diff --git a/nixos/modules/services/web-apps/nextcloud.nix b/nixos/modules/services/web-apps/nextcloud.nix index 4b9b0806bac..4bfa564a67f 100644 --- a/nixos/modules/services/web-apps/nextcloud.nix +++ b/nixos/modules/services/web-apps/nextcloud.nix @@ -6,7 +6,7 @@ let cfg = config.services.nextcloud; fpm = config.services.phpfpm.pools.nextcloud; - phpPackage = pkgs.php74.buildEnv { + phpPackage = cfg.phpPackage.buildEnv { extensions = { enabled, all }: (with all; enabled @@ -94,6 +94,14 @@ in { description = "Which package to use for the Nextcloud instance."; relatedPackages = [ "nextcloud19" "nextcloud20" "nextcloud21" "nextcloud22" ]; }; + phpPackage = mkOption { + type = types.package; + relatedPackages = [ "php74" "php80" ]; + defaultText = "pkgs.php"; + description = '' + PHP package to use for Nextcloud. + ''; + }; maxUploadSize = mkOption { default = "512M"; @@ -399,13 +407,40 @@ in { The package can be upgraded by explicitly declaring the service-option `services.nextcloud.package`. ''; + + # FIXME(@Ma27) remove as soon as nextcloud properly supports + # mariadb >=10.6. + isUnsupportedMariadb = + # All currently supported Nextcloud versions are affected. + (versionOlder cfg.package.version "23") + # This module uses mysql + && (cfg.config.dbtype == "mysql") + # MySQL is managed via NixOS + && config.services.mysql.enable + # We're using MariaDB + && (getName config.services.mysql.package) == "mariadb-server" + # MariaDB is at least 10.6 and thus not supported + && (versionAtLeast (getVersion config.services.mysql.package) "10.6"); + in (optional (cfg.poolConfig != null) '' Using config.services.nextcloud.poolConfig is deprecated and will become unsupported in a future release. Please migrate your configuration to config.services.nextcloud.poolSettings. '') ++ (optional (versionOlder cfg.package.version "19") (upgradeWarning 18 "20.09")) ++ (optional (versionOlder cfg.package.version "20") (upgradeWarning 19 "21.05")) - ++ (optional (versionOlder cfg.package.version "21") (upgradeWarning 20 "21.05")); + ++ (optional (versionOlder cfg.package.version "21") (upgradeWarning 20 "21.05")) + ++ (optional (versionOlder cfg.package.version "22") (upgradeWarning 21 "21.11")) + ++ (optional isUnsupportedMariadb '' + You seem to be using MariaDB at an unsupported version (i.e. at least 10.6)! + Please note that this isn't supported officially by Nextcloud. You can either + + * Switch to `pkgs.mysql` + * Downgrade MariaDB to at least 10.5 + * Work around Nextcloud's problems by specifying `innodb_read_only_compressed=0` + + For further context, please read + https://help.nextcloud.com/t/update-to-next-cloud-21-0-2-has-get-an-error/117028/15 + ''); services.nextcloud.package = with pkgs; mkDefault ( @@ -423,6 +458,10 @@ in { else if versionOlder stateVersion "21.03" then nextcloud19 else nextcloud21 ); + + services.nextcloud.phpPackage = + if versionOlder cfg.package.version "21" then pkgs.php74 + else pkgs.php80; } { systemd.timers.nextcloud-cron = { diff --git a/nixos/tests/nextcloud/basic.nix b/nixos/tests/nextcloud/basic.nix index c4ce34748ac..40ee9d5184c 100644 --- a/nixos/tests/nextcloud/basic.nix +++ b/nixos/tests/nextcloud/basic.nix @@ -1,4 +1,6 @@ -import ../make-test-python.nix ({ pkgs, ...}: let +args@{ pkgs, nextcloudVersion ? 22, ... }: + +(import ../make-test-python.nix ({ pkgs, ...}: let adminpass = "notproduction"; adminuser = "root"; in { @@ -39,6 +41,7 @@ in { inherit adminpass; dbtableprefix = "nixos_"; }; + package = pkgs.${"nextcloud" + (toString nextcloudVersion)}; autoUpdateApps = { enable = true; startAt = "20:00"; @@ -100,4 +103,4 @@ in { ) assert "hi" in client.succeed("cat /mnt/dav/test-shared-file") ''; -}) +})) args diff --git a/nixos/tests/nextcloud/default.nix b/nixos/tests/nextcloud/default.nix index e4c7a70606c..65043e509b3 100644 --- a/nixos/tests/nextcloud/default.nix +++ b/nixos/tests/nextcloud/default.nix @@ -2,8 +2,20 @@ config ? {}, pkgs ? import ../../.. { inherit system config; } }: -{ - basic = import ./basic.nix { inherit system pkgs; }; - with-postgresql-and-redis = import ./with-postgresql-and-redis.nix { inherit system pkgs; }; - with-mysql-and-memcached = import ./with-mysql-and-memcached.nix { inherit system pkgs; }; -} + +with pkgs.lib; + +foldl + (matrix: ver: matrix // { + "basic${toString ver}" = import ./basic.nix { inherit system pkgs; nextcloudVersion = ver; }; + "with-postgresql-and-redis${toString ver}" = import ./with-postgresql-and-redis.nix { + inherit system pkgs; + nextcloudVersion = ver; + }; + "with-mysql-and-memcached${toString ver}" = import ./with-mysql-and-memcached.nix { + inherit system pkgs; + nextcloudVersion = ver; + }; + }) + {} + [ 20 21 22 ] diff --git a/nixos/tests/nextcloud/with-mysql-and-memcached.nix b/nixos/tests/nextcloud/with-mysql-and-memcached.nix index 82041874de4..c0df773eaaa 100644 --- a/nixos/tests/nextcloud/with-mysql-and-memcached.nix +++ b/nixos/tests/nextcloud/with-mysql-and-memcached.nix @@ -1,4 +1,6 @@ -import ../make-test-python.nix ({ pkgs, ...}: let +args@{ pkgs, nextcloudVersion ? 22, ... }: + +(import ../make-test-python.nix ({ pkgs, ...}: let adminpass = "hunter2"; adminuser = "root"; in { @@ -18,6 +20,7 @@ in { enable = true; hostName = "nextcloud"; https = true; + package = pkgs.${"nextcloud" + (toString nextcloudVersion)}; caching = { apcu = true; redis = false; @@ -39,6 +42,13 @@ in { enable = true; bind = "127.0.0.1"; package = pkgs.mariadb; + + # FIXME(@Ma27) Nextcloud isn't compatible with mariadb 10.6, + # this is a workaround. + # See https://help.nextcloud.com/t/update-to-next-cloud-21-0-2-has-get-an-error/117028/22 + extraOptions = '' + innodb_read_only_compressed=0 + ''; initialScript = pkgs.writeText "mysql-init" '' CREATE USER 'nextcloud'@'localhost' IDENTIFIED BY 'hunter2'; CREATE DATABASE IF NOT EXISTS nextcloud; @@ -96,4 +106,4 @@ in { "${withRcloneEnv} ${diffSharedFile}" ) ''; -}) +})) args diff --git a/nixos/tests/nextcloud/with-postgresql-and-redis.nix b/nixos/tests/nextcloud/with-postgresql-and-redis.nix index 81af620598e..36a69fda505 100644 --- a/nixos/tests/nextcloud/with-postgresql-and-redis.nix +++ b/nixos/tests/nextcloud/with-postgresql-and-redis.nix @@ -1,4 +1,6 @@ -import ../make-test-python.nix ({ pkgs, ...}: let +args@{ pkgs, nextcloudVersion ? 22, ... }: + +(import ../make-test-python.nix ({ pkgs, ...}: let adminpass = "hunter2"; adminuser = "custom-admin-username"; in { @@ -17,6 +19,7 @@ in { services.nextcloud = { enable = true; hostName = "nextcloud"; + package = pkgs.${"nextcloud" + (toString nextcloudVersion)}; caching = { apcu = false; redis = true; @@ -96,4 +99,4 @@ in { "${withRcloneEnv} ${diffSharedFile}" ) ''; -}) +})) args diff --git a/pkgs/applications/terminal-emulators/rxvt-unicode/default.nix b/pkgs/applications/terminal-emulators/rxvt-unicode/default.nix index 02f1b100f49..2c130bf02d3 100644 --- a/pkgs/applications/terminal-emulators/rxvt-unicode/default.nix +++ b/pkgs/applications/terminal-emulators/rxvt-unicode/default.nix @@ -49,7 +49,7 @@ stdenv.mkDerivation { configureFlags = [ - "--with-terminfo=$terminfo/share/terminfo" + "--with-terminfo=${placeholder "terminfo"}/share/terminfo" "--enable-256-color" (enableFeature perlSupport "perl") (enableFeature unicode3Support "unicode3") diff --git a/pkgs/development/libraries/libaom/default.nix b/pkgs/development/libraries/libaom/default.nix index 83f5de4d013..180c78e5ab2 100644 --- a/pkgs/development/libraries/libaom/default.nix +++ b/pkgs/development/libraries/libaom/default.nix @@ -35,6 +35,10 @@ stdenv.mkDerivation rec { ] ++ lib.optionals (stdenv.isDarwin && stdenv.isAarch64) [ # CPU detection isn't supported on Darwin and breaks the aarch64-darwin build: "-DCONFIG_RUNTIME_CPU_DETECT=0" + ] ++ lib.optionals stdenv.isAarch32 [ + # armv7l-hf-multiplatform does not support NEON + # see lib/systems/platform.nix + "-DENABLE_NEON=0" ]; postFixup = '' diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index 9b9ffbe3052..983a7df80dd 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -1,32 +1,32 @@ { "4.14": { "extra": "-hardened1", - "name": "linux-hardened-4.14.247-hardened1.patch", - "sha256": "0k3ii26ry0cszxs5n4ljll61p1kdi3dn5cvzjr8zb78bfrk7lbra", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.247-hardened1/linux-hardened-4.14.247-hardened1.patch" + "name": "linux-hardened-4.14.248-hardened1.patch", + "sha256": "1lwqlpd21f8rwqfyz61083w0lg2bjzdjf7rzrqxsw1jz0l879035", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.248-hardened1/linux-hardened-4.14.248-hardened1.patch" }, "4.19": { "extra": "-hardened1", - "name": "linux-hardened-4.19.207-hardened1.patch", - "sha256": "1yn6c8axvnmck1ignw4k3pi458x0m2qm7g5vjwf2rw8cnzskrs48", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.207-hardened1/linux-hardened-4.19.207-hardened1.patch" + "name": "linux-hardened-4.19.208-hardened1.patch", + "sha256": "0bg45n1kgd628gwjkp1vxslxyci6589ygy9mmmhpl7kj3y7370ck", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.208-hardened1/linux-hardened-4.19.208-hardened1.patch" }, "5.10": { "extra": "-hardened1", - "name": "linux-hardened-5.10.68-hardened1.patch", - "sha256": "11cn72lzgc6vcbx4xbdvfxrfwy3hfn7sqjxf5laqw9jdhacnlhvn", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.68-hardened1/linux-hardened-5.10.68-hardened1.patch" + "name": "linux-hardened-5.10.69-hardened1.patch", + "sha256": "11frhnprvxnqxm8yn1kay2jv2i473i9glnvsjnqz6kj8f0q2gl4v", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.69-hardened1/linux-hardened-5.10.69-hardened1.patch" }, "5.14": { "extra": "-hardened1", - "name": "linux-hardened-5.14.7-hardened1.patch", - "sha256": "18i0qxhzga2vg0kal5ifsks0vra6gj21q6whcjry9sglxandn2vg", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.14.7-hardened1/linux-hardened-5.14.7-hardened1.patch" + "name": "linux-hardened-5.14.8-hardened1.patch", + "sha256": "1kg02ixyd2dbk97iz28g26k1nnxi96s0bcyr90wc7diylhf7kz4a", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.14.8-hardened1/linux-hardened-5.14.8-hardened1.patch" }, "5.4": { "extra": "-hardened1", - "name": "linux-hardened-5.4.148-hardened1.patch", - "sha256": "0kb2d9csm8bbjark2ii0n1jpfcr6avdr8r5g97awzbg9jxkfs0j4", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.148-hardened1/linux-hardened-5.4.148-hardened1.patch" + "name": "linux-hardened-5.4.149-hardened1.patch", + "sha256": "1v21dz66ngsdsdcld23rgmidz955x74al5nsxnvwasc5gh18ahh9", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.149-hardened1/linux-hardened-5.4.149-hardened1.patch" } } diff --git a/pkgs/servers/nextcloud/default.nix b/pkgs/servers/nextcloud/default.nix index 385483ead8d..39c3afce3fe 100644 --- a/pkgs/servers/nextcloud/default.nix +++ b/pkgs/servers/nextcloud/default.nix @@ -55,18 +55,18 @@ in { }; nextcloud20 = generic { - version = "20.0.12"; - sha256 = "sha256-gIIPuWVcWv/5nuXMWticcPBKMjJVsCmvs83tj8fdbgY="; + version = "20.0.13"; + sha256 = "15mi51aayi3m8brxc0w51mbxp4h3hjv14gr5mm7ch2930x655gg9"; }; nextcloud21 = generic { - version = "21.0.4"; - sha256 = "sha256-Sg0w/r+6UxGLqZCgwtLBZ2e3eqZ2r8k30gGNaGXF/jo="; + version = "21.0.5"; + sha256 = "1q46h480kn97k7h3xm7r5gsa8l3f0kfiicapi46sh0p39pbjbyhv"; }; nextcloud22 = generic { - version = "22.1.1"; - sha256 = "sha256-5VtuuXf7U5CB4zp9jxluOEMOszfMdr8DeaZjpJf73ls="; + version = "22.2.0"; + sha256 = "07ryvynws65k42n6ca20nni1vqr90fsrd2dpx2bvh09mwhyblg97"; }; # tip: get she sha with: # curl 'https://download.nextcloud.com/server/releases/nextcloud-${version}.tar.bz2.sha256'