diff --git a/lib/systems/default.nix b/lib/systems/default.nix
index f6832945a23..e31a8e65f2a 100644
--- a/lib/systems/default.nix
+++ b/lib/systems/default.nix
@@ -83,7 +83,7 @@ rec {
if final.isAarch32 then "arm"
else if final.isAarch64 then "arm64"
else if final.isx86_32 then "x86"
- else if final.isx86_64 then "ia64"
+ else if final.isx86_64 then "x86"
else if final.isMips then "mips"
else final.parsed.cpu.name;
diff --git a/nixos/doc/manual/release-notes/rl-2009.xml b/nixos/doc/manual/release-notes/rl-2009.xml
index afb09d7c5d2..3da8080958e 100644
--- a/nixos/doc/manual/release-notes/rl-2009.xml
+++ b/nixos/doc/manual/release-notes/rl-2009.xml
@@ -1344,6 +1344,12 @@ CREATE ROLE postgres LOGIN SUPERUSER;
that makes it unsuitable to be a default app.
+
+
+ If you want to manage the configuration of wpa_supplicant outside of NixOS you must ensure that none of , or is being used or true.
+ Using any of those options will cause wpa_supplicant to be started with a NixOS generated configuration file instead of your own.
+
+
diff --git a/nixos/modules/system/boot/stage-1.nix b/nixos/modules/system/boot/stage-1.nix
index 0f5787a1921..86bfde6349c 100644
--- a/nixos/modules/system/boot/stage-1.nix
+++ b/nixos/modules/system/boot/stage-1.nix
@@ -308,7 +308,7 @@ let
# the initial RAM disk.
initialRamdisk = pkgs.makeInitrd {
name = "initrd-${kernel-name}";
- inherit (config.boot.initrd) compressor prepend;
+ inherit (config.boot.initrd) compressor compressorArgs prepend;
contents =
[ { object = bootStage1;
@@ -334,7 +334,9 @@ let
# Script to add secret files to the initrd at bootloader update time
initialRamdiskSecretAppender =
- pkgs.writeScriptBin "append-initrd-secrets"
+ let
+ compressorExe = initialRamdisk.compressorExecutableFunction pkgs;
+ in pkgs.writeScriptBin "append-initrd-secrets"
''
#!${pkgs.bash}/bin/bash -e
function usage {
@@ -376,7 +378,7 @@ let
}
(cd "$tmp" && find . -print0 | sort -z | cpio -o -H newc -R +0:+0 --reproducible --null) | \
- ${config.boot.initrd.compressor} >> "$1"
+ ${compressorExe} ${lib.escapeShellArgs initialRamdisk.compressorArgs} >> "$1"
'';
in
@@ -511,13 +513,28 @@ in
};
boot.initrd.compressor = mkOption {
- internal = true;
- default = "gzip -9n";
- type = types.str;
- description = "The compressor to use on the initrd image.";
+ default = "gzip";
+ type = types.unspecified; # We don't have a function type...
+ description = ''
+ The compressor to use on the initrd image. May be any of:
+
+
+ The name of one of the predefined compressors, see pkgs/build-support/kernel/initrd-compressor-meta.nix for the definitions.
+ A function which, given the nixpkgs package set, returns the path to a compressor tool, e.g. pkgs: "''${pkgs.pigz}/bin/pigz"
+ (not recommended, because it does not work when cross-compiling) the full path to a compressor tool, e.g. "''${pkgs.pigz}/bin/pigz"
+
+
+ The given program should read data from stdin and write it to stdout compressed.
+ '';
example = "xz";
};
+ boot.initrd.compressorArgs = mkOption {
+ default = null;
+ type = types.nullOr (types.listOf types.str);
+ description = "Arguments to pass to the compressor for the initrd image, or null to use the compressor's defaults.";
+ };
+
boot.initrd.secrets = mkOption
{ default = {};
type = types.attrsOf (types.nullOr types.path);
diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix
index e770c8763d8..e2328608703 100644
--- a/nixos/tests/all-tests.nix
+++ b/nixos/tests/all-tests.nix
@@ -168,6 +168,7 @@ in
initrd-network-openvpn = handleTest ./initrd-network-openvpn {};
initrd-network-ssh = handleTest ./initrd-network-ssh {};
initrdNetwork = handleTest ./initrd-network.nix {};
+ initrd-secrets = handleTest ./initrd-secrets.nix {};
installer = handleTest ./installer.nix {};
iodine = handleTest ./iodine.nix {};
ipfs = handleTest ./ipfs.nix {};
@@ -411,6 +412,7 @@ in
xterm = handleTest ./xterm.nix {};
yabar = handleTest ./yabar.nix {};
yggdrasil = handleTest ./yggdrasil.nix {};
+ yq = handleTest ./yq.nix {};
zfs = handleTest ./zfs.nix {};
zigbee2mqtt = handleTest ./zigbee2mqtt.nix {};
zoneminder = handleTest ./zoneminder.nix {};
diff --git a/nixos/tests/initrd-secrets.nix b/nixos/tests/initrd-secrets.nix
new file mode 100644
index 00000000000..10dd908502d
--- /dev/null
+++ b/nixos/tests/initrd-secrets.nix
@@ -0,0 +1,35 @@
+{ system ? builtins.currentSystem
+, config ? {}
+, pkgs ? import ../.. { inherit system config; }
+, lib ? pkgs.lib
+, testing ? import ../lib/testing-python.nix { inherit system pkgs; }
+}:
+let
+ secretInStore = pkgs.writeText "topsecret" "iamasecret";
+ testWithCompressor = compressor: testing.makeTest {
+ name = "initrd-secrets-${compressor}";
+
+ meta.maintainers = [ lib.maintainers.lheckemann ];
+
+ machine = { ... }: {
+ virtualisation.useBootLoader = true;
+ boot.initrd.secrets."/test" = secretInStore;
+ boot.initrd.postMountCommands = ''
+ cp /test /mnt-root/secret-from-initramfs
+ '';
+ boot.initrd.compressor = compressor;
+ # zstd compression is only supported from 5.9 onwards. Remove when 5.10 becomes default.
+ boot.kernelPackages = pkgs.linuxPackages_latest;
+ };
+
+ testScript = ''
+ start_all()
+ machine.wait_for_unit("multi-user.target")
+ machine.succeed(
+ "cmp ${secretInStore} /secret-from-initramfs"
+ )
+ '';
+ };
+in lib.flip lib.genAttrs testWithCompressor [
+ "cat" "gzip" "bzip2" "xz" "lzma" "lzop" "pigz" "pixz" "zstd"
+]
diff --git a/nixos/tests/yq.nix b/nixos/tests/yq.nix
new file mode 100644
index 00000000000..7c0e8e3d055
--- /dev/null
+++ b/nixos/tests/yq.nix
@@ -0,0 +1,12 @@
+import ./make-test-python.nix ({ pkgs, ... }: {
+ name = "yq";
+ meta = with pkgs.stdenv.lib.maintainers; { maintainers = [ nequissimus ]; };
+
+ nodes.yq = { pkgs, ... }: { environment.systemPackages = with pkgs; [ jq yq ]; };
+
+ testScript = ''
+ assert "hello:\n foo: bar\n" in yq.succeed(
+ 'echo \'{"hello":{"foo":"bar"}}\' | yq -y .'
+ )
+ '';
+})
diff --git a/pkgs/applications/networking/browsers/chromium/default.nix b/pkgs/applications/networking/browsers/chromium/default.nix
index 0cbfbc33270..6e7c2307d64 100644
--- a/pkgs/applications/networking/browsers/chromium/default.nix
+++ b/pkgs/applications/networking/browsers/chromium/default.nix
@@ -54,15 +54,17 @@ let
pkgSuffix = if channel == "dev" then "unstable" else channel;
pkgName = "google-chrome-${pkgSuffix}";
- chromeSrc = fetchurl {
- urls = map (repo: "${repo}/${pkgName}/${pkgName}_${version}-1_amd64.deb") [
- "https://dl.google.com/linux/chrome/deb/pool/main/g"
- "http://95.31.35.30/chrome/pool/main/g"
- "http://mirror.pcbeta.com/google/chrome/deb/pool/main/g"
- "http://repo.fdzh.org/chrome/deb/pool/main/g"
- ];
- sha256 = chromium.upstream-info.sha256bin64;
- };
+ chromeSrc = if channel == "ungoogled-chromium"
+ then throw "Google Chrome is not supported for the ungoogled-chromium channel."
+ else fetchurl {
+ urls = map (repo: "${repo}/${pkgName}/${pkgName}_${version}-1_amd64.deb") [
+ "https://dl.google.com/linux/chrome/deb/pool/main/g"
+ "http://95.31.35.30/chrome/pool/main/g"
+ "http://mirror.pcbeta.com/google/chrome/deb/pool/main/g"
+ "http://repo.fdzh.org/chrome/deb/pool/main/g"
+ ];
+ sha256 = chromium.upstream-info.sha256bin64;
+ };
mkrpath = p: "${lib.makeSearchPathOutput "lib" "lib64" p}:${lib.makeLibraryPath p}";
widevineCdm = stdenv.mkDerivation {
diff --git a/pkgs/applications/networking/browsers/chromium/update.py b/pkgs/applications/networking/browsers/chromium/update.py
index 57fe268e72f..b4d16fa149f 100755
--- a/pkgs/applications/networking/browsers/chromium/update.py
+++ b/pkgs/applications/networking/browsers/chromium/update.py
@@ -1,6 +1,9 @@
#! /usr/bin/env nix-shell
#! nix-shell -i python -p python3 nix nix-prefetch-git
+"""This script automatically updates chromium, google-chrome, chromedriver, and ungoogled-chromium
+via upstream-info.json."""
+
import csv
import json
import re
@@ -19,41 +22,54 @@ BUCKET_URL = 'https://commondatastorage.googleapis.com/chromium-browser-official
JSON_PATH = dirname(abspath(__file__)) + '/upstream-info.json'
+
def load_json(path):
+ """Loads the given JSON file."""
with open(path, 'r') as f:
return json.load(f)
+
def nix_prefetch_url(url, algo='sha256'):
+ """Prefetches the content of the given URL."""
print(f'nix-prefetch-url {url}')
out = subprocess.check_output(['nix-prefetch-url', '--type', algo, url])
return out.decode('utf-8').rstrip()
+
def nix_prefetch_git(url, rev):
+ """Prefetches the requested Git revision of the given repository URL."""
print(f'nix-prefetch-git {url} {rev}')
out = subprocess.check_output(['nix-prefetch-git', '--quiet', '--url', url, '--rev', rev])
return json.loads(out)
+
def get_file_revision(revision, file_path):
+ """Fetches the requested Git revision of the given Chromium file."""
url = f'https://raw.githubusercontent.com/chromium/chromium/{revision}/{file_path}'
with urlopen(url) as http_response:
return http_response.read()
+
def get_matching_chromedriver(version):
+ """Gets the matching chromedriver version for the given Chromium version."""
# See https://chromedriver.chromium.org/downloads/version-selection
build = re.sub('.[0-9]+$', '', version)
chromedriver_version_url = f'https://chromedriver.storage.googleapis.com/LATEST_RELEASE_{build}'
with urlopen(chromedriver_version_url) as http_response:
chromedriver_version = http_response.read().decode()
def get_chromedriver_url(system):
- return f'https://chromedriver.storage.googleapis.com/{chromedriver_version}/chromedriver_{system}.zip'
+ return ('https://chromedriver.storage.googleapis.com/' +
+ f'{chromedriver_version}/chromedriver_{system}.zip')
return {
'version': chromedriver_version,
'sha256_linux': nix_prefetch_url(get_chromedriver_url('linux64')),
'sha256_darwin': nix_prefetch_url(get_chromedriver_url('mac64'))
}
-def get_channel_dependencies(channel):
- deps = get_file_revision(channel['version'], 'DEPS')
+
+def get_channel_dependencies(version):
+ """Gets all dependencies for the given Chromium version."""
+ deps = get_file_revision(version, 'DEPS')
gn_pattern = b"'gn_version': 'git_revision:([0-9a-f]{40})'"
gn_commit = re.search(gn_pattern, deps).group(1).decode()
gn = nix_prefetch_git('https://gn.googlesource.com/gn', gn_commit)
@@ -66,9 +82,39 @@ def get_channel_dependencies(channel):
}
}
+
+def get_latest_ungoogled_chromium_tag():
+ """Returns the latest ungoogled-chromium tag using the GitHub API."""
+ api_tag_url = 'https://api.github.com/repos/Eloston/ungoogled-chromium/tags?per_page=1'
+ with urlopen(api_tag_url) as http_response:
+ tag_data = json.load(http_response)
+ return tag_data[0]['name']
+
+
+def get_ungoogled_chromium_channel():
+ """Returns a dictionary for the ungoogled-chromium channel."""
+ latest_tag = get_latest_ungoogled_chromium_tag()
+ version = latest_tag.split('-')[0]
+ if version == last_channels['ungoogled-chromium']['version']:
+ # No update available -> keep the cached information (no refetching required):
+ return last_channels['ungoogled-chromium']
+ channel = {
+ 'version': version,
+ 'sha256': nix_prefetch_url(f'{BUCKET_URL}/chromium-{version}.tar.xz'),
+ 'deps': get_channel_dependencies(version)
+ }
+ repo_url = 'https://github.com/Eloston/ungoogled-chromium.git'
+ channel['deps']['ungoogled-patches'] = {
+ 'rev': latest_tag,
+ 'sha256': nix_prefetch_git(repo_url, latest_tag)['sha256']
+ }
+ return channel
+
+
channels = {}
last_channels = load_json(JSON_PATH)
+
print(f'GET {HISTORY_URL}', file=sys.stderr)
with urlopen(HISTORY_URL) as resp:
builds = csv.DictReader(iterdecode(resp, 'utf-8'))
@@ -92,33 +138,37 @@ with urlopen(HISTORY_URL) as resp:
try:
channel['sha256'] = nix_prefetch_url(f'{BUCKET_URL}/chromium-{build["version"]}.tar.xz')
- channel['sha256bin64'] = nix_prefetch_url(f'{DEB_URL}/google-chrome-{suffix}/google-chrome-{suffix}_{build["version"]}-1_amd64.deb')
+ channel['sha256bin64'] = nix_prefetch_url(
+ f'{DEB_URL}/google-chrome-{suffix}/' +
+ f'google-chrome-{suffix}_{build["version"]}-1_amd64.deb')
except subprocess.CalledProcessError:
# This build isn't actually available yet. Continue to
# the next one.
continue
- channel['deps'] = get_channel_dependencies(channel)
+ channel['deps'] = get_channel_dependencies(channel['version'])
if channel_name == 'stable':
channel['chromedriver'] = get_matching_chromedriver(channel['version'])
channels[channel_name] = channel
+
with open(JSON_PATH, 'w') as out:
def get_channel_key(item):
+ """Orders Chromium channels by their name."""
channel_name = item[0]
if channel_name == 'stable':
return 0
- elif channel_name == 'beta':
+ if channel_name == 'beta':
return 1
- elif channel_name == 'dev':
+ if channel_name == 'dev':
return 2
- elif channel_name == 'ungoogled-chromium':
+ if channel_name == 'ungoogled-chromium':
return 3
- else:
- print(f'Error: Unexpected channel: {channel_name}', file=sys.stderr)
- sys.exit(1)
- channels['ungoogled-chromium'] = last_channels['ungoogled-chromium'] # Keep ungoogled-chromium unchanged
+ print(f'Error: Unexpected channel: {channel_name}', file=sys.stderr)
+ sys.exit(1)
+ # Get the special ungoogled-chromium channel:
+ channels['ungoogled-chromium'] = get_ungoogled_chromium_channel()
sorted_channels = OrderedDict(sorted(channels.items(), key=get_channel_key))
json.dump(sorted_channels, out, indent=2)
out.write('\n')
diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.json b/pkgs/applications/networking/browsers/chromium/upstream-info.json
index 21121428cc1..2cd673e9c55 100644
--- a/pkgs/applications/networking/browsers/chromium/upstream-info.json
+++ b/pkgs/applications/networking/browsers/chromium/upstream-info.json
@@ -47,15 +47,15 @@
"version": "87.0.4280.88",
"sha256": "1h09g9b2zxad85vd146ymvg3w2kpngpi78yig3dn1vrmhwr4aiiy",
"deps": {
- "ungoogled-patches": {
- "rev": "87.0.4280.88-1",
- "sha256": "0w2137w8hfcgl6f938hqnb4ffp33v5r8vdzxrvs814w7dszkiqgg"
- },
"gn": {
"version": "2020-09-09",
"url": "https://gn.googlesource.com/gn",
"rev": "e002e68a48d1c82648eadde2f6aafa20d08c36f2",
"sha256": "0x4c7amxwzxs39grqs3dnnz0531mpf1p75niq7zhinyfqm86i4dk"
+ },
+ "ungoogled-patches": {
+ "rev": "87.0.4280.88-1",
+ "sha256": "0w2137w8hfcgl6f938hqnb4ffp33v5r8vdzxrvs814w7dszkiqgg"
}
}
}
diff --git a/pkgs/applications/networking/instant-messengers/hipchat/default.nix b/pkgs/applications/networking/instant-messengers/hipchat/default.nix
index 7213332a549..63cbb69b187 100644
--- a/pkgs/applications/networking/instant-messengers/hipchat/default.nix
+++ b/pkgs/applications/networking/instant-messengers/hipchat/default.nix
@@ -43,7 +43,7 @@ in stdenv.mkDerivation {
inherit version;
src = fetchurl {
- url = "https://atlassian.artifactoryonline.com/atlassian/hipchat-apt-client/pool/HipChat4-${version}-Linux.deb";
+ url = "https://atlassian.artifactoryonline.com/artifactory/hipchat-apt-client/pool/HipChat4-${version}-Linux.deb";
sha256 = "03pz8wskafn848yvciq29kwdvqcgjrk6sjnm8nk9acl89xf0sn96";
};
diff --git a/pkgs/build-support/kernel/initrd-compressor-meta.nix b/pkgs/build-support/kernel/initrd-compressor-meta.nix
new file mode 100644
index 00000000000..443e599a239
--- /dev/null
+++ b/pkgs/build-support/kernel/initrd-compressor-meta.nix
@@ -0,0 +1,53 @@
+rec {
+ cat = {
+ executable = pkgs: "cat";
+ ubootName = "none";
+ extension = ".cpio";
+ };
+ gzip = {
+ executable = pkgs: "${pkgs.gzip}/bin/gzip";
+ defaultArgs = ["-9n"];
+ ubootName = "gzip";
+ extension = ".gz";
+ };
+ bzip2 = {
+ executable = pkgs: "${pkgs.bzip2}/bin/bzip2";
+ ubootName = "bzip2";
+ extension = ".bz2";
+ };
+ xz = {
+ executable = pkgs: "${pkgs.xz}/bin/xz";
+ defaultArgs = ["--check=crc32" "--lzma2=dict=512KiB"];
+ extension = ".xz";
+ };
+ lzma = {
+ executable = pkgs: "${pkgs.xz}/bin/lzma";
+ defaultArgs = ["--check=crc32" "--lzma1=dict=512KiB"];
+ ubootName = "lzma";
+ extension = ".lzma";
+ };
+ lz4 = {
+ executable = pkgs: "${pkgs.lz4}/bin/lz4";
+ defaultArgs = ["-l"];
+ ubootName = "lz4";
+ extension = ".lz4";
+ };
+ lzop = {
+ executable = pkgs: "${pkgs.lzop}/bin/lzop";
+ ubootName = "lzo";
+ extension = ".lzo";
+ };
+ zstd = {
+ executable = pkgs: "${pkgs.zstd}/bin/zstd";
+ defaultArgs = ["-10"];
+ ubootName = "zstd";
+ extension = ".zst";
+ };
+ pigz = gzip // {
+ executable = pkgs: "${pkgs.pigz}/bin/pigz";
+ };
+ pixz = xz // {
+ executable = pkgs: "${pkgs.pixz}/bin/pixz";
+ defaultArgs = [];
+ };
+}
diff --git a/pkgs/build-support/kernel/make-initrd.nix b/pkgs/build-support/kernel/make-initrd.nix
index ed5dbdaee17..901eb311a88 100644
--- a/pkgs/build-support/kernel/make-initrd.nix
+++ b/pkgs/build-support/kernel/make-initrd.nix
@@ -1,22 +1,74 @@
-# Create an initial ramdisk containing the closure of the specified
-# file system objects. An initial ramdisk is used during the initial
+# Create an initramfs containing the closure of the specified
+# file system objects. An initramfs is used during the initial
# stages of booting a Linux system. It is loaded by the boot loader
# along with the kernel image. It's supposed to contain everything
# (such as kernel modules) necessary to allow us to mount the root
# file system. Once the root file system is mounted, the `real' boot
# script can be called.
#
-# An initrd is really just a gzipped cpio archive.
-#
-# Symlinks are created for each top-level file system object. E.g.,
-# `contents = {object = ...; symlink = /init;}' is a typical
-# argument.
-
-{ stdenvNoCC, perl, cpio, contents, ubootTools
+# An initramfs is a cpio archive, and may be compressed with a number
+# of algorithms.
+let
+ # Some metadata on various compression programs, relevant to naming
+ # the initramfs file and, if applicable, generating a u-boot image
+ # from it.
+ compressors = import ./initrd-compressor-meta.nix;
+ # Get the basename of the actual compression program from the whole
+ # compression command, for the purpose of guessing the u-boot
+ # compression type and filename extension.
+ compressorName = fullCommand: builtins.elemAt (builtins.match "([^ ]*/)?([^ ]+).*" fullCommand) 1;
+in
+{ stdenvNoCC, perl, cpio, ubootTools, lib, pkgsBuildHost
+# Name of the derivation (not of the resulting file!)
, name ? "initrd"
-, compressor ? "gzip -9n"
+
+# Program used to compress the cpio archive; use "cat" for no compression.
+# This can also be a function which takes a package set and returns the path to the compressor,
+# such as `pkgs: "${pkgs.lzop}/bin/lzop"`.
+, compressor ? "gzip"
+, _compressorFunction ?
+ if lib.isFunction compressor then compressor
+ else if ! builtins.hasContext compressor && builtins.hasAttr compressor compressors then compressors.${compressor}.executable
+ else _: compressor
+, _compressorExecutable ? _compressorFunction pkgsBuildHost
+, _compressorName ? compressorName _compressorExecutable
+, _compressorMeta ? compressors.${_compressorName} or {}
+
+# List of arguments to pass to the compressor program, or null to use its defaults
+, compressorArgs ? null
+, _compressorArgsReal ? if compressorArgs == null then _compressorMeta.defaultArgs or [] else compressorArgs
+
+# Filename extension to use for the compressed initramfs. This is
+# included for clarity, but $out/initrd will always be a symlink to
+# the final image.
+# If this isn't guessed, you may want to complete the metadata above and send a PR :)
+, extension ? _compressorMeta.extension or
+ (throw "Unrecognised compressor ${_compressorName}, please specify filename extension")
+
+# List of { object = path_or_derivation; symlink = "/path"; }
+# The paths are copied into the initramfs in their nix store path
+# form, then linked at the root according to `symlink`.
+, contents
+
+# List of uncompressed cpio files to prepend to the initramfs. This
+# can be used to add files in specified paths without them becoming
+# symlinks to store paths.
, prepend ? []
-, lib
+
+# Whether to wrap the initramfs in a u-boot image.
+, makeUInitrd ? stdenvNoCC.hostPlatform.platform.kernelTarget == "uImage"
+
+# If generating a u-boot image, the architecture to use. The default
+# guess may not align with u-boot's nomenclature correctly, so it can
+# be overridden.
+# See https://gitlab.denx.de/u-boot/u-boot/-/blob/9bfb567e5f1bfe7de8eb41f8c6d00f49d2b9a426/common/image.c#L81-106 for a list.
+, uInitrdArch ? stdenvNoCC.hostPlatform.kernelArch
+
+# The name of the compression, as recognised by u-boot.
+# See https://gitlab.denx.de/u-boot/u-boot/-/blob/9bfb567e5f1bfe7de8eb41f8c6d00f49d2b9a426/common/image.c#L195-204 for a list.
+# If this isn't guessed, you may want to complete the metadata above and send a PR :)
+, uInitrdCompression ? _compressorMeta.ubootName or
+ (throw "Unrecognised compressor ${_compressorName}, please specify uInitrdCompression")
}:
let
# !!! Move this into a public lib function, it is probably useful for others
@@ -24,15 +76,26 @@ let
lib.concatStringsSep "-" (filter (x: !(isList x)) (split "[^a-zA-Z0-9_=.?-]+" x));
in stdenvNoCC.mkDerivation rec {
- inherit name;
+ inherit name makeUInitrd extension uInitrdArch prepend;
+
+ ${if makeUInitrd then "uinitrdCompression" else null} = uInitrdCompression;
builder = ./make-initrd.sh;
- makeUInitrd = stdenvNoCC.hostPlatform.platform.kernelTarget == "uImage";
-
nativeBuildInputs = [ perl cpio ]
++ stdenvNoCC.lib.optional makeUInitrd ubootTools;
+ compress = "${_compressorExecutable} ${lib.escapeShellArgs _compressorArgsReal}";
+
+ # Pass the function through, for reuse in append-initrd-secrets. The
+ # function is used instead of the string, in order to support
+ # cross-compilation (append-initrd-secrets running on a different
+ # architecture than what the main initramfs is built on).
+ passthru = {
+ compressorExecutableFunction = _compressorFunction;
+ compressorArgs = _compressorArgsReal;
+ };
+
# !!! should use XML.
objects = map (x: x.object) contents;
symlinks = map (x: x.symlink) contents;
@@ -47,6 +110,4 @@ in stdenvNoCC.mkDerivation rec {
contents
(lib.range 0 (lib.length contents - 1));
pathsFromGraph = ./paths-from-graph.pl;
-
- inherit compressor prepend;
}
diff --git a/pkgs/build-support/kernel/make-initrd.sh b/pkgs/build-support/kernel/make-initrd.sh
index 0aeaedeb372..c0619ef14ae 100644
--- a/pkgs/build-support/kernel/make-initrd.sh
+++ b/pkgs/build-support/kernel/make-initrd.sh
@@ -39,10 +39,13 @@ mkdir -p $out
for PREP in $prepend; do
cat $PREP >> $out/initrd
done
-(cd root && find * -print0 | xargs -0r touch -h -d '@1')
-(cd root && find * -print0 | sort -z | cpio -o -H newc -R +0:+0 --reproducible --null | $compressor >> $out/initrd)
+(cd root && find * .[^.*] -exec touch -h -d '@1' '{}' +)
+(cd root && find * .[^.*] -print0 | sort -z | cpio -o -H newc -R +0:+0 --reproducible --null | eval -- $compress >> "$out/initrd")
if [ -n "$makeUInitrd" ]; then
- mv $out/initrd $out/initrd.gz
- mkimage -A arm -O linux -T ramdisk -C gzip -d $out/initrd.gz $out/initrd
+ mkimage -A $uInitrdArch -O linux -T ramdisk -C "$uInitrdCompression" -d $out/initrd"$extension" $out/initrd.img
+ # Compatibility symlink
+ ln -s "initrd.img" "$out/initrd"
+else
+ ln -s "initrd" "$out/initrd$extension"
fi
diff --git a/pkgs/development/python-modules/boto3/default.nix b/pkgs/development/python-modules/boto3/default.nix
index 2814e6ffb64..bc147ef8ec2 100644
--- a/pkgs/development/python-modules/boto3/default.nix
+++ b/pkgs/development/python-modules/boto3/default.nix
@@ -13,11 +13,11 @@
buildPythonPackage rec {
pname = "boto3";
- version = "1.16.38"; # N.B: if you change this, change botocore too
+ version = "1.16.39"; # N.B: if you change this, change botocore too
src = fetchPypi {
inherit pname version;
- sha256 = "1xxvpf0q8xiz1cr5q1m4pdpzbhjriw3j6afi5dwvrrq9sh3x7pqx";
+ sha256 = "0j1qhfz2fi8hnfm5lhl6b3k0lh5r0vhr5bjm5aawf16l1wq18mm0";
};
propagatedBuildInputs = [ botocore jmespath s3transfer ] ++ lib.optionals (!isPy3k) [ futures ];
diff --git a/pkgs/development/python-modules/botocore/default.nix b/pkgs/development/python-modules/botocore/default.nix
index 1b953ab6fc4..8c295050ce9 100644
--- a/pkgs/development/python-modules/botocore/default.nix
+++ b/pkgs/development/python-modules/botocore/default.nix
@@ -12,11 +12,11 @@
buildPythonPackage rec {
pname = "botocore";
- version = "1.19.38"; # N.B: if you change this, change boto3 and awscli to a matching version
+ version = "1.19.39"; # N.B: if you change this, change boto3 and awscli to a matching version
src = fetchPypi {
inherit pname version;
- sha256 = "12ipyrm5180lf00q6v669mrfkpw6x4rhzd7fsp6qzz3g1hdwn7hz";
+ sha256 = "1h7skfzglnrz3ghfn8x8d74pfwwrklafd1y0nvbsnwm0k1h3il70";
};
propagatedBuildInputs = [
diff --git a/pkgs/development/python-modules/ciscomobilityexpress/default.nix b/pkgs/development/python-modules/ciscomobilityexpress/default.nix
new file mode 100644
index 00000000000..420a57c07d0
--- /dev/null
+++ b/pkgs/development/python-modules/ciscomobilityexpress/default.nix
@@ -0,0 +1,20 @@
+{ buildPythonPackage, fetchPypi, lib, requests }:
+
+buildPythonPackage rec {
+ pname = "ciscomobilityexpress";
+ version = "0.3.9";
+
+ src = fetchPypi {
+ inherit pname version;
+ sha256 = "0kj0i1963afxqw9apk0yxzj1f7kpi1949ggnkzkb8v90kxpgymma";
+ };
+
+ propagatedBuildInputs = [ requests ];
+
+ meta = {
+ description = "Module to interact with Cisco Mobility Express APIs to fetch connected devices";
+ homepage = "https://pypi.python.org/pypi/${pname}/";
+ license = lib.licenses.mit;
+ maintainers = with lib.maintainers; [ uvnikita ];
+ };
+}
diff --git a/pkgs/development/python-modules/yq/default.nix b/pkgs/development/python-modules/yq/default.nix
index b3e651fd2b0..9f54dba8b90 100644
--- a/pkgs/development/python-modules/yq/default.nix
+++ b/pkgs/development/python-modules/yq/default.nix
@@ -1,4 +1,5 @@
{ lib
+, nixosTests
, buildPythonPackage
, fetchPypi
, pkgs
@@ -46,6 +47,8 @@ buildPythonPackage rec {
pythonImportsCheck = [ "yq" ];
+ passthru.tests = { inherit (nixosTests) yq; };
+
meta = with lib; {
description = "Command-line YAML processor - jq wrapper for YAML documents";
homepage = "https://github.com/kislyuk/yq";
diff --git a/pkgs/servers/home-assistant/component-packages.nix b/pkgs/servers/home-assistant/component-packages.nix
index 2ac4d3beccd..446ecf172be 100644
--- a/pkgs/servers/home-assistant/component-packages.nix
+++ b/pkgs/servers/home-assistant/component-packages.nix
@@ -113,7 +113,7 @@
"channels" = ps: with ps; [ ]; # missing inputs: pychannels
"circuit" = ps: with ps; [ ]; # missing inputs: circuit-webhook
"cisco_ios" = ps: with ps; [ pexpect ];
- "cisco_mobility_express" = ps: with ps; [ ]; # missing inputs: ciscomobilityexpress
+ "cisco_mobility_express" = ps: with ps; [ ciscomobilityexpress ];
"cisco_webex_teams" = ps: with ps; [ ]; # missing inputs: webexteamssdk
"citybikes" = ps: with ps; [ ];
"clementine" = ps: with ps; [ ]; # missing inputs: python-clementine-remote
diff --git a/pkgs/servers/http/nginx/generic.nix b/pkgs/servers/http/nginx/generic.nix
index 6ec5b0a7851..2b2af8966e9 100644
--- a/pkgs/servers/http/nginx/generic.nix
+++ b/pkgs/servers/http/nginx/generic.nix
@@ -149,6 +149,6 @@ stdenv.mkDerivation {
homepage = "http://nginx.org";
license = licenses.bsd2;
platforms = platforms.all;
- maintainers = with maintainers; [ thoughtpolice raskin fpletz globin ];
+ maintainers = with maintainers; [ thoughtpolice raskin fpletz globin ajs124 ];
};
}
diff --git a/pkgs/servers/http/nginx/mainline.nix b/pkgs/servers/http/nginx/mainline.nix
index edb87258d6b..cadc1064ac0 100644
--- a/pkgs/servers/http/nginx/mainline.nix
+++ b/pkgs/servers/http/nginx/mainline.nix
@@ -1,6 +1,6 @@
{ callPackage, ... }@args:
callPackage ./generic.nix args {
- version = "1.19.5";
- sha256 = "173rv8gacd9bakb0r9jmkr4pqgjw9mzpdh3f7x2d8ln4ssplc2jw";
+ version = "1.19.6";
+ sha256 = "1d9kzks8x1226prjbpdin4dz93fjnv304zlqybfqachx5fh9a4di";
}
diff --git a/pkgs/tools/admin/awscli/default.nix b/pkgs/tools/admin/awscli/default.nix
index 9e0a165b051..edac64308c1 100644
--- a/pkgs/tools/admin/awscli/default.nix
+++ b/pkgs/tools/admin/awscli/default.nix
@@ -28,11 +28,11 @@ let
in with py.pkgs; buildPythonApplication rec {
pname = "awscli";
- version = "1.18.198"; # N.B: if you change this, change botocore to a matching version too
+ version = "1.18.199"; # N.B: if you change this, change botocore to a matching version too
src = fetchPypi {
inherit pname version;
- sha256 = "0zcjx2gh9s1mak9cc9bmydg0f68id4rwhhpcaqqkcd3p37swyr2b";
+ sha256 = "09ncnglxy3ph0i4zh93cxgwsxy3hgsy6pvnln1845p2nwvjsw434";
};
postPatch = ''
diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix
index 6976bb7a44e..6348d21716d 100644
--- a/pkgs/top-level/python-packages.nix
+++ b/pkgs/top-level/python-packages.nix
@@ -1175,6 +1175,8 @@ in {
cirq = callPackage ../development/python-modules/cirq { };
+ ciscomobilityexpress = callPackage ../development/python-modules/ciscomobilityexpress { };
+
ciso8601 = callPackage ../development/python-modules/ciso8601 { };
citeproc-py = callPackage ../development/python-modules/citeproc-py { };