Merge staging-next into master
This commit is contained in:
commit
9bd6c5d817
|
@ -137,6 +137,40 @@
|
|||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
The option <option>systemd.network.networks.<name>.routes.*.routeConfig.GatewayOnlink</option>
|
||||
was renamed to <option>systemd.network.networks.<name>.routes.*.routeConfig.GatewayOnLink</option>
|
||||
(capital <literal>L</literal>). This follows
|
||||
<link xlink:href="https://github.com/systemd/systemd/commit/9cb8c5593443d24c19e40bfd4fc06d672f8c554c">
|
||||
upstreams renaming
|
||||
</link> of the setting.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
As of this release the NixOps feature <literal>autoLuks</literal> is deprecated. It no longer works
|
||||
with our systemd version without manual intervention.
|
||||
</para>
|
||||
<para>
|
||||
Whenever the usage of the module is detected the evaluation will fail with a message
|
||||
explaining why and how to deal with the situation.
|
||||
</para>
|
||||
<para>
|
||||
A new knob named <literal>nixops.enableDeprecatedAutoLuks</literal>
|
||||
has been introduced to disable the eval failure and to acknowledge the notice was received and read.
|
||||
If you plan on using the feature please note that it might break with subsequent updates.
|
||||
</para>
|
||||
<para>
|
||||
Make sure you set the <literal>_netdev</literal> option for each of the file systems referring to block
|
||||
devices provided by the autoLuks module. Not doing this might render the system in a
|
||||
state where it doesn't boot anymore.
|
||||
</para>
|
||||
<para>
|
||||
If you are actively using the <literal>autoLuks</literal> module please let us know in
|
||||
<link xlink:href="https://github.com/NixOS/nixpkgs/issues/62211">issue #62211</link>.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
The setopt declarations will be evaluated at the end of <literal>/etc/zshrc</literal>, so any code in <xref linkend="opt-programs.zsh.interactiveShellInit" />,
|
||||
<xref linkend="opt-programs.zsh.loginShellInit" /> and <xref linkend="opt-programs.zsh.promptInit" /> may break if it relies on those options being set.
|
||||
|
@ -211,6 +245,20 @@
|
|||
RuntimeDirectory and tmpfiles.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
With the upgrade to systemd version 242 the <literal>systemd-timesyncd</literal>
|
||||
service is no longer using <literal>DynamicUser=yes</literal>. In order for the
|
||||
upgrade to work we rely on an activation script to move the state from the old
|
||||
to the new directory. The older directory (prior <literal>19.09</literal>) was
|
||||
<literal>/var/lib/private/systemd/timesync</literal>.
|
||||
</para>
|
||||
<para>
|
||||
As long as the <literal>system.config.stateVersion</literal> is below
|
||||
<literal>19.09</literal> the state folder will migrated to its proper location
|
||||
(<literal>/var/lib/systemd/timesync</literal>), if required.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
Since version 0.1.19, <literal>cargo-vendor</literal> honors package
|
||||
|
@ -221,7 +269,6 @@
|
|||
vendored files for most Rust packages, the hash that use used to verify
|
||||
the dependencies, <literal>cargoSha256</literal>, also changes.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
The <literal>cargoSha256</literal> hashes of all in-tree derivations that
|
||||
use <literal>buildRustPackage</literal> have been updated to reflect this
|
||||
|
|
|
@ -0,0 +1,44 @@
|
|||
{ config, options, lib, ... }:
|
||||
let
|
||||
path = [ "deployment" "autoLuks" ];
|
||||
hasAutoLuksOption = lib.hasAttrByPath path options;
|
||||
hasAutoLuksConfig = lib.hasAttrByPath path config && (lib.attrByPath path {} config) != {};
|
||||
|
||||
inherit (config.nixops) enableDeprecatedAutoLuks;
|
||||
in {
|
||||
options.nixops.enableDeprecatedAutoLuks = lib.mkEnableOption "Enable the deprecated NixOps AutoLuks module";
|
||||
|
||||
config = {
|
||||
assertions = [
|
||||
{
|
||||
assertion = if hasAutoLuksConfig then hasAutoLuksConfig && enableDeprecatedAutoLuks else true;
|
||||
message = ''
|
||||
⚠️ !!! WARNING !!! ⚠️
|
||||
|
||||
NixOps autoLuks is deprecated. The feature was never widely used and the maintenance did outgrow the benefit.
|
||||
If you still want to use the module:
|
||||
a) Please raise your voice in the issue tracking usage of the module:
|
||||
https://github.com/NixOS/nixpkgs/issues/62211
|
||||
b) make sure you set the `_netdev` option for each of the file
|
||||
systems referring to block devices provided by the autoLuks module.
|
||||
|
||||
⚠️ If you do not set the option your system will not boot anymore! ⚠️
|
||||
|
||||
{
|
||||
fileSystems."/secret" = { options = [ "_netdev" ]; };
|
||||
}
|
||||
|
||||
b) set the option >nixops.enableDeprecatedAutoLuks = true< to remove this error.
|
||||
|
||||
|
||||
For more details read through the following resources:
|
||||
- https://github.com/NixOS/nixops/pull/1156
|
||||
- https://github.com/NixOS/nixpkgs/issues/47550
|
||||
- https://github.com/NixOS/nixpkgs/issues/62211
|
||||
- https://github.com/NixOS/nixpkgs/pull/61321
|
||||
'';
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
}
|
|
@ -95,6 +95,7 @@ in
|
|||
PRETTY_NAME="NixOS ${cfg.version} (${cfg.codeName})"
|
||||
LOGO="nix-snowflake"
|
||||
HOME_URL="https://nixos.org/"
|
||||
DOCUMENTATION_URL="https://nixos.org/nixos/manual/index.html"
|
||||
SUPPORT_URL="https://nixos.org/nixos/support.html"
|
||||
BUG_REPORT_URL="https://github.com/NixOS/nixpkgs/issues"
|
||||
'';
|
||||
|
|
|
@ -84,6 +84,7 @@
|
|||
./misc/nixpkgs.nix
|
||||
./misc/passthru.nix
|
||||
./misc/version.nix
|
||||
./misc/nixops-autoluks.nix
|
||||
./programs/adb.nix
|
||||
./programs/atop.nix
|
||||
./programs/autojump.nix
|
||||
|
|
|
@ -1,13 +0,0 @@
|
|||
# Copied from systemd 203.
|
||||
ACTION=="remove", GOTO="net_name_slot_end"
|
||||
SUBSYSTEM!="net", GOTO="net_name_slot_end"
|
||||
NAME!="", GOTO="net_name_slot_end"
|
||||
|
||||
IMPORT{cmdline}="net.ifnames"
|
||||
ENV{net.ifnames}=="0", GOTO="net_name_slot_end"
|
||||
|
||||
NAME=="", ENV{ID_NET_NAME_ONBOARD}!="", NAME="$env{ID_NET_NAME_ONBOARD}"
|
||||
NAME=="", ENV{ID_NET_NAME_SLOT}!="", NAME="$env{ID_NET_NAME_SLOT}"
|
||||
NAME=="", ENV{ID_NET_NAME_PATH}!="", NAME="$env{ID_NET_NAME_PATH}"
|
||||
|
||||
LABEL="net_name_slot_end"
|
|
@ -116,10 +116,6 @@ let
|
|||
exit 1
|
||||
fi
|
||||
|
||||
${optionalString config.networking.usePredictableInterfaceNames ''
|
||||
cp ${./80-net-setup-link.rules} $out/80-net-setup-link.rules
|
||||
''}
|
||||
|
||||
# If auto-configuration is disabled, then remove
|
||||
# udev's 80-drivers.rules file, which contains rules for
|
||||
# automatically calling modprobe.
|
||||
|
@ -282,6 +278,8 @@ in
|
|||
|
||||
services.udev.path = [ pkgs.coreutils pkgs.gnused pkgs.gnugrep pkgs.utillinux udev ];
|
||||
|
||||
boot.kernelParams = mkIf (!config.networking.usePredictableInterfaceNames) [ "net.ifnames=0" ];
|
||||
|
||||
environment.etc =
|
||||
[ { source = udevRules;
|
||||
target = "udev/rules.d";
|
||||
|
|
|
@ -203,7 +203,7 @@ let
|
|||
|
||||
checkRoute = checkUnitConfig "Route" [
|
||||
(assertOnlyFields [
|
||||
"Gateway" "GatewayOnlink" "Destination" "Source" "Metric"
|
||||
"Gateway" "GatewayOnLink" "Destination" "Source" "Metric"
|
||||
"IPv6Preference" "Scope" "PreferredSource" "Table" "Protocol" "Type"
|
||||
"InitialCongestionWindow" "InitialAdvertisedReceiveWindow" "QuickAck"
|
||||
"MTUBytes"
|
||||
|
|
|
@ -943,7 +943,6 @@ in
|
|||
# Don't bother with certain units in containers.
|
||||
systemd.services.systemd-remount-fs.unitConfig.ConditionVirtualization = "!container";
|
||||
systemd.services.systemd-random-seed.unitConfig.ConditionVirtualization = "!container";
|
||||
|
||||
};
|
||||
|
||||
# FIXME: Remove these eventually.
|
||||
|
@ -952,5 +951,4 @@ in
|
|||
(mkRenamedOptionModule [ "boot" "systemd" "targets" ] [ "systemd" "targets" ])
|
||||
(mkRenamedOptionModule [ "boot" "systemd" "services" ] [ "systemd" "services" ])
|
||||
];
|
||||
|
||||
}
|
||||
|
|
|
@ -40,6 +40,15 @@ with lib;
|
|||
users.users.systemd-timesync.uid = config.ids.uids.systemd-timesync;
|
||||
users.groups.systemd-timesync.gid = config.ids.gids.systemd-timesync;
|
||||
|
||||
system.activationScripts.systemd-timesyncd-migration = mkIf (versionOlder config.system.stateVersion "19.09") ''
|
||||
# workaround an issue of systemd-timesyncd not starting due to upstream systemd reverting their dynamic users changes
|
||||
# - https://github.com/NixOS/nixpkgs/pull/61321#issuecomment-492423742
|
||||
# - https://github.com/systemd/systemd/issues/12131
|
||||
if [ -L /var/lib/systemd/timesync ]; then
|
||||
rm /var/lib/systemd/timesync
|
||||
mv /var/lib/private/systemd/timesync /var/lib/systemd/timesync
|
||||
fi
|
||||
'';
|
||||
};
|
||||
|
||||
}
|
||||
|
|
|
@ -12,7 +12,7 @@ let
|
|||
i.ipv4.addresses
|
||||
++ optionals cfg.enableIPv6 i.ipv6.addresses;
|
||||
|
||||
dhcpStr = useDHCP: if useDHCP == true || useDHCP == null then "both" else "none";
|
||||
dhcpStr = useDHCP: if useDHCP == true || useDHCP == null then "both" else "no";
|
||||
|
||||
slaves =
|
||||
concatLists (map (bond: bond.interfaces) (attrValues cfg.bonds))
|
||||
|
@ -59,7 +59,14 @@ in
|
|||
in {
|
||||
DHCP = override (dhcpStr cfg.useDHCP);
|
||||
} // optionalAttrs (gateway != [ ]) {
|
||||
gateway = override gateway;
|
||||
routes = override [
|
||||
{
|
||||
routeConfig = {
|
||||
Gateway = gateway;
|
||||
GatewayOnLink = false;
|
||||
};
|
||||
}
|
||||
];
|
||||
} // optionalAttrs (domains != [ ]) {
|
||||
domains = override domains;
|
||||
};
|
||||
|
|
|
@ -129,9 +129,6 @@ with import ../../lib/qemu-flags.nix { inherit pkgs; };
|
|||
users.users.root.initialHashedPassword = mkOverride 150 "";
|
||||
|
||||
services.xserver.displayManager.job.logToJournal = true;
|
||||
|
||||
# set default stateVersion to avoid warnings during eval
|
||||
system.stateVersion = mkDefault "18.03";
|
||||
};
|
||||
|
||||
}
|
||||
|
|
|
@ -240,6 +240,7 @@ in
|
|||
syncthing-relay = handleTest ./syncthing-relay.nix {};
|
||||
systemd = handleTest ./systemd.nix {};
|
||||
systemd-confinement = handleTest ./systemd-confinement.nix {};
|
||||
systemd-timesyncd = handleTest ./systemd-timesyncd.nix {};
|
||||
pdns-recursor = handleTest ./pdns-recursor.nix {};
|
||||
taskserver = handleTest ./taskserver.nix {};
|
||||
telegraf = handleTest ./telegraf.nix {};
|
||||
|
|
|
@ -35,7 +35,17 @@ import ./make-test.nix ({ pkgs, ...} : {
|
|||
];
|
||||
};
|
||||
|
||||
testScript =
|
||||
testScript = let
|
||||
tmpfilesContainerConfig = pkgs.writeText "container-config-tmpfiles" ''
|
||||
{
|
||||
systemd.tmpfiles.rules = [ "d /foo - - - - -" ];
|
||||
systemd.services.foo = {
|
||||
serviceConfig.Type = "oneshot";
|
||||
script = "ls -al /foo";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
};
|
||||
}
|
||||
''; in
|
||||
''
|
||||
# Make sure we have a NixOS tree (required by ‘nixos-container create’).
|
||||
$machine->succeed("PAGER=cat nix-env -qa -A nixos.hello >&2");
|
||||
|
@ -93,6 +103,15 @@ import ./make-test.nix ({ pkgs, ...} : {
|
|||
$machine->succeed("nixos-container stop $id1");
|
||||
$machine->succeed("nixos-container start $id1");
|
||||
|
||||
# Ensure tmpfiles are present
|
||||
$machine->log("creating container tmpfiles");
|
||||
$machine->succeed("nixos-container create tmpfiles --config-file ${tmpfilesContainerConfig}");
|
||||
$machine->log("created, starting…");
|
||||
$machine->succeed("nixos-container start tmpfiles");
|
||||
$machine->log("done starting, investigating…");
|
||||
$machine->succeed("echo \$(nixos-container run tmpfiles -- systemctl is-active foo.service) | grep -q active;");
|
||||
$machine->succeed("nixos-container destroy tmpfiles");
|
||||
|
||||
# Execute commands via the root shell.
|
||||
$machine->succeed("nixos-container run $id1 -- uname") =~ /Linux/ or die;
|
||||
|
||||
|
|
|
@ -85,7 +85,7 @@ in
|
|||
$radicale->succeed('mv /tmp/collections-new/collection-root /tmp/collections');
|
||||
$radicale->succeed('${switchToConfig "radicale2_verify"} >&2');
|
||||
$radicale->waitUntilFails('systemctl status radicale');
|
||||
my ($retcode, $logs) = $radicale->execute('journalctl -u radicale -n 5');
|
||||
my ($retcode, $logs) = $radicale->execute('journalctl -u radicale -n 10');
|
||||
if ($retcode != 0 || index($logs, 'Verifying storage') == -1) {
|
||||
die "Radicale 2 didn't verify storage"
|
||||
}
|
||||
|
|
|
@ -0,0 +1,52 @@
|
|||
# Regression test for systemd-timesync having moved the state directory without
|
||||
# upstream providing a migration path. https://github.com/systemd/systemd/issues/12131
|
||||
|
||||
import ./make-test.nix (let
|
||||
common = { lib, ... }: {
|
||||
# override the `false` value from the qemu-vm base profile
|
||||
services.timesyncd.enable = lib.mkForce true;
|
||||
};
|
||||
mkVM = conf: { imports = [ conf common ]; };
|
||||
in {
|
||||
name = "systemd-timesyncd";
|
||||
nodes = {
|
||||
current = mkVM {};
|
||||
pre1909 = mkVM ({lib, ... }: with lib; {
|
||||
# create the path that should be migrated by our activation script when
|
||||
# upgrading to a newer nixos version
|
||||
system.stateVersion = "19.03";
|
||||
system.activationScripts.simulate-old-timesync-state-dir = mkBefore ''
|
||||
rm -f /var/lib/systemd/timesync
|
||||
mkdir -p /var/lib/systemd /var/lib/private/systemd/timesync
|
||||
ln -s /var/lib/private/systemd/timesync /var/lib/systemd/timesync
|
||||
chown systemd-timesync: /var/lib/private/systemd/timesync
|
||||
'';
|
||||
});
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
startAll;
|
||||
$current->succeed('systemctl status systemd-timesyncd.service');
|
||||
# on a new install with a recent systemd there should not be any
|
||||
# leftovers from the dynamic user mess
|
||||
$current->succeed('test -e /var/lib/systemd/timesync');
|
||||
$current->succeed('test ! -L /var/lib/systemd/timesync');
|
||||
|
||||
# timesyncd should be running on the upgrading system since we fixed the
|
||||
# file bits in the activation script
|
||||
$pre1909->succeed('systemctl status systemd-timesyncd.service');
|
||||
|
||||
# the path should be gone after the migration
|
||||
$pre1909->succeed('test ! -e /var/lib/private/systemd/timesync');
|
||||
|
||||
# and the new path should no longer be a symlink
|
||||
$pre1909->succeed('test -e /var/lib/systemd/timesync');
|
||||
$pre1909->succeed('test ! -L /var/lib/systemd/timesync');
|
||||
|
||||
# after a restart things should still work and not fail in the activation
|
||||
# scripts and cause the boot to fail..
|
||||
$pre1909->shutdown;
|
||||
$pre1909->start;
|
||||
$pre1909->succeed('systemctl status systemd-timesyncd.service');
|
||||
'';
|
||||
})
|
|
@ -4,11 +4,14 @@
|
|||
# /usr/bin/env gets special treatment so that ".../bin/env python" is
|
||||
# rewritten to /nix/store/<hash>/bin/python. Interpreters that are
|
||||
# already in the store are left untouched.
|
||||
# A script file must be marked as executable, otherwise it will not be
|
||||
# considered.
|
||||
|
||||
fixupOutputHooks+=(patchShebangsAuto)
|
||||
|
||||
# Run patch shebangs on a directory.
|
||||
# patchShebangs [--build | --host] directory
|
||||
# Run patch shebangs on a directory or file.
|
||||
# Can take multiple paths as arguments.
|
||||
# patchShebangs [--build | --host] PATH...
|
||||
|
||||
# Flags:
|
||||
# --build : Lookup commands available at build-time
|
||||
|
@ -29,9 +32,7 @@ patchShebangs() {
|
|||
shift
|
||||
fi
|
||||
|
||||
local dir="$1"
|
||||
|
||||
header "patching script interpreter paths in $dir"
|
||||
echo "patching script interpreter paths in $@"
|
||||
local f
|
||||
local oldPath
|
||||
local newPath
|
||||
|
@ -40,7 +41,10 @@ patchShebangs() {
|
|||
local oldInterpreterLine
|
||||
local newInterpreterLine
|
||||
|
||||
[ -e "$dir" ] || return 0
|
||||
if [ $# -eq 0 ]; then
|
||||
echo "No arguments supplied to patchShebangs" >0
|
||||
return 0
|
||||
fi
|
||||
|
||||
local f
|
||||
while IFS= read -r -d $'\0' f; do
|
||||
|
@ -62,7 +66,7 @@ patchShebangs() {
|
|||
# - options: something starting with a '-'
|
||||
# - environment variables: foo=bar
|
||||
if $(echo "$arg0" | grep -q -- "^-.*\|.*=.*"); then
|
||||
echo "$f: unsupported interpreter directive \"$oldInterpreterLine\" (set dontPatchShebangs=1 and handle shebang patching yourself)"
|
||||
echo "$f: unsupported interpreter directive \"$oldInterpreterLine\" (set dontPatchShebangs=1 and handle shebang patching yourself)" >0
|
||||
exit 1
|
||||
fi
|
||||
|
||||
|
@ -95,7 +99,7 @@ patchShebangs() {
|
|||
rm "$timestamp"
|
||||
fi
|
||||
fi
|
||||
done < <(find "$dir" -type f -perm -0100 -print0)
|
||||
done < <(find "$@" -type f -perm -0100 -print0)
|
||||
|
||||
stopNest
|
||||
}
|
||||
|
|
|
@ -6,8 +6,8 @@ assert x11Support -> libX11 != null
|
|||
&& libSM != null;
|
||||
|
||||
let
|
||||
version = "1.12.12";
|
||||
sha256 = "1y7mxhkw2shd9mi9s62k81lz8npjkrafapr4fyfms7hs04kg4ilm";
|
||||
version = "1.12.14";
|
||||
sha256 = "13aca7gzgl7z1dfdipfs23773w8n6z01d4rj5kmssv4gms8c5ya4";
|
||||
|
||||
self = stdenv.mkDerivation {
|
||||
name = "dbus-${version}";
|
||||
|
|
|
@ -46,7 +46,7 @@ let
|
|||
'';
|
||||
|
||||
binPrograms = optional (!stdenv.isDarwin) "gapplication" ++ [ "gdbus" "gio" "gsettings" ];
|
||||
version = "2.60.2";
|
||||
version = "2.60.3";
|
||||
in
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
|
@ -54,7 +54,7 @@ stdenv.mkDerivation rec {
|
|||
|
||||
src = fetchurl {
|
||||
url = "mirror://gnome/sources/glib/${stdenv.lib.versions.majorMinor version}/${name}.tar.xz";
|
||||
sha256 = "1nc0iyday7866hq0hb78h7lxa44an998lzis8jhgvp8a0rsm9w9f";
|
||||
sha256 = "1fb0nx9fcmic8rsh0fbp79lqpasfjxljvnshbw2hsya51mb0vaq4";
|
||||
};
|
||||
|
||||
patches = optional stdenv.isDarwin ./darwin-compilation.patch
|
||||
|
|
|
@ -8,7 +8,7 @@
|
|||
}:
|
||||
|
||||
let
|
||||
version = "2.3.1";
|
||||
version = "2.5.1";
|
||||
inherit (stdenv.lib) optional optionals optionalString;
|
||||
in
|
||||
|
||||
|
@ -16,8 +16,8 @@ stdenv.mkDerivation {
|
|||
name = "harfbuzz${optionalString withIcu "-icu"}-${version}";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://www.freedesktop.org/software/harfbuzz/release/harfbuzz-${version}.tar.bz2";
|
||||
sha256 = "0s74ramsbfa183rxkidqgfd2vbhrwicnrqzqsq440dwibffnj1gj";
|
||||
url = "https://www.freedesktop.org/software/harfbuzz/release/harfbuzz-${version}.tar.xz";
|
||||
sha256 = "17kiyq23g7bnjvyn2yg4gyr7i7qjam65n20whsrplpxxk9bk8j3d";
|
||||
};
|
||||
|
||||
postPatch = ''
|
||||
|
|
|
@ -6,25 +6,13 @@ assert sslSupport -> openssl != null;
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "libevent-${version}";
|
||||
version = "2.1.8";
|
||||
version = "2.1.10";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/libevent/libevent/releases/download/release-${version}-stable/libevent-${version}-stable.tar.gz";
|
||||
sha256 = "1hhxnxlr0fsdv7bdmzsnhdz16fxf3jg2r6vyljcl3kj6pflcap4n";
|
||||
sha256 = "1c25928gdv495clxk2v1d4gkr5py7ack4gx2n7d13frnld0syr78";
|
||||
};
|
||||
|
||||
#NOTE: Patches to support libressl-2.7. These are taken from libevent upstream, and can both be dropped with the next release.
|
||||
patches = [
|
||||
(fetchpatch {
|
||||
url = "https://github.com/libevent/libevent/commit/22dd14945c25600de3cf8b91000c66703b551e4f.patch";
|
||||
sha256 = "0fzcb241cp9mm7j6baw22blcglbc083ryigzyjaij8r530av10kd";
|
||||
})
|
||||
(fetchpatch {
|
||||
url = "https://github.com/libevent/libevent/commit/28b8075400c70b2d2da2ce07e590c2ec6d11783d.patch";
|
||||
sha256 = "0dkzlk44033xksg2iq5w90r3lnziwl1mgz291nzqq906zrya0sdb";
|
||||
})
|
||||
];
|
||||
|
||||
# libevent_openssl is moved into its own output, so that openssl isn't present
|
||||
# in the default closure.
|
||||
outputs = [ "out" "dev" ]
|
||||
|
|
|
@ -5,7 +5,7 @@ stdenv.mkDerivation rec {
|
|||
name = "libical-${version}";
|
||||
version = "3.0.4";
|
||||
|
||||
outputs = [ "out" "dev" "devdoc" ];
|
||||
outputs = [ "out" "dev" ]; #"devdoc" ];
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "libical";
|
||||
|
@ -17,7 +17,8 @@ stdenv.mkDerivation rec {
|
|||
nativeBuildInputs = [
|
||||
perl pkgconfig cmake ninja vala gobject-introspection
|
||||
(python3.withPackages (pkgs: with pkgs; [ pygobject3 ])) # running libical-glib tests
|
||||
gtk-doc docbook_xsl docbook_xml_dtd_43 # docs
|
||||
# Docs building fails: https://github.com/NixOS/nixpkgs/pull/61657#issuecomment-495579489
|
||||
# gtk-doc docbook_xsl docbook_xml_dtd_43 # docs
|
||||
];
|
||||
buildInputs = [ glib libxml2 icu ];
|
||||
|
||||
|
|
|
@ -4,11 +4,11 @@ with stdenv.lib;
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "libidn2-${version}";
|
||||
version = "2.1.1a";
|
||||
version = "2.2.0";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://gnu/gnu/libidn/${name}.tar.gz";
|
||||
sha256 = "0wlb0jrkccsdxlx90wx6ax5raqcm6y9c75dcgc6j6m6gdv7nnrjp";
|
||||
sha256 = "1zl1cc2xgxw31pdhvhr5ij36x4vvpy16jq667rspin06nlr4fwzw";
|
||||
};
|
||||
|
||||
outputs = [ "bin" "dev" "out" "info" "devdoc" ];
|
||||
|
|
|
@ -1,12 +1,12 @@
|
|||
{ stdenv, fetchurl, pkgconfig, libmnl }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
version = "1.1.2";
|
||||
name = "libnftnl-${version}";
|
||||
version = "1.1.3";
|
||||
pname = "libnftnl";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://netfilter.org/projects/libnftnl/files/${name}.tar.bz2";
|
||||
sha256 = "0pffmsv41alsn5ac7mwnb9fh3qpwzqk13jrzn6c5i71wq6kbgix5";
|
||||
url = "https://netfilter.org/projects/${pname}/files/${pname}-${version}.tar.bz2";
|
||||
sha256 = "03xszkcpqk3s1rqc6vh7g5j13kh3d3yjnvjhk5scds3an39rgp92";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ pkgconfig ];
|
||||
|
|
|
@ -26,7 +26,7 @@ stdenv.mkDerivation rec {
|
|||
|
||||
configureFlags = [
|
||||
"--disable-static"
|
||||
"--enable-gtk-doc"
|
||||
# "--enable-gtk-doc"
|
||||
"--enable-man"
|
||||
"--enable-valgrind-tests"
|
||||
"--with-psl-distfile=${publicsuffix-list}/share/publicsuffix/public_suffix_list.dat"
|
||||
|
|
|
@ -2,14 +2,14 @@
|
|||
libyamlcpp, gmock }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "librime-${version}";
|
||||
version = "1.4.0";
|
||||
pname = "librime";
|
||||
version = "1.5.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "rime";
|
||||
repo = "librime";
|
||||
rev = "${version}";
|
||||
sha256 = "1zkx1wfbd94v55gfycyd2b94jxclfyk2zl7yw35pyjx63qdlb6sd";
|
||||
sha256 = "10wvh1l4317yzcys4rzlkw42i6cj5p8g62r1xzyjw32ky2d0ndxl";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake ];
|
||||
|
|
|
@ -1,11 +1,11 @@
|
|||
{ stdenv, fetchurl }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "libsodium-1.0.17";
|
||||
name = "libsodium-1.0.18";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://download.libsodium.org/libsodium/releases/${name}.tar.gz";
|
||||
sha256 = "1cf2d9v1gylz1qcy2zappbf526qfmph6gd6fnn3w2b347vixmhqc";
|
||||
sha256 = "1h9ncvj23qbbni958knzsli8dvybcswcjbx0qjjgi922nf848l3g";
|
||||
};
|
||||
|
||||
outputs = [ "out" "dev" ];
|
||||
|
|
|
@ -1,14 +1,14 @@
|
|||
{ stdenv, lib, fetchpatch, fetchFromGitHub, autoconf, automake, libtool, pkgconfig, ApplicationServices, CoreServices }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
version = "1.28.0";
|
||||
version = "1.29.1";
|
||||
pname = "libuv";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = pname;
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "0l0gx69sdy3sv3pirjbca2ws54n9d83mj0j96h77k0ncywimvi64";
|
||||
sha256 = "0scnircr6khgh7l3bw9zyfzdgx2c11mpfhd9d8qlw47arrvqg7l8";
|
||||
};
|
||||
|
||||
postPatch = let
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
, pkgconfig, intltool, autoreconfHook
|
||||
, file, expat, libdrm, xorg, wayland, wayland-protocols, openssl
|
||||
, llvmPackages, libffi, libomxil-bellagio, libva-minimal
|
||||
, libelf, libvdpau, valgrind-light, python2, python2Packages
|
||||
, libelf, libvdpau, python2, python2Packages
|
||||
, libglvnd
|
||||
, enableRadv ? true
|
||||
, galliumDrivers ? null
|
||||
|
@ -10,6 +10,7 @@
|
|||
, vulkanDrivers ? null
|
||||
, eglPlatforms ? [ "x11" ] ++ lib.optionals stdenv.isLinux [ "wayland" "drm" ]
|
||||
, OpenGL, Xplugin
|
||||
, withValgrind ? stdenv.hostPlatform.isLinux && !stdenv.hostPlatform.isAarch32, valgrind-light
|
||||
}:
|
||||
|
||||
/** Packaging design:
|
||||
|
@ -25,10 +26,6 @@
|
|||
|
||||
with stdenv.lib;
|
||||
|
||||
if ! elem stdenv.hostPlatform.system platforms.mesaPlatforms then
|
||||
throw "${stdenv.system}: unsupported platform for Mesa"
|
||||
else
|
||||
|
||||
let
|
||||
# platforms that have PCIe slots and thus can use most non-integrated GPUs
|
||||
pciePlatform = !stdenv.hostPlatform.isAarch32 && !stdenv.hostPlatform.isAarch64;
|
||||
|
@ -150,7 +147,8 @@ let self = stdenv.mkDerivation {
|
|||
libffi libvdpau libelf libXvMC
|
||||
libpthreadstubs openssl /*or another sha1 provider*/
|
||||
] ++ lib.optionals (elem "wayland" eglPlatforms) [ wayland wayland-protocols ]
|
||||
++ lib.optionals stdenv.isLinux [ valgrind-light libomxil-bellagio libva-minimal ];
|
||||
++ lib.optionals stdenv.isLinux [ libomxil-bellagio libva-minimal ]
|
||||
++ lib.optional withValgrind valgrind-light;
|
||||
|
||||
enableParallelBuilding = true;
|
||||
doCheck = false;
|
||||
|
@ -310,7 +308,7 @@ let self = stdenv.mkDerivation {
|
|||
description = "An open source implementation of OpenGL";
|
||||
homepage = https://www.mesa3d.org/;
|
||||
license = licenses.mit; # X11 variant, in most files
|
||||
platforms = platforms.linux ++ platforms.darwin;
|
||||
platforms = platforms.mesaPlatforms;
|
||||
maintainers = with maintainers; [ vcunat ];
|
||||
};
|
||||
};
|
||||
|
|
|
@ -1,11 +1,12 @@
|
|||
{ fetchurl, stdenv, slang, popt }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "newt-0.52.20";
|
||||
pname = "newt";
|
||||
version = "0.52.21";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://fedorahosted.org/releases/n/e/newt/${name}.tar.gz";
|
||||
sha256 = "1g3dpfnvaw7vljbr7nzq1rl88d6r8cmrvvng9inphgzwxxmvlrld";
|
||||
url = "https://fedorahosted.org/releases/n/e/${pname}/${pname}-${version}.tar.gz";
|
||||
sha256 = "0cdvbancr7y4nrj8257y5n45hmhizr8isynagy4fpsnpammv8pi6";
|
||||
};
|
||||
|
||||
patchPhase = ''
|
||||
|
|
|
@ -120,8 +120,8 @@ let
|
|||
in {
|
||||
|
||||
openssl_1_0_2 = common {
|
||||
version = "1.0.2r";
|
||||
sha256 = "1mnh27zf6r1bhm5d9fxqq9slv2gz0d9z2ij9i679b0wapa5x0ldf";
|
||||
version = "1.0.2s";
|
||||
sha256 = "15mbmg8hf7s12vr3v2bdc0pi9y4pdbnsxhzk4fyyap42jaa5rgfa";
|
||||
patches = [
|
||||
./1.0.2/nix-ssl-cert-file.patch
|
||||
|
||||
|
@ -132,15 +132,10 @@ in {
|
|||
};
|
||||
|
||||
openssl_1_1 = common {
|
||||
version = "1.1.1b";
|
||||
sha256 = "0jza8cmznnyiia43056dij1jdmz62dx17wsn0zxksh9h6817nmaw";
|
||||
version = "1.1.1c";
|
||||
sha256 = "142c7zdlz06hjrrvinb9f276czc78bnkyhd9xma621qmmmwk1yzn";
|
||||
patches = [
|
||||
./1.1/nix-ssl-cert-file.patch
|
||||
(fetchurl {
|
||||
name = "long-chacha-nonce.patch";
|
||||
url = "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=f426625b6ae9a7831010750490a5f0ad689c5ba3";
|
||||
sha256= "02ghqg3vzmzx3s1dwwwbm1p1l4asaiampyg4k9vfrjwficvgpdgp";
|
||||
})
|
||||
|
||||
(if stdenv.hostPlatform.isDarwin
|
||||
then ./1.1/use-etc-ssl-certs-darwin.patch
|
||||
|
|
|
@ -26,7 +26,7 @@ let
|
|||
# Determine the Android os identifier from Nix's system identifier
|
||||
os = if stdenv.system == "x86_64-linux" then "linux"
|
||||
else if stdenv.system == "x86_64-darwin" then "macosx"
|
||||
else throw "No tarballs found for system architecture: ${stdenv.system}";
|
||||
else throw "No Android SDK tarballs are available for system architecture: ${stdenv.system}";
|
||||
|
||||
# Generated Nix packages
|
||||
packages = import ./generated/packages.nix {
|
||||
|
|
|
@ -40,6 +40,14 @@ buildPythonPackage rec {
|
|||
propagatedBuildInputs = [ attrs chardet multidict async-timeout yarl ]
|
||||
++ lib.optionals (pythonOlder "3.7") [ idna-ssl typing-extensions ];
|
||||
|
||||
# Don't error on cryptography deprecation warning
|
||||
postPatch = ''
|
||||
substituteInPlace pytest.ini --replace "filterwarnings = error" ""
|
||||
'';
|
||||
|
||||
# coroutine 'noop2' was never awaited
|
||||
doCheck = false;
|
||||
|
||||
meta = with lib; {
|
||||
description = "Asynchronous HTTP Client/Server for Python and asyncio";
|
||||
license = licenses.asl20;
|
||||
|
|
|
@ -5,12 +5,12 @@
|
|||
|
||||
buildPythonPackage rec {
|
||||
pname = "asyncssh";
|
||||
version = "1.16.1";
|
||||
version = "1.17.0";
|
||||
disabled = pythonOlder "3.4";
|
||||
|
||||
src = fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "0qia1ay2dhwps5sfh0hif7mrv7yxvykxs9l7cmfp4m6hmqnn3r5r";
|
||||
sha256 = "1qrpkdyl77956qg6g7g66bbd6bfvb2nwi2sjy3v3li8m3irx8d7d";
|
||||
};
|
||||
|
||||
patches = [
|
||||
|
@ -21,13 +21,6 @@ buildPythonPackage rec {
|
|||
# However that broke the test on NixOS, failing with
|
||||
# "Operation not permitted"
|
||||
./fix-sftp-chmod-test-nixos.patch
|
||||
|
||||
# Restore libnacl support for curve25519/ed25519 as a fallback for PyCA
|
||||
# Fixes https://github.com/ronf/asyncssh/issues/206 with older openssl
|
||||
(fetchpatch {
|
||||
url = "https://github.com/ronf/asyncssh/commit/1dee113bb3e4a6888de562b0413e9abd6a0f0f04.patch";
|
||||
sha256 = "04bckdj7i6xk24lizkn3a8cj375pkz7yc57fc0vk222c6jzwzaml";
|
||||
})
|
||||
];
|
||||
|
||||
propagatedBuildInputs = [
|
||||
|
|
|
@ -21,11 +21,11 @@
|
|||
|
||||
buildPythonPackage rec {
|
||||
pname = "cryptography";
|
||||
version = "2.6.1"; # Also update the hash in vectors.nix
|
||||
version = "2.7"; # Also update the hash in vectors.nix
|
||||
|
||||
src = fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "19iwz5avym5zl6jrrrkym1rdaa9h61j20ph4cswsqgv8xg5j3j16";
|
||||
sha256 = "1inlnr36kl36551c9rcad99jmhk81v33by3glkadwdcgmi17fd76";
|
||||
};
|
||||
|
||||
outputs = [ "out" "dev" ];
|
||||
|
|
|
@ -7,7 +7,7 @@ buildPythonPackage rec {
|
|||
|
||||
src = fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 = "1bsqcv3h49dzqnyn29ijq8r7k1ra8ikl1y9qcpcns9nbvhaq3wq3";
|
||||
sha256 = "1g38zw90510azyfrj6mxbslx2gp9yrnv5dac0w2819k9ssdznbgi";
|
||||
};
|
||||
|
||||
# No tests included
|
||||
|
|
|
@ -2,13 +2,15 @@
|
|||
|
||||
buildPythonPackage rec {
|
||||
pname = "scandir";
|
||||
version = "1.7";
|
||||
version = "1.10.0";
|
||||
|
||||
src = fetchPypi {
|
||||
inherit pname version;
|
||||
sha256 ="0gbnhjzg42rj87ljv9kb648rfxph69ly3c8r9841dxy4d7l5pmdj";
|
||||
sha256 ="1bkqwmf056pkchf05ywbnf659wqlp6lljcdb0y88wr9f0vv32ijd";
|
||||
};
|
||||
|
||||
checkPhase = "python test/run_tests.py";
|
||||
|
||||
meta = with lib; {
|
||||
description = "A better directory iterator and faster os.walk()";
|
||||
homepage = https://github.com/benhoyt/scandir;
|
||||
|
|
|
@ -0,0 +1,24 @@
|
|||
From 95a75c95c5c4e641ce7cda0ded968d66f07f822a Mon Sep 17 00:00:00 2001
|
||||
From: worldofpeace <worldofpeace@protonmail.ch>
|
||||
Date: Sat, 18 May 2019 14:44:08 -0400
|
||||
Subject: [PATCH] highlight: fix permission on file style
|
||||
|
||||
---
|
||||
gtkdoc/highlight.py | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/gtkdoc/highlight.py b/gtkdoc/highlight.py
|
||||
index 8f6e470..d11c432 100644
|
||||
--- a/gtkdoc/highlight.py
|
||||
+++ b/gtkdoc/highlight.py
|
||||
@@ -47,6 +47,6 @@ def highlight_code(code, lang='c'):
|
||||
|
||||
|
||||
def append_style_defs(css_file_name):
|
||||
- os.chmod(css_file_name, stat.S_IWRITE)
|
||||
+ os.chmod(css_file_name, 0o664)
|
||||
with open(css_file_name, 'at', newline='\n', encoding='utf-8') as css:
|
||||
css.write(HTML_FORMATTER.get_style_defs())
|
||||
--
|
||||
2.21.0
|
||||
|
|
@ -1,30 +1,59 @@
|
|||
{ stdenv, fetchurl, autoreconfHook, pkgconfig, perl, python3, libxml2Python, libxslt, which
|
||||
, docbook_xml_dtd_43, docbook_xsl, gnome-doc-utils, gettext, itstool, gnome3
|
||||
{ stdenv
|
||||
, fetchFromGitLab
|
||||
, meson
|
||||
, ninja
|
||||
, pkgconfig
|
||||
, python3
|
||||
, libxml2Python
|
||||
, docbook_xml_dtd_43
|
||||
, docbook_xsl
|
||||
, libxslt
|
||||
, gettext
|
||||
, gnome3
|
||||
, withDblatex ? false, dblatex
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "gtk-doc";
|
||||
version = "1.29";
|
||||
version = "1.30";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://gnome/sources/${pname}/${stdenv.lib.versions.majorMinor version}/${pname}-${version}.tar.xz";
|
||||
sha256 = "1cc6yl8l275qn3zpjl6f0s4fwmkczngjr9hhsdv74mln4h08wmql";
|
||||
src = fetchFromGitLab {
|
||||
domain = "gitlab.gnome.org";
|
||||
owner = "GNOME";
|
||||
repo = pname;
|
||||
rev = "GTK_DOC_${stdenv.lib.replaceStrings ["."] ["_"] version }";
|
||||
sha256 = "05lr6apj3pd3s59a7k6p45k9ywwrp577ra4pvkhxvb5p7v90c2fi";
|
||||
};
|
||||
|
||||
patches = [
|
||||
passthru.respect_xml_catalog_files_var_patch
|
||||
# https://gitlab.gnome.org/GNOME/gtk-doc/issues/84
|
||||
./0001-highlight-fix-permission-on-file-style.patch
|
||||
];
|
||||
|
||||
outputDevdoc = "out";
|
||||
|
||||
nativeBuildInputs = [ autoreconfHook ];
|
||||
buildInputs =
|
||||
[ pkgconfig perl python3 libxml2Python libxslt docbook_xml_dtd_43 docbook_xsl
|
||||
gnome-doc-utils gettext which itstool
|
||||
] ++ stdenv.lib.optional withDblatex dblatex;
|
||||
nativeBuildInputs = [
|
||||
gettext
|
||||
meson
|
||||
ninja
|
||||
];
|
||||
|
||||
configureFlags = [ "--disable-scrollkeeper" ];
|
||||
buildInputs = [
|
||||
docbook_xml_dtd_43
|
||||
docbook_xsl
|
||||
libxslt
|
||||
pkgconfig
|
||||
python3
|
||||
libxml2Python
|
||||
]
|
||||
++ stdenv.lib.optional withDblatex dblatex
|
||||
;
|
||||
|
||||
mesonFlags = [
|
||||
"-Dtests=false"
|
||||
"-Dyelp_manual=false"
|
||||
];
|
||||
|
||||
# Make pygments available for binaries, python.withPackages creates a wrapper
|
||||
# but scripts are not allowed in shebangs so we link it into sys.path.
|
||||
|
|
|
@ -94,7 +94,7 @@ stdenv.mkDerivation rec {
|
|||
|
||||
depsBuildBuild = [ buildPackages.stdenv.cc ];
|
||||
|
||||
buildInputs = lib.optionals (enableStatic && !useMusl) [ stdenv.cc.libc stdenv.cc.libc.static ];
|
||||
buildInputs = lib.optionals (enableStatic && !useMusl && stdenv.cc.libc ? static) [ stdenv.cc.libc stdenv.cc.libc.static ];
|
||||
|
||||
enableParallelBuilding = true;
|
||||
|
||||
|
|
|
@ -2,42 +2,14 @@
|
|||
, libnetfilter_conntrack, libnftnl, libmnl, libpcap }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "iptables-${version}";
|
||||
version = "1.8.2";
|
||||
pname = "iptables";
|
||||
version = "1.8.3";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://www.netfilter.org/projects/iptables/files/${name}.tar.bz2";
|
||||
sha256 = "1bqj9hf3szy9r0w14iy23w00ir8448nfhpcprbwmcchsxm88nxx3";
|
||||
url = "https://www.netfilter.org/projects/${pname}/files/${pname}-${version}.tar.bz2";
|
||||
sha256 = "106xkkg5crsscjlinxvqvprva23fwwqfgrzl8m2nn841841sqg52";
|
||||
};
|
||||
|
||||
patches = [
|
||||
# Adds missing bits to extensions' libipt_icmp.c and libip6t_icmp6.c that were causing build to fail
|
||||
(fetchpatch {
|
||||
url = "https://git.netfilter.org/iptables/patch/?id=907e429d7548157016cd51aba4adc5d0c7d9f816";
|
||||
sha256 = "0vc7ljcglz5152lc3jx4p44vjfi6ipvxdrgkdb5dmkhlb5v93i2h";
|
||||
})
|
||||
# Build with musl libc fails because of conflicting struct ethhdr definitions
|
||||
(fetchpatch {
|
||||
url = "https://git.netfilter.org/iptables/patch/?id=51d374ba41ae4f1bb851228c06b030b83dd2092f";
|
||||
sha256 = "05fwrq03f9sm0v2bfwshbrg7pi2p978w1460arnmpay3135gj266";
|
||||
})
|
||||
# Extensions: libip6t_mh: fix bogus translation error
|
||||
(fetchpatch {
|
||||
url = "https://git.netfilter.org/iptables/patch/?id=5839d7fe62ff667af7132fc7d589b386951f27b3";
|
||||
sha256 = "0578jn1ip710z9kijwg9g2vjq2kfrbafl03m1rgi4fasz215gvkf";
|
||||
})
|
||||
# Prevent headers collisions between linux and netfilter (in.h and in6.h)
|
||||
# Fixed upstream with two commits
|
||||
(fetchpatch {
|
||||
url = "https://git.netfilter.org/iptables/patch/?id=8d9d7e4b9ef4c6e6abab2cf35c747d7ca36824bd";
|
||||
sha256 = "0q3wcspiqym1r6dg1jhg7h8hpvsjzx1k7cs39z36mzlbmj9lm0zb";
|
||||
})
|
||||
(fetchpatch {
|
||||
url = "https://git.netfilter.org/iptables/patch/?id=2908eda10bf9fc81119d4f3ad672c67918ab5955";
|
||||
sha256 = "1dci4c8b7gcdrf77l2aicrcwlbp320xjz76fhavams0b4kgs6yr3";
|
||||
})
|
||||
];
|
||||
|
||||
nativeBuildInputs = [ bison flex pkgconfig pruneLibtoolFiles ];
|
||||
|
||||
buildInputs = [ libnetfilter_conntrack libnftnl libmnl libpcap ];
|
||||
|
|
|
@ -1,16 +1,17 @@
|
|||
{ stdenv, fetchurl, lvm2, libaio, gzip, readline, systemd, liburcu }:
|
||||
{ stdenv, fetchurl, pkgconfig, perl, lvm2, libaio, gzip, readline, systemd, liburcu, json_c }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "multipath-tools-${version}";
|
||||
version = "0.6.2";
|
||||
version = "0.8.1";
|
||||
|
||||
src = fetchurl {
|
||||
name = "${name}.tar.gz";
|
||||
url = "https://git.opensvc.com/?p=multipath-tools/.git;a=snapshot;h=${version};sf=tgz";
|
||||
sha256 = "159hxvbk9kh1qay9x04w0gsqzg0hkl5yghfc1wi9kv2n5pcwbkpm";
|
||||
url = "https://git.opensvc.com/gitweb.cgi?p=multipath-tools/.git;a=snapshot;h=refs/tags/${version};sf=tgz";
|
||||
sha256 = "0669zl4dpai63dl04lf8vpwnpsff6qf19fifxfc4frawnh699k95";
|
||||
};
|
||||
|
||||
postPatch = ''
|
||||
substituteInPlace libmultipath/Makefile --replace /usr/include/libdevmapper.h ${lvm2}/include/libdevmapper.h
|
||||
sed -i -re '
|
||||
s,^( *#define +DEFAULT_MULTIPATHDIR\>).*,\1 "'"$out/lib/multipath"'",
|
||||
' libmultipath/defaults.h
|
||||
|
@ -20,8 +21,8 @@ stdenv.mkDerivation rec {
|
|||
Makefile.inc
|
||||
'';
|
||||
|
||||
nativeBuildInputs = [ gzip ];
|
||||
buildInputs = [ systemd lvm2 libaio readline liburcu ];
|
||||
nativeBuildInputs = [ gzip pkgconfig perl ];
|
||||
buildInputs = [ systemd lvm2 libaio readline liburcu json_c ];
|
||||
|
||||
makeFlags = [
|
||||
"LIB=lib"
|
||||
|
|
|
@ -9,16 +9,14 @@
|
|||
, patchelf
|
||||
, getent
|
||||
, buildPackages
|
||||
, perl
|
||||
, withSelinux ? false, libselinux
|
||||
, withLibseccomp ? lib.any (lib.meta.platformMatch stdenv.hostPlatform) libseccomp.meta.platforms, libseccomp
|
||||
, withKexectools ? lib.any (lib.meta.platformMatch stdenv.hostPlatform) kexectools.meta.platforms, kexectools
|
||||
}:
|
||||
|
||||
let
|
||||
pythonLxmlEnv = buildPackages.python3Packages.python.withPackages ( ps: with ps; [ python3Packages.lxml ]);
|
||||
|
||||
in stdenv.mkDerivation rec {
|
||||
version = "239.20190219";
|
||||
stdenv.mkDerivation rec {
|
||||
version = "242";
|
||||
name = "systemd-${version}";
|
||||
|
||||
# When updating, use https://github.com/systemd/systemd-stable tree, not the development one!
|
||||
|
@ -27,27 +25,9 @@ in stdenv.mkDerivation rec {
|
|||
owner = "NixOS";
|
||||
repo = "systemd";
|
||||
rev = "nixos-v${version}";
|
||||
sha256 = "0aczg25ih2gfjq810x8rw6rnpr6sw1lz6z0lvlyw2qphyih68b4x";
|
||||
sha256 = "0ldyhfxdy4qlgygvpc92wp0qp6p1c9y3rnm77zwbkga48x60d9i8";
|
||||
};
|
||||
|
||||
prePatch = let
|
||||
# Upstream's maintenance branches are still too intrusive:
|
||||
# https://github.com/systemd/systemd-stable/tree/v239-stable
|
||||
patches-deb = fetchurl {
|
||||
# This URL should point to a stable location that does not easily
|
||||
# disappear. In the past we were using `mirror://debian` but that
|
||||
# eventually causes the files to disappear. While that was a good sign
|
||||
# for us to update our patch collection it does break reproducibility.
|
||||
name = "systemd-debian-patches.tar.xz";
|
||||
url = http://snapshot.debian.org/archive/debian/20190301T035241Z/pool/main/s/systemd/systemd_239-12%7Ebpo9%2B1.debian.tar.xz;
|
||||
sha256 = "0v9f62gyfiw5icdrdlcvjcipsqrsm49w6n8bqp9nb8s2ih6rsfhg";
|
||||
};
|
||||
# Note that we skip debian-specific patches, i.e. ./debian/patches/debian/*
|
||||
in ''
|
||||
tar xf ${patches-deb}
|
||||
patches="$patches $(cat debian/patches/series | grep -v '^debian/' | sed 's|^|debian/patches/|')"
|
||||
'';
|
||||
|
||||
outputs = [ "out" "lib" "man" "dev" ];
|
||||
|
||||
nativeBuildInputs =
|
||||
|
@ -56,6 +36,9 @@ in stdenv.mkDerivation rec {
|
|||
coreutils # meson calls date, stat etc.
|
||||
glibcLocales
|
||||
patchelf getent m4
|
||||
perl # to patch the libsystemd.so and remove dependencies on aarch64
|
||||
|
||||
(buildPackages.python3Packages.python.withPackages ( ps: with ps; [ python3Packages.lxml ]))
|
||||
];
|
||||
buildInputs =
|
||||
[ linuxHeaders libcap kmod xz pam acl
|
||||
|
@ -65,17 +48,24 @@ in stdenv.mkDerivation rec {
|
|||
stdenv.lib.optional withLibseccomp libseccomp ++
|
||||
[ libffi audit lz4 bzip2 libapparmor
|
||||
iptables gnu-efi
|
||||
# This is actually native, but we already pull it from buildPackages
|
||||
pythonLxmlEnv
|
||||
] ++ stdenv.lib.optional withSelinux libselinux;
|
||||
|
||||
#dontAddPrefix = true;
|
||||
|
||||
mesonFlags = [
|
||||
"-Ddbuspolicydir=${placeholder "out"}/etc/dbus-1/system.d"
|
||||
"-Ddbussessionservicedir=${placeholder "out"}/share/dbus-1/services"
|
||||
"-Ddbussystemservicedir=${placeholder "out"}/share/dbus-1/system-services"
|
||||
"-Dpamconfdir=${placeholder "out"}/etc/pam.d"
|
||||
"-Drootprefix=${placeholder "out"}"
|
||||
"-Drootlibdir=${placeholder "lib"}/lib"
|
||||
"-Dpkgconfiglibdir=${placeholder "dev"}/lib/pkgconfig"
|
||||
"-Dpkgconfigdatadir=${placeholder "dev"}/share/pkgconfig"
|
||||
"-Dloadkeys-path=${kbd}/bin/loadkeys"
|
||||
"-Dsetfont-path=${kbd}/bin/setfont"
|
||||
"-Dtty-gid=3" # tty in NixOS has gid 3
|
||||
# "-Dtests=" # TODO
|
||||
# while we do not run tests we should also not build them. Removes about 600 targets
|
||||
"-Dtests=false"
|
||||
"-Dlz4=true"
|
||||
"-Dhostnamed=true"
|
||||
"-Dnetworkd=true"
|
||||
|
@ -92,6 +82,7 @@ in stdenv.mkDerivation rec {
|
|||
"-Dquotacheck=false"
|
||||
"-Dldconfig=false"
|
||||
"-Dsmack=true"
|
||||
"-Db_pie=true"
|
||||
"-Dsystem-uid-max=499" #TODO: debug why awking around in /etc/login.defs doesn't work
|
||||
"-Dsystem-gid-max=499"
|
||||
# "-Dtime-epoch=1"
|
||||
|
@ -113,19 +104,10 @@ in stdenv.mkDerivation rec {
|
|||
|
||||
preConfigure = ''
|
||||
mesonFlagsArray+=(-Dntp-servers="0.nixos.pool.ntp.org 1.nixos.pool.ntp.org 2.nixos.pool.ntp.org 3.nixos.pool.ntp.org")
|
||||
mesonFlagsArray+=(-Ddbuspolicydir=$out/etc/dbus-1/system.d)
|
||||
mesonFlagsArray+=(-Ddbussessionservicedir=$out/share/dbus-1/services)
|
||||
mesonFlagsArray+=(-Ddbussystemservicedir=$out/share/dbus-1/system-services)
|
||||
mesonFlagsArray+=(-Dpamconfdir=$out/etc/pam.d)
|
||||
mesonFlagsArray+=(-Drootprefix=$out)
|
||||
mesonFlagsArray+=(-Drootlibdir=$lib/lib)
|
||||
mesonFlagsArray+=(-Dpkgconfiglibdir=$dev/lib/pkgconfig)
|
||||
mesonFlagsArray+=(-Dpkgconfigdatadir=$dev/share/pkgconfig)
|
||||
|
||||
export LC_ALL="en_US.UTF-8";
|
||||
# FIXME: patch this in systemd properly (and send upstream).
|
||||
# already fixed in f00929ad622c978f8ad83590a15a765b4beecac9: (u)mount
|
||||
for i in src/remount-fs/remount-fs.c src/core/mount.c src/core/swap.c src/fsck/fsck.c units/emergency.service.in units/rescue.service.in src/journal/cat.c src/core/shutdown.c src/nspawn/nspawn.c src/shared/generator.c; do
|
||||
for i in src/remount-fs/remount-fs.c src/core/mount.c src/core/swap.c src/fsck/fsck.c units/emergency.service.in units/rescue.service.in src/journal/cat.c src/shutdown/shutdown.c src/nspawn/nspawn.c src/shared/generator.c; do
|
||||
test -e $i
|
||||
substituteInPlace $i \
|
||||
--replace /usr/bin/getent ${getent}/bin/getent \
|
||||
|
@ -139,14 +121,8 @@ in stdenv.mkDerivation rec {
|
|||
--replace /bin/plymouth /run/current-system/sw/bin/plymouth # To avoid dependency
|
||||
done
|
||||
|
||||
for i in tools/xml_helper.py tools/make-directive-index.py tools/make-man-index.py test/sys-script.py; do
|
||||
substituteInPlace $i \
|
||||
--replace "#!/usr/bin/env python" "#!${pythonLxmlEnv}/bin/python"
|
||||
done
|
||||
|
||||
for i in src/basic/generate-gperfs.py src/resolve/generate-dns_type-gperf.py src/test/generate-sym-test.py ; do
|
||||
substituteInPlace $i \
|
||||
--replace "#!/usr/bin/env python" "#!${buildPackages.python3Packages.python}/bin/python"
|
||||
for dir in tools src/resolve test src/test; do
|
||||
patchShebangs $dir
|
||||
done
|
||||
|
||||
substituteInPlace src/journal/catalog.c \
|
||||
|
@ -207,13 +183,37 @@ in stdenv.mkDerivation rec {
|
|||
|
||||
enableParallelBuilding = true;
|
||||
|
||||
# On aarch64 we "leak" a reference to $out/lib/systemd/catalog in the lib
|
||||
# output. The result of that is a dependency cycle between $out and $lib.
|
||||
# Thus nix (rightfully) marks the build as failed. That reference originates
|
||||
# from an array of strings (catalog_file_dirs) in systemd
|
||||
# (src/src/journal/catalog.{c,h}). The only consumer (as of v242) of the
|
||||
# symbol is the main function of journalctl. Still libsystemd.so contains
|
||||
# the VALUE but not the symbol. Systemd seems to be properly using function
|
||||
# & data sections together with the linker flags to garbage collect unused
|
||||
# sections (-Wl,--gc-sections). For unknown reasons those flags do not
|
||||
# eliminate the unused string constants, in this case on aarch64-linux. The
|
||||
# hacky way is to just remove the reference after we finished compiling.
|
||||
# Since it can not be used (there is no symbol to actually refer to it) there
|
||||
# should not be any harm. It is a bit odd and I really do not like starting
|
||||
# these kind of hacks but there doesn't seem to be a straight forward way at
|
||||
# this point in time.
|
||||
# The reference will be replaced by the same reference the usual nukeRefs
|
||||
# tooling uses. The standard tooling can not / should not be uesd since it
|
||||
# is a bit too excessive and could potentially do us some (more) harm.
|
||||
postFixup = ''
|
||||
nukedRef=$(echo $out | sed -e "s,$NIX_STORE/[^-]*-\(.*\),$NIX_STORE/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-\1,")
|
||||
cat $lib/lib/libsystemd.so | perl -pe "s|$out/lib/systemd/catalog|$nukedRef/lib/systemd/catalog|" > $lib/lib/libsystemd.so.tmp
|
||||
mv $lib/lib/libsystemd.so.tmp $(readlink -f $lib/lib/libsystemd.so)
|
||||
'';
|
||||
|
||||
# The interface version prevents NixOS from switching to an
|
||||
# incompatible systemd at runtime. (Switching across reboots is
|
||||
# fine, of course.) It should be increased whenever systemd changes
|
||||
# in a backwards-incompatible way. If the interface version of two
|
||||
# systemd builds is the same, then we can switch between them at
|
||||
# runtime; otherwise we can't and we need to reboot.
|
||||
passthru.interfaceVersion = 2;
|
||||
passthru.interfaceVersion = 3;
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
homepage = http://www.freedesktop.org/wiki/Software/systemd;
|
||||
|
|
|
@ -59,7 +59,21 @@ stdenv.mkDerivation rec {
|
|||
++ lib.optionals bluetoothSupport [ bluez5 sbc ]
|
||||
++ lib.optional remoteControlSupport lirc
|
||||
++ lib.optional zeroconfSupport avahi
|
||||
);
|
||||
);
|
||||
|
||||
patches = [
|
||||
# The following two patches fix alsalib headers move, remove after the next release
|
||||
(fetchpatch {
|
||||
name = "alsa-asoundlib-include.patch";
|
||||
url = "https://gitlab.freedesktop.org/pulseaudio/pulseaudio/commit/993d3fd89e5611997f1e165bf03edefb0204b0a4.patch";
|
||||
sha256 = "17icnf8026947j1dqw4k16f91vy6zyg7q41zv2j6pxh9fncb1s71";
|
||||
})
|
||||
(fetchpatch {
|
||||
name = "alsa-use-case-include.patch";
|
||||
url = "https://gitlab.freedesktop.org/pulseaudio/pulseaudio/commit/b89d33bb182c42db5ad3987b0e91b7bf62f421e8.patch";
|
||||
sha256 = "0jccpc0dgkb0v4xrkyca2pm2k4i6pvahs9bq4hbg34173p23g5nb";
|
||||
})
|
||||
];
|
||||
|
||||
preConfigure = ''
|
||||
# Performs and autoreconf
|
||||
|
@ -117,19 +131,6 @@ stdenv.mkDerivation rec {
|
|||
--prefix GIO_EXTRA_MODULES : "${lib.getLib gnome3.dconf}/lib/gio/modules"
|
||||
'';
|
||||
|
||||
patches = [
|
||||
(fetchpatch {
|
||||
name = "alsa-asoundlib-include.patch";
|
||||
url = "https://gitlab.freedesktop.org/pulseaudio/pulseaudio/commit/993d3fd89e5611997f1e165bf03edefb0204b0a4.patch";
|
||||
sha256 = "17icnf8026947j1dqw4k16f91vy6zyg7q41zv2j6pxh9fncb1s71";
|
||||
})
|
||||
(fetchpatch {
|
||||
name = "alsa-use-case-include.patch";
|
||||
url = "https://gitlab.freedesktop.org/pulseaudio/pulseaudio/commit/b89d33bb182c42db5ad3987b0e91b7bf62f421e8.patch";
|
||||
sha256 = "0jccpc0dgkb0v4xrkyca2pm2k4i6pvahs9bq4hbg34173p23g5nb";
|
||||
})
|
||||
];
|
||||
|
||||
meta = {
|
||||
description = "Sound server for POSIX and Win32 systems";
|
||||
homepage = http://www.pulseaudio.org/;
|
||||
|
|
|
@ -38,7 +38,7 @@ let
|
|||
|
||||
enableParallelBuilding = !stdenv.isDarwin;
|
||||
|
||||
makeFlags = [ "world" ];
|
||||
buildFlags = [ "world" ];
|
||||
|
||||
NIX_CFLAGS_COMPILE = [ "-I${libxml2.dev}/include/libxml2" ];
|
||||
|
||||
|
@ -60,6 +60,7 @@ let
|
|||
(if atLeast "9.6" then ./patches/less-is-more-96.patch else ./patches/less-is-more.patch)
|
||||
(if atLeast "9.6" then ./patches/hardcode-pgxs-path-96.patch else ./patches/hardcode-pgxs-path.patch)
|
||||
./patches/specify_pkglibdir_at_runtime.patch
|
||||
./patches/findstring.patch
|
||||
] ++ lib.optional stdenv.isLinux ./patches/socketdir-in-run.patch;
|
||||
|
||||
installTargets = [ "install-world" ];
|
||||
|
|
|
@ -0,0 +1,59 @@
|
|||
From: Matthew Bauer <mjbauer95@gmail.com>
|
||||
Date: Wed, 29 May 2019 22:51:52 -0400
|
||||
Subject: [PATCH] Add /postgresql suffix for Nix outputs
|
||||
|
||||
Nix outputs put the `name' in each store path like
|
||||
/nix/store/...-<name>. This was confusing the Postgres make script
|
||||
because it thought its data directory already had postgresql in its
|
||||
directory. This lead to Postgres installing all of its fils in
|
||||
$out/share. To fix this, we just look for postgres or psql in the part
|
||||
after the / using make's notdir.
|
||||
|
||||
---
|
||||
From: Matthew Bauer <mjbauer95@gmail.com>
|
||||
Date: Wed, 29 May 2019 22:51:52 -0400
|
||||
Subject: [PATCH] Add /postgresql suffix for Nix outputs
|
||||
|
||||
Nix outputs put the `name' in each store path like
|
||||
/nix/store/...-<name>. This was confusing the Postgres make script
|
||||
because it thought its data directory already had postgresql in its
|
||||
directory. This lead to Postgres installing all of its fils in
|
||||
$out/share. To fix this, we just look for postgres or psql in the part
|
||||
after the / using make's notdir.
|
||||
|
||||
---
|
||||
diff --git a/src/Makefile.global.in b/src/Makefile.global.in
|
||||
index b9d86acaa9..bce05464c3 100644
|
||||
--- a/src/Makefile.global.in
|
||||
+++ b/src/Makefile.global.in
|
||||
@@ -102,15 +102,15 @@ datarootdir := @datarootdir@
|
||||
bindir := @bindir@
|
||||
|
||||
datadir := @datadir@
|
||||
-ifeq "$(findstring pgsql, $(datadir))" ""
|
||||
-ifeq "$(findstring postgres, $(datadir))" ""
|
||||
+ifeq "$(findstring pgsql, $(notdir $(datadir)))" ""
|
||||
+ifeq "$(findstring postgres, $(notdir $(datadir)))" ""
|
||||
override datadir := $(datadir)/postgresql
|
||||
endif
|
||||
endif
|
||||
|
||||
sysconfdir := @sysconfdir@
|
||||
-ifeq "$(findstring pgsql, $(sysconfdir))" ""
|
||||
-ifeq "$(findstring postgres, $(sysconfdir))" ""
|
||||
+ifeq "$(findstring pgsql, $(notdir $(sysconfdir)))" ""
|
||||
+ifeq "$(findstring postgres, $(notdir $(sysconfdir)))" ""
|
||||
override sysconfdir := $(sysconfdir)/postgresql
|
||||
endif
|
||||
endif
|
||||
@@ -136,8 +136,8 @@ endif
|
||||
mandir := @mandir@
|
||||
|
||||
docdir := @docdir@
|
||||
-ifeq "$(findstring pgsql, $(docdir))" ""
|
||||
-ifeq "$(findstring postgres, $(docdir))" ""
|
||||
+ifeq "$(findstring pgsql, $(notdir $(docdir)))" ""
|
||||
+ifeq "$(findstring postgres, $(notdir $(docdir)))" ""
|
||||
override docdir := $(docdir)/postgresql
|
||||
endif
|
||||
endif
|
|
@ -2,11 +2,11 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "e2fsprogs";
|
||||
version = "1.45.1";
|
||||
version = "1.45.2";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://sourceforge/${pname}/${pname}-${version}.tar.gz";
|
||||
sha256 = "0zi8jz28hs66vhjvrfxmkmr1via19aygcbzpnw3lp0crhizaasgf";
|
||||
sha256 = "1bhqljgcngys1diaxh7rnxc85d1jsril8xd7bach9imdjwr1wlm8";
|
||||
};
|
||||
|
||||
outputs = [ "bin" "dev" "out" "man" "info" ];
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ lib, stdenv, fetchurl, zlib, protobuf, ncurses, pkgconfig
|
||||
{ lib, stdenv, fetchurl, fetchpatch, zlib, protobuf, ncurses, pkgconfig
|
||||
, makeWrapper, perlPackages, openssl, autoreconfHook, openssh, bash-completion
|
||||
, libutempter ? null, withUtempter ? stdenv.isLinux }:
|
||||
|
||||
|
@ -15,7 +15,15 @@ stdenv.mkDerivation rec {
|
|||
++ (with perlPackages; [ perl IOTty ])
|
||||
++ lib.optional withUtempter libutempter;
|
||||
|
||||
patches = [ ./ssh_path.patch ./utempter_path.patch ];
|
||||
patches = [
|
||||
./ssh_path.patch
|
||||
./utempter_path.patch
|
||||
# Fix w/c++17, ::bind vs std::bind
|
||||
(fetchpatch {
|
||||
url = "https://github.com/mobile-shell/mosh/commit/e5f8a826ef9ff5da4cfce3bb8151f9526ec19db0.patch";
|
||||
sha256 = "15518rb0r5w1zn4s6981bf1sz6ins6gpn2saizfzhmr13hw4gmhm";
|
||||
})
|
||||
];
|
||||
postPatch = ''
|
||||
substituteInPlace scripts/mosh.pl \
|
||||
--subst-var-by ssh "${openssh}/bin/ssh"
|
||||
|
|
|
@ -16,11 +16,11 @@ assert guiSupport -> pinentry != null;
|
|||
stdenv.mkDerivation rec {
|
||||
name = "gnupg-${version}";
|
||||
|
||||
version = "2.2.15";
|
||||
version = "2.2.16";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://gnupg/gnupg/${name}.tar.bz2";
|
||||
sha256 = "0m6lyphbb20i84isdxzfhcbzyc682hdrdv4aqkzmhrdksycf536b";
|
||||
sha256 = "1jqlzp9b3kpfp1dkjqskm67jjrhvf9nh3lzf45321p7m9d2qvgkc";
|
||||
};
|
||||
|
||||
depsBuildBuild = [ buildPackages.stdenv.cc ];
|
||||
|
|
|
@ -4643,9 +4643,7 @@ in
|
|||
docbook-xsl = docbook_xsl;
|
||||
};
|
||||
|
||||
mosh = callPackage ../tools/networking/mosh {
|
||||
stdenv = if stdenv.cc.isClang then llvmPackages_6.stdenv else stdenv;
|
||||
};
|
||||
mosh = callPackage ../tools/networking/mosh { };
|
||||
|
||||
motuclient = callPackage ../applications/science/misc/motu-client { };
|
||||
|
||||
|
|
|
@ -1028,7 +1028,7 @@ in {
|
|||
|
||||
aiohttp = callPackage ../development/python-modules/aiohttp { };
|
||||
|
||||
aiohttp-cors = callPackage ../development/python-modules/aiohttp/cors.nix { };
|
||||
aiohttp-cors = callPackage ../development/python-modules/aiohttp-cors { };
|
||||
|
||||
aiohttp-jinja2 = callPackage ../development/python-modules/aiohttp-jinja2 { };
|
||||
|
||||
|
|
|
@ -107,7 +107,6 @@ in
|
|||
mapTestEqual = lib.mapAttrsRecursive testEqual;
|
||||
|
||||
in mapTestEqual {
|
||||
androidndk = nativePlatforms;
|
||||
boehmgc = nativePlatforms;
|
||||
libffi = nativePlatforms;
|
||||
libiconv = nativePlatforms;
|
||||
|
|
Loading…
Reference in New Issue