public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' into octoprint

Browse Source
This commit is contained in:
Gabriel Ebner 2020-05-03 11:37:52 +02:00
commit a4f60b72e9
12530 changed files with 147074 additions and 78854 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
.github/CODEOWNERS vendored
View File

@ -55,9 +55,6 @@
# NixOS integration test driver # NixOS integration test driver
/nixos/lib/test-driver @tfc /nixos/lib/test-driver @tfc
# New NixOS modules
/nixos/modules/module-list.nix @Infinisil
# Python-related code and docs # Python-related code and docs
/maintainers/scripts/update-python-libraries @FRidh /maintainers/scripts/update-python-libraries @FRidh
/pkgs/top-level/python-packages.nix @FRidh @jonringer /pkgs/top-level/python-packages.nix @FRidh @jonringer
@ -67,7 +64,7 @@
# Haskell # Haskell
/pkgs/development/compilers/ghc @cdepillabout /pkgs/development/compilers/ghc @cdepillabout
/pkgs/development/haskell-modules @cdepillabout @infinisil /pkgs/development/haskell-modules @cdepillabout
/pkgs/development/haskell-modules/default.nix @cdepillabout /pkgs/development/haskell-modules/default.nix @cdepillabout
/pkgs/development/haskell-modules/generic-builder.nix @cdepillabout /pkgs/development/haskell-modules/generic-builder.nix @cdepillabout
/pkgs/development/haskell-modules/hoogle.nix @cdepillabout /pkgs/development/haskell-modules/hoogle.nix @cdepillabout
@ -82,8 +79,8 @@
/pkgs/development/r-modules @peti /pkgs/development/r-modules @peti
# Ruby # Ruby
/pkgs/development/interpreters/ruby @alyssais @zimbatm /pkgs/development/interpreters/ruby @alyssais
/pkgs/development/ruby-modules @alyssais @zimbatm /pkgs/development/ruby-modules @alyssais
# Rust # Rust
/pkgs/development/compilers/rust @Mic92 @LnL7 /pkgs/development/compilers/rust @Mic92 @LnL7
@ -178,6 +175,8 @@
/nixos/tests/prometheus-exporters.nix @WilliButz /nixos/tests/prometheus-exporters.nix @WilliButz
# PHP # PHP
/pkgs/development/interpreters/php @etu /doc/languages-frameworks/php.section.md @etu
/pkgs/top-level/php-packages.nix @etu /nixos/tests/php @etu
/pkgs/build-support/build-pecl.nix @etu /pkgs/build-support/build-pecl.nix @etu
/pkgs/development/interpreters/php @etu
/pkgs/top-level/php-packages.nix @etu

11
.github/CONTRIBUTING.md vendored
View File

@ -50,12 +50,13 @@ For package version upgrades and such a one-line commit message is usually suffi
## Backporting changes ## Backporting changes
To [backport a change into a release branch](https://nixos.org/nixpkgs/manual/#submitting-changes-stable-release-branches): Follow these steps to backport a change into a release branch in compliance with the [commit policy](https://nixos.org/nixpkgs/manual/#submitting-changes-stable-release-branches).
1. Take note of the commit in which the change was introduced into `master`. 1. Take note of the commits in which the change was introduced into `master` branch.
2. Check out the target _release branch_, e.g. `release-19.09`. Do not use a _channel branch_ like `nixos-19.09` or `nixpkgs-19.09`. 2. Check out the target _release branch_, e.g. `release-20.03`. Do not use a _channel branch_ like `nixos-20.03` or `nixpkgs-20.03`.
3. Use `git cherry-pick -x <original commit>`. 3. Create a branch for your change, e.g. `git checkout -b backport`.
4. Open your backport PR. Make sure to select the release branch (e.g. `release-19.09`) as the target branch of the PR, and link to the PR in which the original change was made to `master`. 4. When the reason to backport is not obvious from the original commit message, use `git cherry-pick -xe <original commit>` and add a reason. Otherwise use `git cherry-pick -x <original commit>`. That's fine for minor version updates that only include security and bug fixes, commits that fixes an otherwise broken package or similar.
5. Push to GitHub and open a backport pull request. Make sure to select the release branch (e.g. `release-20.03`) as the target branch of the pull request, and link to the pull request in which the original change was comitted to `master`. The pull request title should be the commit title with the release version as prefix, e.g. `[20.03]`.
## Reviewing contributions ## Reviewing contributions

6
.github/ISSUE_TEMPLATE/bug_report.md vendored
View File

@ -25,6 +25,12 @@ If applicable, add screenshots to help explain your problem.
**Additional context** **Additional context**
Add any other context about the problem here. Add any other context about the problem here.
**Notify maintainers**
<!--
Please @ people who are in the `meta.maintainers` list of the offending package or module.
If in doubt, check `git blame` for whoever last touched something.
-->
**Metadata** **Metadata**
Please run `nix-shell -p nix-info --run "nix-info -m"` and paste the result. Please run `nix-shell -p nix-info --run "nix-info -m"` and paste the result.

11
.github/PULL_REQUEST_TEMPLATE.md vendored
View File

@ -1,4 +1,13 @@
<!-- Nixpkgs has a lot of new incoming Pull Requests, but not enough people to review this constant stream. Even if you aren't a committer, we would appreciate reviews of other PRs, especially simple ones like package updates. Just testing the relevant package/service and leaving a comment saying what you tested, how you tested it and whether it worked would be great. List of open PRs: <https://github.com/NixOS/nixpkgs/pulls>, for more about reviewing contributions: <https://hydra.nixos.org/job/nixpkgs/trunk/manual/latest/download/1/nixpkgs/manual.html#chap-reviewing-contributions>. Reviewing isn't mandatory, but it would help out a lot and reduce the average time-to-merge for all of us. Thanks a lot if you do! --> <!--
To help with the large amounts of pull requests, we would appreciate your
reviews of other pull requests, especially simple package updates. Just leave a
comment describing what you have tested in the relevant package/service.
Reviewing helps to reduce the average time-to-merge for everyone.
Thanks a lot if you do!
List of open PRs: https://github.com/NixOS/nixpkgs/pulls
Reviewing guidelines: https://hydra.nixos.org/job/nixpkgs/trunk/manual/latest/download/1/nixpkgs/manual.html#chap-reviewing-contributions
-->
###### Motivation for this change ###### Motivation for this change

4
.gitignore vendored
View File

@ -11,7 +11,11 @@ result-*
.version-suffix .version-suffix
.DS_Store .DS_Store
.mypy_cache
/pkgs/development/libraries/qt-5/*/tmp/ /pkgs/development/libraries/qt-5/*/tmp/
/pkgs/desktops/kde-5/*/tmp/ /pkgs/desktops/kde-5/*/tmp/
/pkgs/development/mobile/androidenv/xml/* /pkgs/development/mobile/androidenv/xml/*
# generated by pkgs/common-updater/update-script.nix
update-git-commits.txt

4
README.md
View File

@ -45,9 +45,9 @@ Nixpkgs and NixOS are built and tested by our continuous integration
system, [Hydra](https://hydra.nixos.org/). system, [Hydra](https://hydra.nixos.org/).
* [Continuous package builds for unstable/master](https://hydra.nixos.org/jobset/nixos/trunk-combined) * [Continuous package builds for unstable/master](https://hydra.nixos.org/jobset/nixos/trunk-combined)
* [Continuous package builds for the NixOS 19.09 release](https://hydra.nixos.org/jobset/nixos/release-19.09) * [Continuous package builds for the NixOS 20.03 release](https://hydra.nixos.org/jobset/nixos/release-20.03)
* [Tests for unstable/master](https://hydra.nixos.org/job/nixos/trunk-combined/tested#tabs-constituents) * [Tests for unstable/master](https://hydra.nixos.org/job/nixos/trunk-combined/tested#tabs-constituents)
* [Tests for the NixOS 19.09 release](https://hydra.nixos.org/job/nixos/release-19.09/tested#tabs-constituents) * [Tests for the NixOS 20.03 release](https://hydra.nixos.org/job/nixos/release-20.03/tested#tabs-constituents)
Artifacts successfully built with Hydra are published to cache at Artifacts successfully built with Hydra are published to cache at
https://cache.nixos.org/. When successful build and test criteria are https://cache.nixos.org/. When successful build and test criteria are

2
doc/builders/images/appimagetools.xml
View File

@ -63,7 +63,7 @@ type2.AppImage: ELF 64-bit LSB executable, x86-64, version 1 (SYSV) (Lepton 3.x)
appimageTools.wrapType2 { # or wrapType1 appimageTools.wrapType2 { # or wrapType1
name = "patchwork"; <co xml:id='ex-appimageTools-wrapping-1' /> name = "patchwork"; <co xml:id='ex-appimageTools-wrapping-1' />
src = fetchurl { <co xml:id='ex-appimageTools-wrapping-2' /> src = fetchurl { <co xml:id='ex-appimageTools-wrapping-2' />
url = https://github.com/ssbc/patchwork/releases/download/v3.11.4/Patchwork-3.11.4-linux-x86_64.AppImage; url = "https://github.com/ssbc/patchwork/releases/download/v3.11.4/Patchwork-3.11.4-linux-x86_64.AppImage";
sha256 = "1blsprpkvm0ws9b96gb36f0rbf8f5jgmw4x6dsb1kswr4ysf591s"; sha256 = "1blsprpkvm0ws9b96gb36f0rbf8f5jgmw4x6dsb1kswr4ysf591s";
}; };
extraPkgs = pkgs: with pkgs; [ ]; <co xml:id='ex-appimageTools-wrapping-3' /> extraPkgs = pkgs: with pkgs; [ ]; <co xml:id='ex-appimageTools-wrapping-3' />

48
doc/contributing/submitting-changes.xml
View File

@ -407,23 +407,47 @@ Additional information.
<section xml:id="submitting-changes-stable-release-branches"> <section xml:id="submitting-changes-stable-release-branches">
<title>Stable release branches</title> <title>Stable release branches</title>
<itemizedlist> <para>
For cherry-picking a commit to a stable release branch (<quote>backporting</quote>), use <literal>git cherry-pick -x &lt;original commit&gt;</literal> so that the original commit id is included in the commit.
</para>
<para>
Add a reason for the backport by using <literal>git cherry-pick -xe &lt;original commit&gt;</literal> instead when it is not obvious from the original commit message. It is not needed when its a minor version update that includes security and bug fixes but dont add new features or when the commit fixes an otherwise broken package.
</para>
<para>
Here is an example of a cherry-picked commit message with good reason description:
</para>
<screen>
zfs: Keep trying root import until it works
Works around #11003.
(cherry picked from commit 98b213a11041af39b39473906b595290e2a4e2f9)
Reason: several people cannot boot with ZFS on NVMe
</screen>
<para>
Other examples of reasons are:
</para>
<itemizedlist spacing="compact">
<listitem> <listitem>
<para> <para>
If you're cherry-picking a commit to a stable release branch (“backporting”), always use <command>git cherry-pick -xe</command> and ensure the message contains a clear description about why this needs to be included in the stable branch. Previously the build would fail due to, e.g., <literal>getaddrinfo</literal> not being defined
</para> </para>
</listitem>
<listitem>
<para> <para>
An example of a cherry-picked commit would look like this: The previous download links were all broken
</para>
</listitem>
<listitem>
<para>
Crash when starting on some X11 systems
</para> </para>
<screen>
nixos: Refactor the world.
The original commit message describing the reason why the world was torn apart.
(cherry picked from commit abcdef)
Reason: I just had a gut feeling that this would also be wanted by people from
the stone age.
</screen>
</listitem> </listitem>
</itemizedlist> </itemizedlist>
</section> </section>

4
doc/languages-frameworks/android.section.md
View File

@ -186,7 +186,7 @@ with import <nixpkgs> {};
androidenv.emulateApp { androidenv.emulateApp {
name = "emulate-MyAndroidApp"; name = "emulate-MyAndroidApp";
platformVersion = "28"; platformVersion = "28";
abiVersion = "x86_64"; # armeabi-v7a, mips, x86 abiVersion = "x86"; # armeabi-v7a, mips, x86_64
systemImageType = "google_apis_playstore"; systemImageType = "google_apis_playstore";
} }
``` ```
@ -235,5 +235,5 @@ package manager uses. To update the expressions run the `generate.sh` script
that is stored in the `pkgs/development/mobile/androidenv/` sub directory: that is stored in the `pkgs/development/mobile/androidenv/` sub directory:
```bash ```bash
sh ./generate.sh ./generate.sh
``` ```

12
doc/languages-frameworks/haskell.section.md
View File

@ -101,17 +101,15 @@ to compile your Haskell packages with any GHC version you please. The following
command displays the complete list of available compilers: command displays the complete list of available compilers:
``` ```
$ nix-env -f "<nixpkgs>" -qaP -A haskell.compiler $ nix-env -f "<nixpkgs>" -qaP -A haskell.compiler
haskell.compiler.ghc8101 ghc-8.10.0.20191210 haskell.compiler.ghc8101 ghc-8.10.1
haskell.compiler.integer-simple.ghc8101 ghc-8.10.0.20191210 haskell.compiler.integer-simple.ghc8101 ghc-8.10.1
haskell.compiler.ghcHEAD ghc-8.10.20191119 haskell.compiler.ghcHEAD ghc-8.11.20200403
haskell.compiler.integer-simple.ghcHEAD ghc-8.10.20191119 haskell.compiler.integer-simple.ghcHEAD ghc-8.11.20200403
haskell.compiler.ghc822Binary ghc-8.2.2-binary haskell.compiler.ghc822Binary ghc-8.2.2-binary
haskell.compiler.ghc844 ghc-8.4.4 haskell.compiler.ghc844 ghc-8.4.4
haskell.compiler.ghc863Binary ghc-8.6.3-binary haskell.compiler.ghc863Binary ghc-8.6.3-binary
haskell.compiler.ghc865 ghc-8.6.5 haskell.compiler.ghc865 ghc-8.6.5
haskell.compiler.integer-simple.ghc865 ghc-8.6.5 haskell.compiler.integer-simple.ghc865 ghc-8.6.5
haskell.compiler.ghc881 ghc-8.8.1
haskell.compiler.integer-simple.ghc881 ghc-8.8.1
haskell.compiler.ghc882 ghc-8.8.2 haskell.compiler.ghc882 ghc-8.8.2
haskell.compiler.integer-simple.ghc882 ghc-8.8.2 haskell.compiler.integer-simple.ghc882 ghc-8.8.2
haskell.compiler.ghc883 ghc-8.8.3 haskell.compiler.ghc883 ghc-8.8.3
@ -369,7 +367,7 @@ automatically select the right version of GHC and other build tools to build,
test and execute apps in an existing project downloaded from somewhere on the test and execute apps in an existing project downloaded from somewhere on the
Internet. Pass the `--nix` flag to any `stack` command to do so, e.g. Internet. Pass the `--nix` flag to any `stack` command to do so, e.g.
```shell ```shell
git clone --recursive https://github.com/yesodweb/wai git clone --recurse-submodules https://github.com/yesodweb/wai.git
cd wai cd wai
stack --nix build stack --nix build
``` ```

123
doc/languages-frameworks/php.section.md Normal file
View File

@ -0,0 +1,123 @@
# PHP
## User Guide
### Using PHP
#### Overview
Several versions of PHP are available on Nix, each of which having a
wide variety of extensions and libraries available.
The different versions of PHP that nixpkgs provides are located under
attributes named based on major and minor version number; e.g.,
`php74` is PHP 7.4.
Only versions of PHP that are supported by upstream for the entirety
of a given NixOS release will be included in that release of
NixOS. See [PHP Supported
Versions](https://www.php.net/supported-versions.php).
The attribute `php` refers to the version of PHP considered most
stable and thoroughly tested in nixpkgs for any given release of
NixOS - not necessarily the latest major release from upstream.
All available PHP attributes are wrappers around their respective
binary PHP package and provide commonly used extensions this way. The
real PHP 7.4 package, i.e. the unwrapped one, is available as
`php74.unwrapped`; see the next section for more details.
Interactive tools built on PHP are put in `php.packages`; composer is
for example available at `php.packages.composer`.
Most extensions that come with PHP, as well as some popular
third-party ones, are available in `php.extensions`; for example, the
opcache extension shipped with PHP is available at
`php.extensions.opcache` and the third-party ImageMagick extension at
`php.extensions.imagick`.
#### Installing PHP with extensions
A PHP package with specific extensions enabled can be built using
`php.withExtensions`. This is a function which accepts an anonymous
function as its only argument; the function should accept two named
parameters: `enabled` - a list of currently enabled extensions and
`all` - the set of all extensions, and return a list of wanted
extensions. For example, a PHP package with all default extensions and
ImageMagick enabled:
```nix
php.withExtensions ({ enabled, all }:
enabled ++ [ all.imagick ])
```
To exclude some, but not all, of the default extensions, you can
filter the `enabled` list like this:
```nix
php.withExtensions ({ enabled, all }:
(lib.filter (e: e != php.extensions.opcache) enabled)
++ [ all.imagick ])
```
To build your list of extensions from the ground up, you can simply
ignore `enabled`:
```nix
php.withExtensions ({ all, ... }: with all; [ opcache imagick ])
```
`php.withExtensions` provides extensions by wrapping a minimal php
base package, providing a `php.ini` file listing all extensions to be
loaded. You can access this package through the `php.unwrapped`
attribute; useful if you, for example, need access to the `dev`
output. The generated `php.ini` file can be accessed through the
`php.phpIni` attribute.
If you want a PHP build with extra configuration in the `php.ini`
file, you can use `php.buildEnv`. This function takes two named and
optional parameters: `extensions` and `extraConfig`. `extensions`
takes an extension specification equivalent to that of
`php.withExtensions`, `extraConfig` a string of additional `php.ini`
configuration parameters. For example, a PHP package with the opcache
and ImageMagick extensions enabled, and `memory_limit` set to `256M`:
```nix
php.buildEnv {
extensions = { all, ... }: with all; [ imagick opcache ];
extraConfig = "memory_limit=256M";
}
```
##### Example setup for `phpfpm`
You can use the previous examples in a `phpfpm` pool called `foo` as
follows:
```nix
let
myPhp = php.withExtensions ({ all, ... }: with all; [ opcache imagick ]);
in {
services.phpfpm.pools."foo".phpPackage = myPhp;
};
```
```nix
let
myPhp = php.buildEnv {
extensions = { all, ... }: with all; [ imagick opcache ];
extraConfig = "memory_limit=256M";
};
in {
services.phpfpm.pools."foo".phpPackage = myPhp;
};
```
##### Example usage with `nix-shell`
This brings up a temporary environment that contains a PHP interpreter
with the extensions `imagick` and `opcache` enabled:
```sh
nix-shell -p 'php.withExtensions ({ all, ... }: with all; [ imagick opcache ])'
```

31
doc/languages-frameworks/python.section.md
View File

@ -412,7 +412,7 @@ buildPythonPackage rec {
meta = with lib; { meta = with lib; {
description = "A pythonic wrapper around FFTW, the FFT library, presenting a unified interface for all the supported transforms"; description = "A pythonic wrapper around FFTW, the FFT library, presenting a unified interface for all the supported transforms";
homepage = http://hgomersall.github.com/pyFFTW; homepage = "http://hgomersall.github.com/pyFFTW";
license = with licenses; [ bsd2 bsd3 ]; license = with licenses; [ bsd2 bsd3 ];
maintainers = with maintainers; [ fridh ]; maintainers = with maintainers; [ fridh ];
}; };
@ -1290,32 +1290,9 @@ self: super: {
### How to use Intel's MKL with numpy and scipy? ### How to use Intel's MKL with numpy and scipy?
A `site.cfg` is created that configures BLAS based on the `blas` parameter of MKL can be configured using an overlay. See the section “[Using
the `numpy` derivation. By passing in `mkl`, `numpy` and packages depending on overlays to configure
`numpy` will be built with `mkl`. alternatives](#sec-overlays-alternatives-blas-lapack)”.
The following is an overlay that configures `numpy` to use `mkl`:
```nix
self: super: {
python37 = super.python37.override {
packageOverrides = python-self: python-super: {
numpy = python-super.numpy.override {
blas = super.pkgs.mkl;
};
};
};
}
```
`mkl` requires an `openmp` implementation when running with multiple processors.
By default, `mkl` will use Intel's `iomp` implementation if no other is
specified, but this is a runtime-only dependency and binary compatible with the
LLVM implementation. To use that one instead, Intel recommends users set it with
`LD_PRELOAD`.
Note that `mkl` is only available on `x86_64-{linux,darwin}` platforms;
moreover, Hydra is not building and distributing pre-compiled binaries using it.
### What inputs do `setup_requires`, `install_requires` and `tests_require` map to? ### What inputs do `setup_requires`, `install_requires` and `tests_require` map to?

4
doc/languages-frameworks/ruby.xml
View File

@ -32,7 +32,7 @@ bundlerEnv rec {
meta = with lib; { meta = with lib; {
description = "A monitoring framework that aims to be simple, malleable, and scalable"; description = "A monitoring framework that aims to be simple, malleable, and scalable";
homepage = http://sensuapp.org/; homepage = "http://sensuapp.org/";
license = with licenses; mit; license = with licenses; mit;
maintainers = with maintainers; [ theuni ]; maintainers = with maintainers; [ theuni ];
platforms = platforms.unix; platforms = platforms.unix;
@ -69,7 +69,7 @@ bundlerApp {
meta = with lib; { meta = with lib; {
description = "Tool and libraries for maintaining Ruby gems."; description = "Tool and libraries for maintaining Ruby gems.";
homepage = https://github.com/nyarly/corundum; homepage = "https://github.com/nyarly/corundum";
license = licenses.mit; license = licenses.mit;
maintainers = [ maintainers.nyarly ]; maintainers = [ maintainers.nyarly ];
platforms = platforms.unix; platforms = platforms.unix;

6
doc/languages-frameworks/rust.section.md
View File

@ -60,9 +60,9 @@ Nix depends on this file, so if it missing you can use `cargoPatches` to apply
it in the `patchPhase`. Consider sending a PR upstream with a note to the it in the `patchPhase`. Consider sending a PR upstream with a note to the
maintainer describing why it's important to include in the application. maintainer describing why it's important to include in the application.
Unless `legacyCargoFetcher` is set to `true`, the fetcher will also verify that The fetcher will verify that the `Cargo.lock` file is in sync with the `src`
the `Cargo.lock` file is in sync with the `src` attribute, and will compress the attribute, and fail the build if not. It will also will compress the vendor
vendor directory into a tar.gz archive. directory into a tar.gz archive.
### Building a crate for a different target ### Building a crate for a different target

27
doc/languages-frameworks/texlive.xml
View File

@ -149,31 +149,4 @@ EOF
]]></programlisting> ]]></programlisting>
</para> </para>
</section> </section>
<section xml:id="sec-language-texlive-known-problems">
<title>Known problems</title>
<itemizedlist>
<listitem>
<para>
Some tools are still missing, e.g. luajittex;
</para>
</listitem>
<listitem>
<para>
some apps aren't packaged/tested yet (asymptote, biber, etc.);
</para>
</listitem>
<listitem>
<para>
feature/bug: when a package is rejected by <varname>pkgFilter</varname>, its dependencies are still propagated;
</para>
</listitem>
<listitem>
<para>
in case of any bugs or feature requests, file a github issue or better a pull request and /cc @vcunat.
</para>
</listitem>
</itemizedlist>
</section>
</section> </section>

7
doc/languages-frameworks/vim.section.md
View File

@ -261,12 +261,7 @@ deoplete-fish = super.deoplete-fish.overrideAttrs(old: {
Sometimes plugins require an override that must be changed when the plugin is updated. This can cause issues when Vim plugins are auto-updated but the associated override isn't updated. For these plugins, the override should be written so that it specifies all information required to install the plugin, and running `./update.py` doesn't change the derivation for the plugin. Manually updating the override is required to update these types of plugins. An example of such a plugin is `LanguageClient-neovim`. Sometimes plugins require an override that must be changed when the plugin is updated. This can cause issues when Vim plugins are auto-updated but the associated override isn't updated. For these plugins, the override should be written so that it specifies all information required to install the plugin, and running `./update.py` doesn't change the derivation for the plugin. Manually updating the override is required to update these types of plugins. An example of such a plugin is `LanguageClient-neovim`.
To add a new plugin: To add a new plugin, run `./update.py --add "[owner]/[name]"`. **NOTE**: This script automatically commits to your git repository. Be sure to check out a fresh branch before running.
1. run `./update.py` and create a commit named "vimPlugins: Update",
2. add the new plugin to [vim-plugin-names](/pkgs/misc/vim-plugins/vim-plugin-names) and add overrides if required to [overrides.nix](/pkgs/misc/vim-plugins/overrides.nix),
3. run `./update.py` again and create a commit named "vimPlugins.[name]: init at [version]" (where `name` and `version` can be found in [generated.nix](/pkgs/misc/vim-plugins/generated.nix)), and
4. create a pull request.
## Important repositories ## Important repositories

4
doc/old/cross.txt
View File

@ -60,7 +60,7 @@ stdenv.mkDerivation {
name = "binutils-2.16.1-arm"; name = "binutils-2.16.1-arm";
builder = ./builder.sh; builder = ./builder.sh;
src = fetchurl { src = fetchurl {
url = http://ftp.nluug.nl/gnu/binutils/binutils-2.16.1.tar.bz2; url = "http://ftp.nluug.nl/gnu/binutils/binutils-2.16.1.tar.bz2";
sha256 = "1ian3kwh2vg6hr3ymrv48s04gijs539vzrq62xr76bxbhbwnz2np"; sha256 = "1ian3kwh2vg6hr3ymrv48s04gijs539vzrq62xr76bxbhbwnz2np";
}; };
inherit noSysDirs; inherit noSysDirs;
@ -84,7 +84,7 @@ stdenv.mkDerivation {
name = "linux-headers-2.6.13.1-arm"; name = "linux-headers-2.6.13.1-arm";
builder = ./builder.sh; builder = ./builder.sh;
src = fetchurl { src = fetchurl {
url = http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.13.1.tar.bz2; url = "http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.13.1.tar.bz2";
sha256 = "12qxmc827fjhaz53kjy7vyrzsaqcg78amiqsb3qm20z26w705lma"; sha256 = "12qxmc827fjhaz53kjy7vyrzsaqcg78amiqsb3qm20z26w705lma";
}; };
} }

2
doc/preface.chapter.md
View File

@ -37,7 +37,7 @@ security updates. More up to date packages and modules are available via the
Both `nixos-unstable` and `nixpkgs` follow the `master` branch of the Nixpkgs Both `nixos-unstable` and `nixpkgs` follow the `master` branch of the Nixpkgs
repository, although both do lag the `master` branch by generally repository, although both do lag the `master` branch by generally
[a couple of days](https://howoldis.herokuapp.com/). Updates to a channel are [a couple of days](https://status.nixos.org/). Updates to a channel are
distributed as soon as all tests for that channel pass, e.g. distributed as soon as all tests for that channel pass, e.g.
[this table](https://hydra.nixos.org/job/nixpkgs/trunk/unstable#tabs-constituents) [this table](https://hydra.nixos.org/job/nixpkgs/trunk/unstable#tabs-constituents)
shows the status of tests for the `nixpkgs` channel. shows the status of tests for the `nixpkgs` channel.

2
doc/release-notes.xml
View File

@ -190,7 +190,7 @@ preConfigure = "configureFlagsArray=(\"CFLAGS=-O0 -g\")";</programlisting>
The function <function>fetchurl</function> now has support for two different kinds of mirroring of files. First, it has support for <emphasis>content-addressable mirrors</emphasis>. For example, given the <function>fetchurl</function> call The function <function>fetchurl</function> now has support for two different kinds of mirroring of files. First, it has support for <emphasis>content-addressable mirrors</emphasis>. For example, given the <function>fetchurl</function> call
<programlisting> <programlisting>
fetchurl { fetchurl {
url = http://releases.mozilla.org/<replaceable>...</replaceable>/firefox-2.0.0.6-source.tar.bz2; url = "http://releases.mozilla.org/<replaceable>...</replaceable>/firefox-2.0.0.6-source.tar.bz2";
sha1 = "eb72f55e4a8bf08e8c6ef227c0ade3d068ba1082"; sha1 = "eb72f55e4a8bf08e8c6ef227c0ade3d068ba1082";
}</programlisting> }</programlisting>
<function>fetchurl</function> will first try to download this file from <link <function>fetchurl</function> will first try to download this file from <link

2
doc/stdenv/multiple-output.xml
View File

@ -106,7 +106,7 @@
</para> </para>
<para> <para>
The reason for why <literal>glibc</literal> deviates from the convention is because referencing a library provided by <literal>glibc</literal> is a very common operation among Nix packages. For instance, third-party executables packaged by Nix are typically patched and relinked with the relevant version of <literal>glibc</literal> libraries from Nix packages (please see the documentation on <link xlink:href="https://nixos.org/patchelf.html">patchelf</link> for more details). The reason for why <literal>glibc</literal> deviates from the convention is because referencing a library provided by <literal>glibc</literal> is a very common operation among Nix packages. For instance, third-party executables packaged by Nix are typically patched and relinked with the relevant version of <literal>glibc</literal> libraries from Nix packages (please see the documentation on <link xlink:href="https://github.com/NixOS/patchelf/blob/master/README">patchelf</link> for more details).
</para> </para>
</section> </section>

14
doc/stdenv/stdenv.xml
View File

@ -14,7 +14,7 @@
stdenv.mkDerivation { stdenv.mkDerivation {
name = "libfoo-1.2.3"; name = "libfoo-1.2.3";
src = fetchurl { src = fetchurl {
url = http://example.org/libfoo-1.2.3.tar.bz2; url = "http://example.org/libfoo-1.2.3.tar.bz2";
sha256 = "0x2g1jqygyr5wiwg4ma1nd7w4ydpy82z9gkcv8vh2v8dn3y58v5m"; sha256 = "0x2g1jqygyr5wiwg4ma1nd7w4ydpy82z9gkcv8vh2v8dn3y58v5m";
}; };
}</programlisting> }</programlisting>
@ -727,6 +727,16 @@ passthru.updateScript = [ ../../update.sh pname "--requested-release=unstable" ]
<variablelist> <variablelist>
<title>Variables controlling the patch phase</title> <title>Variables controlling the patch phase</title>
<varlistentry>
<term>
<varname>dontPatch</varname>
</term>
<listitem>
<para>
Set to true to skip the patch phase.
</para>
</listitem>
</varlistentry>
<varlistentry> <varlistentry>
<term> <term>
<varname>patches</varname> <varname>patches</varname>
@ -1295,7 +1305,7 @@ installTargets = "install-bin install-doc";</programlisting>
</term> </term>
<listitem> <listitem>
<para> <para>
List of directories to search for libraries and executables from which only debugging-related symbols should be stripped. It defaults to <literal>lib bin sbin</literal>. List of directories to search for libraries and executables from which only debugging-related symbols should be stripped. It defaults to <literal>lib lib32 lib64 libexec bin sbin</literal>.
</para> </para>
</listitem> </listitem>
</varlistentry> </varlistentry>

125
doc/using/overlays.xml
View File

@ -137,4 +137,129 @@ self: super:
Overlays are similar to other methods for customizing Nixpkgs, in particular the <literal>packageOverrides</literal> attribute described in <xref linkend="sec-modify-via-packageOverrides"/>. Indeed, <literal>packageOverrides</literal> acts as an overlay with only the <varname>super</varname> argument. It is therefore appropriate for basic use, but overlays are more powerful and easier to distribute. Overlays are similar to other methods for customizing Nixpkgs, in particular the <literal>packageOverrides</literal> attribute described in <xref linkend="sec-modify-via-packageOverrides"/>. Indeed, <literal>packageOverrides</literal> acts as an overlay with only the <varname>super</varname> argument. It is therefore appropriate for basic use, but overlays are more powerful and easier to distribute.
</para> </para>
</section> </section>
<section xml:id="sec-overlays-alternatives">
<title>Using overlays to configure alternatives</title>
<para>
Certain software packages have different implementations of the
same interface. Other distributions have functionality to switch
between these. For example, Debian provides <link
xlink:href="https://wiki.debian.org/DebianAlternatives">DebianAlternatives</link>.
Nixpkgs has what we call <literal>alternatives</literal>, which
are configured through overlays.
</para>
<section xml:id="sec-overlays-alternatives-blas-lapack">
<title>BLAS/LAPACK</title>
<para>
In Nixpkgs, we have multiple implementations of the BLAS/LAPACK
numerical linear algebra interfaces. They are:
</para>
<itemizedlist>
<listitem>
<para>
<link xlink:href="https://www.openblas.net/">OpenBLAS</link>
</para>
<para>
The Nixpkgs attribute is <literal>openblas</literal> for
ILP64 (integer width = 64 bits) and
<literal>openblasCompat</literal> for LP64 (integer width =
32 bits). <literal>openblasCompat</literal> is the default.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="http://www.netlib.org/lapack/">LAPACK
reference</link> (also provides BLAS)
</para>
<para>
The Nixpkgs attribute is <literal>lapack-reference</literal>.
</para>
</listitem>
<listitem>
<para>
<link
xlink:href="https://software.intel.com/en-us/mkl">Intel
MKL</link> (only works on x86 architecture, unfree)
</para>
<para>
The Nixpkgs attribute is <literal>mkl</literal>.
</para>
</listitem>
</itemizedlist>
<para>
Introduced in <link
xlink:href="https://github.com/NixOS/nixpkgs/pull/83888">PR
#83888</link>, we are able to override the blas and lapack
packages to use different implementations, through the
blasProvider and lapackProvider argument. This can be used
to select a different provider. BLAS providers will have
symlinks in <literal>$out/lib/libblas.so.3</literal> and
<literal>$out/lib/libcblas.so.3</literal> to their respective
BLAS libraries. Likewise, LAPACK providers will have symlinks
in <literal>$out/lib/liblapack.so.3</literal> and
<literal>$out/lib/liblapacke.so.3</literal> to their respective
LAPCK libraries. For example, Intel MKL is both a BLAS and
LAPACK provider. An overlay can be created to use Intel MKL
that looks like:
</para>
<programlisting>
self: super:
{
blas = super.blas.override {
blasProvider = self.mkl;
}
lapack = super.lapack.override {
lapackProvider = self.mkl;
}
}
</programlisting>
<para>
This overlay uses Intels MKL library for both BLAS and LAPACK
interfaces. Note that the same can be accomplished at runtime
using <literal>LD_LIBRARY_PATH</literal> of libblas.so.3 and
liblapack.so.3. For instance:
</para>
<programlisting>
$ LD_LIBRARY_PATH=$(nix-build -A mkl)/lib:$LD_LIBRARY_PATH nix-shell -p octave --run octave
</programlisting>
<para>
Intel MKL requires an <literal>openmp</literal> implementation
when running with multiple processors. By default,
<literal>mkl</literal> will use Intels <literal>iomp</literal>
implementation if no other is specified, but this is a
runtime-only dependency and binary compatible with the LLVM
implementation. To use that one instead, Intel recommends users
set it with <literal>LD_PRELOAD</literal>. Note that
<literal>mkl</literal> is only available on
<literal>x86_64-linux</literal> and
<literal>x86_64-darwin</literal>. Moreover, Hydra is not
building and distributing pre-compiled binaries using it.
</para>
<para>
For BLAS/LAPACK switching to work correctly, all packages must
depend on <literal>blas</literal> or <literal>lapack</literal>.
This ensures that only one BLAS/LAPACK library is used at one
time. There are two versions versions of BLAS/LAPACK currently
in the wild, <literal>LP64</literal> (integer size = 32 bits)
and <literal>ILP64</literal> (integer size = 64 bits). Some
software needs special flags or patches to work with
<literal>ILP64</literal>. You can check if
<literal>ILP64</literal> is used in Nixpkgs with
<varname>blas.isILP64</varname> and
<varname>lapack.isILP64</varname>. Some software does NOT work
with <literal>ILP64</literal>, and derivations need to specify
an assertion to prevent this. You can prevent
<literal>ILP64</literal> from being used with the following:
</para>
<programlisting>
{ stdenv, blas, lapack, ... }:
assert (!blas.isILP64) &amp;&amp; (!lapack.isILP64);
stdenv.mkDerivation {
...
}
</programlisting>
</section>
</section>
</chapter> </chapter>

2
flake.nix
View File

@ -25,7 +25,7 @@
import ./nixos/lib/eval-config.nix (args // { import ./nixos/lib/eval-config.nix (args // {
modules = modules ++ modules = modules ++
[ { system.nixos.versionSuffix = [ { system.nixos.versionSuffix =
".${lib.substring 0 8 self.lastModified}.${self.shortRev or "dirty"}"; ".${lib.substring 0 8 (self.lastModifiedDate or self.lastModified)}.${self.shortRev or "dirty"}";
system.nixos.revision = lib.mkIf (self ? rev) self.rev; system.nixos.revision = lib.mkIf (self ? rev) self.rev;
} }
]; ];

4
lib/attrsets.nix
View File

@ -4,7 +4,7 @@
let let
inherit (builtins) head tail length; inherit (builtins) head tail length;
inherit (lib.trivial) and; inherit (lib.trivial) and;
inherit (lib.strings) concatStringsSep; inherit (lib.strings) concatStringsSep sanitizeDerivationName;
inherit (lib.lists) fold concatMap concatLists; inherit (lib.lists) fold concatMap concatLists;
in in
@ -310,7 +310,7 @@ rec {
path' = builtins.storePath path; path' = builtins.storePath path;
res = res =
{ type = "derivation"; { type = "derivation";
name = builtins.unsafeDiscardStringContext (builtins.substring 33 (-1) (baseNameOf path')); name = sanitizeDerivationName (builtins.substring 33 (-1) (baseNameOf path'));
outPath = path'; outPath = path';
outputs = [ "out" ]; outputs = [ "out" ];
out = res; out = res;

2
lib/default.nix
View File

@ -141,7 +141,7 @@ let
mergeAttrsWithFunc mergeAttrsConcatenateValues mergeAttrsWithFunc mergeAttrsConcatenateValues
mergeAttrsNoOverride mergeAttrByFunc mergeAttrsByFuncDefaults mergeAttrsNoOverride mergeAttrByFunc mergeAttrsByFuncDefaults
mergeAttrsByFuncDefaultsClean mergeAttrBy mergeAttrsByFuncDefaultsClean mergeAttrBy
fakeSha256 fakeSha512 fakeSri fakeSha256 fakeSha512
nixType imap; nixType imap;
inherit (versions) inherit (versions)
splitVersion; splitVersion;

1
lib/deprecated.nix
View File

@ -272,6 +272,7 @@ rec {
imap = imap1; imap = imap1;
# Fake hashes. Can be used as hash placeholders, when computing hash ahead isn't trivial # Fake hashes. Can be used as hash placeholders, when computing hash ahead isn't trivial
fakeSri = "sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=";
fakeSha256 = "0000000000000000000000000000000000000000000000000000000000000000"; fakeSha256 = "0000000000000000000000000000000000000000000000000000000000000000";
fakeSha512 = "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"; fakeSha512 = "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000";
} }

53
lib/generators.nix
View File

@ -126,6 +126,59 @@ rec {
# map input to ini sections # map input to ini sections
mapAttrsToStringsSep "\n" mkSection attrsOfAttrs; mapAttrsToStringsSep "\n" mkSection attrsOfAttrs;
/* Generate a git-config file from an attrset.
*
* It has two major differences from the regular INI format:
*
* 1. values are indented with tabs
* 2. sections can have sub-sections
*
* generators.toGitINI {
* url."ssh://git@github.com/".insteadOf = "https://github.com";
* user.name = "edolstra";
* }
*
*> [url "ssh://git@github.com/"]
*> insteadOf = https://github.com/
*>
*> [user]
*> name = edolstra
*/
toGitINI = attrs:
with builtins;
let
mkSectionName = name:
let
containsQuote = libStr.hasInfix ''"'' name;
sections = libStr.splitString "." name;
section = head sections;
subsections = tail sections;
subsection = concatStringsSep "." subsections;
in if containsQuote || subsections == [ ] then
name
else
''${section} "${subsection}"'';
# generation for multiple ini values
mkKeyValue = k: v:
let mkKeyValue = mkKeyValueDefault { } " = " k;
in concatStringsSep "\n" (map (kv: "\t" + mkKeyValue kv) (lib.toList v));
# converts { a.b.c = 5; } to { "a.b".c = 5; } for toINI
gitFlattenAttrs = let
recurse = path: value:
if isAttrs value then
lib.mapAttrsToList (name: value: recurse ([ name ] ++ path) value) value
else if length path > 1 then {
${concatStringsSep "." (lib.reverseList (tail path))}.${head path} = value;
} else {
${head path} = value;
};
in attrs: lib.foldl lib.recursiveUpdate { } (lib.flatten (recurse [ ] attrs));
toINI_ = toINI { inherit mkKeyValue mkSectionName; };
in
toINI_ (gitFlattenAttrs attrs);
/* Generates JSON from an arbitrary (non-function) value. /* Generates JSON from an arbitrary (non-function) value.
* For more information see the documentation of the builtin. * For more information see the documentation of the builtin.

81
lib/licenses.nix
View File

@ -2,7 +2,7 @@
let let
spdx = lic: lic // { spdx = lic: lic // {
url = "http://spdx.org/licenses/${lic.spdxId}.html"; url = "https://spdx.org/licenses/${lic.spdxId}.html";
}; };
in in
@ -40,13 +40,13 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
amazonsl = { amazonsl = {
fullName = "Amazon Software License"; fullName = "Amazon Software License";
url = http://aws.amazon.com/asl/; url = "https://aws.amazon.com/asl/";
free = false; free = false;
}; };
amd = { amd = {
fullName = "AMD License Agreement"; fullName = "AMD License Agreement";
url = http://developer.amd.com/amd-license-agreement/; url = "https://developer.amd.com/amd-license-agreement/";
free = false; free = false;
}; };
@ -57,7 +57,7 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
arphicpl = { arphicpl = {
fullName = "Arphic Public License"; fullName = "Arphic Public License";
url = https://www.freedesktop.org/wiki/Arphic_Public_License/; url = "https://www.freedesktop.org/wiki/Arphic_Public_License/";
}; };
artistic1 = spdx { artistic1 = spdx {
@ -107,7 +107,7 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
bsl11 = { bsl11 = {
fullName = "Business Source License 1.1"; fullName = "Business Source License 1.1";
url = https://mariadb.com/bsl11; url = "https://mariadb.com/bsl11";
free = false; free = false;
}; };
@ -230,7 +230,7 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
eapl = { eapl = {
fullName = "EPSON AVASYS PUBLIC LICENSE"; fullName = "EPSON AVASYS PUBLIC LICENSE";
url = http://avasys.jp/hp/menu000000700/hpg000000603.htm; url = "https://avasys.jp/hp/menu000000700/hpg000000603.htm";
free = false; free = false;
}; };
@ -246,7 +246,7 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
elastic = { elastic = {
fullName = "ELASTIC LICENSE"; fullName = "ELASTIC LICENSE";
url = https://github.com/elastic/elasticsearch/blob/master/licenses/ELASTIC-LICENSE.txt; url = "https://github.com/elastic/elasticsearch/blob/master/licenses/ELASTIC-LICENSE.txt";
free = false; free = false;
}; };
@ -262,7 +262,7 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
epson = { epson = {
fullName = "Seiko Epson Corporation Software License Agreement for Linux"; fullName = "Seiko Epson Corporation Software License Agreement for Linux";
url = https://download.ebz.epson.net/dsc/du/02/eula/global/LINUX_EN.html; url = "https://download.ebz.epson.net/dsc/du/02/eula/global/LINUX_EN.html";
free = false; free = false;
}; };
@ -271,6 +271,11 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
fullName = "European Union Public License 1.1"; fullName = "European Union Public License 1.1";
}; };
eupl12 = spdx {
spdxId = "EUPL-1.2";
fullName = "European Union Public License 1.2";
};
fdl12 = spdx { fdl12 = spdx {
spdxId = "GFDL-1.2-only"; spdxId = "GFDL-1.2-only";
fullName = "GNU Free Documentation License v1.2 only"; fullName = "GNU Free Documentation License v1.2 only";
@ -293,7 +298,7 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
ffsl = { ffsl = {
fullName = "Floodgap Free Software License"; fullName = "Floodgap Free Software License";
url = http://www.floodgap.com/software/ffsl/license.html; url = "https://www.floodgap.com/software/ffsl/license.html";
free = false; free = false;
}; };
@ -303,12 +308,12 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
g4sl = { g4sl = {
fullName = "Geant4 Software License"; fullName = "Geant4 Software License";
url = https://geant4.web.cern.ch/geant4/license/LICENSE.html; url = "https://geant4.web.cern.ch/geant4/license/LICENSE.html";
}; };
geogebra = { geogebra = {
fullName = "GeoGebra Non-Commercial License Agreement"; fullName = "GeoGebra Non-Commercial License Agreement";
url = https://www.geogebra.org/license; url = "https://www.geogebra.org/license";
free = false; free = false;
}; };
@ -334,12 +339,12 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
gpl2ClasspathPlus = { gpl2ClasspathPlus = {
fullName = "GNU General Public License v2.0 or later (with Classpath exception)"; fullName = "GNU General Public License v2.0 or later (with Classpath exception)";
url = https://fedoraproject.org/wiki/Licensing/GPL_Classpath_Exception; url = "https://fedoraproject.org/wiki/Licensing/GPL_Classpath_Exception";
}; };
gpl2Oss = { gpl2Oss = {
fullName = "GNU General Public License version 2 only (with OSI approved licenses linking exception)"; fullName = "GNU General Public License version 2 only (with OSI approved licenses linking exception)";
url = https://www.mysql.com/about/legal/licensing/foss-exception; url = "https://www.mysql.com/about/legal/licensing/foss-exception";
}; };
gpl2Plus = spdx { gpl2Plus = spdx {
@ -359,7 +364,7 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
gpl3ClasspathPlus = { gpl3ClasspathPlus = {
fullName = "GNU General Public License v3.0 or later (with Classpath exception)"; fullName = "GNU General Public License v3.0 or later (with Classpath exception)";
url = https://fedoraproject.org/wiki/Licensing/GPL_Classpath_Exception; url = "https://fedoraproject.org/wiki/Licensing/GPL_Classpath_Exception";
}; };
hpnd = spdx { hpnd = spdx {
@ -370,7 +375,7 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
# Intel's license, seems free # Intel's license, seems free
iasl = { iasl = {
fullName = "iASL"; fullName = "iASL";
url = http://www.calculate-linux.org/packages/licenses/iASL; url = "https://old.calculate-linux.org/packages/licenses/iASL";
}; };
ijg = spdx { ijg = spdx {
@ -385,13 +390,13 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
inria-compcert = { inria-compcert = {
fullName = "INRIA Non-Commercial License Agreement for the CompCert verified compiler"; fullName = "INRIA Non-Commercial License Agreement for the CompCert verified compiler";
url = "http://compcert.inria.fr/doc/LICENSE"; url = "http://compcert.inria.fr/doc/LICENSE"; # https is broken
free = false; free = false;
}; };
inria-icesl = { inria-icesl = {
fullName = "INRIA Non-Commercial License Agreement for IceSL"; fullName = "INRIA Non-Commercial License Agreement for IceSL";
url = "http://shapeforge.loria.fr/icesl/EULA_IceSL_binary.pdf"; url = "http://shapeforge.loria.fr/icesl/EULA_IceSL_binary.pdf"; # https is broken
free = false; free = false;
}; };
@ -413,7 +418,7 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
# Proprietary binaries; free to redistribute without modification. # Proprietary binaries; free to redistribute without modification.
issl = { issl = {
fullName = "Intel Simplified Software License"; fullName = "Intel Simplified Software License";
url = https://software.intel.com/en-us/license/intel-simplified-software-license; url = "https://software.intel.com/en-us/license/intel-simplified-software-license";
free = false; free = false;
}; };
@ -469,7 +474,7 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
llgpl21 = { llgpl21 = {
fullName = "Lisp LGPL; GNU Lesser General Public License version 2.1 with Franz Inc. preamble for clarification of LGPL terms in context of Lisp"; fullName = "Lisp LGPL; GNU Lesser General Public License version 2.1 with Franz Inc. preamble for clarification of LGPL terms in context of Lisp";
url = http://opensource.franz.com/preamble.html; url = "https://opensource.franz.com/preamble.html";
}; };
lppl12 = spdx { lppl12 = spdx {
@ -489,11 +494,11 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
miros = { miros = {
fullName = "MirOS License"; fullName = "MirOS License";
url = https://opensource.org/licenses/MirOS; url = "https://opensource.org/licenses/MirOS";
}; };
# spdx.org does not (yet) differentiate between the X11 and Expat versions # spdx.org does not (yet) differentiate between the X11 and Expat versions
# for details see http://en.wikipedia.org/wiki/MIT_License#Various_versions # for details see https://en.wikipedia.org/wiki/MIT_License#Various_versions
mit = spdx { mit = spdx {
spdxId = "MIT"; spdxId = "MIT";
fullName = "MIT License"; fullName = "MIT License";
@ -519,12 +524,6 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
fullName = "Microsoft Public License"; fullName = "Microsoft Public License";
}; };
msrla = {
fullName = "Microsoft Research License Agreement";
url = "http://research.microsoft.com/en-us/projects/pex/msr-la.txt";
free = false;
};
nasa13 = spdx { nasa13 = spdx {
spdxId = "NASA-1.3"; spdxId = "NASA-1.3";
fullName = "NASA Open Source Agreement 1.3"; fullName = "NASA Open Source Agreement 1.3";
@ -589,14 +588,14 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
postman = { postman = {
fullName = "Postman EULA"; fullName = "Postman EULA";
url = https://www.getpostman.com/licenses/postman_base_app; url = "https://www.getpostman.com/licenses/postman_base_app";
free = false; free = false;
}; };
psfl = spdx { psfl = spdx {
spdxId = "Python-2.0"; spdxId = "Python-2.0";
fullName = "Python Software Foundation License version 2"; fullName = "Python Software Foundation License version 2";
#url = http://docs.python.org/license.html; url = "https://docs.python.org/license.html";
}; };
publicDomain = { publicDomain = {
@ -605,7 +604,7 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
purdueBsd = { purdueBsd = {
fullName = " Purdue BSD-Style License"; # also know as lsof license fullName = " Purdue BSD-Style License"; # also know as lsof license
url = https://enterprise.dejacode.com/licenses/public/purdue-bsd; url = "https://enterprise.dejacode.com/licenses/public/purdue-bsd";
}; };
qhull = spdx { qhull = spdx {
@ -620,7 +619,7 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
qwt = { qwt = {
fullName = "Qwt License, Version 1.0"; fullName = "Qwt License, Version 1.0";
url = http://qwt.sourceforge.net/qwtlicense.html; url = "https://qwt.sourceforge.io/qwtlicense.html";
}; };
ruby = spdx { ruby = spdx {
@ -646,7 +645,14 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
smail = { smail = {
shortName = "smail"; shortName = "smail";
fullName = "SMAIL General Public License"; fullName = "SMAIL General Public License";
url = http://metadata.ftp-master.debian.org/changelogs/main/d/debianutils/debianutils_4.8.1_copyright; url = "https://sources.debian.org/copyright/license/debianutils/4.9.1/";
};
sspl = {
shortName = "SSPL";
fullName = "Server Side Public License";
url = "https://www.mongodb.com/licensing/server-side-public-license";
free = false;
}; };
tcltk = spdx { tcltk = spdx {
@ -656,7 +662,7 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
ufl = { ufl = {
fullName = "Ubuntu Font License 1.0"; fullName = "Ubuntu Font License 1.0";
url = http://font.ubuntu.com/ufl/ubuntu-font-licence-1.0.txt; url = "https://ubuntu.com/legal/font-licence";
}; };
unfree = { unfree = {
@ -675,6 +681,11 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
# channel and NixOS images. # channel and NixOS images.
}; };
unicode-dfs-2016 = spdx {
spdxId = "Unicode-DFS-2016";
fullName = "Unicode License Agreement - Data Files and Software (2016)";
};
unlicense = spdx { unlicense = spdx {
spdxId = "Unlicense"; spdxId = "Unlicense";
fullName = "The Unlicense"; fullName = "The Unlicense";
@ -713,7 +724,7 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
wadalab = { wadalab = {
fullName = "Wadalab Font License"; fullName = "Wadalab Font License";
url = https://fedoraproject.org/wiki/Licensing:Wadalab?rd=Licensing/Wadalab; url = "https://fedoraproject.org/wiki/Licensing:Wadalab?rd=Licensing/Wadalab";
}; };
wtfpl = spdx { wtfpl = spdx {
@ -728,7 +739,7 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
xfig = { xfig = {
fullName = "xfig"; fullName = "xfig";
url = "http://mcj.sourceforge.net/authors.html#xfig"; url = "http://mcj.sourceforge.net/authors.html#xfig"; # https is broken
}; };
zlib = spdx { zlib = spdx {

13
lib/modules.nix
View File

@ -93,7 +93,11 @@ rec {
res set._definedNames res set._definedNames
else else
res; res;
result = { inherit options config; }; result = {
inherit options;
config = removeAttrs config [ "_module" ];
inherit (config) _module;
};
in result; in result;
# collectModules :: (modulesPath: String) -> (modules: [ Module ]) -> (args: Attrs) -> [ Module ] # collectModules :: (modulesPath: String) -> (modules: [ Module ]) -> (args: Attrs) -> [ Module ]
@ -410,10 +414,9 @@ rec {
# Type-check the remaining definitions, and merge them. Or throw if no definitions. # Type-check the remaining definitions, and merge them. Or throw if no definitions.
mergedValue = mergedValue =
if isDefined then if isDefined then
foldl' (res: def: if all (def: type.check def.value) defsFinal then type.merge loc defsFinal
if type.check def.value then res else let firstInvalid = findFirst (def: ! type.check def.value) null defsFinal;
else throw "The option value `${showOption loc}' in `${def.file}' is not of type `${type.description}'." in throw "The option value `${showOption loc}' in `${firstInvalid.file}' is not of type `${type.description}'."
) (type.merge loc defsFinal) defsFinal
else else
# (nixos-option detects this specific error message and gives it special # (nixos-option detects this specific error message and gives it special
# handling. If changed here, please change it there too.) # handling. If changed here, please change it there too.)

11
lib/options.nix
View File

@ -159,7 +159,7 @@ rec {
let ss = opt.type.getSubOptions opt.loc; let ss = opt.type.getSubOptions opt.loc;
in if ss != {} then optionAttrSetToDocList' opt.loc ss else []; in if ss != {} then optionAttrSetToDocList' opt.loc ss else [];
in in
[ docOption ] ++ subOptions) (collect isOption options); [ docOption ] ++ optionals docOption.visible subOptions) (collect isOption options);
/* This function recursively removes all derivation attributes from /* This function recursively removes all derivation attributes from
@ -191,7 +191,14 @@ rec {
Example: Example:
(showOption ["foo" "bar" "baz"]) == "foo.bar.baz" (showOption ["foo" "bar" "baz"]) == "foo.bar.baz"
(showOption ["foo" "bar.baz" "tux"]) == "foo.\"bar.baz\".tux" (showOption ["foo" "bar.baz" "tux"]) == "foo.bar.baz.tux"
Placeholders will not be quoted as they are not actual values:
(showOption ["foo" "*" "bar"]) == "foo.*.bar"
(showOption ["foo" "<name>" "bar"]) == "foo.<name>.bar"
Unlike attributes, options can also start with numbers:
(showOption ["windowManager" "2bwm" "enable"]) == "windowManager.2bwm.enable"
*/ */
showOption = parts: let showOption = parts: let
escapeOptionPart = part: escapeOptionPart = part:

7
lib/sources.nix
View File

@ -63,17 +63,14 @@ rec {
# https://nixos.org/nix/manual/#builtin-filterSource # https://nixos.org/nix/manual/#builtin-filterSource
# #
# name: Optional name to use as part of the store path. # name: Optional name to use as part of the store path.
# This defaults `src.name` or otherwise `baseNameOf src`. # This defaults to `src.name` or otherwise `"source"`.
# We recommend setting `name` whenever `src` is syntactically `./.`.
# Otherwise, you depend on `./.`'s name in the parent directory,
# which can cause inconsistent names, defeating caching.
# #
cleanSourceWith = { filter ? _path: _type: true, src, name ? null }: cleanSourceWith = { filter ? _path: _type: true, src, name ? null }:
let let
isFiltered = src ? _isLibCleanSourceWith; isFiltered = src ? _isLibCleanSourceWith;
origSrc = if isFiltered then src.origSrc else src; origSrc = if isFiltered then src.origSrc else src;
filter' = if isFiltered then name: type: filter name type && src.filter name type else filter; filter' = if isFiltered then name: type: filter name type && src.filter name type else filter;
name' = if name != null then name else if isFiltered then src.name else baseNameOf src; name' = if name != null then name else if isFiltered then src.name else "source";
in { in {
inherit origSrc; inherit origSrc;
filter = filter'; filter = filter';

47
lib/strings.nix
View File

@ -315,6 +315,21 @@ rec {
*/ */
escapeNixString = s: escape ["$"] (builtins.toJSON s); escapeNixString = s: escape ["$"] (builtins.toJSON s);
/* Quotes a string if it can't be used as an identifier directly.
Type: string -> string
Example:
escapeNixIdentifier "hello"
=> "hello"
escapeNixIdentifier "0abc"
=> "\"0abc\""
*/
escapeNixIdentifier = s:
# Regex from https://github.com/NixOS/nix/blob/d048577909e383439c2549e849c5c2f2016c997e/src/libexpr/lexer.l#L91
if builtins.match "[a-zA-Z_][a-zA-Z0-9_'-]*" s != null
then s else escapeNixString s;
# Obsolete - use replaceStrings instead. # Obsolete - use replaceStrings instead.
replaceChars = builtins.replaceStrings or ( replaceChars = builtins.replaceStrings or (
del: new: s: del: new: s:
@ -678,4 +693,36 @@ rec {
=> "1.0" => "1.0"
*/ */
fileContents = file: removeSuffix "\n" (builtins.readFile file); fileContents = file: removeSuffix "\n" (builtins.readFile file);
/* Creates a valid derivation name from a potentially invalid one.
Type: sanitizeDerivationName :: String -> String
Example:
sanitizeDerivationName "../hello.bar # foo"
=> "-hello.bar-foo"
sanitizeDerivationName ""
=> "unknown"
sanitizeDerivationName pkgs.hello
=> "-nix-store-2g75chlbpxlrqn15zlby2dfh8hr9qwbk-hello-2.10"
*/
sanitizeDerivationName = string: lib.pipe string [
# Get rid of string context. This is safe under the assumption that the
# resulting string is only used as a derivation name
builtins.unsafeDiscardStringContext
# Strip all leading "."
(x: builtins.elemAt (builtins.match "\\.*(.*)" x) 0)
# Split out all invalid characters
# https://github.com/NixOS/nix/blob/2.3.2/src/libstore/store-api.cc#L85-L112
# https://github.com/NixOS/nix/blob/2242be83c61788b9c0736a92bb0b5c7bbfc40803/nix-rust/src/store/path.rs#L100-L125
(builtins.split "[^[:alnum:]+._?=-]+")
# Replace invalid character ranges with a "-"
(concatMapStrings (s: if lib.isList s then "-" else s))
# Limit to 211 characters (minus 4 chars for ".drv")
(x: substring (lib.max (stringLength x - 207) 0) (-1) x)
# If the result is empty, replace it with "unknown"
(x: if stringLength x == 0 then "unknown" else x)
];
} }

1
lib/systems/default.nix
View File

@ -65,6 +65,7 @@ rec {
freebsd = "FreeBSD"; freebsd = "FreeBSD";
openbsd = "OpenBSD"; openbsd = "OpenBSD";
wasi = "Wasi"; wasi = "Wasi";
genode = "Genode";
}.${final.parsed.kernel.name} or null; }.${final.parsed.kernel.name} or null;
# uname -p # uname -p

11
lib/systems/doubles.nix
View File

@ -26,9 +26,17 @@ let
"riscv32-linux" "riscv64-linux" "riscv32-linux" "riscv64-linux"
"aarch64-none" "avr-none" "arm-none" "i686-none" "x86_64-none" "powerpc-none" "msp430-none" "riscv64-none" "riscv32-none" "vc4-none" "arm-none" "armv6l-none" "aarch64-none"
"avr-none"
"i686-none" "x86_64-none"
"powerpc-none"
"msp430-none"
"riscv64-none" "riscv32-none"
"vc4-none"
"js-ghcjs" "js-ghcjs"
"aarch64-genode" "x86_64-genode"
]; ];
allParsed = map parse.mkSystemFromString all; allParsed = map parse.mkSystemFromString all;
@ -62,6 +70,7 @@ in {
unix = filterDoubles predicates.isUnix; unix = filterDoubles predicates.isUnix;
wasi = filterDoubles predicates.isWasi; wasi = filterDoubles predicates.isWasi;
windows = filterDoubles predicates.isWindows; windows = filterDoubles predicates.isWindows;
genode = filterDoubles predicates.isGenode;
embedded = filterDoubles predicates.isNone; embedded = filterDoubles predicates.isNone;

1
lib/systems/inspect.nix
View File

@ -47,6 +47,7 @@ rec {
isMinGW = { kernel = kernels.windows; abi = abis.gnu; }; isMinGW = { kernel = kernels.windows; abi = abis.gnu; };
isWasi = { kernel = kernels.wasi; }; isWasi = { kernel = kernels.wasi; };
isGhcjs = { kernel = kernels.ghcjs; }; isGhcjs = { kernel = kernels.ghcjs; };
isGenode = { kernel = kernels.genode; };
isNone = { kernel = kernels.none; }; isNone = { kernel = kernels.none; };
isAndroid = [ { abi = abis.android; } { abi = abis.androideabi; } ]; isAndroid = [ { abi = abis.android; } { abi = abis.androideabi; } ];

3
lib/systems/parse.nix
View File

@ -279,6 +279,7 @@ rec {
wasi = { execFormat = wasm; families = { }; }; wasi = { execFormat = wasm; families = { }; };
windows = { execFormat = pe; families = { }; }; windows = { execFormat = pe; families = { }; };
ghcjs = { execFormat = unknown; families = { }; }; ghcjs = { execFormat = unknown; families = { }; };
genode = { execFormat = elf; families = { }; };
} // { # aliases } // { # aliases
# 'darwin' is the kernel for all of them. We choose macOS by default. # 'darwin' is the kernel for all of them. We choose macOS by default.
darwin = kernels.macos; darwin = kernels.macos;
@ -395,6 +396,8 @@ rec {
then { cpu = elemAt l 0; vendor = "unknown"; kernel = elemAt l 1; abi = elemAt l 2; } then { cpu = elemAt l 0; vendor = "unknown"; kernel = elemAt l 1; abi = elemAt l 2; }
else if (elemAt l 2 == "ghcjs") else if (elemAt l 2 == "ghcjs")
then { cpu = elemAt l 0; vendor = "unknown"; kernel = elemAt l 2; } then { cpu = elemAt l 0; vendor = "unknown"; kernel = elemAt l 2; }
else if hasPrefix "genode" (elemAt l 2)
then { cpu = elemAt l 0; vendor = elemAt l 1; kernel = elemAt l 2; }
else throw "Target specification with 3 components is ambiguous"; else throw "Target specification with 3 components is ambiguous";
"4" = { cpu = elemAt l 0; vendor = elemAt l 1; kernel = elemAt l 2; abi = elemAt l 3; }; "4" = { cpu = elemAt l 0; vendor = elemAt l 1; kernel = elemAt l 2; abi = elemAt l 3; };
}.${toString (length l)} }.${toString (length l)}

76
lib/tests/maintainers.nix Normal file
View File

@ -0,0 +1,76 @@
# to run these tests (and the others)
# nix-build nixpkgs/lib/tests/release.nix
{ # The pkgs used for dependencies for the testing itself
pkgs
, lib
}:
let
inherit (lib) types;
maintainerModule = { config, ... }: {
options = {
name = lib.mkOption {
type = types.str;
};
email = lib.mkOption {
type = types.str;
};
github = lib.mkOption {
type = types.nullOr types.str;
default = null;
};
githubId = lib.mkOption {
type = types.nullOr types.ints.unsigned;
default = null;
};
keys = lib.mkOption {
type = types.listOf (types.submodule {
options.longkeyid = lib.mkOption { type = types.str; };
options.fingerprint = lib.mkOption { type = types.str; };
});
default = [];
};
};
};
checkMaintainer = handle: uncheckedAttrs:
let
prefix = [ "lib" "maintainers" handle ];
checkedAttrs = (lib.modules.evalModules {
inherit prefix;
modules = [
maintainerModule
{
_file = toString ../../maintainers/maintainer-list.nix;
config = uncheckedAttrs;
}
];
}).config;
checkGithubId = lib.optional (checkedAttrs.github != null && checkedAttrs.githubId == null) ''
echo ${lib.escapeShellArg (lib.showOption prefix)}': If `github` is specified, `githubId` must be too.'
# Calling this too often would hit non-authenticated API limits, but this
# shouldn't happen since such errors will get fixed rather quickly
info=$(curl -sS https://api.github.com/users/${checkedAttrs.github})
id=$(jq -r '.id' <<< "$info")
echo "The GitHub ID for GitHub user ${checkedAttrs.github} is $id:"
echo -e " githubId = $id;\n"
'';
in lib.deepSeq checkedAttrs checkGithubId;
missingGithubIds = lib.concatLists (lib.mapAttrsToList checkMaintainer lib.maintainers);
success = pkgs.runCommandNoCC "checked-maintainers-success" {} ">$out";
failure = pkgs.runCommandNoCC "checked-maintainers-failure" {
nativeBuildInputs = [ pkgs.curl pkgs.jq ];
outputHash = "sha256:${lib.fakeSha256}";
outputHAlgo = "sha256";
outputHashMode = "flat";
SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
} ''
${lib.concatStringsSep "\n" missingGithubIds}
exit 1
'';
in if missingGithubIds == [] then success else failure

42
lib/tests/misc.nix
View File

@ -3,6 +3,23 @@
# if the resulting list is empty, all tests passed # if the resulting list is empty, all tests passed
with import ../default.nix; with import ../default.nix;
let
testSanitizeDerivationName = { name, expected }:
let
drv = derivation {
name = strings.sanitizeDerivationName name;
builder = "x";
system = "x";
};
in {
# Evaluate the derivation so an invalid name would be caught
expr = builtins.seq drv.drvPath drv.name;
inherit expected;
};
in
runTests { runTests {
@ -490,4 +507,29 @@ runTests {
expected = "'-X' 'PUT' '--data' '{\"id\":0}' '--retry' '3' '--url' 'https://example.com/foo' '--url' 'https://example.com/bar' '--verbose'"; expected = "'-X' 'PUT' '--data' '{\"id\":0}' '--retry' '3' '--url' 'https://example.com/foo' '--url' 'https://example.com/bar' '--verbose'";
}; };
testSanitizeDerivationNameLeadingDots = testSanitizeDerivationName {
name = "..foo";
expected = "foo";
};
testSanitizeDerivationNameAscii = testSanitizeDerivationName {
name = " !\"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghijklmnopqrstuvwxyz{|}~";
expected = "-+--.-0123456789-=-?-ABCDEFGHIJKLMNOPQRSTUVWXYZ-_-abcdefghijklmnopqrstuvwxyz-";
};
testSanitizeDerivationNameTooLong = testSanitizeDerivationName {
name = "This string is loooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooong";
expected = "loooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooong";
};
testSanitizeDerivationNameTooLongWithInvalid = testSanitizeDerivationName {
name = "Hello there aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa &&&&&&&&";
expected = "there-aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa-";
};
testSanitizeDerivationNameEmpty = testSanitizeDerivationName {
name = "";
expected = "unknown";
};
} }

18
lib/tests/modules.sh
View File

@ -3,7 +3,10 @@
# This script is used to test that the module system is working as expected. # This script is used to test that the module system is working as expected.
# By default it test the version of nixpkgs which is defined in the NIX_PATH. # By default it test the version of nixpkgs which is defined in the NIX_PATH.
cd ./modules # https://stackoverflow.com/a/246128/6605742
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
cd "$DIR"/modules
pass=0 pass=0
fail=0 fail=0
@ -185,6 +188,14 @@ checkConfigError 'The option .* defined in .* does not exist' config.enable ./di
# Check that imports can depend on derivations # Check that imports can depend on derivations
checkConfigOutput "true" config.enable ./import-from-store.nix checkConfigOutput "true" config.enable ./import-from-store.nix
# Check that configs can be conditional on option existence
checkConfigOutput true config.enable ./define-option-dependently.nix ./declare-enable.nix ./declare-int-positive-value.nix
checkConfigOutput 360 config.value ./define-option-dependently.nix ./declare-enable.nix ./declare-int-positive-value.nix
checkConfigOutput 7 config.value ./define-option-dependently.nix ./declare-int-positive-value.nix
checkConfigOutput true config.set.enable ./define-option-dependently-nested.nix ./declare-enable-nested.nix ./declare-int-positive-value-nested.nix
checkConfigOutput 360 config.set.value ./define-option-dependently-nested.nix ./declare-enable-nested.nix ./declare-int-positive-value-nested.nix
checkConfigOutput 7 config.set.value ./define-option-dependently-nested.nix ./declare-int-positive-value-nested.nix
# Check attrsOf and lazyAttrsOf. Only lazyAttrsOf should be lazy, and only # Check attrsOf and lazyAttrsOf. Only lazyAttrsOf should be lazy, and only
# attrsOf should work with conditional definitions # attrsOf should work with conditional definitions
# In addition, lazyAttrsOf should honor an options emptyValue # In addition, lazyAttrsOf should honor an options emptyValue
@ -194,6 +205,11 @@ checkConfigOutput "true" config.conditionalWorks ./declare-attrsOf.nix ./attrsOf
checkConfigOutput "false" config.conditionalWorks ./declare-lazyAttrsOf.nix ./attrsOf-conditional-check.nix checkConfigOutput "false" config.conditionalWorks ./declare-lazyAttrsOf.nix ./attrsOf-conditional-check.nix
checkConfigOutput "empty" config.value.foo ./declare-lazyAttrsOf.nix ./attrsOf-conditional-check.nix checkConfigOutput "empty" config.value.foo ./declare-lazyAttrsOf.nix ./attrsOf-conditional-check.nix
# Even with multiple assignments, a type error should be thrown if any of them aren't valid
checkConfigError 'The option value .* in .* is not of type .*' \
config.value ./declare-int-unsigned-value.nix ./define-value-list.nix ./define-value-int-positive.nix
cat <<EOF cat <<EOF
====== module tests ====== ====== module tests ======
$pass Pass $pass Pass

14
lib/tests/modules/declare-enable-nested.nix Normal file
View File

@ -0,0 +1,14 @@
{ lib, ... }:
{
options.set = {
enable = lib.mkOption {
default = false;
example = true;
type = lib.types.bool;
description = ''
Some descriptive text
'';
};
};
}

9
lib/tests/modules/declare-int-positive-value-nested.nix Normal file
View File

@ -0,0 +1,9 @@
{ lib, ... }:
{
options.set = {
value = lib.mkOption {
type = lib.types.ints.positive;
};
};
}

16
lib/tests/modules/define-option-dependently-nested.nix Normal file
View File

@ -0,0 +1,16 @@
{ lib, options, ... }:
# Some modules may be distributed separately and need to adapt to other modules
# that are distributed and versioned separately.
{
# Always defined, but the value depends on the presence of an option.
config.set = {
value = if options ? set.enable then 360 else 7;
}
# Only define if possible.
// lib.optionalAttrs (options ? set.enable) {
enable = true;
};
}

16
lib/tests/modules/define-option-dependently.nix Normal file
View File

@ -0,0 +1,16 @@
{ lib, options, ... }:
# Some modules may be distributed separately and need to adapt to other modules
# that are distributed and versioned separately.
{
# Always defined, but the value depends on the presence of an option.
config = {
value = if options ? enable then 360 else 7;
}
# Only define if possible.
// lib.optionalAttrs (options ? enable) {
enable = true;
};
}

19
lib/tests/release.nix
View File

@ -1,8 +1,17 @@
{ pkgs ? import ((import ../.).cleanSource ../..) {} }: { # The pkgs used for dependencies for the testing itself
# Don't test properties of pkgs.lib, but rather the lib in the parent directory
pkgs ? import ../.. {} // { lib = throw "pkgs.lib accessed, but the lib tests should use nixpkgs' lib path directly!"; }
}:
pkgs.runCommandNoCC "nixpkgs-lib-tests" { pkgs.runCommandNoCC "nixpkgs-lib-tests" {
buildInputs = [ pkgs.nix (import ./check-eval.nix) ]; buildInputs = [
NIX_PATH = "nixpkgs=${toString pkgs.path}"; pkgs.nix
(import ./check-eval.nix)
(import ./maintainers.nix {
inherit pkgs;
lib = import ../.;
})
];
} '' } ''
datadir="${pkgs.nix}/share" datadir="${pkgs.nix}/share"
export TEST_ROOT=$(pwd)/test-tmp export TEST_ROOT=$(pwd)/test-tmp
@ -17,8 +26,8 @@ pkgs.runCommandNoCC "nixpkgs-lib-tests" {
cacheDir=$TEST_ROOT/binary-cache cacheDir=$TEST_ROOT/binary-cache
nix-store --init nix-store --init
cd ${pkgs.path}/lib/tests cp -r ${../.} lib
bash ./modules.sh bash lib/tests/modules.sh
touch $out touch $out
'' ''

7
lib/tests/systems.nix
View File

@ -12,16 +12,17 @@ let
expected = lib.sort lib.lessThan y; expected = lib.sort lib.lessThan y;
}; };
in with lib.systems.doubles; lib.runTests { in with lib.systems.doubles; lib.runTests {
testall = mseteq all (linux ++ darwin ++ freebsd ++ openbsd ++ netbsd ++ illumos ++ wasi ++ windows ++ embedded ++ js); testall = mseteq all (linux ++ darwin ++ freebsd ++ openbsd ++ netbsd ++ illumos ++ wasi ++ windows ++ embedded ++ js ++ genode);
testarm = mseteq arm [ "armv5tel-linux" "armv6l-linux" "armv7a-linux" "armv7l-linux" "arm-none" "armv7a-darwin" ]; testarm = mseteq arm [ "armv5tel-linux" "armv6l-linux" "armv6l-none" "armv7a-linux" "armv7l-linux" "arm-none" "armv7a-darwin" ];
testi686 = mseteq i686 [ "i686-linux" "i686-freebsd" "i686-netbsd" "i686-openbsd" "i686-cygwin" "i686-windows" "i686-none" "i686-darwin" ]; testi686 = mseteq i686 [ "i686-linux" "i686-freebsd" "i686-netbsd" "i686-openbsd" "i686-cygwin" "i686-windows" "i686-none" "i686-darwin" ];
testmips = mseteq mips [ "mipsel-linux" ]; testmips = mseteq mips [ "mipsel-linux" ];
testx86_64 = mseteq x86_64 [ "x86_64-linux" "x86_64-darwin" "x86_64-freebsd" "x86_64-openbsd" "x86_64-netbsd" "x86_64-cygwin" "x86_64-solaris" "x86_64-windows" "x86_64-none" ]; testx86_64 = mseteq x86_64 [ "x86_64-linux" "x86_64-darwin" "x86_64-freebsd" "x86_64-genode" "x86_64-openbsd" "x86_64-netbsd" "x86_64-cygwin" "x86_64-solaris" "x86_64-windows" "x86_64-none" ];
testcygwin = mseteq cygwin [ "i686-cygwin" "x86_64-cygwin" ]; testcygwin = mseteq cygwin [ "i686-cygwin" "x86_64-cygwin" ];
testdarwin = mseteq darwin [ "x86_64-darwin" "i686-darwin" "aarch64-darwin" "armv7a-darwin" ]; testdarwin = mseteq darwin [ "x86_64-darwin" "i686-darwin" "aarch64-darwin" "armv7a-darwin" ];
testfreebsd = mseteq freebsd [ "i686-freebsd" "x86_64-freebsd" ]; testfreebsd = mseteq freebsd [ "i686-freebsd" "x86_64-freebsd" ];
testgenode = mseteq genode [ "aarch64-genode" "x86_64-genode" ];
testgnu = mseteq gnu (linux /* ++ kfreebsd ++ ... */); testgnu = mseteq gnu (linux /* ++ kfreebsd ++ ... */);
testillumos = mseteq illumos [ "x86_64-solaris" ]; testillumos = mseteq illumos [ "x86_64-solaris" ];
testlinux = mseteq linux [ "aarch64-linux" "armv5tel-linux" "armv6l-linux" "armv7a-linux" "armv7l-linux" "i686-linux" "mipsel-linux" "riscv32-linux" "riscv64-linux" "x86_64-linux" "powerpc64le-linux" ]; testlinux = mseteq linux [ "aarch64-linux" "armv5tel-linux" "armv6l-linux" "armv7a-linux" "armv7l-linux" "i686-linux" "mipsel-linux" "riscv32-linux" "riscv64-linux" "x86_64-linux" "powerpc64le-linux" ];

465
maintainers/maintainer-list.nix
View File

File diff suppressed because it is too large Load Diff

13
maintainers/scripts/nix-generate-from-cpan.pl
View File

@ -6,6 +6,7 @@ use warnings;
use CPAN::Meta(); use CPAN::Meta();
use CPANPLUS::Backend(); use CPANPLUS::Backend();
use Module::CoreList;
use Getopt::Long::Descriptive qw( describe_options ); use Getopt::Long::Descriptive qw( describe_options );
use JSON::PP qw( encode_json ); use JSON::PP qw( encode_json );
use Log::Log4perl qw(:easy); use Log::Log4perl qw(:easy);
@ -164,7 +165,7 @@ Readonly::Hash my %LICENSE_MAP => (
# License not provided in metadata. # License not provided in metadata.
unknown => { unknown => {
licenses => [qw( unknown )], licenses => [],
amb => 1 amb => 1
} }
); );
@ -278,14 +279,8 @@ sub get_deps {
foreach my $n ( $deps->required_modules ) { foreach my $n ( $deps->required_modules ) {
next if $n eq "perl"; next if $n eq "perl";
# Figure out whether the module is a core module by attempting my @core = Module::CoreList->find_modules(qr/^$n$/);
# to `use` the module in a pure Perl interpreter and checking next if (@core);
# whether it succeeded. Note, $^X is a magic variable holding
# the path to the running Perl interpreter.
if ( system("env -i $^X -M$n -e1 >/dev/null 2>&1") == 0 ) {
DEBUG("skipping Perl-builtin module $n");
next;
}
my $pkg = module_to_pkg( $cb, $n ); my $pkg = module_to_pkg( $cb, $n );

42
maintainers/team-list.nix
View File

@ -17,8 +17,50 @@
{ lib }: { lib }:
with lib.maintainers; { with lib.maintainers; {
acme = {
members = [
aanderse
andrew-d
arianvp
emily
flokli
m1cr0man
];
scope = "Maintain ACME-related packages and modules.";
};
freedesktop = { freedesktop = {
members = [ jtojnar worldofpeace ]; members = [ jtojnar worldofpeace ];
scope = "Maintain Freedesktop.org packages for graphical desktop."; scope = "Maintain Freedesktop.org packages for graphical desktop.";
}; };
gnome = {
members = [
hedning
jtojnar
worldofpeace
];
scope = "Maintain GNOME desktop environment and platform.";
};
php = {
members = [
aanderse
etu
globin
ma27
talyz
];
scope = "Maintain PHP related packages and extensions.";
};
podman = {
members = [
adisbladis
saschagrunert
vdemeester
zowoq
];
scope = "Maintain Podman and CRI-O related packages and modules.";
};
} }

1
nixos/doc/manual/configuration/configuration.xml
View File

@ -21,7 +21,6 @@
<xi:include href="xfce.xml" /> <xi:include href="xfce.xml" />
<xi:include href="networking.xml" /> <xi:include href="networking.xml" />
<xi:include href="linux-kernel.xml" /> <xi:include href="linux-kernel.xml" />
<xi:include href="matrix.xml" />
<xi:include href="../generated/modules.xml" xpointer="xpointer(//section[@id='modules']/*)" /> <xi:include href="../generated/modules.xml" xpointer="xpointer(//section[@id='modules']/*)" />
<xi:include href="profiles.xml" /> <xi:include href="profiles.xml" />
<xi:include href="kubernetes.xml" /> <xi:include href="kubernetes.xml" />

1
nixos/doc/manual/configuration/x-windows.xml
View File

@ -31,6 +31,7 @@
<xref linkend="opt-services.xserver.windowManager.twm.enable"/> = true; <xref linkend="opt-services.xserver.windowManager.twm.enable"/> = true;
<xref linkend="opt-services.xserver.windowManager.icewm.enable"/> = true; <xref linkend="opt-services.xserver.windowManager.icewm.enable"/> = true;
<xref linkend="opt-services.xserver.windowManager.i3.enable"/> = true; <xref linkend="opt-services.xserver.windowManager.i3.enable"/> = true;
<xref linkend="opt-services.xserver.windowManager.herbstluftwm.enable"/> = true;
</programlisting> </programlisting>
</para> </para>
<para> <para>

2
nixos/doc/manual/installation/installing-behind-a-proxy.xml
View File

@ -40,7 +40,7 @@ networking.proxy.noProxy = &quot;127.0.0.1,localhost,internal.domain&quot;;
<note> <note>
<para> <para>
If you are switching networks with different proxy configurations, use the If you are switching networks with different proxy configurations, use the
<literal>nesting.clone</literal> option in <literal>specialisation</literal> option in
<literal>configuration.nix</literal> to switch proxies at runtime. Refer to <literal>configuration.nix</literal> to switch proxies at runtime. Refer to
<xref linkend="ch-options" /> for more information. <xref linkend="ch-options" /> for more information.
</para> </para>

8
nixos/doc/manual/installation/installing.xml
View File

@ -24,8 +24,7 @@
</para> </para>
<para> <para>
The NixOS manual is available on virtual console 8 (press Alt+F8 to access) The NixOS manual is available by running <command>nixos-help</command>.
or by running <command>nixos-help</command>.
</para> </para>
<para> <para>
@ -42,6 +41,11 @@
neo</command>!) neo</command>!)
</para> </para>
<para>
If the text is too small to be legible, try <command>setfont ter-132n</command>
to increase the font size.
</para>
<section xml:id="sec-installation-booting-networking"> <section xml:id="sec-installation-booting-networking">
<title>Networking in the installer</title> <title>Networking in the installer</title>

16
nixos/doc/manual/installation/upgrading.xml
View File

@ -14,7 +14,7 @@
<para> <para>
<emphasis>Stable channels</emphasis>, such as <emphasis>Stable channels</emphasis>, such as
<literal <literal
xlink:href="https://nixos.org/channels/nixos-19.09">nixos-19.09</literal>. xlink:href="https://nixos.org/channels/nixos-20.03">nixos-20.03</literal>.
These only get conservative bug fixes and package upgrades. For instance, These only get conservative bug fixes and package upgrades. For instance,
a channel update may cause the Linux kernel on your system to be upgraded a channel update may cause the Linux kernel on your system to be upgraded
from 4.19.34 to 4.19.38 (a minor bug fix), but not from from 4.19.34 to 4.19.38 (a minor bug fix), but not from
@ -38,7 +38,7 @@
<para> <para>
<emphasis>Small channels</emphasis>, such as <emphasis>Small channels</emphasis>, such as
<literal <literal
xlink:href="https://nixos.org/channels/nixos-19.09-small">nixos-19.09-small</literal> xlink:href="https://nixos.org/channels/nixos-20.03-small">nixos-20.03-small</literal>
or or
<literal <literal
xlink:href="https://nixos.org/channels/nixos-unstable-small">nixos-unstable-small</literal>. xlink:href="https://nixos.org/channels/nixos-unstable-small">nixos-unstable-small</literal>.
@ -63,8 +63,8 @@
<para> <para>
When you first install NixOS, youre automatically subscribed to the NixOS When you first install NixOS, youre automatically subscribed to the NixOS
channel that corresponds to your installation source. For instance, if you channel that corresponds to your installation source. For instance, if you
installed from a 19.09 ISO, you will be subscribed to the installed from a 20.03 ISO, you will be subscribed to the
<literal>nixos-19.09</literal> channel. To see which NixOS channel youre <literal>nixos-20.03</literal> channel. To see which NixOS channel youre
subscribed to, run the following as root: subscribed to, run the following as root:
<screen> <screen>
# nix-channel --list | grep nixos # nix-channel --list | grep nixos
@ -75,13 +75,13 @@ nixos https://nixos.org/channels/nixos-unstable
# nix-channel --add https://nixos.org/channels/<replaceable>channel-name</replaceable> nixos # nix-channel --add https://nixos.org/channels/<replaceable>channel-name</replaceable> nixos
</screen> </screen>
(Be sure to include the <literal>nixos</literal> parameter at the end.) For (Be sure to include the <literal>nixos</literal> parameter at the end.) For
instance, to use the NixOS 19.09 stable channel: instance, to use the NixOS 20.03 stable channel:
<screen> <screen>
# nix-channel --add https://nixos.org/channels/nixos-19.09 nixos # nix-channel --add https://nixos.org/channels/nixos-20.03 nixos
</screen> </screen>
If you have a server, you may want to use the “small” channel instead: If you have a server, you may want to use the “small” channel instead:
<screen> <screen>
# nix-channel --add https://nixos.org/channels/nixos-19.09-small nixos # nix-channel --add https://nixos.org/channels/nixos-20.03-small nixos
</screen> </screen>
And if you want to live on the bleeding edge: And if you want to live on the bleeding edge:
<screen> <screen>
@ -132,7 +132,7 @@ nixos https://nixos.org/channels/nixos-unstable
kernel, initrd or kernel modules. kernel, initrd or kernel modules.
You can also specify a channel explicitly, e.g. You can also specify a channel explicitly, e.g.
<programlisting> <programlisting>
<xref linkend="opt-system.autoUpgrade.channel"/> = https://nixos.org/channels/nixos-19.09; <xref linkend="opt-system.autoUpgrade.channel"/> = https://nixos.org/channels/nixos-20.03;
</programlisting> </programlisting>
</para> </para>
</section> </section>

554
nixos/doc/manual/release-notes/rl-2003.xml
View File

@ -3,7 +3,7 @@
xmlns:xi="http://www.w3.org/2001/XInclude" xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" version="5.0"
xml:id="sec-release-20.03"> xml:id="sec-release-20.03">
<title>Release 20.03 (“Markhor”, 2020.03/??)</title> <title>Release 20.03 (“Markhor”, 2020.04/20)</title>
<section xmlns="http://docbook.org/ns/docbook" <section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xlink="http://www.w3.org/1999/xlink"
@ -23,11 +23,24 @@
Support is planned until the end of October 2020, handing over to 20.09. Support is planned until the end of October 2020, handing over to 20.09.
</para> </para>
</listitem> </listitem>
<listitem>
<para>Core version changes:</para>
<para>gcc: 8.3.0 -&gt; 9.2.0</para>
<para>glibc: 2.27 -&gt; 2.30</para>
<para>linux: 4.19 -&gt; 5.4</para>
<para>mesa: 19.1.5 -&gt; 19.3.3</para>
<para>openssl: 1.0.2u -&gt; 1.1.1d</para>
</listitem>
<listitem>
<para>Desktop version changes:</para>
<para>plasma5: 5.16.5 -&gt; 5.17.5</para>
<para>kdeApplications: 19.08.2 -&gt; 19.12.3</para>
<para>gnome3: 3.32 -&gt; 3.34</para>
<para>pantheon: 5.0 -&gt; 5.1.3</para>
</listitem>
<listitem> <listitem>
<para> <para>
Linux kernel is updated to branch 5.4 by default (from 4.19). Linux kernel is updated to branch 5.4 by default (from 4.19).
Users of Intel GPUs may prefer to explicitly set branch to 4.19 to avoid some regressions.
<programlisting>boot.kernelPackages = pkgs.linuxPackages_4_19;</programlisting>
</para> </para>
</listitem> </listitem>
<listitem> <listitem>
@ -43,6 +56,24 @@
quirk in the boot menu. quirk in the boot menu.
</para> </para>
</listitem> </listitem>
<listitem>
<para>
GNOME 3 has been upgraded to 3.34. Please take a look at their
<link xlink:href="https://help.gnome.org/misc/release-notes/3.34">Release Notes</link>
for details.
</para>
</listitem>
<listitem>
<para>
If you enable the Pantheon Desktop Manager via
<xref linkend="opt-services.xserver.desktopManager.pantheon.enable" />, we now default to also use
<link xlink:href="https://blog.elementary.io/say-hello-to-the-new-greeter/">
Pantheon's newly designed greeter
</link>.
Contrary to NixOS's usual update policy, Pantheon will receive updates during the cycle of
NixOS 20.03 when backwards compatible.
</para>
</listitem>
<listitem> <listitem>
<para> <para>
By default zfs pools will now be trimmed on a weekly basis. By default zfs pools will now be trimmed on a weekly basis.
@ -75,6 +106,24 @@ services.xserver.displayManager.defaultSession = "xfce+icewm";
</programlisting> </programlisting>
</para> </para>
</listitem> </listitem>
<listitem>
<para>
The testing driver implementation in NixOS is now in Python <filename>make-test-python.nix</filename>.
This was done by Jacek Galowicz (<link xlink:href="https://github.com/tfc">@tfc</link>), and with the
collaboration of Julian Stecklina (<link xlink:href="https://github.com/blitz">@blitz</link>) and
Jana Traue (<link xlink:href="https://github.com/jtraue">@jtraue</link>). All documentation has been updated to use this
testing driver, and a vast majority of the 286 tests in NixOS were ported to python driver. In 20.09 the Perl driver implementation,
<filename>make-test.nix</filename>, is slated for removal. This should give users of the NixOS integration framework
a transitory period to rewrite their tests to use the Python implementation. Users of the Perl driver will see
this warning everytime they use it:
<screen>
<prompt>$ </prompt>warning: Perl VM tests are deprecated and will be removed for 20.09.
Please update your tests to use the python test driver.
See https://github.com/NixOS/nixpkgs/pull/71684 for details.
</screen>
API compatibility is planned to be kept for at least the next release with the perl driver.
</para>
</listitem>
</itemizedlist> </itemizedlist>
</section> </section>
@ -110,6 +159,241 @@ services.xserver.displayManager.defaultSession = "xfce+icewm";
It was created so Geary could function properly outside of GNOME. It was created so Geary could function properly outside of GNOME.
</para> </para>
</listitem> </listitem>
<listitem>
<para>
<filename>./config/console.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./hardware/brillo.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./hardware/tuxedo-keyboard.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./programs/bandwhich.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./programs/bash-my-aws.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./programs/liboping.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./programs/traceroute.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/backup/sanoid.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/backup/syncoid.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/backup/zfs-replication.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/continuous-integration/buildkite-agents.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/databases/victoriametrics.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/desktops/gnome3/gnome-initial-setup.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/desktops/neard.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/games/openarena.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/hardware/fancontrol.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/mail/sympa.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/misc/freeswitch.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/misc/mame.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/monitoring/do-agent.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/monitoring/prometheus/xmpp-alerts.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/network-filesystems/orangefs/server.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/network-filesystems/orangefs/client.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/networking/3proxy.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/networking/corerad.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/networking/go-shadowsocks2.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/networking/ntp/openntpd.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/networking/shorewall.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/networking/shorewall6.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/networking/spacecookie.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/networking/trickster.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/networking/v2ray.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/networking/xandikos.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/networking/yggdrasil.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/web-apps/dokuwiki.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/web-apps/gotify-server.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/web-apps/grocy.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/web-apps/ihatemoney</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/web-apps/moinmoin.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/web-apps/trac.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/web-apps/trilium.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/web-apps/shiori.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/web-servers/ttyd.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/x11/picom.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/x11/hardware/digimend.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./services/x11/imwheel.nix</filename>
</para>
</listitem>
<listitem>
<para>
<filename>./virtualisation/cri-o.nix</filename>
</para>
</listitem>
</itemizedlist> </itemizedlist>
</section> </section>
@ -127,6 +411,17 @@ services.xserver.displayManager.defaultSession = "xfce+icewm";
</para> </para>
<itemizedlist> <itemizedlist>
<listitem>
<para>
The <package>dhcpcd</package> package <link xlink:href="https://roy.marples.name/archives/dhcpcd-discuss/0002621.html">
does not request IPv4 addresses for tap and bridge interfaces anymore by default</link>.
In order to still get an address on a bridge interface, one has to disable
<literal>networking.useDHCP</literal> and explicitly enable
<literal>networking.interfaces.&lt;name&gt;.useDHCP</literal> on
every interface, that should get an address via DHCP. This way, dhcpcd
is configured in an explicit way about which interface to run on.
</para>
</listitem>
<listitem> <listitem>
<para> <para>
GnuPG is now built without support for a graphical passphrase entry GnuPG is now built without support for a graphical passphrase entry
@ -196,10 +491,10 @@ services.xserver.displayManager.defaultSession = "xfce+icewm";
</listitem> </listitem>
<listitem> <listitem>
<para> <para>
There is now only one Xfce package-set and module. This means attributes, <literal>xfce4-14</literal> There is now only one Xfce package-set and module. This means that attributes <literal>xfce4-14</literal>
<literal>xfce4-12</literal>, and <literal>xfceUnstable</literal> all now point to the latest Xfce 4.14 and <literal>xfceUnstable</literal> all now point to the latest Xfce 4.14
packages. And in future NixOS releases will be the latest released version of Xfce available at the packages. And in the future NixOS releases will be the latest released version of Xfce available at the
time during the releases development (if viable). time of the release's development (if viable).
</para> </para>
</listitem> </listitem>
<listitem> <listitem>
@ -235,7 +530,7 @@ services.xserver.displayManager.defaultSession = "xfce+icewm";
<listitem> <listitem>
<para> <para>
The <literal>buildRustCrate</literal> infrastructure now produces <literal>lib</literal> outputs in addition to the <literal>out</literal> output. The <literal>buildRustCrate</literal> infrastructure now produces <literal>lib</literal> outputs in addition to the <literal>out</literal> output.
This has led to drastically reduced closed sizes for some rust crates since development dependencies are now in the <literal>lib</literal> output. This has led to drastically reduced closure sizes for some rust crates since development dependencies are now in the <literal>lib</literal> output.
</para> </para>
</listitem> </listitem>
<listitem> <listitem>
@ -603,6 +898,25 @@ auth required pam_succeed_if.so uid >= 1000 quiet
The <option>services.dnscrypt-proxy</option> module has been removed The <option>services.dnscrypt-proxy</option> module has been removed
as it used the deprecated version of dnscrypt-proxy. We've added as it used the deprecated version of dnscrypt-proxy. We've added
<xref linkend="opt-services.dnscrypt-proxy2.enable"/> to use the supported version. <xref linkend="opt-services.dnscrypt-proxy2.enable"/> to use the supported version.
This module supports configuration via the Nix attribute set
<xref linkend="opt-services.dnscrypt-proxy2.settings" />, or by passing a TOML configuration file via
<xref linkend="opt-services.dnscrypt-proxy2.configFile" />.
<programlisting>
# Example configuration:
services.dnscrypt-proxy2.enable = true;
services.dnscrypt-proxy2.settings = {
listen_addresses = [ "127.0.0.1:43" ];
sources.public-resolvers = {
urls = [ "https://download.dnscrypt.info/resolvers-list/v2/public-resolvers.md" ];
cache_file = "public-resolvers.md";
minisign_key = "RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3";
refresh_delay = 72;
};
};
services.dnsmasq.enable = true;
services.dnsmasq.servers = [ "127.0.0.1#43" ];
</programlisting>
</para> </para>
</listitem> </listitem>
<listitem> <listitem>
@ -619,6 +933,15 @@ auth required pam_succeed_if.so uid >= 1000 quiet
<link xlink:href="https://www.oracle.com/technetwork/developer-tools/sql-developer/downloads/sqldev-relnotes-194-5908846.html">release notes</link>. <link xlink:href="https://www.oracle.com/technetwork/developer-tools/sql-developer/downloads/sqldev-relnotes-194-5908846.html">release notes</link>.
</para> </para>
</listitem> </listitem>
<listitem>
<para>
Haskell <varname>env</varname> and <varname>shellFor</varname> dev shell environments now organize dependencies the same way as regular builds.
In particular, rather than receiving all the different lists of dependencies mashed together as one big list, and then partitioning into Haskell and non-Hakell dependencies, they work from the original many different dependency parameters and don't need to algorithmically partition anything.
</para>
<para>
This means that if you incorrectly categorize a dependency, e.g. non-Haskell library dependency as a <varname>buildDepends</varname> or run-time Haskell dependency as a <varname>setupDepends</varname>, whereas things would have worked before they may not work now.
</para>
</listitem>
<listitem> <listitem>
<para> <para>
The <package>gcc-snapshot</package>-package has been removed. It's marked as broken for &gt;2 years and used to point The <package>gcc-snapshot</package>-package has been removed. It's marked as broken for &gt;2 years and used to point
@ -641,6 +964,128 @@ auth required pam_succeed_if.so uid >= 1000 quiet
The previous behavior can be restored by setting <literal>config.riot-web.conf = { disable_guests = false; piwik = true; }</literal>. The previous behavior can be restored by setting <literal>config.riot-web.conf = { disable_guests = false; piwik = true; }</literal>.
</para> </para>
</listitem> </listitem>
<listitem>
<para>
Stand-alone usage of <literal>Upower</literal> now requires
<option>services.upower.enable</option> instead of just installing into
<xref linkend="opt-environment.systemPackages"/>.
</para>
</listitem>
<listitem>
<para>
<package>nextcloud</package> has been updated to <literal>v18.0.2</literal>. This means
that users from NixOS 19.09 can't upgrade directly since you can only move one version
forward and 19.09 uses <literal>v16.0.8</literal>.
</para>
<para>
To provide a safe upgrade-path and to circumvent similar issues in the future, the following
measures were taken:
<itemizedlist>
<listitem>
<para>
The <package>pkgs.nextcloud</package>-attribute has been removed and replaced with
versioned attributes (currently <package>pkgs.nextcloud17</package> and
<package>pkgs.nextcloud18</package>). With this change major-releases can be backported
without breaking stuff and to make upgrade-paths easier.
</para>
</listitem>
<listitem>
<para>
Existing setups will be detected using
<link linkend="opt-system.stateVersion">system.stateVersion</link>: by default,
<package>nextcloud17</package> will be used, but will raise a warning which notes
that after that deploy it's recommended to update to the latest stable version
(<package>nextcloud18</package>) by declaring the newly introduced setting
<link linkend="opt-services.nextcloud.package">services.nextcloud.package</link>.
</para>
</listitem>
<listitem>
<para>
Users with an overlay (e.g. to use <package>nextcloud</package> at version
<literal>v18</literal> on <literal>19.09</literal>) will get an evaluation error
by default. This is done to ensure that our
<link linkend="opt-services.nextcloud.package">package</link>-option doesn't select an
older version by accident. It's recommended to use <package>pkgs.nextcloud18</package>
or to set <link linkend="opt-services.nextcloud.package">package</link> to
<package>pkgs.nextcloud</package> explicitly.
</para>
</listitem>
</itemizedlist>
</para>
<warning>
<para>
Please note that if you're coming from <literal>19.03</literal> or older, you have
to manually upgrade to <literal>19.09</literal> first to upgrade your server
to Nextcloud v16.
</para>
</warning>
</listitem>
<listitem>
<para>
<package>Hydra</package> has gained a massive performance improvement due to
<link xlink:href="https://github.com/NixOS/hydra/pull/710">some database schema
changes</link> by adding several IDs and better indexing. However, it's necessary
to upgrade Hydra in multiple steps:
<itemizedlist>
<listitem>
<para>
At first, an older version of Hydra needs to be deployed which adds those
(nullable) columns. When having set <link linkend="opt-system.stateVersion">stateVersion
</link> to a value older than <literal>20.03</literal>, this package will be selected
by default from the module when upgrading. Otherwise, the package can be deployed using
the following config:
<programlisting>{ pkgs, ... }: {
<link linkend="opt-services.hydra.package">services.hydra.package</link> = pkgs.hydra-migration;
}</programlisting>
</para>
</listitem>
<listitem>
<para>
Automatically fill the newly added ID columns on the server by running the following
command:
<screen>
<prompt>$ </prompt>hydra-backfill-ids
</screen>
<warning>
<para>Please note that this process can take a while depending on your database-size!</para>
</warning>
</para>
</listitem>
<listitem>
<para>
Deploy a newer version of Hydra to activate the DB optimizations. This can be done by
using <package>hydra-unstable</package>. This package already includes
<link xlink:href="https://github.com/nixos/rfcs/pull/49">flake-support</link> and is
therefore compiled against <package>pkgs.nixFlakes</package>.
<warning>
<para>
If your <link linkend="opt-system.stateVersion">stateVersion</link> is set to
<literal>20.03</literal> or greater, <package>hydra-unstable</package> will be used
automatically! This will break your setup if you didn't run the migration.
</para>
</warning>
Please note that Hydra is currently not available with <package>nixStable</package>
as this doesn't compile anymore.
</para>
</listitem>
</itemizedlist>
<warning>
<para>
<package>pkgs.hydra</package> has been removed to ensure a graceful database-migration
using the dedicated package-attributes. If you still have <package>pkgs.hydra</package>
defined in e.g. an overlay, an assertion error will be thrown. To circumvent this,
you need to set <xref linkend="opt-services.hydra.package" /> to <package>pkgs.hydra</package>
explicitly and make sure you know what you're doing!
</para>
</warning>
</para>
</listitem>
<listitem>
<para>
The TokuDB storage engine will be disabled in <package>mariadb</package> 10.5. It is recommended to switch
to RocksDB. See also <link xlink:href="https://mariadb.com/kb/en/tokudb/">TokuDB</link>.
</para>
</listitem>
</itemizedlist> </itemizedlist>
</section> </section>
@ -658,7 +1103,8 @@ auth required pam_succeed_if.so uid >= 1000 quiet
<listitem> <listitem>
<para> <para>
The nginx web server previously started its master process as root The nginx web server previously started its master process as root
privileged, then ran worker processes as a less privileged identity user. privileged, then ran worker processes as a less privileged identity user
(the <literal>nginx</literal> user).
This was changed to start all of nginx as a less privileged user (defined by This was changed to start all of nginx as a less privileged user (defined by
<literal>services.nginx.user</literal> and <literal>services.nginx.user</literal> and
<literal>services.nginx.group</literal>). As a consequence, all files that <literal>services.nginx.group</literal>). As a consequence, all files that
@ -666,6 +1112,13 @@ auth required pam_succeed_if.so uid >= 1000 quiet
certificates and keys, etc.) must now be readable by this less privileged certificates and keys, etc.) must now be readable by this less privileged
user/group. user/group.
</para> </para>
<para>
To continue to use the old approach, you can configure:
<programlisting>
services.nginx.appendConfig = let cfg = config.services.nginx; in ''user ${cfg.user} ${cfg.group};'';
systemd.services.nginx.serviceConfig.User = lib.mkForce "root";
</programlisting>
</para>
</listitem> </listitem>
<listitem> <listitem>
<para> <para>
@ -692,9 +1145,11 @@ auth required pam_succeed_if.so uid >= 1000 quiet
As well as this, the options <literal>security.acme.acceptTerms</literal> and either As well as this, the options <literal>security.acme.acceptTerms</literal> and either
<literal>security.acme.email</literal> or <literal>security.acme.certs.&lt;name&gt;.email</literal> <literal>security.acme.email</literal> or <literal>security.acme.certs.&lt;name&gt;.email</literal>
must be set in order to use the ACME module. must be set in order to use the ACME module.
Certificates will be regenerated anew on the next renewal date. The credentials for simp-le are Certificates will be regenerated on activation, no account or certificate will be migrated from simp-le.
preserved and thus it is possible to roll back to previous versions without breaking certificate In particular private keys will not be preserved. However, the credentials for simp-le are preserved and
generation. thus it is possible to roll back to previous versions without breaking certificate generation.
Note also that in contrary to simp-le a new private key is recreated at each renewal by default, which can
have consequences if you embed your public key in apps.
</para> </para>
</listitem> </listitem>
<listitem> <listitem>
@ -705,13 +1160,84 @@ auth required pam_succeed_if.so uid >= 1000 quiet
</listitem> </listitem>
<listitem> <listitem>
<para> <para>
Predicatbly named network-interfaces get renamed in stage-1. This means that it's possible Predictably named network interfaces get renamed in stage-1. This means that it is possible
to use the proper interface name for e.g. dropbear-setups. to use the proper interface name for e.g. Dropbear setups.
</para> </para>
<para> <para>
For further reference, please read <link xlink:href="https://github.com/NixOS/nixpkgs/pull/68953">#68953</link> or the corresponding <link xlink:href="https://discourse.nixos.org/t/predictable-network-interface-names-in-initrd/4055">discourse thread</link>. For further reference, please read <link xlink:href="https://github.com/NixOS/nixpkgs/pull/68953">#68953</link> or the corresponding <link xlink:href="https://discourse.nixos.org/t/predictable-network-interface-names-in-initrd/4055">discourse thread</link>.
</para> </para>
</listitem> </listitem>
<listitem>
<para>
The <package>matrix-synapse</package>-package has been updated to
<link xlink:href="https://github.com/matrix-org/synapse/releases/tag/v1.11.1">v1.11.1</link>.
Due to <link xlink:href="https://github.com/matrix-org/synapse/releases/tag/v1.10.0rc1">stricter requirements</link>
for database configuration when using <package>postgresql</package>, the automated database setup
of the module has been removed to avoid any further edge-cases.
</para>
<para>
<package>matrix-synapse</package> expects <literal>postgresql</literal>-databases to have the options
<literal>LC_COLLATE</literal> and <literal>LC_CTYPE</literal> set to
<link xlink:href="https://www.postgresql.org/docs/12/locale.html"><literal>'C'</literal></link> which basically
instructs <literal>postgresql</literal> to ignore any locale-based preferences.
</para>
<para>
Depending on your setup, you need to incorporate one of the following changes in your setup to
upgrade to 20.03:
<itemizedlist>
<listitem><para>If you use <literal>sqlite3</literal> you don't need to do anything.</para></listitem>
<listitem><para>If you use <literal>postgresql</literal> on a different server, you don't need
to change anything as well since this module was never designed to configure remote databases.
</para></listitem>
<listitem><para>If you use <literal>postgresql</literal> and configured your synapse initially on
<literal>19.09</literal> or older, you simply need to enable <package>postgresql</package>-support
explicitly:
<programlisting>{ ... }: {
services.matrix-synapse = {
<link linkend="opt-services.matrix-synapse.enable">enable</link> = true;
/* and all the other config you've defined here */
};
<link linkend="opt-services.postgresql.enable">services.postgresql.enable</link> = true;
}</programlisting>
</para></listitem>
<listitem><para>If you deploy a fresh <package>matrix-synapse</package>, you need to configure
the database yourself (e.g. by using the
<link linkend="opt-services.postgresql.initialScript">services.postgresql.initialScript</link>
option). An example for this can be found in the
<link linkend="module-services-matrix">documentation of the Matrix module</link>.
</para></listitem>
<listitem><para>If you initially deployed your <package>matrix-synapse</package> on
<literal>nixos-unstable</literal> <emphasis>after</emphasis> the <literal>19.09</literal>-release,
your database is misconfigured due to a regression in NixOS. For now, <package>matrix-synapse</package> will
startup with a warning, but it's recommended to reconfigure the database to set the values
<literal>LC_COLLATE</literal> and <literal>LC_CTYPE</literal> to
<link xlink:href="https://www.postgresql.org/docs/12/locale.html"><literal>'C'</literal></link>.
</para></listitem>
</itemizedlist>
</para>
</listitem>
<listitem>
<para>
The <link linkend="opt-systemd.network.links">systemd.network.links</link> option is now respected
even when <link linkend="opt-systemd.network.enable">systemd-networkd</link> is disabled.
This mirrors the behaviour of systemd - It's udev that parses <literal>.link</literal> files,
not <command>systemd-networkd</command>.
</para>
</listitem>
<listitem>
<para>
<package>mongodb</package> has been updated to version <literal>3.4.24</literal>.
<warning>
<para>
Please note that <package>mongodb</package> has been relicensed under their own
<link xlink:href="https://www.mongodb.com/licensing/server-side-public-license/faq"><literal>
sspl</literal></link>-license. Since it's not entirely free and not OSI-approved,
it's listed as non-free. This means that Hydra doesn't provide prebuilt
<package>mongodb</package>-packages and needs to be built locally.
</para>
</warning>
</para>
</listitem>
</itemizedlist> </itemizedlist>
</section> </section>
</section> </section>

240
nixos/doc/manual/release-notes/rl-2009.xml
View File

@ -23,6 +23,14 @@
Support is planned until the end of April 2021, handing over to 21.03. Support is planned until the end of April 2021, handing over to 21.03.
</para> </para>
</listitem> </listitem>
<listitem>
<para>GNOME desktop environment was upgraded to 3.36, see its <link xlink:href="https://help.gnome.org/misc/release-notes/3.36/">release notes</link>.</para>
</listitem>
<listitem>
<para>
We now distribute a GNOME ISO.
</para>
</listitem>
<listitem> <listitem>
<para> <para>
PHP now defaults to PHP 7.4, updated from 7.3. PHP now defaults to PHP 7.4, updated from 7.3.
@ -37,6 +45,16 @@
make use of these new options instead. make use of these new options instead.
</para> </para>
</listitem> </listitem>
<listitem>
<para>
There is a new module for Podman(<varname>virtualisation.podman</varname>), a drop-in replacement for the Docker command line.
</para>
</listitem>
<listitem>
<para>
The new <varname>virtualisation.containers</varname> module manages configuration shared by the CRI-O and Podman modules.
</para>
</listitem>
</itemizedlist> </itemizedlist>
</section> </section>
@ -86,6 +104,213 @@
}</programlisting> }</programlisting>
</para> </para>
</listitem> </listitem>
<listitem>
<para>
The <link linkend="opt-services.supybot.enable">supybot</link> module now uses <literal>/var/lib/supybot</literal>
as its default <link linkend="opt-services.supybot.stateDir">stateDir</link> path if <literal>stateVersion</literal>
is 20.09 or higher. It also enables number of
<link xlink:href="https://www.freedesktop.org/software/systemd/man/systemd.exec.html#Sandboxing">systemd sandboxing options</link>
which may possibly interfere with some plugins. If this is the case you can disable the options through attributes in
<option>systemd.services.supybot.serviceConfig</option>.
</para>
</listitem>
<listitem>
<para>
The <literal>security.duosec.skey</literal> option, which stored a secret in the
nix store, has been replaced by a new
<link linkend="opt-security.duosec.secretKeyFile">security.duosec.secretKeyFile</link>
option for better security.
</para>
<para>
<literal>security.duosec.ikey</literal> has been renamed to
<link linkend="opt-security.duosec.integrationKey">security.duosec.integrationKey</link>.
</para>
</listitem>
<listitem>
<para>
The initrd SSH support now uses OpenSSH rather than Dropbear to
allow the use of Ed25519 keys and other OpenSSH-specific
functionality. Host keys must now be in the OpenSSH format, and at
least one pre-generated key must be specified.
</para>
<para>
If you used the <option>boot.initrd.network.ssh.host*Key</option>
options, you'll get an error explaining how to convert your host
keys and migrate to the new
<option>boot.initrd.network.ssh.hostKeys</option> option.
Otherwise, if you don't have any host keys set, you'll need to
generate some; see the <option>hostKeys</option> option
documentation for instructions.
</para>
</listitem>
<listitem>
<para>
Since this release there's an easy way to customize your PHP
install to get a much smaller base PHP with only wanted
extensions enabled. See the following snippet installing a
smaller PHP with the extensions <literal>imagick</literal>,
<literal>opcache</literal>, <literal>pdo</literal> and
<literal>pdo_mysql</literal> loaded:
<programlisting>
environment.systemPackages = [
(pkgs.php.withExtensions
({ all, ... }: with all; [
imagick
opcache
pdo
pdo_mysql
])
)
];</programlisting>
The default <literal>php</literal> attribute hasn't lost any
extensions. The <literal>opcache</literal> extension has been
added.
All upstream PHP extensions are available under <package><![CDATA[php.extensions.<name?>]]></package>.
</para>
<para>
All PHP <literal>config</literal> flags have been removed for
the following reasons:
<itemizedlist>
<listitem>
<para>
The updated <literal>php</literal> attribute is now easily
customizable to your liking by using
<literal>php.withExtensions</literal> or
<literal>php.buildEnv</literal> instead of writing config files
or changing configure flags.
</para>
</listitem>
<listitem>
<para>
The remaining configuration flags can now be set directly on
the <literal>php</literal> attribute. For example, instead of
<programlisting>
php.override {
config.php.embed = true;
config.php.apxs2 = false;
}
</programlisting>
you should now write
<programlisting>
php.override {
embedSupport = true;
apxs2Support = false;
}
</programlisting>
</para>
</listitem>
</itemizedlist>
</para>
</listitem>
<listitem>
<para>
Gollum received a major update to version 5.x and you may have to change
some links in your wiki when migrating from gollum 4.x. More information
can be found
<link xlink:href="https://github.com/gollum/gollum/wiki/5.0-release-notes#migrating-your-wiki">here</link>.
</para>
</listitem>
<listitem>
<para>
Deluge 2.x was added and is used as default for new NixOS
installations where stateVersion is >= 20.09. If you are upgrading from a previous
NixOS version, you can set <literal>service.deluge.package = pkgs.deluge-2_x</literal>
to upgrade to Deluge 2.x and migrate the state to the new format.
Be aware that backwards state migrations are not supported by Deluge.
</para>
</listitem>
<listitem>
<para>
The NixOS options <literal>nesting.clone</literal> and
<literal>nesting.children</literal> have been deleted, and
replaced with named <xref linkend="opt-specialisation"/>
configurations.
</para>
<para>
Replace a <literal>nesting.clone</literal> entry with:
<programlisting>{
<link xlink:href="#opt-specialisation">specialisation.example-sub-configuration</link> = {
<link xlink:href="#opt-specialisation._name_.configuration">configuration</link> = {
...
};
};</programlisting>
</para>
<para>
Replace a <literal>nesting.children</literal> entry with:
<programlisting>{
<link xlink:href="#opt-specialisation">specialisation.example-sub-configuration</link> = {
<link xlink:href="#opt-specialisation._name_.inheritParentConfig">inheritParentConfig</link> = false;
<link xlink:href="#opt-specialisation._name_.configuration">configuration</link> = {
...
};
};</programlisting>
</para>
<para>
To switch to a specialised configuration at runtime you need to
run:
<programlisting>
# sudo /run/current-system/specialisation/example-sub-configuration/bin/switch-to-configuration test
</programlisting>
Before you would have used:
<programlisting>
# sudo /run/current-system/fine-tune/child-1/bin/switch-to-configuration test
</programlisting>
</para>
</listitem>
<listitem>
<para>
The httpd web server previously started its main process as root
privileged, then ran worker processes as a less privileged identity user.
This was changed to start all of httpd as a less privileged user (defined by
<xref linkend="opt-services.httpd.user"/> and
<xref linkend="opt-services.httpd.group"/>). As a consequence, all files that
are needed for httpd to run (included configuration fragments, SSL
certificates and keys, etc.) must now be readable by this less privileged
user/group.
</para>
<para>
The default value for <xref linkend="opt-services.httpd.mpm"/>
has been changed from <literal>prefork</literal> to <literal>event</literal>. Along with
this change the default value for
<link linkend="opt-services.httpd.virtualHosts">services.httpd.virtualHosts.&lt;name&gt;.http2</link>
has been set to <literal>true</literal>.
</para>
</listitem>
<listitem>
<para>
The <literal>systemd-networkd</literal> option
<literal>systemd.network.networks.&lt;name&gt;.dhcp.CriticalConnection</literal>
has been removed following upstream systemd's deprecation of the same. It is recommended to use
<literal>systemd.network.networks.&lt;name&gt;.networkConfig.KeepConfiguration</literal> instead.
See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
</para>
</listitem>
<listitem>
<para>
The <literal>systemd-networkd</literal> option
<literal>systemd.network.networks._name_.dhcpConfig</literal>
has been renamed to
<xref linkend="opt-systemd.network.networks._name_.dhcpV4Config"/>
following upstream systemd's documentation change.
See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
</para>
</listitem>
</itemizedlist> </itemizedlist>
</section> </section>
@ -98,7 +323,20 @@
<itemizedlist> <itemizedlist>
<listitem> <listitem>
<para /> <para>
<option>services.journald.rateLimitBurst</option> was updated from
<literal>1000</literal> to <literal>10000</literal> to follow the new
upstream systemd default.
</para>
</listitem>
<listitem>
<para>
The <package>notmuch</package> package move its emacs-related binaries and
emacs lisp files to a separate output. They're not part
of the default <literal>out</literal> output anymore - if you relied on the
<literal>notmuch-emacs-mua</literal> binary or the emacs lisp files, access them via
the <literal>notmuch.emacs</literal> output.
</para>
</listitem> </listitem>
</itemizedlist> </itemizedlist>
</section> </section>

4
nixos/lib/eval-config.nix
View File

@ -61,7 +61,7 @@ in rec {
args = extraArgs; args = extraArgs;
specialArgs = specialArgs =
{ modulesPath = builtins.toString ../modules; } // specialArgs; { modulesPath = builtins.toString ../modules; } // specialArgs;
}) config options; }) config options _module;
# These are the extra arguments passed to every module. In # These are the extra arguments passed to every module. In
# particular, Nixpkgs is passed through the "pkgs" argument. # particular, Nixpkgs is passed through the "pkgs" argument.
@ -69,5 +69,5 @@ in rec {
inherit baseModules extraModules modules; inherit baseModules extraModules modules;
}; };
inherit (config._module.args) pkgs; inherit (_module.args) pkgs;
} }

1
nixos/lib/make-iso9660-image.sh
View File

@ -107,6 +107,7 @@ xorriso="xorriso
-publisher nixos -publisher nixos
-graft-points -graft-points
-full-iso9660-filenames -full-iso9660-filenames
-joliet
${isoBootFlags} ${isoBootFlags}
${usbBootFlags} ${usbBootFlags}
${efiBootFlags} ${efiBootFlags}

6
nixos/lib/make-options-doc/default.nix
View File

@ -86,7 +86,7 @@ let
optionsList = lib.sort optionLess optionsListDesc; optionsList = lib.sort optionLess optionsListDesc;
# Convert the list of options into an XML file. # Convert the list of options into an XML file.
optionsXML = pkgs.writeText "options.xml" (builtins.toXML optionsList); optionsXML = builtins.toFile "options.xml" (builtins.toXML optionsList);
optionsNix = builtins.listToAttrs (map (o: { name = o.name; value = removeAttrs o ["name" "visible" "internal"]; }) optionsList); optionsNix = builtins.listToAttrs (map (o: { name = o.name; value = removeAttrs o ["name" "visible" "internal"]; }) optionsList);
@ -133,6 +133,7 @@ in {
optionsJSON = pkgs.runCommand "options.json" optionsJSON = pkgs.runCommand "options.json"
{ meta.description = "List of NixOS options in JSON format"; { meta.description = "List of NixOS options in JSON format";
buildInputs = [ pkgs.brotli ];
} }
'' ''
# Export list of options in different format. # Export list of options in different format.
@ -141,8 +142,11 @@ in {
cp ${builtins.toFile "options.json" (builtins.unsafeDiscardStringContext (builtins.toJSON optionsNix))} $dst/options.json cp ${builtins.toFile "options.json" (builtins.unsafeDiscardStringContext (builtins.toJSON optionsNix))} $dst/options.json
brotli -9 < $dst/options.json > $dst/options.json.br
mkdir -p $out/nix-support mkdir -p $out/nix-support
echo "file json $dst/options.json" >> $out/nix-support/hydra-build-products echo "file json $dst/options.json" >> $out/nix-support/hydra-build-products
echo "file json-br $dst/options.json.br" >> $out/nix-support/hydra-build-products
''; # */ ''; # */
optionsDocBook = pkgs.runCommand "options-docbook.xml" {} '' optionsDocBook = pkgs.runCommand "options-docbook.xml" {} ''

41
nixos/lib/test-driver/test-driver.py
View File

@ -6,6 +6,7 @@ from xml.sax.saxutils import XMLGenerator
import _thread import _thread
import atexit import atexit
import base64 import base64
import codecs
import os import os
import pathlib import pathlib
import ptpython.repl import ptpython.repl
@ -84,8 +85,6 @@ CHAR_TO_KEY = {
} }
# Forward references # Forward references
nr_tests: int
failed_tests: list
log: "Logger" log: "Logger"
machines: "List[Machine]" machines: "List[Machine]"
@ -101,10 +100,12 @@ def make_command(args: list) -> str:
def create_vlan(vlan_nr: str) -> Tuple[str, str, "subprocess.Popen[bytes]", Any]: def create_vlan(vlan_nr: str) -> Tuple[str, str, "subprocess.Popen[bytes]", Any]:
global log global log
log.log("starting VDE switch for network {}".format(vlan_nr)) log.log("starting VDE switch for network {}".format(vlan_nr))
vde_socket = os.path.abspath("./vde{}.ctl".format(vlan_nr)) vde_socket = tempfile.mkdtemp(
prefix="nixos-test-vde-", suffix="-vde{}.ctl".format(vlan_nr)
)
pty_master, pty_slave = pty.openpty() pty_master, pty_slave = pty.openpty()
vde_process = subprocess.Popen( vde_process = subprocess.Popen(
["vde_switch", "-s", vde_socket, "--dirmode", "0777"], ["vde_switch", "-s", vde_socket, "--dirmode", "0700"],
bufsize=1, bufsize=1,
stdin=pty_slave, stdin=pty_slave,
stdout=subprocess.PIPE, stdout=subprocess.PIPE,
@ -115,6 +116,7 @@ def create_vlan(vlan_nr: str) -> Tuple[str, str, "subprocess.Popen[bytes]", Any]
fd.write("version\n") fd.write("version\n")
# TODO: perl version checks if this can be read from # TODO: perl version checks if this can be read from
# an if not, dies. we could hang here forever. Fix it. # an if not, dies. we could hang here forever. Fix it.
assert vde_process.stdout is not None
vde_process.stdout.readline() vde_process.stdout.readline()
if not os.path.exists(os.path.join(vde_socket, "ctl")): if not os.path.exists(os.path.join(vde_socket, "ctl")):
raise Exception("cannot start vde_switch") raise Exception("cannot start vde_switch")
@ -139,7 +141,7 @@ def retry(fn: Callable) -> None:
class Logger: class Logger:
def __init__(self) -> None: def __init__(self) -> None:
self.logfile = os.environ.get("LOGFILE", "/dev/null") self.logfile = os.environ.get("LOGFILE", "/dev/null")
self.logfile_handle = open(self.logfile, "wb") self.logfile_handle = codecs.open(self.logfile, "wb")
self.xml = XMLGenerator(self.logfile_handle, encoding="utf-8") self.xml = XMLGenerator(self.logfile_handle, encoding="utf-8")
self.queue: "Queue[Dict[str, str]]" = Queue(1000) self.queue: "Queue[Dict[str, str]]" = Queue(1000)
@ -383,7 +385,7 @@ class Machine:
if state != require_state: if state != require_state:
raise Exception( raise Exception(
"Expected unit {} to to be in state ".format(unit) "Expected unit {} to to be in state ".format(unit)
+ "'active' but it is in state {}".format(state) + "'{}' but it is in state {}".format(require_state, state)
) )
def execute(self, command: str) -> Tuple[int, str]: def execute(self, command: str) -> Tuple[int, str]:
@ -739,6 +741,7 @@ class Machine:
self.shell, _ = self.shell_socket.accept() self.shell, _ = self.shell_socket.accept()
def process_serial_output() -> None: def process_serial_output() -> None:
assert self.process.stdout is not None
for _line in self.process.stdout: for _line in self.process.stdout:
# Ignore undecodable bytes that may occur in boot menus # Ignore undecodable bytes that may occur in boot menus
line = _line.decode(errors="ignore").replace("\r", "").rstrip() line = _line.decode(errors="ignore").replace("\r", "").rstrip()
@ -877,33 +880,16 @@ def run_tests() -> None:
if machine.is_up(): if machine.is_up():
machine.execute("sync") machine.execute("sync")
if nr_tests != 0:
nr_succeeded = nr_tests - len(failed_tests)
eprint("{} out of {} tests succeeded".format(nr_succeeded, nr_tests))
if len(failed_tests) > 0:
eprint(
"The following tests have failed:\n - {}".format(
"\n - ".join(failed_tests)
)
)
sys.exit(1)
@contextmanager @contextmanager
def subtest(name: str) -> Iterator[None]: def subtest(name: str) -> Iterator[None]:
global nr_tests
global failed_tests
with log.nested(name): with log.nested(name):
nr_tests += 1
try: try:
yield yield
return True return True
except Exception as e: except Exception as e:
failed_tests.append( log.log(f'Test "{name}" failed with error: "{e}"')
'Test "{}" failed with error: "{}"'.format(name, str(e)) raise e
)
log.log("error: {}".format(str(e)))
return False return False
@ -923,9 +909,6 @@ if __name__ == "__main__":
] ]
exec("\n".join(machine_eval)) exec("\n".join(machine_eval))
nr_tests = 0
failed_tests = []
@atexit.register @atexit.register
def clean_up() -> None: def clean_up() -> None:
with log.nested("cleaning up"): with log.nested("cleaning up"):
@ -936,7 +919,7 @@ if __name__ == "__main__":
machine.process.kill() machine.process.kill()
for _, _, process, _ in vde_sockets: for _, _, process, _ in vde_sockets:
process.kill() process.terminate()
log.close() log.close()
tic = time.time() tic = time.time()

2
nixos/lib/testing/jquery-ui.nix
View File

@ -17,7 +17,7 @@ stdenv.mkDerivation rec {
''; '';
meta = { meta = {
homepage = https://jqueryui.com/; homepage = "https://jqueryui.com/";
description = "A library of JavaScript widgets and effects"; description = "A library of JavaScript widgets and effects";
platforms = stdenv.lib.platforms.all; platforms = stdenv.lib.platforms.all;
}; };

2
nixos/lib/testing/jquery.nix
View File

@ -29,7 +29,7 @@ stdenv.mkDerivation rec {
meta = with stdenv.lib; { meta = with stdenv.lib; {
description = "JavaScript library designed to simplify the client-side scripting of HTML"; description = "JavaScript library designed to simplify the client-side scripting of HTML";
homepage = http://jquery.com/; homepage = "http://jquery.com/";
license = licenses.mit; license = licenses.mit;
platforms = platforms.all; platforms = platforms.all;
}; };

1
nixos/maintainers/scripts/azure-new/.gitignore vendored Normal file
View File

@ -0,0 +1 @@
azure

42
nixos/maintainers/scripts/azure-new/README.md Normal file
View File

@ -0,0 +1,42 @@
# azure
## Demo
Here's a demo of this being used: https://asciinema.org/a/euXb9dIeUybE3VkstLWLbvhmp
## Usage
This is meant to be an example image that you can copy into your own
project and modify to your own needs. Notice that the example image
includes a built-in test user account, which by default uses your
`~/.ssh/id_ed25519.pub` as an `authorized_key`.
Build and upload the image
```shell
$ ./upload-image.sh ./examples/basic/image.nix
...
+ attr=azbasic
+ nix-build ./examples/basic/image.nix --out-link azure
/nix/store/qdpzknpskzw30vba92mb24xzll1dqsmd-azure-image
...
95.5 %, 0 Done, 0 Failed, 1 Pending, 0 Skipped, 1 Total, 2-sec Throughput (Mb/s): 932.9565
...
/subscriptions/aff271ee-e9be-4441-b9bb-42f5af4cbaeb/resourceGroups/nixos-images/providers/Microsoft.Compute/images/azure-image-todo-makethisbetter
```
Take the output, boot an Azure VM:
```
img="/subscriptions/.../..." # use output from last command
./boot-vm.sh "${img}"
...
=> booted
```
## Future Work
1. If the user specifies a hard-coded user, then the agent could be removed.
Probably has security benefits; definitely has closure-size benefits.
(It's likely the VM will need to be booted with a special flag. See:
https://github.com/Azure/azure-cli/issues/12775 for details.)

36
nixos/maintainers/scripts/azure-new/boot-vm.sh Executable file
View File

@ -0,0 +1,36 @@
#!/usr/bin/env bash
set -euo pipefail
set -x
image="${1}"
location="westus2"
group="nixos-test-vm"
vm_size="Standard_D2s_v3"; os_size=42;
# ensure group
az group create --location "westus2" --name "${group}"
group_id="$(az group show --name "${group}" -o tsv --query "[id]")"
# (optional) identity
if ! az identity show -n "${group}-identity" -g "${group}" &>/dev/stderr; then
az identity create --name "${group}-identity" --resource-group "${group}"
fi
# (optional) role assignment, to the resource group, bad but not really great alternatives
identity_id="$(az identity show --name "${group}-identity" --resource-group "${group}" -o tsv --query "[id]")"
principal_id="$(az identity show --name "${group}-identity" --resource-group "${group}" -o tsv --query "[principalId]")"
until az role assignment create --assignee "${principal_id}" --role "Owner" --scope "${group_id}"; do sleep 1; done
# boot vm
az vm create \
--name "${group}-vm" \
--resource-group "${group}" \
--assign-identity "${identity_id}" \
--size "${vm_size}" \
--os-disk-size-gb "${os_size}" \
--image "${image}" \
--admin-username "${USER}" \
--location "westus2" \
--storage-sku "Premium_LRS" \
--ssh-key-values "$(ssh-add -L)"

7
nixos/maintainers/scripts/azure-new/common.sh Normal file
View File

@ -0,0 +1,7 @@
export group="${AZURE_RESOURCE_GROUP:-"azure"}"
export location="${AZURE_LOCATION:-"westus2"}"
img_file=$(echo azure/*.vhd)
img_name="$(basename "${img_file}")"
img_name="${img_name%".vhd"}"
export img_name="${img_name//[._]/-}"

10
nixos/maintainers/scripts/azure-new/examples/basic/image.nix Normal file
View File

@ -0,0 +1,10 @@
let
pkgs = (import ../../../../../../default.nix {});
machine = import "${pkgs.path}/nixos/lib/eval-config.nix" {
system = "x86_64-linux";
modules = [
({config, ...}: { imports = [ ./system.nix ]; })
];
};
in
machine.config.system.build.azureImage

34
nixos/maintainers/scripts/azure-new/examples/basic/system.nix Normal file
View File

@ -0,0 +1,34 @@
{ pkgs, modulesPath, ... }:
let username = "azurenixosuser";
in
{
imports = [
"${modulesPath}/virtualisation/azure-common.nix"
"${modulesPath}/virtualisation/azure-image.nix"
];
## NOTE: This is just an example of how to hard-code a user.
## The normal Azure agent IS included and DOES provision a user based
## on the information passed at VM creation time.
users.users."${username}" = {
isNormalUser = true;
home = "/home/${username}";
description = "Azure NixOS Test User";
openssh.authorizedKeys.keys = [ (builtins.readFile ~/.ssh/id_ed25519.pub) ];
};
nix.trustedUsers = [ username ];
virtualisation.azureImage.diskSize = 2500;
system.stateVersion = "20.03";
boot.kernelPackages = pkgs.linuxPackages_latest;
# test user doesn't have a password
services.openssh.passwordAuthentication = false;
security.sudo.wheelNeedsPassword = false;
environment.systemPackages = with pkgs; [
git file htop wget curl
];
}

13
nixos/maintainers/scripts/azure-new/shell.nix Normal file
View File

@ -0,0 +1,13 @@
with (import ../../../../default.nix {});
stdenv.mkDerivation {
name = "nixcfg-azure-devenv";
nativeBuildInputs = [
azure-cli
bash
cacert
azure-storage-azcopy
];
AZURE_CONFIG_DIR="/tmp/azure-cli/.azure";
}

58
nixos/maintainers/scripts/azure-new/upload-image.sh Executable file
View File

@ -0,0 +1,58 @@
#!/usr/bin/env bash
set -euo pipefail
set -x
image_nix="${1:-"./examples/basic/image.nix"}"
nix-build "${image_nix}" --out-link "azure"
group="nixos-images"
location="westus2"
img_name="nixos-image"
img_file="$(readlink -f ./azure/disk.vhd)"
if ! az group show -n "${group}" &>/dev/null; then
az group create --name "${group}" --location "${location}"
fi
# note: the disk access token song/dance is tedious
# but allows us to upload direct to a disk image
# thereby avoid storage accounts (and naming them) entirely!
if ! az disk show -g "${group}" -n "${img_name}" &>/dev/null; then
bytes="$(stat -c %s ${img_file})"
size="30"
az disk create \
--resource-group "${group}" \
--name "${img_name}" \
--for-upload true --upload-size-bytes "${bytes}"
timeout=$(( 60 * 60 )) # disk access token timeout
sasurl="$(\
az disk grant-access \
--access-level Write \
--resource-group "${group}" \
--name "${img_name}" \
--duration-in-seconds ${timeout} \
| jq -r '.accessSas'
)"
azcopy copy "${img_file}" "${sasurl}" \
--blob-type PageBlob
az disk revoke-access \
--resource-group "${group}" \
--name "${img_name}"
fi
if ! az image show -g "${group}" -n "${img_name}" &>/dev/null; then
diskid="$(az disk show -g "${group}" -n "${img_name}" -o json | jq -r .id)"
az image create \
--resource-group "${group}" \
--name "${img_name}" \
--source "${diskid}" \
--os-type "linux" >/dev/null
fi
imageid="$(az image show -g "${group}" -n "${img_name}" -o json | jq -r .id)"
echo "${imageid}"

11
nixos/maintainers/scripts/ec2/amazon-image.nix
View File

@ -8,10 +8,15 @@ in {
imports = [ ../../../modules/virtualisation/amazon-image.nix ]; imports = [ ../../../modules/virtualisation/amazon-image.nix ];
# Required to provide good EBS experience, # Amazon recomments setting this to the highest possible value for a good EBS
# experience, which prior to 4.15 was 255.
# https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nvme-ebs-volumes.html#timeout-nvme-ebs-volumes # https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nvme-ebs-volumes.html#timeout-nvme-ebs-volumes
# TODO change value to 4294967295 when kernel is updated to 4.15 or later config.boot.kernelParams =
config.boot.kernelParams = [ "nvme_core.io_timeout=255" ]; let timeout =
if pkgs.lib.versionAtLeast config.boot.kernelPackages.kernel.version "4.15"
then "4294967295"
else "255";
in [ "nvme_core.io_timeout=${timeout}" ];
options.amazonImage = { options.amazonImage = {
name = mkOption { name = mkOption {

5
nixos/modules/config/fonts/fontconfig.nix
View File

@ -45,6 +45,9 @@ let
# generate the font cache setting file for a fontconfig version # generate the font cache setting file for a fontconfig version
# use latest when no version is passed # use latest when no version is passed
# When cross-compiling, we cant generate the cache, so we skip the
# <cachedir> part. fontconfig still works but is a little slower in
# looking things up.
makeCacheConf = { version ? null }: makeCacheConf = { version ? null }:
let let
fcPackage = if version == null fcPackage = if version == null
@ -60,11 +63,13 @@ let
<fontconfig> <fontconfig>
<!-- Font directories --> <!-- Font directories -->
${concatStringsSep "\n" (map (font: "<dir>${font}</dir>") config.fonts.fonts)} ${concatStringsSep "\n" (map (font: "<dir>${font}</dir>") config.fonts.fonts)}
${optionalString (pkgs.stdenv.hostPlatform == pkgs.stdenv.buildPlatform) ''
<!-- Pre-generated font caches --> <!-- Pre-generated font caches -->
<cachedir>${cache}</cachedir> <cachedir>${cache}</cachedir>
${optionalString (pkgs.stdenv.isx86_64 && cfg.cache32Bit) '' ${optionalString (pkgs.stdenv.isx86_64 && cfg.cache32Bit) ''
<cachedir>${cache32}</cachedir> <cachedir>${cache32}</cachedir>
''} ''}
''}
</fontconfig> </fontconfig>
''; '';

1
nixos/modules/config/fonts/fontdir.nix
View File

@ -25,6 +25,7 @@ in
fonts = { fonts = {
enableFontDir = mkOption { enableFontDir = mkOption {
type = types.bool;
default = false; default = false;
description = '' description = ''
Whether to create a directory with links to all fonts in Whether to create a directory with links to all fonts in

1
nixos/modules/config/fonts/ghostscript.nix
View File

@ -9,6 +9,7 @@ with lib;
fonts = { fonts = {
enableGhostscriptFonts = mkOption { enableGhostscriptFonts = mkOption {
type = types.bool;
default = false; default = false;
description = '' description = ''
Whether to add the fonts provided by Ghostscript (such as Whether to add the fonts provided by Ghostscript (such as

2
nixos/modules/config/gtk/gtk-icon-cache.nix
View File

@ -77,7 +77,7 @@ with lib;
if [ -w "$themedir" ]; then if [ -w "$themedir" ]; then
rm -f "$themedir"/icon-theme.cache rm -f "$themedir"/icon-theme.cache
${pkgs.gtk3.out}/bin/gtk-update-icon-cache --ignore-theme-index "$themedir" ${pkgs.buildPackages.gtk3.out}/bin/gtk-update-icon-cache --ignore-theme-index "$themedir"
fi fi
done done
''; '';

2
nixos/modules/config/ldap.nix
View File

@ -88,6 +88,7 @@ in
}; };
useTLS = mkOption { useTLS = mkOption {
type = types.bool;
default = false; default = false;
description = '' description = ''
If enabled, use TLS (encryption) over an LDAP (port 389) If enabled, use TLS (encryption) over an LDAP (port 389)
@ -109,6 +110,7 @@ in
daemon = { daemon = {
enable = mkOption { enable = mkOption {
type = types.bool;
default = false; default = false;
description = '' description = ''
Whether to let the nslcd daemon (nss-pam-ldapd) handle the Whether to let the nslcd daemon (nss-pam-ldapd) handle the

2
nixos/modules/config/networking.nix
View File

@ -197,7 +197,7 @@ in
} // optionalAttrs (pkgs.stdenv.hostPlatform.libc == "glibc") { } // optionalAttrs (pkgs.stdenv.hostPlatform.libc == "glibc") {
# /etc/rpc: RPC program numbers. # /etc/rpc: RPC program numbers.
rpc.source = pkgs.glibc.out + "/etc/rpc"; rpc.source = pkgs.stdenv.cc.libc.out + "/etc/rpc";
}; };
networking.proxy.envVars = networking.proxy.envVars =

139
nixos/modules/config/nsswitch.nix
View File

@ -10,35 +10,34 @@ let
canLoadExternalModules = config.services.nscd.enable; canLoadExternalModules = config.services.nscd.enable;
myhostname = canLoadExternalModules; myhostname = canLoadExternalModules;
mymachines = canLoadExternalModules; mymachines = canLoadExternalModules;
# XXX Move these to their respective modules
nssmdns = canLoadExternalModules && config.services.avahi.nssmdns; nssmdns = canLoadExternalModules && config.services.avahi.nssmdns;
nsswins = canLoadExternalModules && config.services.samba.nsswins; nsswins = canLoadExternalModules && config.services.samba.nsswins;
ldap = canLoadExternalModules && (config.users.ldap.enable && config.users.ldap.nsswitch); ldap = canLoadExternalModules && (config.users.ldap.enable && config.users.ldap.nsswitch);
sssd = canLoadExternalModules && config.services.sssd.enable;
resolved = canLoadExternalModules && config.services.resolved.enable; resolved = canLoadExternalModules && config.services.resolved.enable;
googleOsLogin = canLoadExternalModules && config.security.googleOsLogin.enable;
hostArray = [ "files" ] hostArray = mkMerge [
++ optional mymachines "mymachines" (mkBefore [ "files" ])
++ optional nssmdns "mdns_minimal [NOTFOUND=return]" (mkIf mymachines [ "mymachines" ])
++ optional nsswins "wins" (mkIf nssmdns [ "mdns_minimal [NOTFOUND=return]" ])
++ optional resolved "resolve [!UNAVAIL=return]" (mkIf nsswins [ "wins" ])
++ [ "dns" ] (mkIf resolved [ "resolve [!UNAVAIL=return]" ])
++ optional nssmdns "mdns" (mkAfter [ "dns" ])
++ optional myhostname "myhostname"; (mkIf nssmdns (mkOrder 1501 [ "mdns" ])) # 1501 to ensure it's after dns
(mkIf myhostname (mkOrder 1600 [ "myhostname" ])) # 1600 to ensure it's always the last
];
passwdArray = [ "files" ] passwdArray = mkMerge [
++ optional sssd "sss" (mkBefore [ "files" ])
++ optional ldap "ldap" (mkIf ldap [ "ldap" ])
++ optional mymachines "mymachines" (mkIf mymachines [ "mymachines" ])
++ optional googleOsLogin "cache_oslogin oslogin" (mkIf canLoadExternalModules (mkAfter [ "systemd" ]))
++ [ "systemd" ]; ];
shadowArray = [ "files" ] shadowArray = mkMerge [
++ optional sssd "sss" (mkBefore [ "files" ])
++ optional ldap "ldap"; (mkIf ldap [ "ldap" ])
];
servicesArray = [ "files" ]
++ optional sssd "sss";
in { in {
options = { options = {
@ -61,17 +60,73 @@ in {
}; };
}; };
system.nssHosts = mkOption { system.nssDatabases = {
type = types.listOf types.str; passwd = mkOption {
default = []; type = types.listOf types.str;
example = [ "mdns" ]; description = ''
description = '' List of passwd entries to configure in <filename>/etc/nsswitch.conf</filename>.
List of host entries to configure in <filename>/etc/nsswitch.conf</filename>.
'';
};
Note that "files" is always prepended while "systemd" is appended if nscd is enabled.
This option only takes effect if nscd is enabled.
'';
default = [];
};
group = mkOption {
type = types.listOf types.str;
description = ''
List of group entries to configure in <filename>/etc/nsswitch.conf</filename>.
Note that "files" is always prepended while "systemd" is appended if nscd is enabled.
This option only takes effect if nscd is enabled.
'';
default = [];
};
shadow = mkOption {
type = types.listOf types.str;
description = ''
List of shadow entries to configure in <filename>/etc/nsswitch.conf</filename>.
Note that "files" is always prepended.
This option only takes effect if nscd is enabled.
'';
default = [];
};
hosts = mkOption {
type = types.listOf types.str;
description = ''
List of hosts entries to configure in <filename>/etc/nsswitch.conf</filename>.
Note that "files" is always prepended, and "dns" and "myhostname" are always appended.
This option only takes effect if nscd is enabled.
'';
default = [];
};
services = mkOption {
type = types.listOf types.str;
description = ''
List of services entries to configure in <filename>/etc/nsswitch.conf</filename>.
Note that "files" is always prepended.
This option only takes effect if nscd is enabled.
'';
default = [];
};
};
}; };
imports = [
(mkRenamedOptionModule [ "system" "nssHosts" ] [ "system" "nssDatabases" "hosts" ])
];
config = { config = {
assertions = [ assertions = [
{ {
@ -87,30 +142,34 @@ in {
]; ];
# Name Service Switch configuration file. Required by the C # Name Service Switch configuration file. Required by the C
# library. !!! Factor out the mdns stuff. The avahi module # library.
# should define an option used by this module.
environment.etc."nsswitch.conf".text = '' environment.etc."nsswitch.conf".text = ''
passwd: ${concatStringsSep " " passwdArray} passwd: ${concatStringsSep " " config.system.nssDatabases.passwd}
group: ${concatStringsSep " " passwdArray} group: ${concatStringsSep " " config.system.nssDatabases.group}
shadow: ${concatStringsSep " " shadowArray} shadow: ${concatStringsSep " " config.system.nssDatabases.shadow}
hosts: ${concatStringsSep " " config.system.nssHosts} hosts: ${concatStringsSep " " config.system.nssDatabases.hosts}
networks: files networks: files
ethers: files ethers: files
services: ${concatStringsSep " " servicesArray} services: ${concatStringsSep " " config.system.nssDatabases.services}
protocols: files protocols: files
rpc: files rpc: files
''; '';
system.nssHosts = hostArray; system.nssDatabases = {
passwd = passwdArray;
group = passwdArray;
shadow = shadowArray;
hosts = hostArray;
services = mkBefore [ "files" ];
};
# Systemd provides nss-myhostname to ensure that our hostname # Systemd provides nss-myhostname to ensure that our hostname
# always resolves to a valid IP address. It returns all locally # always resolves to a valid IP address. It returns all locally
# configured IP addresses, or ::1 and 127.0.0.2 as # configured IP addresses, or ::1 and 127.0.0.2 as
# fallbacks. Systemd also provides nss-mymachines to return IP # fallbacks. Systemd also provides nss-mymachines to return IP
# addresses of local containers. # addresses of local containers.
system.nssModules = (optionals canLoadExternalModules [ config.systemd.package.out ]) system.nssModules = (optionals canLoadExternalModules [ config.systemd.package.out ]);
++ optional googleOsLogin pkgs.google-compute-engine-oslogin.out;
}; };
} }

6
nixos/modules/config/qt5.nix
View File

@ -6,8 +6,8 @@ let
cfg = config.qt5; cfg = config.qt5;
isQGnome = cfg.platformTheme == "gnome" && cfg.style == "adwaita"; isQGnome = cfg.platformTheme == "gnome" && builtins.elem cfg.style ["adwaita" "adwaita-dark"];
isQtStyle = cfg.platformTheme == "gtk2" && cfg.style != "adwaita"; isQtStyle = cfg.platformTheme == "gtk2" && !(builtins.elem cfg.style ["adwaita" "adwaita-dark"]);
packages = if isQGnome then [ pkgs.qgnomeplatform pkgs.adwaita-qt ] packages = if isQGnome then [ pkgs.qgnomeplatform pkgs.adwaita-qt ]
else if isQtStyle then [ pkgs.libsForQt5.qtstyleplugins ] else if isQtStyle then [ pkgs.libsForQt5.qtstyleplugins ]
@ -55,6 +55,7 @@ in
style = mkOption { style = mkOption {
type = types.enum [ type = types.enum [
"adwaita" "adwaita"
"adwaita-dark"
"cleanlooks" "cleanlooks"
"gtk2" "gtk2"
"motif" "motif"
@ -71,6 +72,7 @@ in
<variablelist> <variablelist>
<varlistentry> <varlistentry>
<term><literal>adwaita</literal></term> <term><literal>adwaita</literal></term>
<term><literal>adwaita-dark</literal></term>
<listitem><para>Use Adwaita Qt style with <listitem><para>Use Adwaita Qt style with
<link xlink:href="https://github.com/FedoraQt/adwaita-qt">adwaita</link> <link xlink:href="https://github.com/FedoraQt/adwaita-qt">adwaita</link>
</para></listitem> </para></listitem>

4
nixos/modules/config/vte.nix
View File

@ -16,6 +16,10 @@ in
{ {
meta = {
maintainers = teams.gnome.members;
};
options = { options = {
programs.bash.vteIntegration = mkOption { programs.bash.vteIntegration = mkOption {

4
nixos/modules/config/xdg/autostart.nix
View File

@ -2,6 +2,10 @@
with lib; with lib;
{ {
meta = {
maintainers = teams.freedesktop.members;
};
options = { options = {
xdg.autostart.enable = mkOption { xdg.autostart.enable = mkOption {
type = types.bool; type = types.bool;

4
nixos/modules/config/xdg/icons.nix
View File

@ -2,6 +2,10 @@
with lib; with lib;
{ {
meta = {
maintainers = teams.freedesktop.members;
};
options = { options = {
xdg.icons.enable = mkOption { xdg.icons.enable = mkOption {
type = types.bool; type = types.bool;

4
nixos/modules/config/xdg/menus.nix
View File

@ -2,6 +2,10 @@
with lib; with lib;
{ {
meta = {
maintainers = teams.freedesktop.members;
};
options = { options = {
xdg.menus.enable = mkOption { xdg.menus.enable = mkOption {
type = types.bool; type = types.bool;

4
nixos/modules/config/xdg/mime.nix
View File

@ -2,6 +2,10 @@
with lib; with lib;
{ {
meta = {
maintainers = teams.freedesktop.members;
};
options = { options = {
xdg.mime.enable = mkOption { xdg.mime.enable = mkOption {
type = types.bool; type = types.bool;

4
nixos/modules/config/xdg/portal.nix
View File

@ -7,6 +7,10 @@ with lib;
(mkRenamedOptionModule [ "services" "flatpak" "extraPortals" ] [ "xdg" "portal" "extraPortals" ]) (mkRenamedOptionModule [ "services" "flatpak" "extraPortals" ] [ "xdg" "portal" "extraPortals" ])
]; ];
meta = {
maintainers = teams.freedesktop.members;
};
options.xdg.portal = { options.xdg.portal = {
enable = enable =
mkEnableOption "<link xlink:href='https://github.com/flatpak/xdg-desktop-portal'>xdg desktop integration</link>"//{ mkEnableOption "<link xlink:href='https://github.com/flatpak/xdg-desktop-portal'>xdg desktop integration</link>"//{

4
nixos/modules/config/xdg/sounds.nix
View File

@ -2,6 +2,10 @@
with lib; with lib;
{ {
meta = {
maintainers = teams.freedesktop.members;
};
options = { options = {
xdg.sounds.enable = mkOption { xdg.sounds.enable = mkOption {
type = types.bool; type = types.bool;

26
nixos/modules/hardware/opengl.nix
View File

@ -10,14 +10,6 @@ let
videoDrivers = config.services.xserver.videoDrivers; videoDrivers = config.services.xserver.videoDrivers;
makePackage = p: pkgs.buildEnv {
name = "mesa-drivers+txc-${p.mesa.version}";
paths =
[ p.mesa.drivers
(if cfg.s3tcSupport then p.libtxc_dxtn else p.libtxc_dxtn_s2tc)
];
};
package = pkgs.buildEnv { package = pkgs.buildEnv {
name = "opengl-drivers"; name = "opengl-drivers";
paths = [ cfg.package ] ++ cfg.extraPackages; paths = [ cfg.package ] ++ cfg.extraPackages;
@ -34,6 +26,9 @@ in
imports = [ imports = [
(mkRenamedOptionModule [ "services" "xserver" "vaapiDrivers" ] [ "hardware" "opengl" "extraPackages" ]) (mkRenamedOptionModule [ "services" "xserver" "vaapiDrivers" ] [ "hardware" "opengl" "extraPackages" ])
(mkRemovedOptionModule [ "hardware" "opengl" "s3tcSupport" ] ''
S3TC support is now always enabled in Mesa.
'')
]; ];
options = { options = {
@ -74,17 +69,6 @@ in
''; '';
}; };
s3tcSupport = mkOption {
type = types.bool;
default = false;
description = ''
Make S3TC(S3 Texture Compression) via libtxc_dxtn available
to OpenGL drivers instead of the patent-free S2TC replacement.
Using this library may require a patent license depending on your location.
'';
};
package = mkOption { package = mkOption {
type = types.package; type = types.package;
internal = true; internal = true;
@ -166,8 +150,8 @@ in
environment.sessionVariables.LD_LIBRARY_PATH = mkIf cfg.setLdLibraryPath environment.sessionVariables.LD_LIBRARY_PATH = mkIf cfg.setLdLibraryPath
([ "/run/opengl-driver/lib" ] ++ optional cfg.driSupport32Bit "/run/opengl-driver-32/lib"); ([ "/run/opengl-driver/lib" ] ++ optional cfg.driSupport32Bit "/run/opengl-driver-32/lib");
hardware.opengl.package = mkDefault (makePackage pkgs); hardware.opengl.package = mkDefault pkgs.mesa.drivers;
hardware.opengl.package32 = mkDefault (makePackage pkgs.pkgsi686Linux); hardware.opengl.package32 = mkDefault pkgs.pkgsi686Linux.mesa.drivers;
boot.extraModulePackages = optional (elem "virtualbox" videoDrivers) kernelPackages.virtualboxGuestAdditions; boot.extraModulePackages = optional (elem "virtualbox" videoDrivers) kernelPackages.virtualboxGuestAdditions;
}; };

2
nixos/modules/hardware/raid/hpsa.nix
View File

@ -34,7 +34,7 @@ let
meta = with lib; { meta = with lib; {
description = "HP Smart Array CLI"; description = "HP Smart Array CLI";
homepage = https://downloads.linux.hpe.com/SDR/downloads/MCP/Ubuntu/pool/non-free/; homepage = "https://downloads.linux.hpe.com/SDR/downloads/MCP/Ubuntu/pool/non-free/";
license = licenses.unfreeRedistributable; license = licenses.unfreeRedistributable;
platforms = [ "x86_64-linux" ]; platforms = [ "x86_64-linux" ];
maintainers = with maintainers; [ volth ]; maintainers = with maintainers; [ volth ];

7
nixos/modules/hardware/sensor/iio.nix
View File

@ -8,7 +8,12 @@ with lib;
options = { options = {
hardware.sensor.iio = { hardware.sensor.iio = {
enable = mkOption { enable = mkOption {
description = "Enable this option to support IIO sensors."; description = ''
Enable this option to support IIO sensors.
IIO sensors are used for orientation and ambient light
sensors on some mobile devices.
'';
type = types.bool; type = types.bool;
default = false; default = false;
}; };

19
nixos/modules/hardware/uinput.nix Normal file
View File

@ -0,0 +1,19 @@
{ config, pkgs, lib, ... }:
let
cfg = config.hardware.uinput;
in {
options.hardware.uinput = {
enable = lib.mkEnableOption "uinput support";
};
config = lib.mkIf cfg.enable {
boot.kernelModules = [ "uinput" ];
users.groups.uinput = {};
services.udev.extraRules = ''
SUBSYSTEM=="misc", KERNEL=="uinput", MODE="0660", GROUP="uinput", OPTIONS+="static_node=uinput"
'';
};
}

12
nixos/modules/hardware/wooting.nix Normal file
View File

@ -0,0 +1,12 @@
{ config, lib, pkgs, ... }:
with lib;
{
options.hardware.wooting.enable =
mkEnableOption "Enable support for Wooting keyboards";
config = mkIf config.hardware.wooting.enable {
environment.systemPackages = [ pkgs.wootility ];
services.udev.packages = [ pkgs.wooting-udev-rules ];
};
}

4
nixos/modules/i18n/input-method/ibus.nix
View File

@ -75,5 +75,9 @@ in
QT_IM_MODULE = "ibus"; QT_IM_MODULE = "ibus";
XMODIFIERS = "@im=ibus"; XMODIFIERS = "@im=ibus";
}; };
xdg.portal.extraPortals = mkIf config.xdg.portal.enable [
ibusPackage
];
}; };
} }

7
nixos/modules/installer/cd-dvd/installation-cd-base.nix
View File

@ -1,7 +1,7 @@
# This module contains the basic configuration for building a NixOS # This module contains the basic configuration for building a NixOS
# installation CD. # installation CD.
{ config, lib, pkgs, ... }: { config, lib, options, pkgs, ... }:
with lib; with lib;
@ -15,11 +15,12 @@ with lib;
../../profiles/installation-device.nix ../../profiles/installation-device.nix
]; ];
# Adds terminus_font for people with HiDPI displays
console.packages = options.console.packages.default ++ [ pkgs.terminus_font ];
# ISO naming. # ISO naming.
isoImage.isoName = "${config.isoImage.isoBaseName}-${config.system.nixos.label}-${pkgs.stdenv.hostPlatform.system}.iso"; isoImage.isoName = "${config.isoImage.isoBaseName}-${config.system.nixos.label}-${pkgs.stdenv.hostPlatform.system}.iso";
isoImage.volumeID = substring 0 11 "NIXOS_ISO";
# EFI booting # EFI booting
isoImage.makeEfiBootable = true; isoImage.makeEfiBootable = true;

5
nixos/modules/installer/cd-dvd/installation-cd-graphical-gnome.nix
View File

@ -7,10 +7,9 @@ with lib;
{ {
imports = [ ./installation-cd-graphical-base.nix ]; imports = [ ./installation-cd-graphical-base.nix ];
services.xserver.desktopManager.gnome3.enable = true; isoImage.edition = "gnome";
# Wayland can be problematic for some hardware like Nvidia graphics cards. services.xserver.desktopManager.gnome3.enable = true;
services.xserver.displayManager.defaultSession = "gnome-xorg";
services.xserver.displayManager.gdm = { services.xserver.displayManager.gdm = {
enable = true; enable = true;

2
nixos/modules/installer/cd-dvd/installation-cd-graphical-plasma5.nix
View File

@ -8,6 +8,8 @@ with lib;
{ {
imports = [ ./installation-cd-graphical-base.nix ]; imports = [ ./installation-cd-graphical-base.nix ];
isoImage.edition = "plasma5";
services.xserver = { services.xserver = {
desktopManager.plasma5 = { desktopManager.plasma5 = {
enable = true; enable = true;

2
nixos/modules/installer/cd-dvd/installation-cd-minimal.nix
View File

@ -8,5 +8,7 @@
[ ./installation-cd-base.nix [ ./installation-cd-base.nix
]; ];
isoImage.edition = "minimal";
fonts.fontconfig.enable = false; fonts.fontconfig.enable = false;
} }

28
nixos/modules/installer/cd-dvd/iso-image.nix
View File

@ -417,8 +417,17 @@ in
''; '';
}; };
isoImage.edition = mkOption {
default = "";
description = ''
Specifies which edition string to use in the volume ID of the generated
ISO image.
'';
};
isoImage.volumeID = mkOption { isoImage.volumeID = mkOption {
default = "NIXOS_BOOT_CD"; # nixos-$EDITION-$RELEASE-$ARCH
default = "nixos${optionalString (config.isoImage.edition != "") "-${config.isoImage.edition}"}-${config.system.nixos.release}-${pkgs.stdenv.hostPlatform.uname.processor}";
description = '' description = ''
Specifies the label or volume ID of the generated ISO image. Specifies the label or volume ID of the generated ISO image.
Note that the label is used by stage 1 of the boot process to Note that the label is used by stage 1 of the boot process to
@ -474,7 +483,7 @@ in
isoImage.efiSplashImage = mkOption { isoImage.efiSplashImage = mkOption {
default = pkgs.fetchurl { default = pkgs.fetchurl {
url = https://raw.githubusercontent.com/NixOS/nixos-artwork/a9e05d7deb38a8e005a2b52575a3f59a63a4dba0/bootloader/efi-background.png; url = "https://raw.githubusercontent.com/NixOS/nixos-artwork/a9e05d7deb38a8e005a2b52575a3f59a63a4dba0/bootloader/efi-background.png";
sha256 = "18lfwmp8yq923322nlb9gxrh5qikj1wsk6g5qvdh31c4h5b1538x"; sha256 = "18lfwmp8yq923322nlb9gxrh5qikj1wsk6g5qvdh31c4h5b1538x";
}; };
description = '' description = ''
@ -484,7 +493,7 @@ in
isoImage.splashImage = mkOption { isoImage.splashImage = mkOption {
default = pkgs.fetchurl { default = pkgs.fetchurl {
url = https://raw.githubusercontent.com/NixOS/nixos-artwork/a9e05d7deb38a8e005a2b52575a3f59a63a4dba0/bootloader/isolinux/bios-boot.png; url = "https://raw.githubusercontent.com/NixOS/nixos-artwork/a9e05d7deb38a8e005a2b52575a3f59a63a4dba0/bootloader/isolinux/bios-boot.png";
sha256 = "1wp822zrhbg4fgfbwkr7cbkr4labx477209agzc0hr6k62fr6rxd"; sha256 = "1wp822zrhbg4fgfbwkr7cbkr4labx477209agzc0hr6k62fr6rxd";
}; };
description = '' description = ''
@ -515,6 +524,19 @@ in
}; };
config = { config = {
assertions = [
{
assertion = !(stringLength config.isoImage.volumeID > 32);
# https://wiki.osdev.org/ISO_9660#The_Primary_Volume_Descriptor
# Volume Identifier can only be 32 bytes
message = let
length = stringLength config.isoImage.volumeID;
howmany = toString length;
toomany = toString (length - 32);
in
"isoImage.volumeID ${config.isoImage.volumeID} is ${howmany} characters. That is ${toomany} characters longer than the limit of 32.";
}
];
boot.loader.grub.version = 2; boot.loader.grub.version = 2;

8
nixos/modules/installer/tools/nix-fallback-paths.nix
View File

@ -1,6 +1,6 @@
{ {
x86_64-linux = "/nix/store/ddmmzn4ggz1f66lwxjy64n89864yj9w9-nix-2.3.3"; x86_64-linux = "/nix/store/8928ygfyf9iassfrnj76v55s6zid58ja-nix-2.3.4";
i686-linux = "/nix/store/5axys7hsggb4282dsbps5k5p0v59yv13-nix-2.3.3"; i686-linux = "/nix/store/b5cx3nmba9ahx3wk5ybxa67k40pdpdxn-nix-2.3.4";
aarch64-linux = "/nix/store/k80nwvi19hxwbz3c9cxgp24f1jjxwmcc-nix-2.3.3"; aarch64-linux = "/nix/store/p6j4mis6agdjlk4j0cyg7yh58wpm3kif-nix-2.3.4";
x86_64-darwin = "/nix/store/lrnvapsqmf0ja6zfyx4cpxr7ahdr7f9b-nix-2.3.3"; x86_64-darwin = "/nix/store/aizhr07dljmlbf17wfrj40x3s0b5iv3d-nix-2.3.4";
} }

7
nixos/modules/installer/tools/nixos-build-vms/build-vms.nix
View File

@ -3,7 +3,12 @@
, networkExpr , networkExpr
}: }:
let nodes = import networkExpr; in let
nodes = builtins.mapAttrs (vm: module: {
_file = "${networkExpr}@node-${vm}";
imports = [ module ];
}) (import networkExpr);
in
with import ../../../../lib/testing-python.nix { with import ../../../../lib/testing-python.nix {
inherit system; inherit system;

12
nixos/modules/installer/tools/nixos-generate-config.pl
View File

@ -91,9 +91,6 @@ sub hasCPUFeature {
} }
# Detect the number of CPU cores.
my $cpus = scalar (grep {/^processor\s*:/} (split '\n', $cpuinfo));
# Determine CPU governor to use # Determine CPU governor to use
if (-e "/sys/devices/system/cpu/cpu0/cpufreq/scaling_available_governors") { if (-e "/sys/devices/system/cpu/cpu0/cpufreq/scaling_available_governors") {
@ -183,7 +180,7 @@ sub pciCheck {
) ) ) )
{ {
# we need e.g. brcmfmac43602-pcie.bin # we need e.g. brcmfmac43602-pcie.bin
push @imports, "<nixpkgs/nixos/modules/hardware/network/broadcom-43xx.nix>"; push @imports, "(modulesPath + \"/hardware/network/broadcom-43xx.nix\")";
} }
# Can't rely on $module here, since the module may not be loaded # Can't rely on $module here, since the module may not be loaded
@ -282,7 +279,7 @@ if ($virt eq "oracle") {
# Likewise for QEMU. # Likewise for QEMU.
if ($virt eq "qemu" || $virt eq "kvm" || $virt eq "bochs") { if ($virt eq "qemu" || $virt eq "kvm" || $virt eq "bochs") {
push @imports, "<nixpkgs/nixos/modules/profiles/qemu-guest.nix>"; push @imports, "(modulesPath + \"/profiles/qemu-guest.nix\")";
} }
# Also for Hyper-V. # Also for Hyper-V.
@ -299,7 +296,7 @@ if ($virt eq "systemd-nspawn") {
# Provide firmware for devices that are not detected by this script, # Provide firmware for devices that are not detected by this script,
# unless we're in a VM/container. # unless we're in a VM/container.
push @imports, "<nixpkgs/nixos/modules/installer/scan/not-detected.nix>" push @imports, "(modulesPath + \"/installer/scan/not-detected.nix\")"
if $virt eq "none"; if $virt eq "none";
@ -552,7 +549,7 @@ my $hwConfig = <<EOF;
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, ... }: { config, lib, pkgs, modulesPath, ... }:
{ {
imports =${\multiLineList(" ", @imports)}; imports =${\multiLineList(" ", @imports)};
@ -562,7 +559,6 @@ my $hwConfig = <<EOF;
boot.kernelModules = [$kernelModules ]; boot.kernelModules = [$kernelModules ];
boot.extraModulePackages = [$modulePackages ]; boot.extraModulePackages = [$modulePackages ];
$fsAndSwap $fsAndSwap
nix.maxJobs = lib.mkDefault $cpus;
${\join "", (map { " $_\n" } (uniq @attrs))}} ${\join "", (map { " $_\n" } (uniq @attrs))}}
EOF EOF

16
nixos/modules/installer/tools/tools.nix
View File

@ -42,7 +42,10 @@ let
inherit (config.system.nixos-generate-config) configuration; inherit (config.system.nixos-generate-config) configuration;
}; };
nixos-option = pkgs.callPackage ./nixos-option { }; nixos-option =
if lib.versionAtLeast (lib.getVersion pkgs.nix) "2.4pre"
then null
else pkgs.callPackage ./nixos-option { };
nixos-version = makeProg { nixos-version = makeProg {
name = "nixos-version"; name = "nixos-version";
@ -108,10 +111,10 @@ in
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Select internationalisation properties. # Select internationalisation properties.
# i18n = { # i18n.defaultLocale = "en_US.UTF-8";
# consoleFont = "Lat2-Terminus16"; # console = {
# consoleKeyMap = "us"; # font = "Lat2-Terminus16";
# defaultLocale = "en_US.UTF-8"; # keyMap = "us";
# }; # };
# Set your time zone. # Set your time zone.
@ -184,10 +187,9 @@ in
nixos-install nixos-install
nixos-rebuild nixos-rebuild
nixos-generate-config nixos-generate-config
nixos-option
nixos-version nixos-version
nixos-enter nixos-enter
]; ] ++ lib.optional (nixos-option != null) nixos-option;
system.build = { system.build = {
inherit nixos-install nixos-generate-config nixos-option nixos-rebuild nixos-enter; inherit nixos-install nixos-generate-config nixos-option nixos-rebuild nixos-enter;

Some files were not shown because too many files have changed in this diff Show More