - rev = "977dad27e18627e5b723800f5f4201e385fe0d2e"; - date = "20140723"; + rev = "8393e03089c0abde61bd5d72aba8f926c3d6eca4"; + date = "20160316"; in stdenv.mkDerivation rec { name = "cpuminer-multi-${date}-${stdenv.lib.strings.substring 0 7 rev}"; @@ -11,7 +11,7 @@ stdenv.mkDerivation rec { src = fetchgit { inherit rev; url = https://github.com/wolf9466/cpuminer-multi.git; - sha256 = "1lzaiwy2wk9awpzpfnp3d6dymnb4bvgw1vg2433plfqhi9jfdrqj"; + sha256 = "11dg4rra4dgfb9x6q85irn0hrkx2lkwyrdpgdh10pag09s3vhy4v"; }; buildInputs = [ autoconf automake curl jansson ]; @@ -27,5 +27,6 @@ stdenv.mkDerivation rec { homepage = https://github.com/wolf9466/cpuminer-multi; license = licenses.gpl2; maintainers = [ maintainers.ehmry ]; + platforms = platforms.linux; }; -} \ No newline at end of file +} From 7a799b94a3596b6631d6601c12c90e57008b9fc7 Mon Sep 17 00:00:00 2001 From: Dan Peebles Date: Sun, 31 Jul 2016 16:42:14 -0400 Subject: [PATCH 31/97] awscli: 1.10.46 -> 1.10.51 This also required a bump of botocore from 1.4.36 to 1.4.41. I tested boto3 with the new version and it seemed to work fine. --- pkgs/top-level/python-packages.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 76fd4596e54..e06c1c6765d 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -1359,13 +1359,13 @@ in modules // { awscli = buildPythonPackage rec { name = "awscli-${version}"; - version = "1.10.46"; + version = "1.10.51"; namePrefix = ""; src = pkgs.fetchurl { url = "mirror://pypi/a/awscli/${name}.tar.gz"; - sha256 = "1d2xjhdmjna9zxa4ybk7cjypib5yq2gd3w5fgpb4lfs6bh3mr554"; + sha256 = "19n7r6fwnwpi0cyrqh20w80mrcj0b6j3if5p58hi1k3fdp60nscq"; }; # No tests included @@ -2776,12 +2776,12 @@ in modules // { }; botocore = buildPythonPackage rec { - version = "1.4.36"; # This version is required by awscli + version = "1.4.41"; # This version is required by awscli name = "botocore-${version}"; src = pkgs.fetchurl { url = "mirror://pypi/b/botocore/${name}.tar.gz"; - sha256 = "0mkydnbbn0x97nfzwqia68zw2y5j7i9yzpq5kasvc80n2z999h39"; + sha256 = "0c3abr2rxiilqklika8x360pr0mgx7hlhbhj8w72izs2r6ww4dys"; }; propagatedBuildInputs = From 845317e5d62f8e42155933a7c4c74eaca85eb94f Mon Sep 17 00:00:00 2001 From: Robert Helgesson Date: Sun, 31 Jul 2016 22:54:11 +0200 Subject: [PATCH 32/97] construo: remove use of `builderDefsPackage` --- pkgs/games/construo/default.nix | 49 ++++++++++++++++----------------- 1 file changed, 23 insertions(+), 26 deletions(-) diff --git a/pkgs/games/construo/default.nix b/pkgs/games/construo/default.nix index f94b489908e..7e4f3c58c31 100644 --- a/pkgs/games/construo/default.nix +++ b/pkgs/games/construo/default.nix @@ -1,29 +1,26 @@ -{ stdenv, fetchurl, builderDefs, libX11, zlib, xproto, mesa ? null, freeglut ? null }: +{ stdenv, fetchurl, libX11, zlib, xproto, mesa ? null, freeglut ? null }: - let localDefs = builderDefs.passthru.function { - src = /* put a fetchurl here */ - fetchurl { - url = http://savannah.nongnu.org/download/construo/construo-0.2.2.tar.gz; - sha256 = "0c661rjasax4ykw77dgqj39jhb4qi48m0bhhdy42vd5a4rfdrcck"; - }; - - buildInputs = [ libX11 zlib xproto ] - ++ stdenv.lib.optional (mesa != null) mesa - ++ stdenv.lib.optional (freeglut != null) freeglut; - preConfigure = builderDefs.stringsWithDeps.fullDepEntry ('' - sed -e 's/math[.]h/cmath/' -i vector.cxx - sed -e 's/games/bin/' -i Makefile.in - sed -e '1i\#include ' -i construo_main.cxx -i command_line.cxx -i config.hxx - sed -e '1i\#include ' -i command_line.cxx -i lisp_reader.cxx -i unix_system.cxx \ - -i world.cxx construo_main.cxx - '') ["doUnpack" "minInit"]; - }; - in with localDefs; stdenv.mkDerivation rec { - name = "construo-0.2.2"; - builder = writeScript (name + "-builder") - (textClosure localDefs ["preConfigure" "doConfigure" "doMakeInstall" "doForceShare" "doPropagate"]); - meta = { - description = "Masses and springs simulation game"; - }; + name = "construo-0.2.2"; + + src = fetchurl { + url = http://savannah.nongnu.org/download/construo/construo-0.2.2.tar.gz; + sha256 = "0c661rjasax4ykw77dgqj39jhb4qi48m0bhhdy42vd5a4rfdrcck"; + }; + + buildInputs = [ libX11 zlib xproto ] + ++ stdenv.lib.optional (mesa != null) mesa + ++ stdenv.lib.optional (freeglut != null) freeglut; + + preConfigure = '' + sed -e 's/math[.]h/cmath/' -i vector.cxx + sed -e 's/games/bin/' -i Makefile.in + sed -e '1i\#include ' -i construo_main.cxx -i command_line.cxx -i config.hxx + sed -e '1i\#include ' -i command_line.cxx -i lisp_reader.cxx -i unix_system.cxx \ + -i world.cxx construo_main.cxx + ''; + + meta = { + description = "Masses and springs simulation game"; + }; } From 677add282239748a97f7674d56b59a26856650a7 Mon Sep 17 00:00:00 2001 From: Robert Helgesson Date: Sun, 31 Jul 2016 23:13:39 +0200 Subject: [PATCH 33/97] construo: 0.2.2 -> 0.2.3 --- pkgs/games/construo/default.nix | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/pkgs/games/construo/default.nix b/pkgs/games/construo/default.nix index 7e4f3c58c31..0c9e83cdb9a 100644 --- a/pkgs/games/construo/default.nix +++ b/pkgs/games/construo/default.nix @@ -1,11 +1,12 @@ { stdenv, fetchurl, libX11, zlib, xproto, mesa ? null, freeglut ? null }: stdenv.mkDerivation rec { - name = "construo-0.2.2"; + name = "construo-${version}"; + version = "0.2.3"; src = fetchurl { - url = http://savannah.nongnu.org/download/construo/construo-0.2.2.tar.gz; - sha256 = "0c661rjasax4ykw77dgqj39jhb4qi48m0bhhdy42vd5a4rfdrcck"; + url = "https://github.com/Construo/construo/releases/download/v${version}/${name}.tar.gz"; + sha256 = "1wmj527hbj1qv44cdsj6ahfjrnrjwg2dp8gdick8nd07vm062qxa"; }; buildInputs = [ libX11 zlib xproto ] @@ -13,14 +14,12 @@ stdenv.mkDerivation rec { ++ stdenv.lib.optional (freeglut != null) freeglut; preConfigure = '' - sed -e 's/math[.]h/cmath/' -i vector.cxx - sed -e 's/games/bin/' -i Makefile.in - sed -e '1i\#include ' -i construo_main.cxx -i command_line.cxx -i config.hxx - sed -e '1i\#include ' -i command_line.cxx -i lisp_reader.cxx -i unix_system.cxx \ - -i world.cxx construo_main.cxx + substituteInPlace src/Makefile.in \ + --replace games bin ''; meta = { description = "Masses and springs simulation game"; + homepage = http://fs.fsf.org/construo/; }; } From bafc296e531aab26d2aa351f1dacf0ba632f4512 Mon Sep 17 00:00:00 2001 From: obadz Date: Mon, 1 Aug 2016 01:43:25 +0100 Subject: [PATCH 34/97] holdingnuts: init at 0.0.5 --- pkgs/games/holdingnuts/default.nix | 38 ++++++++++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 2 files changed, 40 insertions(+) create mode 100644 pkgs/games/holdingnuts/default.nix diff --git a/pkgs/games/holdingnuts/default.nix b/pkgs/games/holdingnuts/default.nix new file mode 100644 index 00000000000..e6d6febeac6 --- /dev/null +++ b/pkgs/games/holdingnuts/default.nix @@ -0,0 +1,38 @@ +{ stdenv, fetchurl, cmake, SDL, qt4 }: + +let mirror = "http://download.holdingnuts.net"; +in stdenv.mkDerivation rec { + name = "${pname}-${version}"; + pname = "holdingnuts"; + version = "0.0.5"; + + src = fetchurl { + url = "${mirror}/release/${version}/${name}.tar.bz2"; + sha256 = "0iw25jmnqzscg34v66d4zz70lvgjp4l7gi16nna6491xnqha5a8g"; + }; + + patches = [ + (fetchurl { + url = "${mirror}/patches/holdingnuts-0.0.5-wheel.patch"; + sha256 = "0hap5anxgc19s5qi64mjpi3wpgphy4dqdxqw34q19dw3gwxw5g8n"; + }) + (fetchurl { + url = "${mirror}/patches/holdingnuts-qpixmapcache-workaround.patch"; + sha256 = "15cf9j9mdm85f0h7w5f5852ic7xpim0243yywkd2qrfp37mi93pd"; + }) + ]; + + postPatch = '' + substituteInPlace src/system/SysAccess.c --replace /usr/share $out/share + ''; + + buildInputs = [ cmake SDL qt4 ]; + + meta = with stdenv.lib; { + homepage = http://www.holdingnuts.net/; + description = "Open Source Poker client and server"; + license = licenses.gpl3; + maintainers = with maintainers; [ obadz ]; + platforms = platforms.all; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 7a7e868f3b8..240a53181f5 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -15655,6 +15655,8 @@ in hexen = callPackage ../games/hexen { }; + holdingnuts = callPackage ../games/holdingnuts { }; + icbm3d = callPackage ../games/icbm3d { }; ingen = callPackage ../applications/audio/ingen { From 55904aa5c402bc5bdc9d34d22a51e7ef0af8a601 Mon Sep 17 00:00:00 2001 From: Michiel Leenaars Date: Wed, 20 Jul 2016 18:09:44 +0200 Subject: [PATCH 35/97] hash-slinger: init at 2.7.0 --- pkgs/tools/security/hash-slinger/default.nix | 44 ++++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 + 2 files changed, 46 insertions(+) create mode 100644 pkgs/tools/security/hash-slinger/default.nix diff --git a/pkgs/tools/security/hash-slinger/default.nix b/pkgs/tools/security/hash-slinger/default.nix new file mode 100644 index 00000000000..9551c8e36db --- /dev/null +++ b/pkgs/tools/security/hash-slinger/default.nix @@ -0,0 +1,44 @@ +{ stdenv, fetchFromGitHub, pythonPackages, openssh, gnupg, unbound, libreswan }: + +stdenv.mkDerivation rec { + pname = "hash-slinger"; + name = "${pname}-${version}"; + version = "2.7"; + + src = fetchFromGitHub { + owner = "letoams"; + repo = "${pname}"; + rev = "${version}"; + sha256 = "05wn744ydclpnpyah6yfjqlfjlasrrhzj48lqmm5a91nyps5yqyn"; + }; + + pythonPath = with pythonPackages; [ dns m2crypto ipaddr python-gnupg + pyunbound ]; + + buildInputs = [ pythonPackages.wrapPython ]; + propagatedBuildInputs = [ unbound libreswan ] ++ pythonPath; + propagatedUserEnvPkgs = [ unbound libreswan ]; + + patchPhase = '' + substituteInPlace Makefile \ + --replace "$(DESTDIR)/usr" "$out" + substituteInPlace ipseckey \ + --replace "/usr/sbin/ipsec" "${libreswan}/sbin/ipsec" + substituteInPlace tlsa \ + --replace "/var/lib/unbound/root" "${pythonPackages.pyunbound}/etc/pyunbound/root" + patchShebangs * + ''; + + installPhase = '' + mkdir -p $out/bin $out/man $out/${python.sitePackages}/ + make install + wrapPythonPrograms + ''; + + meta = { + description = "Various tools to generate special DNS records"; + homepage = "https://github.com/letoams/hash-slinger"; + license = stdenv.lib.licenses.gpl2Plus; + maintainers = [ stdenv.lib.maintainers.leenaars ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 5683c1add21..3dd3fc76312 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -1947,6 +1947,8 @@ in hashcat = callPackage ../tools/security/hashcat { }; + hash-slinger = callPackage ../tools/security/hash-slinger { }; + hal-flash = callPackage ../os-specific/linux/hal-flash { }; halibut = callPackage ../tools/typesetting/halibut { }; From c8f2d8dae0f3a7511c708e4896502654361f4a67 Mon Sep 17 00:00:00 2001 From: Michiel Leenaars Date: Sat, 23 Jul 2016 00:25:36 +0200 Subject: [PATCH 36/97] py-unbound: init at 1.5.9 --- pkgs/tools/networking/unbound/python.nix | 63 ++++++++++++++++++++++++ pkgs/top-level/python-packages.nix | 2 + 2 files changed, 65 insertions(+) create mode 100644 pkgs/tools/networking/unbound/python.nix diff --git a/pkgs/tools/networking/unbound/python.nix b/pkgs/tools/networking/unbound/python.nix new file mode 100644 index 00000000000..b2f43740a67 --- /dev/null +++ b/pkgs/tools/networking/unbound/python.nix @@ -0,0 +1,63 @@ +{ stdenv, fetchurl, openssl, expat, libevent, swig, python, pythonPackages }: + +stdenv.mkDerivation rec { + pname = "pyunbound"; + name = "${pname}-${version}"; + version = "1.5.9"; + + src = fetchurl { + url = "http://unbound.net/downloads/unbound-${version}.tar.gz"; + sha256 = "01328cfac99ab5b8c47115151896a244979e442e284eb962c0ea84b7782b6990"; + }; + + buildInputs = [ openssl expat libevent swig python ]; + + patchPhase = ''substituteInPlace Makefile.in \ + --replace "\$(DESTDIR)\$(PYTHON_SITE_PKG)" "$out/${python.sitePackages}" \ + --replace "\$(LIBTOOL) --mode=install cp _unbound.la" "cp _unbound.la" + ''; + + preConfigure = "export PYTHON_VERSION=${python.majorVersion}"; + + configureFlags = [ + "--with-ssl=${openssl.dev}" + "--with-libexpat=${expat.dev}" + "--with-libevent=${libevent.dev}" + "--localstatedir=/var" + "--sysconfdir=/etc" + "--sbindir=\${out}/bin" + "--enable-pie" + "--enable-relro-now" + "--with-pyunbound" + "DESTDIR=$out PREFIX=" + ]; + + preInstall = '' + mkdir -p $out/${python.sitePackages} $out/etc/${pname} + cp .libs/_unbound.so .libs/libunbound.so* $out/${python.sitePackages} + substituteInPlace _unbound.la \ + --replace "-L.libs $PWD/libunbound.la" "-L$out/${python.sitePackages}" \ + --replace "libdir=\'$PWD/${python.sitePackages}\'" "libdir=\'$out/${python.sitePackages}\'" + ''; + + installFlags = [ "configfile=\${out}/etc/unbound/unbound.conf pyunbound-install lib" ]; + + # All we want is the Unbound Python module + postInstall = '' + # Generate the built in root anchor and root key and store these in a logical place + # to be used by tools depending only on the Python module + $out/bin/unbound-anchor -l | head -1 > $out/etc/${pname}/root.anchor + $out/bin/unbound-anchor -l | tail --lines=+2 - > $out/etc/${pname}/root.key + # We don't need anything else + rm -fR $out/bin $out/share $out/include $out/etc/unbound + patchelf --replace-needed libunbound.so.2 $out/${python.sitePackages}/libunbound.so.2 $out/${python.sitePackages}/_unbound.so + ''; + + meta = with stdenv.lib; { + description = "Python library for Unbound, the validating, recursive, and caching DNS resolver"; + license = licenses.bsd3; + homepage = http://www.unbound.net; + maintainers = with maintainers; [ leenaars ]; + platforms = stdenv.lib.platforms.unix; + }; +} diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index e0405b63f9f..60a5ad93ad3 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -327,6 +327,8 @@ in modules // { hdf5 = pkgs.hdf5.override { zlib = pkgs.zlib; }; }; + pyunbound = callPackage ../tools/networking/unbound/python.nix { }; + # packages defined here aafigure = buildPythonPackage rec { From ea6bd8fa79f578706667439126adebcfeda93af6 Mon Sep 17 00:00:00 2001 From: Frederik Rietdijk Date: Mon, 1 Aug 2016 10:19:48 +0200 Subject: [PATCH 37/97] py-unbound: fix evaluation --- pkgs/tools/networking/unbound/python.nix | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/networking/unbound/python.nix b/pkgs/tools/networking/unbound/python.nix index b2f43740a67..5d7096ab168 100644 --- a/pkgs/tools/networking/unbound/python.nix +++ b/pkgs/tools/networking/unbound/python.nix @@ -1,6 +1,8 @@ -{ stdenv, fetchurl, openssl, expat, libevent, swig, python, pythonPackages }: +{ stdenv, fetchurl, openssl, expat, libevent, swig, pythonPackages }: -stdenv.mkDerivation rec { +let + inherit (pythonPackages) python; +in stdenv.mkDerivation rec { pname = "pyunbound"; name = "${pname}-${version}"; version = "1.5.9"; From 0a1703ba279b186f3dac6dbed2d793c1172866f1 Mon Sep 17 00:00:00 2001 From: Frederik Rietdijk Date: Mon, 1 Aug 2016 10:19:55 +0200 Subject: [PATCH 38/97] hash-slinger: fix evaluation --- pkgs/tools/security/hash-slinger/default.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/pkgs/tools/security/hash-slinger/default.nix b/pkgs/tools/security/hash-slinger/default.nix index 9551c8e36db..4d60b11f977 100644 --- a/pkgs/tools/security/hash-slinger/default.nix +++ b/pkgs/tools/security/hash-slinger/default.nix @@ -1,6 +1,8 @@ { stdenv, fetchFromGitHub, pythonPackages, openssh, gnupg, unbound, libreswan }: -stdenv.mkDerivation rec { +let + inherit (pythonPackages) python; +in stdenv.mkDerivation rec { pname = "hash-slinger"; name = "${pname}-${version}"; version = "2.7"; From 2a05368ff3217175cd87105e778e2e70bc7eef1c Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 28 Jul 2016 18:10:17 +0200 Subject: [PATCH 39/97] Remove $NIXOS_LABEL and $NIXOS_VERSION Relying on environment variables to override configuration options is ugly, and there is no reason for them. --- nixos/modules/misc/version.nix | 23 ++++------------------- 1 file changed, 4 insertions(+), 19 deletions(-) diff --git a/nixos/modules/misc/version.nix b/nixos/modules/misc/version.nix index 9a37f595093..9158d82a73a 100644 --- a/nixos/modules/misc/version.nix +++ b/nixos/modules/misc/version.nix @@ -35,23 +35,8 @@ in nixosLabel = mkOption { type = types.str; description = '' - NixOS version name to be used in the names of generated - outputs and boot labels. - - If you ever wanted to influence the labels in your GRUB menu, - this is option is for you. - - Can be set directly or with NIXOS_LABEL - environment variable for nixos-rebuild, - e.g.: - - - #!/bin/sh - today=`date +%Y%m%d` - branch=`(cd nixpkgs ; git branch 2>/dev/null | sed -n '/^\* / { s|^\* ||; p; }')` - revision=`(cd nixpkgs ; git rev-parse HEAD)` - export NIXOS_LABEL="$today.$branch-''${revision:0:7}" - nixos-rebuild switch + Label to be used in the names of generated outputs and boot + labels. ''; }; @@ -102,8 +87,8 @@ in system = { # These defaults are set here rather than up there so that # changing them would not rebuild the manual - nixosLabel = mkDefault (maybeEnv "NIXOS_LABEL" cfg.nixosVersion); - nixosVersion = mkDefault (maybeEnv "NIXOS_VERSION" (cfg.nixosRelease + cfg.nixosVersionSuffix)); + nixosLabel = mkDefault cfg.nixosVersion; + nixosVersion = mkDefault (cfg.nixosRelease + cfg.nixosVersionSuffix); nixosRevision = mkIf (pathIsDirectory gitRepo) (mkDefault gitCommitId); nixosVersionSuffix = mkIf (pathIsDirectory gitRepo) (mkDefault (".git." + gitCommitId)); From 83eb49220b4a91658b710d7095899d04856875a3 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 28 Jul 2016 18:27:03 +0200 Subject: [PATCH 40/97] Manual: Only include the release number (e.g. 16.03) This prevents gratuitous rebuilds of the manual every time the Git revision changes. Should help a bit with #17261. --- nixos/modules/misc/version.nix | 10 +++++----- nixos/modules/services/misc/nixos-manual.nix | 12 +++--------- 2 files changed, 8 insertions(+), 14 deletions(-) diff --git a/nixos/modules/misc/version.nix b/nixos/modules/misc/version.nix index 9158d82a73a..6d4d3a9eea3 100644 --- a/nixos/modules/misc/version.nix +++ b/nixos/modules/misc/version.nix @@ -43,34 +43,34 @@ in nixosVersion = mkOption { internal = true; type = types.str; - description = "NixOS version."; + description = "The full NixOS version (e.g. 16.03.1160.f2d4ee1)."; }; nixosRelease = mkOption { readOnly = true; type = types.str; default = readFile releaseFile; - description = "NixOS release."; + description = "The NixOS release (e.g. 16.03)."; }; nixosVersionSuffix = mkOption { internal = true; type = types.str; default = if pathExists suffixFile then readFile suffixFile else "pre-git"; - description = "NixOS version suffix."; + description = "The NixOS version suffix (e.g. 1160.f2d4ee1)."; }; nixosRevision = mkOption { internal = true; type = types.str; default = if pathExists revisionFile then readFile revisionFile else "master"; - description = "NixOS Git revision hash."; + description = "The Git revision from which this NixOS configuration was built."; }; nixosCodeName = mkOption { readOnly = true; type = types.str; - description = "NixOS release code name."; + description = "The NixOS release code name (e.g. Emu)."; }; defaultChannel = mkOption { diff --git a/nixos/modules/services/misc/nixos-manual.nix b/nixos/modules/services/misc/nixos-manual.nix index 37ea339300d..a60d5f7983b 100644 --- a/nixos/modules/services/misc/nixos-manual.nix +++ b/nixos/modules/services/misc/nixos-manual.nix @@ -11,12 +11,6 @@ let cfg = config.services.nixosManual; - versionModule = - { system.nixosVersionSuffix = config.system.nixosVersionSuffix; - system.nixosRevision = config.system.nixosRevision; - nixpkgs.system = config.nixpkgs.system; - }; - /* For the purpose of generating docs, evaluate options with each derivation in `pkgs` (recursively) replaced by a fake with path "\${pkgs.attribute.path}". It isn't perfect, but it seems to cover a vast majority of use cases. @@ -24,12 +18,12 @@ let the path above will be shown and not e.g. `${config.services.foo.package}`. */ manual = import ../../../doc/manual { inherit pkgs; - version = config.system.nixosVersion; - revision = config.system.nixosRevision; + version = config.system.nixosRelease; + revision = "release-${config.system.nixosRelease}"; options = let scrubbedEval = evalModules { - modules = [ versionModule ] ++ baseModules; + modules = [ { nixpkgs.system = config.nixpkgs.system; } ] ++ baseModules; args = (config._module.args) // { modules = [ ]; }; specialArgs = { pkgs = scrubDerivations "pkgs" pkgs; }; }; From d5756cdf0afb066af91b837856867bd8e1bc7fe0 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 28 Jul 2016 18:32:56 +0200 Subject: [PATCH 41/97] Remove the PDF manual PDF is very 20th century and nobody reads technical documentation this way anymore. --- nixos/doc/manual/default.nix | 25 +------------------------ nixos/release.nix | 1 - 2 files changed, 1 insertion(+), 25 deletions(-) diff --git a/nixos/doc/manual/default.nix b/nixos/doc/manual/default.nix index 83dad5fd8dc..c27c6c60eec 100644 --- a/nixos/doc/manual/default.nix +++ b/nixos/doc/manual/default.nix @@ -122,7 +122,7 @@ let Allows for cross-referencing olinks between the manpages - and the HTML/PDF manuals. + and manual. &manualtargets; @@ -229,29 +229,6 @@ in rec { ''; }; - - manualPDF = stdenv.mkDerivation { - name = "nixos-manual-pdf"; - - inherit sources; - - buildInputs = [ libxml2 libxslt dblatex dblatex.tex ]; - - buildCommand = '' - ${copySources} - - dst=$out/share/doc/nixos - mkdir -p $dst - xmllint --xinclude manual.xml | dblatex -o $dst/manual.pdf - \ - -P target.database.document="${olinkDB}/olinkdb.xml" \ - -P doc.collab.show=0 \ - -P latex.output.revhistory=0 - - mkdir -p $out/nix-support - echo "doc-pdf manual $dst/manual.pdf" >> $out/nix-support/hydra-build-products - ''; - }; - # Generate the NixOS manpages. manpages = stdenv.mkDerivation { name = "nixos-manpages"; diff --git a/nixos/release.nix b/nixos/release.nix index 68f06a83298..9886fdea291 100644 --- a/nixos/release.nix +++ b/nixos/release.nix @@ -96,7 +96,6 @@ in rec { manual = buildFromConfig ({ pkgs, ... }: { }) (config: config.system.build.manual.manual); manualEpub = (buildFromConfig ({ pkgs, ... }: { }) (config: config.system.build.manual.manualEpub)); - manualPDF = (buildFromConfig ({ pkgs, ... }: { }) (config: config.system.build.manual.manualPDF)).x86_64-linux; manpages = buildFromConfig ({ pkgs, ... }: { }) (config: config.system.build.manual.manpages); options = (buildFromConfig ({ pkgs, ... }: { }) (config: config.system.build.manual.optionsJSON)).x86_64-linux; From 0804f67024f21a75a710e41423561cc0d3472e2f Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 1 Aug 2016 11:02:41 +0200 Subject: [PATCH 42/97] Fix epub generation * Hydra doesn't like spaces in filenames. * The zip file contained nix/store/.../OEBPS rather than OEBPS at top-level, causing some programs (like okular) to barf. * Remove the redundant $dst/epub directory. --- nixos/doc/manual/default.nix | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/nixos/doc/manual/default.nix b/nixos/doc/manual/default.nix index c27c6c60eec..1bec0d92522 100644 --- a/nixos/doc/manual/default.nix +++ b/nixos/doc/manual/default.nix @@ -221,11 +221,14 @@ in rec { mkdir -p $dst/epub/OEBPS/images/callouts cp -r ${docbook5_xsl}/xml/xsl/docbook/images/callouts/*.gif $dst/epub/OEBPS/images/callouts echo "application/epub+zip" > mimetype - zip -0Xq "$dst/NixOS Manual - NixOS community.epub" mimetype - zip -Xr9D "$dst/NixOS Manual - NixOS community.epub" $dst/epub/* + manual="$dst/nixos-manual.epub" + zip -0Xq "$manual" mimetype + cd $dst/epub && zip -Xr9D "$manual" * + + rm -rf $dst/epub mkdir -p $out/nix-support - echo "doc-epub manual $dst/NixOS Manual - NixOS community.epub" >> $out/nix-support/hydra-build-products + echo "doc-epub manual $manual" >> $out/nix-support/hydra-build-products ''; }; From 56575cc0ac289d1f50358297cb72d9cd73f24630 Mon Sep 17 00:00:00 2001 From: Eric Sagnes Date: Fri, 29 Jul 2016 17:15:37 +0900 Subject: [PATCH 43/97] lib: add fileContents function --- lib/strings.nix | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/lib/strings.nix b/lib/strings.nix index 5e5f7b37866..daf84583934 100644 --- a/lib/strings.nix +++ b/lib/strings.nix @@ -479,4 +479,14 @@ rec { absolutePaths = builtins.map (path: builtins.toPath (root + "/" + path)) relativePaths; in absolutePaths; + + /* Read the contents of a file removing the trailing \n + + Example: + $ echo "1.0" > ./version + + fileContents ./version + => "1.0" + */ + fileContents = file: removeSuffix "\n" (builtins.readFile file); } From 85d8b016600925791cbf970f69873dfac1f781cb Mon Sep 17 00:00:00 2001 From: Eric Sagnes Date: Sun, 31 Jul 2016 21:58:54 +0900 Subject: [PATCH 44/97] lib: refactor commitIdFromGitRepo with fileContents --- lib/sources.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/sources.nix b/lib/sources.nix index 535b04523b5..c1ec02b9c26 100644 --- a/lib/sources.nix +++ b/lib/sources.nix @@ -44,12 +44,12 @@ rec { packedRefsName = toString path + "/packed-refs"; in if lib.pathExists fileName then - let fileContent = readFile fileName; + let fileContent = lib.fileContents fileName; # Sometimes git stores the commitId directly in the file but # sometimes it stores something like: «ref: refs/heads/branch-name» - matchRef = match "^ref: (.*)\n$" fileContent; + matchRef = match "^ref: (.*)$" fileContent; in if isNull matchRef - then lib.removeSuffix "\n" fileContent + then fileContent else readCommitFromFile path (lib.head matchRef) # Sometimes, the file isn't there at all and has been packed away in the # packed-refs file, so we have to grep through it: From e276842f6adef45554f05f2aee8c938c8c651ed1 Mon Sep 17 00:00:00 2001 From: Eric Sagnes Date: Sun, 31 Jul 2016 21:59:30 +0900 Subject: [PATCH 45/97] lib: refactor nixpkgsVersion with fileContents --- lib/trivial.nix | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/lib/trivial.nix b/lib/trivial.nix index 9821e3c138d..f85c74ab88e 100644 --- a/lib/trivial.nix +++ b/lib/trivial.nix @@ -62,11 +62,13 @@ rec { isInt add sub lessThan seq deepSeq genericClosure; + inherit (import ./strings.nix) fileContents; + # Return the Nixpkgs version number. nixpkgsVersion = let suffixFile = ../.version-suffix; in - readFile ../.version - + (if pathExists suffixFile then readFile suffixFile else "pre-git"); + fileContents ../.version + + (if pathExists suffixFile then fileContents suffixFile else "pre-git"); # Whether we're being called by nix-shell. inNixShell = builtins.getEnv "IN_NIX_SHELL" == "1"; From 1114ab41e6622cc4ac59ffb16e3bd291194e3208 Mon Sep 17 00:00:00 2001 From: Eric Sagnes Date: Sun, 31 Jul 2016 22:05:38 +0900 Subject: [PATCH 46/97] release.nix: refactor with fileContents --- nixos/release.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/release.nix b/nixos/release.nix index 9886fdea291..4647a02afb1 100644 --- a/nixos/release.nix +++ b/nixos/release.nix @@ -7,7 +7,7 @@ with import ../lib; let - version = builtins.readFile ../.version; + version = fileContents ../.version; versionSuffix = (if stableBranch then "." else "pre") + "${toString nixpkgs.revCount}.${nixpkgs.shortRev}"; From c7bd26e5376da23e94c49515f0bff60964de4433 Mon Sep 17 00:00:00 2001 From: Eric Sagnes Date: Sun, 31 Jul 2016 22:08:29 +0900 Subject: [PATCH 47/97] version module: refactor with fileContents --- nixos/modules/misc/version.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/nixos/modules/misc/version.nix b/nixos/modules/misc/version.nix index 6d4d3a9eea3..6af310a9d87 100644 --- a/nixos/modules/misc/version.nix +++ b/nixos/modules/misc/version.nix @@ -49,21 +49,21 @@ in nixosRelease = mkOption { readOnly = true; type = types.str; - default = readFile releaseFile; + default = fileContents releaseFile; description = "The NixOS release (e.g. 16.03)."; }; nixosVersionSuffix = mkOption { internal = true; type = types.str; - default = if pathExists suffixFile then readFile suffixFile else "pre-git"; + default = if pathExists suffixFile then fileContents suffixFile else "pre-git"; description = "The NixOS version suffix (e.g. 1160.f2d4ee1)."; }; nixosRevision = mkOption { internal = true; type = types.str; - default = if pathExists revisionFile then readFile revisionFile else "master"; + default = if pathExists revisionFile then fileContents revisionFile else "master"; description = "The Git revision from which this NixOS configuration was built."; }; From 4c97e4fbffd5cba4fb1ae32172b730658972550a Mon Sep 17 00:00:00 2001 From: Eric Sagnes Date: Mon, 1 Aug 2016 18:34:54 +0900 Subject: [PATCH 48/97] make tarball: refactor with fileContents --- pkgs/top-level/make-tarball.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/top-level/make-tarball.nix b/pkgs/top-level/make-tarball.nix index b664dceaa95..2fe69390ec5 100644 --- a/pkgs/top-level/make-tarball.nix +++ b/pkgs/top-level/make-tarball.nix @@ -15,7 +15,7 @@ releaseTools.sourceTarball rec { src = nixpkgs; inherit officialRelease; - version = builtins.readFile ../../.version; + version = pkgs.lib.fileContents ../../.version; versionSuffix = "pre${toString nixpkgs.revCount}.${nixpkgs.shortRev}"; buildInputs = [ nix.out jq ]; From 292f2f41e97472d4e7ff93ea9edd535fb25fd306 Mon Sep 17 00:00:00 2001 From: Damien Cassou Date: Mon, 1 Aug 2016 12:40:33 +0200 Subject: [PATCH 49/97] vdirsyncer: 0.11.2 -> 0.11.3 --- pkgs/tools/misc/vdirsyncer/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/misc/vdirsyncer/default.nix b/pkgs/tools/misc/vdirsyncer/default.nix index 1a8621effd5..51762006b62 100644 --- a/pkgs/tools/misc/vdirsyncer/default.nix +++ b/pkgs/tools/misc/vdirsyncer/default.nix @@ -3,12 +3,12 @@ # Packaging documentation at: # https://github.com/untitaker/vdirsyncer/blob/master/docs/packaging.rst pythonPackages.buildPythonApplication rec { - version = "0.11.2"; + version = "0.11.3"; name = "vdirsyncer-${version}"; src = fetchurl { url = "mirror://pypi/v/vdirsyncer/${name}.tar.gz"; - sha256 = "15isw2jhjfxi213wdj9d8mwq2m58k8bwf831qnxrjcz7j7bwy7mj"; + sha256 = "10majl58vdpxgbddjqgwblvl7akvvr4c2c8iaxnf3kgyh01jq6k9"; }; propagatedBuildInputs = with pythonPackages; [ From 76f2e827a7b65bb486edb16a2210fa8cc4c457bf Mon Sep 17 00:00:00 2001 From: Joachim Fasting Date: Mon, 1 Aug 2016 12:46:48 +0200 Subject: [PATCH 50/97] grsecurity: 4.6.5-201607272152 -> 4.6.5-201607312210 --- pkgs/os-specific/linux/kernel/patches.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/patches.nix b/pkgs/os-specific/linux/kernel/patches.nix index e538a527f50..375f0e3b0b4 100644 --- a/pkgs/os-specific/linux/kernel/patches.nix +++ b/pkgs/os-specific/linux/kernel/patches.nix @@ -94,8 +94,8 @@ rec { grsecurity_testing = grsecPatch { kver = "4.6.5"; - grrev = "201607272152"; - sha256 = "120rj3cpvbchihj3w3i9j2fxvap3270kfxjfznw2ljglzf7pi8zc"; + grrev = "201607312210"; + sha256 = "17dnp6w092kvqxqxbdgjpl4mrsn2wkb7z8q5d8ck7dfanpmqap0w"; }; # This patch relaxes grsec constraints on the location of usermode helpers, From c91d07b6689c9f7bd90622a0d31530005c02256d Mon Sep 17 00:00:00 2001 From: Joachim Fasting Date: Mon, 1 Aug 2016 12:55:42 +0200 Subject: [PATCH 51/97] dnscrypt-proxy module: types.string should be types.str --- nixos/modules/services/networking/dnscrypt-proxy.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nixos/modules/services/networking/dnscrypt-proxy.nix b/nixos/modules/services/networking/dnscrypt-proxy.nix index 227e38acc4a..984219676cd 100644 --- a/nixos/modules/services/networking/dnscrypt-proxy.nix +++ b/nixos/modules/services/networking/dnscrypt-proxy.nix @@ -55,7 +55,7 @@ in ''; }; localAddress = mkOption { default = "127.0.0.1"; - type = types.string; + type = types.str; description = '' Listen for DNS queries to relay on this address. The only reason to change this from its default value is to proxy queries on behalf @@ -74,7 +74,7 @@ in }; resolverName = mkOption { default = "dnscrypt.eu-nl"; - type = types.nullOr types.string; + type = types.nullOr types.str; description = '' The name of the upstream DNSCrypt resolver to use, taken from the list named in the resolverList option. From 7f3ca5d75b351cebf284aa2ab4d5ac01920b67d0 Mon Sep 17 00:00:00 2001 From: Kranium Gikos Mendoza Date: Mon, 1 Aug 2016 19:20:45 +0800 Subject: [PATCH 52/97] leatherman: disable curl test to fix build --- pkgs/development/libraries/leatherman/default.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/pkgs/development/libraries/leatherman/default.nix b/pkgs/development/libraries/leatherman/default.nix index 3dfc9e2990e..a4b007fa399 100644 --- a/pkgs/development/libraries/leatherman/default.nix +++ b/pkgs/development/libraries/leatherman/default.nix @@ -13,6 +13,10 @@ stdenv.mkDerivation rec { buildInputs = [ boost cmake curl ]; + # curl upgrade to 7.50.0 (#17152) broke the curl mock tests, disabling for now + # upstream bug raised https://tickets.puppetlabs.com/browse/LTH-108 + cmakeFlags = [ "-DLEATHERMAN_MOCK_CURL=OFF" ]; + meta = with stdenv.lib; { homepage = https://github.com/puppetlabs/leatherman/; description = "A collection of C++ and CMake utility libraries"; From 8d84e6a20fad4bab7d8a75ba7d4f45657ac464a5 Mon Sep 17 00:00:00 2001 From: obadz Date: Mon, 1 Aug 2016 13:22:03 +0100 Subject: [PATCH 53/97] libreoffice: add compile flag -fpermissive due to libcurl upgrade curl upgrade to 7.50.0 (#17152) changes the libcurl headers slightly and therefore requires the -fpermissive flag until this package gets updated --- pkgs/applications/office/libreoffice/default.nix | 4 +++- pkgs/applications/office/libreoffice/still.nix | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/office/libreoffice/default.nix b/pkgs/applications/office/libreoffice/default.nix index 63af5babca2..6b206bb13d9 100644 --- a/pkgs/applications/office/libreoffice/default.nix +++ b/pkgs/applications/office/libreoffice/default.nix @@ -76,7 +76,9 @@ in stdenv.mkDerivation rec { # For some reason librdf_redland sometimes refers to rasqal.h instead # of rasqal/rasqal.h - NIX_CFLAGS_COMPILE="-I${librdf_rasqal}/include/rasqal"; + # curl upgrade to 7.50.0 (#17152) changes the libcurl headers slightly and + # therefore requires the -fpermissive flag until this package gets updated + NIX_CFLAGS_COMPILE="-I${librdf_rasqal}/include/rasqal -fpermissive"; # If we call 'configure', 'make' will then call configure again without parameters. # It's their system. diff --git a/pkgs/applications/office/libreoffice/still.nix b/pkgs/applications/office/libreoffice/still.nix index eadf4135630..248772b759f 100644 --- a/pkgs/applications/office/libreoffice/still.nix +++ b/pkgs/applications/office/libreoffice/still.nix @@ -76,7 +76,9 @@ in stdenv.mkDerivation rec { # For some reason librdf_redland sometimes refers to rasqal.h instead # of rasqal/rasqal.h - NIX_CFLAGS_COMPILE="-I${librdf_rasqal}/include/rasqal"; + # curl upgrade to 7.50.0 (#17152) changes the libcurl headers slightly and + # therefore requires the -fpermissive flag until this package gets updated + NIX_CFLAGS_COMPILE="-I${librdf_rasqal}/include/rasqal -fpermissive"; # If we call 'configure', 'make' will then call configure again without parameters. # It's their system. From 52b787b0cd779f1f0da379127fa4e8db0b927551 Mon Sep 17 00:00:00 2001 From: Shea Levy Date: Mon, 1 Aug 2016 08:32:38 -0400 Subject: [PATCH 54/97] Add dell-530cdn printer driver --- pkgs/misc/drivers/dell-530cdn/default.nix | 13 +++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 2 files changed, 15 insertions(+) create mode 100644 pkgs/misc/drivers/dell-530cdn/default.nix diff --git a/pkgs/misc/drivers/dell-530cdn/default.nix b/pkgs/misc/drivers/dell-530cdn/default.nix new file mode 100644 index 00000000000..9b2f8bd47b3 --- /dev/null +++ b/pkgs/misc/drivers/dell-530cdn/default.nix @@ -0,0 +1,13 @@ +{ runCommand, fetchurl, rpm, cpio }: let + version = "1.3-1"; + + src = fetchurl { + url = "http://downloads.dell.com/printer/Dell-5130cdn-Color-Laser-${version}.noarch.rpm"; + md5 = "7fb7122e67e40b99deb9665d88df62d1"; + }; +in runCommand "Dell-5130cdn-Color-Laser-1.3-1" {} '' + mkdir -p usr/share/cups/model + ${rpm}/bin/rpm2cpio ${src} | ${cpio}/bin/cpio -i + mkdir -p $out/share/ppd + mv usr/share/cups/model/Dell $out/share/ppd +'' diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 1907f1ffd66..d72a5574fe8 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -16998,6 +16998,8 @@ in dbus-map = callPackage ../tools/misc/dbus-map { }; + dell-530cdn = callPackage ../misc/drivers/dell-530cdn {}; + dosbox = callPackage ../misc/emulators/dosbox { }; dpkg = callPackage ../tools/package-management/dpkg { }; From 053df6076330e3cbcbb87f9a1b3646cab52be638 Mon Sep 17 00:00:00 2001 From: Jascha Geerds Date: Mon, 1 Aug 2016 15:59:18 +0200 Subject: [PATCH 55/97] pythonPackages.kaptan: init at 0.5.8 --- pkgs/top-level/python-packages.nix | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 46859333a84..39e8c1d7abd 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -9408,6 +9408,25 @@ in modules // { }; }; + kaptan = buildPythonPackage rec { + name = "kaptan-${version}"; + version = "0.5.8"; + + src = pkgs.fetchurl { + url = "mirror://pypi/k/kaptan/${name}.tar.gz"; + sha256 = "1b8r86yyvdvyxd6f10mhkl6cr2jhxm80jjqr4zch96w9hs9rh5vq"; + }; + + propagatedBuildInputs = with self; [ pyyaml ]; + + meta = with stdenv.lib; { + description = "Configuration manager for python applications"; + homepage = https://emre.github.io/kaptan/; + license = licenses.bsd3; + platforms = platforms.linux; + maintainers = with maintainers; [ jgeerds ]; + }; + }; keepalive = buildPythonPackage rec { name = "keepalive-${version}"; From 0fb70dfbb01efa816049b0d821996e0f4d4cf6f6 Mon Sep 17 00:00:00 2001 From: Jascha Geerds Date: Mon, 1 Aug 2016 15:59:55 +0200 Subject: [PATCH 56/97] pythonPackages.libtmux: init at 0.5.0 --- pkgs/top-level/python-packages.nix | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 39e8c1d7abd..7ccbb0c2dca 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -4928,6 +4928,24 @@ in modules // { }; }; + libtmux = buildPythonPackage rec { + name = "libtmux-${version}"; + version = "0.5.0"; + + src = pkgs.fetchurl { + url = "mirror://pypi/l/libtmux/${name}.tar.gz"; + sha256 = "0fwydaahgflz9w753v1cmkfzrlfq1vb8zp4i20m2d3lvkm4crv93"; + }; + + meta = with stdenv.lib; { + description = "Scripting library for tmux"; + homepage = https://libtmux.readthedocs.io/; + license = licenses.bsd3; + platforms = platforms.linux; + maintainers = with maintainers; [ jgeerds ]; + }; + }; + locket = buildPythonPackage rec { name = "locket-${version}"; version = "0.2.0"; From 9cc42ade37cb4f4e9c0bb294e03c80e51fc07fb7 Mon Sep 17 00:00:00 2001 From: Jascha Geerds Date: Mon, 1 Aug 2016 16:01:02 +0200 Subject: [PATCH 57/97] tmuxp: init at 1.2.0 --- pkgs/tools/misc/tmuxp/default.nix | 25 +++++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 2 files changed, 27 insertions(+) create mode 100644 pkgs/tools/misc/tmuxp/default.nix diff --git a/pkgs/tools/misc/tmuxp/default.nix b/pkgs/tools/misc/tmuxp/default.nix new file mode 100644 index 00000000000..08dcc184b3c --- /dev/null +++ b/pkgs/tools/misc/tmuxp/default.nix @@ -0,0 +1,25 @@ +{ stdenv, fetchurl, pythonPackages }: + +pythonPackages.buildPythonApplication rec { + name = "tmuxp-${version}"; + version = "1.2.0"; + + namePrefix = ""; + + src = fetchurl { + url = "mirror://pypi/t/tmuxp/${name}.tar.gz"; + sha256 = "05z5ssv9glsqmcy9fdq06bawy1274dnzqsqd3a4z4jd0w6j09smn"; + }; + + propagatedBuildInputs = with pythonPackages; [ + click colorama kaptan libtmux + ]; + + meta = with stdenv.lib; { + description = "Manage tmux workspaces from JSON and YAML"; + homepage = "http://tmuxp.readthedocs.io"; + license = licenses.bsd3; + platforms = platforms.linux; + maintainers = with maintainers; [ jgeerds ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 9b0c9e6ce6b..c35136b1637 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -3702,6 +3702,8 @@ in tmux-cssh = callPackage ../tools/misc/tmux-cssh { }; + tmuxp = callPackage ../tools/misc/tmuxp { }; + tmuxinator = callPackage ../tools/misc/tmuxinator { }; tmin = callPackage ../tools/security/tmin { }; From 5d11dac8bb8f10b797467e913d6ebb9ea1eccd29 Mon Sep 17 00:00:00 2001 From: Karn Kallio Date: Mon, 1 Aug 2016 09:44:04 -0400 Subject: [PATCH 58/97] nvidia-x11: advance to 365.35 and patch kernel 4.7. --- .../linux/nvidia-x11/365.35-kernel-4.7.patch | 40 +++++++++++++++++++ pkgs/os-specific/linux/nvidia-x11/default.nix | 8 ++-- 2 files changed, 45 insertions(+), 3 deletions(-) create mode 100644 pkgs/os-specific/linux/nvidia-x11/365.35-kernel-4.7.patch diff --git a/pkgs/os-specific/linux/nvidia-x11/365.35-kernel-4.7.patch b/pkgs/os-specific/linux/nvidia-x11/365.35-kernel-4.7.patch new file mode 100644 index 00000000000..8d1436c5094 --- /dev/null +++ b/pkgs/os-specific/linux/nvidia-x11/365.35-kernel-4.7.patch @@ -0,0 +1,40 @@ +diff -Naur NVIDIA-Linux-x86_64-367.35-no-compat32-upstream/kernel/nvidia-drm/nvidia-drm-fb.c NVIDIA-Linux-x86_64-367.35-no-compat32/kernel/nvidia-drm/nvidia-drm-fb.c +--- NVIDIA-Linux-x86_64-367.35-no-compat32-upstream/kernel/nvidia-drm/nvidia-drm-fb.c 2016-07-31 19:07:06.595038290 -0400 ++++ NVIDIA-Linux-x86_64-367.35-no-compat32/kernel/nvidia-drm/nvidia-drm-fb.c 2016-07-31 19:09:18.532197060 -0400 +@@ -114,7 +114,7 @@ + * We don't support any planar format, pick up first buffer only. + */ + +- gem = drm_gem_object_lookup(dev, file, cmd->handles[0]); ++ gem = drm_gem_object_lookup(file, cmd->handles[0]); + + if (gem == NULL) + { +diff -Naur NVIDIA-Linux-x86_64-367.35-no-compat32-upstream/kernel/nvidia-drm/nvidia-drm-gem.c NVIDIA-Linux-x86_64-367.35-no-compat32/kernel/nvidia-drm/nvidia-drm-gem.c +--- NVIDIA-Linux-x86_64-367.35-no-compat32-upstream/kernel/nvidia-drm/nvidia-drm-gem.c 2016-07-31 19:07:06.595038290 -0400 ++++ NVIDIA-Linux-x86_64-367.35-no-compat32/kernel/nvidia-drm/nvidia-drm-gem.c 2016-07-31 19:08:56.187492736 -0400 +@@ -408,7 +408,7 @@ + + mutex_lock(&dev->struct_mutex); + +- gem = drm_gem_object_lookup(dev, file, handle); ++ gem = drm_gem_object_lookup(file, handle); + + if (gem == NULL) + { +diff -Naur NVIDIA-Linux-x86_64-367.35-no-compat32-upstream/kernel/nvidia-uvm/uvm_linux.h NVIDIA-Linux-x86_64-367.35-no-compat32/kernel/nvidia-uvm/uvm_linux.h +--- NVIDIA-Linux-x86_64-367.35-no-compat32-upstream/kernel/nvidia-uvm/uvm_linux.h 2016-07-31 19:07:06.600038448 -0400 ++++ NVIDIA-Linux-x86_64-367.35-no-compat32/kernel/nvidia-uvm/uvm_linux.h 2016-07-31 19:08:06.506926763 -0400 +@@ -554,12 +554,6 @@ + INIT_RADIX_TREE(tree, GFP_NOWAIT); + } + +-static bool radix_tree_empty(struct radix_tree_root *tree) +-{ +- void *dummy; +- return radix_tree_gang_lookup(tree, &dummy, 0, 1) == 0; +-} +- + + #if !defined(NV_USLEEP_RANGE_PRESENT) + static void __sched usleep_range(unsigned long min, unsigned long max) diff --git a/pkgs/os-specific/linux/nvidia-x11/default.nix b/pkgs/os-specific/linux/nvidia-x11/default.nix index e3be760700b..5edf03bf409 100644 --- a/pkgs/os-specific/linux/nvidia-x11/default.nix +++ b/pkgs/os-specific/linux/nvidia-x11/default.nix @@ -12,7 +12,7 @@ assert (!libsOnly) -> kernel != null; let - versionNumber = "361.45.11"; + versionNumber = "367.35"; # Policy: use the highest stable version as the default (on our master). inherit (stdenv.lib) makeLibraryPath; @@ -28,12 +28,12 @@ stdenv.mkDerivation { if stdenv.system == "i686-linux" then fetchurl { url = "http://download.nvidia.com/XFree86/Linux-x86/${versionNumber}/NVIDIA-Linux-x86-${versionNumber}.run"; - sha256 = "036v7bzh9zy7zvaz2wf7zsamrynbg1yr1dll7sf1l928w059i6pb"; + sha256 = "05g36bxcfk21ab8b0ay3zy21k5nd71468p9y1nbflx7ghpx25jrq"; } else if stdenv.system == "x86_64-linux" then fetchurl { url = "http://download.nvidia.com/XFree86/Linux-x86_64/${versionNumber}/NVIDIA-Linux-x86_64-${versionNumber}-no-compat32.run"; - sha256 = "1f8bxmf8cr3cgzxgap5ccb1yrqyrrdig19dp282y6z9xjq27l074"; + sha256 = "0m4k8f0212l63h22wk6hgi8fbfsgxqih5mizsw4ixqqmjd75av4a"; } else throw "nvidia-x11 does not support platform ${stdenv.system}"; @@ -53,6 +53,8 @@ stdenv.mkDerivation { [ gtk atk pango glib gdk_pixbuf cairo ] ); programPath = makeLibraryPath [ xorg.libXv ]; + patches = if versionAtLeast kernel.version "4.7" then [ ./365.35-kernel-4.7.patch ] else []; + buildInputs = [ perl nukeReferences ]; disallowedReferences = if libsOnly then [] else [ kernel.dev ]; From d1572d06fe13302263e451e91ec6777ecd66e50e Mon Sep 17 00:00:00 2001 From: Joachim Fasting Date: Mon, 1 Aug 2016 15:56:09 +0200 Subject: [PATCH 59/97] grsecurity module: correct internal note --- nixos/modules/security/grsecurity.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/modules/security/grsecurity.nix b/nixos/modules/security/grsecurity.nix index 4b9a11cf6dc..6b4dbe8e11f 100644 --- a/nixos/modules/security/grsecurity.nix +++ b/nixos/modules/security/grsecurity.nix @@ -97,7 +97,7 @@ in # Configure system tunables boot.kernel.sysctl = { - # Removed under grsecurity + # Read-only under grsecurity "kernel.kptr_restrict" = mkForce null; } // optionalAttrs config.nix.useSandbox { # chroot(2) restrictions that conflict with sandboxed Nix builds From 8fd84fcb870b3d55f6760ede5bb46aa57bbec64e Mon Sep 17 00:00:00 2001 From: Michael Raskin <7c6f434c@mail.ru> Date: Mon, 1 Aug 2016 17:22:28 +0200 Subject: [PATCH 60/97] libreoffice: reinstante and use curl 7.48 before the removal of a required feature. CVE's not fixed because of that decision: a Windows-specific DLL substitution and a mbedSSL/PolarSSL specific insufficient certificate validation --- pkgs/tools/networking/curl/7.48.nix | 90 +++++++++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 9 +++ 2 files changed, 99 insertions(+) create mode 100644 pkgs/tools/networking/curl/7.48.nix diff --git a/pkgs/tools/networking/curl/7.48.nix b/pkgs/tools/networking/curl/7.48.nix new file mode 100644 index 00000000000..d156423a547 --- /dev/null +++ b/pkgs/tools/networking/curl/7.48.nix @@ -0,0 +1,90 @@ +{ stdenv, fetchurl, pkgconfig, perl +, http2Support ? true, nghttp2 +, idnSupport ? false, libidn ? null +, ldapSupport ? false, openldap ? null +, zlibSupport ? false, zlib ? null +, sslSupport ? false, openssl ? null +, scpSupport ? false, libssh2 ? null +, gssSupport ? false, gss ? null +, c-aresSupport ? false, c-ares ? null +}: + +assert http2Support -> nghttp2 != null; +assert idnSupport -> libidn != null; +assert ldapSupport -> openldap != null; +assert zlibSupport -> zlib != null; +assert sslSupport -> openssl != null; +assert scpSupport -> libssh2 != null; +assert c-aresSupport -> c-ares != null; + +stdenv.mkDerivation rec { + name = "curl-7.48.0"; + + src = fetchurl { + url = "http://curl.haxx.se/download/${name}.tar.bz2"; + sha256 = "0ly7fbysxrdbclswcr6s7n5sfxfffzazv8blqr16sn0b44cphkl6"; + }; + + outputs = [ "dev" "out" "bin" "man" "docdev" ]; + + nativeBuildInputs = [ pkgconfig perl ]; + + # Zlib and OpenSSL must be propagated because `libcurl.la' contains + # "-lz -lssl", which aren't necessary direct build inputs of + # applications that use Curl. + propagatedBuildInputs = with stdenv.lib; + optional http2Support nghttp2 ++ + optional idnSupport libidn ++ + optional ldapSupport openldap ++ + optional zlibSupport zlib ++ + optional gssSupport gss ++ + optional c-aresSupport c-ares ++ + optional sslSupport openssl ++ + optional scpSupport libssh2; + + # for the second line see http://curl.haxx.se/mail/tracker-2014-03/0087.html + preConfigure = '' + sed -e 's|/usr/bin|/no-such-path|g' -i.bak configure + rm src/tool_hugehelp.c + ''; + + configureFlags = [ + "--with-ca-bundle=/etc/ssl/certs/ca-certificates.crt" + "--disable-manual" + ( if sslSupport then "--with-ssl=${openssl.dev}" else "--without-ssl" ) + ( if scpSupport then "--with-libssh2=${libssh2.dev}" else "--without-libssh2" ) + ( if ldapSupport then "--enable-ldap" else "--disable-ldap" ) + ( if ldapSupport then "--enable-ldaps" else "--disable-ldaps" ) + ( if idnSupport then "--with-libidn=${libidn.dev}" else "--without-libidn" ) + ] + ++ stdenv.lib.optional c-aresSupport "--enable-ares=${c-ares}" + ++ stdenv.lib.optional gssSupport "--with-gssapi=${gss}"; + + CXX = "g++"; + CXXCPP = "g++ -E"; + + postInstall = '' + moveToOutput bin/curl-config "$dev" + sed '/^dependency_libs/s|${libssh2.dev}|${libssh2.out}|' -i "$out"/lib/*.la + ''; + + crossAttrs = { + # We should refer to the cross built openssl + # For the 'urandom', maybe it should be a cross-system option + configureFlags = [ + ( if sslSupport then "--with-ssl=${openssl.crossDrv}" else "--without-ssl" ) + "--with-random /dev/urandom" + ]; + }; + + passthru = { + inherit sslSupport openssl; + }; + + meta = with stdenv.lib; { + description = "A command line tool for transferring files with URL syntax"; + homepage = http://curl.haxx.se/; + maintainers = with maintainers; [ lovek323 ]; + platforms = platforms.all; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index c35136b1637..79ae2523ff6 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -1235,6 +1235,14 @@ in scpSupport = zlibSupport && !stdenv.isSunOS && !stdenv.isCygwin; }; + curl_7_48 = callPackage ../tools/networking/curl/7.48.nix rec { + fetchurl = fetchurlBoot; + http2Support = !stdenv.isDarwin; + zlibSupport = true; + sslSupport = zlibSupport; + scpSupport = zlibSupport && !stdenv.isSunOS && !stdenv.isCygwin; + }; + curl3 = callPackage ../tools/networking/curl/7.15.nix rec { zlibSupport = true; sslSupport = zlibSupport; @@ -13720,6 +13728,7 @@ in harfbuzz = harfbuzz.override { withIcu = true; withGraphite2 = true; }; + curl = curl_7_48; }); From 93bac07b38d6d46c599e5440bd05c5bc7cf4c6ab Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B8rn=20Forsman?= Date: Mon, 1 Aug 2016 17:10:37 +0200 Subject: [PATCH 61/97] mopidy: fix zeroconf support (by depending on dbus) Closure size increases by 1 MiB, from 480 to 481. --- pkgs/applications/audio/mopidy/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/applications/audio/mopidy/default.nix b/pkgs/applications/audio/mopidy/default.nix index c1bdab8622c..5feabbf4206 100644 --- a/pkgs/applications/audio/mopidy/default.nix +++ b/pkgs/applications/audio/mopidy/default.nix @@ -22,7 +22,7 @@ pythonPackages.buildPythonApplication rec { ]; propagatedBuildInputs = with pythonPackages; [ - gst-python pygobject3 pykka tornado requests2 + gst-python pygobject3 pykka tornado requests2 dbus ]; # There are no tests From 9c15bb703155d480a70be4f7d202ba20a1e9a6e4 Mon Sep 17 00:00:00 2001 From: Michael Raskin <7c6f434c@mail.ru> Date: Mon, 1 Aug 2016 17:31:24 +0200 Subject: [PATCH 62/97] Revert "libreoffice: reinstante and use curl 7.48 before the removal of a required feature. CVE's not fixed because of that decision: a Windows-specific DLL substitution and a mbedSSL/PolarSSL specific insufficient certificate validation" This reverts commit 8fd84fcb870b3d55f6760ede5bb46aa57bbec64e. While I was testing my solution, @obadz have committed a different and hopefully a better one. --- pkgs/tools/networking/curl/7.48.nix | 90 ----------------------------- pkgs/top-level/all-packages.nix | 9 --- 2 files changed, 99 deletions(-) delete mode 100644 pkgs/tools/networking/curl/7.48.nix diff --git a/pkgs/tools/networking/curl/7.48.nix b/pkgs/tools/networking/curl/7.48.nix deleted file mode 100644 index d156423a547..00000000000 --- a/pkgs/tools/networking/curl/7.48.nix +++ /dev/null @@ -1,90 +0,0 @@ -{ stdenv, fetchurl, pkgconfig, perl -, http2Support ? true, nghttp2 -, idnSupport ? false, libidn ? null -, ldapSupport ? false, openldap ? null -, zlibSupport ? false, zlib ? null -, sslSupport ? false, openssl ? null -, scpSupport ? false, libssh2 ? null -, gssSupport ? false, gss ? null -, c-aresSupport ? false, c-ares ? null -}: - -assert http2Support -> nghttp2 != null; -assert idnSupport -> libidn != null; -assert ldapSupport -> openldap != null; -assert zlibSupport -> zlib != null; -assert sslSupport -> openssl != null; -assert scpSupport -> libssh2 != null; -assert c-aresSupport -> c-ares != null; - -stdenv.mkDerivation rec { - name = "curl-7.48.0"; - - src = fetchurl { - url = "http://curl.haxx.se/download/${name}.tar.bz2"; - sha256 = "0ly7fbysxrdbclswcr6s7n5sfxfffzazv8blqr16sn0b44cphkl6"; - }; - - outputs = [ "dev" "out" "bin" "man" "docdev" ]; - - nativeBuildInputs = [ pkgconfig perl ]; - - # Zlib and OpenSSL must be propagated because `libcurl.la' contains - # "-lz -lssl", which aren't necessary direct build inputs of - # applications that use Curl. - propagatedBuildInputs = with stdenv.lib; - optional http2Support nghttp2 ++ - optional idnSupport libidn ++ - optional ldapSupport openldap ++ - optional zlibSupport zlib ++ - optional gssSupport gss ++ - optional c-aresSupport c-ares ++ - optional sslSupport openssl ++ - optional scpSupport libssh2; - - # for the second line see http://curl.haxx.se/mail/tracker-2014-03/0087.html - preConfigure = '' - sed -e 's|/usr/bin|/no-such-path|g' -i.bak configure - rm src/tool_hugehelp.c - ''; - - configureFlags = [ - "--with-ca-bundle=/etc/ssl/certs/ca-certificates.crt" - "--disable-manual" - ( if sslSupport then "--with-ssl=${openssl.dev}" else "--without-ssl" ) - ( if scpSupport then "--with-libssh2=${libssh2.dev}" else "--without-libssh2" ) - ( if ldapSupport then "--enable-ldap" else "--disable-ldap" ) - ( if ldapSupport then "--enable-ldaps" else "--disable-ldaps" ) - ( if idnSupport then "--with-libidn=${libidn.dev}" else "--without-libidn" ) - ] - ++ stdenv.lib.optional c-aresSupport "--enable-ares=${c-ares}" - ++ stdenv.lib.optional gssSupport "--with-gssapi=${gss}"; - - CXX = "g++"; - CXXCPP = "g++ -E"; - - postInstall = '' - moveToOutput bin/curl-config "$dev" - sed '/^dependency_libs/s|${libssh2.dev}|${libssh2.out}|' -i "$out"/lib/*.la - ''; - - crossAttrs = { - # We should refer to the cross built openssl - # For the 'urandom', maybe it should be a cross-system option - configureFlags = [ - ( if sslSupport then "--with-ssl=${openssl.crossDrv}" else "--without-ssl" ) - "--with-random /dev/urandom" - ]; - }; - - passthru = { - inherit sslSupport openssl; - }; - - meta = with stdenv.lib; { - description = "A command line tool for transferring files with URL syntax"; - homepage = http://curl.haxx.se/; - maintainers = with maintainers; [ lovek323 ]; - platforms = platforms.all; - }; -} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 79ae2523ff6..c35136b1637 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -1235,14 +1235,6 @@ in scpSupport = zlibSupport && !stdenv.isSunOS && !stdenv.isCygwin; }; - curl_7_48 = callPackage ../tools/networking/curl/7.48.nix rec { - fetchurl = fetchurlBoot; - http2Support = !stdenv.isDarwin; - zlibSupport = true; - sslSupport = zlibSupport; - scpSupport = zlibSupport && !stdenv.isSunOS && !stdenv.isCygwin; - }; - curl3 = callPackage ../tools/networking/curl/7.15.nix rec { zlibSupport = true; sslSupport = zlibSupport; @@ -13728,7 +13720,6 @@ in harfbuzz = harfbuzz.override { withIcu = true; withGraphite2 = true; }; - curl = curl_7_48; }); From 5341b8b1f8acb58631330eb04cbc7e15e141b686 Mon Sep 17 00:00:00 2001 From: Robin Gloster Date: Mon, 1 Aug 2016 18:46:13 +0200 Subject: [PATCH 63/97] moonlight-embedded: init at 2.2.1 (#17414) --- .../misc/moonlight-embedded/default.nix | 34 +++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 2 files changed, 36 insertions(+) create mode 100644 pkgs/applications/misc/moonlight-embedded/default.nix diff --git a/pkgs/applications/misc/moonlight-embedded/default.nix b/pkgs/applications/misc/moonlight-embedded/default.nix new file mode 100644 index 00000000000..9171e012807 --- /dev/null +++ b/pkgs/applications/misc/moonlight-embedded/default.nix @@ -0,0 +1,34 @@ +{ stdenv, fetchgit, cmake, perl +, alsaLib, libevdev, libopus, libudev, SDL2 +, ffmpeg, pkgconfig, xorg, libvdpau, libpulseaudio, libcec +, curl, expat, avahi, enet, libuuid +}: + +stdenv.mkDerivation rec { + name = "moonlight-embedded-${version}"; + version = "2.2.1"; + + # fetchgit used to ensure submodules are available + src = fetchgit { + url = "git://github.com/irtimmer/moonlight-embedded"; + rev = "refs/tags/v${version}"; + sha256 = "0m1114dsz44rvq402b4v5ib2cwj2vbasir0l8vi0q5iymwmsvxj4"; + }; + + outputs = [ "out" "doc" ]; + + nativeBuildInputs = [ cmake perl ]; + buildInputs = [ + alsaLib libevdev libopus libudev SDL2 + ffmpeg pkgconfig xorg.libxcb libvdpau libpulseaudio libcec + xorg.libpthreadstubs curl expat avahi enet libuuid + ]; + + meta = with stdenv.lib; { + description = "Open source implementation of NVIDIA's GameStream"; + homepage = https://github.com/irtimmer/moonlight-embedded; + license = licenses.gpl3; + maintainers = [ maintainers.globin ]; + platforms = platforms.linux; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index c35136b1637..b1ee80f669e 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -13893,6 +13893,8 @@ in inherit (gnome) libgnomecanvas glib; }; + moonlight-embedded = callPackage ../applications/misc/moonlight-embedded { }; + mop = callPackage ../applications/misc/mop { }; mopidy = callPackage ../applications/audio/mopidy { }; From c90a43f4c53dcc56c556832e5d2d81772f473970 Mon Sep 17 00:00:00 2001 From: Franz Pletz Date: Mon, 1 Aug 2016 19:35:01 +0200 Subject: [PATCH 64/97] nginx module: fix evaluation of root location option --- nixos/modules/services/web-servers/nginx/location-options.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/modules/services/web-servers/nginx/location-options.nix b/nixos/modules/services/web-servers/nginx/location-options.nix index ce3462bed0a..8aaa3e96f80 100644 --- a/nixos/modules/services/web-servers/nginx/location-options.nix +++ b/nixos/modules/services/web-servers/nginx/location-options.nix @@ -22,7 +22,7 @@ with lib; root = mkOption { type = types.nullOr types.path; default = null; - example = /your/root/directory; + example = "/your/root/directory"; description = '' Root directory for requests. ''; From bd14e4242ee022bf1496a76a0235196229e80d8b Mon Sep 17 00:00:00 2001 From: lukasepple Date: Mon, 1 Aug 2016 12:04:42 +0200 Subject: [PATCH 65/97] rdup: init at 1.1.15 --- pkgs/tools/backup/rdup/default.nix | 24 ++++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 2 files changed, 26 insertions(+) create mode 100644 pkgs/tools/backup/rdup/default.nix diff --git a/pkgs/tools/backup/rdup/default.nix b/pkgs/tools/backup/rdup/default.nix new file mode 100644 index 00000000000..8ca07e2c823 --- /dev/null +++ b/pkgs/tools/backup/rdup/default.nix @@ -0,0 +1,24 @@ +{ stdenv, fetchFromGitHub, pkgconfig, autoreconfHook, glib, pcre }: + +stdenv.mkDerivation rec { + name = "rdup-${version}"; + version = "1.1.15"; + + src = fetchFromGitHub { + owner = "miekg"; + repo = "rdup"; + rev = "d66e4320cd0bbcc83253baddafe87f9e0e83caa6"; + sha256 = "0bzyv6qmnivxnv9nw7lnfn46k0m1dlxcjj53zcva6v8y8084l1iw"; + }; + + nativeBuildInputs = [ autoreconfHook pkgconfig ]; + buildInputs = [ glib pcre ]; + + meta = { + description = "The only backup program that doesn't make backups"; + homepage = "https://github.com/miekg/rdup"; + license = stdenv.lib.licenses.gpl3; + platforms = stdenv.lib.platforms.linux; + maintainers = with stdenv.lib.maintainers; [ lukasepple ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 1907f1ffd66..6c182dbb3c8 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -14430,6 +14430,8 @@ in rdesktop = callPackage ../applications/networking/remote/rdesktop { }; + rdup = callPackage ../tools/backup/rdup { }; + recode = callPackage ../tools/text/recode { }; remotebox = callPackage ../applications/virtualization/remotebox { }; From 5c7708e56806246bedf595f9202c67d9a2fc6beb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B8rn=20Forsman?= Date: Mon, 1 Aug 2016 19:47:18 +0200 Subject: [PATCH 66/97] pythonPackages.schedule: init at 0.3.2 --- pkgs/top-level/python-packages.nix | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 7ccbb0c2dca..06c94b727b5 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -8514,6 +8514,23 @@ in modules // { }; }; + schedule = buildPythonPackage rec { + name = "schedule-0.3.2"; + + src = pkgs.fetchurl { + url = "https://pypi.python.org/packages/10/96/d101fab391753ebc81fa3bb0e744df1ddcfb032c31b036d38083f8994db1/schedule-0.3.2.tar.gz"; + sha256 = "1h0waw4jd5ql68y5kxb9irwapkbkwfs1w0asvbl24fq5f8czdijm"; + }; + + buildInputs = with self; [ mock ]; + + meta = with stdenv.lib; { + description = "Python job scheduling for humans"; + homepage = https://github.com/dbader/schedule; + license = licenses.mit; + }; + }; + substanced = buildPythonPackage rec { # no release yet rev = "089818bc61c3dc5eca023254e37a280b041ea8cc"; From bd7ce1581daa2a43cad3a73556ed94fc2031b0eb Mon Sep 17 00:00:00 2001 From: aszlig Date: Mon, 1 Aug 2016 20:26:02 +0200 Subject: [PATCH 67/97] broadcom_sta: 6.30.223.248 -> 6.30.223.271 The patch for kernel version 3.18 is already applied upstream, so we don't need it any longer. Without i686-build-failure.patch, the build for i686-linux fails because it references rdtscl(), which is no longer available in Linux 4.3.0. Patch for missing rdtscl() is from Arch Linux: https://aur.archlinux.org/cgit/aur.git/tree/002-rdtscl.patch?h=broadcom-wl-ck I've tested building against 32 and 64 bit Linux versions 3.18.36, 4.4.16 and 4.7.0. The hashes were verified using the ones from the AUR (using the 16 bit hashes of course): $ nix-hash --type sha256 --to-base16 1kaqa2dw3nb8k23ffvx46g8jj3wdhz8xa6jp1v3wb35cjfr712sg 4f8b70b293ac8cc5c70e571ad5d1878d0f29d133a46fe7869868d9c19b5058cd $ nix-hash --type sha256 --to-base16 1gj485qqr190idilacpxwgqyw21il03zph2rddizgj7fbd6pfyaz 5f79774d5beec8f7636b59c0fb07a03108eef1e3fd3245638b20858c714144be AUR hashes can be found at: https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=broadcom-wl&id=9d6f10b1b7745fbf5d140ac749e2253caf70daa8#n26 Signed-off-by: aszlig Cc: @phreedom, @vcunat --- .../linux/broadcom-sta/default.nix | 27 +- .../broadcom-sta/i686-build-failure.patch | 18 + .../linux/broadcom-sta/linux-recent.patch | 386 ------------------ 3 files changed, 33 insertions(+), 398 deletions(-) create mode 100644 pkgs/os-specific/linux/broadcom-sta/i686-build-failure.patch delete mode 100644 pkgs/os-specific/linux/broadcom-sta/linux-recent.patch diff --git a/pkgs/os-specific/linux/broadcom-sta/default.nix b/pkgs/os-specific/linux/broadcom-sta/default.nix index 64a0c3138c9..57746730597 100644 --- a/pkgs/os-specific/linux/broadcom-sta/default.nix +++ b/pkgs/os-specific/linux/broadcom-sta/default.nix @@ -1,24 +1,27 @@ { stdenv, fetchurl, kernel }: + let - version = "6.30.223.248"; + version = "6.30.223.271"; + hashes = { + i686-linux = "1kaqa2dw3nb8k23ffvx46g8jj3wdhz8xa6jp1v3wb35cjfr712sg"; + x86_64-linux = "1gj485qqr190idilacpxwgqyw21il03zph2rddizgj7fbd6pfyaz"; + }; + + arch = stdenv.lib.optionalString (stdenv.system == "x86_64-linux") "_64"; + tarballVersion = stdenv.lib.replaceStrings ["."] ["_"] version; + tarball = "hybrid-v35${arch}-nodebug-pcoem-${tarballVersion}.tar.gz"; in stdenv.mkDerivation { name = "broadcom-sta-${version}-${kernel.version}"; - src = if stdenv.system == "i686-linux" then ( - fetchurl { - url = http://www.broadcom.com/docs/linux_sta/hybrid-v35-nodebug-pcoem-6_30_223_248.tar.gz; - sha256 = "1bd13pq5hj4yzp32rx71sg1i5wkzdsg1s32xsywb48lw88x595mi"; - } ) else ( - fetchurl { - url = http://www.broadcom.com/docs/linux_sta/hybrid-v35_64-nodebug-pcoem-6_30_223_248.tar.gz; - sha256 = "08ihbhwnqpnazskw9rlrk0alanp4x70kl8bsy2vg962iq334r69x"; - } - ); + src = fetchurl { + url = "http://www.broadcom.com/docs/linux_sta/${tarball}"; + sha256 = hashes.${stdenv.system}; + }; patches = [ + ./i686-build-failure.patch ./license.patch - ./linux-recent.patch ./gcc.patch ]; diff --git a/pkgs/os-specific/linux/broadcom-sta/i686-build-failure.patch b/pkgs/os-specific/linux/broadcom-sta/i686-build-failure.patch new file mode 100644 index 00000000000..cfa16075409 --- /dev/null +++ b/pkgs/os-specific/linux/broadcom-sta/i686-build-failure.patch @@ -0,0 +1,18 @@ +https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit?id=fe47ae6e1a5005b2e82f7eab57b5c3820453293a +https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit?id=4ea1636b04dbd66536fa387bae2eea463efc705b + +diff -ru a/src/shared/linux_osl.c b/src/shared/linux_osl.c +--- a/src/shared/linux_osl.c 2015-09-19 01:47:15.000000000 +0300 ++++ b/src/shared/linux_osl.c 2015-11-21 15:20:30.585902518 +0200 +@@ -932,7 +932,11 @@ + uint cycles; + + #if defined(__i386__) ++#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 3, 0) ++ cycles = (u32)rdtsc(); ++#else + rdtscl(cycles); ++#endif + #else + cycles = 0; + #endif diff --git a/pkgs/os-specific/linux/broadcom-sta/linux-recent.patch b/pkgs/os-specific/linux/broadcom-sta/linux-recent.patch deleted file mode 100644 index a690558eb5b..00000000000 --- a/pkgs/os-specific/linux/broadcom-sta/linux-recent.patch +++ /dev/null @@ -1,386 +0,0 @@ ---- a/src/wl/sys/wl_cfg80211_hybrid.c 2014-06-26 12:42:08.000000000 +0200 -+++ b/src/wl/sys/wl_cfg80211_hybrid.c 2015-04-13 13:20:08.140013177 +0200 -@@ -63,8 +63,13 @@ - static s32 wl_cfg80211_join_ibss(struct wiphy *wiphy, struct net_device *dev, - struct cfg80211_ibss_params *params); - static s32 wl_cfg80211_leave_ibss(struct wiphy *wiphy, struct net_device *dev); -+#if LINUX_VERSION_CODE < KERNEL_VERSION(3, 16, 0) - static s32 wl_cfg80211_get_station(struct wiphy *wiphy, - struct net_device *dev, u8 *mac, struct station_info *sinfo); -+#else -+static s32 wl_cfg80211_get_station(struct wiphy *wiphy, -+ struct net_device *dev, const u8 *mac, struct station_info *sinfo); -+#endif - static s32 wl_cfg80211_set_power_mgmt(struct wiphy *wiphy, - struct net_device *dev, bool enabled, s32 timeout); - static int wl_cfg80211_connect(struct wiphy *wiphy, struct net_device *dev, -@@ -1387,7 +1392,7 @@ - key_endian_to_host(&key); - - params.key_len = (u8) min_t(u8, DOT11_MAX_KEY_SIZE, key.len); -- memcpy(params.key, key.data, params.key_len); -+ memcpy((char *)params.key, key.data, params.key_len); - - if ((err = wl_dev_ioctl(dev, WLC_GET_WSEC, &wsec, sizeof(wsec)))) { - return err; -@@ -1421,9 +1426,15 @@ - return err; - } - -+#if LINUX_VERSION_CODE < KERNEL_VERSION(3, 16, 0) - static s32 - wl_cfg80211_get_station(struct wiphy *wiphy, struct net_device *dev, - u8 *mac, struct station_info *sinfo) -+#else -+static s32 -+wl_cfg80211_get_station(struct wiphy *wiphy, struct net_device *dev, -+ const u8 *mac, struct station_info *sinfo) -+#endif - { - struct wl_cfg80211_priv *wl = wiphy_to_wl(wiphy); - scb_val_t scb_val; -@@ -1441,7 +1452,11 @@ - WL_DBG(("Could not get rate (%d)\n", err)); - } else { - rate = dtoh32(rate); -+#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0) - sinfo->filled |= STATION_INFO_TX_BITRATE; -+#else -+ sinfo->filled |= BIT(NL80211_STA_INFO_TX_BITRATE); -+#endif - sinfo->txrate.legacy = rate * 5; - WL_DBG(("Rate %d Mbps\n", (rate / 2))); - } -@@ -1454,7 +1469,11 @@ - return err; - } - rssi = dtoh32(scb_val.val); -+#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 0, 0) - sinfo->filled |= STATION_INFO_SIGNAL; -+#else -+ sinfo->filled |= BIT(NL80211_STA_INFO_SIGNAL); -+#endif - sinfo->signal = rssi; - WL_DBG(("RSSI %d dBm\n", rssi)); - } -@@ -2010,9 +2029,15 @@ - - notify_ie = (u8 *)bi + le16_to_cpu(bi->ie_offset); - notify_ielen = le32_to_cpu(bi->ie_length); -+#if LINUX_VERSION_CODE < KERNEL_VERSION(3, 18, 0) - cbss = cfg80211_inform_bss(wiphy, channel, (const u8 *)(bi->BSSID.octet), - 0, beacon_proberesp->capab_info, beacon_proberesp->beacon_int, - (const u8 *)notify_ie, notify_ielen, signal, GFP_KERNEL); -+#else -+ cbss = cfg80211_inform_bss(wiphy, channel, CFG80211_BSS_FTYPE_UNKNOWN, (const u8 *)(bi->BSSID.octet), -+ 0, beacon_proberesp->capab_info, beacon_proberesp->beacon_int, -+ (const u8 *)notify_ie, notify_ielen, signal, GFP_KERNEL); -+#endif - - if (unlikely(!cbss)) - return -ENOMEM; -@@ -2047,7 +2072,11 @@ - } - else if ((event == WLC_E_LINK && ~(flags & WLC_EVENT_MSG_LINK)) || - event == WLC_E_DEAUTH_IND || event == WLC_E_DISASSOC_IND) { -+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 2, 0) -+ cfg80211_disconnected(ndev, 0, NULL, 0, false, GFP_KERNEL); -+#else - cfg80211_disconnected(ndev, 0, NULL, 0, GFP_KERNEL); -+#endif - clear_bit(WL_STATUS_CONNECTED, &wl->status); - wl_link_down(wl); - wl_init_prof(wl->profile); -@@ -2071,7 +2100,26 @@ - wl_get_assoc_ies(wl); - memcpy(&wl->bssid, &e->addr, ETHER_ADDR_LEN); - wl_update_bss_info(wl); -+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 15, 0) -+ { -+ struct wl_bss_info *bi; -+ u16 bss_info_channel; -+ struct ieee80211_channel *channel; -+ u32 freq; -+ -+ bi = (struct wl_bss_info *)(wl->extra_buf + 4); -+ bss_info_channel = bi->ctl_ch ? bi->ctl_ch : CHSPEC_CHANNEL(bi->chanspec); -+ -+ freq = ieee80211_channel_to_frequency(bss_info_channel, -+ (bss_info_channel <= CH_MAX_2G_CHANNEL) ? -+ IEEE80211_BAND_2GHZ : IEEE80211_BAND_5GHZ); -+ -+ channel = ieee80211_get_channel(wl_to_wiphy(wl), freq); -+ cfg80211_ibss_joined(ndev, (u8 *)&wl->bssid, channel, GFP_KERNEL); -+ } -+#else - cfg80211_ibss_joined(ndev, (u8 *)&wl->bssid, GFP_KERNEL); -+#endif - set_bit(WL_STATUS_CONNECTED, &wl->status); - wl->profile->active = true; - } -@@ -2629,7 +2677,15 @@ - - void wl_cfg80211_detach(struct net_device *ndev) - { -- struct wl_cfg80211_priv *wl = ndev_to_wl(ndev); -+ struct wl_cfg80211_priv *wl; -+ struct wireless_dev *wdev; -+ -+ wdev = ndev->ieee80211_ptr; -+ if (wdev == NULL) { -+ printk(KERN_ERR "[%s()] in ndev=%p: IEEE80211ptr=%p\n", __FUNCTION__, ndev, wdev); -+ return; -+ } -+ wl = ndev_to_wl(ndev); - - wl_deinit_cfg80211_priv(wl); - wl_free_wdev(wl); ---- a/src/wl/sys/wl_dbg.h 2014-06-26 12:42:08.000000000 +0200 -+++ b/src/wl/sys/wl_dbg.h 2015-04-13 13:19:52.443345832 +0200 -@@ -55,10 +55,12 @@ - - #define WL_NONE(args) - -+#define FORCE_TRACE_LEVEL(fmt, ...) do { printk(KERN_ERR fmt, ## __VA_ARGS__); } while (0) /* ## is GCC specific syntax to remove comma when single arg */ -+ - #ifdef BCMDBG_ERR - #define WL_ERROR(args) WL_PRINT(args) - #else --#define WL_ERROR(args) -+#define WL_ERROR(args) FORCE_TRACE_LEVEL args - #endif - #define WL_TRACE(args) - #define WL_APSTA_UPDN(args) ---- a/src/wl/sys/wl_linux.c 2014-06-26 12:42:08.000000000 +0200 -+++ b/src/wl/sys/wl_linux.c 2015-04-13 13:19:52.443345832 +0200 -@@ -878,7 +878,7 @@ - static SIMPLE_DEV_PM_OPS(wl_pm_ops, wl_suspend, wl_resume); - #endif - --static struct pci_driver wl_pci_driver = { -+static struct pci_driver wl_pci_driver __refdata = { - .name = "wl", - .probe = wl_pci_probe, - .remove = __devexit_p(wl_remove), -@@ -1270,6 +1270,7 @@ - MFREE(wl->osh, wlif->dev, sizeof(struct net_device)); - #else - free_netdev(wlif->dev); -+ wlif->dev = NULL; - #endif - } - -@@ -1307,7 +1308,12 @@ - dev->priv = priv_link; - #else - -+#if (LINUX_VERSION_CODE < KERNEL_VERSION(3, 17, 0)) - dev = alloc_netdev(sizeof(priv_link_t), intf_name, ether_setup); -+#else -+ dev = alloc_netdev(sizeof(priv_link_t), intf_name, NET_NAME_UNKNOWN, -+ ether_setup); -+#endif - if (!dev) { - WL_ERROR(("wl%d: %s: alloc_netdev failed\n", - (wl->pub)?wl->pub->unit:wlif->subunit, __FUNCTION__)); -@@ -1651,11 +1657,7 @@ - } - - WL_LOCK(wl); -- if (!capable(CAP_NET_ADMIN)) { -- bcmerror = BCME_EPERM; -- } else { -- bcmerror = wlc_ioctl(wl->wlc, ioc.cmd, buf, ioc.len, wlif->wlcif); -- } -+ bcmerror = wlc_ioctl(wl->wlc, ioc.cmd, buf, ioc.len, wlif->wlcif); - WL_UNLOCK(wl); - - done1: -@@ -2157,8 +2159,8 @@ - wlif = WL_DEV_IF(dev); - wl = WL_INFO(dev); - -+ skb->prev = NULL; - if (WL_ALL_PASSIVE_ENAB(wl) || (WL_RTR() && WL_CONFIG_SMP())) { -- skb->prev = NULL; - - TXQ_LOCK(wl); - -@@ -2455,8 +2457,10 @@ - p80211msg_t *phdr; - - len = sizeof(p80211msg_t) + oskb->len - D11_PHY_HDR_LEN; -- if ((skb = dev_alloc_skb(len)) == NULL) -+ if ((skb = dev_alloc_skb(len)) == NULL) { -+ WL_ERROR(("in %s:%d [%s()] dev_alloc_skb() failure!", __FILE__, __LINE__, __FUNCTION__)); - return; -+ } - - skb_put(skb, len); - phdr = (p80211msg_t*)skb->data; -@@ -2535,8 +2539,10 @@ - rtap_len = sizeof(wl_radiotap_ht_brcm_2_t); - - len = rtap_len + (oskb->len - D11_PHY_HDR_LEN); -- if ((skb = dev_alloc_skb(len)) == NULL) -+ if ((skb = dev_alloc_skb(len)) == NULL) { -+ WL_ERROR(("in %s:%d [%s()] dev_alloc_skb() failure!", __FILE__, __LINE__, __FUNCTION__)); - return; -+ } - - skb_put(skb, len); - -@@ -2664,8 +2670,10 @@ - len += amsdu_len; - } - -- if ((skb = dev_alloc_skb(len)) == NULL) -+ if ((skb = dev_alloc_skb(len)) == NULL) { -+ WL_ERROR(("in %s:%d [%s()] dev_alloc_skb() failure!", __FILE__, __LINE__, __FUNCTION__)); - return; -+ } - - skb_put(skb, len); - -@@ -2990,7 +2998,7 @@ - } - - void --wl_set_monitor(wl_info_t *wl, int val) -+wl_set_monitor(wl_info_t *wl, int val) /* public => is called by wlc_hybrid.o_shipped */ - { - const char *devname; - wl_if_t *wlif; -@@ -3224,42 +3232,75 @@ - #if LINUX_VERSION_CODE < KERNEL_VERSION(3, 10, 0) - static int - wl_proc_read(char *buffer, char **start, off_t offset, int length, int *eof, void *data) -+{ -+ wl_info_t * wl = (wl_info_t *)data; - #else - static ssize_t --wl_proc_read(struct file *filp, char __user *buffer, size_t length, loff_t *data) --#endif -+wl_proc_read(struct file *filp, char __user *buffer, size_t length, loff_t *offp) - { -- wl_info_t * wl = (wl_info_t *)data; -- int to_user; -- int len; -+ wl_info_t * wl = PDE_DATA(file_inode(filp)); -+#endif -+ int bcmerror, len; -+ int to_user = 0; -+ char tmp[8]; - - #if LINUX_VERSION_CODE < KERNEL_VERSION(3, 10, 0) - if (offset > 0) { - *eof = 1; - return 0; - } -+#else -+ if (*offp > 0) { /* for example, stop: cat /proc/brcm_monitor0 */ -+ return 0; /* 0 <=> EOF */ -+ } - #endif - -- if (!length) { -- WL_ERROR(("%s: Not enough return buf space\n", __FUNCTION__)); -- return 0; -- } - WL_LOCK(wl); -- wlc_ioctl(wl->wlc, WLC_GET_MONITOR, &to_user, sizeof(int), NULL); -- len = sprintf(buffer, "%d\n", to_user); -- WL_UNLOCK(wl); -- return len; -+ bcmerror = wlc_ioctl(wl->wlc, WLC_GET_MONITOR, &to_user, sizeof(int), NULL); -+ WL_UNLOCK(wl); -+ -+ if (bcmerror != BCME_OK) { -+ WL_ERROR(("%s: GET_MONITOR failed with %d\n", __FUNCTION__, bcmerror)); -+ return -EIO; -+ } -+ -+ len = snprintf(tmp, ARRAY_SIZE(tmp), "%d\n", to_user); -+ tmp[ARRAY_SIZE(tmp) - 1] = '\0'; -+ if (len >= ARRAY_SIZE(tmp)) { -+ printk(KERN_ERR "%s:%d [%s()] output would be truncated (ret=%d)!", __FILE__, __LINE__, __FUNCTION__, len); -+ return -ERANGE; -+ } -+ else if (len < 0) { -+ printk(KERN_ERR "%s:%d [%s()] unable to convert value (ret=%d)!", __FILE__, __LINE__, __FUNCTION__, len); -+ return len; -+ } -+ if (length < len) { -+ printk(KERN_ERR "%s:%d [%s()] user buffer is too small (at least=%d ; user=%d)!", __FILE__, __LINE__, __FUNCTION__, len, (int)length); -+ return -EMSGSIZE; -+ } -+ if (copy_to_user(buffer, tmp, len) != 0) { -+ printk(KERN_ERR "%s:%d [%s()] unable to copy data!", __FILE__, __LINE__, __FUNCTION__); -+ return -EFAULT; -+ } -+ -+#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 10, 0) -+ *offp += len; -+#endif -+ -+ return len; - } - - #if LINUX_VERSION_CODE < KERNEL_VERSION(3, 10, 0) - static int - wl_proc_write(struct file *filp, const char *buff, unsigned long length, void *data) -+{ -+ wl_info_t * wl = (wl_info_t *)data; - #else - static ssize_t --wl_proc_write(struct file *filp, const char __user *buff, size_t length, loff_t *data) --#endif -+wl_proc_write(struct file *filp, const char __user *buff, size_t length, loff_t *offp) - { -- wl_info_t * wl = (wl_info_t *)data; -+ wl_info_t * wl = PDE_DATA(file_inode(filp)); -+#endif - int from_user = 0; - int bcmerror; - -@@ -3270,7 +3311,11 @@ - } - if (copy_from_user(&from_user, buff, 1)) { - WL_ERROR(("%s: copy from user failed\n", __FUNCTION__)); -- return -EIO; -+#if LINUX_VERSION_CODE < KERNEL_VERSION(3, 10, 0) -+ return -EIO; -+#else -+ return -EFAULT; -+#endif - } - - if (from_user >= 0x30) -@@ -3280,10 +3325,15 @@ - bcmerror = wlc_ioctl(wl->wlc, WLC_SET_MONITOR, &from_user, sizeof(int), NULL); - WL_UNLOCK(wl); - -- if (bcmerror < 0) { -+ if (bcmerror != BCME_OK) { - WL_ERROR(("%s: SET_MONITOR failed with %d\n", __FUNCTION__, bcmerror)); - return -EIO; - } -+ -+#if (LINUX_VERSION_CODE >= KERNEL_VERSION(3, 10, 0)) && 0 /* no need to update offset because this file should only trigger action... */ -+ *offp += length; -+#endif -+ - return length; - } - -@@ -3304,8 +3354,8 @@ - if ((wl->proc_entry = create_proc_entry(tmp, 0644, NULL)) == NULL) { - WL_ERROR(("%s: create_proc_entry %s failed\n", __FUNCTION__, tmp)); - #else -- if ((wl->proc_entry = proc_create(tmp, 0644, NULL, &wl_fops)) == NULL) { -- WL_ERROR(("%s: proc_create %s failed\n", __FUNCTION__, tmp)); -+ if ((wl->proc_entry = proc_create_data(tmp, 0644, NULL, &wl_fops, wl)) == NULL) { -+ WL_ERROR(("%s: proc_create_data %s failed\n", __FUNCTION__, tmp)); - #endif - ASSERT(0); - return -1; From 4d3545f2a579f9c68ac131794e97e22a312d9422 Mon Sep 17 00:00:00 2001 From: aszlig Date: Mon, 1 Aug 2016 20:45:47 +0200 Subject: [PATCH 68/97] broadcom_sta: Add patch for supporting Linux 4.7 Patch is from Arch Linux at: https://aur.archlinux.org/cgit/aur.git/tree/?h=broadcom-wl I've tested building against 3.18.36, 4.4.16 and 4.7.0. Signed-off-by: aszlig Cc: @phreedom, @vcunat --- .../linux/broadcom-sta/default.nix | 1 + .../linux/broadcom-sta/linux-4.7.patch | 109 ++++++++++++++++++ 2 files changed, 110 insertions(+) create mode 100644 pkgs/os-specific/linux/broadcom-sta/linux-4.7.patch diff --git a/pkgs/os-specific/linux/broadcom-sta/default.nix b/pkgs/os-specific/linux/broadcom-sta/default.nix index 57746730597..e542c2881d8 100644 --- a/pkgs/os-specific/linux/broadcom-sta/default.nix +++ b/pkgs/os-specific/linux/broadcom-sta/default.nix @@ -22,6 +22,7 @@ stdenv.mkDerivation { patches = [ ./i686-build-failure.patch ./license.patch + ./linux-4.7.patch ./gcc.patch ]; diff --git a/pkgs/os-specific/linux/broadcom-sta/linux-4.7.patch b/pkgs/os-specific/linux/broadcom-sta/linux-4.7.patch new file mode 100644 index 00000000000..566680a0914 --- /dev/null +++ b/pkgs/os-specific/linux/broadcom-sta/linux-4.7.patch @@ -0,0 +1,109 @@ +Since Linux 4.7, the enum ieee80211_band is no longer used + +This shall cause no problem's since both enums ieee80211_band +and nl80211_band were added in the same commit: +https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit?id=13ae75b103e07304a34ab40c9136e9f53e06475c + +This patch refactors the references of IEEE80211_BAND_* to NL80211_BAND_* + +Reference: +https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit?id=57fbcce37be7c1d2622b56587c10ade00e96afa3 + +--- a/src/wl/sys/wl_cfg80211_hybrid.c 2016-06-13 11:57:36.159340297 -0500 ++++ b/src/wl/sys/wl_cfg80211_hybrid.c 2016-06-13 11:58:18.442323435 -0500 +@@ -236,7 +236,7 @@ + #endif + + #define CHAN2G(_channel, _freq, _flags) { \ +- .band = IEEE80211_BAND_2GHZ, \ ++ .band = NL80211_BAND_2GHZ, \ + .center_freq = (_freq), \ + .hw_value = (_channel), \ + .flags = (_flags), \ +@@ -245,7 +245,7 @@ + } + + #define CHAN5G(_channel, _flags) { \ +- .band = IEEE80211_BAND_5GHZ, \ ++ .band = NL80211_BAND_5GHZ, \ + .center_freq = 5000 + (5 * (_channel)), \ + .hw_value = (_channel), \ + .flags = (_flags), \ +@@ -379,7 +379,7 @@ + }; + + static struct ieee80211_supported_band __wl_band_2ghz = { +- .band = IEEE80211_BAND_2GHZ, ++ .band = NL80211_BAND_2GHZ, + .channels = __wl_2ghz_channels, + .n_channels = ARRAY_SIZE(__wl_2ghz_channels), + .bitrates = wl_g_rates, +@@ -387,7 +387,7 @@ + }; + + static struct ieee80211_supported_band __wl_band_5ghz_a = { +- .band = IEEE80211_BAND_5GHZ, ++ .band = NL80211_BAND_5GHZ, + .channels = __wl_5ghz_a_channels, + .n_channels = ARRAY_SIZE(__wl_5ghz_a_channels), + .bitrates = wl_a_rates, +@@ -395,7 +395,7 @@ + }; + + static struct ieee80211_supported_band __wl_band_5ghz_n = { +- .band = IEEE80211_BAND_5GHZ, ++ .band = NL80211_BAND_5GHZ, + .channels = __wl_5ghz_n_channels, + .n_channels = ARRAY_SIZE(__wl_5ghz_n_channels), + .bitrates = wl_a_rates, +@@ -1876,8 +1876,8 @@ + wdev->wiphy->max_num_pmkids = WL_NUM_PMKIDS_MAX; + #endif + wdev->wiphy->interface_modes = BIT(NL80211_IFTYPE_STATION) | BIT(NL80211_IFTYPE_ADHOC); +- wdev->wiphy->bands[IEEE80211_BAND_2GHZ] = &__wl_band_2ghz; +- wdev->wiphy->bands[IEEE80211_BAND_5GHZ] = &__wl_band_5ghz_a; ++ wdev->wiphy->bands[NL80211_BAND_2GHZ] = &__wl_band_2ghz; ++ wdev->wiphy->bands[NL80211_BAND_5GHZ] = &__wl_band_5ghz_a; + wdev->wiphy->signal_type = CFG80211_SIGNAL_TYPE_MBM; + wdev->wiphy->cipher_suites = __wl_cipher_suites; + wdev->wiphy->n_cipher_suites = ARRAY_SIZE(__wl_cipher_suites); +@@ -2000,7 +2000,7 @@ + #if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 39) + freq = ieee80211_channel_to_frequency(notif_bss_info->channel, + (notif_bss_info->channel <= CH_MAX_2G_CHANNEL) ? +- IEEE80211_BAND_2GHZ : IEEE80211_BAND_5GHZ); ++ NL80211_BAND_2GHZ : NL80211_BAND_5GHZ); + #else + freq = ieee80211_channel_to_frequency(notif_bss_info->channel); + #endif +@@ -2116,7 +2116,7 @@ + return err; + } + chan = wf_chspec_ctlchan(chanspec); +- band = (chan <= CH_MAX_2G_CHANNEL) ? IEEE80211_BAND_2GHZ : IEEE80211_BAND_5GHZ; ++ band = (chan <= CH_MAX_2G_CHANNEL) ? NL80211_BAND_2GHZ : NL80211_BAND_5GHZ; + freq = ieee80211_channel_to_frequency(chan, band); + channel = ieee80211_get_channel(wiphy, freq); + cfg80211_ibss_joined(ndev, (u8 *)&wl->bssid, channel, GFP_KERNEL); +@@ -2250,10 +2250,10 @@ + join_params->params.chanspec_list[0] = + ieee80211_frequency_to_channel(chan->center_freq); + +- if (chan->band == IEEE80211_BAND_2GHZ) { ++ if (chan->band == NL80211_BAND_2GHZ) { + chanspec |= WL_CHANSPEC_BAND_2G; + } +- else if (chan->band == IEEE80211_BAND_5GHZ) { ++ else if (chan->band == NL80211_BAND_5GHZ) { + chanspec |= WL_CHANSPEC_BAND_5G; + } + else { +@@ -2885,7 +2885,7 @@ + + if (phy == 'n' || phy == 'a' || phy == 'v') { + wiphy = wl_to_wiphy(wl); +- wiphy->bands[IEEE80211_BAND_5GHZ] = &__wl_band_5ghz_n; ++ wiphy->bands[NL80211_BAND_5GHZ] = &__wl_band_5ghz_n; + } + + return err; From 8f08399671911842174056b46aa1cc66c82f2a71 Mon Sep 17 00:00:00 2001 From: aszlig Date: Mon, 1 Aug 2016 20:57:18 +0200 Subject: [PATCH 69/97] broadcom_sta: Reindent file, no code changes Let's make sure we indent using two spaces, because the unpackPhase was indented using four spaces. Signed-off-by: aszlig --- .../linux/broadcom-sta/default.nix | 21 +++++++++---------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/pkgs/os-specific/linux/broadcom-sta/default.nix b/pkgs/os-specific/linux/broadcom-sta/default.nix index e542c2881d8..d193554c4e3 100644 --- a/pkgs/os-specific/linux/broadcom-sta/default.nix +++ b/pkgs/os-specific/linux/broadcom-sta/default.nix @@ -29,19 +29,18 @@ stdenv.mkDerivation { makeFlags = "KBASE=${kernel.dev}/lib/modules/${kernel.modDirVersion}"; unpackPhase = '' - sourceRoot=broadcom-sta - mkdir "$sourceRoot" - tar xvf "$src" -C "$sourceRoot" + sourceRoot=broadcom-sta + mkdir "$sourceRoot" + tar xvf "$src" -C "$sourceRoot" ''; - installPhase = - '' - binDir="$out/lib/modules/${kernel.modDirVersion}/kernel/net/wireless/" - docDir="$out/share/doc/broadcom-sta/" - mkdir -p "$binDir" "$docDir" - cp wl.ko "$binDir" - cp lib/LICENSE.txt "$docDir" - ''; + installPhase = '' + binDir="$out/lib/modules/${kernel.modDirVersion}/kernel/net/wireless/" + docDir="$out/share/doc/broadcom-sta/" + mkdir -p "$binDir" "$docDir" + cp wl.ko "$binDir" + cp lib/LICENSE.txt "$docDir" + ''; meta = { description = "Kernel module driver for some Broadcom's wireless cards"; From fef4b62657903021f9b60fc6a6cf6fe4bac167ed Mon Sep 17 00:00:00 2001 From: aszlig Date: Mon, 1 Aug 2016 21:00:02 +0200 Subject: [PATCH 70/97] broadcom_sta: Add patch to fix NULL pointer deref The patch is from the following Gentoo bug: https://bugs.gentoo.org/show_bug.cgi?id=523326#c24 Built successfully against Linux 3.18.36, 4.4.16 and 4.7.0. Signed-off-by: aszlig Cc: @phreedom, @vcunat --- pkgs/os-specific/linux/broadcom-sta/default.nix | 1 + .../linux/broadcom-sta/null-pointer-fix.patch | 13 +++++++++++++ 2 files changed, 14 insertions(+) create mode 100644 pkgs/os-specific/linux/broadcom-sta/null-pointer-fix.patch diff --git a/pkgs/os-specific/linux/broadcom-sta/default.nix b/pkgs/os-specific/linux/broadcom-sta/default.nix index d193554c4e3..28b23a61ff0 100644 --- a/pkgs/os-specific/linux/broadcom-sta/default.nix +++ b/pkgs/os-specific/linux/broadcom-sta/default.nix @@ -23,6 +23,7 @@ stdenv.mkDerivation { ./i686-build-failure.patch ./license.patch ./linux-4.7.patch + ./null-pointer-fix.patch ./gcc.patch ]; diff --git a/pkgs/os-specific/linux/broadcom-sta/null-pointer-fix.patch b/pkgs/os-specific/linux/broadcom-sta/null-pointer-fix.patch new file mode 100644 index 00000000000..76379729430 --- /dev/null +++ b/pkgs/os-specific/linux/broadcom-sta/null-pointer-fix.patch @@ -0,0 +1,13 @@ +diff -urN a/src/wl/sys/wl_linux.c b/src/wl/sys/wl_linux.c +--- a/src/wl/sys/wl_linux.c 2015-01-06 12:33:42.981659618 +0100 ++++ b/src/wl/sys/wl_linux.c 2015-01-06 12:34:05.647395418 +0100 +@@ -2157,8 +2157,8 @@ + wlif = WL_DEV_IF(dev); + wl = WL_INFO(dev); + ++ skb->prev = NULL; + if (WL_ALL_PASSIVE_ENAB(wl) || (WL_RTR() && WL_CONFIG_SMP())) { +- skb->prev = NULL; + + TXQ_LOCK(wl); + From 26a2392594ad432883f9af06951e7b4c5e108eac Mon Sep 17 00:00:00 2001 From: Jean-Pierre PRUNARET Date: Mon, 1 Aug 2016 18:01:09 +0200 Subject: [PATCH 71/97] qgis: 2.10.0 -> 2.16.1 Upgrade qgis with latest version --- pkgs/applications/gis/qgis/default.nix | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/pkgs/applications/gis/qgis/default.nix b/pkgs/applications/gis/qgis/default.nix index b771d2552d8..a8c1428f8cb 100644 --- a/pkgs/applications/gis/qgis/default.nix +++ b/pkgs/applications/gis/qgis/default.nix @@ -1,15 +1,16 @@ { stdenv, fetchurl, gdal, cmake, qt4, flex, bison, proj, geos, xlibsWrapper, sqlite, gsl , qwt, fcgi, pythonPackages, libspatialindex, libspatialite, qscintilla, postgresql, makeWrapper +, qjson, qca2, txt2tags , withGrass ? false, grass }: stdenv.mkDerivation rec { - name = "qgis-2.10.1"; + name = "qgis-2.16.1"; buildInputs = [ gdal qt4 flex bison proj geos xlibsWrapper sqlite gsl qwt qscintilla - fcgi libspatialindex libspatialite postgresql ] ++ + fcgi libspatialindex libspatialite postgresql qjson qca2 txt2tags ] ++ (stdenv.lib.optional withGrass grass) ++ - (with pythonPackages; [ numpy psycopg2 ]) ++ [ pythonPackages.qscintilla ]; + (with pythonPackages; [ numpy psycopg2 requests2 ]) ++ [ pythonPackages.qscintilla ]; nativeBuildInputs = [ cmake makeWrapper ]; @@ -24,7 +25,7 @@ stdenv.mkDerivation rec { src = fetchurl { url = "http://qgis.org/downloads/${name}.tar.bz2"; - sha256 = "79119b54642edaffe3cda513531eb7b81913e013954a49c6d3b21c8b00143307"; + sha256 = "4a526cd8ae76fc06bb2b6a158e86db5dc0c94545137a8233cd465ef867acdc8b"; }; cmakeFlags = stdenv.lib.optional withGrass "-DGRASS_PREFIX7=${grass}/${grass.name}"; From 853209dde916dbb30650e6b7682fd25089fd494c Mon Sep 17 00:00:00 2001 From: Lancelot SIX Date: Mon, 1 Aug 2016 21:13:49 +0200 Subject: [PATCH 72/97] pythonPackages.kombu: Enable for python > 2.7 Only tests cannot run on python3* because dependencies are unavailable (qpid-python). Kombu is announced to work fine for python3[1] [1] https://github.com/celery/kombu/blob/a4edc670f49027154e3f708dfcd3726aceda8fc5/setup.py#L168-L170 --- pkgs/top-level/python-packages.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 06c94b727b5..18088e8b87d 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -12137,13 +12137,13 @@ in modules // { }; # most of these are simply to allow the test suite to do its job - buildInputs = with self; [ mock unittest2 nose redis qpid-python pymongo sqlalchemy pyyaml msgpack boto ]; + buildInputs = with self; optionals isPy27 [ mock unittest2 nose redis qpid-python pymongo sqlalchemy pyyaml msgpack boto ]; propagatedBuildInputs = with self; [ amqp anyjson ] ++ (optionals (pythonOlder "2.7") [ importlib ordereddict ]); # tests broken on python 2.6? https://github.com/nose-devs/nose/issues/806 - doCheck = (pythonAtLeast "2.7"); + doCheck = isPy27; meta = { description = "Messaging library for Python"; From abc85a9601a7f384df6e095eb2645777dc4abce4 Mon Sep 17 00:00:00 2001 From: Lancelot SIX Date: Mon, 1 Aug 2016 21:18:16 +0200 Subject: [PATCH 73/97] python35Packages.celery: disable Few tests fail with python35 (related to OrderedDict changes). setup.py file do not report this release as supporting python35 [1] [1] https://github.com/celery/celery/blob/f6aa74a0b5fdfae27169ab09f45cc82602d7012b/setup.py#L73-L75 --- pkgs/top-level/python-packages.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 18088e8b87d..8a41e54f8a4 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -3227,7 +3227,7 @@ in modules // { name = "celery-${version}"; version = "3.1.23"; - disabled = pythonOlder "2.6"; + disabled = (pythonOlder "2.6") || isPy35; src = pkgs.fetchurl { url = "mirror://pypi/c/celery/${name}.tar.gz"; From 20a94d9b40cdbdf451cf760a2582c30e605621b7 Mon Sep 17 00:00:00 2001 From: Lancelot SIX Date: Mon, 1 Aug 2016 21:20:03 +0200 Subject: [PATCH 74/97] pythonPackages.django_raster: init at 0.2 --- pkgs/top-level/python-packages.nix | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 8a41e54f8a4..a79f0b41b61 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -9264,6 +9264,25 @@ in modules // { }; }; + django_raster = buildPythonPackage rec { + name = "djongoraster-${version}"; + version = "0.2"; + + src = pkgs.fetchurl { + url = "https://pypi.python.org/packages/09/3d/5b9b491186579825ef6e81d60c8ddaf86d8c98d928753a329980bf48b050/django-raster-0.2.tar.gz"; + sha256 = "1zdcxzj43qrv7cl6q9nb2dkfnsyn74dzf2igpnd6nbbfdnkif9bm"; + }; + + propagatedBuildInputs = with self ; [ numpy django_colorful pillow psycopg2 + pyparsing django celery ]; + + meta = { + description = "Basic raster data integration for Django"; + homepage = https://github.com/geodesign/django-raster; + license = licenses.mit; + }; + }; + django_redis = buildPythonPackage rec { name = "django-redis-${version}"; version = "4.2.0"; From ab1fdce28534255872c8aef10974dfb849bde325 Mon Sep 17 00:00:00 2001 From: Lancelot SIX Date: Mon, 1 Aug 2016 21:22:43 +0200 Subject: [PATCH 75/97] python35Packages.django_colorful: enable at 1.2 python35Packages.django_colorful was erroneously disabled for python35. --- pkgs/top-level/python-packages.nix | 2 -- 1 file changed, 2 deletions(-) diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index a79f0b41b61..272f81469ab 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -9060,8 +9060,6 @@ in modules // { name = "django-colorful-${version}"; version = "1.2"; - disabled = isPy35; - src = pkgs.fetchurl { url = "mirror://pypi/d/django-colorful/${name}.tar.gz"; sha256 = "0y34hzvfrm1xbxrd8frybc9yzgqvz4c07frafipjikw7kfjsw8az"; From 2ae5dbbf3b39c99e6e4217c5eb22ac49bd2a7522 Mon Sep 17 00:00:00 2001 From: Matthew Justin Bauer Date: Mon, 1 Aug 2016 15:12:31 -0500 Subject: [PATCH 76/97] acct: only build on linux --- pkgs/tools/system/acct/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/tools/system/acct/default.nix b/pkgs/tools/system/acct/default.nix index c99d20d7953..4263709fe9a 100644 --- a/pkgs/tools/system/acct/default.nix +++ b/pkgs/tools/system/acct/default.nix @@ -25,6 +25,6 @@ stdenv.mkDerivation rec { homepage = http://www.gnu.org/software/acct/; maintainers = with maintainers; [ pSub ]; - platforms = with platforms; allBut cygwin; + platforms = platforms.linux; }; } From 248972b86a514c0d17babe823db4ab12815fc6f1 Mon Sep 17 00:00:00 2001 From: Thomas Tuegel Date: Mon, 1 Aug 2016 15:31:14 -0500 Subject: [PATCH 77/97] kde5.dolphin: include konsole kpart --- pkgs/desktops/kde-5/applications/dolphin.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/desktops/kde-5/applications/dolphin.nix b/pkgs/desktops/kde-5/applications/dolphin.nix index 27e4a38741e..4e636ae3186 100644 --- a/pkgs/desktops/kde-5/applications/dolphin.nix +++ b/pkgs/desktops/kde-5/applications/dolphin.nix @@ -4,7 +4,7 @@ baloo, baloo-widgets, dolphin-plugins, kactivities, kbookmarks, kcmutils, kcompletion, kconfig, kcoreaddons, kdelibs4support, kdbusaddons, kfilemetadata, ki18n, kiconthemes, kinit, kio, knewstuff, knotifications, - kparts, ktexteditor, kwindowsystem, phonon, solid + konsole, kparts, ktexteditor, kwindowsystem, phonon, solid }: let @@ -27,5 +27,5 @@ in kdeWrapper unwrapped { targets = [ "bin/dolphin" ]; - paths = [ dolphin-plugins ]; + paths = [ dolphin-plugins konsole.unwrapped ]; } From ff7a65956755d5c571a7c7d56717f0b44ca30376 Mon Sep 17 00:00:00 2001 From: Thomas Tuegel Date: Mon, 1 Aug 2016 15:33:31 -0500 Subject: [PATCH 78/97] kde5.kate: add konsole kpart --- pkgs/desktops/kde-5/applications/kate.nix | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/pkgs/desktops/kde-5/applications/kate.nix b/pkgs/desktops/kde-5/applications/kate.nix index 738266e8df7..ab0087930c0 100644 --- a/pkgs/desktops/kde-5/applications/kate.nix +++ b/pkgs/desktops/kde-5/applications/kate.nix @@ -1,10 +1,10 @@ { kdeApp, lib, kdeWrapper, ecm, kdoctools, - kactivities, kconfig, kcrash, kguiaddons, kiconthemes, ki18n, kinit, - kjobwidgets, kio, kparts, ktexteditor, kwindowsystem, kxmlgui, kdbusaddons, - kwallet, plasma-framework, kitemmodels, knotifications, qtscript, - threadweaver, knewstuff, libgit2 + kactivities, kconfig, kcrash, kdbusaddons, kguiaddons, kiconthemes, ki18n, + kinit, kio, kitemmodels, kjobwidgets, knewstuff, knotifications, konsole, + kparts, ktexteditor, kwindowsystem, kwallet, kxmlgui, libgit2, + plasma-framework, qtscript, threadweaver }: let @@ -24,4 +24,8 @@ let ]; }; in -kdeWrapper unwrapped { targets = [ "bin/kate" "bin/kwrite" ]; } +kdeWrapper unwrapped +{ + targets = [ "bin/kate" "bin/kwrite" ]; + paths = [ konsole.unwrapped ]; +} From 39aff85b0e253fd950cf2f87c94143e7e2a4e991 Mon Sep 17 00:00:00 2001 From: Thomas Tuegel Date: Mon, 1 Aug 2016 15:36:14 -0500 Subject: [PATCH 79/97] kde5.kile: add konsole kpart --- pkgs/applications/editors/kile/frameworks.nix | 85 ++++++++++--------- 1 file changed, 43 insertions(+), 42 deletions(-) diff --git a/pkgs/applications/editors/kile/frameworks.nix b/pkgs/applications/editors/kile/frameworks.nix index 2fd8dfe4128..f42e9fa4335 100644 --- a/pkgs/applications/editors/kile/frameworks.nix +++ b/pkgs/applications/editors/kile/frameworks.nix @@ -1,9 +1,9 @@ -{ stdenv +{ kdeDerivation , lib , fetchgit -, extra-cmake-modules +, ecm , kdoctools -, makeQtWrapper +, kdeWrapper , qtscript , kconfig , kcrash @@ -13,54 +13,55 @@ , kiconthemes , kinit , khtml +, konsole , kparts , ktexteditor , kwindowsystem , poppler }: -stdenv.mkDerivation rec { - name = "kile-${version}"; - version = "2016-07-02"; +let + unwrapped = + kdeDerivation rec { + name = "kile-${version}"; + version = "2016-07-02"; - src = fetchgit { - url = git://anongit.kde.org/kile.git; - rev = "d38bc7069667119cc891b351188484ca6fb88973"; - sha256 = "1nha71i16fs7nq2812b5565nbmbsbs3ak5czas6xg1dg5bsvdqh8"; + src = fetchgit { + url = git://anongit.kde.org/kile.git; + rev = "d38bc7069667119cc891b351188484ca6fb88973"; + sha256 = "1nha71i16fs7nq2812b5565nbmbsbs3ak5czas6xg1dg5bsvdqh8"; - }; + }; - nativeBuildInputs = [ - extra-cmake-modules - kdoctools - makeQtWrapper - ]; + nativeBuildInputs = [ ecm kdoctools ]; - buildInputs = [ - qtscript - kconfig - kcrash - kdbusaddons - kdelibs4support - kdoctools - kguiaddons - kiconthemes - kinit - khtml - kparts - ktexteditor - kwindowsystem - poppler - ]; + buildInputs = [ + kconfig + kcrash + kdbusaddons + kdelibs4support + kdoctools + kguiaddons + kiconthemes + kinit + khtml + kparts + ktexteditor + kwindowsystem + poppler + qtscript + ]; - postInstall = '' - wrapQtProgram "$out/bin/kile" - ''; - - meta = { - description = "Kile is a user friendly TeX/LaTeX authoring tool for the KDE desktop environment"; - homepage = https://www.kde.org/applications/office/kile/; - maintainers = with lib.maintainers; [ fridh ]; - license = lib.licenses.gpl2Plus; - }; + meta = { + description = "Kile is a user friendly TeX/LaTeX authoring tool for the KDE desktop environment"; + homepage = https://www.kde.org/applications/office/kile/; + maintainers = with lib.maintainers; [ fridh ]; + license = lib.licenses.gpl2Plus; + }; + }; +in +kdeWrapper unwrapped +{ + targets = [ "bin/kile" ]; + paths = [ konsole.unwrapped ]; } From b5884b06984500cd2979c804e5dbfa987a9c4ae7 Mon Sep 17 00:00:00 2001 From: Aaron Bull Schaefer Date: Mon, 1 Aug 2016 22:40:13 +0000 Subject: [PATCH 80/97] pythonPackages.ansible2: 2.1.0.0 -> 2.1.1.0 (#17437) --- pkgs/top-level/python-packages.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 06c94b727b5..381d8c56b84 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -848,13 +848,13 @@ in modules // { }; ansible2 = buildPythonPackage rec { - version = "2.1.0.0"; + version = "2.1.1.0"; name = "ansible-${version}"; disabled = isPy3k; src = pkgs.fetchurl { url = "http://releases.ansible.com/ansible/${name}.tar.gz"; - sha256 = "1bfc2xiplpad6f2nwi48y0kps7xqnsll85dlz63cy8k5bysl6d20"; + sha256 = "12v7smivjz8d2skk5qxl83nmkxqxypjm8b7ld40sjfwj4g0kkrv1"; }; prePatch = '' From 3445ab79a22a0227e78133fbd3262deae911c828 Mon Sep 17 00:00:00 2001 From: Thomas Tuegel Date: Mon, 1 Aug 2016 18:06:10 -0500 Subject: [PATCH 81/97] qt57.poppler: fix build Packages that depend on Qt >= 5.7 must build using the C++11 standard. --- pkgs/development/libraries/poppler/default.nix | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/pkgs/development/libraries/poppler/default.nix b/pkgs/development/libraries/poppler/default.nix index 51b5ac5981e..e445af46e09 100644 --- a/pkgs/development/libraries/poppler/default.nix +++ b/pkgs/development/libraries/poppler/default.nix @@ -1,6 +1,8 @@ { stdenv, lib, fetchurl, fetchpatch, pkgconfig, libiconv, libintlOrEmpty , zlib, curl, cairo, freetype, fontconfig, lcms, libjpeg, openjpeg -, minimal ? false, qt4Support ? false, qt4 ? null, qt5Support ? false, qtbase ? null +, minimal ? false +, qt4Support ? false, qt4 ? null +, qt5Support ? false, qtbase ? null , utils ? false, suffix ? "glib" }: @@ -31,6 +33,9 @@ stdenv.mkDerivation rec { NIX_CFLAGS_COMPILE = [ "-DQT_NO_DEBUG" ]; + # Any package depending on Qt >= 5.7 must build using the C++11 standard. + CXXFLAGS = lib.optional qt5Support "-std=c++11"; + configureFlags = with lib; [ "--enable-xpdf-headers" From 0a417845ef00c6964dd2ecf040055bfc3dc7f1f1 Mon Sep 17 00:00:00 2001 From: "Ricardo M. Correia" Date: Wed, 27 Jul 2016 17:51:19 +0200 Subject: [PATCH 82/97] ponyc: 0.2.1 -> 2016-07-26 --- pkgs/development/compilers/ponyc/default.nix | 36 +++++++++++-------- .../compilers/ponyc/disable-tests.patch | 16 +++++++++ pkgs/top-level/all-packages.nix | 4 +-- 3 files changed, 38 insertions(+), 18 deletions(-) create mode 100644 pkgs/development/compilers/ponyc/disable-tests.patch diff --git a/pkgs/development/compilers/ponyc/default.nix b/pkgs/development/compilers/ponyc/default.nix index ef355e64e1e..30b96822cab 100644 --- a/pkgs/development/compilers/ponyc/default.nix +++ b/pkgs/development/compilers/ponyc/default.nix @@ -1,29 +1,35 @@ -{stdenv, glibc, fetchFromGitHub, llvm, makeWrapper, openssl, pcre2 }: +{stdenv, glibc, fetchFromGitHub, llvm, makeWrapper, openssl, pcre2, coreutils }: stdenv.mkDerivation { - name = "ponyc-0.2.1"; + name = "ponyc-2016-07-26"; src = fetchFromGitHub { - owner = "CausalityLtd"; + owner = "ponylang"; repo = "ponyc"; - rev = "0.2.1"; - sha256 = "1wmvqrj9v2kjqha9fcs10vfnhdxhc3rf67wpn36ldhs1hq0k25jy"; + rev = "4eec8a9b0d9936b2a0249bd17fd7a2caac6aaa9c"; + sha256 = "184x2jivp7826i60rf0dpx0a9dg5rsj56dv0cll28as4nyqfmna2"; }; buildInputs = [ llvm makeWrapper ]; - makeFlags = [ "config=release" ]; - doCheck = true; - checkTarget = "test"; - - patchPhase = '' - sed 's|/usr/lib/x86_64-linux-gnu/|${glibc.out}/lib/|g' -i src/libponyc/codegen/genexe.c - sed 's|/lib/x86_64-linux-gnu/|${stdenv.cc.cc.lib}/lib/|g' -i src/libponyc/codegen/genexe.c - ''; + # Disable problematic networking tests + patches = [ ./disable-tests.patch ]; preBuild = '' - export LLVM_CONFIG=${llvm}/bin/llvm-config - ''; + # Fix tests + substituteInPlace packages/process/_test.pony \ + --replace "/bin/cat" "${coreutils}/bin/cat" + + export LLVM_CONFIG=${llvm}/bin/llvm-config + ''; + + makeFlags = [ "config=release" ]; + + enableParallelBuilding = true; + + doCheck = true; + + checkTarget = "test"; preCheck = '' export LIBRARY_PATH="$out/lib:${openssl.out}/lib:${pcre2}/lib" diff --git a/pkgs/development/compilers/ponyc/disable-tests.patch b/pkgs/development/compilers/ponyc/disable-tests.patch new file mode 100644 index 00000000000..9335ebd6eea --- /dev/null +++ b/pkgs/development/compilers/ponyc/disable-tests.patch @@ -0,0 +1,16 @@ +diff --git a/packages/net/_test.pony b/packages/net/_test.pony +index d6c3e56..dc37dd9 100644 +--- a/packages/net/_test.pony ++++ b/packages/net/_test.pony +@@ -7,11 +7,6 @@ actor Main is TestList + fun tag tests(test: PonyTest) => + test(_TestReadBuffer) + test(_TestWriteBuffer) +- test(_TestBroadcast) +- ifdef not windows then +- test(_TestTCPExpect) +- test(_TestTCPWritev) +- end + + class iso _TestReadBuffer is UnitTest + """ diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index b1ee80f669e..2023297bbd3 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -5463,9 +5463,7 @@ in stdenv = overrideCC stdenv gcc49; }; - ponyc = callPackage ../development/compilers/ponyc { - llvm = llvm_36; - }; + ponyc = callPackage ../development/compilers/ponyc { }; qcmm = callPackage ../development/compilers/qcmm { lua = lua4; From 9e2937ca657b71ec83ab726aeb3110dfc73be4b0 Mon Sep 17 00:00:00 2001 From: Joachim Fasting Date: Mon, 1 Aug 2016 22:46:28 +0200 Subject: [PATCH 83/97] afl: 2.10b -> 2.23b Looks like mostly performance enhancements and stability fixes. The main user facing changes appear to be: - The -Z option was removed - A macro named FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION is defined when compiling with afl-gcc Full changelog at http://lcamtuf.coredump.cx/afl/ChangeLog.txt --- pkgs/tools/security/afl/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/security/afl/default.nix b/pkgs/tools/security/afl/default.nix index a252dad5ea1..eac593e0076 100644 --- a/pkgs/tools/security/afl/default.nix +++ b/pkgs/tools/security/afl/default.nix @@ -9,11 +9,11 @@ let in stdenv.mkDerivation rec { name = "afl-${version}"; - version = "2.10b"; + version = "2.23b"; src = fetchurl { url = "http://lcamtuf.coredump.cx/afl/releases/${name}.tgz"; - sha256 = "1qxz3szsdr3ciz496mjb5v2k8p90nilgnlbwwv9csk828qb2jhc1"; + sha256 = "152pqrc0py6jk1i3pwn2k928bsgax0d4yavpa3ca29bmrbzpnadh"; }; # Note: libcgroup isn't needed for building, just for the afl-cgroup From 2e538a0f55e3c40b2b02ee1c750f145eeb1cd27f Mon Sep 17 00:00:00 2001 From: Frederik Rietdijk Date: Tue, 2 Aug 2016 08:39:55 +0200 Subject: [PATCH 84/97] kde5.yakuake: use kdeWrapper --- pkgs/applications/misc/yakuake/3.0.nix | 93 +++++++++++++------------- 1 file changed, 45 insertions(+), 48 deletions(-) diff --git a/pkgs/applications/misc/yakuake/3.0.nix b/pkgs/applications/misc/yakuake/3.0.nix index f3aff480914..4ccef7f435a 100644 --- a/pkgs/applications/misc/yakuake/3.0.nix +++ b/pkgs/applications/misc/yakuake/3.0.nix @@ -1,8 +1,9 @@ -{ stdenv +{ kdeDerivation , lib , fetchurl -, cmake -, extra-cmake-modules +, kdoctools +, kdeWrapper +, ecm , karchive , kcrash , kdbusaddons @@ -14,53 +15,49 @@ , konsole , kparts , kwindowsystem -, makeQtWrapper - }: let - pname = "yakuake"; - version = "3.0.2"; + unwrapped = let + pname = "yakuake"; + version = "3.0.2"; + in kdeDerivation rec { + name = "${pname}-${version}"; + + src = fetchurl { + url = "http://download.kde.org/stable/${pname}/${version}/src/${name}.tar.xz"; + sha256 = "0vcdji1k8d3pz7k6lkw8ighkj94zff2l2cf9v1avf83f4hjyfhg5"; + }; + + buildInputs = [ + karchive + kcrash + kdbusaddons + ki18n + kiconthemes + knewstuff + knotifications + knotifyconfig + kparts + kwindowsystem + ]; + + nativeBuildInputs = [ + ecm kdoctools + ]; + + meta = { + homepage = https://yakuake.kde.org; + description = "Quad-style terminal emulator for KDE"; + maintainers = with lib.maintainers; [ fridh ]; + }; + }; + + in -stdenv.mkDerivation rec { - name = "${pname}-${version}"; - - src = fetchurl { - url = "http://download.kde.org/stable/${pname}/${version}/src/${name}.tar.xz"; - sha256 = "0vcdji1k8d3pz7k6lkw8ighkj94zff2l2cf9v1avf83f4hjyfhg5"; - }; - - buildInputs = [ - cmake - extra-cmake-modules - karchive - kcrash - kdbusaddons - ki18n - kiconthemes - knewstuff - knotifications - knotifyconfig - kparts - kwindowsystem - ]; - - nativeBuildInputs = [ - extra-cmake-modules - makeQtWrapper - ]; - - propagatedUserEnvPkgs = [ - konsole - ]; - - postInstall = '' - wrapQtProgram "$out/bin/yakuake" - ''; - - meta = { - homepage = https://yakuake.kde.org; - description = "Quad-style terminal emulator for KDE"; - maintainers = with lib.maintainers; [ fridh ]; - }; +kdeWrapper unwrapped +{ + targets = [ "bin/yakuake" ]; + paths = [ konsole.unwrapped ]; } + From 65c109f8875e37726a96ec8cd9e8a090c921b08c Mon Sep 17 00:00:00 2001 From: Frederik Rietdijk Date: Tue, 2 Aug 2016 08:49:12 +0200 Subject: [PATCH 85/97] kde5.konversation: use kdeWrapper --- .../networking/irc/konversation/1.6.nix | 107 +++++++++--------- 1 file changed, 52 insertions(+), 55 deletions(-) diff --git a/pkgs/applications/networking/irc/konversation/1.6.nix b/pkgs/applications/networking/irc/konversation/1.6.nix index 158fe886b8b..eb032518324 100644 --- a/pkgs/applications/networking/irc/konversation/1.6.nix +++ b/pkgs/applications/networking/irc/konversation/1.6.nix @@ -1,14 +1,14 @@ -{ stdenv +{ kdeDerivation , lib , fetchurl -, cmake -, extra-cmake-modules +, ecm , kbookmarks , karchive , kconfig , kconfigwidgets , kcoreaddons , kdbusaddons +, kdeWrapper , kdoctools , kemoticons , kglobalaccel @@ -24,61 +24,58 @@ , makeQtWrapper , solid , sonnet -, phonon}: +, phonon +}: let - pn = "konversation"; - v = "1.6"; -in + unwrapped = let + pname = "konversation"; + version = "1.6"; + in kdeDerivation rec { + name = "${pname}-${version}"; -stdenv.mkDerivation rec { - name = "${pn}-${v}"; + src = fetchurl { + url = "mirror://kde/stable/${pname}/${version}/src/${name}.tar.xz"; + sha256 = "789fd75644bf54606778971310433dbe2bc01ac0917b34bc4e8cac88e204d5b6"; + }; - src = fetchurl { - url = "mirror://kde/stable/${pn}/${v}/src/${name}.tar.xz"; - sha256 = "789fd75644bf54606778971310433dbe2bc01ac0917b34bc4e8cac88e204d5b6"; - }; - - buildInputs = [ - cmake - extra-cmake-modules - kbookmarks - karchive - kconfig - kconfigwidgets - kcoreaddons - kdbusaddons - kdoctools - kemoticons - kglobalaccel - ki18n - kiconthemes - kidletime - kitemviews - knotifications - knotifyconfig - kio - kparts - kwallet - solid - sonnet - phonon - ]; - - nativeBuildInputs = [ - extra-cmake-modules - kdoctools - makeQtWrapper - ]; - - postInstall = '' - wrapQtProgram "$out/bin/konversation" - ''; - - meta = { - description = "Integrated IRC client for KDE"; - license = with lib.licenses; [ gpl2 ]; - maintainers = with lib.maintainers; [ fridh ]; - homepage = https://konversation.kde.org; + buildInputs = [ + kbookmarks + karchive + kconfig + kconfigwidgets + kcoreaddons + kdbusaddons + kdoctools + kemoticons + kglobalaccel + ki18n + kiconthemes + kidletime + kitemviews + knotifications + knotifyconfig + kio + kparts + kwallet + solid + sonnet + phonon + ]; + + nativeBuildInputs = [ + ecm + kdoctools + ]; + + meta = { + description = "Integrated IRC client for KDE"; + license = with lib.licenses; [ gpl2 ]; + maintainers = with lib.maintainers; [ fridh ]; + homepage = https://konversation.kde.org; + }; }; +in kdeWrapper unwrapped { + targets = [ "bin/konversation" ]; } + From 266fde80ca137cfa4f6dfc6b382e936737a19e32 Mon Sep 17 00:00:00 2001 From: Frederik Rietdijk Date: Tue, 2 Aug 2016 09:00:03 +0200 Subject: [PATCH 86/97] kde5.konversation: 1.6 -> 1.6.1 --- pkgs/applications/networking/irc/konversation/1.6.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/networking/irc/konversation/1.6.nix b/pkgs/applications/networking/irc/konversation/1.6.nix index eb032518324..995eddd9321 100644 --- a/pkgs/applications/networking/irc/konversation/1.6.nix +++ b/pkgs/applications/networking/irc/konversation/1.6.nix @@ -30,13 +30,13 @@ let unwrapped = let pname = "konversation"; - version = "1.6"; + version = "1.6.1"; in kdeDerivation rec { name = "${pname}-${version}"; src = fetchurl { url = "mirror://kde/stable/${pname}/${version}/src/${name}.tar.xz"; - sha256 = "789fd75644bf54606778971310433dbe2bc01ac0917b34bc4e8cac88e204d5b6"; + sha256 = "28346d6629261a5328c43ffa09c12e37743b3ef4f4bc4c411d39bc19f7bf06c6"; }; buildInputs = [ From 8d02a631be021b4fbec75b05ae9c83225184fd72 Mon Sep 17 00:00:00 2001 From: Joachim Fasting Date: Tue, 2 Aug 2016 09:34:58 +0200 Subject: [PATCH 87/97] dnscrypt-proxy: 1.6.1 -> 1.7.0 No user-facing changes of particular note. Full changelog at https://github.com/jedisct1/dnscrypt-proxy/releases/tag/1.7.0 --- pkgs/tools/networking/dnscrypt-proxy/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/networking/dnscrypt-proxy/default.nix b/pkgs/tools/networking/dnscrypt-proxy/default.nix index 3dadbeedd4d..1eac3cf6c02 100644 --- a/pkgs/tools/networking/dnscrypt-proxy/default.nix +++ b/pkgs/tools/networking/dnscrypt-proxy/default.nix @@ -4,11 +4,11 @@ with stdenv.lib; stdenv.mkDerivation rec { name = "dnscrypt-proxy-${version}"; - version = "1.6.1"; + version = "1.7.0"; src = fetchurl { url = "https://download.dnscrypt.org/dnscrypt-proxy/${name}.tar.bz2"; - sha256 = "16lif3qhyfjpgg54vjlwpslxk90akmbhlpnn1szxm628bmpw6nl9"; + sha256 = "1qw2nib0d5ia8581lbdnjxgn9c7pf2qw8vhpnnh1wjcjj3gpgbqx"; }; configureFlags = optional stdenv.isLinux "--with-systemd"; From 79ac02ed648156e8d34a6dbc283af5dca6f78771 Mon Sep 17 00:00:00 2001 From: Joachim Fasting Date: Tue, 2 Aug 2016 09:36:22 +0200 Subject: [PATCH 88/97] dnscrypt-proxy service: update resolver list --- nixos/modules/services/networking/dnscrypt-proxy.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/modules/services/networking/dnscrypt-proxy.nix b/nixos/modules/services/networking/dnscrypt-proxy.nix index 984219676cd..cf36ccf0572 100644 --- a/nixos/modules/services/networking/dnscrypt-proxy.nix +++ b/nixos/modules/services/networking/dnscrypt-proxy.nix @@ -90,7 +90,7 @@ in example = literalExample "${pkgs.dnscrypt-proxy}/share/dnscrypt-proxy/dnscrypt-resolvers.csv"; default = pkgs.fetchurl { url = https://raw.githubusercontent.com/jedisct1/dnscrypt-proxy/master/dnscrypt-resolvers.csv; - sha256 = "171zvdqcqqvcw3zr7wl9h1wmdmk6m3h55xr4gq2z1j7a0x0ba2in"; + sha256 = "1i9wzw4zl052h5nyp28bwl8d66cgj0awvjhw5wgwz0warkjl1g8g"; }; defaultText = "pkgs.fetchurl { url = ...; sha256 = ...; }"; }; From 2988112a0ccae54766247385934d463ba2ad5ce6 Mon Sep 17 00:00:00 2001 From: Frederik Rietdijk Date: Tue, 2 Aug 2016 10:32:48 +0200 Subject: [PATCH 89/97] pythonPackages: remove pythonName because it is not used anywhere --- pkgs/top-level/python-packages.nix | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 381d8c56b84..e00fc0c3e1a 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -24,16 +24,6 @@ let buildPythonApplication = args: buildPythonPackage ({namePrefix="";} // args ); - # Unique python version identifier - pythonName = - if isPy26 then "python26" else - if isPy27 then "python27" else - if isPy33 then "python33" else - if isPy34 then "python34" else - if isPy35 then "python35" else - if isPy36 then "python36" else - if isPyPy then "pypy" else ""; - modules = python.modules or { readline = null; sqlite3 = null; From 0d08b7d03cfdc8dd00545458e7a057d3ef4d3598 Mon Sep 17 00:00:00 2001 From: Lancelot SIX Date: Tue, 2 Aug 2016 10:50:31 +0200 Subject: [PATCH 90/97] pythonPackages.django_raster: Use mirror in URL --- pkgs/top-level/python-packages.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 89f384353f9..cafd59c5e84 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -9253,11 +9253,11 @@ in modules // { }; django_raster = buildPythonPackage rec { - name = "djongoraster-${version}"; + name = "django-raster-${version}"; version = "0.2"; src = pkgs.fetchurl { - url = "https://pypi.python.org/packages/09/3d/5b9b491186579825ef6e81d60c8ddaf86d8c98d928753a329980bf48b050/django-raster-0.2.tar.gz"; + url = "mirror://pypi/d/django-raster/${name}.tar.gz"; sha256 = "1zdcxzj43qrv7cl6q9nb2dkfnsyn74dzf2igpnd6nbbfdnkif9bm"; }; From 3a185d159f78b1f2ab2e954a501158ca5770f3a5 Mon Sep 17 00:00:00 2001 From: Frederik Rietdijk Date: Tue, 2 Aug 2016 11:03:11 +0200 Subject: [PATCH 91/97] fix eval --- pkgs/top-level/python-packages.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index cafd59c5e84..6dd8d613d72 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -34,7 +34,7 @@ let in modules // { - inherit python bootstrapped-pip isPy26 isPy27 isPy33 isPy34 isPy35 isPy36 isPyPy isPy3k pythonName buildPythonPackage buildPythonApplication; + inherit python bootstrapped-pip isPy26 isPy27 isPy33 isPy34 isPy35 isPy36 isPyPy isPy3k buildPythonPackage buildPythonApplication; # helpers From 9d85a87e730f9d856ba2e4b41fed8976377a40d8 Mon Sep 17 00:00:00 2001 From: Danny Arnold Date: Tue, 2 Aug 2016 11:38:58 +0200 Subject: [PATCH 92/97] atom: 1.8.0 -> 1.9.0 --- pkgs/applications/editors/atom/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/editors/atom/default.nix b/pkgs/applications/editors/atom/default.nix index 620d0fb629e..13816f8bfdc 100644 --- a/pkgs/applications/editors/atom/default.nix +++ b/pkgs/applications/editors/atom/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { name = "atom-${version}"; - version = "1.8.0"; + version = "1.9.0"; src = fetchurl { url = "https://github.com/atom/atom/releases/download/v${version}/atom-amd64.deb"; - sha256 = "0x73n64y3jfwbwg6s9pmsajryrjrrx1a0dzf3ff6dbi5gvv950xi"; + sha256 = "0hhv1yfs2h5x86pjbkbdg1mn15afdd3baddwpf3p0fl8x2gv9z7m"; name = "${name}.deb"; }; From 8c04c3c899cfa08e8a5e8a0e7b6d0b323f756ef6 Mon Sep 17 00:00:00 2001 From: Peter Hoeg Date: Tue, 2 Aug 2016 14:59:41 +0800 Subject: [PATCH 93/97] notmuch-mutt: init at 0.22 --- .../mailreaders/notmuch/default.nix | 4 +- .../networking/mailreaders/notmuch/mutt.nix | 47 +++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 + pkgs/top-level/perl-packages.nix | 39 +++++++++++++++ 4 files changed, 91 insertions(+), 1 deletion(-) create mode 100644 pkgs/applications/networking/mailreaders/notmuch/mutt.nix diff --git a/pkgs/applications/networking/mailreaders/notmuch/default.nix b/pkgs/applications/networking/mailreaders/notmuch/default.nix index b9fc84d2058..bbf92ea0462 100644 --- a/pkgs/applications/networking/mailreaders/notmuch/default.nix +++ b/pkgs/applications/networking/mailreaders/notmuch/default.nix @@ -5,10 +5,12 @@ }: stdenv.mkDerivation rec { - name = "notmuch-0.22"; + version = "0.22"; + name = "notmuch-${version}"; passthru = { pythonSourceRoot = "${name}/bindings/python"; + inherit version; }; src = fetchurl { diff --git a/pkgs/applications/networking/mailreaders/notmuch/mutt.nix b/pkgs/applications/networking/mailreaders/notmuch/mutt.nix new file mode 100644 index 00000000000..14f03c91f7c --- /dev/null +++ b/pkgs/applications/networking/mailreaders/notmuch/mutt.nix @@ -0,0 +1,47 @@ +{ stdenv, lib, fetchurl, perl, buildPerlPackage, perlPackages, makeWrapper, coreutils +, notmuch }: + +stdenv.mkDerivation rec { + name = "notmuch-mutt-${version}"; + version = notmuch.version; + + outputs = [ "out" ]; + + dontStrip = true; + + buildInputs = [ + perl + makeWrapper + ] ++ (with perlPackages; [ + FileRemove + DigestSHA1 + Later + MailBox + MailMaildir + MailTools + StringShellQuote + TermReadLineGnu + ]); + + src = notmuch.src; + + phases = [ "unpackPhase" "installPhase" "fixupPhase" ]; + + installPhase = '' + ${coreutils}/bin/install -Dm755 \ + ./contrib/notmuch-mutt/notmuch-mutt \ + $out/bin/notmuch-mutt + + wrapProgram $out/bin/notmuch-mutt \ + --prefix PERL5LIB : $PERL5LIB + ''; + + meta = with lib; { + inherit version; + description = "Mutt support for notmuch"; + homepage = http://notmuchmua.org/; + license = with licenses; mit; + maintainers = with maintainers; [ peterhoeg ]; + platforms = platforms.unix; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 1b111c0e45c..7010c15db98 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -14120,6 +14120,8 @@ in sphinx = pythonPackages.sphinx; }; + notmuch-mutt = callPackage ../applications/networking/mailreaders/notmuch/mutt.nix { }; + # Open Stack nova = callPackage ../applications/virtualization/openstack/nova.nix { }; keystone = callPackage ../applications/virtualization/openstack/keystone.nix { }; diff --git a/pkgs/top-level/perl-packages.nix b/pkgs/top-level/perl-packages.nix index e87964fd9a6..d746a45753c 100644 --- a/pkgs/top-level/perl-packages.nix +++ b/pkgs/top-level/perl-packages.nix @@ -6956,6 +6956,15 @@ let self = _self // overrides; _self = with self; { }; }; + Later = buildPerlPackage rec { + version = "0.19"; + name = "Object-Realize-Later-${version}"; + src = fetchurl { + url = "mirror://cpan/authors/id/M/MA/MARKOV/${name}.tar.gz"; + sha256 = "0ka0qar51kk5wlvd2s3yis3w9qc14h0ngn0ds0v6c8ssmjvfcgbz"; + }; + }; + lib_ = buildPerlPackage { name = "lib-0.63"; src = fetchurl { @@ -7601,6 +7610,36 @@ let self = _self // overrides; _self = with self; { inherit fetchurl buildPerlPackage stdenv DBDmysql; }; + MailMaildir = buildPerlPackage rec { + version = "1.0.0"; + name = "Mail-Maildir-${version}"; + src = fetchurl { + url = "mirror://cpan/authors/id/Z/ZE/ZEROALTI/Mail-Maildir-100/${name}.tar.bz2"; + sha256 = "1krkqfps6q3ifrhi9450l5gm9199qyfcm6vidllr0dv65kdaqpj4"; + }; + }; + + MailBox = buildPerlPackage rec { + version = "2.118"; + name = "Mail-Box-${version}"; + src = fetchurl { + url = "mirror://cpan/authors/id/M/MA/MARKOV/${name}.tar.gz"; + sha256 = "1ixi7xpvj8kn2y0l8rxkvdnnl7x5wqg7mi2av0viwdh5l828dcfc"; + }; + + doCheck = false; + + propagatedBuildInputs = [ + Later + + DevelGlobalDestruction + FileRemove + IOStringy + MailTools + MIMETypes + ]; + }; + MailMboxMessageParser = buildPerlPackage rec { name = "Mail-Mbox-MessageParser-1.5105"; src = fetchurl { From 58afc252e4a1f856e000b862412fb1b1b1ca001a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Benno=20F=C3=BCnfst=C3=BCck?= Date: Tue, 2 Aug 2016 11:37:16 +0200 Subject: [PATCH 94/97] notmuch-mutt: remove unused parameter --- pkgs/applications/networking/mailreaders/notmuch/mutt.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/applications/networking/mailreaders/notmuch/mutt.nix b/pkgs/applications/networking/mailreaders/notmuch/mutt.nix index 14f03c91f7c..aefa965354e 100644 --- a/pkgs/applications/networking/mailreaders/notmuch/mutt.nix +++ b/pkgs/applications/networking/mailreaders/notmuch/mutt.nix @@ -1,4 +1,4 @@ -{ stdenv, lib, fetchurl, perl, buildPerlPackage, perlPackages, makeWrapper, coreutils +{ stdenv, lib, fetchurl, perl, perlPackages, makeWrapper, coreutils , notmuch }: stdenv.mkDerivation rec { From 2c7b5ac8a9cddbda9fa929c193e4a37d4aead437 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Benno=20F=C3=BCnfst=C3=BCck?= Date: Tue, 2 Aug 2016 11:45:42 +0200 Subject: [PATCH 95/97] notmuch-mutt: drop unused fetchurl parameter --- pkgs/applications/networking/mailreaders/notmuch/mutt.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/pkgs/applications/networking/mailreaders/notmuch/mutt.nix b/pkgs/applications/networking/mailreaders/notmuch/mutt.nix index aefa965354e..6d08ad724b2 100644 --- a/pkgs/applications/networking/mailreaders/notmuch/mutt.nix +++ b/pkgs/applications/networking/mailreaders/notmuch/mutt.nix @@ -1,5 +1,4 @@ -{ stdenv, lib, fetchurl, perl, perlPackages, makeWrapper, coreutils -, notmuch }: +{ stdenv, lib, perl, perlPackages, makeWrapper, coreutils, notmuch }: stdenv.mkDerivation rec { name = "notmuch-mutt-${version}"; From 8fad3e81b07825ae8476f49eb32bd80f87ea82d2 Mon Sep 17 00:00:00 2001 From: Frederik Rietdijk Date: Tue, 2 Aug 2016 12:17:37 +0200 Subject: [PATCH 96/97] pythonPackages.setuptools: specify priority Both python3 and setuptools come with easy-install. For some magic reason this hasn't caused any collisions yet, but it does with #17428. We hereby prioritize the version that comes with setuptools. --- pkgs/development/python-modules/setuptools/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/pkgs/development/python-modules/setuptools/default.nix b/pkgs/development/python-modules/setuptools/default.nix index d01bc684f69..290b0d98fe0 100644 --- a/pkgs/development/python-modules/setuptools/default.nix +++ b/pkgs/development/python-modules/setuptools/default.nix @@ -28,5 +28,6 @@ stdenv.mkDerivation rec { homepage = http://pypi.python.org/pypi/setuptools; license = with lib.licenses; [ psfl zpt20 ]; platforms = platforms.all; + priority = 10; }; } From b1882ad395278be7d28e27e4484db6048820f29b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B8rn=20Forsman?= Date: Tue, 2 Aug 2016 11:33:20 +0200 Subject: [PATCH 97/97] beets: 1.3.17 -> 1.3.19 The echonest plugin was removed in 3.18 because the API it used is shutting down. You might want to try the acousticbrainz instead. Update pluginsWithoutDeps as needed to keep preCheck working. --- pkgs/tools/audio/beets/default.nix | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/pkgs/tools/audio/beets/default.nix b/pkgs/tools/audio/beets/default.nix index 33de429d531..9dcfbd10b35 100644 --- a/pkgs/tools/audio/beets/default.nix +++ b/pkgs/tools/audio/beets/default.nix @@ -6,7 +6,6 @@ , enableBadfiles ? true, flac ? null, mp3val ? null , enableConvert ? true, ffmpeg ? null , enableDiscogs ? true -, enableEchonest ? true , enableEmbyupdate ? true , enableFetchart ? true , enableLastfm ? true @@ -25,7 +24,6 @@ assert enableAcoustid -> pythonPackages.pyacoustid != null; assert enableBadfiles -> flac != null && mp3val != null; assert enableConvert -> ffmpeg != null; assert enableDiscogs -> pythonPackages.discogs_client != null; -assert enableEchonest -> pythonPackages.pyechonest != null; assert enableFetchart -> pythonPackages.responses != null; assert enableLastfm -> pythonPackages.pylast != null; assert enableMpd -> pythonPackages.mpd != null; @@ -42,7 +40,6 @@ let chroma = enableAcoustid; convert = enableConvert; discogs = enableDiscogs; - echonest = enableEchonest; embyupdate = enableEmbyupdate; fetchart = enableFetchart; lastgenre = enableLastfm; @@ -55,8 +52,8 @@ let }; pluginsWithoutDeps = [ - "bench" "bpd" "bpm" "bucket" "cue" "duplicates" "edit" "embedart" - "filefilter" "freedesktop" "fromfilename" "ftintitle" "fuzzy" "ihate" + "beatport" "bench" "bpd" "bpm" "bucket" "cue" "duplicates" "edit" "embedart" + "export" "filefilter" "freedesktop" "fromfilename" "ftintitle" "fuzzy" "hook" "ihate" "importadded" "importfeeds" "info" "inline" "ipfs" "keyfinder" "lyrics" "mbcollection" "mbsubmit" "mbsync" "metasync" "missing" "permissions" "play" "plexupdate" "random" "rewrite" "scrub" "smartplaylist" "spotify" "the" @@ -73,14 +70,14 @@ let in buildPythonApplication rec { name = "beets-${version}"; - version = "1.3.17"; + version = "1.3.19"; namePrefix = ""; src = fetchFromGitHub { owner = "sampsyo"; repo = "beets"; rev = "v${version}"; - sha256 = "1fskxx5xxjqf4xmfjrinh7idjiq6qncb24hiyccv09l47fr1yipc"; + sha256 = "0f2v1924ryx5xijpv1jycanl4471vcd7c5lld58lm0viyvh5k28x"; }; propagatedBuildInputs = [ @@ -101,7 +98,6 @@ in buildPythonApplication rec { pythonPackages.requests2 ++ optional enableConvert ffmpeg ++ optional enableDiscogs pythonPackages.discogs_client - ++ optional enableEchonest pythonPackages.pyechonest ++ optional enableLastfm pythonPackages.pylast ++ optional enableMpd pythonPackages.mpd ++ optional enableThumbnails pythonPackages.pyxdg