Merge branch 'closure-size' (#7701) into staging
This commit is contained in:
commit
4fa9983ab2
20
.github/ISSUE_TEMPLATE.md
vendored
20
.github/ISSUE_TEMPLATE.md
vendored
@ -1,17 +1,13 @@
|
||||
## Basic info
|
||||
## Issue description
|
||||
|
||||
To make sure that we are on the same page:
|
||||
|
||||
* Kernel: (run `uname -a`)
|
||||
* System: (NixOS: `nixos-version`, Ubuntu/Fedora: `lsb_release -a`, ...)
|
||||
* Nix version: (run `nix-env --version`)
|
||||
* Nixpkgs version: (run `nix-instantiate --eval '<nixpkgs>' -A lib.nixpkgsVersion`)
|
||||
|
||||
## Describe your issue here
|
||||
|
||||
### Expected result
|
||||
|
||||
### Actual result
|
||||
|
||||
### Steps to reproduce
|
||||
|
||||
|
||||
|
||||
## Technical details
|
||||
|
||||
* System: (NixOS: `nixos-version`, Ubuntu/Fedora: `lsb_release -a`, ...)
|
||||
* Nix version: (run `nix-env --version`)
|
||||
* Nixpkgs version: (run `nix-instantiate --eval '<nixpkgs>' -A lib.nixpkgsVersion`)
|
||||
|
@ -14,12 +14,12 @@ build daemon as so-called channels. To get channel information via git, add
|
||||
```
|
||||
|
||||
For stability and maximum binary package support, it is recommended to maintain
|
||||
custom changes on top of one of the channels, e.g. `nixos-15.09` for the latest
|
||||
custom changes on top of one of the channels, e.g. `nixos-16.03` for the latest
|
||||
release and `nixos-unstable` for the latest successful build of master:
|
||||
|
||||
```
|
||||
% git remote update channels
|
||||
% git rebase channels/nixos-15.09
|
||||
% git rebase channels/nixos-16.03
|
||||
```
|
||||
|
||||
For pull-requests, please rebase onto nixpkgs `master`.
|
||||
@ -33,9 +33,9 @@ For pull-requests, please rebase onto nixpkgs `master`.
|
||||
* [Manual (NixOS)](https://nixos.org/nixos/manual/)
|
||||
* [Nix Wiki](https://nixos.org/wiki/)
|
||||
* [Continuous package builds for unstable/master](https://hydra.nixos.org/jobset/nixos/trunk-combined)
|
||||
* [Continuous package builds for 15.09 release](https://hydra.nixos.org/jobset/nixos/release-15.09)
|
||||
* [Continuous package builds for 16.03 release](https://hydra.nixos.org/jobset/nixos/release-16.03)
|
||||
* [Tests for unstable/master](https://hydra.nixos.org/job/nixos/trunk-combined/tested#tabs-constituents)
|
||||
* [Tests for 15.09 release](https://hydra.nixos.org/job/nixos/release-15.09/tested#tabs-constituents)
|
||||
* [Tests for 16.03 release](https://hydra.nixos.org/job/nixos/release-16.03/tested#tabs-constituents)
|
||||
|
||||
Communication:
|
||||
|
||||
|
@ -6,13 +6,14 @@ date: 2015-11-25
|
||||
|
||||
# Introduction
|
||||
|
||||
The Nix Packages collection (Nixpkgs) is a set of over 30,000 packages for the
|
||||
[Nix package manager](http://nixos.org/nix/), released under a [permissive MIT/X11 license](https://github.com/NixOS/nixpkgs/blob/master/COPYING).
|
||||
Packages are available for several architectures, and can be used with the Nix package manager
|
||||
on most GNU/Linux distributions as well as NixOS.
|
||||
The Nix Packages collection (Nixpkgs) is a set of thousands of packages for the
|
||||
[Nix package manager](http://nixos.org/nix/), released under a
|
||||
[permissive MIT/X11 license](https://github.com/NixOS/nixpkgs/blob/master/COPYING).
|
||||
Packages are available for several platforms, and can be used with the Nix
|
||||
package manager on most GNU/Linux distributions as well as NixOS.
|
||||
|
||||
This manual describes how to write packages for the Nix Packages collection
|
||||
(Nixpkgs). Thus it’s for packagers and developers who want to add packages to
|
||||
This manual primarily describes how to write packages for the Nix Packages collection
|
||||
(Nixpkgs). Thus it’s mainly for packagers and developers who want to add packages to
|
||||
Nixpkgs. If you like to learn more about the Nix package manager and the Nix
|
||||
expression language, then you are kindly referred to the [Nix manual](http://nixos.org/nix/manual/).
|
||||
|
||||
@ -20,29 +21,33 @@ expression language, then you are kindly referred to the [Nix manual](http://nix
|
||||
|
||||
Nix expressions describe how to build packages from source and are collected in
|
||||
the [nixpkgs repository](https://github.com/NixOS/nixpkgs). Also included in the
|
||||
collection are Nix expressions for [NixOS modules](http://nixos.org/nixos/manual/index.html#sec-writing-modules). With
|
||||
these expressions the Nix package manager can build binary packages.
|
||||
collection are Nix expressions for
|
||||
[NixOS modules](http://nixos.org/nixos/manual/index.html#sec-writing-modules).
|
||||
With these expressions the Nix package manager can build binary packages.
|
||||
|
||||
Packages, including the Nix packages collection, are distributed through
|
||||
[channels](http://nixos.org/nix/manual/#sec-channels). The collection is
|
||||
distributed for users of Nix on non-NixOS distributions through the channel
|
||||
`nixpkgs`. Users of NixOS generally use one of the `nixos-*` channels, e.g.
|
||||
`nixos-15.09`, which includes all packages and modules for the stable NixOS
|
||||
15.09. The channels of the stable NixOS releases are generally only given
|
||||
`nixos-16.03`, which includes all packages and modules for the stable NixOS
|
||||
16.03. The purpose of stable NixOS releases are generally only given
|
||||
security updates. More up to date packages and modules are available via the
|
||||
`nixos-unstable` channel.
|
||||
|
||||
Both `nixos-unstable` and `nixpkgs` follow the `master` branch of the Nixpkgs
|
||||
repository, although both do lag the `master` branch by generally [a couple of days](http://howoldis.herokuapp.com/). Updates to a channel are distributed as
|
||||
soon as all tests for that channel pass, e.g. [this table](http://hydra.nixos.org/job/nixpkgs/trunk/unstable#tabs-constituents)
|
||||
repository, although both do lag the `master` branch by generally
|
||||
[a couple of days](http://howoldis.herokuapp.com/). Updates to a channel are
|
||||
distributed as soon as all tests for that channel pass, e.g.
|
||||
[this table](http://hydra.nixos.org/job/nixpkgs/trunk/unstable#tabs-constituents)
|
||||
shows the status of tests for the `nixpkgs` channel.
|
||||
|
||||
The tests are conducted by a cluster called [Hydra](http://nixos.org/hydra/),
|
||||
which also builds binary packages from the Nix expressions in Nixpkgs. As soon
|
||||
as a channel is updated, the binaries are made available via a [binary cache](https://cache.nixos.org). Until the channel updates, binaries that have
|
||||
already been built, are available via [Hydra's binary cache](https://hydra.nixos.org).
|
||||
which also builds binary packages from the Nix expressions in Nixpkgs for
|
||||
`x86_64-linux`, `i686-linux` and `x86_64-darwin`.
|
||||
The binaries are made available via a [binary cache](https://cache.nixos.org).
|
||||
|
||||
The current Nix expressions of the channels are available in the
|
||||
[`nixpkgs-channels`](https://github.com/NixOS/nixpkgs-channels) repository,
|
||||
which has branches corresponding to the available channels. There is also the
|
||||
Nixpkgs Monitor which keeps track of updates and security vulnerabilities.
|
||||
[Nixpkgs Monitor](http://monitor.nixos.org) which keeps track of updates
|
||||
and security vulnerabilities.
|
||||
|
@ -12,6 +12,7 @@
|
||||
<xi:include href="introduction.xml" />
|
||||
<xi:include href="quick-start.xml" />
|
||||
<xi:include href="stdenv.xml" />
|
||||
<xi:include href="multiple-output.xml" />
|
||||
<xi:include href="configuration.xml" />
|
||||
<xi:include href="functions.xml" />
|
||||
<xi:include href="meta.xml" />
|
||||
|
91
doc/multiple-output.xml
Normal file
91
doc/multiple-output.xml
Normal file
@ -0,0 +1,91 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!DOCTYPE chapter [
|
||||
<!ENTITY ndash "–"> <!-- @vcunat likes to use this one ;-) -->
|
||||
]>
|
||||
<chapter xmlns="http://docbook.org/ns/docbook"
|
||||
xmlns:xlink="http://www.w3.org/1999/xlink"
|
||||
xml:id="chap-multiple-output">
|
||||
|
||||
<title>Multiple-output packages</title>
|
||||
|
||||
<section><title>Introduction</title>
|
||||
<para>The Nix language allows a derivation to produce multiple outputs, which is similar to what is utilized by other Linux distribution packaging systems. The outputs reside in separate nix store paths, so they can be mostly handled independently of each other, including passing to build inputs, garbage collection or binary substitution. The exception is that building from source always produces all the outputs.</para>
|
||||
<para>The main motivation is to save disk space by reducing runtime closure sizes; consequently also sizes of substituted binaries get reduced. Splitting can be used to have more granular runtime dependencies, for example the typical reduction is to split away development-only files, as those are typically not needed during runtime. As a result, closure sizes of many packages can get reduced to a half or even much less.</para>
|
||||
<note><para>The reduction effects could be instead achieved by building the parts in completely separate derivations. That would often additionally reduce build-time closures, but it tends to be much harder to write such derivations, as build systems typically assume all parts are being built at once. This compromise approach of single source package producing multiple binary packages is also utilized often by rpm and deb.</para></note>
|
||||
</section>
|
||||
|
||||
<section><title>Installing a split package</title>
|
||||
<para>When installing a package via <varname>systemPackages</varname> or <command>nix-env</command> you have several options:</para>
|
||||
<warning><para>Currently <command>nix-env</command> almost always installs all outputs until https://github.com/NixOS/nix/pull/815 gets merged.</para></warning>
|
||||
<itemizedlist>
|
||||
<listitem><para>You can install particular outputs explicitly, as each is available in the Nix language as an attribute of the package. The <varname>outputs</varname> attribute contains a list of output names.</para></listitem>
|
||||
<listitem><para>You can let it use the default outputs. These are handled by <varname>meta.outputsToInstall</varname> attribute that contains a list of output names.</para>
|
||||
<para>TODO: more about tweaking the attribute, etc.</para></listitem>
|
||||
<listitem><para>NixOS provides configuration option <varname>environment.extraOutputsToInstall</varname> that allows adding extra outputs of <varname>environment.systemPackages</varname> atop the default ones. It's mainly meant for documentation and debug symbols, and it's also modified by specific options.</para>
|
||||
<note><para>At this moment there is no similar configurability for packages installed by <command>nix-env</command>. You can still use approach from <xref linkend="sec-modify-via-packageOverrides" /> to override <varname>meta.outputsToInstall</varname> attributes, but that's a rather inconvenient way.</para></note>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</section>
|
||||
|
||||
<section><title>Using a split package</title>
|
||||
<para>In the Nix language the individual outputs can be reached explicitly as attributes, e.g. <varname>coreutils.info</varname>, but the typical case is just using packages as build inputs.</para>
|
||||
<para>When a multiple-output derivation gets into a build input of another derivation, the first output is added (<varname>.dev</varname> by convention) and also <varname>propagatedBuildOutputs</varname> of that package which by default contain <varname>$outputBin</varname> and <varname>$outputLib</varname>. (See <xref linkend="multiple-output-file-type-groups" />.)</para>
|
||||
</section>
|
||||
|
||||
|
||||
<section><title>Writing a split derivation</title>
|
||||
<para>Here you find how to write a derivation that produces multiple outputs.</para>
|
||||
<para>In nixpkgs there is a framework supporting multiple-output derivations. It tries to cover most cases by default behavior. You can find the source separated in <<filename>nixpkgs/pkgs/build-support/setup-hooks/multiple-outputs.sh</filename>>; it's relatively well-readable. The whole machinery is triggered by defining the <varname>outputs</varname> attribute to contain the list of desired output names (strings).</para>
|
||||
<programlisting>outputs = [ "dev" "out" "bin" "doc" ];</programlisting>
|
||||
<para>Often such a single line is enough. For each output an equally named environment variable is passed to the builder and contains the path in nix store for that output. By convention, the first output should usually be <varname>dev</varname>; typically you also want to have the main <varname>out</varname> output, as it catches any files that didn't get elsewhere.</para>
|
||||
|
||||
<note><para>There is a special handling of the <varname>debug</varname> output, described at <xref linkend="stdenv-separateDebugInfo" />.</para></note>
|
||||
|
||||
<section xml:id="multiple-output-file-type-groups">
|
||||
<title>File type groups</title>
|
||||
<para>The support code currently recognizes some particular kinds of outputs and either instructs the build system of the package to put files into their desired outputs or it moves the files during the fixup phase. Each group of file types has an <varname>outputFoo</varname> variable specifying the output name where they should go. If that variable isn't defined by the derivation writer, it is guessed – a default output name is defined, falling back to other possibilities if the output isn't defined.</para>
|
||||
<variablelist>
|
||||
<varlistentry><term><varname>
|
||||
$outputDev</varname></term><listitem><para>
|
||||
is for development-only files. These include C(++) headers, pkg-config, cmake and aclocal files. They go to <varname>dev</varname> or <varname>out</varname> by default.
|
||||
</para></listitem></varlistentry>
|
||||
<varlistentry><term><varname>
|
||||
$outputBin</varname></term><listitem><para>
|
||||
is meant for user-facing binaries, typically residing in bin/. They go to <varname>bin</varname> or <varname>out</varname> by default.
|
||||
</para></listitem></varlistentry>
|
||||
<varlistentry><term><varname>
|
||||
$outputLib</varname></term><listitem><para>
|
||||
is meant for libraries, typically residing in <filename>lib/</filename> and <filename>libexec/</filename>. They go to <varname>lib</varname> or <varname>out</varname> by default.
|
||||
</para></listitem></varlistentry>
|
||||
<varlistentry><term><varname>
|
||||
$outputDoc</varname></term><listitem><para>
|
||||
is for user documentation, typically residing in <filename>share/doc/</filename>. It goes to <varname>doc</varname> or <varname>out</varname> by default.
|
||||
</para></listitem></varlistentry>
|
||||
<varlistentry><term><varname>
|
||||
$outputDocdev</varname></term><listitem><para>
|
||||
is for <emphasis>developer</emphasis> documentation. Currently we count gtk-doc and man3 pages in there. It goes to <varname>docdev</varname> or is removed (!) by default. This is because e.g. gtk-doc tends to be rather large and completely unused by nixpkgs users.
|
||||
</para></listitem></varlistentry>
|
||||
<varlistentry><term><varname>
|
||||
$outputMan</varname></term><listitem><para>
|
||||
is for man pages (except for section 3). They go to <varname>man</varname> or <varname>doc</varname> or <varname>$outputBin</varname> by default.
|
||||
</para></listitem></varlistentry>
|
||||
<varlistentry><term><varname>
|
||||
$outputInfo</varname></term><listitem><para>
|
||||
is for info pages. They go to <varname>info</varname> or <varname>doc</varname> or <varname>$outputMan</varname> by default.
|
||||
</para></listitem></varlistentry>
|
||||
</variablelist>
|
||||
</section>
|
||||
|
||||
<section><title>Common caveats</title>
|
||||
<itemizedlist>
|
||||
<listitem><para>Some configure scripts don't like some of the parameters passed by default by the framework, e.g. <literal>--docdir=/foo/bar</literal>. You can disable this by setting <literal>setOutputFlags = false;</literal>.</para></listitem>
|
||||
<listitem><para>The outputs of a single derivation can retain references to each other, but note that circular references are not allowed. (And each strongly-connected component would act as a single output anyway.)</para></listitem>
|
||||
<listitem><para>Most of split packages contain their core functionality in libraries. These libraries tend to refer to various kind of data that typically gets into <varname>out</varname>, e.g. locale strings, so there is often no advantage in separating the libraries into <varname>lib</varname>, as keeping them in <varname>out</varname> is easier.</para></listitem>
|
||||
<listitem><para>Some packages have hidden assumptions on install paths, which complicates splitting.</para></listitem>
|
||||
</itemizedlist>
|
||||
</section>
|
||||
|
||||
</section><!--Writing a split derivation-->
|
||||
|
||||
</chapter>
|
||||
|
@ -956,7 +956,7 @@ following:
|
||||
phase.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<varlistentry xml:id="stdenv-separateDebugInfo">
|
||||
<term><varname>separateDebugInfo</varname></term>
|
||||
<listitem><para>If set to <literal>true</literal>, the standard
|
||||
environment will enable debug information in C/C++ builds. After
|
||||
|
@ -129,7 +129,7 @@ rec {
|
||||
};
|
||||
|
||||
outputsList = map outputToAttrListElement outputs;
|
||||
in commonAttrs.${drv.outputName};
|
||||
in commonAttrs // { outputUnspecified = true; };
|
||||
|
||||
|
||||
/* Strip a derivation of all non-essential attributes, returning
|
||||
|
@ -81,6 +81,7 @@
|
||||
copumpkin = "Dan Peebles <pumpkingod@gmail.com>";
|
||||
coroa = "Jonas Hörsch <jonas@chaoflow.net>";
|
||||
couchemar = "Andrey Pavlov <couchemar@yandex.ru>";
|
||||
CrystalGamma = "Jona Stubbe <nixos@crystalgamma.de>";
|
||||
cstrahan = "Charles Strahan <charles.c.strahan@gmail.com>";
|
||||
cwoac = "Oliver Matthews <oliver@codersoffortune.net>";
|
||||
DamienCassou = "Damien Cassou <damien@cassou.me>";
|
||||
@ -117,6 +118,7 @@
|
||||
ertes = "Ertugrul Söylemez <ertesx@gmx.de>";
|
||||
exi = "Reno Reckling <nixos@reckling.org>";
|
||||
exlevan = "Alexey Levan <exlevan@gmail.com>";
|
||||
expipiplus1 = "Joe Hermaszewski <nix@monoid.al>";
|
||||
fadenb = "Tristan Helmich <tristan.helmich+nixos@gmail.com>";
|
||||
falsifian = "James Cook <james.cook@utoronto.ca>";
|
||||
flosse = "Markus Kohlhase <mail@markus-kohlhase.de>";
|
||||
@ -186,6 +188,7 @@
|
||||
ktosiek = "Tomasz Kontusz <tomasz.kontusz@gmail.com>";
|
||||
lassulus = "Lassulus <lassulus@gmail.com>";
|
||||
layus = "Guillaume Maudoux <layus.on@gmail.com>";
|
||||
ldesgoui = "Lucas Desgouilles <ldesgoui@gmail.com>";
|
||||
lebastr = "Alexander Lebedev <lebastr@gmail.com>";
|
||||
leenaars = "Michiel Leenaars <ml.software@leenaa.rs>";
|
||||
leonardoce = "Leonardo Cecchi <leonardo.cecchi@gmail.com>";
|
||||
|
@ -98,7 +98,9 @@ rec {
|
||||
makeLibraryPath [ pkgs.openssl pkgs.zlib ]
|
||||
=> "/nix/store/9rz8gxhzf8sw4kf2j2f1grr49w8zx5vj-openssl-1.0.1r/lib:/nix/store/wwh7mhwh269sfjkm6k5665b5kgp7jrk2-zlib-1.2.8/lib"
|
||||
*/
|
||||
makeLibraryPath = makeSearchPath "lib";
|
||||
makeLibraryPath = pkgs: makeSearchPath "lib"
|
||||
# try to guess the right output of each pkg
|
||||
(map (pkg: pkg.lib or (pkg.out or pkg)) pkgs);
|
||||
|
||||
/* Construct a binary search path (such as $PATH) containing the
|
||||
binaries for a set of packages.
|
||||
@ -258,7 +260,7 @@ rec {
|
||||
/* Cut a string with a separator and produces a list of strings which
|
||||
were separated by this separator.
|
||||
|
||||
NOTE: this function is not performant and should be avoided
|
||||
NOTE: this function is not performant and should never be used.
|
||||
|
||||
Example:
|
||||
splitString "." "foo.bar.baz"
|
||||
|
@ -14,12 +14,12 @@ let
|
||||
operator = const [ ];
|
||||
});
|
||||
|
||||
urls = map (drv: { url = head drv.urls; hash = drv.outputHash; type = drv.outputHashAlgo; }) fetchurlDependencies;
|
||||
urls = map (drv: { url = head (drv.urls or [ drv.url ]); hash = drv.outputHash; type = drv.outputHashAlgo; }) fetchurlDependencies;
|
||||
|
||||
fetchurlDependencies =
|
||||
filter
|
||||
(drv: drv.outputHash or "" != "" && drv.outputHashMode or "flat" == "flat"
|
||||
&& drv.postFetch or "" == "" && drv ? urls)
|
||||
&& drv.postFetch or "" == "" && (drv ? url || drv ? urls))
|
||||
dependencies;
|
||||
|
||||
dependencies = map (x: x.value) (genericClosure {
|
||||
|
@ -44,7 +44,7 @@ let
|
||||
echo "for hints about the offending path)."
|
||||
exit 1
|
||||
fi
|
||||
${libxslt}/bin/xsltproc \
|
||||
${libxslt.bin}/bin/xsltproc \
|
||||
--stringparam revision '${revision}' \
|
||||
-o $out ${./options-to-docbook.xsl} $optionsXML
|
||||
'';
|
||||
|
@ -7,10 +7,18 @@
|
||||
<title>Booting from a USB Drive</title>
|
||||
|
||||
<para>For systems without CD drive, the NixOS live CD can be booted from
|
||||
a USB stick. For non-UEFI installations,
|
||||
<link xlink:href="http://unetbootin.sourceforge.net/">unetbootin</link>
|
||||
will work. For UEFI installations, you should mount the ISO, copy its contents
|
||||
verbatim to your drive, then either:
|
||||
a USB stick. You can use the <command>dd</command> utility to write the image:
|
||||
<command>dd if=<replaceable>path-to-image</replaceable>
|
||||
of=<replaceable>/dev/sdb</replaceable></command>. Be careful about specifying the
|
||||
correct drive; you can use the <command>lsblk</command> command to get a list of
|
||||
block devices.</para>
|
||||
|
||||
<para>The <command>dd</command> utility will write the image verbatim to the drive,
|
||||
making it the recommended option for both UEFI and non-UEFI installations. For
|
||||
non-UEFI installations, you can alternatively use
|
||||
<link xlink:href="http://unetbootin.sourceforge.net/">unetbootin</link>. If you
|
||||
cannot use <command>dd</command> for a UEFI installation, you can also mount the
|
||||
ISO, copy its contents verbatim to your drive, then either:
|
||||
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
|
@ -157,10 +157,6 @@ $ nano /mnt/etc/nixos/configuration.nix
|
||||
<command>nixos-generate-config</command> will figure out the
|
||||
required modules.</para></note>
|
||||
|
||||
<para>Examples of real-world NixOS configuration files can be
|
||||
found at <link
|
||||
xlink:href="https://nixos.org/repos/nix/configurations/trunk/"/>.</para>
|
||||
|
||||
</listitem>
|
||||
|
||||
<listitem><para>Do the installation:
|
||||
|
@ -4,7 +4,7 @@
|
||||
version="5.0"
|
||||
xml:id="sec-release-16.03">
|
||||
|
||||
<title>Release 16.03 (“Emu”, 2016/03/??)</title>
|
||||
<title>Release 16.03 (“Emu”, 2016/03/31)</title>
|
||||
|
||||
<para>In addition to numerous new and upgraded packages, this release
|
||||
has the following highlights:</para>
|
||||
@ -33,6 +33,10 @@ has the following highlights:</para>
|
||||
<para>Glibc 2.23 (was 2.21).</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Binutils 2.26 (was 2.23.1). See #909</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>Improved support for ensuring <link
|
||||
xlink:href="https://reproducible-builds.org/">bitwise reproducible
|
||||
@ -58,10 +62,57 @@ has the following highlights:</para>
|
||||
|
||||
<itemizedlist>
|
||||
<listitem><para><literal>services/monitoring/longview.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/networking/pdnsd.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/web-apps/pump.io.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/security/haka.nix</literal></para></listitem>
|
||||
<listitem><para><literal>hardware/video/webcam/facetimehd.nix</literal></para></listitem>
|
||||
<listitem><para><literal>i18n/inputMethod/default.nix</literal></para></listitem>
|
||||
<listitem><para><literal>i18n/inputMethod/fcitx.nix</literal></para></listitem>
|
||||
<listitem><para><literal>i18n/inputMethod/ibus.nix</literal></para></listitem>
|
||||
<listitem><para><literal>i18n/inputMethod/nabi.nix</literal></para></listitem>
|
||||
<listitem><para><literal>i18n/inputMethod/uim.nix</literal></para></listitem>
|
||||
<listitem><para><literal>programs/fish.nix</literal></para></listitem>
|
||||
<listitem><para><literal>security/acme.nix</literal></para></listitem>
|
||||
<listitem><para><literal>security/audit.nix</literal></para></listitem>
|
||||
<listitem><para><literal>security/oath.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/hardware/irqbalance.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/mail/dspam.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/mail/opendkim.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/mail/postsrsd.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/mail/rspamd.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/mail/rmilter.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/misc/autofs.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/misc/bepasty.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/misc/calibre-server.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/misc/cfdyndns.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/misc/gammu-smsd.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/misc/mathics.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/misc/matrix-synapse.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/misc/octoprint.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/monitoring/hdaps.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/monitoring/heapster.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/monitoring/longview.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/network-filesystems/netatalk.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/network-filesystems/xtreemfs.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/networking/autossh.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/networking/dnschain.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/networking/gale.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/networking/miniupnpd.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/networking/namecoind.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/networking/ostinato.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/networking/pdnsd.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/networking/shairport-sync.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/networking/supplicant.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/search/kibana.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/security/haka.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/security/physlock.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/web-apps/pump.io.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/x11/hardware/libinput.nix</literal></para></listitem>
|
||||
<listitem><para><literal>services/x11/window-managers/windowlab.nix</literal></para></listitem>
|
||||
<listitem><para><literal>system/boot/initrd-network.nix</literal></para></listitem>
|
||||
<listitem><para><literal>system/boot/initrd-ssh.nix</literal></para></listitem>
|
||||
<listitem><para><literal>system/boot/loader/loader.nix</literal></para></listitem>
|
||||
<listitem><para><literal>system/boot/networkd.nix</literal></para></listitem>
|
||||
<listitem><para><literal>system/boot/resolved.nix</literal></para></listitem>
|
||||
<listitem><para><literal>virtualisation/lxd.nix</literal></para></listitem>
|
||||
<listitem><para><literal>virtualisation/rkt.nix</literal></para></listitem>
|
||||
</itemizedlist>
|
||||
</para>
|
||||
|
||||
@ -114,7 +165,7 @@ following incompatible changes:</para>
|
||||
|
||||
<programlisting><![CDATA[
|
||||
{
|
||||
imports = [ <nixos/modules/services/misc/gitit.nix> ];
|
||||
imports = [ <nixpkgs/nixos/modules/services/misc/gitit.nix> ];
|
||||
}
|
||||
]]></programlisting>
|
||||
|
||||
@ -297,7 +348,7 @@ $TTL 1800
|
||||
<para>
|
||||
<literal>service.syncthing.dataDir</literal> options now has to point
|
||||
to exact folder where syncthing is writing to. Example configuration should
|
||||
loook something like:
|
||||
look something like:
|
||||
</para>
|
||||
<programlisting>
|
||||
services.syncthing = {
|
||||
|
@ -8,14 +8,15 @@ echo "keeping state in $stateDir"
|
||||
mkdir -p $stateDir
|
||||
|
||||
version=$(nix-instantiate --eval --strict '<nixpkgs>' -A lib.nixpkgsVersion | sed s/'"'//g)
|
||||
echo "NixOS version is $version"
|
||||
major=${version:0:5}
|
||||
echo "NixOS version is $version ($major)"
|
||||
|
||||
rm -f ec2-amis.nix
|
||||
|
||||
|
||||
for type in hvm pv; do
|
||||
link=$stateDir/$type
|
||||
imageFile=$link/nixos.img
|
||||
imageFile=$link/nixos.qcow2
|
||||
system=x86_64-linux
|
||||
arch=x86_64
|
||||
|
||||
@ -61,12 +62,19 @@ for type in hvm pv; do
|
||||
# Bundle the image.
|
||||
imageDir=$stateDir/$type-bundled
|
||||
|
||||
# Convert the image to raw format.
|
||||
rawFile=$stateDir/$type.raw
|
||||
if ! [ -e $rawFile ]; then
|
||||
qemu-img convert -f qcow2 -O raw $imageFile $rawFile.tmp
|
||||
mv $rawFile.tmp $rawFile
|
||||
fi
|
||||
|
||||
if ! [ -d $imageDir ]; then
|
||||
rm -rf $imageDir.tmp
|
||||
mkdir -p $imageDir.tmp
|
||||
ec2-bundle-image \
|
||||
-d $imageDir.tmp \
|
||||
-i $imageFile --arch $arch \
|
||||
-i $rawFile --arch $arch \
|
||||
--user "$AWS_ACCOUNT" -c "$EC2_CERT" -k "$EC2_PRIVATE_KEY"
|
||||
mv $imageDir.tmp $imageDir
|
||||
fi
|
||||
@ -75,14 +83,14 @@ for type in hvm pv; do
|
||||
if ! [ -e $imageDir/uploaded ]; then
|
||||
echo "uploading bundle to S3..."
|
||||
ec2-upload-bundle \
|
||||
-m $imageDir/nixos.img.manifest.xml \
|
||||
-m $imageDir/$type.raw.manifest.xml \
|
||||
-b "$bucket/$bucketDir" \
|
||||
-a "$EC2_ACCESS_KEY" -s "$EC2_SECRET_KEY" \
|
||||
--location EU
|
||||
touch $imageDir/uploaded
|
||||
fi
|
||||
|
||||
extraFlags="$bucket/$bucketDir/nixos.img.manifest.xml"
|
||||
extraFlags="$bucket/$bucketDir/$type.raw.manifest.xml"
|
||||
|
||||
else
|
||||
|
||||
@ -90,7 +98,7 @@ for type in hvm pv; do
|
||||
# to upload a huge raw image.
|
||||
vhdFile=$stateDir/$type.vhd
|
||||
if ! [ -e $vhdFile ]; then
|
||||
qemu-img convert -O vpc $imageFile $vhdFile.tmp
|
||||
qemu-img convert -f qcow2 -O vpc $imageFile $vhdFile.tmp
|
||||
mv $vhdFile.tmp $vhdFile
|
||||
fi
|
||||
|
||||
@ -209,7 +217,7 @@ for type in hvm pv; do
|
||||
prevRegion="$region"
|
||||
fi
|
||||
|
||||
echo " \"15.09\".$region.$type-$store = \"$ami\";" >> ec2-amis.nix
|
||||
echo " \"$major\".$region.$type-$store = \"$ami\";" >> ec2-amis.nix
|
||||
done
|
||||
|
||||
done
|
||||
|
@ -38,7 +38,7 @@ with lib;
|
||||
# environment.pathsToLink, and we can't have both.
|
||||
#environment.pathsToLink = [ "/lib/debug/.build-id" ];
|
||||
|
||||
environment.outputsToLink =
|
||||
environment.extraOutputsToInstall =
|
||||
optional config.environment.enableDebugInfo "debug";
|
||||
|
||||
};
|
||||
|
@ -236,7 +236,7 @@ with lib;
|
||||
# Versioned fontconfig > 2.10. Take shared fonts.conf from fontconfig.
|
||||
# Otherwise specify only font directories.
|
||||
environment.etc."fonts/${pkgs.fontconfig.configVersion}/fonts.conf".source =
|
||||
"${pkgs.fontconfig}/etc/fonts/fonts.conf";
|
||||
"${pkgs.fontconfig.out}/etc/fonts/fonts.conf";
|
||||
|
||||
environment.etc."fonts/${pkgs.fontconfig.configVersion}/conf.d/00-nixos.conf".text =
|
||||
let
|
||||
|
@ -148,7 +148,7 @@ in
|
||||
"protocols".source = pkgs.iana_etc + "/etc/protocols";
|
||||
|
||||
# /etc/rpc: RPC program numbers.
|
||||
"rpc".source = pkgs.glibc + "/etc/rpc";
|
||||
"rpc".source = pkgs.glibc.out + "/etc/rpc";
|
||||
|
||||
# /etc/hosts: Hostname-to-IP mappings.
|
||||
"hosts".text =
|
||||
|
@ -26,7 +26,7 @@ let
|
||||
# are built with PulseAudio support (like KDE).
|
||||
clientConf = writeText "client.conf" ''
|
||||
autospawn=${if nonSystemWide then "yes" else "no"}
|
||||
${optionalString nonSystemWide "daemon-binary=${cfg.package}/bin/pulseaudio"}
|
||||
${optionalString nonSystemWide "daemon-binary=${cfg.package.out}/bin/pulseaudio"}
|
||||
'';
|
||||
|
||||
# Write an /etc/asound.conf that causes all ALSA applications to
|
||||
@ -130,11 +130,11 @@ in {
|
||||
source = clientConf;
|
||||
};
|
||||
|
||||
hardware.pulseaudio.configFile = mkDefault "${cfg.package}/etc/pulse/default.pa";
|
||||
hardware.pulseaudio.configFile = mkDefault "${cfg.package.out}/etc/pulse/default.pa";
|
||||
}
|
||||
|
||||
(mkIf cfg.enable {
|
||||
environment.systemPackages = [ cfg.package ];
|
||||
environment.systemPackages = [ cfg.package.out ];
|
||||
|
||||
environment.etc = singleton {
|
||||
target = "asound.conf";
|
||||
@ -150,6 +150,29 @@ in {
|
||||
target = "pulse/default.pa";
|
||||
source = cfg.configFile;
|
||||
};
|
||||
|
||||
systemd.user = {
|
||||
services.pulseaudio = {
|
||||
description = "PulseAudio Server";
|
||||
# NixOS doesn't support "Also" so we bring it in manually
|
||||
wantedBy = [ "default.target" ];
|
||||
serviceConfig = {
|
||||
Type = "notify";
|
||||
ExecStart = "${cfg.package}/bin/pulseaudio --daemonize=no";
|
||||
Restart = "on-failure";
|
||||
};
|
||||
};
|
||||
|
||||
sockets.pulseaudio = {
|
||||
description = "PulseAudio Socket";
|
||||
wantedBy = [ "sockets.target" ];
|
||||
socketConfig = {
|
||||
Priority = 6;
|
||||
Backlog = 5;
|
||||
ListenStream = "%t/pulse/native";
|
||||
};
|
||||
};
|
||||
};
|
||||
})
|
||||
|
||||
(mkIf systemWide {
|
||||
@ -171,8 +194,9 @@ in {
|
||||
before = [ "sound.target" ];
|
||||
environment.PULSE_RUNTIME_PATH = stateDir;
|
||||
serviceConfig = {
|
||||
ExecStart = "${cfg.package}/bin/pulseaudio -D --log-level=${cfg.daemon.logLevel} --system --use-pid-file -n --file=${cfg.configFile}";
|
||||
PIDFile = "${stateDir}/pid";
|
||||
Type = "notify";
|
||||
ExecStart = "${cfg.package.out}/bin/pulseaudio --daemonize=no --log-level=${cfg.daemon.logLevel} --system -n --file=${cfg.configFile}";
|
||||
Restart = "on-failure";
|
||||
};
|
||||
};
|
||||
})
|
||||
|
@ -73,11 +73,11 @@ in
|
||||
description = "List of directories to be symlinked in <filename>/run/current-system/sw</filename>.";
|
||||
};
|
||||
|
||||
outputsToLink = mkOption {
|
||||
extraOutputsToInstall = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [];
|
||||
example = [ "doc" ];
|
||||
description = "List of package outputs to be symlinked into <filename>/run/current-system/sw</filename>.";
|
||||
default = [ ];
|
||||
example = [ "doc" "info" "docdev" ];
|
||||
description = "List of additional package outputs to be symlinked into <filename>/run/current-system/sw</filename>.";
|
||||
};
|
||||
|
||||
};
|
||||
@ -123,9 +123,10 @@ in
|
||||
system.path = pkgs.buildEnv {
|
||||
name = "system-path";
|
||||
paths = config.environment.systemPackages;
|
||||
inherit (config.environment) pathsToLink outputsToLink;
|
||||
inherit (config.environment) pathsToLink extraOutputsToInstall;
|
||||
ignoreCollisions = true;
|
||||
# !!! Hacky, should modularise.
|
||||
# outputs TODO: note that the tools will often not be linked by default
|
||||
postBuild =
|
||||
''
|
||||
if [ -x $out/bin/update-mime-database -a -w $out/share/mime ]; then
|
||||
|
@ -78,7 +78,7 @@ let cfg = config.system.autoUpgrade; in
|
||||
HOME = "/root";
|
||||
};
|
||||
|
||||
path = [ pkgs.gnutar pkgs.xz config.nix.package ];
|
||||
path = [ pkgs.gnutar pkgs.xz.bin config.nix.package ];
|
||||
|
||||
script = ''
|
||||
${config.system.build.nixos-rebuild}/bin/nixos-rebuild switch ${toString cfg.flags}
|
||||
|
@ -165,7 +165,7 @@ sub pciCheck {
|
||||
) )
|
||||
{
|
||||
# we need e.g. brcmfmac43602-pcie.bin
|
||||
push @imports, "<nixos/modules/hardware/network/broadcom-43xx.nix>";
|
||||
push @imports, "<nixpkgs/nixos/modules/hardware/network/broadcom-43xx.nix>";
|
||||
}
|
||||
|
||||
# Can't rely on $module here, since the module may not be loaded
|
||||
|
@ -257,6 +257,8 @@
|
||||
radicale = 234;
|
||||
hydra-queue-runner = 235;
|
||||
hydra-www = 236;
|
||||
syncthing = 237;
|
||||
mfi = 238;
|
||||
|
||||
# When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399!
|
||||
|
||||
@ -485,6 +487,8 @@
|
||||
pdnsd = 229;
|
||||
octoprint = 230;
|
||||
radicale = 234;
|
||||
syncthing = 237;
|
||||
#mfi = 238; # unused
|
||||
|
||||
# When adding a gid, make sure it doesn't match an existing
|
||||
# uid. Users and groups with the same name should have equal
|
||||
|
@ -283,6 +283,7 @@
|
||||
./services/network-filesystems/openafs-client/default.nix
|
||||
./services/network-filesystems/rsyncd.nix
|
||||
./services/network-filesystems/samba.nix
|
||||
./services/network-filesystems/tahoe.nix
|
||||
./services/network-filesystems/diod.nix
|
||||
./services/network-filesystems/u9fs.nix
|
||||
./services/network-filesystems/yandex-disk.nix
|
||||
@ -327,12 +328,13 @@
|
||||
./services/networking/hostapd.nix
|
||||
./services/networking/i2pd.nix
|
||||
./services/networking/i2p.nix
|
||||
./services/networking/iodined.nix
|
||||
./services/networking/iodine.nix
|
||||
./services/networking/ircd-hybrid/default.nix
|
||||
./services/networking/kippo.nix
|
||||
./services/networking/lambdabot.nix
|
||||
./services/networking/libreswan.nix
|
||||
./services/networking/mailpile.nix
|
||||
./services/networking/mfi.nix
|
||||
./services/networking/mjpg-streamer.nix
|
||||
./services/networking/minidlna.nix
|
||||
./services/networking/miniupnpd.nix
|
||||
|
@ -35,7 +35,7 @@
|
||||
# Tools to create / manipulate filesystems.
|
||||
pkgs.ntfsprogs # for resizing NTFS partitions
|
||||
pkgs.dosfstools
|
||||
pkgs.xfsprogs
|
||||
pkgs.xfsprogs.bin
|
||||
pkgs.jfsutils
|
||||
pkgs.f2fs-tools
|
||||
|
||||
|
@ -101,6 +101,9 @@ in
|
||||
end
|
||||
'';
|
||||
|
||||
# include programs that bring their own completions
|
||||
environment.pathsToLink = [ "/share/fish/vendor_completions.d" ];
|
||||
|
||||
environment.systemPackages = [ pkgs.fish ];
|
||||
|
||||
environment.shells = [
|
||||
|
@ -23,7 +23,7 @@ with lib;
|
||||
|
||||
environment.pathsToLink = [ "/share/man" ];
|
||||
|
||||
environment.outputsToLink = [ "man" ];
|
||||
environment.extraOutputsToInstall = [ "man" ];
|
||||
|
||||
};
|
||||
|
||||
|
@ -189,6 +189,7 @@ in
|
||||
|
||||
# Allow DSA keys for now. (These were deprecated in OpenSSH 7.0.)
|
||||
PubkeyAcceptedKeyTypes +ssh-dss
|
||||
HostKeyAlgorithms +ssh-dss
|
||||
|
||||
${cfg.extraConfig}
|
||||
'';
|
||||
|
@ -89,8 +89,8 @@ in
|
||||
nameValuePair "xfs_quota-${name}" {
|
||||
description = "Setup xfs_quota for project ${name}";
|
||||
script = ''
|
||||
${pkgs.xfsprogs}/bin/xfs_quota -x -c 'project -s ${name}' ${opts.fileSystem}
|
||||
${pkgs.xfsprogs}/bin/xfs_quota -x -c 'limit -p ${limitOptions opts} ${name}' ${opts.fileSystem}
|
||||
${pkgs.xfsprogs.bin}/bin/xfs_quota -x -c 'project -s ${name}' ${opts.fileSystem}
|
||||
${pkgs.xfsprogs.bin}/bin/xfs_quota -x -c 'limit -p ${limitOptions opts} ${name}' ${opts.fileSystem}
|
||||
'';
|
||||
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
@ -101,6 +101,13 @@ with lib;
|
||||
# Enlightenment
|
||||
(mkRenamedOptionModule [ "services" "xserver" "desktopManager" "e19" "enable" ] [ "services" "xserver" "desktopManager" "enlightenment" "enable" ])
|
||||
|
||||
# Iodine
|
||||
(mkRenamedOptionModule [ "services" "iodined" "enable" ] [ "services" "iodine" "server" "enable" ])
|
||||
(mkRenamedOptionModule [ "services" "iodined" "domain" ] [ "services" "iodine" "server" "domain" ])
|
||||
(mkRenamedOptionModule [ "services" "iodined" "ip" ] [ "services" "iodine" "server" "ip" ])
|
||||
(mkRenamedOptionModule [ "services" "iodined" "extraConfig" ] [ "services" "iodine" "server" "extraConfig" ])
|
||||
(mkRemovedOptionModule [ "services" "iodined" "client" ])
|
||||
|
||||
# Options that are obsolete and have no replacement.
|
||||
(mkRemovedOptionModule [ "boot" "initrd" "luks" "enable" ])
|
||||
(mkRemovedOptionModule [ "programs" "bash" "enable" ])
|
||||
|
@ -28,9 +28,9 @@ with lib;
|
||||
capability setuid,
|
||||
network inet raw,
|
||||
|
||||
${pkgs.glibc}/lib/*.so mr,
|
||||
${pkgs.libcap}/lib/libcap.so* mr,
|
||||
${pkgs.attr}/lib/libattr.so* mr,
|
||||
${pkgs.glibc.out}/lib/*.so mr,
|
||||
${pkgs.libcap.out}/lib/libcap.so* mr,
|
||||
${pkgs.attr.out}/lib/libattr.so* mr,
|
||||
|
||||
${pkgs.iputils}/bin/ping mixr,
|
||||
/var/setuid-wrappers/ping.real r,
|
||||
|
@ -59,9 +59,9 @@ in
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
environment.systemPackages = [ pkgs.polkit ];
|
||||
environment.systemPackages = [ pkgs.polkit.bin pkgs.polkit.out ];
|
||||
|
||||
systemd.packages = [ pkgs.polkit ];
|
||||
systemd.packages = [ pkgs.polkit.out ];
|
||||
|
||||
systemd.services.polkit.restartTriggers = [ config.system.path ];
|
||||
systemd.services.polkit.unitConfig.X-StopIfChanged = false;
|
||||
@ -79,7 +79,7 @@ in
|
||||
${cfg.extraConfig}
|
||||
''; #TODO: validation on compilation (at least against typos)
|
||||
|
||||
services.dbus.packages = [ pkgs.polkit ];
|
||||
services.dbus.packages = [ pkgs.polkit.out ];
|
||||
|
||||
security.pam.services.polkit-1 = {};
|
||||
|
||||
@ -90,7 +90,7 @@ in
|
||||
owner = "root";
|
||||
group = "root";
|
||||
setuid = true;
|
||||
source = "${pkgs.polkit}/lib/polkit-1/polkit-agent-helper-1";
|
||||
source = "${pkgs.polkit.out}/lib/polkit-1/polkit-agent-helper-1";
|
||||
}
|
||||
];
|
||||
|
||||
|
@ -8,12 +8,12 @@ let
|
||||
|
||||
setuidWrapper = pkgs.stdenv.mkDerivation {
|
||||
name = "setuid-wrapper";
|
||||
buildCommand = ''
|
||||
unpackPhase = "true";
|
||||
installPhase = ''
|
||||
mkdir -p $out/bin
|
||||
cp ${./setuid-wrapper.c} setuid-wrapper.c
|
||||
gcc -Wall -O2 -DWRAPPER_DIR=\"${wrapperDir}\" \
|
||||
setuid-wrapper.c -o $out/bin/setuid-wrapper
|
||||
strip -S $out/bin/setuid-wrapper
|
||||
'';
|
||||
};
|
||||
|
||||
|
@ -50,7 +50,7 @@ with lib;
|
||||
ensureDir ${crashplan.vardir}/log 777
|
||||
cp -avn ${crashplan}/conf.template/* ${crashplan.vardir}/conf
|
||||
for x in app.asar bin EULA.txt install.vars lang lib libjniwrap64.so libjniwrap.so libjtux64.so libjtux.so libmd564.so libmd5.so share skin upgrade; do
|
||||
if [ -e $x ]; then
|
||||
if [ -e ${crashplan.vardir}/$x ]; then
|
||||
true;
|
||||
else
|
||||
ln -s ${crashplan}/$x ${crashplan.vardir}/$x;
|
||||
|
@ -161,11 +161,11 @@ in {
|
||||
'';
|
||||
|
||||
postStart = ''
|
||||
until ${pkgs.curl}/bin/curl -s -L ${cfg.listenAddress}:${toString cfg.port}${cfg.prefix} ; do
|
||||
until ${pkgs.curl.bin}/bin/curl -s -L ${cfg.listenAddress}:${toString cfg.port}${cfg.prefix} ; do
|
||||
sleep 10
|
||||
done
|
||||
while true ; do
|
||||
index=`${pkgs.curl}/bin/curl -s -L ${cfg.listenAddress}:${toString cfg.port}${cfg.prefix}`
|
||||
index=`${pkgs.curl.bin}/bin/curl -s -L ${cfg.listenAddress}:${toString cfg.port}${cfg.prefix}`
|
||||
if [[ !("$index" =~ 'Please wait while Jenkins is restarting' ||
|
||||
"$index" =~ 'Please wait while Jenkins is getting ready to work') ]]; then
|
||||
exit 0
|
||||
|
@ -87,7 +87,7 @@ in
|
||||
mkdir -p ${cfg.dataDir}
|
||||
chown -R ${cfg.user}:${cfg.group} ${cfg.dataDir}
|
||||
'';
|
||||
serviceConfig.ExecStart = "${openldap}/libexec/slapd -u ${cfg.user} -g ${cfg.group} -d 0 -f ${configFile}";
|
||||
serviceConfig.ExecStart = "${openldap.out}/libexec/slapd -u ${cfg.user} -g ${cfg.group} -d 0 -f ${configFile}";
|
||||
};
|
||||
|
||||
users.extraUsers.openldap =
|
||||
|
@ -37,7 +37,7 @@ in
|
||||
|
||||
services.dbus.packages = [ gnome3.gvfs ];
|
||||
|
||||
services.udev.packages = [ pkgs.libmtp ];
|
||||
services.udev.packages = [ pkgs.libmtp.bin ];
|
||||
|
||||
};
|
||||
|
||||
|
@ -72,7 +72,7 @@ let
|
||||
run_progs=$(grep -v '^[[:space:]]*#' $out/* | grep 'RUN+="[^/$]' |
|
||||
sed -e 's/.*RUN+="\([^ "]*\)[ "].*/\1/' | uniq)
|
||||
for i in $import_progs $run_progs; do
|
||||
if [[ ! -x ${pkgs.udev}/lib/udev/$i && ! $i =~ socket:.* ]]; then
|
||||
if [[ ! -x ${udev}/lib/udev/$i && ! $i =~ socket:.* ]]; then
|
||||
echo "FAIL"
|
||||
echo "$i is called in udev rules but not installed by udev"
|
||||
exit 1
|
||||
|
@ -51,7 +51,7 @@ in
|
||||
|
||||
systemd.services.upower =
|
||||
{ description = "Power Management Daemon";
|
||||
path = [ pkgs.glib ]; # needed for gdbus
|
||||
path = [ pkgs.glib.out ]; # needed for gdbus
|
||||
serviceConfig =
|
||||
{ Type = "dbus";
|
||||
BusName = "org.freedesktop.UPower";
|
||||
|
@ -65,7 +65,7 @@ in {
|
||||
};
|
||||
|
||||
postStart = ''
|
||||
until ${pkgs.curl}/bin/curl -s -o /dev/null 'http://${cfg.listenAddress}:${toString cfg.port}/'; do
|
||||
until ${pkgs.curl.bin}/bin/curl -s -o /dev/null 'http://${cfg.listenAddress}:${toString cfg.port}/'; do
|
||||
sleep 1;
|
||||
done
|
||||
'';
|
||||
|
@ -358,7 +358,7 @@ in
|
||||
systemd.sockets.nix-daemon.wantedBy = [ "sockets.target" ];
|
||||
|
||||
systemd.services.nix-daemon =
|
||||
{ path = [ nix pkgs.openssl pkgs.utillinux config.programs.ssh.package ]
|
||||
{ path = [ nix pkgs.openssl.bin pkgs.utillinux config.programs.ssh.package ]
|
||||
++ optionals cfg.distributedBuilds [ pkgs.gzip ];
|
||||
|
||||
environment = cfg.envVars
|
||||
|
@ -128,6 +128,7 @@ in
|
||||
Group = cfg.group;
|
||||
PermissionsStartOnly = "true";
|
||||
ExecStart = "/bin/sh -c '${cfg.package}/usr/lib/plexmediaserver/Plex\\ Media\\ Server'";
|
||||
Restart = "on-failure";
|
||||
};
|
||||
environment = {
|
||||
PLEX_MEDIA_SERVER_APPLICATION_SUPPORT_DIR=cfg.dataDir;
|
||||
|
@ -97,7 +97,7 @@ in
|
||||
|
||||
transcoders = mkOption {
|
||||
type = types.listOf types.path;
|
||||
default = [ "${pkgs.ffmpeg}/bin/ffmpeg" ];
|
||||
default = [ "${pkgs.ffmpeg.bin}/bin/ffmpeg" ];
|
||||
description = ''
|
||||
List of paths to transcoder executables that should be accessible
|
||||
from Subsonic. Symlinks will be created to each executable inside
|
||||
|
@ -38,7 +38,7 @@ in
|
||||
after = [ "network-interfaces.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
preStart = "mkdir -p ${cfg.svnBaseDir}";
|
||||
script = "${pkgs.subversion}/bin/svnserve -r ${cfg.svnBaseDir} -d --foreground --pid-file=/var/run/svnserve.pid";
|
||||
script = "${pkgs.subversion.out}/bin/svnserve -r ${cfg.svnBaseDir} -d --foreground --pid-file=/var/run/svnserve.pid";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
@ -71,7 +71,7 @@ in {
|
||||
after = [ "network.target" "docker.service" "influxdb.service" ];
|
||||
|
||||
postStart = mkBefore ''
|
||||
until ${pkgs.curl}/bin/curl -s -o /dev/null 'http://${cfg.listenAddress}:${toString cfg.port}/containers/'; do
|
||||
until ${pkgs.curl.bin}/bin/curl -s -o /dev/null 'http://${cfg.listenAddress}:${toString cfg.port}/containers/'; do
|
||||
sleep 1;
|
||||
done
|
||||
'';
|
||||
|
@ -509,7 +509,7 @@ in {
|
||||
};
|
||||
in "${aenv}/${pkgs.python.sitePackages}";
|
||||
GRAPHITE_API_CONFIG = graphiteApiConfig;
|
||||
LD_LIBRARY_PATH = "${pkgs.cairo}/lib";
|
||||
LD_LIBRARY_PATH = "${pkgs.cairo.out}/lib";
|
||||
};
|
||||
serviceConfig = {
|
||||
ExecStart = ''
|
||||
|
286
nixos/modules/services/network-filesystems/tahoe.nix
Normal file
286
nixos/modules/services/network-filesystems/tahoe.nix
Normal file
@ -0,0 +1,286 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
let
|
||||
cfg = config.services.tahoe;
|
||||
in
|
||||
{
|
||||
options.services.tahoe = {
|
||||
introducers = mkOption {
|
||||
default = {};
|
||||
type = types.loaOf types.optionSet;
|
||||
description = ''
|
||||
The Tahoe introducers.
|
||||
'';
|
||||
options = {
|
||||
nickname = mkOption {
|
||||
type = types.str;
|
||||
description = ''
|
||||
The nickname of this Tahoe introducer.
|
||||
'';
|
||||
};
|
||||
tub.port = mkOption {
|
||||
default = 3458;
|
||||
type = types.int;
|
||||
description = ''
|
||||
The port on which the introducer will listen.
|
||||
'';
|
||||
};
|
||||
package = mkOption {
|
||||
default = pkgs.tahoelafs;
|
||||
defaultText = "pkgs.tahoelafs";
|
||||
type = types.package;
|
||||
example = literalExample "pkgs.tahoelafs";
|
||||
description = ''
|
||||
The package to use for the Tahoe LAFS daemon.
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
nodes = mkOption {
|
||||
default = {};
|
||||
type = types.loaOf types.optionSet;
|
||||
description = ''
|
||||
The Tahoe nodes.
|
||||
'';
|
||||
options = {
|
||||
nickname = mkOption {
|
||||
type = types.str;
|
||||
description = ''
|
||||
The nickname of this Tahoe node.
|
||||
'';
|
||||
};
|
||||
tub.port = mkOption {
|
||||
default = 3457;
|
||||
type = types.int;
|
||||
description = ''
|
||||
The port on which the tub will listen.
|
||||
|
||||
This is the correct setting to tweak if you want Tahoe's storage
|
||||
system to listen on a different port.
|
||||
'';
|
||||
};
|
||||
web.port = mkOption {
|
||||
default = 3456;
|
||||
type = types.int;
|
||||
description = ''
|
||||
The port on which the Web server will listen.
|
||||
|
||||
This is the correct setting to tweak if you want Tahoe's WUI to
|
||||
listen on a different port.
|
||||
'';
|
||||
};
|
||||
client.introducer = mkOption {
|
||||
default = null;
|
||||
type = types.nullOr types.str;
|
||||
description = ''
|
||||
The furl for a Tahoe introducer node.
|
||||
|
||||
Like all furls, keep this safe and don't share it.
|
||||
'';
|
||||
};
|
||||
client.helper = mkOption {
|
||||
default = null;
|
||||
type = types.nullOr types.str;
|
||||
description = ''
|
||||
The furl for a Tahoe helper node.
|
||||
|
||||
Like all furls, keep this safe and don't share it.
|
||||
'';
|
||||
};
|
||||
client.shares.needed = mkOption {
|
||||
default = 3;
|
||||
type = types.int;
|
||||
description = ''
|
||||
The number of shares required to reconstitute a file.
|
||||
'';
|
||||
};
|
||||
client.shares.happy = mkOption {
|
||||
default = 7;
|
||||
type = types.int;
|
||||
description = ''
|
||||
The number of distinct storage nodes required to store
|
||||
a file.
|
||||
'';
|
||||
};
|
||||
client.shares.total = mkOption {
|
||||
default = 10;
|
||||
type = types.int;
|
||||
description = ''
|
||||
The number of shares required to store a file.
|
||||
'';
|
||||
};
|
||||
storage.enable = mkEnableOption "storage service";
|
||||
storage.reservedSpace = mkOption {
|
||||
default = "1G";
|
||||
type = types.str;
|
||||
description = ''
|
||||
The amount of filesystem space to not use for storage.
|
||||
'';
|
||||
};
|
||||
helper.enable = mkEnableOption "helper service";
|
||||
package = mkOption {
|
||||
default = pkgs.tahoelafs;
|
||||
defaultText = "pkgs.tahoelafs";
|
||||
type = types.package;
|
||||
example = literalExample "pkgs.tahoelafs";
|
||||
description = ''
|
||||
The package to use for the Tahoe LAFS daemon.
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
config = mkMerge [
|
||||
(mkIf (cfg.introducers != {}) {
|
||||
environment = {
|
||||
etc = flip mapAttrs' cfg.introducers (node: settings:
|
||||
nameValuePair "tahoe-lafs/introducer-${node}.cfg" {
|
||||
mode = "0444";
|
||||
text = ''
|
||||
# This configuration is generated by Nix. Edit at your own
|
||||
# peril; here be dragons.
|
||||
|
||||
[node]
|
||||
nickname = ${settings.nickname}
|
||||
tub.port = ${toString settings.tub.port}
|
||||
'';
|
||||
});
|
||||
# Actually require Tahoe, so that we will have it installed.
|
||||
systemPackages = flip mapAttrsToList cfg.introducers (node: settings:
|
||||
settings.package
|
||||
);
|
||||
};
|
||||
# Open up the firewall.
|
||||
# networking.firewall.allowedTCPPorts = flip mapAttrsToList cfg.introducers
|
||||
# (node: settings: settings.tub.port);
|
||||
systemd.services = flip mapAttrs' cfg.introducers (node: settings:
|
||||
let
|
||||
pidfile = "/run/tahoe.introducer-${node}.pid";
|
||||
# This is a directory, but it has no trailing slash. Tahoe commands
|
||||
# get antsy when there's a trailing slash.
|
||||
nodedir = "/var/db/tahoe-lafs/introducer-${node}";
|
||||
in nameValuePair "tahoe.introducer-${node}" {
|
||||
description = "Tahoe LAFS node ${node}";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
path = [ settings.package ];
|
||||
restartTriggers = [
|
||||
config.environment.etc."tahoe-lafs/introducer-${node}.cfg".source ];
|
||||
serviceConfig = {
|
||||
Type = "simple";
|
||||
PIDFile = pidfile;
|
||||
};
|
||||
preStart = ''
|
||||
if [ \! -d ${nodedir} ]; then
|
||||
mkdir -p /var/db/tahoe-lafs
|
||||
tahoe create-introducer ${nodedir}
|
||||
fi
|
||||
|
||||
# Tahoe has created a predefined tahoe.cfg which we must now
|
||||
# scribble over.
|
||||
# XXX I thought that a symlink would work here, but it doesn't, so
|
||||
# we must do this on every prestart. Fixes welcome.
|
||||
# rm ${nodedir}/tahoe.cfg
|
||||
# ln -s /etc/tahoe-lafs/introducer-${node}.cfg ${nodedir}/tahoe.cfg
|
||||
cp /etc/tahoe-lafs/introducer-${node}.cfg ${nodedir}/tahoe.cfg
|
||||
'';
|
||||
# Believe it or not, Tahoe is very brittle about the order of
|
||||
# arguments to $(tahoe start). The node directory must come first,
|
||||
# and arguments which alter Twisted's behavior come afterwards.
|
||||
script = ''
|
||||
tahoe start ${nodedir} -n -l- --pidfile=${pidfile}
|
||||
'';
|
||||
});
|
||||
users.extraUsers = flip mapAttrs' cfg.introducers (node: _:
|
||||
nameValuePair "tahoe.introducer-${node}" {
|
||||
description = "Tahoe node user for introducer ${node}";
|
||||
isSystemUser = true;
|
||||
});
|
||||
})
|
||||
(mkIf (cfg.nodes != {}) {
|
||||
environment = {
|
||||
etc = flip mapAttrs' cfg.nodes (node: settings:
|
||||
nameValuePair "tahoe-lafs/${node}.cfg" {
|
||||
mode = "0444";
|
||||
text = ''
|
||||
# This configuration is generated by Nix. Edit at your own
|
||||
# peril; here be dragons.
|
||||
|
||||
[node]
|
||||
nickname = ${settings.nickname}
|
||||
tub.port = ${toString settings.tub.port}
|
||||
# This is a Twisted endpoint. Twisted Web doesn't work on
|
||||
# non-TCP. ~ C.
|
||||
web.port = tcp:${toString settings.web.port}
|
||||
|
||||
[client]
|
||||
${optionalString (settings.client.introducer != null)
|
||||
"introducer.furl = ${settings.client.introducer}"}
|
||||
${optionalString (settings.client.helper != null)
|
||||
"helper.furl = ${settings.client.helper}"}
|
||||
|
||||
shares.needed = ${toString settings.client.shares.needed}
|
||||
shares.happy = ${toString settings.client.shares.happy}
|
||||
shares.total = ${toString settings.client.shares.total}
|
||||
|
||||
[storage]
|
||||
enabled = ${if settings.storage.enable then "true" else "false"}
|
||||
reserved_space = ${settings.storage.reservedSpace}
|
||||
|
||||
[helper]
|
||||
enabled = ${if settings.helper.enable then "true" else "false"}
|
||||
'';
|
||||
});
|
||||
# Actually require Tahoe, so that we will have it installed.
|
||||
systemPackages = flip mapAttrsToList cfg.nodes (node: settings:
|
||||
settings.package
|
||||
);
|
||||
};
|
||||
# Open up the firewall.
|
||||
# networking.firewall.allowedTCPPorts = flip mapAttrsToList cfg.nodes
|
||||
# (node: settings: settings.tub.port);
|
||||
systemd.services = flip mapAttrs' cfg.nodes (node: settings:
|
||||
let
|
||||
pidfile = "/run/tahoe.${node}.pid";
|
||||
# This is a directory, but it has no trailing slash. Tahoe commands
|
||||
# get antsy when there's a trailing slash.
|
||||
nodedir = "/var/db/tahoe-lafs/${node}";
|
||||
in nameValuePair "tahoe.${node}" {
|
||||
description = "Tahoe LAFS node ${node}";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
path = [ settings.package ];
|
||||
restartTriggers = [
|
||||
config.environment.etc."tahoe-lafs/${node}.cfg".source ];
|
||||
serviceConfig = {
|
||||
Type = "simple";
|
||||
PIDFile = pidfile;
|
||||
};
|
||||
preStart = ''
|
||||
if [ \! -d ${nodedir} ]; then
|
||||
mkdir -p /var/db/tahoe-lafs
|
||||
tahoe create-node ${nodedir}
|
||||
fi
|
||||
|
||||
# Tahoe has created a predefined tahoe.cfg which we must now
|
||||
# scribble over.
|
||||
# XXX I thought that a symlink would work here, but it doesn't, so
|
||||
# we must do this on every prestart. Fixes welcome.
|
||||
# rm ${nodedir}/tahoe.cfg
|
||||
# ln -s /etc/tahoe-lafs/${node}.cfg ${nodedir}/tahoe.cfg
|
||||
cp /etc/tahoe-lafs/${node}.cfg ${nodedir}/tahoe.cfg
|
||||
'';
|
||||
# Believe it or not, Tahoe is very brittle about the order of
|
||||
# arguments to $(tahoe start). The node directory must come first,
|
||||
# and arguments which alter Twisted's behavior come afterwards.
|
||||
script = ''
|
||||
tahoe start ${nodedir} -n -l- --pidfile=${pidfile}
|
||||
'';
|
||||
});
|
||||
users.extraUsers = flip mapAttrs' cfg.nodes (node: _:
|
||||
nameValuePair "tahoe.${node}" {
|
||||
description = "Tahoe node user for node ${node}";
|
||||
isSystemUser = true;
|
||||
});
|
||||
})
|
||||
];
|
||||
}
|
@ -27,10 +27,17 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
user = mkOption {
|
||||
type = types.str;
|
||||
default = "nobody";
|
||||
description =
|
||||
"User to run u9fs under.";
|
||||
};
|
||||
|
||||
extraArgs = mkOption {
|
||||
type = types.str;
|
||||
default = "";
|
||||
example = "-a none -u nobody";
|
||||
example = "-a none";
|
||||
description =
|
||||
''
|
||||
Extra arguments to pass on invocation,
|
||||
@ -38,13 +45,6 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
fsroot = mkOption {
|
||||
type = types.path;
|
||||
default = "/";
|
||||
example = "/srv";
|
||||
description = "File system root to serve to clients.";
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
};
|
||||
@ -63,9 +63,10 @@ in
|
||||
reloadIfChanged = true;
|
||||
requires = [ "u9fs.socket" ];
|
||||
serviceConfig =
|
||||
{ ExecStart = "-${pkgs.u9fs}/bin/u9fs ${cfg.extraArgs} ${cfg.fsroot}";
|
||||
{ ExecStart = "-${pkgs.u9fs}/bin/u9fs ${cfg.extraArgs}";
|
||||
StandardInput = "socket";
|
||||
StandardError = "journal";
|
||||
User = cfg.user;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
@ -151,7 +151,7 @@ in
|
||||
/etc/group r,
|
||||
${config.environment.etc."nsswitch.conf".source} r,
|
||||
|
||||
${pkgs.glibc}/lib/*.so mr,
|
||||
${pkgs.glibc.out}/lib/*.so mr,
|
||||
${pkgs.tzdata}/share/zoneinfo/** r,
|
||||
|
||||
network inet stream,
|
||||
@ -159,12 +159,12 @@ in
|
||||
network inet dgram,
|
||||
network inet6 dgram,
|
||||
|
||||
${pkgs.gcc.cc}/lib/libssp.so.* mr,
|
||||
${pkgs.libsodium}/lib/libsodium.so.* mr,
|
||||
${pkgs.gcc.cc.lib}/lib/libssp.so.* mr,
|
||||
${pkgs.libsodium.out}/lib/libsodium.so.* mr,
|
||||
${pkgs.systemd}/lib/libsystemd.so.* mr,
|
||||
${pkgs.xz}/lib/liblzma.so.* mr,
|
||||
${pkgs.libgcrypt}/lib/libgcrypt.so.* mr,
|
||||
${pkgs.libgpgerror}/lib/libgpg-error.so.* mr,
|
||||
${pkgs.xz.out}/lib/liblzma.so.* mr,
|
||||
${pkgs.libgcrypt.out}/lib/libgcrypt.so.* mr,
|
||||
${pkgs.libgpgerror.out}/lib/libgpg-error.so.* mr,
|
||||
${pkgs.libcap}/lib/libcap.so.* mr,
|
||||
${pkgs.lz4}/lib/liblz4.so.* mr,
|
||||
${pkgs.attr}/lib/libattr.so.* mr,
|
||||
|
@ -8,7 +8,7 @@ let
|
||||
|
||||
homeDir = "/var/lib/i2pd";
|
||||
|
||||
extip = "EXTIP=\$(${pkgs.curl}/bin/curl -sf \"http://jsonip.com\" | ${pkgs.gawk}/bin/awk -F'\"' '{print $4}')";
|
||||
extip = "EXTIP=\$(${pkgs.curl.bin}/bin/curl -sf \"http://jsonip.com\" | ${pkgs.gawk}/bin/awk -F'\"' '{print $4}')";
|
||||
|
||||
toYesNo = b: if b then "yes" else "no";
|
||||
|
||||
|
136
nixos/modules/services/networking/iodine.nix
Normal file
136
nixos/modules/services/networking/iodine.nix
Normal file
@ -0,0 +1,136 @@
|
||||
# NixOS module for iodine, ip over dns daemon
|
||||
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.iodine;
|
||||
|
||||
iodinedUser = "iodined";
|
||||
|
||||
in
|
||||
{
|
||||
|
||||
### configuration
|
||||
|
||||
options = {
|
||||
|
||||
services.iodine = {
|
||||
clients = mkOption {
|
||||
default = {};
|
||||
description = ''
|
||||
Each attribute of this option defines a systemd service that
|
||||
runs iodine. Many or none may be defined.
|
||||
The name of each service is
|
||||
<literal>iodine-<replaceable>name</replaceable></literal>
|
||||
where <replaceable>name</replaceable> is the name of the
|
||||
corresponding attribute name.
|
||||
'';
|
||||
example = literalExample ''
|
||||
{
|
||||
foo = {
|
||||
server = "tunnel.mdomain.com";
|
||||
relay = "8.8.8.8";
|
||||
extraConfig = "-P mysecurepassword";
|
||||
}
|
||||
}
|
||||
'';
|
||||
type = types.attrsOf (types.submodule (
|
||||
{
|
||||
options = {
|
||||
server = mkOption {
|
||||
type = types.str;
|
||||
default = "";
|
||||
description = "Domain or Subdomain of server running iodined";
|
||||
example = "tunnel.mydomain.com";
|
||||
};
|
||||
|
||||
relay = mkOption {
|
||||
type = types.str;
|
||||
default = "";
|
||||
description = "DNS server to use as a intermediate relay to the iodined server";
|
||||
example = "8.8.8.8";
|
||||
};
|
||||
|
||||
extraConfig = mkOption {
|
||||
type = types.str;
|
||||
default = "";
|
||||
description = "Additional command line parameters";
|
||||
example = "-P mysecurepassword -l 192.168.1.10 -p 23";
|
||||
};
|
||||
};
|
||||
}));
|
||||
};
|
||||
|
||||
server = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = "enable iodined server";
|
||||
};
|
||||
|
||||
ip = mkOption {
|
||||
type = types.str;
|
||||
default = "";
|
||||
description = "The assigned ip address or ip range";
|
||||
example = "172.16.10.1/24";
|
||||
};
|
||||
|
||||
domain = mkOption {
|
||||
type = types.str;
|
||||
default = "";
|
||||
description = "Domain or subdomain of which nameservers point to us";
|
||||
example = "tunnel.mydomain.com";
|
||||
};
|
||||
|
||||
extraConfig = mkOption {
|
||||
type = types.str;
|
||||
default = "";
|
||||
description = "Additional command line parameters";
|
||||
example = "-P mysecurepassword -l 192.168.1.10 -p 23";
|
||||
};
|
||||
};
|
||||
|
||||
};
|
||||
};
|
||||
|
||||
### implementation
|
||||
|
||||
config = mkIf (cfg.server.enable || cfg.clients != {}) {
|
||||
environment.systemPackages = [ pkgs.iodine ];
|
||||
boot.kernelModules = [ "tun" ];
|
||||
|
||||
systemd.services =
|
||||
let
|
||||
createIodineClientService = name: cfg:
|
||||
{
|
||||
description = "iodine client - ${name}";
|
||||
wantedBy = [ "ip-up.target" ];
|
||||
serviceConfig = {
|
||||
RestartSec = "30s";
|
||||
Restart = "always";
|
||||
ExecStart = "${pkgs.iodine}/bin/iodine -f -u ${iodinedUser} ${cfg.extraConfig} ${cfg.relay} ${cfg.server}";
|
||||
};
|
||||
};
|
||||
in
|
||||
listToAttrs (
|
||||
mapAttrsToList
|
||||
(name: value: nameValuePair "iodine-${name}" (createIodineClientService name value))
|
||||
cfg.clients
|
||||
) // {
|
||||
iodined = mkIf (cfg.server.enable) {
|
||||
description = "iodine, ip over dns server daemon";
|
||||
wantedBy = [ "ip-up.target" ];
|
||||
serviceConfig.ExecStart = "${pkgs.iodine}/bin/iodined -f -u ${iodinedUser} ${cfg.server.extraConfig} ${cfg.server.ip} ${cfg.server.domain}";
|
||||
};
|
||||
};
|
||||
|
||||
users.extraUsers = singleton {
|
||||
name = iodinedUser;
|
||||
uid = config.ids.uids.iodined;
|
||||
description = "Iodine daemon user";
|
||||
};
|
||||
users.extraGroups.iodined.gid = config.ids.gids.iodined;
|
||||
};
|
||||
}
|
@ -1,86 +0,0 @@
|
||||
# NixOS module for iodine, ip over dns daemon
|
||||
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.iodined;
|
||||
|
||||
iodinedUser = "iodined";
|
||||
|
||||
in
|
||||
|
||||
{
|
||||
|
||||
### configuration
|
||||
|
||||
options = {
|
||||
|
||||
services.iodined = {
|
||||
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = "Enable iodine, ip over dns daemon";
|
||||
};
|
||||
|
||||
client = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = "Start iodine in client mode";
|
||||
};
|
||||
|
||||
ip = mkOption {
|
||||
type = types.str;
|
||||
default = "";
|
||||
description = "Assigned ip address or ip range";
|
||||
example = "172.16.10.1/24";
|
||||
};
|
||||
|
||||
domain = mkOption {
|
||||
type = types.str;
|
||||
default = "";
|
||||
description = "Domain or subdomain of which nameservers point to us";
|
||||
example = "tunnel.mydomain.com";
|
||||
};
|
||||
|
||||
extraConfig = mkOption {
|
||||
type = types.str;
|
||||
default = "";
|
||||
description = "Additional command line parameters";
|
||||
example = "-P mysecurepassword -l 192.168.1.10 -p 23";
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
### implementation
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
environment.systemPackages = [ pkgs.iodine ];
|
||||
boot.kernelModules = [ "tun" ];
|
||||
|
||||
systemd.services.iodined = {
|
||||
description = "iodine, ip over dns daemon";
|
||||
wantedBy = [ "ip-up.target" ];
|
||||
serviceConfig.ExecStart = "${pkgs.iodine}/sbin/iodined -f -u ${iodinedUser} ${cfg.extraConfig} ${cfg.ip} ${cfg.domain}";
|
||||
};
|
||||
|
||||
|
||||
users.extraUsers = singleton {
|
||||
name = iodinedUser;
|
||||
uid = config.ids.uids.iodined;
|
||||
description = "Iodine daemon user";
|
||||
};
|
||||
users.extraGroups.iodined.gid = config.ids.gids.iodined;
|
||||
|
||||
assertions = [{ assertion = if !cfg.client then cfg.ip != "" else true;
|
||||
message = "cannot start iodined without ip set";}
|
||||
{ assertion = cfg.domain != "";
|
||||
message = "cannot start iodined without domain name set";}];
|
||||
|
||||
};
|
||||
|
||||
}
|
90
nixos/modules/services/networking/mfi.nix
Normal file
90
nixos/modules/services/networking/mfi.nix
Normal file
@ -0,0 +1,90 @@
|
||||
{ config, lib, pkgs, utils, ... }:
|
||||
with lib;
|
||||
let
|
||||
name = "Ubiquiti mFi Controller";
|
||||
cfg = config.services.mfi;
|
||||
stateDir = "/var/lib/mfi";
|
||||
# XXX 2 runtime exceptions using jre8: JSPException on GET / ; can't initialize ./data/keystore on first run.
|
||||
cmd = "@${pkgs.jre7}/bin/java java -jar ${stateDir}/lib/ace.jar";
|
||||
mountPoints = [
|
||||
{ what = "${pkgs.mfi}/dl"; where = "${stateDir}/dl"; }
|
||||
{ what = "${pkgs.mfi}/lib"; where = "${stateDir}/lib"; }
|
||||
{ what = "${pkgs.mongodb248}/bin"; where = "${stateDir}/bin"; }
|
||||
];
|
||||
systemdMountPoints = map (m: "${utils.escapeSystemdPath m.where}.mount") mountPoints;
|
||||
ports = [ 6080 6880 6443 6843 ];
|
||||
in
|
||||
{
|
||||
options = {
|
||||
services.mfi = {
|
||||
enable = mkEnableOption name;
|
||||
openPorts = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
description = "Whether to open TCP ports ${concatMapStrings (a: "${toString a} ") ports}for the services.";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
networking.firewall.allowedTCPPorts = mkIf config.services.mfi.openPorts ports;
|
||||
|
||||
users.users.mfi = {
|
||||
uid = config.ids.uids.mfi;
|
||||
description = "mFi controller daemon user";
|
||||
home = "${stateDir}";
|
||||
};
|
||||
|
||||
# We must create the binary directories as bind mounts instead of symlinks
|
||||
# This is because the controller resolves all symlinks to absolute paths
|
||||
# to be used as the working directory.
|
||||
systemd.mounts = map ({ what, where }: {
|
||||
bindsTo = [ "mfi.service" ];
|
||||
partOf = [ "mfi.service" ];
|
||||
unitConfig.RequiresMountsFor = stateDir;
|
||||
options = "bind";
|
||||
what = what;
|
||||
where = where;
|
||||
}) mountPoints;
|
||||
|
||||
systemd.services.mfi = {
|
||||
description = "mFi controller daemon";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "network.target" ] ++ systemdMountPoints;
|
||||
partOf = systemdMountPoints;
|
||||
bindsTo = systemdMountPoints;
|
||||
unitConfig.RequiresMountsFor = stateDir;
|
||||
|
||||
preStart = ''
|
||||
# Clear ./webapps each run.
|
||||
rm -rf "${stateDir}/webapps"
|
||||
mkdir -p "${stateDir}/webapps"
|
||||
ln -s "${pkgs.mfi}/webapps/ROOT.war" "${stateDir}/webapps"
|
||||
|
||||
# Copy initial config only once.
|
||||
test -e "${stateDir}/conf" || cp -ar "${pkgs.mfi}/conf" "${stateDir}/conf"
|
||||
test -e "${stateDir}/data" || cp -ar "${pkgs.mfi}/data" "${stateDir}/data"
|
||||
|
||||
# Fix Permissions.
|
||||
# (Bind-mounts cause errors; ignore exit codes)
|
||||
chown -fR mfi: "${stateDir}" || true
|
||||
chmod -fR u=rwX,go= "${stateDir}" || true
|
||||
'';
|
||||
|
||||
postStop = ''
|
||||
rm -rf "${stateDir}/webapps"
|
||||
'';
|
||||
|
||||
serviceConfig = {
|
||||
Type = "simple";
|
||||
ExecStart = "${cmd} start";
|
||||
ExecStop = "${cmd} stop";
|
||||
User = "mfi";
|
||||
PermissionsStartOnly = true;
|
||||
UMask = "0077";
|
||||
WorkingDirectory = "${stateDir}";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
@ -58,9 +58,9 @@ in
|
||||
services.minidlna.config =
|
||||
''
|
||||
port=${toString port}
|
||||
friendly_name=NixOS Media Server
|
||||
friendly_name=${config.networking.hostName} MiniDLNA
|
||||
db_dir=/var/cache/minidlna
|
||||
log_dir=/var/log/minidlna
|
||||
log_level=warn
|
||||
inotify=yes
|
||||
${concatMapStrings (dir: ''
|
||||
media_dir=${dir}
|
||||
@ -83,21 +83,18 @@ in
|
||||
|
||||
preStart =
|
||||
''
|
||||
mkdir -p /var/cache/minidlna /var/log/minidlna /run/minidlna
|
||||
chown minidlna /var/cache/minidlna /var/log/minidlna /run/minidlna
|
||||
mkdir -p /var/cache/minidlna
|
||||
chown -R minidlna:minidlna /var/cache/minidlna
|
||||
'';
|
||||
|
||||
# FIXME: log through the journal rather than
|
||||
# /var/log/minidlna. The -d flag does that, but also raises
|
||||
# the log level to debug...
|
||||
serviceConfig =
|
||||
{ User = "minidlna";
|
||||
Group = "nogroup";
|
||||
Group = "minidlna";
|
||||
PermissionsStartOnly = true;
|
||||
Type = "forking";
|
||||
RuntimeDirectory = "minidlna";
|
||||
PIDFile = "/run/minidlna/pid";
|
||||
ExecStart =
|
||||
"@${pkgs.minidlna}/sbin/minidlnad minidlnad -P /run/minidlna/pid" +
|
||||
"${pkgs.minidlna}/sbin/minidlnad -S -P /run/minidlna/pid" +
|
||||
" -f ${pkgs.writeText "minidlna.conf" cfg.config}";
|
||||
};
|
||||
};
|
||||
|
@ -50,7 +50,7 @@ in
|
||||
after = [ "network.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
path = [ config.nix.package pkgs.bzip2 ];
|
||||
path = [ config.nix.package pkgs.bzip2.bin ];
|
||||
environment.NIX_REMOTE = "daemon";
|
||||
environment.NIX_SECRET_KEY_FILE = cfg.secretKeyFile;
|
||||
|
||||
|
@ -5,6 +5,7 @@ with lib;
|
||||
let
|
||||
|
||||
cfg = config.services.syncthing;
|
||||
defaultUser = "syncthing";
|
||||
|
||||
in
|
||||
|
||||
@ -17,6 +18,7 @@ in
|
||||
services.syncthing = {
|
||||
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to enable the Syncthing, self-hosted open-source alternative
|
||||
@ -26,7 +28,8 @@ in
|
||||
};
|
||||
|
||||
user = mkOption {
|
||||
default = "syncthing";
|
||||
type = types.string;
|
||||
default = defaultUser;
|
||||
description = ''
|
||||
Syncthing will be run under this user (user must exist,
|
||||
this can be your user name).
|
||||
@ -34,8 +37,8 @@ in
|
||||
};
|
||||
|
||||
all_proxy = mkOption {
|
||||
type = types.string;
|
||||
default = "";
|
||||
type = types.nullOr types.string;
|
||||
default = null;
|
||||
example = "socks5://address.com:1234";
|
||||
description = ''
|
||||
Overwrites all_proxy environment variable for the syncthing process to
|
||||
@ -45,6 +48,7 @@ in
|
||||
};
|
||||
|
||||
dataDir = mkOption {
|
||||
type = types.path;
|
||||
default = "/var/lib/syncthing";
|
||||
description = ''
|
||||
Path where the settings and keys will exist.
|
||||
@ -71,20 +75,33 @@ in
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
users = mkIf (cfg.user == defaultUser) {
|
||||
extraUsers."${defaultUser}" =
|
||||
{ group = defaultUser;
|
||||
home = cfg.dataDir;
|
||||
createHome = true;
|
||||
uid = config.ids.uids.syncthing;
|
||||
description = "Syncthing daemon user";
|
||||
};
|
||||
|
||||
extraGroups."${defaultUser}".gid =
|
||||
config.ids.gids.syncthing;
|
||||
};
|
||||
|
||||
systemd.services.syncthing =
|
||||
{
|
||||
description = "Syncthing service";
|
||||
after = [ "network.target" ];
|
||||
after = [ "network.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
environment = {
|
||||
STNORESTART = "yes"; # do not self-restart
|
||||
STNOUPGRADE = "yes";
|
||||
} //
|
||||
(config.networking.proxy.envVars) //
|
||||
(if cfg.all_proxy != "" then { all_proxy = cfg.all_proxy; } else {});
|
||||
inherit (cfg) all_proxy;
|
||||
} // config.networking.proxy.envVars;
|
||||
|
||||
serviceConfig = {
|
||||
User = "${cfg.user}";
|
||||
User = cfg.user;
|
||||
Group = optionalString (cfg.user == defaultUser) defaultUser;
|
||||
PermissionsStartOnly = true;
|
||||
Restart = "on-failure";
|
||||
ExecStart = "${pkgs.syncthing}/bin/syncthing -no-browser -home=${cfg.dataDir}";
|
||||
|
@ -14,21 +14,21 @@ let
|
||||
additionalBackends = pkgs.runCommand "additional-cups-backends" { }
|
||||
''
|
||||
mkdir -p $out
|
||||
if [ ! -e ${cups}/lib/cups/backend/smb ]; then
|
||||
if [ ! -e ${cups.out}/lib/cups/backend/smb ]; then
|
||||
mkdir -p $out/lib/cups/backend
|
||||
ln -sv ${pkgs.samba}/bin/smbspool $out/lib/cups/backend/smb
|
||||
fi
|
||||
|
||||
# Provide support for printing via HTTPS.
|
||||
if [ ! -e ${cups}/lib/cups/backend/https ]; then
|
||||
if [ ! -e ${cups.out}/lib/cups/backend/https ]; then
|
||||
mkdir -p $out/lib/cups/backend
|
||||
ln -sv ${cups}/lib/cups/backend/ipp $out/lib/cups/backend/https
|
||||
ln -sv ${cups.out}/lib/cups/backend/ipp $out/lib/cups/backend/https
|
||||
fi
|
||||
'';
|
||||
|
||||
# Here we can enable additional backends, filters, etc. that are not
|
||||
# part of CUPS itself, e.g. the SMB backend is part of Samba. Since
|
||||
# we can't update ${cups}/lib/cups itself, we create a symlink tree
|
||||
# we can't update ${cups.out}/lib/cups itself, we create a symlink tree
|
||||
# here and add the additional programs. The ServerBin directive in
|
||||
# cupsd.conf tells cupsd to use this tree.
|
||||
bindir = pkgs.buildEnv {
|
||||
|
@ -148,7 +148,7 @@ in {
|
||||
if [ "$(id -u)" = 0 ]; then chown -R elasticsearch ${cfg.dataDir}; fi
|
||||
'';
|
||||
postStart = mkBefore ''
|
||||
until ${pkgs.curl}/bin/curl -s -o /dev/null ${cfg.listenAddress}:${toString cfg.port}; do
|
||||
until ${pkgs.curl.bin}/bin/curl -s -o /dev/null ${cfg.listenAddress}:${toString cfg.port}; do
|
||||
sleep 1
|
||||
done
|
||||
'';
|
||||
|
@ -121,7 +121,7 @@ in
|
||||
|
||||
security.setuidOwners = singleton
|
||||
{ program = "dbus-daemon-launch-helper";
|
||||
source = "${pkgs.dbus_daemon}/libexec/dbus-daemon-launch-helper";
|
||||
source = "${pkgs.dbus_daemon.lib}/libexec/dbus-daemon-launch-helper";
|
||||
owner = "root";
|
||||
group = "messagebus";
|
||||
setuid = true;
|
||||
@ -139,6 +139,30 @@ in
|
||||
|
||||
systemd.services.dbus.restartTriggers = [ configDir ];
|
||||
|
||||
systemd.user = {
|
||||
services.dbus = {
|
||||
description = "D-Bus User Message Bus";
|
||||
requires = [ "dbus.socket" ];
|
||||
# NixOS doesn't support "Also" so we pull it in manually
|
||||
# As the .service is supposed to come up at the same time as
|
||||
# the .socket, we use basic.target instead of default.target
|
||||
wantedBy = [ "basic.target" ];
|
||||
serviceConfig = {
|
||||
ExecStart = "${pkgs.dbus_daemon}/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation";
|
||||
ExecReload = "${pkgs.dbus_daemon}/bin/dbus-send --print-reply --session --type=method_call --dest=org.freedesktop.DBus / org.freedesktop.DBus.ReloadConfig";
|
||||
};
|
||||
};
|
||||
|
||||
sockets.dbus = {
|
||||
description = "D-Bus User Message Bus Socket";
|
||||
socketConfig = {
|
||||
ListenStream = "%t/bus";
|
||||
ExecStartPost = "-${config.systemd.package}/bin/systemctl --user set-environment DBUS_SESSION_BUS_ADDRESS=unix:path=%t/bus";
|
||||
};
|
||||
wantedBy = [ "sockets.target" ];
|
||||
};
|
||||
};
|
||||
|
||||
environment.pathsToLink = [ "/etc/dbus-1" "/share/dbus-1" ];
|
||||
|
||||
};
|
||||
|
@ -64,14 +64,14 @@ in
|
||||
restartTriggers = [ config.environment.etc.hosts.source config.environment.etc."nsswitch.conf".source ];
|
||||
|
||||
serviceConfig =
|
||||
{ ExecStart = "@${pkgs.glibc}/sbin/nscd nscd -f ${cfgFile}";
|
||||
{ ExecStart = "@${pkgs.glibc.bin}/sbin/nscd nscd -f ${cfgFile}";
|
||||
Type = "forking";
|
||||
PIDFile = "/run/nscd/nscd.pid";
|
||||
Restart = "always";
|
||||
ExecReload =
|
||||
[ "${pkgs.glibc}/sbin/nscd --invalidate passwd"
|
||||
"${pkgs.glibc}/sbin/nscd --invalidate group"
|
||||
"${pkgs.glibc}/sbin/nscd --invalidate hosts"
|
||||
[ "${pkgs.glibc.bin}/sbin/nscd --invalidate passwd"
|
||||
"${pkgs.glibc.bin}/sbin/nscd --invalidate group"
|
||||
"${pkgs.glibc.bin}/sbin/nscd --invalidate hosts"
|
||||
];
|
||||
};
|
||||
|
||||
@ -79,7 +79,7 @@ in
|
||||
# its pid. So wait until it's ready.
|
||||
postStart =
|
||||
''
|
||||
while ! ${pkgs.glibc}/sbin/nscd -g -f ${cfgFile} > /dev/null; do
|
||||
while ! ${pkgs.glibc.bin}/sbin/nscd -g -f ${cfgFile} > /dev/null; do
|
||||
sleep 0.2
|
||||
done
|
||||
'';
|
||||
|
@ -113,21 +113,21 @@ in
|
||||
#include <abstractions/base>
|
||||
#include <abstractions/nameservice>
|
||||
|
||||
${pkgs.glibc}/lib/*.so mr,
|
||||
${pkgs.libevent}/lib/libevent*.so* mr,
|
||||
${pkgs.curl}/lib/libcurl*.so* mr,
|
||||
${pkgs.openssl}/lib/libssl*.so* mr,
|
||||
${pkgs.openssl}/lib/libcrypto*.so* mr,
|
||||
${pkgs.zlib}/lib/libz*.so* mr,
|
||||
${pkgs.libssh2}/lib/libssh2*.so* mr,
|
||||
${pkgs.glibc.out}/lib/*.so mr,
|
||||
${pkgs.libevent.out}/lib/libevent*.so* mr,
|
||||
${pkgs.curl.out}/lib/libcurl*.so* mr,
|
||||
${pkgs.openssl.out}/lib/libssl*.so* mr,
|
||||
${pkgs.openssl.out}/lib/libcrypto*.so* mr,
|
||||
${pkgs.zlib.out}/lib/libz*.so* mr,
|
||||
${pkgs.libssh2.out}/lib/libssh2*.so* mr,
|
||||
${pkgs.systemd}/lib/libsystemd*.so* mr,
|
||||
${pkgs.xz}/lib/liblzma*.so* mr,
|
||||
${pkgs.libgcrypt}/lib/libgcrypt*.so* mr,
|
||||
${pkgs.libgpgerror}/lib/libgpg-error*.so* mr,
|
||||
${pkgs.libnghttp2}/lib/libnghttp2*.so* mr,
|
||||
${pkgs.c-ares}/lib/libcares*.so* mr,
|
||||
${pkgs.libcap}/lib/libcap*.so* mr,
|
||||
${pkgs.attr}/lib/libattr*.so* mr,
|
||||
${pkgs.xz.out}/lib/liblzma*.so* mr,
|
||||
${pkgs.libgcrypt.out}/lib/libgcrypt*.so* mr,
|
||||
${pkgs.libgpgerror.out}/lib/libgpg-error*.so* mr,
|
||||
${pkgs.libnghttp2.out}/lib/libnghttp2*.so* mr,
|
||||
${pkgs.c-ares.out}/lib/libcares*.so* mr,
|
||||
${pkgs.libcap.out}/lib/libcap*.so* mr,
|
||||
${pkgs.attr.out}/lib/libattr*.so* mr,
|
||||
${pkgs.lz4}/lib/liblz4*.so* mr,
|
||||
|
||||
@{PROC}/sys/kernel/random/uuid r,
|
||||
|
@ -6,13 +6,13 @@ let
|
||||
|
||||
mainCfg = config.services.httpd;
|
||||
|
||||
httpd = mainCfg.package;
|
||||
httpd = mainCfg.package.out;
|
||||
|
||||
version24 = !versionOlder httpd.version "2.4";
|
||||
|
||||
httpdConf = mainCfg.configFile;
|
||||
|
||||
php = pkgs.php.override { apacheHttpd = httpd; };
|
||||
php = pkgs.php.override { apacheHttpd = httpd.dev; /* otherwise it only gets .out */ };
|
||||
|
||||
getPort = cfg: if cfg.port != 0 then cfg.port else if cfg.enableSSL then 443 else 80;
|
||||
|
||||
@ -685,6 +685,7 @@ in
|
||||
|
||||
serviceConfig.ExecStart = "@${httpd}/bin/httpd httpd -f ${httpdConf}";
|
||||
serviceConfig.ExecStop = "${httpd}/bin/httpd -f ${httpdConf} -k graceful-stop";
|
||||
serviceConfig.ExecReload = "${httpd}/bin/httpd -f ${httpdConf} -k graceful";
|
||||
serviceConfig.Type = "forking";
|
||||
serviceConfig.PIDFile = "${mainCfg.stateDir}/httpd.pid";
|
||||
serviceConfig.Restart = "always";
|
||||
|
@ -333,7 +333,7 @@ let
|
||||
|
||||
'version' => '${config.package.version}',
|
||||
|
||||
'openssl' => '${pkgs.openssl}/bin/openssl'
|
||||
'openssl' => '${pkgs.openssl.bin}/bin/openssl'
|
||||
|
||||
);
|
||||
|
||||
|
@ -39,7 +39,7 @@ in {
|
||||
"${pkgs.diffutils}"
|
||||
] ++
|
||||
(if config.mercurial then ["${pkgs.mercurial}"] else []) ++
|
||||
(if config.subversion then ["${pkgs.subversion}"] else []) ++
|
||||
(if config.subversion then ["${pkgs.subversion.out}"] else []) ++
|
||||
(if config.git then ["${pkgs.git}"] else []);
|
||||
|
||||
startupScript = pkgs.writeScript "activatePhabricator" ''
|
||||
|
@ -5,14 +5,19 @@ with lib;
|
||||
let
|
||||
|
||||
# Build a Subversion instance with Apache modules and Swig/Python bindings.
|
||||
subversion = pkgs.subversion.override (origArgs: {
|
||||
subversion = pkgs.subversion.override {
|
||||
bdbSupport = true;
|
||||
httpServer = true;
|
||||
pythonBindings = true;
|
||||
});
|
||||
apacheHttpd = httpd;
|
||||
};
|
||||
|
||||
pythonLib = p: "${p}/";
|
||||
|
||||
httpd = serverInfo.serverConfig.package;
|
||||
|
||||
versionPre24 = versionOlder httpd.version "2.4";
|
||||
|
||||
in
|
||||
|
||||
{
|
||||
@ -82,7 +87,7 @@ in
|
||||
AuthName "${config.ldapAuthentication.name}"
|
||||
AuthBasicProvider "ldap"
|
||||
AuthLDAPURL "${config.ldapAuthentication.url}"
|
||||
authzldapauthoritative Off
|
||||
${if versionPre24 then "authzldapauthoritative Off" else ""}
|
||||
require valid-user
|
||||
</LocationMatch>
|
||||
'' else ""}
|
||||
|
@ -166,7 +166,7 @@ in {
|
||||
};
|
||||
|
||||
environment.variables.GIO_EXTRA_MODULES = [ "${gnome3.dconf}/lib/gio/modules"
|
||||
"${gnome3.glib_networking}/lib/gio/modules"
|
||||
"${gnome3.glib_networking.out}/lib/gio/modules"
|
||||
"${gnome3.gvfs}/lib/gio/modules" ];
|
||||
environment.systemPackages = gnome3.corePackages ++ cfg.sessionPath
|
||||
++ (removePackagesByName gnome3.optionalPackages config.environment.gnome3.excludePackages);
|
||||
|
@ -62,13 +62,13 @@ in
|
||||
${config.hardware.pulseaudio.package}/bin/pactl load-module module-device-manager "do_routing=1"
|
||||
''}
|
||||
|
||||
exec ${kde5.plasma-workspace}/bin/startkde
|
||||
exec startkde
|
||||
'';
|
||||
};
|
||||
|
||||
security.setuidOwners = singleton {
|
||||
program = "kcheckpass";
|
||||
source = "${kde5.plasma-workspace}/lib/libexec/kcheckpass";
|
||||
source = "${kde5.plasma-workspace.out}/lib/libexec/kcheckpass";
|
||||
owner = "root";
|
||||
group = "root";
|
||||
setuid = true;
|
||||
@ -171,19 +171,22 @@ in
|
||||
|
||||
# Enable GTK applications to load SVG icons
|
||||
environment.variables = mkIf (lib.hasAttr "breeze-icons" kde5) {
|
||||
GDK_PIXBUF_MODULE_FILE = "${pkgs.librsvg}/lib/gdk-pixbuf-2.0/2.10.0/loaders.cache";
|
||||
GDK_PIXBUF_MODULE_FILE = "${pkgs.librsvg.out}/lib/gdk-pixbuf-2.0/2.10.0/loaders.cache";
|
||||
};
|
||||
|
||||
fonts.fonts = [ (kde5.oxygen-fonts or pkgs.noto-fonts) ];
|
||||
|
||||
programs.ssh.askPassword = "${kde5.ksshaskpass}/bin/ksshaskpass";
|
||||
programs.ssh.askPassword = "${kde5.ksshaskpass.out}/bin/ksshaskpass";
|
||||
|
||||
# Enable helpful DBus services.
|
||||
services.udisks2.enable = true;
|
||||
services.upower.enable = config.powerManagement.enable;
|
||||
|
||||
# Extra UDEV rules used by Solid
|
||||
services.udev.packages = [ pkgs.media-player-info ];
|
||||
services.udev.packages = [
|
||||
pkgs.libmtp
|
||||
pkgs.media-player-info
|
||||
];
|
||||
|
||||
services.xserver.displayManager.sddm = {
|
||||
theme = "breeze";
|
||||
|
@ -45,7 +45,7 @@ let
|
||||
|
||||
${optionalString cfg.startDbusSession ''
|
||||
if test -z "$DBUS_SESSION_BUS_ADDRESS"; then
|
||||
exec ${pkgs.dbus.tools}/bin/dbus-launch --exit-with-session "$0" "$sessionType"
|
||||
exec ${pkgs.dbus.dbus-launch} --exit-with-session "$0" "$sessionType"
|
||||
fi
|
||||
''}
|
||||
|
||||
@ -55,11 +55,11 @@ let
|
||||
# Start PulseAudio if enabled.
|
||||
${optionalString (config.hardware.pulseaudio.enable) ''
|
||||
${optionalString (!config.hardware.pulseaudio.systemWide)
|
||||
"${config.hardware.pulseaudio.package}/bin/pulseaudio --start"
|
||||
"${config.hardware.pulseaudio.package.out}/bin/pulseaudio --start"
|
||||
}
|
||||
|
||||
# Publish access credentials in the root window.
|
||||
${config.hardware.pulseaudio.package}/bin/pactl load-module module-x11-publish "display=$DISPLAY"
|
||||
${config.hardware.pulseaudio.package.out}/bin/pactl load-module module-x11-publish "display=$DISPLAY"
|
||||
''}
|
||||
|
||||
# Tell systemd about our $DISPLAY. This is needed by the
|
||||
@ -275,7 +275,7 @@ in
|
||||
};
|
||||
|
||||
config = {
|
||||
services.xserver.displayManager.xserverBin = "${xorg.xorgserver}/bin/X";
|
||||
services.xserver.displayManager.xserverBin = "${xorg.xorgserver.out}/bin/X";
|
||||
};
|
||||
|
||||
imports = [
|
||||
|
@ -24,9 +24,9 @@ let
|
||||
# This wrapper ensures that we actually get themes
|
||||
makeWrapper ${pkgs.lightdm_gtk_greeter}/sbin/lightdm-gtk-greeter \
|
||||
$out/greeter \
|
||||
--prefix PATH : "${pkgs.glibc}/bin" \
|
||||
--set GDK_PIXBUF_MODULE_FILE "${pkgs.gdk_pixbuf}/lib/gdk-pixbuf-2.0/2.10.0/loaders.cache" \
|
||||
--set GTK_PATH "${theme}:${pkgs.gtk3}" \
|
||||
--prefix PATH : "${pkgs.glibc.bin}/bin" \
|
||||
--set GDK_PIXBUF_MODULE_FILE "${pkgs.gdk_pixbuf.out}/lib/gdk-pixbuf-2.0/2.10.0/loaders.cache" \
|
||||
--set GTK_PATH "${theme}:${pkgs.gtk3.out}" \
|
||||
--set GTK_EXE_PREFIX "${theme}" \
|
||||
--set GTK_DATA_PREFIX "${theme}" \
|
||||
--set XDG_DATA_DIRS "${theme}/share:${icons}/share" \
|
||||
|
@ -48,7 +48,7 @@ let
|
||||
[XDisplay]
|
||||
MinimumVT=${toString xcfg.tty}
|
||||
ServerPath=${xserverWrapper}
|
||||
XephyrPath=${pkgs.xorg.xorgserver}/bin/Xephyr
|
||||
XephyrPath=${pkgs.xorg.xorgserver.out}/bin/Xephyr
|
||||
SessionCommand=${dmcfg.session.script}
|
||||
SessionDir=${dmcfg.session.desktops}
|
||||
XauthPath=${pkgs.xorg.xauth}/bin/xauth
|
||||
|
@ -41,7 +41,7 @@ with lib;
|
||||
{ description = "Terminal Server";
|
||||
|
||||
path =
|
||||
[ pkgs.xorgserver pkgs.gawk pkgs.which pkgs.openssl pkgs.xorg.xauth
|
||||
[ pkgs.xorgserver.out pkgs.gawk pkgs.which pkgs.openssl pkgs.xorg.xauth
|
||||
pkgs.nettools pkgs.shadow pkgs.procps pkgs.utillinux pkgs.bash
|
||||
];
|
||||
|
||||
|
@ -20,7 +20,7 @@ in
|
||||
services.xserver.windowManager.session = singleton
|
||||
{ name = "metacity";
|
||||
start = ''
|
||||
env LD_LIBRARY_PATH=${xorg.libX11}/lib:${xorg.libXext}/lib:/usr/lib/
|
||||
env LD_LIBRARY_PATH=${xorg.libX11.out}/lib:${xorg.libXext.out}/lib:/usr/lib/
|
||||
# !!! Hack: load the schemas for Metacity.
|
||||
GCONF_CONFIG_SOURCE=xml::~/.gconf ${gnome.GConf}/bin/gconftool-2 \
|
||||
--makefile-install-rule ${gnome.metacity}/etc/gconf/schemas/*.schemas # */
|
||||
|
@ -219,6 +219,12 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
dpi = mkOption {
|
||||
type = types.nullOr types.int;
|
||||
default = 0;
|
||||
description = "DPI resolution to use for X server.";
|
||||
};
|
||||
|
||||
startDbusSession = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
@ -450,7 +456,7 @@ in
|
||||
]);
|
||||
|
||||
environment.systemPackages =
|
||||
[ xorg.xorgserver
|
||||
[ xorg.xorgserver.out
|
||||
xorg.xrandr
|
||||
xorg.xrdb
|
||||
xorg.setxkbmap
|
||||
@ -487,7 +493,7 @@ in
|
||||
XKB_BINDIR = "${xorg.xkbcomp}/bin"; # Needed for the Xkb extension.
|
||||
XORG_DRI_DRIVER_PATH = "/run/opengl-driver/lib/dri"; # !!! Depends on the driver selected at runtime.
|
||||
LD_LIBRARY_PATH = concatStringsSep ":" (
|
||||
[ "${xorg.libX11}/lib" "${xorg.libXext}/lib" ]
|
||||
[ "${xorg.libX11.out}/lib" "${xorg.libXext.out}/lib" ]
|
||||
++ concatLists (catAttrs "libPath" cfg.drivers));
|
||||
} // cfg.displayManager.job.environment;
|
||||
|
||||
@ -513,12 +519,13 @@ in
|
||||
"-xkbdir" "${cfg.xkbDir}"
|
||||
] ++ optional (cfg.display != null) ":${toString cfg.display}"
|
||||
++ optional (cfg.tty != null) "vt${toString cfg.tty}"
|
||||
++ optional (cfg.dpi != null) "-dpi ${toString cfg.dpi}"
|
||||
++ optionals (cfg.display != null) [ "-logfile" "/var/log/X.${toString cfg.display}.log" ]
|
||||
++ optional (!cfg.enableTCP) "-nolisten tcp";
|
||||
|
||||
services.xserver.modules =
|
||||
concatLists (catAttrs "modules" cfg.drivers) ++
|
||||
[ xorg.xorgserver
|
||||
[ xorg.xorgserver.out
|
||||
xorg.xf86inputevdev
|
||||
];
|
||||
|
||||
|
@ -12,7 +12,8 @@ let
|
||||
'';
|
||||
});
|
||||
|
||||
path =
|
||||
path = map # outputs TODO?
|
||||
(pkg: (pkg.bin or (pkg.out or pkg)))
|
||||
[ pkgs.coreutils pkgs.gnugrep pkgs.findutils
|
||||
pkgs.glibc # needed for getent
|
||||
pkgs.shadow
|
||||
|
@ -436,9 +436,9 @@ in
|
||||
${optionalString luks.yubikeySupport ''
|
||||
copy_bin_and_libs ${pkgs.ykpers}/bin/ykchalresp
|
||||
copy_bin_and_libs ${pkgs.ykpers}/bin/ykinfo
|
||||
copy_bin_and_libs ${pkgs.openssl}/bin/openssl
|
||||
copy_bin_and_libs ${pkgs.openssl.bin}/bin/openssl
|
||||
|
||||
cc -O3 -I${pkgs.openssl}/include -L${pkgs.openssl}/lib ${./pbkdf2-sha512.c} -o pbkdf2-sha512 -lcrypto
|
||||
cc -O3 -I${pkgs.openssl}/include -L${pkgs.openssl.out}/lib ${./pbkdf2-sha512.c} -o pbkdf2-sha512 -lcrypto
|
||||
strip -s pbkdf2-sha512
|
||||
copy_bin_and_libs pbkdf2-sha512
|
||||
|
||||
|
@ -434,11 +434,8 @@ udevadm control --exit
|
||||
|
||||
# Reset the logging file descriptors.
|
||||
# Do this just before pkill, which will kill the tee process.
|
||||
if test -n "@logCommands@"
|
||||
then
|
||||
exec 1>&$logOutFd 2>&$logErrFd
|
||||
eval "exec $logOutFd>&- $logErrFd>&-"
|
||||
fi
|
||||
exec 1>&$logOutFd 2>&$logErrFd
|
||||
eval "exec $logOutFd>&- $logErrFd>&-"
|
||||
|
||||
# Kill any remaining processes, just to be sure we're not taking any
|
||||
# with us into stage 2. But keep storage daemons like unionfs-fuse.
|
||||
|
@ -67,6 +67,10 @@ let
|
||||
copy_bin_and_libs $BIN
|
||||
done
|
||||
|
||||
# Copy modprobe.
|
||||
copy_bin_and_libs ${pkgs.kmod}/bin/kmod
|
||||
ln -sf kmod $out/bin/modprobe
|
||||
|
||||
# Copy resize2fs if needed.
|
||||
${optionalString (any (fs: fs.autoResize) (attrValues config.fileSystems)) ''
|
||||
# We need mke2fs in the initrd.
|
||||
@ -76,7 +80,7 @@ let
|
||||
${config.boot.initrd.extraUtilsCommands}
|
||||
|
||||
# Copy ld manually since it isn't detected correctly
|
||||
cp -pv ${pkgs.glibc}/lib/ld*.so.? $out/lib
|
||||
cp -pv ${pkgs.glibc.out}/lib/ld*.so.? $out/lib
|
||||
|
||||
# Copy all of the needed libraries for the binaries
|
||||
for BIN in $(find $out/{bin,sbin} -type f); do
|
||||
|
@ -7,11 +7,14 @@ let
|
||||
kernel = config.boot.kernelPackages.kernel;
|
||||
activateConfiguration = config.system.activationScripts.script;
|
||||
|
||||
readonlyMountpoint = pkgs.runCommand "readonly-mountpoint" {} ''
|
||||
mkdir -p $out/bin
|
||||
cc -O3 ${./readonly-mountpoint.c} -o $out/bin/readonly-mountpoint
|
||||
strip -s $out/bin/readonly-mountpoint
|
||||
'';
|
||||
readonlyMountpoint = pkgs.stdenv.mkDerivation {
|
||||
name = "readonly-mountpoint";
|
||||
unpackPhase = "true";
|
||||
installPhase = ''
|
||||
mkdir -p $out/bin
|
||||
cc -O3 ${./readonly-mountpoint.c} -o $out/bin/readonly-mountpoint
|
||||
'';
|
||||
};
|
||||
|
||||
bootStage2 = pkgs.substituteAll {
|
||||
src = ./stage-2-init.sh;
|
||||
|
@ -18,9 +18,9 @@
|
||||
|
||||
boot.initrd.postDeviceCommands = ''
|
||||
# Hacky!!! fuse hard-codes the path to mount
|
||||
mkdir -p /nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-${pkgs.utillinux.name}/bin
|
||||
ln -s $(which mount) /nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-${pkgs.utillinux.name}/bin
|
||||
ln -s $(which umount) /nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-${pkgs.utillinux.name}/bin
|
||||
mkdir -p /nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-${pkgs.utillinux.name}-bin/bin
|
||||
ln -s $(which mount) /nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-${pkgs.utillinux.name}-bin/bin
|
||||
ln -s $(which umount) /nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-${pkgs.utillinux.name}-bin/bin
|
||||
'';
|
||||
})
|
||||
|
||||
|
@ -11,13 +11,13 @@ in
|
||||
{
|
||||
config = mkIf (any (fs: fs == "xfs") config.boot.supportedFilesystems) {
|
||||
|
||||
system.fsPackages = [ pkgs.xfsprogs ];
|
||||
system.fsPackages = [ pkgs.xfsprogs.bin ];
|
||||
|
||||
boot.initrd.availableKernelModules = mkIf inInitrd [ "xfs" "crc32c" ];
|
||||
|
||||
boot.initrd.extraUtilsCommands = mkIf inInitrd
|
||||
''
|
||||
copy_bin_and_libs ${pkgs.xfsprogs}/sbin/fsck.xfs
|
||||
copy_bin_and_libs ${pkgs.xfsprogs.bin}/bin/fsck.xfs
|
||||
'';
|
||||
|
||||
# Trick just to set 'sh' after the extraUtils nuke-refs.
|
||||
|
@ -89,4 +89,41 @@
|
||||
"15.09".us-west-2.hvm-s3 = "ami-2956b849";
|
||||
"15.09".us-west-2.pv-ebs = "ami-005fb160";
|
||||
"15.09".us-west-2.pv-s3 = "ami-cd55bbad";
|
||||
|
||||
"16.03".ap-northeast-1.hvm-ebs = "ami-885040e6";
|
||||
"16.03".ap-northeast-1.hvm-s3 = "ami-d15a4abf";
|
||||
"16.03".ap-northeast-1.pv-ebs = "ami-7f455511";
|
||||
"16.03".ap-northeast-1.pv-s3 = "ami-6d7d6d03";
|
||||
"16.03".ap-southeast-1.hvm-ebs = "ami-478a5f24";
|
||||
"16.03".ap-southeast-1.hvm-s3 = "ami-b2885dd1";
|
||||
"16.03".ap-southeast-1.pv-ebs = "ami-55b46136";
|
||||
"16.03".ap-southeast-1.pv-s3 = "ami-92b762f1";
|
||||
"16.03".ap-southeast-2.hvm-ebs = "ami-26b09345";
|
||||
"16.03".ap-southeast-2.hvm-s3 = "ami-52ac8f31";
|
||||
"16.03".ap-southeast-2.pv-ebs = "ami-1fb3907c";
|
||||
"16.03".ap-southeast-2.pv-s3 = "ami-49b1922a";
|
||||
"16.03".eu-central-1.hvm-ebs = "ami-2bd63744";
|
||||
"16.03".eu-central-1.hvm-s3 = "ami-82d435ed";
|
||||
"16.03".eu-central-1.pv-ebs = "ami-b729c8d8";
|
||||
"16.03".eu-central-1.pv-s3 = "ami-a12dccce";
|
||||
"16.03".eu-west-1.hvm-ebs = "ami-87c242f4";
|
||||
"16.03".eu-west-1.hvm-s3 = "ami-b6c343c5";
|
||||
"16.03".eu-west-1.pv-ebs = "ami-6bc94918";
|
||||
"16.03".eu-west-1.pv-s3 = "ami-00cb4b73";
|
||||
"16.03".sa-east-1.hvm-ebs = "ami-845cd3e8";
|
||||
"16.03".sa-east-1.hvm-s3 = "ami-8142cded";
|
||||
"16.03".sa-east-1.pv-ebs = "ami-1643cc7a";
|
||||
"16.03".sa-east-1.pv-s3 = "ami-1646c97a";
|
||||
"16.03".us-east-1.hvm-ebs = "ami-2cc4d046";
|
||||
"16.03".us-east-1.hvm-s3 = "ami-9bc9ddf1";
|
||||
"16.03".us-east-1.pv-ebs = "ami-7df4e017";
|
||||
"16.03".us-east-1.pv-s3 = "ami-90f2e6fa";
|
||||
"16.03".us-west-1.hvm-ebs = "ami-d8116db8";
|
||||
"16.03".us-west-1.hvm-s3 = "ami-a7166ac7";
|
||||
"16.03".us-west-1.pv-ebs = "ami-e90c7089";
|
||||
"16.03".us-west-1.pv-s3 = "ami-5b0c703b";
|
||||
"16.03".us-west-2.hvm-ebs = "ami-b339ccd3";
|
||||
"16.03".us-west-2.hvm-s3 = "ami-2c3bce4c";
|
||||
"16.03".us-west-2.pv-ebs = "ami-0625d066";
|
||||
"16.03".us-west-2.pv-s3 = "ami-7414e114";
|
||||
}
|
||||
|
@ -66,7 +66,7 @@ in
|
||||
|
||||
services.xserver.displayManager.sessionCommands =
|
||||
''
|
||||
PATH=${makeSearchPath "bin" [ pkgs.gnugrep pkgs.which pkgs.xorg.xorgserver ]}:$PATH \
|
||||
PATH=${makeSearchPath "bin" [ pkgs.gnugrep pkgs.which pkgs.xorg.xorgserver.out ]}:$PATH \
|
||||
${kernel.virtualboxGuestAdditions}/bin/VBoxClient-all
|
||||
'';
|
||||
|
||||
|
@ -14,7 +14,7 @@ import ./make-test.nix ({ pkgs, ... } : {
|
||||
services.cadvisor.storageDriver = "influxdb";
|
||||
services.influxdb.enable = true;
|
||||
systemd.services.influxdb.postStart = mkAfter ''
|
||||
${pkgs.curl}/bin/curl -X POST 'http://localhost:8086/db?u=root&p=root' \
|
||||
${pkgs.curl.bin}/bin/curl -X POST 'http://localhost:8086/db?u=root&p=root' \
|
||||
-d '{"name": "root"}'
|
||||
'';
|
||||
};
|
||||
|
@ -19,7 +19,7 @@ stdenv.mkDerivation rec{
|
||||
|
||||
configureFlags = [
|
||||
"--with-boost-libdir=${boost.lib}/lib"
|
||||
"--with-libcurl-headers=${curl}/include"
|
||||
"--with-libcurl-headers=${curl.dev}/include"
|
||||
] ++ optionals withGui [ "--with-gui=qt4" ];
|
||||
|
||||
meta = {
|
||||
|
@ -42,7 +42,7 @@ stdenv.mkDerivation rec {
|
||||
# have to do that ourself.
|
||||
patchPhase = ''
|
||||
printf '#include "libs/ardour/ardour/revision.h"\nnamespace ARDOUR { const char* revision = \"${tag}-${builtins.substring 0 8 src.rev}\"; }\n' > libs/ardour/revision.cc
|
||||
sed 's|/usr/include/libintl.h|${glibc}/include/libintl.h|' -i wscript
|
||||
sed 's|/usr/include/libintl.h|${glibc.dev}/include/libintl.h|' -i wscript
|
||||
patchShebangs ./tools/
|
||||
'';
|
||||
|
||||
|
@ -18,6 +18,12 @@ stdenv.mkDerivation rec {
|
||||
sha256 = "19fr674mw844zmkp1476yigkcnmb6zyn78av64ccdwi3p68i00rf";
|
||||
})];
|
||||
|
||||
# fix with gcc-5 from http://lists.freebsd.org/pipermail/freebsd-ports-bugs/2012-December/245884.html
|
||||
postPatch = ''
|
||||
substituteInPlace lib-src/libnyquist/nyquist/ffts/src/fftlib.c \
|
||||
--replace 'inline void' 'static inline void'
|
||||
'';
|
||||
|
||||
preConfigure = /* we prefer system-wide libs */ ''
|
||||
mv lib-src lib-src-rm
|
||||
mkdir lib-src
|
||||
|
@ -36,7 +36,7 @@ stdenv.mkDerivation rec {
|
||||
|
||||
cp -r . "$out/libexec/baudline/"
|
||||
|
||||
interpreter="$(echo ${stdenv.glibc}/lib/ld-linux*)"
|
||||
interpreter="$(echo ${stdenv.glibc.out}/lib/ld-linux*)"
|
||||
for prog in "$out"/libexec/baudline/baudline*; do
|
||||
patchelf --interpreter "$interpreter" "$prog"
|
||||
ln -sr "$prog" "$out/bin/"
|
||||
|
@ -25,7 +25,7 @@ stdenv.mkDerivation rec {
|
||||
postFixup = ''
|
||||
for executable in $(cd $out/bin && ls); do
|
||||
wrapProgram $out/bin/$executable \
|
||||
--prefix PATH : "${bc}/bin:${findutils}/bin:${sox}/bin:${procps}/bin:${opusTools}/bin:${lame}/bin:${flac}/bin"
|
||||
--prefix PATH : "${bc}/bin:${findutils}/bin:${sox}/bin:${procps}/bin:${opusTools}/bin:${lame}/bin:${flac.bin}/bin"
|
||||
done
|
||||
'';
|
||||
|
||||
|
@ -3,12 +3,12 @@
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
version = "0.9.9";
|
||||
version = "0.9.10";
|
||||
name = "drumgizmo-${version}";
|
||||
|
||||
src = fetchurl {
|
||||
url = "http://www.drumgizmo.org/releases/${name}/${name}.tar.gz";
|
||||
sha256 = "03dnh2p4s6n107n0r86h9j1jwy85a8qwjkh0288k60qpdqy1c7vp";
|
||||
sha256 = "142si734lsyywxhn7msiz053ir96kl5im3h1jql3vhcb4807f3d1";
|
||||
};
|
||||
|
||||
configureFlags = [ "--enable-lv2" ];
|
||||
|
@ -8,12 +8,12 @@ stdenv.mkDerivation rec {
|
||||
sha256 = "4773c0099dba767d963fd92143263be338c48702172e8754b9bc5103efe1c56c";
|
||||
};
|
||||
|
||||
outputs = [ "out" "doc" ];
|
||||
|
||||
buildInputs = [ libogg ];
|
||||
|
||||
#doCheck = true; # takes lots of time
|
||||
|
||||
outputs = [ "dev" "out" "bin" "doc" ];
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
homepage = http://xiph.org/flac/;
|
||||
description = "Library and tools for encoding and decoding the FLAC lossless audio file format";
|
||||
|
@ -36,7 +36,7 @@ stdenv.mkDerivation rec {
|
||||
buildPhase = ''
|
||||
patchelf \
|
||||
--set-interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" \
|
||||
--set-rpath "$out/opt/google/musicmanager:${readline}/lib:${ncurses}/lib:${stdenv.cc.libc}/lib:${qt48}/lib:${stdenv.cc.cc}/lib:${libidn}/lib:${expat}/lib:${flac}/lib:${libvorbis}/lib" opt/google/musicmanager/MusicManager
|
||||
--set-rpath "$out/opt/google/musicmanager:${stdenv.lib.makeLibraryPath [ readline ncurses stdenv.cc.libc.out qt48 stdenv.cc.cc libidn expat flac libvorbis ]}" opt/google/musicmanager/MusicManager
|
||||
'';
|
||||
|
||||
dontPatchELF = true;
|
||||
|
30
pkgs/applications/audio/japa/default.nix
Normal file
30
pkgs/applications/audio/japa/default.nix
Normal file
@ -0,0 +1,30 @@
|
||||
{ stdenv, fetchurl, alsaLib, libjack2, fftwFloat, libclthreads, libclxclient, libX11, libXft, zita-alsa-pcmi, }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
version = "0.8.4";
|
||||
name = "japa-${version}";
|
||||
|
||||
src = fetchurl {
|
||||
url = "http://kokkinizita.linuxaudio.org/linuxaudio/downloads/${name}.tar.bz2";
|
||||
sha256 = "1jhj7s4vqk5c4lchdall0kslvj5sh91902hhfjvs6r3a5nrhwcp0";
|
||||
};
|
||||
|
||||
buildInputs = [ alsaLib libjack2 fftwFloat libclthreads libclxclient libX11 libXft zita-alsa-pcmi ];
|
||||
|
||||
preConfigure = ''
|
||||
cd ./source/
|
||||
'';
|
||||
|
||||
makeFlags = [
|
||||
"PREFIX=$(out)"
|
||||
"SUFFIX=''"
|
||||
];
|
||||
|
||||
meta = {
|
||||
description = "A 'perceptual' or 'psychoacoustic' audio spectrum analyser for JACK and ALSA";
|
||||
homepage = http://kokkinizita.linuxaudio.org/linuxaudio/index.html;
|
||||
license = stdenv.lib.licenses.gpl2;
|
||||
maintainers = [ stdenv.lib.maintainers.magnetophon ];
|
||||
platforms = stdenv.lib.platforms.linux;
|
||||
};
|
||||
}
|
@ -29,7 +29,7 @@ stdenv.mkDerivation rec {
|
||||
'';
|
||||
|
||||
preBuild=''
|
||||
export CPATH=${zlib}/lib
|
||||
export CPATH=${zlib.out}/lib
|
||||
'';
|
||||
|
||||
buildInputs = [ SDL alsaLib autoconf automake libjack2 perl zlib zziplib ];
|
||||
|
@ -1,5 +1,5 @@
|
||||
{ fetchurl, stdenv, pkgconfig, libpulseaudio, gtkmm, libglademm
|
||||
, dbus_glib, gconfmm, intltool }:
|
||||
, dbus_glib, GConf, gconfmm, intltool }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "paprefs-0.9.10";
|
||||
@ -13,6 +13,8 @@ stdenv.mkDerivation rec {
|
||||
|
||||
nativeBuildInputs = [ pkgconfig intltool ];
|
||||
|
||||
propagatedUserEnvPkgs = [ GConf ];
|
||||
|
||||
configureFlags = [ "--disable-lynx" ];
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
|
@ -1,11 +1,11 @@
|
||||
{ fetchurl, stdenv, dpkg, xorg, alsaLib, makeWrapper, openssl_1_0_1, freetype
|
||||
{ fetchurl, stdenv, dpkg, xorg, alsaLib, makeWrapper, openssl, freetype
|
||||
, glib, pango, cairo, atk, gdk_pixbuf, gtk, cups, nspr, nss, libpng, GConf
|
||||
, libgcrypt, udev, fontconfig, dbus, expat, ffmpeg_0_10, curl, zlib, gnome }:
|
||||
, libgcrypt, libudev, fontconfig, dbus, expat, ffmpeg_0_10, curl, zlib, gnome }:
|
||||
|
||||
assert stdenv.system == "x86_64-linux";
|
||||
|
||||
let
|
||||
version = "1.0.26.125.g64dc8bc6-14";
|
||||
version = "1.0.27.71.g0a26e3b2-9";
|
||||
|
||||
deps = [
|
||||
alsaLib
|
||||
@ -27,7 +27,7 @@ let
|
||||
nss
|
||||
pango
|
||||
stdenv.cc.cc
|
||||
udev
|
||||
libudev
|
||||
xorg.libX11
|
||||
xorg.libXcomposite
|
||||
xorg.libXcursor
|
||||
@ -50,7 +50,7 @@ stdenv.mkDerivation {
|
||||
src =
|
||||
fetchurl {
|
||||
url = "http://repository-origin.spotify.com/pool/non-free/s/spotify-client/spotify-client_${version}_amd64.deb";
|
||||
sha256 = "09wanpml2a6k8asfc0pd56n7fia37amgsplsan1qdh6dwdzr3rv5";
|
||||
sha256 = "1rs08cvn0y1lzazlmzj4sn2iyacadwi6j70n5c7rvfvvs4p61p42";
|
||||
};
|
||||
|
||||
buildInputs = [ dpkg makeWrapper ];
|
||||
@ -68,10 +68,10 @@ stdenv.mkDerivation {
|
||||
# Work around Spotify referring to a specific minor version of
|
||||
# OpenSSL.
|
||||
|
||||
ln -s ${openssl_1_0_1}/lib/libssl.so $libdir/libssl.so.1.0.0
|
||||
ln -s ${openssl_1_0_1}/lib/libcrypto.so $libdir/libcrypto.so.1.0.0
|
||||
ln -s ${nspr}/lib/libnspr4.so $libdir/libnspr4.so
|
||||
ln -s ${nspr}/lib/libplc4.so $libdir/libplc4.so
|
||||
ln -s ${openssl.out}/lib/libssl.so $libdir/libssl.so.1.0.0
|
||||
ln -s ${openssl.out}/lib/libcrypto.so $libdir/libcrypto.so.1.0.0
|
||||
ln -s ${nspr.out}/lib/libnspr4.so $libdir/libnspr4.so
|
||||
ln -s ${nspr.out}/lib/libplc4.so $libdir/libplc4.so
|
||||
|
||||
rpath="$out/share/spotify:$libdir"
|
||||
|
||||
|
@ -10,7 +10,7 @@ stdenv.mkDerivation rec {
|
||||
};
|
||||
|
||||
patchPhase = ''
|
||||
sed -e "s#xsltproc#${libxslt}/bin/xsltproc#" -i Makefile
|
||||
sed -e "s#xsltproc#${libxslt.bin}/bin/xsltproc#" -i Makefile
|
||||
sed -e "s#PREFIX = /usr/local#PREFIX = $out#" -i Makefile
|
||||
'';
|
||||
|
||||
|
@ -22,7 +22,7 @@ stdenv.mkDerivation rec {
|
||||
|
||||
preConfigure = "cd src";
|
||||
|
||||
cmakeFlags = [ "-DFLTK_MATH_LIBRARY=${stdenv.glibc}/lib/libm.so -DCMAKE_INSTALL_DATAROOTDIR=$out" ];
|
||||
cmakeFlags = [ "-DFLTK_MATH_LIBRARY=${stdenv.glibc.out}/lib/libm.so -DCMAKE_INSTALL_DATAROOTDIR=$out" ];
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "high quality software synthesizer based on ZynAddSubFX";
|
||||
|
@ -1,13 +1,15 @@
|
||||
{ stdenv, fetchurl, makeWrapper, jre, cpio, gawk, gnugrep, gnused, procps, swt, gtk2, glib, libXtst }:
|
||||
|
||||
let version = "4.6.0";
|
||||
let
|
||||
version = "4.6.0";
|
||||
rev = "2"; #tracks unversioned changes that occur on download.code42.com from time to time
|
||||
|
||||
in stdenv.mkDerivation rec {
|
||||
name = "crashplan-${version}";
|
||||
name = "crashplan-${version}-r${rev}";
|
||||
|
||||
crashPlanArchive = fetchurl {
|
||||
url = "https://download.code42.com/installs/linux/install/CrashPlan/CrashPlan_${version}_Linux.tgz";
|
||||
sha256 = "0h9zk6i1pdvl101c8l4v4x6i7q4wkmkqp2dkm0lq7ha96lrvac47";
|
||||
sha256 = "13rmmdj048r8k4v7ig4i6pnvwyzc1vasfgksf070bx6ksklgbq47";
|
||||
};
|
||||
|
||||
srcs = [ crashPlanArchive ];
|
||||
|
@ -72,7 +72,7 @@ stdenv.mkDerivation {
|
||||
|
||||
nativeBuildInputs = [ lndir makeQtWrapper ];
|
||||
buildInputs = [ unwrapped ] ++ themes;
|
||||
inherit themes;
|
||||
themes = map (pkg: pkg.out or pkg) themes;
|
||||
inherit unwrapped;
|
||||
|
||||
installPhase = ''
|
||||
@ -81,7 +81,7 @@ stdenv.mkDerivation {
|
||||
mkdir -p "$out/share/sddm"
|
||||
for pkg in $unwrapped $themes; do
|
||||
local sddmDir="$pkg/share/sddm"
|
||||
if [[ -d "$sddmDir" ]]; then
|
||||
if [ -d "$sddmDir" ]; then
|
||||
lndir -silent "$sddmDir" "$out/share/sddm"
|
||||
fi
|
||||
done
|
||||
|
@ -1,5 +1,5 @@
|
||||
{ stdenv, fetchurl, cmake, pkgconfig, xorg, libjpeg, libpng
|
||||
, fontconfig, freetype, pam, dbus_libs, makeWrapper, pkgs }:
|
||||
, fontconfig, freetype, pam, dbus_libs, makeWrapper }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "slim-1.3.6";
|
||||
@ -34,7 +34,7 @@ stdenv.mkDerivation rec {
|
||||
|
||||
buildInputs =
|
||||
[ cmake pkgconfig libjpeg libpng fontconfig freetype
|
||||
pam dbus_libs
|
||||
pam dbus_libs (stdenv.cc.libc.out or null)
|
||||
xorg.libX11 xorg.libXext xorg.libXrandr xorg.libXrender xorg.libXmu xorg.libXft makeWrapper
|
||||
];
|
||||
|
||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
x
Reference in New Issue
Block a user