From c844621f7177b0c739dcbe98840d608f75cc57c4 Mon Sep 17 00:00:00 2001
From: "R. RyanTM" <ryantm-bot@ryantm.com>
Date: Wed, 24 Feb 2021 18:10:11 +0000
Subject: [PATCH 01/51] python37Packages.bitbox02: 5.2.0 -> 5.3.0
---
pkgs/development/python-modules/bitbox02/default.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/development/python-modules/bitbox02/default.nix b/pkgs/development/python-modules/bitbox02/default.nix
index ce62fd6dce0..d57d4a6585b 100644
--- a/pkgs/development/python-modules/bitbox02/default.nix
+++ b/pkgs/development/python-modules/bitbox02/default.nix
@@ -2,11 +2,11 @@
buildPythonPackage rec {
pname = "bitbox02";
- version = "5.2.0";
+ version = "5.3.0";
src = fetchPypi {
inherit pname version;
- sha256 = "52b0b617660601939b30c8b588c28910946448b1b6d69ca231d5e3e47a322b71";
+ sha256 = "fe0e8aeb9b32fd7d76bb3e9838895973a74dfd532a8fb8ac174a1a60214aee26";
};
propagatedBuildInputs = [ base58 ecdsa hidapi noiseprotocol protobuf semver typing-extensions ];
From 820cc72b52b961220fe862b74d42f27ce8c8b2da Mon Sep 17 00:00:00 2001
From: Graham Christensen <graham@grahamc.com>
Date: Tue, 2 Mar 2021 00:57:17 -0800
Subject: [PATCH 02/51] ssm-agent: 2.3.1319.0 -> 3.0.755.0
Co-authored-by: Cole Helbling <cole.e.helbling@outlook.com>
---
...C-tests-that-fail-in-the-Nix-sandbox.patch | 44 +++++++
...-gen-don-t-use-unnecessary-constants.patch | 46 ++++++++
.../networking/cluster/ssm-agent/default.nix | 108 +++++++++++-------
3 files changed, 159 insertions(+), 39 deletions(-)
create mode 100644 pkgs/applications/networking/cluster/ssm-agent/0001-Disable-NIC-tests-that-fail-in-the-Nix-sandbox.patch
create mode 100644 pkgs/applications/networking/cluster/ssm-agent/0002-version-gen-don-t-use-unnecessary-constants.patch
diff --git a/pkgs/applications/networking/cluster/ssm-agent/0001-Disable-NIC-tests-that-fail-in-the-Nix-sandbox.patch b/pkgs/applications/networking/cluster/ssm-agent/0001-Disable-NIC-tests-that-fail-in-the-Nix-sandbox.patch
new file mode 100644
index 00000000000..364f7653efa
--- /dev/null
+++ b/pkgs/applications/networking/cluster/ssm-agent/0001-Disable-NIC-tests-that-fail-in-the-Nix-sandbox.patch
@@ -0,0 +1,44 @@
+From bea6307ec2a77d90d59c13940381d73ec0f05b70 Mon Sep 17 00:00:00 2001
+From: Graham Christensen <graham@grahamc.com>
+Date: Mon, 1 Mar 2021 10:57:44 -0500
+Subject: [PATCH] Disable NIC tests that fail in the Nix sandbox.
+
+---
+ agent/managedInstances/fingerprint/fingerprint_integ_test.go | 2 ++
+ agent/ssm/service_test.go | 1 +
+ 2 files changed, 3 insertions(+)
+
+diff --git a/agent/managedInstances/fingerprint/fingerprint_integ_test.go b/agent/managedInstances/fingerprint/fingerprint_integ_test.go
+index a1f969ff..631ea1f5 100644
+--- a/agent/managedInstances/fingerprint/fingerprint_integ_test.go
++++ b/agent/managedInstances/fingerprint/fingerprint_integ_test.go
+@@ -28,12 +28,14 @@ func TestHostnameInfo(t *testing.T) {
+ }
+
+ func TestPrimaryIpInfo(t *testing.T) {
++ t.Skip("The Nix build sandbox has no non-loopback IPs, causing this test to fail.");
+ ip, err := primaryIpInfo()
+ assert.NoError(t, err, "expected no error fetching the primary ip")
+ assert.NotEmpty(t, ip, "expected to fetch primary ip")
+ }
+
+ func TestMacAddrInfo(t *testing.T) {
++ t.Skip("The Nix build sandbox has no non-loopback interfaces, causing this test to fail.");
+ mac, err := macAddrInfo()
+ assert.NoError(t, err, "expected no error fetching the mac addr")
+ assert.NotEmpty(t, mac, "expected to fetch mac address")
+diff --git a/agent/ssm/service_test.go b/agent/ssm/service_test.go
+index f4b34f83..d8216dba 100644
+--- a/agent/ssm/service_test.go
++++ b/agent/ssm/service_test.go
+@@ -85,6 +85,7 @@ func (suite *SsmServiceTestSuite) TestUpdateEmptyInstanceInformation() {
+ // Test function for update instance information
+ // This function update the agent name, agent statuc, and agent version.
+ func (suite *SsmServiceTestSuite) TestUpdateInstanceInformation() {
++ suite.T().Skip("The Nix build sandbox has no interfaces for IP and MAC address reports.");
+ // Give mock value to test UpdateInstanceInformation, assert the error is nil, assert the log.Debug function get called.
+ response, err := suite.sdkService.UpdateInstanceInformation(suite.logMock, "2.2.3.2", "active", "Amazon-ssm-agent")
+ assert.Nil(suite.T(), err, "Err should be nil")
+--
+2.29.2
+
diff --git a/pkgs/applications/networking/cluster/ssm-agent/0002-version-gen-don-t-use-unnecessary-constants.patch b/pkgs/applications/networking/cluster/ssm-agent/0002-version-gen-don-t-use-unnecessary-constants.patch
new file mode 100644
index 00000000000..234e510d3d1
--- /dev/null
+++ b/pkgs/applications/networking/cluster/ssm-agent/0002-version-gen-don-t-use-unnecessary-constants.patch
@@ -0,0 +1,46 @@
+From 473e3f8544915a35b3a45c548743978b34e5310e Mon Sep 17 00:00:00 2001
+From: Cole Helbling <cole.e.helbling@outlook.com>
+Date: Tue, 2 Mar 2021 00:24:00 -0800
+Subject: [PATCH] version-gen: don't use unnecessary constants
+
+This prevents the tool from being built with Nix, because this project
+doesn't use Go modules (or something; I'm not really familiar with Go,
+much less Go + Nix).
+---
+ agent/version/versiongenerator/version-gen.go | 6 ++----
+ 1 file changed, 2 insertions(+), 4 deletions(-)
+
+diff --git a/agent/version/versiongenerator/version-gen.go b/agent/version/versiongenerator/version-gen.go
+index d710effc..55c9a001 100644
+--- a/agent/version/versiongenerator/version-gen.go
++++ b/agent/version/versiongenerator/version-gen.go
+@@ -22,8 +22,6 @@ import (
+ "path/filepath"
+ "strings"
+ "text/template"
+-
+- "github.com/aws/amazon-ssm-agent/agent/appconfig"
+ )
+
+ const versiongoTemplate = `// This is an autogenerated file and should not be edited.
+@@ -59,7 +57,7 @@ func main() {
+ versionStr := strings.TrimSpace(string(versionContent))
+
+ fmt.Printf("Agent Version: %v", versionStr)
+- if err := ioutil.WriteFile(filepath.Join("VERSION"), []byte(versionStr), appconfig.ReadWriteAccess); err != nil {
++ if err := ioutil.WriteFile(filepath.Join("VERSION"), []byte(versionStr), 0600); err != nil {
+ log.Fatalf("Error writing to VERSION file. %v", err)
+ }
+
+@@ -108,7 +106,7 @@ func main() {
+
+ releaseNoteOutFile := strings.Join(releaseNoteLines, "\n")
+
+- if err = ioutil.WriteFile(filepath.Join(releaseNotesFile), []byte(releaseNoteOutFile), appconfig.ReadWriteAccess); err != nil {
++ if err = ioutil.WriteFile(filepath.Join(releaseNotesFile), []byte(releaseNoteOutFile), 0600); err != nil {
+ log.Fatalf("Error writing to RELEASENOTES.md file. %v", err)
+ }
+
+--
+2.30.0
+
diff --git a/pkgs/applications/networking/cluster/ssm-agent/default.nix b/pkgs/applications/networking/cluster/ssm-agent/default.nix
index b042f8ff15f..9b9e57ca333 100644
--- a/pkgs/applications/networking/cluster/ssm-agent/default.nix
+++ b/pkgs/applications/networking/cluster/ssm-agent/default.nix
@@ -1,63 +1,93 @@
-{ lib, fetchFromGitHub, buildGoPackage, bash, makeWrapper }:
+{ lib
+, writeShellScriptBin
+, buildGoPackage
+, makeWrapper
+, fetchFromGitHub
+, coreutils
+, nettools
+, dmidecode
+, util-linux
+, bashInteractive
+}:
+let
+ # The SSM agent doesn't pay attention to our /etc/os-release yet, and the lsb-release tool
+ # in nixpkgs doesn't seem to work properly on NixOS, so let's just fake the two fields SSM
+ # looks for. See https://github.com/aws/amazon-ssm-agent/issues/38 for upstream fix.
+ fake-lsb-release = writeShellScriptBin "lsb_release" ''
+ . /etc/os-release || true
+
+ case "$1" in
+ -i) echo "''${NAME:-unknown}";;
+ -r) echo "''${VERSION:-unknown}";;
+ esac
+ '';
+in
buildGoPackage rec {
- pname = "amazon-ssm-agent";
- version = "2.3.1319.0";
+ pname = "amazon-ssm-agent";
+ version = "3.0.755.0";
goPackagePath = "github.com/aws/${pname}";
- subPackages = [
- "agent"
- "agent/framework/processor/executer/outofproc/worker"
- "agent/framework/processor/executer/outofproc/worker"
- "agent/framework/processor/executer/outofproc/sessionworker"
- "agent/session/logging"
- "agent/cli-main"
- ];
nativeBuildInputs = [ makeWrapper ];
src = fetchFromGitHub {
- rev = version;
- owner = "aws";
- repo = pname;
- sha256 = "1yiyhj7ckqa32b1rnbwn7zx89rsj00m5imn1xlpsw002ywxsxbnv";
+ rev = version;
+ owner = "aws";
+ repo = "amazon-ssm-agent";
+ hash = "sha256-yVQJL1MJ1JlAndlrXfEbNLQihlbLhSoQXTKzJMRzhao=";
};
- preBuild = ''
- mv go/src/${goPackagePath}/vendor strange-vendor
- mv strange-vendor/src go/src/${goPackagePath}/vendor
+ patches = [
+ # Some tests use networking, so we skip them.
+ ./0001-Disable-NIC-tests-that-fail-in-the-Nix-sandbox.patch
- cd go/src/${goPackagePath}
- echo ${version} > VERSION
+ # They used constants from another package that I couldn't figure
+ # out how to resolve, so hardcoded the constants.
+ ./0002-version-gen-don-t-use-unnecessary-constants.patch
+ ];
- substituteInPlace agent/plugins/inventory/gatherers/application/dataProvider.go \
- --replace '"github.com/aws/amazon-ssm-agent/agent/plugins/configurepackage/localpackages"' ""
+ configurePhase = ''
+ export HOME=$(mktemp -d)
- go run agent/version/versiongenerator/version-gen.go
- substituteInPlace agent/appconfig/constants_unix.go \
- --replace /usr/bin/ssm-document-worker $bin/bin/ssm-document-worker \
- --replace /usr/bin/ssm-session-worker $bin/bin/ssm-session-worker \
- --replace /usr/bin/ssm-session-logger $bin/bin/ssm-session-logger
- cd -
+ printf "#!/bin/sh\ntrue" > ./Tools/src/checkstyle.sh
+
+ substituteInPlace agent/platform/platform_unix.go \
+ --replace "/usr/bin/uname" "${coreutils}/bin/uname" \
+ --replace '"/bin", "hostname"' '"${nettools}/bin/hostname"' \
+ --replace '"lsb_release"' '"${fake-lsb-release}/bin/lsb_release"'
+
+ substituteInPlace agent/managedInstances/fingerprint/hardwareInfo_unix.go \
+ --replace /usr/sbin/dmidecode ${dmidecode}/bin/dmidecode
+
+ substituteInPlace agent/session/shell/shell_unix.go \
+ --replace '"script"' '"${util-linux}/bin/script"'
+
+ # Note: if this step fails, please patch the code to fix it! Please only skip
+ # tests if it is not feasible for the test to pass in a sandbox.
+ make quick-integtest
+
+ echo "${version}" > VERSION
+
+ make pre-release
+ make pre-build
'';
- postBuild = ''
- mv go/bin/agent go/bin/amazon-ssm-agent
- mv go/bin/worker go/bin/ssm-document-worker
- mv go/bin/sessionworker go/bin/ssm-session-worker
- mv go/bin/logging go/bin/ssm-session-logger
- mv go/bin/cli-main go/bin/ssm-cli
+ buildPhase = ''
+ make build-linux
'';
- postInstall = ''
- wrapProgram $out/bin/amazon-ssm-agent --prefix PATH : ${bash}/bin
+ installPhase = ''
+ mkdir -p $out/bin
+ mv bin/linux_*/* $out/bin/
+ wrapProgram $out/bin/amazon-ssm-agent --prefix PATH : ${bashInteractive}/bin
'';
meta = with lib; {
description = "Agent to enable remote management of your Amazon EC2 instance configuration";
- homepage = "https://github.com/aws/amazon-ssm-agent";
- license = licenses.asl20;
- platforms = platforms.unix;
+ homepage = "https://github.com/aws/amazon-ssm-agent";
+ license = licenses.asl20;
+ platforms = platforms.unix;
maintainers = with maintainers; [ copumpkin manveru ];
};
}
From 429d55c6d4957c9a7dce0e7e48e4dc587a38d56b Mon Sep 17 00:00:00 2001
From: "R. RyanTM" <ryantm-bot@ryantm.com>
Date: Wed, 3 Mar 2021 01:48:53 +0000
Subject: [PATCH 03/51] mcfly: 0.5.3 -> 0.5.4
---
pkgs/tools/misc/mcfly/default.nix | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/pkgs/tools/misc/mcfly/default.nix b/pkgs/tools/misc/mcfly/default.nix
index 616ee822eba..acdde84accd 100644
--- a/pkgs/tools/misc/mcfly/default.nix
+++ b/pkgs/tools/misc/mcfly/default.nix
@@ -2,13 +2,13 @@
rustPlatform.buildRustPackage rec {
pname = "mcfly";
- version = "0.5.3";
+ version = "0.5.4";
src = fetchFromGitHub {
owner = "cantino";
repo = "mcfly";
rev = "v${version}";
- sha256 = "1p51wdv47cyg6dmb81fm0d92x1kp7bwwpgax6vlh669nkddiwvmm";
+ sha256 = "sha256-OYHUawlVHUlKMOWFqeJgg8EIe6Hbe+tKi57sJC5zH1U=";
};
postInstall = ''
@@ -20,7 +20,7 @@ rustPlatform.buildRustPackage rec {
install -Dm644 -t $out/share/mcfly mcfly.fish
'';
- cargoSha256 = "0gcdgca8w8i978b067rwm5zrc81rxb704006k9pbcwizkq2281yy";
+ cargoSha256 = "sha256-aiOw1esERlhOTBCldxoldMCrxMxcGpYXEvjSFQ8xU8A=";
meta = with lib; {
homepage = "https://github.com/cantino/mcfly";
From 29b99a22a5e06de3d7a2401398c169782685078e Mon Sep 17 00:00:00 2001
From: Cole Helbling <cole.e.helbling@outlook.com>
Date: Tue, 2 Mar 2021 12:47:42 -0800
Subject: [PATCH 04/51] ssm-agent: don't override phases
---
.../networking/cluster/ssm-agent/default.nix | 43 +++++++++++++------
1 file changed, 30 insertions(+), 13 deletions(-)
diff --git a/pkgs/applications/networking/cluster/ssm-agent/default.nix b/pkgs/applications/networking/cluster/ssm-agent/default.nix
index 9b9e57ca333..3aa583f3ae3 100644
--- a/pkgs/applications/networking/cluster/ssm-agent/default.nix
+++ b/pkgs/applications/networking/cluster/ssm-agent/default.nix
@@ -11,9 +11,10 @@
}:
let
- # The SSM agent doesn't pay attention to our /etc/os-release yet, and the lsb-release tool
- # in nixpkgs doesn't seem to work properly on NixOS, so let's just fake the two fields SSM
- # looks for. See https://github.com/aws/amazon-ssm-agent/issues/38 for upstream fix.
+ # Tests use lsb_release, so we mock it (the SSM agent used to not
+ # read from our /etc/os-release file, but now it does) because in
+ # reality, it won't (shouldn't) be used when active on a system with
+ # /etc/os-release. If it is, we fake the only two fields it cares about.
fake-lsb-release = writeShellScriptBin "lsb_release" ''
. /etc/os-release || true
@@ -47,9 +48,8 @@ buildGoPackage rec {
./0002-version-gen-don-t-use-unnecessary-constants.patch
];
- configurePhase = ''
- export HOME=$(mktemp -d)
-
+ preConfigure = ''
+ rm -r ./Tools/src/goreportcard
printf "#!/bin/sh\ntrue" > ./Tools/src/checkstyle.sh
substituteInPlace agent/platform/platform_unix.go \
@@ -63,23 +63,40 @@ buildGoPackage rec {
substituteInPlace agent/session/shell/shell_unix.go \
--replace '"script"' '"${util-linux}/bin/script"'
+ echo "${version}" > VERSION
+ '';
+
+ preBuild = ''
+ cp -r go/src/${goPackagePath}/vendor/src go
+
+ pushd go/src/${goPackagePath}
+
# Note: if this step fails, please patch the code to fix it! Please only skip
# tests if it is not feasible for the test to pass in a sandbox.
make quick-integtest
- echo "${version}" > VERSION
-
make pre-release
make pre-build
+
+ popd
'';
- buildPhase = ''
- make build-linux
+ postBuild = ''
+ pushd go/bin
+
+ rm integration-cli versiongenerator generator
+
+ mv core amazon-ssm-agent
+ mv agent ssm-agent-worker
+ mv cli-main ssm-cli
+ mv worker ssm-document-worker
+ mv logging ssm-session-logger
+ mv sessionworker ssm-session-worker
+
+ popd
'';
- installPhase = ''
- mkdir -p $out/bin
- mv bin/linux_*/* $out/bin/
+ postFixup = ''
wrapProgram $out/bin/amazon-ssm-agent --prefix PATH : ${bashInteractive}/bin
'';
From eab2ba0a67d13b65eaa9b2f5befbe7fbd0fc0468 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dani=C3=ABl=20de=20Kok?= <me@danieldk.eu>
Date: Thu, 4 Mar 2021 08:45:33 +0100
Subject: [PATCH 05/51] python3Packages.etebase: switch to buildPythonPackage +
cargoSetupHook
The derivation also built OpenSSL statically. Switch to our OpenSSL
derivation instead, so that the package gets automatic OpenSSL
security updates.
---
.../python-modules/etebase/default.nix | 57 ++++++++++---------
1 file changed, 30 insertions(+), 27 deletions(-)
diff --git a/pkgs/development/python-modules/etebase/default.nix b/pkgs/development/python-modules/etebase/default.nix
index 7832f6b4787..9151e2471c4 100644
--- a/pkgs/development/python-modules/etebase/default.nix
+++ b/pkgs/development/python-modules/etebase/default.nix
@@ -1,19 +1,17 @@
-{ lib, stdenv
-, wheel
-, rustPlatform
-, pipInstallHook
-, setuptools-rust
-, python
-, msgpack
-, requests
-, openssl
-, perl
-, rustfmt
+{ lib
+, stdenv
, fetchFromGitHub
+, buildPythonPackage
+, rustPlatform
+, pkg-config
+, rustfmt
+, setuptools-rust
+, openssl
, Security
+, msgpack
}:
-rustPlatform.buildRustPackage rec {
+buildPythonPackage rec {
pname = "etebase";
version = "0.31.1";
@@ -24,33 +22,38 @@ rustPlatform.buildRustPackage rec {
sha256 = "163iw64l8lwawf84qswcjsq9p8qddv9ysjrr3dzqpqxb2yb0sy39";
};
- cargoSha256 = "0w8ypl6kj1mf6ahbdiwbd4jw6ldxdaig47zwk91jjsww5lbyx4lf";
+ cargoDeps = rustPlatform.fetchCargoTarball {
+ inherit src;
+ name = "${pname}-${version}";
+ sha256 = "0w8ypl6kj1mf6ahbdiwbd4jw6ldxdaig47zwk91jjsww5lbyx4lf";
+ };
+
+ format = "pyproject";
nativeBuildInputs = [
+ pkg-config
rustfmt
- perl
- openssl
- pipInstallHook
setuptools-rust
- wheel
- ];
+ ] ++ (with rustPlatform; [
+ cargoSetupHook
+ rust.cargo
+ rust.rustc
+ ]);
- buildInputs = lib.optionals stdenv.isDarwin [ Security ];
+ buildInputs = [ openssl ] ++ lib.optionals stdenv.isDarwin [ Security ];
propagatedBuildInputs = [
- python
msgpack
];
- doCheck = true;
-
- buildPhase = ''
- ${python.interpreter} setup.py bdist_wheel
+ postPatch = ''
+ # Use system OpenSSL, which gets security updates.
+ substituteInPlace Cargo.toml \
+ --replace ', features = ["vendored"]' ""
'';
- installPhase = ''
- pipInstallPhase
- '';
+ pythonImportsCheck = [ "etebase" ];
+
meta = with lib; {
homepage = "https://www.etebase.com/";
From 65671395da07d5d6f7daaf69aa7a30d614c3a438 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dani=C3=ABl=20de=20Kok?= <me@danieldk.eu>
Date: Thu, 4 Mar 2021 08:48:26 +0100
Subject: [PATCH 06/51] python3Packages.etebase: 0.31.1 -> 0.31.2
Changelog:
https://github.com/etesync/etebase-py/releases/tag/v0.31.2
(Fixes crashes with Python 3.9.)
---
pkgs/development/python-modules/etebase/default.nix | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/pkgs/development/python-modules/etebase/default.nix b/pkgs/development/python-modules/etebase/default.nix
index 9151e2471c4..14c93fc719f 100644
--- a/pkgs/development/python-modules/etebase/default.nix
+++ b/pkgs/development/python-modules/etebase/default.nix
@@ -13,19 +13,19 @@
buildPythonPackage rec {
pname = "etebase";
- version = "0.31.1";
+ version = "0.31.2";
src = fetchFromGitHub {
owner = "etesync";
repo = "etebase-py";
rev = "v${version}";
- sha256 = "163iw64l8lwawf84qswcjsq9p8qddv9ysjrr3dzqpqxb2yb0sy39";
+ hash = "sha256-enGmfXW8eV6FgdHfJqXr1orAsGbxDz9xUY6T706sf5U=";
};
cargoDeps = rustPlatform.fetchCargoTarball {
inherit src;
name = "${pname}-${version}";
- sha256 = "0w8ypl6kj1mf6ahbdiwbd4jw6ldxdaig47zwk91jjsww5lbyx4lf";
+ hash = "sha256-4eJvFf6aY+DYkrYgam5Ok9941PX4uQOmtRznEY0+1TE=";
};
format = "pyproject";
From 38aa907d46c4b08df996836d94900e8f1c8cfd8d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Robert=20Sch=C3=BCtz?= <dev@schuetz-co.de>
Date: Sat, 27 Feb 2021 14:15:20 +0100
Subject: [PATCH 07/51] prs: init at 0.2.2
---
pkgs/tools/security/prs/default.nix | 48 +++++++++++++++++++++++++++++
pkgs/top-level/all-packages.nix | 2 ++
2 files changed, 50 insertions(+)
create mode 100644 pkgs/tools/security/prs/default.nix
diff --git a/pkgs/tools/security/prs/default.nix b/pkgs/tools/security/prs/default.nix
new file mode 100644
index 00000000000..197a2ba8b9b
--- /dev/null
+++ b/pkgs/tools/security/prs/default.nix
@@ -0,0 +1,48 @@
+{ lib
+, rustPlatform
+, fetchFromGitLab
+, pkg-config
+, python3
+, dbus
+, glib
+, gpgme
+, gtk3
+, libxcb
+}:
+
+rustPlatform.buildRustPackage rec {
+ pname = "prs";
+ version = "0.2.2";
+
+ src = fetchFromGitLab {
+ owner = "timvisee";
+ repo = "prs";
+ rev = "v${version}";
+ sha256 = "05l9zaaadv2a7ngwkxggp5vrjlnpvf2wr4ijhprx3jkw8b2cxii7";
+ };
+
+ cargoSha256 = "0fjkvr5mdqiy70qx4liwnh78y6mqdv6vbg3nayinh2h34p0z609y";
+
+ postPatch = ''
+ # The GPGME backend is recommended
+ for f in "gtk3/Cargo.toml" "cli/Cargo.toml"; do
+ substituteInPlace "$f" --replace \
+ 'default = ["backend-gnupg-bin"' 'default = ["backend-gpgme"'
+ done
+ '';
+
+ nativeBuildInputs = [ gpgme pkg-config python3 ];
+
+ buildInputs = [ dbus glib gpgme gtk3 libxcb ];
+
+ meta = with lib; {
+ description = "Secure, fast & convenient password manager CLI using GPG and git to sync";
+ homepage = "https://gitlab.com/timvisee/prs";
+ changelog = "https://gitlab.com/timvisee/prs/-/blob/v${version}/CHANGELOG.md";
+ license = with licenses; [
+ lgpl3Only # lib
+ gpl3Only # everything else
+ ];
+ maintainers = with maintainers; [ dotlambda ];
+ };
+}
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index ae22edcd688..bb9534002bc 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -7295,6 +7295,8 @@ in
openssl = openssl_1_0_2;
};
+ prs = callPackage ../tools/security/prs { };
+
psw = callPackage ../tools/misc/psw { };
pws = callPackage ../tools/misc/pws { };
From e7b4f9b91e6c93b67f681471f5fa68ab672d9dad Mon Sep 17 00:00:00 2001
From: roblabla <unfiltered@roblab.la>
Date: Sat, 27 Feb 2021 14:59:08 +0100
Subject: [PATCH 08/51] yara: 4.0.1 -> 4.0.5
---
pkgs/tools/security/yara/default.nix | 18 ++++++++++++++++--
1 file changed, 16 insertions(+), 2 deletions(-)
diff --git a/pkgs/tools/security/yara/default.nix b/pkgs/tools/security/yara/default.nix
index f11e772390d..844004c3b9e 100644
--- a/pkgs/tools/security/yara/default.nix
+++ b/pkgs/tools/security/yara/default.nix
@@ -1,4 +1,5 @@
{ lib, stdenv
+, fetchpatch
, fetchFromGitHub
, autoreconfHook
, pcre
@@ -10,14 +11,14 @@
}:
stdenv.mkDerivation rec {
- version = "4.0.1";
+ version = "4.0.5";
pname = "yara";
src = fetchFromGitHub {
owner = "VirusTotal";
repo = "yara";
rev = "v${version}";
- sha256 = "0dy8jf0pdn0wilxy1pj6pqjxg7icxkwax09w54np87gl9p00f5rk";
+ sha256 = "1gkdll2ygdlqy1f27a5b84gw2bq75ss7acsx06yhiss90qwdaalq";
};
nativeBuildInputs = [ autoreconfHook pkg-config ];
@@ -30,6 +31,19 @@ stdenv.mkDerivation rec {
preConfigure = "./bootstrap.sh";
+ # If static builds are disabled, `make all-am` will fail to find libyara.a and
+ # cause a build failure. It appears that somewhere between yara 4.0.1 and
+ # 4.0.5, linking the yara binaries dynamically against libyara.so was broken.
+ #
+ # This was already fixed in yara master. Backport the patch to yara 4.0.5.
+ patches = [
+ (fetchpatch {
+ name = "fix-build-with-no-static.patch";
+ url = "https://github.com/VirusTotal/yara/commit/52e6866023b9aca26571c78fb8759bc3a51ba6dc.diff";
+ sha256 = "074cf99j0rqiyacp60j1hkvjqxia7qwd11xjqgcr8jmfwihb38nr";
+ })
+ ];
+
configureFlags = [
(lib.withFeature withCrypto "crypto")
(lib.enableFeature enableMagic "magic")
From a8ce931064b73c5ade7a570c0d4640631b0174b7 Mon Sep 17 00:00:00 2001
From: Stefan Frijters <sfrijters@gmail.com>
Date: Sun, 28 Feb 2021 19:18:51 +0100
Subject: [PATCH 09/51] urserver: 3.6.0.745 -> 3.9.0.2465
---
pkgs/servers/urserver/default.nix | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/pkgs/servers/urserver/default.nix b/pkgs/servers/urserver/default.nix
index eee10d05826..9047ea0ee34 100644
--- a/pkgs/servers/urserver/default.nix
+++ b/pkgs/servers/urserver/default.nix
@@ -9,15 +9,16 @@
stdenv.mkDerivation rec {
pname = "urserver";
- version = "3.6.0.745";
+ version = "3.9.0.2465";
src = fetchurl {
- url = "https://www.unifiedremote.com/static/builds/server/linux-x64/745/urserver-${version}.tar.gz";
- sha256 = "1ib9317bg9n4knwnlbrn1wfkyrjalj8js3a6h7zlcl8h8xc0szc8";
+ url = "https://www.unifiedremote.com/static/builds/server/linux-x64/${builtins.elemAt (builtins.splitVersion version) 3}/urserver-${version}.tar.gz";
+ sha256 = "sha256-3DIroodWCMbq1fzPjhuGLk/2fY/qFxFISLzjkjJ4i90=";
};
nativeBuildInputs = [
autoPatchelfHook
+ makeWrapper
];
buildInputs = [
@@ -25,7 +26,6 @@ stdenv.mkDerivation rec {
bluez
libX11
libXtst
- makeWrapper
];
installPhase = ''
From 7e084ddffe6824dec9503fb6b909b65fee3e9cf8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Vojt=C4=9Bch=20K=C3=A1n=C4=9B?= <vojtech.kane@gmail.com>
Date: Tue, 16 Feb 2021 15:17:42 +0100
Subject: [PATCH 10/51] natron: fix build and update to 2.3.15
---
pkgs/applications/video/natron/default.nix | 54 +++++++++++++---------
1 file changed, 32 insertions(+), 22 deletions(-)
diff --git a/pkgs/applications/video/natron/default.nix b/pkgs/applications/video/natron/default.nix
index a455869ebf9..bbbcf3d7687 100644
--- a/pkgs/applications/video/natron/default.nix
+++ b/pkgs/applications/video/natron/default.nix
@@ -1,14 +1,14 @@
{ lib, stdenv, fetchurl, qt4, pkg-config, boost, expat, cairo, python2Packages,
cmake, flex, bison, pango, librsvg, librevenge, libxml2, libcdr, libzip,
poppler, imagemagick, openexr, ffmpeg_3, opencolorio, openimageio,
- qmake4Hook, libpng, libGL, lndir }:
+ qmake4Hook, libpng, libGL, lndir, libraw, openjpeg, libwebp, fetchFromGitHub }:
let
- minorVersion = "2.1";
- version = "${minorVersion}.9";
+ minorVersion = "2.3";
+ version = "${minorVersion}.15";
OpenColorIO-Configs = fetchurl {
- url = "https://github.com/MrKepzie/OpenColorIO-Configs/archive/Natron-v${minorVersion}.tar.gz";
- sha256 = "9eec5a02ca80c9cd8e751013cb347ea982fdddd592a4a9215cce462e332dac51";
+ url = "https://github.com/NatronGitHub/OpenColorIO-Configs/archive/Natron-v${minorVersion}.tar.gz";
+ sha256 = "AZK9J+RnMyxOYcAQOAQZj5QciPQ999m6jrtBt5rdpkA=";
};
seexpr = stdenv.mkDerivation rec {
version = "1.0.1";
@@ -20,14 +20,15 @@ let
nativeBuildInputs = [ cmake ];
buildInputs = [ libpng flex bison ];
};
- buildPlugin = { pluginName, sha256, nativeBuildInputs ? [], buildInputs ? [], preConfigure ? "" }:
+ buildPlugin = { pluginName, sha256, nativeBuildInputs ? [], buildInputs ? [], preConfigure ? "", postPatch ? "" }:
stdenv.mkDerivation {
- name = "openfx-${pluginName}-${version}";
+ pname = "openfx-${pluginName}";
+ version = version;
src = fetchurl {
- url = "https://github.com/MrKepzie/Natron/releases/download/${version}/openfx-${pluginName}-${version}.tar.xz";
+ url = "https://github.com/NatronGitHub/openfx-${pluginName}/releases/download/Natron-${version}/openfx-${pluginName}-Natron-${version}.tar.xz";
inherit sha256;
};
- inherit nativeBuildInputs buildInputs;
+ inherit nativeBuildInputs buildInputs postPatch;
preConfigure = ''
makeFlagsArray+=("CONFIG=release")
makeFlagsArray+=("PLUGINPATH=$out/Plugins/OFX/Natron")
@@ -42,14 +43,19 @@ let
url = "https://raw.githubusercontent.com/lvandeve/lodepng/a70c086077c0eaecbae3845e4da4424de5f43361/lodepng.h";
sha256 = "14drdikd0vws3wwpyqq7zzm5z3kg98svv4q4w0hr45q6zh6hs0bq";
};
+ cimgversion = "89b9d062ec472df3d33989e6d5d2a8b50ba0775c";
CImgh = fetchurl {
- url = "https://raw.githubusercontent.com/dtschump/CImg/572c12d82b2f59ece21be8f52645c38f1dd407e6/CImg.h";
- sha256 = "0n4qfxj8j6rmj4svf68gg2pzg8d1pb74bnphidnf8i2paj6lwniz";
+ url = "https://raw.githubusercontent.com/dtschump/CImg/${cimgversion}/CImg.h";
+ sha256 = "sha256-NbYpZDNj2oZ+wqoEkRwwCjiujdr+iGOLA0Pa0Ynso6U=";
+ };
+ inpainth = fetchurl {
+ url = "https://raw.githubusercontent.com/dtschump/CImg/${cimgversion}/plugins/inpaint.h";
+ sha256 = "sha256-cd28a3VOs5002GkthHkbIUrxZfKuGhqIYO4Oxe/2HIQ=";
};
plugins = map buildPlugin [
({
pluginName = "arena";
- sha256 = "0qba13vn9qdfax7nqlz1ps27zspr5kh795jp1xvbmwjzjzjpkqkf";
+ sha256 = "tUb6myG03mRieUAfgRZfv5Ap+cLvbpNrLMYCGTiAq8c=";
nativeBuildInputs = [ pkg-config ];
buildInputs = [
pango librsvg librevenge libcdr opencolorio libxml2 libzip
@@ -65,32 +71,37 @@ let
})
({
pluginName = "io";
- sha256 = "0s196i9fkgr9iw92c94mxgs1lkxbhynkf83vmsgrldflmf0xjky7";
+ sha256 = "OQg6a5wNy9TFFySjmgd1subvXRxY/ZnSOCkaoUo+ZaA=";
nativeBuildInputs = [ pkg-config ];
buildInputs = [
libpng ffmpeg_3 openexr opencolorio openimageio boost libGL
- seexpr
+ seexpr libraw openjpeg libwebp
];
})
({
pluginName = "misc";
- sha256 = "02h79jrll0c17azxj16as1mks3lmypm4m3da4mms9sg31l3n82qi";
+ sha256 = "XkdQyWI9ilF6IoP3yuHulNUZRPLX1m4lq/+RbXsrFEQ=";
buildInputs = [
libGL
];
- preConfigure = ''
- cp ${CImgh} CImg/CImg.h
+ postPatch = ''
+ cp '${inpainth}' CImg/Inpaint/inpaint.h
+ patch -p0 -dCImg < CImg/Inpaint/inpaint.h.patch # taken from the Makefile; it gets skipped if the file already exists
+ cp '${CImgh}' CImg/CImg.h
'';
})
];
in
stdenv.mkDerivation {
inherit version;
- name = "natron-${version}";
+ pname = "natron";
- src = fetchurl {
- url = "https://github.com/MrKepzie/Natron/releases/download/${version}/Natron-${version}.tar.xz";
- sha256 = "1wdc0zqriw2jhlrhzs6af3kagrv22cm086ffnbr1x43mgc9hfhjp";
+ src = fetchFromGitHub {
+ owner = "NatronGitHub";
+ repo = "Natron";
+ rev = "v${version}";
+ fetchSubmodules = true;
+ sha256 = "sha256-KuXJmmIsvwl4uqmAxXqWU+273jsdWrCuUSwWn5vuu8M=";
};
nativeBuildInputs = [ qmake4Hook pkg-config python2Packages.wrapPython ];
@@ -124,6 +135,5 @@ stdenv.mkDerivation {
license = lib.licenses.gpl2;
maintainers = [ maintainers.puffnfresh ];
platforms = platforms.linux;
- broken = true;
};
}
From 9033b0a9316fe080275a99a24a3cf2164cbf2de3 Mon Sep 17 00:00:00 2001
From: Arthur Gautier <baloo@superbaloo.net>
Date: Tue, 23 Feb 2021 01:28:59 +0000
Subject: [PATCH 11/51] pythonPackages.certvalidator: init at 0.11.1
Signed-off-by: Arthur Gautier <baloo@superbaloo.net>
---
.../python-modules/certvalidator/default.nix | 34 +++++++++++++++++++
pkgs/top-level/python-packages.nix | 2 ++
2 files changed, 36 insertions(+)
create mode 100644 pkgs/development/python-modules/certvalidator/default.nix
diff --git a/pkgs/development/python-modules/certvalidator/default.nix b/pkgs/development/python-modules/certvalidator/default.nix
new file mode 100644
index 00000000000..8f53bd9805b
--- /dev/null
+++ b/pkgs/development/python-modules/certvalidator/default.nix
@@ -0,0 +1,34 @@
+{ lib, buildPythonPackage, fetchFromGitHub
+, asn1crypto, oscrypto
+, cacert
+}:
+
+buildPythonPackage rec {
+ pname = "certvalidator";
+ version = "0.11.1";
+
+ src = fetchFromGitHub {
+ owner = "wbond";
+ repo = pname;
+ rev = version;
+ sha256 = "sha256-yVF7t4FuU3C9fDg67JeM7LWZZh/mv5F4EKmjlO4AuBY=";
+ };
+
+ propagatedBuildInputs = [ asn1crypto oscrypto ];
+
+ checkInputs = [ cacert ];
+ checkPhase = ''
+ # Tests are run with a custom executor/loader
+ # The regex to skip specific tests relies on negative lookahead of regular expressions
+ # We're skipping the few tests that rely on the network, fetching CRLs, OCSP or remote certificates
+ python -c 'import dev.tests; dev.tests.run("^(?!.*test_(basic_certificate_validator_tls|fetch|revocation|build_path)).*$")'
+ '';
+ pythonImportsCheck = [ "certvalidator" ];
+
+ meta = with lib; {
+ homepage = "https://github.com/wbond/certvalidator";
+ description = "Validates X.509 certificates and paths";
+ license = licenses.mit;
+ maintainers = with maintainers; [ baloo ];
+ };
+}
diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix
index a392ef3764f..52a91a62846 100644
--- a/pkgs/top-level/python-packages.nix
+++ b/pkgs/top-level/python-packages.nix
@@ -1244,6 +1244,8 @@ in {
certipy = callPackage ../development/python-modules/certipy { };
+ certvalidator = callPackage ../development/python-modules/certvalidator { };
+
cffi = callPackage ../development/python-modules/cffi { };
cfgv = callPackage ../development/python-modules/cfgv { };
From 8578ba7cd4078589bb838f3d1a997be541730ca1 Mon Sep 17 00:00:00 2001
From: Arthur Gautier <baloo@superbaloo.net>
Date: Tue, 23 Feb 2021 01:29:59 +0000
Subject: [PATCH 12/51] pythonPackages.signify: init at 0.3.0
Signed-off-by: Arthur Gautier <baloo@superbaloo.net>
---
.../signify/certificate-expiration-date.patch | 18 ++++++++++
.../python-modules/signify/default.nix | 36 +++++++++++++++++++
pkgs/top-level/python-packages.nix | 2 ++
3 files changed, 56 insertions(+)
create mode 100644 pkgs/development/python-modules/signify/certificate-expiration-date.patch
create mode 100644 pkgs/development/python-modules/signify/default.nix
diff --git a/pkgs/development/python-modules/signify/certificate-expiration-date.patch b/pkgs/development/python-modules/signify/certificate-expiration-date.patch
new file mode 100644
index 00000000000..6554211a4bc
--- /dev/null
+++ b/pkgs/development/python-modules/signify/certificate-expiration-date.patch
@@ -0,0 +1,18 @@
+diff --git a/tests/test_authenticode.py b/tests/test_authenticode.py
+index 7e2c709..2f27e09 100644
+--- a/tests/test_authenticode.py
++++ b/tests/test_authenticode.py
+@@ -153,10 +153,12 @@ class AuthenticodeParserTestCase(unittest.TestCase):
+ """this certificate is revoked"""
+ with open(str(root_dir / "test_data" / "jameslth"), "rb") as f:
+ pefile = SignedPEFile(f)
+- pefile.verify()
++ pefile.verify(verification_context_kwargs=
++ {'timestamp': datetime.datetime(2021, 1, 1, tzinfo=datetime.timezone.utc)})
+
+ def test_jameslth_revoked(self):
+ """this certificate is revoked"""
++ # TODO: this certificate is now expired, so it will not show up as valid anyway
+ with open(str(root_dir / "test_data" / "jameslth"), "rb") as f:
+ pefile = SignedPEFile(f)
+ with self.assertRaises(VerificationError):
diff --git a/pkgs/development/python-modules/signify/default.nix b/pkgs/development/python-modules/signify/default.nix
new file mode 100644
index 00000000000..be0623b1b73
--- /dev/null
+++ b/pkgs/development/python-modules/signify/default.nix
@@ -0,0 +1,36 @@
+{ lib, buildPythonPackage, fetchFromGitHub, pythonOlder, pytestCheckHook
+, certvalidator, pyasn1, pyasn1-modules
+}:
+
+buildPythonPackage rec {
+ pname = "signify";
+ version = "0.3.0";
+ disabled = pythonOlder "3.5";
+
+ src = fetchFromGitHub {
+ owner = "ralphje";
+ repo = pname;
+ rev = "v${version}";
+ sha256 = "sha256-JxQECpwHhPm8TCVW/bCnEpu5I/WETyZVBx29SQE4NmE=";
+ };
+ patches = [
+ # Upstream patch is available here:
+ # https://github.com/ralphje/signify/commit/8c345be954e898a317825bb450bed5ba0304b2b5.patch
+ # But update a couple other things and dont apply cleanly. This is an extract of the part
+ # we care about and breaks the tests after 2021-03-01
+ ./certificate-expiration-date.patch
+ ];
+
+ propagatedBuildInputs = [ certvalidator pyasn1 pyasn1-modules ];
+
+ checkInputs = [ pytestCheckHook ];
+ pytestFlagsArray = [ "-v" ];
+ pythonImportsCheck = [ "signify" ];
+
+ meta = with lib; {
+ homepage = "https://github.com/ralphje/signify";
+ description = "library that verifies PE Authenticode-signed binaries";
+ license = licenses.mit;
+ maintainers = with maintainers; [ baloo ];
+ };
+}
diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix
index 52a91a62846..1000a64b5e2 100644
--- a/pkgs/top-level/python-packages.nix
+++ b/pkgs/top-level/python-packages.nix
@@ -7368,6 +7368,8 @@ in {
singledispatch = callPackage ../development/python-modules/singledispatch { };
+ signify = callPackage ../development/python-modules/signify { };
+
sip = callPackage ../development/python-modules/sip { };
sip_5 = callPackage ../development/python-modules/sip/5.x.nix { };
From 88fe05a59b3a0c5ca8dcea44e8883d50208a4225 Mon Sep 17 00:00:00 2001
From: Fabian Affolter <mail@fabian-affolter.ch>
Date: Fri, 5 Mar 2021 19:58:23 +0100
Subject: [PATCH 13/51] python3Packages.python-nmap: init at 0.6.4
---
.../python-modules/python-nmap/default.nix | 38 +++++++++++++++++++
pkgs/top-level/python-packages.nix | 2 +
2 files changed, 40 insertions(+)
create mode 100644 pkgs/development/python-modules/python-nmap/default.nix
diff --git a/pkgs/development/python-modules/python-nmap/default.nix b/pkgs/development/python-modules/python-nmap/default.nix
new file mode 100644
index 00000000000..745d6c67eac
--- /dev/null
+++ b/pkgs/development/python-modules/python-nmap/default.nix
@@ -0,0 +1,38 @@
+{ lib
+, buildPythonPackage
+, fetchPypi
+, nmap
+}:
+
+buildPythonPackage rec {
+ pname = "python-nmap";
+ version = "0.6.4";
+
+ src = fetchPypi {
+ inherit pname version;
+ sha256 = "013q2797d9sf6mrj7x1hqfcql5gqgg50zgiifp2yypfa4k8cwjsx";
+ };
+
+ propagatedBuildInputs = [ nmap ];
+
+ postPatch = ''
+ substituteInPlace setup.cfg --replace "universal=3" "universal=1"
+ '';
+
+ # Tests requires sudo and performs scans
+ doCheck = false;
+ pythonImportsCheck = [ "nmap" ];
+
+ meta = with lib; {
+ description = "Python library which helps in using nmap";
+ longDescription = ''
+ python-nmap is a Python library which helps in using nmap port scanner. It
+ allows to easily manipulate nmap scan results and will be a perfect tool
+ for systems administrators who want to automatize scanning task and reports.
+ It also supports nmap script outputs.
+ '';
+ homepage = "http://xael.org/pages/python-nmap-en.html";
+ license = with licenses; [ gpl3Plus ];
+ maintainers = with maintainers; [ fab ];
+ };
+}
diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix
index fc77de9a88d..4dfabc30ad5 100644
--- a/pkgs/top-level/python-packages.nix
+++ b/pkgs/top-level/python-packages.nix
@@ -6493,6 +6493,8 @@ in {
inherit (pkgs) pkg-config;
};
+ python-nmap = callPackage ../development/python-modules/python-nmap { };
+
python-nomad = callPackage ../development/python-modules/python-nomad { };
python-oauth2 = callPackage ../development/python-modules/python-oauth2 { };
From 33f6c146a064a8bb283e56fb5ed013a94a2fe3f1 Mon Sep 17 00:00:00 2001
From: Fabian Affolter <mail@fabian-affolter.ch>
Date: Fri, 5 Mar 2021 19:58:41 +0100
Subject: [PATCH 14/51] home-assistant: update component-packages
---
pkgs/servers/home-assistant/component-packages.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pkgs/servers/home-assistant/component-packages.nix b/pkgs/servers/home-assistant/component-packages.nix
index bc9768a7345..0425fae5d70 100644
--- a/pkgs/servers/home-assistant/component-packages.nix
+++ b/pkgs/servers/home-assistant/component-packages.nix
@@ -549,7 +549,7 @@
"niko_home_control" = ps: with ps; [ ]; # missing inputs: niko-home-control
"nilu" = ps: with ps; [ ]; # missing inputs: niluclient
"nissan_leaf" = ps: with ps; [ ]; # missing inputs: pycarwings2
- "nmap_tracker" = ps: with ps; [ getmac ]; # missing inputs: python-nmap
+ "nmap_tracker" = ps: with ps; [ getmac python-nmap ];
"nmbs" = ps: with ps; [ ]; # missing inputs: pyrail
"no_ip" = ps: with ps; [ ];
"noaa_tides" = ps: with ps; [ ]; # missing inputs: noaa-coops
From 6817802d0ab74d903ec1892e0fd66fa5f0363a0b Mon Sep 17 00:00:00 2001
From: Aaron Andersen <aaron@fosslib.net>
Date: Thu, 4 Mar 2021 20:53:10 -0500
Subject: [PATCH 15/51] kodi: remove unused code
---
pkgs/applications/video/kodi/default.nix | 103 ++++++-----------------
1 file changed, 27 insertions(+), 76 deletions(-)
diff --git a/pkgs/applications/video/kodi/default.nix b/pkgs/applications/video/kodi/default.nix
index f461838fdf1..8d598f0bf55 100644
--- a/pkgs/applications/video/kodi/default.nix
+++ b/pkgs/applications/video/kodi/default.nix
@@ -1,4 +1,4 @@
-{ stdenv, lib, fetchurl, fetchFromGitHub, autoconf, automake, libtool, makeWrapper, linuxHeaders
+{ stdenv, lib, fetchFromGitHub, autoconf, automake, libtool, makeWrapper
, pkg-config, cmake, gnumake, yasm, python3Packages
, libgcrypt, libgpgerror, libunistring
, boost, avahi, lame
@@ -57,41 +57,15 @@ let
sha256 = "097dg6a7v4ia85jx1pmlpwzdpqcqxlrmniqd005q73zvgj67zc2p";
};
- cmakeProto = fetchurl {
- url = "https://raw.githubusercontent.com/pramsey/libght/ca9b1121c352ea10170636e170040e1af015bad1/cmake/modules/CheckPrototypeExists.cmake";
- sha256 = "1zai82gm5x55n3xvdv7mns3ja6a2k81x9zz0nk42j6s2yb0fkjxh";
- };
-
- cmakeProtoPatch = ''
- # get rid of windows headers as they will otherwise be found first
- rm -rf msvc
-
- cp ${cmakeProto} cmake/${cmakeProto.name}
- # we need to enable support for C++ for check_prototype_exists to do its thing
- substituteInPlace CMakeLists.txt --replace 'LANGUAGES C' 'LANGUAGES C CXX'
- if [ -f cmake/CheckHeadersSTDC.cmake ]; then
- sed -i cmake/CheckHeadersSTDC.cmake \
- -e '7iinclude(CheckPrototypeExists)'
- fi
- '';
-
- kodiDependency = { name, version, rev, sha256, ... } @attrs:
- let
- attrs' = builtins.removeAttrs attrs ["name" "version" "rev" "sha256"];
- in stdenv.mkDerivation ({
- name = "kodi-${lib.toLower name}-${version}";
- src = fetchFromGitHub {
- owner = "xbmc";
- repo = name;
- inherit rev sha256;
- };
- } // attrs');
-
- ffmpeg = kodiDependency rec {
- name = "FFmpeg";
+ ffmpeg = stdenv.mkDerivation rec {
+ pname = "kodi-ffmpeg";
version = "4.3.1";
- rev = "${version}-${rel}-Beta1";
- sha256 = "1c5rwlxn6xj501iw7masdv2p6wb9rkmd299lmlkx97sw1kvxvg2w";
+ src = fetchFromGitHub {
+ owner = "xbmc";
+ repo = "FFmpeg";
+ rev = "${version}-${rel}-Beta1";
+ sha256 = "1c5rwlxn6xj501iw7masdv2p6wb9rkmd299lmlkx97sw1kvxvg2w";
+ };
preConfigure = ''
cp ${kodi_src}/tools/depends/target/ffmpeg/{CMakeLists.txt,*.cmake} .
sed -i 's/ --cpu=''${CPU}//' CMakeLists.txt
@@ -110,47 +84,25 @@ let
# We can build these externally but FindLibDvd.cmake forces us to build it
# them, so we currently just use them for the src.
- libdvdcss = kodiDependency rec {
- name = "libdvdcss";
- version = "1.4.2";
- rev = "${version}-${rel}-Beta-5";
- sha256 = "0j41ydzx0imaix069s3z07xqw9q95k7llh06fc27dcn6f7b8ydyl";
- buildInputs = [ linuxHeaders ];
- nativeBuildInputs = [ cmake pkg-config ];
- postPatch = ''
- rm -rf msvc
-
- substituteInPlace config.h.cm \
- --replace '#cmakedefine O_BINARY "''${O_BINARY}"' '#define O_BINARY 0'
- '';
- cmakeFlags = [
- "-DBUILD_SHARED_LIBS=1"
- "-DHAVE_LINUX_DVD_STRUCT=1"
- ];
+ libdvdcss = fetchFromGitHub {
+ owner = "xbmc";
+ repo = "libdvdcss";
+ rev = "1.4.2-${rel}-Beta-5";
+ sha256 = "0j41ydzx0imaix069s3z07xqw9q95k7llh06fc27dcn6f7b8ydyl";
};
- libdvdnav = kodiDependency rec {
- name = "libdvdnav";
- version = "6.0.0";
- rev = "${version}-${rel}-Alpha-3";
- sha256 = "0qwlf4lgahxqxk1r2pzl866mi03pbp7l1fc0rk522sc0ak2s9jhb";
- buildInputs = [ libdvdcss libdvdread ];
- nativeBuildInputs = [ cmake pkg-config ];
- postPatch = cmakeProtoPatch;
- postInstall = ''
- mv $out/lib/liblibdvdnav.so $out/lib/libdvdnav.so
- '';
+ libdvdnav = fetchFromGitHub {
+ owner = "xbmc";
+ repo = "libdvdnav";
+ rev = "6.0.0-${rel}-Alpha-3";
+ sha256 = "0qwlf4lgahxqxk1r2pzl866mi03pbp7l1fc0rk522sc0ak2s9jhb";
};
- libdvdread = kodiDependency rec {
- name = "libdvdread";
- version = "6.0.0";
- rev = "${version}-${rel}-Alpha-3";
- sha256 = "1xxn01mhkdnp10cqdr357wx77vyzfb5glqpqyg8m0skyi75aii59";
- buildInputs = [ libdvdcss ];
- nativeBuildInputs = [ cmake pkg-config ];
- configureFlags = [ "--with-libdvdcss" ];
- postPatch = cmakeProtoPatch;
+ libdvdread = fetchFromGitHub {
+ owner = "xbmc";
+ repo = "libdvdread";
+ rev = "6.0.0-${rel}-Alpha-3";
+ sha256 = "1xxn01mhkdnp10cqdr357wx77vyzfb5glqpqyg8m0skyi75aii59";
};
kodi_platforms =
@@ -184,7 +136,6 @@ in stdenv.mkDerivation {
bluez giflib glib harfbuzz lcms2 libpthreadstubs
ffmpeg flatbuffers fmt fstrcmp rapidjson
lirc
- # libdvdcss libdvdnav libdvdread
]
++ lib.optional x11Support [
libX11 xorgproto libXt libXmu libXext.dev libXdmcp
@@ -231,9 +182,9 @@ in stdenv.mkDerivation {
cmakeFlags = [
"-DAPP_RENDER_SYSTEM=${if useGbm then "gles" else "gl"}"
- "-Dlibdvdcss_URL=${libdvdcss.src}"
- "-Dlibdvdnav_URL=${libdvdnav.src}"
- "-Dlibdvdread_URL=${libdvdread.src}"
+ "-Dlibdvdcss_URL=${libdvdcss}"
+ "-Dlibdvdnav_URL=${libdvdnav}"
+ "-Dlibdvdread_URL=${libdvdread}"
"-DGIT_VERSION=${kodiReleaseDate}"
"-DENABLE_EVENTCLIENTS=ON"
"-DENABLE_INTERNAL_CROSSGUID=OFF"
From d5242ee214b61ceb7d9317dab376459770f209c0 Mon Sep 17 00:00:00 2001
From: Aaron Andersen <aaron@fosslib.net>
Date: Thu, 4 Mar 2021 21:21:33 -0500
Subject: [PATCH 16/51] kodi: add samba to path for `nmblookup` executable
---
pkgs/applications/video/kodi/default.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pkgs/applications/video/kodi/default.nix b/pkgs/applications/video/kodi/default.nix
index 8d598f0bf55..da338e17586 100644
--- a/pkgs/applications/video/kodi/default.nix
+++ b/pkgs/applications/video/kodi/default.nix
@@ -221,7 +221,7 @@ in stdenv.mkDerivation {
postInstall = ''
for p in $(ls $out/bin/) ; do
wrapProgram $out/bin/$p \
- --prefix PATH ":" "${lib.makeBinPath ([ python3Packages.python glxinfo ] ++ lib.optional x11Support xdpyinfo)}" \
+ --prefix PATH ":" "${lib.makeBinPath ([ python3Packages.python glxinfo ] ++ lib.optional x11Support xdpyinfo ++ lib.optional sambaSupport samba)}" \
--prefix LD_LIBRARY_PATH ":" "${lib.makeLibraryPath
([ curl systemd libmad libvdpau libcec libcec_platform libass ]
++ lib.optional nfsSupport libnfs
From 55142f4301163ada7c1aa1bb2b687a7342b488c1 Mon Sep 17 00:00:00 2001
From: Mario Rodas <marsam@users.noreply.github.com>
Date: Sat, 6 Mar 2021 04:20:00 +0000
Subject: [PATCH 17/51] rubocop: 1.10.0 -> 1.11.0
https://github.com/rubocop/rubocop/releases/tag/v1.11.0
---
pkgs/development/tools/rubocop/Gemfile.lock | 4 ++--
pkgs/development/tools/rubocop/default.nix | 1 -
pkgs/development/tools/rubocop/gemset.nix | 8 ++++----
3 files changed, 6 insertions(+), 7 deletions(-)
diff --git a/pkgs/development/tools/rubocop/Gemfile.lock b/pkgs/development/tools/rubocop/Gemfile.lock
index 54287074bed..2c5deffc2d1 100644
--- a/pkgs/development/tools/rubocop/Gemfile.lock
+++ b/pkgs/development/tools/rubocop/Gemfile.lock
@@ -6,9 +6,9 @@ GEM
parser (3.0.0.0)
ast (~> 2.4.1)
rainbow (3.0.0)
- regexp_parser (2.0.3)
+ regexp_parser (2.1.1)
rexml (3.2.4)
- rubocop (1.10.0)
+ rubocop (1.11.0)
parallel (~> 1.10)
parser (>= 3.0.0.0)
rainbow (>= 2.2.2, < 4.0)
diff --git a/pkgs/development/tools/rubocop/default.nix b/pkgs/development/tools/rubocop/default.nix
index 9a6393977d7..a388377ae08 100644
--- a/pkgs/development/tools/rubocop/default.nix
+++ b/pkgs/development/tools/rubocop/default.nix
@@ -14,6 +14,5 @@ bundlerEnv {
homepage = "https://docs.rubocop.org/";
license = licenses.mit;
maintainers = with maintainers; [ marsam leemachin ];
- platforms = platforms.unix;
};
}
diff --git a/pkgs/development/tools/rubocop/gemset.nix b/pkgs/development/tools/rubocop/gemset.nix
index b460200c74e..46d920bc657 100644
--- a/pkgs/development/tools/rubocop/gemset.nix
+++ b/pkgs/development/tools/rubocop/gemset.nix
@@ -45,10 +45,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
- sha256 = "0zm86k9q8m5jkcnpb1f93wsvc57saldfj8czxkx1aw031i95inip";
+ sha256 = "0vg7imjnfcqjx7kw94ccj5r78j4g190cqzi1i59sh4a0l940b9cr";
type = "gem";
};
- version = "2.0.3";
+ version = "2.1.1";
};
rexml = {
groups = ["default"];
@@ -66,10 +66,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
- sha256 = "1ncd6w4sc112j86j9j12ws7flxfi8dk8nal2kyxg7phdfr703qlz";
+ sha256 = "0zrzsgx35mcr81c51gyx63s7yngcfgk33dbkx5j0npkaks4fcm7r";
type = "gem";
};
- version = "1.10.0";
+ version = "1.11.0";
};
rubocop-ast = {
dependencies = ["parser"];
From ee3d784011119ecbae588241129ce9b36acb67dd Mon Sep 17 00:00:00 2001
From: zseri <zseri.devel@ytrizja.de>
Date: Sat, 6 Mar 2021 02:39:36 +0100
Subject: [PATCH 18/51] zs-wait4host: init at 0.3.2
---
.../tools/networking/zs-wait4host/default.nix | 36 +++++++++++++++++++
pkgs/top-level/all-packages.nix | 2 ++
2 files changed, 38 insertions(+)
create mode 100644 pkgs/tools/networking/zs-wait4host/default.nix
diff --git a/pkgs/tools/networking/zs-wait4host/default.nix b/pkgs/tools/networking/zs-wait4host/default.nix
new file mode 100644
index 00000000000..4c8342256c7
--- /dev/null
+++ b/pkgs/tools/networking/zs-wait4host/default.nix
@@ -0,0 +1,36 @@
+{ bash, coreutils, fetchurl, fping, lib, stdenvNoCC }:
+
+stdenvNoCC.mkDerivation rec {
+ pname = "zs-wait4host";
+ version = "0.3.2";
+
+ src = fetchurl {
+ url = "https://ytrizja.de/distfiles/${pname}-${version}.tar.gz";
+ sha256 = "9F1264BDoGlRR7bWlRXhfyvxWio4ydShKmabUQEIz9I=";
+ };
+
+ buildInputs = [ bash coreutils fping ];
+
+ postPatch = ''
+ for i in zs-wait4host zs-wait4host-inf; do
+ substituteInPlace "$i" \
+ --replace '$(zs-guess-fping)' '${fping}/bin/fping' \
+ --replace ' sleep ' ' ${coreutils}/bin/sleep ' \
+ --replace '[ "$FPING" ] || exit 1' ""
+ done
+ '';
+
+ installPhase = ''
+ runHook preInstall
+ install -D -t $out/bin zs-wait4host zs-wait4host-inf
+ runHook postInstall
+ '';
+
+ meta = with lib; {
+ description = "Wait for a host to come up/go down";
+ homepage = "https://ytrizja.de/";
+ license = licenses.gpl3Plus;
+ maintainers = with maintainers; [ zseri ];
+ platforms = platforms.all;
+ };
+}
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 6d829b1126a..06e0c7bae62 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -9400,6 +9400,8 @@ in
zs-apc-spdu-ctl = callPackage ../tools/networking/zs-apc-spdu-ctl { };
+ zs-wait4host = callPackage ../tools/networking/zs-wait4host { };
+
zstxtns-utils = callPackage ../tools/text/zstxtns-utils { };
zsh-autoenv = callPackage ../tools/misc/zsh-autoenv { };
From 74d70bd5a74e0aebcf7e1ac2941a832151c1999c Mon Sep 17 00:00:00 2001
From: Yevhen Shymotiuk <yevhenshymotiuk@gmail.com>
Date: Sat, 6 Mar 2021 16:59:08 +0200
Subject: [PATCH 19/51] python3Packages.pipx: 0.16.0.0 -> 0.16.1.0
---
pkgs/development/python-modules/pipx/default.nix | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/pkgs/development/python-modules/pipx/default.nix b/pkgs/development/python-modules/pipx/default.nix
index c29847c9f29..34a7bc6b31a 100644
--- a/pkgs/development/python-modules/pipx/default.nix
+++ b/pkgs/development/python-modules/pipx/default.nix
@@ -6,12 +6,13 @@
, argcomplete
, packaging
, importlib-metadata
+, colorama
, pytestCheckHook
}:
buildPythonPackage rec {
pname = "pipx";
- version = "0.16.0.0";
+ version = "0.16.1.0";
disabled = pythonOlder "3.6";
@@ -20,13 +21,14 @@ buildPythonPackage rec {
owner = "pipxproject";
repo = pname;
rev = version;
- sha256 = "08mn7vm8iw20pg0gfn491y1jx8wcyjijps6f1hy7ipzd5ckynscn";
+ sha256 = "081raqsaq7i2x4yxhxppv930jhajdwmngin5wazy7vqhiy3xc669";
};
propagatedBuildInputs = [
userpath
argcomplete
packaging
+ colorama
] ++ lib.optionals (pythonOlder "3.8") [
importlib-metadata
];
From 66328b6949f9e605d66ab7cb224d4967a928b9cd Mon Sep 17 00:00:00 2001
From: tu-maurice <valentin.gehrke@zom.bi>
Date: Sun, 21 Feb 2021 18:11:45 +0100
Subject: [PATCH 20/51] fishnet: 2.2.4 -> 2.2.5
---
pkgs/servers/fishnet/assets.nix | 5 +++--
pkgs/servers/fishnet/default.nix | 7 ++++---
2 files changed, 7 insertions(+), 5 deletions(-)
diff --git a/pkgs/servers/fishnet/assets.nix b/pkgs/servers/fishnet/assets.nix
index 6844db1b810..d246159402d 100644
--- a/pkgs/servers/fishnet/assets.nix
+++ b/pkgs/servers/fishnet/assets.nix
@@ -14,8 +14,8 @@ stdenv.mkDerivation rec {
src = fetchFromGitHub {
owner = "niklasf";
repo = pname;
- rev = "b4fa30e57ec8976fb1c10bd36737bc784351b93e";
- sha256 = "0gfs9lm4ih3h3fmgqylw05ii1h0d6mpjfxadnw3wymnjsspfb0m4";
+ rev = "acd36ab6ccee67a652b6d84aedc4c2828abac5c6";
+ sha256 = "0mh4gh6qij70clp64m4jw6q7dafr7gwjqpvpaf9vc6h10g1rhzrx";
};
relAssetsPath = "share/${pname}";
@@ -53,5 +53,6 @@ stdenv.mkDerivation rec {
homepage = "https://github.com/niklasf/fishnet-assets";
license = licenses.gpl3Only;
maintainers = with maintainers; [ tu-maurice ];
+ platforms = [ "x86_64-linux" ];
};
}
diff --git a/pkgs/servers/fishnet/default.nix b/pkgs/servers/fishnet/default.nix
index 508068bd2d4..8060943fa5e 100644
--- a/pkgs/servers/fishnet/default.nix
+++ b/pkgs/servers/fishnet/default.nix
@@ -12,16 +12,16 @@ let
in
rustPlatform.buildRustPackage rec {
pname = "fishnet";
- version = "2.2.4";
+ version = "2.2.5";
src = fetchFromGitHub {
owner = "niklasf";
repo = pname;
rev = "v${version}";
- sha256 = "19dh69b6mqx16195w9d20fah4jl8hhbxm84xq4zwsgl4khmw7zqz";
+ sha256 = "0gif9wagm9bzq7j3biasqvzp9lfvmxqr5wagqqybmhbn8ipj20a8";
};
- cargoSha256 = "0zl2fnmqncyjd52wkn6dddx9lm9ywpw7swy895yq299z2bbbkv3h";
+ cargoSha256 = "0hqyh0nzfrm7m34kqixrlbc7w8d0k7v6psw8jg6zpwpfcmhqq15j";
preBuild = ''
rmdir ./assets
@@ -33,5 +33,6 @@ rustPlatform.buildRustPackage rec {
homepage = "https://github.com/niklasf/fishnet";
license = licenses.gpl3Plus;
maintainers = with maintainers; [ tu-maurice ];
+ platforms = [ "x86_64-linux" ];
};
}
From ef615b5a61c049317da5ed5637e4561b224dd66d Mon Sep 17 00:00:00 2001
From: Mauricio Collares <mauricio@collares.org>
Date: Mon, 1 Mar 2021 10:42:12 -0300
Subject: [PATCH 21/51] sage: adapt for eclib output format changes
---
.../eclib-20210223-test-formatting.patch | 131 ++++++++++++++++++
.../science/math/sage/sage-src.nix | 3 +
2 files changed, 134 insertions(+)
create mode 100644 pkgs/applications/science/math/sage/patches/eclib-20210223-test-formatting.patch
diff --git a/pkgs/applications/science/math/sage/patches/eclib-20210223-test-formatting.patch b/pkgs/applications/science/math/sage/patches/eclib-20210223-test-formatting.patch
new file mode 100644
index 00000000000..3fdb8f768e9
--- /dev/null
+++ b/pkgs/applications/science/math/sage/patches/eclib-20210223-test-formatting.patch
@@ -0,0 +1,131 @@
+diff --git a/src/sage/libs/eclib/interface.py b/src/sage/libs/eclib/interface.py
+index e898456720..6b98c12328 100644
+--- a/src/sage/libs/eclib/interface.py
++++ b/src/sage/libs/eclib/interface.py
+@@ -758,78 +758,78 @@ class mwrank_MordellWeil(SageObject):
+
+ sage: EQ = mwrank_MordellWeil(E, verbose=True)
+ sage: EQ.search(1)
+- P1 = [0:1:0] is torsion point, order 1
+- P1 = [-3:0:1] is generator number 1
+- saturating up to 20...Checking 2-saturation
++ P1 = [0:1:0] is torsion point, order 1
++ P1 = [-3:0:1] is generator number 1
++ saturating up to 20...Checking 2-saturation...
+ Points have successfully been 2-saturated (max q used = 7)
+- Checking 3-saturation
++ Checking 3-saturation...
+ Points have successfully been 3-saturated (max q used = 7)
+- Checking 5-saturation
++ Checking 5-saturation...
+ Points have successfully been 5-saturated (max q used = 23)
+- Checking 7-saturation
++ Checking 7-saturation...
+ Points have successfully been 7-saturated (max q used = 41)
+- Checking 11-saturation
++ Checking 11-saturation...
+ Points have successfully been 11-saturated (max q used = 17)
+- Checking 13-saturation
++ Checking 13-saturation...
+ Points have successfully been 13-saturated (max q used = 43)
+- Checking 17-saturation
++ Checking 17-saturation...
+ Points have successfully been 17-saturated (max q used = 31)
+- Checking 19-saturation
++ Checking 19-saturation...
+ Points have successfully been 19-saturated (max q used = 37)
+ done
+- P2 = [-2:3:1] is generator number 2
+- saturating up to 20...Checking 2-saturation
++ P2 = [-2:3:1] is generator number 2
++ saturating up to 20...Checking 2-saturation...
+ possible kernel vector = [1,1]
+ This point may be in 2E(Q): [14:-52:1]
+ ...and it is!
+ Replacing old generator #1 with new generator [1:-1:1]
+ Points have successfully been 2-saturated (max q used = 7)
+ Index gain = 2^1
+- Checking 3-saturation
++ Checking 3-saturation...
+ Points have successfully been 3-saturated (max q used = 13)
+- Checking 5-saturation
++ Checking 5-saturation...
+ Points have successfully been 5-saturated (max q used = 67)
+- Checking 7-saturation
++ Checking 7-saturation...
+ Points have successfully been 7-saturated (max q used = 53)
+- Checking 11-saturation
++ Checking 11-saturation...
+ Points have successfully been 11-saturated (max q used = 73)
+- Checking 13-saturation
++ Checking 13-saturation...
+ Points have successfully been 13-saturated (max q used = 103)
+- Checking 17-saturation
++ Checking 17-saturation...
+ Points have successfully been 17-saturated (max q used = 113)
+- Checking 19-saturation
++ Checking 19-saturation...
+ Points have successfully been 19-saturated (max q used = 47)
+ done (index = 2).
+ Gained index 2, new generators = [ [1:-1:1] [-2:3:1] ]
+- P3 = [-14:25:8] is generator number 3
+- saturating up to 20...Checking 2-saturation
++ P3 = [-14:25:8] is generator number 3
++ saturating up to 20...Checking 2-saturation...
+ Points have successfully been 2-saturated (max q used = 11)
+- Checking 3-saturation
++ Checking 3-saturation...
+ Points have successfully been 3-saturated (max q used = 13)
+- Checking 5-saturation
++ Checking 5-saturation...
+ Points have successfully been 5-saturated (max q used = 71)
+- Checking 7-saturation
++ Checking 7-saturation...
+ Points have successfully been 7-saturated (max q used = 101)
+- Checking 11-saturation
++ Checking 11-saturation...
+ Points have successfully been 11-saturated (max q used = 127)
+- Checking 13-saturation
++ Checking 13-saturation...
+ Points have successfully been 13-saturated (max q used = 151)
+- Checking 17-saturation
++ Checking 17-saturation...
+ Points have successfully been 17-saturated (max q used = 139)
+- Checking 19-saturation
++ Checking 19-saturation...
+ Points have successfully been 19-saturated (max q used = 179)
+ done (index = 1).
+- P4 = [-1:3:1] = -1*P1 + -1*P2 + -1*P3 (mod torsion)
+- P4 = [0:2:1] = 2*P1 + 0*P2 + 1*P3 (mod torsion)
+- P4 = [2:13:8] = -3*P1 + 1*P2 + -1*P3 (mod torsion)
+- P4 = [1:0:1] = -1*P1 + 0*P2 + 0*P3 (mod torsion)
+- P4 = [2:0:1] = -1*P1 + 1*P2 + 0*P3 (mod torsion)
+- P4 = [18:7:8] = -2*P1 + -1*P2 + -1*P3 (mod torsion)
+- P4 = [3:3:1] = 1*P1 + 0*P2 + 1*P3 (mod torsion)
+- P4 = [4:6:1] = 0*P1 + -1*P2 + -1*P3 (mod torsion)
+- P4 = [36:69:64] = 1*P1 + -2*P2 + 0*P3 (mod torsion)
+- P4 = [68:-25:64] = -2*P1 + -1*P2 + -2*P3 (mod torsion)
+- P4 = [12:35:27] = 1*P1 + -1*P2 + -1*P3 (mod torsion)
++ P4 = [-1:3:1] = -1*P1 + -1*P2 + -1*P3 (mod torsion)
++ P4 = [0:2:1] = 2*P1 + 0*P2 + 1*P3 (mod torsion)
++ P4 = [2:13:8] = -3*P1 + 1*P2 + -1*P3 (mod torsion)
++ P4 = [1:0:1] = -1*P1 + 0*P2 + 0*P3 (mod torsion)
++ P4 = [2:0:1] = -1*P1 + 1*P2 + 0*P3 (mod torsion)
++ P4 = [18:7:8] = -2*P1 + -1*P2 + -1*P3 (mod torsion)
++ P4 = [3:3:1] = 1*P1 + 0*P2 + 1*P3 (mod torsion)
++ P4 = [4:6:1] = 0*P1 + -1*P2 + -1*P3 (mod torsion)
++ P4 = [36:69:64] = 1*P1 + -2*P2 + 0*P3 (mod torsion)
++ P4 = [68:-25:64] = -2*P1 + -1*P2 + -2*P3 (mod torsion)
++ P4 = [12:35:27] = 1*P1 + -1*P2 + -1*P3 (mod torsion)
+ sage: EQ
+ Subgroup of Mordell-Weil group: [[1:-1:1], [-2:3:1], [-14:25:8]]
+
+@@ -1076,7 +1076,7 @@ class mwrank_MordellWeil(SageObject):
+ sage: EQ.search(1)
+ P1 = [0:1:0] is torsion point, order 1
+ P1 = [-3:0:1] is generator number 1
+- saturating up to 20...Checking 2-saturation
++ saturating up to 20...Checking 2-saturation...
+ ...
+ P4 = [12:35:27] = 1*P1 + -1*P2 + -1*P3 (mod torsion)
+ sage: EQ
diff --git a/pkgs/applications/science/math/sage/sage-src.nix b/pkgs/applications/science/math/sage/sage-src.nix
index ff8e53d4172..99a163eb0b8 100644
--- a/pkgs/applications/science/math/sage/sage-src.nix
+++ b/pkgs/applications/science/math/sage/sage-src.nix
@@ -112,6 +112,9 @@ stdenv.mkDerivation rec {
# workaround until we use sage's fork of threejs, which contains a "version" file
./patches/dont-grep-threejs-version-from-minified-js.patch
+
+ # updated eclib output has punctuation changes and tidier whitespace
+ ./patches/eclib-20210223-test-formatting.patch
];
patches = nixPatches ++ bugfixPatches ++ packageUpgradePatches;
From 6efed4bee8436d8f55c0671a28759b6e58eb0440 Mon Sep 17 00:00:00 2001
From: Mauricio Collares <mauricio@collares.org>
Date: Sat, 6 Mar 2021 12:22:37 -0300
Subject: [PATCH 22/51] Revert "python3Packages.cypari2: 2.1.1 -> 2.1.2"
This reverts commit 7a3db26212b957cf1b210a4fbb85ed3c83c139e9.
Updating this requires fixing Sage tests, which will be done in a
separate PR.
---
pkgs/development/python-modules/cypari2/default.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/development/python-modules/cypari2/default.nix b/pkgs/development/python-modules/cypari2/default.nix
index 8c189848fc3..a7115d1e940 100644
--- a/pkgs/development/python-modules/cypari2/default.nix
+++ b/pkgs/development/python-modules/cypari2/default.nix
@@ -11,11 +11,11 @@
buildPythonPackage rec {
pname = "cypari2";
# upgrade may break sage, please test the sage build or ping @timokau on upgrade
- version = "2.1.2";
+ version = "2.1.1";
src = fetchPypi {
inherit pname version;
- sha256 = "03cd45edab8716ebbfdb754e65fea72e873c73dc91aec098fe4a01e35324ac7a";
+ sha256 = "df1ef62e771ec36e5a456f5fc8b51bc6745b70f0efdd0c7a30c3f0b5f1fb93db";
};
# This differs slightly from the default python installPhase in that it pip-installs
From 9a18802edfb9db4d826ec967d7301c6c7460dad9 Mon Sep 17 00:00:00 2001
From: Thomas Gerbet <thomas@gerbet.me>
Date: Sat, 6 Mar 2021 19:48:03 +0100
Subject: [PATCH 23/51] botan2: 2.17.2 -> 2.17.3
Fixes CVE-2021-24115.
---
pkgs/development/libraries/botan/2.0.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/development/libraries/botan/2.0.nix b/pkgs/development/libraries/botan/2.0.nix
index 2346153e2a1..cb40e535b0c 100644
--- a/pkgs/development/libraries/botan/2.0.nix
+++ b/pkgs/development/libraries/botan/2.0.nix
@@ -2,8 +2,8 @@
callPackage ./generic.nix (args // {
baseVersion = "2.17";
- revision = "2";
- sha256 = "0v0yiq0qxcrsn5b34j6bz8i6pds8dih2ds90ylmy1msm5gz7vqpb";
+ revision = "3";
+ sha256 = "121vn1aryk36cpks70kk4c4cfic5g0qs82bf92xap9258ijkn4kr";
postPatch = ''
sed -e 's@lang_flags "@&--std=c++11 @' -i src/build-data/cc/{gcc,clang}.txt
'';
From 7adf9e90559a70473ee5fbcba9ef53d6a5850949 Mon Sep 17 00:00:00 2001
From: ajs124 <git@ajs124.de>
Date: Sat, 6 Mar 2021 19:59:34 +0100
Subject: [PATCH 24/51] pythonPackages.configshell: 1.1.28 -> 1.1.29
---
pkgs/development/python-modules/configshell/default.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/development/python-modules/configshell/default.nix b/pkgs/development/python-modules/configshell/default.nix
index a41d077f22d..9f67aacf2d4 100644
--- a/pkgs/development/python-modules/configshell/default.nix
+++ b/pkgs/development/python-modules/configshell/default.nix
@@ -2,13 +2,13 @@
buildPythonPackage rec {
pname = "configshell";
- version = "1.1.28";
+ version = "1.1.29";
src = fetchFromGitHub {
owner = "open-iscsi";
repo = "${pname}-fb";
rev = "v${version}";
- sha256 = "1ym2hkvmmacgy21wnjwzyrcxyl3sx4bcx4hc51vf4lzcnj589l68";
+ sha256 = "0mjj3c9335sph8rhwww7j4zvhyk896fbmx887vibm89w3jpvjjr9";
};
propagatedBuildInputs = [ pyparsing six urwid ];
From d178471fadd0cb85aa79e19be15144da4efc63a8 Mon Sep 17 00:00:00 2001
From: ajs124 <git@ajs124.de>
Date: Sat, 6 Mar 2021 20:00:33 +0100
Subject: [PATCH 25/51] targetcli: 2.1.53 -> 2.1.54
---
pkgs/os-specific/linux/targetcli/default.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/os-specific/linux/targetcli/default.nix b/pkgs/os-specific/linux/targetcli/default.nix
index 4d3446d5a5d..f08ac284f23 100644
--- a/pkgs/os-specific/linux/targetcli/default.nix
+++ b/pkgs/os-specific/linux/targetcli/default.nix
@@ -2,13 +2,13 @@
python3.pkgs.buildPythonApplication rec {
pname = "targetcli";
- version = "2.1.53";
+ version = "2.1.54";
src = fetchFromGitHub {
owner = "open-iscsi";
repo = "${pname}-fb";
rev = "v${version}";
- sha256 = "1qrq7y5hnghzbxgrxgl153n8jlhw31kqjbr93jsvlvhz5b3ci750";
+ sha256 = "1kbbvx0lba96ynr5iwws9jpi319m4rzph4bmcj7yfb37k8mi161v";
};
propagatedBuildInputs = with python3.pkgs; [ configshell rtslib ];
From 9c512f7a7651f55b3081418d138deef246a90ee7 Mon Sep 17 00:00:00 2001
From: Thomas Gerbet <thomas@gerbet.me>
Date: Sat, 6 Mar 2021 19:58:04 +0100
Subject: [PATCH 26/51] smarty3: 3.1.36 -> 3.1.39
Fixes CVE-2021-26119 and CVE-2021-26120.
https://github.com/smarty-php/smarty/blob/v3.1.39/CHANGELOG.md
---
pkgs/development/libraries/smarty3/default.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/development/libraries/smarty3/default.nix b/pkgs/development/libraries/smarty3/default.nix
index 29f640dedfc..c3c4f8610c7 100644
--- a/pkgs/development/libraries/smarty3/default.nix
+++ b/pkgs/development/libraries/smarty3/default.nix
@@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "smarty3";
- version = "3.1.36";
+ version = "3.1.39";
src = fetchFromGitHub {
owner = "smarty-php";
repo = "smarty";
rev = "v${version}";
- sha256 = "0jljzw1xl2kjwf9cylp1ddnjhz7wbm499s03r479891max1m2mlf";
+ sha256 = "0n5hmnw66gxqikp6frgfd9ywsvr2azyg5nl7ix89digqlzcljkbg";
};
installPhase = ''
From 6f4b61d2ce39057fc0d9971fa7620cc7d7e7dd3a Mon Sep 17 00:00:00 2001
From: Dave Gallant <davegallant@gmail.com>
Date: Sat, 6 Mar 2021 14:09:43 -0500
Subject: [PATCH 27/51] awscli2: 2.1.17 -> 2.1.29
---
pkgs/tools/admin/awscli2/default.nix | 17 ++++++-----------
1 file changed, 6 insertions(+), 11 deletions(-)
diff --git a/pkgs/tools/admin/awscli2/default.nix b/pkgs/tools/admin/awscli2/default.nix
index d832b00a6ee..1f5ff48d25a 100644
--- a/pkgs/tools/admin/awscli2/default.nix
+++ b/pkgs/tools/admin/awscli2/default.nix
@@ -1,19 +1,14 @@
-{ lib
-, python3
-, groff
-, less
-, fetchFromGitHub
-}:
+{ lib, python3, groff, less, fetchFromGitHub }:
let
py = python3.override {
packageOverrides = self: super: {
botocore = super.botocore.overridePythonAttrs (oldAttrs: rec {
- version = "2.0.0dev85";
+ version = "2.0.0dev97";
src = fetchFromGitHub {
owner = "boto";
repo = "botocore";
- rev = "962bb5d356096c57e25a5579d09e4b4d928c886d";
- sha256 = "09bk8d0r3245kbi96641gvfl3q4jjhw55gjldc2cpml6mv36hhnb";
+ rev = "f240d284994b521b0bd099161bc0ab5786caf700";
+ sha256 = "sha256-Ot3w/4OcQ+pXq6bJnQqV5uvG50/uIOa1pwMWqor5NXM=";
};
});
prompt_toolkit = super.prompt_toolkit.overridePythonAttrs (oldAttrs: rec {
@@ -29,13 +24,13 @@ let
in
with py.pkgs; buildPythonApplication rec {
pname = "awscli2";
- version = "2.1.17"; # N.B: if you change this, change botocore to a matching version too
+ version = "2.1.29"; # N.B: if you change this, change botocore to a matching version too
src = fetchFromGitHub {
owner = "aws";
repo = "aws-cli";
rev = version;
- sha256 = "1pla97sylzhvj7r5cschv4bg23hpl0ax1m5cx4291fppjnrn2yp9";
+ sha256 = "sha256-6SVDJeyPJQX4XIH8RYRzJG2LFDHxIrW/b1a0JZ5kIFY=";
};
postPatch = ''
From 39b57a4d0daa896455be6ccd0df73361335b2484 Mon Sep 17 00:00:00 2001
From: Xinglu Chen <public@yoctocell.xyz>
Date: Sat, 6 Mar 2021 17:52:44 +0100
Subject: [PATCH 28/51] tor-browser-bundle-bin: 10.0.12 -> 10.0.13
Update to latest release.
<https://blog.torproject.org/new-release-tor-browser-10013>
---
.../browsers/tor-browser-bundle-bin/default.nix | 9 +++------
1 file changed, 3 insertions(+), 6 deletions(-)
diff --git a/pkgs/applications/networking/browsers/tor-browser-bundle-bin/default.nix b/pkgs/applications/networking/browsers/tor-browser-bundle-bin/default.nix
index 6517203eeeb..9264bbb1560 100644
--- a/pkgs/applications/networking/browsers/tor-browser-bundle-bin/default.nix
+++ b/pkgs/applications/networking/browsers/tor-browser-bundle-bin/default.nix
@@ -33,9 +33,6 @@
, gmp
-# Pluggable transport dependencies
-, python27
-
# Wrapper runtime
, coreutils
, glibcLocales
@@ -91,19 +88,19 @@ let
fteLibPath = makeLibraryPath [ stdenv.cc.cc gmp ];
# Upstream source
- version = "10.0.12";
+ version = "10.0.13";
lang = "en-US";
srcs = {
x86_64-linux = fetchurl {
url = "https://dist.torproject.org/torbrowser/${version}/tor-browser-linux64-${version}_${lang}.tar.xz";
- sha256 = "0i5g997kgn7n6ji7pxbyvkx33nqfi2s1val680fp5hh1zz31yvfv";
+ sha256 = "sha256-KxJKS/ymbkAg8LjMFz3BDSupPk5cNB1pFz9fFyRTndk=";
};
i686-linux = fetchurl {
url = "https://dist.torproject.org/torbrowser/${version}/tor-browser-linux32-${version}_${lang}.tar.xz";
- sha256 = "16915fvvq3d16v1bzclnb52sa6yyaalihk3gv93jcnph9vsz8ags";
+ sha256 = "sha256-4glc2qP6AdHtWc8zW+varG30rlAXpeFyKjqDPsmiVfI=";
};
};
in
From 390684da02cf154c25355212c86609c335414486 Mon Sep 17 00:00:00 2001
From: Fabian Affolter <mail@fabian-affolter.ch>
Date: Wed, 3 Mar 2021 13:48:33 +0100
Subject: [PATCH 29/51] python3Packages.bitlist: init at 0.3.1
---
.../python-modules/bitlist/default.nix | 35 +++++++++++++++++++
pkgs/top-level/python-packages.nix | 2 ++
2 files changed, 37 insertions(+)
create mode 100644 pkgs/development/python-modules/bitlist/default.nix
diff --git a/pkgs/development/python-modules/bitlist/default.nix b/pkgs/development/python-modules/bitlist/default.nix
new file mode 100644
index 00000000000..ac8cf39cff2
--- /dev/null
+++ b/pkgs/development/python-modules/bitlist/default.nix
@@ -0,0 +1,35 @@
+{ lib
+, buildPythonPackage
+, fetchPypi
+, nose
+, parts
+, pytestCheckHook
+}:
+
+buildPythonPackage rec {
+ pname = "bitlist";
+ version = "0.3.1";
+
+ src = fetchPypi {
+ inherit pname version;
+ sha256 = "04dz64r21a39p8wph5qlhvs5y873qgk6xxjlzw8n695b8jm3ixir";
+ };
+
+ propagatedBuildInputs = [
+ parts
+ ];
+
+ checkInputs = [
+ pytestCheckHook
+ nose
+ ];
+
+ pythonImportsCheck = [ "bitlist" ];
+
+ meta = with lib; {
+ description = "Python library for working with little-endian list representation of bit strings";
+ homepage = "https://github.com/lapets/bitlist";
+ license = with licenses; [ mit ];
+ maintainers = with maintainers; [ fab ];
+ };
+}
diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix
index 810ecb9b86f..de94696c610 100644
--- a/pkgs/top-level/python-packages.nix
+++ b/pkgs/top-level/python-packages.nix
@@ -979,6 +979,8 @@ in {
bitcoin-price-api = callPackage ../development/python-modules/bitcoin-price-api { };
+ bitlist = callPackage ../development/python-modules/bitlist { };
+
bitmath = callPackage ../development/python-modules/bitmath { };
bitstring = callPackage ../development/python-modules/bitstring { };
From 60b78b1c09951a0732b21cb403d927082081d27f Mon Sep 17 00:00:00 2001
From: Fabian Affolter <mail@fabian-affolter.ch>
Date: Wed, 3 Mar 2021 13:52:49 +0100
Subject: [PATCH 30/51] python3Packages.fe25519: init at 0.2.0
---
.../python-modules/fe25519/default.nix | 39 +++++++++++++++++++
pkgs/top-level/python-packages.nix | 2 +
2 files changed, 41 insertions(+)
create mode 100644 pkgs/development/python-modules/fe25519/default.nix
diff --git a/pkgs/development/python-modules/fe25519/default.nix b/pkgs/development/python-modules/fe25519/default.nix
new file mode 100644
index 00000000000..466de64453f
--- /dev/null
+++ b/pkgs/development/python-modules/fe25519/default.nix
@@ -0,0 +1,39 @@
+{ lib
+, bitlist
+, buildPythonPackage
+, fetchPypi
+, fountains
+, parts
+, nose
+, pytestCheckHook
+}:
+
+buildPythonPackage rec {
+ pname = "fe25519";
+ version = "0.2.0";
+
+ src = fetchPypi {
+ inherit pname version;
+ sha256 = "1m85qvw9dwxk81mv9k45c9n75pk8wqn70qkinqh56h5zv56vgq24";
+ };
+
+ propagatedBuildInputs = [
+ bitlist
+ fountains
+ parts
+ ];
+
+ checkInputs = [
+ nose
+ pytestCheckHook
+ ];
+
+ pythonImportsCheck = [ "fe25519" ];
+
+ meta = with lib; {
+ description = "Python field operations for Curve25519's prime";
+ homepage = "https://github.com/BjoernMHaase/fe25519";
+ license = with licenses; [ cc0 ];
+ maintainers = with maintainers; [ fab ];
+ };
+}
diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix
index de94696c610..137826f0e7c 100644
--- a/pkgs/top-level/python-packages.nix
+++ b/pkgs/top-level/python-packages.nix
@@ -2230,6 +2230,8 @@ in {
fdint = callPackage ../development/python-modules/fdint { };
+ fe25519 = callPackage ../development/python-modules/fe25519 { };
+
feedgen = callPackage ../development/python-modules/feedgen { };
feedgenerator = callPackage ../development/python-modules/feedgenerator { inherit (pkgs) glibcLocales; };
From 7cdb7324494760a016f8772954eef10de71e3b79 Mon Sep 17 00:00:00 2001
From: Fabian Affolter <mail@fabian-affolter.ch>
Date: Wed, 3 Mar 2021 13:54:41 +0100
Subject: [PATCH 31/51] python3Packages.ge25519: init at 0.2.0
---
.../python-modules/ge25519/default.nix | 41 +++++++++++++++++++
pkgs/top-level/python-packages.nix | 2 +
2 files changed, 43 insertions(+)
create mode 100644 pkgs/development/python-modules/ge25519/default.nix
diff --git a/pkgs/development/python-modules/ge25519/default.nix b/pkgs/development/python-modules/ge25519/default.nix
new file mode 100644
index 00000000000..0e8d3722fbe
--- /dev/null
+++ b/pkgs/development/python-modules/ge25519/default.nix
@@ -0,0 +1,41 @@
+{ lib
+, bitlist
+, buildPythonPackage
+, fe25519
+, fetchPypi
+, fountains
+, nose
+, parts
+, pytestCheckHook
+}:
+
+buildPythonPackage rec {
+ pname = "ge25519";
+ version = "0.2.0";
+
+ src = fetchPypi {
+ inherit pname version;
+ sha256 = "1wgv0vqg8iv9y5d7if14gmcgslwd5zzgk322w9jaxdfbndldddik";
+ };
+
+ propagatedBuildInputs = [
+ fe25519
+ parts
+ bitlist
+ fountains
+ ];
+
+ checkInputs = [
+ nose
+ pytestCheckHook
+ ];
+
+ pythonImportsCheck = [ "ge25519" ];
+
+ meta = with lib; {
+ description = "Python implementation of Ed25519 group elements and operations";
+ homepage = "https://github.com/nthparty/ge25519";
+ license = with licenses; [ mit ];
+ maintainers = with maintainers; [ fab ];
+ };
+}
diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix
index 137826f0e7c..bd6cc68d213 100644
--- a/pkgs/top-level/python-packages.nix
+++ b/pkgs/top-level/python-packages.nix
@@ -2530,6 +2530,8 @@ in {
gdrivefs = callPackage ../development/python-modules/gdrivefs { };
+ ge25519 = callPackage ../development/python-modules/ge25519 { };
+
geant4 = disabledIf (!isPy3k) (toPythonModule (pkgs.geant4.override {
enablePython = true;
python3 = python;
From e83c692f972cb8b3190f85ed8705f1d2eddc4c53 Mon Sep 17 00:00:00 2001
From: Fabian Affolter <mail@fabian-affolter.ch>
Date: Sat, 6 Mar 2021 21:44:29 +0100
Subject: [PATCH 32/51] python3Packages.fountains: init at 0.2.1
---
.../python-modules/fountains/default.nix | 30 +++++++++++++++++++
pkgs/top-level/python-packages.nix | 2 ++
2 files changed, 32 insertions(+)
create mode 100644 pkgs/development/python-modules/fountains/default.nix
diff --git a/pkgs/development/python-modules/fountains/default.nix b/pkgs/development/python-modules/fountains/default.nix
new file mode 100644
index 00000000000..b706930b3ef
--- /dev/null
+++ b/pkgs/development/python-modules/fountains/default.nix
@@ -0,0 +1,30 @@
+{ lib
+, buildPythonPackage
+, fetchPypi
+, bitlist
+}:
+
+buildPythonPackage rec {
+ pname = "fountains";
+ version = "0.2.1";
+
+ src = fetchPypi {
+ inherit pname version;
+ sha256 = "0jk5y099g6ggaq5lwp0jlg4asyhcdxnl3him3ibmzc1k9nnknp30";
+ };
+
+ propagatedBuildInputs = [
+ bitlist
+ ];
+
+ # Project has no test
+ doCheck = false;
+ pythonImportsCheck = [ "fountains" ];
+
+ meta = with lib; {
+ description = "Python library for generating and embedding data for unit testing";
+ homepage = "https://github.com/reity/fountains";
+ license = with licenses; [ mit ];
+ maintainers = with maintainers; [ fab ];
+ };
+}
diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix
index bd6cc68d213..65a8db8108e 100644
--- a/pkgs/top-level/python-packages.nix
+++ b/pkgs/top-level/python-packages.nix
@@ -2446,6 +2446,8 @@ in {
foundationdb60 = callPackage ../servers/foundationdb/python.nix { foundationdb = pkgs.foundationdb60; };
foundationdb61 = callPackage ../servers/foundationdb/python.nix { foundationdb = pkgs.foundationdb61; };
+ fountains = callPackage ../development/python-modules/fountains { };
+
foxdot = callPackage ../development/python-modules/foxdot { };
fpdf = callPackage ../development/python-modules/fpdf { };
From 10b1c7e54b97ae6053adf7346349d18644d8edfa Mon Sep 17 00:00:00 2001
From: Fabian Affolter <mail@fabian-affolter.ch>
Date: Sat, 6 Mar 2021 21:48:17 +0100
Subject: [PATCH 33/51] python3Packages.parts: init at 1.0.2
---
.../python-modules/parts/default.nix | 25 +++++++++++++++++++
pkgs/top-level/python-packages.nix | 2 ++
2 files changed, 27 insertions(+)
create mode 100644 pkgs/development/python-modules/parts/default.nix
diff --git a/pkgs/development/python-modules/parts/default.nix b/pkgs/development/python-modules/parts/default.nix
new file mode 100644
index 00000000000..1bf7f26adfd
--- /dev/null
+++ b/pkgs/development/python-modules/parts/default.nix
@@ -0,0 +1,25 @@
+{ lib
+, buildPythonPackage
+, fetchPypi
+}:
+
+buildPythonPackage rec {
+ pname = "parts";
+ version = "1.0.2";
+
+ src = fetchPypi {
+ inherit pname version;
+ sha256 = "1ym238hxwsw15ivvf6gzmkmla08b9hwhdyc3v6rs55wga9j3a4db";
+ };
+
+ # Project has no tests
+ doCheck = false;
+ pythonImportsCheck = [ "parts" ];
+
+ meta = with lib; {
+ description = "Python library for common list functions related to partitioning lists";
+ homepage = "https://github.com/lapets/parts";
+ license = with licenses; [ mit ];
+ maintainers = with maintainers; [ fab ];
+ };
+}
diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix
index 65a8db8108e..042590dff89 100644
--- a/pkgs/top-level/python-packages.nix
+++ b/pkgs/top-level/python-packages.nix
@@ -4751,6 +4751,8 @@ in {
partd = callPackage ../development/python-modules/partd { };
+ parts = callPackage ../development/python-modules/parts { };
+
parver = callPackage ../development/python-modules/parver { };
arpeggio = callPackage ../development/python-modules/arpeggio { };
From 4e25873e92dc07b9d7ce3dfff4974c3bf04046ea Mon Sep 17 00:00:00 2001
From: Dmitry Kalinkin <dmitry.kalinkin@gmail.com>
Date: Sun, 21 Feb 2021 18:03:46 -0500
Subject: [PATCH 34/51] pythonPackages.awkward: 1.0.2 -> 1.1.2
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
---
pkgs/development/python-modules/awkward/default.nix | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/pkgs/development/python-modules/awkward/default.nix b/pkgs/development/python-modules/awkward/default.nix
index 298074f300d..a343306a5b9 100644
--- a/pkgs/development/python-modules/awkward/default.nix
+++ b/pkgs/development/python-modules/awkward/default.nix
@@ -10,11 +10,11 @@
buildPythonPackage rec {
pname = "awkward";
- version = "1.0.2";
+ version = "1.1.2";
src = fetchPypi {
inherit pname version;
- sha256 = "3468cb80cab51252a1936e5e593c7df4588ea0e18dcb6fb31e3d2913ba883928";
+ sha256 = "4ae8371d9e6d5bd3e90f3686b433cebc0541c88072655d2c75ec58e79b5d6943";
};
nativeBuildInputs = [ cmake ];
@@ -25,6 +25,7 @@ buildPythonPackage rec {
checkInputs = [ pytestCheckHook numba ];
dontUseSetuptoolsCheck = true;
+ disabledTestPaths = [ "tests-cuda" ];
meta = with lib; {
description = "Manipulate JSON-like data with NumPy-like idioms";
From 41d3640e004e23744d9d01ba09995a9d53ed4963 Mon Sep 17 00:00:00 2001
From: Fabian Affolter <mail@fabian-affolter.ch>
Date: Sat, 6 Mar 2021 23:14:12 +0100
Subject: [PATCH 35/51] python3Packages.scramp: 1.2.0 -> 1.2.2
---
pkgs/development/python-modules/scramp/default.nix | 13 ++++++++++---
1 file changed, 10 insertions(+), 3 deletions(-)
diff --git a/pkgs/development/python-modules/scramp/default.nix b/pkgs/development/python-modules/scramp/default.nix
index 7beefa4e899..dc57461d549 100644
--- a/pkgs/development/python-modules/scramp/default.nix
+++ b/pkgs/development/python-modules/scramp/default.nix
@@ -1,16 +1,23 @@
-{ lib, buildPythonPackage, fetchFromGitHub, pytestCheckHook }:
+{ lib
+, asn1crypto
+, buildPythonPackage
+, fetchFromGitHub
+, pytestCheckHook
+}:
buildPythonPackage rec {
pname = "scramp";
- version = "1.2.0";
+ version = "1.2.2";
src = fetchFromGitHub {
owner = "tlocke";
repo = "scramp";
rev = version;
- sha256 = "15jb7z5l2lijxr60fb9v55i3f81h6d83c0b7fv5q0fv5q259nv0a";
+ sha256 = "sha256-d/kfrhvU96eH8TQX7n1hVRclEFWLseEvOxiR6VaOdrg=";
};
+ propagatedBuildInputs = [ asn1crypto ];
+
checkInputs = [ pytestCheckHook ];
pythonImportsCheck = [ "scramp" ];
From 04208d2ffa148d607164aebcb53ce3037ce40cad Mon Sep 17 00:00:00 2001
From: Fabian Affolter <mail@fabian-affolter.ch>
Date: Sat, 6 Mar 2021 23:33:01 +0100
Subject: [PATCH 36/51] python3Packages.pg8000: 1.17.0 -> 1.18.0
---
pkgs/development/python-modules/pg8000/default.nix | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/pkgs/development/python-modules/pg8000/default.nix b/pkgs/development/python-modules/pg8000/default.nix
index ad51a80674b..3cf843b864c 100644
--- a/pkgs/development/python-modules/pg8000/default.nix
+++ b/pkgs/development/python-modules/pg8000/default.nix
@@ -1,19 +1,19 @@
{ lib
, buildPythonPackage
, fetchPypi
-, scramp
-, isPy3k
, passlib
+, pythonOlder
+, scramp
}:
buildPythonPackage rec {
pname = "pg8000";
- version = "1.17.0";
- disabled = !isPy3k;
+ version = "1.18.0";
+ disabled = pythonOlder "3.6";
src = fetchPypi {
inherit pname version;
- sha256 = "sha256-FBmMWv6yiRBuQO5uXkwFKcU2mTn2yliKAos3GnX+IN0=";
+ sha256 = "1nkjxf95ldda41mkmahbikhd1fvxai5lfjb4a5gyhialpz4g5fim";
};
propagatedBuildInputs = [ passlib scramp ];
From 3787cf2075c6b40f77f369f0701a49d97c6c4446 Mon Sep 17 00:00:00 2001
From: Maxine Aubrey <maxeaubrey@gmail.com>
Date: Sat, 6 Mar 2021 23:54:53 +0100
Subject: [PATCH 37/51] consul: 1.9.3 -> 1.9.4
---
pkgs/servers/consul/default.nix | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/pkgs/servers/consul/default.nix b/pkgs/servers/consul/default.nix
index fb4372a1d89..cc00f4cf0ce 100644
--- a/pkgs/servers/consul/default.nix
+++ b/pkgs/servers/consul/default.nix
@@ -2,7 +2,7 @@
buildGoModule rec {
pname = "consul";
- version = "1.9.3";
+ version = "1.9.4";
rev = "v${version}";
# Note: Currently only release tags are supported, because they have the Consul UI
@@ -17,7 +17,7 @@ buildGoModule rec {
owner = "hashicorp";
repo = pname;
inherit rev;
- sha256 = "sha256-/PjtLZtMSq/+S1mWe0oJ+dRCmCq0mlgvreL2awm0PcE=";
+ sha256 = "1ck55i8snpm583p21y1hac0w76wiwyjpgfxkzscd4whp2jnzhhif";
};
passthru.tests.consul = nixosTests.consul;
@@ -26,7 +26,7 @@ buildGoModule rec {
# has a split module structure in one repo
subPackages = ["." "connect/certgen"];
- vendorSha256 = "sha256-eIW3xQgy2doirGwKGE6OFGgXtKs8LYx3sfsnIu8n5Hg=";
+ vendorSha256 = "0y744zpj49zvn5vqqb9wmfs1fs0lir71h2kcmhidmn9j132vg1bq";
doCheck = false;
From ceb1e7d18a618b9f726b4cc2061c39ad03aed0a5 Mon Sep 17 00:00:00 2001
From: Ingo Blechschmidt <iblech@web.de>
Date: Sun, 7 Mar 2021 00:31:43 +0100
Subject: [PATCH 38/51] dsniff: 2.4b1+debian-29 -> 2.4b1+debian-30
---
pkgs/tools/networking/dsniff/default.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/tools/networking/dsniff/default.nix b/pkgs/tools/networking/dsniff/default.nix
index 3a8eab862cb..8e641ec83e7 100644
--- a/pkgs/tools/networking/dsniff/default.nix
+++ b/pkgs/tools/networking/dsniff/default.nix
@@ -53,8 +53,8 @@ in gcc9Stdenv.mkDerivation rec {
domain = "salsa.debian.org";
owner = "pkg-security-team";
repo = "dsniff";
- rev = "debian/${version}+debian-29";
- sha256 = "10zz9krf65jsqvlcr72ycp5cd27xwr18jkc38zqp2i4j6x0caj2g";
+ rev = "debian/${version}+debian-30";
+ sha256 = "1fk2k0sfdp5g27i11g0sbzm7al52raz5yr1aibzssnysv7l9xgzh";
name = "dsniff.tar.gz";
};
From d59047a77430fa8705c2fb67795145f657923eff Mon Sep 17 00:00:00 2001
From: Ben Wolsieffer <benwolsieffer@gmail.com>
Date: Sat, 6 Mar 2021 19:01:30 -0500
Subject: [PATCH 39/51] python3Packages.pypugjs: 5.9.8 -> 5.9.9
---
pkgs/development/python-modules/pypugjs/default.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/development/python-modules/pypugjs/default.nix b/pkgs/development/python-modules/pypugjs/default.nix
index 4e2bf164a33..77ca912db6c 100644
--- a/pkgs/development/python-modules/pypugjs/default.nix
+++ b/pkgs/development/python-modules/pypugjs/default.nix
@@ -3,11 +3,11 @@
buildPythonPackage rec {
pname = "pypugjs";
- version = "5.9.8";
+ version = "5.9.9";
src = fetchPypi {
inherit pname version;
- sha256 = "1iy8k56rbslxcylhamdik2bd6gqqirrix55mrdn29zz9gl6vg1xi";
+ sha256 = "0s0a239940z6rsssa13yz6pfkjk4300j35hs7qysyz45f3ixq19j";
};
propagatedBuildInputs = [ six chardet ];
From b3c90695a9a23b893f22903c5b9c22f5ba9af3a8 Mon Sep 17 00:00:00 2001
From: Austin Butler <austinabutler@gmail.com>
Date: Sat, 6 Mar 2021 16:51:58 -0800
Subject: [PATCH 40/51] nomachine-client: 7.0.211 -> 7.2.3
---
pkgs/tools/admin/nomachine-client/default.nix | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/pkgs/tools/admin/nomachine-client/default.nix b/pkgs/tools/admin/nomachine-client/default.nix
index c419c7e834a..fa5763178bd 100644
--- a/pkgs/tools/admin/nomachine-client/default.nix
+++ b/pkgs/tools/admin/nomachine-client/default.nix
@@ -1,10 +1,10 @@
{ lib, stdenv, file, fetchurl, makeWrapper,
autoPatchelfHook, jsoncpp, libpulseaudio }:
let
- versionMajor = "7.0";
- versionMinor = "211";
- versionBuild_x86_64 = "4";
- versionBuild_i686 = "4";
+ versionMajor = "7.2";
+ versionMinor = "3";
+ versionBuild_x86_64 = "8";
+ versionBuild_i686 = "8";
in
stdenv.mkDerivation rec {
pname = "nomachine-client";
@@ -14,12 +14,12 @@ in
if stdenv.hostPlatform.system == "x86_64-linux" then
fetchurl {
url = "https://download.nomachine.com/download/${versionMajor}/Linux/nomachine_${version}_${versionBuild_x86_64}_x86_64.tar.gz";
- sha256 = "06habqsl5gp13sym519r3qp188qwqqfw8p48wcs4zj3kcri6fjz0";
+ sha256 = "1x60vmngq4927qvy6ljmyvwlz5lapilld3495w3y3jdllwd3dxp4";
}
else if stdenv.hostPlatform.system == "i686-linux" then
fetchurl {
url = "https://download.nomachine.com/download/${versionMajor}/Linux/nomachine_${version}_${versionBuild_i686}_i686.tar.gz";
- sha256 = "1y4lr95mwilwr7gqsxqvygq4w3dcp4cjh8m06wdi3avwdzrjkgj9";
+ sha256 = "0dx921g6w3gk0x4p771qqxbbi16vl11hmdzzwhfczrq90pgzrhks";
}
else
throw "NoMachine client is not supported on ${stdenv.hostPlatform.system}";
From 725f331cc8b1d3b762b1adeadf2ee2044f5b69c6 Mon Sep 17 00:00:00 2001
From: Demyan Rogozhin <Demyan.Rogozhin@gmail.com>
Date: Sun, 7 Mar 2021 01:58:04 +0100
Subject: [PATCH 41/51] particl-core: 0.19.2.3 -> 0.19.2.5
---
pkgs/applications/blockchains/particl/particl-core.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/applications/blockchains/particl/particl-core.nix b/pkgs/applications/blockchains/particl/particl-core.nix
index feced9eecb0..99bc49e8db3 100644
--- a/pkgs/applications/blockchains/particl/particl-core.nix
+++ b/pkgs/applications/blockchains/particl/particl-core.nix
@@ -17,11 +17,11 @@ with lib;
stdenv.mkDerivation rec {
pname = "particl-core";
- version = "0.19.2.3";
+ version = "0.19.2.5";
src = fetchurl {
url = "https://github.com/particl/particl-core/archive/v${version}.tar.gz";
- sha256 = "sha256-nAsQvYWUejSu/4MMIwZhlV5Gjza/Da4jcp6/01lppvg=";
+ sha256 = "sha256-uI4T8h6RvCikk8h/sZmGlj3Uj3Xhu0vDn/fPb6rLcSg=";
};
nativeBuildInputs = [ pkg-config autoreconfHook ];
From 6303d139fc09122613108f8eb0996441429fe2ea Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= <sandro.jaeckel@gmail.com>
Date: Sun, 7 Mar 2021 02:58:01 +0100
Subject: [PATCH 42/51] pythonPackages.cairosvg: 2.5.1 -> 2.5.2
---
.../python-modules/cairosvg/default.nix | 35 ++++++++++++++-----
1 file changed, 27 insertions(+), 8 deletions(-)
diff --git a/pkgs/development/python-modules/cairosvg/default.nix b/pkgs/development/python-modules/cairosvg/default.nix
index 0244f772be1..58b8c267306 100644
--- a/pkgs/development/python-modules/cairosvg/default.nix
+++ b/pkgs/development/python-modules/cairosvg/default.nix
@@ -1,25 +1,44 @@
-{ lib, buildPythonPackage, fetchPypi, isPy3k, fetchpatch
-, cairocffi, cssselect2, defusedxml, pillow, tinycss2
-, pytest, pytestrunner, pytestcov, pytest-flake8, pytest-isort }:
+{ lib
+, buildPythonPackage
+, fetchPypi
+, isPy3k
+, cairocffi
+, cssselect2
+, defusedxml
+, pillow
+, tinycss2
+, pytestCheckHook
+, pytest-runner
+, pytest-flake8
+, pytest-isort
+}:
buildPythonPackage rec {
pname = "CairoSVG";
- version = "2.5.1";
-
+ version = "2.5.2";
disabled = !isPy3k;
src = fetchPypi {
inherit pname version;
- sha256 = "bfa0deea7fa0b9b2f29e41b747a915c249dbca731a4667c2917e47ff96e773e0";
+ sha256 = "sha256-sLmSnPXboAUXjXRqgDb88AJVUPSYylTbYYczIjhHg7w=";
};
+ buildInputs = [ pytest-runner ];
+
propagatedBuildInputs = [ cairocffi cssselect2 defusedxml pillow tinycss2 ];
- checkInputs = [ pytest pytestrunner pytestcov pytest-flake8 pytest-isort ];
+ checkInputs = [ pytestCheckHook pytest-flake8 pytest-isort ];
+
+ pytestFlagsArray = [
+ "cairosvg/test_api.py"
+ ];
+
+ pythonImportsCheck = [ "cairosvg" ];
meta = with lib; {
homepage = "https://cairosvg.org";
- license = licenses.lgpl3;
+ license = licenses.lgpl3Plus;
description = "SVG converter based on Cairo";
+ maintainers = with maintainers; [ SuperSandro2000 ];
};
}
From fa2bf8e38e9ad75f7bfd9953974196fc41980ef7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= <sandro.jaeckel@gmail.com>
Date: Sun, 7 Mar 2021 02:58:56 +0100
Subject: [PATCH 43/51] pythonPackages.celery: add missing requirement
---
pkgs/development/python-modules/celery/default.nix | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/pkgs/development/python-modules/celery/default.nix b/pkgs/development/python-modules/celery/default.nix
index e1fb0b98ea0..f0fe81f85e2 100644
--- a/pkgs/development/python-modules/celery/default.nix
+++ b/pkgs/development/python-modules/celery/default.nix
@@ -1,5 +1,5 @@
{ lib, buildPythonPackage, fetchPypi
-, billiard, click, click-didyoumean, click-repl, kombu, pytz, vine
+, billiard, click, click-didyoumean, click-plugins, click-repl, kombu, pytz, vine
, boto3, case, moto, pytest, pytest-celery, pytest-subtests, pytest-timeout
}:
@@ -17,7 +17,7 @@ buildPythonPackage rec {
--replace "moto==1.3.7" moto
'';
- propagatedBuildInputs = [ billiard click click-didyoumean click-repl kombu pytz vine ];
+ propagatedBuildInputs = [ billiard click click-didyoumean click-plugins click-repl kombu pytz vine ];
checkInputs = [ boto3 case moto pytest pytest-celery pytest-subtests pytest-timeout ];
@@ -38,5 +38,6 @@ buildPythonPackage rec {
homepage = "https://github.com/celery/celery/";
description = "Distributed task queue";
license = licenses.bsd3;
+ maintainers = [ ];
};
}
From 9c43942caf1e3cb496cf50325bc128d4c0ce740d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= <sandro.jaeckel@gmail.com>
Date: Sun, 7 Mar 2021 03:13:51 +0100
Subject: [PATCH 44/51] mirage: remove unused input
---
.../networking/instant-messengers/mirage/default.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pkgs/applications/networking/instant-messengers/mirage/default.nix b/pkgs/applications/networking/instant-messengers/mirage/default.nix
index 3b6b9bfc6f9..42ea1c52fa9 100644
--- a/pkgs/applications/networking/instant-messengers/mirage/default.nix
+++ b/pkgs/applications/networking/instant-messengers/mirage/default.nix
@@ -1,6 +1,6 @@
{ lib, stdenv, mkDerivation, fetchFromGitHub
, qmake, pkg-config, olm, wrapQtAppsHook
-, qtbase, qtquickcontrols2, qtkeychain, qtmultimedia, qttools, qtgraphicaleffects
+, qtbase, qtquickcontrols2, qtkeychain, qtmultimedia, qtgraphicaleffects
, python3Packages, pyotherside, libXScrnSaver
}:
From 0218a3a1d54870440889aa06f5ab8ccf1e0e9a97 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= <sandro.jaeckel@gmail.com>
Date: Sun, 7 Mar 2021 03:14:35 +0100
Subject: [PATCH 45/51] pythonPackages.flower: fix broken
---
pkgs/development/python-modules/flower/default.nix | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/pkgs/development/python-modules/flower/default.nix b/pkgs/development/python-modules/flower/default.nix
index 09368552966..3662116bc2a 100644
--- a/pkgs/development/python-modules/flower/default.nix
+++ b/pkgs/development/python-modules/flower/default.nix
@@ -35,11 +35,13 @@ buildPythonPackage rec {
checkInputs = [ mock ];
+ pythonImportsCheck = [ "flower" ];
+
meta = with lib; {
description = "Celery Flower";
homepage = "https://github.com/mher/flower";
license = licenses.bsdOriginal;
maintainers = [ maintainers.arnoldfarkas ];
- broken = (celery.version == "5.0.2"); # currently broken with celery>=5.0 by https://github.com/mher/flower/pull/1021
+ broken = (celery.version >= "5.0.2"); # currently broken with celery>=5.0 by https://github.com/mher/flower/pull/1021
};
}
From fc750b2000a1cfb31cc4cf2a409f16f243d2f9c0 Mon Sep 17 00:00:00 2001
From: Yurii Matsiuk <ymatsiuk@users.noreply.github.com>
Date: Wed, 13 Jan 2021 13:44:22 +0100
Subject: [PATCH 46/51] kubernetes: 1.19.5 -> 1.20.4
---
.../networking/cluster/kubernetes/default.nix | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/pkgs/applications/networking/cluster/kubernetes/default.nix b/pkgs/applications/networking/cluster/kubernetes/default.nix
index d4ec9cf5ef3..184f36c69f7 100644
--- a/pkgs/applications/networking/cluster/kubernetes/default.nix
+++ b/pkgs/applications/networking/cluster/kubernetes/default.nix
@@ -20,13 +20,13 @@
stdenv.mkDerivation rec {
pname = "kubernetes";
- version = "1.19.5";
+ version = "1.20.4";
src = fetchFromGitHub {
owner = "kubernetes";
repo = "kubernetes";
rev = "v${version}";
- sha256 = "15bv620fj4x731f2z2a9dcdss18rk379kc40g49bpqsdn42jjx2z";
+ sha256 = "0nni351ya688dphdkpyq94p3wjw2kigg85kmalwdpv5wpz1abl5g";
};
nativeBuildInputs = [ removeReferencesTo makeWrapper which go rsync installShellFiles ];
@@ -53,7 +53,7 @@ stdenv.mkDerivation rec {
postBuild = ''
./hack/update-generated-docs.sh
- (cd build/pause && cc pause.c -o pause)
+ (cd build/pause/linux && cc pause.c -o pause)
'';
installPhase = ''
@@ -61,7 +61,7 @@ stdenv.mkDerivation rec {
install -D _output/local/go/bin/''${p##*/} -t $out/bin
done
- install -D build/pause/pause -t $pause/bin
+ install -D build/pause/linux/pause -t $pause/bin
installManPage docs/man/man1/*.[1-9]
cp cluster/addons/addon-manager/kube-addons.sh $out/bin/kube-addons
From 7da62867be079bb5f6412fb12a76dbb68f9bad4b Mon Sep 17 00:00:00 2001
From: Yurii Matsiuk <ymatsiuk@users.noreply.github.com>
Date: Wed, 13 Jan 2021 20:10:04 +0100
Subject: [PATCH 47/51] nixos/kubernetes: adapt module and test cases to fit
kubernetes v1.20.X as well as coredns v1.7.X
---
.../cluster/kubernetes/addons/dns.nix | 7 ++-
.../services/cluster/kubernetes/apiserver.nix | 44 ++++++++++++++++---
.../services/cluster/kubernetes/kubelet.nix | 16 ++++++-
.../services/cluster/kubernetes/pki.nix | 1 +
.../networking/cluster/kubernetes/default.nix | 11 ++++-
.../fixup-addonmanager-lib-path.patch | 23 ++++++++++
6 files changed, 89 insertions(+), 13 deletions(-)
create mode 100644 pkgs/applications/networking/cluster/kubernetes/fixup-addonmanager-lib-path.patch
diff --git a/nixos/modules/services/cluster/kubernetes/addons/dns.nix b/nixos/modules/services/cluster/kubernetes/addons/dns.nix
index f12e866930d..24d86628b21 100644
--- a/nixos/modules/services/cluster/kubernetes/addons/dns.nix
+++ b/nixos/modules/services/cluster/kubernetes/addons/dns.nix
@@ -3,7 +3,7 @@
with lib;
let
- version = "1.6.4";
+ version = "1.7.1";
cfg = config.services.kubernetes.addons.dns;
ports = {
dns = 10053;
@@ -55,9 +55,9 @@ in {
type = types.attrs;
default = {
imageName = "coredns/coredns";
- imageDigest = "sha256:493ee88e1a92abebac67cbd4b5658b4730e0f33512461442d8d9214ea6734a9b";
+ imageDigest = "sha256:4a6e0769130686518325b21b0c1d0688b54e7c79244d48e1b15634e98e40c6ef";
finalImageTag = version;
- sha256 = "0fm9zdjavpf5hni8g7fkdd3csjbhd7n7py7llxjc66sbii087028";
+ sha256 = "02r440xcdsgi137k5lmmvp0z5w5fmk8g9mysq5pnysq1wl8sj6mw";
};
};
};
@@ -156,7 +156,6 @@ in {
health :${toString ports.health}
kubernetes ${cfg.clusterDomain} in-addr.arpa ip6.arpa {
pods insecure
- upstream
fallthrough in-addr.arpa ip6.arpa
}
prometheus :${toString ports.metrics}
diff --git a/nixos/modules/services/cluster/kubernetes/apiserver.nix b/nixos/modules/services/cluster/kubernetes/apiserver.nix
index 95bdb4c0d14..616389dfaac 100644
--- a/nixos/modules/services/cluster/kubernetes/apiserver.nix
+++ b/nixos/modules/services/cluster/kubernetes/apiserver.nix
@@ -238,14 +238,42 @@ in
type = int;
};
+ apiAudiences = mkOption {
+ description = ''
+ Kubernetes apiserver ServiceAccount issuer.
+ '';
+ default = "api,https://kubernetes.default.svc";
+ type = str;
+ };
+
+ serviceAccountIssuer = mkOption {
+ description = ''
+ Kubernetes apiserver ServiceAccount issuer.
+ '';
+ default = "https://kubernetes.default.svc";
+ type = str;
+ };
+
+ serviceAccountSigningKeyFile = mkOption {
+ description = ''
+ Path to the file that contains the current private key of the service
+ account token issuer. The issuer will sign issued ID tokens with this
+ private key.
+ '';
+ default = top.serviceAccountSigningKeyFile;
+ type = path;
+ };
+
serviceAccountKeyFile = mkOption {
description = ''
- Kubernetes apiserver PEM-encoded x509 RSA private or public key file,
- used to verify ServiceAccount tokens. By default tls private key file
- is used.
+ File containing PEM-encoded x509 RSA or ECDSA private or public keys,
+ used to verify ServiceAccount tokens. The specified file can contain
+ multiple keys, and the flag can be specified multiple times with
+ different files. If unspecified, --tls-private-key-file is used.
+ Must be specified when --service-account-signing-key is provided
'';
- default = null;
- type = nullOr path;
+ default = top.serviceAccountKeyFile;
+ type = path;
};
serviceClusterIpRange = mkOption {
@@ -357,8 +385,10 @@ in
${optionalString (cfg.runtimeConfig != "")
"--runtime-config=${cfg.runtimeConfig}"} \
--secure-port=${toString cfg.securePort} \
- ${optionalString (cfg.serviceAccountKeyFile!=null)
- "--service-account-key-file=${cfg.serviceAccountKeyFile}"} \
+ --api-audiences=${toString cfg.apiAudiences} \
+ --service-account-issuer=${toString cfg.serviceAccountIssuer} \
+ --service-account-signing-key-file=${cfg.serviceAccountSigningKeyFile} \
+ --service-account-key-file=${cfg.serviceAccountKeyFile} \
--service-cluster-ip-range=${cfg.serviceClusterIpRange} \
--storage-backend=${cfg.storageBackend} \
${optionalString (cfg.tlsCertFile != null)
diff --git a/nixos/modules/services/cluster/kubernetes/kubelet.nix b/nixos/modules/services/cluster/kubernetes/kubelet.nix
index 479027f1b27..4da6efca535 100644
--- a/nixos/modules/services/cluster/kubernetes/kubelet.nix
+++ b/nixos/modules/services/cluster/kubernetes/kubelet.nix
@@ -125,6 +125,18 @@ in
};
};
+ containerRuntime = mkOption {
+ description = "Which container runtime type to use";
+ type = enum ["docker" "remote"];
+ default = "remote";
+ };
+
+ containerRuntimeEndpoint = mkOption {
+ description = "Endpoint at which to find the container runtime api interface/socket";
+ type = str;
+ default = "unix:///var/run/docker/containerd/containerd.sock";
+ };
+
enable = mkEnableOption "Kubernetes kubelet.";
extraOpts = mkOption {
@@ -240,7 +252,7 @@ in
systemd.services.kubelet = {
description = "Kubernetes Kubelet Service";
wantedBy = [ "kubernetes.target" ];
- after = [ "network.target" "docker.service" "kube-apiserver.service" ];
+ after = [ "network.target" "kube-apiserver.service" "sockets.target" ];
path = with pkgs; [
gitMinimal
openssh
@@ -306,6 +318,8 @@ in
${optionalString (cfg.tlsKeyFile != null)
"--tls-private-key-file=${cfg.tlsKeyFile}"} \
${optionalString (cfg.verbosity != null) "--v=${toString cfg.verbosity}"} \
+ --container-runtime=${cfg.containerRuntime} \
+ --container-runtime-endpoint=${cfg.containerRuntimeEndpoint} \
${cfg.extraOpts}
'';
WorkingDirectory = top.dataDir;
diff --git a/nixos/modules/services/cluster/kubernetes/pki.nix b/nixos/modules/services/cluster/kubernetes/pki.nix
index 933ae481e96..8de6a3ba0d8 100644
--- a/nixos/modules/services/cluster/kubernetes/pki.nix
+++ b/nixos/modules/services/cluster/kubernetes/pki.nix
@@ -361,6 +361,7 @@ in
tlsCertFile = mkDefault cert;
tlsKeyFile = mkDefault key;
serviceAccountKeyFile = mkDefault cfg.certs.serviceAccount.cert;
+ serviceAccountSigningKeyFile = mkDefault cfg.certs.serviceAccount.key;
kubeletClientCaFile = mkDefault caCert;
kubeletClientCertFile = mkDefault cfg.certs.apiserverKubeletClient.cert;
kubeletClientKeyFile = mkDefault cfg.certs.apiserverKubeletClient.key;
diff --git a/pkgs/applications/networking/cluster/kubernetes/default.nix b/pkgs/applications/networking/cluster/kubernetes/default.nix
index 184f36c69f7..cb669615f63 100644
--- a/pkgs/applications/networking/cluster/kubernetes/default.nix
+++ b/pkgs/applications/networking/cluster/kubernetes/default.nix
@@ -33,6 +33,8 @@ stdenv.mkDerivation rec {
outputs = [ "out" "man" "pause" ];
+ patches = [ ./fixup-addonmanager-lib-path.patch ];
+
postPatch = ''
# go env breaks the sandbox
substituteInPlace "hack/lib/golang.sh" \
@@ -64,10 +66,17 @@ stdenv.mkDerivation rec {
install -D build/pause/linux/pause -t $pause/bin
installManPage docs/man/man1/*.[1-9]
- cp cluster/addons/addon-manager/kube-addons.sh $out/bin/kube-addons
+ # Unfortunately, kube-addons-main.sh only looks for the lib file in either the current working dir
+ # or in /opt. We have to patch this for now.
+ substitute cluster/addons/addon-manager/kube-addons-main.sh $out/bin/kube-addons \
+ --subst-var out
+
+ chmod +x $out/bin/kube-addons
patchShebangs $out/bin/kube-addons
wrapProgram $out/bin/kube-addons --set "KUBECTL_BIN" "$out/bin/kubectl"
+ cp cluster/addons/addon-manager/kube-addons.sh $out/bin/kube-addons-lib.sh
+
cp ${./mk-docker-opts.sh} $out/bin/mk-docker-opts.sh
for tool in kubeadm kubectl; do
diff --git a/pkgs/applications/networking/cluster/kubernetes/fixup-addonmanager-lib-path.patch b/pkgs/applications/networking/cluster/kubernetes/fixup-addonmanager-lib-path.patch
new file mode 100644
index 00000000000..ef2904bdcfe
--- /dev/null
+++ b/pkgs/applications/networking/cluster/kubernetes/fixup-addonmanager-lib-path.patch
@@ -0,0 +1,23 @@
+diff --git a/cluster/addons/addon-manager/kube-addons-main.sh b/cluster/addons/addon-manager/kube-addons-main.sh
+index 849973470d1..e4fef30eaea 100755
+--- a/cluster/addons/addon-manager/kube-addons-main.sh
++++ b/cluster/addons/addon-manager/kube-addons-main.sh
+@@ -17,17 +17,7 @@
+ # Import required functions. The addon manager is installed to /opt in
+ # production use (see the Dockerfile)
+ # Disabling shellcheck following files as the full path would be required.
+-if [ -f "kube-addons.sh" ]; then
+- # shellcheck disable=SC1091
+- source "kube-addons.sh"
+-elif [ -f "/opt/kube-addons.sh" ]; then
+- # shellcheck disable=SC1091
+- source "/opt/kube-addons.sh"
+-else
+- # If the required source is missing, we have to fail.
+- log ERR "== Could not find kube-addons.sh (not in working directory or /opt) at $(date -Is) =="
+- exit 1
+-fi
++source "@out@/bin/kube-addons-lib.sh"
+
+ # The business logic for whether a given object should be created
+ # was already enforced by salt, and /etc/kubernetes/addons is the
From 7b5c38e97384257a03ec29e9eec56e2a46a07816 Mon Sep 17 00:00:00 2001
From: Johan Thomsen <jth@dbc.dk>
Date: Thu, 25 Feb 2021 16:00:59 +0100
Subject: [PATCH 48/51] nixos/kubernetes: docker -> containerd
also, nixos/containerd: module init
---
nixos/doc/manual/release-notes/rl-2105.xml | 9 ++
nixos/modules/module-list.nix | 1 +
.../services/cluster/kubernetes/apiserver.nix | 2 -
.../services/cluster/kubernetes/default.nix | 33 +++--
.../services/cluster/kubernetes/flannel.nix | 40 +------
.../services/cluster/kubernetes/kubelet.nix | 27 +++--
nixos/modules/services/networking/flannel.nix | 6 +-
nixos/modules/virtualisation/containerd.nix | 60 ++++++++++
nixos/tests/kubernetes/dns.nix | 15 ++-
nixos/tests/kubernetes/rbac.nix | 6 +-
.../networking/cluster/kubernetes/default.nix | 2 -
.../cluster/kubernetes/mk-docker-opts.sh | 113 ------------------
12 files changed, 129 insertions(+), 185 deletions(-)
create mode 100644 nixos/modules/virtualisation/containerd.nix
delete mode 100755 pkgs/applications/networking/cluster/kubernetes/mk-docker-opts.sh
diff --git a/nixos/doc/manual/release-notes/rl-2105.xml b/nixos/doc/manual/release-notes/rl-2105.xml
index 0666b4300ec..2f87869fbe3 100644
--- a/nixos/doc/manual/release-notes/rl-2105.xml
+++ b/nixos/doc/manual/release-notes/rl-2105.xml
@@ -788,6 +788,15 @@ self: super:
and use Maturin as their build tool.
</para>
</listitem>
+ <listitem>
+ <para>
+ Kubernetes has <link xlink:href="https://kubernetes.io/blog/2020/12/02/dont-panic-kubernetes-and-docker/">deprecated docker</link> as container runtime.
+ As a consequence, the Kubernetes module now has support for configuration of custom remote container runtimes and enables containerd by default.
+ Note that containerd is more strict regarding container image OCI-compliance.
+ As an example, images with CMD or ENTRYPOINT defined as strings (not lists) will fail on containerd, while working fine on docker.
+ Please test your setup and container images with containerd prior to upgrading.
+ </para>
+ </listitem>
</itemizedlist>
</section>
</section>
diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix
index f91c21ad5cb..9bb81d085c9 100644
--- a/nixos/modules/module-list.nix
+++ b/nixos/modules/module-list.nix
@@ -1053,6 +1053,7 @@
./testing/service-runner.nix
./virtualisation/anbox.nix
./virtualisation/container-config.nix
+ ./virtualisation/containerd.nix
./virtualisation/containers.nix
./virtualisation/nixos-containers.nix
./virtualisation/oci-containers.nix
diff --git a/nixos/modules/services/cluster/kubernetes/apiserver.nix b/nixos/modules/services/cluster/kubernetes/apiserver.nix
index 616389dfaac..a5b13215476 100644
--- a/nixos/modules/services/cluster/kubernetes/apiserver.nix
+++ b/nixos/modules/services/cluster/kubernetes/apiserver.nix
@@ -260,7 +260,6 @@ in
account token issuer. The issuer will sign issued ID tokens with this
private key.
'';
- default = top.serviceAccountSigningKeyFile;
type = path;
};
@@ -272,7 +271,6 @@ in
different files. If unspecified, --tls-private-key-file is used.
Must be specified when --service-account-signing-key is provided
'';
- default = top.serviceAccountKeyFile;
type = path;
};
diff --git a/nixos/modules/services/cluster/kubernetes/default.nix b/nixos/modules/services/cluster/kubernetes/default.nix
index 3a11a6513a4..19edc338bba 100644
--- a/nixos/modules/services/cluster/kubernetes/default.nix
+++ b/nixos/modules/services/cluster/kubernetes/default.nix
@@ -5,6 +5,29 @@ with lib;
let
cfg = config.services.kubernetes;
+ defaultContainerdConfigFile = pkgs.writeText "containerd.toml" ''
+ version = 2
+ root = "/var/lib/containerd/daemon"
+ state = "/var/run/containerd/daemon"
+ oom_score = 0
+
+ [grpc]
+ address = "/var/run/containerd/containerd.sock"
+
+ [plugins."io.containerd.grpc.v1.cri"]
+ sandbox_image = "pause:latest"
+
+ [plugins."io.containerd.grpc.v1.cri".cni]
+ bin_dir = "/opt/cni/bin"
+ max_conf_num = 0
+
+ [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
+ runtime_type = "io.containerd.runc.v2"
+
+ [plugins."io.containerd.grpc.v1.cri".containerd.runtimes."io.containerd.runc.v2".options]
+ SystemdCgroup = true
+ '';
+
mkKubeConfig = name: conf: pkgs.writeText "${name}-kubeconfig" (builtins.toJSON {
apiVersion = "v1";
kind = "Config";
@@ -222,14 +245,9 @@ in {
})
(mkIf cfg.kubelet.enable {
- virtualisation.docker = {
+ virtualisation.containerd = {
enable = mkDefault true;
-
- # kubernetes needs access to logs
- logDriver = mkDefault "json-file";
-
- # iptables must be disabled for kubernetes
- extraOptions = "--iptables=false --ip-masq=false";
+ configFile = mkDefault defaultContainerdConfigFile;
};
})
@@ -269,7 +287,6 @@ in {
users.users.kubernetes = {
uid = config.ids.uids.kubernetes;
description = "Kubernetes user";
- extraGroups = [ "docker" ];
group = "kubernetes";
home = cfg.dataDir;
createHome = true;
diff --git a/nixos/modules/services/cluster/kubernetes/flannel.nix b/nixos/modules/services/cluster/kubernetes/flannel.nix
index 548ffed1ddb..3f55719027f 100644
--- a/nixos/modules/services/cluster/kubernetes/flannel.nix
+++ b/nixos/modules/services/cluster/kubernetes/flannel.nix
@@ -8,16 +8,6 @@ let
# we want flannel to use kubernetes itself as configuration backend, not direct etcd
storageBackend = "kubernetes";
-
- # needed for flannel to pass options to docker
- mkDockerOpts = pkgs.runCommand "mk-docker-opts" {
- buildInputs = [ pkgs.makeWrapper ];
- } ''
- mkdir -p $out
-
- # bashInteractive needed for `compgen`
- makeWrapper ${pkgs.bashInteractive}/bin/bash $out/mk-docker-opts --add-flags "${pkgs.kubernetes}/bin/mk-docker-opts.sh"
- '';
in
{
###### interface
@@ -43,43 +33,17 @@ in
cniVersion = "0.3.1";
delegate = {
isDefaultGateway = true;
- bridge = "docker0";
+ bridge = "mynet";
};
}];
};
- systemd.services.mk-docker-opts = {
- description = "Pre-Docker Actions";
- path = with pkgs; [ gawk gnugrep ];
- script = ''
- ${mkDockerOpts}/mk-docker-opts -d /run/flannel/docker
- systemctl restart docker
- '';
- serviceConfig.Type = "oneshot";
- };
-
- systemd.paths.flannel-subnet-env = {
- wantedBy = [ "flannel.service" ];
- pathConfig = {
- PathModified = "/run/flannel/subnet.env";
- Unit = "mk-docker-opts.service";
- };
- };
-
- systemd.services.docker = {
- environment.DOCKER_OPTS = "-b none";
- serviceConfig.EnvironmentFile = "-/run/flannel/docker";
- };
-
- # read environment variables generated by mk-docker-opts
- virtualisation.docker.extraOptions = "$DOCKER_OPTS";
-
networking = {
firewall.allowedUDPPorts = [
8285 # flannel udp
8472 # flannel vxlan
];
- dhcpcd.denyInterfaces = [ "docker*" "flannel*" ];
+ dhcpcd.denyInterfaces = [ "mynet*" "flannel*" ];
};
services.kubernetes.pki.certs = {
diff --git a/nixos/modules/services/cluster/kubernetes/kubelet.nix b/nixos/modules/services/cluster/kubernetes/kubelet.nix
index 4da6efca535..ef6da26a024 100644
--- a/nixos/modules/services/cluster/kubernetes/kubelet.nix
+++ b/nixos/modules/services/cluster/kubernetes/kubelet.nix
@@ -23,7 +23,7 @@ let
name = "pause";
tag = "latest";
contents = top.package.pause;
- config.Cmd = "/bin/pause";
+ config.Cmd = ["/bin/pause"];
};
kubeconfig = top.lib.mkKubeConfig "kubelet" cfg.kubeconfig;
@@ -134,7 +134,7 @@ in
containerRuntimeEndpoint = mkOption {
description = "Endpoint at which to find the container runtime api interface/socket";
type = str;
- default = "unix:///var/run/docker/containerd/containerd.sock";
+ default = "unix:///var/run/containerd/containerd.sock";
};
enable = mkEnableOption "Kubernetes kubelet.";
@@ -247,16 +247,24 @@ in
###### implementation
config = mkMerge [
(mkIf cfg.enable {
+
+ environment.etc."cni/net.d".source = cniConfig;
+
services.kubernetes.kubelet.seedDockerImages = [infraContainer];
+ boot.kernel.sysctl = {
+ "net.bridge.bridge-nf-call-iptables" = 1;
+ "net.ipv4.ip_forward" = 1;
+ "net.bridge.bridge-nf-call-ip6tables" = 1;
+ };
+
systemd.services.kubelet = {
description = "Kubernetes Kubelet Service";
wantedBy = [ "kubernetes.target" ];
- after = [ "network.target" "kube-apiserver.service" "sockets.target" ];
+ after = [ "containerd.service" "network.target" "kube-apiserver.service" ];
path = with pkgs; [
gitMinimal
openssh
- docker
util-linux
iproute
ethtool
@@ -266,8 +274,12 @@ in
] ++ lib.optional config.boot.zfs.enabled config.boot.zfs.package ++ top.path;
preStart = ''
${concatMapStrings (img: ''
- echo "Seeding docker image: ${img}"
- docker load <${img}
+ echo "Seeding container image: ${img}"
+ ${if (lib.hasSuffix "gz" img) then
+ ''${pkgs.gzip}/bin/zcat "${img}" | ${pkgs.containerd}/bin/ctr -n k8s.io image import -''
+ else
+ ''${pkgs.coreutils}/bin/cat "${img}" | ${pkgs.containerd}/bin/ctr -n k8s.io image import -''
+ }
'') cfg.seedDockerImages}
rm /opt/cni/bin/* || true
@@ -320,6 +332,7 @@ in
${optionalString (cfg.verbosity != null) "--v=${toString cfg.verbosity}"} \
--container-runtime=${cfg.containerRuntime} \
--container-runtime-endpoint=${cfg.containerRuntimeEndpoint} \
+ --cgroup-driver=systemd \
${cfg.extraOpts}
'';
WorkingDirectory = top.dataDir;
@@ -329,7 +342,7 @@ in
# Allways include cni plugins
services.kubernetes.kubelet.cni.packages = [pkgs.cni-plugins];
- boot.kernelModules = ["br_netfilter"];
+ boot.kernelModules = ["br_netfilter" "overlay"];
services.kubernetes.kubelet.hostname = with config.networking;
mkDefault (hostName + optionalString (domain != null) ".${domain}");
diff --git a/nixos/modules/services/networking/flannel.nix b/nixos/modules/services/networking/flannel.nix
index 4c040112d28..32a7eb3ed69 100644
--- a/nixos/modules/services/networking/flannel.nix
+++ b/nixos/modules/services/networking/flannel.nix
@@ -162,10 +162,7 @@ in {
NODE_NAME = cfg.nodeName;
};
path = [ pkgs.iptables ];
- preStart = ''
- mkdir -p /run/flannel
- touch /run/flannel/docker
- '' + optionalString (cfg.storageBackend == "etcd") ''
+ preStart = optionalString (cfg.storageBackend == "etcd") ''
echo "setting network configuration"
until ${pkgs.etcdctl}/bin/etcdctl set /coreos.com/network/config '${builtins.toJSON networkConfig}'
do
@@ -177,6 +174,7 @@ in {
ExecStart = "${cfg.package}/bin/flannel";
Restart = "always";
RestartSec = "10s";
+ RuntimeDirectory = "flannel";
};
};
diff --git a/nixos/modules/virtualisation/containerd.nix b/nixos/modules/virtualisation/containerd.nix
new file mode 100644
index 00000000000..194276d1695
--- /dev/null
+++ b/nixos/modules/virtualisation/containerd.nix
@@ -0,0 +1,60 @@
+{ pkgs, lib, config, ... }:
+let
+ cfg = config.virtualisation.containerd;
+ containerdConfigChecked = pkgs.runCommand "containerd-config-checked.toml" { nativeBuildInputs = [pkgs.containerd]; } ''
+ containerd -c ${cfg.configFile} config dump >/dev/null
+ ln -s ${cfg.configFile} $out
+ '';
+in
+{
+
+ options.virtualisation.containerd = with lib.types; {
+ enable = lib.mkEnableOption "containerd container runtime";
+
+ configFile = lib.mkOption {
+ default = null;
+ description = "path to containerd config file";
+ type = nullOr path;
+ };
+
+ args = lib.mkOption {
+ default = {};
+ description = "extra args to append to the containerd cmdline";
+ type = attrsOf str;
+ };
+ };
+
+ config = lib.mkIf cfg.enable {
+ virtualisation.containerd.args.config = lib.mkIf (cfg.configFile != null) (toString containerdConfigChecked);
+
+ environment.systemPackages = [pkgs.containerd];
+
+ systemd.services.containerd = {
+ description = "containerd - container runtime";
+ wantedBy = [ "multi-user.target" ];
+ after = [ "network.target" ];
+ path = with pkgs; [
+ containerd
+ runc
+ iptables
+ ];
+ serviceConfig = {
+ ExecStart = ''${pkgs.containerd}/bin/containerd ${lib.concatStringsSep " " (lib.cli.toGNUCommandLine {} cfg.args)}'';
+ Delegate = "yes";
+ KillMode = "process";
+ Type = "notify";
+ Restart = "always";
+ RestartSec = "5";
+ StartLimitBurst = "8";
+ StartLimitIntervalSec = "120s";
+
+ # "limits" defined below are adopted from upstream: https://github.com/containerd/containerd/blob/master/containerd.service
+ LimitNPROC = "infinity";
+ LimitCORE = "infinity";
+ LimitNOFILE = "infinity";
+ TasksMax = "infinity";
+ OOMScoreAdjust = "-999";
+ };
+ };
+ };
+}
diff --git a/nixos/tests/kubernetes/dns.nix b/nixos/tests/kubernetes/dns.nix
index 890499a0fb8..b6cd811c5ae 100644
--- a/nixos/tests/kubernetes/dns.nix
+++ b/nixos/tests/kubernetes/dns.nix
@@ -34,7 +34,7 @@ let
name = "redis";
tag = "latest";
contents = [ pkgs.redis pkgs.bind.host ];
- config.Entrypoint = "/bin/redis-server";
+ config.Entrypoint = ["/bin/redis-server"];
};
probePod = pkgs.writeText "probe-pod.json" (builtins.toJSON {
@@ -55,12 +55,11 @@ let
name = "probe";
tag = "latest";
contents = [ pkgs.bind.host pkgs.busybox ];
- config.Entrypoint = "/bin/tail";
+ config.Entrypoint = ["/bin/tail"];
};
- extraConfiguration = { config, pkgs, ... }: {
+ extraConfiguration = { config, pkgs, lib, ... }: {
environment.systemPackages = [ pkgs.bind.host ];
- # virtualisation.docker.extraOptions = "--dns=${config.services.kubernetes.addons.dns.clusterIp}";
services.dnsmasq.enable = true;
services.dnsmasq.servers = [
"/cluster.local/${config.services.kubernetes.addons.dns.clusterIp}#53"
@@ -77,7 +76,7 @@ let
# prepare machine1 for test
machine1.wait_until_succeeds("kubectl get node machine1.${domain} | grep -w Ready")
machine1.wait_until_succeeds(
- "docker load < ${redisImage}"
+ "${pkgs.gzip}/bin/zcat ${redisImage} | ${pkgs.containerd}/bin/ctr -n k8s.io image import -"
)
machine1.wait_until_succeeds(
"kubectl create -f ${redisPod}"
@@ -86,7 +85,7 @@ let
"kubectl create -f ${redisService}"
)
machine1.wait_until_succeeds(
- "docker load < ${probeImage}"
+ "${pkgs.gzip}/bin/zcat ${probeImage} | ${pkgs.containerd}/bin/ctr -n k8s.io image import -"
)
machine1.wait_until_succeeds(
"kubectl create -f ${probePod}"
@@ -118,7 +117,7 @@ let
# prepare machines for test
machine1.wait_until_succeeds("kubectl get node machine2.${domain} | grep -w Ready")
machine2.wait_until_succeeds(
- "docker load < ${redisImage}"
+ "${pkgs.gzip}/bin/zcat ${redisImage} | ${pkgs.containerd}/bin/ctr -n k8s.io image import -"
)
machine1.wait_until_succeeds(
"kubectl create -f ${redisPod}"
@@ -127,7 +126,7 @@ let
"kubectl create -f ${redisService}"
)
machine2.wait_until_succeeds(
- "docker load < ${probeImage}"
+ "${pkgs.gzip}/bin/zcat ${probeImage} | ${pkgs.containerd}/bin/ctr -n k8s.io image import -"
)
machine1.wait_until_succeeds(
"kubectl create -f ${probePod}"
diff --git a/nixos/tests/kubernetes/rbac.nix b/nixos/tests/kubernetes/rbac.nix
index c922da515d9..3fc8ed0fbe3 100644
--- a/nixos/tests/kubernetes/rbac.nix
+++ b/nixos/tests/kubernetes/rbac.nix
@@ -85,7 +85,7 @@ let
name = "kubectl";
tag = "latest";
contents = [ kubectl pkgs.busybox kubectlPod2 ];
- config.Entrypoint = "/bin/sh";
+ config.Entrypoint = ["/bin/sh"];
};
base = {
@@ -97,7 +97,7 @@ let
machine1.wait_until_succeeds("kubectl get node machine1.my.zyx | grep -w Ready")
machine1.wait_until_succeeds(
- "docker load < ${kubectlImage}"
+ "${pkgs.gzip}/bin/zcat ${kubectlImage} | ${pkgs.containerd}/bin/ctr -n k8s.io image import -"
)
machine1.wait_until_succeeds(
@@ -134,7 +134,7 @@ let
machine1.wait_until_succeeds("kubectl get node machine2.my.zyx | grep -w Ready")
machine2.wait_until_succeeds(
- "docker load < ${kubectlImage}"
+ "${pkgs.gzip}/bin/zcat ${kubectlImage} | ${pkgs.containerd}/bin/ctr -n k8s.io image import -"
)
machine1.wait_until_succeeds(
diff --git a/pkgs/applications/networking/cluster/kubernetes/default.nix b/pkgs/applications/networking/cluster/kubernetes/default.nix
index cb669615f63..c218e1b492b 100644
--- a/pkgs/applications/networking/cluster/kubernetes/default.nix
+++ b/pkgs/applications/networking/cluster/kubernetes/default.nix
@@ -77,8 +77,6 @@ stdenv.mkDerivation rec {
cp cluster/addons/addon-manager/kube-addons.sh $out/bin/kube-addons-lib.sh
- cp ${./mk-docker-opts.sh} $out/bin/mk-docker-opts.sh
-
for tool in kubeadm kubectl; do
installShellCompletion --cmd $tool \
--bash <($out/bin/$tool completion bash) \
diff --git a/pkgs/applications/networking/cluster/kubernetes/mk-docker-opts.sh b/pkgs/applications/networking/cluster/kubernetes/mk-docker-opts.sh
deleted file mode 100755
index 22a459f5134..00000000000
--- a/pkgs/applications/networking/cluster/kubernetes/mk-docker-opts.sh
+++ /dev/null
@@ -1,113 +0,0 @@
-#!/usr/bin/env bash
-
-# Copyright 2014 The Kubernetes Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# Generate Docker daemon options based on flannel env file.
-
-# exit on any error
-set -e
-
-usage() {
- echo "$0 [-f FLANNEL-ENV-FILE] [-d DOCKER-ENV-FILE] [-i] [-c] [-m] [-k COMBINED-KEY]
-
-Generate Docker daemon options based on flannel env file
-OPTIONS:
- -f Path to flannel env file. Defaults to /run/flannel/subnet.env
- -d Path to Docker env file to write to. Defaults to /run/docker_opts.env
- -i Output each Docker option as individual var. e.g. DOCKER_OPT_MTU=1500
- -c Output combined Docker options into DOCKER_OPTS var
- -k Set the combined options key to this value (default DOCKER_OPTS=)
- -m Do not output --ip-masq (useful for older Docker version)
-" >/dev/stderr
- exit 1
-}
-
-flannel_env="/run/flannel/subnet.env"
-docker_env="/run/docker_opts.env"
-combined_opts_key="DOCKER_OPTS"
-indiv_opts=false
-combined_opts=false
-ipmasq=true
-val=""
-
-while getopts "f:d:icmk:" opt; do
- case $opt in
- f)
- flannel_env=$OPTARG
- ;;
- d)
- docker_env=$OPTARG
- ;;
- i)
- indiv_opts=true
- ;;
- c)
- combined_opts=true
- ;;
- m)
- ipmasq=false
- ;;
- k)
- combined_opts_key=$OPTARG
- ;;
- \?)
- usage
- ;;
- esac
-done
-
-if [[ $indiv_opts = false ]] && [[ $combined_opts = false ]]; then
- indiv_opts=true
- combined_opts=true
-fi
-
-if [[ -f "${flannel_env}" ]]; then
- source "${flannel_env}"
-fi
-
-if [[ -n "$FLANNEL_SUBNET" ]]; then
- # shellcheck disable=SC2034 # Variable name referenced in OPT_LOOP below
- DOCKER_OPT_BIP="--bip=$FLANNEL_SUBNET"
-fi
-
-if [[ -n "$FLANNEL_MTU" ]]; then
- # shellcheck disable=SC2034 # Variable name referenced in OPT_LOOP below
- DOCKER_OPT_MTU="--mtu=$FLANNEL_MTU"
-fi
-
-if [[ "$FLANNEL_IPMASQ" = true ]] && [[ $ipmasq = true ]]; then
- # shellcheck disable=SC2034 # Variable name referenced in OPT_LOOP below
- DOCKER_OPT_IPMASQ="--ip-masq=false"
-fi
-
-eval docker_opts="\$${combined_opts_key}"
-docker_opts+=" "
-
-echo -n "" >"${docker_env}"
-
-# OPT_LOOP
-for opt in $(compgen -v DOCKER_OPT_); do
- eval val=\$"${opt}"
-
- if [[ "$indiv_opts" = true ]]; then
- echo "$opt=\"$val\"" >>"${docker_env}"
- fi
-
- docker_opts+="$val "
-done
-
-if [[ "$combined_opts" = true ]]; then
- echo "${combined_opts_key}=\"${docker_opts}\"" >>"${docker_env}"
-fi
From b79b4ab4cb5c57453f82175cbbd41a15b028f0d5 Mon Sep 17 00:00:00 2001
From: Masanori Ogino <167209+omasanori@users.noreply.github.com>
Date: Sun, 7 Mar 2021 12:24:15 +0900
Subject: [PATCH 49/51] kramdown-rfc2629: 1.2.13 -> 1.3.37
Signed-off-by: Masanori Ogino <167209+omasanori@users.noreply.github.com>
---
pkgs/tools/text/kramdown-rfc2629/Gemfile.lock | 4 +++-
pkgs/tools/text/kramdown-rfc2629/gemset.nix | 16 +++++++++++++---
2 files changed, 16 insertions(+), 4 deletions(-)
diff --git a/pkgs/tools/text/kramdown-rfc2629/Gemfile.lock b/pkgs/tools/text/kramdown-rfc2629/Gemfile.lock
index b50dc2fdbca..feab5cddf99 100644
--- a/pkgs/tools/text/kramdown-rfc2629/Gemfile.lock
+++ b/pkgs/tools/text/kramdown-rfc2629/Gemfile.lock
@@ -2,9 +2,11 @@ GEM
remote: https://rubygems.org/
specs:
certified (1.0.0)
+ json_pure (2.5.1)
kramdown (1.17.0)
- kramdown-rfc2629 (1.2.13)
+ kramdown-rfc2629 (1.3.37)
certified (~> 1.0)
+ json_pure (~> 2.0)
kramdown (~> 1.17.0)
PLATFORMS
diff --git a/pkgs/tools/text/kramdown-rfc2629/gemset.nix b/pkgs/tools/text/kramdown-rfc2629/gemset.nix
index bf0cf130c42..f0b6c39a359 100644
--- a/pkgs/tools/text/kramdown-rfc2629/gemset.nix
+++ b/pkgs/tools/text/kramdown-rfc2629/gemset.nix
@@ -9,6 +9,16 @@
};
version = "1.0.0";
};
+ json_pure = {
+ groups = ["default"];
+ platforms = [];
+ source = {
+ remotes = ["https://rubygems.org"];
+ sha256 = "030hmc268wchqsccbjk41hvbyg99krpa72i3q0y3wwqzfh8hi736";
+ type = "gem";
+ };
+ version = "2.5.1";
+ };
kramdown = {
groups = ["default"];
platforms = [];
@@ -20,14 +30,14 @@
version = "1.17.0";
};
kramdown-rfc2629 = {
- dependencies = ["certified" "kramdown"];
+ dependencies = ["certified" "json_pure" "kramdown"];
groups = ["default"];
platforms = [];
source = {
remotes = ["https://rubygems.org"];
- sha256 = "0s53m46qlcdakik0czvx0p41mk46l9l36331cps8gpf364wf3l9d";
+ sha256 = "16m08q5bgib3i54bb9p3inrxb1xksiybs9zj1rnncq492gcqqv4j";
type = "gem";
};
- version = "1.2.13";
+ version = "1.3.37";
};
}
From f003d2c9cecdb55e720967bc3d13931ef9145fc8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <Mic92@users.noreply.github.com>
Date: Sun, 7 Mar 2021 03:35:30 +0000
Subject: [PATCH 50/51] drone-runner-exec: init at unstable-2020-04-19
(#115003)
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
---
.../drone-runner-exec/default.nix | 26 +++++++++++++++++++
pkgs/top-level/all-packages.nix | 2 ++
2 files changed, 28 insertions(+)
create mode 100644 pkgs/development/tools/continuous-integration/drone-runner-exec/default.nix
diff --git a/pkgs/development/tools/continuous-integration/drone-runner-exec/default.nix b/pkgs/development/tools/continuous-integration/drone-runner-exec/default.nix
new file mode 100644
index 00000000000..373c6183725
--- /dev/null
+++ b/pkgs/development/tools/continuous-integration/drone-runner-exec/default.nix
@@ -0,0 +1,26 @@
+{ lib
+, buildGoModule
+, fetchFromGitHub
+}:
+
+buildGoModule rec {
+ pname = "drone-runner-exec";
+ version = "unstable-2020-04-19";
+
+ src = fetchFromGitHub {
+ owner = "drone-runners";
+ repo = "drone-runner-exec";
+ rev = "c0a612ef2bdfdc6d261dfbbbb005c887a0c3668d";
+ sha256 = "sha256-0UIJwpC5Y2TQqyZf6C6neICYBZdLQBWAZ8/K1l6KVRs=";
+ };
+
+ vendorSha256 = "sha256-ypYuQKxRhRQGX1HtaWt6F6BD9vBpD8AJwx/4esLrJsw=";
+
+ meta = with lib; {
+ description = "Drone pipeline runner that executes builds directly on the host machine";
+ homepage = "https://github.com/drone-runners/drone-runner-exec";
+ # https://polyformproject.org/licenses/small-business/1.0.0/
+ license = licenses.unfree;
+ maintainers = with maintainers; [ mic92 ];
+ };
+}
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 1cb21e4866a..4de12459f07 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -3782,6 +3782,8 @@ in
drone-cli = callPackage ../development/tools/continuous-integration/drone-cli { };
+ drone-runner-exec = callPackage ../development/tools/continuous-integration/drone-runner-exec { };
+
dropbear = callPackage ../tools/networking/dropbear { };
dsview = libsForQt5.callPackage ../applications/science/electronics/dsview { };
From 5a7d2375290d7f9be63a71381564196c640ee579 Mon Sep 17 00:00:00 2001
From: Zhaofeng Li <hello@zhaofeng.li>
Date: Sat, 6 Mar 2021 18:49:14 -0800
Subject: [PATCH 51/51] dpt-rp1-py: unstable-2018-10-16 -> 0.1.12
---
pkgs/tools/misc/dpt-rp1-py/default.nix | 13 +++++++++----
1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/pkgs/tools/misc/dpt-rp1-py/default.nix b/pkgs/tools/misc/dpt-rp1-py/default.nix
index 69b689fb824..cf3a9a42406 100644
--- a/pkgs/tools/misc/dpt-rp1-py/default.nix
+++ b/pkgs/tools/misc/dpt-rp1-py/default.nix
@@ -1,22 +1,27 @@
{ lib, python3Packages, fetchFromGitHub }:
python3Packages.buildPythonApplication rec {
pname = "dpt-rp1-py";
- version = "unstable-2018-10-16";
+ version = "0.1.12";
src = fetchFromGitHub {
owner = "janten";
repo = pname;
- rev = "4551b4432f8470de5f2ad9171105f731a6259395";
- sha256 = "176y5j31aci1vpi8v6r5ki55432fbdsazh9bsyzr90im9zimkffl";
+ rev = "v${version}";
+ sha256 = "0xw853s5bx2lr57w6ldfjzi1ppc6px66zd7hzk8y2kg82q6bnasq";
};
doCheck = false;
propagatedBuildInputs = with python3Packages; [
+ anytree
+ fusepy
httpsig
- requests
pbkdf2
+ pyyaml
+ requests
+ tqdm
urllib3
+ zeroconf
];
meta = with lib; {