public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'closure-size' (#7701) into staging

Browse Source
This commit is contained in:
Vladimír Čunát 2016-04-10 11:37:43 +02:00
commit 4fa9983ab2
1195 changed files with 67145 additions and 31682 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
.github/ISSUE_TEMPLATE.md vendored
View File

@ -1,17 +1,13 @@
## Basic info
## Issue description
To make sure that we are on the same page:
* Kernel: (run `uname -a`)
* System: (NixOS: `nixos-version`, Ubuntu/Fedora: `lsb_release -a`, ...)
* Nix version: (run `nix-env --version`)
* Nixpkgs version: (run `nix-instantiate --eval '<nixpkgs>' -A lib.nixpkgsVersion`)
## Describe your issue here
### Expected result
### Actual result
### Steps to reproduce
## Technical details
* System: (NixOS: `nixos-version`, Ubuntu/Fedora: `lsb_release -a`, ...)
* Nix version: (run `nix-env --version`)
* Nixpkgs version: (run `nix-instantiate --eval '<nixpkgs>' -A lib.nixpkgsVersion`)

8
README.md
View File

@ -14,12 +14,12 @@ build daemon as so-called channels. To get channel information via git, add
```
For stability and maximum binary package support, it is recommended to maintain
custom changes on top of one of the channels, e.g. `nixos-15.09` for the latest
custom changes on top of one of the channels, e.g. `nixos-16.03` for the latest
release and `nixos-unstable` for the latest successful build of master:
```
% git remote update channels
% git rebase channels/nixos-15.09
% git rebase channels/nixos-16.03
```
For pull-requests, please rebase onto nixpkgs `master`.
@ -33,9 +33,9 @@ For pull-requests, please rebase onto nixpkgs `master`.
* [Manual (NixOS)](https://nixos.org/nixos/manual/)
* [Nix Wiki](https://nixos.org/wiki/)
* [Continuous package builds for unstable/master](https://hydra.nixos.org/jobset/nixos/trunk-combined)
* [Continuous package builds for 15.09 release](https://hydra.nixos.org/jobset/nixos/release-15.09)
* [Continuous package builds for 16.03 release](https://hydra.nixos.org/jobset/nixos/release-16.03)
* [Tests for unstable/master](https://hydra.nixos.org/job/nixos/trunk-combined/tested#tabs-constituents)
* [Tests for 15.09 release](https://hydra.nixos.org/job/nixos/release-15.09/tested#tabs-constituents)
* [Tests for 16.03 release](https://hydra.nixos.org/job/nixos/release-16.03/tested#tabs-constituents)
Communication:

37
doc/introduction.md
View File

@ -6,13 +6,14 @@ date: 2015-11-25
# Introduction
The Nix Packages collection (Nixpkgs) is a set of over 30,000 packages for the
[Nix package manager](http://nixos.org/nix/), released under a [permissive MIT/X11 license](https://github.com/NixOS/nixpkgs/blob/master/COPYING).
Packages are available for several architectures, and can be used with the Nix package manager
on most GNU/Linux distributions as well as NixOS.
The Nix Packages collection (Nixpkgs) is a set of thousands of packages for the
[Nix package manager](http://nixos.org/nix/), released under a
[permissive MIT/X11 license](https://github.com/NixOS/nixpkgs/blob/master/COPYING).
Packages are available for several platforms, and can be used with the Nix
package manager on most GNU/Linux distributions as well as NixOS.
This manual describes how to write packages for the Nix Packages collection
(Nixpkgs). Thus its for packagers and developers who want to add packages to
This manual primarily describes how to write packages for the Nix Packages collection
(Nixpkgs). Thus its mainly for packagers and developers who want to add packages to
Nixpkgs. If you like to learn more about the Nix package manager and the Nix
expression language, then you are kindly referred to the [Nix manual](http://nixos.org/nix/manual/).
@ -20,29 +21,33 @@ expression language, then you are kindly referred to the [Nix manual](http://nix
Nix expressions describe how to build packages from source and are collected in
the [nixpkgs repository](https://github.com/NixOS/nixpkgs). Also included in the
collection are Nix expressions for [NixOS modules](http://nixos.org/nixos/manual/index.html#sec-writing-modules). With
these expressions the Nix package manager can build binary packages.
collection are Nix expressions for
[NixOS modules](http://nixos.org/nixos/manual/index.html#sec-writing-modules).
With these expressions the Nix package manager can build binary packages.
Packages, including the Nix packages collection, are distributed through
[channels](http://nixos.org/nix/manual/#sec-channels). The collection is
distributed for users of Nix on non-NixOS distributions through the channel
`nixpkgs`. Users of NixOS generally use one of the `nixos-*` channels, e.g.
`nixos-15.09`, which includes all packages and modules for the stable NixOS
15.09. The channels of the stable NixOS releases are generally only given
`nixos-16.03`, which includes all packages and modules for the stable NixOS
16.03. The purpose of stable NixOS releases are generally only given
security updates. More up to date packages and modules are available via the
`nixos-unstable` channel.
Both `nixos-unstable` and `nixpkgs` follow the `master` branch of the Nixpkgs
repository, although both do lag the `master` branch by generally [a couple of days](http://howoldis.herokuapp.com/). Updates to a channel are distributed as
soon as all tests for that channel pass, e.g. [this table](http://hydra.nixos.org/job/nixpkgs/trunk/unstable#tabs-constituents)
repository, although both do lag the `master` branch by generally
[a couple of days](http://howoldis.herokuapp.com/). Updates to a channel are
distributed as soon as all tests for that channel pass, e.g.
[this table](http://hydra.nixos.org/job/nixpkgs/trunk/unstable#tabs-constituents)
shows the status of tests for the `nixpkgs` channel.
The tests are conducted by a cluster called [Hydra](http://nixos.org/hydra/),
which also builds binary packages from the Nix expressions in Nixpkgs. As soon
as a channel is updated, the binaries are made available via a [binary cache](https://cache.nixos.org). Until the channel updates, binaries that have
already been built, are available via [Hydra's binary cache](https://hydra.nixos.org).
which also builds binary packages from the Nix expressions in Nixpkgs for
`x86_64-linux`, `i686-linux` and `x86_64-darwin`.
The binaries are made available via a [binary cache](https://cache.nixos.org).
The current Nix expressions of the channels are available in the
[`nixpkgs-channels`](https://github.com/NixOS/nixpkgs-channels) repository,
which has branches corresponding to the available channels. There is also the
Nixpkgs Monitor which keeps track of updates and security vulnerabilities.
[Nixpkgs Monitor](http://monitor.nixos.org) which keeps track of updates
and security vulnerabilities.

1
doc/manual.xml
View File

@ -12,6 +12,7 @@
<xi:include href="introduction.xml" />
<xi:include href="quick-start.xml" />
<xi:include href="stdenv.xml" />
<xi:include href="multiple-output.xml" />
<xi:include href="configuration.xml" />
<xi:include href="functions.xml" />
<xi:include href="meta.xml" />

91
doc/multiple-output.xml Normal file
View File

@ -0,0 +1,91 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE chapter [
<!ENTITY ndash "&#x2013;"> <!-- @vcunat likes to use this one ;-) -->
]>
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xml:id="chap-multiple-output">
<title>Multiple-output packages</title>
<section><title>Introduction</title>
<para>The Nix language allows a derivation to produce multiple outputs, which is similar to what is utilized by other Linux distribution packaging systems. The outputs reside in separate nix store paths, so they can be mostly handled independently of each other, including passing to build inputs, garbage collection or binary substitution. The exception is that building from source always produces all the outputs.</para>
<para>The main motivation is to save disk space by reducing runtime closure sizes; consequently also sizes of substituted binaries get reduced. Splitting can be used to have more granular runtime dependencies, for example the typical reduction is to split away development-only files, as those are typically not needed during runtime. As a result, closure sizes of many packages can get reduced to a half or even much less.</para>
<note><para>The reduction effects could be instead achieved by building the parts in completely separate derivations. That would often additionally reduce build-time closures, but it tends to be much harder to write such derivations, as build systems typically assume all parts are being built at once. This compromise approach of single source package producing multiple binary packages is also utilized often by rpm and deb.</para></note>
</section>
<section><title>Installing a split package</title>
<para>When installing a package via <varname>systemPackages</varname> or <command>nix-env</command> you have several options:</para>
<warning><para>Currently <command>nix-env</command> almost always installs all outputs until https://github.com/NixOS/nix/pull/815 gets merged.</para></warning>
<itemizedlist>
<listitem><para>You can install particular outputs explicitly, as each is available in the Nix language as an attribute of the package. The <varname>outputs</varname> attribute contains a list of output names.</para></listitem>
<listitem><para>You can let it use the default outputs. These are handled by <varname>meta.outputsToInstall</varname> attribute that contains a list of output names.</para>
<para>TODO: more about tweaking the attribute, etc.</para></listitem>
<listitem><para>NixOS provides configuration option <varname>environment.extraOutputsToInstall</varname> that allows adding extra outputs of <varname>environment.systemPackages</varname> atop the default ones. It's mainly meant for documentation and debug symbols, and it's also modified by specific options.</para>
<note><para>At this moment there is no similar configurability for packages installed by <command>nix-env</command>. You can still use approach from <xref linkend="sec-modify-via-packageOverrides" /> to override <varname>meta.outputsToInstall</varname> attributes, but that's a rather inconvenient way.</para></note>
</listitem>
</itemizedlist>
</section>
<section><title>Using a split package</title>
<para>In the Nix language the individual outputs can be reached explicitly as attributes, e.g. <varname>coreutils.info</varname>, but the typical case is just using packages as build inputs.</para>
<para>When a multiple-output derivation gets into a build input of another derivation, the first output is added (<varname>.dev</varname> by convention) and also <varname>propagatedBuildOutputs</varname> of that package which by default contain <varname>$outputBin</varname> and <varname>$outputLib</varname>. (See <xref linkend="multiple-output-file-type-groups" />.)</para>
</section>
<section><title>Writing a split derivation</title>
<para>Here you find how to write a derivation that produces multiple outputs.</para>
<para>In nixpkgs there is a framework supporting multiple-output derivations. It tries to cover most cases by default behavior. You can find the source separated in &lt;<filename>nixpkgs/pkgs/build-support/setup-hooks/multiple-outputs.sh</filename>&gt;; it's relatively well-readable. The whole machinery is triggered by defining the <varname>outputs</varname> attribute to contain the list of desired output names (strings).</para>
<programlisting>outputs = [ "dev" "out" "bin" "doc" ];</programlisting>
<para>Often such a single line is enough. For each output an equally named environment variable is passed to the builder and contains the path in nix store for that output. By convention, the first output should usually be <varname>dev</varname>; typically you also want to have the main <varname>out</varname> output, as it catches any files that didn't get elsewhere.</para>
<note><para>There is a special handling of the <varname>debug</varname> output, described at <xref linkend="stdenv-separateDebugInfo" />.</para></note>
<section xml:id="multiple-output-file-type-groups">
<title>File type groups</title>
<para>The support code currently recognizes some particular kinds of outputs and either instructs the build system of the package to put files into their desired outputs or it moves the files during the fixup phase. Each group of file types has an <varname>outputFoo</varname> variable specifying the output name where they should go. If that variable isn't defined by the derivation writer, it is guessed &ndash; a default output name is defined, falling back to other possibilities if the output isn't defined.</para>
<variablelist>
<varlistentry><term><varname>
$outputDev</varname></term><listitem><para>
is for development-only files. These include C(++) headers, pkg-config, cmake and aclocal files. They go to <varname>dev</varname> or <varname>out</varname> by default.
</para></listitem></varlistentry>
<varlistentry><term><varname>
$outputBin</varname></term><listitem><para>
is meant for user-facing binaries, typically residing in bin/. They go to <varname>bin</varname> or <varname>out</varname> by default.
</para></listitem></varlistentry>
<varlistentry><term><varname>
$outputLib</varname></term><listitem><para>
is meant for libraries, typically residing in <filename>lib/</filename> and <filename>libexec/</filename>. They go to <varname>lib</varname> or <varname>out</varname> by default.
</para></listitem></varlistentry>
<varlistentry><term><varname>
$outputDoc</varname></term><listitem><para>
is for user documentation, typically residing in <filename>share/doc/</filename>. It goes to <varname>doc</varname> or <varname>out</varname> by default.
</para></listitem></varlistentry>
<varlistentry><term><varname>
$outputDocdev</varname></term><listitem><para>
is for <emphasis>developer</emphasis> documentation. Currently we count gtk-doc and man3 pages in there. It goes to <varname>docdev</varname> or is removed (!) by default. This is because e.g. gtk-doc tends to be rather large and completely unused by nixpkgs users.
</para></listitem></varlistentry>
<varlistentry><term><varname>
$outputMan</varname></term><listitem><para>
is for man pages (except for section 3). They go to <varname>man</varname> or <varname>doc</varname> or <varname>$outputBin</varname> by default.
</para></listitem></varlistentry>
<varlistentry><term><varname>
$outputInfo</varname></term><listitem><para>
is for info pages. They go to <varname>info</varname> or <varname>doc</varname> or <varname>$outputMan</varname> by default.
</para></listitem></varlistentry>
</variablelist>
</section>
<section><title>Common caveats</title>
<itemizedlist>
<listitem><para>Some configure scripts don't like some of the parameters passed by default by the framework, e.g. <literal>--docdir=/foo/bar</literal>. You can disable this by setting <literal>setOutputFlags = false;</literal>.</para></listitem>
<listitem><para>The outputs of a single derivation can retain references to each other, but note that circular references are not allowed. (And each strongly-connected component would act as a single output anyway.)</para></listitem>
<listitem><para>Most of split packages contain their core functionality in libraries. These libraries tend to refer to various kind of data that typically gets into <varname>out</varname>, e.g. locale strings, so there is often no advantage in separating the libraries into <varname>lib</varname>, as keeping them in <varname>out</varname> is easier.</para></listitem>
<listitem><para>Some packages have hidden assumptions on install paths, which complicates splitting.</para></listitem>
</itemizedlist>
</section>
</section><!--Writing a split derivation-->
</chapter>

2
doc/stdenv.xml
View File

@ -956,7 +956,7 @@ following:
phase.</para></listitem>
</varlistentry>
<varlistentry>
<varlistentry xml:id="stdenv-separateDebugInfo">
<term><varname>separateDebugInfo</varname></term>
<listitem><para>If set to <literal>true</literal>, the standard
environment will enable debug information in C/C++ builds. After

2
lib/customisation.nix
View File

@ -129,7 +129,7 @@ rec {
};
outputsList = map outputToAttrListElement outputs;
in commonAttrs.${drv.outputName};
in commonAttrs // { outputUnspecified = true; };
/* Strip a derivation of all non-essential attributes, returning

3
lib/maintainers.nix
View File

@ -81,6 +81,7 @@
copumpkin = "Dan Peebles <pumpkingod@gmail.com>";
coroa = "Jonas Hörsch <jonas@chaoflow.net>";
couchemar = "Andrey Pavlov <couchemar@yandex.ru>";
CrystalGamma = "Jona Stubbe <nixos@crystalgamma.de>";
cstrahan = "Charles Strahan <charles.c.strahan@gmail.com>";
cwoac = "Oliver Matthews <oliver@codersoffortune.net>";
DamienCassou = "Damien Cassou <damien@cassou.me>";
@ -117,6 +118,7 @@
ertes = "Ertugrul Söylemez <ertesx@gmx.de>";
exi = "Reno Reckling <nixos@reckling.org>";
exlevan = "Alexey Levan <exlevan@gmail.com>";
expipiplus1 = "Joe Hermaszewski <nix@monoid.al>";
fadenb = "Tristan Helmich <tristan.helmich+nixos@gmail.com>";
falsifian = "James Cook <james.cook@utoronto.ca>";
flosse = "Markus Kohlhase <mail@markus-kohlhase.de>";
@ -186,6 +188,7 @@
ktosiek = "Tomasz Kontusz <tomasz.kontusz@gmail.com>";
lassulus = "Lassulus <lassulus@gmail.com>";
layus = "Guillaume Maudoux <layus.on@gmail.com>";
ldesgoui = "Lucas Desgouilles <ldesgoui@gmail.com>";
lebastr = "Alexander Lebedev <lebastr@gmail.com>";
leenaars = "Michiel Leenaars <ml.software@leenaa.rs>";
leonardoce = "Leonardo Cecchi <leonardo.cecchi@gmail.com>";

6
lib/strings.nix
View File

@ -98,7 +98,9 @@ rec {
makeLibraryPath [ pkgs.openssl pkgs.zlib ]
=> "/nix/store/9rz8gxhzf8sw4kf2j2f1grr49w8zx5vj-openssl-1.0.1r/lib:/nix/store/wwh7mhwh269sfjkm6k5665b5kgp7jrk2-zlib-1.2.8/lib"
*/
makeLibraryPath = makeSearchPath "lib";
makeLibraryPath = pkgs: makeSearchPath "lib"
# try to guess the right output of each pkg
(map (pkg: pkg.lib or (pkg.out or pkg)) pkgs);
/* Construct a binary search path (such as $PATH) containing the
binaries for a set of packages.
@ -258,7 +260,7 @@ rec {
/* Cut a string with a separator and produces a list of strings which
were separated by this separator.
NOTE: this function is not performant and should be avoided
NOTE: this function is not performant and should never be used.
Example:
splitString "." "foo.bar.baz"

4
maintainers/scripts/find-tarballs.nix
View File

@ -14,12 +14,12 @@ let
operator = const [ ];
});
urls = map (drv: { url = head drv.urls; hash = drv.outputHash; type = drv.outputHashAlgo; }) fetchurlDependencies;
urls = map (drv: { url = head (drv.urls or [ drv.url ]); hash = drv.outputHash; type = drv.outputHashAlgo; }) fetchurlDependencies;
fetchurlDependencies =
filter
(drv: drv.outputHash or "" != "" && drv.outputHashMode or "flat" == "flat"
&& drv.postFetch or "" == "" && drv ? urls)
&& drv.postFetch or "" == "" && (drv ? url || drv ? urls))
dependencies;
dependencies = map (x: x.value) (genericClosure {

2
nixos/doc/manual/default.nix
View File

@ -44,7 +44,7 @@ let
echo "for hints about the offending path)."
exit 1
fi
${libxslt}/bin/xsltproc \
${libxslt.bin}/bin/xsltproc \
--stringparam revision '${revision}' \
-o $out ${./options-to-docbook.xsl} $optionsXML
'';

16
nixos/doc/manual/installation/installing-usb.xml
View File

@ -7,10 +7,18 @@
<title>Booting from a USB Drive</title>
<para>For systems without CD drive, the NixOS live CD can be booted from
a USB stick. For non-UEFI installations,
<link xlink:href="http://unetbootin.sourceforge.net/">unetbootin</link>
will work. For UEFI installations, you should mount the ISO, copy its contents
verbatim to your drive, then either:
a USB stick. You can use the <command>dd</command> utility to write the image:
<command>dd if=<replaceable>path-to-image</replaceable>
of=<replaceable>/dev/sdb</replaceable></command>. Be careful about specifying the
correct drive; you can use the <command>lsblk</command> command to get a list of
block devices.</para>
<para>The <command>dd</command> utility will write the image verbatim to the drive,
making it the recommended option for both UEFI and non-UEFI installations. For
non-UEFI installations, you can alternatively use
<link xlink:href="http://unetbootin.sourceforge.net/">unetbootin</link>. If you
cannot use <command>dd</command> for a UEFI installation, you can also mount the
ISO, copy its contents verbatim to your drive, then either:
<itemizedlist>
<listitem>

4
nixos/doc/manual/installation/installing.xml
View File

@ -157,10 +157,6 @@ $ nano /mnt/etc/nixos/configuration.nix
<command>nixos-generate-config</command> will figure out the
required modules.</para></note>
<para>Examples of real-world NixOS configuration files can be
found at <link
xlink:href="https://nixos.org/repos/nix/configurations/trunk/"/>.</para>
</listitem>
<listitem><para>Do the installation:

63
nixos/doc/manual/release-notes/rl-1603.xml
View File

@ -4,7 +4,7 @@
version="5.0"
xml:id="sec-release-16.03">
<title>Release 16.03 (“Emu”, 2016/03/??)</title>
<title>Release 16.03 (“Emu”, 2016/03/31)</title>
<para>In addition to numerous new and upgraded packages, this release
has the following highlights:</para>
@ -33,6 +33,10 @@ has the following highlights:</para>
<para>Glibc 2.23 (was 2.21).</para>
</listitem>
<listitem>
<para>Binutils 2.26 (was 2.23.1). See #909</para>
</listitem>
<listitem>
<para>Improved support for ensuring <link
xlink:href="https://reproducible-builds.org/">bitwise reproducible
@ -58,10 +62,57 @@ has the following highlights:</para>
<itemizedlist>
<listitem><para><literal>services/monitoring/longview.nix</literal></para></listitem>
<listitem><para><literal>services/networking/pdnsd.nix</literal></para></listitem>
<listitem><para><literal>services/web-apps/pump.io.nix</literal></para></listitem>
<listitem><para><literal>services/security/haka.nix</literal></para></listitem>
<listitem><para><literal>hardware/video/webcam/facetimehd.nix</literal></para></listitem>
<listitem><para><literal>i18n/inputMethod/default.nix</literal></para></listitem>
<listitem><para><literal>i18n/inputMethod/fcitx.nix</literal></para></listitem>
<listitem><para><literal>i18n/inputMethod/ibus.nix</literal></para></listitem>
<listitem><para><literal>i18n/inputMethod/nabi.nix</literal></para></listitem>
<listitem><para><literal>i18n/inputMethod/uim.nix</literal></para></listitem>
<listitem><para><literal>programs/fish.nix</literal></para></listitem>
<listitem><para><literal>security/acme.nix</literal></para></listitem>
<listitem><para><literal>security/audit.nix</literal></para></listitem>
<listitem><para><literal>security/oath.nix</literal></para></listitem>
<listitem><para><literal>services/hardware/irqbalance.nix</literal></para></listitem>
<listitem><para><literal>services/mail/dspam.nix</literal></para></listitem>
<listitem><para><literal>services/mail/opendkim.nix</literal></para></listitem>
<listitem><para><literal>services/mail/postsrsd.nix</literal></para></listitem>
<listitem><para><literal>services/mail/rspamd.nix</literal></para></listitem>
<listitem><para><literal>services/mail/rmilter.nix</literal></para></listitem>
<listitem><para><literal>services/misc/autofs.nix</literal></para></listitem>
<listitem><para><literal>services/misc/bepasty.nix</literal></para></listitem>
<listitem><para><literal>services/misc/calibre-server.nix</literal></para></listitem>
<listitem><para><literal>services/misc/cfdyndns.nix</literal></para></listitem>
<listitem><para><literal>services/misc/gammu-smsd.nix</literal></para></listitem>
<listitem><para><literal>services/misc/mathics.nix</literal></para></listitem>
<listitem><para><literal>services/misc/matrix-synapse.nix</literal></para></listitem>
<listitem><para><literal>services/misc/octoprint.nix</literal></para></listitem>
<listitem><para><literal>services/monitoring/hdaps.nix</literal></para></listitem>
<listitem><para><literal>services/monitoring/heapster.nix</literal></para></listitem>
<listitem><para><literal>services/monitoring/longview.nix</literal></para></listitem>
<listitem><para><literal>services/network-filesystems/netatalk.nix</literal></para></listitem>
<listitem><para><literal>services/network-filesystems/xtreemfs.nix</literal></para></listitem>
<listitem><para><literal>services/networking/autossh.nix</literal></para></listitem>
<listitem><para><literal>services/networking/dnschain.nix</literal></para></listitem>
<listitem><para><literal>services/networking/gale.nix</literal></para></listitem>
<listitem><para><literal>services/networking/miniupnpd.nix</literal></para></listitem>
<listitem><para><literal>services/networking/namecoind.nix</literal></para></listitem>
<listitem><para><literal>services/networking/ostinato.nix</literal></para></listitem>
<listitem><para><literal>services/networking/pdnsd.nix</literal></para></listitem>
<listitem><para><literal>services/networking/shairport-sync.nix</literal></para></listitem>
<listitem><para><literal>services/networking/supplicant.nix</literal></para></listitem>
<listitem><para><literal>services/search/kibana.nix</literal></para></listitem>
<listitem><para><literal>services/security/haka.nix</literal></para></listitem>
<listitem><para><literal>services/security/physlock.nix</literal></para></listitem>
<listitem><para><literal>services/web-apps/pump.io.nix</literal></para></listitem>
<listitem><para><literal>services/x11/hardware/libinput.nix</literal></para></listitem>
<listitem><para><literal>services/x11/window-managers/windowlab.nix</literal></para></listitem>
<listitem><para><literal>system/boot/initrd-network.nix</literal></para></listitem>
<listitem><para><literal>system/boot/initrd-ssh.nix</literal></para></listitem>
<listitem><para><literal>system/boot/loader/loader.nix</literal></para></listitem>
<listitem><para><literal>system/boot/networkd.nix</literal></para></listitem>
<listitem><para><literal>system/boot/resolved.nix</literal></para></listitem>
<listitem><para><literal>virtualisation/lxd.nix</literal></para></listitem>
<listitem><para><literal>virtualisation/rkt.nix</literal></para></listitem>
</itemizedlist>
</para>
@ -114,7 +165,7 @@ following incompatible changes:</para>
<programlisting><![CDATA[
{
imports = [ <nixos/modules/services/misc/gitit.nix> ];
imports = [ <nixpkgs/nixos/modules/services/misc/gitit.nix> ];
}
]]></programlisting>
@ -297,7 +348,7 @@ $TTL 1800
<para>
<literal>service.syncthing.dataDir</literal> options now has to point
to exact folder where syncthing is writing to. Example configuration should
loook something like:
look something like:
</para>
<programlisting>
services.syncthing = {

22
nixos/maintainers/scripts/ec2/create-amis.sh
View File

@ -8,14 +8,15 @@ echo "keeping state in $stateDir"
mkdir -p $stateDir
version=$(nix-instantiate --eval --strict '<nixpkgs>' -A lib.nixpkgsVersion | sed s/'"'//g)
echo "NixOS version is $version"
major=${version:0:5}
echo "NixOS version is $version ($major)"
rm -f ec2-amis.nix
for type in hvm pv; do
link=$stateDir/$type
imageFile=$link/nixos.img
imageFile=$link/nixos.qcow2
system=x86_64-linux
arch=x86_64
@ -61,12 +62,19 @@ for type in hvm pv; do
# Bundle the image.
imageDir=$stateDir/$type-bundled
# Convert the image to raw format.
rawFile=$stateDir/$type.raw
if ! [ -e $rawFile ]; then
qemu-img convert -f qcow2 -O raw $imageFile $rawFile.tmp
mv $rawFile.tmp $rawFile
fi
if ! [ -d $imageDir ]; then
rm -rf $imageDir.tmp
mkdir -p $imageDir.tmp
ec2-bundle-image \
-d $imageDir.tmp \
-i $imageFile --arch $arch \
-i $rawFile --arch $arch \
--user "$AWS_ACCOUNT" -c "$EC2_CERT" -k "$EC2_PRIVATE_KEY"
mv $imageDir.tmp $imageDir
fi
@ -75,14 +83,14 @@ for type in hvm pv; do
if ! [ -e $imageDir/uploaded ]; then
echo "uploading bundle to S3..."
ec2-upload-bundle \
-m $imageDir/nixos.img.manifest.xml \
-m $imageDir/$type.raw.manifest.xml \
-b "$bucket/$bucketDir" \
-a "$EC2_ACCESS_KEY" -s "$EC2_SECRET_KEY" \
--location EU
touch $imageDir/uploaded
fi
extraFlags="$bucket/$bucketDir/nixos.img.manifest.xml"
extraFlags="$bucket/$bucketDir/$type.raw.manifest.xml"
else
@ -90,7 +98,7 @@ for type in hvm pv; do
# to upload a huge raw image.
vhdFile=$stateDir/$type.vhd
if ! [ -e $vhdFile ]; then
qemu-img convert -O vpc $imageFile $vhdFile.tmp
qemu-img convert -f qcow2 -O vpc $imageFile $vhdFile.tmp
mv $vhdFile.tmp $vhdFile
fi
@ -209,7 +217,7 @@ for type in hvm pv; do
prevRegion="$region"
fi
echo " \"15.09\".$region.$type-$store = \"$ami\";" >> ec2-amis.nix
echo " \"$major\".$region.$type-$store = \"$ami\";" >> ec2-amis.nix
done
done

2
nixos/modules/config/debug-info.nix
View File

@ -38,7 +38,7 @@ with lib;
# environment.pathsToLink, and we can't have both.
#environment.pathsToLink = [ "/lib/debug/.build-id" ];
environment.outputsToLink =
environment.extraOutputsToInstall =
optional config.environment.enableDebugInfo "debug";
};

2
nixos/modules/config/fonts/fontconfig.nix
View File

@ -236,7 +236,7 @@ with lib;
# Versioned fontconfig > 2.10. Take shared fonts.conf from fontconfig.
# Otherwise specify only font directories.
environment.etc."fonts/${pkgs.fontconfig.configVersion}/fonts.conf".source =
"${pkgs.fontconfig}/etc/fonts/fonts.conf";
"${pkgs.fontconfig.out}/etc/fonts/fonts.conf";
environment.etc."fonts/${pkgs.fontconfig.configVersion}/conf.d/00-nixos.conf".text =
let

2
nixos/modules/config/networking.nix
View File

@ -148,7 +148,7 @@ in
"protocols".source = pkgs.iana_etc + "/etc/protocols";
# /etc/rpc: RPC program numbers.
"rpc".source = pkgs.glibc + "/etc/rpc";
"rpc".source = pkgs.glibc.out + "/etc/rpc";
# /etc/hosts: Hostname-to-IP mappings.
"hosts".text =

34
nixos/modules/config/pulseaudio.nix
View File

@ -26,7 +26,7 @@ let
# are built with PulseAudio support (like KDE).
clientConf = writeText "client.conf" ''
autospawn=${if nonSystemWide then "yes" else "no"}
${optionalString nonSystemWide "daemon-binary=${cfg.package}/bin/pulseaudio"}
${optionalString nonSystemWide "daemon-binary=${cfg.package.out}/bin/pulseaudio"}
'';
# Write an /etc/asound.conf that causes all ALSA applications to
@ -130,11 +130,11 @@ in {
source = clientConf;
};
hardware.pulseaudio.configFile = mkDefault "${cfg.package}/etc/pulse/default.pa";
hardware.pulseaudio.configFile = mkDefault "${cfg.package.out}/etc/pulse/default.pa";
}
(mkIf cfg.enable {
environment.systemPackages = [ cfg.package ];
environment.systemPackages = [ cfg.package.out ];
environment.etc = singleton {
target = "asound.conf";
@ -150,6 +150,29 @@ in {
target = "pulse/default.pa";
source = cfg.configFile;
};
systemd.user = {
services.pulseaudio = {
description = "PulseAudio Server";
# NixOS doesn't support "Also" so we bring it in manually
wantedBy = [ "default.target" ];
serviceConfig = {
Type = "notify";
ExecStart = "${cfg.package}/bin/pulseaudio --daemonize=no";
Restart = "on-failure";
};
};
sockets.pulseaudio = {
description = "PulseAudio Socket";
wantedBy = [ "sockets.target" ];
socketConfig = {
Priority = 6;
Backlog = 5;
ListenStream = "%t/pulse/native";
};
};
};
})
(mkIf systemWide {
@ -171,8 +194,9 @@ in {
before = [ "sound.target" ];
environment.PULSE_RUNTIME_PATH = stateDir;
serviceConfig = {
ExecStart = "${cfg.package}/bin/pulseaudio -D --log-level=${cfg.daemon.logLevel} --system --use-pid-file -n --file=${cfg.configFile}";
PIDFile = "${stateDir}/pid";
Type = "notify";
ExecStart = "${cfg.package.out}/bin/pulseaudio --daemonize=no --log-level=${cfg.daemon.logLevel} --system -n --file=${cfg.configFile}";
Restart = "on-failure";
};
};
})

11
nixos/modules/config/system-path.nix
View File

@ -73,11 +73,11 @@ in
description = "List of directories to be symlinked in <filename>/run/current-system/sw</filename>.";
};
outputsToLink = mkOption {
extraOutputsToInstall = mkOption {
type = types.listOf types.str;
default = [];
example = [ "doc" ];
description = "List of package outputs to be symlinked into <filename>/run/current-system/sw</filename>.";
default = [ ];
example = [ "doc" "info" "docdev" ];
description = "List of additional package outputs to be symlinked into <filename>/run/current-system/sw</filename>.";
};
};
@ -123,9 +123,10 @@ in
system.path = pkgs.buildEnv {
name = "system-path";
paths = config.environment.systemPackages;
inherit (config.environment) pathsToLink outputsToLink;
inherit (config.environment) pathsToLink extraOutputsToInstall;
ignoreCollisions = true;
# !!! Hacky, should modularise.
# outputs TODO: note that the tools will often not be linked by default
postBuild =
''
if [ -x $out/bin/update-mime-database -a -w $out/share/mime ]; then

2
nixos/modules/installer/tools/auto-upgrade.nix
View File

@ -78,7 +78,7 @@ let cfg = config.system.autoUpgrade; in
HOME = "/root";
};
path = [ pkgs.gnutar pkgs.xz config.nix.package ];
path = [ pkgs.gnutar pkgs.xz.bin config.nix.package ];
script = ''
${config.system.build.nixos-rebuild}/bin/nixos-rebuild switch ${toString cfg.flags}

2
nixos/modules/installer/tools/nixos-generate-config.pl
View File

@ -165,7 +165,7 @@ sub pciCheck {
) )
{
# we need e.g. brcmfmac43602-pcie.bin
push @imports, "<nixos/modules/hardware/network/broadcom-43xx.nix>";
push @imports, "<nixpkgs/nixos/modules/hardware/network/broadcom-43xx.nix>";
}
# Can't rely on $module here, since the module may not be loaded

4
nixos/modules/misc/ids.nix
View File

@ -257,6 +257,8 @@
radicale = 234;
hydra-queue-runner = 235;
hydra-www = 236;
syncthing = 237;
mfi = 238;
# When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399!
@ -485,6 +487,8 @@
pdnsd = 229;
octoprint = 230;
radicale = 234;
syncthing = 237;
#mfi = 238; # unused
# When adding a gid, make sure it doesn't match an existing
# uid. Users and groups with the same name should have equal

4
nixos/modules/module-list.nix
View File

@ -283,6 +283,7 @@
./services/network-filesystems/openafs-client/default.nix
./services/network-filesystems/rsyncd.nix
./services/network-filesystems/samba.nix
./services/network-filesystems/tahoe.nix
./services/network-filesystems/diod.nix
./services/network-filesystems/u9fs.nix
./services/network-filesystems/yandex-disk.nix
@ -327,12 +328,13 @@
./services/networking/hostapd.nix
./services/networking/i2pd.nix
./services/networking/i2p.nix
./services/networking/iodined.nix
./services/networking/iodine.nix
./services/networking/ircd-hybrid/default.nix
./services/networking/kippo.nix
./services/networking/lambdabot.nix
./services/networking/libreswan.nix
./services/networking/mailpile.nix
./services/networking/mfi.nix
./services/networking/mjpg-streamer.nix
./services/networking/minidlna.nix
./services/networking/miniupnpd.nix

2
nixos/modules/profiles/base.nix
View File

@ -35,7 +35,7 @@
# Tools to create / manipulate filesystems.
pkgs.ntfsprogs # for resizing NTFS partitions
pkgs.dosfstools
pkgs.xfsprogs
pkgs.xfsprogs.bin
pkgs.jfsutils
pkgs.f2fs-tools

3
nixos/modules/programs/fish.nix
View File

@ -101,6 +101,9 @@ in
end
'';
# include programs that bring their own completions
environment.pathsToLink = [ "/share/fish/vendor_completions.d" ];
environment.systemPackages = [ pkgs.fish ];
environment.shells = [

2
nixos/modules/programs/man.nix
View File

@ -23,7 +23,7 @@ with lib;
environment.pathsToLink = [ "/share/man" ];
environment.outputsToLink = [ "man" ];
environment.extraOutputsToInstall = [ "man" ];
};

1
nixos/modules/programs/ssh.nix
View File

@ -189,6 +189,7 @@ in
# Allow DSA keys for now. (These were deprecated in OpenSSH 7.0.)
PubkeyAcceptedKeyTypes +ssh-dss
HostKeyAlgorithms +ssh-dss
${cfg.extraConfig}
'';

4
nixos/modules/programs/xfs_quota.nix
View File

@ -89,8 +89,8 @@ in
nameValuePair "xfs_quota-${name}" {
description = "Setup xfs_quota for project ${name}";
script = ''
${pkgs.xfsprogs}/bin/xfs_quota -x -c 'project -s ${name}' ${opts.fileSystem}
${pkgs.xfsprogs}/bin/xfs_quota -x -c 'limit -p ${limitOptions opts} ${name}' ${opts.fileSystem}
${pkgs.xfsprogs.bin}/bin/xfs_quota -x -c 'project -s ${name}' ${opts.fileSystem}
${pkgs.xfsprogs.bin}/bin/xfs_quota -x -c 'limit -p ${limitOptions opts} ${name}' ${opts.fileSystem}
'';
wantedBy = [ "multi-user.target" ];

7
nixos/modules/rename.nix
View File

@ -101,6 +101,13 @@ with lib;
# Enlightenment
(mkRenamedOptionModule [ "services" "xserver" "desktopManager" "e19" "enable" ] [ "services" "xserver" "desktopManager" "enlightenment" "enable" ])
# Iodine
(mkRenamedOptionModule [ "services" "iodined" "enable" ] [ "services" "iodine" "server" "enable" ])
(mkRenamedOptionModule [ "services" "iodined" "domain" ] [ "services" "iodine" "server" "domain" ])
(mkRenamedOptionModule [ "services" "iodined" "ip" ] [ "services" "iodine" "server" "ip" ])
(mkRenamedOptionModule [ "services" "iodined" "extraConfig" ] [ "services" "iodine" "server" "extraConfig" ])
(mkRemovedOptionModule [ "services" "iodined" "client" ])
# Options that are obsolete and have no replacement.
(mkRemovedOptionModule [ "boot" "initrd" "luks" "enable" ])
(mkRemovedOptionModule [ "programs" "bash" "enable" ])

6
nixos/modules/security/apparmor-suid.nix
View File

@ -28,9 +28,9 @@ with lib;
capability setuid,
network inet raw,
${pkgs.glibc}/lib/*.so mr,
${pkgs.libcap}/lib/libcap.so* mr,
${pkgs.attr}/lib/libattr.so* mr,
${pkgs.glibc.out}/lib/*.so mr,
${pkgs.libcap.out}/lib/libcap.so* mr,
${pkgs.attr.out}/lib/libattr.so* mr,
${pkgs.iputils}/bin/ping mixr,
/var/setuid-wrappers/ping.real r,

8
nixos/modules/security/polkit.nix
View File

@ -59,9 +59,9 @@ in
config = mkIf cfg.enable {
environment.systemPackages = [ pkgs.polkit ];
environment.systemPackages = [ pkgs.polkit.bin pkgs.polkit.out ];
systemd.packages = [ pkgs.polkit ];
systemd.packages = [ pkgs.polkit.out ];
systemd.services.polkit.restartTriggers = [ config.system.path ];
systemd.services.polkit.unitConfig.X-StopIfChanged = false;
@ -79,7 +79,7 @@ in
${cfg.extraConfig}
''; #TODO: validation on compilation (at least against typos)
services.dbus.packages = [ pkgs.polkit ];
services.dbus.packages = [ pkgs.polkit.out ];
security.pam.services.polkit-1 = {};
@ -90,7 +90,7 @@ in
owner = "root";
group = "root";
setuid = true;
source = "${pkgs.polkit}/lib/polkit-1/polkit-agent-helper-1";
source = "${pkgs.polkit.out}/lib/polkit-1/polkit-agent-helper-1";
}
];

4
nixos/modules/security/setuid-wrappers.nix
View File

@ -8,12 +8,12 @@ let
setuidWrapper = pkgs.stdenv.mkDerivation {
name = "setuid-wrapper";
buildCommand = ''
unpackPhase = "true";
installPhase = ''
mkdir -p $out/bin
cp ${./setuid-wrapper.c} setuid-wrapper.c
gcc -Wall -O2 -DWRAPPER_DIR=\"${wrapperDir}\" \
setuid-wrapper.c -o $out/bin/setuid-wrapper
strip -S $out/bin/setuid-wrapper
'';
};

2
nixos/modules/services/backup/crashplan.nix
View File

@ -50,7 +50,7 @@ with lib;
ensureDir ${crashplan.vardir}/log 777
cp -avn ${crashplan}/conf.template/* ${crashplan.vardir}/conf
for x in app.asar bin EULA.txt install.vars lang lib libjniwrap64.so libjniwrap.so libjtux64.so libjtux.so libmd564.so libmd5.so share skin upgrade; do
if [ -e $x ]; then
if [ -e ${crashplan.vardir}/$x ]; then
true;
else
ln -s ${crashplan}/$x ${crashplan.vardir}/$x;

4
nixos/modules/services/continuous-integration/jenkins/default.nix
View File

@ -161,11 +161,11 @@ in {
'';
postStart = ''
until ${pkgs.curl}/bin/curl -s -L ${cfg.listenAddress}:${toString cfg.port}${cfg.prefix} ; do
until ${pkgs.curl.bin}/bin/curl -s -L ${cfg.listenAddress}:${toString cfg.port}${cfg.prefix} ; do
sleep 10
done
while true ; do
index=`${pkgs.curl}/bin/curl -s -L ${cfg.listenAddress}:${toString cfg.port}${cfg.prefix}`
index=`${pkgs.curl.bin}/bin/curl -s -L ${cfg.listenAddress}:${toString cfg.port}${cfg.prefix}`
if [[ !("$index" =~ 'Please wait while Jenkins is restarting' ||
"$index" =~ 'Please wait while Jenkins is getting ready to work') ]]; then
exit 0

2
nixos/modules/services/databases/openldap.nix
View File

@ -87,7 +87,7 @@ in
mkdir -p ${cfg.dataDir}
chown -R ${cfg.user}:${cfg.group} ${cfg.dataDir}
'';
serviceConfig.ExecStart = "${openldap}/libexec/slapd -u ${cfg.user} -g ${cfg.group} -d 0 -f ${configFile}";
serviceConfig.ExecStart = "${openldap.out}/libexec/slapd -u ${cfg.user} -g ${cfg.group} -d 0 -f ${configFile}";
};
users.extraUsers.openldap =

2
nixos/modules/services/desktops/gnome3/gvfs.nix
View File

@ -37,7 +37,7 @@ in
services.dbus.packages = [ gnome3.gvfs ];
services.udev.packages = [ pkgs.libmtp ];
services.udev.packages = [ pkgs.libmtp.bin ];
};

2
nixos/modules/services/hardware/udev.nix
View File

@ -72,7 +72,7 @@ let
run_progs=$(grep -v '^[[:space:]]*#' $out/* | grep 'RUN+="[^/$]' |
sed -e 's/.*RUN+="\([^ "]*\)[ "].*/\1/' | uniq)
for i in $import_progs $run_progs; do
if [[ ! -x ${pkgs.udev}/lib/udev/$i && ! $i =~ socket:.* ]]; then
if [[ ! -x ${udev}/lib/udev/$i && ! $i =~ socket:.* ]]; then
echo "FAIL"
echo "$i is called in udev rules but not installed by udev"
exit 1

2
nixos/modules/services/hardware/upower.nix
View File

@ -51,7 +51,7 @@ in
systemd.services.upower =
{ description = "Power Management Daemon";
path = [ pkgs.glib ]; # needed for gdbus
path = [ pkgs.glib.out ]; # needed for gdbus
serviceConfig =
{ Type = "dbus";
BusName = "org.freedesktop.UPower";

2
nixos/modules/services/misc/docker-registry.nix
View File

@ -65,7 +65,7 @@ in {
};
postStart = ''
until ${pkgs.curl}/bin/curl -s -o /dev/null 'http://${cfg.listenAddress}:${toString cfg.port}/'; do
until ${pkgs.curl.bin}/bin/curl -s -o /dev/null 'http://${cfg.listenAddress}:${toString cfg.port}/'; do
sleep 1;
done
'';

2
nixos/modules/services/misc/nix-daemon.nix
View File

@ -358,7 +358,7 @@ in
systemd.sockets.nix-daemon.wantedBy = [ "sockets.target" ];
systemd.services.nix-daemon =
{ path = [ nix pkgs.openssl pkgs.utillinux config.programs.ssh.package ]
{ path = [ nix pkgs.openssl.bin pkgs.utillinux config.programs.ssh.package ]
++ optionals cfg.distributedBuilds [ pkgs.gzip ];
environment = cfg.envVars

1
nixos/modules/services/misc/plex.nix
View File

@ -128,6 +128,7 @@ in
Group = cfg.group;
PermissionsStartOnly = "true";
ExecStart = "/bin/sh -c '${cfg.package}/usr/lib/plexmediaserver/Plex\\ Media\\ Server'";
Restart = "on-failure";
};
environment = {
PLEX_MEDIA_SERVER_APPLICATION_SUPPORT_DIR=cfg.dataDir;

2
nixos/modules/services/misc/subsonic.nix
View File

@ -97,7 +97,7 @@ in
transcoders = mkOption {
type = types.listOf types.path;
default = [ "${pkgs.ffmpeg}/bin/ffmpeg" ];
default = [ "${pkgs.ffmpeg.bin}/bin/ffmpeg" ];
description = ''
List of paths to transcoder executables that should be accessible
from Subsonic. Symlinks will be created to each executable inside

2
nixos/modules/services/misc/svnserve.nix
View File

@ -38,7 +38,7 @@ in
after = [ "network-interfaces.target" ];
wantedBy = [ "multi-user.target" ];
preStart = "mkdir -p ${cfg.svnBaseDir}";
script = "${pkgs.subversion}/bin/svnserve -r ${cfg.svnBaseDir} -d --foreground --pid-file=/var/run/svnserve.pid";
script = "${pkgs.subversion.out}/bin/svnserve -r ${cfg.svnBaseDir} -d --foreground --pid-file=/var/run/svnserve.pid";
};
};
}

2
nixos/modules/services/monitoring/cadvisor.nix
View File

@ -71,7 +71,7 @@ in {
after = [ "network.target" "docker.service" "influxdb.service" ];
postStart = mkBefore ''
until ${pkgs.curl}/bin/curl -s -o /dev/null 'http://${cfg.listenAddress}:${toString cfg.port}/containers/'; do
until ${pkgs.curl.bin}/bin/curl -s -o /dev/null 'http://${cfg.listenAddress}:${toString cfg.port}/containers/'; do
sleep 1;
done
'';

2
nixos/modules/services/monitoring/graphite.nix
View File

@ -509,7 +509,7 @@ in {
};
in "${aenv}/${pkgs.python.sitePackages}";
GRAPHITE_API_CONFIG = graphiteApiConfig;
LD_LIBRARY_PATH = "${pkgs.cairo}/lib";
LD_LIBRARY_PATH = "${pkgs.cairo.out}/lib";
};
serviceConfig = {
ExecStart = ''

286
nixos/modules/services/network-filesystems/tahoe.nix Normal file
View File

@ -0,0 +1,286 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.tahoe;
in
{
options.services.tahoe = {
introducers = mkOption {
default = {};
type = types.loaOf types.optionSet;
description = ''
The Tahoe introducers.
'';
options = {
nickname = mkOption {
type = types.str;
description = ''
The nickname of this Tahoe introducer.
'';
};
tub.port = mkOption {
default = 3458;
type = types.int;
description = ''
The port on which the introducer will listen.
'';
};
package = mkOption {
default = pkgs.tahoelafs;
defaultText = "pkgs.tahoelafs";
type = types.package;
example = literalExample "pkgs.tahoelafs";
description = ''
The package to use for the Tahoe LAFS daemon.
'';
};
};
};
nodes = mkOption {
default = {};
type = types.loaOf types.optionSet;
description = ''
The Tahoe nodes.
'';
options = {
nickname = mkOption {
type = types.str;
description = ''
The nickname of this Tahoe node.
'';
};
tub.port = mkOption {
default = 3457;
type = types.int;
description = ''
The port on which the tub will listen.
This is the correct setting to tweak if you want Tahoe's storage
system to listen on a different port.
'';
};
web.port = mkOption {
default = 3456;
type = types.int;
description = ''
The port on which the Web server will listen.
This is the correct setting to tweak if you want Tahoe's WUI to
listen on a different port.
'';
};
client.introducer = mkOption {
default = null;
type = types.nullOr types.str;
description = ''
The furl for a Tahoe introducer node.
Like all furls, keep this safe and don't share it.
'';
};
client.helper = mkOption {
default = null;
type = types.nullOr types.str;
description = ''
The furl for a Tahoe helper node.
Like all furls, keep this safe and don't share it.
'';
};
client.shares.needed = mkOption {
default = 3;
type = types.int;
description = ''
The number of shares required to reconstitute a file.
'';
};
client.shares.happy = mkOption {
default = 7;
type = types.int;
description = ''
The number of distinct storage nodes required to store
a file.
'';
};
client.shares.total = mkOption {
default = 10;
type = types.int;
description = ''
The number of shares required to store a file.
'';
};
storage.enable = mkEnableOption "storage service";
storage.reservedSpace = mkOption {
default = "1G";
type = types.str;
description = ''
The amount of filesystem space to not use for storage.
'';
};
helper.enable = mkEnableOption "helper service";
package = mkOption {
default = pkgs.tahoelafs;
defaultText = "pkgs.tahoelafs";
type = types.package;
example = literalExample "pkgs.tahoelafs";
description = ''
The package to use for the Tahoe LAFS daemon.
'';
};
};
};
};
config = mkMerge [
(mkIf (cfg.introducers != {}) {
environment = {
etc = flip mapAttrs' cfg.introducers (node: settings:
nameValuePair "tahoe-lafs/introducer-${node}.cfg" {
mode = "0444";
text = ''
# This configuration is generated by Nix. Edit at your own
# peril; here be dragons.
[node]
nickname = ${settings.nickname}
tub.port = ${toString settings.tub.port}
'';
});
# Actually require Tahoe, so that we will have it installed.
systemPackages = flip mapAttrsToList cfg.introducers (node: settings:
settings.package
);
};
# Open up the firewall.
# networking.firewall.allowedTCPPorts = flip mapAttrsToList cfg.introducers
# (node: settings: settings.tub.port);
systemd.services = flip mapAttrs' cfg.introducers (node: settings:
let
pidfile = "/run/tahoe.introducer-${node}.pid";
# This is a directory, but it has no trailing slash. Tahoe commands
# get antsy when there's a trailing slash.
nodedir = "/var/db/tahoe-lafs/introducer-${node}";
in nameValuePair "tahoe.introducer-${node}" {
description = "Tahoe LAFS node ${node}";
wantedBy = [ "multi-user.target" ];
path = [ settings.package ];
restartTriggers = [
config.environment.etc."tahoe-lafs/introducer-${node}.cfg".source ];
serviceConfig = {
Type = "simple";
PIDFile = pidfile;
};
preStart = ''
if [ \! -d ${nodedir} ]; then
mkdir -p /var/db/tahoe-lafs
tahoe create-introducer ${nodedir}
fi
# Tahoe has created a predefined tahoe.cfg which we must now
# scribble over.
# XXX I thought that a symlink would work here, but it doesn't, so
# we must do this on every prestart. Fixes welcome.
# rm ${nodedir}/tahoe.cfg
# ln -s /etc/tahoe-lafs/introducer-${node}.cfg ${nodedir}/tahoe.cfg
cp /etc/tahoe-lafs/introducer-${node}.cfg ${nodedir}/tahoe.cfg
'';
# Believe it or not, Tahoe is very brittle about the order of
# arguments to $(tahoe start). The node directory must come first,
# and arguments which alter Twisted's behavior come afterwards.
script = ''
tahoe start ${nodedir} -n -l- --pidfile=${pidfile}
'';
});
users.extraUsers = flip mapAttrs' cfg.introducers (node: _:
nameValuePair "tahoe.introducer-${node}" {
description = "Tahoe node user for introducer ${node}";
isSystemUser = true;
});
})
(mkIf (cfg.nodes != {}) {
environment = {
etc = flip mapAttrs' cfg.nodes (node: settings:
nameValuePair "tahoe-lafs/${node}.cfg" {
mode = "0444";
text = ''
# This configuration is generated by Nix. Edit at your own
# peril; here be dragons.
[node]
nickname = ${settings.nickname}
tub.port = ${toString settings.tub.port}
# This is a Twisted endpoint. Twisted Web doesn't work on
# non-TCP. ~ C.
web.port = tcp:${toString settings.web.port}
[client]
${optionalString (settings.client.introducer != null)
"introducer.furl = ${settings.client.introducer}"}
${optionalString (settings.client.helper != null)
"helper.furl = ${settings.client.helper}"}
shares.needed = ${toString settings.client.shares.needed}
shares.happy = ${toString settings.client.shares.happy}
shares.total = ${toString settings.client.shares.total}
[storage]
enabled = ${if settings.storage.enable then "true" else "false"}
reserved_space = ${settings.storage.reservedSpace}
[helper]
enabled = ${if settings.helper.enable then "true" else "false"}
'';
});
# Actually require Tahoe, so that we will have it installed.
systemPackages = flip mapAttrsToList cfg.nodes (node: settings:
settings.package
);
};
# Open up the firewall.
# networking.firewall.allowedTCPPorts = flip mapAttrsToList cfg.nodes
# (node: settings: settings.tub.port);
systemd.services = flip mapAttrs' cfg.nodes (node: settings:
let
pidfile = "/run/tahoe.${node}.pid";
# This is a directory, but it has no trailing slash. Tahoe commands
# get antsy when there's a trailing slash.
nodedir = "/var/db/tahoe-lafs/${node}";
in nameValuePair "tahoe.${node}" {
description = "Tahoe LAFS node ${node}";
wantedBy = [ "multi-user.target" ];
path = [ settings.package ];
restartTriggers = [
config.environment.etc."tahoe-lafs/${node}.cfg".source ];
serviceConfig = {
Type = "simple";
PIDFile = pidfile;
};
preStart = ''
if [ \! -d ${nodedir} ]; then
mkdir -p /var/db/tahoe-lafs
tahoe create-node ${nodedir}
fi
# Tahoe has created a predefined tahoe.cfg which we must now
# scribble over.
# XXX I thought that a symlink would work here, but it doesn't, so
# we must do this on every prestart. Fixes welcome.
# rm ${nodedir}/tahoe.cfg
# ln -s /etc/tahoe-lafs/${node}.cfg ${nodedir}/tahoe.cfg
cp /etc/tahoe-lafs/${node}.cfg ${nodedir}/tahoe.cfg
'';
# Believe it or not, Tahoe is very brittle about the order of
# arguments to $(tahoe start). The node directory must come first,
# and arguments which alter Twisted's behavior come afterwards.
script = ''
tahoe start ${nodedir} -n -l- --pidfile=${pidfile}
'';
});
users.extraUsers = flip mapAttrs' cfg.nodes (node: _:
nameValuePair "tahoe.${node}" {
description = "Tahoe node user for node ${node}";
isSystemUser = true;
});
})
];
}

19
nixos/modules/services/network-filesystems/u9fs.nix
View File

@ -27,10 +27,17 @@ in
'';
};
user = mkOption {
type = types.str;
default = "nobody";
description =
"User to run u9fs under.";
};
extraArgs = mkOption {
type = types.str;
default = "";
example = "-a none -u nobody";
example = "-a none";
description =
''
Extra arguments to pass on invocation,
@ -38,13 +45,6 @@ in
'';
};
fsroot = mkOption {
type = types.path;
default = "/";
example = "/srv";
description = "File system root to serve to clients.";
};
};
};
@ -63,9 +63,10 @@ in
reloadIfChanged = true;
requires = [ "u9fs.socket" ];
serviceConfig =
{ ExecStart = "-${pkgs.u9fs}/bin/u9fs ${cfg.extraArgs} ${cfg.fsroot}";
{ ExecStart = "-${pkgs.u9fs}/bin/u9fs ${cfg.extraArgs}";
StandardInput = "socket";
StandardError = "journal";
User = cfg.user;
};
};
};

12
nixos/modules/services/networking/dnscrypt-proxy.nix
View File

@ -151,7 +151,7 @@ in
/etc/group r,
${config.environment.etc."nsswitch.conf".source} r,
${pkgs.glibc}/lib/*.so mr,
${pkgs.glibc.out}/lib/*.so mr,
${pkgs.tzdata}/share/zoneinfo/** r,
network inet stream,
@ -159,12 +159,12 @@ in
network inet dgram,
network inet6 dgram,
${pkgs.gcc.cc}/lib/libssp.so.* mr,
${pkgs.libsodium}/lib/libsodium.so.* mr,
${pkgs.gcc.cc.lib}/lib/libssp.so.* mr,
${pkgs.libsodium.out}/lib/libsodium.so.* mr,
${pkgs.systemd}/lib/libsystemd.so.* mr,
${pkgs.xz}/lib/liblzma.so.* mr,
${pkgs.libgcrypt}/lib/libgcrypt.so.* mr,
${pkgs.libgpgerror}/lib/libgpg-error.so.* mr,
${pkgs.xz.out}/lib/liblzma.so.* mr,
${pkgs.libgcrypt.out}/lib/libgcrypt.so.* mr,
${pkgs.libgpgerror.out}/lib/libgpg-error.so.* mr,
${pkgs.libcap}/lib/libcap.so.* mr,
${pkgs.lz4}/lib/liblz4.so.* mr,
${pkgs.attr}/lib/libattr.so.* mr,

2
nixos/modules/services/networking/i2pd.nix
View File

@ -8,7 +8,7 @@ let
homeDir = "/var/lib/i2pd";
extip = "EXTIP=\$(${pkgs.curl}/bin/curl -sf \"http://jsonip.com\" | ${pkgs.gawk}/bin/awk -F'\"' '{print $4}')";
extip = "EXTIP=\$(${pkgs.curl.bin}/bin/curl -sf \"http://jsonip.com\" | ${pkgs.gawk}/bin/awk -F'\"' '{print $4}')";
toYesNo = b: if b then "yes" else "no";

136
nixos/modules/services/networking/iodine.nix Normal file
View File

@ -0,0 +1,136 @@
# NixOS module for iodine, ip over dns daemon
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.iodine;
iodinedUser = "iodined";
in
{
### configuration
options = {
services.iodine = {
clients = mkOption {
default = {};
description = ''
Each attribute of this option defines a systemd service that
runs iodine. Many or none may be defined.
The name of each service is
<literal>iodine-<replaceable>name</replaceable></literal>
where <replaceable>name</replaceable> is the name of the
corresponding attribute name.
'';
example = literalExample ''
{
foo = {
server = "tunnel.mdomain.com";
relay = "8.8.8.8";
extraConfig = "-P mysecurepassword";
}
}
'';
type = types.attrsOf (types.submodule (
{
options = {
server = mkOption {
type = types.str;
default = "";
description = "Domain or Subdomain of server running iodined";
example = "tunnel.mydomain.com";
};
relay = mkOption {
type = types.str;
default = "";
description = "DNS server to use as a intermediate relay to the iodined server";
example = "8.8.8.8";
};
extraConfig = mkOption {
type = types.str;
default = "";
description = "Additional command line parameters";
example = "-P mysecurepassword -l 192.168.1.10 -p 23";
};
};
}));
};
server = {
enable = mkOption {
type = types.bool;
default = false;
description = "enable iodined server";
};
ip = mkOption {
type = types.str;
default = "";
description = "The assigned ip address or ip range";
example = "172.16.10.1/24";
};
domain = mkOption {
type = types.str;
default = "";
description = "Domain or subdomain of which nameservers point to us";
example = "tunnel.mydomain.com";
};
extraConfig = mkOption {
type = types.str;
default = "";
description = "Additional command line parameters";
example = "-P mysecurepassword -l 192.168.1.10 -p 23";
};
};
};
};
### implementation
config = mkIf (cfg.server.enable || cfg.clients != {}) {
environment.systemPackages = [ pkgs.iodine ];
boot.kernelModules = [ "tun" ];
systemd.services =
let
createIodineClientService = name: cfg:
{
description = "iodine client - ${name}";
wantedBy = [ "ip-up.target" ];
serviceConfig = {
RestartSec = "30s";
Restart = "always";
ExecStart = "${pkgs.iodine}/bin/iodine -f -u ${iodinedUser} ${cfg.extraConfig} ${cfg.relay} ${cfg.server}";
};
};
in
listToAttrs (
mapAttrsToList
(name: value: nameValuePair "iodine-${name}" (createIodineClientService name value))
cfg.clients
) // {
iodined = mkIf (cfg.server.enable) {
description = "iodine, ip over dns server daemon";
wantedBy = [ "ip-up.target" ];
serviceConfig.ExecStart = "${pkgs.iodine}/bin/iodined -f -u ${iodinedUser} ${cfg.server.extraConfig} ${cfg.server.ip} ${cfg.server.domain}";
};
};
users.extraUsers = singleton {
name = iodinedUser;
uid = config.ids.uids.iodined;
description = "Iodine daemon user";
};
users.extraGroups.iodined.gid = config.ids.gids.iodined;
};
}

86
nixos/modules/services/networking/iodined.nix
View File

@ -1,86 +0,0 @@
# NixOS module for iodine, ip over dns daemon
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.iodined;
iodinedUser = "iodined";
in
{
### configuration
options = {
services.iodined = {
enable = mkOption {
type = types.bool;
default = false;
description = "Enable iodine, ip over dns daemon";
};
client = mkOption {
type = types.bool;
default = false;
description = "Start iodine in client mode";
};
ip = mkOption {
type = types.str;
default = "";
description = "Assigned ip address or ip range";
example = "172.16.10.1/24";
};
domain = mkOption {
type = types.str;
default = "";
description = "Domain or subdomain of which nameservers point to us";
example = "tunnel.mydomain.com";
};
extraConfig = mkOption {
type = types.str;
default = "";
description = "Additional command line parameters";
example = "-P mysecurepassword -l 192.168.1.10 -p 23";
};
};
};
### implementation
config = mkIf cfg.enable {
environment.systemPackages = [ pkgs.iodine ];
boot.kernelModules = [ "tun" ];
systemd.services.iodined = {
description = "iodine, ip over dns daemon";
wantedBy = [ "ip-up.target" ];
serviceConfig.ExecStart = "${pkgs.iodine}/sbin/iodined -f -u ${iodinedUser} ${cfg.extraConfig} ${cfg.ip} ${cfg.domain}";
};
users.extraUsers = singleton {
name = iodinedUser;
uid = config.ids.uids.iodined;
description = "Iodine daemon user";
};
users.extraGroups.iodined.gid = config.ids.gids.iodined;
assertions = [{ assertion = if !cfg.client then cfg.ip != "" else true;
message = "cannot start iodined without ip set";}
{ assertion = cfg.domain != "";
message = "cannot start iodined without domain name set";}];
};
}

90
nixos/modules/services/networking/mfi.nix Normal file
View File

@ -0,0 +1,90 @@
{ config, lib, pkgs, utils, ... }:
with lib;
let
name = "Ubiquiti mFi Controller";
cfg = config.services.mfi;
stateDir = "/var/lib/mfi";
# XXX 2 runtime exceptions using jre8: JSPException on GET / ; can't initialize ./data/keystore on first run.
cmd = "@${pkgs.jre7}/bin/java java -jar ${stateDir}/lib/ace.jar";
mountPoints = [
{ what = "${pkgs.mfi}/dl"; where = "${stateDir}/dl"; }
{ what = "${pkgs.mfi}/lib"; where = "${stateDir}/lib"; }
{ what = "${pkgs.mongodb248}/bin"; where = "${stateDir}/bin"; }
];
systemdMountPoints = map (m: "${utils.escapeSystemdPath m.where}.mount") mountPoints;
ports = [ 6080 6880 6443 6843 ];
in
{
options = {
services.mfi = {
enable = mkEnableOption name;
openPorts = mkOption {
type = types.bool;
default = true;
description = "Whether to open TCP ports ${concatMapStrings (a: "${toString a} ") ports}for the services.";
};
};
};
config = mkIf cfg.enable {
networking.firewall.allowedTCPPorts = mkIf config.services.mfi.openPorts ports;
users.users.mfi = {
uid = config.ids.uids.mfi;
description = "mFi controller daemon user";
home = "${stateDir}";
};
# We must create the binary directories as bind mounts instead of symlinks
# This is because the controller resolves all symlinks to absolute paths
# to be used as the working directory.
systemd.mounts = map ({ what, where }: {
bindsTo = [ "mfi.service" ];
partOf = [ "mfi.service" ];
unitConfig.RequiresMountsFor = stateDir;
options = "bind";
what = what;
where = where;
}) mountPoints;
systemd.services.mfi = {
description = "mFi controller daemon";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ] ++ systemdMountPoints;
partOf = systemdMountPoints;
bindsTo = systemdMountPoints;
unitConfig.RequiresMountsFor = stateDir;
preStart = ''
# Clear ./webapps each run.
rm -rf "${stateDir}/webapps"
mkdir -p "${stateDir}/webapps"
ln -s "${pkgs.mfi}/webapps/ROOT.war" "${stateDir}/webapps"
# Copy initial config only once.
test -e "${stateDir}/conf" || cp -ar "${pkgs.mfi}/conf" "${stateDir}/conf"
test -e "${stateDir}/data" || cp -ar "${pkgs.mfi}/data" "${stateDir}/data"
# Fix Permissions.
# (Bind-mounts cause errors; ignore exit codes)
chown -fR mfi: "${stateDir}" || true
chmod -fR u=rwX,go= "${stateDir}" || true
'';
postStop = ''
rm -rf "${stateDir}/webapps"
'';
serviceConfig = {
Type = "simple";
ExecStart = "${cmd} start";
ExecStop = "${cmd} stop";
User = "mfi";
PermissionsStartOnly = true;
UMask = "0077";
WorkingDirectory = "${stateDir}";
};
};
};
}

17
nixos/modules/services/networking/minidlna.nix
View File

@ -58,9 +58,9 @@ in
services.minidlna.config =
''
port=${toString port}
friendly_name=NixOS Media Server
friendly_name=${config.networking.hostName} MiniDLNA
db_dir=/var/cache/minidlna
log_dir=/var/log/minidlna
log_level=warn
inotify=yes
${concatMapStrings (dir: ''
media_dir=${dir}
@ -83,21 +83,18 @@ in
preStart =
''
mkdir -p /var/cache/minidlna /var/log/minidlna /run/minidlna
chown minidlna /var/cache/minidlna /var/log/minidlna /run/minidlna
mkdir -p /var/cache/minidlna
chown -R minidlna:minidlna /var/cache/minidlna
'';
# FIXME: log through the journal rather than
# /var/log/minidlna. The -d flag does that, but also raises
# the log level to debug...
serviceConfig =
{ User = "minidlna";
Group = "nogroup";
Group = "minidlna";
PermissionsStartOnly = true;
Type = "forking";
RuntimeDirectory = "minidlna";
PIDFile = "/run/minidlna/pid";
ExecStart =
"@${pkgs.minidlna}/sbin/minidlnad minidlnad -P /run/minidlna/pid" +
"${pkgs.minidlna}/sbin/minidlnad -S -P /run/minidlna/pid" +
" -f ${pkgs.writeText "minidlna.conf" cfg.config}";
};
};

2
nixos/modules/services/networking/nix-serve.nix
View File

@ -50,7 +50,7 @@ in
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
path = [ config.nix.package pkgs.bzip2 ];
path = [ config.nix.package pkgs.bzip2.bin ];
environment.NIX_REMOTE = "daemon";
environment.NIX_SECRET_KEY_FILE = cfg.secretKeyFile;

33
nixos/modules/services/networking/syncthing.nix
View File

@ -5,6 +5,7 @@ with lib;
let
cfg = config.services.syncthing;
defaultUser = "syncthing";
in
@ -17,6 +18,7 @@ in
services.syncthing = {
enable = mkOption {
type = types.bool;
default = false;
description = ''
Whether to enable the Syncthing, self-hosted open-source alternative
@ -26,7 +28,8 @@ in
};
user = mkOption {
default = "syncthing";
type = types.string;
default = defaultUser;
description = ''
Syncthing will be run under this user (user must exist,
this can be your user name).
@ -34,8 +37,8 @@ in
};
all_proxy = mkOption {
type = types.string;
default = "";
type = types.nullOr types.string;
default = null;
example = "socks5://address.com:1234";
description = ''
Overwrites all_proxy environment variable for the syncthing process to
@ -45,6 +48,7 @@ in
};
dataDir = mkOption {
type = types.path;
default = "/var/lib/syncthing";
description = ''
Path where the settings and keys will exist.
@ -71,20 +75,33 @@ in
config = mkIf cfg.enable {
users = mkIf (cfg.user == defaultUser) {
extraUsers."${defaultUser}" =
{ group = defaultUser;
home = cfg.dataDir;
createHome = true;
uid = config.ids.uids.syncthing;
description = "Syncthing daemon user";
};
extraGroups."${defaultUser}".gid =
config.ids.gids.syncthing;
};
systemd.services.syncthing =
{
description = "Syncthing service";
after = [ "network.target" ];
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
environment = {
STNORESTART = "yes"; # do not self-restart
STNOUPGRADE = "yes";
} //
(config.networking.proxy.envVars) //
(if cfg.all_proxy != "" then { all_proxy = cfg.all_proxy; } else {});
inherit (cfg) all_proxy;
} // config.networking.proxy.envVars;
serviceConfig = {
User = "${cfg.user}";
User = cfg.user;
Group = optionalString (cfg.user == defaultUser) defaultUser;
PermissionsStartOnly = true;
Restart = "on-failure";
ExecStart = "${pkgs.syncthing}/bin/syncthing -no-browser -home=${cfg.dataDir}";

8
nixos/modules/services/printing/cupsd.nix
View File

@ -14,21 +14,21 @@ let
additionalBackends = pkgs.runCommand "additional-cups-backends" { }
''
mkdir -p $out
if [ ! -e ${cups}/lib/cups/backend/smb ]; then
if [ ! -e ${cups.out}/lib/cups/backend/smb ]; then
mkdir -p $out/lib/cups/backend
ln -sv ${pkgs.samba}/bin/smbspool $out/lib/cups/backend/smb
fi
# Provide support for printing via HTTPS.
if [ ! -e ${cups}/lib/cups/backend/https ]; then
if [ ! -e ${cups.out}/lib/cups/backend/https ]; then
mkdir -p $out/lib/cups/backend
ln -sv ${cups}/lib/cups/backend/ipp $out/lib/cups/backend/https
ln -sv ${cups.out}/lib/cups/backend/ipp $out/lib/cups/backend/https
fi
'';
# Here we can enable additional backends, filters, etc. that are not
# part of CUPS itself, e.g. the SMB backend is part of Samba. Since
# we can't update ${cups}/lib/cups itself, we create a symlink tree
# we can't update ${cups.out}/lib/cups itself, we create a symlink tree
# here and add the additional programs. The ServerBin directive in
# cupsd.conf tells cupsd to use this tree.
bindir = pkgs.buildEnv {

2
nixos/modules/services/search/elasticsearch.nix
View File

@ -148,7 +148,7 @@ in {
if [ "$(id -u)" = 0 ]; then chown -R elasticsearch ${cfg.dataDir}; fi
'';
postStart = mkBefore ''
until ${pkgs.curl}/bin/curl -s -o /dev/null ${cfg.listenAddress}:${toString cfg.port}; do
until ${pkgs.curl.bin}/bin/curl -s -o /dev/null ${cfg.listenAddress}:${toString cfg.port}; do
sleep 1
done
'';

26
nixos/modules/services/system/dbus.nix
View File

@ -121,7 +121,7 @@ in
security.setuidOwners = singleton
{ program = "dbus-daemon-launch-helper";
source = "${pkgs.dbus_daemon}/libexec/dbus-daemon-launch-helper";
source = "${pkgs.dbus_daemon.lib}/libexec/dbus-daemon-launch-helper";
owner = "root";
group = "messagebus";
setuid = true;
@ -139,6 +139,30 @@ in
systemd.services.dbus.restartTriggers = [ configDir ];
systemd.user = {
services.dbus = {
description = "D-Bus User Message Bus";
requires = [ "dbus.socket" ];
# NixOS doesn't support "Also" so we pull it in manually
# As the .service is supposed to come up at the same time as
# the .socket, we use basic.target instead of default.target
wantedBy = [ "basic.target" ];
serviceConfig = {
ExecStart = "${pkgs.dbus_daemon}/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation";
ExecReload = "${pkgs.dbus_daemon}/bin/dbus-send --print-reply --session --type=method_call --dest=org.freedesktop.DBus / org.freedesktop.DBus.ReloadConfig";
};
};
sockets.dbus = {
description = "D-Bus User Message Bus Socket";
socketConfig = {
ListenStream = "%t/bus";
ExecStartPost = "-${config.systemd.package}/bin/systemctl --user set-environment DBUS_SESSION_BUS_ADDRESS=unix:path=%t/bus";
};
wantedBy = [ "sockets.target" ];
};
};
environment.pathsToLink = [ "/etc/dbus-1" "/share/dbus-1" ];
};

10
nixos/modules/services/system/nscd.nix
View File

@ -64,14 +64,14 @@ in
restartTriggers = [ config.environment.etc.hosts.source config.environment.etc."nsswitch.conf".source ];
serviceConfig =
{ ExecStart = "@${pkgs.glibc}/sbin/nscd nscd -f ${cfgFile}";
{ ExecStart = "@${pkgs.glibc.bin}/sbin/nscd nscd -f ${cfgFile}";
Type = "forking";
PIDFile = "/run/nscd/nscd.pid";
Restart = "always";
ExecReload =
[ "${pkgs.glibc}/sbin/nscd --invalidate passwd"
"${pkgs.glibc}/sbin/nscd --invalidate group"
"${pkgs.glibc}/sbin/nscd --invalidate hosts"
[ "${pkgs.glibc.bin}/sbin/nscd --invalidate passwd"
"${pkgs.glibc.bin}/sbin/nscd --invalidate group"
"${pkgs.glibc.bin}/sbin/nscd --invalidate hosts"
];
};
@ -79,7 +79,7 @@ in
# its pid. So wait until it's ready.
postStart =
''
while ! ${pkgs.glibc}/sbin/nscd -g -f ${cfgFile} > /dev/null; do
while ! ${pkgs.glibc.bin}/sbin/nscd -g -f ${cfgFile} > /dev/null; do
sleep 0.2
done
'';

28
nixos/modules/services/torrent/transmission.nix
View File

@ -113,21 +113,21 @@ in
#include <abstractions/base>
#include <abstractions/nameservice>
${pkgs.glibc}/lib/*.so mr,
${pkgs.libevent}/lib/libevent*.so* mr,
${pkgs.curl}/lib/libcurl*.so* mr,
${pkgs.openssl}/lib/libssl*.so* mr,
${pkgs.openssl}/lib/libcrypto*.so* mr,
${pkgs.zlib}/lib/libz*.so* mr,
${pkgs.libssh2}/lib/libssh2*.so* mr,
${pkgs.glibc.out}/lib/*.so mr,
${pkgs.libevent.out}/lib/libevent*.so* mr,
${pkgs.curl.out}/lib/libcurl*.so* mr,
${pkgs.openssl.out}/lib/libssl*.so* mr,
${pkgs.openssl.out}/lib/libcrypto*.so* mr,
${pkgs.zlib.out}/lib/libz*.so* mr,
${pkgs.libssh2.out}/lib/libssh2*.so* mr,
${pkgs.systemd}/lib/libsystemd*.so* mr,
${pkgs.xz}/lib/liblzma*.so* mr,
${pkgs.libgcrypt}/lib/libgcrypt*.so* mr,
${pkgs.libgpgerror}/lib/libgpg-error*.so* mr,
${pkgs.libnghttp2}/lib/libnghttp2*.so* mr,
${pkgs.c-ares}/lib/libcares*.so* mr,
${pkgs.libcap}/lib/libcap*.so* mr,
${pkgs.attr}/lib/libattr*.so* mr,
${pkgs.xz.out}/lib/liblzma*.so* mr,
${pkgs.libgcrypt.out}/lib/libgcrypt*.so* mr,
${pkgs.libgpgerror.out}/lib/libgpg-error*.so* mr,
${pkgs.libnghttp2.out}/lib/libnghttp2*.so* mr,
${pkgs.c-ares.out}/lib/libcares*.so* mr,
${pkgs.libcap.out}/lib/libcap*.so* mr,
${pkgs.attr.out}/lib/libattr*.so* mr,
${pkgs.lz4}/lib/liblz4*.so* mr,
@{PROC}/sys/kernel/random/uuid r,

5
nixos/modules/services/web-servers/apache-httpd/default.nix
View File

@ -6,13 +6,13 @@ let
mainCfg = config.services.httpd;
httpd = mainCfg.package;
httpd = mainCfg.package.out;
version24 = !versionOlder httpd.version "2.4";
httpdConf = mainCfg.configFile;
php = pkgs.php.override { apacheHttpd = httpd; };
php = pkgs.php.override { apacheHttpd = httpd.dev; /* otherwise it only gets .out */ };
getPort = cfg: if cfg.port != 0 then cfg.port else if cfg.enableSSL then 443 else 80;
@ -685,6 +685,7 @@ in
serviceConfig.ExecStart = "@${httpd}/bin/httpd httpd -f ${httpdConf}";
serviceConfig.ExecStop = "${httpd}/bin/httpd -f ${httpdConf} -k graceful-stop";
serviceConfig.ExecReload = "${httpd}/bin/httpd -f ${httpdConf} -k graceful";
serviceConfig.Type = "forking";
serviceConfig.PIDFile = "${mainCfg.stateDir}/httpd.pid";
serviceConfig.Restart = "always";

2
nixos/modules/services/web-servers/apache-httpd/owncloud.nix
View File

@ -333,7 +333,7 @@ let
'version' => '${config.package.version}',
'openssl' => '${pkgs.openssl}/bin/openssl'
'openssl' => '${pkgs.openssl.bin}/bin/openssl'
);

2
nixos/modules/services/web-servers/apache-httpd/phabricator.nix
View File

@ -39,7 +39,7 @@ in {
"${pkgs.diffutils}"
] ++
(if config.mercurial then ["${pkgs.mercurial}"] else []) ++
(if config.subversion then ["${pkgs.subversion}"] else []) ++
(if config.subversion then ["${pkgs.subversion.out}"] else []) ++
(if config.git then ["${pkgs.git}"] else []);
startupScript = pkgs.writeScript "activatePhabricator" ''

11
nixos/modules/services/web-servers/apache-httpd/trac.nix
View File

@ -5,14 +5,19 @@ with lib;
let
# Build a Subversion instance with Apache modules and Swig/Python bindings.
subversion = pkgs.subversion.override (origArgs: {
subversion = pkgs.subversion.override {
bdbSupport = true;
httpServer = true;
pythonBindings = true;
});
apacheHttpd = httpd;
};
pythonLib = p: "${p}/";
httpd = serverInfo.serverConfig.package;
versionPre24 = versionOlder httpd.version "2.4";
in
{
@ -82,7 +87,7 @@ in
AuthName "${config.ldapAuthentication.name}"
AuthBasicProvider "ldap"
AuthLDAPURL "${config.ldapAuthentication.url}"
authzldapauthoritative Off
${if versionPre24 then "authzldapauthoritative Off" else ""}
require valid-user
</LocationMatch>
'' else ""}

2
nixos/modules/services/x11/desktop-managers/gnome3.nix
View File

@ -166,7 +166,7 @@ in {
};
environment.variables.GIO_EXTRA_MODULES = [ "${gnome3.dconf}/lib/gio/modules"
"${gnome3.glib_networking}/lib/gio/modules"
"${gnome3.glib_networking.out}/lib/gio/modules"
"${gnome3.gvfs}/lib/gio/modules" ];
environment.systemPackages = gnome3.corePackages ++ cfg.sessionPath
++ (removePackagesByName gnome3.optionalPackages config.environment.gnome3.excludePackages);

13
nixos/modules/services/x11/desktop-managers/kde5.nix
View File

@ -62,13 +62,13 @@ in
${config.hardware.pulseaudio.package}/bin/pactl load-module module-device-manager "do_routing=1"
''}
exec ${kde5.plasma-workspace}/bin/startkde
exec startkde
'';
};
security.setuidOwners = singleton {
program = "kcheckpass";
source = "${kde5.plasma-workspace}/lib/libexec/kcheckpass";
source = "${kde5.plasma-workspace.out}/lib/libexec/kcheckpass";
owner = "root";
group = "root";
setuid = true;
@ -171,19 +171,22 @@ in
# Enable GTK applications to load SVG icons
environment.variables = mkIf (lib.hasAttr "breeze-icons" kde5) {
GDK_PIXBUF_MODULE_FILE = "${pkgs.librsvg}/lib/gdk-pixbuf-2.0/2.10.0/loaders.cache";
GDK_PIXBUF_MODULE_FILE = "${pkgs.librsvg.out}/lib/gdk-pixbuf-2.0/2.10.0/loaders.cache";
};
fonts.fonts = [ (kde5.oxygen-fonts or pkgs.noto-fonts) ];
programs.ssh.askPassword = "${kde5.ksshaskpass}/bin/ksshaskpass";
programs.ssh.askPassword = "${kde5.ksshaskpass.out}/bin/ksshaskpass";
# Enable helpful DBus services.
services.udisks2.enable = true;
services.upower.enable = config.powerManagement.enable;
# Extra UDEV rules used by Solid
services.udev.packages = [ pkgs.media-player-info ];
services.udev.packages = [
pkgs.libmtp
pkgs.media-player-info
];
services.xserver.displayManager.sddm = {
theme = "breeze";

8
nixos/modules/services/x11/display-managers/default.nix
View File

@ -45,7 +45,7 @@ let
${optionalString cfg.startDbusSession ''
if test -z "$DBUS_SESSION_BUS_ADDRESS"; then
exec ${pkgs.dbus.tools}/bin/dbus-launch --exit-with-session "$0" "$sessionType"
exec ${pkgs.dbus.dbus-launch} --exit-with-session "$0" "$sessionType"
fi
''}
@ -55,11 +55,11 @@ let
# Start PulseAudio if enabled.
${optionalString (config.hardware.pulseaudio.enable) ''
${optionalString (!config.hardware.pulseaudio.systemWide)
"${config.hardware.pulseaudio.package}/bin/pulseaudio --start"
"${config.hardware.pulseaudio.package.out}/bin/pulseaudio --start"
}
# Publish access credentials in the root window.
${config.hardware.pulseaudio.package}/bin/pactl load-module module-x11-publish "display=$DISPLAY"
${config.hardware.pulseaudio.package.out}/bin/pactl load-module module-x11-publish "display=$DISPLAY"
''}
# Tell systemd about our $DISPLAY. This is needed by the
@ -275,7 +275,7 @@ in
};
config = {
services.xserver.displayManager.xserverBin = "${xorg.xorgserver}/bin/X";
services.xserver.displayManager.xserverBin = "${xorg.xorgserver.out}/bin/X";
};
imports = [

6
nixos/modules/services/x11/display-managers/lightdm-greeters/gtk.nix
View File

@ -24,9 +24,9 @@ let
# This wrapper ensures that we actually get themes
makeWrapper ${pkgs.lightdm_gtk_greeter}/sbin/lightdm-gtk-greeter \
$out/greeter \
--prefix PATH : "${pkgs.glibc}/bin" \
--set GDK_PIXBUF_MODULE_FILE "${pkgs.gdk_pixbuf}/lib/gdk-pixbuf-2.0/2.10.0/loaders.cache" \
--set GTK_PATH "${theme}:${pkgs.gtk3}" \
--prefix PATH : "${pkgs.glibc.bin}/bin" \
--set GDK_PIXBUF_MODULE_FILE "${pkgs.gdk_pixbuf.out}/lib/gdk-pixbuf-2.0/2.10.0/loaders.cache" \
--set GTK_PATH "${theme}:${pkgs.gtk3.out}" \
--set GTK_EXE_PREFIX "${theme}" \
--set GTK_DATA_PREFIX "${theme}" \
--set XDG_DATA_DIRS "${theme}/share:${icons}/share" \

2
nixos/modules/services/x11/display-managers/sddm.nix
View File

@ -48,7 +48,7 @@ let
[XDisplay]
MinimumVT=${toString xcfg.tty}
ServerPath=${xserverWrapper}
XephyrPath=${pkgs.xorg.xorgserver}/bin/Xephyr
XephyrPath=${pkgs.xorg.xorgserver.out}/bin/Xephyr
SessionCommand=${dmcfg.session.script}
SessionDir=${dmcfg.session.desktops}
XauthPath=${pkgs.xorg.xauth}/bin/xauth

2
nixos/modules/services/x11/terminal-server.nix
View File

@ -41,7 +41,7 @@ with lib;
{ description = "Terminal Server";
path =
[ pkgs.xorgserver pkgs.gawk pkgs.which pkgs.openssl pkgs.xorg.xauth
[ pkgs.xorgserver.out pkgs.gawk pkgs.which pkgs.openssl pkgs.xorg.xauth
pkgs.nettools pkgs.shadow pkgs.procps pkgs.utillinux pkgs.bash
];

2
nixos/modules/services/x11/window-managers/metacity.nix
View File

@ -20,7 +20,7 @@ in
services.xserver.windowManager.session = singleton
{ name = "metacity";
start = ''
env LD_LIBRARY_PATH=${xorg.libX11}/lib:${xorg.libXext}/lib:/usr/lib/
env LD_LIBRARY_PATH=${xorg.libX11.out}/lib:${xorg.libXext.out}/lib:/usr/lib/
# !!! Hack: load the schemas for Metacity.
GCONF_CONFIG_SOURCE=xml::~/.gconf ${gnome.GConf}/bin/gconftool-2 \
--makefile-install-rule ${gnome.metacity}/etc/gconf/schemas/*.schemas # */

13
nixos/modules/services/x11/xserver.nix
View File

@ -219,6 +219,12 @@ in
'';
};
dpi = mkOption {
type = types.nullOr types.int;
default = 0;
description = "DPI resolution to use for X server.";
};
startDbusSession = mkOption {
type = types.bool;
default = true;
@ -450,7 +456,7 @@ in
]);
environment.systemPackages =
[ xorg.xorgserver
[ xorg.xorgserver.out
xorg.xrandr
xorg.xrdb
xorg.setxkbmap
@ -487,7 +493,7 @@ in
XKB_BINDIR = "${xorg.xkbcomp}/bin"; # Needed for the Xkb extension.
XORG_DRI_DRIVER_PATH = "/run/opengl-driver/lib/dri"; # !!! Depends on the driver selected at runtime.
LD_LIBRARY_PATH = concatStringsSep ":" (
[ "${xorg.libX11}/lib" "${xorg.libXext}/lib" ]
[ "${xorg.libX11.out}/lib" "${xorg.libXext.out}/lib" ]
++ concatLists (catAttrs "libPath" cfg.drivers));
} // cfg.displayManager.job.environment;
@ -513,12 +519,13 @@ in
"-xkbdir" "${cfg.xkbDir}"
] ++ optional (cfg.display != null) ":${toString cfg.display}"
++ optional (cfg.tty != null) "vt${toString cfg.tty}"
++ optional (cfg.dpi != null) "-dpi ${toString cfg.dpi}"
++ optionals (cfg.display != null) [ "-logfile" "/var/log/X.${toString cfg.display}.log" ]
++ optional (!cfg.enableTCP) "-nolisten tcp";
services.xserver.modules =
concatLists (catAttrs "modules" cfg.drivers) ++
[ xorg.xorgserver
[ xorg.xorgserver.out
xorg.xf86inputevdev
];

3
nixos/modules/system/activation/activation-script.nix
View File

@ -12,7 +12,8 @@ let
'';
});
path =
path = map # outputs TODO?
(pkg: (pkg.bin or (pkg.out or pkg)))
[ pkgs.coreutils pkgs.gnugrep pkgs.findutils
pkgs.glibc # needed for getent
pkgs.shadow

4
nixos/modules/system/boot/luksroot.nix
View File

@ -436,9 +436,9 @@ in
${optionalString luks.yubikeySupport ''
copy_bin_and_libs ${pkgs.ykpers}/bin/ykchalresp
copy_bin_and_libs ${pkgs.ykpers}/bin/ykinfo
copy_bin_and_libs ${pkgs.openssl}/bin/openssl
copy_bin_and_libs ${pkgs.openssl.bin}/bin/openssl
cc -O3 -I${pkgs.openssl}/include -L${pkgs.openssl}/lib ${./pbkdf2-sha512.c} -o pbkdf2-sha512 -lcrypto
cc -O3 -I${pkgs.openssl}/include -L${pkgs.openssl.out}/lib ${./pbkdf2-sha512.c} -o pbkdf2-sha512 -lcrypto
strip -s pbkdf2-sha512
copy_bin_and_libs pbkdf2-sha512

7
nixos/modules/system/boot/stage-1-init.sh
View File

@ -434,11 +434,8 @@ udevadm control --exit
# Reset the logging file descriptors.
# Do this just before pkill, which will kill the tee process.
if test -n "@logCommands@"
then
exec 1>&$logOutFd 2>&$logErrFd
eval "exec $logOutFd>&- $logErrFd>&-"
fi
exec 1>&$logOutFd 2>&$logErrFd
eval "exec $logOutFd>&- $logErrFd>&-"
# Kill any remaining processes, just to be sure we're not taking any
# with us into stage 2. But keep storage daemons like unionfs-fuse.

6
nixos/modules/system/boot/stage-1.nix
View File

@ -67,6 +67,10 @@ let
copy_bin_and_libs $BIN
done
# Copy modprobe.
copy_bin_and_libs ${pkgs.kmod}/bin/kmod
ln -sf kmod $out/bin/modprobe
# Copy resize2fs if needed.
${optionalString (any (fs: fs.autoResize) (attrValues config.fileSystems)) ''
# We need mke2fs in the initrd.
@ -76,7 +80,7 @@ let
${config.boot.initrd.extraUtilsCommands}
# Copy ld manually since it isn't detected correctly
cp -pv ${pkgs.glibc}/lib/ld*.so.? $out/lib
cp -pv ${pkgs.glibc.out}/lib/ld*.so.? $out/lib
# Copy all of the needed libraries for the binaries
for BIN in $(find $out/{bin,sbin} -type f); do

13
nixos/modules/system/boot/stage-2.nix
View File

@ -7,11 +7,14 @@ let
kernel = config.boot.kernelPackages.kernel;
activateConfiguration = config.system.activationScripts.script;
readonlyMountpoint = pkgs.runCommand "readonly-mountpoint" {} ''
mkdir -p $out/bin
cc -O3 ${./readonly-mountpoint.c} -o $out/bin/readonly-mountpoint
strip -s $out/bin/readonly-mountpoint
'';
readonlyMountpoint = pkgs.stdenv.mkDerivation {
name = "readonly-mountpoint";
unpackPhase = "true";
installPhase = ''
mkdir -p $out/bin
cc -O3 ${./readonly-mountpoint.c} -o $out/bin/readonly-mountpoint
'';
};
bootStage2 = pkgs.substituteAll {
src = ./stage-2-init.sh;

6
nixos/modules/tasks/filesystems/unionfs-fuse.nix
View File

@ -18,9 +18,9 @@
boot.initrd.postDeviceCommands = ''
# Hacky!!! fuse hard-codes the path to mount
mkdir -p /nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-${pkgs.utillinux.name}/bin
ln -s $(which mount) /nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-${pkgs.utillinux.name}/bin
ln -s $(which umount) /nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-${pkgs.utillinux.name}/bin
mkdir -p /nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-${pkgs.utillinux.name}-bin/bin
ln -s $(which mount) /nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-${pkgs.utillinux.name}-bin/bin
ln -s $(which umount) /nix/store/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-${pkgs.utillinux.name}-bin/bin
'';
})

4
nixos/modules/tasks/filesystems/xfs.nix
View File

@ -11,13 +11,13 @@ in
{
config = mkIf (any (fs: fs == "xfs") config.boot.supportedFilesystems) {
system.fsPackages = [ pkgs.xfsprogs ];
system.fsPackages = [ pkgs.xfsprogs.bin ];
boot.initrd.availableKernelModules = mkIf inInitrd [ "xfs" "crc32c" ];
boot.initrd.extraUtilsCommands = mkIf inInitrd
''
copy_bin_and_libs ${pkgs.xfsprogs}/sbin/fsck.xfs
copy_bin_and_libs ${pkgs.xfsprogs.bin}/bin/fsck.xfs
'';
# Trick just to set 'sh' after the extraUtils nuke-refs.

37
nixos/modules/virtualisation/ec2-amis.nix
View File

@ -89,4 +89,41 @@
"15.09".us-west-2.hvm-s3 = "ami-2956b849";
"15.09".us-west-2.pv-ebs = "ami-005fb160";
"15.09".us-west-2.pv-s3 = "ami-cd55bbad";
"16.03".ap-northeast-1.hvm-ebs = "ami-885040e6";
"16.03".ap-northeast-1.hvm-s3 = "ami-d15a4abf";
"16.03".ap-northeast-1.pv-ebs = "ami-7f455511";
"16.03".ap-northeast-1.pv-s3 = "ami-6d7d6d03";
"16.03".ap-southeast-1.hvm-ebs = "ami-478a5f24";
"16.03".ap-southeast-1.hvm-s3 = "ami-b2885dd1";
"16.03".ap-southeast-1.pv-ebs = "ami-55b46136";
"16.03".ap-southeast-1.pv-s3 = "ami-92b762f1";
"16.03".ap-southeast-2.hvm-ebs = "ami-26b09345";
"16.03".ap-southeast-2.hvm-s3 = "ami-52ac8f31";
"16.03".ap-southeast-2.pv-ebs = "ami-1fb3907c";
"16.03".ap-southeast-2.pv-s3 = "ami-49b1922a";
"16.03".eu-central-1.hvm-ebs = "ami-2bd63744";
"16.03".eu-central-1.hvm-s3 = "ami-82d435ed";
"16.03".eu-central-1.pv-ebs = "ami-b729c8d8";
"16.03".eu-central-1.pv-s3 = "ami-a12dccce";
"16.03".eu-west-1.hvm-ebs = "ami-87c242f4";
"16.03".eu-west-1.hvm-s3 = "ami-b6c343c5";
"16.03".eu-west-1.pv-ebs = "ami-6bc94918";
"16.03".eu-west-1.pv-s3 = "ami-00cb4b73";
"16.03".sa-east-1.hvm-ebs = "ami-845cd3e8";
"16.03".sa-east-1.hvm-s3 = "ami-8142cded";
"16.03".sa-east-1.pv-ebs = "ami-1643cc7a";
"16.03".sa-east-1.pv-s3 = "ami-1646c97a";
"16.03".us-east-1.hvm-ebs = "ami-2cc4d046";
"16.03".us-east-1.hvm-s3 = "ami-9bc9ddf1";
"16.03".us-east-1.pv-ebs = "ami-7df4e017";
"16.03".us-east-1.pv-s3 = "ami-90f2e6fa";
"16.03".us-west-1.hvm-ebs = "ami-d8116db8";
"16.03".us-west-1.hvm-s3 = "ami-a7166ac7";
"16.03".us-west-1.pv-ebs = "ami-e90c7089";
"16.03".us-west-1.pv-s3 = "ami-5b0c703b";
"16.03".us-west-2.hvm-ebs = "ami-b339ccd3";
"16.03".us-west-2.hvm-s3 = "ami-2c3bce4c";
"16.03".us-west-2.pv-ebs = "ami-0625d066";
"16.03".us-west-2.pv-s3 = "ami-7414e114";
}

2
nixos/modules/virtualisation/virtualbox-guest.nix
View File

@ -66,7 +66,7 @@ in
services.xserver.displayManager.sessionCommands =
''
PATH=${makeSearchPath "bin" [ pkgs.gnugrep pkgs.which pkgs.xorg.xorgserver ]}:$PATH \
PATH=${makeSearchPath "bin" [ pkgs.gnugrep pkgs.which pkgs.xorg.xorgserver.out ]}:$PATH \
${kernel.virtualboxGuestAdditions}/bin/VBoxClient-all
'';

2
nixos/tests/cadvisor.nix
View File

@ -14,7 +14,7 @@ import ./make-test.nix ({ pkgs, ... } : {
services.cadvisor.storageDriver = "influxdb";
services.influxdb.enable = true;
systemd.services.influxdb.postStart = mkAfter ''
${pkgs.curl}/bin/curl -X POST 'http://localhost:8086/db?u=root&p=root' \
${pkgs.curl.bin}/bin/curl -X POST 'http://localhost:8086/db?u=root&p=root' \
-d '{"name": "root"}'
'';
};

2
pkgs/applications/altcoins/bitcoin-xt.nix
View File

@ -19,7 +19,7 @@ stdenv.mkDerivation rec{
configureFlags = [
"--with-boost-libdir=${boost.lib}/lib"
"--with-libcurl-headers=${curl}/include"
"--with-libcurl-headers=${curl.dev}/include"
] ++ optionals withGui [ "--with-gui=qt4" ];
meta = {

2
pkgs/applications/audio/ardour/default.nix
View File

@ -42,7 +42,7 @@ stdenv.mkDerivation rec {
# have to do that ourself.
patchPhase = ''
printf '#include "libs/ardour/ardour/revision.h"\nnamespace ARDOUR { const char* revision = \"${tag}-${builtins.substring 0 8 src.rev}\"; }\n' > libs/ardour/revision.cc
sed 's|/usr/include/libintl.h|${glibc}/include/libintl.h|' -i wscript
sed 's|/usr/include/libintl.h|${glibc.dev}/include/libintl.h|' -i wscript
patchShebangs ./tools/
'';

6
pkgs/applications/audio/audacity/default.nix
View File

@ -18,6 +18,12 @@ stdenv.mkDerivation rec {
sha256 = "19fr674mw844zmkp1476yigkcnmb6zyn78av64ccdwi3p68i00rf";
})];
# fix with gcc-5 from http://lists.freebsd.org/pipermail/freebsd-ports-bugs/2012-December/245884.html
postPatch = ''
substituteInPlace lib-src/libnyquist/nyquist/ffts/src/fftlib.c \
--replace 'inline void' 'static inline void'
'';
preConfigure = /* we prefer system-wide libs */ ''
mv lib-src lib-src-rm
mkdir lib-src

2
pkgs/applications/audio/baudline/default.nix
View File

@ -36,7 +36,7 @@ stdenv.mkDerivation rec {
cp -r . "$out/libexec/baudline/"
interpreter="$(echo ${stdenv.glibc}/lib/ld-linux*)"
interpreter="$(echo ${stdenv.glibc.out}/lib/ld-linux*)"
for prog in "$out"/libexec/baudline/baudline*; do
patchelf --interpreter "$interpreter" "$prog"
ln -sr "$prog" "$out/bin/"

2
pkgs/applications/audio/caudec/default.nix
View File

@ -25,7 +25,7 @@ stdenv.mkDerivation rec {
postFixup = ''
for executable in $(cd $out/bin && ls); do
wrapProgram $out/bin/$executable \
--prefix PATH : "${bc}/bin:${findutils}/bin:${sox}/bin:${procps}/bin:${opusTools}/bin:${lame}/bin:${flac}/bin"
--prefix PATH : "${bc}/bin:${findutils}/bin:${sox}/bin:${procps}/bin:${opusTools}/bin:${lame}/bin:${flac.bin}/bin"
done
'';

4
pkgs/applications/audio/drumgizmo/default.nix
View File

@ -3,12 +3,12 @@
}:
stdenv.mkDerivation rec {
version = "0.9.9";
version = "0.9.10";
name = "drumgizmo-${version}";
src = fetchurl {
url = "http://www.drumgizmo.org/releases/${name}/${name}.tar.gz";
sha256 = "03dnh2p4s6n107n0r86h9j1jwy85a8qwjkh0288k60qpdqy1c7vp";
sha256 = "142si734lsyywxhn7msiz053ir96kl5im3h1jql3vhcb4807f3d1";
};
configureFlags = [ "--enable-lv2" ];

4
pkgs/applications/audio/flac/default.nix
View File

@ -8,12 +8,12 @@ stdenv.mkDerivation rec {
sha256 = "4773c0099dba767d963fd92143263be338c48702172e8754b9bc5103efe1c56c";
};
outputs = [ "out" "doc" ];
buildInputs = [ libogg ];
#doCheck = true; # takes lots of time
outputs = [ "dev" "out" "bin" "doc" ];
meta = with stdenv.lib; {
homepage = http://xiph.org/flac/;
description = "Library and tools for encoding and decoding the FLAC lossless audio file format";

2
pkgs/applications/audio/google-musicmanager/default.nix
View File

@ -36,7 +36,7 @@ stdenv.mkDerivation rec {
buildPhase = ''
patchelf \
--set-interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" \
--set-rpath "$out/opt/google/musicmanager:${readline}/lib:${ncurses}/lib:${stdenv.cc.libc}/lib:${qt48}/lib:${stdenv.cc.cc}/lib:${libidn}/lib:${expat}/lib:${flac}/lib:${libvorbis}/lib" opt/google/musicmanager/MusicManager
--set-rpath "$out/opt/google/musicmanager:${stdenv.lib.makeLibraryPath [ readline ncurses stdenv.cc.libc.out qt48 stdenv.cc.cc libidn expat flac libvorbis ]}" opt/google/musicmanager/MusicManager
'';
dontPatchELF = true;

30
pkgs/applications/audio/japa/default.nix Normal file
View File

@ -0,0 +1,30 @@
{ stdenv, fetchurl, alsaLib, libjack2, fftwFloat, libclthreads, libclxclient, libX11, libXft, zita-alsa-pcmi, }:
stdenv.mkDerivation rec {
version = "0.8.4";
name = "japa-${version}";
src = fetchurl {
url = "http://kokkinizita.linuxaudio.org/linuxaudio/downloads/${name}.tar.bz2";
sha256 = "1jhj7s4vqk5c4lchdall0kslvj5sh91902hhfjvs6r3a5nrhwcp0";
};
buildInputs = [ alsaLib libjack2 fftwFloat libclthreads libclxclient libX11 libXft zita-alsa-pcmi ];
preConfigure = ''
cd ./source/
'';
makeFlags = [
"PREFIX=$(out)"
"SUFFIX=''"
];
meta = {
description = "A 'perceptual' or 'psychoacoustic' audio spectrum analyser for JACK and ALSA";
homepage = http://kokkinizita.linuxaudio.org/linuxaudio/index.html;
license = stdenv.lib.licenses.gpl2;
maintainers = [ stdenv.lib.maintainers.magnetophon ];
platforms = stdenv.lib.platforms.linux;
};
}

2
pkgs/applications/audio/milkytracker/default.nix
View File

@ -29,7 +29,7 @@ stdenv.mkDerivation rec {
'';
preBuild=''
export CPATH=${zlib}/lib
export CPATH=${zlib.out}/lib
'';
buildInputs = [ SDL alsaLib autoconf automake libjack2 perl zlib zziplib ];

4
pkgs/applications/audio/paprefs/default.nix
View File

@ -1,5 +1,5 @@
{ fetchurl, stdenv, pkgconfig, libpulseaudio, gtkmm, libglademm
, dbus_glib, gconfmm, intltool }:
, dbus_glib, GConf, gconfmm, intltool }:
stdenv.mkDerivation rec {
name = "paprefs-0.9.10";
@ -13,6 +13,8 @@ stdenv.mkDerivation rec {
nativeBuildInputs = [ pkgconfig intltool ];
propagatedUserEnvPkgs = [ GConf ];
configureFlags = [ "--disable-lynx" ];
meta = with stdenv.lib; {

18
pkgs/applications/audio/spotify/default.nix
View File

@ -1,11 +1,11 @@
{ fetchurl, stdenv, dpkg, xorg, alsaLib, makeWrapper, openssl_1_0_1, freetype
{ fetchurl, stdenv, dpkg, xorg, alsaLib, makeWrapper, openssl, freetype
, glib, pango, cairo, atk, gdk_pixbuf, gtk, cups, nspr, nss, libpng, GConf
, libgcrypt, udev, fontconfig, dbus, expat, ffmpeg_0_10, curl, zlib, gnome }:
, libgcrypt, libudev, fontconfig, dbus, expat, ffmpeg_0_10, curl, zlib, gnome }:
assert stdenv.system == "x86_64-linux";
let
version = "1.0.26.125.g64dc8bc6-14";
version = "1.0.27.71.g0a26e3b2-9";
deps = [
alsaLib
@ -27,7 +27,7 @@ let
nss
pango
stdenv.cc.cc
udev
libudev
xorg.libX11
xorg.libXcomposite
xorg.libXcursor
@ -50,7 +50,7 @@ stdenv.mkDerivation {
src =
fetchurl {
url = "http://repository-origin.spotify.com/pool/non-free/s/spotify-client/spotify-client_${version}_amd64.deb";
sha256 = "09wanpml2a6k8asfc0pd56n7fia37amgsplsan1qdh6dwdzr3rv5";
sha256 = "1rs08cvn0y1lzazlmzj4sn2iyacadwi6j70n5c7rvfvvs4p61p42";
};
buildInputs = [ dpkg makeWrapper ];
@ -68,10 +68,10 @@ stdenv.mkDerivation {
# Work around Spotify referring to a specific minor version of
# OpenSSL.
ln -s ${openssl_1_0_1}/lib/libssl.so $libdir/libssl.so.1.0.0
ln -s ${openssl_1_0_1}/lib/libcrypto.so $libdir/libcrypto.so.1.0.0
ln -s ${nspr}/lib/libnspr4.so $libdir/libnspr4.so
ln -s ${nspr}/lib/libplc4.so $libdir/libplc4.so
ln -s ${openssl.out}/lib/libssl.so $libdir/libssl.so.1.0.0
ln -s ${openssl.out}/lib/libcrypto.so $libdir/libcrypto.so.1.0.0
ln -s ${nspr.out}/lib/libnspr4.so $libdir/libnspr4.so
ln -s ${nspr.out}/lib/libplc4.so $libdir/libplc4.so
rpath="$out/share/spotify:$libdir"

2
pkgs/applications/audio/swh-lv2/default.nix
View File

@ -10,7 +10,7 @@ stdenv.mkDerivation rec {
};
patchPhase = ''
sed -e "s#xsltproc#${libxslt}/bin/xsltproc#" -i Makefile
sed -e "s#xsltproc#${libxslt.bin}/bin/xsltproc#" -i Makefile
sed -e "s#PREFIX = /usr/local#PREFIX = $out#" -i Makefile
'';

2
pkgs/applications/audio/yoshimi/default.nix
View File

@ -22,7 +22,7 @@ stdenv.mkDerivation rec {
preConfigure = "cd src";
cmakeFlags = [ "-DFLTK_MATH_LIBRARY=${stdenv.glibc}/lib/libm.so -DCMAKE_INSTALL_DATAROOTDIR=$out" ];
cmakeFlags = [ "-DFLTK_MATH_LIBRARY=${stdenv.glibc.out}/lib/libm.so -DCMAKE_INSTALL_DATAROOTDIR=$out" ];
meta = with stdenv.lib; {
description = "high quality software synthesizer based on ZynAddSubFX";

8
pkgs/applications/backup/crashplan/default.nix
View File

@ -1,13 +1,15 @@
{ stdenv, fetchurl, makeWrapper, jre, cpio, gawk, gnugrep, gnused, procps, swt, gtk2, glib, libXtst }:
let version = "4.6.0";
let
version = "4.6.0";
rev = "2"; #tracks unversioned changes that occur on download.code42.com from time to time
in stdenv.mkDerivation rec {
name = "crashplan-${version}";
name = "crashplan-${version}-r${rev}";
crashPlanArchive = fetchurl {
url = "https://download.code42.com/installs/linux/install/CrashPlan/CrashPlan_${version}_Linux.tgz";
sha256 = "0h9zk6i1pdvl101c8l4v4x6i7q4wkmkqp2dkm0lq7ha96lrvac47";
sha256 = "13rmmdj048r8k4v7ig4i6pnvwyzc1vasfgksf070bx6ksklgbq47";
};
srcs = [ crashPlanArchive ];

4
pkgs/applications/display-managers/sddm/default.nix
View File

@ -72,7 +72,7 @@ stdenv.mkDerivation {
nativeBuildInputs = [ lndir makeQtWrapper ];
buildInputs = [ unwrapped ] ++ themes;
inherit themes;
themes = map (pkg: pkg.out or pkg) themes;
inherit unwrapped;
installPhase = ''
@ -81,7 +81,7 @@ stdenv.mkDerivation {
mkdir -p "$out/share/sddm"
for pkg in $unwrapped $themes; do
local sddmDir="$pkg/share/sddm"
if [[ -d "$sddmDir" ]]; then
if [ -d "$sddmDir" ]; then
lndir -silent "$sddmDir" "$out/share/sddm"
fi
done

4
pkgs/applications/display-managers/slim/default.nix
View File

@ -1,5 +1,5 @@
{ stdenv, fetchurl, cmake, pkgconfig, xorg, libjpeg, libpng
, fontconfig, freetype, pam, dbus_libs, makeWrapper, pkgs }:
, fontconfig, freetype, pam, dbus_libs, makeWrapper }:
stdenv.mkDerivation rec {
name = "slim-1.3.6";
@ -34,7 +34,7 @@ stdenv.mkDerivation rec {
buildInputs =
[ cmake pkgconfig libjpeg libpng fontconfig freetype
pam dbus_libs
pam dbus_libs (stdenv.cc.libc.out or null)
xorg.libX11 xorg.libXext xorg.libXrandr xorg.libXrender xorg.libXmu xorg.libXft makeWrapper
];

Some files were not shown because too many files have changed in this diff Show More