public
/
nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'upstream/staging' into fix/cross-xfsprogs

This commit is contained in:
John Ericson 2018-12-02 12:32:03 -05:00
parent 0b695faa07 aa65b32c2c
commit 24270193b7
871 changed files with 10107 additions and 5804 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
doc/coding-conventions.xml
View File

@ -56,25 +56,30 @@ foo { arg = ...; }
or list elements should be aligned:
<programlisting>
# A long list.
list =
[ elem1
elem2
elem3
];
list = [
elem1
elem2
elem3
];
# A long attribute set.
attrs =
{ attr1 = short_expr;
attr2 =
if true then big_expr else big_expr;
};
# Alternatively:
attrs = {
attr1 = short_expr;
attr2 =
if true then big_expr else big_expr;
};
# Combined
listOfAttrs = [
{
attr1 = 3;
attr2 = "fff";
}
{
attr1 = 5;
attr2 = "ggg";
}
];
</programlisting>
</para>
</listitem>

2
doc/cross-compilation.xml
View File

@ -385,7 +385,7 @@ nix-build &lt;nixpkgs&gt; --arg crossSystem '(import &lt;nixpkgs/lib&gt;).system
Eventually we would like to make these platform examples an unnecessary
convenience so that
<programlisting>
nix-build &lt;nixpkgs&gt; --arg crossSystem.config '&lt;arch&gt;-&lt;os&gt;-&lt;vendor&gt;-&lt;abi&gt;' -A whatever</programlisting>
nix-build &lt;nixpkgs&gt; --arg crossSystem '{ config = "&lt;arch&gt;-&lt;os&gt;-&lt;vendor&gt;-&lt;abi&gt;"; }' -A whatever</programlisting>
works in the vast majority of cases. The problem today is dependencies on
other sorts of configuration which aren't given proper defaults. We rely on
the examples to crudely to set those configuration parameters in some

11
doc/languages-frameworks/ruby.xml
View File

@ -50,6 +50,17 @@ bundlerEnv rec {
future updates can be run easily.
</para>
<para>
Updating Ruby packages can then be done like this:
</para>
<screen>
<![CDATA[$ cd pkgs/servers/monitoring/sensu
$ nix-shell -p bundler --run 'bundle lock --update'
$ nix-shell -p bundix --run 'bundix'
]]>
</screen>
<para>
For tools written in Ruby - i.e. where the desire is to install a package and
then execute e.g. <command>rake</command> at the command line, there is an

43
doc/stdenv.xml
View File

@ -2428,12 +2428,31 @@ addEnvHooks "$hostOffset" myBashFunction
<para>
This is a special setup hook which helps in packaging proprietary
software in that it automatically tries to find missing shared library
dependencies of ELF files. All packages within the
<envar>runtimeDependencies</envar> environment variable are
unconditionally added to executables, which is useful for programs that
use <citerefentry>
<refentrytitle>dlopen</refentrytitle>
<manvolnum>3</manvolnum> </citerefentry> to load libraries at runtime.
dependencies of ELF files based on the given
<varname>buildInputs</varname> and <varname>nativeBuildInputs</varname>.
</para>
<para>
You can also specify a <envar>runtimeDependencies</envar> environment
variable which lists dependencies that are unconditionally added to all
executables.
</para>
<para>
This is useful for programs that use <citerefentry>
<refentrytitle>dlopen</refentrytitle>
<manvolnum>3</manvolnum>
</citerefentry> to load libraries at runtime.
</para>
<para>
In certain situations you may want to run the main command
(<command>autoPatchelf</command>) of the setup hook on a file or a set
of directories instead of unconditionally patching all outputs. This
can be done by setting the <envar>dontAutoPatchelf</envar> environment
variable to a non-empty value.
</para>
<para>
The <command>autoPatchelf</command> command also recognizes a
<parameter class="command">--no-recurse</parameter> command line flag,
which prevents it from recursing into subdirectories.
</para>
</listitem>
</varlistentry>
@ -2455,7 +2474,17 @@ addEnvHooks "$hostOffset" myBashFunction
use the cntr exec subcommand. Note that <command>cntr</command> also
needs to be executed on the machine that is doing the build, which might
be not the case when remote builders are enabled.
<command>cntr</command> is only supported on linux based platforms.
<command>cntr</command> is only supported on Linux-based platforms. To
use it first add <literal>cntr</literal> to your
<literal>environment.systemPackages</literal> on NixOS or alternatively to
the root user on non-NixOS systems. Then in the package that is supposed
to be inspected, add <literal>breakpointHook</literal> to
<literal>nativeBuildInputs</literal>.
<programlisting>
nativeBuildInputs = [ breakpointHook ];
</programlisting>
When a build failure happens there will be an instruction printed that
shows how to attach with <literal>cntr</literal> to the build sandbox.
</para>
</listitem>
</varlistentry>

40
lib/systems/default.nix
View File

@ -66,6 +66,46 @@ rec {
# uname -r
release = null;
};
qemuArch =
if final.isArm then "arm"
else if final.isx86_64 then "x86_64"
else if final.isx86 then "i386"
else {
"powerpc" = "ppc";
"powerpc64" = "ppc64";
"powerpc64le" = "ppc64";
"mips64" = "mips";
"mipsel64" = "mipsel";
}.${final.parsed.cpu.name} or final.parsed.cpu.name;
emulator = pkgs: let
qemu-user = pkgs.qemu.override {
smartcardSupport = false;
spiceSupport = false;
openGLSupport = false;
virglSupport = false;
vncSupport = false;
gtkSupport = false;
sdlSupport = false;
pulseSupport = false;
smbdSupport = false;
seccompSupport = false;
hostCpuTargets = ["${final.qemuArch}-linux-user"];
};
wine-name = "wine${toString final.parsed.cpu.bits}";
wine = (pkgs.winePackagesFor wine-name).minimal;
in
if final.parsed.kernel.name == pkgs.stdenv.hostPlatform.parsed.kernel.name &&
(final.parsed.cpu.name == pkgs.stdenv.hostPlatform.parsed.cpu.name ||
(final.platform.isi686 && pkgs.stdenv.hostPlatform.isx86_64))
then pkgs.runtimeShell
else if final.isWindows
then "${wine}/bin/${wine-name}"
else if final.isLinux && pkgs.stdenv.hostPlatform.isLinux
then "${qemu-user}/bin/qemu-${final.qemuArch}"
else throw "Don't know how to run ${final.config} executables.";
} // mapAttrs (n: v: v final.parsed) inspect.predicates
// args;
in assert final.useAndroidPrebuilt -> final.isAndroid;

13
lib/systems/examples.nix
View File

@ -2,7 +2,14 @@
# `crossSystem`. They are put here for user convenience, but also used by cross
# tests and linux cross stdenv building, so handle with care!
{ lib }:
let platforms = import ./platforms.nix { inherit lib; }; in
let
platforms = import ./platforms.nix { inherit lib; };
riscv = bits: {
config = "riscv${bits}-unknown-linux-gnu";
platform = platforms.riscv-multiplatform bits;
};
in
rec {
#
@ -92,10 +99,6 @@ rec {
musl64 = { config = "x86_64-unknown-linux-musl"; };
musl32 = { config = "i686-unknown-linux-musl"; };
riscv = bits: {
config = "riscv${bits}-unknown-linux-gnu";
platform = platforms.riscv-multiplatform bits;
};
riscv64 = riscv "64";
riscv32 = riscv "32";

19
nixos/doc/manual/configuration/modularity.xml
View File

@ -127,4 +127,23 @@ nix-repl> map (x: x.hostName) config.<xref linkend="opt-services.httpd.virtualHo
[ "example.org" "example.gov" ]
</screen>
</para>
<para>
While abstracting your configuration, you may find it useful to generate
modules using code, instead of writing files. The example
below would have the same effect as importing a file which sets those
options.
<screen>
{ config, pkgs, ... }:
let netConfig = { hostName }: {
networking.hostName = hostName;
networking.useDHCP = false;
};
in
{ imports = [ (netConfig "nixos.localdomain") ]; }
</screen>
</para>
</section>

2
nixos/doc/manual/development/running-nixos-tests-interactively.xml
View File

@ -19,7 +19,7 @@ starting VDE switch for network 1
&gt; startAll
&gt; testScript
&gt; $machine->succeed("touch /tmp/foo")
&gt; print($machine->succeed("pwd"), "\n") # Show stdout of command
&gt; print($machine->succeed("pwd")) # Show stdout of command
</screen>
The function <command>testScript</command> executes the entire test script
and drops you back into the test driver command line upon its completion.

2
nixos/doc/manual/development/writing-nixos-tests.xml
View File

@ -108,7 +108,7 @@ xlink:href="https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/virtualis
<programlisting>
$machine->start;
$machine->waitForUnit("default.target");
die unless $machine->succeed("uname") =~ /Linux/;
$machine->succeed("uname") =~ /Linux/ or die;
</programlisting>
The first line is actually unnecessary; machines are implicitly started when
you first execute an action on them (such as <literal>waitForUnit</literal>

28
nixos/doc/manual/release-notes/rl-1903.xml
View File

@ -111,6 +111,16 @@
without Syncthing resetting the permission on every start.
</para>
</listitem>
<listitem>
<para>
The <literal>ntp</literal> module now has sane default restrictions.
If you're relying on the previous defaults, which permitted all queries
and commands from all firewall-permitted sources, you can set
<varname>services.ntp.restrictDefault</varname> and
<varname>services.ntp.restrictSource</varname> to
<literal>[]</literal>.
</para>
</listitem>
<listitem>
<para>
Package <varname>rabbitmq_server</varname> is renamed to
@ -231,8 +241,22 @@
(<literal>networking.firewall.interfaces.default.*</literal>), and assigning
to this pseudo device will override the (<literal>networking.firewall.allow*</literal>)
options.
</para>
</listitem>
</para>
</listitem>
<listitem>
<para>
GitLab Shell previously used the nix store paths for the
<literal>gitlab-shell</literal> command in its
<literal>authorized_keys</literal> file, which might stop working after
garbage collection. To circumvent that, we regenerated that file on each
startup. As <literal>gitlab-shell</literal> has now been changed to use
<literal>/var/run/current-system/sw/bin/gitlab-shell</literal>, this is
not necessary anymore, but there might be leftover lines with a nix store
path. Regenerate the <literal>authorized_keys</literal> file via
<command>sudo -u git -H gitlab-rake gitlab:shell:setup</command> in that
case.
</para>
</listitem>
</itemizedlist>
</section>

20
nixos/lib/make-system-tarball.nix
View File

@ -1,4 +1,4 @@
{ stdenv, perl, pixz, pathsFromGraph
{ stdenv, closureInfo, pixz
, # The file name of the resulting tarball
fileName ? "nixos-system-${stdenv.hostPlatform.system}"
@ -29,24 +29,28 @@
, extraInputs ? [ pixz ]
}:
let
symlinks = map (x: x.symlink) storeContents;
objects = map (x: x.object) storeContents;
in
stdenv.mkDerivation {
name = "tarball";
builder = ./make-system-tarball.sh;
buildInputs = [ perl ] ++ extraInputs;
buildInputs = extraInputs;
inherit fileName pathsFromGraph extraArgs extraCommands compressCommand;
inherit fileName extraArgs extraCommands compressCommand;
# !!! should use XML.
sources = map (x: x.source) contents;
targets = map (x: x.target) contents;
# !!! should use XML.
objects = map (x: x.object) storeContents;
symlinks = map (x: x.symlink) storeContents;
inherit symlinks objects;
# For obtaining the closure of `storeContents'.
exportReferencesGraph =
map (x: [("closure-" + baseNameOf x.object) x.object]) storeContents;
closureInfo = closureInfo {
rootPaths = objects;
};
extension = compressionExtension;
}

9
nixos/lib/make-system-tarball.sh
View File

@ -3,7 +3,6 @@ source $stdenv/setup
sources_=($sources)
targets_=($targets)
echo $objects
objects=($objects)
symlinks=($symlinks)
@ -14,8 +13,6 @@ stripSlash() {
if test "${res:0:1}" = /; then res=${res:1}; fi
}
touch pathlist
# Add the individual files.
for ((i = 0; i < ${#targets_[@]}; i++)); do
stripSlash "${targets_[$i]}"
@ -25,9 +22,9 @@ done
# Add the closures of the top-level store objects.
chmod +w .
mkdir -p nix/store
storePaths=$(perl $pathsFromGraph closure-*)
for i in $storePaths; do
for i in $(< $closureInfo/store-paths); do
cp -a "$i" "${i:1}"
done
@ -35,7 +32,7 @@ done
# TODO tar ruxo
# Also include a manifest of the closures in a format suitable for
# nix-store --load-db.
printRegistration=1 perl $pathsFromGraph closure-* > nix-path-registration
cp $closureInfo/registration nix-path-registration
# Add symlinks to the top-level store objects.
for ((n = 0; n < ${#objects[*]}; n++)); do

2
nixos/lib/testing.nix
View File

@ -1,5 +1,5 @@
{ system
, pkgs
, pkgs ? import ../.. { inherit system config; }
# Use a minimal kernel?
, minimal ? false
# Ignored

4
nixos/maintainers/scripts/gce/create-gce.sh
View File

@ -7,9 +7,9 @@ BUCKET_NAME="${BUCKET_NAME:-nixos-cloud-images}"
TIMESTAMP="$(date +%Y%m%d%H%M)"
export TIMESTAMP
nix-build '<nixpkgs/nixos>' \
nix-build '<nixpkgs/nixos/lib/eval-config.nix>' \
-A config.system.build.googleComputeImage \
--arg configuration "{ imports = [ <nixpkgs/nixos/modules/virtualisation/google-compute-image.nix> ]; }" \
--arg modules "[ <nixpkgs/nixos/modules/virtualisation/google-compute-image.nix> ]" \
--argstr system x86_64-linux \
-o gce \
-j 10

14
nixos/modules/config/i18n.nix
View File

@ -34,6 +34,17 @@ with lib;
'';
};
extraLocaleSettings = mkOption {
type = types.attrsOf types.str;
default = {};
example = { LC_MESSAGES = "en_US.UTF-8"; LC_TIME = "de_DE.UTF-8"; };
description = ''
A set of additional system-wide locale settings other than
<literal>LANG</literal> which can be configured with
<option>i18n.defaultLocale</option>.
'';
};
supportedLocales = mkOption {
type = types.listOf types.str;
default = ["all"];
@ -129,7 +140,7 @@ with lib;
environment.sessionVariables =
{ LANG = config.i18n.defaultLocale;
LOCALE_ARCHIVE = "/run/current-system/sw/lib/locale/locale-archive";
};
} // config.i18n.extraLocaleSettings;
systemd.globalEnvironment = mkIf (config.i18n.supportedLocales != []) {
LOCALE_ARCHIVE = "${config.i18n.glibcLocales}/lib/locale/locale-archive";
@ -141,6 +152,7 @@ with lib;
source = pkgs.writeText "locale.conf"
''
LANG=${config.i18n.defaultLocale}
${concatStringsSep "\n" (mapAttrsToList (n: v: ''${n}=${v}'') config.i18n.extraLocaleSettings)}
'';
};

2
nixos/modules/config/no-x-libs.nix
View File

@ -35,7 +35,7 @@ with lib;
networkmanager-vpnc = super.networkmanager-vpnc.override { withGnome = false; };
networkmanager-iodine = super.networkmanager-iodine.override { withGnome = false; };
pinentry = super.pinentry_ncurses;
gobjectIntrospection = super.gobjectIntrospection.override { x11Support = false; };
gobject-introspection = super.gobject-introspection.override { x11Support = false; };
}));
};
}

4
nixos/modules/hardware/raid/hpsa.nix
View File

@ -8,7 +8,7 @@ let
version = "2.40-13.0";
src = pkgs.fetchurl {
url = "http://downloads.linux.hpe.com/SDR/downloads/MCP/Ubuntu/pool/non-free/${name}_amd64.deb";
url = "https://downloads.linux.hpe.com/SDR/downloads/MCP/Ubuntu/pool/non-free/${name}_amd64.deb";
sha256 = "11w7fwk93lmfw0yya4jpjwdmgjimqxx6412sqa166g1pz4jil4sw";
};
@ -34,7 +34,7 @@ let
meta = with lib; {
description = "HP Smart Array CLI";
homepage = http://downloads.linux.hpe.com/SDR/downloads/MCP/Ubuntu/pool/non-free/;
homepage = https://downloads.linux.hpe.com/SDR/downloads/MCP/Ubuntu/pool/non-free/;
license = licenses.unfreeRedistributable;
platforms = [ "x86_64-linux" ];
maintainers = with maintainers; [ volth ];

4
nixos/modules/installer/cd-dvd/sd-image.nix
View File

@ -134,7 +134,9 @@ in
${config.sdImage.populateBootCommands}
# Copy the populated /boot into the SD image
(cd boot; mcopy -bpsvm -i ../bootpart.img ./* ::)
(cd boot; mcopy -psvm -i ../bootpart.img ./* ::)
# Verify the FAT partition before copying it.
fsck.vfat -vn bootpart.img
dd conv=notrunc if=bootpart.img of=$img seek=$START count=$SECTORS
'';
}) {};

4
nixos/modules/misc/ids.nix
View File

@ -175,7 +175,7 @@
dnsmasq = 141;
uhub = 142;
yandexdisk = 143;
#collectd = 144; #unused
mxisd = 144; # was once collectd
consul = 145;
mailpile = 146;
redmine = 147;
@ -484,7 +484,7 @@
#dnsmasq = 141; # unused
uhub = 142;
#yandexdisk = 143; # unused
#collectd = 144; # unused
mxisd = 144; # was once collectd
#consul = 145; # unused
mailpile = 146;
redmine = 147;

3
nixos/modules/module-list.nix
View File

@ -246,6 +246,7 @@
./services/desktops/gnome3/gnome-documents.nix
./services/desktops/gnome3/gnome-keyring.nix
./services/desktops/gnome3/gnome-online-accounts.nix
./services/desktops/gnome3/gnome-remote-desktop.nix
./services/desktops/gnome3/gnome-online-miners.nix
./services/desktops/gnome3/gnome-terminal-server.nix
./services/desktops/gnome3/gnome-user-share.nix
@ -332,6 +333,7 @@
./services/mail/rspamd.nix
./services/mail/rss2email.nix
./services/mail/rmilter.nix
./services/mail/roundcube.nix
./services/mail/nullmailer.nix
./services/misc/airsonic.nix
./services/misc/apache-kafka.nix
@ -560,6 +562,7 @@
./services/networking/miredo.nix
./services/networking/mstpd.nix
./services/networking/murmur.nix
./services/networking/mxisd.nix
./services/networking/namecoind.nix
./services/networking/nat.nix
./services/networking/ndppd.nix

2
nixos/modules/profiles/base.nix
View File

@ -49,7 +49,7 @@
];
# Include support for various filesystems.
boot.supportedFilesystems = [ "btrfs" "reiserfs" "vfat" "f2fs" "xfs" "ntfs" "cifs" ];
boot.supportedFilesystems = [ "btrfs" "reiserfs" "vfat" "f2fs" "xfs" "zfs" "ntfs" "cifs" ];
# Configure host id for ZFS to work
networking.hostId = lib.mkDefault "8425e349";

16
nixos/modules/profiles/docker-container.nix
View File

@ -15,15 +15,19 @@ in {
# Create the tarball
system.build.tarball = pkgs.callPackage ../../lib/make-system-tarball.nix {
contents = [];
contents = [
{
source = "${config.system.build.toplevel}/.";
target = "./";
}
];
extraArgs = "--owner=0";
# Add init script to image
storeContents = [
{ object = config.system.build.toplevel + "/init";
symlink = "/init";
}
] ++ (pkgs2storeContents [ pkgs.stdenv ]);
storeContents = pkgs2storeContents [
config.system.build.toplevel
pkgs.stdenv
];
# Some container managers like lxc need these
extraCommands = "mkdir -p proc sys dev";

2
nixos/modules/profiles/hardened.nix
View File

@ -12,6 +12,8 @@ with lib;
boot.kernelPackages = mkDefault pkgs.linuxPackages_hardened;
nix.allowedUsers = mkDefault [ "@users" ];
security.hideProcessInformation = mkDefault true;
security.lockKernelModules = mkDefault true;

2
nixos/modules/programs/sway-beta.nix
View File

@ -8,7 +8,7 @@ let
swayWrapped = pkgs.writeShellScriptBin "sway" ''
${cfg.extraSessionCommands}
exec ${pkgs.dbus.dbus-launch} --exit-with-session ${swayPackage}/bin/sway
exec ${pkgs.dbus.dbus-launch} --exit-with-session ${swayPackage}/bin/sway "$@"
'';
swayJoined = pkgs.symlinkJoin {
name = "sway-joined";

2
nixos/modules/services/backup/borgbackup.nix
View File

@ -191,7 +191,7 @@ in {
options = {
paths = mkOption {
type = with types; either path (nonEmptyListOf path);
type = with types; either path (listOf str);
description = "Path(s) to back up.";
example = "/home/user";
apply = x: if isList x then x else [ x ];

8
nixos/modules/services/cluster/kubernetes/default.nix
View File

@ -784,7 +784,7 @@ in {
clusterCidr = mkOption {
description = "Kubernetes controller manager and proxy CIDR Range for Pods in cluster.";
default = "10.1.0.0/16";
type = types.str;
type = types.nullOr types.str;
};
flannel.enable = mkOption {
@ -1018,9 +1018,9 @@ in {
${if (cfg.controllerManager.rootCaFile!=null)
then "--root-ca-file=${cfg.controllerManager.rootCaFile}"
else "--root-ca-file=/var/run/kubernetes/apiserver.crt"} \
${optionalString (cfg.clusterCidr!=null)
"--cluster-cidr=${cfg.clusterCidr}"} \
--allocate-node-cidrs=true \
${if (cfg.clusterCidr!=null)
then "--cluster-cidr=${cfg.clusterCidr} --allocate-node-cidrs=true"
else "--allocate-node-cidrs=false"} \
${optionalString (cfg.controllerManager.featureGates != [])
"--feature-gates=${concatMapStringsSep "," (feature: "${feature}=true") cfg.controllerManager.featureGates}"} \
${optionalString cfg.verbose "--v=6"} \

3
nixos/modules/services/databases/postgresql.nix
View File

@ -238,6 +238,9 @@ in
User = "postgres";
Group = "postgres";
PermissionsStartOnly = true;
Type = if lib.versionAtLeast cfg.package.version "9.6"
then "notify"
else "simple";
# Shut down Postgres using SIGINT ("Fast Shutdown mode"). See
# http://www.postgresql.org/docs/current/static/server-shutdown.html

18
nixos/modules/services/desktops/gnome3/gnome-remote-desktop.nix Normal file
View File

@ -0,0 +1,18 @@
# Remote desktop daemon using Pipewire.
{ config, lib, pkgs, ... }:
with lib;
{
###### interface
options = {
services.gnome3.gnome-remote-desktop = {
enable = mkEnableOption "Remote Desktop support using Pipewire";
};
};
###### implementation
config = mkIf config.services.gnome3.gnome-remote-desktop.enable {
systemd.packages = [ pkgs.gnome3.gnome-remote-desktop ];
};
}

153
nixos/modules/services/mail/roundcube.nix Normal file
View File

@ -0,0 +1,153 @@
{ lib, config, pkgs, ... }:
with lib;
let
cfg = config.services.roundcube;
in
{
options.services.roundcube = {
enable = mkOption {
type = types.bool;
default = false;
description = ''
Whether to enable roundcube.
Also enables nginx virtual host management.
Further nginx configuration can be done by adapting <literal>services.nginx.virtualHosts.&lt;name&gt;</literal>.
See <xref linkend="opt-services.nginx.virtualHosts"/> for further information.
'';
};
hostName = mkOption {
type = types.str;
example = "webmail.example.com";
description = "Hostname to use for the nginx vhost";
};
database = {
username = mkOption {
type = types.str;
default = "roundcube";
description = "Username for the postgresql connection";
};
host = mkOption {
type = types.str;
default = "localhost";
description = ''
Host of the postgresql server. If this is not set to
<literal>localhost</literal>, you have to create the
postgresql user and database yourself, with appropriate
permissions.
'';
};
password = mkOption {
type = types.str;
description = "Password for the postgresql connection";
};
dbname = mkOption {
type = types.str;
default = "roundcube";
description = "Name of the postgresql database";
};
};
plugins = mkOption {
type = types.listOf types.str;
default = [];
description = ''
List of roundcube plugins to enable. Currently, only those directly shipped with Roundcube are supported.
'';
};
extraConfig = mkOption {
type = types.lines;
default = "";
description = "Extra configuration for roundcube webmail instance";
};
};
config = mkIf cfg.enable {
environment.etc."roundcube/config.inc.php".text = ''
<?php
$config = array();
$config['db_dsnw'] = 'pgsql://${cfg.database.username}:${cfg.database.password}@${cfg.database.host}/${cfg.database.dbname}';
$config['log_driver'] = 'syslog';
$config['max_message_size'] = '25M';
$config['plugins'] = [${concatMapStringsSep "," (p: "'${p}'") cfg.plugins}];
${cfg.extraConfig}
'';
services.nginx = {
enable = true;
virtualHosts = {
${cfg.hostName} = {
forceSSL = mkDefault true;
enableACME = mkDefault true;
locations."/" = {
root = pkgs.roundcube;
index = "index.php";
extraConfig = ''
location ~* \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/phpfpm/roundcube;
include ${pkgs.nginx}/conf/fastcgi_params;
include ${pkgs.nginx}/conf/fastcgi.conf;
}
'';
};
};
};
};
services.postgresql = mkIf (cfg.database.host == "localhost") {
enable = true;
};
services.phpfpm.poolConfigs.roundcube = ''
listen = /run/phpfpm/roundcube
listen.owner = nginx
listen.group = nginx
listen.mode = 0660
user = nginx
pm = dynamic
pm.max_children = 75
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 20
pm.max_requests = 500
php_admin_value[error_log] = 'stderr'
php_admin_flag[log_errors] = on
php_admin_value[post_max_size] = 25M
php_admin_value[upload_max_filesize] = 25M
catch_workers_output = yes
'';
systemd.services.phpfpm-roundcube.after = [ "roundcube-setup.service" ];
systemd.services.roundcube-setup = let
pgSuperUser = config.services.postgresql.superUser;
in {
requires = [ "postgresql.service" ];
after = [ "postgresql.service" ];
wantedBy = [ "multi-user.target" ];
path = [ config.services.postgresql.package ];
script = ''
mkdir -p /var/lib/roundcube
if [ ! -f /var/lib/roundcube/db-created ]; then
if [ "${cfg.database.host}" = "localhost" ]; then
${pkgs.sudo}/bin/sudo -u ${pgSuperUser} psql postgres -c "create role ${cfg.database.username} with login password '${cfg.database.password}'";
${pkgs.sudo}/bin/sudo -u ${pgSuperUser} psql postgres -c "create database ${cfg.database.dbname} with owner ${cfg.database.username}";
fi
PGPASSWORD=${cfg.database.password} ${pkgs.postgresql}/bin/psql -U ${cfg.database.username} \
-f ${pkgs.roundcube}/SQL/postgres.initial.sql \
-h ${cfg.database.host} ${cfg.database.dbname}
touch /var/lib/roundcube/db-created
fi
${pkgs.php}/bin/php ${pkgs.roundcube}/bin/update.sh
'';
serviceConfig.Type = "oneshot";
};
};
}

17
nixos/modules/services/mail/rspamd.nix
View File

@ -45,7 +45,9 @@ let
else "${config.socket}${maybeOption "mode"}${maybeOption "owner"}${maybeOption "group"}";
};
workerOpts = { name, ... }: {
traceWarning = w: x: builtins.trace "warning: ${w}" x;
workerOpts = { name, options, ... }: {
options = {
enable = mkOption {
type = types.nullOr types.bool;
@ -59,9 +61,18 @@ let
};
type = mkOption {
type = types.nullOr (types.enum [
"normal" "controller" "fuzzy_storage" "rspamd_proxy" "lua"
"normal" "controller" "fuzzy_storage" "rspamd_proxy" "lua" "proxy"
]);
description = "The type of this worker";
description = ''
The type of this worker. The type <literal>proxy</literal> is
deprecated and only kept for backwards compatibility and should be
replaced with <literal>rspamd_proxy</literal>.
'';
apply = let
from = "services.rspamd.workers.\”${name}\".type";
files = options.type.files;
warning = "The option `${from}` defined in ${showFiles files} has enum value `proxy` which has been renamed to `rspamd_proxy`";
in x: if x == "proxy" then traceWarning warning "rspamd_proxy" else x;
};
bindSockets = mkOption {
type = types.listOf (types.either types.str (types.submodule bindSocketOpts));

4
nixos/modules/services/misc/gitlab.nix
View File

@ -609,10 +609,6 @@ in {
touch "${cfg.statePath}/db-seeded"
fi
# The gitlab:shell:setup regenerates the authorized_keys file so that
# the store path to the gitlab-shell in it gets updated
${pkgs.sudo}/bin/sudo -u ${cfg.user} -H force=yes ${gitlab-rake}/bin/gitlab-rake gitlab:shell:setup
# The gitlab:shell:create_hooks task seems broken for fixing links
# so we instead delete all the hooks and create them anew
rm -f ${cfg.statePath}/repositories/**/*.git/hooks

2
nixos/modules/services/monitoring/apcupsd.nix
View File

@ -180,7 +180,7 @@ in
serviceConfig = {
Type = "oneshot";
ExecStart = "${pkgs.apcupsd}/bin/apcupsd --killpower -f ${configFile}";
TimeoutSec = 0;
TimeoutSec = "infinity";
StandardOutput = "tty";
RemainAfterExit = "yes";
};

2
nixos/modules/services/monitoring/osquery.nix
View File

@ -78,7 +78,7 @@ in
mkdir -p "$(dirname ${escapeShellArg cfg.databasePath})"
'';
serviceConfig = {
TimeoutStartSec = 0;
TimeoutStartSec = "infinity";
ExecStart = "${pkgs.osquery}/bin/osqueryd --logger_path ${escapeShellArg cfg.loggerPath} --pidfile ${escapeShellArg cfg.pidfile} --database_path ${escapeShellArg cfg.databasePath}";
KillMode = "process";
KillSignal = "SIGTERM";

2
nixos/modules/services/monitoring/systemhealth.nix
View File

@ -8,7 +8,7 @@ let
systemhealth = with pkgs; stdenv.mkDerivation {
name = "systemhealth-1.0";
src = fetchurl {
url = "http://www.brianlane.com/static/downloads/systemhealth/systemhealth-1.0.tar.bz2";
url = "https://www.brianlane.com/downloads/systemhealth/systemhealth-1.0.tar.bz2";
sha256 = "1q69lz7hmpbdpbz36zb06nzfkj651413n9icx0njmyr3xzq1j9qy";
};
buildInputs = [ python ];

2
nixos/modules/services/networking/consul.nix
View File

@ -185,7 +185,7 @@ in
PermissionsStartOnly = true;
User = if cfg.dropPrivileges then "consul" else null;
Restart = "on-failure";
TimeoutStartSec = "0";
TimeoutStartSec = "infinity";
} // (optionalAttrs (cfg.leaveOnStop) {
ExecStop = "${cfg.package.bin}/bin/consul leave";
});

10
nixos/modules/services/networking/flashpolicyd.nix
View File

@ -11,7 +11,7 @@ let
src = pkgs.fetchurl {
name = "flashpolicyd_v0.6.zip";
url = "http://www.adobe.com/content/dotcom/en/devnet/flashplayer/articles/socket_policy_files/_jcr_content/articlePrerequistes/multiplefiles/node_1277808777771/file.res/flashpolicyd_v0.6%5B1%5D.zip";
url = "https://download.adobe.com/pub/adobe/devnet/flashplayer/articles/socket_policy_files/flashpolicyd_v0.6.zip";
sha256 = "16zk237233npwfq1m4ksy4g5lzy1z9fp95w7pz0cdlpmv0fv9sm3";
};
@ -35,9 +35,9 @@ in
###### interface
options = {
services.flashpolicyd = {
enable = mkOption {
default = false;
description =
@ -47,13 +47,13 @@ in
connections to your server.
'';
};
policy = mkOption {
default =
''
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<cross-domain-policy>
<site-control permitted-cross-domain-policies="master-only"/>
<allow-access-from domain="*" to-ports="*" />
</cross-domain-policy>

125
nixos/modules/services/networking/mxisd.nix Normal file
View File

@ -0,0 +1,125 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.mxisd;
server = optionalAttrs (cfg.server.name != null) { inherit (cfg.server) name; }
// optionalAttrs (cfg.server.port != null) { inherit (cfg.server) port; };
baseConfig = {
matrix.domain = cfg.matrix.domain;
key.path = "${cfg.dataDir}/signing.key";
storage = {
provider.sqlite.database = "${cfg.dataDir}/mxisd.db";
};
} // optionalAttrs (server != {}) { inherit server; };
# merges baseConfig and extraConfig into a single file
fullConfig = recursiveUpdate baseConfig cfg.extraConfig;
configFile = pkgs.writeText "mxisd-config.yaml" (builtins.toJSON fullConfig);
in {
options = {
services.mxisd = {
enable = mkEnableOption "mxisd matrix federated identity server";
package = mkOption {
type = types.package;
default = pkgs.mxisd;
defaultText = "pkgs.mxisd";
description = "The mxisd package to use";
};
dataDir = mkOption {
type = types.str;
default = "/var/lib/mxisd";
description = "Where data mxisd uses resides";
};
extraConfig = mkOption {
type = types.attrs;
default = {};
description = "Extra options merged into the mxisd configuration";
};
matrix = {
domain = mkOption {
type = types.str;
description = ''
the domain of the matrix homeserver
'';
};
};
server = {
name = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
Public hostname of mxisd, if different from the Matrix domain.
'';
};
port = mkOption {
type = types.nullOr types.int;
default = null;
description = ''
HTTP port to listen on (unencrypted)
'';
};
};
};
};
config = mkIf cfg.enable {
users.users = [
{
name = "mxisd";
group = "mxisd";
home = cfg.dataDir;
createHome = true;
shell = "${pkgs.bash}/bin/bash";
uid = config.ids.uids.mxisd;
}
];
users.groups = [
{
name = "mxisd";
gid = config.ids.gids.mxisd;
}
];
systemd.services.mxisd = {
description = "a federated identity server for the matrix ecosystem";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
# mxisd / spring.boot needs the configuration to be named "application.yaml"
preStart = ''
config=${cfg.dataDir}/application.yaml
cp ${configFile} $config
chmod 444 $config
'';
serviceConfig = {
Type = "simple";
User = "mxisd";
Group = "mxisd";
ExecStart = "${cfg.package}/bin/mxisd --spring.config.location=${cfg.dataDir}/ --spring.profiles.active=systemd --java.security.egd=file:/dev/./urandom";
WorkingDirectory = cfg.dataDir;
PermissionsStartOnly = true;
SuccessExitStatus = 143;
Restart = "on-failure";
};
};
};
}

38
nixos/modules/services/networking/ntpd.nix
View File

@ -15,6 +15,10 @@ let
configFile = pkgs.writeText "ntp.conf" ''
driftfile ${stateDir}/ntp.drift
restrict default ${toString cfg.restrictDefault}
restrict -6 default ${toString cfg.restrictDefault}
restrict source ${toString cfg.restrictSource}
restrict 127.0.0.1
restrict -6 ::1
@ -36,11 +40,40 @@ in
enable = mkOption {
default = false;
description = ''
Whether to synchronise your machine's time using the NTP
protocol.
Whether to synchronise your machine's time using ntpd, as a peer in
the NTP network.
</para>
<para>
Disables <literal>systemd.timesyncd</literal> if enabled.
'';
};
restrictDefault = mkOption {
type = types.listOf types.str;
description = ''
The restriction flags to be set by default.
</para>
<para>
The default flags prevent external hosts from using ntpd as a DDoS
reflector, setting system time, and querying OS/ntpd version. As
recommended in section 6.5.1.1.3, answer "No" of
http://support.ntp.org/bin/view/Support/AccessRestrictions
'';
default = [ "limited" "kod" "nomodify" "notrap" "noquery" "nopeer" ];
};
restrictSource = mkOption {
type = types.listOf types.str;
description = ''
The restriction flags to be set on source.
</para>
<para>
The default flags allow peers to be added by ntpd from configured
pool(s), but not by other means.
'';
default = [ "limited" "kod" "nomodify" "notrap" "noquery" ];
};
servers = mkOption {
default = config.networking.timeServers;
description = ''
@ -51,6 +84,7 @@ in
extraFlags = mkOption {
type = types.listOf types.str;
description = "Extra flags passed to the ntpd command.";
example = literalExample ''[ "--interface=eth0" ]'';
default = [];
};

7
nixos/modules/services/security/tor.nix
View File

@ -92,6 +92,7 @@ let
# Hidden services
+ concatStrings (flip mapAttrsToList cfg.hiddenServices (n: v: ''
HiddenServiceDir ${torDirectory}/onion/${v.name}
${optionalString (v.version != null) "HiddenServiceVersion ${toString v.version}"}
${flip concatMapStrings v.map (p: ''
HiddenServicePort ${toString p.port} ${p.destination}
'')}
@ -667,6 +668,12 @@ in
};
}));
};
version = mkOption {
default = null;
description = "Rendezvous service descriptor version to publish for the hidden service. Currently, versions 2 and 3 are supported. (Default: 2)";
type = types.nullOr (types.enum [ 2 3 ]);
};
};
config = {

8
nixos/modules/services/system/cloud-init.nix
View File

@ -119,7 +119,7 @@ in
{ Type = "oneshot";
ExecStart = "${pkgs.cloud-init}/bin/cloud-init init --local";
RemainAfterExit = "yes";
TimeoutSec = "0";
TimeoutSec = "infinity";
StandardOutput = "journal+console";
};
};
@ -137,7 +137,7 @@ in
{ Type = "oneshot";
ExecStart = "${pkgs.cloud-init}/bin/cloud-init init";
RemainAfterExit = "yes";
TimeoutSec = "0";
TimeoutSec = "infinity";
StandardOutput = "journal+console";
};
};
@ -153,7 +153,7 @@ in
{ Type = "oneshot";
ExecStart = "${pkgs.cloud-init}/bin/cloud-init modules --mode=config";
RemainAfterExit = "yes";
TimeoutSec = "0";
TimeoutSec = "infinity";
StandardOutput = "journal+console";
};
};
@ -169,7 +169,7 @@ in
{ Type = "oneshot";
ExecStart = "${pkgs.cloud-init}/bin/cloud-init modules --mode=final";
RemainAfterExit = "yes";
TimeoutSec = "0";
TimeoutSec = "infinity";
StandardOutput = "journal+console";
};
};

4
nixos/modules/services/web-servers/apache-httpd/mediawiki.nix
View File

@ -86,7 +86,7 @@ let
name= "mediawiki-1.29.1";
src = pkgs.fetchurl {
url = "http://download.wikimedia.org/mediawiki/1.29/${name}.tar.gz";
url = "https://releases.wikimedia.org/mediawiki/1.29/${name}.tar.gz";
sha256 = "03mpazbxvb011s2nmlw5p6dc43yjgl5yrsilmj1imyykm57bwb3m";
};
@ -311,7 +311,7 @@ in
description = ''
Any additional text to be appended to MediaWiki's
configuration file. This is a PHP script. For configuration
settings, see <link xlink:href='http://www.mediawiki.org/wiki/Manual:Configuration_settings'/>.
settings, see <link xlink:href='https://www.mediawiki.org/wiki/Manual:Configuration_settings'/>.
'';
};

1
nixos/modules/services/x11/desktop-managers/gnome3.nix
View File

@ -107,6 +107,7 @@ in {
services.gnome3.gnome-documents.enable = mkDefault true;
services.gnome3.gnome-keyring.enable = true;
services.gnome3.gnome-online-accounts.enable = mkDefault true;
services.gnome3.gnome-remote-desktop.enable = mkDefault true;
services.gnome3.gnome-terminal-server.enable = mkDefault true;
services.gnome3.gnome-user-share.enable = mkDefault true;
services.gnome3.gvfs.enable = true;

2
nixos/modules/services/x11/display-managers/gdm.nix
View File

@ -116,7 +116,7 @@ in
environment = {
GDM_X_SERVER_EXTRA_ARGS = toString
(filter (arg: arg != "-terminate") cfg.xserverArgs);
GDM_SESSIONS_DIR = "${cfg.session.desktops}/share/xsessions";
XDG_DATA_DIRS = "${cfg.session.desktops}/share/";
# Find the mouse
XCURSOR_PATH = "~/.icons:${pkgs.gnome3.adwaita-icon-theme}/share/icons";
} // optionalAttrs (xSessionWrapper != null) {

30
nixos/modules/services/x11/urxvtd.nix
View File

@ -18,27 +18,17 @@ in {
};
config = mkIf cfg.enable {
systemd.user = {
sockets.urxvtd = {
description = "socket for urxvtd, the urxvt terminal daemon";
wantedBy = [ "graphical-session.target" ];
partOf = [ "graphical-session.target" ];
socketConfig = {
ListenStream = "%t/urxvtd-socket";
};
systemd.user.services.urxvtd = {
description = "urxvt terminal daemon";
wantedBy = [ "graphical-session.target" ];
partOf = [ "graphical-session.target" ];
path = [ pkgs.xsel ];
serviceConfig = {
ExecStart = "${pkgs.rxvt_unicode-with-plugins}/bin/urxvtd -o";
Environment = "RXVT_SOCKET=%t/urxvtd-socket";
Restart = "on-failure";
RestartSec = "5s";
};
services.urxvtd = {
description = "urxvt terminal daemon";
path = [ pkgs.xsel ];
serviceConfig = {
ExecStart = "${pkgs.rxvt_unicode-with-plugins}/bin/urxvtd -o";
Environment = "RXVT_SOCKET=%t/urxvtd-socket";
Restart = "on-failure";
RestartSec = "5s";
};
};
};
environment.systemPackages = [ pkgs.rxvt_unicode-with-plugins ];

2
nixos/modules/system/boot/systemd-nspawn.nix
View File

@ -112,7 +112,7 @@ in {
environment.etc."systemd/nspawn".source = generateUnits "nspawn" units [] [];
systemd.targets."multi-user".wants = [ "machines.target "];
systemd.targets."multi-user".wants = [ "machines.target" ];
};
}

8
nixos/modules/virtualisation/container-config.nix
View File

@ -22,12 +22,8 @@ with lib;
# Not supported in systemd-nspawn containers.
security.audit.enable = false;
# Make sure that root user in container will talk to host nix-daemon
environment.etc."profile".text = ''
export NIX_REMOTE=daemon
'';
# Use the host's nix-daemon.
environment.variables.NIX_REMOTE = "daemon";
};

38
nixos/modules/virtualisation/docker-image.nix
View File

@ -17,3 +17,41 @@
# Socket activated ssh presents problem in Docker.
services.openssh.startWhenNeeded = false;
}
# Example usage:
#
## default.nix
# let
# nixos = import <nixpkgs/nixos> {
# configuration = ./configuration.nix;
# system = "x86_64-linux";
# };
# in
# nixos.config.system.build.tarball
#
## configuration.nix
# { pkgs, config, lib, ... }:
# {
# imports = [
# <nixpkgs/nixos/modules/virtualisation/docker-image.nix>
# <nixpkgs/nixos/modules/installer/cd-dvd/channel.nix>
# ];
#
# documentation.doc.enable = false;
#
# environment.systemPackages = with pkgs; [
# bashInteractive
# cacert
# nix
# ];
# }
#
## Run
# Build the tarball:
# $ nix-build default.nix
# Load into docker:
# $ docker import result/tarball/nixos-system-*.tar.xz nixos-docker
# Boots into systemd
# $ docker run --privileged -it nixos-docker /init
# Log into the container
# $ docker exec -it <container-name> /run/current-system/sw/bin/bash

262
nixos/modules/virtualisation/google-compute-config.nix
View File

@ -1,5 +1,261 @@
{ ... }:
{ config, lib, pkgs, ... }:
with lib;
let
gce = pkgs.google-compute-engine;
cfg = config.virtualisation.googleComputeImage;
in
{
imports = [ <nixpkgs/nixos/modules/virtualisation/google-compute-image.nix> ];
imports = [
../profiles/headless.nix
../profiles/qemu-guest.nix
];
fileSystems."/" = {
device = "/dev/disk/by-label/nixos";
autoResize = true;
};
boot.growPartition = true;
boot.kernelParams = [ "console=ttyS0" "panic=1" "boot.panic_on_fail" ];
boot.initrd.kernelModules = [ "virtio_scsi" ];
boot.kernelModules = [ "virtio_pci" "virtio_net" ];
# Generate a GRUB menu. Amazon's pv-grub uses this to boot our kernel/initrd.
boot.loader.grub.device = "/dev/sda";
boot.loader.timeout = 0;
# Don't put old configurations in the GRUB menu. The user has no
# way to select them anyway.
boot.loader.grub.configurationLimit = 0;
# Allow root logins only using the SSH key that the user specified
# at instance creation time.
services.openssh.enable = true;
services.openssh.permitRootLogin = "prohibit-password";
services.openssh.passwordAuthentication = mkDefault false;
# Use GCE udev rules for dynamic disk volumes
services.udev.packages = [ gce ];
# Force getting the hostname from Google Compute.
networking.hostName = mkDefault "";
# Always include cryptsetup so that NixOps can use it.
environment.systemPackages = [ pkgs.cryptsetup ];
# Make sure GCE image does not replace host key that NixOps sets
environment.etc."default/instance_configs.cfg".text = lib.mkDefault ''
[InstanceSetup]
set_host_keys = false
'';
# Rely on GCP's firewall instead
networking.firewall.enable = mkDefault false;
# Configure default metadata hostnames
networking.extraHosts = ''
169.254.169.254 metadata.google.internal metadata
'';
networking.timeServers = [ "metadata.google.internal" ];
networking.usePredictableInterfaceNames = false;
# GC has 1460 MTU
networking.interfaces.eth0.mtu = 1460;
# allow the google-accounts-daemon to manage users
users.mutableUsers = true;
# and allow users to sudo without password
security.sudo.enable = true;
security.sudo.extraConfig = ''
%google-sudoers ALL=(ALL:ALL) NOPASSWD:ALL
'';
# NOTE: google-accounts tries to write to /etc/sudoers.d but the folder doesn't exist
# FIXME: not such file or directory on dynamic SSH provisioning
systemd.services.google-accounts-daemon = {
description = "Google Compute Engine Accounts Daemon";
# This daemon creates dynamic users
enable = config.users.mutableUsers;
after = [
"network.target"
"google-instance-setup.service"
"google-network-setup.service"
];
requires = ["network.target"];
wantedBy = ["multi-user.target"];
path = with pkgs; [ shadow ];
serviceConfig = {
Type = "simple";
ExecStart = "${gce}/bin/google_accounts_daemon --debug";
};
};
systemd.services.google-clock-skew-daemon = {
description = "Google Compute Engine Clock Skew Daemon";
after = [
"network.target"
"google-instance-setup.service"
"google-network-setup.service"
];
requires = ["network.target"];
wantedBy = ["multi-user.target"];
serviceConfig = {
Type = "simple";
ExecStart = "${gce}/bin/google_clock_skew_daemon --debug";
};
};
systemd.services.google-instance-setup = {
description = "Google Compute Engine Instance Setup";
after = ["local-fs.target" "network-online.target" "network.target" "rsyslog.service"];
before = ["sshd.service"];
wants = ["local-fs.target" "network-online.target" "network.target"];
wantedBy = [ "sshd.service" "multi-user.target" ];
path = with pkgs; [ ethtool openssh ];
serviceConfig = {
ExecStart = "${gce}/bin/google_instance_setup --debug";
Type = "oneshot";
};
};
systemd.services.google-network-daemon = {
description = "Google Compute Engine Network Daemon";
after = ["local-fs.target" "network-online.target" "network.target" "rsyslog.service" "google-instance-setup.service"];
wants = ["local-fs.target" "network-online.target" "network.target"];
requires = ["network.target"];
partOf = ["network.target"];
wantedBy = [ "multi-user.target" ];
path = with pkgs; [ iproute ];
serviceConfig = {
ExecStart = "${gce}/bin/google_network_daemon --debug";
};
};
systemd.services.google-shutdown-scripts = {
description = "Google Compute Engine Shutdown Scripts";
after = [
"local-fs.target"
"network-online.target"
"network.target"
"rsyslog.service"
"systemd-resolved.service"
"google-instance-setup.service"
"google-network-daemon.service"
];
wants = [ "local-fs.target" "network-online.target" "network.target"];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${pkgs.coreutils}/bin/true";
ExecStop = "${gce}/bin/google_metadata_script_runner --debug --script-type shutdown";
Type = "oneshot";
RemainAfterExit = true;
TimeoutStopSec = "infinity";
};
};
systemd.services.google-startup-scripts = {
description = "Google Compute Engine Startup Scripts";
after = [
"local-fs.target"
"network-online.target"
"network.target"
"rsyslog.service"
"google-instance-setup.service"
"google-network-daemon.service"
];
wants = ["local-fs.target" "network-online.target" "network.target"];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${gce}/bin/google_metadata_script_runner --debug --script-type startup";
KillMode = "process";
Type = "oneshot";
};
};
# Settings taken from https://github.com/GoogleCloudPlatform/compute-image-packages/blob/master/google_config/sysctl/11-gce-network-security.conf
boot.kernel.sysctl = {
# Turn on SYN-flood protections. Starting with 2.6.26, there is no loss
# of TCP functionality/features under normal conditions. When flood
# protections kick in under high unanswered-SYN load, the system
# should remain more stable, with a trade off of some loss of TCP
# functionality/features (e.g. TCP Window scaling).
"net.ipv4.tcp_syncookies" = mkDefault "1";
# ignores source-routed packets
"net.ipv4.conf.all.accept_source_route" = mkDefault "0";
# ignores source-routed packets
"net.ipv4.conf.default.accept_source_route" = mkDefault "0";
# ignores ICMP redirects
"net.ipv4.conf.all.accept_redirects" = mkDefault "0";
# ignores ICMP redirects
"net.ipv4.conf.default.accept_redirects" = mkDefault "0";
# ignores ICMP redirects from non-GW hosts
"net.ipv4.conf.all.secure_redirects" = mkDefault "1";
# ignores ICMP redirects from non-GW hosts
"net.ipv4.conf.default.secure_redirects" = mkDefault "1";
# don't allow traffic between networks or act as a router
"net.ipv4.ip_forward" = mkDefault "0";
# don't allow traffic between networks or act as a router
"net.ipv4.conf.all.send_redirects" = mkDefault "0";
# don't allow traffic between networks or act as a router
"net.ipv4.conf.default.send_redirects" = mkDefault "0";
# reverse path filtering - IP spoofing protection
"net.ipv4.conf.all.rp_filter" = mkDefault "1";
# reverse path filtering - IP spoofing protection
"net.ipv4.conf.default.rp_filter" = mkDefault "1";
# ignores ICMP broadcasts to avoid participating in Smurf attacks
"net.ipv4.icmp_echo_ignore_broadcasts" = mkDefault "1";
# ignores bad ICMP errors
"net.ipv4.icmp_ignore_bogus_error_responses" = mkDefault "1";
# logs spoofed, source-routed, and redirect packets
"net.ipv4.conf.all.log_martians" = mkDefault "1";
# log spoofed, source-routed, and redirect packets
"net.ipv4.conf.default.log_martians" = mkDefault "1";
# implements RFC 1337 fix
"net.ipv4.tcp_rfc1337" = mkDefault "1";
# randomizes addresses of mmap base, heap, stack and VDSO page
"kernel.randomize_va_space" = mkDefault "2";
# Reboot the machine soon after a kernel panic.
"kernel.panic" = mkDefault "10";
## Not part of the original config
# provides protection from ToCToU races
"fs.protected_hardlinks" = mkDefault "1";
# provides protection from ToCToU races
"fs.protected_symlinks" = mkDefault "1";
# makes locating kernel addresses more difficult
"kernel.kptr_restrict" = mkDefault "1";
# set ptrace protections
"kernel.yama.ptrace_scope" = mkOverride 500 "1";
# set perf only available to root
"kernel.perf_event_paranoid" = mkDefault "2";
};
}

362
nixos/modules/virtualisation/google-compute-image.nix
View File

@ -2,333 +2,59 @@
with lib;
let
diskSize = 1536; # MB
gce = pkgs.google-compute-engine;
cfg = config.virtualisation.googleComputeImage;
defaultConfigFile = pkgs.writeText "configuration.nix" ''
{ ... }:
{
imports = [
<nixpkgs/nixos/modules/virtualisation/google-compute-image.nix>
];
}
'';
in
{
imports = [ ../profiles/headless.nix ../profiles/qemu-guest.nix ];
system.build.googleComputeImage = import ../../lib/make-disk-image.nix {
name = "google-compute-image";
postVM = ''
PATH=$PATH:${pkgs.stdenv.lib.makeBinPath [ pkgs.gnutar pkgs.gzip ]}
pushd $out
mv $diskImage disk.raw
tar -Szcf nixos-image-${config.system.nixos.label}-${pkgs.stdenv.hostPlatform.system}.raw.tar.gz disk.raw
rm $out/disk.raw
popd
'';
configFile = <nixpkgs/nixos/modules/virtualisation/google-compute-config.nix>;
format = "raw";
inherit diskSize;
inherit config lib pkgs;
};
imports = [ ./google-compute-config.nix ];
fileSystems."/" = {
device = "/dev/disk/by-label/nixos";
autoResize = true;
};
options = {
virtualisation.googleComputeImage.diskSize = mkOption {
type = with types; int;
default = 1536;
description = ''
Size of disk image. Unit is MB.
'';
};
boot.growPartition = true;
boot.kernelParams = [ "console=ttyS0" "panic=1" "boot.panic_on_fail" ];
boot.initrd.kernelModules = [ "virtio_scsi" ];
boot.kernelModules = [ "virtio_pci" "virtio_net" ];
# Generate a GRUB menu. Amazon's pv-grub uses this to boot our kernel/initrd.
boot.loader.grub.device = "/dev/sda";
boot.loader.timeout = 0;
# Don't put old configurations in the GRUB menu. The user has no
# way to select them anyway.
boot.loader.grub.configurationLimit = 0;
# Allow root logins only using the SSH key that the user specified
# at instance creation time.
services.openssh.enable = true;
services.openssh.permitRootLogin = "prohibit-password";
services.openssh.passwordAuthentication = mkDefault false;
# Use GCE udev rules for dynamic disk volumes
services.udev.packages = [ gce ];
# Force getting the hostname from Google Compute.
networking.hostName = mkDefault "";
# Always include cryptsetup so that NixOps can use it.
environment.systemPackages = [ pkgs.cryptsetup ];
# Make sure GCE image does not replace host key that NixOps sets
environment.etc."default/instance_configs.cfg".text = lib.mkDefault ''
[InstanceSetup]
set_host_keys = false
'';
# Rely on GCP's firewall instead
networking.firewall.enable = mkDefault false;
# Configure default metadata hostnames
networking.extraHosts = ''
169.254.169.254 metadata.google.internal metadata
'';
networking.timeServers = [ "metadata.google.internal" ];
networking.usePredictableInterfaceNames = false;
# GC has 1460 MTU
networking.interfaces.eth0.mtu = 1460;
# allow the google-accounts-daemon to manage users
users.mutableUsers = true;
# and allow users to sudo without password
security.sudo.enable = true;
security.sudo.extraConfig = ''
%google-sudoers ALL=(ALL:ALL) NOPASSWD:ALL
'';
# NOTE: google-accounts tries to write to /etc/sudoers.d but the folder doesn't exist
# FIXME: not such file or directory on dynamic SSH provisioning
systemd.services.google-accounts-daemon = {
description = "Google Compute Engine Accounts Daemon";
# This daemon creates dynamic users
enable = config.users.mutableUsers;
after = [
"network.target"
"google-instance-setup.service"
"google-network-setup.service"
];
requires = ["network.target"];
wantedBy = ["multi-user.target"];
path = with pkgs; [ shadow ];
serviceConfig = {
Type = "simple";
ExecStart = "${gce}/bin/google_accounts_daemon --debug";
virtualisation.googleComputeImage.configFile = mkOption {
type = with types; nullOr str;
default = null;
description = ''
A path to a configuration file which will be placed at `/etc/nixos/configuration.nix`
and be used when switching to a new configuration.
If set to `null`, a default configuration is used, where the only import is
`<nixpkgs/nixos/modules/virtualisation/google-compute-image.nix>`.
'';
};
};
systemd.services.google-clock-skew-daemon = {
description = "Google Compute Engine Clock Skew Daemon";
after = [
"network.target"
"google-instance-setup.service"
"google-network-setup.service"
];
requires = ["network.target"];
wantedBy = ["multi-user.target"];
serviceConfig = {
Type = "simple";
ExecStart = "${gce}/bin/google_clock_skew_daemon --debug";
#### implementation
config = {
system.build.googleComputeImage = import ../../lib/make-disk-image.nix {
name = "google-compute-image";
postVM = ''
PATH=$PATH:${with pkgs; stdenv.lib.makeBinPath [ gnutar gzip ]}
pushd $out
mv $diskImage disk.raw
tar -Szcf nixos-image-${config.system.nixos.label}-${pkgs.stdenv.hostPlatform.system}.raw.tar.gz disk.raw
rm $out/disk.raw
popd
'';
format = "raw";
configFile = if isNull cfg.configFile then defaultConfigFile else cfg.configFile;
inherit (cfg) diskSize;
inherit config lib pkgs;
};
};
systemd.services.google-instance-setup = {
description = "Google Compute Engine Instance Setup";
after = ["local-fs.target" "network-online.target" "network.target" "rsyslog.service"];
before = ["sshd.service"];
wants = ["local-fs.target" "network-online.target" "network.target"];
wantedBy = [ "sshd.service" "multi-user.target" ];
path = with pkgs; [ ethtool openssh ];
serviceConfig = {
ExecStart = "${gce}/bin/google_instance_setup --debug";
Type = "oneshot";
};
};
systemd.services.google-network-daemon = {
description = "Google Compute Engine Network Daemon";
after = ["local-fs.target" "network-online.target" "network.target" "rsyslog.service" "google-instance-setup.service"];
wants = ["local-fs.target" "network-online.target" "network.target"];
requires = ["network.target"];
partOf = ["network.target"];
wantedBy = [ "multi-user.target" ];
path = with pkgs; [ iproute ];
serviceConfig = {
ExecStart = "${gce}/bin/google_network_daemon --debug";
};
};
systemd.services.google-shutdown-scripts = {
description = "Google Compute Engine Shutdown Scripts";
after = [
"local-fs.target"
"network-online.target"
"network.target"
"rsyslog.service"
"systemd-resolved.service"
"google-instance-setup.service"
"google-network-daemon.service"
];
wants = [ "local-fs.target" "network-online.target" "network.target"];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${pkgs.coreutils}/bin/true";
ExecStop = "${gce}/bin/google_metadata_script_runner --debug --script-type shutdown";
Type = "oneshot";
RemainAfterExit = true;
TimeoutStopSec = 0;
};
};
systemd.services.google-startup-scripts = {
description = "Google Compute Engine Startup Scripts";
after = [
"local-fs.target"
"network-online.target"
"network.target"
"rsyslog.service"
"google-instance-setup.service"
"google-network-daemon.service"
];
wants = ["local-fs.target" "network-online.target" "network.target"];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${gce}/bin/google_metadata_script_runner --debug --script-type startup";
KillMode = "process";
Type = "oneshot";
};
};
# TODO: remove this
systemd.services.fetch-ssh-keys =
{ description = "Fetch host keys and authorized_keys for root user";
wantedBy = [ "sshd.service" ];
before = [ "sshd.service" ];
after = [ "network-online.target" ];
wants = [ "network-online.target" ];
script = let wget = "${pkgs.wget}/bin/wget --retry-connrefused -t 15 --waitretry=10 --header='Metadata-Flavor: Google'";
mktemp = "mktemp --tmpdir=/run"; in
''
# When dealing with cryptographic keys, we want to keep things private.
umask 077
# Don't download the SSH key if it has already been downloaded
echo "Obtaining SSH keys..."
mkdir -m 0700 -p /root/.ssh
AUTH_KEYS=$(${mktemp})
${wget} -O $AUTH_KEYS http://metadata.google.internal/computeMetadata/v1/instance/attributes/sshKeys
if [ -s $AUTH_KEYS ]; then
# Read in key one by one, split in case Google decided
# to append metadata (it does sometimes) and add to
# authorized_keys if not already present.
touch /root/.ssh/authorized_keys
NEW_KEYS=$(${mktemp})
# Yes this is a nix escape of two single quotes.
while IFS=''' read -r line || [[ -n "$line" ]]; do
keyLine=$(echo -n "$line" | cut -d ':' -f2)
IFS=' ' read -r -a array <<< "$keyLine"
if [ ''${#array[@]} -ge 3 ]; then
echo ''${array[@]:0:3} >> $NEW_KEYS
echo "Added ''${array[@]:2} to authorized_keys"
fi
done < $AUTH_KEYS
mv $NEW_KEYS /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys
rm -f $KEY_PUB
else
echo "Downloading http://metadata.google.internal/computeMetadata/v1/project/attributes/sshKeys failed."
false
fi
rm -f $AUTH_KEYS
SSH_HOST_KEYS_DIR=$(${mktemp} -d)
${wget} -O $SSH_HOST_KEYS_DIR/ssh_host_ed25519_key http://metadata.google.internal/computeMetadata/v1/instance/attributes/ssh_host_ed25519_key
${wget} -O $SSH_HOST_KEYS_DIR/ssh_host_ed25519_key.pub http://metadata.google.internal/computeMetadata/v1/instance/attributes/ssh_host_ed25519_key_pub
if [ -s $SSH_HOST_KEYS_DIR/ssh_host_ed25519_key -a -s $SSH_HOST_KEYS_DIR/ssh_host_ed25519_key.pub ]; then
mv -f $SSH_HOST_KEYS_DIR/ssh_host_ed25519_key* /etc/ssh/
chmod 600 /etc/ssh/ssh_host_ed25519_key
chmod 644 /etc/ssh/ssh_host_ed25519_key.pub
else
echo "Setup of ssh host keys from http://metadata.google.internal/computeMetadata/v1/instance/attributes/ failed."
false
fi
rm -rf $SSH_HOST_KEYS_DIR
'';
serviceConfig.Type = "oneshot";
serviceConfig.RemainAfterExit = true;
serviceConfig.StandardError = "journal+console";
serviceConfig.StandardOutput = "journal+console";
};
# Settings taken from https://github.com/GoogleCloudPlatform/compute-image-packages/blob/master/google_config/sysctl/11-gce-network-security.conf
boot.kernel.sysctl = {
# Turn on SYN-flood protections. Starting with 2.6.26, there is no loss
# of TCP functionality/features under normal conditions. When flood
# protections kick in under high unanswered-SYN load, the system
# should remain more stable, with a trade off of some loss of TCP
# functionality/features (e.g. TCP Window scaling).
"net.ipv4.tcp_syncookies" = mkDefault "1";
# ignores source-routed packets
"net.ipv4.conf.all.accept_source_route" = mkDefault "0";
# ignores source-routed packets
"net.ipv4.conf.default.accept_source_route" = mkDefault "0";
# ignores ICMP redirects
"net.ipv4.conf.all.accept_redirects" = mkDefault "0";
# ignores ICMP redirects
"net.ipv4.conf.default.accept_redirects" = mkDefault "0";
# ignores ICMP redirects from non-GW hosts
"net.ipv4.conf.all.secure_redirects" = mkDefault "1";
# ignores ICMP redirects from non-GW hosts
"net.ipv4.conf.default.secure_redirects" = mkDefault "1";
# don't allow traffic between networks or act as a router
"net.ipv4.ip_forward" = mkDefault "0";
# don't allow traffic between networks or act as a router
"net.ipv4.conf.all.send_redirects" = mkDefault "0";
# don't allow traffic between networks or act as a router
"net.ipv4.conf.default.send_redirects" = mkDefault "0";
# reverse path filtering - IP spoofing protection
"net.ipv4.conf.all.rp_filter" = mkDefault "1";
# reverse path filtering - IP spoofing protection
"net.ipv4.conf.default.rp_filter" = mkDefault "1";
# ignores ICMP broadcasts to avoid participating in Smurf attacks
"net.ipv4.icmp_echo_ignore_broadcasts" = mkDefault "1";
# ignores bad ICMP errors
"net.ipv4.icmp_ignore_bogus_error_responses" = mkDefault "1";
# logs spoofed, source-routed, and redirect packets
"net.ipv4.conf.all.log_martians" = mkDefault "1";
# log spoofed, source-routed, and redirect packets
"net.ipv4.conf.default.log_martians" = mkDefault "1";
# implements RFC 1337 fix
"net.ipv4.tcp_rfc1337" = mkDefault "1";
# randomizes addresses of mmap base, heap, stack and VDSO page
"kernel.randomize_va_space" = mkDefault "2";
# Reboot the machine soon after a kernel panic.
"kernel.panic" = mkDefault "10";
## Not part of the original config
# provides protection from ToCToU races
"fs.protected_hardlinks" = mkDefault "1";
# provides protection from ToCToU races
"fs.protected_symlinks" = mkDefault "1";
# makes locating kernel addresses more difficult
"kernel.kptr_restrict" = mkDefault "1";
# set ptrace protections
"kernel.yama.ptrace_scope" = mkOverride 500 "1";
# set perf only available to root
"kernel.perf_event_paranoid" = mkDefault "2";
};

1
nixos/tests/all-tests.nix
View File

@ -178,6 +178,7 @@ in
rabbitmq = handleTest ./rabbitmq.nix {};
radicale = handleTest ./radicale.nix {};
redmine = handleTest ./redmine.nix {};
roundcube = handleTest ./roundcube.nix {};
rspamd = handleTest ./rspamd.nix {};
rss2email = handleTest ./rss2email.nix {};
rsyslogd = handleTest ./rsyslogd.nix {};

4
nixos/tests/gitlab.nix
View File

@ -16,6 +16,7 @@ import ./make-test.nix ({ pkgs, lib, ...} : with lib; {
services.nginx = {
enable = true;
recommendedProxySettings = true;
virtualHosts = {
"localhost" = {
locations."/".proxyPass = "http://unix:/run/gitlab/gitlab-workhorse.socket";
@ -75,7 +76,8 @@ import ./make-test.nix ({ pkgs, lib, ...} : with lib; {
$gitlab->waitForUnit("gitlab.service");
$gitlab->waitForUnit("gitlab-sidekiq.service");
$gitlab->waitForFile("/var/gitlab/state/tmp/sockets/gitlab.socket");
$gitlab->waitUntilSucceeds("curl -sSf http://localhost/users/sign_in");
$gitlab->waitUntilSucceeds("curl -sSf http://gitlab/users/sign_in");
$gitlab->succeed("curl -isSf http://gitlab | grep -i location | grep -q http://gitlab/users/sign_in");
$gitlab->succeed("${pkgs.sudo}/bin/sudo -u gitlab -H gitlab-rake gitlab:check 1>&2")
'';
})

7
nixos/tests/hardened.nix
View File

@ -10,6 +10,7 @@ import ./make-test.nix ({ pkgs, ...} : {
{ users.users.alice = { isNormalUser = true; extraGroups = [ "proc" ]; };
users.users.sybil = { isNormalUser = true; group = "wheel"; };
imports = [ ../modules/profiles/hardened.nix ];
nix.useSandbox = false;
virtualisation.emptyDiskImages = [ 4096 ];
boot.initrd.postDeviceCommands = ''
${pkgs.dosfstools}/bin/mkfs.vfat -n EFISYS /dev/vdb
@ -63,5 +64,11 @@ import ./make-test.nix ({ pkgs, ...} : {
$machine->succeed("mount /dev/disk/by-label/EFISYS /efi");
$machine->succeed("mountpoint -q /efi"); # now mounted
};
# Test Nix dæmon usage
subtest "nix-daemon", sub {
$machine->fail("su -l nobody -s /bin/sh -c 'nix ping-store'");
$machine->succeed("su -l alice -c 'nix ping-store'") =~ "OK";
};
'';
})

21
nixos/tests/mxisd.nix Normal file
View File

@ -0,0 +1,21 @@
import ./make-test.nix ({ pkgs, ... } : {
name = "mxisd";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ mguentner ];
};
nodes = {
server_mxisd = args : {
services.mxisd.enable = true;
services.mxisd.matrix.domain = "example.org";
};
};
testScript = ''
startAll;
$server_mxisd->waitForUnit("mxisd.service");
$server_mxisd->waitForOpenPort(8090);
$server_mxisd->succeed("curl -Ssf \"http://127.0.0.1:8090/_matrix/identity/api/v1\"")
'';
})

28
nixos/tests/roundcube.nix Normal file
View File

@ -0,0 +1,28 @@
import ./make-test.nix ({ pkgs, ...} : {
name = "roundcube";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ globin ];
};
nodes = {
roundcube = { config, pkgs, ... }: {
services.roundcube = {
enable = true;
hostName = "roundcube";
database.password = "notproduction";
};
services.nginx.virtualHosts.roundcube = {
forceSSL = false;
enableACME = false;
};
};
};
testScript = ''
$roundcube->start;
$roundcube->waitForUnit("postgresql.service");
$roundcube->waitForUnit("phpfpm-roundcube.service");
$roundcube->waitForUnit("nginx.service");
$roundcube->succeed("curl -sSfL http://roundcube/");
'';
})

1
nixos/tests/rspamd.nix
View File

@ -235,6 +235,7 @@ in
services.rspamd = {
enable = true;
postfix.enable = true;
workers.rspamd_proxy.type = "proxy";
};
};
testScript = ''

6
pkgs/applications/audio/a2jmidid/default.nix
View File

@ -9,12 +9,12 @@ in stdenv.mkDerivation rec {
version = "8";
src = fetchurl {
url = "http://repo.or.cz/a2jmidid.git/snapshot/7383d268c4bfe85df9f10df6351677659211d1ca.tar.gz";
url = "https://repo.or.cz/a2jmidid.git/snapshot/7383d268c4bfe85df9f10df6351677659211d1ca.tar.gz";
sha256 = "06dgf5655znbvrd7fhrv8msv6zw8vk0hjqglcqkh90960mnnmwz7";
};
nativeBuildInputs = [ pkgconfig wafHook ];
buildInputs = [ makeWrapper alsaLib dbus libjack2 python dbus-python ];
nativeBuildInputs = [ pkgconfig makeWrapper wafHook ];
buildInputs = [ alsaLib dbus libjack2 python dbus-python ];
postInstall = ''
wrapProgram $out/bin/a2j_control --set PYTHONPATH $PYTHONPATH

4
pkgs/applications/audio/avldrums-lv2/default.nix
View File

@ -3,13 +3,13 @@
stdenv.mkDerivation rec {
name = "${pname}-${version}";
pname = "avldrums.lv2";
version = "0.3.0";
version = "0.3.1";
src = fetchFromGitHub {
owner = "x42";
repo = pname;
rev = "v${version}";
sha256 = "0w51gdshq2i5bix2x5l3g3gnycy84nlzf5sj0jkrw0zrnbk6ghwg";
sha256 = "0yhq3n5bahhqpj40mvlkxcjsdsw63jsbz20pl77bx2qj30w25i2j";
fetchSubmodules = true;
};

80
pkgs/applications/audio/cadence/default.nix
View File

@ -1,5 +1,5 @@
{ stdenv
, fetchurl
, fetchzip
, pkgconfig
, qtbase
, makeWrapper
@ -12,31 +12,13 @@
version = "0.9.0";
pname = "cadence";
src = fetchurl {
src = fetchzip {
url = "https://github.com/falkTX/Cadence/archive/v${version}.tar.gz";
sha256 = "07z1mnb0bmldb3i31bgw816pnvlvr9gawr51rpx3mhixg5wpiqzb";
sha256 = "08vcggypkdfr70v49innahs5s11hi222dhhnm5wcqzdgksphqzwx";
};
buildInputs = [
makeWrapper
pkgconfig
qtbase
];
apps = [
"cadence"
"cadence-jacksettings"
"cadence-pulse2loopback"
"claudia"
"cadence-aloop-daemon"
"cadence-logs"
"cadence-render"
"catarina"
"claudia-launcher"
"cadence-pulse2jack"
"cadence-session-start"
"catia"
];
nativeBuildInputs = [ makeWrapper pkgconfig ];
buildInputs = [ qtbase ];
makeFlags = ''
PREFIX=""
@ -46,20 +28,54 @@
propagatedBuildInputs = with python3Packages; [ pyqt5 ];
postInstall = ''
# replace with our own wrappers.
for app in $apps; do
rm $out/bin/$app
makeWrapper ${python3Packages.python.interpreter} $out/bin/$app \
--set PYTHONPATH "$PYTHONPATH:$out/share/cadence" \
--add-flags "-O $out/share/cadence/src/$app.py"
done
# replace with our own wrappers. They need to be changed manually since it wouldn't work otherwise
rm $out/bin/cadence
makeWrapper ${python3Packages.python.interpreter} $out/bin/cadence \
--set PYTHONPATH "$PYTHONPATH:$out/share/cadence" \
--add-flags "-O $out/share/cadence/src/cadence.py"
rm $out/bin/claudia
makeWrapper ${python3Packages.python.interpreter} $out/bin/claudia \
--set PYTHONPATH "$PYTHONPATH:$out/share/cadence" \
--add-flags "-O $out/share/cadence/src/claudia.py"
rm $out/bin/catarina
makeWrapper ${python3Packages.python.interpreter} $out/bin/catarina \
--set PYTHONPATH "$PYTHONPATH:$out/share/cadence" \
--add-flags "-O $out/share/cadence/src/catarina.py"
rm $out/bin/catia
makeWrapper ${python3Packages.python.interpreter} $out/bin/catia \
--set PYTHONPATH "$PYTHONPATH:$out/share/cadence" \
--add-flags "-O $out/share/cadence/src/catia.py"
rm $out/bin/cadence-jacksettings
makeWrapper ${python3Packages.python.interpreter} $out/bin/cadence-jacksettings \
--set PYTHONPATH "$PYTHONPATH:$out/share/cadence" \
--add-flags "-O $out/share/cadence/src/jacksettings.py"
rm $out/bin/cadence-aloop-daemon
makeWrapper ${python3Packages.python.interpreter} $out/bin/cadence-aloop-daemon \
--set PYTHONPATH "$PYTHONPATH:$out/share/cadence" \
--add-flags "-O $out/share/cadence/src/cadence_aloop_daemon.py"
rm $out/bin/cadence-logs
makeWrapper ${python3Packages.python.interpreter} $out/bin/cadence-logs \
--set PYTHONPATH "$PYTHONPATH:$out/share/cadence" \
--add-flags "-O $out/share/cadence/src/logs.py"
rm $out/bin/cadence-render
makeWrapper ${python3Packages.python.interpreter} $out/bin/cadence-render \
--set PYTHONPATH "$PYTHONPATH:$out/share/cadence" \
--add-flags "-O $out/share/cadence/src/render.py"
rm $out/bin/claudia-launcher
makeWrapper ${python3Packages.python.interpreter} $out/bin/claudia-launcher \
--set PYTHONPATH "$PYTHONPATH:$out/share/cadence" \
--add-flags "-O $out/share/cadence/src/claudia_launcher.py"
rm $out/bin/cadence-session-start
makeWrapper ${python3Packages.python.interpreter} $out/bin/cadence-session-start \
--set PYTHONPATH "$PYTHONPATH:$out/share/cadence" \
--add-flags "-O $out/share/cadence/src/cadence_session_start.py"
'';
meta = {
homepage = https://github.com/falkTX/Cadence/;
description = "Collection of tools useful for audio production";
license = stdenv.lib.licenses.mit;
license = stdenv.lib.licenses.gpl2Plus;
maintainers = with stdenv.lib.maintainers; [ genesis ];
platforms = stdenv.lib.platforms.linux;
platforms = [ "x86_64-linux" ];
};
}

4
pkgs/applications/audio/cozy-audiobooks/default.nix
View File

@ -8,7 +8,7 @@
, desktop-file-utils
, gtk3
, gst_all_1
, gobjectIntrospection
, gobject-introspection
, python3Packages
, file
, cairo
@ -36,7 +36,7 @@ python3Packages.buildPythonApplication rec {
wrapGAppsHook
appstream-glib
desktop-file-utils
gobjectIntrospection
gobject-introspection
];
buildInputs = [

37
pkgs/applications/audio/distrho/default.nix
View File

@ -1,7 +1,13 @@
{ stdenv, fetchFromGitHub, alsaLib, fftwSinglePrec, freetype, libjack2
, pkgconfig, premake3, xorg, ladspa-sdk }:
, pkgconfig, ladspa-sdk, premake3
, libX11, libXcomposite, libXcursor, libXext, libXinerama, libXrender
}:
stdenv.mkDerivation rec {
let
premakeos = if stdenv.hostPlatform.isDarwin then "osx"
else if stdenv.hostPlatform.isWindows then "mingw"
else "linux";
in stdenv.mkDerivation rec {
name = "distrho-ports-${version}";
version = "2018-04-16";
@ -12,27 +18,26 @@ stdenv.mkDerivation rec {
sha256 = "0l4zwl4mli8jzch32a1fh7c88r9q17xnkxsdw17ds5hadnxlk12v";
};
configurePhase = ''
runHook preConfigure
sh ./scripts/premake-update.sh ${premakeos}
runHook postConfigure
'';
patchPhase = ''
sed -e "s#@./scripts#sh scripts#" -i Makefile
'';
nativeBuildInputs = [ pkgconfig ];
nativeBuildInputs = [ pkgconfig premake3 ];
buildInputs = [
alsaLib fftwSinglePrec freetype libjack2 premake3
xorg.libX11 xorg.libXcomposite xorg.libXcursor xorg.libXext
xorg.libXinerama xorg.libXrender ladspa-sdk
alsaLib fftwSinglePrec freetype libjack2
libX11 libXcomposite libXcursor libXext
libXinerama libXrender ladspa-sdk
];
buildPhase = ''
sh ./scripts/premake-update.sh linux
make lv2
'';
installPhase = ''
mkdir -p $out/bin
mkdir -p $out/lib/lv2
cp -a bin/lv2/* $out/lib/lv2/
'';
makeFlags = "PREFIX=$(out)";
meta = with stdenv.lib; {
homepage = http://distrho.sourceforge.net;

4
pkgs/applications/audio/dragonfly-reverb/default.nix
View File

@ -6,8 +6,8 @@ stdenv.mkDerivation rec {
src = fetchFromGitHub {
owner = "michaelwillis";
repo = "dragonfly-reverb";
rev = "0.9.4";
sha256 = "0lc45jybjwg4wrcz4s9lvzpvqawgj825rkqhz2xxvalfbvjazi53";
rev = "1.0.0";
sha256 = "05m4hd8lg0a7iiia6cbiw5qmc4p8vbkxp2qh7ywaabawiwa9r24x";
fetchSubmodules = true;
};

44
pkgs/applications/audio/gnome-podcasts/default.nix Normal file
View File

@ -0,0 +1,44 @@
{ stdenv, fetchurl, fetchFromGitLab, meson, ninja, gettext, cargo, rustc, python3, rustPlatform, pkgconfig, gnome3
, glib, libhandy, gtk3, dbus, openssl, sqlite, gst_all_1, wrapGAppsHook }:
# TODO: build from git for easier updates
# rustPlatform.buildRustPackage rec {
stdenv.mkDerivation rec {
version = "0.4.6";
name = "gnome-podcasts-${version}";
src = fetchurl {
url = https://gitlab.gnome.org/World/podcasts/uploads/e59ac5d618d7daf4c7f33ba72957c466/gnome-podcasts-0.4.6.tar.xz;
sha256 = "0g2rk3w251fp5jwbxs5ya1adv8nsgdqjy1vmfg8qqab6qyndhbrc";
};
# src = fetchFromGitLab {
# domain = "gitlab.gnome.org";
# owner = "World";
# repo = "podcasts";
# rev = version;
# sha256 = "15xj98dhxvys0cnya9488qsfsm0ys1wy69wkc39z8j6hwdm7byq2";
# };
nativeBuildInputs = [
meson ninja pkgconfig gettext cargo rustc python3 wrapGAppsHook
];
buildInputs = [
glib gtk3 libhandy dbus openssl sqlite gst_all_1.gstreamer gst_all_1.gst-plugins-base gst_all_1.gst-plugins-bad
];
# cargoSha256 = "0721b5f700vvvzvmdl8nfjaa6j412q1fjssgrjv8n6rmn9z13d2v";
postPatch = ''
chmod +x scripts/compile-gschema.py # patchShebangs requires executable file
patchShebangs scripts/compile-gschema.py
'';
meta = with stdenv.lib; {
description = "Listen to your favorite podcasts";
homepage = https://wiki.gnome.org/Apps/Podcasts;
license = licenses.gpl3;
maintainers = gnome3.maintainers;
platforms = platforms.unix;
};
}

4
pkgs/applications/audio/gpodder/default.nix
View File

@ -1,6 +1,6 @@
{ stdenv, fetchFromGitHub, python3, python3Packages, intltool
, glibcLocales, gnome3, gtk3, wrapGAppsHook
, ipodSupport ? false, libgpod, gobjectIntrospection
, ipodSupport ? false, libgpod, gobject-introspection
}:
python3Packages.buildPythonApplication rec {
@ -27,7 +27,7 @@ python3Packages.buildPythonApplication rec {
buildInputs = [
python3
gobjectIntrospection
gobject-introspection
gnome3.defaultIconTheme
];

4
pkgs/applications/audio/lollypop/default.nix
View File

@ -1,7 +1,7 @@
{ stdenv, fetchgit, meson, ninja, pkgconfig
, python3, gtk3, gst_all_1, libsecret, libsoup
, appstream-glib, desktop-file-utils, gnome3
, gobjectIntrospection, wrapGAppsHook }:
, gobject-introspection, wrapGAppsHook }:
python3.pkgs.buildPythonApplication rec {
version = "0.9.611";
@ -20,7 +20,7 @@ python3.pkgs.buildPythonApplication rec {
nativeBuildInputs = with python3.pkgs; [
appstream-glib
desktop-file-utils
gobjectIntrospection
gobject-introspection
meson
ninja
pkgconfig

4
pkgs/applications/audio/mopidy/default.nix
View File

@ -1,5 +1,5 @@
{ stdenv, fetchFromGitHub, pythonPackages, wrapGAppsHook
, gst_all_1, glib-networking, gobjectIntrospection
, gst_all_1, glib-networking, gobject-introspection
}:
pythonPackages.buildPythonApplication rec {
@ -17,7 +17,7 @@ pythonPackages.buildPythonApplication rec {
buildInputs = with gst_all_1; [
gst-plugins-base gst-plugins-good gst-plugins-ugly gst-plugins-bad
glib-networking gobjectIntrospection
glib-networking gobject-introspection
];
propagatedBuildInputs = with pythonPackages; [

6
pkgs/applications/audio/mopidy/iris.nix
View File

@ -2,11 +2,11 @@
pythonPackages.buildPythonApplication rec {
pname = "Mopidy-Iris";
version = "3.31.1";
version = "3.31.2";
src = pythonPackages.fetchPypi {
inherit pname version;
sha256 = "1djxkgjvfzijvlq3gill1p20l0q64dbv9wd55whbir1l7y8wdga5";
sha256 = "0639ib5nicrabckjd17wdmhl8n3822gc2p1bn0xv8mq70paspar6";
};
propagatedBuildInputs = [
@ -17,7 +17,7 @@ pythonPackages.buildPythonApplication rec {
pylast
spotipy
raven
tornado
tornado_4
]);
postPatch = "sed -i /tornado/d setup.py";

4
pkgs/applications/audio/mopidy/local-images.nix
View File

@ -1,4 +1,4 @@
{ stdenv, fetchFromGitHub, pythonPackages, mopidy, gobjectIntrospection }:
{ stdenv, fetchFromGitHub, pythonPackages, mopidy, gobject-introspection }:
pythonPackages.buildPythonApplication rec {
pname = "mopidy-local-images";
@ -11,7 +11,7 @@ pythonPackages.buildPythonApplication rec {
sha256 = "0gdqxws0jish50mmi57mlqcs659wrllzv00czl18niz94vzvyc0d";
};
buildInputs = [ gobjectIntrospection ];
buildInputs = [ gobject-introspection ];
checkInputs = [
pythonPackages.mock

4
pkgs/applications/audio/pithos/default.nix
View File

@ -1,4 +1,4 @@
{ fetchFromGitHub, stdenv, pythonPackages, gtk3, gobjectIntrospection, libnotify
{ fetchFromGitHub, stdenv, pythonPackages, gtk3, gobject-introspection, libnotify
, gst_all_1, wrapGAppsHook }:
pythonPackages.buildPythonApplication rec {
@ -27,7 +27,7 @@ pythonPackages.buildPythonApplication rec {
buildInputs = [ wrapGAppsHook ];
propagatedBuildInputs =
[ gtk3 gobjectIntrospection libnotify ] ++
[ gtk3 gobject-introspection libnotify ] ++
(with gst_all_1; [ gstreamer gst-plugins-base gst-plugins-good gst-plugins-ugly gst-plugins-bad ]) ++
(with pythonPackages; [ pygobject3 pylast ]);

4
pkgs/applications/audio/quodlibet/default.nix
View File

@ -1,5 +1,5 @@
{ stdenv, fetchurl, python3, wrapGAppsHook, gettext, intltool, libsoup, gnome3, gtk3, gdk_pixbuf,
tag ? "", xvfb_run, dbus, glibcLocales, glib, glib-networking, gobjectIntrospection,
tag ? "", xvfb_run, dbus, glibcLocales, glib, glib-networking, gobject-introspection,
gst_all_1, withGstPlugins ? true,
xineBackend ? false, xineLib,
withDbusPython ? false, withPyInotify ? false, withMusicBrainzNgs ? false, withPahoMqtt ? false,
@ -24,7 +24,7 @@ python3.pkgs.buildPythonApplication rec {
checkInputs = with python3.pkgs; [ pytest pytest_xdist pyflakes pycodestyle polib xvfb_run dbus.daemon glibcLocales ];
buildInputs = [ gnome3.defaultIconTheme libsoup glib glib-networking gtk3 webkitgtk gdk_pixbuf keybinder3 gtksourceview libmodplug libappindicator-gtk3 kakasi gobjectIntrospection ]
buildInputs = [ gnome3.defaultIconTheme libsoup glib glib-networking gtk3 webkitgtk gdk_pixbuf keybinder3 gtksourceview libmodplug libappindicator-gtk3 kakasi gobject-introspection ]
++ (if xineBackend then [ xineLib ] else with gst_all_1;
[ gstreamer gst-plugins-base ] ++ optionals withGstPlugins [ gst-plugins-good gst-plugins-ugly gst-plugins-bad ]);

14
pkgs/applications/audio/renoise/default.nix
View File

@ -1,4 +1,5 @@
{ stdenv, fetchurl, libX11, libXext, libXcursor, libXrandr, libjack2, alsaLib, releasePath ? null }:
{ stdenv, fetchurl, libX11, libXext, libXcursor, libXrandr, libjack2, alsaLib
, mpg123, releasePath ? null }:
with stdenv.lib;
@ -35,7 +36,7 @@ stdenv.mkDerivation rec {
releasePath
else throw "Platform is not supported by Renoise";
buildInputs = [ libX11 libXext libXcursor libXrandr alsaLib libjack2 ];
buildInputs = [ alsaLib libjack2 libX11 libXcursor libXext libXrandr ];
installPhase = ''
cp -r Resources $out
@ -54,13 +55,18 @@ stdenv.mkDerivation rec {
mkdir $out/bin
ln -s $out/renoise $out/bin/renoise
'';
patchelf --set-interpreter $(cat $NIX_CC/nix-support/dynamic-linker) --set-rpath $out/lib $out/renoise
postFixup = ''
patchelf \
--set-interpreter $(cat $NIX_CC/nix-support/dynamic-linker) \
--set-rpath ${mpg123}/lib:$out/lib \
$out/renoise
'';
meta = {
description = "Modern tracker-based DAW";
homepage = http://www.renoise.com/;
homepage = https://www.renoise.com/;
license = licenses.unfree;
maintainers = [];
platforms = [ "i686-linux" "x86_64-linux" ];

2
pkgs/applications/audio/seq24/default.nix
View File

@ -5,7 +5,7 @@ stdenv.mkDerivation rec {
version = "0.9.3";
src = fetchurl {
url = "http://launchpad.net/seq24/trunk/${version}/+download/${name}.tar.gz";
url = "https://launchpad.net/seq24/trunk/${version}/+download/${name}.tar.gz";
sha256 = "1qpyb7355s21sgy6gibkybxpzx4ikha57a8w644lca6qy9mhcwi3";
};

4
pkgs/applications/audio/sonata/default.nix
View File

@ -1,5 +1,5 @@
{ stdenv, fetchFromGitHub, pkgconfig, intltool, wrapGAppsHook
, python3Packages, gnome3, gtk3, gobjectIntrospection}:
, python3Packages, gnome3, gtk3, gobject-introspection}:
let
inherit (python3Packages) buildPythonApplication isPy3k dbus-python pygobject3 mpd2;
@ -29,7 +29,7 @@ in buildPythonApplication rec {
'';
propagatedBuildInputs = [
gobjectIntrospection gtk3 pygobject3
gobject-introspection gtk3 pygobject3
];
# The optional tagpy dependency (for editing metadata) is not yet

6
pkgs/applications/audio/synthv1/default.nix
View File

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
name = "synthv1-${version}";
version = "0.9.2";
version = "0.9.3";
src = fetchurl {
url = "mirror://sourceforge/synthv1/${name}.tar.gz";
sha256 = "1r60l286n8y4a4rrlnbc3h7xk4s2pvqykvskls89prxg0lkpz7kl";
sha256 = "0f58k5n2k667q8wsigg7bzl3lfgaf6jdj98r2a5nvyb18v1wpy2c";
};
buildInputs = [ qt5.qtbase qt5.qttools libjack2 alsaLib liblo lv2 ];
@ -15,7 +15,7 @@ stdenv.mkDerivation rec {
meta = with stdenv.lib; {
description = "An old-school 4-oscillator subtractive polyphonic synthesizer with stereo fx";
homepage = http://synthv1.sourceforge.net/;
homepage = https://synthv1.sourceforge.io/;
license = licenses.gpl2Plus;
platforms = platforms.linux;
maintainers = [ maintainers.goibhniu ];

37
pkgs/applications/audio/transcribe/default.nix
View File

@ -1,33 +1,31 @@
{ stdenv, fetchzip, lib, makeWrapper, alsaLib, atk, cairo, gdk_pixbuf
, glib, gst-ffmpeg, gst-plugins-bad, gst-plugins-base
, gst-plugins-good, gst-plugins-ugly, gstreamer, gtk2, libSM, libX11
, libpng12, pango, zlib }:
{ stdenv, fetchzip, wrapGAppsHook, alsaLib, atk, cairo, gdk_pixbuf
, glib, gst_all_1, gtk3, libSM, libX11, libpng12, pango, zlib }:
stdenv.mkDerivation rec {
name = "transcribe-${version}";
version = "8.40";
version = "8.72";
src = if stdenv.hostPlatform.system == "i686-linux" then
fetchzip {
url = "https://www.seventhstring.com/xscribe/downlinux32_old/xscsetup.tar.gz";
sha256 = "1ngidmj9zz8bmv754s5xfsjv7v6xr03vck4kigzq4bpc9b1fdhjq";
url = "https://www.seventhstring.com/xscribe/downlinux32/xscsetup.tar.gz";
sha256 = "1h5l7ry9c9awpxfnd29b0wm973ifrhj17xl5d2fdsclw2swsickb";
}
else if stdenv.hostPlatform.system == "x86_64-linux" then
fetchzip {
url = "https://www.seventhstring.com/xscribe/downlinux64_old/xsc64setup.tar.gz";
sha256 = "0svzi8svj6zn06gj0hr8mpnhq4416dvb4g5al0gpb1g3paywdaf9";
url = "https://www.seventhstring.com/xscribe/downlinux64/xsc64setup.tar.gz";
sha256 = "1rpd3ppnx5i5yrnfbjrx7h7dk48kwl99i9lnpa75ap7nxvbiznm0";
}
else throw "Platform not supported";
nativeBuildInputs = [ makeWrapper ];
nativeBuildInputs = [ wrapGAppsHook ];
buildInputs = [ gst-plugins-base gst-plugins-good
gst-plugins-bad gst-plugins-ugly gst-ffmpeg ];
buildInputs = with gst_all_1; [ gst-plugins-base gst-plugins-good
gst-plugins-bad gst-plugins-ugly ];
dontPatchELF = true;
libPath = lib.makeLibraryPath [
stdenv.cc.cc glib gtk2 atk pango cairo gdk_pixbuf alsaLib
libPath = with gst_all_1; stdenv.lib.makeLibraryPath [
stdenv.cc.cc glib gtk3 atk pango cairo gdk_pixbuf alsaLib
libX11 libSM libpng12 gstreamer gst-plugins-base zlib
];
@ -42,13 +40,18 @@ stdenv.mkDerivation rec {
patchelf \
--set-interpreter $(cat ${stdenv.cc}/nix-support/dynamic-linker) \
$out/libexec/transcribe
'';
wrapProgram $out/libexec/transcribe \
--prefix GST_PLUGIN_SYSTEM_PATH : "$GST_PLUGIN_SYSTEM_PATH" \
preFixup = ''
gappsWrapperArgs+=(
--prefix GST_PLUGIN_SYSTEM_PATH : "$GST_PLUGIN_SYSTEM_PATH_1_0"
--prefix LD_LIBRARY_PATH : "${libPath}"
)
'';
postFixup = ''
ln -s $out/libexec/transcribe $out/bin/
'';
'';
meta = with stdenv.lib; {
description = "Software to help transcribe recorded music";

4
pkgs/applications/audio/vocal/default.nix
View File

@ -1,5 +1,5 @@
{ stdenv, fetchFromGitHub, cmake, ninja, pkgconfig, vala_0_40, gtk3, libxml2, granite, webkitgtk, clutter-gtk
, clutter-gst, libunity, libnotify, sqlite, gst_all_1, libsoup, json-glib, gnome3, gobjectIntrospection, wrapGAppsHook }:
, clutter-gst, libunity, libnotify, sqlite, gst_all_1, libsoup, json-glib, gnome3, gobject-introspection, wrapGAppsHook }:
stdenv.mkDerivation rec {
pname = "vocal";
@ -16,7 +16,7 @@ stdenv.mkDerivation rec {
nativeBuildInputs = [
cmake
gobjectIntrospection
gobject-introspection
libxml2
ninja
pkgconfig

6
pkgs/applications/audio/x42-plugins/default.nix
View File

@ -3,12 +3,12 @@
, libGLU, lv2, gtk2, cairo, pango, fftwFloat, zita-convolver }:
stdenv.mkDerivation rec {
version = "20180812";
version = "20181103";
name = "x42-plugins-${version}";
src = fetchurl {
url = "https://gareus.org/misc/x42-plugins/${name}.tar.xz";
sha256 = "0gzwzxpa2k2w9c6j3pspwi9slfyd57wb192d6yqcg92pfmnxy9dz";
sha256 = "085d6qjj7nl22f0xamqdrnfxwi8zrfwgkwm1svm73bjkdv270438";
};
nativeBuildInputs = [ pkgconfig ];
@ -34,6 +34,6 @@ stdenv.mkDerivation rec {
homepage = https://github.com/x42/x42-plugins;
maintainers = with maintainers; [ magnetophon ];
license = licenses.gpl2;
platforms = platforms.linux;
platforms = [ "i686-linux" "x86_64-linux" ];
};
}

4
pkgs/applications/display-managers/lightdm/default.nix
View File

@ -1,6 +1,6 @@
{ stdenv, fetchFromGitHub, pam, pkgconfig, autoconf, automake, libtool, libxcb
, glib, libXdmcp, itstool, intltool, libxklavier, libgcrypt, audit, busybox
, polkit, accountsservice, gtk-doc, gnome3, gobjectIntrospection, vala
, polkit, accountsservice, gtk-doc, gnome3, gobject-introspection, vala
, withQt4 ? false, qt4
, withQt5 ? false, qtbase
}:
@ -27,7 +27,7 @@ stdenv.mkDerivation rec {
automake
gnome3.yelp-tools
gnome3.yelp-xsl
gobjectIntrospection
gobject-introspection
gtk-doc
intltool
itstool

12
pkgs/applications/editors/android-studio/default.nix
View File

@ -13,14 +13,14 @@ let
sha256Hash = "117skqjax1xz9plarhdnrw2rwprjpybdc7mx7wggxapyy920vv5r";
};
betaVersion = {
version = "3.3.0.16"; # "Android Studio 3.3 Beta 4"
build = "182.5114240";
sha256Hash = "12gzwnlvc1w5lywpdckdgwxy2yrhf0m0fvaljdsis2arw0x9qdh2";
version = "3.3.0.17"; # "Android Studio 3.3 RC 1"
build = "182.5138683";
sha256Hash = "0apc566l4gwkwvfgj50d4qxm2gw26rxdlyr8kj3kfcra9a33c2b7";
};
latestVersion = { # canary & dev
version = "3.4.0.3"; # "Android Studio 3.4 Canary 4"
build = "183.5129585";
sha256Hash = "10y09sy0h4yp39dwpp8x7kjvw8r7hvk0qllbbaqj76j33xa85793";
version = "3.4.0.5"; # "Android Studio 3.4 Canary 6"
build = "183.5146016";
sha256Hash = "1z2asimpsw15iild7c4aqicph6v327qx3ffjgvl2n8vr5rspsns1";
};
in rec {
# Old alias

4
pkgs/applications/editors/eclipse/plugins.nix
View File

@ -555,12 +555,12 @@ rec {
spotbugs = buildEclipseUpdateSite rec {
name = "spotbugs-${version}";
version = "3.1.8";
version = "3.1.9";
src = fetchzip {
stripRoot = false;
url = "https://github.com/spotbugs/spotbugs/releases/download/${version}/eclipsePlugin.zip";
sha256 = "0086shivxx745f69226f59xcv7l9xliwyr9kxm6zyn753c888js3";
sha256 = "0m68jbyaiz0rm4qq3nnwnvgndzv2c6ay6i29kh0p0vdbanggq3xz";
};
meta = with stdenv.lib; {

31
pkgs/applications/editors/gnome-builder/default.nix
View File

@ -3,16 +3,15 @@
, desktop-file-utils
, docbook_xsl
, docbook_xml_dtd_43
, fetchpatch
, fetchurl
, flatpak
, glibcLocales
, gnome3
, gobjectIntrospection
, gobject-introspection
, gspell
, gtk-doc
, gtk3
, gtksourceview3
, gtksourceview4
, hicolor-icon-theme
, json-glib
, jsonrpc-glib
@ -31,14 +30,14 @@
, wrapGAppsHook
}:
let
version = "3.28.4";
version = "3.30.0";
pname = "gnome-builder";
in stdenv.mkDerivation {
name = "${pname}-${version}";
src = fetchurl {
url = "mirror://gnome/sources/${pname}/${stdenv.lib.versions.majorMinor version}/${pname}-${version}.tar.xz";
sha256 = "0ibb74jlyrl5f6rj1b74196zfg2qaf870lxgi76qzpkgwq0iya05";
sha256 = "1pshzpjy9rk6gijlm97s316aihykzxrmb07vilp17q5857passak";
};
nativeBuildInputs = [
@ -47,7 +46,7 @@ in stdenv.mkDerivation {
docbook_xsl
docbook_xml_dtd_43
glibcLocales # for Meson's gtkdochelper
gobjectIntrospection
gobject-introspection
gtk-doc
hicolor-icon-theme
meson
@ -67,7 +66,7 @@ in stdenv.mkDerivation {
gnome3.vte
gspell
gtk3
gtksourceview3
gtksourceview4
json-glib
jsonrpc-glib
libdazzle
@ -87,24 +86,6 @@ in stdenv.mkDerivation {
patchShebangs build-aux/meson/post_install.py
'';
patches = [
(fetchpatch {
name = "absolute-shared-library-path.patch";
url = "https://gitlab.gnome.org/GNOME/gnome-builder/commit/1011cabc519fd7322e2d695c79bfce3e18ff6200.patch";
sha256 = "1g12zziidzrphp527aa8sklfaln4qpjprkz73f0c9w5ph6k252fw";
})
(fetchpatch {
name = "python-libprefix.patch";
url = "https://gitlab.gnome.org/GNOME/gnome-builder/commit/43494ce83a347f369ed4cfb8dd71d3b93452736b.patch";
sha256 = "0kgi3n3g13n1j4xa61ln9xiahcfdc43bxi5mw4yva2d5px445msf";
})
(fetchpatch {
name = "ostree-dependency.patch";
url = "https://gitlab.gnome.org/GNOME/gnome-builder/commit/8b11773b65c95f464a0de16b91318c1ca73deeae.patch";
sha256 = "18r4hd90id0w6r0lzqpw83bcj45nm9jhr46a0ffi1mcayb18mgbk";
})
];
mesonFlags = [
"-Dpython_libprefix=${python3.libPrefix}"
"-Dwith_docs=true"

4
pkgs/applications/editors/gnome-latex/default.nix
View File

@ -1,14 +1,14 @@
{ stdenv, fetchurl, wrapGAppsHook
, tepl, amtk, gnome3, glib, pkgconfig, intltool, itstool, libxml2 }:
let
version = "3.30.1";
version = "3.30.2";
pname = "gnome-latex";
in stdenv.mkDerivation {
name = "${pname}-${version}";
src = fetchurl {
url = "mirror://gnome/sources/${pname}/${stdenv.lib.versions.majorMinor version}/${pname}-${version}.tar.xz";
sha256 = "0yvkp311ikmiypzj2q6ypvyw5migxiqp8lwhyl3qq6mk6p0x66w8";
sha256 = "0fn3vy6w714wy0bz3y11zpdprpwxbv5xfiyyxjwp2nix9mbvv2sm";
};
NIX_CFLAGS_COMPILE = "-I${glib.dev}/include/gio-unix-2.0";

28
pkgs/applications/editors/jetbrains/default.nix
View File

@ -276,12 +276,12 @@ in
goland = buildGoland rec {
name = "goland-${version}";
version = "2018.2.4"; /* updated by script */
version = "2018.3"; /* updated by script */
description = "Up and Coming Go IDE";
license = stdenv.lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/go/${name}.tar.gz";
sha256 = "0aan23ggs314bvpsldsv9m4pdmnlgdcjac9x6hv1j145a1pp439i"; /* updated by script */
sha256 = "0hd44flxqnnxg390mkf4ppjs2nxv0nwdc7a2i65f69bp5h61x783"; /* updated by script */
};
wmClass = "jetbrains-goland";
update-channel = "GoLand Release";
@ -289,12 +289,12 @@ in
idea-community = buildIdea rec {
name = "idea-community-${version}";
version = "2018.2.6"; /* updated by script */
version = "2018.3"; /* updated by script */
description = "Integrated Development Environment (IDE) by Jetbrains, community edition";
license = stdenv.lib.licenses.asl20;
src = fetchurl {
url = "https://download.jetbrains.com/idea/ideaIC-${version}.tar.gz";
sha256 = "02hpbyivji9vnik7p04zrja1rhhl49r0365g0i6sa1rrwd1fhvwf"; /* updated by script */
sha256 = "01ccz5ksbv8xh8mnk3zxqpia8zgayy8bcgmbwqibrykz47y6r7yy"; /* updated by script */
};
wmClass = "jetbrains-idea-ce";
update-channel = "IntelliJ IDEA Release";
@ -302,12 +302,12 @@ in
idea-ultimate = buildIdea rec {
name = "idea-ultimate-${version}";
version = "2018.2.6"; /* updated by script */
version = "2018.3"; /* updated by script */
description = "Integrated Development Environment (IDE) by Jetbrains, requires paid license";
license = stdenv.lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/idea/ideaIU-${version}-no-jdk.tar.gz";
sha256 = "0x0ylcbj8spvzmwxrw3p4c64ad27iz58lwj4yb8a6vwh6p22gflk"; /* updated by script */
sha256 = "16z0pqmxjn5dl42rbz7mx8gi13xs3220pzkdsdkh1k1ny9caqzvj"; /* updated by script */
};
wmClass = "jetbrains-idea";
update-channel = "IntelliJ IDEA Release";
@ -328,12 +328,12 @@ in
pycharm-community = buildPycharm rec {
name = "pycharm-community-${version}";
version = "2018.2.5"; /* updated by script */
version = "2018.3"; /* updated by script */
description = "PyCharm Community Edition";
license = stdenv.lib.licenses.asl20;
src = fetchurl {
url = "https://download.jetbrains.com/python/${name}.tar.gz";
sha256 = "0zfnhrkv4y90a3myq13406vzivg234l69x0c5d7vyv6ys7dmq5fm"; /* updated by script */
sha256 = "0kgrh3w4lpk7qkp5gss24in1nqahdfllvf97qz6r77zn9n5k1wq7"; /* updated by script */
};
wmClass = "jetbrains-pycharm-ce";
update-channel = "PyCharm Release";
@ -341,12 +341,12 @@ in
pycharm-professional = buildPycharm rec {
name = "pycharm-professional-${version}";
version = "2018.2.5"; /* updated by script */
version = "2018.3"; /* updated by script */
description = "PyCharm Professional Edition";
license = stdenv.lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/python/${name}.tar.gz";
sha256 = "0yfq25kmzzd15x83zdbrq9j62c32maklzhsk1rzymabyb56blh5c"; /* updated by script */
sha256 = "0q4scwnqy0h725g9z5hd145c3n10iaj04z790s4lixg1c63h3y8q"; /* updated by script */
};
wmClass = "jetbrains-pycharm";
update-channel = "PyCharm Release";
@ -367,12 +367,12 @@ in
ruby-mine = buildRubyMine rec {
name = "ruby-mine-${version}";
version = "2018.2.4"; /* updated by script */
version = "2018.2.5"; /* updated by script */
description = "The Most Intelligent Ruby and Rails IDE";
license = stdenv.lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/ruby/RubyMine-${version}.tar.gz";
sha256 = "0dk3ch749ai5kyg9q8819ckrqw2jk4f656iqrkkpab9fjqfjylka"; /* updated by script */
sha256 = "0b01fnifk5iawyf2zi7r5ffz8dxlh18g2ilrkc5746vmnsp0jxq4"; /* updated by script */
};
wmClass = "jetbrains-rubymine";
update-channel = "RubyMine 2018.2";
@ -380,12 +380,12 @@ in
webstorm = buildWebStorm rec {
name = "webstorm-${version}";
version = "2018.2.6"; /* updated by script */
version = "2018.3"; /* updated by script */
description = "Professional IDE for Web and JavaScript development";
license = stdenv.lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/webstorm/WebStorm-${version}.tar.gz";
sha256 = "1snx59b6d0szd1a07agpqxlprhy2mc9jvbnxcck5hfwxl3ic7x5g"; /* updated by script */
sha256 = "0msvgdjbdipc4g8j705d1jya2mjmx4wwhb23nch3znh7grryr75s"; /* updated by script */
};
wmClass = "jetbrains-webstorm";
update-channel = "WebStorm Release";

2
pkgs/applications/editors/monodevelop/default.nix
View File

@ -15,7 +15,7 @@ stdenv.mkDerivation rec {
};
nunit2510 = fetchurl {
url = "http://launchpad.net/nunitv2/2.5/2.5.10/+download/NUnit-2.5.10.11092.zip";
url = "https://launchpad.net/nunitv2/2.5/2.5.10/+download/NUnit-2.5.10.11092.zip";
sha256 = "0k5h5bz1p2v3d0w0hpkpbpvdkcszgp8sr9ik498r1bs72w5qlwnc";
};

4
pkgs/applications/editors/quilter/default.nix
View File

@ -1,6 +1,6 @@
{ stdenv, fetchFromGitHub, fetchpatch, vala_0_40, pkgconfig, meson, ninja, python3
, granite, gtk3, desktop-file-utils, gnome3, gtksourceview, webkitgtk, gtkspell3
, discount, gobjectIntrospection, wrapGAppsHook }:
, discount, gobject-introspection, wrapGAppsHook }:
stdenv.mkDerivation rec {
pname = "quilter";
@ -17,7 +17,7 @@ stdenv.mkDerivation rec {
nativeBuildInputs = [
desktop-file-utils
gobjectIntrospection
gobject-introspection
meson
ninja
pkgconfig

4
pkgs/applications/editors/rednotebook/default.nix
View File

@ -1,5 +1,5 @@
{ lib, buildPythonApplication, fetchFromGitHub
, gdk_pixbuf, glib, gobjectIntrospection, gtk3, gtksourceview, pango, webkitgtk
, gdk_pixbuf, glib, gobject-introspection, gtk3, gtksourceview, pango, webkitgtk
, pygobject3, pyyaml
}:
@ -17,7 +17,7 @@ buildPythonApplication rec {
# We have not packaged tests.
doCheck = false;
nativeBuildInputs = [ gobjectIntrospection ];
nativeBuildInputs = [ gobject-introspection ];
propagatedBuildInputs = [
gdk_pixbuf glib gtk3 gtksourceview pango webkitgtk

37
pkgs/applications/graphics/deskew/default.nix Normal file
View File

@ -0,0 +1,37 @@
{ stdenv, fetchFromBitbucket, libtiff, fpc }:
stdenv.mkDerivation rec {
name = "deskew-${version}";
version = "1.25";
src = fetchFromBitbucket {
owner = "galfar";
repo = "app-deskew";
rev = "v${version}";
sha256 = "0zjjj66qhgqkmfxl3q7p78dv4xl4ci918pgl4d5259pqdj1bfgc8";
};
nativeBuildInputs = [ fpc ];
buildInputs = [ libtiff ];
buildPhase = ''
rm -r Bin # Remove pre-compiled binary
mkdir Bin
chmod +x compile.sh
./compile.sh
'';
installPhase = ''
install -Dt $out/bin Bin/*
'';
meta = with stdenv.lib; {
description = "A command line tool for deskewing scanned text documents";
homepage = https://bitbucket.org/galfar/app-deskew/overview;
license = licenses.mit;
maintainers = with maintainers; [ryantm];
platforms = platforms.all;
};
}

4
pkgs/applications/graphics/mypaint/default.nix
View File

@ -1,4 +1,4 @@
{ stdenv, fetchFromGitHub, gtk3, intltool, json_c, lcms2, libpng, librsvg, gobjectIntrospection, hicolor-icon-theme
{ stdenv, fetchFromGitHub, gtk3, intltool, json_c, lcms2, libpng, librsvg, gobject-introspection, hicolor-icon-theme
, gdk_pixbuf, pkgconfig, python2Packages, scons, swig, wrapGAppsHook }:
let
@ -17,7 +17,7 @@ in stdenv.mkDerivation rec {
nativeBuildInputs = [
intltool pkgconfig scons swig wrapGAppsHook
gobjectIntrospection # for setup hook
gobject-introspection # for setup hook
];
buildInputs = [

4
pkgs/applications/graphics/photoflow/default.nix
View File

@ -1,4 +1,4 @@
{ stdenv, fetchFromGitHub, gettext, glib, libxml2, pkgconfig, swig, automake, gobjectIntrospection, cmake, ninja, libtiff, libjpeg, fftw, exiv2, lensfun, gtkmm2, libraw, lcms2, libexif, vips, expat, pcre, pugixml }:
{ stdenv, fetchFromGitHub, gettext, glib, libxml2, pkgconfig, swig, automake, gobject-introspection, cmake, ninja, libtiff, libjpeg, fftw, exiv2, lensfun, gtkmm2, libraw, lcms2, libexif, vips, expat, pcre, pugixml }:
stdenv.mkDerivation {
name = "photoflow-unstable-2018-08-28";
@ -17,7 +17,7 @@ stdenv.mkDerivation {
pkgconfig
swig
automake
gobjectIntrospection
gobject-introspection
cmake
ninja
];

4
pkgs/applications/graphics/rapid-photo-downloader/default.nix
View File

@ -1,5 +1,5 @@
{ stdenv, fetchurl, python3Packages
, file, intltool, gobjectIntrospection, libgudev
, file, intltool, gobject-introspection, libgudev
, udisks, glib, gnome3, gst_all_1, libnotify
, exiv2, exiftool, qt5, gdk_pixbuf
}:
@ -23,7 +23,7 @@ python3Packages.buildPythonApplication rec {
--replace "import problemnotification" "import raphodo.problemnotification"
'';
nativeBuildInputs = [ file intltool gobjectIntrospection ];
nativeBuildInputs = [ file intltool gobject-introspection ];
buildInputs = [
libgudev

13
pkgs/applications/graphics/shotwell/default.nix
View File

@ -1,23 +1,23 @@
{ fetchurl, stdenv, meson, ninja, gtk3, libexif, libgphoto2, libsoup, libxml2, vala, sqlite
, webkitgtk, pkgconfig, gnome3, gst_all_1, libgudev, libraw, glib, json-glib
, gettext, desktop-file-utils, gdk_pixbuf, librsvg, wrapGAppsHook
, gobjectIntrospection, itstool, libgdata }:
, gobject-introspection, itstool, libgdata, python3 }:
# for dependencies see https://wiki.gnome.org/Apps/Shotwell/BuildingAndInstalling
let
pname = "shotwell";
version = "0.28.2";
version = "0.30.1";
in stdenv.mkDerivation rec {
name = "${pname}-${version}";
src = fetchurl {
url = "mirror://gnome/sources/${pname}/${stdenv.lib.versions.majorMinor version}/${name}.tar.xz";
sha256 = "0pa7lb33i4hdnz7hr7x938d48ilrnj47jzb99la79rmm08yyin8n";
sha256 = "01hsmig06hjv34yf9y60hv2gml593xfkza4ilq4b22gr8l4v2qip";
};
nativeBuildInputs = [
meson ninja vala pkgconfig itstool gettext desktop-file-utils wrapGAppsHook gobjectIntrospection
meson ninja vala pkgconfig itstool gettext desktop-file-utils python3 wrapGAppsHook gobject-introspection
];
buildInputs = [
@ -28,8 +28,9 @@ in stdenv.mkDerivation rec {
gnome3.gcr gnome3.defaultIconTheme libgdata
];
postInstall = ''
glib-compile-schemas $out/share/glib-2.0/schemas
postPatch = ''
chmod +x build-aux/meson/postinstall.py # patchShebangs requires executable file
patchShebangs build-aux/meson/postinstall.py
'';
passthru = {

10
pkgs/applications/graphics/tesseract/4.x.nix
View File

@ -7,20 +7,20 @@
stdenv.mkDerivation rec {
name = "tesseract-${version}";
version = "4.00.00alpha-git-20170410";
version = "4.0.0";
src = fetchFromGitHub {
owner = "tesseract-ocr";
repo = "tesseract";
rev = "36a995bdc92eb2dd8bc5a63205708944a3f990a1";
sha256 = "0xz3krvap8sdm27v1dyb34lcdmx11wzvxyszpppfsfmjgkvg19bq";
rev = version;
sha256 = "1b5fi2vibc4kk9b30kkk4ais4bw8fbbv24bzr5709194hb81cav8";
};
tessdata = fetchFromGitHub {
owner = "tesseract-ocr";
repo = "tessdata";
rev = "8bf2e7ad08db9ca174ae2b0b3a7498c9f1f71d40";
sha256 = "0idwkv4qsmmqhrxcgyhy32yldl3vk054m7dkv4fjswfnalgsx794";
rev = version;
sha256 = "1chw1ya5zf8aaj2ixr9x013x7vwwwjjmx6f2ag0d6i14lypygy28";
};
nativeBuildInputs = [ pkgconfig autoreconfHook autoconf-archive ];

58
pkgs/applications/inferno/default.nix
View File

@ -1,58 +0,0 @@
{ fetchhg, stdenv, xorg, makeWrapper }:
stdenv.mkDerivation rec {
# Inferno is a rolling release from a mercurial repository. For the verison number
# of the package I'm using the mercurial commit number.
rev = "785";
name = "inferno-${rev}";
host = "Linux";
objtype = "386";
src = fetchhg {
url = "https://bitbucket.org/inferno-os/inferno-os";
sha256 = "1b428ma9fi5skvfrxp91dr43a62kax89wmx7950ahc1cxyx90k7x";
};
buildInputs = [ makeWrapper ] ++ (with xorg; [ libX11 libXpm libXext xextproto ]);
infernoWrapper = ./inferno;
configurePhase = ''
sed -e 's@^ROOT=.*$@ROOT='"$out"'/share/inferno@g' \
-e 's@^OBJTYPE=.*$@OBJTYPE=${objtype}@g' \
-e 's@^SYSHOST=.*$@SYSHOST=${host}@g' \
-i mkconfig
# Get rid of an annoying warning
sed -e 's/_BSD_SOURCE/_DEFAULT_SOURCE/g' \
-i ${host}/${objtype}/include/lib9.h
'';
buildPhase = ''
mkdir -p $out/share/inferno
cp -r . $out/share/inferno
./makemk.sh
export PATH=$PATH:$out/share/inferno/Linux/386/bin
mk nuke
mk
'';
installPhase = ''
# Installs executables in $out/share/inferno/${host}/${objtype}/bin
mk install
mkdir -p $out/bin
# Install start-up script
makeWrapper $infernoWrapper $out/bin/inferno \
--suffix PATH ':' "$out/share/inferno/Linux/386/bin" \
--set INFERNO_ROOT "$out/share/inferno"
'';
hardeningDisable = [ "fortify" ];
meta = {
description = "A compact distributed operating system for building cross-platform distributed systems";
homepage = http://inferno-os.org/;
license = stdenv.lib.licenses.gpl2;
maintainers = with stdenv.lib.maintainers; [ doublec kovirobi ];
platforms = with stdenv.lib.platforms; linux;
};
}

31
pkgs/applications/inferno/inferno
View File

@ -1,31 +0,0 @@
#! /usr/bin/env bash
export INFERNO_HOME="$HOME/.local/share/inferno"
if [ -n "$XDG_DATA_HOME" ]
then export INFERNO_HOME="$XDG_DATA_HOME/inferno"
fi
if [ ! -d $INFERNO_HOME ]; then
mkdir -p $INFERNO_HOME
fi
if [ ! -d $INFERNO_HOME/tmp ]; then
mkdir -p $INFERNO_HOME/tmp
fi
for d in $INFERNO_HOME/{acme,appl,dis,lib,man,module,usr/inferno}; do
if [ ! -d $d ]; then
mkdir -p $d
cp --no-preserve=all -r $INFERNO_ROOT/${d#$INFERNO_HOME/}/* $d/
chmod -R +w $d
fi
done
if [ ! -d $INFERNO_HOME/usr/$USER ]; then
mkdir -p $INFERNO_HOME/usr/$USER
cp -r $INFERNO_ROOT/usr/inferno/* $INFERNO_HOME/usr/$USER/
chmod -R +w $INFERNO_HOME/usr/$USER
fi
exec emu "$@" /dis/sh.dis -c "bind -b -c '#U*$INFERNO_HOME/' /; /dis/sh.dis"

4
pkgs/applications/kde/dolphin.nix
View File

@ -4,7 +4,8 @@
baloo, baloo-widgets, kactivities, kbookmarks, kcmutils,
kcompletion, kconfig, kcoreaddons, kdelibs4support, kdbusaddons,
kfilemetadata, ki18n, kiconthemes, kinit, kio, knewstuff, knotifications,
kparts, ktexteditor, kwindowsystem, phonon, solid
kparts, ktexteditor, kwindowsystem, phonon, solid,
wayland, qtwayland
}:
mkDerivation {
@ -19,6 +20,7 @@ mkDerivation {
kcoreaddons kdelibs4support kdbusaddons kfilemetadata ki18n kiconthemes
kinit kio knewstuff knotifications kparts ktexteditor kwindowsystem
phonon solid
wayland qtwayland
];
outputs = [ "out" "dev" ];
# We need the RPATH for linking, because the `libkdeinit5_dolphin.so` links

75
pkgs/applications/misc/aminal/default.nix Normal file
View File

@ -0,0 +1,75 @@
{ buildGoPackage
, Carbon
, Cocoa
, Kernel
, cf-private
, fetchFromGitHub
, lib
, mesa_glu
, stdenv
, xorg
}:
buildGoPackage rec {
name = "aminal-${version}";
version = "0.7.4";
goPackagePath = "github.com/liamg/aminal";
buildInputs =
lib.optionals stdenv.isLinux [
mesa_glu
xorg.libX11
xorg.libXcursor
xorg.libXi
xorg.libXinerama
xorg.libXrandr
xorg.libXxf86vm
] ++ lib.optionals stdenv.isDarwin [
Carbon
Cocoa
Kernel
cf-private /* Needed for NSDefaultRunLoopMode */
];
src = fetchFromGitHub {
owner = "liamg";
repo = "aminal";
rev = "v${version}";
sha256 = "0wnzxjlv98pi3gy4hp3d19pwpa4kf1h5rqy03s9bcqdbpb1v1b7v";
};
preBuild = ''
buildFlagsArray=("-ldflags=-X ${goPackagePath}/version.Version=${version}")
'';
meta = with lib; {
description = "Golang terminal emulator from scratch";
longDescription = ''
Aminal is a modern terminal emulator for Mac/Linux implemented in Golang
and utilising OpenGL.
The project is experimental at the moment, so you probably won't want to
rely on Aminal as your main terminal for a while.
Features:
- Unicode support
- OpenGL rendering
- Customisation options
- True colour support
- Support for common ANSI escape sequences a la xterm
- Scrollback buffer
- Clipboard access
- Clickable URLs
- Multi platform support (Windows coming soon...)
- Sixel support
- Hints/overlays
- Built-in patched fonts for powerline
- Retina display support
'';
homepage = https://github.com/liamg/aminal;
license = licenses.gpl3;
maintainers = with maintainers; [ kalbasit ];
platforms = platforms.linux ++ platforms.darwin;
};
}

30
pkgs/applications/misc/autospotting/default.nix Normal file
View File

@ -0,0 +1,30 @@
{ stdenv, buildGoPackage, fetchFromGitHub }:
buildGoPackage rec {
name = "autospotting-${version}";
version = "unstable-2018-11-17";
goPackagePath = "github.com/AutoSpotting/AutoSpotting";
src = fetchFromGitHub {
owner = "AutoSpotting";
repo = "AutoSpotting";
rev = "122ab8f292a2f718dd85e79ec22acd455122907e";
sha256 = "0p48lgig9kblxvgq1kggczkn4qdbx6ciq9c8x0179i80vl4jf7v6";
};
goDeps = ./deps.nix;
# patching path where repository used to exist
postPatch = ''
sed -i "s+github.com/cristim/autospotting/core+github.com/AutoSpotting/AutoSpotting/core+" autospotting.go
'';
meta = with stdenv.lib; {
homepage = https://github.com/AutoSpotting/AutoSpotting;
description = "Automatically convert your existing AutoScaling groups to up to 90% cheaper spot instances with minimal configuration changes";
license = licenses.free;
maintainers = [ maintainers.costrouc ];
platforms = platforms.linux;
};
}

75
pkgs/applications/misc/autospotting/deps.nix generated Normal file
View File

@ -0,0 +1,75 @@
# file generated from Gopkg.lock using dep2nix (https://github.com/nixcloud/dep2nix)
[
{
goPackagePath = "github.com/aws/aws-lambda-go";
fetch = {
type = "git";
url = "https://github.com/aws/aws-lambda-go";
rev = "2d482ef09017ae953b1e8d5a6ddac5b696663a3c";
sha256 = "06v2yfvn4sn116lds0526a8mfrsng4vafrdjf1dhpalqarrbdvmz";
};
}
{
goPackagePath = "github.com/aws/aws-sdk-go";
fetch = {
type = "git";
url = "https://github.com/aws/aws-sdk-go";
rev = "9333060a8d957db41bff1c80603a802aa674fad8";
sha256 = "0fnypw6zm6k70fzhm5a8g69ag64rxbrrpdk7l3rkfqd99slyg5kz";
};
}
{
goPackagePath = "github.com/cristim/ec2-instances-info";
fetch = {
type = "git";
url = "https://github.com/cristim/ec2-instances-info";
rev = "73c042a5558cd6d8b61fb82502d6f7aec334e9ed";
sha256 = "1xajrkxqqz5wlbi9w2wdhnk115rbmqxyga29f8v9psq8hzwgi0rg";
};
}
{
goPackagePath = "github.com/davecgh/go-spew";
fetch = {
type = "git";
url = "https://github.com/davecgh/go-spew";
rev = "d8f796af33cc11cb798c1aaeb27a4ebc5099927d";
sha256 = "19z27f306fpsrjdvkzd61w1bdazcdbczjyjck177g33iklinhpvx";
};
}
{
goPackagePath = "github.com/go-ini/ini";
fetch = {
type = "git";
url = "https://github.com/go-ini/ini";
rev = "5cf292cae48347c2490ac1a58fe36735fb78df7e";
sha256 = "0xbnw1nd22q6k863n5gs0nxld15w0p8qxbhfky85akcb5rk1vwi9";
};
}
{
goPackagePath = "github.com/jmespath/go-jmespath";
fetch = {
type = "git";
url = "https://github.com/jmespath/go-jmespath";
rev = "0b12d6b5";
sha256 = "1vv6hph8j6xgv7gwl9vvhlsaaqsm22sxxqmgmldi4v11783pc1ld";
};
}
{
goPackagePath = "github.com/namsral/flag";
fetch = {
type = "git";
url = "https://github.com/namsral/flag";
rev = "67f268f20922975c067ed799e4be6bacf152208c";
sha256 = "1lmxq3z276zrsggpfq9b7yklzzxdyib49zr8sznb1lcqlvxqsr47";
};
}
{
goPackagePath = "github.com/pkg/errors";
fetch = {
type = "git";
url = "https://github.com/pkg/errors";
rev = "645ef00459ed84a119197bfb8d8205042c6df63d";
sha256 = "001i6n71ghp2l6kdl3qq1v2vmghcz3kicv9a5wgcihrzigm75pp5";
};
}
]

4
pkgs/applications/misc/font-manager/default.nix
View File

@ -1,6 +1,6 @@
{ stdenv, fetchFromGitHub, automake, autoconf, libtool,
pkgconfig, file, intltool, libxml2, json-glib , sqlite, itstool,
librsvg, vala, gnome3, wrapGAppsHook, gobjectIntrospection
librsvg, vala, gnome3, wrapGAppsHook, gobject-introspection
}:
stdenv.mkDerivation rec {
@ -24,7 +24,7 @@ stdenv.mkDerivation rec {
gnome3.yelp-tools
wrapGAppsHook
# For setup hook
gobjectIntrospection
gobject-introspection
];
buildInputs = [

4
pkgs/applications/misc/gImageReader/default.nix
View File

@ -6,7 +6,7 @@
# Gtk deps
# upstream gImagereader supports Qt too
, gtk3, gobjectIntrospection, wrapGAppsHook
, gtk3, gobject-introspection, wrapGAppsHook
, gnome3, gtkspell3, gtkspellmm, cairomm
}:
@ -33,7 +33,7 @@ stdenv.mkDerivation rec {
# Gtk specific
wrapGAppsHook
gobjectIntrospection
gobject-introspection
];
buildInputs = [

79
pkgs/applications/misc/gnome-recipes/default.nix Normal file
View File

@ -0,0 +1,79 @@
{ stdenv
, fetchurl
, meson
, ninja
, pkgconfig
, gnome3
, desktop-file-utils
, gettext
, itstool
, python3
, wrapGAppsHook
, gtk3
, glib
, libsoup
, gnome-online-accounts
, rest
, json-glib
, gnome-autoar
, gspell
, libcanberra }:
let
pname = "gnome-recipes";
version = "2.0.2";
in stdenv.mkDerivation rec {
name = "${pname}-${version}";
src = fetchurl {
url = "mirror://gnome/sources/${pname}/${stdenv.lib.versions.majorMinor version}/${name}.tar.xz";
sha256 = "1yymii3yf823d9x28fbhqdqm1wa30s40j94x0am9fjj0nzyd5s8v";
};
nativeBuildInputs = [
meson
ninja
pkgconfig
desktop-file-utils
gettext
itstool
python3
wrapGAppsHook
];
buildInputs = [
gtk3
glib
libsoup
gnome-online-accounts
rest
json-glib
gnome-autoar
gspell
libcanberra
];
# https://github.com/NixOS/nixpkgs/issues/36468
# https://gitlab.gnome.org/GNOME/recipes/issues/76
NIX_CFLAGS_COMPILE = "-I${gnome3.glib.dev}/include/gio-unix-2.0";
postPatch = ''
chmod +x src/list_to_c.py
patchShebangs src/list_to_c.py
patchShebangs meson_post_install.py
'';
passthru = {
updateScript = gnome3.updateScript {
packageName = pname;
};
};
meta = with stdenv.lib; {
description = "Recipe management application for GNOME";
homepage = https://wiki.gnome.org/Apps/Recipes;
maintainers = gnome3.maintainers;
license = licenses.gpl3;
platforms = platforms.unix;
};
}

Some files were not shown because too many files have changed in this diff Show More