diff --git a/maintainers/team-list.nix b/maintainers/team-list.nix
index 7efff7f45ec..caee548d719 100644
--- a/maintainers/team-list.nix
+++ b/maintainers/team-list.nix
@@ -33,10 +33,11 @@ with lib.maintainers; {
podman = {
members = [
+ adisbladis
saschagrunert
vdemeester
zowoq
];
- scope = "Maintain podman related packages.";
+ scope = "Maintain Podman related packages and modules.";
};
}
diff --git a/nixos/doc/manual/release-notes/rl-2003.xml b/nixos/doc/manual/release-notes/rl-2003.xml
index b0940391b56..393a9286ca4 100644
--- a/nixos/doc/manual/release-notes/rl-2003.xml
+++ b/nixos/doc/manual/release-notes/rl-2003.xml
@@ -935,8 +935,8 @@ services.dnsmasq.servers = [ "127.0.0.1#43" ];
- Haskell env and shellFor dev shell environments now organized dependencies the same way as regular builds.
- In particular, rather than receiving all the different lists of dependencies master together as one big lists, and then partitioning into Haskell and non-Hakell dependencies, they work from the original many different dependency parameters and don't need to algorithmically partition anything.
+ Haskell env and shellFor dev shell environments now organize dependencies the same way as regular builds.
+ In particular, rather than receiving all the different lists of dependencies mashed together as one big list, and then partitioning into Haskell and non-Hakell dependencies, they work from the original many different dependency parameters and don't need to algorithmically partition anything.
This means that if you incorrectly categorize a dependency, e.g. non-Haskell library dependency as a buildDepends or run-time Haskell dependency as a setupDepends, whereas things would have worked before they may not work now.
@@ -1145,9 +1145,11 @@ systemd.services.nginx.serviceConfig.User = lib.mkForce "root";
As well as this, the options security.acme.acceptTerms and either
security.acme.email or security.acme.certs.<name>.email
must be set in order to use the ACME module.
- Certificates will be regenerated anew on the next renewal date. The credentials for simp-le are
- preserved and thus it is possible to roll back to previous versions without breaking certificate
- generation.
+ Certificates will be regenerated on activation, no account or certificate will be migrated from simp-le.
+ In particular private keys will not be preserved. However, the credentials for simp-le are preserved and
+ thus it is possible to roll back to previous versions without breaking certificate generation.
+ Note also that in contrary to simp-le a new private key is recreated at each renewal by default, which can
+ have consequences if you embed your public key in apps.
diff --git a/nixos/doc/manual/release-notes/rl-2009.xml b/nixos/doc/manual/release-notes/rl-2009.xml
index 0f22f4331f4..3e29c19af8f 100644
--- a/nixos/doc/manual/release-notes/rl-2009.xml
+++ b/nixos/doc/manual/release-notes/rl-2009.xml
@@ -40,6 +40,11 @@
make use of these new options instead.
+
+
+ There is a new module for Podman(virtualisation.podman), a drop-in replacement for the Docker command line.
+
+
@@ -267,6 +272,13 @@ environment.systemPackages = [
Other Notable Changes
+
+
+ was updated from
+ 1000 to 10000 to follow the new
+ upstream systemd default.
+
+
The notmuch package move its emacs-related binaries and
diff --git a/nixos/modules/installer/cd-dvd/installation-cd-graphical-gnome.nix b/nixos/modules/installer/cd-dvd/installation-cd-graphical-gnome.nix
index 84394a1ecae..3707c4b7ec6 100644
--- a/nixos/modules/installer/cd-dvd/installation-cd-graphical-gnome.nix
+++ b/nixos/modules/installer/cd-dvd/installation-cd-graphical-gnome.nix
@@ -11,9 +11,6 @@ with lib;
services.xserver.desktopManager.gnome3.enable = true;
- # Wayland can be problematic for some hardware like Nvidia graphics cards.
- services.xserver.displayManager.defaultSession = "gnome-xorg";
-
services.xserver.displayManager.gdm = {
enable = true;
# autoSuspend makes the machine automatically suspend after inactivity.
diff --git a/nixos/modules/misc/version.nix b/nixos/modules/misc/version.nix
index ae98fba1580..a6fffb76f6e 100644
--- a/nixos/modules/misc/version.nix
+++ b/nixos/modules/misc/version.nix
@@ -109,8 +109,8 @@ in
PRETTY_NAME="NixOS ${cfg.release} (${cfg.codeName})"
LOGO="nix-snowflake"
HOME_URL="https://nixos.org/"
- DOCUMENTATION_URL="https://nixos.org/nixos/manual/index.html"
- SUPPORT_URL="https://nixos.org/nixos/support.html"
+ DOCUMENTATION_URL="https://nixos.org/learn.html"
+ SUPPORT_URL="https://nixos.org/community.html"
BUG_REPORT_URL="https://github.com/NixOS/nixpkgs/issues"
'';
diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix
index df08ac2959e..7244a7e0a89 100644
--- a/nixos/modules/module-list.nix
+++ b/nixos/modules/module-list.nix
@@ -984,6 +984,7 @@
./virtualisation/anbox.nix
./virtualisation/container-config.nix
./virtualisation/containers.nix
+ ./virtualisation/nixos-containers.nix
./virtualisation/cri-o.nix
./virtualisation/docker.nix
./virtualisation/docker-containers.nix
@@ -997,6 +998,7 @@
./virtualisation/kvmgt.nix
./virtualisation/openvswitch.nix
./virtualisation/parallels-guest.nix
+ ./virtualisation/podman.nix
./virtualisation/qemu-guest-agent.nix
./virtualisation/railcar.nix
./virtualisation/rkt.nix
diff --git a/nixos/modules/services/networking/tailscale.nix b/nixos/modules/services/networking/tailscale.nix
index 513c42b4011..4d6aeb75ebd 100644
--- a/nixos/modules/services/networking/tailscale.nix
+++ b/nixos/modules/services/networking/tailscale.nix
@@ -37,7 +37,10 @@ in {
RuntimeDirectoryMode = 755;
StateDirectory = "tailscale";
- StateDirectoryMode = 700;
+ StateDirectoryMode = 750;
+
+ CacheDirectory = "tailscale";
+ CacheDirectoryMode = 750;
Restart = "on-failure";
};
diff --git a/nixos/modules/services/security/oauth2_proxy.nix b/nixos/modules/services/security/oauth2_proxy.nix
index 2abb9ec32ac..46caadee204 100644
--- a/nixos/modules/services/security/oauth2_proxy.nix
+++ b/nixos/modules/services/security/oauth2_proxy.nix
@@ -12,7 +12,7 @@ let
# command-line to launch oauth2_proxy.
providerSpecificOptions = {
azure = cfg: {
- azure.tenant = cfg.azure.tenant;
+ azure-tenant = cfg.azure.tenant;
resource = cfg.azure.resource;
};
@@ -44,6 +44,7 @@ let
pass-access-token = passAccessToken;
pass-basic-auth = passBasicAuth;
pass-host-header = passHostHeader;
+ reverse-proxy = reverseProxy;
proxy-prefix = proxyPrefix;
profile-url = profileURL;
redeem-url = redeemURL;
@@ -65,8 +66,8 @@ let
} // lib.optionalAttrs (cfg.htpasswd.file != null) {
display-htpasswd-file = cfg.htpasswd.displayForm;
} // lib.optionalAttrs tls.enable {
- tls-cert = tls.certificate;
- tls-key = tls.key;
+ tls-cert-file = tls.certificate;
+ tls-key-file = tls.key;
https-address = tls.httpsAddress;
} // (getProviderOptions cfg cfg.provider) // cfg.extraConfig;
@@ -98,14 +99,21 @@ in
##############################################
# PROVIDER configuration
+ # Taken from: https://github.com/pusher/oauth2_proxy/blob/master/providers/providers.go
provider = mkOption {
type = types.enum [
"google"
- "github"
"azure"
+ "facebook"
+ "github"
+ "keycloak"
"gitlab"
"linkedin"
- "myusa"
+ "login.gov"
+ "bitbucket"
+ "nextcloud"
+ "digitalocean"
+ "oidc"
];
default = "google";
description = ''
@@ -433,6 +441,17 @@ in
'';
};
+ reverseProxy = mkOption {
+ type = types.bool;
+ default = false;
+ description = ''
+ In case when running behind a reverse proxy, controls whether headers
+ like X-Real-Ip are accepted. Usage behind a reverse
+ proxy will require this flag to be set to avoid logging the reverse
+ proxy IP address.
+ '';
+ };
+
proxyPrefix = mkOption {
type = types.str;
default = "/oauth2";
diff --git a/nixos/modules/services/web-servers/apache-httpd/default.nix b/nixos/modules/services/web-servers/apache-httpd/default.nix
index 832c8b30ee9..5e55baa203a 100644
--- a/nixos/modules/services/web-servers/apache-httpd/default.nix
+++ b/nixos/modules/services/web-servers/apache-httpd/default.nix
@@ -12,7 +12,7 @@ let
httpdConf = cfg.configFile;
- php = cfg.phpPackage.override { apacheHttpd = pkg.dev; /* otherwise it only gets .out */ };
+ php = cfg.phpPackage.override { apacheHttpd = pkg; };
phpMajorVersion = lib.versions.major (lib.getVersion php);
@@ -338,6 +338,7 @@ let
}
''
cat ${php}/etc/php.ini > $out
+ cat ${php}/lib/custom-php.ini > $out
echo "$options" >> $out
'';
diff --git a/nixos/modules/services/web-servers/phpfpm/default.nix b/nixos/modules/services/web-servers/phpfpm/default.nix
index 3db19c781d0..d090885a8ca 100644
--- a/nixos/modules/services/web-servers/phpfpm/default.nix
+++ b/nixos/modules/services/web-servers/phpfpm/default.nix
@@ -209,14 +209,14 @@ in {
user = "php";
group = "php";
phpPackage = pkgs.php;
- settings = '''
+ settings = {
"pm" = "dynamic";
"pm.max_children" = 75;
"pm.start_servers" = 10;
"pm.min_spare_servers" = 5;
"pm.max_spare_servers" = 20;
"pm.max_requests" = 500;
- ''';
+ };
}
}'';
description = ''
diff --git a/nixos/modules/system/boot/systemd.nix b/nixos/modules/system/boot/systemd.nix
index 518d875841b..f955746f78a 100644
--- a/nixos/modules/system/boot/systemd.nix
+++ b/nixos/modules/system/boot/systemd.nix
@@ -597,7 +597,7 @@ in
};
services.journald.rateLimitBurst = mkOption {
- default = 1000;
+ default = 10000;
type = types.int;
description = ''
Configures the rate limiting burst limit (number of messages per
diff --git a/nixos/modules/virtualisation/containers.nix b/nixos/modules/virtualisation/containers.nix
index 2db5c117aa7..e6127e28486 100644
--- a/nixos/modules/virtualisation/containers.nix
+++ b/nixos/modules/virtualisation/containers.nix
@@ -1,838 +1,150 @@
{ config, lib, pkgs, ... }:
-
-with lib;
-
let
+ cfg = config.virtualisation.containers;
- # The container's init script, a small wrapper around the regular
- # NixOS stage-2 init script.
- containerInit = (cfg:
- let
- renderExtraVeth = (name: cfg:
- ''
- echo "Bringing ${name} up"
- ip link set dev ${name} up
- ${optionalString (cfg.localAddress != null) ''
- echo "Setting ip for ${name}"
- ip addr add ${cfg.localAddress} dev ${name}
- ''}
- ${optionalString (cfg.localAddress6 != null) ''
- echo "Setting ip6 for ${name}"
- ip -6 addr add ${cfg.localAddress6} dev ${name}
- ''}
- ${optionalString (cfg.hostAddress != null) ''
- echo "Setting route to host for ${name}"
- ip route add ${cfg.hostAddress} dev ${name}
- ''}
- ${optionalString (cfg.hostAddress6 != null) ''
- echo "Setting route6 to host for ${name}"
- ip -6 route add ${cfg.hostAddress6} dev ${name}
- ''}
- ''
- );
- in
- pkgs.writeScript "container-init"
- ''
- #! ${pkgs.runtimeShell} -e
+ inherit (lib) mkOption types;
- # Initialise the container side of the veth pair.
- if [ -n "$HOST_ADDRESS" ] || [ -n "$HOST_ADDRESS6" ] ||
- [ -n "$LOCAL_ADDRESS" ] || [ -n "$LOCAL_ADDRESS6" ] ||
- [ -n "$HOST_BRIDGE" ]; then
- ip link set host0 name eth0
- ip link set dev eth0 up
+ # Once https://github.com/NixOS/nixpkgs/pull/75584 is merged we can use the TOML generator
+ toTOML = name: value: pkgs.runCommandNoCC name {
+ nativeBuildInputs = [ pkgs.remarshal ];
+ value = builtins.toJSON value;
+ passAsFile = [ "value" ];
+ } ''
+ json2toml "$valuePath" "$out"
+ '';
- if [ -n "$LOCAL_ADDRESS" ]; then
- ip addr add $LOCAL_ADDRESS dev eth0
- fi
- if [ -n "$LOCAL_ADDRESS6" ]; then
- ip -6 addr add $LOCAL_ADDRESS6 dev eth0
- fi
- if [ -n "$HOST_ADDRESS" ]; then
- ip route add $HOST_ADDRESS dev eth0
- ip route add default via $HOST_ADDRESS
- fi
- if [ -n "$HOST_ADDRESS6" ]; then
- ip -6 route add $HOST_ADDRESS6 dev eth0
- ip -6 route add default via $HOST_ADDRESS6
- fi
-
- ${concatStringsSep "\n" (mapAttrsToList renderExtraVeth cfg.extraVeths)}
- fi
-
- # Start the regular stage 1 script.
- exec "$1"
- ''
- );
-
- nspawnExtraVethArgs = (name: cfg: "--network-veth-extra=${name}");
-
- startScript = cfg:
- ''
- mkdir -p -m 0755 "$root/etc" "$root/var/lib"
- mkdir -p -m 0700 "$root/var/lib/private" "$root/root" /run/containers
- if ! [ -e "$root/etc/os-release" ]; then
- touch "$root/etc/os-release"
- fi
-
- if ! [ -e "$root/etc/machine-id" ]; then
- touch "$root/etc/machine-id"
- fi
-
- mkdir -p -m 0755 \
- "/nix/var/nix/profiles/per-container/$INSTANCE" \
- "/nix/var/nix/gcroots/per-container/$INSTANCE"
-
- cp --remove-destination /etc/resolv.conf "$root/etc/resolv.conf"
-
- if [ "$PRIVATE_NETWORK" = 1 ]; then
- extraFlags+=" --private-network"
- fi
-
- if [ -n "$HOST_ADDRESS" ] || [ -n "$LOCAL_ADDRESS" ] ||
- [ -n "$HOST_ADDRESS6" ] || [ -n "$LOCAL_ADDRESS6" ]; then
- extraFlags+=" --network-veth"
- fi
-
- if [ -n "$HOST_PORT" ]; then
- OIFS=$IFS
- IFS=","
- for i in $HOST_PORT
- do
- extraFlags+=" --port=$i"
- done
- IFS=$OIFS
- fi
-
- if [ -n "$HOST_BRIDGE" ]; then
- extraFlags+=" --network-bridge=$HOST_BRIDGE"
- fi
-
- extraFlags+=" ${concatStringsSep " " (mapAttrsToList nspawnExtraVethArgs cfg.extraVeths)}"
-
- for iface in $INTERFACES; do
- extraFlags+=" --network-interface=$iface"
- done
-
- for iface in $MACVLANS; do
- extraFlags+=" --network-macvlan=$iface"
- done
-
- # If the host is 64-bit and the container is 32-bit, add a
- # --personality flag.
- ${optionalString (config.nixpkgs.localSystem.system == "x86_64-linux") ''
- if [ "$(< ''${SYSTEM_PATH:-/nix/var/nix/profiles/per-container/$INSTANCE/system}/system)" = i686-linux ]; then
- extraFlags+=" --personality=x86"
- fi
- ''}
-
- # Run systemd-nspawn without startup notification (we'll
- # wait for the container systemd to signal readiness).
- exec ${config.systemd.package}/bin/systemd-nspawn \
- --keep-unit \
- -M "$INSTANCE" -D "$root" $extraFlags \
- $EXTRA_NSPAWN_FLAGS \
- --notify-ready=yes \
- --bind-ro=/nix/store \
- --bind-ro=/nix/var/nix/db \
- --bind-ro=/nix/var/nix/daemon-socket \
- --bind="/nix/var/nix/profiles/per-container/$INSTANCE:/nix/var/nix/profiles" \
- --bind="/nix/var/nix/gcroots/per-container/$INSTANCE:/nix/var/nix/gcroots" \
- ${optionalString (!cfg.ephemeral) "--link-journal=try-guest"} \
- --setenv PRIVATE_NETWORK="$PRIVATE_NETWORK" \
- --setenv HOST_BRIDGE="$HOST_BRIDGE" \
- --setenv HOST_ADDRESS="$HOST_ADDRESS" \
- --setenv LOCAL_ADDRESS="$LOCAL_ADDRESS" \
- --setenv HOST_ADDRESS6="$HOST_ADDRESS6" \
- --setenv LOCAL_ADDRESS6="$LOCAL_ADDRESS6" \
- --setenv HOST_PORT="$HOST_PORT" \
- --setenv PATH="$PATH" \
- ${optionalString cfg.ephemeral "--ephemeral"} \
- ${if cfg.additionalCapabilities != null && cfg.additionalCapabilities != [] then
- ''--capability="${concatStringsSep "," cfg.additionalCapabilities}"'' else ""
- } \
- ${if cfg.tmpfs != null && cfg.tmpfs != [] then
- ''--tmpfs=${concatStringsSep " --tmpfs=" cfg.tmpfs}'' else ""
- } \
- ${containerInit cfg} "''${SYSTEM_PATH:-/nix/var/nix/profiles/system}/init"
- '';
-
- preStartScript = cfg:
- ''
- # Clean up existing machined registration and interfaces.
- machinectl terminate "$INSTANCE" 2> /dev/null || true
-
- if [ -n "$HOST_ADDRESS" ] || [ -n "$LOCAL_ADDRESS" ] ||
- [ -n "$HOST_ADDRESS6" ] || [ -n "$LOCAL_ADDRESS6" ]; then
- ip link del dev "ve-$INSTANCE" 2> /dev/null || true
- ip link del dev "vb-$INSTANCE" 2> /dev/null || true
- fi
-
- ${concatStringsSep "\n" (
- mapAttrsToList (name: cfg:
- ''ip link del dev ${name} 2> /dev/null || true ''
- ) cfg.extraVeths
- )}
- '';
-
- postStartScript = (cfg:
- let
- ipcall = cfg: ipcmd: variable: attribute:
- if cfg.${attribute} == null then
- ''
- if [ -n "${variable}" ]; then
- ${ipcmd} add ${variable} dev $ifaceHost
- fi
- ''
- else
- ''${ipcmd} add ${cfg.${attribute}} dev $ifaceHost'';
- renderExtraVeth = name: cfg:
- if cfg.hostBridge != null then
- ''
- # Add ${name} to bridge ${cfg.hostBridge}
- ip link set dev ${name} master ${cfg.hostBridge} up
- ''
- else
- ''
- echo "Bring ${name} up"
- ip link set dev ${name} up
- # Set IPs and routes for ${name}
- ${optionalString (cfg.hostAddress != null) ''
- ip addr add ${cfg.hostAddress} dev ${name}
- ''}
- ${optionalString (cfg.hostAddress6 != null) ''
- ip -6 addr add ${cfg.hostAddress6} dev ${name}
- ''}
- ${optionalString (cfg.localAddress != null) ''
- ip route add ${cfg.localAddress} dev ${name}
- ''}
- ${optionalString (cfg.localAddress6 != null) ''
- ip -6 route add ${cfg.localAddress6} dev ${name}
- ''}
- '';
- in
- ''
- if [ -n "$HOST_ADDRESS" ] || [ -n "$LOCAL_ADDRESS" ] ||
- [ -n "$HOST_ADDRESS6" ] || [ -n "$LOCAL_ADDRESS6" ]; then
- if [ -z "$HOST_BRIDGE" ]; then
- ifaceHost=ve-$INSTANCE
- ip link set dev $ifaceHost up
-
- ${ipcall cfg "ip addr" "$HOST_ADDRESS" "hostAddress"}
- ${ipcall cfg "ip -6 addr" "$HOST_ADDRESS6" "hostAddress6"}
- ${ipcall cfg "ip route" "$LOCAL_ADDRESS" "localAddress"}
- ${ipcall cfg "ip -6 route" "$LOCAL_ADDRESS6" "localAddress6"}
- fi
- ${concatStringsSep "\n" (mapAttrsToList renderExtraVeth cfg.extraVeths)}
- fi
- ''
- );
-
- serviceDirectives = cfg: {
- ExecReload = pkgs.writeScript "reload-container"
- ''
- #! ${pkgs.runtimeShell} -e
- ${pkgs.nixos-container}/bin/nixos-container run "$INSTANCE" -- \
- bash --login -c "''${SYSTEM_PATH:-/nix/var/nix/profiles/system}/bin/switch-to-configuration test"
- '';
-
- SyslogIdentifier = "container %i";
-
- EnvironmentFile = "-/etc/containers/%i.conf";
-
- Type = "notify";
-
- RuntimeDirectory = lib.optional cfg.ephemeral "containers/%i";
-
- # Note that on reboot, systemd-nspawn returns 133, so this
- # unit will be restarted. On poweroff, it returns 0, so the
- # unit won't be restarted.
- RestartForceExitStatus = "133";
- SuccessExitStatus = "133";
-
- # Some containers take long to start
- # especially when you automatically start many at once
- TimeoutStartSec = cfg.timeoutStartSec;
-
- Restart = "on-failure";
-
- Slice = "machine.slice";
- Delegate = true;
-
- # Hack: we don't want to kill systemd-nspawn, since we call
- # "machinectl poweroff" in preStop to shut down the
- # container cleanly. But systemd requires sending a signal
- # (at least if we want remaining processes to be killed
- # after the timeout). So send an ignored signal.
- KillMode = "mixed";
- KillSignal = "WINCH";
-
- DevicePolicy = "closed";
- DeviceAllow = map (d: "${d.node} ${d.modifier}") cfg.allowedDevices;
+ # Copy configuration files to avoid having the entire sources in the system closure
+ copyFile = filePath: pkgs.runCommandNoCC (builtins.unsafeDiscardStringContext (builtins.baseNameOf filePath)) {} ''
+ cp ${filePath} $out
+ '';
+in
+{
+ meta = {
+ maintainers = [] ++ lib.teams.podman.members;
};
+ options.virtualisation.containers = {
- system = config.nixpkgs.localSystem.system;
-
- bindMountOpts = { name, ... }: {
-
- options = {
- mountPoint = mkOption {
- example = "/mnt/usb";
- type = types.str;
- description = "Mount point on the container file system.";
- };
- hostPath = mkOption {
- default = null;
- example = "/home/alice";
- type = types.nullOr types.str;
- description = "Location of the host path to be mounted.";
- };
- isReadOnly = mkOption {
- default = true;
+ enable =
+ mkOption {
type = types.bool;
- description = "Determine whether the mounted path will be accessed in read-only mode.";
- };
- };
-
- config = {
- mountPoint = mkDefault name;
- };
-
- };
-
- allowedDeviceOpts = { ... }: {
- options = {
- node = mkOption {
- example = "/dev/net/tun";
- type = types.str;
- description = "Path to device node";
- };
- modifier = mkOption {
- example = "rw";
- type = types.str;
+ default = false;
description = ''
- Device node access modifier. Takes a combination
- r (read), w (write), and
- m (mknod). See the
- systemd.resource-control(5) man page for more
- information.'';
+ This option enables the common libpod container configuration module.
+ '';
+ };
+
+ registries = {
+ search = mkOption {
+ type = types.listOf types.str;
+ default = [ "docker.io" "quay.io" ];
+ description = ''
+ List of repositories to search.
+ '';
+ };
+
+ insecure = mkOption {
+ default = [];
+ type = types.listOf types.str;
+ description = ''
+ List of insecure repositories.
+ '';
+ };
+
+ block = mkOption {
+ default = [];
+ type = types.listOf types.str;
+ description = ''
+ List of blocked repositories.
+ '';
};
};
- };
-
- mkBindFlag = d:
- let flagPrefix = if d.isReadOnly then " --bind-ro=" else " --bind=";
- mountstr = if d.hostPath != null then "${d.hostPath}:${d.mountPoint}" else "${d.mountPoint}";
- in flagPrefix + mountstr ;
-
- mkBindFlags = bs: concatMapStrings mkBindFlag (lib.attrValues bs);
-
- networkOptions = {
- hostBridge = mkOption {
- type = types.nullOr types.str;
- default = null;
- example = "br0";
+ policy = mkOption {
+ default = {};
+ type = types.attrs;
+ example = lib.literalExample ''
+ {
+ default = [ { type = "insecureAcceptAnything"; } ];
+ transports = {
+ docker-daemon = {
+ "" = [ { type = "insecureAcceptAnything"; } ];
+ };
+ };
+ }
+ '';
description = ''
- Put the host-side of the veth-pair into the named bridge.
- Only one of hostAddress* or hostBridge can be given.
+ Signature verification policy file.
+ If this option is empty the default policy file from
+ skopeo will be used.
'';
};
- forwardPorts = mkOption {
- type = types.listOf (types.submodule {
+ users = mkOption {
+ default = [];
+ type = types.listOf types.str;
+ description = ''
+ List of users to set up subuid/subgid mappings for.
+ This is a requirement for running rootless containers.
+ '';
+ };
+
+ libpod = mkOption {
+ default = {};
+ description = "Libpod configuration";
+ type = types.submodule {
options = {
- protocol = mkOption {
- type = types.str;
- default = "tcp";
- description = "The protocol specifier for port forwarding between host and container";
- };
- hostPort = mkOption {
- type = types.int;
- description = "Source port of the external interface on host";
- };
- containerPort = mkOption {
- type = types.nullOr types.int;
- default = null;
- description = "Target port of container";
+
+ extraConfig = mkOption {
+ type = types.lines;
+ default = "";
+ description = ''
+ Extra configuration that should be put in the libpod.conf
+ configuration file
+ '';
+
};
};
- });
- default = [];
- example = [ { protocol = "tcp"; hostPort = 8080; containerPort = 80; } ];
- description = ''
- List of forwarded ports from host to container. Each forwarded port
- is specified by protocol, hostPort and containerPort. By default,
- protocol is tcp and hostPort and containerPort are assumed to be
- the same if containerPort is not explicitly given.
- '';
- };
-
-
- hostAddress = mkOption {
- type = types.nullOr types.str;
- default = null;
- example = "10.231.136.1";
- description = ''
- The IPv4 address assigned to the host interface.
- (Not used when hostBridge is set.)
- '';
- };
-
- hostAddress6 = mkOption {
- type = types.nullOr types.str;
- default = null;
- example = "fc00::1";
- description = ''
- The IPv6 address assigned to the host interface.
- (Not used when hostBridge is set.)
- '';
- };
-
- localAddress = mkOption {
- type = types.nullOr types.str;
- default = null;
- example = "10.231.136.2";
- description = ''
- The IPv4 address assigned to the interface in the container.
- If a hostBridge is used, this should be given with netmask to access
- the whole network. Otherwise the default netmask is /32 and routing is
- set up from localAddress to hostAddress and back.
- '';
- };
-
- localAddress6 = mkOption {
- type = types.nullOr types.str;
- default = null;
- example = "fc00::2";
- description = ''
- The IPv6 address assigned to the interface in the container.
- If a hostBridge is used, this should be given with netmask to access
- the whole network. Otherwise the default netmask is /128 and routing is
- set up from localAddress6 to hostAddress6 and back.
- '';
- };
-
- };
-
- dummyConfig =
- {
- extraVeths = {};
- additionalCapabilities = [];
- ephemeral = false;
- timeoutStartSec = "15s";
- allowedDevices = [];
- hostAddress = null;
- hostAddress6 = null;
- localAddress = null;
- localAddress6 = null;
- tmpfs = null;
- };
-
-in
-
-{
- options = {
-
- boot.isContainer = mkOption {
- type = types.bool;
- default = false;
- description = ''
- Whether this NixOS machine is a lightweight container running
- in another NixOS system.
- '';
- };
-
- boot.enableContainers = mkOption {
- type = types.bool;
- default = !config.boot.isContainer;
- description = ''
- Whether to enable support for NixOS containers.
- '';
- };
-
- containers = mkOption {
- type = types.attrsOf (types.submodule (
- { config, options, name, ... }:
- {
- options = {
-
- config = mkOption {
- description = ''
- A specification of the desired configuration of this
- container, as a NixOS module.
- '';
- type = let
- confPkgs = if config.pkgs == null then pkgs else config.pkgs;
- in lib.mkOptionType {
- name = "Toplevel NixOS config";
- merge = loc: defs: (import (confPkgs.path + "/nixos/lib/eval-config.nix") {
- inherit system;
- pkgs = confPkgs;
- baseModules = import (confPkgs.path + "/nixos/modules/module-list.nix");
- inherit (confPkgs) lib;
- modules =
- let
- extraConfig = {
- _file = "module at ${__curPos.file}:${toString __curPos.line}";
- config = {
- boot.isContainer = true;
- networking.hostName = mkDefault name;
- networking.useDHCP = false;
- assertions = [
- {
- assertion = config.privateNetwork -> stringLength name < 12;
- message = ''
- Container name `${name}` is too long: When `privateNetwork` is enabled, container names can
- not be longer than 11 characters, because the container's interface name is derived from it.
- This might be fixed in the future. See https://github.com/NixOS/nixpkgs/issues/38509
- '';
- }
- ];
- };
- };
- in [ extraConfig ] ++ (map (x: x.value) defs);
- prefix = [ "containers" name ];
- }).config;
- };
- };
-
- path = mkOption {
- type = types.path;
- example = "/nix/var/nix/profiles/containers/webserver";
- description = ''
- As an alternative to specifying
- , you can specify the path to
- the evaluated NixOS system configuration, typically a
- symlink to a system profile.
- '';
- };
-
- additionalCapabilities = mkOption {
- type = types.listOf types.str;
- default = [];
- example = [ "CAP_NET_ADMIN" "CAP_MKNOD" ];
- description = ''
- Grant additional capabilities to the container. See the
- capabilities(7) and systemd-nspawn(1) man pages for more
- information.
- '';
- };
-
- pkgs = mkOption {
- type = types.nullOr types.attrs;
- default = null;
- example = literalExample "pkgs";
- description = ''
- Customise which nixpkgs to use for this container.
- '';
- };
-
- ephemeral = mkOption {
- type = types.bool;
- default = false;
- description = ''
- Runs container in ephemeral mode with the empty root filesystem at boot.
- This way container will be bootstrapped from scratch on each boot
- and will be cleaned up on shutdown leaving no traces behind.
- Useful for completely stateless, reproducible containers.
-
- Note that this option might require to do some adjustments to the container configuration,
- e.g. you might want to set
- systemd.network.networks.$interface.dhcpConfig.ClientIdentifier to "mac"
- if you use macvlans option.
- This way dhcp client identifier will be stable between the container restarts.
-
- Note that the container journal will not be linked to the host if this option is enabled.
- '';
- };
-
- enableTun = mkOption {
- type = types.bool;
- default = false;
- description = ''
- Allows the container to create and setup tunnel interfaces
- by granting the NET_ADMIN capability and
- enabling access to /dev/net/tun.
- '';
- };
-
- privateNetwork = mkOption {
- type = types.bool;
- default = false;
- description = ''
- Whether to give the container its own private virtual
- Ethernet interface. The interface is called
- eth0, and is hooked up to the interface
- ve-container-name
- on the host. If this option is not set, then the
- container shares the network interfaces of the host,
- and can bind to any port on any interface.
- '';
- };
-
- interfaces = mkOption {
- type = types.listOf types.str;
- default = [];
- example = [ "eth1" "eth2" ];
- description = ''
- The list of interfaces to be moved into the container.
- '';
- };
-
- macvlans = mkOption {
- type = types.listOf types.str;
- default = [];
- example = [ "eth1" "eth2" ];
- description = ''
- The list of host interfaces from which macvlans will be
- created. For each interface specified, a macvlan interface
- will be created and moved to the container.
- '';
- };
-
- extraVeths = mkOption {
- type = with types; attrsOf (submodule { options = networkOptions; });
- default = {};
- description = ''
- Extra veth-pairs to be created for the container
- '';
- };
-
- autoStart = mkOption {
- type = types.bool;
- default = false;
- description = ''
- Whether the container is automatically started at boot-time.
- '';
- };
-
- timeoutStartSec = mkOption {
- type = types.str;
- default = "1min";
- description = ''
- Time for the container to start. In case of a timeout,
- the container processes get killed.
- See systemd.time
- 7
- for more information about the format.
- '';
- };
-
- bindMounts = mkOption {
- type = with types; loaOf (submodule bindMountOpts);
- default = {};
- example = literalExample ''
- { "/home" = { hostPath = "/home/alice";
- isReadOnly = false; };
- }
- '';
-
- description =
- ''
- An extra list of directories that is bound to the container.
- '';
- };
-
- allowedDevices = mkOption {
- type = with types; listOf (submodule allowedDeviceOpts);
- default = [];
- example = [ { node = "/dev/net/tun"; modifier = "rw"; } ];
- description = ''
- A list of device nodes to which the containers has access to.
- '';
- };
-
- tmpfs = mkOption {
- type = types.listOf types.str;
- default = [];
- example = [ "/var" ];
- description = ''
- Mounts a set of tmpfs file systems into the container.
- Multiple paths can be specified.
- Valid items must conform to the --tmpfs argument
- of systemd-nspawn. See systemd-nspawn(1) for details.
- '';
- };
-
- extraFlags = mkOption {
- type = types.listOf types.str;
- default = [];
- example = [ "--drop-capability=CAP_SYS_CHROOT" ];
- description = ''
- Extra flags passed to the systemd-nspawn command.
- See systemd-nspawn(1) for details.
- '';
- };
-
- } // networkOptions;
-
- config = mkMerge
- [
- (mkIf options.config.isDefined {
- path = config.config.system.build.toplevel;
- })
- ];
- }));
-
- default = {};
- example = literalExample
- ''
- { webserver =
- { path = "/nix/var/nix/profiles/webserver";
- };
- database =
- { config =
- { config, pkgs, ... }:
- { services.postgresql.enable = true;
- services.postgresql.package = pkgs.postgresql_9_6;
-
- system.stateVersion = "17.03";
- };
- };
- }
- '';
- description = ''
- A set of NixOS system configurations to be run as lightweight
- containers. Each container appears as a service
- container-name
- on the host system, allowing it to be started and stopped via
- systemctl.
- '';
- };
-
- };
-
-
- config = mkIf (config.boot.enableContainers) (let
-
- unit = {
- description = "Container '%i'";
-
- unitConfig.RequiresMountsFor = "/var/lib/containers/%i";
-
- path = [ pkgs.iproute ];
-
- environment = {
- root = "/var/lib/containers/%i";
- INSTANCE = "%i";
};
-
- preStart = preStartScript dummyConfig;
-
- script = startScript dummyConfig;
-
- postStart = postStartScript dummyConfig;
-
- preStop = "machinectl poweroff $INSTANCE";
-
- restartIfChanged = false;
-
- serviceConfig = serviceDirectives dummyConfig;
};
- in {
- systemd.targets.multi-user.wants = [ "machines.target" ];
- systemd.services = listToAttrs (filter (x: x.value != null) (
- # The generic container template used by imperative containers
- [{ name = "container@"; value = unit; }]
- # declarative containers
- ++ (mapAttrsToList (name: cfg: nameValuePair "container@${name}" (let
- containerConfig = cfg // (
- if cfg.enableTun then
- {
- allowedDevices = cfg.allowedDevices
- ++ [ { node = "/dev/net/tun"; modifier = "rw"; } ];
- additionalCapabilities = cfg.additionalCapabilities
- ++ [ "CAP_NET_ADMIN" ];
- }
- else {});
- in
- recursiveUpdate unit {
- preStart = preStartScript containerConfig;
- script = startScript containerConfig;
- postStart = postStartScript containerConfig;
- serviceConfig = serviceDirectives containerConfig;
- unitConfig.RequiresMountsFor = lib.optional (!containerConfig.ephemeral) "/var/lib/containers/%i";
- environment.root = if containerConfig.ephemeral then "/run/containers/%i" else "/var/lib/containers/%i";
- } // (
- if containerConfig.autoStart then
- {
- wantedBy = [ "machines.target" ];
- wants = [ "network.target" ];
- after = [ "network.target" ];
- restartTriggers = [
- containerConfig.path
- config.environment.etc."containers/${name}.conf".source
- ];
- restartIfChanged = true;
- }
- else {})
- )) config.containers)
- ));
+ };
- # Generate a configuration file in /etc/containers for each
- # container so that container@.target can get the container
- # configuration.
- environment.etc =
- let mkPortStr = p: p.protocol + ":" + (toString p.hostPort) + ":" + (if p.containerPort == null then toString p.hostPort else toString p.containerPort);
- in mapAttrs' (name: cfg: nameValuePair "containers/${name}.conf"
- { text =
- ''
- SYSTEM_PATH=${cfg.path}
- ${optionalString cfg.privateNetwork ''
- PRIVATE_NETWORK=1
- ${optionalString (cfg.hostBridge != null) ''
- HOST_BRIDGE=${cfg.hostBridge}
- ''}
- ${optionalString (length cfg.forwardPorts > 0) ''
- HOST_PORT=${concatStringsSep "," (map mkPortStr cfg.forwardPorts)}
- ''}
- ${optionalString (cfg.hostAddress != null) ''
- HOST_ADDRESS=${cfg.hostAddress}
- ''}
- ${optionalString (cfg.hostAddress6 != null) ''
- HOST_ADDRESS6=${cfg.hostAddress6}
- ''}
- ${optionalString (cfg.localAddress != null) ''
- LOCAL_ADDRESS=${cfg.localAddress}
- ''}
- ${optionalString (cfg.localAddress6 != null) ''
- LOCAL_ADDRESS6=${cfg.localAddress6}
- ''}
- ''}
- INTERFACES="${toString cfg.interfaces}"
- MACVLANS="${toString cfg.macvlans}"
- ${optionalString cfg.autoStart ''
- AUTO_START=1
- ''}
- EXTRA_NSPAWN_FLAGS="${mkBindFlags cfg.bindMounts +
- optionalString (cfg.extraFlags != [])
- (" " + concatStringsSep " " cfg.extraFlags)}"
- '';
- }) config.containers;
+ config = lib.mkIf cfg.enable {
- # Generate /etc/hosts entries for the containers.
- networking.extraHosts = concatStrings (mapAttrsToList (name: cfg: optionalString (cfg.localAddress != null)
- ''
- ${head (splitString "/" cfg.localAddress)} ${name}.containers
- '') config.containers);
+ environment.etc."containers/libpod.conf".text = ''
+ cni_plugin_dir = ["${pkgs.cni-plugins}/bin/"]
+ cni_config_dir = "/etc/cni/net.d/"
- networking.dhcpcd.denyInterfaces = [ "ve-*" "vb-*" ];
+ '' + cfg.libpod.extraConfig;
- services.udev.extraRules = optionalString config.networking.networkmanager.enable ''
- # Don't manage interfaces created by nixos-container.
- ENV{INTERFACE}=="v[eb]-*", ENV{NM_UNMANAGED}="1"
- '';
+ environment.etc."containers/registries.conf".source = toTOML "registries.conf" {
+ registries = lib.mapAttrs (n: v: { registries = v; }) cfg.registries;
+ };
- environment.systemPackages = [ pkgs.nixos-container ];
+ users.extraUsers = builtins.listToAttrs (
+ (
+ builtins.foldl' (
+ acc: user: {
+ values = acc.values ++ [
+ {
+ name = user;
+ value = {
+ subUidRanges = [ { startUid = acc.offset; count = 65536; } ];
+ subGidRanges = [ { startGid = acc.offset; count = 65536; } ];
+ };
+ }
+ ];
+ offset = acc.offset + 65536;
+ }
+ )
+ { values = []; offset = 100000; } (lib.unique cfg.users)
+ ).values
+ );
+
+ environment.etc."containers/policy.json".source =
+ if cfg.policy != {} then pkgs.writeText "policy.json" (builtins.toJSON cfg.policy)
+ else copyFile "${pkgs.skopeo.src}/default-policy.json";
+ };
- boot.kernelModules = [
- "bridge"
- "macvlan"
- "tap"
- "tun"
- ];
- });
}
diff --git a/nixos/modules/virtualisation/cri-o.nix b/nixos/modules/virtualisation/cri-o.nix
index 14a435f6c8b..7882b7fc19d 100644
--- a/nixos/modules/virtualisation/cri-o.nix
+++ b/nixos/modules/virtualisation/cri-o.nix
@@ -62,9 +62,7 @@ in
log_level = "${cfg.logLevel}"
manage_network_ns_lifecycle = true
'';
- environment.etc."containers/policy.json".text = ''
- {"default": [{"type": "insecureAcceptAnything"}]}
- '';
+
environment.etc."cni/net.d/20-cri-o-bridge.conf".text = ''
{
"cniVersion": "0.3.1",
@@ -83,6 +81,9 @@ in
}
'';
+ # Enable common container configuration, this will create policy.json
+ virtualisation.containers.enable = true;
+
systemd.services.crio = {
description = "Container Runtime Interface for OCI (CRI-O)";
documentation = [ "https://github.com/cri-o/cri-o" ];
diff --git a/nixos/modules/virtualisation/nixos-containers.nix b/nixos/modules/virtualisation/nixos-containers.nix
new file mode 100644
index 00000000000..4f5be91939d
--- /dev/null
+++ b/nixos/modules/virtualisation/nixos-containers.nix
@@ -0,0 +1,844 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+
+ # The container's init script, a small wrapper around the regular
+ # NixOS stage-2 init script.
+ containerInit = (cfg:
+ let
+ renderExtraVeth = (name: cfg:
+ ''
+ echo "Bringing ${name} up"
+ ip link set dev ${name} up
+ ${optionalString (cfg.localAddress != null) ''
+ echo "Setting ip for ${name}"
+ ip addr add ${cfg.localAddress} dev ${name}
+ ''}
+ ${optionalString (cfg.localAddress6 != null) ''
+ echo "Setting ip6 for ${name}"
+ ip -6 addr add ${cfg.localAddress6} dev ${name}
+ ''}
+ ${optionalString (cfg.hostAddress != null) ''
+ echo "Setting route to host for ${name}"
+ ip route add ${cfg.hostAddress} dev ${name}
+ ''}
+ ${optionalString (cfg.hostAddress6 != null) ''
+ echo "Setting route6 to host for ${name}"
+ ip -6 route add ${cfg.hostAddress6} dev ${name}
+ ''}
+ ''
+ );
+ in
+ pkgs.writeScript "container-init"
+ ''
+ #! ${pkgs.runtimeShell} -e
+
+ # Initialise the container side of the veth pair.
+ if [ -n "$HOST_ADDRESS" ] || [ -n "$HOST_ADDRESS6" ] ||
+ [ -n "$LOCAL_ADDRESS" ] || [ -n "$LOCAL_ADDRESS6" ] ||
+ [ -n "$HOST_BRIDGE" ]; then
+ ip link set host0 name eth0
+ ip link set dev eth0 up
+
+ if [ -n "$LOCAL_ADDRESS" ]; then
+ ip addr add $LOCAL_ADDRESS dev eth0
+ fi
+ if [ -n "$LOCAL_ADDRESS6" ]; then
+ ip -6 addr add $LOCAL_ADDRESS6 dev eth0
+ fi
+ if [ -n "$HOST_ADDRESS" ]; then
+ ip route add $HOST_ADDRESS dev eth0
+ ip route add default via $HOST_ADDRESS
+ fi
+ if [ -n "$HOST_ADDRESS6" ]; then
+ ip -6 route add $HOST_ADDRESS6 dev eth0
+ ip -6 route add default via $HOST_ADDRESS6
+ fi
+
+ ${concatStringsSep "\n" (mapAttrsToList renderExtraVeth cfg.extraVeths)}
+ fi
+
+ # Start the regular stage 1 script.
+ exec "$1"
+ ''
+ );
+
+ nspawnExtraVethArgs = (name: cfg: "--network-veth-extra=${name}");
+
+ startScript = cfg:
+ ''
+ mkdir -p -m 0755 "$root/etc" "$root/var/lib"
+ mkdir -p -m 0700 "$root/var/lib/private" "$root/root" /run/containers
+ if ! [ -e "$root/etc/os-release" ]; then
+ touch "$root/etc/os-release"
+ fi
+
+ if ! [ -e "$root/etc/machine-id" ]; then
+ touch "$root/etc/machine-id"
+ fi
+
+ mkdir -p -m 0755 \
+ "/nix/var/nix/profiles/per-container/$INSTANCE" \
+ "/nix/var/nix/gcroots/per-container/$INSTANCE"
+
+ cp --remove-destination /etc/resolv.conf "$root/etc/resolv.conf"
+
+ if [ "$PRIVATE_NETWORK" = 1 ]; then
+ extraFlags+=" --private-network"
+ fi
+
+ if [ -n "$HOST_ADDRESS" ] || [ -n "$LOCAL_ADDRESS" ] ||
+ [ -n "$HOST_ADDRESS6" ] || [ -n "$LOCAL_ADDRESS6" ]; then
+ extraFlags+=" --network-veth"
+ fi
+
+ if [ -n "$HOST_PORT" ]; then
+ OIFS=$IFS
+ IFS=","
+ for i in $HOST_PORT
+ do
+ extraFlags+=" --port=$i"
+ done
+ IFS=$OIFS
+ fi
+
+ if [ -n "$HOST_BRIDGE" ]; then
+ extraFlags+=" --network-bridge=$HOST_BRIDGE"
+ fi
+
+ extraFlags+=" ${concatStringsSep " " (mapAttrsToList nspawnExtraVethArgs cfg.extraVeths)}"
+
+ for iface in $INTERFACES; do
+ extraFlags+=" --network-interface=$iface"
+ done
+
+ for iface in $MACVLANS; do
+ extraFlags+=" --network-macvlan=$iface"
+ done
+
+ # If the host is 64-bit and the container is 32-bit, add a
+ # --personality flag.
+ ${optionalString (config.nixpkgs.localSystem.system == "x86_64-linux") ''
+ if [ "$(< ''${SYSTEM_PATH:-/nix/var/nix/profiles/per-container/$INSTANCE/system}/system)" = i686-linux ]; then
+ extraFlags+=" --personality=x86"
+ fi
+ ''}
+
+ # Run systemd-nspawn without startup notification (we'll
+ # wait for the container systemd to signal readiness).
+ exec ${config.systemd.package}/bin/systemd-nspawn \
+ --keep-unit \
+ -M "$INSTANCE" -D "$root" $extraFlags \
+ $EXTRA_NSPAWN_FLAGS \
+ --notify-ready=yes \
+ --bind-ro=/nix/store \
+ --bind-ro=/nix/var/nix/db \
+ --bind-ro=/nix/var/nix/daemon-socket \
+ --bind="/nix/var/nix/profiles/per-container/$INSTANCE:/nix/var/nix/profiles" \
+ --bind="/nix/var/nix/gcroots/per-container/$INSTANCE:/nix/var/nix/gcroots" \
+ ${optionalString (!cfg.ephemeral) "--link-journal=try-guest"} \
+ --setenv PRIVATE_NETWORK="$PRIVATE_NETWORK" \
+ --setenv HOST_BRIDGE="$HOST_BRIDGE" \
+ --setenv HOST_ADDRESS="$HOST_ADDRESS" \
+ --setenv LOCAL_ADDRESS="$LOCAL_ADDRESS" \
+ --setenv HOST_ADDRESS6="$HOST_ADDRESS6" \
+ --setenv LOCAL_ADDRESS6="$LOCAL_ADDRESS6" \
+ --setenv HOST_PORT="$HOST_PORT" \
+ --setenv PATH="$PATH" \
+ ${optionalString cfg.ephemeral "--ephemeral"} \
+ ${if cfg.additionalCapabilities != null && cfg.additionalCapabilities != [] then
+ ''--capability="${concatStringsSep "," cfg.additionalCapabilities}"'' else ""
+ } \
+ ${if cfg.tmpfs != null && cfg.tmpfs != [] then
+ ''--tmpfs=${concatStringsSep " --tmpfs=" cfg.tmpfs}'' else ""
+ } \
+ ${containerInit cfg} "''${SYSTEM_PATH:-/nix/var/nix/profiles/system}/init"
+ '';
+
+ preStartScript = cfg:
+ ''
+ # Clean up existing machined registration and interfaces.
+ machinectl terminate "$INSTANCE" 2> /dev/null || true
+
+ if [ -n "$HOST_ADDRESS" ] || [ -n "$LOCAL_ADDRESS" ] ||
+ [ -n "$HOST_ADDRESS6" ] || [ -n "$LOCAL_ADDRESS6" ]; then
+ ip link del dev "ve-$INSTANCE" 2> /dev/null || true
+ ip link del dev "vb-$INSTANCE" 2> /dev/null || true
+ fi
+
+ ${concatStringsSep "\n" (
+ mapAttrsToList (name: cfg:
+ ''ip link del dev ${name} 2> /dev/null || true ''
+ ) cfg.extraVeths
+ )}
+ '';
+
+ postStartScript = (cfg:
+ let
+ ipcall = cfg: ipcmd: variable: attribute:
+ if cfg.${attribute} == null then
+ ''
+ if [ -n "${variable}" ]; then
+ ${ipcmd} add ${variable} dev $ifaceHost
+ fi
+ ''
+ else
+ ''${ipcmd} add ${cfg.${attribute}} dev $ifaceHost'';
+ renderExtraVeth = name: cfg:
+ if cfg.hostBridge != null then
+ ''
+ # Add ${name} to bridge ${cfg.hostBridge}
+ ip link set dev ${name} master ${cfg.hostBridge} up
+ ''
+ else
+ ''
+ echo "Bring ${name} up"
+ ip link set dev ${name} up
+ # Set IPs and routes for ${name}
+ ${optionalString (cfg.hostAddress != null) ''
+ ip addr add ${cfg.hostAddress} dev ${name}
+ ''}
+ ${optionalString (cfg.hostAddress6 != null) ''
+ ip -6 addr add ${cfg.hostAddress6} dev ${name}
+ ''}
+ ${optionalString (cfg.localAddress != null) ''
+ ip route add ${cfg.localAddress} dev ${name}
+ ''}
+ ${optionalString (cfg.localAddress6 != null) ''
+ ip -6 route add ${cfg.localAddress6} dev ${name}
+ ''}
+ '';
+ in
+ ''
+ if [ -n "$HOST_ADDRESS" ] || [ -n "$LOCAL_ADDRESS" ] ||
+ [ -n "$HOST_ADDRESS6" ] || [ -n "$LOCAL_ADDRESS6" ]; then
+ if [ -z "$HOST_BRIDGE" ]; then
+ ifaceHost=ve-$INSTANCE
+ ip link set dev $ifaceHost up
+
+ ${ipcall cfg "ip addr" "$HOST_ADDRESS" "hostAddress"}
+ ${ipcall cfg "ip -6 addr" "$HOST_ADDRESS6" "hostAddress6"}
+ ${ipcall cfg "ip route" "$LOCAL_ADDRESS" "localAddress"}
+ ${ipcall cfg "ip -6 route" "$LOCAL_ADDRESS6" "localAddress6"}
+ fi
+ ${concatStringsSep "\n" (mapAttrsToList renderExtraVeth cfg.extraVeths)}
+ fi
+ ''
+ );
+
+ serviceDirectives = cfg: {
+ ExecReload = pkgs.writeScript "reload-container"
+ ''
+ #! ${pkgs.runtimeShell} -e
+ ${pkgs.nixos-container}/bin/nixos-container run "$INSTANCE" -- \
+ bash --login -c "''${SYSTEM_PATH:-/nix/var/nix/profiles/system}/bin/switch-to-configuration test"
+ '';
+
+ SyslogIdentifier = "container %i";
+
+ EnvironmentFile = "-/etc/containers/%i.conf";
+
+ Type = "notify";
+
+ RuntimeDirectory = lib.optional cfg.ephemeral "containers/%i";
+
+ # Note that on reboot, systemd-nspawn returns 133, so this
+ # unit will be restarted. On poweroff, it returns 0, so the
+ # unit won't be restarted.
+ RestartForceExitStatus = "133";
+ SuccessExitStatus = "133";
+
+ # Some containers take long to start
+ # especially when you automatically start many at once
+ TimeoutStartSec = cfg.timeoutStartSec;
+
+ Restart = "on-failure";
+
+ Slice = "machine.slice";
+ Delegate = true;
+
+ # Hack: we don't want to kill systemd-nspawn, since we call
+ # "machinectl poweroff" in preStop to shut down the
+ # container cleanly. But systemd requires sending a signal
+ # (at least if we want remaining processes to be killed
+ # after the timeout). So send an ignored signal.
+ KillMode = "mixed";
+ KillSignal = "WINCH";
+
+ DevicePolicy = "closed";
+ DeviceAllow = map (d: "${d.node} ${d.modifier}") cfg.allowedDevices;
+ };
+
+
+ system = config.nixpkgs.localSystem.system;
+
+ bindMountOpts = { name, ... }: {
+
+ options = {
+ mountPoint = mkOption {
+ example = "/mnt/usb";
+ type = types.str;
+ description = "Mount point on the container file system.";
+ };
+ hostPath = mkOption {
+ default = null;
+ example = "/home/alice";
+ type = types.nullOr types.str;
+ description = "Location of the host path to be mounted.";
+ };
+ isReadOnly = mkOption {
+ default = true;
+ type = types.bool;
+ description = "Determine whether the mounted path will be accessed in read-only mode.";
+ };
+ };
+
+ config = {
+ mountPoint = mkDefault name;
+ };
+
+ };
+
+ allowedDeviceOpts = { ... }: {
+ options = {
+ node = mkOption {
+ example = "/dev/net/tun";
+ type = types.str;
+ description = "Path to device node";
+ };
+ modifier = mkOption {
+ example = "rw";
+ type = types.str;
+ description = ''
+ Device node access modifier. Takes a combination
+ r (read), w (write), and
+ m (mknod). See the
+ systemd.resource-control(5) man page for more
+ information.'';
+ };
+ };
+ };
+
+
+ mkBindFlag = d:
+ let flagPrefix = if d.isReadOnly then " --bind-ro=" else " --bind=";
+ mountstr = if d.hostPath != null then "${d.hostPath}:${d.mountPoint}" else "${d.mountPoint}";
+ in flagPrefix + mountstr ;
+
+ mkBindFlags = bs: concatMapStrings mkBindFlag (lib.attrValues bs);
+
+ networkOptions = {
+ hostBridge = mkOption {
+ type = types.nullOr types.str;
+ default = null;
+ example = "br0";
+ description = ''
+ Put the host-side of the veth-pair into the named bridge.
+ Only one of hostAddress* or hostBridge can be given.
+ '';
+ };
+
+ forwardPorts = mkOption {
+ type = types.listOf (types.submodule {
+ options = {
+ protocol = mkOption {
+ type = types.str;
+ default = "tcp";
+ description = "The protocol specifier for port forwarding between host and container";
+ };
+ hostPort = mkOption {
+ type = types.int;
+ description = "Source port of the external interface on host";
+ };
+ containerPort = mkOption {
+ type = types.nullOr types.int;
+ default = null;
+ description = "Target port of container";
+ };
+ };
+ });
+ default = [];
+ example = [ { protocol = "tcp"; hostPort = 8080; containerPort = 80; } ];
+ description = ''
+ List of forwarded ports from host to container. Each forwarded port
+ is specified by protocol, hostPort and containerPort. By default,
+ protocol is tcp and hostPort and containerPort are assumed to be
+ the same if containerPort is not explicitly given.
+ '';
+ };
+
+
+ hostAddress = mkOption {
+ type = types.nullOr types.str;
+ default = null;
+ example = "10.231.136.1";
+ description = ''
+ The IPv4 address assigned to the host interface.
+ (Not used when hostBridge is set.)
+ '';
+ };
+
+ hostAddress6 = mkOption {
+ type = types.nullOr types.str;
+ default = null;
+ example = "fc00::1";
+ description = ''
+ The IPv6 address assigned to the host interface.
+ (Not used when hostBridge is set.)
+ '';
+ };
+
+ localAddress = mkOption {
+ type = types.nullOr types.str;
+ default = null;
+ example = "10.231.136.2";
+ description = ''
+ The IPv4 address assigned to the interface in the container.
+ If a hostBridge is used, this should be given with netmask to access
+ the whole network. Otherwise the default netmask is /32 and routing is
+ set up from localAddress to hostAddress and back.
+ '';
+ };
+
+ localAddress6 = mkOption {
+ type = types.nullOr types.str;
+ default = null;
+ example = "fc00::2";
+ description = ''
+ The IPv6 address assigned to the interface in the container.
+ If a hostBridge is used, this should be given with netmask to access
+ the whole network. Otherwise the default netmask is /128 and routing is
+ set up from localAddress6 to hostAddress6 and back.
+ '';
+ };
+
+ };
+
+ dummyConfig =
+ {
+ extraVeths = {};
+ additionalCapabilities = [];
+ ephemeral = false;
+ timeoutStartSec = "15s";
+ allowedDevices = [];
+ hostAddress = null;
+ hostAddress6 = null;
+ localAddress = null;
+ localAddress6 = null;
+ tmpfs = null;
+ };
+
+in
+
+{
+ options = {
+
+ boot.isContainer = mkOption {
+ type = types.bool;
+ default = false;
+ description = ''
+ Whether this NixOS machine is a lightweight container running
+ in another NixOS system. If set to true, support for nested
+ containers is disabled by default, but can be reenabled by
+ setting boot.enableContainers to true.
+ '';
+ };
+
+ boot.enableContainers = mkOption {
+ type = types.bool;
+ default = !config.boot.isContainer;
+ description = ''
+ Whether to enable support for NixOS containers. Defaults to true
+ (at no cost if containers are not actually used), but only if the
+ system is not itself a lightweight container of a host.
+ To enable support for nested containers, this option has to be
+ explicitly set to true (in the outer container).
+ '';
+ };
+
+ containers = mkOption {
+ type = types.attrsOf (types.submodule (
+ { config, options, name, ... }:
+ {
+ options = {
+
+ config = mkOption {
+ description = ''
+ A specification of the desired configuration of this
+ container, as a NixOS module.
+ '';
+ type = let
+ confPkgs = if config.pkgs == null then pkgs else config.pkgs;
+ in lib.mkOptionType {
+ name = "Toplevel NixOS config";
+ merge = loc: defs: (import (confPkgs.path + "/nixos/lib/eval-config.nix") {
+ inherit system;
+ pkgs = confPkgs;
+ baseModules = import (confPkgs.path + "/nixos/modules/module-list.nix");
+ inherit (confPkgs) lib;
+ modules =
+ let
+ extraConfig = {
+ _file = "module at ${__curPos.file}:${toString __curPos.line}";
+ config = {
+ boot.isContainer = true;
+ networking.hostName = mkDefault name;
+ networking.useDHCP = false;
+ assertions = [
+ {
+ assertion = config.privateNetwork -> stringLength name < 12;
+ message = ''
+ Container name `${name}` is too long: When `privateNetwork` is enabled, container names can
+ not be longer than 11 characters, because the container's interface name is derived from it.
+ This might be fixed in the future. See https://github.com/NixOS/nixpkgs/issues/38509
+ '';
+ }
+ ];
+ };
+ };
+ in [ extraConfig ] ++ (map (x: x.value) defs);
+ prefix = [ "containers" name ];
+ }).config;
+ };
+ };
+
+ path = mkOption {
+ type = types.path;
+ example = "/nix/var/nix/profiles/containers/webserver";
+ description = ''
+ As an alternative to specifying
+ , you can specify the path to
+ the evaluated NixOS system configuration, typically a
+ symlink to a system profile.
+ '';
+ };
+
+ additionalCapabilities = mkOption {
+ type = types.listOf types.str;
+ default = [];
+ example = [ "CAP_NET_ADMIN" "CAP_MKNOD" ];
+ description = ''
+ Grant additional capabilities to the container. See the
+ capabilities(7) and systemd-nspawn(1) man pages for more
+ information.
+ '';
+ };
+
+ pkgs = mkOption {
+ type = types.nullOr types.attrs;
+ default = null;
+ example = literalExample "pkgs";
+ description = ''
+ Customise which nixpkgs to use for this container.
+ '';
+ };
+
+ ephemeral = mkOption {
+ type = types.bool;
+ default = false;
+ description = ''
+ Runs container in ephemeral mode with the empty root filesystem at boot.
+ This way container will be bootstrapped from scratch on each boot
+ and will be cleaned up on shutdown leaving no traces behind.
+ Useful for completely stateless, reproducible containers.
+
+ Note that this option might require to do some adjustments to the container configuration,
+ e.g. you might want to set
+ systemd.network.networks.$interface.dhcpConfig.ClientIdentifier to "mac"
+ if you use macvlans option.
+ This way dhcp client identifier will be stable between the container restarts.
+
+ Note that the container journal will not be linked to the host if this option is enabled.
+ '';
+ };
+
+ enableTun = mkOption {
+ type = types.bool;
+ default = false;
+ description = ''
+ Allows the container to create and setup tunnel interfaces
+ by granting the NET_ADMIN capability and
+ enabling access to /dev/net/tun.
+ '';
+ };
+
+ privateNetwork = mkOption {
+ type = types.bool;
+ default = false;
+ description = ''
+ Whether to give the container its own private virtual
+ Ethernet interface. The interface is called
+ eth0, and is hooked up to the interface
+ ve-container-name
+ on the host. If this option is not set, then the
+ container shares the network interfaces of the host,
+ and can bind to any port on any interface.
+ '';
+ };
+
+ interfaces = mkOption {
+ type = types.listOf types.str;
+ default = [];
+ example = [ "eth1" "eth2" ];
+ description = ''
+ The list of interfaces to be moved into the container.
+ '';
+ };
+
+ macvlans = mkOption {
+ type = types.listOf types.str;
+ default = [];
+ example = [ "eth1" "eth2" ];
+ description = ''
+ The list of host interfaces from which macvlans will be
+ created. For each interface specified, a macvlan interface
+ will be created and moved to the container.
+ '';
+ };
+
+ extraVeths = mkOption {
+ type = with types; attrsOf (submodule { options = networkOptions; });
+ default = {};
+ description = ''
+ Extra veth-pairs to be created for the container.
+ '';
+ };
+
+ autoStart = mkOption {
+ type = types.bool;
+ default = false;
+ description = ''
+ Whether the container is automatically started at boot-time.
+ '';
+ };
+
+ timeoutStartSec = mkOption {
+ type = types.str;
+ default = "1min";
+ description = ''
+ Time for the container to start. In case of a timeout,
+ the container processes get killed.
+ See systemd.time
+ 7
+ for more information about the format.
+ '';
+ };
+
+ bindMounts = mkOption {
+ type = with types; loaOf (submodule bindMountOpts);
+ default = {};
+ example = literalExample ''
+ { "/home" = { hostPath = "/home/alice";
+ isReadOnly = false; };
+ }
+ '';
+
+ description =
+ ''
+ An extra list of directories that is bound to the container.
+ '';
+ };
+
+ allowedDevices = mkOption {
+ type = with types; listOf (submodule allowedDeviceOpts);
+ default = [];
+ example = [ { node = "/dev/net/tun"; modifier = "rw"; } ];
+ description = ''
+ A list of device nodes to which the containers has access to.
+ '';
+ };
+
+ tmpfs = mkOption {
+ type = types.listOf types.str;
+ default = [];
+ example = [ "/var" ];
+ description = ''
+ Mounts a set of tmpfs file systems into the container.
+ Multiple paths can be specified.
+ Valid items must conform to the --tmpfs argument
+ of systemd-nspawn. See systemd-nspawn(1) for details.
+ '';
+ };
+
+ extraFlags = mkOption {
+ type = types.listOf types.str;
+ default = [];
+ example = [ "--drop-capability=CAP_SYS_CHROOT" ];
+ description = ''
+ Extra flags passed to the systemd-nspawn command.
+ See systemd-nspawn(1) for details.
+ '';
+ };
+
+ } // networkOptions;
+
+ config = mkMerge
+ [
+ (mkIf options.config.isDefined {
+ path = config.config.system.build.toplevel;
+ })
+ ];
+ }));
+
+ default = {};
+ example = literalExample
+ ''
+ { webserver =
+ { path = "/nix/var/nix/profiles/webserver";
+ };
+ database =
+ { config =
+ { config, pkgs, ... }:
+ { services.postgresql.enable = true;
+ services.postgresql.package = pkgs.postgresql_9_6;
+
+ system.stateVersion = "17.03";
+ };
+ };
+ }
+ '';
+ description = ''
+ A set of NixOS system configurations to be run as lightweight
+ containers. Each container appears as a service
+ container-name
+ on the host system, allowing it to be started and stopped via
+ systemctl.
+ '';
+ };
+
+ };
+
+
+ config = mkIf (config.boot.enableContainers) (let
+
+ unit = {
+ description = "Container '%i'";
+
+ unitConfig.RequiresMountsFor = "/var/lib/containers/%i";
+
+ path = [ pkgs.iproute ];
+
+ environment = {
+ root = "/var/lib/containers/%i";
+ INSTANCE = "%i";
+ };
+
+ preStart = preStartScript dummyConfig;
+
+ script = startScript dummyConfig;
+
+ postStart = postStartScript dummyConfig;
+
+ preStop = "machinectl poweroff $INSTANCE";
+
+ restartIfChanged = false;
+
+ serviceConfig = serviceDirectives dummyConfig;
+ };
+ in {
+ systemd.targets.multi-user.wants = [ "machines.target" ];
+
+ systemd.services = listToAttrs (filter (x: x.value != null) (
+ # The generic container template used by imperative containers
+ [{ name = "container@"; value = unit; }]
+ # declarative containers
+ ++ (mapAttrsToList (name: cfg: nameValuePair "container@${name}" (let
+ containerConfig = cfg // (
+ if cfg.enableTun then
+ {
+ allowedDevices = cfg.allowedDevices
+ ++ [ { node = "/dev/net/tun"; modifier = "rw"; } ];
+ additionalCapabilities = cfg.additionalCapabilities
+ ++ [ "CAP_NET_ADMIN" ];
+ }
+ else {});
+ in
+ recursiveUpdate unit {
+ preStart = preStartScript containerConfig;
+ script = startScript containerConfig;
+ postStart = postStartScript containerConfig;
+ serviceConfig = serviceDirectives containerConfig;
+ unitConfig.RequiresMountsFor = lib.optional (!containerConfig.ephemeral) "/var/lib/containers/%i";
+ environment.root = if containerConfig.ephemeral then "/run/containers/%i" else "/var/lib/containers/%i";
+ } // (
+ if containerConfig.autoStart then
+ {
+ wantedBy = [ "machines.target" ];
+ wants = [ "network.target" ];
+ after = [ "network.target" ];
+ restartTriggers = [
+ containerConfig.path
+ config.environment.etc."containers/${name}.conf".source
+ ];
+ restartIfChanged = true;
+ }
+ else {})
+ )) config.containers)
+ ));
+
+ # Generate a configuration file in /etc/containers for each
+ # container so that container@.target can get the container
+ # configuration.
+ environment.etc =
+ let mkPortStr = p: p.protocol + ":" + (toString p.hostPort) + ":" + (if p.containerPort == null then toString p.hostPort else toString p.containerPort);
+ in mapAttrs' (name: cfg: nameValuePair "containers/${name}.conf"
+ { text =
+ ''
+ SYSTEM_PATH=${cfg.path}
+ ${optionalString cfg.privateNetwork ''
+ PRIVATE_NETWORK=1
+ ${optionalString (cfg.hostBridge != null) ''
+ HOST_BRIDGE=${cfg.hostBridge}
+ ''}
+ ${optionalString (length cfg.forwardPorts > 0) ''
+ HOST_PORT=${concatStringsSep "," (map mkPortStr cfg.forwardPorts)}
+ ''}
+ ${optionalString (cfg.hostAddress != null) ''
+ HOST_ADDRESS=${cfg.hostAddress}
+ ''}
+ ${optionalString (cfg.hostAddress6 != null) ''
+ HOST_ADDRESS6=${cfg.hostAddress6}
+ ''}
+ ${optionalString (cfg.localAddress != null) ''
+ LOCAL_ADDRESS=${cfg.localAddress}
+ ''}
+ ${optionalString (cfg.localAddress6 != null) ''
+ LOCAL_ADDRESS6=${cfg.localAddress6}
+ ''}
+ ''}
+ INTERFACES="${toString cfg.interfaces}"
+ MACVLANS="${toString cfg.macvlans}"
+ ${optionalString cfg.autoStart ''
+ AUTO_START=1
+ ''}
+ EXTRA_NSPAWN_FLAGS="${mkBindFlags cfg.bindMounts +
+ optionalString (cfg.extraFlags != [])
+ (" " + concatStringsSep " " cfg.extraFlags)}"
+ '';
+ }) config.containers;
+
+ # Generate /etc/hosts entries for the containers.
+ networking.extraHosts = concatStrings (mapAttrsToList (name: cfg: optionalString (cfg.localAddress != null)
+ ''
+ ${head (splitString "/" cfg.localAddress)} ${name}.containers
+ '') config.containers);
+
+ networking.dhcpcd.denyInterfaces = [ "ve-*" "vb-*" ];
+
+ services.udev.extraRules = optionalString config.networking.networkmanager.enable ''
+ # Don't manage interfaces created by nixos-container.
+ ENV{INTERFACE}=="v[eb]-*", ENV{NM_UNMANAGED}="1"
+ '';
+
+ environment.systemPackages = [ pkgs.nixos-container ];
+
+ boot.kernelModules = [
+ "bridge"
+ "macvlan"
+ "tap"
+ "tun"
+ ];
+ });
+}
diff --git a/nixos/modules/virtualisation/podman.nix b/nixos/modules/virtualisation/podman.nix
new file mode 100644
index 00000000000..2ec45fa18a4
--- /dev/null
+++ b/nixos/modules/virtualisation/podman.nix
@@ -0,0 +1,80 @@
+{ config, lib, pkgs, ... }:
+let
+ cfg = config.virtualisation.podman;
+
+ inherit (lib) mkOption types;
+
+ # Provides a fake "docker" binary mapping to podman
+ dockerCompat = pkgs.runCommandNoCC "${pkgs.podman.pname}-docker-compat-${pkgs.podman.version}" {
+ outputs = [ "out" "bin" "man" ];
+ inherit (pkgs.podman) meta;
+ } ''
+ mkdir $out
+
+ mkdir -p $bin/bin
+ ln -s ${pkgs.podman.bin}/bin/podman $bin/bin/docker
+
+ mkdir -p $man/share/man/man1
+ for f in ${pkgs.podman.man}/share/man/man1/*; do
+ basename=$(basename $f | sed s/podman/docker/g)
+ ln -s $f $man/share/man/man1/$basename
+ done
+ '';
+
+ # Copy configuration files to avoid having the entire sources in the system closure
+ copyFile = filePath: pkgs.runCommandNoCC (builtins.unsafeDiscardStringContext (builtins.baseNameOf filePath)) {} ''
+ cp ${filePath} $out
+ '';
+
+in
+{
+ meta = {
+ maintainers = lib.teams.podman.members;
+ };
+
+ options.virtualisation.podman = {
+
+ enable =
+ mkOption {
+ type = types.bool;
+ default = false;
+ description = ''
+ This option enables Podman, a daemonless container engine for
+ developing, managing, and running OCI Containers on your Linux System.
+
+ It is a drop-in replacement for the docker command.
+ '';
+ };
+
+ dockerCompat = mkOption {
+ type = types.bool;
+ default = false;
+ description = ''
+ Create an alias mapping docker to podman.
+ '';
+ };
+
+ };
+
+ config = lib.mkIf cfg.enable {
+
+ environment.systemPackages = [
+ pkgs.podman # Docker compat
+ pkgs.runc # Default container runtime
+ pkgs.crun # Default container runtime (cgroups v2)
+ pkgs.conmon # Container runtime monitor
+ pkgs.slirp4netns # User-mode networking for unprivileged namespaces
+ pkgs.fuse-overlayfs # CoW for images, much faster than default vfs
+ pkgs.utillinux # nsenter
+ pkgs.cni-plugins # Networking plugins
+ pkgs.iptables
+ ]
+ ++ lib.optional cfg.dockerCompat dockerCompat;
+
+ environment.etc."cni/net.d/87-podman-bridge.conflist".source = copyFile "${pkgs.podman.src}/cni/87-podman-bridge.conflist";
+
+ virtualisation.containers.enable = true;
+
+ };
+
+}
diff --git a/nixos/release-combined.nix b/nixos/release-combined.nix
index f4f99e71a90..2f5dd28e8bb 100644
--- a/nixos/release-combined.nix
+++ b/nixos/release-combined.nix
@@ -115,6 +115,7 @@ in rec {
(onFullSupported "nixos.tests.openssh")
(onFullSupported "nixos.tests.pantheon")
(onFullSupported "nixos.tests.php.fpm")
+ (onFullSupported "nixos.tests.php.httpd")
(onFullSupported "nixos.tests.php.pcre")
(onFullSupported "nixos.tests.plasma5")
(onFullSupported "nixos.tests.predictable-interface-names.predictableNetworkd")
diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix
index 30229a3a5b2..cbfdf3ad9c2 100644
--- a/nixos/tests/all-tests.nix
+++ b/nixos/tests/all-tests.nix
@@ -248,6 +248,7 @@ in
php = handleTest ./php {};
plasma5 = handleTest ./plasma5.nix {};
plotinus = handleTest ./plotinus.nix {};
+ podman = handleTest ./podman.nix {};
postgis = handleTest ./postgis.nix {};
postgresql = handleTest ./postgresql.nix {};
postgresql-wal-receiver = handleTest ./postgresql-wal-receiver.nix {};
@@ -299,6 +300,7 @@ in
systemd-timesyncd = handleTest ./systemd-timesyncd.nix {};
systemd-networkd-vrf = handleTest ./systemd-networkd-vrf.nix {};
systemd-networkd = handleTest ./systemd-networkd.nix {};
+ systemd-networkd-dhcpserver = handleTest ./systemd-networkd-dhcpserver.nix {};
systemd-nspawn = handleTest ./systemd-nspawn.nix {};
pdns-recursor = handleTest ./pdns-recursor.nix {};
taskserver = handleTest ./taskserver.nix {};
diff --git a/nixos/tests/php/default.nix b/nixos/tests/php/default.nix
index 9ab14f722d0..ee7a3b56a3e 100644
--- a/nixos/tests/php/default.nix
+++ b/nixos/tests/php/default.nix
@@ -3,5 +3,6 @@
pkgs ? import ../../.. { inherit system config; }
}: {
fpm = import ./fpm.nix { inherit system pkgs; };
+ httpd = import ./httpd.nix { inherit system pkgs; };
pcre = import ./pcre.nix { inherit system pkgs; };
}
diff --git a/nixos/tests/php/fpm.nix b/nixos/tests/php/fpm.nix
index e93a3183418..1e4ced24b6c 100644
--- a/nixos/tests/php/fpm.nix
+++ b/nixos/tests/php/fpm.nix
@@ -43,13 +43,11 @@ import ../make-test-python.nix ({pkgs, ...}: {
machine.wait_for_unit("phpfpm-foobar.service")
# Check so we get an evaluated PHP back
- assert "PHP Version ${pkgs.php.version}" in machine.succeed("curl -vvv -s http://127.0.0.1:80/")
+ response = machine.succeed("curl -vvv -s http://127.0.0.1:80/")
+ assert "PHP Version ${pkgs.php.version}" in response, "PHP version not detected"
# Check so we have database and some other extensions loaded
- assert "json" in machine.succeed("curl -vvv -s http://127.0.0.1:80/")
- assert "opcache" in machine.succeed("curl -vvv -s http://127.0.0.1:80/")
- assert "pdo_mysql" in machine.succeed("curl -vvv -s http://127.0.0.1:80/")
- assert "pdo_pgsql" in machine.succeed("curl -vvv -s http://127.0.0.1:80/")
- assert "pdo_sqlite" in machine.succeed("curl -vvv -s http://127.0.0.1:80/")
+ for ext in ["json", "opcache", "pdo_mysql", "pdo_pgsql", "pdo_sqlite"]:
+ assert ext in response, f"Missing {ext} extension"
'';
})
diff --git a/nixos/tests/php/httpd.nix b/nixos/tests/php/httpd.nix
new file mode 100644
index 00000000000..fc3ff986734
--- /dev/null
+++ b/nixos/tests/php/httpd.nix
@@ -0,0 +1,31 @@
+import ../make-test-python.nix ({pkgs, ...}: {
+ name = "php-httpd-test";
+ meta.maintainers = with pkgs.stdenv.lib.maintainers; [ etu ];
+
+ machine = { config, lib, pkgs, ... }: {
+ services.httpd = {
+ enable = true;
+ adminAddr = "admin@phpfpm";
+ virtualHosts."phpfpm" = let
+ testdir = pkgs.writeTextDir "web/index.php" "waitForUnit('redmine.service');
- $machine->waitForOpenPort('3000');
- $machine->succeed("curl --fail http://localhost:3000/");
+ start_all()
+ machine.wait_for_unit("redmine.service")
+ machine.wait_for_open_port(3000)
+ machine.succeed("curl --fail http://localhost:3000/")
'';
- };
-
- pgsqlTest = package: makeTest {
- machine =
- { config, pkgs, ... }:
- { services.redmine.enable = true;
- services.redmine.package = package;
- services.redmine.database.type = "postgresql";
- services.redmine.plugins = {
- redmine_env_auth = pkgs.fetchurl {
- url = "https://github.com/Intera/redmine_env_auth/archive/0.7.zip";
- sha256 = "1xb8lyarc7mpi86yflnlgyllh9hfwb9z304f19dx409gqpia99sc";
- };
- };
- services.redmine.themes = {
- dkuk-redmine_alex_skin = pkgs.fetchurl {
- url = "https://bitbucket.org/dkuk/redmine_alex_skin/get/1842ef675ef3.zip";
- sha256 = "0hrin9lzyi50k4w2bd2b30vrf1i4fi1c0gyas5801wn8i7kpm9yl";
- };
- };
- };
-
- testScript = ''
- startAll;
- $machine->waitForUnit('redmine.service');
- $machine->waitForOpenPort('3000');
- $machine->succeed("curl --fail http://localhost:3000/");
- '';
- };
-in
-{
- mysql = mysqlTest pkgs.redmine // {
- name = "mysql";
- meta.maintainers = [ maintainers.aanderse ];
- };
-
- pgsql = pgsqlTest pkgs.redmine // {
- name = "pgsql";
+ } // {
meta.maintainers = [ maintainers.aanderse ];
};
+in {
+ mysql = redmineTest { name = "mysql"; type = "mysql2"; };
+ pgsql = redmineTest { name = "pgsql"; type = "postgresql"; };
}
diff --git a/nixos/tests/systemd-networkd-dhcpserver.nix b/nixos/tests/systemd-networkd-dhcpserver.nix
new file mode 100644
index 00000000000..f1a2662f8cb
--- /dev/null
+++ b/nixos/tests/systemd-networkd-dhcpserver.nix
@@ -0,0 +1,58 @@
+# This test predominantly tests systemd-networkd DHCP server, by
+# setting up a DHCP server and client, and ensuring they are mutually
+# reachable via the DHCP allocated address.
+import ./make-test-python.nix ({pkgs, ...}: {
+ name = "systemd-networkd-dhcpserver";
+ meta = with pkgs.stdenv.lib.maintainers; {
+ maintainers = [ tomfitzhenry ];
+ };
+ nodes = {
+ router = { config, pkgs, ... }: {
+ virtualisation.vlans = [ 1 ];
+ systemd.services.systemd-networkd.environment.SYSTEMD_LOG_LEVEL = "debug";
+ networking = {
+ useNetworkd = true;
+ useDHCP = false;
+ firewall.enable = false;
+ };
+ systemd.network = {
+ networks = {
+ # systemd-networkd will load the first network unit file
+ # that matches, ordered lexiographically by filename.
+ # /etc/systemd/network/{40-eth1,99-main}.network already
+ # exists. This network unit must be loaded for the test,
+ # however, hence why this network is named such.
+ "01-eth1" = {
+ name = "eth1";
+ networkConfig = {
+ DHCPServer = true;
+ Address = "10.0.0.1/24";
+ };
+ dhcpServerConfig = {
+ PoolOffset = 100;
+ PoolSize = 1;
+ };
+ };
+ };
+ };
+ };
+
+ client = { config, pkgs, ... }: {
+ virtualisation.vlans = [ 1 ];
+ systemd.services.systemd-networkd.environment.SYSTEMD_LOG_LEVEL = "debug";
+ networking = {
+ useNetworkd = true;
+ useDHCP = false;
+ firewall.enable = false;
+ interfaces.eth1.useDHCP = true;
+ };
+ };
+ };
+ testScript = { ... }: ''
+ start_all()
+ router.wait_for_unit("systemd-networkd-wait-online.service")
+ client.wait_for_unit("systemd-networkd-wait-online.service")
+ client.wait_until_succeeds("ping -c 5 10.0.0.1")
+ router.wait_until_succeeds("ping -c 5 10.0.0.100")
+ '';
+})
diff --git a/pkgs/applications/editors/android-studio/common.nix b/pkgs/applications/editors/android-studio/common.nix
index 0625431462c..1a6904b2176 100644
--- a/pkgs/applications/editors/android-studio/common.nix
+++ b/pkgs/applications/editors/android-studio/common.nix
@@ -39,6 +39,7 @@
, nss
, pciutils
, pkgsi686Linux
+, ps
, setxkbmap
, stdenv
, systemd
@@ -89,6 +90,7 @@ let
# Runtime stuff
git
+ ps
]}" \
--prefix LD_LIBRARY_PATH : "${stdenv.lib.makeLibraryPath [
diff --git a/pkgs/applications/misc/pwsafe/default.nix b/pkgs/applications/misc/pwsafe/default.nix
index 91845abc8b2..43197c6bf27 100644
--- a/pkgs/applications/misc/pwsafe/default.nix
+++ b/pkgs/applications/misc/pwsafe/default.nix
@@ -1,25 +1,25 @@
{ stdenv, fetchFromGitHub, cmake, pkgconfig, zip, gettext, perl
-, wxGTK30, libXext, libXi, libXt, libXtst, xercesc
+, wxGTK31, libXext, libXi, libXt, libXtst, xercesc
, qrencode, libuuid, libyubikey, yubikey-personalization
, curl, openssl, file
}:
stdenv.mkDerivation rec {
pname = "pwsafe";
- version = "1.09.0";
+ version = "3.52.0";
src = fetchFromGitHub {
owner = pname;
repo = pname;
rev = "${version}";
- sha256 = "0dmazm95d53wq74qvsjvhl7r6fr4dv11nzf8sgdy47nyxv06xs1b";
+ sha256 = "1ka7xsl63v0559fzf3pwc1iqr37gwr4vq5iaxa2hzar2g28hsxvh";
};
nativeBuildInputs = [
cmake gettext perl pkgconfig zip
];
buildInputs = [
- libXext libXi libXt libXtst wxGTK30
+ libXext libXi libXt libXtst wxGTK31
curl qrencode libuuid openssl xercesc
libyubikey yubikey-personalization
file
diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.nix b/pkgs/applications/networking/browsers/chromium/upstream-info.nix
index cf542faa8a1..77505b47d85 100644
--- a/pkgs/applications/networking/browsers/chromium/upstream-info.nix
+++ b/pkgs/applications/networking/browsers/chromium/upstream-info.nix
@@ -11,8 +11,8 @@
version = "84.0.4115.5";
};
stable = {
- sha256 = "0hsxxw7fm1p8g53msqb644v8vr4cpvjmpln444c2268rm43yik17";
- sha256bin64 = "0ap7flrw3h885454fa2r7psa4sh8567ql7v7x96q11gh9gjrdvp3";
- version = "81.0.4044.113";
+ sha256 = "0ahqh3vmzbpai4xwn7qybgw9phc8ssjdvfc7384mxqk9swqgv7qg";
+ sha256bin64 = "0gpgim244594m35qwf625blwdqgjbp4qr846wq75a9a9zqwqs05w";
+ version = "81.0.4044.122";
};
}
diff --git a/pkgs/applications/networking/mailreaders/mblaze/default.nix b/pkgs/applications/networking/mailreaders/mblaze/default.nix
index 82550cf43cc..fc9001e59e3 100644
--- a/pkgs/applications/networking/mailreaders/mblaze/default.nix
+++ b/pkgs/applications/networking/mailreaders/mblaze/default.nix
@@ -1,10 +1,10 @@
-{ stdenv, fetchFromGitHub, fetchpatch, libiconv }:
+{ stdenv, lib, fetchFromGitHub, fetchpatch, libiconv, ruby ? null }:
stdenv.mkDerivation rec {
pname = "mblaze";
version = "0.5.1";
- buildInputs = stdenv.lib.optionals stdenv.isDarwin [ libiconv ];
+ buildInputs = [ ruby ] ++ lib.optionals stdenv.isDarwin [ libiconv ];
src = fetchFromGitHub {
owner = "chneukirchen";
@@ -24,9 +24,11 @@ stdenv.mkDerivation rec {
postInstall = ''
install -Dm644 -t $out/share/zsh/site-functions contrib/_mblaze
+ '' + lib.optionalString (ruby != null) ''
+ install -Dt $out/bin contrib/msuck contrib/mblow
'';
- meta = with stdenv.lib; {
+ meta = with lib; {
homepage = "https://github.com/chneukirchen/mblaze";
description = "Unix utilities to deal with Maildir";
license = licenses.cc0;
diff --git a/pkgs/applications/networking/mumble/default.nix b/pkgs/applications/networking/mumble/default.nix
index 4408994ba8f..633d6e63dce 100644
--- a/pkgs/applications/networking/mumble/default.nix
+++ b/pkgs/applications/networking/mumble/default.nix
@@ -6,6 +6,7 @@
, speechdSupport ? false, speechd ? null
, pulseSupport ? false, libpulseaudio ? null
, iceSupport ? false, zeroc-ice ? null
+, nixosTests
}:
assert jackSupport -> libjack2 != null;
@@ -63,6 +64,8 @@ let
enableParallelBuilding = true;
+ passthru.tests.connectivity = nixosTests.mumble;
+
meta = {
description = "Low-latency, high quality voice chat software";
homepage = "https://mumble.info";
diff --git a/pkgs/applications/networking/newsreaders/quiterss/default.nix b/pkgs/applications/networking/newsreaders/quiterss/default.nix
index 6fa4dc19799..1cc4be8cb27 100644
--- a/pkgs/applications/networking/newsreaders/quiterss/default.nix
+++ b/pkgs/applications/networking/newsreaders/quiterss/default.nix
@@ -1,19 +1,19 @@
-{ stdenv, fetchFromGitHub, qmake, pkgconfig, wrapQtAppsHook
+{ stdenv, fetchFromGitHub, qmake, pkg-config, wrapQtAppsHook
, qtbase, qttools, qtwebkit, sqlite
}:
stdenv.mkDerivation rec {
pname = "quiterss";
- version = "0.19.3";
+ version = "0.19.4";
src = fetchFromGitHub {
owner = "QuiteRSS";
repo = "quiterss";
rev = version;
- sha256 = "06m5mhzxvv8q2adaqcrar3sx2c1hc89h2i0qfjxmirfc5z67hdw2";
+ sha256 = "1cgvl67vhn5y7bj5gbjbgk26bhb0196bgrgsp3r5fmrislarj8s6";
};
- nativeBuildInputs = [ qmake pkgconfig wrapQtAppsHook ];
+ nativeBuildInputs = [ qmake pkg-config wrapQtAppsHook ];
buildInputs = [ qtbase qttools qtwebkit sqlite.dev ];
meta = with stdenv.lib; {
@@ -23,6 +23,7 @@ stdenv.mkDerivation rec {
written on Qt/C++
'';
homepage = "https://quiterss.org";
+ changelog = "https://github.com/QuiteRSS/quiterss/blob/${version}/CHANGELOG";
license = licenses.gpl3;
platforms = platforms.linux;
maintainers = with maintainers; [ primeos ];
diff --git a/pkgs/applications/networking/syncthing/default.nix b/pkgs/applications/networking/syncthing/default.nix
index 31cf76be5ef..94fec82fdf7 100644
--- a/pkgs/applications/networking/syncthing/default.nix
+++ b/pkgs/applications/networking/syncthing/default.nix
@@ -1,4 +1,4 @@
-{ buildGoModule, stdenv, lib, procps, fetchFromGitHub }:
+{ buildGoModule, stdenv, lib, procps, fetchFromGitHub, nixosTests }:
let
common = { stname, target, postInstall ? "" }:
@@ -35,6 +35,11 @@ let
inherit postInstall;
+ passthru.tests = with nixosTests; {
+ init = syncthing-init;
+ relay = syncthing-relay;
+ };
+
meta = with lib; {
homepage = "https://www.syncthing.net/";
description = "Open Source Continuous File Synchronization";
diff --git a/pkgs/applications/version-management/git-and-tools/thicket/default.nix b/pkgs/applications/version-management/git-and-tools/thicket/default.nix
index 42819043d58..4a02baa465c 100644
--- a/pkgs/applications/version-management/git-and-tools/thicket/default.nix
+++ b/pkgs/applications/version-management/git-and-tools/thicket/default.nix
@@ -1,9 +1,12 @@
{ lib
, fetchFromGitHub
-, crystal
+, crystal_0_33
}:
-crystal.buildCrystalPackage rec {
+let
+ crystal = crystal_0_33;
+
+in crystal.buildCrystalPackage rec {
pname = "thicket";
version = "0.1.3";
@@ -14,13 +17,18 @@ crystal.buildCrystalPackage rec {
sha256 = "0hkmmssiwipx373d0zw9a2yn72gqzqzcvwkqbs522m5adz6qmkzw";
};
+ format = "shards";
+
shardsFile = ./shards.nix;
crystalBinaries.thicket.src = "src/thicket.cr";
+ # there is one test that tries to clone a repo
+ doCheck = false;
+
meta = with lib; {
description = "A better one-line git log";
homepage = "https://github.com/taylorthurlow/thicket";
license = licenses.mit;
maintainers = with maintainers; [ filalex77 ];
};
-}
\ No newline at end of file
+}
diff --git a/pkgs/applications/video/kodi/default.nix b/pkgs/applications/video/kodi/default.nix
index 6d02bcefb08..c83705ac416 100644
--- a/pkgs/applications/video/kodi/default.nix
+++ b/pkgs/applications/video/kodi/default.nix
@@ -192,7 +192,9 @@ in stdenv.mkDerivation {
++ lib.optional usbSupport libusb
++ lib.optional vdpauSupport libvdpau
++ lib.optionals useWayland [
- wayland waylandpp wayland-protocols
+ wayland
+ waylandpp.dev
+ wayland-protocols
# Not sure why ".dev" is needed here, but CMake doesn't find libxkbcommon otherwise
libxkbcommon.dev
]
@@ -213,7 +215,7 @@ in stdenv.mkDerivation {
# for TexturePacker
giflib zlib libpng libjpeg lzo
- ] ++ lib.optionals useWayland [ wayland-protocols ];
+ ] ++ lib.optionals useWayland [ wayland-protocols waylandpp.bin ];
depsBuildBuild = [
buildPackages.stdenv.cc
diff --git a/pkgs/applications/window-managers/i3/default.nix b/pkgs/applications/window-managers/i3/default.nix
index fd964215d45..eec7d88dbc7 100644
--- a/pkgs/applications/window-managers/i3/default.nix
+++ b/pkgs/applications/window-managers/i3/default.nix
@@ -5,11 +5,11 @@
stdenv.mkDerivation rec {
pname = "i3";
- version = "4.18";
+ version = "4.18.1";
src = fetchurl {
url = "https://i3wm.org/downloads/${pname}-${version}.tar.bz2";
- sha256 = "0dv5g8ycfmijxfjyw8hzsxaf80v09lb73zh7x2vszy78h3amifqz";
+ sha256 = "0z709cianlzw0x0qwq4361347354xd9ckj1v7vjvhb1zh3x91gws";
};
nativeBuildInputs = [ which pkgconfig makeWrapper ];
diff --git a/pkgs/build-support/src-only/default.nix b/pkgs/build-support/src-only/default.nix
index c2f7cfb9399..a93b3648090 100644
--- a/pkgs/build-support/src-only/default.nix
+++ b/pkgs/build-support/src-only/default.nix
@@ -1,4 +1,4 @@
-{ stdenv, name, src, patches ? [], buildInputs ? [] }:
+{stdenv, name, src, patches ? [], buildInputs ? [], ...}:
stdenv.mkDerivation {
inherit src buildInputs patches name;
installPhase = "cp -r . $out";
diff --git a/pkgs/development/compilers/crystal/build-package.nix b/pkgs/development/compilers/crystal/build-package.nix
index 8ffa89a11b4..856c6e58bc1 100644
--- a/pkgs/development/compilers/crystal/build-package.nix
+++ b/pkgs/development/compilers/crystal/build-package.nix
@@ -1,53 +1,109 @@
-{ stdenv, lib, crystal, linkFarm, fetchFromGitHub }:
-{ # Generate shards.nix with `nix-shell -p crystal2nix --run crystal2nix` in the projects root
- shardsFile ? null
+{ stdenv, lib, crystal, shards, git, pkgconfig, which, linkFarm, fetchFromGitHub, installShellFiles }:
+
+{ # Some projects do not include a lock file, so you can pass one
+ lockFile ? null
+ # Generate shards.nix with `nix-shell -p crystal2nix --run crystal2nix` in the projects root
+, shardsFile ? null
+ # We support different builders. To make things more straight forward, make it
+ # user selectable instead of trying to autodetect
+, format ? "make"
+, installManPages ? true
# Specify binaries to build in the form { foo.src = "src/foo.cr"; }
# The default `crystal build` options can be overridden with { foo.options = [ "--no-debug" ]; }
-, crystalBinaries ? {}
-, ...
-}@args:
+, crystalBinaries ? { }, ... }@args:
+
+assert (builtins.elem format [ "make" "crystal" "shards" ]);
+
let
- mkDerivationArgs = builtins.removeAttrs args [ "shardsFile" "crystalBinaries" ];
+ mkDerivationArgs = builtins.removeAttrs args [
+ "format"
+ "installManPages"
+ "lockFile"
+ "shardsFile"
+ "crystalBinaries"
+ ];
crystalLib = linkFarm "crystal-lib" (lib.mapAttrsToList (name: value: {
inherit name;
path = fetchFromGitHub value;
}) (import shardsFile));
- defaultOptions = [ "--release" "--progress" "--no-debug" "--verbose" ];
+ # we previously had --no-debug here but that is not recommended by upstream
+ defaultOptions = [ "--release" "--progress" "--verbose" ];
+ buildDirectly = shardsFile == null || crystalBinaries != { };
in stdenv.mkDerivation (mkDerivationArgs // {
- configurePhase = args.configurePhase or ''
- runHook preConfigure
- ${lib.optionalString (shardsFile != null) "ln -s ${crystalLib} lib"}
- runHook postConfigure
+ configurePhase = args.configurePhase or lib.concatStringsSep "\n" ([
+ "runHook preConfigure"
+ ] ++ lib.optional (lockFile != null) "ln -s ${lockFile} ./shard.lock"
+ ++ lib.optional (shardsFile != null) "ln -s ${crystalLib} lib"
+ ++ [ "runHook postConfigure "]);
+
+ CRFLAGS = lib.concatStringsSep " " defaultOptions;
+
+ PREFIX = placeholder "out";
+
+ buildInputs = args.buildInputs or [ ] ++ [ crystal ]
+ ++ lib.optional (format != "crystal") shards;
+
+ nativeBuildInputs = args.nativeBuildInputs or [ ] ++ [ git installShellFiles pkgconfig which ];
+
+ buildPhase = args.buildPhase or (lib.concatStringsSep "\n" ([
+ "runHook preBuild"
+ ] ++ lib.optional (format == "make")
+ ''make ''${buildTargets:-build} $makeFlags''
+ ++ lib.optionals (format == "crystal") (lib.mapAttrsToList (bin: attrs: ''
+ crystal ${lib.escapeShellArgs (["build" "-o" bin
+ (attrs.src or (throw "No source file for crystal binary ${bin} provided"))
+ ] ++ (attrs.options or defaultOptions))}
+ '') crystalBinaries)
+ ++ lib.optional (format == "shards")
+ "shards build --local --production ${lib.concatStringsSep " " defaultOptions}"
+ ++ [ "runHook postBuild" ]));
+
+ installPhase = args.installPhase or (lib.concatStringsSep "\n" ([
+ "runHook preInstall"
+ ] ++ lib.optional (format == "make")
+ ''make ''${installTargets:-install} $installFlags''
+ ++ lib.optionals (format == "crystal") (map (bin: ''
+ install -Dm555 ${lib.escapeShellArgs [ bin "${placeholder "out"}/bin/${bin}" ]}
+ '') (lib.attrNames crystalBinaries))
+ ++ lib.optional (format == "shards")
+ ''install -Dm555 bin/* -t $out/bin''
+ ++ [
+ ''
+ for f in README* *.md LICENSE; do
+ test -f $f && install -Dm444 $f -t $out/share/doc/${args.pname}
+ done
+ ''
+ ] ++ (lib.optional installManPages ''
+ if [ -d man ]; then
+ installManPage man/*.?
+ fi
+ '') ++ [
+ "runHook postInstall"
+ ]));
+
+ doCheck = args.doCheck or true;
+
+ checkPhase = args.checkPhase or (lib.concatStringsSep "\n" ([
+ "runHook preCheck"
+ ] ++ lib.optional (format == "make")
+ ''make ''${checkTarget:-test} $checkFlags''
+ ++ lib.optional (format != "make")
+ ''crystal ''${checkTarget:-spec} $checkFlags''
+ ++ [ "runHook postCheck" ]));
+
+ doInstallCheck = args.doInstallCheck or true;
+
+ installCheckPhase = args.installCheckPhase or ''
+ for f in $out/bin/*; do
+ $f --help
+ done
'';
- buildInputs = args.buildInputs or [] ++ [ crystal ];
-
- buildPhase = args.buildPhase or ''
- runHook preBuild
- ${lib.concatStringsSep "\n" (lib.mapAttrsToList (bin: attrs: ''
- crystal ${lib.escapeShellArgs ([
- "build"
- "-o" bin
- (attrs.src or (throw "No source file for crystal binary ${bin} provided"))
- ] ++ attrs.options or defaultOptions)}
- '') crystalBinaries)}
- runHook postBuild
- '';
-
- installPhase = args.installPhase or ''
- runHook preInstall
- mkdir -p "$out/bin"
- ${lib.concatMapStringsSep "\n" (bin: ''
- mv ${lib.escapeShellArgs [ bin "${placeholder "out"}/bin/${bin}" ]}
- '') (lib.attrNames crystalBinaries)}
- runHook postInstall
- '';
-
- meta = args.meta or {} // {
+ meta = args.meta or { } // {
platforms = args.meta.platforms or crystal.meta.platforms;
};
})
diff --git a/pkgs/development/compilers/crystal/crystal2nix.nix b/pkgs/development/compilers/crystal/crystal2nix.nix
index ac69b9b3d96..5fc40cd2374 100644
--- a/pkgs/development/compilers/crystal/crystal2nix.nix
+++ b/pkgs/development/compilers/crystal/crystal2nix.nix
@@ -1,4 +1,5 @@
{ lib, crystal, nix-prefetch-git }:
+
crystal.buildCrystalPackage {
pname = "crystal2nix";
version = "unstable-2018-07-31";
@@ -6,11 +7,16 @@ crystal.buildCrystalPackage {
nixPrefetchGit = "${lib.getBin nix-prefetch-git}/bin/nix-prefetch-git";
unpackPhase = "substituteAll ${./crystal2nix.cr} crystal2nix.cr";
+ format = "crystal";
+
crystalBinaries.crystal2nix.src = "crystal2nix.cr";
+ # it will blow up without a shard.yml file
+ doInstallCheck = false;
+
meta = with lib; {
description = "Utility to convert Crystal's shard.lock files to a Nix file";
license = licenses.mit;
- maintainers = [ maintainers.manveru ];
+ maintainers = with maintainers; [ manveru ];
};
}
diff --git a/pkgs/development/compilers/ldc/binary.nix b/pkgs/development/compilers/ldc/binary.nix
deleted file mode 100644
index 56d40be8619..00000000000
--- a/pkgs/development/compilers/ldc/binary.nix
+++ /dev/null
@@ -1,41 +0,0 @@
-{ stdenv, fetchurl, curl, tzdata, autoPatchelfHook, fixDarwinDylibNames, libxml2
-, version, hashes }:
-with stdenv;
-let
- OS = if hostPlatform.isDarwin then "osx" else hostPlatform.parsed.kernel.name;
- ARCH = toString hostPlatform.parsed.cpu.name;
-in mkDerivation {
- pname = "ldc-bootstrap";
- inherit version;
-
- src = fetchurl rec {
- name = "ldc2-${version}-${OS}-${ARCH}.tar.xz";
- url = "https://github.com/ldc-developers/ldc/releases/download/v${version}/${name}";
- sha256 = hashes."${OS}-${ARCH}" or (throw "missing bootstrap sha256 for ${OS}-${ARCH}");
- };
-
- dontConfigure = true;
- dontBuild = true;
-
- nativeBuildInputs = [ fixDarwinDylibNames autoPatchelfHook ];
-
- buildInputs = lib.optionals stdenv.hostPlatform.isLinux [ libxml2 stdenv.cc.cc ];
-
- propagatedBuildInputs = [ curl tzdata ];
-
- installPhase = ''
- mkdir -p $out
-
- mv bin etc import lib LICENSE README $out/
- '';
-
- meta = with lib; {
- inherit version;
- description = "The LLVM-based D Compiler";
- homepage = "https://github.com/ldc-developers/ldc";
- # from https://github.com/ldc-developers/ldc/blob/master/LICENSE
- license = with licenses; [ bsd3 boost mit ncsa gpl2Plus ];
- maintainers = with maintainers; [ ThomasMader lionello ];
- platforms = [ "x86_64-linux" "x86_64-darwin" "aarch64-linux" ];
- };
-}
diff --git a/pkgs/development/compilers/ldc/bootstrap.nix b/pkgs/development/compilers/ldc/bootstrap.nix
deleted file mode 100644
index fde4c842684..00000000000
--- a/pkgs/development/compilers/ldc/bootstrap.nix
+++ /dev/null
@@ -1,10 +0,0 @@
-{ callPackage }:
-callPackage ./binary.nix {
- version = "1.19.0";
- hashes = {
- # Get these from `nix-prefetch-url https://github.com/ldc-developers/ldc/releases/download/v1.19.0/ldc2-1.19.0-osx-x86_64.tar.xz` etc..
- osx-x86_64 = "1bp3xkh9zp64dzq8isanib1gacb3nfbl70qv15qygwk1zan6zgy7";
- linux-x86_64 = "146grr2lwarfk13wgkpyb77xb6b3as1is2rf4s2hipqjmc8biy1h";
- linux-aarch64 = "1fv6jshfvi15m7masgxq1hgp216qjd5amizrqdf26vhrq3a08li3";
- };
-}
diff --git a/pkgs/development/compilers/ldc/default.nix b/pkgs/development/compilers/ldc/default.nix
index 5a4baabcf8d..19fe2981c83 100644
--- a/pkgs/development/compilers/ldc/default.nix
+++ b/pkgs/development/compilers/ldc/default.nix
@@ -1,5 +1,173 @@
-import ./generic.nix {
- version = "1.20.1";
- ldcSha256 = "1bqsgab22v02pc3c9gcyf15y7aimadv24d68icaw5lpgnvzxy89b";
+{ stdenv, fetchurl, cmake, ninja, llvm_5, llvm_8, curl, tzdata
+, libconfig, lit, gdb, unzip, darwin, bash
+, callPackage, makeWrapper, runCommand, targetPackages
+, bootstrapVersion ? false
+, version ? "1.17.0"
+, ldcSha256 ? "1aag5jfrng6p4ms0fs90hjbv9bcj3hj8h52r68c3cm6racdajbva"
+}:
+
+let
+ bootstrapLdc = if !bootstrapVersion then
+ # LDC 0.17.x is the last version which doesn't need a working D compiler to
+ # build so we use that version to bootstrap the actual build.
+ callPackage ./default.nix {
+ bootstrapVersion = true;
+ version = "0.17.6";
+ ldcSha256 = "0qf5kbxddgmg3kqzi0kf4bgv8vdrnv16y07hcpm0cwv9mc3qr2w6";
+ }
+ else
+ "";
+
+ pathConfig = runCommand "ldc-lib-paths" {} ''
+ mkdir $out
+ echo ${tzdata}/share/zoneinfo/ > $out/TZDatabaseDirFile
+ echo ${curl.out}/lib/libcurl${stdenv.hostPlatform.extensions.sharedLibrary} > $out/LibcurlPathFile
+ '';
+in
+
+stdenv.mkDerivation rec {
+ pname = "ldc";
+ inherit version;
+
+ enableParallelBuilding = true;
+
+ src = fetchurl {
+ url = "https://github.com/ldc-developers/ldc/releases/download/v${version}/ldc-${version}-src.tar.gz";
+ sha256 = ldcSha256;
+ };
+
+ # https://issues.dlang.org/show_bug.cgi?id=19553
+ hardeningDisable = [ "fortify" ];
+
+ postUnpack = ''
+ patchShebangs .
+ ''
+
+ + stdenv.lib.optionalString (!bootstrapVersion) ''
+ rm ldc-${version}-src/tests/d2/dmd-testsuite/fail_compilation/mixin_gc.d
+ rm ldc-${version}-src/tests/d2/dmd-testsuite/runnable/xtest46_gc.d
+ rm ldc-${version}-src/tests/d2/dmd-testsuite/runnable/testptrref_gc.d
+
+ # test depends on current year
+ rm ldc-${version}-src/tests/d2/dmd-testsuite/compilable/ddocYear.d
+ ''
+
+ + stdenv.lib.optionalString (!bootstrapVersion && stdenv.hostPlatform.isDarwin) ''
+ # https://github.com/NixOS/nixpkgs/issues/34817
+ rm -r ldc-${version}-src/tests/plugins/addFuncEntryCall
+ '';
+
+ postPatch = ''
+ # Setting SHELL=$SHELL when dmd testsuite is run doesn't work on Linux somehow
+ substituteInPlace tests/d2/dmd-testsuite/Makefile --replace "SHELL=/bin/bash" "SHELL=${bash}/bin/bash"
+ ''
+
+ + stdenv.lib.optionalString (!bootstrapVersion && stdenv.hostPlatform.isLinux) ''
+ substituteInPlace runtime/phobos/std/socket.d --replace "assert(ih.addrList[0] == 0x7F_00_00_01);" ""
+ ''
+
+ + stdenv.lib.optionalString (!bootstrapVersion && stdenv.hostPlatform.isDarwin) ''
+ substituteInPlace runtime/phobos/std/socket.d --replace "foreach (name; names)" "names = []; foreach (name; names)"
+ ''
+
+ + stdenv.lib.optionalString (bootstrapVersion && stdenv.hostPlatform.isDarwin) ''
+ # Was not able to compile on darwin due to "__inline_isnanl"
+ # being undefined.
+ # TODO Remove with version > 0.17.6
+ substituteInPlace dmd2/root/port.c --replace __inline_isnanl __inline_isnan
+ '';
+
+ nativeBuildInputs = [ cmake ninja makeWrapper unzip ]
+ ++ stdenv.lib.optionals (!bootstrapVersion) [
+ bootstrapLdc lit lit.python
+ ]
+ ++ stdenv.lib.optional (!bootstrapVersion && stdenv.hostPlatform.isDarwin)
+ # https://github.com/NixOS/nixpkgs/issues/57120
+ # https://github.com/NixOS/nixpkgs/pull/59197#issuecomment-481972515
+ llvm_5
+ ++ stdenv.lib.optional (!bootstrapVersion && !stdenv.hostPlatform.isDarwin)
+ llvm_8
+ ++ stdenv.lib.optional (!bootstrapVersion && !stdenv.hostPlatform.isDarwin)
+ # https://github.com/NixOS/nixpkgs/pull/36378#issuecomment-385034818
+ gdb
+ ++ stdenv.lib.optionals (bootstrapVersion) [
+ libconfig llvm_5
+ ]
+ ++ stdenv.lib.optional stdenv.hostPlatform.isDarwin
+ darwin.apple_sdk.frameworks.Foundation;
+
+
+ buildInputs = [ curl tzdata ];
+
+ cmakeFlags = stdenv.lib.optionals (!bootstrapVersion) [
+ "-DD_FLAGS=-d-version=TZDatabaseDir;-d-version=LibcurlPath;-J${pathConfig}"
+ "-DCMAKE_BUILD_TYPE=Release"
+ ];
+
+ postConfigure = ''
+ export DMD=$PWD/bin/ldmd2
+ '';
+
+ makeFlags = [ "DMD=$DMD" ];
+
+ fixNames = stdenv.lib.optionalString stdenv.hostPlatform.isDarwin ''
+ fixDarwinDylibNames() {
+ local flags=()
+
+ for fn in "$@"; do
+ flags+=(-change "$(basename "$fn")" "$fn")
+ done
+
+ for fn in "$@"; do
+ if [ -L "$fn" ]; then continue; fi
+ echo "$fn: fixing dylib"
+ install_name_tool -id "$fn" "''${flags[@]}" "$fn"
+ done
+ }
+
+ fixDarwinDylibNames $(find "$(pwd)/lib" -name "*.dylib")
+ export DYLD_LIBRARY_PATH=$(pwd)/lib
+ '';
+
+ # https://github.com/ldc-developers/ldc/issues/2497#issuecomment-459633746
+ additionalExceptions = stdenv.lib.optionalString stdenv.hostPlatform.isDarwin
+ "|druntime-test-shared";
+
+ doCheck = !bootstrapVersion;
+
+ checkPhase = stdenv.lib.optionalString doCheck ''
+ # Build default lib test runners
+ ninja -j$NIX_BUILD_CORES all-test-runners
+
+ ${fixNames}
+
+ # Run dmd testsuite
+ export DMD_TESTSUITE_MAKE_ARGS="-j$NIX_BUILD_CORES DMD=$DMD CC=$CXX"
+ ctest -V -R "dmd-testsuite"
+
+ # Build and run LDC D unittests.
+ ctest --output-on-failure -R "ldc2-unittest"
+
+ # Run LIT testsuite.
+ ctest -V -R "lit-tests"
+
+ # Run default lib unittests
+ ctest -j$NIX_BUILD_CORES --output-on-failure -E "ldc2-unittest|lit-tests|dmd-testsuite${additionalExceptions}"
+ '';
+
+ postInstall = ''
+ wrapProgram $out/bin/ldc2 \
+ --prefix PATH ":" "${targetPackages.stdenv.cc}/bin" \
+ --set-default CC "${targetPackages.stdenv.cc}/bin/cc"
+ '';
+
+ meta = with stdenv.lib; {
+ description = "The LLVM-based D compiler";
+ homepage = "https://github.com/ldc-developers/ldc";
+ # from https://github.com/ldc-developers/ldc/blob/master/LICENSE
+ license = with licenses; [ bsd3 boost mit ncsa gpl2Plus ];
+ maintainers = with maintainers; [ ThomasMader ];
+ platforms = [ "x86_64-linux" "i686-linux" "x86_64-darwin" ];
+ };
}
diff --git a/pkgs/development/compilers/ldc/generic.nix b/pkgs/development/compilers/ldc/generic.nix
deleted file mode 100644
index c93d423945c..00000000000
--- a/pkgs/development/compilers/ldc/generic.nix
+++ /dev/null
@@ -1,143 +0,0 @@
-{ version, ldcSha256 }:
-{ stdenv, fetchurl, cmake, ninja, llvm_5, llvm_8, curl, tzdata
-, libconfig, lit, gdb, unzip, darwin, bash
-, callPackage, makeWrapper, runCommand, targetPackages
-, ldcBootstrap ? callPackage ./bootstrap.nix { }
-}:
-
-let
- pathConfig = runCommand "ldc-lib-paths" {} ''
- mkdir $out
- echo ${tzdata}/share/zoneinfo/ > $out/TZDatabaseDirFile
- echo ${curl.out}/lib/libcurl${stdenv.hostPlatform.extensions.sharedLibrary} > $out/LibcurlPathFile
- '';
-
-in
-
-stdenv.mkDerivation rec {
- pname = "ldc";
- inherit version;
-
- enableParallelBuilding = true;
-
- src = fetchurl {
- url = "https://github.com/ldc-developers/ldc/releases/download/v${version}/ldc-${version}-src.tar.gz";
- sha256 = ldcSha256;
- };
-
- # https://issues.dlang.org/show_bug.cgi?id=19553
- hardeningDisable = [ "fortify" ];
-
- postUnpack = ''
- patchShebangs .
- ''
- + ''
- rm ldc-${version}-src/tests/d2/dmd-testsuite/fail_compilation/mixin_gc.d
- rm ldc-${version}-src/tests/d2/dmd-testsuite/runnable/xtest46_gc.d
- rm ldc-${version}-src/tests/d2/dmd-testsuite/runnable/testptrref_gc.d
-
- # test depends on current year
- rm ldc-${version}-src/tests/d2/dmd-testsuite/compilable/ddocYear.d
- ''
- + stdenv.lib.optionalString stdenv.hostPlatform.isDarwin ''
- # https://github.com/NixOS/nixpkgs/issues/34817
- rm -r ldc-${version}-src/tests/plugins/addFuncEntryCall
- '';
-
- postPatch = ''
- # Setting SHELL=$SHELL when dmd testsuite is run doesn't work on Linux somehow
- substituteInPlace tests/d2/dmd-testsuite/Makefile --replace "SHELL=/bin/bash" "SHELL=${bash}/bin/bash"
- ''
- + stdenv.lib.optionalString stdenv.hostPlatform.isLinux ''
- substituteInPlace runtime/phobos/std/socket.d --replace "assert(ih.addrList[0] == 0x7F_00_00_01);" ""
- ''
- + stdenv.lib.optionalString stdenv.hostPlatform.isDarwin ''
- substituteInPlace runtime/phobos/std/socket.d --replace "foreach (name; names)" "names = []; foreach (name; names)"
- '';
-
- nativeBuildInputs = [
- cmake ninja makeWrapper unzip ldcBootstrap lit lit.python
- ]
- ++ stdenv.lib.optionals stdenv.hostPlatform.isDarwin [
- darwin.apple_sdk.frameworks.Foundation
- # https://github.com/NixOS/nixpkgs/issues/57120
- # https://github.com/NixOS/nixpkgs/pull/59197#issuecomment-481972515
- llvm_5
- ]
- ++ stdenv.lib.optionals (!stdenv.hostPlatform.isDarwin) [
- llvm_8
- # https://github.com/NixOS/nixpkgs/pull/36378#issuecomment-385034818
- gdb
- ];
-
- buildInputs = [ curl tzdata ];
-
- cmakeFlags = [
- "-DD_FLAGS=-d-version=TZDatabaseDir;-d-version=LibcurlPath;-J${pathConfig}"
- "-DCMAKE_BUILD_TYPE=Release"
- ];
-
- postConfigure = ''
- export DMD=$PWD/bin/ldmd2
- '';
-
- makeFlags = [ "DMD=$DMD" ];
-
- fixNames = stdenv.lib.optionalString stdenv.hostPlatform.isDarwin ''
- fixDarwinDylibNames() {
- local flags=()
-
- for fn in "$@"; do
- flags+=(-change "$(basename "$fn")" "$fn")
- done
-
- for fn in "$@"; do
- if [ -L "$fn" ]; then continue; fi
- echo "$fn: fixing dylib"
- install_name_tool -id "$fn" "''${flags[@]}" "$fn"
- done
- }
-
- fixDarwinDylibNames $(find "$(pwd)/lib" -name "*.dylib")
- export DYLD_LIBRARY_PATH=$(pwd)/lib
- '';
-
- # https://github.com/ldc-developers/ldc/issues/2497#issuecomment-459633746
- additionalExceptions = stdenv.lib.optionalString stdenv.hostPlatform.isDarwin
- "|druntime-test-shared";
-
- checkPhase = ''
- # Build default lib test runners
- ninja -j$NIX_BUILD_CORES all-test-runners
-
- ${fixNames}
-
- # Run dmd testsuite
- export DMD_TESTSUITE_MAKE_ARGS="-j$NIX_BUILD_CORES DMD=$DMD"
- ctest -V -R "dmd-testsuite"
-
- # Build and run LDC D unittests.
- ctest --output-on-failure -R "ldc2-unittest"
-
- # Run LIT testsuite.
- ctest -V -R "lit-tests"
-
- # Run default lib unittests
- ctest -j$NIX_BUILD_CORES --output-on-failure -E "ldc2-unittest|lit-tests|dmd-testsuite${additionalExceptions}"
- '';
-
- postInstall = ''
- wrapProgram $out/bin/ldc2 \
- --prefix PATH ":" "${targetPackages.stdenv.cc}/bin" \
- --set-default CC "${targetPackages.stdenv.cc}/bin/cc"
- '';
-
- meta = with stdenv.lib; {
- description = "The LLVM-based D compiler";
- homepage = "https://github.com/ldc-developers/ldc";
- # from https://github.com/ldc-developers/ldc/blob/master/LICENSE
- license = with licenses; [ bsd3 boost mit ncsa gpl2Plus ];
- maintainers = with maintainers; [ ThomasMader lionello ];
- platforms = [ "x86_64-linux" "i686-linux" "x86_64-darwin" ];
- };
-}
diff --git a/pkgs/development/compilers/mint/default.nix b/pkgs/development/compilers/mint/default.nix
index 7f5af5e834b..d1d103c047f 100644
--- a/pkgs/development/compilers/mint/default.nix
+++ b/pkgs/development/compilers/mint/default.nix
@@ -1,27 +1,36 @@
-{ lib, fetchFromGitHub, crystal, zlib, openssl, duktape, which, libyaml }:
-crystal.buildCrystalPackage rec {
- version = "0.7.1";
+{ lib, fetchFromGitHub, crystal_0_33, openssl }:
+
+let crystal = crystal_0_33;
+in crystal.buildCrystalPackage rec {
+ version = "0.9.0";
pname = "mint";
+
src = fetchFromGitHub {
owner = "mint-lang";
repo = "mint";
rev = version;
- sha256 = "18cg96kl4dn89bj6fm3080zzyd1r7rsfi17agdjjayd2v9fgs95l";
+ sha256 = "0y1qr616x7s0pjgih6s1n4wiwb8kn8l1knnzmib6j4jmqax0jhz0";
};
- buildInputs = [ openssl ];
+ postPatch = ''
+ export HOME=$TMP
+ '';
+
+ format = "shards";
# Update with
# nix-shell -p crystal2nix --run crystal2nix
# with mint's shard.lock file in the current directory
shardsFile = ./shards.nix;
- crystalBinaries.mint.src = "src/mint.cr";
- meta = {
+ buildInputs = [ openssl ];
+
+ meta = with lib; {
description = "A refreshing language for the front-end web";
homepage = "https://mint-lang.com/";
- license = lib.licenses.bsd3;
- maintainers = with lib.maintainers; [ manveru ];
+ license = licenses.bsd3;
+ maintainers = with maintainers; [ manveru ];
platforms = [ "x86_64-linux" "i686-linux" "x86_64-darwin" ];
+ broken = lib.versionOlder crystal.version "0.33";
};
}
diff --git a/pkgs/development/compilers/mint/shards.nix b/pkgs/development/compilers/mint/shards.nix
index b3583ac2cba..8e2b6b6ad4d 100644
--- a/pkgs/development/compilers/mint/shards.nix
+++ b/pkgs/development/compilers/mint/shards.nix
@@ -2,26 +2,26 @@
admiral = {
owner = "jwaldrip";
repo = "admiral.cr";
- rev = "v1.7.3";
- sha256 = "0b98qjy43wsrc08am7lkhcdsxc7gplf9hcmbvd4p3dw4g107rk91";
+ rev = "v1.9.0";
+ sha256 = "0y8gsh1qz42bc9jawcrn0i49mzzfvf8znmivd8lybapf0f53fblz";
};
ameba = {
- owner = "veelenga";
+ owner = "crystal-ameba";
repo = "ameba";
- rev = "v0.10.1";
- sha256 = "0dcw7px7g0c5pxpdlirhirqzhcc7gdwdfiwb9kgm4x1k74ghjgxq";
+ rev = "v0.12.0";
+ sha256 = "0g68yijbm2j4ig536fwq49d1z7x2iv9kp4g3gjklf5zn1sbqhm12";
};
baked_file_system = {
owner = "schovi";
repo = "baked_file_system";
- rev = "v0.9.7";
- sha256 = "1fi6zag1a6h4xwrfizy01dls3hhraqw0cmpwj7rjv1qcddjgig5z";
+ rev = "v0.9.8";
+ sha256 = "12l375jllg1lxvfh610dz0a39p803xw6q9fxlmnc6hy55i0gm0y3";
};
diff = {
owner = "MakeNowJust";
repo = "crystal-diff";
- rev = "51962dc36f9bbb1b926d557f7cb8993a6c73cc63";
- sha256 = "1nwnsxm8srfw8jg0yfi2v19x6j3dadx62hq0xpxra40qcqz9dbnp";
+ rev = "v1.1.0";
+ sha256 = "1q5q2d5mp1r8c6k5v4755sb3b6awiz85d1j280djzhbd0pggk3z7";
};
dotenv = {
owner = "gdotdesign";
@@ -32,14 +32,14 @@
exception_page = {
owner = "crystal-loot";
repo = "exception_page";
- rev = "v0.1.2";
- sha256 = "0j5ishhyriq9p339yaawrmawl9wgmp1paniq30a8d6a0568h3avq";
+ rev = "v0.1.4";
+ sha256 = "0bsp2m89sl0bg9d5szbs1nxyk7yk58rkk24aibr39hhb5zi70pqi";
};
kemal = {
owner = "kemalcr";
repo = "kemal";
- rev = "v0.25.1";
- sha256 = "1334i905xj6vlmp8acyybwwlaxsgmf90b59da7brzpnf28wci782";
+ rev = "v0.26.1";
+ sha256 = "169pwkjmk7x6j8i0rf5rpyk1y0hl7jaf9h6yrq4ha2ag9yq9i8fr";
};
kilt = {
owner = "jeromegn";
diff --git a/pkgs/development/libraries/appstream-glib/default.nix b/pkgs/development/libraries/appstream-glib/default.nix
index ceb4c238a7b..5b777dff3ea 100644
--- a/pkgs/development/libraries/appstream-glib/default.nix
+++ b/pkgs/development/libraries/appstream-glib/default.nix
@@ -23,7 +23,7 @@
, pngquant
}:
stdenv.mkDerivation rec {
- name = "appstream-glib-0.7.16";
+ name = "appstream-glib-0.7.17";
outputs = [ "out" "dev" "man" "installedTests" ];
outputBin = "dev";
@@ -32,7 +32,7 @@ stdenv.mkDerivation rec {
owner = "hughsie";
repo = "appstream-glib";
rev = stdenv.lib.replaceStrings [ "." "-" ] [ "_" "_" ] name;
- sha256 = "05x2pmsq18fcpgfvx0y54qdlryy5c9k3sxk6kgank8frkzhgnm9r";
+ sha256 = "06pm8l58y0ladimyckbvlslr5bjj9rwb70rgjmn09l41pdpipy2i";
};
nativeBuildInputs = [
diff --git a/pkgs/development/libraries/icu/65.nix b/pkgs/development/libraries/icu/65.nix
new file mode 100644
index 00000000000..c5074eea114
--- /dev/null
+++ b/pkgs/development/libraries/icu/65.nix
@@ -0,0 +1,4 @@
+import ./base.nix {
+ version = "65.1";
+ sha256 = "0j6r6qqnhfr5iqkx53k63ifkm93kv1kkb7h2mlgd1mnnndk79qsk";
+}
diff --git a/pkgs/development/libraries/icu/66.nix b/pkgs/development/libraries/icu/66.nix
new file mode 100644
index 00000000000..5dfad945d29
--- /dev/null
+++ b/pkgs/development/libraries/icu/66.nix
@@ -0,0 +1,4 @@
+import ./base.nix {
+ version = "66.1";
+ sha256 = "0bharwzc9nzkbrcf405z2nb3h7q0711z450arz0mjmdrk8hg58sj";
+}
diff --git a/pkgs/development/libraries/icu/base.nix b/pkgs/development/libraries/icu/base.nix
index 96b00027e20..81f75ad526a 100644
--- a/pkgs/development/libraries/icu/base.nix
+++ b/pkgs/development/libraries/icu/base.nix
@@ -9,8 +9,7 @@ let
baseAttrs = {
src = fetchurl {
- url = "http://download.icu-project.org/files/${pname}/${version}/${pname}-"
- + (stdenv.lib.replaceChars ["."] ["_"] version) + "-src.tgz";
+ url = "https://github.com/unicode-org/icu/releases/download/release-${lib.replaceChars [ "." ] [ "-" ] version}/icu4c-${lib.replaceChars [ "." ] [ "_" ] version}-src.tgz";
inherit sha256;
};
diff --git a/pkgs/development/libraries/waylandpp/default.nix b/pkgs/development/libraries/waylandpp/default.nix
index 59fac7bfe4a..07de374c962 100644
--- a/pkgs/development/libraries/waylandpp/default.nix
+++ b/pkgs/development/libraries/waylandpp/default.nix
@@ -1,21 +1,39 @@
-{ stdenv, fetchFromGitHub, cmake, pkgconfig, pugixml, wayland, libGL, libffi, buildPackages }:
+{ stdenv
+, fetchFromGitHub
+, cmake
+, pkgconfig
+, pugixml
+, wayland
+, libGL
+, libffi
+, buildPackages
+, docSupport ? true
+, doxygen ? null
+}:
+assert docSupport -> doxygen != null;
+
+with stdenv.lib;
stdenv.mkDerivation rec {
pname = "waylandpp";
- version = "0.2.5";
+ version = "0.2.7";
src = fetchFromGitHub {
owner = "NilsBrause";
repo = pname;
rev = version;
- sha256 = "16h57hzd688664qcyznzhjp3hxipdkzgv46x82yhkww24av8b55n";
+ sha256 = "1r4m0xhvwpcqxrqvp3hz1bzlkxqj2jiymd5r6hj8xjzz536hyprz";
};
cmakeFlags = stdenv.lib.optional (stdenv.hostPlatform != stdenv.buildPlatform) "-DWAYLAND_SCANNERPP=${buildPackages.waylandpp}/bin/wayland-scanner++";
- nativeBuildInputs = [ cmake pkgconfig ];
+ nativeBuildInputs = [ cmake pkgconfig ] ++ optional docSupport doxygen;
buildInputs = [ pugixml wayland libGL libffi ];
+ outputs = [ "bin" "dev" "lib" "out" ] ++ optionals docSupport [ "doc" "devman" ];
+
+ cmakeFlags = [ "-DCMAKE_INSTALL_DATADIR=${placeholder "dev"}" ];
+
meta = with stdenv.lib; {
description = "Wayland C++ binding";
homepage = "https://github.com/NilsBrause/waylandpp/";
diff --git a/pkgs/development/python-modules/dotnetcore2/default.nix b/pkgs/development/python-modules/dotnetcore2/default.nix
index 4d3edf0906a..eeb962a845f 100644
--- a/pkgs/development/python-modules/dotnetcore2/default.nix
+++ b/pkgs/development/python-modules/dotnetcore2/default.nix
@@ -7,7 +7,7 @@
buildPythonPackage rec {
pname = "dotnetcore2";
- version = "2.1.11";
+ version = "2.1.13";
format = "wheel";
disabled = isPy27;
@@ -15,7 +15,7 @@ buildPythonPackage rec {
inherit pname version format;
python = "py3";
platform = "manylinux1_x86_64";
- sha256 = "0qhp94bjz4icz2f0fnhgck875chiqzy4lvsp6lwhj5jd0zsv2bb3";
+ sha256 = "1fbg3pn7g0a6pg0gb5vaapcc3cdp6wfnliim57fn3cnzmx5d8p6i";
};
nativeBuildInputs = [ unzip ];
@@ -35,13 +35,9 @@ buildPythonPackage rec {
)
];
- # unfortunately the noraml pip install fails because the manylinux1 format check fails with NixOS
- installPhase = ''
- mkdir -p $out/${python.sitePackages}/${pname}
- # copy metadata
- cp -r dotnetcore2-2* $out/${python.sitePackages}
- # copy non-dotnetcore related files
- cp -r dotnetcore2/{__init__.py,runtime.py} $out/${python.sitePackages}/${pname}
+ # prevent exposing a broken dotnet executable
+ postInstall = ''
+ rm -r $out/${python.sitePackages}/${pname}/bin
'';
# no tests, ensure it's one useful function works
diff --git a/pkgs/development/python-modules/goobook/default.nix b/pkgs/development/python-modules/goobook/default.nix
index f8daf66c156..ac658b1940f 100644
--- a/pkgs/development/python-modules/goobook/default.nix
+++ b/pkgs/development/python-modules/goobook/default.nix
@@ -12,6 +12,9 @@ buildPythonPackage rec {
sha256 = "089a95s6g9izsy1fzpz48p6pz0wpngcbbrvsillm1n53492gfhjg";
};
+ # Required for a breaking change in google-api-python-client 1.8.1:
+ patches = [ ./fix-build.patch ];
+
propagatedBuildInputs = [
google_api_python_client simplejson oauth2client setuptools
];
diff --git a/pkgs/development/python-modules/goobook/fix-build.patch b/pkgs/development/python-modules/goobook/fix-build.patch
new file mode 100644
index 00000000000..1121dbfdcb3
--- /dev/null
+++ b/pkgs/development/python-modules/goobook/fix-build.patch
@@ -0,0 +1,32 @@
+From 8de09b82c5ac900317043e1c1025f431516b6788 Mon Sep 17 00:00:00 2001
+From: Michael Weiss
+Date: Tue, 21 Apr 2020 21:41:04 +0200
+Subject: [PATCH] Switch from the alias apiclient to googleapiclient
+
+This fixes the package after a breaking change / bug in
+google-api-python-client 1.8.1 (see [0] and a lot of duplicate issues).
+
+The module apiclient is just an alias for googleapiclient [1].
+
+[0]: https://github.com/googleapis/google-api-python-client/issues/870
+[1]: https://github.com/googleapis/google-api-python-client/blob/v1.8.1/apiclient/__init__.py
+---
+ goobook/goobook.py | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/goobook/goobook.py b/goobook/goobook.py
+index 5bcb0b3..a2e25e9 100755
+--- a/goobook/goobook.py
++++ b/goobook/goobook.py
+@@ -31,7 +31,7 @@ import sys
+ import time
+
+ import httplib2
+-from apiclient.discovery import build
++from googleapiclient.discovery import build
+
+ from goobook.storage import Storage, storageify, unstorageify
+
+--
+2.26.1
+
diff --git a/pkgs/development/python-modules/google-api-python-client/default.nix b/pkgs/development/python-modules/google-api-python-client/default.nix
index 2d7ae43f7f1..ac7bcb5cd52 100644
--- a/pkgs/development/python-modules/google-api-python-client/default.nix
+++ b/pkgs/development/python-modules/google-api-python-client/default.nix
@@ -4,11 +4,11 @@
buildPythonPackage rec {
pname = "google-api-python-client";
- version = "1.8.0";
+ version = "1.8.2";
src = fetchPypi {
inherit pname version;
- sha256 = "003rgr15r9j080f3n5y2x6ymxsfv652m3r7j83p7sbrd9shl4nqg";
+ sha256 = "09g7v6yrf8p0kgmjnzy9d0fx9p1zngk2pmprf0bx19j1zc9jqj5z";
};
# No tests included in archive
diff --git a/pkgs/development/python-modules/matrix-nio/default.nix b/pkgs/development/python-modules/matrix-nio/default.nix
index 9320efc91a2..ff4f6198aa5 100644
--- a/pkgs/development/python-modules/matrix-nio/default.nix
+++ b/pkgs/development/python-modules/matrix-nio/default.nix
@@ -20,13 +20,13 @@
buildPythonPackage rec {
pname = "nio";
- version = "0.9.0";
+ version = "0.10.0";
src = fetchFromGitHub {
owner = "poljar";
repo = "matrix-nio";
rev = version;
- sha256 = "0gqhk9d06w1in6dj7aqy45skzyg8018nmclqd5r0m5nnw8yns6gz";
+ sha256 = "04ryf9lrm0820hqij46hav6mgplabnyl9dfj46iwvxasn06fh2j8";
};
nativeBuildInputs = [
@@ -56,6 +56,6 @@ buildPythonPackage rec {
description = "A Python Matrix client library, designed according to sans I/O principles";
homepage = "https://github.com/poljar/matrix-nio";
license = licenses.isc;
- maintainers = with maintainers; [ tilpner emily ];
+ maintainers = with maintainers; [ tilpner emily symphorien ];
};
}
diff --git a/pkgs/development/python-modules/pulsectl/default.nix b/pkgs/development/python-modules/pulsectl/default.nix
new file mode 100644
index 00000000000..dec80abda15
--- /dev/null
+++ b/pkgs/development/python-modules/pulsectl/default.nix
@@ -0,0 +1,31 @@
+{ lib, buildPythonPackage, fetchPypi, libpulseaudio, glibc, substituteAll, stdenv, pulseaudio, python }:
+
+buildPythonPackage rec {
+ pname = "pulsectl";
+ version = "20.4.3";
+
+ src = fetchPypi {
+ inherit pname version;
+ sha256 = "1m5fz740r4rk2i8qsnblsn16hai7givqxbx21swhpflan1yzvzzm";
+ };
+
+ patches = [
+ (substituteAll {
+ src = ./library-paths.patch;
+ libpulse = "${libpulseaudio.out}/lib/libpulse${stdenv.hostPlatform.extensions.sharedLibrary}";
+ librt = "${glibc.out}/lib/librt${stdenv.hostPlatform.extensions.sharedLibrary}";
+ })
+ ];
+
+ checkInputs = [ pulseaudio ];
+ checkPhase = ''
+ ${python.interpreter} -m unittest pulsectl.tests.all
+ '';
+
+ meta = with lib; {
+ description = "Python high-level interface and ctypes-based bindings for PulseAudio (libpulse)";
+ homepage = "https://pypi.python.org/pypi/pulsectl/";
+ license = licenses.mit;
+ maintainers = with maintainers; [ hexa ];
+ };
+}
diff --git a/pkgs/development/python-modules/pulsectl/library-paths.patch b/pkgs/development/python-modules/pulsectl/library-paths.patch
new file mode 100644
index 00000000000..5840e515258
--- /dev/null
+++ b/pkgs/development/python-modules/pulsectl/library-paths.patch
@@ -0,0 +1,22 @@
+diff --git a/pulsectl/_pulsectl.py b/pulsectl/_pulsectl.py
+index 4422ddf..3fb2f39 100644
+--- a/pulsectl/_pulsectl.py
++++ b/pulsectl/_pulsectl.py
+@@ -31,7 +31,7 @@ else:
+ if not hasattr(mono_time, 'ts'):
+ class timespec(Structure):
+ _fields_ = [('tv_sec', c_long), ('tv_nsec', c_long)]
+- librt = CDLL('librt.so.1', use_errno=True)
++ librt = CDLL('@librt@', use_errno=True)
+ mono_time.get = librt.clock_gettime
+ mono_time.get.argtypes = [c_int, POINTER(timespec)]
+ mono_time.ts = timespec
+@@ -625,7 +625,7 @@ class LibPulse(object):
+
+
+ def __init__(self):
+- p = CDLL(ctypes.util.find_library('libpulse') or 'libpulse.so.0')
++ p = CDLL('@libpulse@')
+
+ self.funcs = dict()
+ for k, spec in self.func_defs.items():
diff --git a/pkgs/development/python-modules/pylatexenc/default.nix b/pkgs/development/python-modules/pylatexenc/default.nix
index 146aed9a3ec..d4f14f3be01 100644
--- a/pkgs/development/python-modules/pylatexenc/default.nix
+++ b/pkgs/development/python-modules/pylatexenc/default.nix
@@ -1,30 +1,28 @@
{ lib
, buildPythonPackage
, fetchFromGitHub
-, pytest
+, pytestCheckHook
}:
buildPythonPackage rec {
pname = "pylatexenc";
- version = "2.1";
+ version = "2.2";
src = fetchFromGitHub {
owner = "phfaist";
- repo = pname;
+ repo = "pylatexenc";
rev = "v${version}";
- sha256 = "0wnl00y5dl56aw9j4y21kqapraaravbycwfxdmjsbgl11nk4llx9";
+ sha256 = "0icwd7iipz3sv4jdh9iam7h4xslvdqg16rwsmczrna3mmjbwccdk";
};
pythonImportsCheck = [ "pylatexenc" ];
- checkInputs = [ pytest ];
- checkPhase = ''
- pytest
- '';
+ dontUseSetuptoolsCheck = true;
+ checkInputs = [ pytestCheckHook ];
meta = with lib; {
description = "Simple LaTeX parser providing latex-to-unicode and unicode-to-latex conversion";
homepage = "https://pylatexenc.readthedocs.io";
- downloadPage = "https;//www.github.com/phfaist/pylatexenc";
+ downloadPage = "https://www.github.com/phfaist/pylatexenc/releases";
license = licenses.mit;
maintainers = with maintainers; [ drewrisinger ];
};
diff --git a/pkgs/development/python-modules/pyroma/default.nix b/pkgs/development/python-modules/pyroma/default.nix
new file mode 100644
index 00000000000..4ec06506b38
--- /dev/null
+++ b/pkgs/development/python-modules/pyroma/default.nix
@@ -0,0 +1,21 @@
+{ stdenv, buildPythonPackage, fetchPypi
+, docutils, pygments, setuptools
+}:
+
+buildPythonPackage rec {
+ pname = "pyroma";
+ version = "2.6";
+
+ src = fetchPypi {
+ inherit pname version;
+ sha256 = "00j1j81kiipi5yppmk385cbfccf2ih0xyapl7pw6nqhrf8vh1764";
+ };
+
+ propagatedBuildInputs = [ docutils pygments setuptools ];
+
+ meta = with stdenv.lib; {
+ description = "Test your project's packaging friendliness";
+ homepage = "https://github.com/regebro/pyroma";
+ license = licenses.mit;
+ };
+}
diff --git a/pkgs/development/python-modules/pytest/4.nix b/pkgs/development/python-modules/pytest/4.nix
index be2ef93e6ee..d77e52ab7f6 100644
--- a/pkgs/development/python-modules/pytest/4.nix
+++ b/pkgs/development/python-modules/pytest/4.nix
@@ -6,11 +6,6 @@ buildPythonPackage rec {
version = "4.6.8";
pname = "pytest";
- preCheck = ''
- # don't test bash builtins
- rm testing/test_argcomplete.py
- '';
-
src = fetchPypi {
inherit pname version;
sha256 = "6192875be8af57b694b7c4904e909680102befcb99e610ef3d9f786952f795aa";
@@ -25,7 +20,14 @@ buildPythonPackage rec {
doCheck = !isPyPy; # https://github.com/pytest-dev/pytest/issues/3460
checkPhase = ''
runHook preCheck
- $out/bin/py.test -x testing/ -k "not test_collect_pyargs_with_testpaths"
+
+ # don't test bash builtins
+ rm testing/test_argcomplete.py
+
+ # determinism - this test writes non deterministic bytecode
+ rm -rf testing/test_assertrewrite.py
+
+ PYTHONDONTWRITEBYTECODE=1 $out/bin/py.test -x testing/ -k "not test_collect_pyargs_with_testpaths"
runHook postCheck
'';
diff --git a/pkgs/development/python-modules/simpleaudio/default.nix b/pkgs/development/python-modules/simpleaudio/default.nix
new file mode 100644
index 00000000000..948716a9b7c
--- /dev/null
+++ b/pkgs/development/python-modules/simpleaudio/default.nix
@@ -0,0 +1,24 @@
+{ alsaLib, buildPythonPackage, fetchFromGitHub, isPy27, lib }:
+
+buildPythonPackage rec {
+ pname = "simpleaudio";
+ version = "1.0.4";
+ disabled = isPy27;
+
+ src = fetchFromGitHub {
+ owner = "hamiltron";
+ repo = "py-simple-audio";
+ rev = version;
+ sha256 = "12nypzb1m14yip4zrbzin5jc5awyp1d5md5y40g5anj4phb4hx1i";
+ };
+
+ buildInputs = [ alsaLib ];
+
+ meta = with lib; {
+ homepage = "https://github.com/hamiltron/py-simple-audio";
+ description =
+ "A simple audio playback Python extension - cross-platform, asynchronous, dependency-free";
+ license = licenses.mit;
+ maintainers = with maintainers; [ lucus16 ];
+ };
+}
diff --git a/pkgs/development/tools/ameba/default.nix b/pkgs/development/tools/ameba/default.nix
index 2f3ebcbed0a..a2d829f85c2 100644
--- a/pkgs/development/tools/ameba/default.nix
+++ b/pkgs/development/tools/ameba/default.nix
@@ -1,38 +1,16 @@
-{ stdenv, lib, fetchFromGitHub, crystal, shards }:
+{ stdenv, lib, fetchFromGitHub, crystal }:
-stdenv.mkDerivation rec {
+crystal.buildCrystalPackage rec {
pname = "ameba";
- version = "0.12.0";
+ version = "0.12.1";
src = fetchFromGitHub {
- owner = "crystal-ameba";
- repo = "ameba";
- rev = "v${version}";
- sha256 = "0g68yijbm2j4ig536fwq49d1z7x2iv9kp4g3gjklf5zn1sbqhm12";
+ owner = "crystal-ameba";
+ repo = "ameba";
+ rev = "v${version}";
+ sha256 = "0c2j2qki0czkpsqxv75qg95pk9f0w4rqa5ln07rs4bj9dk2lrr3l";
};
- nativeBuildInputs = [ crystal shards ];
-
- buildPhase = ''
- runHook preBuild
- shards build --release
- runHook postBuild
- '';
-
- installPhase = ''
- runHook preInstall
- install -Dm755 -t $out/bin bin/ameba
- runHook postInstall
- '';
-
- doCheck = true;
-
- checkPhase = ''
- runHook preCheck
- crystal spec
- runHook postCheck
- '';
-
meta = with stdenv.lib; {
description = "A static code analysis tool for Crystal";
homepage = "https://crystal-ameba.github.io";
diff --git a/pkgs/development/tools/build-managers/shards/default.nix b/pkgs/development/tools/build-managers/shards/default.nix
index 4ad78778a91..53bc057fc13 100644
--- a/pkgs/development/tools/build-managers/shards/default.nix
+++ b/pkgs/development/tools/build-managers/shards/default.nix
@@ -1,22 +1,29 @@
-{ stdenv, fetchFromGitHub, crystal, pcre, libyaml, which }:
+{ stdenv, fetchFromGitHub, crystal }:
crystal.buildCrystalPackage rec {
pname = "shards";
version = "0.10.0";
src = fetchFromGitHub {
- owner = "crystal-lang";
- repo = "shards";
- rev = "v${version}";
+ owner = "crystal-lang";
+ repo = "shards";
+ rev = "v${version}";
sha256 = "1bjy3hcdqq8769bx73f3pwn26rnkj23dngyfbw4iv32bw23x1d49";
};
+ # we cannot use `make` here as it would introduce a dependency on itself
+ format = "crystal";
+
shardsFile = ./shards.nix;
+
crystalBinaries.shards.src = "./src/shards.cr";
+ # tries to execute git which fails spectacularly
+ doCheck = false;
+
meta = with stdenv.lib; {
description = "Dependency manager for the Crystal language";
- license = licenses.asl20;
+ license = licenses.asl20;
maintainers = with maintainers; [ peterhoeg ];
inherit (crystal.meta) homepage platforms;
};
diff --git a/pkgs/development/tools/continuous-integration/gitlab-runner/default.nix b/pkgs/development/tools/continuous-integration/gitlab-runner/default.nix
index 1d94408bd21..b18bea0c907 100644
--- a/pkgs/development/tools/continuous-integration/gitlab-runner/default.nix
+++ b/pkgs/development/tools/continuous-integration/gitlab-runner/default.nix
@@ -1,16 +1,16 @@
{ lib, buildGoPackage, fetchFromGitLab, fetchurl }:
let
- version = "12.9.0";
+ version = "12.10.0";
# Gitlab runner embeds some docker images these are prebuilt for arm and x86_64
docker_x86_64 = fetchurl {
url = "https://gitlab-runner-downloads.s3.amazonaws.com/v${version}/helper-images/prebuilt-x86_64.tar.xz";
- sha256 = "0kd4zc9rgzsl6imk9vi2yqpaxrgy8ywcz2vvpsfzrhhmm2yx3qh0";
+ sha256 = "1a2cfr72b15h3ymxf69a0inb4amfxivdhfaj711wgyvcf5ymnbsv";
};
docker_arm = fetchurl {
url = "https://gitlab-runner-downloads.s3.amazonaws.com/v${version}/helper-images/prebuilt-arm.tar.xz";
- sha256 = "13xwcvw6m3p5ffas5mr55jkqks9s3f7qg1b928vcxkx57j06kb22";
+ sha256 = "18if2xbkldpn0bwfyk6bgbdl9rdg4rjxc0im6lclwcgpbmslwx5r";
};
in
buildGoPackage rec {
@@ -29,7 +29,7 @@ buildGoPackage rec {
owner = "gitlab-org";
repo = "gitlab-runner";
rev = "v${version}";
- sha256 = "0p9i4z0xsq5rl6gkqjpwpz6hb57vi6wl969gncrsfskjjc1kcifq";
+ sha256 = "0bsd3dk2fi21klqwzw8c181gv61qxbd32lj6mhkj9liz4flarhmv";
};
patches = [ ./fix-shell-path.patch ];
diff --git a/pkgs/development/tools/database/ephemeralpg/default.nix b/pkgs/development/tools/database/ephemeralpg/default.nix
index 87b23d10f49..53f3c1df628 100644
--- a/pkgs/development/tools/database/ephemeralpg/default.nix
+++ b/pkgs/development/tools/database/ephemeralpg/default.nix
@@ -1,10 +1,10 @@
{ stdenv, fetchurl, postgresql, getopt, makeWrapper }:
stdenv.mkDerivation rec {
pname = "ephemeralpg";
- version = "2.9";
+ version = "3.0";
src = fetchurl {
url = "http://ephemeralpg.org/code/${pname}-${version}.tar.gz";
- sha256 = "1ghp3kya4lxvfwz3c022cx9vqf55jbf9sjw60bxjcb5sszklyc89";
+ sha256 = "1j0g7g114ma7y7sadbng5p1ss1zsm9zpicm77qspym6565733vvh";
};
buildInputs = [ makeWrapper ];
installPhase = ''
diff --git a/pkgs/development/tools/icr/default.nix b/pkgs/development/tools/icr/default.nix
index 3a39d0ddf6b..50a349d8ff7 100644
--- a/pkgs/development/tools/icr/default.nix
+++ b/pkgs/development/tools/icr/default.nix
@@ -1,29 +1,31 @@
-{ stdenv, fetchFromGitHub, crystal, shards, which
-, openssl, readline, libyaml }:
+{ stdenv, lib, fetchFromGitHub, crystal, shards, makeWrapper, pkgconfig, which
+, openssl, readline, libyaml, zlib }:
-stdenv.mkDerivation rec {
+crystal.buildCrystalPackage rec {
pname = "icr";
- version = "0.6.0";
+ version = "0.8.0";
src = fetchFromGitHub {
- owner = "crystal-community";
- repo = pname;
- rev = "v${version}";
- sha256 = "0kkdqrxk4f4bqbb84mgjrk9r0fz1hsz95apvjsc49gav4c8xx3mb";
+ owner = "crystal-community";
+ repo = pname;
+ rev = "v${version}";
+ sha256 = "1bz2bhs6csyg2rhrlknlvaiilq3vq8plxjh1hdxmbrfi3n6c7k5a";
};
- postPatch = ''
- substituteInPlace Makefile \
- --replace /usr/local $out
+ shardsFile = ./shards.nix;
+
+ buildInputs = [ libyaml openssl readline zlib ];
+
+ nativeBuildInputs = [ makeWrapper pkgconfig which ];
+
+ # tests are failing due to our sandbox
+ doCheck = false;
+
+ postFixup = ''
+ wrapProgram $out/bin/icr \
+ --prefix PATH : ${lib.makeBinPath [ crystal shards makeWrapper which ]}
'';
- buildInputs = [ crystal libyaml openssl readline ];
-
- nativeBuildInputs = [ shards which ];
-
- doCheck = true;
- checkTarget = "test";
-
meta = with stdenv.lib; {
description = "Interactive console for the Crystal programming language";
homepage = "https://github.com/crystal-community/icr";
diff --git a/pkgs/development/tools/icr/shards.nix b/pkgs/development/tools/icr/shards.nix
new file mode 100644
index 00000000000..1dddd5a42c3
--- /dev/null
+++ b/pkgs/development/tools/icr/shards.nix
@@ -0,0 +1,8 @@
+{
+ readline = {
+ owner = "crystal-lang";
+ repo = "crystal-readline";
+ rev = "0fb7d186da8e1b157998d98d1c96e99699b791eb";
+ sha256 = "1rk27vw3ssldgnfgprwvz2gag02v4g6d6yg56b3sk9w3fn8jyyi8";
+ };
+}
diff --git a/pkgs/development/tools/ocaml/merlin/default.nix b/pkgs/development/tools/ocaml/merlin/default.nix
index ed3d5efc789..fa78e47951f 100644
--- a/pkgs/development/tools/ocaml/merlin/default.nix
+++ b/pkgs/development/tools/ocaml/merlin/default.nix
@@ -2,13 +2,13 @@
buildDunePackage rec {
pname = "merlin";
- version = "3.3.3";
+ version = "3.3.4";
minimumOCamlVersion = "4.02.1";
src = fetchurl {
url = "https://github.com/ocaml/merlin/releases/download/v${version}/merlin-v${version}.tbz";
- sha256 = "05dfkbpbb7nvs4g6y0iw7a9f73ygvhs9l45l2g56y7zagvs9x43j";
+ sha256 = "12wxric6n3rmsn0w16xm8vjd8p5aw24cj76zw2x87qfwwgmy1kdd";
};
buildInputs = [ yojson ];
diff --git a/pkgs/development/tools/scry/default.nix b/pkgs/development/tools/scry/default.nix
index 7bd3fa38332..ed823896ad0 100644
--- a/pkgs/development/tools/scry/default.nix
+++ b/pkgs/development/tools/scry/default.nix
@@ -1,6 +1,8 @@
-{ lib, fetchFromGitHub, crystal }:
+{ lib, fetchFromGitHub, crystal_0_31, coreutils, shards, makeWrapper, which }:
-crystal.buildCrystalPackage rec {
+let crystal = crystal_0_31;
+
+in crystal.buildCrystalPackage rec {
pname = "scry";
version = "0.8.1";
@@ -11,9 +13,27 @@ crystal.buildCrystalPackage rec {
sha256 = "0ii4k9l3dgm1c9lllc8ni9dar59lrxik0v9iz7gk3d6v62wwnq79";
};
+ # we are already testing for this, so we can ignore the failures
+ postPatch = ''
+ rm spec/scry/executable_spec.cr
+ '';
+
+ format = "crystal";
+
+ nativeBuildInputs = [ makeWrapper ];
+
shardsFile = ./shards.nix;
+
crystalBinaries.scry.src = "src/scry.cr";
+ postFixup = ''
+ wrapProgram $out/bin/scry \
+ --prefix PATH : ${lib.makeBinPath [ crystal coreutils ]}
+ '';
+
+ # the binary doesn't take any arguments, so this will hang
+ doInstallCheck = false;
+
meta = with lib; {
description = "Code analysis server for the Crystal programming language";
homepage = "https://github.com/crystal-lang-tools/scry";
diff --git a/pkgs/development/web/lucky-cli/default.nix b/pkgs/development/web/lucky-cli/default.nix
new file mode 100644
index 00000000000..76f40de4ed1
--- /dev/null
+++ b/pkgs/development/web/lucky-cli/default.nix
@@ -0,0 +1,42 @@
+{ lib, fetchFromGitHub, crystal, makeWrapper, openssl }:
+
+crystal.buildCrystalPackage rec {
+ pname = "lucky-cli";
+ version = "0.20.0";
+
+ src = fetchFromGitHub {
+ owner = "luckyframework";
+ repo = "lucky_cli";
+ rev = "v${version}";
+ sha256 = "0n7fgnsivf39bkxpf7xgg9dqkam08axdn1j45wl1n0r4qmfkjs94";
+ };
+
+ # the integration tests will try to clone a remote repos
+ postPatch = ''
+ rm -rf spec/integration
+ '';
+
+ format = "crystal";
+
+ lockFile = ./shard.lock;
+ shardsFile = ./shards.nix;
+
+ crystalBinaries.lucky.src = "src/lucky.cr";
+
+ buildInputs = [ openssl ];
+
+ nativeBuildInputs = [ makeWrapper ];
+
+ postInstall = ''
+ wrapProgram $out/bin/lucky \
+ --prefix PATH : ${lib.makeBinPath [ crystal ]}
+ '';
+
+ meta = with lib; {
+ description =
+ "A Crystal library for creating and running tasks. Also generates Lucky projects";
+ license = licenses.mit;
+ maintainers = with maintainers; [ peterhoeg ];
+ platforms = platforms.unix;
+ };
+}
diff --git a/pkgs/development/web/lucky-cli/shard.lock b/pkgs/development/web/lucky-cli/shard.lock
new file mode 100644
index 00000000000..6564e86624f
--- /dev/null
+++ b/pkgs/development/web/lucky-cli/shard.lock
@@ -0,0 +1,5 @@
+version: 1.0
+shards:
+ teeplate:
+ github: luckyframework/teeplate
+ version: 0.8.1
diff --git a/pkgs/development/web/lucky-cli/shards.nix b/pkgs/development/web/lucky-cli/shards.nix
new file mode 100644
index 00000000000..0fa5aec9e06
--- /dev/null
+++ b/pkgs/development/web/lucky-cli/shards.nix
@@ -0,0 +1,8 @@
+{
+ teeplate = {
+ owner = "luckyframework";
+ repo = "teeplate";
+ rev = "v0.8.1";
+ sha256 = "022jmmg3d2wq2xnhc63afldm9vrcr8xqn43s9i39d7qflrzrfc7v";
+ };
+}
diff --git a/pkgs/development/web/shopify-themekit/default.nix b/pkgs/development/web/shopify-themekit/default.nix
new file mode 100644
index 00000000000..b8bc3deaca1
--- /dev/null
+++ b/pkgs/development/web/shopify-themekit/default.nix
@@ -0,0 +1,25 @@
+{ stdenv, buildGoPackage, fetchFromGitHub }:
+
+buildGoPackage rec {
+ pname = "shopify-themekit";
+ version = "1.0.3";
+
+ goPackagePath = "github.com/Shopify/themekit/";
+
+ goDeps = ./shopify-themekit_deps.nix;
+
+ src = fetchFromGitHub {
+ owner = "Shopify";
+ repo = "themekit";
+ rev = "v${version}";
+ sha256 = "1780h33mf2h2lv6mr4xx3shfvsabr7w138yb59vvdgvjng9wjkg0";
+ };
+
+ meta = with stdenv.lib; {
+ description = "A command line tool for shopify themes";
+ homepage = "https://shopify.github.io/themekit/";
+ license = licenses.mit;
+ maintainers = with maintainers; [ maintainers."1000101" ];
+ platforms = platforms.all;
+ };
+}
\ No newline at end of file
diff --git a/pkgs/development/web/shopify-themekit/shopify-themekit_deps.nix b/pkgs/development/web/shopify-themekit/shopify-themekit_deps.nix
new file mode 100644
index 00000000000..8a70c7cecd9
--- /dev/null
+++ b/pkgs/development/web/shopify-themekit/shopify-themekit_deps.nix
@@ -0,0 +1,300 @@
+# file generated from go.mod using vgo2nix (https://github.com/adisbladis/vgo2nix)
+[
+ {
+ goPackagePath = "github.com/VividCortex/ewma";
+ fetch = {
+ type = "git";
+ url = "https://github.com/VividCortex/ewma";
+ rev = "v1.1.1";
+ sha256 = "14v2dy5gqchjn7k0sd6cx59ms42v681r6xz7cb1kspp4b28a74rw";
+ };
+ }
+ {
+ goPackagePath = "github.com/aws/aws-sdk-go";
+ fetch = {
+ type = "git";
+ url = "https://github.com/aws/aws-sdk-go";
+ rev = "1c16cd01d785";
+ sha256 = "129iizv2rny2frg36057hayynpsdav53nhj41dia3mi2r6zyalny";
+ };
+ }
+ {
+ goPackagePath = "github.com/caarlos0/env";
+ fetch = {
+ type = "git";
+ url = "https://github.com/caarlos0/env";
+ rev = "d0de832ed2fb";
+ sha256 = "013shh38rs2jv4a2hsbix0hlanjr2a539akmkqkwwg0il9h3qmq2";
+ };
+ }
+ {
+ goPackagePath = "github.com/davecgh/go-spew";
+ fetch = {
+ type = "git";
+ url = "https://github.com/davecgh/go-spew";
+ rev = "v1.1.1";
+ sha256 = "0hka6hmyvp701adzag2g26cxdj47g21x6jz4sc6jjz1mn59d474y";
+ };
+ }
+ {
+ goPackagePath = "github.com/fatih/color";
+ fetch = {
+ type = "git";
+ url = "https://github.com/fatih/color";
+ rev = "v1.7.0";
+ sha256 = "0v8msvg38r8d1iiq2i5r4xyfx0invhc941kjrsg5gzwvagv55inv";
+ };
+ }
+ {
+ goPackagePath = "github.com/fsnotify/fsnotify";
+ fetch = {
+ type = "git";
+ url = "https://github.com/fsnotify/fsnotify";
+ rev = "v1.4.7";
+ sha256 = "07va9crci0ijlivbb7q57d2rz9h27zgn2fsm60spjsqpdbvyrx4g";
+ };
+ }
+ {
+ goPackagePath = "github.com/go-ini/ini";
+ fetch = {
+ type = "git";
+ url = "https://github.com/go-ini/ini";
+ rev = "v1.25.4";
+ sha256 = "0b6cql5ripbiyrm18d6bfd1rfjnwcbskppw3d0vb80l0wy72d0c6";
+ };
+ }
+ {
+ goPackagePath = "github.com/hashicorp/go-version";
+ fetch = {
+ type = "git";
+ url = "https://github.com/hashicorp/go-version";
+ rev = "270f2f71b1ee";
+ sha256 = "1d43wlp932nqbwkca4bhw8l4x6cg25jyh8l1s3814vddscfpfz2v";
+ };
+ }
+ {
+ goPackagePath = "github.com/imdario/mergo";
+ fetch = {
+ type = "git";
+ url = "https://github.com/imdario/mergo";
+ rev = "v0.3.6";
+ sha256 = "1lbzy8p8wv439sqgf0n21q52flf2wbamp6qa1jkyv6an0nc952q7";
+ };
+ }
+ {
+ goPackagePath = "github.com/inconshreveable/go-update";
+ fetch = {
+ type = "git";
+ url = "https://github.com/inconshreveable/go-update";
+ rev = "8152e7eb6ccf";
+ sha256 = "07czhspakpi7al004rm669cmf4h5l0vnygsm11280nkfn2zxqdi3";
+ };
+ }
+ {
+ goPackagePath = "github.com/inconshreveable/mousetrap";
+ fetch = {
+ type = "git";
+ url = "https://github.com/inconshreveable/mousetrap";
+ rev = "v1.0.0";
+ sha256 = "1mn0kg48xkd74brf48qf5hzp0bc6g8cf5a77w895rl3qnlpfw152";
+ };
+ }
+ {
+ goPackagePath = "github.com/jmespath/go-jmespath";
+ fetch = {
+ type = "git";
+ url = "https://github.com/jmespath/go-jmespath";
+ rev = "0b12d6b521d8";
+ sha256 = "1vv6hph8j6xgv7gwl9vvhlsaaqsm22sxxqmgmldi4v11783pc1ld";
+ };
+ }
+ {
+ goPackagePath = "github.com/joho/godotenv";
+ fetch = {
+ type = "git";
+ url = "https://github.com/joho/godotenv";
+ rev = "v1.3.0";
+ sha256 = "0ri8if0pc3x6jg4c3i8wr58xyfpxkwmcjk3rp8gb398a1aa3gpjm";
+ };
+ }
+ {
+ goPackagePath = "github.com/mattn/go-colorable";
+ fetch = {
+ type = "git";
+ url = "https://github.com/mattn/go-colorable";
+ rev = "efa589957cd0";
+ sha256 = "0kshi4hvm0ayrsxqxy0599iv81kryhd2fn9lwjyczpj593cq069r";
+ };
+ }
+ {
+ goPackagePath = "github.com/mattn/go-isatty";
+ fetch = {
+ type = "git";
+ url = "https://github.com/mattn/go-isatty";
+ rev = "v0.0.4";
+ sha256 = "0zs92j2cqaw9j8qx1sdxpv3ap0rgbs0vrvi72m40mg8aa36gd39w";
+ };
+ }
+ {
+ goPackagePath = "github.com/pmezard/go-difflib";
+ fetch = {
+ type = "git";
+ url = "https://github.com/pmezard/go-difflib";
+ rev = "v1.0.0";
+ sha256 = "0c1cn55m4rypmscgf0rrb88pn58j3ysvc2d0432dp3c6fqg6cnzw";
+ };
+ }
+ {
+ goPackagePath = "github.com/radovskyb/watcher";
+ fetch = {
+ type = "git";
+ url = "https://github.com/radovskyb/watcher";
+ rev = "v1.0.6";
+ sha256 = "1xlbrfgm6ha161szdjq2rab53plkdhmh5h86lpbk5g7fmq881945";
+ };
+ }
+ {
+ goPackagePath = "github.com/ryanuber/go-glob";
+ fetch = {
+ type = "git";
+ url = "https://github.com/ryanuber/go-glob";
+ rev = "572520ed46db";
+ sha256 = "0dzbpqp1h7gjmlm4irnh6lpbfz5zjc721jidibyvmxj7xcx3wp5d";
+ };
+ }
+ {
+ goPackagePath = "github.com/shibukawa/configdir";
+ fetch = {
+ type = "git";
+ url = "https://github.com/shibukawa/configdir";
+ rev = "e180dbdc8da0";
+ sha256 = "0vbma9jkwh0ifz8dk2ssgmy7aiaify63lpa0lah7i4dkkxr94c9z";
+ };
+ }
+ {
+ goPackagePath = "github.com/skratchdot/open-golang";
+ fetch = {
+ type = "git";
+ url = "https://github.com/skratchdot/open-golang";
+ rev = "75fb7ed4208c";
+ sha256 = "1b67imqbsdvg19vif1q1dfmapxy3v2anagacbql95fwnnw0v8jga";
+ };
+ }
+ {
+ goPackagePath = "github.com/spf13/cobra";
+ fetch = {
+ type = "git";
+ url = "https://github.com/spf13/cobra";
+ rev = "7c4570c3ebeb";
+ sha256 = "16amh0prlzqrrbg5j629sg0f688nfzfgn9sair8jyybqampr3wc7";
+ };
+ }
+ {
+ goPackagePath = "github.com/spf13/pflag";
+ fetch = {
+ type = "git";
+ url = "https://github.com/spf13/pflag";
+ rev = "v1.0.2";
+ sha256 = "005598piihl3l83a71ahj10cpq9pbhjck4xishx1b4dzc02r9xr2";
+ };
+ }
+ {
+ goPackagePath = "github.com/stretchr/objx";
+ fetch = {
+ type = "git";
+ url = "https://github.com/stretchr/objx";
+ rev = "v0.1.1";
+ sha256 = "0iph0qmpyqg4kwv8jsx6a56a7hhqq8swrazv40ycxk9rzr0s8yls";
+ };
+ }
+ {
+ goPackagePath = "github.com/stretchr/testify";
+ fetch = {
+ type = "git";
+ url = "https://github.com/stretchr/testify";
+ rev = "v1.2.2";
+ sha256 = "0dlszlshlxbmmfxj5hlwgv3r22x0y1af45gn1vd198nvvs3pnvfs";
+ };
+ }
+ {
+ goPackagePath = "github.com/vbauerster/mpb";
+ fetch = {
+ type = "git";
+ url = "https://github.com/vbauerster/mpb";
+ rev = "v3.3.2";
+ sha256 = "18m66b80iv9z768c15dqsx5mnjq6iaa6b5lckpdqnynqzkkvw8kk";
+ };
+ }
+ {
+ goPackagePath = "golang.org/x/crypto";
+ fetch = {
+ type = "git";
+ url = "https://go.googlesource.com/crypto";
+ rev = "a1f597ede03a";
+ sha256 = "0yiczljll72ip2vkxgd6052rhpaba37a68vf6si3v8s8s3g870lc";
+ };
+ }
+ {
+ goPackagePath = "golang.org/x/lint";
+ fetch = {
+ type = "git";
+ url = "https://go.googlesource.com/lint";
+ rev = "d0100b6bd8b3";
+ sha256 = "0b0amr9x4ji66iv9ayfx7zrfx52k1m5g66qfcxkgj80qrb1y2yn7";
+ };
+ }
+ {
+ goPackagePath = "golang.org/x/net";
+ fetch = {
+ type = "git";
+ url = "https://go.googlesource.com/net";
+ rev = "1272bf9dcd53";
+ sha256 = "1500gryd7jli7yjn4c927ppyllry8lxcmnsmpn7zxfd1k14q7nyv";
+ };
+ }
+ {
+ goPackagePath = "golang.org/x/sync";
+ fetch = {
+ type = "git";
+ url = "https://go.googlesource.com/sync";
+ rev = "1d60e4601c6f";
+ sha256 = "046jlanz2lkxq1r57x9bl6s4cvfqaic6p2xybsj8mq1120jv4rs6";
+ };
+ }
+ {
+ goPackagePath = "golang.org/x/sys";
+ fetch = {
+ type = "git";
+ url = "https://go.googlesource.com/sys";
+ rev = "6c81ef8f67ca";
+ sha256 = "1iqrral339vxb635ip5jjzn84aa86kb629kbp1w29qwyfzbs0yqi";
+ };
+ }
+ {
+ goPackagePath = "golang.org/x/text";
+ fetch = {
+ type = "git";
+ url = "https://go.googlesource.com/text";
+ rev = "v0.3.0";
+ sha256 = "0r6x6zjzhr8ksqlpiwm5gdd7s209kwk5p4lw54xjvz10cs3qlq19";
+ };
+ }
+ {
+ goPackagePath = "golang.org/x/tools";
+ fetch = {
+ type = "git";
+ url = "https://go.googlesource.com/tools";
+ rev = "3f1ed9edd1b4";
+ sha256 = "00d2h0df03gv57valad4wr3g2rc8dcn8w3ci783x9wzzc86y4giw";
+ };
+ }
+ {
+ goPackagePath = "gopkg.in/yaml.v1";
+ fetch = {
+ type = "git";
+ url = "https://gopkg.in/yaml.v1";
+ rev = "9f9df34309c0";
+ sha256 = "1r8d346szqa9x8q03wiycik5qy3d6w8qq4hs99z1p64q5lm0g7gm";
+ };
+ }
+]
diff --git a/pkgs/misc/cbeams/default.nix b/pkgs/misc/cbeams/default.nix
new file mode 100644
index 00000000000..ec045ebf3ef
--- /dev/null
+++ b/pkgs/misc/cbeams/default.nix
@@ -0,0 +1,21 @@
+{ lib, buildPythonApplication, fetchPypi, isPy3k, blessings, docopt }:
+
+buildPythonApplication rec {
+ pname = "cbeams";
+ version = "1.0.3";
+ disabled = !isPy3k;
+
+ src = fetchPypi {
+ inherit pname version;
+ sha256 = "1agcjg6kmcyvk834xd2j60mi349qi9iw3dc2vwpd7pqwq1daq3gi";
+ };
+
+ propagatedBuildInputs = [ blessings docopt ];
+
+ meta = with lib; {
+ homepage = "https://github.com/tartley/cbeams";
+ description = "Command-line program to draw animated colored circles in the terminal";
+ license = licenses.bsd3;
+ maintainers = with maintainers; [ geistesk ];
+ };
+}
diff --git a/pkgs/misc/emulators/pcsx2/default.nix b/pkgs/misc/emulators/pcsx2/default.nix
index 6f28c5777ca..3faba2ee467 100644
--- a/pkgs/misc/emulators/pcsx2/default.nix
+++ b/pkgs/misc/emulators/pcsx2/default.nix
@@ -5,13 +5,13 @@
stdenv.mkDerivation rec {
pname = "pcsx2";
- version = "unstable-2020-01-05";
+ version = "1.6.0-rc";
src = fetchFromGitHub {
owner = "PCSX2";
repo = "pcsx2";
- rev = "9c12937351c51b921e1f28d44b019bc52e747c51";
- sha256 = "0y1f5v99a6njmf6hyvl4z5xnrm7351rkyw2fn4f09hqn92r7zmi5";
+ rev = "v${version}";
+ sha256 = "1mdv1dgwawb4k6bs1jh6j2jaaxg168fbssm1lwnlk5di0gz31h23";
};
postPatch = "sed '1i#include \"x86intrin.h\"' -i common/src/x86emitter/cpudetect.cpp";
diff --git a/pkgs/misc/uboot/default.nix b/pkgs/misc/uboot/default.nix
index 06da268ff53..321891892b7 100644
--- a/pkgs/misc/uboot/default.nix
+++ b/pkgs/misc/uboot/default.nix
@@ -1,15 +1,27 @@
-{ stdenv, lib, fetchurl, fetchpatch, fetchFromGitHub, bc, bison, dtc, flex
-, openssl, swig, meson-tools, armTrustedFirmwareAllwinner
-, armTrustedFirmwareRK3328, armTrustedFirmwareRK3399
+{ stdenv
+, lib
+, fetchurl
+, fetchpatch
+, fetchFromGitHub
+, bc
+, bison
+, dtc
+, flex
+, openssl
+, swig
+, meson-tools
+, armTrustedFirmwareAllwinner
+, armTrustedFirmwareRK3328
+, armTrustedFirmwareRK3399
, armTrustedFirmwareS905
, buildPackages
}:
let
- defaultVersion = "2020.01";
+ defaultVersion = "2020.04";
defaultSrc = fetchurl {
url = "ftp://ftp.denx.de/pub/u-boot/u-boot-${defaultVersion}.tar.bz2";
- sha256 = "1w9ml4jl15q6ixpdqzspxjnl7d3rgxd7f99ms1xv5c8869h3qida";
+ sha256 = "0wjkasnz87q86hx93inspdjfjsinmxi87bcvj30c773x0fpjlwzy";
};
buildUBoot = {
version ? null
diff --git a/pkgs/servers/mpd/default.nix b/pkgs/servers/mpd/default.nix
index 4f97e3fc783..d5a3b9de3c0 100644
--- a/pkgs/servers/mpd/default.nix
+++ b/pkgs/servers/mpd/default.nix
@@ -18,6 +18,7 @@
, mpd_clientlib
# Tag support
, libid3tag
+, nixosTests
}:
let
@@ -128,6 +129,8 @@ let
++ lib.optional (builtins.elem "systemd" features_)
"-Dsystemd_system_unit_dir=etc/systemd/system";
+ passthru.tests.nixos = nixosTests.mpd;
+
meta = with stdenv.lib; {
description = "A flexible, powerful daemon for playing music";
homepage = "https://www.musicpd.org/";
diff --git a/pkgs/servers/oauth2_proxy/default.nix b/pkgs/servers/oauth2_proxy/default.nix
index d0a57198820..225c221b319 100644
--- a/pkgs/servers/oauth2_proxy/default.nix
+++ b/pkgs/servers/oauth2_proxy/default.nix
@@ -2,23 +2,28 @@
buildGoPackage rec {
pname = "oauth2_proxy";
- version = "3.2.0";
-
+ version = "5.1.0";
+
goPackagePath = "github.com/pusher/${pname}";
src = fetchFromGitHub {
repo = pname;
owner = "pusher";
- sha256 = "0k73ggyh12g2vzjq91i9d3bxbqfvh5k6njzza1lvkzasgp07wisg";
+ sha256 = "190k1v2c1f6vp9waqs01rlzm0jc3vrmsq1w1n0c2q2nfqx76y2wz";
rev = "v${version}";
};
goDeps = ./deps.nix;
+ doCheck = true;
+
+ # Taken from https://github.com/oauth2-proxy/oauth2-proxy/blob/master/Makefile
+ buildFlagsArray = ("-ldflags=-X main.VERSION=${version}");
+
meta = with lib; {
- description = "A reverse proxy that provides authentication with Google, Github or other provider";
+ description = "A reverse proxy that provides authentication with Google, Github, or other providers";
homepage = "https://github.com/pusher/oauth2_proxy/";
license = licenses.mit;
- maintainers = [ maintainers.yorickvp ];
+ maintainers = with maintainers; [ yorickvp knl ];
};
}
diff --git a/pkgs/servers/oauth2_proxy/deps.nix b/pkgs/servers/oauth2_proxy/deps.nix
index dd10ab28668..611a07c2fda 100644
--- a/pkgs/servers/oauth2_proxy/deps.nix
+++ b/pkgs/servers/oauth2_proxy/deps.nix
@@ -1,183 +1,615 @@
-# file generated from Gopkg.lock using dep2nix (https://github.com/nixcloud/dep2nix)
+# file generated from go.mod using vgo2nix (https://github.com/adisbladis/vgo2nix)
[
{
- goPackagePath = "cloud.google.com/go";
+ goPackagePath = "cloud.google.com/go";
fetch = {
type = "git";
url = "https://code.googlesource.com/gocloud";
- rev = "2d3a6656c17a60b0815b7e06ab0be04eacb6e613";
- sha256 = "0fi3qj9fvc4bxbrwa1m5sxsb8yhvawiwigaddvmmizjykxbq5csq";
+ rev = "v0.38.0";
+ sha256 = "0n6n13b7lri2fmc4bn4ifszyawj31dpbzvyv0xafsf81440z8cyh";
};
}
{
- goPackagePath = "github.com/BurntSushi/toml";
+ goPackagePath = "github.com/BurntSushi/toml";
fetch = {
type = "git";
url = "https://github.com/BurntSushi/toml";
- rev = "b26d9c308763d68093482582cea63d69be07a0f0";
- sha256 = "0k7v2i1d2d6si8gswn83qb84czhhia53v2wdy33yz9ppdidxk0ry";
+ rev = "v0.3.1";
+ sha256 = "1fjdwwfzyzllgiwydknf1pwjvy49qxfsczqx5gz3y0izs7as99j6";
};
}
{
- goPackagePath = "github.com/bitly/go-simplejson";
+ goPackagePath = "github.com/alicebob/gopher-json";
+ fetch = {
+ type = "git";
+ url = "https://github.com/alicebob/gopher-json";
+ rev = "5a6b3ba71ee6";
+ sha256 = "0hx6n722zq51p852lv56k39yjy09lw6mnr2c3x0p23rfyyrakj2p";
+ };
+ }
+ {
+ goPackagePath = "github.com/alicebob/miniredis";
+ fetch = {
+ type = "git";
+ url = "https://github.com/alicebob/miniredis";
+ rev = "v2.11.2";
+ sha256 = "1fc6w9n1jznwj8ks2svxmjrv87pk3spjf5z3kcxpgpynp13pd55n";
+ };
+ }
+ {
+ goPackagePath = "github.com/bitly/go-simplejson";
fetch = {
type = "git";
url = "https://github.com/bitly/go-simplejson";
- rev = "aabad6e819789e569bd6aabf444c935aa9ba1e44";
+ rev = "v0.5.0";
sha256 = "0n9f9dz1jn1jx86d48569nznpjn9fmq3knn7r65xpy7jhih284jj";
};
}
{
- goPackagePath = "github.com/coreos/go-oidc";
+ goPackagePath = "github.com/bmizerany/assert";
fetch = {
type = "git";
- url = "https://github.com/coreos/go-oidc";
- rev = "77e7f2010a464ade7338597afe650dfcffbe2ca8";
- sha256 = "0mh8fa7al9gfzx4k7rd623bpy14s06s96iz6lbf6psi5q2bnbs2r";
+ url = "https://github.com/bmizerany/assert";
+ rev = "b7ed37b82869";
+ sha256 = "18hy1wyl9zdi7sgxafrn3m7fadh6in0rhhb8l0cvkxqzdl0jcw2s";
};
}
{
- goPackagePath = "github.com/davecgh/go-spew";
+ goPackagePath = "github.com/census-instrumentation/opencensus-proto";
+ fetch = {
+ type = "git";
+ url = "https://github.com/census-instrumentation/opencensus-proto";
+ rev = "v0.2.1";
+ sha256 = "19fcx3sc99i5dsklny6r073z5j20vlwn2xqm6di1q3b1xwchzqfj";
+ };
+ }
+ {
+ goPackagePath = "github.com/chzyer/logex";
+ fetch = {
+ type = "git";
+ url = "https://github.com/chzyer/logex";
+ rev = "v1.1.10";
+ sha256 = "08pbjj3wx9acavlwyr055isa8a5hnmllgdv5k6ra60l5y1brmlq4";
+ };
+ }
+ {
+ goPackagePath = "github.com/chzyer/readline";
+ fetch = {
+ type = "git";
+ url = "https://github.com/chzyer/readline";
+ rev = "2972be24d48e";
+ sha256 = "104q8dazj8yf6b089jjr82fy9h1g80zyyzvp3g8b44a7d8ngjj6r";
+ };
+ }
+ {
+ goPackagePath = "github.com/chzyer/test";
+ fetch = {
+ type = "git";
+ url = "https://github.com/chzyer/test";
+ rev = "a1ea475d72b1";
+ sha256 = "0rns2aqk22i9xsgyap0pq8wi4cfaxsri4d9q6xxhhyma8jjsnj2k";
+ };
+ }
+ {
+ goPackagePath = "github.com/client9/misspell";
+ fetch = {
+ type = "git";
+ url = "https://github.com/client9/misspell";
+ rev = "v0.3.4";
+ sha256 = "1vwf33wsc4la25zk9nylpbp9px3svlmldkm0bha4hp56jws4q9cs";
+ };
+ }
+ {
+ goPackagePath = "github.com/coreos/go-oidc";
+ fetch = {
+ type = "git";
+ url = "https://github.com/coreos/go-oidc";
+ rev = "v2.2.1";
+ sha256 = "11m6slbpi33ynffml7812piq4anhjlf1qszjlsf26f5y7x3qh8n5";
+ };
+ }
+ {
+ goPackagePath = "github.com/davecgh/go-spew";
fetch = {
type = "git";
url = "https://github.com/davecgh/go-spew";
- rev = "346938d642f2ec3594ed81d874461961cd0faa76";
+ rev = "v1.1.0";
sha256 = "0d4jfmak5p6lb7n2r6yvf5p1zcw0l8j74kn55ghvr7zr7b7axm6c";
};
}
{
- goPackagePath = "github.com/dgrijalva/jwt-go";
+ goPackagePath = "github.com/dgrijalva/jwt-go";
fetch = {
type = "git";
url = "https://github.com/dgrijalva/jwt-go";
- rev = "06ea1031745cb8b3dab3f6a236daf2b0aa468b7e";
+ rev = "v3.2.0";
sha256 = "08m27vlms74pfy5z79w67f9lk9zkx6a9jd68k3c4msxy75ry36mp";
};
}
{
- goPackagePath = "github.com/golang/protobuf";
+ goPackagePath = "github.com/envoyproxy/go-control-plane";
+ fetch = {
+ type = "git";
+ url = "https://github.com/envoyproxy/go-control-plane";
+ rev = "5f8ba28d4473";
+ sha256 = "1f1s764rd41vd9vgk3r14h1m6fz6pdvxj6fd83q58gxifbc4q5w4";
+ };
+ }
+ {
+ goPackagePath = "github.com/envoyproxy/protoc-gen-validate";
+ fetch = {
+ type = "git";
+ url = "https://github.com/envoyproxy/protoc-gen-validate";
+ rev = "v0.1.0";
+ sha256 = "0kxd3wwh3xwqk0r684hsy281xq4y71cd11d4q2hspcjbnlbwh7cy";
+ };
+ }
+ {
+ goPackagePath = "github.com/fsnotify/fsnotify";
+ fetch = {
+ type = "git";
+ url = "https://github.com/fsnotify/fsnotify";
+ rev = "v1.4.7";
+ sha256 = "07va9crci0ijlivbb7q57d2rz9h27zgn2fsm60spjsqpdbvyrx4g";
+ };
+ }
+ {
+ goPackagePath = "github.com/go-redis/redis";
+ fetch = {
+ type = "git";
+ url = "https://github.com/go-redis/redis";
+ rev = "v6.15.7";
+ sha256 = "0fc0sfispyzn652ny05wn6bz18a60n6ryk23ki8j97xx3l24nq2g";
+ };
+ }
+ {
+ goPackagePath = "github.com/golang/glog";
+ fetch = {
+ type = "git";
+ url = "https://github.com/golang/glog";
+ rev = "23def4e6c14b";
+ sha256 = "0jb2834rw5sykfr937fxi8hxi2zy80sj2bdn9b3jb4b26ksqng30";
+ };
+ }
+ {
+ goPackagePath = "github.com/golang/mock";
+ fetch = {
+ type = "git";
+ url = "https://github.com/golang/mock";
+ rev = "v1.2.0";
+ sha256 = "12ddj2g8ab87id6n2n67vnbhq6p8dvgsq1pzpqfriym4dk8w54fg";
+ };
+ }
+ {
+ goPackagePath = "github.com/golang/protobuf";
fetch = {
type = "git";
url = "https://github.com/golang/protobuf";
- rev = "1e59b77b52bf8e4b449a57e6f79f21226d571845";
- sha256 = "19bkh81wnp6njg3931wky6hsnnl2d1ig20vfjxpv450sd3k6yys8";
+ rev = "v1.3.2";
+ sha256 = "1k1wb4zr0qbwgpvz9q5ws9zhlal8hq7dmq62pwxxriksayl6hzym";
};
}
{
- goPackagePath = "github.com/mbland/hmacauth";
+ goPackagePath = "github.com/gomodule/redigo";
+ fetch = {
+ type = "git";
+ url = "https://github.com/gomodule/redigo";
+ rev = "v2.0.0";
+ sha256 = "1kg7s8027b4g1sfw0v3nh30c15j407kv684s53gg281r807dnfpk";
+ };
+ }
+ {
+ goPackagePath = "github.com/google/btree";
+ fetch = {
+ type = "git";
+ url = "https://github.com/google/btree";
+ rev = "4030bb1f1f0c";
+ sha256 = "0ba430m9fbnagacp57krgidsyrgp3ycw5r7dj71brgp5r52g82p6";
+ };
+ }
+ {
+ goPackagePath = "github.com/google/go-cmp";
+ fetch = {
+ type = "git";
+ url = "https://github.com/google/go-cmp";
+ rev = "v0.3.0";
+ sha256 = "1hyxx3434zshl2m9ja78gwlkg1rx9yl6diqa7dnjb31xz5x4gbjj";
+ };
+ }
+ {
+ goPackagePath = "github.com/google/martian";
+ fetch = {
+ type = "git";
+ url = "https://github.com/google/martian";
+ rev = "v2.1.0";
+ sha256 = "197hil6vrjk50b9wvwyzf61csid83whsjj6ik8mc9r2lryxlyyrp";
+ };
+ }
+ {
+ goPackagePath = "github.com/google/pprof";
+ fetch = {
+ type = "git";
+ url = "https://github.com/google/pprof";
+ rev = "3ea8567a2e57";
+ sha256 = "09rhjn3ms0a72dw0yzbp237p7yhqma772zspddn6mgkh3gi3kn4c";
+ };
+ }
+ {
+ goPackagePath = "github.com/googleapis/gax-go";
+ fetch = {
+ type = "git";
+ url = "https://github.com/googleapis/gax-go";
+ rev = "v2.0.5";
+ sha256 = "1lxawwngv6miaqd25s3ba0didfzylbwisd2nz7r4gmbmin6jsjrx";
+ };
+ }
+ {
+ goPackagePath = "github.com/hashicorp/golang-lru";
+ fetch = {
+ type = "git";
+ url = "https://github.com/hashicorp/golang-lru";
+ rev = "v0.5.1";
+ sha256 = "13f870cvk161bzjj6x41l45r5x9i1z9r2ymwmvm7768kg08zznpy";
+ };
+ }
+ {
+ goPackagePath = "github.com/hpcloud/tail";
+ fetch = {
+ type = "git";
+ url = "https://github.com/hpcloud/tail";
+ rev = "v1.0.0";
+ sha256 = "1njpzc0pi1acg5zx9y6vj9xi6ksbsc5d387rd6904hy6rh2m6kn0";
+ };
+ }
+ {
+ goPackagePath = "github.com/jstemmer/go-junit-report";
+ fetch = {
+ type = "git";
+ url = "https://github.com/jstemmer/go-junit-report";
+ rev = "af01ea7f8024";
+ sha256 = "1lp3n94ris12hac02wi31f3whs88lcrzwgdg43a5j6cafg9p1d0s";
+ };
+ }
+ {
+ goPackagePath = "github.com/kr/pretty";
+ fetch = {
+ type = "git";
+ url = "https://github.com/kr/pretty";
+ rev = "v0.2.0";
+ sha256 = "1ywbfzz1h3a3qd8rpkiqwi1dm4w8ls9ijb4x1b7567grns9f0vnp";
+ };
+ }
+ {
+ goPackagePath = "github.com/kr/pty";
+ fetch = {
+ type = "git";
+ url = "https://github.com/kr/pty";
+ rev = "v1.1.1";
+ sha256 = "0383f0mb9kqjvncqrfpidsf8y6ns5zlrc91c6a74xpyxjwvzl2y6";
+ };
+ }
+ {
+ goPackagePath = "github.com/kr/text";
+ fetch = {
+ type = "git";
+ url = "https://github.com/kr/text";
+ rev = "v0.1.0";
+ sha256 = "1gm5bsl01apvc84bw06hasawyqm4q84vx1pm32wr9jnd7a8vjgj1";
+ };
+ }
+ {
+ goPackagePath = "github.com/mbland/hmacauth";
fetch = {
type = "git";
url = "https://github.com/mbland/hmacauth";
- rev = "107c17adcc5eccc9935cd67d9bc2feaf5255d2cb";
- sha256 = "1zd9r8znhkxyl997lhjk8nrlxlfv5s1hn7ql87wrcyvlsszx3mzh";
+ rev = "44256dfd4bfa";
+ sha256 = "1d5pbjgc5j8pi3frsjp5gqg7j12bxdbl55nhy01cv4c96hay2ij1";
};
}
{
- goPackagePath = "github.com/mreiferson/go-options";
+ goPackagePath = "github.com/mreiferson/go-options";
fetch = {
type = "git";
url = "https://github.com/mreiferson/go-options";
- rev = "20ba7d382d05facb01e02eb777af0c5f229c5c95";
- sha256 = "1vdz3wqkj885a0jkggaygl4k6k8b94fpspywr26snm4xnb8vgxsf";
+ rev = "v1.0.0";
+ sha256 = "1pxs9ybrh196qy14ijn4zn51h2z28lj31y6vxrz2xxhgvpmfmxyl";
};
}
{
- goPackagePath = "github.com/pmezard/go-difflib";
+ goPackagePath = "github.com/onsi/ginkgo";
+ fetch = {
+ type = "git";
+ url = "https://github.com/onsi/ginkgo";
+ rev = "v1.12.0";
+ sha256 = "0ly246i0ax53l6dn9f1zlhkd9gs03hvbk7aazxay2dd5fxzh9n65";
+ };
+ }
+ {
+ goPackagePath = "github.com/onsi/gomega";
+ fetch = {
+ type = "git";
+ url = "https://github.com/onsi/gomega";
+ rev = "v1.9.0";
+ sha256 = "0l69r6nbnz6b3j9zrqn8aql88jjv1pqykzkvqdbhfprss9b2dy46";
+ };
+ }
+ {
+ goPackagePath = "github.com/pmezard/go-difflib";
fetch = {
type = "git";
url = "https://github.com/pmezard/go-difflib";
- rev = "792786c7400a136282c1664665ae0a8db921c6c2";
+ rev = "v1.0.0";
sha256 = "0c1cn55m4rypmscgf0rrb88pn58j3ysvc2d0432dp3c6fqg6cnzw";
};
}
{
- goPackagePath = "github.com/pquerna/cachecontrol";
+ goPackagePath = "github.com/pquerna/cachecontrol";
fetch = {
type = "git";
url = "https://github.com/pquerna/cachecontrol";
- rev = "0dec1b30a0215bb68605dfc568e8855066c9202d";
- sha256 = "14yyfhrv60rvb983rqm7s916nwvn9kcmbvnrcna2md0s3mkzs3yh";
+ rev = "1555304b9b35";
+ sha256 = "0nr3p9pms6jmr2s44vy2s22q1d3v6xns2kzsvkq2gg1rkx6c1hc9";
};
}
{
- goPackagePath = "github.com/stretchr/testify";
+ goPackagePath = "github.com/prometheus/client_model";
+ fetch = {
+ type = "git";
+ url = "https://github.com/prometheus/client_model";
+ rev = "14fe0d1b01d4";
+ sha256 = "0zdmk6rbbx39cvfz0r59v2jg5sg9yd02b4pds5n5llgvivi99550";
+ };
+ }
+ {
+ goPackagePath = "github.com/stretchr/objx";
+ fetch = {
+ type = "git";
+ url = "https://github.com/stretchr/objx";
+ rev = "v0.1.0";
+ sha256 = "19ynspzjdynbi85xw06mh8ad5j0qa1vryvxjgvbnyrr8rbm4vd8w";
+ };
+ }
+ {
+ goPackagePath = "github.com/stretchr/testify";
fetch = {
type = "git";
url = "https://github.com/stretchr/testify";
- rev = "69483b4bd14f5845b5a1e55bca19e954e827f1d0";
- sha256 = "11lzrwkdzdd8yyag92akncc008h2f9d1bpc489mxiwp0jrmz4ivb";
+ rev = "v1.5.1";
+ sha256 = "09r89m1wy4cjv2nps1ykp00qjpi0531r07q3s34hr7m6njk4srkl";
};
}
{
- goPackagePath = "github.com/yhat/wsutil";
+ goPackagePath = "github.com/yhat/wsutil";
fetch = {
type = "git";
url = "https://github.com/yhat/wsutil";
- rev = "1d66fa95c997864ba4d8479f56609620fe542928";
+ rev = "1d66fa95c997";
sha256 = "1agh4ss6y1laps8pg4mdl844ivmw2wrb7rnpfyag4gai4693i7bv";
};
}
{
- goPackagePath = "golang.org/x/crypto";
+ goPackagePath = "github.com/yuin/gopher-lua";
+ fetch = {
+ type = "git";
+ url = "https://github.com/yuin/gopher-lua";
+ rev = "ab39c6098bdb";
+ sha256 = "13b0rrpv3988qw8rq6z7npajn1my059ybhafi5mxff9jw09k9sja";
+ };
+ }
+ {
+ goPackagePath = "go.opencensus.io";
+ fetch = {
+ type = "git";
+ url = "https://github.com/census-instrumentation/opencensus-go";
+ rev = "v0.21.0";
+ sha256 = "14s0a12xdzjvad0dgksgv8m3hh7nc585abvjkvyk6r67a29lxj6x";
+ };
+ }
+ {
+ goPackagePath = "golang.org/x/crypto";
fetch = {
type = "git";
url = "https://go.googlesource.com/crypto";
- rev = "9f005a07e0d31d45e6656d241bb5c0f2efd4bc94";
- sha256 = "1mhmr6ljzl3iafsz4qy8vval7rmr828wh59dlqqqjqx6sqmcs1dv";
+ rev = "2aa609cf4a9d";
+ sha256 = "1yvis6fqbsd7f356aqyi18f76vnwj3bry6mxqnkvshq4cwrf92il";
};
}
{
- goPackagePath = "golang.org/x/net";
+ goPackagePath = "golang.org/x/exp";
+ fetch = {
+ type = "git";
+ url = "https://go.googlesource.com/exp";
+ rev = "509febef88a4";
+ sha256 = "02isrh39z8znrp5znplzy0dip2gnrl3jm1355raliyvhnhg04j6q";
+ };
+ }
+ {
+ goPackagePath = "golang.org/x/lint";
+ fetch = {
+ type = "git";
+ url = "https://go.googlesource.com/lint";
+ rev = "959b441ac422";
+ sha256 = "1mgcv5f00pkzsbwnq2y7vqvd1b4lr5a3s47cphh2qv4indfk7pck";
+ };
+ }
+ {
+ goPackagePath = "golang.org/x/net";
fetch = {
type = "git";
url = "https://go.googlesource.com/net";
- rev = "9dfe39835686865bff950a07b394c12a98ddc811";
- sha256 = "0z8mnl4mi88syafrgqys2ak2gg3yrbna25hpz88y3anl8x4jhg1a";
+ rev = "0de0cce0169b";
+ sha256 = "1db7s5kbzyh2zd5lpv05n7hp8wbwdvgk0wpiwrlnig94mkr0y5aq";
};
}
{
- goPackagePath = "golang.org/x/oauth2";
+ goPackagePath = "golang.org/x/oauth2";
fetch = {
type = "git";
url = "https://go.googlesource.com/oauth2";
- rev = "9ff8ebcc8e241d46f52ecc5bff0e5a2f2dbef402";
- sha256 = "035v5w1nad6r1l22cj6f73zzr6qi4jgq71yjywf2c6rvsa5147r2";
+ rev = "bf48bf16ab8d";
+ sha256 = "1sirdib60zwmh93kf9qrx51r8544k1p9rs5mk0797wibz3m4mrdg";
};
}
{
- goPackagePath = "google.golang.org/api";
+ goPackagePath = "golang.org/x/sync";
+ fetch = {
+ type = "git";
+ url = "https://go.googlesource.com/sync";
+ rev = "112230192c58";
+ sha256 = "05i2k43j2d0llq768hg5pf3hb2yhfzp9la1w5wp0rsnnzblr0lfn";
+ };
+ }
+ {
+ goPackagePath = "golang.org/x/sys";
+ fetch = {
+ type = "git";
+ url = "https://go.googlesource.com/sys";
+ rev = "bd437916bb0e";
+ sha256 = "1i8x26frmlin55k69k936zd1rp5sqnq14y5ms4rkxbfzhasdm2rx";
+ };
+ }
+ {
+ goPackagePath = "golang.org/x/text";
+ fetch = {
+ type = "git";
+ url = "https://go.googlesource.com/text";
+ rev = "v0.3.2";
+ sha256 = "0flv9idw0jm5nm8lx25xqanbkqgfiym6619w575p7nrdh0riqwqh";
+ };
+ }
+ {
+ goPackagePath = "golang.org/x/time";
+ fetch = {
+ type = "git";
+ url = "https://go.googlesource.com/time";
+ rev = "85acf8d2951c";
+ sha256 = "0yqnxsrarjk4qkda8kcxzmk7y90kkkxzx9iwryzrk7bzs87ky3xc";
+ };
+ }
+ {
+ goPackagePath = "golang.org/x/tools";
+ fetch = {
+ type = "git";
+ url = "https://go.googlesource.com/tools";
+ rev = "2c0ae7006135";
+ sha256 = "1lsi2ssxajclj3bciz2a41v1vjv768ja3v6wnbyhxy8xphwkp4fk";
+ };
+ }
+ {
+ goPackagePath = "golang.org/x/xerrors";
+ fetch = {
+ type = "git";
+ url = "https://go.googlesource.com/xerrors";
+ rev = "a985d3407aa7";
+ sha256 = "00wzr5w8aadipgc3rkk8f11i41znskfj9ix5nhhaxyg7isrslgcj";
+ };
+ }
+ {
+ goPackagePath = "google.golang.org/api";
fetch = {
type = "git";
url = "https://code.googlesource.com/google-api-go-client";
- rev = "8791354e7ab150705ede13637a18c1fcc16b62e8";
- sha256 = "0ps7y4m9787wvkqwrwqyb4nmmibhrihmg7xqh7sba2cyj397wngm";
+ rev = "v0.19.0";
+ sha256 = "0rbwijzl91xmbr9kqhiwx4fydm7r6ci6rxsi9jsy8zap9zy120f6";
};
}
{
- goPackagePath = "google.golang.org/appengine";
+ goPackagePath = "google.golang.org/appengine";
fetch = {
type = "git";
url = "https://github.com/golang/appengine";
- rev = "150dc57a1b433e64154302bdc40b6bb8aefa313a";
- sha256 = "0w3knznv39k8bm85ri62f83czcrxknql7dv6p9hk1a5jx3xljgxq";
+ rev = "v1.5.0";
+ sha256 = "0l7mkdnwhidv8m686x432vmx8z5nqcrr9f46ddgvrxbh4wvyfcll";
};
}
{
- goPackagePath = "gopkg.in/fsnotify/fsnotify.v1";
+ goPackagePath = "google.golang.org/genproto";
fetch = {
type = "git";
- url = "https://github.com/fsnotify/fsnotify";
- rev = "836bfd95fecc0f1511dd66bdbf2b5b61ab8b00b6";
- sha256 = "0470dznkcbabncskgr8hfilpj5w24ygg455pyggbfbssmfv1m9gg";
+ url = "https://github.com/google/go-genproto";
+ rev = "24fa4b261c55";
+ sha256 = "109zhaqlfd8zkbr1hk6zqbs6vcxfrk64scjwh2nswph05gr0m84d";
};
}
{
- goPackagePath = "gopkg.in/square/go-jose.v2";
+ goPackagePath = "google.golang.org/grpc";
fetch = {
type = "git";
- url = "https://github.com/square/go-jose";
- rev = "f8f38de21b4dcd69d0413faf231983f5fd6634b1";
- sha256 = "1bjrs3xq3m2ckfds0l4wqf81311ymm9agipmkllbvkadac156dsa";
+ url = "https://github.com/grpc/grpc-go";
+ rev = "v1.27.0";
+ sha256 = "1ijrmgrxyabfn51nm3p9l81iaasq5fg237wnr6mdc4dzsfcg8kd7";
};
}
-]
\ No newline at end of file
+ {
+ goPackagePath = "gopkg.in/check.v1";
+ fetch = {
+ type = "git";
+ url = "https://gopkg.in/check.v1";
+ rev = "20d25e280405";
+ sha256 = "0k1m83ji9l1a7ng8a7v40psbymxasmssbrrhpdv2wl4rhs0nc3np";
+ };
+ }
+ {
+ goPackagePath = "gopkg.in/fsnotify.v1";
+ fetch = {
+ type = "git";
+ url = "https://gopkg.in/fsnotify.v1";
+ rev = "v1.4.7";
+ sha256 = "07va9crci0ijlivbb7q57d2rz9h27zgn2fsm60spjsqpdbvyrx4g";
+ };
+ }
+ {
+ goPackagePath = "gopkg.in/fsnotify/fsnotify.v1";
+ fetch = {
+ type = "git";
+ url = "https://gopkg.in/fsnotify/fsnotify.v1";
+ rev = "v1.4.7";
+ sha256 = "07va9crci0ijlivbb7q57d2rz9h27zgn2fsm60spjsqpdbvyrx4g";
+ };
+ }
+ {
+ goPackagePath = "gopkg.in/natefinch/lumberjack.v2";
+ fetch = {
+ type = "git";
+ url = "https://gopkg.in/natefinch/lumberjack.v2";
+ rev = "v2.0.0";
+ sha256 = "1m2sxypk7p805jvc68padvylyx5v7cwkh5klnnxxr0340kgspf08";
+ };
+ }
+ {
+ goPackagePath = "gopkg.in/square/go-jose.v2";
+ fetch = {
+ type = "git";
+ url = "https://gopkg.in/square/go-jose.v2";
+ rev = "v2.4.1";
+ sha256 = "1y0angxwryishwd1z0q7fp2xwjjhpw70kqh4ml4ly40akfhf1f5a";
+ };
+ }
+ {
+ goPackagePath = "gopkg.in/tomb.v1";
+ fetch = {
+ type = "git";
+ url = "https://gopkg.in/tomb.v1";
+ rev = "dd632973f1e7";
+ sha256 = "1lqmq1ag7s4b3gc3ddvr792c5xb5k6sfn0cchr3i2s7f1c231zjv";
+ };
+ }
+ {
+ goPackagePath = "gopkg.in/yaml.v2";
+ fetch = {
+ type = "git";
+ url = "https://gopkg.in/yaml.v2";
+ rev = "v2.2.4";
+ sha256 = "11bwj757wi8kdrcnlgfqb8vv2d2xdhlghmyagd19i62khrkchsg2";
+ };
+ }
+ {
+ goPackagePath = "honnef.co/go/tools";
+ fetch = {
+ type = "git";
+ url = "https://github.com/dominikh/go-tools";
+ rev = "ea95bdfd59fc";
+ sha256 = "1763nw7pwpzkvzfnm63dgzcgbq9hwmq5l1nffchnhh77vgkaq4ic";
+ };
+ }
+]
diff --git a/pkgs/shells/fish/default.nix b/pkgs/shells/fish/default.nix
index 0ea8dce4405..bea56bd8c5a 100644
--- a/pkgs/shells/fish/default.nix
+++ b/pkgs/shells/fish/default.nix
@@ -6,7 +6,7 @@
, fetchpatch
, writeText
-
+ , nixosTests
, useOperatingSystemEtc ? true
}:
@@ -179,6 +179,7 @@ let
passthru = {
shellPath = "/bin/fish";
+ tests.nixos = nixosTests.fish;
};
};
diff --git a/pkgs/shells/oil/default.nix b/pkgs/shells/oil/default.nix
index 9e2aa3454d2..019a66c77eb 100644
--- a/pkgs/shells/oil/default.nix
+++ b/pkgs/shells/oil/default.nix
@@ -1,12 +1,12 @@
-{ stdenv, lib, fetchurl, fetchpatch, readline }:
+{ stdenv, lib, fetchurl, readline }:
stdenv.mkDerivation rec {
pname = "oil";
- version = "0.7.0";
+ version = "0.8.pre4";
src = fetchurl {
url = "https://www.oilshell.org/download/oil-${version}.tar.xz";
- sha256 = "12c9s462879adb6mwd3fqafk0dnqsm16s18rhym6cmzfzy8v8zm3";
+ sha256 = "07kj86hrvlz9f1gh3qv4hdaz3qnb4a2qf0dnxhd2r0qilrkjanxh";
};
postPatch = ''
diff --git a/pkgs/tools/archivers/p7zip/default.nix b/pkgs/tools/archivers/p7zip/default.nix
index f44791ce021..e41d9a2eb2d 100644
--- a/pkgs/tools/archivers/p7zip/default.nix
+++ b/pkgs/tools/archivers/p7zip/default.nix
@@ -24,6 +24,11 @@ stdenv.mkDerivation rec {
substituteInPlace makefile.machine \
--replace 'CC=gcc' 'CC=${stdenv.cc.targetPrefix}gcc' \
--replace 'CXX=g++' 'CXX=${stdenv.cc.targetPrefix}g++'
+ '' + ''
+ # Remove non-free RAR source code
+ # (see DOC/License.txt, https://fedoraproject.org/wiki/Licensing:Unrar)
+ rm -r CPP/7zip/Compress/Rar*
+ find . -name makefile'*' -exec sed -i '/Rar/d' {} +
'';
preConfigure = ''
@@ -42,9 +47,9 @@ stdenv.mkDerivation rec {
meta = {
homepage = "http://p7zip.sourceforge.net/";
description = "A port of the 7-zip archiver";
- # license = stdenv.lib.licenses.lgpl21Plus; + "unRAR restriction"
platforms = stdenv.lib.platforms.unix;
maintainers = [ stdenv.lib.maintainers.raskin ];
+ # RAR code is under non-free UnRAR license, but we remove it
license = stdenv.lib.licenses.lgpl2Plus;
};
}
diff --git a/pkgs/tools/graphics/spirv-cross/default.nix b/pkgs/tools/graphics/spirv-cross/default.nix
new file mode 100644
index 00000000000..57b447b1ad7
--- /dev/null
+++ b/pkgs/tools/graphics/spirv-cross/default.nix
@@ -0,0 +1,23 @@
+{ stdenv, fetchFromGitHub, cmake, python3 }:
+
+stdenv.mkDerivation rec {
+ pname = "spirv-cross";
+ version = "2020-04-03";
+
+ src = fetchFromGitHub {
+ owner = "KhronosGroup";
+ repo = "SPIRV-Cross";
+ rev = version;
+ sha256 = "0489s29kqgq20clxqg22y299yxz23p0yjh87yhka705hm9skx4sa";
+ };
+
+ nativeBuildInputs = [ cmake python3 ];
+
+ meta = with stdenv.lib; {
+ description = "A tool designed for parsing and converting SPIR-V to other shader languages";
+ homepage = "https://github.com/KhronosGroup/SPIRV-Cross";
+ platforms = platforms.linux;
+ license = licenses.asl20;
+ maintainers = with maintainers; [ Flakebi ];
+ };
+}
diff --git a/pkgs/tools/networking/cjdns/default.nix b/pkgs/tools/networking/cjdns/default.nix
index 452181754b1..9a74344d293 100644
--- a/pkgs/tools/networking/cjdns/default.nix
+++ b/pkgs/tools/networking/cjdns/default.nix
@@ -1,4 +1,4 @@
-{ stdenv, fetchFromGitHub, nodejs, which, python27, utillinux }:
+{ stdenv, fetchFromGitHub, nodejs, which, python27, utillinux, nixosTests }:
let version = "20.6"; in
stdenv.mkDerivation {
@@ -29,6 +29,8 @@ stdenv.mkDerivation {
cp -R contrib tools node_build node_modules $out/share/cjdns/
'';
+ passthru.tests.basic = nixosTests.cjdns;
+
meta = with stdenv.lib; {
homepage = "https://github.com/cjdelisle/cjdns";
description = "Encrypted networking for regular people";
diff --git a/pkgs/tools/networking/yggdrasil/default.nix b/pkgs/tools/networking/yggdrasil/default.nix
index 91b08015327..d8c8c429ef9 100644
--- a/pkgs/tools/networking/yggdrasil/default.nix
+++ b/pkgs/tools/networking/yggdrasil/default.nix
@@ -1,4 +1,4 @@
-{ lib, buildGoModule, fetchFromGitHub }:
+{ lib, buildGoModule, fetchFromGitHub, nixosTests }:
buildGoModule rec {
pname = "yggdrasil";
@@ -27,6 +27,8 @@ buildGoModule rec {
-s -w
'';
+ passthru.tests.basic = nixosTests.yggdrasil;
+
meta = with lib; {
description =
"An experiment in scalable routing as an encrypted IPv6 overlay network";
diff --git a/pkgs/tools/system/tre-command/default.nix b/pkgs/tools/system/tre-command/default.nix
index 0cbe87ccd37..bc0fa7ea988 100644
--- a/pkgs/tools/system/tre-command/default.nix
+++ b/pkgs/tools/system/tre-command/default.nix
@@ -2,7 +2,7 @@
rustPlatform.buildRustPackage rec {
pname = "tre";
- version = "0.2.2";
+ version = "0.2.3";
src = fetchFromGitHub {
owner = "dduan";
@@ -11,7 +11,7 @@ rustPlatform.buildRustPackage rec {
sha256 = "1fazw2wn738iknbv54gv7qll7d4q2gy9bq1s3f3cv21cdv6bqral";
};
- cargoSha256 = "1m3ccp5ncafkifg8sxyxczsg3ja1gvq8wmgni68bgzm2lwxh2qgw";
+ cargoSha256 = "16bvnwgjf3kj99d77j1pkldbasxfwy55sj9sv9vf2z6llfmzfabd";
meta = with stdenv.lib; {
description = "Tree command, improved";
diff --git a/pkgs/tools/typesetting/sile/default.nix b/pkgs/tools/typesetting/sile/default.nix
index 5bb4c5b7fb2..a8969fd4598 100644
--- a/pkgs/tools/typesetting/sile/default.nix
+++ b/pkgs/tools/typesetting/sile/default.nix
@@ -13,11 +13,11 @@ in
stdenv.mkDerivation rec {
pname = "sile";
- version = "0.10.3";
+ version = "0.10.4";
src = fetchurl {
url = "https://github.com/sile-typesetter/sile/releases/download/v${version}/${pname}-${version}.tar.bz2";
- sha256 = "d89d5ce7d2bf46fb062e5299ffd8b5d821dc3cb3462a0e7c1109edeee111d856";
+ sha256 = "08j2vv6spnzz8bsh62wbdv1pjiziiba71cadscsy5hw6pklzndni";
};
configureFlags = [ "--with-system-luarocks" ];
diff --git a/pkgs/tools/virtualization/cri-tools/default.nix b/pkgs/tools/virtualization/cri-tools/default.nix
index 2aa23f04fe4..8c57fdeed00 100644
--- a/pkgs/tools/virtualization/cri-tools/default.nix
+++ b/pkgs/tools/virtualization/cri-tools/default.nix
@@ -2,12 +2,12 @@
buildGoPackage rec {
pname = "cri-tools";
- version = "1.17.0";
+ version = "1.18.0";
src = fetchFromGitHub {
owner = "kubernetes-sigs";
repo = pname;
rev = "v${version}";
- sha256 = "0h9gry56graif761lmcy91q9fzwvmwb15wcx8245927yfg5j0zgh";
+ sha256 = "06sxjhjpd893fn945c1s4adri2bf7s50ddvcw5pnwb6qndzfljw6";
};
goPackagePath = "github.com/kubernetes-sigs/cri-tools";
diff --git a/pkgs/top-level/aliases.nix b/pkgs/top-level/aliases.nix
index 4b2b36eb352..9ad282149aa 100644
--- a/pkgs/top-level/aliases.nix
+++ b/pkgs/top-level/aliases.nix
@@ -216,7 +216,6 @@ mapAliases ({
keymon = throw "keymon has been removed from nixpkgs, as it's abandoned and archived."; # 2019-12-10
kvm = qemu_kvm; # added 2018-04-25
latinmodern-math = lmmath;
- ldc2 = ldc; # added 2020-04-18
letsencrypt = certbot; # added 2016-05-16
libaudit = audit; # added 2018-04-25
libcanberra_gtk2 = libcanberra-gtk2; # added 2018-02-25
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 772d302ae1b..e09819318aa 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -3991,6 +3991,8 @@ in
httplab = callPackage ../tools/networking/httplab { };
+ lucky-cli = callPackage ../development/web/lucky-cli { };
+
partclone = callPackage ../tools/backup/partclone { };
partimage = callPackage ../tools/backup/partimage { };
@@ -6532,6 +6534,8 @@ in
shocco = callPackage ../tools/text/shocco { };
+ shopify-themekit = callPackage ../development/web/shopify-themekit { };
+
shorewall = callPackage ../tools/networking/shorewall { };
shotwell = callPackage ../applications/graphics/shotwell { };
@@ -8114,9 +8118,7 @@ in
crystal
crystal2nix;
- icr = callPackage ../development/tools/icr {
- openssl = openssl_1_0_2;
- };
+ icr = callPackage ../development/tools/icr { };
scry = callPackage ../development/tools/scry {};
@@ -12222,6 +12224,16 @@ in
} // (stdenv.lib.optionalAttrs (stdenv.hostPlatform.isi686 && stdenv.cc.isGNU) {
stdenv = gcc6Stdenv; # with gcc-7: undefined reference to `__divmoddi4'
}));
+ icu65 = callPackage ../development/libraries/icu/65.nix ({
+ nativeBuildRoot = buildPackages.icu65.override { buildRootOnly = true; };
+ } // (stdenv.lib.optionalAttrs (stdenv.hostPlatform.isi686 && stdenv.cc.isGNU) {
+ stdenv = gcc6Stdenv; # with gcc-7: undefined reference to `__divmoddi4'
+ }));
+ icu66 = callPackage ../development/libraries/icu/66.nix ({
+ nativeBuildRoot = buildPackages.icu66.override { buildRootOnly = true; };
+ } // (stdenv.lib.optionalAttrs (stdenv.hostPlatform.isi686 && stdenv.cc.isGNU) {
+ stdenv = gcc6Stdenv; # with gcc-7: undefined reference to `__divmoddi4'
+ }));
icu = icu64;
@@ -14547,6 +14559,8 @@ in
spice-up = callPackage ../applications/office/spice-up { };
+ spirv-cross = callPackage ../tools/graphics/spirv-cross { };
+
sratom = callPackage ../development/libraries/audio/sratom { };
srm = callPackage ../tools/security/srm { };
diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix
index cb5cbb5375a..ea246c3f86a 100644
--- a/pkgs/top-level/python-packages.nix
+++ b/pkgs/top-level/python-packages.nix
@@ -560,6 +560,8 @@ in {
catalogue = callPackage ../development/python-modules/catalogue { };
+ cbeams = callPackage ../misc/cbeams { };
+
cdecimal = callPackage ../development/python-modules/cdecimal { };
cfn-flip = callPackage ../development/python-modules/cfn-flip { };
@@ -1063,6 +1065,8 @@ in {
proglog = callPackage ../development/python-modules/proglog { };
+ pulsectl = callPackage ../development/python-modules/pulsectl { };
+
pure-python-adb-homeassistant = callPackage ../development/python-modules/pure-python-adb-homeassistant { };
purl = callPackage ../development/python-modules/purl { };
@@ -1463,6 +1467,8 @@ in {
shellingham = callPackage ../development/python-modules/shellingham {};
+ simpleaudio = callPackage ../development/python-modules/simpleaudio { };
+
simpleeval = callPackage ../development/python-modules/simpleeval { };
simple-salesforce = callPackage ../development/python-modules/simple-salesforce { };
@@ -3266,6 +3272,8 @@ in {
peewee = callPackage ../development/python-modules/peewee { };
+ pyroma = callPackage ../development/python-modules/pyroma { };
+
pyroute2 = callPackage ../development/python-modules/pyroute2 { };
pyspf = callPackage ../development/python-modules/pyspf { };