public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/staging' into mb-cross-fixes-march-2020

Browse Source
This commit is contained in:
Matthew Bauer 2020-03-16 14:34:03 -04:00
commit 67b0ddf3f3
765 changed files with 16014 additions and 9655 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
doc/languages-frameworks/gnome.xml
View File

@ -233,7 +233,7 @@ mkDerivation {
</term> </term>
<listitem> <listitem>
<para> <para>
You can rely on applications depending on the library set the necessary environment variables but that it often easy to miss. Instead we recommend to patch the paths in the source code whenever possible. Here are some examples: You can rely on applications depending on the library setting the necessary environment variables but that is often easy to miss. Instead we recommend to patch the paths in the source code whenever possible. Here are some examples:
<itemizedlist> <itemizedlist>
<listitem xml:id="ssec-gnome-common-issues-unwrappable-package-gnome-shell-ext"> <listitem xml:id="ssec-gnome-common-issues-unwrappable-package-gnome-shell-ext">
<para> <para>

10
doc/languages-frameworks/rust.section.md
View File

@ -53,10 +53,12 @@ all crate sources of this package. Currently it is obtained by inserting a
fake checksum into the expression and building the package once. The correct fake checksum into the expression and building the package once. The correct
checksum can be then take from the failed build. checksum can be then take from the failed build.
When the `Cargo.lock`, provided by upstream, is not in sync with the Per the instructions in the [Cargo Book](https://doc.rust-lang.org/cargo/guide/cargo-toml-vs-cargo-lock.html)
`Cargo.toml`, it is possible to use `cargoPatches` to update it. All patches best practices guide, Rust applications should always commit the `Cargo.lock`
added in `cargoPatches` will also be prepended to the patches in `patches` at file in git to ensure a reproducible build. However, a few packages do not, and
build-time. Nix depends on this file, so if it missing you can use `cargoPatches` to apply
it in the `patchPhase`. Consider sending a PR upstream with a note to the
maintainer describing why it's important to include in the application.
Unless `legacyCargoFetcher` is set to `true`, the fetcher will also verify that Unless `legacyCargoFetcher` is set to `true`, the fetcher will also verify that
the `Cargo.lock` file is in sync with the `src` attribute, and will compress the the `Cargo.lock` file is in sync with the `src` attribute, and will compress the

7
lib/customisation.nix
View File

@ -131,7 +131,12 @@ rec {
origArgs = auto // args; origArgs = auto // args;
pkgs = f origArgs; pkgs = f origArgs;
mkAttrOverridable = name: _: makeOverridable (newArgs: (f newArgs).${name}) origArgs; mkAttrOverridable = name: _: makeOverridable (newArgs: (f newArgs).${name}) origArgs;
in lib.mapAttrs mkAttrOverridable pkgs; in
if lib.isDerivation pkgs then throw
("function `callPackages` was called on a *single* derivation "
+ ''"${pkgs.name or "<unknown-name>"}";''
+ " did you mean to use `callPackage` instead?")
else lib.mapAttrs mkAttrOverridable pkgs;
/* Add attributes to each output of a derivation without changing /* Add attributes to each output of a derivation without changing

4
lib/default.nix
View File

@ -24,6 +24,7 @@ let
# packaging # packaging
customisation = callLibs ./customisation.nix; customisation = callLibs ./customisation.nix;
maintainers = import ../maintainers/maintainer-list.nix; maintainers = import ../maintainers/maintainer-list.nix;
teams = callLibs ../maintainers/team-list.nix;
meta = callLibs ./meta.nix; meta = callLibs ./meta.nix;
sources = callLibs ./sources.nix; sources = callLibs ./sources.nix;
versions = callLibs ./versions.nix; versions = callLibs ./versions.nix;
@ -55,6 +56,9 @@ let
# back-compat aliases # back-compat aliases
platforms = systems.doubles; platforms = systems.doubles;
# linux kernel configuration
kernel = callLibs ./kernel.nix;
inherit (builtins) add addErrorContext attrNames concatLists inherit (builtins) add addErrorContext attrNames concatLists
deepSeq elem elemAt filter genericClosure genList getAttr deepSeq elem elemAt filter genericClosure genList getAttr
hasAttr head isAttrs isBool isInt isList isString length hasAttr head isAttrs isBool isInt isList isString length

18
lib/generators.nix
View File

@ -76,10 +76,14 @@ rec {
* mkKeyValue is the same as in toINI. * mkKeyValue is the same as in toINI.
*/ */
toKeyValue = { toKeyValue = {
mkKeyValue ? mkKeyValueDefault {} "=" mkKeyValue ? mkKeyValueDefault {} "=",
}: attrs: listsAsDuplicateKeys ? false
let mkLine = k: v: mkKeyValue k v + "\n"; }:
in libStr.concatStrings (libAttr.mapAttrsToList mkLine attrs); let mkLine = k: v: mkKeyValue k v + "\n";
mkLines = if listsAsDuplicateKeys
then k: v: map (mkLine k) (if lib.isList v then v else [v])
else k: v: [ (mkLine k v) ];
in attrs: libStr.concatStrings (lib.concatLists (libAttr.mapAttrsToList mkLines attrs));
/* Generate an INI-style config file from an /* Generate an INI-style config file from an
@ -106,7 +110,9 @@ rec {
# apply transformations (e.g. escapes) to section names # apply transformations (e.g. escapes) to section names
mkSectionName ? (name: libStr.escape [ "[" "]" ] name), mkSectionName ? (name: libStr.escape [ "[" "]" ] name),
# format a setting line from key and value # format a setting line from key and value
mkKeyValue ? mkKeyValueDefault {} "=" mkKeyValue ? mkKeyValueDefault {} "=",
# allow lists as values for duplicate keys
listsAsDuplicateKeys ? false
}: attrsOfAttrs: }: attrsOfAttrs:
let let
# map function to string for each key val # map function to string for each key val
@ -115,7 +121,7 @@ rec {
(libAttr.mapAttrsToList mapFn attrs); (libAttr.mapAttrsToList mapFn attrs);
mkSection = sectName: sectValues: '' mkSection = sectName: sectValues: ''
[${mkSectionName sectName}] [${mkSectionName sectName}]
'' + toKeyValue { inherit mkKeyValue; } sectValues; '' + toKeyValue { inherit mkKeyValue listsAsDuplicateKeys; } sectValues;
in in
# map input to ini sections # map input to ini sections
mapAttrsToStringsSep "\n" mkSection attrsOfAttrs; mapAttrsToStringsSep "\n" mkSection attrsOfAttrs;

17
lib/kernel.nix
View File

@ -1,12 +1,7 @@
{ lib, version }: { lib }:
with lib; with lib;
{ {
# Common patterns/legacy
whenAtLeast = ver: mkIf (versionAtLeast version ver);
whenOlder = ver: mkIf (versionOlder version ver);
# range is (inclusive, exclusive)
whenBetween = verLow: verHigh: mkIf (versionAtLeast version verLow && versionOlder version verHigh);
# Keeping these around in case we decide to change this horrible implementation :) # Keeping these around in case we decide to change this horrible implementation :)
@ -18,4 +13,14 @@ with lib;
module = { tristate = "m"; }; module = { tristate = "m"; };
freeform = x: { freeform = x; }; freeform = x: { freeform = x; };
/*
Common patterns/legacy used in common-config/hardened-config.nix
*/
whenHelpers = version: {
whenAtLeast = ver: mkIf (versionAtLeast version ver);
whenOlder = ver: mkIf (versionOlder version ver);
# range is (inclusive, exclusive)
whenBetween = verLow: verHigh: mkIf (versionAtLeast version verLow && versionOlder version verHigh);
};
} }

12
lib/tests/misc.nix
View File

@ -348,6 +348,18 @@ runTests {
''; '';
}; };
testToINIDuplicateKeys = {
expr = generators.toINI { listsAsDuplicateKeys = true; } { foo.bar = true; baz.qux = [ 1 false ]; };
expected = ''
[baz]
qux=1
qux=false
[foo]
bar=true
'';
};
testToINIDefaultEscapes = { testToINIDefaultEscapes = {
expr = generators.toINI {} { expr = generators.toINI {} {
"no [ and ] allowed unescaped" = { "no [ and ] allowed unescaped" = {

169
maintainers/maintainer-list.nix
View File

@ -1,5 +1,5 @@
/* List of NixOS maintainers. /* List of NixOS maintainers.
```nix
handle = { handle = {
# Required # Required
name = "Your name"; name = "Your name";
@ -13,32 +13,33 @@
fingerprint = "AAAA BBBB CCCC DDDD EEEE FFFF 0000 1111 2222 3333"; fingerprint = "AAAA BBBB CCCC DDDD EEEE FFFF 0000 1111 2222 3333";
}]; }];
}; };
```
where where
- `handle` is the handle you are going to use in nixpkgs expressions, - `handle` is the handle you are going to use in nixpkgs expressions,
- `name` is your, preferably real, name, - `name` is your, preferably real, name,
- `email` is your maintainer email address, and - `email` is your maintainer email address, and
- `github` is your GitHub handle (as it appears in the URL of your profile page, `https://github.com/<userhandle>`), - `github` is your GitHub handle (as it appears in the URL of your profile page, `https://github.com/<userhandle>`),
- `githubId` is your GitHub user ID, which can be found at `https://api.github.com/users/<userhandle>`, - `githubId` is your GitHub user ID, which can be found at `https://api.github.com/users/<userhandle>`,
- `keys` is a list of your PGP/GPG key IDs and fingerprints. - `keys` is a list of your PGP/GPG key IDs and fingerprints.
`handle == github` is strongly preferred whenever `github` is an acceptable attribute name and is short and convenient. `handle == github` is strongly preferred whenever `github` is an acceptable attribute name and is short and convenient.
Add PGP/GPG keys only if you actually use them to sign commits and/or mail. Add PGP/GPG keys only if you actually use them to sign commits and/or mail.
To get the required PGP/GPG values for a key run To get the required PGP/GPG values for a key run
```shell ```shell
gpg --keyid-format 0xlong --fingerprint <email> | head -n 2 gpg --keyid-format 0xlong --fingerprint <email> | head -n 2
``` ```
!!! Note that PGP/GPG values stored here are for informational purposes only, don't use this file as a source of truth. !!! Note that PGP/GPG values stored here are for informational purposes only, don't use this file as a source of truth.
More fields may be added in the future. More fields may be added in the future.
Please keep the list alphabetically sorted. Please keep the list alphabetically sorted.
See `./scripts/check-maintainer-github-handles.sh` for an example on how to work with this data. See `./scripts/check-maintainer-github-handles.sh` for an example on how to work with this data.
*/ */
{ {
"0x4A6F" = { "0x4A6F" = {
email = "0x4A6F@shackspace.de"; email = "0x4A6F@shackspace.de";
@ -1572,10 +1573,12 @@
githubId = 2217136; githubId = 2217136;
name = "Ștefan D. Mihăilă"; name = "Ștefan D. Mihăilă";
keys = [ keys = [
{ longkeyid = "rsa4096/6E68A39BF16A3ECB"; {
longkeyid = "rsa4096/6E68A39BF16A3ECB";
fingerprint = "CBC9 C7CC 51F0 4A61 3901 C723 6E68 A39B F16A 3ECB"; fingerprint = "CBC9 C7CC 51F0 4A61 3901 C723 6E68 A39B F16A 3ECB";
} }
{ longkeyid = "rsa4096/6220AD7846220A52"; {
longkeyid = "rsa4096/6220AD7846220A52";
fingerprint = "7EAB 1447 5BBA 7DDE 7092 7276 6220 AD78 4622 0A52"; fingerprint = "7EAB 1447 5BBA 7DDE 7092 7276 6220 AD78 4622 0A52";
} }
]; ];
@ -1792,7 +1795,7 @@
name = "Didier J. Devroye"; name = "Didier J. Devroye";
}; };
devhell = { devhell = {
email = "\"^\"@regexmail.net"; email = ''"^"@regexmail.net'';
github = "devhell"; github = "devhell";
githubId = 896182; githubId = 896182;
name = "devhell"; name = "devhell";
@ -1958,7 +1961,7 @@
drewrisinger = { drewrisinger = {
email = "drisinger+nixpkgs@gmail.com"; email = "drisinger+nixpkgs@gmail.com";
github = "drewrisinger"; github = "drewrisinger";
gitHubId = 10198051; githubId = 10198051;
name = "Drew Risinger"; name = "Drew Risinger";
}; };
dsferruzza = { dsferruzza = {
@ -2131,7 +2134,7 @@
}; };
ehmry = { ehmry = {
email = "ehmry@posteo.net"; email = "ehmry@posteo.net";
github= "ehmry"; github = "ehmry";
githubId = 537775; githubId = 537775;
name = "Emery Hemingway"; name = "Emery Hemingway";
}; };
@ -2219,10 +2222,10 @@
name = "Jack Kelly"; name = "Jack Kelly";
}; };
enorris = { enorris = {
name = "Eric Norris"; name = "Eric Norris";
email = "erictnorris@gmail.com"; email = "erictnorris@gmail.com";
github = "ericnorris"; github = "ericnorris";
githubId = 1906605; githubId = 1906605;
}; };
Enteee = { Enteee = {
email = "nix@duckpond.ch"; email = "nix@duckpond.ch";
@ -2891,7 +2894,7 @@
github = "hansjoergschurr"; github = "hansjoergschurr";
githubId = 9850776; githubId = 9850776;
name = "Hans-Jörg Schurr"; name = "Hans-Jörg Schurr";
}; };
HaoZeke = { HaoZeke = {
email = "r95g10@gmail.com"; email = "r95g10@gmail.com";
github = "haozeke"; github = "haozeke";
@ -3096,6 +3099,12 @@
githubId = 4401220; githubId = 4401220;
name = "Michael Eden"; name = "Michael Eden";
}; };
illiusdope = {
email = "mat@marini.ca";
github = "illiusdope";
githubId = 61913481;
name = "Mat Marini";
};
ilya-fedin = { ilya-fedin = {
email = "fedin-ilja2010@ya.ru"; email = "fedin-ilja2010@ya.ru";
github = "ilya-fedin"; github = "ilya-fedin";
@ -3590,6 +3599,12 @@
github = "jorsn"; github = "jorsn";
githubId = 4646725; githubId = 4646725;
}; };
joshuafern = {
name = "Joshua Fern";
email = "joshuafern@protonmail.com";
github = "JoshuaFern";
githubId = 4300747;
};
jpas = { jpas = {
name = "Jarrod Pas"; name = "Jarrod Pas";
email = "jarrod@jarrodpas.com"; email = "jarrod@jarrodpas.com";
@ -4212,10 +4227,10 @@
}]; }];
}; };
luis = { luis = {
email = "luis.nixos@gmail.com"; email = "luis.nixos@gmail.com";
github = "Luis-Hebendanz"; github = "Luis-Hebendanz";
githubId = 22085373; githubId = 22085373;
name = "Luis Hebendanz"; name = "Luis Hebendanz";
}; };
lionello = { lionello = {
email = "lio@lunesu.com"; email = "lio@lunesu.com";
@ -4458,12 +4473,12 @@
githubId = 50230945; githubId = 50230945;
name = "Marcus Boyd"; name = "Marcus Boyd";
}; };
marenz = { marenz = {
email = "marenz@arkom.men"; email = "marenz@arkom.men";
github = "marenz2569"; github = "marenz2569";
githubId = 12773269; githubId = 12773269;
name = "Markus Schmidl"; name = "Markus Schmidl";
}; };
markus1189 = { markus1189 = {
email = "markus1189@gmail.com"; email = "markus1189@gmail.com";
github = "markus1189"; github = "markus1189";
@ -4532,6 +4547,12 @@
githubId = 1711539; githubId = 1711539;
name = "matklad"; name = "matklad";
}; };
matt-snider = {
email = "matt.snider@protonmail.com";
github = "matt-snider";
githubId = 11810057;
name = "Matt Snider";
};
matthewbauer = { matthewbauer = {
email = "mjbauer95@gmail.com"; email = "mjbauer95@gmail.com";
github = "matthewbauer"; github = "matthewbauer";
@ -4707,7 +4728,7 @@
githubId = 668926; githubId = 668926;
name = "Maximilian Güntner"; name = "Maximilian Güntner";
}; };
mhaselsteiner = { mhaselsteiner = {
email = "magdalena.haselsteiner@gmx.at"; email = "magdalena.haselsteiner@gmx.at";
github = "mhaselsteiner"; github = "mhaselsteiner";
githubId = 20536514; githubId = 20536514;
@ -4872,11 +4893,11 @@
mmilata = { mmilata = {
email = "martin@martinmilata.cz"; email = "martin@martinmilata.cz";
github = "mmilata"; github = "mmilata";
gitHubId = 85857; githubId = 85857;
name = "Martin Milata"; name = "Martin Milata";
}; };
mmlb = { mmlb = {
email = "me.mmlb@mmlb.me"; email = "manny@peekaboo.mmlb.icu";
github = "mmlb"; github = "mmlb";
name = "Manuel Mendez"; name = "Manuel Mendez";
}; };
@ -5492,6 +5513,12 @@
githubId = 11016164; githubId = 11016164;
name = "Fedor Pakhomov"; name = "Fedor Pakhomov";
}; };
paluh = {
email = "paluho@gmail.com";
github = "paluh";
githubId = 190249;
name = "Tomasz Rybarczyk";
};
pamplemousse = { pamplemousse = {
email = "xav.maso@gmail.com"; email = "xav.maso@gmail.com";
github = "Pamplemousse"; github = "Pamplemousse";
@ -5765,11 +5792,10 @@
github = "pradyuman"; github = "pradyuman";
githubId = 9904569; githubId = 9904569;
name = "Pradyuman Vig"; name = "Pradyuman Vig";
keys = [ keys = [{
{ longkeyid = "rsa4096/4F74D5361C4CA31E"; longkeyid = "rsa4096/4F74D5361C4CA31E";
fingerprint = "240B 57DE 4271 2480 7CE3 EAC8 4F74 D536 1C4C A31E"; fingerprint = "240B 57DE 4271 2480 7CE3 EAC8 4F74 D536 1C4C A31E";
} }];
];
}; };
prikhi = { prikhi = {
email = "pavan.rikhi@gmail.com"; email = "pavan.rikhi@gmail.com";
@ -5783,10 +5809,12 @@
githubId = 7537109; githubId = 7537109;
name = "Michael Weiss"; name = "Michael Weiss";
keys = [ keys = [
{ longkeyid = "ed25519/0x130826A6C2A389FD"; # Git only {
longkeyid = "ed25519/0x130826A6C2A389FD"; # Git only
fingerprint = "86A7 4A55 07D0 58D1 322E 37FD 1308 26A6 C2A3 89FD"; fingerprint = "86A7 4A55 07D0 58D1 322E 37FD 1308 26A6 C2A3 89FD";
} }
{ longkeyid = "rsa3072/0xBCA9943DD1DF4C04"; # Email, etc. {
longkeyid = "rsa3072/0xBCA9943DD1DF4C04"; # Email, etc.
fingerprint = "AF85 991C C950 49A2 4205 1933 BCA9 943D D1DF 4C04"; fingerprint = "AF85 991C C950 49A2 4205 1933 BCA9 943D D1DF 4C04";
} }
]; ];
@ -5881,6 +5909,12 @@
githubId = 4579165; githubId = 4579165;
name = "Danny Bautista"; name = "Danny Bautista";
}; };
peelz = {
email = "peelz.dev+nixpkgs@gmail.com";
github = "louistakepillz";
githubId = 920910;
name = "peelz";
};
q3k = { q3k = {
email = "q3k@q3k.org"; email = "q3k@q3k.org";
github = "q3k"; github = "q3k";
@ -6146,12 +6180,10 @@
github = "rnhmjoj"; github = "rnhmjoj";
githubId = 2817565; githubId = 2817565;
name = "Michele Guerini Rocco"; name = "Michele Guerini Rocco";
keys = keys = [{
[ longkeyid = "ed25519/0xBFBAF4C975F76450";
{ longkeyid = "ed25519/0xBFBAF4C975F76450"; fingerprint = "92B2 904F D293 C94D C4C9 3E6B BFBA F4C9 75F7 6450";
fingerprint = "92B2 904F D293 C94D C4C9 3E6B BFBA F4C9 75F7 6450"; }];
}
];
}; };
rob = { rob = {
email = "rob.vermaas@gmail.com"; email = "rob.vermaas@gmail.com";
@ -6356,10 +6388,10 @@
}]; }];
}; };
samrose = { samrose = {
email = "samuel.rose@gmail.com"; email = "samuel.rose@gmail.com";
github = "samrose"; github = "samrose";
githubId = 115821; githubId = 115821;
name = "Sam Rose"; name = "Sam Rose";
}; };
samueldr = { samueldr = {
email = "samuel@dionne-riel.com"; email = "samuel@dionne-riel.com";
@ -6671,6 +6703,12 @@
githubId = 848812; githubId = 848812;
name = "Stephan Jau"; name = "Stephan Jau";
}; };
sjfloat = {
email = "steve+nixpkgs@jonescape.com";
github = "sjfloat";
githubId = 216167;
name = "Steve Jones";
};
sjmackenzie = { sjmackenzie = {
email = "setori88@gmail.com"; email = "setori88@gmail.com";
github = "sjmackenzie"; github = "sjmackenzie";
@ -7229,6 +7267,12 @@
githubId = 844343; githubId = 844343;
name = "Thiago K. Okada"; name = "Thiago K. Okada";
}; };
thmzlt = {
email = "git@thomazleite.com";
github = "thmzlt";
githubId = 7709;
name = "Thomaz Leite";
};
ThomasMader = { ThomasMader = {
email = "thomas.mader@gmail.com"; email = "thomas.mader@gmail.com";
github = "ThomasMader"; github = "ThomasMader";
@ -7304,10 +7348,10 @@
github = "tkerber"; github = "tkerber";
githubId = 5722198; githubId = 5722198;
name = "Thomas Kerber"; name = "Thomas Kerber";
keys = [ { keys = [{
longkeyid = "rsa4096/0x8489B911F9ED617B"; longkeyid = "rsa4096/0x8489B911F9ED617B";
fingerprint = "556A 403F B0A2 D423 F656 3424 8489 B911 F9ED 617B"; fingerprint = "556A 403F B0A2 D423 F656 3424 8489 B911 F9ED 617B";
} ]; }];
}; };
tmplt = { tmplt = {
email = "tmplt@dragons.rocks"; email = "tmplt@dragons.rocks";
@ -7587,7 +7631,8 @@
}; };
vcunat = { vcunat = {
name = "Vladimír Čunát"; name = "Vladimír Čunát";
email = "v@cunat.cz"; # vcunat@gmail.com predominated in commits before 2019/03 # vcunat@gmail.com predominated in commits before 2019/03
email = "v@cunat.cz";
github = "vcunat"; github = "vcunat";
githubId = 1785925; githubId = 1785925;
keys = [{ keys = [{

24
maintainers/team-list.nix Normal file
View File

@ -0,0 +1,24 @@
/* List of maintainer teams.
name = {
# Required
members = [ maintainer1 maintainer2 ];
scope = "Maintain foo packages.";
};
where
- `members` is the list of maintainers belonging to the group,
- `scope` describes the scope of the group.
More fields may be added in the future.
Please keep the list alphabetically sorted.
*/
{ lib }:
with lib.maintainers; {
freedesktop = {
members = [ jtojnar worldofpeace ];
scope = "Maintain Freedesktop.org packages for graphical desktop.";
};
}

5
nixos/doc/manual/release-notes/rl-2009.xml
View File

@ -23,6 +23,11 @@
Support is planned until the end of April 2021, handing over to 21.03. Support is planned until the end of April 2021, handing over to 21.03.
</para> </para>
</listitem> </listitem>
<listitem>
<para>
PHP now defaults to PHP 7.4, updated from 7.3.
</para>
</listitem>
</itemizedlist> </itemizedlist>
</section> </section>

6
nixos/lib/eval-config.nix
View File

@ -41,6 +41,12 @@ let
# default to the argument. That way this new default could propagate all # default to the argument. That way this new default could propagate all
# they way through, but has the last priority behind everything else. # they way through, but has the last priority behind everything else.
nixpkgs.system = lib.mkDefault system; nixpkgs.system = lib.mkDefault system;
# Stash the value of the `system` argument. When using `nesting.children`
# we want to have the same default value behavior (immediately above)
# without any interference from the user's configuration.
nixpkgs.initialSystem = system;
_module.args.pkgs = lib.mkIf (pkgs_ != null) (lib.mkForce pkgs_); _module.args.pkgs = lib.mkIf (pkgs_ != null) (lib.mkForce pkgs_);
}; };
}; };

4
nixos/lib/testing-python.nix
View File

@ -175,13 +175,13 @@ in rec {
nodeNames = builtins.attrNames nodes; nodeNames = builtins.attrNames nodes;
invalidNodeNames = lib.filter invalidNodeNames = lib.filter
(node: builtins.match "^[A-z_][A-z0-9_]+$" node == null) nodeNames; (node: builtins.match "^[A-z_]([A-z0-9_]+)?$" node == null) nodeNames;
in in
if lib.length invalidNodeNames > 0 then if lib.length invalidNodeNames > 0 then
throw '' throw ''
Cannot create machines out of (${lib.concatStringsSep ", " invalidNodeNames})! Cannot create machines out of (${lib.concatStringsSep ", " invalidNodeNames})!
All machines are referenced as perl variables in the testing framework which will break the All machines are referenced as python variables in the testing framework which will break the
script when special characters are used. script when special characters are used.
Please stick to alphanumeric chars and underscores as separation. Please stick to alphanumeric chars and underscores as separation.

2
nixos/lib/utils.nix
View File

@ -14,7 +14,7 @@ rec {
# becomes dev-xyzzy. FIXME: slow. # becomes dev-xyzzy. FIXME: slow.
escapeSystemdPath = s: escapeSystemdPath = s:
replaceChars ["/" "-" " "] ["-" "\\x2d" "\\x20"] replaceChars ["/" "-" " "] ["-" "\\x2d" "\\x20"]
(if hasPrefix "/" s then substring 1 (stringLength s) s else s); (removePrefix "/" s);
# Returns a system path for a given shell package # Returns a system path for a given shell package
toShellPath = shell: toShellPath = shell:

27
nixos/modules/config/networking.nix
View File

@ -35,12 +35,22 @@ in
''; '';
}; };
networking.hostFiles = lib.mkOption {
type = types.listOf types.path;
defaultText = lib.literalExample "Hosts from `networking.hosts` and `networking.extraHosts`";
example = lib.literalExample ''[ "''${pkgs.my-blocklist-package}/share/my-blocklist/hosts" ]'';
description = ''
Files that should be concatenated together to form <filename>/etc/hosts</filename>.
'';
};
networking.extraHosts = lib.mkOption { networking.extraHosts = lib.mkOption {
type = types.lines; type = types.lines;
default = ""; default = "";
example = "192.168.0.1 lanlocalhost"; example = "192.168.0.1 lanlocalhost";
description = '' description = ''
Additional verbatim entries to be appended to <filename>/etc/hosts</filename>. Additional verbatim entries to be appended to <filename>/etc/hosts</filename>.
For adding hosts from derivation results, use <option>networking.hostFiles</option> instead.
''; '';
}; };
@ -159,6 +169,15 @@ in
"::1" = [ "localhost" ]; "::1" = [ "localhost" ];
}; };
networking.hostFiles = let
stringHosts =
let
oneToString = set: ip: ip + " " + concatStringsSep " " set.${ip} + "\n";
allToString = set: concatMapStrings (oneToString set) (attrNames set);
in pkgs.writeText "string-hosts" (allToString (filterAttrs (_: v: v != []) cfg.hosts));
extraHosts = pkgs.writeText "extra-hosts" cfg.extraHosts;
in mkBefore [ stringHosts extraHosts ];
environment.etc = environment.etc =
{ # /etc/services: TCP/UDP port assignments. { # /etc/services: TCP/UDP port assignments.
services.source = pkgs.iana-etc + "/etc/services"; services.source = pkgs.iana-etc + "/etc/services";
@ -167,12 +186,8 @@ in
protocols.source = pkgs.iana-etc + "/etc/protocols"; protocols.source = pkgs.iana-etc + "/etc/protocols";
# /etc/hosts: Hostname-to-IP mappings. # /etc/hosts: Hostname-to-IP mappings.
hosts.text = let hosts.source = pkgs.runCommandNoCC "hosts" {} ''
oneToString = set: ip: ip + " " + concatStringsSep " " set.${ip}; cat ${escapeShellArgs cfg.hostFiles} > $out
allToString = set: concatMapStringsSep "\n" (oneToString set) (attrNames set);
in ''
${allToString (filterAttrs (_: v: v != []) cfg.hosts)}
${cfg.extraHosts}
''; '';
# /etc/host.conf: resolver configuration file # /etc/host.conf: resolver configuration file

4
nixos/modules/misc/ids.nix
View File

@ -133,7 +133,7 @@ in
tcpcryptd = 93; # tcpcryptd uses a hard-coded uid. We patch it in Nixpkgs to match this choice. tcpcryptd = 93; # tcpcryptd uses a hard-coded uid. We patch it in Nixpkgs to match this choice.
firebird = 95; firebird = 95;
#keys = 96; # unused #keys = 96; # unused
#haproxy = 97; # DynamicUser as of 2019-11-08 #haproxy = 97; # dynamically allocated as of 2020-03-11
mongodb = 98; mongodb = 98;
openldap = 99; openldap = 99;
#users = 100; # unused #users = 100; # unused
@ -448,7 +448,7 @@ in
#tcpcryptd = 93; # unused #tcpcryptd = 93; # unused
firebird = 95; firebird = 95;
keys = 96; keys = 96;
#haproxy = 97; # DynamicUser as of 2019-11-08 #haproxy = 97; # dynamically allocated as of 2020-03-11
#mongodb = 98; # unused #mongodb = 98; # unused
openldap = 99; openldap = 99;
munin = 102; munin = 102;

8
nixos/modules/misc/nixpkgs.nix
View File

@ -216,6 +216,14 @@ in
Ignored when <code>nixpkgs.pkgs</code> is set. Ignored when <code>nixpkgs.pkgs</code> is set.
''; '';
}; };
initialSystem = mkOption {
type = types.str;
internal = true;
description = ''
Preserved value of <literal>system</literal> passed to <literal>eval-config.nix</literal>.
'';
};
}; };
config = { config = {

2
nixos/modules/module-list.nix
View File

@ -297,6 +297,7 @@
./services/desktops/geoclue2.nix ./services/desktops/geoclue2.nix
./services/desktops/gsignond.nix ./services/desktops/gsignond.nix
./services/desktops/gvfs.nix ./services/desktops/gvfs.nix
./services/desktops/malcontent.nix
./services/desktops/pipewire.nix ./services/desktops/pipewire.nix
./services/desktops/gnome3/at-spi2-core.nix ./services/desktops/gnome3/at-spi2-core.nix
./services/desktops/gnome3/chrome-gnome-shell.nix ./services/desktops/gnome3/chrome-gnome-shell.nix
@ -405,6 +406,7 @@
./services/mail/sympa.nix ./services/mail/sympa.nix
./services/mail/nullmailer.nix ./services/mail/nullmailer.nix
./services/misc/airsonic.nix ./services/misc/airsonic.nix
./services/misc/ankisyncd.nix
./services/misc/apache-kafka.nix ./services/misc/apache-kafka.nix
./services/misc/autofs.nix ./services/misc/autofs.nix
./services/misc/autorandr.nix ./services/misc/autorandr.nix

30
nixos/modules/programs/firejail.nix
View File

@ -5,28 +5,34 @@ with lib;
let let
cfg = config.programs.firejail; cfg = config.programs.firejail;
wrappedBins = pkgs.stdenv.mkDerivation { wrappedBins = pkgs.runCommand "firejail-wrapped-binaries"
name = "firejail-wrapped-binaries"; { preferLocalBuild = true;
nativeBuildInputs = with pkgs; [ makeWrapper ]; allowSubstitutes = false;
buildCommand = '' }
''
mkdir -p $out/bin mkdir -p $out/bin
${lib.concatStringsSep "\n" (lib.mapAttrsToList (command: binary: '' ${lib.concatStringsSep "\n" (lib.mapAttrsToList (command: binary: ''
cat <<_EOF >$out/bin/${command} cat <<_EOF >$out/bin/${command}
#!${pkgs.stdenv.shell} -e #! ${pkgs.runtimeShell} -e
/run/wrappers/bin/firejail ${binary} "\$@" exec /run/wrappers/bin/firejail ${binary} "\$@"
_EOF _EOF
chmod 0755 $out/bin/${command} chmod 0755 $out/bin/${command}
'') cfg.wrappedBinaries)} '') cfg.wrappedBinaries)}
''; '';
};
in { in {
options.programs.firejail = { options.programs.firejail = {
enable = mkEnableOption "firejail"; enable = mkEnableOption "firejail";
wrappedBinaries = mkOption { wrappedBinaries = mkOption {
type = types.attrs; type = types.attrsOf types.path;
default = {}; default = {};
example = literalExample ''
{
firefox = "''${lib.getBin pkgs.firefox}/bin/firefox";
mpv = "''${lib.getBin pkgs.mpv}/bin/mpv";
}
'';
description = '' description = ''
Wrap the binaries in firejail and place them in the global path. Wrap the binaries in firejail and place them in the global path.
</para> </para>
@ -41,7 +47,7 @@ in {
config = mkIf cfg.enable { config = mkIf cfg.enable {
security.wrappers.firejail.source = "${lib.getBin pkgs.firejail}/bin/firejail"; security.wrappers.firejail.source = "${lib.getBin pkgs.firejail}/bin/firejail";
environment.systemPackages = [ wrappedBins ]; environment.systemPackages = [ pkgs.firejail ] ++ [ wrappedBins ];
}; };
meta.maintainers = with maintainers; [ peterhoeg ]; meta.maintainers = with maintainers; [ peterhoeg ];

12
nixos/modules/rename.nix
View File

@ -21,12 +21,12 @@ with lib;
(mkRemovedOptionModule [ "services" "firefox" "syncserver" "group" ] "") (mkRemovedOptionModule [ "services" "firefox" "syncserver" "group" ] "")
(mkRemovedOptionModule [ "services" "winstone" ] "The corresponding package was removed from nixpkgs.") (mkRemovedOptionModule [ "services" "winstone" ] "The corresponding package was removed from nixpkgs.")
(mkRemovedOptionModule [ "networking" "vpnc" ] "Use environment.etc.\"vpnc/service.conf\" instead.") (mkRemovedOptionModule [ "networking" "vpnc" ] "Use environment.etc.\"vpnc/service.conf\" instead.")
(mkRemovedOptionModule [ "environment.blcr.enable" ] "The BLCR module has been removed") (mkRemovedOptionModule [ "environment" "blcr" "enable" ] "The BLCR module has been removed")
(mkRemovedOptionModule [ "services.beegfsEnable" ] "The BeeGFS module has been removed") (mkRemovedOptionModule [ "services" "beegfsEnable" ] "The BeeGFS module has been removed")
(mkRemovedOptionModule [ "services.beegfs" ] "The BeeGFS module has been removed") (mkRemovedOptionModule [ "services" "beegfs" ] "The BeeGFS module has been removed")
(mkRemovedOptionModule [ "services.osquery" ] "The osquery module has been removed") (mkRemovedOptionModule [ "services" "osquery" ] "The osquery module has been removed")
(mkRemovedOptionModule [ "services.fourStore" ] "The fourStore module has been removed") (mkRemovedOptionModule [ "services" "fourStore" ] "The fourStore module has been removed")
(mkRemovedOptionModule [ "services.fourStoreEndpoint" ] "The fourStoreEndpoint module has been removed") (mkRemovedOptionModule [ "services" "fourStoreEndpoint" ] "The fourStoreEndpoint module has been removed")
(mkRemovedOptionModule [ "programs" "way-cooler" ] ("way-cooler is abandoned by its author: " + (mkRemovedOptionModule [ "programs" "way-cooler" ] ("way-cooler is abandoned by its author: " +
"https://way-cooler.org/blog/2020/01/09/way-cooler-post-mortem.html")) "https://way-cooler.org/blog/2020/01/09/way-cooler-post-mortem.html"))
(mkRemovedOptionModule [ "services" "xserver" "multitouch" ] '' (mkRemovedOptionModule [ "services" "xserver" "multitouch" ] ''

11
nixos/modules/security/acme.nix
View File

@ -302,7 +302,7 @@ in
lpath = "acme/${cert}"; lpath = "acme/${cert}";
apath = "/var/lib/${lpath}"; apath = "/var/lib/${lpath}";
spath = "/var/lib/acme/.lego"; spath = "/var/lib/acme/.lego";
rights = if data.allowKeysForGroup then "750" else "700"; fileMode = if data.allowKeysForGroup then "640" else "600";
globalOpts = [ "-d" data.domain "--email" data.email "--path" "." "--key-type" data.keyType ] globalOpts = [ "-d" data.domain "--email" data.email "--path" "." "--key-type" data.keyType ]
++ optionals (cfg.acceptTerms) [ "--accept-tos" ] ++ optionals (cfg.acceptTerms) [ "--accept-tos" ]
++ optionals (data.dnsProvider != null && !data.dnsPropagationCheck) [ "--dns.disable-cp" ] ++ optionals (data.dnsProvider != null && !data.dnsPropagationCheck) [ "--dns.disable-cp" ]
@ -331,7 +331,7 @@ in
Group = data.group; Group = data.group;
PrivateTmp = true; PrivateTmp = true;
StateDirectory = "acme/.lego ${lpath}"; StateDirectory = "acme/.lego ${lpath}";
StateDirectoryMode = rights; StateDirectoryMode = if data.allowKeysForGroup then "750" else "700";
WorkingDirectory = spath; WorkingDirectory = spath;
# Only try loading the credentialsFile if the dns challenge is enabled # Only try loading the credentialsFile if the dns challenge is enabled
EnvironmentFile = if data.dnsProvider != null then data.credentialsFile else null; EnvironmentFile = if data.dnsProvider != null then data.credentialsFile else null;
@ -354,10 +354,11 @@ in
cp -p ${spath}/certificates/${keyName}.issuer.crt chain.pem cp -p ${spath}/certificates/${keyName}.issuer.crt chain.pem
ln -sf fullchain.pem cert.pem ln -sf fullchain.pem cert.pem
cat key.pem fullchain.pem > full.pem cat key.pem fullchain.pem > full.pem
chmod ${rights} *.pem
chown '${data.user}:${data.group}' *.pem
fi fi
chmod ${fileMode} *.pem
chown '${data.user}:${data.group}' *.pem
${data.postRun} ${data.postRun}
''; '';
in in
@ -399,7 +400,7 @@ in
# Give key acme permissions # Give key acme permissions
chown '${data.user}:${data.group}' "${apath}/"{key,fullchain,full}.pem chown '${data.user}:${data.group}' "${apath}/"{key,fullchain,full}.pem
chmod ${rights} "${apath}/"{key,fullchain,full}.pem chmod ${fileMode} "${apath}/"{key,fullchain,full}.pem
''; '';
serviceConfig = { serviceConfig = {
Type = "oneshot"; Type = "oneshot";

103
nixos/modules/services/databases/mysql.nix
View File

@ -21,6 +21,11 @@ let
installOptions = installOptions =
"${mysqldOptions} ${lib.optionalString isMysqlAtLeast57 "--insecure"}"; "${mysqldOptions} ${lib.optionalString isMysqlAtLeast57 "--insecure"}";
settingsFile = pkgs.writeText "my.cnf" (
generators.toINI { listsAsDuplicateKeys = true; } cfg.settings +
optionalString (cfg.extraOptions != null) "[mysqld]\n${cfg.extraOptions}"
);
in in
{ {
@ -76,9 +81,64 @@ in
description = "Location where MySQL stores its table files"; description = "Location where MySQL stores its table files";
}; };
configFile = mkOption {
type = types.path;
default = settingsFile;
defaultText = "settingsFile";
description = ''
Override the configuration file used by MySQL. By default,
NixOS generates one automatically from <option>services.mysql.settings</option>.
'';
example = literalExample ''
pkgs.writeText "my.cnf" '''
[mysqld]
datadir = /var/lib/mysql
bind-address = 127.0.0.1
port = 3336
plugin-load-add = auth_socket.so
!includedir /etc/mysql/conf.d/
''';
'';
};
settings = mkOption {
type = with types; attrsOf (attrsOf (oneOf [ bool int str (listOf str) ]));
default = {};
description = ''
MySQL configuration. Refer to
<link xlink:href="https://dev.mysql.com/doc/refman/5.7/en/server-system-variables.html"/>,
<link xlink:href="https://dev.mysql.com/doc/refman/8.0/en/server-system-variables.html"/>,
and <link xlink:href="https://mariadb.com/kb/en/server-system-variables/"/>
for details on supported values.
<note>
<para>
MySQL configuration options such as <literal>--quick</literal> should be treated as
boolean options and provided values such as <literal>true</literal>, <literal>false</literal>,
<literal>1</literal>, or <literal>0</literal>. See the provided example below.
</para>
</note>
'';
example = literalExample ''
{
mysqld = {
key_buffer_size = "6G";
table_cache = 1600;
log-error = "/var/log/mysql_err.log";
plugin-load-add = [ "server_audit" "ed25519=auth_ed25519" ];
};
mysqldump = {
quick = true;
max_allowed_packet = "16M";
};
}
'';
};
extraOptions = mkOption { extraOptions = mkOption {
type = types.lines; type = with types; nullOr lines;
default = ""; default = null;
example = '' example = ''
key_buffer_size = 6G key_buffer_size = 6G
table_cache = 1600 table_cache = 1600
@ -252,10 +312,27 @@ in
config = mkIf config.services.mysql.enable { config = mkIf config.services.mysql.enable {
warnings = optional (cfg.extraOptions != null) "services.mysql.`extraOptions` is deprecated, please use services.mysql.`settings`.";
services.mysql.dataDir = services.mysql.dataDir =
mkDefault (if versionAtLeast config.system.stateVersion "17.09" then "/var/lib/mysql" mkDefault (if versionAtLeast config.system.stateVersion "17.09" then "/var/lib/mysql"
else "/var/mysql"); else "/var/mysql");
services.mysql.settings.mysqld = mkMerge [
{
datadir = cfg.dataDir;
bind-address = mkIf (cfg.bind != null) cfg.bind;
port = cfg.port;
plugin-load-add = optional (cfg.ensureUsers != []) "auth_socket.so";
}
(mkIf (cfg.replication.role == "master" || cfg.replication.role == "slave") {
log-bin = "mysql-bin-${toString cfg.replication.serverId}";
log-bin-index = "mysql-bin-${toString cfg.replication.serverId}.index";
relay-log = "mysql-relay-bin";
server-id = cfg.replication.serverId;
})
];
users.users.mysql = { users.users.mysql = {
description = "MySQL server user"; description = "MySQL server user";
group = "mysql"; group = "mysql";
@ -266,25 +343,7 @@ in
environment.systemPackages = [mysql]; environment.systemPackages = [mysql];
environment.etc."my.cnf".text = environment.etc."my.cnf".source = cfg.configFile;
''
[mysqld]
port = ${toString cfg.port}
datadir = ${cfg.dataDir}
${optionalString (cfg.bind != null) "bind-address = ${cfg.bind}" }
${optionalString (cfg.replication.role == "master" || cfg.replication.role == "slave")
''
log-bin=mysql-bin-${toString cfg.replication.serverId}
log-bin-index=mysql-bin-${toString cfg.replication.serverId}.index
relay-log=mysql-relay-bin
server-id = ${toString cfg.replication.serverId}
''}
${optionalString (cfg.ensureUsers != [])
''
plugin-load-add = auth_socket.so
''}
${cfg.extraOptions}
'';
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [
"d '${cfg.dataDir}' 0700 ${cfg.user} mysql -" "d '${cfg.dataDir}' 0700 ${cfg.user} mysql -"
@ -297,7 +356,7 @@ in
after = [ "network.target" ]; after = [ "network.target" ];
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
restartTriggers = [ config.environment.etc."my.cnf".source ]; restartTriggers = [ cfg.configFile ];
unitConfig.RequiresMountsFor = "${cfg.dataDir}"; unitConfig.RequiresMountsFor = "${cfg.dataDir}";

32
nixos/modules/services/desktops/malcontent.nix Normal file
View File

@ -0,0 +1,32 @@
# Malcontent daemon.
{ config, lib, pkgs, ... }:
with lib;
{
###### interface
options = {
services.malcontent = {
enable = mkEnableOption "Malcontent";
};
};
###### implementation
config = mkIf config.services.malcontent.enable {
environment.systemPackages = [ pkgs.malcontent ];
services.dbus.packages = [ pkgs.malcontent ];
};
}

234
nixos/modules/services/mail/dovecot.nix
View File

@ -14,18 +14,34 @@ let
base_dir = ${baseDir} base_dir = ${baseDir}
protocols = ${concatStringsSep " " cfg.protocols} protocols = ${concatStringsSep " " cfg.protocols}
sendmail_path = /run/wrappers/bin/sendmail sendmail_path = /run/wrappers/bin/sendmail
# defining mail_plugins must be done before the first protocol {} filter because of https://doc.dovecot.org/configuration_manual/config_file/config_file_syntax/#variable-expansion
mail_plugins = $mail_plugins ${concatStringsSep " " cfg.mailPlugins.globally.enable}
'' ''
(if cfg.sslServerCert == null then '' (
ssl = no concatStringsSep "\n" (
disable_plaintext_auth = no mapAttrsToList (
'' else '' protocol: plugins: ''
ssl_cert = <${cfg.sslServerCert} protocol ${protocol} {
ssl_key = <${cfg.sslServerKey} mail_plugins = $mail_plugins ${concatStringsSep " " plugins.enable}
${optionalString (cfg.sslCACert != null) ("ssl_ca = <" + cfg.sslCACert)} }
ssl_dh = <${config.security.dhparams.params.dovecot2.path} ''
disable_plaintext_auth = yes ) cfg.mailPlugins.perProtocol
'') )
)
(
if cfg.sslServerCert == null then ''
ssl = no
disable_plaintext_auth = no
'' else ''
ssl_cert = <${cfg.sslServerCert}
ssl_key = <${cfg.sslServerKey}
${optionalString (cfg.sslCACert != null) ("ssl_ca = <" + cfg.sslCACert)}
ssl_dh = <${config.security.dhparams.params.dovecot2.path}
disable_plaintext_auth = yes
''
)
'' ''
default_internal_user = ${cfg.user} default_internal_user = ${cfg.user}
@ -45,55 +61,58 @@ let
} }
'' ''
(optionalString cfg.enablePAM '' (
userdb { optionalString cfg.enablePAM ''
driver = passwd userdb {
} driver = passwd
passdb {
driver = pam
args = ${optionalString cfg.showPAMFailure "failure_show_msg=yes"} dovecot2
}
'')
(optionalString (cfg.sieveScripts != {}) ''
plugin {
${concatStringsSep "\n" (mapAttrsToList (to: from: "sieve_${to} = ${stateDir}/sieve/${to}") cfg.sieveScripts)}
}
'')
(optionalString (cfg.mailboxes != []) ''
protocol imap {
namespace inbox {
inbox=yes
${concatStringsSep "\n" (map mailboxConfig cfg.mailboxes)}
} }
}
'')
(optionalString cfg.enableQuota '' passdb {
mail_plugins = $mail_plugins quota driver = pam
service quota-status { args = ${optionalString cfg.showPAMFailure "failure_show_msg=yes"} dovecot2
executable = ${dovecotPkg}/libexec/dovecot/quota-status -p postfix
inet_listener {
port = ${cfg.quotaPort}
} }
client_limit = 1 ''
} )
protocol imap { (
mail_plugins = $mail_plugins imap_quota optionalString (cfg.sieveScripts != {}) ''
} plugin {
${concatStringsSep "\n" (mapAttrsToList (to: from: "sieve_${to} = ${stateDir}/sieve/${to}") cfg.sieveScripts)}
}
''
)
plugin { (
quota_rule = *:storage=${cfg.quotaGlobalPerUser} optionalString (cfg.mailboxes != []) ''
quota = maildir:User quota # per virtual mail user quota # BUG/FIXME broken, we couldn't get this working protocol imap {
quota_status_success = DUNNO namespace inbox {
quota_status_nouser = DUNNO inbox=yes
quota_status_overquota = "552 5.2.2 Mailbox is full" ${concatStringsSep "\n" (map mailboxConfig cfg.mailboxes)}
quota_grace = 10%% }
} }
'') ''
)
(
optionalString cfg.enableQuota ''
service quota-status {
executable = ${dovecotPkg}/libexec/dovecot/quota-status -p postfix
inet_listener {
port = ${cfg.quotaPort}
}
client_limit = 1
}
plugin {
quota_rule = *:storage=${cfg.quotaGlobalPerUser}
quota = maildir:User quota # per virtual mail user quota # BUG/FIXME broken, we couldn't get this working
quota_status_success = DUNNO
quota_status_nouser = DUNNO
quota_status_overquota = "552 5.2.2 Mailbox is full"
quota_grace = 10%%
}
''
)
cfg.extraConfig cfg.extraConfig
]; ];
@ -107,7 +126,7 @@ let
mailbox "${mailbox.name}" { mailbox "${mailbox.name}" {
auto = ${toString mailbox.auto} auto = ${toString mailbox.auto}
'' + optionalString (mailbox.specialUse != null) '' '' + optionalString (mailbox.specialUse != null) ''
special_use = \${toString mailbox.specialUse} special_use = \${toString mailbox.specialUse}
'' + "}"; '' + "}";
mailboxes = { ... }: { mailboxes = { ... }: {
@ -160,7 +179,7 @@ in
protocols = mkOption { protocols = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
default = [ ]; default = [];
description = "Additional listeners to start when Dovecot is enabled."; description = "Additional listeners to start when Dovecot is enabled.";
}; };
@ -183,6 +202,43 @@ in
description = "Additional entries to put verbatim into Dovecot's config file."; description = "Additional entries to put verbatim into Dovecot's config file.";
}; };
mailPlugins =
let
plugins = hint: types.submodule {
options = {
enable = mkOption {
type = types.listOf types.str;
default = [];
description = "mail plugins to enable as a list of strings to append to the ${hint} <literal>$mail_plugins</literal> configuration variable";
};
};
};
in
mkOption {
type = with types; submodule {
options = {
globally = mkOption {
description = "Additional entries to add to the mail_plugins variable for all protocols";
type = plugins "top-level";
example = { enable = [ "virtual" ]; };
default = { enable = []; };
};
perProtocol = mkOption {
description = "Additional entries to add to the mail_plugins variable, per protocol";
type = attrsOf (plugins "corresponding per-protocol");
default = {};
example = { imap = [ "imap_acl" ]; };
};
};
};
description = "Additional entries to add to the mail_plugins variable, globally and per protocol";
example = {
globally.enable = [ "acl" ];
perProtocol.imap.enable = [ "imap_acl" ];
};
default = { globally.enable = []; perProtocol = {}; };
};
configFile = mkOption { configFile = mkOption {
type = types.nullOr types.path; type = types.nullOr types.path;
default = null; default = null;
@ -305,27 +361,33 @@ in
enable = true; enable = true;
params.dovecot2 = {}; params.dovecot2 = {};
}; };
services.dovecot2.protocols = services.dovecot2.protocols =
optional cfg.enableImap "imap" optional cfg.enableImap "imap"
++ optional cfg.enablePop3 "pop3" ++ optional cfg.enablePop3 "pop3"
++ optional cfg.enableLmtp "lmtp"; ++ optional cfg.enableLmtp "lmtp";
services.dovecot2.mailPlugins = mkIf cfg.enableQuota {
globally.enable = [ "quota" ];
perProtocol.imap.enable = [ "imap_quota" ];
};
users.users = { users.users = {
dovenull = dovenull =
{ uid = config.ids.uids.dovenull2; {
uid = config.ids.uids.dovenull2;
description = "Dovecot user for untrusted logins"; description = "Dovecot user for untrusted logins";
group = "dovenull"; group = "dovenull";
}; };
} // optionalAttrs (cfg.user == "dovecot2") { } // optionalAttrs (cfg.user == "dovecot2") {
dovecot2 = dovecot2 =
{ uid = config.ids.uids.dovecot2; {
description = "Dovecot user"; uid = config.ids.uids.dovecot2;
group = cfg.group; description = "Dovecot user";
}; group = cfg.group;
};
} // optionalAttrs (cfg.createMailUser && cfg.mailUser != null) { } // optionalAttrs (cfg.createMailUser && cfg.mailUser != null) {
${cfg.mailUser} = ${cfg.mailUser} =
{ description = "Virtual Mail User"; } // { description = "Virtual Mail User"; } // optionalAttrs (cfg.mailGroup != null)
optionalAttrs (cfg.mailGroup != null)
{ group = cfg.mailGroup; }; { group = cfg.mailGroup; };
}; };
@ -334,7 +396,7 @@ in
} // optionalAttrs (cfg.group == "dovecot2") { } // optionalAttrs (cfg.group == "dovecot2") {
dovecot2.gid = config.ids.gids.dovecot2; dovecot2.gid = config.ids.gids.dovecot2;
} // optionalAttrs (cfg.createMailUser && cfg.mailGroup != null) { } // optionalAttrs (cfg.createMailUser && cfg.mailGroup != null) {
${cfg.mailGroup} = { }; ${cfg.mailGroup} = {};
}; };
environment.etc."dovecot/modules".source = modulesDir; environment.etc."dovecot/modules".source = modulesDir;
@ -363,15 +425,19 @@ in
rm -rf ${stateDir}/sieve rm -rf ${stateDir}/sieve
'' + optionalString (cfg.sieveScripts != {}) '' '' + optionalString (cfg.sieveScripts != {}) ''
mkdir -p ${stateDir}/sieve mkdir -p ${stateDir}/sieve
${concatStringsSep "\n" (mapAttrsToList (to: from: '' ${concatStringsSep "\n" (
if [ -d '${from}' ]; then mapAttrsToList (
mkdir '${stateDir}/sieve/${to}' to: from: ''
cp -p "${from}/"*.sieve '${stateDir}/sieve/${to}' if [ -d '${from}' ]; then
else mkdir '${stateDir}/sieve/${to}'
cp -p '${from}' '${stateDir}/sieve/${to}' cp -p "${from}/"*.sieve '${stateDir}/sieve/${to}'
fi else
${pkgs.dovecot_pigeonhole}/bin/sievec '${stateDir}/sieve/${to}' cp -p '${from}' '${stateDir}/sieve/${to}'
'') cfg.sieveScripts)} fi
${pkgs.dovecot_pigeonhole}/bin/sievec '${stateDir}/sieve/${to}'
''
) cfg.sieveScripts
)}
chown -R '${cfg.mailUser}:${cfg.mailGroup}' '${stateDir}/sieve' chown -R '${cfg.mailUser}:${cfg.mailGroup}' '${stateDir}/sieve'
''; '';
}; };
@ -379,17 +445,21 @@ in
environment.systemPackages = [ dovecotPkg ]; environment.systemPackages = [ dovecotPkg ];
assertions = [ assertions = [
{ assertion = intersectLists cfg.protocols [ "pop3" "imap" ] != []; {
assertion = intersectLists cfg.protocols [ "pop3" "imap" ] != [];
message = "dovecot needs at least one of the IMAP or POP3 listeners enabled"; message = "dovecot needs at least one of the IMAP or POP3 listeners enabled";
} }
{ assertion = (cfg.sslServerCert == null) == (cfg.sslServerKey == null) {
&& (cfg.sslCACert != null -> !(cfg.sslServerCert == null || cfg.sslServerKey == null)); assertion = (cfg.sslServerCert == null) == (cfg.sslServerKey == null)
&& (cfg.sslCACert != null -> !(cfg.sslServerCert == null || cfg.sslServerKey == null));
message = "dovecot needs both sslServerCert and sslServerKey defined for working crypto"; message = "dovecot needs both sslServerCert and sslServerKey defined for working crypto";
} }
{ assertion = cfg.showPAMFailure -> cfg.enablePAM; {
assertion = cfg.showPAMFailure -> cfg.enablePAM;
message = "dovecot is configured with showPAMFailure while enablePAM is disabled"; message = "dovecot is configured with showPAMFailure while enablePAM is disabled";
} }
{ assertion = cfg.sieveScripts != {} -> (cfg.mailUser != null && cfg.mailGroup != null); {
assertion = cfg.sieveScripts != {} -> (cfg.mailUser != null && cfg.mailGroup != null);
message = "dovecot requires mailUser and mailGroup to be set when sieveScripts is set"; message = "dovecot requires mailUser and mailGroup to be set when sieveScripts is set";
} }
]; ];

79
nixos/modules/services/misc/ankisyncd.nix Normal file
View File

@ -0,0 +1,79 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.ankisyncd;
name = "ankisyncd";
stateDir = "/var/lib/${name}";
authDbPath = "${stateDir}/auth.db";
sessionDbPath = "${stateDir}/session.db";
configFile = pkgs.writeText "ankisyncd.conf" (lib.generators.toINI {} {
sync_app = {
host = cfg.host;
port = cfg.port;
data_root = stateDir;
auth_db_path = authDbPath;
session_db_path = sessionDbPath;
base_url = "/sync/";
base_media_url = "/msync/";
};
});
in
{
options.services.ankisyncd = {
enable = mkEnableOption "ankisyncd";
package = mkOption {
type = types.package;
default = pkgs.ankisyncd;
defaultText = literalExample "pkgs.ankisyncd";
description = "The package to use for the ankisyncd command.";
};
host = mkOption {
type = types.str;
default = "localhost";
description = "ankisyncd host";
};
port = mkOption {
type = types.int;
default = 27701;
description = "ankisyncd port";
};
openFirewall = mkOption {
default = false;
type = types.bool;
description = "Whether to open the firewall for the specified port.";
};
};
config = mkIf cfg.enable {
networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ cfg.port ];
environment.etc."ankisyncd/ankisyncd.conf".source = configFile;
systemd.services.ankisyncd = {
description = "ankisyncd - Anki sync server";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
path = [ cfg.package ];
serviceConfig = {
Type = "simple";
DynamicUser = true;
StateDirectory = name;
ExecStart = "${cfg.package}/bin/ankisyncd";
Restart = "always";
};
};
};
}

2
nixos/modules/services/misc/autorandr.nix
View File

@ -48,5 +48,5 @@ in {
}; };
meta.maintainers = with maintainers; [ gnidorah ma27 ]; meta.maintainers = with maintainers; [ gnidorah ];
} }

4
nixos/modules/services/misc/zoneminder.nix
View File

@ -77,6 +77,8 @@ in {
`config.services.zoneminder.database.createLocally` to true. Otherwise, `config.services.zoneminder.database.createLocally` to true. Otherwise,
when set to `false` (the default), you will have to create the database when set to `false` (the default), you will have to create the database
and database user as well as populate the database yourself. and database user as well as populate the database yourself.
Additionally, you will need to run `zmupdate.pl` yourself when
upgrading to a newer version.
''; '';
webserver = mkOption { webserver = mkOption {
@ -330,6 +332,8 @@ in {
${config.services.mysql.package}/bin/mysql < ${pkg}/share/zoneminder/db/zm_create.sql ${config.services.mysql.package}/bin/mysql < ${pkg}/share/zoneminder/db/zm_create.sql
touch "/var/lib/${dirName}/db-created" touch "/var/lib/${dirName}/db-created"
fi fi
${zoneminder}/bin/zmupdate.pl -nointeractive
''; '';
serviceConfig = { serviceConfig = {
User = user; User = user;

1
nixos/modules/services/monitoring/cadvisor.nix
View File

@ -135,7 +135,6 @@ in {
serviceConfig.TimeoutStartSec=300; serviceConfig.TimeoutStartSec=300;
}; };
virtualisation.docker.enable = mkDefault true;
}) })
]; ];
} }

27
nixos/modules/services/monitoring/prometheus/default.nix
View File

@ -9,12 +9,13 @@ let
# a wrapper that verifies that the configuration is valid # a wrapper that verifies that the configuration is valid
promtoolCheck = what: name: file: promtoolCheck = what: name: file:
pkgs.runCommand if cfg.checkConfig then
"${name}-${replaceStrings [" "] [""] what}-checked" pkgs.runCommand
{ buildInputs = [ cfg.package ]; } '' "${name}-${replaceStrings [" "] [""] what}-checked"
ln -s ${file} $out { buildInputs = [ cfg.package ]; } ''
promtool ${what} $out ln -s ${file} $out
''; promtool ${what} $out
'' else file;
# Pretty-print JSON to a file # Pretty-print JSON to a file
writePrettyJSON = name: x: writePrettyJSON = name: x:
@ -601,6 +602,20 @@ in {
if Prometheus is served via a reverse proxy). if Prometheus is served via a reverse proxy).
''; '';
}; };
checkConfig = mkOption {
type = types.bool;
default = true;
description = ''
Check configuration with <literal>promtool
check</literal>. The call to <literal>promtool</literal> is
subject to sandboxing by Nix. When credentials are stored in
external files (<literal>password_file</literal>,
<literal>bearer_token_file</literal>, etc), they will not be
visible to <literal>promtool</literal> and it will report
errors, despite a correct configuration.
'';
};
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {

17
nixos/modules/services/monitoring/prometheus/exporters.nix
View File

@ -29,6 +29,7 @@ let
"fritzbox" "fritzbox"
"json" "json"
"mail" "mail"
"mikrotik"
"minio" "minio"
"nextcloud" "nextcloud"
"nginx" "nginx"
@ -197,13 +198,25 @@ in
config = mkMerge ([{ config = mkMerge ([{
assertions = [ { assertions = [ {
assertion = (cfg.snmp.configurationPath == null) != (cfg.snmp.configuration == null); assertion = cfg.snmp.enable -> (
(cfg.snmp.configurationPath == null) != (cfg.snmp.configuration == null)
);
message = '' message = ''
Please ensure you have either `services.prometheus.exporters.snmp.configuration' Please ensure you have either `services.prometheus.exporters.snmp.configuration'
or `services.prometheus.exporters.snmp.configurationPath' set! or `services.prometheus.exporters.snmp.configurationPath' set!
''; '';
} { } {
assertion = (cfg.mail.configFile == null) != (cfg.mail.configuration == {}); assertion = cfg.mikrotik.enable -> (
(cfg.mikrotik.configFile == null) != (cfg.mikrotik.configuration == null)
);
message = ''
Please specify either `services.prometheus.exporters.mikrotik.configuration'
or `services.prometheus.exporters.mikrotik.configFile'.
'';
} {
assertion = cfg.mail.enable -> (
(cfg.mail.configFile == null) != (cfg.mail.configuration == null)
);
message = '' message = ''
Please specify either 'services.prometheus.exporters.mail.configuration' Please specify either 'services.prometheus.exporters.mail.configuration'
or 'services.prometheus.exporters.mail.configFile'. or 'services.prometheus.exporters.mail.configFile'.

2
nixos/modules/services/monitoring/prometheus/exporters/blackbox.nix
View File

@ -61,7 +61,7 @@ in {
ExecStart = '' ExecStart = ''
${pkgs.prometheus-blackbox-exporter}/bin/blackbox_exporter \ ${pkgs.prometheus-blackbox-exporter}/bin/blackbox_exporter \
--web.listen-address ${cfg.listenAddress}:${toString cfg.port} \ --web.listen-address ${cfg.listenAddress}:${toString cfg.port} \
--config.file ${adjustedConfigFile} \ --config.file ${escapeShellArg adjustedConfigFile} \
${concatStringsSep " \\\n " cfg.extraFlags} ${concatStringsSep " \\\n " cfg.extraFlags}
''; '';
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";

2
nixos/modules/services/monitoring/prometheus/exporters/collectd.nix
View File

@ -66,7 +66,7 @@ in
serviceConfig = { serviceConfig = {
ExecStart = '' ExecStart = ''
${pkgs.prometheus-collectd-exporter}/bin/collectd_exporter \ ${pkgs.prometheus-collectd-exporter}/bin/collectd_exporter \
-log.format ${cfg.logFormat} \ -log.format ${escapeShellArg cfg.logFormat} \
-log.level ${cfg.logLevel} \ -log.level ${cfg.logLevel} \
-web.listen-address ${cfg.listenAddress}:${toString cfg.port} \ -web.listen-address ${cfg.listenAddress}:${toString cfg.port} \
${collectSettingsArgs} \ ${collectSettingsArgs} \

2
nixos/modules/services/monitoring/prometheus/exporters/dnsmasq.nix
View File

@ -30,7 +30,7 @@ in
${pkgs.prometheus-dnsmasq-exporter}/bin/dnsmasq_exporter \ ${pkgs.prometheus-dnsmasq-exporter}/bin/dnsmasq_exporter \
--listen ${cfg.listenAddress}:${toString cfg.port} \ --listen ${cfg.listenAddress}:${toString cfg.port} \
--dnsmasq ${cfg.dnsmasqListenAddress} \ --dnsmasq ${cfg.dnsmasqListenAddress} \
--leases_path ${cfg.leasesPath} \ --leases_path ${escapeShellArg cfg.leasesPath} \
${concatStringsSep " \\\n " cfg.extraFlags} ${concatStringsSep " \\\n " cfg.extraFlags}
''; '';
}; };

2
nixos/modules/services/monitoring/prometheus/exporters/dovecot.nix
View File

@ -64,7 +64,7 @@ in
${pkgs.prometheus-dovecot-exporter}/bin/dovecot_exporter \ ${pkgs.prometheus-dovecot-exporter}/bin/dovecot_exporter \
--web.listen-address ${cfg.listenAddress}:${toString cfg.port} \ --web.listen-address ${cfg.listenAddress}:${toString cfg.port} \
--web.telemetry-path ${cfg.telemetryPath} \ --web.telemetry-path ${cfg.telemetryPath} \
--dovecot.socket-path ${cfg.socketPath} \ --dovecot.socket-path ${escapeShellArg cfg.socketPath} \
--dovecot.scopes ${concatStringsSep "," cfg.scopes} \ --dovecot.scopes ${concatStringsSep "," cfg.scopes} \
${concatStringsSep " \\\n " cfg.extraFlags} ${concatStringsSep " \\\n " cfg.extraFlags}
''; '';

2
nixos/modules/services/monitoring/prometheus/exporters/json.nix
View File

@ -27,7 +27,7 @@ in
ExecStart = '' ExecStart = ''
${pkgs.prometheus-json-exporter}/bin/prometheus-json-exporter \ ${pkgs.prometheus-json-exporter}/bin/prometheus-json-exporter \
--port ${toString cfg.port} \ --port ${toString cfg.port} \
${cfg.url} ${cfg.configFile} \ ${cfg.url} ${escapeShellArg cfg.configFile} \
${concatStringsSep " \\\n " cfg.extraFlags} ${concatStringsSep " \\\n " cfg.extraFlags}
''; '';
}; };

9
nixos/modules/services/monitoring/prometheus/exporters/mail.nix
View File

@ -90,7 +90,7 @@ let
Timeout until mails are considered "didn't make it". Timeout until mails are considered "didn't make it".
''; '';
}; };
disableFileDelition = mkOption { disableFileDeletion = mkOption {
type = types.bool; type = types.bool;
default = false; default = false;
description = '' description = ''
@ -127,8 +127,8 @@ in
''; '';
}; };
configuration = mkOption { configuration = mkOption {
type = types.submodule exporterOptions; type = types.nullOr (types.submodule exporterOptions);
default = {}; default = null;
description = '' description = ''
Specify the mailexporter configuration file to use. Specify the mailexporter configuration file to use.
''; '';
@ -147,8 +147,9 @@ in
ExecStart = '' ExecStart = ''
${pkgs.prometheus-mail-exporter}/bin/mailexporter \ ${pkgs.prometheus-mail-exporter}/bin/mailexporter \
--web.listen-address ${cfg.listenAddress}:${toString cfg.port} \ --web.listen-address ${cfg.listenAddress}:${toString cfg.port} \
--web.telemetry-path ${cfg.telemetryPath} \
--config.file ${ --config.file ${
if cfg.configuration != {} then configurationFile else cfg.configFile if cfg.configuration != null then configurationFile else (escapeShellArg cfg.configFile)
} \ } \
${concatStringsSep " \\\n " cfg.extraFlags} ${concatStringsSep " \\\n " cfg.extraFlags}
''; '';

66
nixos/modules/services/monitoring/prometheus/exporters/mikrotik.nix Normal file
View File

@ -0,0 +1,66 @@
{ config, lib, pkgs, options }:
with lib;
let
cfg = config.services.prometheus.exporters.mikrotik;
in
{
port = 9436;
extraOpts = {
configFile = mkOption {
type = types.nullOr types.path;
default = null;
description = ''
Path to a mikrotik exporter configuration file. Mutually exclusive with
<option>configuration</option> option.
'';
example = literalExample "./mikrotik.yml";
};
configuration = mkOption {
type = types.nullOr types.attrs;
default = null;
description = ''
Mikrotik exporter configuration as nix attribute set. Mutually exclusive with
<option>configFile</option> option.
See <link xlink:href="https://github.com/nshttpd/mikrotik-exporter/blob/master/README.md"/>
for the description of the configuration file format.
'';
example = literalExample ''
{
devices = [
{
name = "my_router";
address = "10.10.0.1";
user = "prometheus";
password = "changeme";
}
];
features = {
bgp = true;
dhcp = true;
routes = true;
optics = true;
};
}
'';
};
};
serviceOpts = let
configFile = if cfg.configFile != null
then cfg.configFile
else "${pkgs.writeText "mikrotik-exporter.yml" (builtins.toJSON cfg.configuration)}";
in {
serviceConfig = {
# -port is misleading name, it actually accepts address too
ExecStart = ''
${pkgs.prometheus-mikrotik-exporter}/bin/mikrotik-exporter \
-config-file=${escapeShellArg configFile} \
-port=${cfg.listenAddress}:${toString cfg.port} \
${concatStringsSep " \\\n " cfg.extraFlags}
'';
};
};
}

4
nixos/modules/services/monitoring/prometheus/exporters/minio.nix
View File

@ -54,8 +54,8 @@ in
${pkgs.prometheus-minio-exporter}/bin/minio-exporter \ ${pkgs.prometheus-minio-exporter}/bin/minio-exporter \
-web.listen-address ${cfg.listenAddress}:${toString cfg.port} \ -web.listen-address ${cfg.listenAddress}:${toString cfg.port} \
-minio.server ${cfg.minioAddress} \ -minio.server ${cfg.minioAddress} \
-minio.access-key ${cfg.minioAccessKey} \ -minio.access-key ${escapeShellArg cfg.minioAccessKey} \
-minio.access-secret ${cfg.minioAccessSecret} \ -minio.access-secret ${escapeShellArg cfg.minioAccessSecret} \
${optionalString cfg.minioBucketStats "-minio.bucket-stats"} \ ${optionalString cfg.minioBucketStats "-minio.bucket-stats"} \
${concatStringsSep " \\\n " cfg.extraFlags} ${concatStringsSep " \\\n " cfg.extraFlags}
''; '';

2
nixos/modules/services/monitoring/prometheus/exporters/nextcloud.nix
View File

@ -50,7 +50,7 @@ in
-u ${cfg.username} \ -u ${cfg.username} \
-t ${cfg.timeout} \ -t ${cfg.timeout} \
-l ${cfg.url} \ -l ${cfg.url} \
-p @${cfg.passwordFile} \ -p ${escapeShellArg "@${cfg.passwordFile}"} \
${concatStringsSep " \\\n " cfg.extraFlags} ${concatStringsSep " \\\n " cfg.extraFlags}
''; '';
}; };

6
nixos/modules/services/monitoring/prometheus/exporters/postfix.nix
View File

@ -67,15 +67,15 @@ in
${pkgs.prometheus-postfix-exporter}/bin/postfix_exporter \ ${pkgs.prometheus-postfix-exporter}/bin/postfix_exporter \
--web.listen-address ${cfg.listenAddress}:${toString cfg.port} \ --web.listen-address ${cfg.listenAddress}:${toString cfg.port} \
--web.telemetry-path ${cfg.telemetryPath} \ --web.telemetry-path ${cfg.telemetryPath} \
--postfix.showq_path ${cfg.showqPath} \ --postfix.showq_path ${escapeShellArg cfg.showqPath} \
${concatStringsSep " \\\n " (cfg.extraFlags ${concatStringsSep " \\\n " (cfg.extraFlags
++ optional cfg.systemd.enable "--systemd.enable" ++ optional cfg.systemd.enable "--systemd.enable"
++ optional cfg.systemd.enable (if cfg.systemd.slice != null ++ optional cfg.systemd.enable (if cfg.systemd.slice != null
then "--systemd.slice ${cfg.systemd.slice}" then "--systemd.slice ${cfg.systemd.slice}"
else "--systemd.unit ${cfg.systemd.unit}") else "--systemd.unit ${cfg.systemd.unit}")
++ optional (cfg.systemd.enable && (cfg.systemd.journalPath != null)) ++ optional (cfg.systemd.enable && (cfg.systemd.journalPath != null))
"--systemd.journal_path ${cfg.systemd.journalPath}" "--systemd.journal_path ${escapeShellArg cfg.systemd.journalPath}"
++ optional (!cfg.systemd.enable) "--postfix.logfile_path ${cfg.logfilePath}")} ++ optional (!cfg.systemd.enable) "--postfix.logfile_path ${escapeShellArg cfg.logfilePath}")}
''; '';
}; };
}; };

16
nixos/modules/services/monitoring/prometheus/exporters/snmp.nix
View File

@ -19,7 +19,7 @@ in
configuration = mkOption { configuration = mkOption {
type = types.nullOr types.attrs; type = types.nullOr types.attrs;
default = {}; default = null;
description = '' description = ''
Snmp exporter configuration as nix attribute set. Mutually exclusive with 'configurationPath' option. Snmp exporter configuration as nix attribute set. Mutually exclusive with 'configurationPath' option.
''; '';
@ -36,15 +36,15 @@ in
}; };
logFormat = mkOption { logFormat = mkOption {
type = types.str; type = types.enum ["logfmt" "json"];
default = "logger:stderr"; default = "logfmt";
description = '' description = ''
Set the log target and format. Output format of log messages.
''; '';
}; };
logLevel = mkOption { logLevel = mkOption {
type = types.enum ["debug" "info" "warn" "error" "fatal"]; type = types.enum ["debug" "info" "warn" "error"];
default = "info"; default = "info";
description = '' description = ''
Only log messages with the given severity or above. Only log messages with the given severity or above.
@ -54,13 +54,13 @@ in
serviceOpts = let serviceOpts = let
configFile = if cfg.configurationPath != null configFile = if cfg.configurationPath != null
then cfg.configurationPath then cfg.configurationPath
else "${pkgs.writeText "snmp-eporter-conf.yml" (builtins.toJSON cfg.configuration)}"; else "${pkgs.writeText "snmp-exporter-conf.yml" (builtins.toJSON cfg.configuration)}";
in { in {
serviceConfig = { serviceConfig = {
ExecStart = '' ExecStart = ''
${pkgs.prometheus-snmp-exporter.bin}/bin/snmp_exporter \ ${pkgs.prometheus-snmp-exporter.bin}/bin/snmp_exporter \
--config.file=${configFile} \ --config.file=${escapeShellArg configFile} \
--log.format=${cfg.logFormat} \ --log.format=${escapeShellArg cfg.logFormat} \
--log.level=${cfg.logLevel} \ --log.level=${cfg.logLevel} \
--web.listen-address=${cfg.listenAddress}:${toString cfg.port} \ --web.listen-address=${cfg.listenAddress}:${toString cfg.port} \
${concatStringsSep " \\\n " cfg.extraFlags} ${concatStringsSep " \\\n " cfg.extraFlags}

4
nixos/modules/services/monitoring/prometheus/exporters/unifi.nix
View File

@ -55,8 +55,8 @@ in
${pkgs.prometheus-unifi-exporter}/bin/unifi_exporter \ ${pkgs.prometheus-unifi-exporter}/bin/unifi_exporter \
-telemetry.addr ${cfg.listenAddress}:${toString cfg.port} \ -telemetry.addr ${cfg.listenAddress}:${toString cfg.port} \
-unifi.addr ${cfg.unifiAddress} \ -unifi.addr ${cfg.unifiAddress} \
-unifi.username ${cfg.unifiUsername} \ -unifi.username ${escapeShellArg cfg.unifiUsername} \
-unifi.password ${cfg.unifiPassword} \ -unifi.password ${escapeShellArg cfg.unifiPassword} \
-unifi.timeout ${cfg.unifiTimeout} \ -unifi.timeout ${cfg.unifiTimeout} \
${optionalString cfg.unifiInsecure "-unifi.insecure" } \ ${optionalString cfg.unifiInsecure "-unifi.insecure" } \
${concatStringsSep " \\\n " cfg.extraFlags} ${concatStringsSep " \\\n " cfg.extraFlags}

4
nixos/modules/services/monitoring/prometheus/exporters/varnish.nix
View File

@ -74,10 +74,10 @@ in
${pkgs.prometheus-varnish-exporter}/bin/prometheus_varnish_exporter \ ${pkgs.prometheus-varnish-exporter}/bin/prometheus_varnish_exporter \
--web.listen-address ${cfg.listenAddress}:${toString cfg.port} \ --web.listen-address ${cfg.listenAddress}:${toString cfg.port} \
--web.telemetry-path ${cfg.telemetryPath} \ --web.telemetry-path ${cfg.telemetryPath} \
--varnishstat-path ${cfg.varnishStatPath} \ --varnishstat-path ${escapeShellArg cfg.varnishStatPath} \
${concatStringsSep " \\\n " (cfg.extraFlags ${concatStringsSep " \\\n " (cfg.extraFlags
++ optional (cfg.healthPath != null) "--web.health-path ${cfg.healthPath}" ++ optional (cfg.healthPath != null) "--web.health-path ${cfg.healthPath}"
++ optional (cfg.instance != null) "-n ${cfg.instance}" ++ optional (cfg.instance != null) "-n ${escapeShellArg cfg.instance}"
++ optional cfg.noExit "--no-exit" ++ optional cfg.noExit "--no-exit"
++ optional cfg.withGoMetrics "--with-go-metrics" ++ optional cfg.withGoMetrics "--with-go-metrics"
++ optional cfg.verbose "--verbose" ++ optional cfg.verbose "--verbose"

2
nixos/modules/services/monitoring/prometheus/exporters/wireguard.nix
View File

@ -59,7 +59,7 @@ in {
${optionalString cfg.verbose "-v"} \ ${optionalString cfg.verbose "-v"} \
${optionalString cfg.singleSubnetPerField "-s"} \ ${optionalString cfg.singleSubnetPerField "-s"} \
${optionalString cfg.withRemoteIp "-r"} \ ${optionalString cfg.withRemoteIp "-r"} \
${optionalString (cfg.wireguardConfig != null) "-n ${cfg.wireguardConfig}"} ${optionalString (cfg.wireguardConfig != null) "-n ${escapeShellArg cfg.wireguardConfig}"}
''; '';
}; };
}; };

52
nixos/modules/services/networking/cjdns.nix
View File

@ -29,17 +29,13 @@ let
}; };
# Additional /etc/hosts entries for peers with an associated hostname # Additional /etc/hosts entries for peers with an associated hostname
cjdnsExtraHosts = import (pkgs.runCommand "cjdns-hosts" {} cjdnsExtraHosts = pkgs.runCommandNoCC "cjdns-hosts" {} ''
# Generate a builder that produces an output usable as a Nix string value exec >$out
'' ${concatStringsSep "\n" (mapAttrsToList (k: v:
exec >$out optionalString (v.hostname != "")
echo \'\' "echo $(${pkgs.cjdns}/bin/publictoip6 ${v.publicKey}) ${v.hostname}")
${concatStringsSep "\n" (mapAttrsToList (k: v: (cfg.ETHInterface.connectTo // cfg.UDPInterface.connectTo))}
optionalString (v.hostname != "") '';
"echo $(${pkgs.cjdns}/bin/publictoip6 ${v.publicKey}) ${v.hostname}")
(cfg.ETHInterface.connectTo // cfg.UDPInterface.connectTo))}
echo \'\'
'');
parseModules = x: parseModules = x:
x // { connectTo = mapAttrs (name: value: { inherit (value) password publicKey; }) x.connectTo; }; x // { connectTo = mapAttrs (name: value: { inherit (value) password publicKey; }) x.connectTo; };
@ -144,13 +140,15 @@ in
connectTo = mkOption { connectTo = mkOption {
type = types.attrsOf ( types.submodule ( connectToSubmodule ) ); type = types.attrsOf ( types.submodule ( connectToSubmodule ) );
default = { }; default = { };
example = { example = literalExample ''
"192.168.1.1:27313" = { {
hostname = "homer.hype"; "192.168.1.1:27313" = {
password = "5kG15EfpdcKNX3f2GSQ0H1HC7yIfxoCoImnO5FHM"; hostname = "homer.hype";
publicKey = "371zpkgs8ss387tmr81q04mp0hg1skb51hw34vk1cq644mjqhup0.k"; password = "5kG15EfpdcKNX3f2GSQ0H1HC7yIfxoCoImnO5FHM";
}; publicKey = "371zpkgs8ss387tmr81q04mp0hg1skb51hw34vk1cq644mjqhup0.k";
}; };
}
'';
description = '' description = ''
Credentials for making UDP tunnels. Credentials for making UDP tunnels.
''; '';
@ -189,13 +187,15 @@ in
connectTo = mkOption { connectTo = mkOption {
type = types.attrsOf ( types.submodule ( connectToSubmodule ) ); type = types.attrsOf ( types.submodule ( connectToSubmodule ) );
default = { }; default = { };
example = { example = literalExample ''
"01:02:03:04:05:06" = { {
hostname = "homer.hype"; "01:02:03:04:05:06" = {
password = "5kG15EfpdcKNX3f2GSQ0H1HC7yIfxoCoImnO5FHM"; hostname = "homer.hype";
publicKey = "371zpkgs8ss387tmr81q04mp0hg1skb51hw34vk1cq644mjqhup0.k"; password = "5kG15EfpdcKNX3f2GSQ0H1HC7yIfxoCoImnO5FHM";
}; publicKey = "371zpkgs8ss387tmr81q04mp0hg1skb51hw34vk1cq644mjqhup0.k";
}; };
}
'';
description = '' description = ''
Credentials for connecting look similar to UDP credientials Credentials for connecting look similar to UDP credientials
except they begin with the mac address. except they begin with the mac address.
@ -278,7 +278,7 @@ in
}; };
}; };
networking.extraHosts = mkIf cfg.addExtraHosts cjdnsExtraHosts; networking.hostFiles = mkIf cfg.addExtraHosts [ cjdnsExtraHosts ];
assertions = [ assertions = [
{ assertion = ( cfg.ETHInterface.bind != "" || cfg.UDPInterface.bind != "" || cfg.confFile != null ); { assertion = ( cfg.ETHInterface.bind != "" || cfg.UDPInterface.bind != "" || cfg.confFile != null );

2
nixos/modules/services/networking/firewall.nix
View File

@ -546,7 +546,7 @@ in
options nf_conntrack nf_conntrack_helper=1 options nf_conntrack nf_conntrack_helper=1
''; '';
assertions = [ { assertion = (cfg.checkReversePath != false) || kernelHasRPFilter; assertions = [ { assertion = cfg.checkReversePath -> kernelHasRPFilter;
message = "This kernel does not support rpfilter"; } message = "This kernel does not support rpfilter"; }
]; ];

18
nixos/modules/services/networking/freeradius.nix
View File

@ -10,14 +10,15 @@ let
{ {
description = "FreeRadius server"; description = "FreeRadius server";
wantedBy = ["multi-user.target"]; wantedBy = ["multi-user.target"];
after = ["network-online.target"]; after = ["network.target"];
wants = ["network-online.target"]; wants = ["network.target"];
preStart = '' preStart = ''
${pkgs.freeradius}/bin/radiusd -C -d ${cfg.configDir} -l stdout ${pkgs.freeradius}/bin/radiusd -C -d ${cfg.configDir} -l stdout
''; '';
serviceConfig = { serviceConfig = {
ExecStart = "${pkgs.freeradius}/bin/radiusd -f -d ${cfg.configDir} -l stdout -xx"; ExecStart = "${pkgs.freeradius}/bin/radiusd -f -d ${cfg.configDir} -l stdout" +
optionalString cfg.debug " -xx";
ExecReload = [ ExecReload = [
"${pkgs.freeradius}/bin/radiusd -C -d ${cfg.configDir} -l stdout" "${pkgs.freeradius}/bin/radiusd -C -d ${cfg.configDir} -l stdout"
"${pkgs.coreutils}/bin/kill -HUP $MAINPID" "${pkgs.coreutils}/bin/kill -HUP $MAINPID"
@ -41,6 +42,16 @@ let
''; '';
}; };
debug = mkOption {
type = types.bool;
default = false;
description = ''
Whether to enable debug logging for freeradius (-xx
option). This should not be left on, since it includes
sensitive data such as passwords in the logs.
'';
};
}; };
in in
@ -66,6 +77,7 @@ in
}; };
systemd.services.freeradius = freeradiusService cfg; systemd.services.freeradius = freeradiusService cfg;
warnings = optional cfg.debug "Freeradius debug logging is enabled. This will log passwords in plaintext to the journal!";
}; };

26
nixos/modules/services/networking/haproxy.nix
View File

@ -26,6 +26,18 @@ with lib;
''; '';
}; };
user = mkOption {
type = types.str;
default = "haproxy";
description = "User account under which haproxy runs.";
};
group = mkOption {
type = types.str;
default = "haproxy";
description = "Group account under which haproxy runs.";
};
config = mkOption { config = mkOption {
type = types.nullOr types.lines; type = types.nullOr types.lines;
default = null; default = null;
@ -49,7 +61,8 @@ with lib;
after = [ "network.target" ]; after = [ "network.target" ];
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
serviceConfig = { serviceConfig = {
DynamicUser = true; User = cfg.user;
Group = cfg.group;
Type = "notify"; Type = "notify";
# when running the config test, don't be quiet so we can see what goes wrong # when running the config test, don't be quiet so we can see what goes wrong
ExecStartPre = "${pkgs.haproxy}/sbin/haproxy -c -f ${haproxyCfg}"; ExecStartPre = "${pkgs.haproxy}/sbin/haproxy -c -f ${haproxyCfg}";
@ -60,5 +73,16 @@ with lib;
AmbientCapabilities = "CAP_NET_BIND_SERVICE"; AmbientCapabilities = "CAP_NET_BIND_SERVICE";
}; };
}; };
users.users = optionalAttrs (cfg.user == "haproxy") {
haproxy = {
group = cfg.group;
isSystemUser = true;
};
};
users.groups = optionalAttrs (cfg.group == "haproxy") {
haproxy = {};
};
}; };
} }

13
nixos/modules/services/networking/ntp/ntpd.nix
View File

@ -23,6 +23,8 @@ let
restrict -6 ::1 restrict -6 ::1
${toString (map (server: "server " + server + " iburst\n") cfg.servers)} ${toString (map (server: "server " + server + " iburst\n") cfg.servers)}
${cfg.extraConfig}
''; '';
ntpFlags = "-c ${configFile} -u ${ntpUser}:nogroup ${toString cfg.extraFlags}"; ntpFlags = "-c ${configFile} -u ${ntpUser}:nogroup ${toString cfg.extraFlags}";
@ -81,6 +83,17 @@ in
''; '';
}; };
extraConfig = mkOption {
type = types.lines;
default = "";
example = ''
fudge 127.127.1.0 stratum 10
'';
description = ''
Additional text appended to <filename>ntp.conf</filename>.
'';
};
extraFlags = mkOption { extraFlags = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
description = "Extra flags passed to the ntpd command."; description = "Extra flags passed to the ntpd command.";

5
nixos/modules/services/networking/shorewall.nix
View File

@ -26,13 +26,14 @@ in {
description = "The shorewall package to use."; description = "The shorewall package to use.";
}; };
configs = lib.mkOption { configs = lib.mkOption {
type = types.attrsOf types.str; type = types.attrsOf types.lines;
default = {}; default = {};
description = '' description = ''
This option defines the Shorewall configs. This option defines the Shorewall configs.
The attribute name defines the name of the config, The attribute name defines the name of the config,
and the attribute value defines the content of the config. and the attribute value defines the content of the config.
''; '';
apply = lib.mapAttrs (name: text: pkgs.writeText "${name}" text);
}; };
}; };
}; };
@ -62,7 +63,7 @@ in {
''; '';
}; };
environment = { environment = {
etc = lib.mapAttrs' (name: conf: lib.nameValuePair "shorewall/${name}" {text=conf;}) cfg.configs; etc = lib.mapAttrs' (name: conf: lib.nameValuePair "shorewall/${name}" {source=conf;}) cfg.configs;
systemPackages = [ cfg.package ]; systemPackages = [ cfg.package ];
}; };
}; };

5
nixos/modules/services/networking/shorewall6.nix
View File

@ -26,13 +26,14 @@ in {
description = "The shorewall package to use."; description = "The shorewall package to use.";
}; };
configs = lib.mkOption { configs = lib.mkOption {
type = types.attrsOf types.str; type = types.attrsOf types.lines;
default = {}; default = {};
description = '' description = ''
This option defines the Shorewall configs. This option defines the Shorewall configs.
The attribute name defines the name of the config, The attribute name defines the name of the config,
and the attribute value defines the content of the config. and the attribute value defines the content of the config.
''; '';
apply = lib.mapAttrs (name: text: pkgs.writeText "${name}" text);
}; };
}; };
}; };
@ -62,7 +63,7 @@ in {
''; '';
}; };
environment = { environment = {
etc = lib.mapAttrs' (name: conf: lib.nameValuePair "shorewall6/${name}" {text=conf;}) cfg.configs; etc = lib.mapAttrs' (name: conf: lib.nameValuePair "shorewall6/${name}" {source=conf;}) cfg.configs;
systemPackages = [ cfg.package ]; systemPackages = [ cfg.package ];
}; };
}; };

2
nixos/modules/services/networking/vsftpd.nix
View File

@ -133,8 +133,8 @@ let
${optionalString cfg.enableVirtualUsers '' ${optionalString cfg.enableVirtualUsers ''
guest_enable=YES guest_enable=YES
guest_username=vsftpd guest_username=vsftpd
pam_service_name=vsftpd
''} ''}
pam_service_name=vsftpd
${cfg.extraConfig} ${cfg.extraConfig}
''; '';

2
nixos/modules/services/networking/wireguard.nix
View File

@ -428,7 +428,7 @@ in
++ (attrValues ( ++ (attrValues (
mapAttrs (name: value: { mapAttrs (name: value: {
assertion = value.generatePrivateKeyFile -> (value.privateKey == null); assertion = value.generatePrivateKeyFile -> (value.privateKey == null);
message = "networking.wireguard.interfaces.${name}.generatePrivateKey must not be set if networking.wireguard.interfaces.${name}.privateKey is set."; message = "networking.wireguard.interfaces.${name}.generatePrivateKeyFile must not be set if networking.wireguard.interfaces.${name}.privateKey is set.";
}) cfg.interfaces)) }) cfg.interfaces))
++ map ({ interfaceName, peer, ... }: { ++ map ({ interfaceName, peer, ... }: {
assertion = (peer.presharedKey == null) || (peer.presharedKeyFile == null); assertion = (peer.presharedKey == null) || (peer.presharedKeyFile == null);

2
nixos/modules/services/wayland/cage.nix
View File

@ -51,6 +51,7 @@ in {
conflicts = [ "getty@tty1.service" ]; conflicts = [ "getty@tty1.service" ];
restartIfChanged = false; restartIfChanged = false;
unitConfig.ConditionPathExists = "/dev/tty1";
serviceConfig = { serviceConfig = {
ExecStart = '' ExecStart = ''
${pkgs.cage}/bin/cage \ ${pkgs.cage}/bin/cage \
@ -59,7 +60,6 @@ in {
''; '';
User = cfg.user; User = cfg.user;
ConditionPathExists = "/dev/tty1";
IgnoreSIGPIPE = "no"; IgnoreSIGPIPE = "no";
# Log this user with utmp, letting it show up with commands 'w' and # Log this user with utmp, letting it show up with commands 'w' and

20
nixos/modules/services/web-servers/nginx/default.nix
View File

@ -87,10 +87,17 @@ let
${optionalString (cfg.sslDhparam != null) "ssl_dhparam ${cfg.sslDhparam};"} ${optionalString (cfg.sslDhparam != null) "ssl_dhparam ${cfg.sslDhparam};"}
${optionalString (cfg.recommendedTlsSettings) '' ${optionalString (cfg.recommendedTlsSettings) ''
ssl_session_cache shared:SSL:42m; # Keep in sync with https://ssl-config.mozilla.org/#server=nginx&config=intermediate
ssl_session_timeout 23m;
ssl_ecdh_curve secp384r1; ssl_session_timeout 1d;
ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:10m;
# Breaks forward secrecy: https://github.com/mozilla/server-side-tls/issues/135
ssl_session_tickets off;
# We don't enable insecure ciphers by default, so this allows
# clients to pick the most performant, per https://github.com/mozilla/server-side-tls/issues/260
ssl_prefer_server_ciphers off;
# OCSP stapling
ssl_stapling on; ssl_stapling on;
ssl_stapling_verify on; ssl_stapling_verify on;
''} ''}
@ -487,8 +494,9 @@ in
sslCiphers = mkOption { sslCiphers = mkOption {
type = types.str; type = types.str;
default = "EECDH+aRSA+AESGCM:EDH+aRSA:EECDH+aRSA:+AES256:+AES128:+SHA1:!CAMELLIA:!SEED:!3DES:!DES:!RC4:!eNULL"; # Keep in sync with https://ssl-config.mozilla.org/#server=nginx&config=intermediate
description = "Ciphers to choose from when negotiating tls handshakes."; default = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384";
description = "Ciphers to choose from when negotiating TLS handshakes.";
}; };
sslProtocols = mkOption { sslProtocols = mkOption {

2
nixos/modules/services/web-servers/uwsgi.nix
View File

@ -32,7 +32,7 @@ let
inherit plugins; inherit plugins;
} // removeAttrs c [ "type" "pythonPackages" ] } // removeAttrs c [ "type" "pythonPackages" ]
// optionalAttrs (python != null) { // optionalAttrs (python != null) {
pythonpath = "${pythonEnv}/${python.sitePackages}"; pyhome = "${pythonEnv}";
env = env =
# Argh, uwsgi expects list of key-values there instead of a dictionary. # Argh, uwsgi expects list of key-values there instead of a dictionary.
let env' = c.env or []; let env' = c.env or [];

92
nixos/modules/services/x11/display-managers/lightdm-greeters/tiny.nix Normal file
View File

@ -0,0 +1,92 @@
{ config, lib, pkgs, ... }:
with lib;
let
dmcfg = config.services.xserver.displayManager;
ldmcfg = dmcfg.lightdm;
cfg = ldmcfg.greeters.tiny;
in
{
options = {
services.xserver.displayManager.lightdm.greeters.tiny = {
enable = mkOption {
type = types.bool;
default = false;
description = ''
Whether to enable lightdm-tiny-greeter as the lightdm greeter.
Note that this greeter starts only the default X session.
You can configure the default X session using
<xref linkend="opt-services.xserver.displayManager.defaultSession"/>.
'';
};
label = {
user = mkOption {
type = types.str;
default = "Username";
description = ''
The string to represent the user_text label.
'';
};
pass = mkOption {
type = types.str;
default = "Password";
description = ''
The string to represent the pass_text label.
'';
};
};
extraConfig = mkOption {
type = types.lines;
default = "";
description = ''
Section to describe style and ui.
'';
};
};
};
config = mkIf (ldmcfg.enable && cfg.enable) {
services.xserver.displayManager.lightdm.greeters.gtk.enable = false;
nixpkgs.config.lightdm-tiny-greeter.conf =
let
configHeader = ''
#include <gtk/gtk.h>
static const char *user_text = "${cfg.label.user}";
static const char *pass_text = "${cfg.label.pass}";
static const char *session = "${dmcfg.defaultSession}";
'';
in
optionalString (cfg.extraConfig != "")
(configHeader + cfg.extraConfig);
services.xserver.displayManager.lightdm.greeter =
mkDefault {
package = pkgs.lightdm-tiny-greeter.xgreeters;
name = "lightdm-tiny-greeter";
};
assertions = [
{
assertion = dmcfg.defaultSession != null;
message = ''
Please set: services.xserver.displayManager.defaultSession
'';
}
];
};
}

1
nixos/modules/services/x11/display-managers/lightdm.nix
View File

@ -77,6 +77,7 @@ in
./lightdm-greeters/mini.nix ./lightdm-greeters/mini.nix
./lightdm-greeters/enso-os.nix ./lightdm-greeters/enso-os.nix
./lightdm-greeters/pantheon.nix ./lightdm-greeters/pantheon.nix
./lightdm-greeters/tiny.nix
]; ];
options = { options = {

4
nixos/modules/system/activation/switch-to-configuration.pl
View File

@ -183,7 +183,7 @@ while (my ($unit, $state) = each %{$activePrev}) {
# active after the system has resumed, which probably # active after the system has resumed, which probably
# should not be the case. Just ignore it. # should not be the case. Just ignore it.
if ($unit ne "suspend.target" && $unit ne "hibernate.target" && $unit ne "hybrid-sleep.target") { if ($unit ne "suspend.target" && $unit ne "hibernate.target" && $unit ne "hybrid-sleep.target") {
unless (boolIsTrue($unitInfo->{'RefuseManualStart'} // "no")) { unless (boolIsTrue($unitInfo->{'RefuseManualStart'} // "no") || boolIsTrue($unitInfo->{'X-OnlyManualStart'} // "no")) {
$unitsToStart{$unit} = 1; $unitsToStart{$unit} = 1;
recordUnit($startListFile, $unit); recordUnit($startListFile, $unit);
# Don't spam the user with target units that always get started. # Don't spam the user with target units that always get started.
@ -222,7 +222,7 @@ while (my ($unit, $state) = each %{$activePrev}) {
$unitsToReload{$unit} = 1; $unitsToReload{$unit} = 1;
recordUnit($reloadListFile, $unit); recordUnit($reloadListFile, $unit);
} }
elsif (!boolIsTrue($unitInfo->{'X-RestartIfChanged'} // "yes") || boolIsTrue($unitInfo->{'RefuseManualStop'} // "no") ) { elsif (!boolIsTrue($unitInfo->{'X-RestartIfChanged'} // "yes") || boolIsTrue($unitInfo->{'RefuseManualStop'} // "no") || boolIsTrue($unitInfo->{'X-OnlyManualStart'} // "no")) {
$unitsToSkip{$unit} = 1; $unitsToSkip{$unit} = 1;
} else { } else {
if (!boolIsTrue($unitInfo->{'X-StopIfChanged'} // "yes")) { if (!boolIsTrue($unitInfo->{'X-StopIfChanged'} // "yes")) {

1
nixos/modules/system/activation/top-level.nix
View File

@ -15,6 +15,7 @@ let
map (childConfig: map (childConfig:
(import ../../../lib/eval-config.nix { (import ../../../lib/eval-config.nix {
inherit baseModules; inherit baseModules;
system = config.nixpkgs.initialSystem;
modules = modules =
(optionals inheritParent modules) (optionals inheritParent modules)
++ [ ./no-clone.nix ] ++ [ ./no-clone.nix ]

8
nixos/modules/system/etc/etc.nix
View File

@ -94,7 +94,7 @@ in
default = 0; default = 0;
type = types.int; type = types.int;
description = '' description = ''
UID of created file. Only takes affect when the file is UID of created file. Only takes effect when the file is
copied (that is, the mode is not 'symlink'). copied (that is, the mode is not 'symlink').
''; '';
}; };
@ -103,7 +103,7 @@ in
default = 0; default = 0;
type = types.int; type = types.int;
description = '' description = ''
GID of created file. Only takes affect when the file is GID of created file. Only takes effect when the file is
copied (that is, the mode is not 'symlink'). copied (that is, the mode is not 'symlink').
''; '';
}; };
@ -113,7 +113,7 @@ in
type = types.str; type = types.str;
description = '' description = ''
User name of created file. User name of created file.
Only takes affect when the file is copied (that is, the mode is not 'symlink'). Only takes effect when the file is copied (that is, the mode is not 'symlink').
Changing this option takes precedence over <literal>uid</literal>. Changing this option takes precedence over <literal>uid</literal>.
''; '';
}; };
@ -123,7 +123,7 @@ in
type = types.str; type = types.str;
description = '' description = ''
Group name of created file. Group name of created file.
Only takes affect when the file is copied (that is, the mode is not 'symlink'). Only takes effect when the file is copied (that is, the mode is not 'symlink').
Changing this option takes precedence over <literal>gid</literal>. Changing this option takes precedence over <literal>gid</literal>.
''; '';
}; };

15
nixos/modules/tasks/auto-upgrade.nix
View File

@ -63,6 +63,19 @@ let cfg = config.system.autoUpgrade; in
''; '';
}; };
randomizedDelaySec = mkOption {
default = "0";
type = types.str;
example = "45min";
description = ''
Add a randomized delay before each automatic upgrade.
The delay will be chozen between zero and this value.
This value must be a time span in the format specified by
<citerefentry><refentrytitle>systemd.time</refentrytitle>
<manvolnum>7</manvolnum></citerefentry>
'';
};
}; };
}; };
@ -109,6 +122,8 @@ let cfg = config.system.autoUpgrade; in
startAt = cfg.dates; startAt = cfg.dates;
}; };
systemd.timers.nixos-upgrade.timerConfig.RandomizedDelaySec = cfg.randomizedDelaySec;
}; };
} }

7
nixos/modules/tasks/filesystems/btrfs.nix
View File

@ -118,12 +118,17 @@ in
fs' = utils.escapeSystemdPath fs; fs' = utils.escapeSystemdPath fs;
in nameValuePair "btrfs-scrub-${fs'}" { in nameValuePair "btrfs-scrub-${fs'}" {
description = "btrfs scrub on ${fs}"; description = "btrfs scrub on ${fs}";
# scrub prevents suspend2ram or proper shutdown
conflicts = [ "shutdown.target" "sleep.target" ];
before = [ "shutdown.target" "sleep.target" ];
serviceConfig = { serviceConfig = {
Type = "oneshot"; # simple and not oneshot, otherwise ExecStop is not used
Type = "simple";
Nice = 19; Nice = 19;
IOSchedulingClass = "idle"; IOSchedulingClass = "idle";
ExecStart = "${pkgs.btrfs-progs}/bin/btrfs scrub start -B ${fs}"; ExecStart = "${pkgs.btrfs-progs}/bin/btrfs scrub start -B ${fs}";
ExecStop = "${pkgs.btrfs-progs}/bin/btrfs scrub cancel ${fs}";
}; };
}; };
in listToAttrs (map scrubService cfgScrub.fileSystems); in listToAttrs (map scrubService cfgScrub.fileSystems);

16
nixos/modules/virtualisation/kvmgt.nix
View File

@ -19,7 +19,8 @@ in {
virtualisation.kvmgt = { virtualisation.kvmgt = {
enable = mkEnableOption '' enable = mkEnableOption ''
KVMGT (iGVT-g) VGPU support. Allows Qemu/KVM guests to share host's Intel integrated graphics card. KVMGT (iGVT-g) VGPU support. Allows Qemu/KVM guests to share host's Intel integrated graphics card.
Currently only one graphical device can be shared Currently only one graphical device can be shared. To allow users to access the device without root add them
to the kvm group: <literal>users.extraUsers.&lt;yourusername&gt;.extraGroups = [ "kvm" ];</literal>
''; '';
# multi GPU support is under the question # multi GPU support is under the question
device = mkOption { device = mkOption {
@ -35,9 +36,7 @@ in {
and find info about device via <command>cat /sys/bus/pci/devices/*/mdev_supported_types/i915-GVTg_V5_4/description</command> and find info about device via <command>cat /sys/bus/pci/devices/*/mdev_supported_types/i915-GVTg_V5_4/description</command>
''; '';
example = { example = {
i915-GVTg_V5_8 = { i915-GVTg_V5_8.uuid = "a297db4a-f4c2-11e6-90f6-d3b88d6c9525";
uuid = "a297db4a-f4c2-11e6-90f6-d3b88d6c9525";
};
}; };
}; };
}; };
@ -50,10 +49,7 @@ in {
}; };
boot.kernelModules = [ "kvmgt" ]; boot.kernelModules = [ "kvmgt" ];
boot.kernelParams = [ "i915.enable_gvt=1" ];
boot.extraModprobeConfig = ''
options i915 enable_gvt=1
'';
systemd.paths = mapAttrs' (name: value: systemd.paths = mapAttrs' (name: value:
nameValuePair "kvmgt-${name}" { nameValuePair "kvmgt-${name}" {
@ -65,6 +61,10 @@ in {
} }
) cfg.vgpus; ) cfg.vgpus;
services.udev.extraRules = ''
SUBSYSTEM=="vfio", OWNER="root", GROUP="kvm"
'';
systemd.services = mapAttrs' (name: value: systemd.services = mapAttrs' (name: value:
nameValuePair "kvmgt-${name}" { nameValuePair "kvmgt-${name}" {
description = "KVMGT VGPU ${name}"; description = "KVMGT VGPU ${name}";

17
nixos/tests/docker-tools.nix
View File

@ -137,5 +137,22 @@ import ./make-test-python.nix ({ pkgs, ... }: {
# Ensure the two output paths (ls and hello) are in the layer # Ensure the two output paths (ls and hello) are in the layer
"docker run bulk-layer ls /bin/hello", "docker run bulk-layer ls /bin/hello",
) )
with subtest("Ensure correct behavior when no store is needed"):
# This check tests two requirements simultaneously
# 1. buildLayeredImage can build images that don't need a store.
# 2. Layers of symlinks are eliminated by the customization layer.
#
docker.succeed(
"docker load --input='${pkgs.dockerTools.examples.no-store-paths}'"
)
# Busybox will not recognize argv[0] and print an error message with argv[0],
# but it confirms that the custom-true symlink is present.
docker.succeed("docker run --rm no-store-paths custom-true |& grep custom-true")
# This check may be loosened to allow an *empty* store rather than *no* store.
docker.succeed("docker run --rm no-store-paths ls /")
docker.fail("docker run --rm no-store-paths ls /nix/store")
''; '';
}) })

2
nixos/tests/kubernetes/dns.nix
View File

@ -3,8 +3,6 @@ with import ./base.nix { inherit system; };
let let
domain = "my.zyx"; domain = "my.zyx";
certs = import ./certs.nix { externalDomain = domain; kubelets = [ "machine1" "machine2" ]; };
redisPod = pkgs.writeText "redis-pod.json" (builtins.toJSON { redisPod = pkgs.writeText "redis-pod.json" (builtins.toJSON {
kind = "Pod"; kind = "Pod";
apiVersion = "v1"; apiVersion = "v1";

6
nixos/tests/nesting.nix
View File

@ -30,9 +30,9 @@ import ./make-test-python.nix {
clone.succeed("cowsay hey") clone.succeed("cowsay hey")
clone.succeed("hello") clone.succeed("hello")
children.wait_for_unit("default.target") children.wait_for_unit("default.target")
children.succeed("cowsay hey") children.succeed("cowsay hey")
children.fail("hello") children.fail("hello")
with subtest("Nested children do not inherit from parent"): with subtest("Nested children do not inherit from parent"):
children.succeed( children.succeed(

43
nixos/tests/prometheus-exporters.nix
View File

@ -224,7 +224,7 @@ let
after = [ "postfix.service" ]; after = [ "postfix.service" ];
requires = [ "postfix.service" ]; requires = [ "postfix.service" ];
preStart = '' preStart = ''
mkdir -p 0600 mail-exporter/new mkdir -p -m 0700 mail-exporter/new
''; '';
serviceConfig = { serviceConfig = {
ProtectHome = true; ProtectHome = true;
@ -245,6 +245,46 @@ let
''; '';
}; };
mikrotik = {
exporterConfig = {
enable = true;
extraFlags = [ "-timeout=1s" ];
configuration = {
devices = [
{
name = "router";
address = "192.168.42.48";
user = "prometheus";
password = "shh";
}
];
features = {
bgp = true;
dhcp = true;
dhcpl = true;
dhcpv6 = true;
health = true;
routes = true;
poe = true;
pools = true;
optics = true;
w60g = true;
wlansta = true;
wlanif = true;
monitor = true;
ipsec = true;
};
};
};
exporterTest = ''
wait_for_unit("prometheus-mikrotik-exporter.service")
wait_for_open_port(9436)
succeed(
"curl -sSf http://localhost:9436/metrics | grep -q 'mikrotik_scrape_collector_success{device=\"router\"} 0'"
)
'';
};
nextcloud = { nextcloud = {
exporterConfig = { exporterConfig = {
enable = true; enable = true;
@ -363,6 +403,7 @@ let
}; };
metricProvider = { metricProvider = {
services.rspamd.enable = true; services.rspamd.enable = true;
virtualisation.memorySize = 1024;
}; };
exporterTest = '' exporterTest = ''
wait_for_unit("rspamd.service") wait_for_unit("rspamd.service")

1
nixos/tests/signal-desktop.nix
View File

@ -17,6 +17,7 @@ import ./make-test-python.nix ({ pkgs, ...} :
services.xserver.enable = true; services.xserver.enable = true;
test-support.displayManager.auto.user = "alice"; test-support.displayManager.auto.user = "alice";
environment.systemPackages = [ pkgs.signal-desktop ]; environment.systemPackages = [ pkgs.signal-desktop ];
virtualisation.memorySize = 1024;
}; };
enableOCR = true; enableOCR = true;

5
pkgs/applications/audio/MMA/default.nix
View File

@ -1,12 +1,12 @@
{ stdenv, fetchurl, makeWrapper, python3, alsaUtils, timidity }: { stdenv, fetchurl, makeWrapper, python3, alsaUtils, timidity }:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
version = "19.08"; version = "20.02";
pname = "mma"; pname = "mma";
src = fetchurl { src = fetchurl {
url = "https://www.mellowood.ca/mma/mma-bin-${version}.tar.gz"; url = "https://www.mellowood.ca/mma/mma-bin-${version}.tar.gz";
sha256 = "02g2q9f1hbrj1v4mbf7zx2571vqpfla5803hcjpkdkvn8g0dwci0"; sha256 = "0i9c3f14j7wy2c86ky83f2vgmg5bihnnwsmpkq13fgqjsaf0qwnv";
}; };
buildInputs = [ makeWrapper python3 alsaUtils timidity ]; buildInputs = [ makeWrapper python3 alsaUtils timidity ];
@ -19,6 +19,7 @@
sed -i 's@/usr/bin/timidity@/${timidity}/bin/timidity@g' mma-splitrec sed -i 's@/usr/bin/timidity@/${timidity}/bin/timidity@g' mma-splitrec
sed -i 's@/usr/bin/timidity@/${timidity}/bin/timidity@g' util/mma-splitrec.py sed -i 's@/usr/bin/timidity@/${timidity}/bin/timidity@g' util/mma-splitrec.py
find . -type f | xargs sed -i 's@/usr/bin/env python@${python3.interpreter}@g' find . -type f | xargs sed -i 's@/usr/bin/env python@${python3.interpreter}@g'
find . -type f | xargs sed -i 's@/usr/bin/python@${python3.interpreter}@g'
''; '';
installPhase = '' installPhase = ''

48
pkgs/applications/audio/ams/default.nix Normal file
View File

@ -0,0 +1,48 @@
{ stdenv
, fetchgit
, automake
, alsaLib
, ladspaH
, libjack2
, fftw
, zita-alsa-pcmi
, qt5
, pkg-config
, autoreconfHook
}:
stdenv.mkDerivation rec {
name = "ams";
version = "unstable-2019-04-27";
src = fetchgit {
url = "https://git.code.sf.net/p/alsamodular/ams.git";
sha256 = "0qdyz5llpa94f3qx1xi1mz97vl5jyrj1mqff28p5g9i5rxbbk8z9";
rev = "3250bbcfea331c4fcb9845305eebded80054973d";
};
nativeBuildInputs = [
autoreconfHook
pkg-config
qt5.wrapQtAppsHook
];
buildInputs = [
alsaLib
ladspaH
libjack2
fftw
zita-alsa-pcmi
] ++ (with qt5; [
qtbase
qttools
]);
meta = with stdenv.lib; {
description = "Realtime modular synthesizer for ALSA";
homepage = "http://alsamodular.sourceforge.net";
license = licenses.gpl2;
platforms = platforms.linux;
maintainers = with maintainers; [ sjfloat ];
};
}

4
pkgs/applications/audio/elisa/default.nix
View File

@ -7,13 +7,13 @@
mkDerivation rec { mkDerivation rec {
pname = "elisa"; pname = "elisa";
version = "19.12.2"; version = "19.12.3";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "KDE"; owner = "KDE";
repo = "elisa"; repo = "elisa";
rev = "v${version}"; rev = "v${version}";
sha256 = "0g6zj4ix97aa529w43v1z3n73b8l5di6gscs40hyx4sl1sb7fdh6"; sha256 = "0s1sixkrx4czckzg0llkrbp8rp397ljsq1c309z23m277jsmnnb6";
}; };
buildInputs = [ vlc ]; buildInputs = [ vlc ];

6
pkgs/applications/audio/spotify-tui/default.nix
View File

@ -2,16 +2,16 @@
rustPlatform.buildRustPackage rec { rustPlatform.buildRustPackage rec {
pname = "spotify-tui"; pname = "spotify-tui";
version = "0.15.0"; version = "0.16.0";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "Rigellute"; owner = "Rigellute";
repo = "spotify-tui"; repo = "spotify-tui";
rev = "v${version}"; rev = "v${version}";
sha256 = "19mnnpsidwr5y6igs478gfp7rq76378f66nzfhj4mraqd2jc4nzj"; sha256 = "0fmj25zjg12v0kyanic343lrdhxkh290v88qiz6ac47g8bdy3c83";
}; };
cargoSha256 = "1zhv3sla92z7pjdnf0r4x85n7z9spi70vgy4kw72rdc5v9bmj7q8"; cargoSha256 = "1n8aacy0hapjm10hmgqm07rb5c0ngmzr1s116pspsl7cdszza6xi";
nativeBuildInputs = [ pkgconfig ] ++ stdenv.lib.optionals stdenv.isLinux [ python3 ]; nativeBuildInputs = [ pkgconfig ] ++ stdenv.lib.optionals stdenv.isLinux [ python3 ];
buildInputs = [ openssl ] buildInputs = [ openssl ]

8
pkgs/applications/audio/spotify/default.nix
View File

@ -10,14 +10,14 @@ let
# If an update breaks things, one of those might have valuable info: # If an update breaks things, one of those might have valuable info:
# https://aur.archlinux.org/packages/spotify/ # https://aur.archlinux.org/packages/spotify/
# https://community.spotify.com/t5/Desktop-Linux # https://community.spotify.com/t5/Desktop-Linux
version = "1.1.10.546.ge08ef575-19"; version = "1.1.26.501.gbe11e53b-15";
# To get the latest stable revision: # To get the latest stable revision:
# curl -H 'X-Ubuntu-Series: 16' 'https://api.snapcraft.io/api/v1/snaps/details/spotify?channel=stable' | jq '.download_url,.version,.last_updated' # curl -H 'X-Ubuntu-Series: 16' 'https://api.snapcraft.io/api/v1/snaps/details/spotify?channel=stable' | jq '.download_url,.version,.last_updated'
# To get general information: # To get general information:
# curl -H 'Snap-Device-Series: 16' 'https://api.snapcraft.io/v2/snaps/info/spotify' | jq '.' # curl -H 'Snap-Device-Series: 16' 'https://api.snapcraft.io/v2/snaps/info/spotify' | jq '.'
# More examples of api usage: # More examples of api usage:
# https://github.com/canonical-websites/snapcraft.io/blob/master/webapp/publisher/snaps/views.py # https://github.com/canonical-websites/snapcraft.io/blob/master/webapp/publisher/snaps/views.py
rev = "36"; rev = "41";
deps = [ deps = [
@ -56,6 +56,8 @@ let
xorg.libXScrnSaver xorg.libXScrnSaver
xorg.libXtst xorg.libXtst
xorg.libxcb xorg.libxcb
xorg.libSM
xorg.libICE
zlib zlib
]; ];
@ -75,7 +77,7 @@ stdenv.mkDerivation {
# https://community.spotify.com/t5/Desktop-Linux/Redistribute-Spotify-on-Linux-Distributions/td-p/1695334 # https://community.spotify.com/t5/Desktop-Linux/Redistribute-Spotify-on-Linux-Distributions/td-p/1695334
src = fetchurl { src = fetchurl {
url = "https://api.snapcraft.io/api/v1/snaps/download/pOBIoZ2LrCB3rDohMxoYGnbN14EHOgD7_${rev}.snap"; url = "https://api.snapcraft.io/api/v1/snaps/download/pOBIoZ2LrCB3rDohMxoYGnbN14EHOgD7_${rev}.snap";
sha512 = "c49f1a86a9b737e64a475bbe62754a36f607669e908eb725a2395f0a0a6b95968e0c8ce27ab2c8b6c92fe8cbacb1ef58de11c79b92dc0f58c2c6d3a140706a1f"; sha512 = "41bc8d20388bab39058d0709d99b1c8e324ea37af217620797356b8bc0b24aedbe801eaaa6e00a93e94e26765602e5dc27ad423ce2e777b4bec1b92daf04f81e";
}; };
buildInputs = [ squashfsTools makeWrapper ]; buildInputs = [ squashfsTools makeWrapper ];

4
pkgs/applications/audio/sunvox/default.nix
View File

@ -13,11 +13,11 @@ let
in in
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "SunVox"; pname = "SunVox";
version = "1.9.5c"; version = "1.9.5d";
src = fetchurl { src = fetchurl {
url = "http://www.warmplace.ru/soft/sunvox/sunvox-${version}.zip"; url = "http://www.warmplace.ru/soft/sunvox/sunvox-${version}.zip";
sha256 = "19ilif221nw8lvw0fgpjqzawibyvxk16aaylizwygf7c4j40wayi"; sha256 = "15pyc3dk4dqlivgzki8sv7xpwg3bbn5xv9338g16a0dbn7s3kich";
}; };
buildInputs = [ unzip ]; buildInputs = [ unzip ];

6
pkgs/applications/audio/zam-plugins/default.nix
View File

@ -2,13 +2,13 @@
stdenv.mkDerivation { stdenv.mkDerivation {
pname = "zam-plugins"; pname = "zam-plugins";
version = "3.11"; version = "3.12";
src = fetchgit { src = fetchgit {
url = "https://github.com/zamaudio/zam-plugins.git"; url = "https://github.com/zamaudio/zam-plugins.git";
deepClone = true; deepClone = true;
rev = "af338057e42dd5d07cba1889bfc74eda517c6147"; rev = "87fdee6e87dbee75c1088e2327ea59c1ab1522e4";
sha256 = "1qbskhcvy2k2xv0f32lw13smz5g72v0yy47zv6vnhnaiaqf3f2d5"; sha256 = "0kz0xygff3ca1v9nqi0dvrzy9whbzqxrls5b7hydi808d795893n";
}; };
nativeBuildInputs = [ pkgconfig ]; nativeBuildInputs = [ pkgconfig ];

30
pkgs/applications/blockchains/btcdeb/default.nix Normal file
View File

@ -0,0 +1,30 @@
{ stdenv
, fetchFromGitHub
, autoreconfHook
, pkgconfig
, openssl
}:
with stdenv.lib;
stdenv.mkDerivation rec {
pname = "btcdeb";
version = "0.2.19";
src = fetchFromGitHub {
owner = "kallewoof";
repo = pname;
rev = "fb2dace4cd115dc9529a81515cee855b8ce94784";
sha256 = "0l0niamcjxmgyvc6w0wiygfgwsjam3ypv8mvjglgsj50gyv1vnb3";
};
nativeBuildInputs = [ pkgconfig autoreconfHook ];
buildInputs = [ openssl ];
meta = {
description = "Bitcoin Script Debugger";
homepage = "https://github.com/kallewoof/btcdeb";
license = licenses.mit;
maintainers = with maintainers; [ akru ];
platforms = platforms.unix;
};
}

4
pkgs/applications/blockchains/nano-wallet/default.nix
View File

@ -4,13 +4,13 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "nano-wallet"; pname = "nano-wallet";
version = "19.0"; version = "20.0";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "nanocurrency"; owner = "nanocurrency";
repo = "raiblocks"; repo = "raiblocks";
rev = "V${version}"; rev = "V${version}";
sha256 = "1y5fc4cvfqh33imjkh91sqhy5bb9kh0icwyvdgm1cl564vnjax80"; sha256 = "12nrjjd89yjzx20d85ccmp395pl0djpx0x0qb8dgka8xfy11k7xn";
fetchSubmodules = true; fetchSubmodules = true;
}; };

13
pkgs/applications/blockchains/polkadot/default.nix
View File

@ -11,24 +11,27 @@ rustPlatform.buildRustPackage rec {
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "paritytech"; owner = "paritytech";
# N.B. In 2018, the thing that was "polkadot" was split off into its own
# repo, so if this package is ever updated it should be changed to
# paritytech/polkadot, as per comment here:
# https://github.com/paritytech/polkadot#note
repo = "substrate"; repo = "substrate";
rev = "19f4f4d4df3bb266086b4e488739f73d3d5e588c"; rev = "19f4f4d4df3bb266086b4e488739f73d3d5e588c";
sha256 = "0v7g03rbml2afw0splmyjh9nqpjg0ldjw09hyc0jqd3qlhgxiiyj"; sha256 = "0v7g03rbml2afw0splmyjh9nqpjg0ldjw09hyc0jqd3qlhgxiiyj";
}; };
# Delete this on next update; see #79975 for details cargoSha256 = "1h5v7c7xi2r2wzh1pj6xidrg7dx23w3rjm88mggpq7574arijk4i";
legacyCargoFetcher = true;
cargoSha256 = "0gc3w0cwdyk8f7cgpp9sfawczk3n6wd7q0nhfvk87sry71b8vvwq";
buildInputs = [ pkgconfig openssl openssl.dev ]; buildInputs = [ pkgconfig openssl openssl.dev ];
meta = with stdenv.lib; { meta = with stdenv.lib; {
description = "Polkadot Node Implementation"; description = "Polkadot Node Implementation";
homepage = https://polkadot.network; homepage = "https://polkadot.network";
license = licenses.gpl3; license = licenses.gpl3;
maintainers = [ maintainers.akru ]; maintainers = [ maintainers.akru ];
platforms = platforms.linux; platforms = platforms.linux;
# Last attempt at building this was on v0.7.22
# https://github.com/paritytech/polkadot/releases
broken = true; broken = true;
}; };
} }

46
pkgs/applications/display-managers/lightdm-tiny-greeter/default.nix Normal file
View File

@ -0,0 +1,46 @@
{ stdenv, linkFarm, lightdm-tiny-greeter, fetchFromGitHub
, pkgconfig, lightdm, gtk3, glib, wrapGAppsHook, conf ? "" }:
stdenv.mkDerivation rec {
pname = "lightdm-tiny-greeter";
version = "1.2";
src = fetchFromGitHub {
owner = "off-world";
repo = "lightdm-tiny-greeter";
rev = version;
sha256 = "08azpj7b5qgac9bgi1xvd6qy6x2nb7iapa0v40ggr3d1fabyhrg6";
};
nativeBuildInputs = [ pkgconfig wrapGAppsHook ];
buildInputs = [ lightdm gtk3 glib ];
postUnpack = if conf != "" then ''
cp ${builtins.toFile "config.h" conf} source/config.h
'' else "";
buildPhase = ''
mkdir -p $out/bin $out/share/xgreeters
make ${pname}
mv ${pname} $out/bin/.
mv lightdm-tiny-greeter.desktop $out/share/xgreeters
'';
installPhase = ''
substituteInPlace "$out/share/xgreeters/lightdm-tiny-greeter.desktop" \
--replace "Exec=lightdm-tiny-greeter" "Exec=$out/bin/lightdm-tiny-greeter"
'';
passthru.xgreeters = linkFarm "lightdm-tiny-greeter-xgreeters" [{
path = "${lightdm-tiny-greeter}/share/xgreeters/lightdm-tiny-greeter.desktop";
name = "lightdm-tiny-greeter.desktop";
}];
meta = with stdenv.lib; {
description = "A tiny multi user lightdm greeter";
homepage = https://github.com/off-world/lightdm-tiny-greeter;
license = licenses.bsd3;
maintainers = with maintainers; [ edwtjo ];
platforms = platforms.linux;
};
}

9
pkgs/applications/editors/amp/default.nix
View File

@ -3,19 +3,16 @@
rustPlatform.buildRustPackage rec { rustPlatform.buildRustPackage rec {
pname = "amp"; pname = "amp";
version = "0.6.1"; version = "0.6.2";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "jmacdonald"; owner = "jmacdonald";
repo = pname; repo = pname;
rev = version; rev = version;
sha256 = "0jhxyl27nwp7rp0lc3kic69g8x55d0azrwlwwhz3z74icqa8f03j"; sha256 = "0l1vpcfq6jrq2dkrmsa4ghwdpp7c54f46gz3n7nk0i41b12hnigw";
}; };
# Delete this on next update; see #79975 for details cargoSha256 = "09v991rl2w4c4jh7ga7q1lk6wyl2vr71j5cpniij8mcvszrz78qf";
legacyCargoFetcher = true;
cargoSha256 = "0rk5c8knx8swqzmj7wd18hq2h5ndkzvcbq4lzggpavkk01a8hlb1";
nativeBuildInputs = [ cmake pkgconfig ]; nativeBuildInputs = [ cmake pkgconfig ];
buildInputs = [ openssl python3 xorg.libxcb libgit2 ] ++ stdenv.lib.optionals stdenv.isDarwin buildInputs = [ openssl python3 xorg.libxcb libgit2 ] ++ stdenv.lib.optionals stdenv.isDarwin

6
pkgs/applications/editors/android-studio/default.nix
View File

@ -18,9 +18,9 @@ let
sha256Hash = "0ibp54wcss4ihm454hbavv1bhar6cd4alp5b0z248ryjr5w9mixf"; sha256Hash = "0ibp54wcss4ihm454hbavv1bhar6cd4alp5b0z248ryjr5w9mixf";
}; };
latestVersion = { # canary & dev latestVersion = { # canary & dev
version = "4.1.0.1"; # "Android Studio 4.1 Canary 1" version = "4.1.0.2"; # "Android Studio 4.1 Canary 2"
build = "193.6224510"; build = "193.6264773";
sha256Hash = "0misff7xx8jcg4zr5ahc8qdwvlkx605il0shzd9i1cm9v1br3sqx"; sha256Hash = "0m09q4jp653i9jlqsjplx3d64xkdm27c35781yz6h5rw0a1sq6kz";
}; };
in { in {
# Attributes are named by their corresponding release channels # Attributes are named by their corresponding release channels

62
pkgs/applications/editors/emacs-modes/elpa-generated.nix generated
View File

@ -343,10 +343,10 @@
elpaBuild { elpaBuild {
pname = "bnf-mode"; pname = "bnf-mode";
ename = "bnf-mode"; ename = "bnf-mode";
version = "0.4.3"; version = "0.4.4";
src = fetchurl { src = fetchurl {
url = "https://elpa.gnu.org/packages/bnf-mode-0.4.3.tar"; url = "https://elpa.gnu.org/packages/bnf-mode-0.4.4.tar";
sha256 = "1hdhk6kw50vsixprrri0jb5i1c2y94ihifipqgq6kil7y4blr614"; sha256 = "0acr3x96zknxs90dc9mpnrwiaa81883h36lx5q1lxfn78vjfw14x";
}; };
packageRequires = [ cl-lib emacs ]; packageRequires = [ cl-lib emacs ];
meta = { meta = {
@ -2007,6 +2007,36 @@
license = lib.licenses.free; license = lib.licenses.free;
}; };
}) {}; }) {};
modus-operandi-theme = callPackage ({ elpaBuild, emacs, fetchurl, lib }:
elpaBuild {
pname = "modus-operandi-theme";
ename = "modus-operandi-theme";
version = "0.6.0";
src = fetchurl {
url = "https://elpa.gnu.org/packages/modus-operandi-theme-0.6.0.el";
sha256 = "10smvzaxp90lsg0g61s2nzmfxwnlrxq9dv4rn771vlhra249y08v";
};
packageRequires = [ emacs ];
meta = {
homepage = "https://elpa.gnu.org/packages/modus-operandi-theme.html";
license = lib.licenses.free;
};
}) {};
modus-vivendi-theme = callPackage ({ elpaBuild, emacs, fetchurl, lib }:
elpaBuild {
pname = "modus-vivendi-theme";
ename = "modus-vivendi-theme";
version = "0.6.0";
src = fetchurl {
url = "https://elpa.gnu.org/packages/modus-vivendi-theme-0.6.0.el";
sha256 = "1b7wkz779f020gpil4spbdzmg2fx6l48wk1138564cv9kx3nkkz2";
};
packageRequires = [ emacs ];
meta = {
homepage = "https://elpa.gnu.org/packages/modus-vivendi-theme.html";
license = lib.licenses.free;
};
}) {};
multishell = callPackage ({ cl-lib ? null, elpaBuild, fetchurl, lib }: multishell = callPackage ({ cl-lib ? null, elpaBuild, fetchurl, lib }:
elpaBuild { elpaBuild {
pname = "multishell"; pname = "multishell";
@ -2765,10 +2795,10 @@
elpaBuild { elpaBuild {
pname = "relint"; pname = "relint";
ename = "relint"; ename = "relint";
version = "1.14"; version = "1.15";
src = fetchurl { src = fetchurl {
url = "https://elpa.gnu.org/packages/relint-1.14.tar"; url = "https://elpa.gnu.org/packages/relint-1.15.tar";
sha256 = "0hjzhxcygb2r2s3g2pk3z9x3appy1y8gkw8gpg9cpkl6lpwcsh2f"; sha256 = "0sxmdsacj8my942k8j76m2y68nzab7190acv7cwgflc5n4f07yxa";
}; };
packageRequires = [ emacs xr ]; packageRequires = [ emacs xr ];
meta = { meta = {
@ -3041,10 +3071,10 @@
elpaBuild { elpaBuild {
pname = "ssh-deploy"; pname = "ssh-deploy";
ename = "ssh-deploy"; ename = "ssh-deploy";
version = "3.1.10"; version = "3.1.11";
src = fetchurl { src = fetchurl {
url = "https://elpa.gnu.org/packages/ssh-deploy-3.1.10.tar"; url = "https://elpa.gnu.org/packages/ssh-deploy-3.1.11.tar";
sha256 = "0gckc6yhgi8pn3s8vdyzz8x1s2d4wmsw6yjwsaqcr5nra50glbpg"; sha256 = "1xd09kfn7lqw6jzfkrn0p5agdpcz1z9zbazqigylpqfcywr5snhk";
}; };
packageRequires = [ emacs ]; packageRequires = [ emacs ];
meta = { meta = {
@ -3157,7 +3187,11 @@
license = lib.licenses.free; license = lib.licenses.free;
}; };
}) {}; }) {};
timerfunctions = callPackage ({ cl-lib ? null, elpaBuild, fetchurl, lib }: timerfunctions = callPackage ({ cl-lib ? null
, elpaBuild
, emacs
, fetchurl
, lib }:
elpaBuild { elpaBuild {
pname = "timerfunctions"; pname = "timerfunctions";
ename = "timerfunctions"; ename = "timerfunctions";
@ -3166,7 +3200,7 @@
url = "https://elpa.gnu.org/packages/timerfunctions-1.4.2.el"; url = "https://elpa.gnu.org/packages/timerfunctions-1.4.2.el";
sha256 = "122q8nv08pz1mkgilvi9qfrs7rsnc5picr7jyz2jpnvpd9qw6jw5"; sha256 = "122q8nv08pz1mkgilvi9qfrs7rsnc5picr7jyz2jpnvpd9qw6jw5";
}; };
packageRequires = [ cl-lib ]; packageRequires = [ cl-lib emacs ];
meta = { meta = {
homepage = "https://elpa.gnu.org/packages/timerfunctions.html"; homepage = "https://elpa.gnu.org/packages/timerfunctions.html";
license = lib.licenses.free; license = lib.licenses.free;
@ -3675,10 +3709,10 @@
elpaBuild { elpaBuild {
pname = "xr"; pname = "xr";
ename = "xr"; ename = "xr";
version = "1.16"; version = "1.18";
src = fetchurl { src = fetchurl {
url = "https://elpa.gnu.org/packages/xr-1.16.tar"; url = "https://elpa.gnu.org/packages/xr-1.18.tar";
sha256 = "1s6pkbr7gkan0r9gfmix75m587d8cg6l11722v70zzgf2z9w2xg9"; sha256 = "1nq9pj47sxgpkw97c2xrkhgcwh3zsfd2a22qiqbl4i9zf2l9yy91";
}; };
packageRequires = [ emacs ]; packageRequires = [ emacs ];
meta = { meta = {

2484
pkgs/applications/editors/emacs-modes/recipes-archive-melpa.json
View File

File diff suppressed because it is too large Load Diff

6
pkgs/applications/editors/focuswriter/default.nix
View File

@ -2,11 +2,11 @@
mkDerivation rec { mkDerivation rec {
pname = "focuswriter"; pname = "focuswriter";
version = "1.7.4"; version = "1.7.5";
src = fetchurl { src = fetchurl {
url = "https://gottcode.org/focuswriter/focuswriter-${version}-src.tar.bz2"; url = "https://gottcode.org/focuswriter/focuswriter-${version}-src.tar.bz2";
sha256 = "1fli85p9d58gsg2kwmncqdcw1nmx062kddbrhr50mnsn04dc4j3g"; sha256 = "19fqxyas941xcqjj68qpj42ayq0vw5rbd4ms5kvx8jyspp7wysqc";
}; };
nativeBuildInputs = [ pkgconfig qmake qttools ]; nativeBuildInputs = [ pkgconfig qmake qttools ];
@ -22,6 +22,6 @@ mkDerivation rec {
license = licenses.gpl3Plus; license = licenses.gpl3Plus;
maintainers = with maintainers; [ madjar ]; maintainers = with maintainers; [ madjar ];
platforms = platforms.linux; platforms = platforms.linux;
homepage = https://gottcode.org/focuswriter/; homepage = "https://gottcode.org/focuswriter/";
}; };
} }

28
pkgs/applications/editors/jetbrains/default.nix
View File

@ -250,12 +250,12 @@ in
clion = buildClion rec { clion = buildClion rec {
name = "clion-${version}"; name = "clion-${version}";
version = "2019.3.3"; /* updated by script */ version = "2019.3.4"; /* updated by script */
description = "C/C++ IDE. New. Intelligent. Cross-platform"; description = "C/C++ IDE. New. Intelligent. Cross-platform";
license = stdenv.lib.licenses.unfree; license = stdenv.lib.licenses.unfree;
src = fetchurl { src = fetchurl {
url = "https://download.jetbrains.com/cpp/CLion-${version}.tar.gz"; url = "https://download.jetbrains.com/cpp/CLion-${version}.tar.gz";
sha256 = "1dvnb6mb8xgrgqzqxm2zirwm77w4pci6ibwsdh6wqpnzpqksh4iw"; /* updated by script */ sha256 = "0whd379ck79vhz14yh5g6vpl4cvgw4z9ag4mwgizmd8kbcfnvdxd"; /* updated by script */
}; };
wmClass = "jetbrains-clion"; wmClass = "jetbrains-clion";
update-channel = "CLion RELEASE"; # channel's id as in http://www.jetbrains.com/updates/updates.xml update-channel = "CLion RELEASE"; # channel's id as in http://www.jetbrains.com/updates/updates.xml
@ -263,12 +263,12 @@ in
datagrip = buildDataGrip rec { datagrip = buildDataGrip rec {
name = "datagrip-${version}"; name = "datagrip-${version}";
version = "2019.3.2"; /* updated by script */ version = "2019.3.3"; /* updated by script */
description = "Your Swiss Army Knife for Databases and SQL"; description = "Your Swiss Army Knife for Databases and SQL";
license = stdenv.lib.licenses.unfree; license = stdenv.lib.licenses.unfree;
src = fetchurl { src = fetchurl {
url = "https://download.jetbrains.com/datagrip/${name}.tar.gz"; url = "https://download.jetbrains.com/datagrip/${name}.tar.gz";
sha256 = "1aypzs5q9zgggxbpaxfd8r5ds0ck31lb00csn62npndqxa3bj7z5"; /* updated by script */ sha256 = "0zbyiw60gqcqi5bbazmsbs4qzmmxx1q034hs36k1dryf2y02jyih"; /* updated by script */
}; };
wmClass = "jetbrains-datagrip"; wmClass = "jetbrains-datagrip";
update-channel = "DataGrip RELEASE"; update-channel = "DataGrip RELEASE";
@ -276,12 +276,12 @@ in
goland = buildGoland rec { goland = buildGoland rec {
name = "goland-${version}"; name = "goland-${version}";
version = "2019.3.2"; /* updated by script */ version = "2019.3.3"; /* updated by script */
description = "Up and Coming Go IDE"; description = "Up and Coming Go IDE";
license = stdenv.lib.licenses.unfree; license = stdenv.lib.licenses.unfree;
src = fetchurl { src = fetchurl {
url = "https://download.jetbrains.com/go/${name}.tar.gz"; url = "https://download.jetbrains.com/go/${name}.tar.gz";
sha256 = "0namvc8dfm562dgvs4mrv1c6lyi4j8yxw402fkw55l0xqv3ff0a9"; /* updated by script */ sha256 = "091ym7vyb0hxzz6a1jfb88x0lj499vjd04bq8swmw14m1akmk3lf"; /* updated by script */
}; };
wmClass = "jetbrains-goland"; wmClass = "jetbrains-goland";
update-channel = "GoLand RELEASE"; update-channel = "GoLand RELEASE";
@ -315,12 +315,12 @@ in
phpstorm = buildPhpStorm rec { phpstorm = buildPhpStorm rec {
name = "phpstorm-${version}"; name = "phpstorm-${version}";
version = "2019.3.2"; /* updated by script */ version = "2019.3.3"; /* updated by script */
description = "Professional IDE for Web and PHP developers"; description = "Professional IDE for Web and PHP developers";
license = stdenv.lib.licenses.unfree; license = stdenv.lib.licenses.unfree;
src = fetchurl { src = fetchurl {
url = "https://download.jetbrains.com/webide/PhpStorm-${version}.tar.gz"; url = "https://download.jetbrains.com/webide/PhpStorm-${version}.tar.gz";
sha256 = "02qnkcri49chbbpx2f338cfs5w2kg1l7zfn6fa7qrla82zpjsqlm"; /* updated by script */ sha256 = "03ag1a40l1k8sqlywcs7kjn02c65xm3l9riyimg4hx23yi17w18h"; /* updated by script */
}; };
wmClass = "jetbrains-phpstorm"; wmClass = "jetbrains-phpstorm";
update-channel = "PhpStorm RELEASE"; update-channel = "PhpStorm RELEASE";
@ -354,12 +354,12 @@ in
rider = buildRider rec { rider = buildRider rec {
name = "rider-${version}"; name = "rider-${version}";
version = "2019.3.1"; /* updated by script */ version = "2019.3.4"; /* updated by script */
description = "A cross-platform .NET IDE based on the IntelliJ platform and ReSharper"; description = "A cross-platform .NET IDE based on the IntelliJ platform and ReSharper";
license = stdenv.lib.licenses.unfree; license = stdenv.lib.licenses.unfree;
src = fetchurl { src = fetchurl {
url = "https://download.jetbrains.com/rider/JetBrains.Rider-${version}.tar.gz"; url = "https://download.jetbrains.com/rider/JetBrains.Rider-${version}.tar.gz";
sha256 = "0cs8fc3h6d2m84ppiqjy0f3xklpc5gf0i6c4bzv04y8ngh0cwgl2"; /* updated by script */ sha256 = "17axv0v31dpmjcaij5qpqqm071mwhmf1ahy0y0h96limq8cw9872"; /* updated by script */
}; };
wmClass = "jetbrains-rider"; wmClass = "jetbrains-rider";
update-channel = "Rider RELEASE"; update-channel = "Rider RELEASE";
@ -367,12 +367,12 @@ in
ruby-mine = buildRubyMine rec { ruby-mine = buildRubyMine rec {
name = "ruby-mine-${version}"; name = "ruby-mine-${version}";
version = "2019.3.2"; /* updated by script */ version = "2019.3.3"; /* updated by script */
description = "The Most Intelligent Ruby and Rails IDE"; description = "The Most Intelligent Ruby and Rails IDE";
license = stdenv.lib.licenses.unfree; license = stdenv.lib.licenses.unfree;
src = fetchurl { src = fetchurl {
url = "https://download.jetbrains.com/ruby/RubyMine-${version}.tar.gz"; url = "https://download.jetbrains.com/ruby/RubyMine-${version}.tar.gz";
sha256 = "0mwzhvrhvsyb8r7sjcigv9jazim1zyipb3ym4xsd2gyl3ans2vm9"; /* updated by script */ sha256 = "0lkzb3rifr7r23vijcz7rqcxjpykx7dkghiq5prk1zz83hzi4b2j"; /* updated by script */
}; };
wmClass = "jetbrains-rubymine"; wmClass = "jetbrains-rubymine";
update-channel = "RubyMine RELEASE"; update-channel = "RubyMine RELEASE";
@ -380,12 +380,12 @@ in
webstorm = buildWebStorm rec { webstorm = buildWebStorm rec {
name = "webstorm-${version}"; name = "webstorm-${version}";
version = "2019.3.2"; /* updated by script */ version = "2019.3.3"; /* updated by script */
description = "Professional IDE for Web and JavaScript development"; description = "Professional IDE for Web and JavaScript development";
license = stdenv.lib.licenses.unfree; license = stdenv.lib.licenses.unfree;
src = fetchurl { src = fetchurl {
url = "https://download.jetbrains.com/webstorm/WebStorm-${version}.tar.gz"; url = "https://download.jetbrains.com/webstorm/WebStorm-${version}.tar.gz";
sha256 = "0mbfkwjqg2d1mkka0vajx41nv4f07y1w7chk6ii7sylaj7ypzi13"; /* updated by script */ sha256 = "1b7hwqpk96g4il5rbxb8cpqsizgc9k5kb8vkvkcc9xh7qqz02i85"; /* updated by script */
}; };
wmClass = "jetbrains-webstorm"; wmClass = "jetbrains-webstorm";
update-channel = "WebStorm RELEASE"; update-channel = "WebStorm RELEASE";

10
pkgs/applications/editors/neovim/gnvim/default.nix
View File

@ -11,10 +11,7 @@ rustPlatform.buildRustPackage rec {
sha256 = "11gb59lhc1sp5dxj2fdm6072f4nxxay0war3kmchdwsk41nvxlrh"; sha256 = "11gb59lhc1sp5dxj2fdm6072f4nxxay0war3kmchdwsk41nvxlrh";
}; };
# Delete this on next update; see #79975 for details cargoSha256 = "0ay7hx5bzchp772ywgxzia12c44kbyarrshl689cmqh59wphsrx5";
legacyCargoFetcher = true;
cargoSha256 = "00r5jf5qdw02vcv3522qqrnwj14mip0l58prcncbvyg4pxlm2rb2";
buildInputs = [ gtk webkitgtk ]; buildInputs = [ gtk webkitgtk ];
@ -43,8 +40,7 @@ rustPlatform.buildRustPackage rec {
meta = with stdenv.lib; { meta = with stdenv.lib; {
description = "GUI for neovim, without any web bloat"; description = "GUI for neovim, without any web bloat";
homepage = "https://github.com/vhakulinen/gnvim"; homepage = "https://github.com/vhakulinen/gnvim";
license = licenses.mit; license = licenses.mit;
maintainers = with maintainers; [ minijackson ]; maintainers = with maintainers; [ minijackson ];
inherit version;
}; };
} }

6
pkgs/applications/editors/quilter/default.nix
View File

@ -4,13 +4,13 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "quilter"; pname = "quilter";
version = "2.1.1"; version = "2.1.2";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "lainsce"; owner = "lainsce";
repo = pname; repo = pname;
rev = version; rev = version;
sha256 = "1raba835kvqq4lfpk141vg81ll7sg3jyhwyr6758pdjmncncg0wr"; sha256 = "1nk6scn98kb43h056ajycpj71jkx7b9p5g05khgl6bwj9hvjvcbw";
}; };
nativeBuildInputs = [ nativeBuildInputs = [
@ -47,7 +47,7 @@ stdenv.mkDerivation rec {
meta = with stdenv.lib; { meta = with stdenv.lib; {
description = "Focus on your writing - designed for elementary OS"; description = "Focus on your writing - designed for elementary OS";
homepage = https://github.com/lainsce/quilter; homepage = "https://github.com/lainsce/quilter";
license = licenses.gpl2Plus; license = licenses.gpl2Plus;
maintainers = pantheon.maintainers; maintainers = pantheon.maintainers;
platforms = platforms.linux; platforms = platforms.linux;

4
pkgs/applications/editors/rednotebook/default.nix
View File

@ -5,13 +5,13 @@
buildPythonApplication rec { buildPythonApplication rec {
pname = "rednotebook"; pname = "rednotebook";
version = "2.16"; version = "2.18";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "jendrikseipp"; owner = "jendrikseipp";
repo = "rednotebook"; repo = "rednotebook";
rev = "v${version}"; rev = "v${version}";
sha256 = "1cziac9pmhpxvs8qg54wbckzgjpplqb55hykg5vdwdqqs7j054aj"; sha256 = "1m75ns6vgycyi3zjlc9w2gnry1gyfz1jxhrklcxxi6aap0jxlgnr";
}; };
# We have not packaged tests. # We have not packaged tests.

4
pkgs/applications/editors/rstudio/default.nix
View File

@ -8,7 +8,7 @@ with lib;
let let
verMajor = "1"; verMajor = "1";
verMinor = "2"; verMinor = "2";
verPatch = "1335"; verPatch = "5033";
version = "${verMajor}.${verMinor}.${verPatch}"; version = "${verMajor}.${verMinor}.${verPatch}";
ginVer = "2.1.2"; ginVer = "2.1.2";
gwtVer = "2.8.1"; gwtVer = "2.8.1";
@ -26,7 +26,7 @@ mkDerivation rec {
owner = "rstudio"; owner = "rstudio";
repo = "rstudio"; repo = "rstudio";
rev = "v${version}"; rev = "v${version}";
sha256 = "0jv1d4yznv2lzwp0fdf377vqpg0k2q4z9qvji4sj86fabj835lqd"; sha256 = "0f3p2anz9xay2859bxj3bvyj582igsp628qxsccpkgn0jifvi4np";
}; };
# Hack RStudio to only use the input R and provided libclang. # Hack RStudio to only use the input R and provided libclang.

6
pkgs/applications/editors/texstudio/default.nix
View File

@ -3,13 +3,13 @@
mkDerivation rec { mkDerivation rec {
pname = "texstudio"; pname = "texstudio";
version = "2.12.20"; version = "2.12.22";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "${pname}-org"; owner = "${pname}-org";
repo = pname; repo = pname;
rev = version; rev = version;
sha256 = "0hywx2knqdrslzmm4if476ryf4ma0aw5j8kdp6lyrz2jx7az2gqa"; sha256 = "037jvsfln8wav17qj9anxz2a7p51v7ky85wmhdj2hgwp40al651g";
}; };
nativeBuildInputs = [ qmake wrapQtAppsHook pkgconfig ]; nativeBuildInputs = [ qmake wrapQtAppsHook pkgconfig ];
@ -27,6 +27,6 @@ mkDerivation rec {
homepage = http://texstudio.sourceforge.net; homepage = http://texstudio.sourceforge.net;
license = licenses.gpl2Plus; license = licenses.gpl2Plus;
platforms = [ "x86_64-linux" ]; platforms = [ "x86_64-linux" ];
maintainers = with maintainers; [ cfouche ]; maintainers = with maintainers; [ ajs124 cfouche ];
}; };
} }

6
pkgs/applications/editors/thonny/default.nix
View File

@ -4,13 +4,13 @@ with python3.pkgs;
buildPythonApplication rec { buildPythonApplication rec {
pname = "thonny"; pname = "thonny";
version = "3.2.6"; version = "3.2.7";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = pname; owner = pname;
repo = pname; repo = pname;
rev = "v${version}"; rev = "v${version}";
sha256 = "19krnxpp3i1n65zafazvdm9mvnjry5rml0y9imj4365q4bkj20g2"; sha256 = "0gzvdgg5l4j0wgkh7lp4wjabrpxvvs5m7mnpszqixxijdffjd4cj";
}; };
propagatedBuildInputs = with python3.pkgs; [ propagatedBuildInputs = with python3.pkgs; [
@ -45,7 +45,7 @@ buildPythonApplication rec {
evaluation, detailed visualization of the call stack and a mode evaluation, detailed visualization of the call stack and a mode
for explaining the concepts of references and heap. for explaining the concepts of references and heap.
''; '';
homepage = https://www.thonny.org/; homepage = "https://www.thonny.org/";
license = licenses.mit; license = licenses.mit;
maintainers = with maintainers; [ leenaars ]; maintainers = with maintainers; [ leenaars ];
platforms = platforms.linux; platforms = platforms.linux;

6
pkgs/applications/editors/vim/common.nix
View File

@ -1,12 +1,12 @@
{ lib, fetchFromGitHub }: { lib, fetchFromGitHub }:
rec { rec {
version = "8.2.0227"; version = "8.2.0343";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "vim"; owner = "vim";
repo = "vim"; repo = "vim";
rev = "v${version}"; rev = "v${version}";
sha256 = "1yi7l2yd214iv6i8pr52m272mlzps5v3h6xdgr1770xfz4y1yc0h"; sha256 = "063i52h8v7f87zamrw2ph057f0x2nzwf1s0izrm2psy41cyf4wa3";
}; };
enableParallelBuilding = true; enableParallelBuilding = true;
@ -22,7 +22,7 @@ rec {
meta = with lib; { meta = with lib; {
description = "The most popular clone of the VI editor"; description = "The most popular clone of the VI editor";
homepage = http://www.vim.org; homepage = "http://www.vim.org";
license = licenses.vim; license = licenses.vim;
maintainers = with maintainers; [ lovek323 equirosa ]; maintainers = with maintainers; [ lovek323 equirosa ];
platforms = platforms.unix; platforms = platforms.unix;

106
pkgs/applications/editors/vim/macvim-sparkle.patch
View File

@ -1,106 +0,0 @@
diff --git a/src/MacVim/English.lproj/MainMenu.nib/designable.nib b/src/MacVim/English.lproj/MainMenu.nib/designable.nib
index bdbcfdb9e..5efc78ab6 100644
--- a/src/MacVim/English.lproj/MainMenu.nib/designable.nib
+++ b/src/MacVim/English.lproj/MainMenu.nib/designable.nib
@@ -24,11 +24,6 @@
<action selector="orderFrontStandardAboutPanel:" target="-2" id="142"/>
</connections>
</menuItem>
- <menuItem title="Check for Updates…" id="255">
- <connections>
- <action selector="checkForUpdates:" target="Jqk-qh-n0J" id="Wau-rL-cbn"/>
- </connections>
- </menuItem>
<menuItem isSeparatorItem="YES" id="196">
<modifierMask key="keyEquivalentModifierMask" command="YES"/>
</menuItem>
@@ -206,6 +201,5 @@
</menuItem>
</items>
</menu>
- <customObject id="Jqk-qh-n0J" customClass="SUUpdater"/>
</objects>
</document>
diff --git a/src/MacVim/English.lproj/Preferences.nib/designable.nib b/src/MacVim/English.lproj/Preferences.nib/designable.nib
index 889450913..38afc3416 100644
--- a/src/MacVim/English.lproj/Preferences.nib/designable.nib
+++ b/src/MacVim/English.lproj/Preferences.nib/designable.nib
@@ -88,14 +88,10 @@
<rect key="frame" x="207" y="208" width="258" height="18"/>
<autoresizingMask key="autoresizingMask" flexibleMinY="YES"/>
<string key="toolTip">Checks for updates and presents a dialog box showing the release notes and prompt for whether you want to install the new version.</string>
- <buttonCell key="cell" type="check" title="Check for updates" bezelStyle="regularSquare" imagePosition="left" alignment="left" inset="2" id="975">
+ <buttonCell key="cell" type="check" title="Check for updates" bezelStyle="regularSquare" imagePosition="left" alignment="left" enabled="NO" inset="2" id="975">
<behavior key="behavior" changeContents="YES" doesNotDimImage="YES" lightByContents="YES"/>
<font key="font" metaFont="system"/>
</buttonCell>
- <connections>
- <action selector="checkForUpdatesChanged:" target="-2" id="YjS-ig-M1j"/>
- <binding destination="58" name="value" keyPath="values.SUCheckAtStartup" id="169"/>
- </connections>
</button>
<textField verticalHuggingPriority="750" id="121">
<rect key="frame" x="209" y="50" width="243" height="58"/>
@@ -186,16 +182,13 @@
<rect key="frame" x="221" y="188" width="244" height="18"/>
<autoresizingMask key="autoresizingMask" flexibleMinY="YES"/>
<string key="toolTip">MacVim will automatically download and install updates without prompting. The updated version will be used the next time MacVim starts.</string>
- <buttonCell key="cell" type="check" title="Automatically install updates" bezelStyle="regularSquare" imagePosition="left" alignment="left" inset="2" id="GfP-vg-mec">
+ <buttonCell key="cell" type="check" title="Automatically install updates" bezelStyle="regularSquare" imagePosition="left" alignment="left" enabled="NO" inset="2" id="GfP-vg-mec">
<behavior key="behavior" changeContents="YES" doesNotDimImage="YES" lightByContents="YES"/>
<font key="font" metaFont="system"/>
<connections>
<binding destination="58" name="enabled" keyPath="values.SUCheckAtStartup" id="5oY-Gf-XJN"/>
</connections>
</buttonCell>
- <connections>
- <binding destination="58" name="value" keyPath="values.SUAutomaticallyUpdate" id="kyZ-ah-zKf"/>
- </connections>
</button>
</subviews>
<point key="canvasLocation" x="137.5" y="382"/>
diff --git a/src/MacVim/MacVim.xcodeproj/project.pbxproj b/src/MacVim/MacVim.xcodeproj/project.pbxproj
index 648c4290d..c7dd99d1e 100644
--- a/src/MacVim/MacVim.xcodeproj/project.pbxproj
+++ b/src/MacVim/MacVim.xcodeproj/project.pbxproj
@@ -66,8 +66,6 @@
1DFE25A50C527BC4003000F7 /* PSMTabBarControl.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 1D493DB90C52533B00AB718C /* PSMTabBarControl.framework */; };
52818B031C1C08CE00F59085 /* QLStephen.qlgenerator in Copy QuickLookPlugin */ = {isa = PBXBuildFile; fileRef = 52818AFF1C1C075300F59085 /* QLStephen.qlgenerator */; settings = {ATTRIBUTES = (CodeSignOnCopy, ); }; };
528DA66A1426D4F9003380F1 /* macvim-askpass in Copy Scripts */ = {isa = PBXBuildFile; fileRef = 528DA6691426D4EB003380F1 /* macvim-askpass */; };
- 52A364731C4A5789005757EC /* Sparkle.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 52A364721C4A5789005757EC /* Sparkle.framework */; };
- 52A364761C4A57C1005757EC /* Sparkle.framework in Copy Frameworks */ = {isa = PBXBuildFile; fileRef = 52A364721C4A5789005757EC /* Sparkle.framework */; settings = {ATTRIBUTES = (CodeSignOnCopy, RemoveHeadersOnCopy, ); }; };
52B7ED9B1C4A4D6900AFFF15 /* dsa_pub.pem in Resources */ = {isa = PBXBuildFile; fileRef = 52B7ED9A1C4A4D6900AFFF15 /* dsa_pub.pem */; };
8D11072A0486CEB800E47090 /* MainMenu.nib in Resources */ = {isa = PBXBuildFile; fileRef = 29B97318FDCFA39411CA2CEA /* MainMenu.nib */; };
8D11072B0486CEB800E47090 /* InfoPlist.strings in Resources */ = {isa = PBXBuildFile; fileRef = 089C165CFE840E0CC02AAC07 /* InfoPlist.strings */; };
@@ -124,7 +122,6 @@
dstPath = "";
dstSubfolderSpec = 10;
files = (
- 52A364761C4A57C1005757EC /* Sparkle.framework in Copy Frameworks */,
1D493DBA0C52534300AB718C /* PSMTabBarControl.framework in Copy Frameworks */,
);
name = "Copy Frameworks";
@@ -250,7 +247,6 @@
32CA4F630368D1EE00C91783 /* MacVim_Prefix.pch */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = MacVim_Prefix.pch; sourceTree = "<group>"; };
52818AFA1C1C075300F59085 /* QuickLookStephen.xcodeproj */ = {isa = PBXFileReference; lastKnownFileType = "wrapper.pb-project"; name = QuickLookStephen.xcodeproj; path = qlstephen/QuickLookStephen.xcodeproj; sourceTree = "<group>"; };
528DA6691426D4EB003380F1 /* macvim-askpass */ = {isa = PBXFileReference; lastKnownFileType = text.script.sh; path = "macvim-askpass"; sourceTree = "<group>"; };
- 52A364721C4A5789005757EC /* Sparkle.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; path = Sparkle.framework; sourceTree = "<group>"; };
52B7ED9A1C4A4D6900AFFF15 /* dsa_pub.pem */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = dsa_pub.pem; sourceTree = "<group>"; };
8D1107310486CEB800E47090 /* Info.plist */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist; path = Info.plist; sourceTree = "<group>"; };
8D1107320486CEB800E47090 /* MacVim.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = MacVim.app; sourceTree = BUILT_PRODUCTS_DIR; };
@@ -264,7 +260,6 @@
1DFE25A50C527BC4003000F7 /* PSMTabBarControl.framework in Frameworks */,
8D11072F0486CEB800E47090 /* Cocoa.framework in Frameworks */,
1D8B5A53104AF9FF002E59D5 /* Carbon.framework in Frameworks */,
- 52A364731C4A5789005757EC /* Sparkle.framework in Frameworks */,
);
runOnlyForDeploymentPostprocessing = 0;
};
@@ -443,7 +438,6 @@
29B97323FDCFA39411CA2CEA /* Frameworks */ = {
isa = PBXGroup;
children = (
- 52A364721C4A5789005757EC /* Sparkle.framework */,
1D8B5A52104AF9FF002E59D5 /* Carbon.framework */,
1D493DB30C52533B00AB718C /* PSMTabBarControl.xcodeproj */,
1058C7A0FEA54F0111CA2CBB /* Linked Frameworks */,

28
pkgs/applications/editors/vim/macvim.nix
View File

@ -27,13 +27,13 @@ in
stdenv.mkDerivation { stdenv.mkDerivation {
pname = "macvim"; pname = "macvim";
version = "8.1.2234"; version = "8.2.319";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "macvim-dev"; owner = "macvim-dev";
repo = "macvim"; repo = "macvim";
rev = "snapshot-161"; rev = "snapshot-162";
sha256 = "1hp3y85pj1icz053g627a1wp5pnwgxhk07pyd4arwcxs2103agw4"; sha256 = "1mg55jlrz533wlqrx028fyv86rfhdzvm5kdi8xlf67flc5hh9vrp";
}; };
enableParallelBuilding = true; enableParallelBuilding = true;
@ -43,18 +43,7 @@ stdenv.mkDerivation {
gettext ncurses cscope luajit ruby tcl perl python.pkg gettext ncurses cscope luajit ruby tcl perl python.pkg
]; ];
patches = [ ./macvim.patch ./macvim-sparkle.patch ]; patches = [ ./macvim.patch ];
# The sparkle patch modified the nibs, so we have to recompile them
postPatch = ''
for nib in MainMenu Preferences; do
# redirect stdin/stdout/stderr to /dev/null because ibtool marks them nonblocking
# and not redirecting screws with subsequent commands.
# redirecting stderr is unfortunate but I don't know of a reasonable way to remove O_NONBLOCK
# from the fds.
/usr/bin/ibtool --compile src/MacVim/English.lproj/$nib.nib/keyedobjects.nib src/MacVim/English.lproj/$nib.nib >/dev/null 2>/dev/null </dev/null
done
'';
configureFlags = [ configureFlags = [
"--enable-cscope" "--enable-cscope"
@ -76,11 +65,20 @@ stdenv.mkDerivation {
"--with-tclsh=${tcl}/bin/tclsh" "--with-tclsh=${tcl}/bin/tclsh"
"--with-tlib=ncurses" "--with-tlib=ncurses"
"--with-compiledby=Nix" "--with-compiledby=Nix"
"--disable-sparkle"
"LDFLAGS=-headerpad_max_install_names" "LDFLAGS=-headerpad_max_install_names"
]; ];
makeFlags = ''PREFIX=$(out) CPPFLAGS="-Wno-error"''; makeFlags = ''PREFIX=$(out) CPPFLAGS="-Wno-error"'';
# Remove references to Sparkle.framework from the project.
# It's unused (we disabled it with --disable-sparkle) and this avoids
# copying the unnecessary several-megabyte framework into the result.
postPatch = ''
echo "Patching file src/MacVim/MacVim.xcodeproj/project.pbxproj"
sed -e '/Sparkle\.framework/d' -i src/MacVim/MacVim.xcodeproj/project.pbxproj
'';
# This is unfortunate, but we need to use the same compiler as Xcode, # This is unfortunate, but we need to use the same compiler as Xcode,
# but Xcode doesn't provide a way to configure the compiler. # but Xcode doesn't provide a way to configure the compiler.
# #

2
pkgs/applications/editors/vscode/generic.nix
View File

@ -62,7 +62,7 @@ in
else [ gtk2 at-spi2-atk wrapGAppsHook ] ++ atomEnv.packages) else [ gtk2 at-spi2-atk wrapGAppsHook ] ++ atomEnv.packages)
++ [ libsecret libXScrnSaver ]; ++ [ libsecret libXScrnSaver ];
runtimeDependencies = [ systemd.lib fontconfig.lib ]; runtimeDependencies = lib.optional (stdenv.isLinux) [ systemd.lib fontconfig.lib ];
nativeBuildInputs = lib.optional (!stdenv.isDarwin) autoPatchelfHook; nativeBuildInputs = lib.optional (!stdenv.isDarwin) autoPatchelfHook;

6
pkgs/applications/editors/vscode/vscode.nix
View File

@ -11,15 +11,15 @@ let
archive_fmt = if system == "x86_64-darwin" then "zip" else "tar.gz"; archive_fmt = if system == "x86_64-darwin" then "zip" else "tar.gz";
sha256 = { sha256 = {
x86_64-linux = "0c067qp3aa5kqya3y8pzc9cvyzsafizhgjp9dsibnfl08lvz9hbs"; x86_64-linux = "0i8dmh9w7xgzfjii4m116lavydpfpcp7fxs4bcykf0a779pzwv87";
x86_64-darwin = "0vi94nk8p3vp30nx60mwqcmfqbrmrqwvfdjbah0zm480dcjzz7dv"; x86_64-darwin = "0z0r0dmmzk3k095g7jbrrk9gl1jpb3cai973xrjw17ank1lddcjf";
}.${system}; }.${system};
in in
callPackage ./generic.nix rec { callPackage ./generic.nix rec {
# The update script doesn't correctly change the hash for darwin, so please: # The update script doesn't correctly change the hash for darwin, so please:
# nixpkgs-update: no auto update # nixpkgs-update: no auto update
version = "1.42.1"; version = "1.43.0";
pname = "vscode"; pname = "vscode";
executableName = "code" + lib.optionalString isInsiders "-insiders"; executableName = "code" + lib.optionalString isInsiders "-insiders";

6
pkgs/applications/editors/vscode/vscodium.nix
View File

@ -11,8 +11,8 @@ let
archive_fmt = if system == "x86_64-darwin" then "zip" else "tar.gz"; archive_fmt = if system == "x86_64-darwin" then "zip" else "tar.gz";
sha256 = { sha256 = {
x86_64-linux = "1pac3rv7ps23ymynvy8dwd5k2154aln33ksr75z1d8w859x3f1dy"; x86_64-linux = "139sqaixlcqlpcrn2vkcp9fxvcjgnhn2dwxclxq3bnb814pw7rba";
x86_64-darwin = "1imzgqynbd65c7gbfp2gb1cxjbazx7afvbdvbqnm5qg7pvq22rni"; x86_64-darwin = "0jkd3p1jqg38z9l22k5w7b45fdnxwrhzlgyhinw7wlqz7zvflkn1";
}.${system}; }.${system};
sourceRoot = { sourceRoot = {
@ -25,7 +25,7 @@ in
# The update script doesn't correctly change the hash for darwin, so please: # The update script doesn't correctly change the hash for darwin, so please:
# nixpkgs-update: no auto update # nixpkgs-update: no auto update
version = "1.42.1"; version = "1.43.0";
pname = "vscodium"; pname = "vscodium";
executableName = "codium"; executableName = "codium";

4
pkgs/applications/editors/vscode/with-extensions.nix
View File

@ -48,7 +48,7 @@ let
wrappedPkgName = lib.removeSuffix "-${wrappedPkgVersion}" vscode.name; wrappedPkgName = lib.removeSuffix "-${wrappedPkgVersion}" vscode.name;
combinedExtensionsDrv = buildEnv { combinedExtensionsDrv = buildEnv {
name = "${wrappedPkgName}-extensions-${wrappedPkgVersion}"; name = "vscode-extensions";
paths = vscodeExtensions; paths = vscodeExtensions;
}; };
@ -70,6 +70,6 @@ runCommand "${wrappedPkgName}-with-extensions-${wrappedPkgVersion}" {
ln -sT "${vscode}/share/applications/${executableName}.desktop" "$out/share/applications/${executableName}.desktop" ln -sT "${vscode}/share/applications/${executableName}.desktop" "$out/share/applications/${executableName}.desktop"
ln -sT "${vscode}/share/applications/${executableName}-url-handler.desktop" "$out/share/applications/${executableName}-url-handler.desktop" ln -sT "${vscode}/share/applications/${executableName}-url-handler.desktop" "$out/share/applications/${executableName}-url-handler.desktop"
makeWrapper "${vscode}/bin/${executableName}" "$out/bin/${executableName}" ${lib.optionalString (vscodeExtensions != []) '' makeWrapper "${vscode}/bin/${executableName}" "$out/bin/${executableName}" ${lib.optionalString (vscodeExtensions != []) ''
--add-flags "--extensions-dir ${combinedExtensionsDrv}/share/${wrappedPkgName}/extensions" --add-flags "--extensions-dir ${combinedExtensionsDrv}"
''} ''}
'' ''

4
pkgs/applications/graphics/rawtherapee/default.nix
View File

@ -4,14 +4,14 @@
}: }:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
version = "5.7"; version = "5.8";
pname = "rawtherapee"; pname = "rawtherapee";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "Beep6581"; owner = "Beep6581";
repo = "RawTherapee"; repo = "RawTherapee";
rev = version; rev = version;
sha256 = "0j3887a3683fqpvp66kaw6x81ai3gf5nvrbmb4cc8rb0lgj2xv2g"; sha256 = "0d644s4grfia6f3k6y0byd5pwajr12kai2kc280yxi8v3w1b12ik";
}; };
nativeBuildInputs = [ cmake pkgconfig wrapGAppsHook ]; nativeBuildInputs = [ cmake pkgconfig wrapGAppsHook ];

10
pkgs/applications/graphics/renderdoc/default.nix
View File

@ -1,6 +1,6 @@
{ stdenv, fetchFromGitHub, cmake, pkgconfig, mkDerivation { stdenv, fetchFromGitHub, cmake, pkgconfig, mkDerivation
, qtbase, qtx11extras, qtsvg, makeWrapper , qtbase, qtx11extras, qtsvg, makeWrapper
, vulkan-loader, xorg, python3, python3Packages , vulkan-loader, libglvnd, xorg, python3, python3Packages
, bison, pcre, automake, autoconf, addOpenGLRunpath , bison, pcre, automake, autoconf, addOpenGLRunpath
}: }:
let let
@ -13,14 +13,14 @@ let
pythonPackages = python3Packages; pythonPackages = python3Packages;
in in
mkDerivation rec { mkDerivation rec {
version = "1.6"; version = "1.7";
pname = "renderdoc"; pname = "renderdoc";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "baldurk"; owner = "baldurk";
repo = "renderdoc"; repo = "renderdoc";
rev = "v${version}"; rev = "v${version}";
sha256 = "0b2f9m5azzvcjbmxkwcl1d7jvvp720b81zwn19rrskznfcc2r1i8"; sha256 = "0r0y0lx48hkyf39pgippsc9q8hdcf57bdva6gx7f35vlhicx5hlz";
}; };
buildInputs = [ buildInputs = [
@ -52,8 +52,8 @@ mkDerivation rec {
dontWrapQtApps = true; dontWrapQtApps = true;
preFixup = '' preFixup = ''
wrapQtApp $out/bin/qrenderdoc --suffix LD_LIBRARY_PATH : "$out/lib:${vulkan-loader}/lib" wrapQtApp $out/bin/qrenderdoc --suffix LD_LIBRARY_PATH : "$out/lib:${vulkan-loader}/lib:${libglvnd}/lib"
wrapProgram $out/bin/renderdoccmd --suffix LD_LIBRARY_PATH : "$out/lib:${vulkan-loader}/lib" wrapProgram $out/bin/renderdoccmd --suffix LD_LIBRARY_PATH : "$out/lib:${vulkan-loader}/lib:${libglvnd}/lib"
''; '';
# The only documentation for this so far is in pkgs/build-support/add-opengl-runpath/setup-hook.sh # The only documentation for this so far is in pkgs/build-support/add-opengl-runpath/setup-hook.sh

Some files were not shown because too many files have changed in this diff Show More