public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge staging-next into staging

Browse Source
This commit is contained in:
Frederik Rietdijk 2020-04-25 07:53:37 +02:00
commit bb10352242
278 changed files with 12532 additions and 5965 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.github/CODEOWNERS vendored
View File

@ -55,9 +55,6 @@
# NixOS integration test driver
/nixos/lib/test-driver @tfc
# New NixOS modules
/nixos/modules/module-list.nix @Infinisil
# Python-related code and docs
/maintainers/scripts/update-python-libraries @FRidh
/pkgs/top-level/python-packages.nix @FRidh @jonringer
@ -67,7 +64,7 @@
# Haskell
/pkgs/development/compilers/ghc @cdepillabout
/pkgs/development/haskell-modules @cdepillabout @infinisil
/pkgs/development/haskell-modules @cdepillabout
/pkgs/development/haskell-modules/default.nix @cdepillabout
/pkgs/development/haskell-modules/generic-builder.nix @cdepillabout
/pkgs/development/haskell-modules/hoogle.nix @cdepillabout

2
doc/languages-frameworks/haskell.section.md
View File

@ -110,8 +110,6 @@ haskell.compiler.ghc844 ghc-8.4.4
haskell.compiler.ghc863Binary ghc-8.6.3-binary
haskell.compiler.ghc865 ghc-8.6.5
haskell.compiler.integer-simple.ghc865 ghc-8.6.5
haskell.compiler.ghc881 ghc-8.8.1
haskell.compiler.integer-simple.ghc881 ghc-8.8.1
haskell.compiler.ghc882 ghc-8.8.2
haskell.compiler.integer-simple.ghc882 ghc-8.8.2
haskell.compiler.ghc883 ghc-8.8.3

31
doc/using/overlays.xml
View File

@ -140,8 +140,8 @@ self: super:
<section xml:id="sec-overlays-alternatives">
<title>Using overlays to configure alternatives</title>
<para>
Certain software has different implementations of the same
interface. Other distributions have functionality to switch
Certain software packages have different implementations of the
same interface. Other distributions have functionality to switch
between these. For example, Debian provides <link
xlink:href="https://wiki.debian.org/DebianAlternatives">DebianAlternatives</link>.
Nixpkgs has what we call <literal>alternatives</literal>, which
@ -160,8 +160,9 @@ self: super:
</para>
<para>
The Nixpkgs attribute is <literal>openblas</literal> for
ILP64 and <literal>openblasCompat</literal> for LP64. This
is the default.
ILP64 (integer width = 64 bits) and
<literal>openblasCompat</literal> for LP64 (integer width =
32 bits). <literal>openblasCompat</literal> is the default.
</para>
</listitem>
<listitem>
@ -190,8 +191,15 @@ self: super:
#83888</link>, we are able to override the blas and lapack
packages to use different implementations, through the
blasProvider and lapackProvider argument. This can be used
to select a different provider. For example, an overlay can be
created that looks like:
to select a different provider. BLAS providers will have
symlinks in <literal>$out/lib/libblas.so.3</literal> and
<literal>$out/lib/libcblas.so.3</literal> to their respective
BLAS libraries. Likewise, LAPACK providers will have symlinks
in <literal>$out/lib/liblapack.so.3</literal> and
<literal>$out/lib/liblapacke.so.3</literal> to their respective
LAPCK libraries. For example, Intel MKL is both a BLAS and
LAPACK provider. An overlay can be created to use Intel MKL
that looks like:
</para>
<programlisting>
self: super:
@ -208,9 +216,12 @@ self: super:
<para>
This overlay uses Intels MKL library for both BLAS and LAPACK
interfaces. Note that the same can be accomplished at runtime
using <literal>LD_PRELOAD</literal> of libblas.so.3 and
liblapack.so.3.
using <literal>LD_LIBRARY_PATH</literal> of libblas.so.3 and
liblapack.so.3. For instance:
</para>
<programlisting>
$ LD_LIBRARY_PATH=$(nix-build -A mkl)/lib:$LD_LIBRARY_PATH nix-shell -p octave --run octave
</programlisting>
<para>
Intel MKL requires an <literal>openmp</literal> implementation
when running with multiple processors. By default,
@ -221,8 +232,8 @@ self: super:
set it with <literal>LD_PRELOAD</literal>. Note that
<literal>mkl</literal> is only available on
<literal>x86_64-linux</literal> and
<literal>x86_64-darwin</literal>. Moreover, Hydra is not build
and distributing pre-compiled binaries using it.
<literal>x86_64-darwin</literal>. Moreover, Hydra is not
building and distributing pre-compiled binaries using it.
</para>
<para>
For BLAS/LAPACK switching to work correctly, all packages must

6
lib/licenses.nix
View File

@ -524,12 +524,6 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
fullName = "Microsoft Public License";
};
msrla = {
fullName = "Microsoft Research License Agreement";
url = "http://research.microsoft.com/en-us/projects/pex/msr-la.txt";
free = false;
};
nasa13 = spdx {
spdxId = "NASA-1.3";
fullName = "NASA Open Source Agreement 1.3";

12
maintainers/maintainer-list.nix
View File

@ -6738,6 +6738,12 @@
githubId = 2347889;
name = "Sauyon Lee";
};
savannidgerinel = {
email = "savanni@luminescent-dreams.com";
github = "savannidgerinel";
githubId = 8534888;
name = "Savanni D'Gerinel";
};
sb0 = {
email = "sb@m-labs.hk";
github = "sbourdeauducq";
@ -7178,6 +7184,12 @@
githubId = 1414088;
name = "Spencer Whitt";
};
squalus = {
email = "squalus@tuta.io";
github = "squalus";
githubId = 36899624;
name = "squalus";
};
srghma = {
email = "srghma@gmail.com";
github = "srghma";

2
maintainers/team-list.nix
View File

@ -38,6 +38,6 @@ with lib.maintainers; {
vdemeester
zowoq
];
scope = "Maintain Podman related packages and modules.";
scope = "Maintain Podman and CRI-O related packages and modules.";
};
}

5
nixos/doc/manual/release-notes/rl-2009.xml
View File

@ -45,6 +45,11 @@
There is a new module for Podman(<varname>virtualisation.podman</varname>), a drop-in replacement for the Docker command line.
</para>
</listitem>
<listitem>
<para>
The new <varname>virtualisation.containers</varname> module manages configuration shared by the CRI-O and Podman modules.
</para>
</listitem>
</itemizedlist>
</section>

6
nixos/modules/config/qt5.nix
View File

@ -6,8 +6,8 @@ let
cfg = config.qt5;
isQGnome = cfg.platformTheme == "gnome" && cfg.style == "adwaita";
isQtStyle = cfg.platformTheme == "gtk2" && cfg.style != "adwaita";
isQGnome = cfg.platformTheme == "gnome" && builtins.elem cfg.style ["adwaita" "adwaita-dark"];
isQtStyle = cfg.platformTheme == "gtk2" && !(builtins.elem cfg.style ["adwaita" "adwaita-dark"]);
packages = if isQGnome then [ pkgs.qgnomeplatform pkgs.adwaita-qt ]
else if isQtStyle then [ pkgs.libsForQt5.qtstyleplugins ]
@ -55,6 +55,7 @@ in
style = mkOption {
type = types.enum [
"adwaita"
"adwaita-dark"
"cleanlooks"
"gtk2"
"motif"
@ -71,6 +72,7 @@ in
<variablelist>
<varlistentry>
<term><literal>adwaita</literal></term>
<term><literal>adwaita-dark</literal></term>
<listitem><para>Use Adwaita Qt style with
<link xlink:href="https://github.com/FedoraQt/adwaita-qt">adwaita</link>
</para></listitem>

2
nixos/modules/services/monitoring/datadog-agent.nix
View File

@ -225,7 +225,7 @@ in {
Restart = "always";
RestartSec = 2;
};
restartTriggers = [ datadogPkg ] ++ attrNames etcfiles;
restartTriggers = [ datadogPkg ] ++ map (x: x.source) (attrValues etcfiles);
} attrs;
in {
datadog-agent = makeService {

2
nixos/modules/system/boot/networkd.nix
View File

@ -1073,7 +1073,7 @@ in
systemd.services.systemd-networkd = {
wantedBy = [ "multi-user.target" ];
restartTriggers = attrNames unitFiles;
restartTriggers = map (x: x.source) (attrValues unitFiles);
# prevent race condition with interface renaming (#39069)
requires = [ "systemd-udev-settle.service" ];
after = [ "systemd-udev-settle.service" ];

16
nixos/modules/system/boot/systemd.nix
View File

@ -593,6 +593,9 @@ in
each other's limit. The value may be specified in the following
units: s, min, h, ms, us. To turn off any kind of rate limiting,
set either value to 0.
See <option>services.journald.rateLimitBurst</option> for important
considerations when setting this value.
'';
};
@ -604,6 +607,19 @@ in
interval) that is applied to all messages generated on the system.
This rate limiting is applied per-service, so that two services
which log do not interfere with each other's limit.
Note that the effective rate limit is multiplied by a factor derived
from the available free disk space for the journal as described on
<link xlink:href="https://www.freedesktop.org/software/systemd/man/journald.conf.html">
journald.conf(5)</link>.
Note that the total amount of logs stored is limited by journald settings
such as <literal>SystemMaxUse</literal>, which defaults to a 4 GB cap.
It is thus recommended to compute what period of time that you will be
able to store logs for when an application logs at full burst rate.
With default settings for log lines that are 100 Bytes long, this can
amount to just a few hours.
'';
};

27
nixos/modules/virtualisation/containers.nix
View File

@ -30,7 +30,7 @@ in
type = types.bool;
default = false;
description = ''
This option enables the common libpod container configuration module.
This option enables the common /etc/containers configuration module.
'';
};
@ -89,35 +89,10 @@ in
'';
};
libpod = mkOption {
default = {};
description = "Libpod configuration";
type = types.submodule {
options = {
extraConfig = mkOption {
type = types.lines;
default = "";
description = ''
Extra configuration that should be put in the libpod.conf
configuration file
'';
};
};
};
};
};
config = lib.mkIf cfg.enable {
environment.etc."containers/libpod.conf".text = ''
cni_plugin_dir = ["${pkgs.cni-plugins}/bin/"]
cni_config_dir = "/etc/cni/net.d/"
'' + cfg.libpod.extraConfig;
environment.etc."containers/registries.conf".source = toTOML "registries.conf" {
registries = lib.mapAttrs (n: v: { registries = v; }) cfg.registries;
};

25
nixos/modules/virtualisation/cri-o.nix
View File

@ -6,6 +6,14 @@ let
cfg = config.virtualisation.cri-o;
in
{
imports = [
(mkRenamedOptionModule [ "virtualisation" "cri-o" "registries" ] [ "virtualisation" "containers" "registries" "search" ])
];
meta = {
maintainers = lib.teams.podman.members;
};
options.virtualisation.cri-o = {
enable = mkEnableOption "Container Runtime Interface for OCI (CRI-O)";
@ -32,17 +40,11 @@ in
default = "/pause";
description = "Pause command to be executed";
};
registries = mkOption {
type = types.listOf types.str;
default = [ "docker.io" "quay.io" ];
description = "Registries to be configured for unqualified image pull";
};
};
config = mkIf cfg.enable {
environment.systemPackages = with pkgs;
[ cri-o cri-tools conmon cni-plugins iptables runc utillinux ];
[ cri-o cri-tools conmon iptables runc utillinux ];
environment.etc."crictl.yaml".text = ''
runtime-endpoint: unix:///var/run/crio/crio.sock
'';
@ -53,9 +55,10 @@ in
[crio.image]
pause_image = "${cfg.pauseImage}"
pause_command = "${cfg.pauseCommand}"
registries = [
${concatMapStringsSep ", " (x: "\"" + x + "\"") cfg.registries}
]
[crio.network]
plugin_dirs = ["${pkgs.cni-plugins}/bin/"]
network_dir = "/etc/cni/net.d/"
[crio.runtime]
conmon = "${pkgs.conmon}/bin/conmon"
@ -81,7 +84,7 @@ in
}
'';
# Enable common container configuration, this will create policy.json
# Enable common /etc/containers configuration
virtualisation.containers.enable = true;
systemd.services.crio = {

2
nixos/modules/virtualisation/nixos-containers.nix
View File

@ -442,7 +442,7 @@ in
Whether this NixOS machine is a lightweight container running
in another NixOS system. If set to true, support for nested
containers is disabled by default, but can be reenabled by
setting <config>boot.enableContainers</config> to true.
setting <option>boot.enableContainers</option> to true.
'';
};

27
nixos/modules/virtualisation/podman.nix
View File

@ -54,6 +54,25 @@ in
'';
};
libpod = mkOption {
default = {};
description = "Libpod configuration";
type = types.submodule {
options = {
extraConfig = mkOption {
type = types.lines;
default = "";
description = ''
Extra configuration that should be put in the libpod.conf
configuration file
'';
};
};
};
};
};
config = lib.mkIf cfg.enable {
@ -66,13 +85,19 @@ in
pkgs.slirp4netns # User-mode networking for unprivileged namespaces
pkgs.fuse-overlayfs # CoW for images, much faster than default vfs
pkgs.utillinux # nsenter
pkgs.cni-plugins # Networking plugins
pkgs.iptables
]
++ lib.optional cfg.dockerCompat dockerCompat;
environment.etc."containers/libpod.conf".text = ''
cni_plugin_dir = ["${pkgs.cni-plugins}/bin/"]
cni_config_dir = "/etc/cni/net.d/"
'' + cfg.libpod.extraConfig;
environment.etc."cni/net.d/87-podman-bridge.conflist".source = copyFile "${pkgs.podman.src}/cni/87-podman-bridge.conflist";
# Enable common /etc/containers configuration
virtualisation.containers.enable = true;
};

2
nixos/tests/installer.nix
View File

@ -29,7 +29,7 @@ let
boot.loader.grub.splashImage = null;
''}
boot.loader.grub.extraConfig = "serial; terminal_output.serial";
boot.loader.grub.extraConfig = "serial; terminal_output serial";
${if grubUseEfi then ''
boot.loader.grub.device = "nodev";
boot.loader.grub.efiSupport = true;

48
nixos/tests/podman.nix
View File

@ -10,21 +10,51 @@ import ./make-test-python.nix (
nodes = {
podman =
{ pkgs, ... }:
{
virtualisation.podman.enable = true;
{
virtualisation.podman.enable = true;
virtualisation.containers.users = [
"alice"
];
users.users.alice = {
isNormalUser = true;
home = "/home/alice";
description = "Alice Foobar";
};
};
};
testScript = ''
start_all()
import shlex
def su_cmd(cmd):
cmd = shlex.quote(cmd)
return f"su alice -l -c {cmd}"
podman.wait_for_unit("sockets.target")
podman.succeed("tar cv --files-from /dev/null | podman import - scratchimg")
podman.succeed(
"podman run -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10"
)
podman.succeed("podman ps | grep sleeping")
podman.succeed("podman stop sleeping")
start_all()
with subtest("Run container as root"):
podman.succeed("tar cv --files-from /dev/null | podman import - scratchimg")
podman.succeed(
"podman run -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10"
)
podman.succeed("podman ps | grep sleeping")
podman.succeed("podman stop sleeping")
with subtest("Run container rootless"):
podman.succeed(su_cmd("tar cv --files-from /dev/null | podman import - scratchimg"))
podman.succeed(
su_cmd(
"podman run -d --name=sleeping -v /nix/store:/nix/store -v /run/current-system/sw/bin:/bin scratchimg /bin/sleep 10"
)
)
podman.succeed(su_cmd("podman ps | grep sleeping"))
podman.succeed(su_cmd("podman stop sleeping"))
'';
}
)

139
nixos/tests/systemd-confinement.nix
View File

@ -1,4 +1,4 @@
import ./make-test.nix {
import ./make-test-python.nix {
name = "systemd-confinement";
machine = { pkgs, lib, ... }: let
@ -17,7 +17,7 @@ import ./make-test.nix {
exit "''${ret:-1}"
'';
mkTestStep = num: { description, config ? {}, testScript }: {
mkTestStep = num: { config ? {}, testScript }: {
systemd.sockets."test${toString num}" = {
description = "Socket for Test Service ${toString num}";
wantedBy = [ "sockets.target" ];
@ -34,52 +34,48 @@ import ./make-test.nix {
};
} // removeAttrs config [ "confinement" "serviceConfig" ];
__testSteps = lib.mkOrder num ''
subtest '${lib.escape ["\\" "'"] description}', sub {
$machine->succeed('echo ${toString num} > /teststep');
${testScript}
};
'';
__testSteps = lib.mkOrder num (''
machine.succeed("echo ${toString num} > /teststep")
'' + testScript);
};
in {
imports = lib.imap1 mkTestStep [
{ description = "chroot-only confinement";
config.confinement.mode = "chroot-only";
{ config.confinement.mode = "chroot-only";
testScript = ''
$machine->succeed(
'test "$(chroot-exec ls -1 / | paste -sd,)" = bin,nix',
'test "$(chroot-exec id -u)" = 0',
'chroot-exec chown 65534 /bin',
);
with subtest("chroot-only confinement"):
machine.succeed(
'test "$(chroot-exec ls -1 / | paste -sd,)" = bin,nix',
'test "$(chroot-exec id -u)" = 0',
"chroot-exec chown 65534 /bin",
)
'';
}
{ description = "full confinement with APIVFS";
testScript = ''
$machine->fail(
'chroot-exec ls -l /etc',
'chroot-exec ls -l /run',
'chroot-exec chown 65534 /bin',
);
$machine->succeed(
'test "$(chroot-exec id -u)" = 0',
'chroot-exec chown 0 /bin',
);
{ testScript = ''
with subtest("full confinement with APIVFS"):
machine.fail(
"chroot-exec ls -l /etc",
"chroot-exec ls -l /run",
"chroot-exec chown 65534 /bin",
)
machine.succeed(
'test "$(chroot-exec id -u)" = 0', "chroot-exec chown 0 /bin",
)
'';
}
{ description = "check existence of bind-mounted /etc";
config.serviceConfig.BindReadOnlyPaths = [ "/etc" ];
{ config.serviceConfig.BindReadOnlyPaths = [ "/etc" ];
testScript = ''
$machine->succeed('test -n "$(chroot-exec cat /etc/passwd)"');
with subtest("check existence of bind-mounted /etc"):
machine.succeed('test -n "$(chroot-exec cat /etc/passwd)"')
'';
}
{ description = "check if User/Group really runs as non-root";
config.serviceConfig.User = "chroot-testuser";
{ config.serviceConfig.User = "chroot-testuser";
config.serviceConfig.Group = "chroot-testgroup";
testScript = ''
$machine->succeed('chroot-exec ls -l /dev');
$machine->succeed('test "$(chroot-exec id -u)" != 0');
$machine->fail('chroot-exec touch /bin/test');
with subtest("check if User/Group really runs as non-root"):
machine.succeed("chroot-exec ls -l /dev")
machine.succeed('test "$(chroot-exec id -u)" != 0')
machine.fail("chroot-exec touch /bin/test")
'';
}
(let
@ -87,62 +83,60 @@ import ./make-test.nix {
target = pkgs.writeText "symlink-target" "got me\n";
} "ln -s \"$target\" \"$out\"";
in {
description = "check if symlinks are properly bind-mounted";
config.confinement.packages = lib.singleton symlink;
testScript = ''
$machine->fail('chroot-exec test -e /etc');
$machine->succeed('chroot-exec cat ${symlink} >&2');
$machine->succeed('test "$(chroot-exec cat ${symlink})" = "got me"');
with subtest("check if symlinks are properly bind-mounted"):
machine.fail("chroot-exec test -e /etc")
machine.succeed(
"chroot-exec cat ${symlink} >&2",
'test "$(chroot-exec cat ${symlink})" = "got me"',
)
'';
})
{ description = "check if StateDirectory works";
config.serviceConfig.User = "chroot-testuser";
{ config.serviceConfig.User = "chroot-testuser";
config.serviceConfig.Group = "chroot-testgroup";
config.serviceConfig.StateDirectory = "testme";
testScript = ''
$machine->succeed('chroot-exec touch /tmp/canary');
$machine->succeed('chroot-exec "echo works > /var/lib/testme/foo"');
$machine->succeed('test "$(< /var/lib/testme/foo)" = works');
$machine->succeed('test ! -e /tmp/canary');
with subtest("check if StateDirectory works"):
machine.succeed("chroot-exec touch /tmp/canary")
machine.succeed('chroot-exec "echo works > /var/lib/testme/foo"')
machine.succeed('test "$(< /var/lib/testme/foo)" = works')
machine.succeed("test ! -e /tmp/canary")
'';
}
{ description = "check if /bin/sh works";
{ testScript = ''
with subtest("check if /bin/sh works"):
machine.succeed(
"chroot-exec test -e /bin/sh",
'test "$(chroot-exec \'/bin/sh -c "echo bar"\')" = bar',
)
'';
}
{ config.confinement.binSh = null;
testScript = ''
$machine->succeed(
'chroot-exec test -e /bin/sh',
'test "$(chroot-exec \'/bin/sh -c "echo bar"\')" = bar',
);
with subtest("check if suppressing /bin/sh works"):
machine.succeed("chroot-exec test ! -e /bin/sh")
machine.succeed('test "$(chroot-exec \'/bin/sh -c "echo foo"\')" != foo')
'';
}
{ description = "check if suppressing /bin/sh works";
config.confinement.binSh = null;
{ config.confinement.binSh = "${pkgs.hello}/bin/hello";
testScript = ''
$machine->succeed(
'chroot-exec test ! -e /bin/sh',
'test "$(chroot-exec \'/bin/sh -c "echo foo"\')" != foo',
);
with subtest("check if we can set /bin/sh to something different"):
machine.succeed("chroot-exec test -e /bin/sh")
machine.succeed('test "$(chroot-exec /bin/sh -g foo)" = foo')
'';
}
{ description = "check if we can set /bin/sh to something different";
config.confinement.binSh = "${pkgs.hello}/bin/hello";
{ config.environment.FOOBAR = pkgs.writeText "foobar" "eek\n";
testScript = ''
$machine->succeed(
'chroot-exec test -e /bin/sh',
'test "$(chroot-exec /bin/sh -g foo)" = foo',
);
with subtest("check if only Exec* dependencies are included"):
machine.succeed('test "$(chroot-exec \'cat "$FOOBAR"\')" != eek')
'';
}
{ description = "check if only Exec* dependencies are included";
config.environment.FOOBAR = pkgs.writeText "foobar" "eek\n";
testScript = ''
$machine->succeed('test "$(chroot-exec \'cat "$FOOBAR"\')" != eek');
'';
}
{ description = "check if all unit dependencies are included";
config.environment.FOOBAR = pkgs.writeText "foobar" "eek\n";
{ config.environment.FOOBAR = pkgs.writeText "foobar" "eek\n";
config.confinement.fullUnit = true;
testScript = ''
$machine->succeed('test "$(chroot-exec \'cat "$FOOBAR"\')" = eek');
with subtest("check if all unit dependencies are included"):
machine.succeed('test "$(chroot-exec \'cat "$FOOBAR"\')" = eek')
'';
}
];
@ -162,7 +156,6 @@ import ./make-test.nix {
};
testScript = { nodes, ... }: ''
$machine->waitForUnit('multi-user.target');
${nodes.machine.config.__testSteps}
'';
machine.wait_for_unit("multi-user.target")
'' + nodes.machine.config.__testSteps;
}

4
pkgs/applications/audio/clementine/default.nix
View File

@ -91,7 +91,7 @@ let
'';
meta = with stdenv.lib; {
homepage = "http://www.clementine-player.org";
homepage = "https://www.clementine-player.org";
description = "A multiplatform music player";
license = licenses.gpl3Plus;
platforms = platforms.linux;
@ -130,7 +130,7 @@ let
'';
enableParallelBuilding = true;
meta = with stdenv.lib; {
homepage = "http://www.clementine-player.org";
homepage = "https://www.clementine-player.org";
description = "Spotify integration for Clementine";
# The blob itself is Apache-licensed, although libspotify is unfree.
license = licenses.asl20;

4
pkgs/applications/audio/dfasma/default.nix
View File

@ -1,4 +1,4 @@
{ stdenv, fetchFromGitHub, fftw, libsndfile, qtbase, qtmultimedia, qmake }:
{ mkDerivation, stdenv, fetchFromGitHub, fftw, libsndfile, qtbase, qtmultimedia, qmake }:
let
@ -26,7 +26,7 @@ let
};
};
in stdenv.mkDerivation rec {
in mkDerivation rec {
pname = "dfasma";
version = "1.4.5";

4
pkgs/applications/audio/iannix/default.nix
View File

@ -1,7 +1,7 @@
{ stdenv, fetchFromGitHub, alsaLib, pkgconfig, qtbase, qtscript, qmake
{ mkDerivation, stdenv, fetchFromGitHub, alsaLib, pkgconfig, qtbase, qtscript, qmake
}:
stdenv.mkDerivation {
mkDerivation {
pname = "iannix";
version = "2016-01-31";
src = fetchFromGitHub {

56
pkgs/applications/audio/musikcube/default.nix Normal file
View File

@ -0,0 +1,56 @@
{ cmake
, pkg-config
, alsaLib
, boost
, curl
, fetchFromGitHub
, ffmpeg
, lame
, libev
, libmicrohttpd
, ncurses
, pulseaudio
, stdenv
, taglib
, systemdSupport ? stdenv.isLinux, systemd
}:
stdenv.mkDerivation rec {
pname = "musikcube";
version = "0.90.1";
src = fetchFromGitHub {
owner = "clangen";
repo = pname;
rev = version;
sha256 = "1ff2cgbllrl2pl5zfbf0cd9qbf6hqpwr395sa1k245ar4f1rfwpg";
};
# https://github.com/clangen/musikcube/issues/339
patches = [ ./dont-strip.patch ];
nativeBuildInputs = [
cmake
pkg-config
];
buildInputs = [
alsaLib
boost
curl
ffmpeg
lame
libev
libmicrohttpd
ncurses
pulseaudio
taglib
] ++ stdenv.lib.optional systemdSupport systemd;
meta = with stdenv.lib; {
description = "A fully functional terminal-based music player, library, and streaming audio server";
homepage = "https://musikcube.com/";
maintainers = [ maintainers.aanderse ];
license = licenses.bsd3;
platforms = platforms.all;
};
}

14
pkgs/applications/audio/musikcube/dont-strip.patch Normal file
View File

@ -0,0 +1,14 @@
diff --git a/CMakeLists.txt b/CMakeLists.txt
index a3e02666..7c43c7e6 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -370,9 +370,3 @@ endif()
# they don't yet exist!
add_custom_target(postbuild ALL DEPENDS musikcube musikcubed)
add_custom_command(TARGET postbuild POST_BUILD COMMAND cmake .)
-
-# strip binaries in release mode
-if (CMAKE_BUILD_TYPE MATCHES Release)
- message(STATUS "stripping binaries...")
- add_custom_command(TARGET postbuild POST_BUILD COMMAND "${CMAKE_SOURCE_DIR}/strip-nix.sh")
-endif()

6
pkgs/applications/audio/spotify-tui/default.nix
View File

@ -2,16 +2,16 @@
rustPlatform.buildRustPackage rec {
pname = "spotify-tui";
version = "0.17.1";
version = "0.18.0";
src = fetchFromGitHub {
owner = "Rigellute";
repo = "spotify-tui";
rev = "v${version}";
sha256 = "1gsddjinxmglm05hhphclax08d9pig1f0wjjs3bbcq096fydxgfs";
sha256 = "15icg332iyacdn4ydr4nivblayg4xkcnjh4f0sjnhj4q173v8fq2";
};
cargoSha256 = "1y398ypckk3gw1sfzf97xzwf5d5z3kxlcpn3bccmsfr59kvkf661";
cargoSha256 = "0rw8pj74k88rvcr18837g356lwsn2vdq384yma9df462xd2cw823";
nativeBuildInputs = [ pkgconfig ] ++ stdenv.lib.optionals stdenv.isLinux [ python3 ];
buildInputs = [ openssl ]

4
pkgs/applications/audio/traverso/default.nix
View File

@ -1,8 +1,8 @@
{ stdenv, fetchurl, cmake, pkgconfig
{ mkDerivation, stdenv, fetchurl, cmake, pkgconfig
, alsaLib, fftw, flac, lame, libjack2, libmad, libpulseaudio
, libsamplerate, libsndfile, libvorbis, portaudio, qtbase, wavpack
}:
stdenv.mkDerivation {
mkDerivation {
pname = "traverso";
version = "0.49.6";

8
pkgs/applications/audio/x42-plugins/default.nix
View File

@ -3,12 +3,12 @@
, libGLU, lv2, gtk2, cairo, pango, fftwFloat, zita-convolver }:
stdenv.mkDerivation rec {
version = "20200114";
version = "20200411";
pname = "x42-plugins";
src = fetchurl {
url = "https://gareus.org/misc/x42-plugins/${pname}-${version}.tar.xz";
sha256 = "02f8wnsl9wg7pgf4sshr0hdjfjkwln870ffgjmb01nqk37v7hiyn";
sha256 = "0y6778l2zc80kvp31mqw3vkcyi7g613jxn3g3lxqfa31i617gh6j";
};
nativeBuildInputs = [ pkgconfig ];
@ -26,8 +26,8 @@ stdenv.mkDerivation rec {
patchPhase = ''
patchShebangs ./stepseq.lv2/gridgen.sh
patchShebangs ./matrixmixer.lv2/genttl.sh #TODO: remove at next update, see https://github.com/x42/matrixmixer.lv2/issues/2
patchShebangs ./matrixmixer.lv2/genhead.sh #TODO: remove at next update, see https://github.com/x42/matrixmixer.lv2/issues/2
patchShebangs ./matrixmixer.lv2/genttl.sh
patchShebangs ./matrixmixer.lv2/genhead.sh
sed -i 's|/usr/include/zita-convolver.h|${zita-convolver}/include/zita-convolver.h|g' ./convoLV2/Makefile
'';

120
pkgs/applications/editors/emacs-modes/melpa-packages.nix
View File

@ -164,12 +164,120 @@ env NIXPKGS_ALLOW_BROKEN=1 nix-instantiate --show-trace ../../../../ -A emacsPac
ivy-rtags = fix-rtags super.ivy-rtags;
mandoku = super.mandoku.overrideAttrs (attrs: {
# searches for Git at build time
nativeBuildInputs =
(attrs.nativeBuildInputs or []) ++ [ external.git ];
});
mandoku-tls = super.mandoku-tls.overrideAttrs (attrs: {
# searches for Git at build time
nativeBuildInputs =
(attrs.nativeBuildInputs or []) ++ [ external.git ];
});
magit = super.magit.overrideAttrs (attrs: {
# searches for Git at build time
nativeBuildInputs =
(attrs.nativeBuildInputs or []) ++ [ external.git ];
});
magit-circleci = super.magit-circleci.overrideAttrs (attrs: {
# searches for Git at build time
nativeBuildInputs =
(attrs.nativeBuildInputs or []) ++ [ external.git ];
});
magit-diff-flycheck = super.magit-diff-flycheck.overrideAttrs (attrs: {
# searches for Git at build time
nativeBuildInputs =
(attrs.nativeBuildInputs or []) ++ [ external.git ];
});
magit-find-file = super.magit-find-file.overrideAttrs (attrs: {
# searches for Git at build time
nativeBuildInputs =
(attrs.nativeBuildInputs or []) ++ [ external.git ];
});
magit-gh-pulls = super.magit-gh-pulls.overrideAttrs (attrs: {
# searches for Git at build time
nativeBuildInputs =
(attrs.nativeBuildInputs or []) ++ [ external.git ];
});
magit-imerge = super.magit-imerge.overrideAttrs (attrs: {
# searches for Git at build time
nativeBuildInputs =
(attrs.nativeBuildInputs or []) ++ [ external.git ];
});
magit-lfs = super.magit-lfs.overrideAttrs (attrs: {
# searches for Git at build time
nativeBuildInputs =
(attrs.nativeBuildInputs or []) ++ [ external.git ];
});
magit-org-todos = super.magit-org-todos.overrideAttrs (attrs: {
# searches for Git at build time
nativeBuildInputs =
(attrs.nativeBuildInputs or []) ++ [ external.git ];
});
magit-p4 = super.magit-p4.overrideAttrs (attrs: {
# searches for Git at build time
nativeBuildInputs =
(attrs.nativeBuildInputs or []) ++ [ external.git ];
});
magit-patch-changelog = super.magit-patch-changelog.overrideAttrs (attrs: {
# searches for Git at build time
nativeBuildInputs =
(attrs.nativeBuildInputs or []) ++ [ external.git ];
});
magit-rbr = super.magit-rbr.overrideAttrs (attrs: {
# searches for Git at build time
nativeBuildInputs =
(attrs.nativeBuildInputs or []) ++ [ external.git ];
});
magit-reviewboard = super.magit-reviewboard.overrideAttrs (attrs: {
# searches for Git at build time
nativeBuildInputs =
(attrs.nativeBuildInputs or []) ++ [ external.git ];
});
magit-stgit = super.magit-stgit.overrideAttrs (attrs: {
# searches for Git at build time
nativeBuildInputs =
(attrs.nativeBuildInputs or []) ++ [ external.git ];
});
magit-tbdiff = super.magit-tbdiff.overrideAttrs (attrs: {
# searches for Git at build time
nativeBuildInputs =
(attrs.nativeBuildInputs or []) ++ [ external.git ];
});
magit-topgit = super.magit-topgit.overrideAttrs (attrs: {
# searches for Git at build time
nativeBuildInputs =
(attrs.nativeBuildInputs or []) ++ [ external.git ];
});
magit-vcsh = super.magit-vcsh.overrideAttrs (attrs: {
# searches for Git at build time
nativeBuildInputs =
(attrs.nativeBuildInputs or []) ++ [ external.git ];
});
magit-gerrit = super.magit-gerrit.overrideAttrs (attrs: {
# searches for Git at build time
nativeBuildInputs =
(attrs.nativeBuildInputs or []) ++ [ external.git ];
});
magit-annex = super.magit-annex.overrideAttrs (attrs: {
# searches for Git at build time
nativeBuildInputs =
@ -206,12 +314,24 @@ env NIXPKGS_ALLOW_BROKEN=1 nix-instantiate --show-trace ../../../../ -A emacsPac
(attrs.nativeBuildInputs or []) ++ [ external.git ];
});
kapacitor = super.kapacitor.overrideAttrs (attrs: {
# searches for Git at build time
nativeBuildInputs =
(attrs.nativeBuildInputs or []) ++ [ external.git ];
});
kubernetes = super.kubernetes.overrideAttrs (attrs: {
# searches for Git at build time
nativeBuildInputs =
(attrs.nativeBuildInputs or []) ++ [ external.git ];
});
kubernetes-evil = super.kubernetes-evil.overrideAttrs (attrs: {
# searches for Git at build time
nativeBuildInputs =
(attrs.nativeBuildInputs or []) ++ [ external.git ];
});
# upstream issue: missing file header
mhc = super.mhc.override {
inherit (self.melpaPackages) calfw;

4
pkgs/applications/editors/mindforger/default.nix
View File

@ -1,6 +1,6 @@
{ stdenv, fetchurl, qmake, qtbase, qtwebkit }:
{ mkDerivation, stdenv, fetchurl, qmake, qtbase, qtwebkit }:
stdenv.mkDerivation rec {
mkDerivation rec {
pname = "mindforger";
version = "1.48.2";

4
pkgs/applications/editors/okteta/default.nix
View File

@ -1,8 +1,8 @@
{ stdenv, fetchurl, extra-cmake-modules, kdoctools, qtscript, kconfig
{ mkDerivation, stdenv, fetchurl, extra-cmake-modules, kdoctools, qtscript, kconfig
, kinit, karchive, kcrash, kcmutils, kconfigwidgets, knewstuff, kparts
, qca-qt5, shared-mime-info }:
stdenv.mkDerivation rec {
mkDerivation rec {
pname = "okteta";
version = "0.26.3";

2
pkgs/applications/editors/typora/default.nix
View File

@ -62,7 +62,7 @@ stdenv.mkDerivation rec {
description = "A minimal Markdown reading & writing app";
homepage = "https://typora.io";
license = licenses.unfree;
maintainers = with maintainers; [ jensbin worldofpeace ];
maintainers = with maintainers; [ jensbin ];
platforms = [ "x86_64-linux"];
};
}

11
pkgs/applications/graphics/awesomebump/default.nix
View File

@ -1,4 +1,4 @@
{ lib, stdenv, fetchgit, qtbase, qmake, makeWrapper, qtscript, flex, bison, qtdeclarative }:
{ mkDerivation, lib, fetchgit, qtbase, qmake, qtscript, flex, bison, qtdeclarative }:
let
@ -11,7 +11,7 @@ let
fetchSubmodules = true;
};
qtnproperty = stdenv.mkDerivation {
qtnproperty = mkDerivation {
name = "qtnproperty";
inherit src;
sourceRoot = "AwesomeBump/Sources/utils/QtnProperty";
@ -22,7 +22,7 @@ let
install -D bin-linux/QtnPEG $out/bin/QtnPEG
'';
};
in stdenv.mkDerivation {
in mkDerivation {
pname = "awesomebump";
inherit version;
@ -30,12 +30,13 @@ in stdenv.mkDerivation {
buildInputs = [ qtbase qtscript qtdeclarative ];
nativeBuildInputs = [ qmake makeWrapper ];
nativeBuildInputs = [ qmake ];
preBuild = ''
ln -sf ${qtnproperty}/bin/QtnPEG Sources/utils/QtnProperty/bin-linux/QtnPEG
'';
dontWrapQtApps = true;
postInstall = ''
d=$out/libexec/AwesomeBump
@ -44,7 +45,7 @@ in stdenv.mkDerivation {
cp -prd Bin/Configs Bin/Core $d/
# AwesomeBump expects to find Core and Configs in its current directory.
makeWrapper $d/AwesomeBump $out/bin/AwesomeBump \
makeQtWrapper $d/AwesomeBump $out/bin/AwesomeBump \
--run "cd $d"
'';

4
pkgs/applications/graphics/phototonic/default.nix
View File

@ -1,6 +1,6 @@
{ stdenv, fetchFromGitHub, qtbase, qmake, exiv2 }:
{ mkDerivation, stdenv, fetchFromGitHub, qtbase, qmake, exiv2 }:
stdenv.mkDerivation rec {
mkDerivation rec {
pname = "phototonic";
version = "2.1";

4
pkgs/applications/graphics/qcomicbook/default.nix
View File

@ -1,6 +1,6 @@
{ stdenv, fetchFromGitHub, pkgconfig, cmake, qtbase, qttools, qtx11extras, poppler }:
{ mkDerivation, stdenv, fetchFromGitHub, pkgconfig, cmake, qtbase, qttools, qtx11extras, poppler }:
stdenv.mkDerivation rec {
mkDerivation rec {
pname = "qcomicbook";
version = "0.9.1";

4
pkgs/applications/graphics/write_stylus/default.nix
View File

@ -1,4 +1,4 @@
{ stdenv, lib, qtbase, qtsvg, libglvnd, fetchurl, makeDesktopItem }:
{ mkDerivation, stdenv, lib, qtbase, qtsvg, libglvnd, fetchurl, makeDesktopItem }:
let
# taken from: https://www.iconfinder.com/icons/50835/edit_pencil_write_icon
# license: Free for commercial use
@ -7,7 +7,7 @@ let
sha256 = "0abdya42yf9alxbsmc2nf8jwld50zfria6z3d4ncvp1zw2a9jhb8";
};
in
stdenv.mkDerivation rec {
mkDerivation rec {
pname = "write_stylus";
version = "209";

4
pkgs/applications/misc/bibletime/default.nix
View File

@ -1,8 +1,8 @@
{ stdenv, fetchurl, cmake, pkgconfig, sword, boost, clucene_core
{ mkDerivation, stdenv, fetchurl, cmake, pkgconfig, sword, boost, clucene_core
, qtbase, qttools, qtsvg, qtwebkit
}:
stdenv.mkDerivation rec {
mkDerivation rec {
version = "2.11.2";

4
pkgs/applications/misc/candle/default.nix
View File

@ -1,6 +1,6 @@
{ stdenv, fetchFromGitHub, qtbase, qtserialport, qmake }:
{ mkDerivation, stdenv, fetchFromGitHub, qtbase, qtserialport, qmake }:
stdenv.mkDerivation rec {
mkDerivation rec {
pname = "candle";
version = "1.1";

43
pkgs/applications/misc/fitnesstrax/default.nix Normal file
View File

@ -0,0 +1,43 @@
{ fetchFromGitHub
, glib
, gtk3
, lib
, rustPlatform
, wrapGAppsHook
}:
rustPlatform.buildRustPackage rec {
pname = "fitnesstrax";
version = "0.1.0";
src = fetchFromGitHub {
owner = "luminescent-dreams";
repo = "fitnesstrax";
rev = "${pname}-${version}";
sha256 = "1k6zhnbs0ggx7q0ig2abcnzprsgrychlpvsh6d36dw6mr8zpfkp7";
};
nativeBuildInputs = [
wrapGAppsHook
];
buildInputs = [
glib
gtk3
];
cargoSha256 = "1xgyyxd2kz21xan0pk7rbxiym90s7m2qrzg2ddilcszva60bxdd9";
postInstall = ''
mkdir -p $out/share/glib-2.0/schemas
cp -r $src/share/* $out/share/
glib-compile-schemas $out/share/glib-2.0/schemas
'';
meta = with lib; {
description = "Privacy-first fitness tracking";
homepage = "https://github.com/luminescent-dreams/fitnesstrax";
license = licenses.bsd3;
maintainers = with maintainers; [ savannidgerinel ];
};
}

7
pkgs/applications/misc/khal/default.nix
View File

@ -41,6 +41,13 @@ with python3.pkgs; buildPythonApplication rec {
checkInputs = [ pytest glibcLocales ];
LC_ALL = "en_US.UTF-8";
postPatch = ''
sed -i \
-e "s/Invalid value for \"ics\"/Invalid value for \\\'ics\\\'/" \
-e "s/Invalid value for \"\[ICS\]\"/Invalid value for \\\'\[ICS\]\\\'/" \
tests/cli_test.py
'';
postInstall = ''
# zsh completion
install -D misc/__khal $out/share/zsh/site-functions/__khal

4
pkgs/applications/misc/kitty/default.nix
View File

@ -20,14 +20,14 @@
with python3Packages;
buildPythonApplication rec {
pname = "kitty";
version = "0.17.2";
version = "0.17.3";
format = "other";
src = fetchFromGitHub {
owner = "kovidgoyal";
repo = "kitty";
rev = "v${version}";
sha256 = "0xiwz89ynhh8aj0c9jbqfsxf129hnzs0gz4bzcparnjisq2sh3cq";
sha256 = "1nx8gjavq8kc656ayh3wign1f68b46jbnmy8zyks25wg0p9gid8l";
};
buildInputs = [

5
pkgs/applications/misc/lutris/default.nix
View File

@ -1,5 +1,5 @@
{ buildPythonApplication, lib, fetchFromGitHub, fetchpatch
, wrapGAppsHook, gobject-introspection, gnome-desktop, libnotify, libgnome-keyring, pango
, wrapGAppsHook, gobject-introspection, glib-networking, gnome-desktop, libnotify, libgnome-keyring, pango
, gdk-pixbuf, atk, webkitgtk, gst_all_1
, dbus-python, evdev, pyyaml, pygobject3, requests, pillow
, xrandr, pciutils, psmisc, glxinfo, vulkan-tools, xboxdrv, pulseaudio, p7zip, xgamma
@ -40,8 +40,9 @@ in buildPythonApplication rec {
sha256 = "1g093g0difnkjmnm91p20issdsxn9ri4c56zzddj5wfrbmhwdfag";
};
nativeBuildInputs = [ wrapGAppsHook ];
buildInputs = [
wrapGAppsHook gobject-introspection gnome-desktop libnotify libgnome-keyring pango
gobject-introspection glib-networking gnome-desktop libnotify libgnome-keyring pango
gdk-pixbuf atk webkitgtk
] ++ gstDeps;

4
pkgs/applications/misc/openbrf/default.nix
View File

@ -1,7 +1,7 @@
{ stdenv, fetchFromGitHub, qtbase, vcg, glew, qmake, libGLU, libGL }:
{ mkDerivation, stdenv, fetchFromGitHub, qtbase, vcg, glew, qmake, libGLU, libGL }:
stdenv.mkDerivation {
mkDerivation {
name = "openbrf-unstable-2016-01-09";
src = fetchFromGitHub {

5
pkgs/applications/misc/qt-box-editor/default.nix
View File

@ -1,4 +1,5 @@
{ stdenv
{ mkDerivation
, stdenv
, fetchFromGitHub
, qtbase
, qtsvg
@ -7,7 +8,7 @@
, tesseract
}:
stdenv.mkDerivation {
mkDerivation {
pname = "qt-box-editor";
version = "unstable-2019-07-12";

4
pkgs/applications/misc/valentina/default.nix
View File

@ -1,4 +1,4 @@
{ stdenv, fetchhg
{ mkDerivation, stdenv, fetchhg
, qmake, qttools
, qtbase, qtsvg, qtxmlpatterns
, poppler_utils
@ -6,7 +6,7 @@
with stdenv.lib;
stdenv.mkDerivation rec {
mkDerivation rec {
pname = "valentina";
version = "0.6.1";

94
pkgs/applications/networking/browsers/ungoogled-chromium/browser.nix Normal file
View File

@ -0,0 +1,94 @@
{ stdenv, mkChromiumDerivation, channel, enableWideVine }:
with stdenv.lib;
mkChromiumDerivation (base: rec {
name = "chromium-browser";
packageName = "chromium";
buildTargets = [ "mksnapshot" "chrome_sandbox" "chrome" ];
outputs = ["out" "sandbox"];
sandboxExecutableName = "__chromium-suid-sandbox";
installPhase = ''
mkdir -p "$libExecPath"
cp -v "$buildPath/"*.pak "$buildPath/"*.bin "$libExecPath/"
cp -v "$buildPath/icudtl.dat" "$libExecPath/"
cp -vLR "$buildPath/locales" "$buildPath/resources" "$libExecPath/"
cp -v "$buildPath/chrome" "$libExecPath/$packageName"
# Swiftshader
# See https://stackoverflow.com/a/4264351/263061 for the find invocation.
if [ -n "$(find "$buildPath/swiftshader/" -maxdepth 1 -name '*.so' -print -quit)" ]; then
echo "Swiftshader files found; installing"
mkdir -p "$libExecPath/swiftshader"
cp -v "$buildPath/swiftshader/"*.so "$libExecPath/swiftshader/"
else
echo "Swiftshader files not found"
fi
mkdir -p "$sandbox/bin"
cp -v "$buildPath/chrome_sandbox" "$sandbox/bin/${sandboxExecutableName}"
mkdir -vp "$out/share/man/man1"
cp -v "$buildPath/chrome.1" "$out/share/man/man1/$packageName.1"
for icon_file in chrome/app/theme/chromium/product_logo_*[0-9].png; do
num_and_suffix="''${icon_file##*logo_}"
icon_size="''${num_and_suffix%.*}"
expr "$icon_size" : "^[0-9][0-9]*$" || continue
logo_output_prefix="$out/share/icons/hicolor"
logo_output_path="$logo_output_prefix/''${icon_size}x''${icon_size}/apps"
mkdir -vp "$logo_output_path"
cp -v "$icon_file" "$logo_output_path/$packageName.png"
done
# Install Desktop Entry
install -D chrome/installer/linux/common/desktop.template \
$out/share/applications/chromium-browser.desktop
substituteInPlace $out/share/applications/chromium-browser.desktop \
--replace "@@MENUNAME@@" "Chromium" \
--replace "@@PACKAGE@@" "chromium" \
--replace "Exec=/usr/bin/@@USR_BIN_SYMLINK_NAME@@" "Exec=chromium"
# Append more mime types to the end
sed -i '/^MimeType=/ s,$,x-scheme-handler/webcal;x-scheme-handler/mailto;x-scheme-handler/about;x-scheme-handler/unknown,' \
$out/share/applications/chromium-browser.desktop
# See https://github.com/NixOS/nixpkgs/issues/12433
sed -i \
-e '/\[Desktop Entry\]/a\' \
-e 'StartupWMClass=chromium-browser' \
$out/share/applications/chromium-browser.desktop
'';
passthru = { inherit sandboxExecutableName; };
requiredSystemFeatures = [ "big-parallel" ];
meta = {
description = "An open source web browser from Google, with dependencies on Google web services removed";
longDescription = ''
Chromium is an open source web browser from Google that aims to build a
safer, faster, and more stable way for all Internet users to experience
the web. It has a minimalist user interface and provides the vast majority
of source code for Google Chrome (which has some additional features).
'';
homepage = https://github.com/Eloston/ungoogled-chromium;
maintainers = with maintainers; [ squalus ];
# Overview of the maintainer roles:
# nixos-unstable:
# - TODO: Need a new maintainer for x86_64 [0]
# - @thefloweringash: aarch64
# - @primeos: Provisional maintainer (x86_64)
# Stable channel:
# - TODO (need someone to test backports [0])
# [0]: https://github.com/NixOS/nixpkgs/issues/78450
license = if enableWideVine then licenses.unfree else licenses.bsd3;
platforms = platforms.linux;
hydraPlatforms = if channel == "stable" then ["aarch64-linux" "x86_64-linux"] else [];
timeout = 172800; # 48 hours
};
})

361
pkgs/applications/networking/browsers/ungoogled-chromium/common.nix Normal file
View File

@ -0,0 +1,361 @@
{ stdenv, llvmPackages, gnChromium, ninja, which, nodejs, fetchpatch, gnutar
# default dependencies
, bzip2, flac, speex, libopus
, libevent, expat, libjpeg, snappy
, libpng, libcap
, xdg_utils, yasm, minizip, libwebp
, libusb1, pciutils, nss, re2, zlib
, python2Packages, perl, pkgconfig
, nspr, systemd, kerberos
, utillinux, alsaLib
, bison, gperf
, glib, gtk3, dbus-glib
, glibc
, libXScrnSaver, libXcursor, libXtst, libGLU, libGL
, protobuf, speechd, libXdamage, cups
, ffmpeg, libxslt, libxml2, at-spi2-core
, jre
# optional dependencies
, libgcrypt ? null # gnomeSupport || cupsSupport
, libva ? null # useVaapi
, libdrm ? null, wayland ? null, mesa_drivers ? null, libxkbcommon ? null # useOzone
# package customization
, useVaapi ? false
, useOzone ? false
, gnomeSupport ? false, gnome ? null
, gnomeKeyringSupport ? false, libgnome-keyring3 ? null
, proprietaryCodecs ? true
, cupsSupport ? true
, pulseSupport ? false, libpulseaudio ? null
, ungoogled-chromium
, ungoogled ? false
, upstream-info
}:
buildFun:
with stdenv.lib;
# see http://www.linuxfromscratch.org/blfs/view/cvs/xsoft/chromium.html
let
# The additional attributes for creating derivations based on the chromium
# source tree.
extraAttrs = buildFun base;
githubPatch = commit: sha256: fetchpatch {
url = "https://github.com/chromium/chromium/commit/${commit}.patch";
inherit sha256;
};
mkGnFlags =
let
# Serialize Nix types into GN types according to this document:
# https://chromium.googlesource.com/chromium/src/+/master/tools/gn/docs/language.md
mkGnString = value: "\"${escape ["\"" "$" "\\"] value}\"";
sanitize = value:
if value == true then "true"
else if value == false then "false"
else if isList value then "[${concatMapStringsSep ", " sanitize value}]"
else if isInt value then toString value
else if isString value then mkGnString value
else throw "Unsupported type for GN value `${value}'.";
toFlag = key: value: "${key}=${sanitize value}";
in attrs: concatStringsSep " " (attrValues (mapAttrs toFlag attrs));
gnSystemLibraries = [
"flac" "libwebp" "libxslt" "yasm" "opus" "snappy" "libpng"
# "zlib" # version 77 reports unresolved dependency on //third_party/zlib:zlib_config
# "libjpeg" # fails with multiple undefined references to chromium_jpeg_*
# "re2" # fails with linker errors
# "ffmpeg" # https://crbug.com/731766
# "harfbuzz-ng" # in versions over 63 harfbuzz and freetype are being built together
# so we can't build with one from system and other from source
];
opusWithCustomModes = libopus.override {
withCustomModes = true;
};
defaultDependencies = [
bzip2 flac speex opusWithCustomModes
libevent expat libjpeg snappy
libpng libcap
xdg_utils yasm minizip libwebp
libusb1 re2 zlib
ffmpeg libxslt libxml2
# harfbuzz # in versions over 63 harfbuzz and freetype are being built together
# so we can't build with one from system and other from source
];
# build paths and release info
packageName = extraAttrs.packageName or extraAttrs.name;
buildType = "Release";
buildPath = "out/${buildType}";
libExecPath = "$out/libexec/${packageName}";
versionRange = min-version: upto-version:
let inherit (upstream-info) version;
result = versionAtLeast version min-version && versionOlder version upto-version;
stable-version = (import ./upstream-info.nix).stable.version;
in if versionAtLeast stable-version upto-version
then warn "chromium: stable version ${stable-version} is newer than a patchset bounded at ${upto-version}. You can safely delete it."
result
else result;
ungoogler =
let versionEntry = (import ./ungoogled-src.nix)."${upstream-info.version}";
in ungoogled-chromium {
inherit (versionEntry) rev sha256;
};
base = rec {
name = "${packageName}-unwrapped-${version}";
inherit (upstream-info) channel version;
inherit packageName buildType buildPath;
src = upstream-info.main;
nativeBuildInputs = [
ninja which python2Packages.python perl pkgconfig
python2Packages.ply python2Packages.jinja2 nodejs
gnutar
] ++ optional (versionAtLeast version "83") python2Packages.setuptools;
buildInputs = defaultDependencies ++ [
nspr nss systemd
utillinux alsaLib
bison gperf kerberos
glib gtk3 dbus-glib
libXScrnSaver libXcursor libXtst libGLU libGL
pciutils protobuf speechd libXdamage at-spi2-core
jre
] ++ optional gnomeKeyringSupport libgnome-keyring3
++ optionals gnomeSupport [ gnome.GConf libgcrypt ]
++ optionals cupsSupport [ libgcrypt cups ]
++ optional useVaapi libva
++ optional pulseSupport libpulseaudio
++ optionals useOzone [ libdrm wayland mesa_drivers libxkbcommon ];
patches = [
./patches/nix_plugin_paths_68.patch
./patches/remove-webp-include-69.patch
./patches/no-build-timestamps.patch
./patches/widevine-79.patch
./patches/dont-use-ANGLE-by-default.patch
# Unfortunately, chromium regularly breaks on major updates and
# then needs various patches backported in order to be compiled with GCC.
# Good sources for such patches and other hints:
# - https://gitweb.gentoo.org/repo/gentoo.git/plain/www-client/chromium/
# - https://git.archlinux.org/svntogit/packages.git/tree/trunk?h=packages/chromium
# - https://github.com/chromium/chromium/search?q=GCC&s=committer-date&type=Commits
#
# ++ optionals (channel == "dev") [ ( githubPatch "<patch>" "0000000000000000000000000000000000000000000000000000000000000000" ) ]
# ++ optional (versionRange "68" "72") ( githubPatch "<patch>" "0000000000000000000000000000000000000000000000000000000000000000" )
] ++ optionals (useVaapi) ([
# source: https://aur.archlinux.org/cgit/aur.git/tree/vaapi-fix.patch?h=chromium-vaapi
./patches/vaapi-fix.patch
] ++ optionals (versionRange "81" "82") [
(githubPatch "5b2ff215473e0526b5b24aeff4ad90d369b21c75" "0n00vh8wfpn2ay5fqsxcsx0zadnv7mihm72bcvnrfzh75nzbg902")
(githubPatch "98e343ab369e4262511b5fce547728e3e5eefba8" "00wwp653jk0k0yvix00vr7ymgck9dj7fxjwx4nc67ynn84dh6064")
]);
postPatch = ''
# We want to be able to specify where the sandbox is via CHROME_DEVEL_SANDBOX
substituteInPlace sandbox/linux/suid/client/setuid_sandbox_host.cc \
--replace \
'return sandbox_binary;' \
'return base::FilePath(GetDevelSandboxPath());'
substituteInPlace services/audio/audio_sandbox_hook_linux.cc \
--replace \
'/usr/share/alsa/' \
'${alsaLib}/share/alsa/' \
--replace \
'/usr/lib/x86_64-linux-gnu/gconv/' \
'${glibc}/lib/gconv/' \
--replace \
'/usr/share/locale/' \
'${glibc}/share/locale/'
sed -i -e 's@"\(#!\)\?.*xdg-@"\1${xdg_utils}/bin/xdg-@' \
chrome/browser/shell_integration_linux.cc
sed -i -e '/lib_loader.*Load/s!"\(libudev\.so\)!"${systemd.lib}/lib/\1!' \
device/udev_linux/udev?_loader.cc
sed -i -e '/libpci_loader.*Load/s!"\(libpci\.so\)!"${pciutils}/lib/\1!' \
gpu/config/gpu_info_collector_linux.cc
sed -i -re 's/([^:])\<(isnan *\()/\1std::\2/g' \
chrome/browser/ui/webui/engagement/site_engagement_ui.cc
sed -i -e '/#include/ {
i #include <algorithm>
:l; n; bl
}' gpu/config/gpu_control_list.cc
# Allow to put extensions into the system-path.
sed -i -e 's,/usr,/run/current-system/sw,' chrome/common/chrome_paths.cc
patchShebangs .
# use our own nodejs
mkdir -p third_party/node/linux/node-linux-x64/bin
ln -s $(which node) third_party/node/linux/node-linux-x64/bin/node
# remove unused third-party
# in third_party/crashpad third_party/zlib contains just a header-adapter
for lib in ${toString gnSystemLibraries}; do
find -type f -path "*third_party/$lib/*" \
\! -path "*third_party/crashpad/crashpad/third_party/zlib/*" \
\! -path "*third_party/$lib/chromium/*" \
\! -path "*third_party/$lib/google/*" \
\! -path "*base/third_party/icu/*" \
\! -path "*base/third_party/libevent/*" \
\! -regex '.*\.\(gn\|gni\|isolate\|py\)' \
-delete
done
'' + optionalString stdenv.isAarch64 ''
substituteInPlace build/toolchain/linux/BUILD.gn \
--replace 'toolprefix = "aarch64-linux-gnu-"' 'toolprefix = ""'
'' + optionalString stdenv.cc.isClang ''
mkdir -p third_party/llvm-build/Release+Asserts/bin
ln -s ${stdenv.cc}/bin/clang third_party/llvm-build/Release+Asserts/bin/clang
ln -s ${stdenv.cc}/bin/clang++ third_party/llvm-build/Release+Asserts/bin/clang++
ln -s ${llvmPackages.llvm}/bin/llvm-ar third_party/llvm-build/Release+Asserts/bin/llvm-ar
'' + optionalString ungoogled ''
${ungoogler}/utils/prune_binaries.py . ${ungoogler}/pruning.list || echo "some errors"
${ungoogler}/utils/patches.py . ${ungoogler}/patches
${ungoogler}/utils/domain_substitution.py apply -r ${ungoogler}/domain_regex.list -f ${ungoogler}/domain_substitution.list -c ./ungoogled-domsubcache.tar.gz .
'';
gnFlags = mkGnFlags ({
linux_use_bundled_binutils = false;
use_lld = false;
use_gold = true;
gold_path = "${stdenv.cc}/bin";
is_debug = false;
proprietary_codecs = false;
use_sysroot = false;
use_gnome_keyring = gnomeKeyringSupport;
use_gio = gnomeSupport;
# ninja: error: '../../native_client/toolchain/linux_x86/pnacl_newlib/bin/x86_64-nacl-objcopy',
# needed by 'nacl_irt_x86_64.nexe', missing and no known rule to make it
enable_nacl = false;
# Enabling the Widevine component here doesn't affect whether we can
# redistribute the chromium package; the Widevine component is either
# added later in the wrapped -wv build or downloaded from Google.
enable_widevine = true;
use_cups = cupsSupport;
treat_warnings_as_errors = false;
is_clang = stdenv.cc.isClang;
clang_use_chrome_plugins = false;
blink_symbol_level = 0;
fieldtrial_testing_like_official_build = true;
# Google API keys, see:
# http://www.chromium.org/developers/how-tos/api-keys
# Note: These are for NixOS/nixpkgs use ONLY. For your own distribution,
# please get your own set of keys.
google_api_key = "AIzaSyDGi15Zwl11UNe6Y-5XW_upsfyw31qwZPI";
google_default_client_id = "404761575300.apps.googleusercontent.com";
google_default_client_secret = "9rIFQjfnkykEmqb6FfjJQD1D";
} // optionalAttrs proprietaryCodecs {
# enable support for the H.264 codec
proprietary_codecs = true;
enable_hangout_services_extension = true;
ffmpeg_branding = "Chrome";
} // optionalAttrs useVaapi {
use_vaapi = true;
} // optionalAttrs pulseSupport {
use_pulseaudio = true;
link_pulseaudio = true;
} // optionalAttrs useOzone {
use_ozone = true;
ozone_platform_gbm = false;
use_xkbcommon = true;
use_glib = true;
use_gtk = true;
use_system_libwayland = true;
use_system_minigbm = true;
use_system_libdrm = true;
system_wayland_scanner_path = "${wayland}/bin/wayland-scanner";
} // optionalAttrs ungoogled {
closure_compile = false;
enable_hangout_services_extension = false;
enable_mdns = false;
enable_nacl_nonsfi = false;
enable_one_click_signin = false;
enable_reading_list = false;
enable_remoting = false;
enable_reporting = false;
enable_service_discovery = false;
exclude_unwind_tables = true;
google_api_key = "";
google_default_client_id = "";
google_default_client_secret = "";
optimize_webui = false;
safe_browsing_mode = 0;
use_official_google_api_keys = false;
use_unofficial_version_number = false;
} // (extraAttrs.gnFlags or {}));
configurePhase = ''
runHook preConfigure
# This is to ensure expansion of $out.
libExecPath="${libExecPath}"
python build/linux/unbundle/replace_gn_files.py \
--system-libraries ${toString gnSystemLibraries}
${gnChromium}/bin/gn gen --args=${escapeShellArg gnFlags} out/Release | tee gn-gen-outputs.txt
# Fail if `gn gen` contains a WARNING.
grep -o WARNING gn-gen-outputs.txt && echo "Found gn WARNING, exiting nix build" && exit 1
runHook postConfigure
'';
# Don't spam warnings about unknown warning options. This is useful because
# our Clang is always older than Chromium's and the build logs have a size
# of approx. 25 MB without this option (and this saves e.g. 66 %).
NIX_CFLAGS_COMPILE = "-Wno-unknown-warning-option";
buildPhase = let
# Build paralelism: on Hydra the build was frequently running into memory
# exhaustion, and even other users might be running into similar issues.
# -j is halved to avoid memory problems, and -l is slightly increased
# so that the build gets slight preference before others
# (it will often be on "critical path" and at risk of timing out)
buildCommand = target: ''
ninja -C "${buildPath}" \
-j$(( ($NIX_BUILD_CORES+1) / 2 )) -l$(( $NIX_BUILD_CORES+1 )) \
"${target}"
(
source chrome/installer/linux/common/installer.include
PACKAGE=$packageName
MENUNAME="Chromium"
process_template chrome/app/resources/manpage.1.in "${buildPath}/chrome.1"
)
'';
targets = extraAttrs.buildTargets or [];
commands = map buildCommand targets;
in concatStringsSep "\n" commands;
postFixup = ''
# Make sure that libGLESv2 is found by dlopen (if using EGL).
chromiumBinary="$libExecPath/$packageName"
origRpath="$(patchelf --print-rpath "$chromiumBinary")"
patchelf --set-rpath "${libGL}/lib:$origRpath" "$chromiumBinary"
'';
};
# Remove some extraAttrs we supplied to the base attributes already.
in stdenv.mkDerivation (base // removeAttrs extraAttrs [
"name" "gnFlags" "buildTargets"
])

205
pkgs/applications/networking/browsers/ungoogled-chromium/default.nix Normal file
View File

@ -0,0 +1,205 @@
{ newScope, config, stdenv, llvmPackages_9, llvmPackages_10
, makeWrapper, ed
, glib, gtk3, gnome3, gsettings-desktop-schemas, gn, fetchgit
, libva ? null
, gcc, nspr, nss, patchelfUnstable, runCommand
, lib
# package customization
, channel ? "stable"
, gnomeSupport ? false, gnome ? null
, gnomeKeyringSupport ? false
, proprietaryCodecs ? true
, enablePepperFlash ? false
, enableWideVine ? false
, ungoogled ? true
, useVaapi ? false # test video on radeon, before enabling this
, useOzone ? false
, cupsSupport ? true
, pulseSupport ? config.pulseaudio or stdenv.isLinux
, commandLineArgs ? ""
}:
let
llvmPackages = if channel == "dev"
then llvmPackages_10
else llvmPackages_9;
stdenv = llvmPackages.stdenv;
callPackage = newScope chromium;
chromium = {
inherit stdenv llvmPackages;
upstream-info = (callPackage ./update.nix {}).getChannel channel;
mkChromiumDerivation = callPackage ./common.nix ({
inherit gnome gnomeSupport gnomeKeyringSupport proprietaryCodecs cupsSupport pulseSupport useVaapi useOzone ungoogled;
gnChromium = gn;
} // lib.optionalAttrs (channel == "dev") {
# TODO: Remove after we can update gn for the stable channel (backward incompatible changes):
gnChromium = gn.overrideAttrs (oldAttrs: {
version = "2020-03-23";
src = fetchgit {
url = "https://gn.googlesource.com/gn";
rev = "5ed3c9cc67b090d5e311e4bd2aba072173e82db9";
sha256 = "00y2d35wvqmx9glaqhfb62wdgbfpwr77v0934nnvh9ks71vnsjqy";
};
});
});
browser = callPackage ./browser.nix { inherit channel enableWideVine; };
plugins = callPackage ./plugins.nix {
inherit enablePepperFlash;
};
ungoogled-chromium = callPackage ./ungoogled.nix {};
};
mkrpath = p: "${lib.makeSearchPathOutput "lib" "lib64" p}:${lib.makeLibraryPath p}";
widevineCdm = let upstream-info = chromium.upstream-info; in stdenv.mkDerivation {
name = "chrome-widevine-cdm";
# The .deb file for Google Chrome
src = upstream-info.binary;
nativeBuildInputs = [ patchelfUnstable ];
phases = [ "unpackPhase" "patchPhase" "installPhase" "checkPhase" ];
unpackCmd = let
widevineCdmPath =
if upstream-info.channel == "stable" then
"./opt/google/chrome/WidevineCdm"
else if upstream-info.channel == "beta" then
"./opt/google/chrome-beta/WidevineCdm"
else if upstream-info.channel == "dev" then
"./opt/google/chrome-unstable/WidevineCdm"
else
throw "Unknown chromium channel.";
in ''
# Extract just WidevineCdm from upstream's .deb file
ar p "$src" data.tar.xz | tar xJ "${widevineCdmPath}"
# Move things around so that we don't have to reference a particular
# chrome-* directory later.
mv "${widevineCdmPath}" ./
# unpackCmd wants a single output directory; let it take WidevineCdm/
rm -rf opt
'';
doCheck = true;
checkPhase = ''
! find -iname '*.so' -exec ldd {} + | grep 'not found'
'';
PATCH_RPATH = mkrpath [ gcc.cc glib nspr nss ];
patchPhase = ''
patchelf --set-rpath "$PATCH_RPATH" _platform_specific/linux_x64/libwidevinecdm.so
'';
installPhase = ''
mkdir -p $out/WidevineCdm
cp -a * $out/WidevineCdm/
'';
meta = {
platforms = [ "x86_64-linux" ];
license = lib.licenses.unfree;
};
};
suffix = if channel != "stable" then "-" + channel else "";
sandboxExecutableName = chromium.browser.passthru.sandboxExecutableName;
version = chromium.browser.version;
# We want users to be able to enableWideVine without rebuilding all of
# chromium, so we have a separate derivation here that copies chromium
# and adds the unfree WidevineCdm.
chromiumWV = let browser = chromium.browser; in if enableWideVine then
runCommand (browser.name + "-wv") { version = browser.version; }
''
mkdir -p $out
cp -a ${browser}/* $out/
chmod u+w $out/libexec/chromium
cp -a ${widevineCdm}/WidevineCdm $out/libexec/chromium/
''
else browser;
in stdenv.mkDerivation {
name = "chromium${suffix}-${version}";
inherit version;
buildInputs = [
makeWrapper ed
# needed for GSETTINGS_SCHEMAS_PATH
gsettings-desktop-schemas glib gtk3
# needed for XDG_ICON_DIRS
gnome3.adwaita-icon-theme
];
outputs = ["out" "sandbox"];
buildCommand = let
browserBinary = "${chromiumWV}/libexec/chromium/chromium";
getWrapperFlags = plugin: "$(< \"${plugin}/nix-support/wrapper-flags\")";
libPath = stdenv.lib.makeLibraryPath ([]
++ stdenv.lib.optional useVaapi libva
);
in with stdenv.lib; ''
mkdir -p "$out/bin"
eval makeWrapper "${browserBinary}" "$out/bin/chromium" \
--add-flags ${escapeShellArg (escapeShellArg commandLineArgs)} \
${concatMapStringsSep " " getWrapperFlags chromium.plugins.enabled}
ed -v -s "$out/bin/chromium" << EOF
2i
if [ -x "/run/wrappers/bin/${sandboxExecutableName}" ]
then
export CHROME_DEVEL_SANDBOX="/run/wrappers/bin/${sandboxExecutableName}"
else
export CHROME_DEVEL_SANDBOX="$sandbox/bin/${sandboxExecutableName}"
fi
'' + lib.optionalString (libPath != "") ''
# To avoid loading .so files from cwd, LD_LIBRARY_PATH here must not
# contain an empty section before or after a colon.
export LD_LIBRARY_PATH="\$LD_LIBRARY_PATH\''${LD_LIBRARY_PATH:+:}${libPath}"
'' + ''
# libredirect causes chromium to deadlock on startup
export LD_PRELOAD="\$(echo -n "\$LD_PRELOAD" | tr ':' '\n' | grep -v /lib/libredirect\\\\.so$ | tr '\n' ':')"
export XDG_DATA_DIRS=$XDG_ICON_DIRS:$GSETTINGS_SCHEMAS_PATH\''${XDG_DATA_DIRS:+:}\$XDG_DATA_DIRS
.
w
EOF
ln -sv "${chromium.browser.sandbox}" "$sandbox"
ln -s "$out/bin/chromium" "$out/bin/chromium-browser"
mkdir -p "$out/share"
for f in '${chromium.browser}'/share/*; do # hello emacs */
ln -s -t "$out/share/" "$f"
done
'';
inherit (chromium.browser) packageName;
meta = chromium.browser.meta;
passthru = {
inherit (chromium) upstream-info browser;
mkDerivation = chromium.mkChromiumDerivation;
inherit sandboxExecutableName;
};
}

26
pkgs/applications/networking/browsers/ungoogled-chromium/patches/dont-use-ANGLE-by-default.patch Normal file
View File

@ -0,0 +1,26 @@
A field trial currently enables the passthrough command decoder, which causes
gl_factory.cc to try kGLImplementationEGLANGLE first, which causes Chromium to fail
to load libGLESv2.so on NixOS. It somehow does not try kGLImplementationDesktopGL,
and so there is no GL support at all.
Revert to using the validating command decoder, which prevents gl_factory.cc
from touching allowed_impls, allowing it to successfully use kGLImplementationDesktopGL.
diff --git a/ui/gl/gl_utils.cc b/ui/gl/gl_utils.cc
index 697cbed5fe2d..8419bdb21a2f 100644
--- a/ui/gl/gl_utils.cc
+++ b/ui/gl/gl_utils.cc
@@ -71,9 +71,10 @@ bool UsePassthroughCommandDecoder(const base::CommandLine* command_line) {
} else if (switch_value == kCmdDecoderValidatingName) {
return false;
} else {
- // Unrecognized or missing switch, use the default.
- return base::FeatureList::IsEnabled(
- features::kDefaultPassthroughCommandDecoder);
+ // Ignore the field trial that enables it; disable it until
+ // gl_factory.cc kGLImplementationEGLANGLE issues are sorted
+ // out on NixOS.
+ return false;
}
}
}

61
pkgs/applications/networking/browsers/ungoogled-chromium/patches/nix_plugin_paths_68.patch Normal file
View File

@ -0,0 +1,61 @@
diff --git a/chrome/common/chrome_paths.cc b/chrome/common/chrome_paths.cc
index f4e119d..d9775bd 100644
--- a/chrome/common/chrome_paths.cc
+++ b/chrome/common/chrome_paths.cc
@@ -68,21 +68,14 @@ static base::LazyInstance<base::FilePath>
g_invalid_specified_user_data_dir = LAZY_INSTANCE_INITIALIZER;
// Gets the path for internal plugins.
-bool GetInternalPluginsDirectory(base::FilePath* result) {
-#if defined(OS_MACOSX)
- // If called from Chrome, get internal plugins from a subdirectory of the
- // framework.
- if (base::mac::AmIBundled()) {
- *result = chrome::GetFrameworkBundlePath();
- DCHECK(!result->empty());
- *result = result->Append("Internet Plug-Ins");
- return true;
- }
- // In tests, just look in the module directory (below).
-#endif
-
- // The rest of the world expects plugins in the module directory.
- return base::PathService::Get(base::DIR_MODULE, result);
+bool GetInternalPluginsDirectory(base::FilePath* result,
+ const std::string& ident) {
+ std::string full_env = std::string("NIX_CHROMIUM_PLUGIN_PATH_") + ident;
+ const char* value = getenv(full_env.c_str());
+ if (value == NULL)
+ return base::PathService::Get(base::DIR_MODULE, result);
+ else
+ *result = base::FilePath(value);
}
// Gets the path for bundled implementations of components. Note that these
@@ -272,7 +265,7 @@ bool PathProvider(int key, base::FilePath* result) {
create_dir = true;
break;
case chrome::DIR_INTERNAL_PLUGINS:
- if (!GetInternalPluginsDirectory(&cur))
+ if (!GetInternalPluginsDirectory(&cur, "ALL"))
return false;
break;
case chrome::DIR_COMPONENTS:
@@ -280,7 +273,7 @@ bool PathProvider(int key, base::FilePath* result) {
return false;
break;
case chrome::DIR_PEPPER_FLASH_PLUGIN:
- if (!GetInternalPluginsDirectory(&cur))
+ if (!GetInternalPluginsDirectory(&cur, "PEPPERFLASH"))
return false;
cur = cur.Append(kPepperFlashBaseDirectory);
break;
@@ -358,7 +351,7 @@ bool PathProvider(int key, base::FilePath* result) {
cur = cur.DirName();
}
#else
- if (!GetInternalPluginsDirectory(&cur))
+ if (!GetInternalPluginsDirectory(&cur, "PNACL"))
return false;
#endif
cur = cur.Append(FILE_PATH_LITERAL("pnacl"));

17
pkgs/applications/networking/browsers/ungoogled-chromium/patches/no-build-timestamps.patch Normal file
View File

@ -0,0 +1,17 @@
--- chromium-70.0.3538.67/build/compute_build_timestamp.py.orig 2018-11-02 16:00:34.368933077 +0200
+++ chromium-70.0.3538.67/build/compute_build_timestamp.py 2018-11-08 04:06:21.658105129 +0200
@@ -94,6 +94,14 @@
'build_type', help='The type of build', choices=('official', 'default'))
args = argument_parser.parse_args()
+ # I don't trust LASTCHANGE magic, and I definelly want something deterministic here
+ SOURCE_DATE_EPOCH = os.getenv("SOURCE_DATE_EPOCH", None)
+ if SOURCE_DATE_EPOCH is not None:
+ print(SOURCE_DATE_EPOCH)
+ return 0
+ else:
+ raise RuntimeError("SOURCE_DATE_EPOCH not set")
+
# The mtime of the revision in build/util/LASTCHANGE is stored in a file
# next to it. Read it, to get a deterministic time close to "now".
# That date is then modified as described at the top of the file so that

11
pkgs/applications/networking/browsers/ungoogled-chromium/patches/remove-webp-include-69.patch Normal file
View File

@ -0,0 +1,11 @@
--- a/third_party/blink/renderer/platform/image-encoders/image_encoder.cc
+++ b/third_party/blink/renderer/platform/image-encoders/image_encoder.cc
@@ -13,7 +13,7 @@
#include "jpeglib.h" // for JPEG_MAX_DIMENSION
-#include "third_party/libwebp/src/webp/encode.h" // for WEBP_MAX_DIMENSION
+#define WEBP_MAX_DIMENSION 16383
namespace blink {

74
pkgs/applications/networking/browsers/ungoogled-chromium/patches/vaapi-fix.patch Normal file
View File

@ -0,0 +1,74 @@
--- a/media/gpu/vaapi/vaapi_video_decode_accelerator.cc
+++ b/media/gpu/vaapi/vaapi_video_decode_accelerator.cc
@@ -641,6 +641,7 @@ void VaapiVideoDecodeAccelerator::AssignPictureBuffers(
// |vpp_vaapi_wrapper_| for VaapiPicture to DownloadFromSurface() the VA's
// internal decoded frame.
if (buffer_allocation_mode_ != BufferAllocationMode::kNone &&
+ buffer_allocation_mode_ != BufferAllocationMode::kWrapVdpau &&
!vpp_vaapi_wrapper_) {
vpp_vaapi_wrapper_ = VaapiWrapper::Create(
VaapiWrapper::kVideoProcess, VAProfileNone,
@@ -665,7 +666,8 @@ void VaapiVideoDecodeAccelerator::AssignPictureBuffers(
PictureBuffer buffer = buffers[i];
buffer.set_size(requested_pic_size_);
std::unique_ptr<VaapiPicture> picture = vaapi_picture_factory_->Create(
- (buffer_allocation_mode_ == BufferAllocationMode::kNone)
+ ((buffer_allocation_mode_ == BufferAllocationMode::kNone) ||
+ (buffer_allocation_mode_ == BufferAllocationMode::kWrapVdpau))
? vaapi_wrapper_
: vpp_vaapi_wrapper_,
make_context_current_cb_, bind_image_cb_, buffer);
@@ -1093,6 +1095,12 @@ VaapiVideoDecodeAccelerator::GetSupportedProfiles() {
VaapiVideoDecodeAccelerator::BufferAllocationMode
VaapiVideoDecodeAccelerator::DecideBufferAllocationMode() {
+ // NVIDIA blobs use VDPAU
+ if (VaapiWrapper::GetImplementationType() == VAImplementation::kNVIDIAVDPAU) {
+ LOG(INFO) << "VA-API driver on VDPAU backend";
+ return BufferAllocationMode::kWrapVdpau;
+ }
+
// TODO(crbug.com/912295): Enable a better BufferAllocationMode for IMPORT
// |output_mode_| as well.
if (output_mode_ == VideoDecodeAccelerator::Config::OutputMode::IMPORT)
@@ -1105,7 +1113,7 @@ VaapiVideoDecodeAccelerator::DecideBufferAllocationMode() {
// depends on the bitstream and sometimes it's not enough to cover the amount
// of frames needed by the client pipeline (see b/133733739).
// TODO(crbug.com/911754): Enable for VP9 Profile 2.
- if (IsGeminiLakeOrLater() &&
+ if (false && IsGeminiLakeOrLater() &&
(profile_ == VP9PROFILE_PROFILE0 || profile_ == VP8PROFILE_ANY)) {
// Add one to the reference frames for the one being currently egressed, and
// an extra allocation for both |client_| and |decoder_|, see
--- a/media/gpu/vaapi/vaapi_video_decode_accelerator.h
+++ b/media/gpu/vaapi/vaapi_video_decode_accelerator.h
@@ -204,6 +204,7 @@ class MEDIA_GPU_EXPORT VaapiVideoDecodeAccelerator
// Using |client_|s provided PictureBuffers and as many internally
// allocated.
kNormal,
+ kWrapVdpau,
};
// Decides the concrete buffer allocation mode, depending on the hardware
--- a/media/gpu/vaapi/vaapi_wrapper.cc
+++ b/media/gpu/vaapi/vaapi_wrapper.cc
@@ -131,6 +131,9 @@ media::VAImplementation VendorStringToImplementationType(
} else if (base::StartsWith(va_vendor_string, "Intel iHD driver",
base::CompareCase::SENSITIVE)) {
return media::VAImplementation::kIntelIHD;
+ } else if (base::StartsWith(va_vendor_string, "Splitted-Desktop Systems VDPAU",
+ base::CompareCase::SENSITIVE)) {
+ return media::VAImplementation::kNVIDIAVDPAU;
}
return media::VAImplementation::kOther;
}
--- a/media/gpu/vaapi/vaapi_wrapper.h
+++ b/media/gpu/vaapi/vaapi_wrapper.h
@@ -79,6 +79,7 @@ enum class VAImplementation {
kIntelIHD,
kOther,
kInvalid,
+ kNVIDIAVDPAU,
};
// This class handles VA-API calls and ensures proper locking of VA-API calls

13
pkgs/applications/networking/browsers/ungoogled-chromium/patches/widevine-79.patch Normal file
View File

@ -0,0 +1,13 @@
diff --git a/third_party/widevine/cdm/BUILD.gn b/third_party/widevine/cdm/BUILD.gn
index ed0e2f5208b..5b431a030d5 100644
--- a/third_party/widevine/cdm/BUILD.gn
+++ b/third_party/widevine/cdm/BUILD.gn
@@ -14,7 +14,7 @@ buildflag_header("buildflags") {
flags = [
"ENABLE_WIDEVINE=$enable_widevine",
- "BUNDLE_WIDEVINE_CDM=$bundle_widevine_cdm",
+ "BUNDLE_WIDEVINE_CDM=true",
"ENABLE_WIDEVINE_CDM_COMPONENT=$enable_widevine_cdm_component",
]
}

93
pkgs/applications/networking/browsers/ungoogled-chromium/plugins.nix Normal file
View File

@ -0,0 +1,93 @@
{ stdenv, gcc
, jshon
, glib
, nspr
, nss
, fetchzip
, patchelfUnstable
, enablePepperFlash ? false
, upstream-info
}:
with stdenv.lib;
let
mkrpath = p: "${makeSearchPathOutput "lib" "lib64" p}:${makeLibraryPath p}";
# Generate a shell fragment that emits flags appended to the
# final makeWrapper call for wrapping the browser's main binary.
#
# Note that this is shell-escaped so that only the variable specified
# by the "output" attribute is substituted.
mkPluginInfo = { output ? "out", allowedVars ? [ output ]
, flags ? [], envVars ? {}
}: let
shSearch = ["'"] ++ map (var: "@${var}@") allowedVars;
shReplace = ["'\\''"] ++ map (var: "'\"\${${var}}\"'") allowedVars;
# We need to triple-escape "val":
# * First because makeWrapper doesn't do any quoting of its arguments by
# itself.
# * Second because it's passed to the makeWrapper call separated by IFS but
# not by the _real_ arguments, for example the Widevine plugin flags
# contain spaces, so they would end up as separate arguments.
# * Third in order to be correctly quoted for the "echo" call below.
shEsc = val: "'${replaceStrings ["'"] ["'\\''"] val}'";
mkSh = val: "'${replaceStrings shSearch shReplace (shEsc val)}'";
mkFlag = flag: ["--add-flags" (shEsc flag)];
mkEnvVar = key: val: ["--set" (shEsc key) (shEsc val)];
envList = mapAttrsToList mkEnvVar envVars;
quoted = map mkSh (flatten ((map mkFlag flags) ++ envList));
in ''
mkdir -p "''$${output}/nix-support"
echo ${toString quoted} > "''$${output}/nix-support/wrapper-flags"
'';
flash = stdenv.mkDerivation rec {
pname = "flashplayer-ppapi";
version = "32.0.0.344";
src = fetchzip {
url = "https://fpdownload.adobe.com/pub/flashplayer/pdc/${version}/flash_player_ppapi_linux.x86_64.tar.gz";
sha256 = "05ijlgsby9zxx0qs6f3vav1z0p6xr1cg6idl4akxvfmsl6hn6hkq";
stripRoot = false;
};
patchPhase = ''
chmod +x libpepflashplayer.so
patchelf --set-rpath "${mkrpath [ gcc.cc ]}" libpepflashplayer.so
'';
doCheck = true;
checkPhase = ''
! find -iname '*.so' -exec ldd {} + | grep 'not found'
'';
installPhase = ''
flashVersion="$(
"${jshon}/bin/jshon" -F manifest.json -e version -u
)"
install -vD libpepflashplayer.so "$out/lib/libpepflashplayer.so"
${mkPluginInfo {
allowedVars = [ "out" "flashVersion" ];
flags = [
"--ppapi-flash-path=@out@/lib/libpepflashplayer.so"
"--ppapi-flash-version=@flashVersion@"
];
}}
'';
dontStrip = true;
meta = {
license = stdenv.lib.licenses.unfree;
maintainers = with stdenv.lib.maintainers; [ taku0 ];
platforms = platforms.x86_64;
};
};
in {
enabled = optional enablePepperFlash flash;
}

6
pkgs/applications/networking/browsers/ungoogled-chromium/ungoogled-src.nix Normal file
View File

@ -0,0 +1,6 @@
{
"81.0.4044.92" = {
rev = "81.0.4044.92-2";
sha256 = "071a33idn2zcix6z8skn7y85mhb9w5s0bh0fvrjm269y7cmjrh3l";
};
}

42
pkgs/applications/networking/browsers/ungoogled-chromium/ungoogled.nix Normal file
View File

@ -0,0 +1,42 @@
{ stdenv
, fetchFromGitHub
, python3Packages
, makeWrapper
, patch
}:
{ rev
, sha256
}:
stdenv.mkDerivation rec {
name = "ungoogled-chromium-${version}";
version = rev;
src = fetchFromGitHub {
owner = "Eloston";
repo = "ungoogled-chromium";
inherit rev sha256;
};
dontBuild = true;
buildInputs = [
python3Packages.python
patch
];
nativeBuildInputs = [
makeWrapper
];
patchPhase = ''
sed -i '/chromium-widevine/d' patches/series
'';
installPhase = ''
mkdir $out
cp -R * $out/
wrapProgram $out/utils/patches.py --add-flags "apply" --prefix PATH : "${patch}/bin"
'';
}

271
pkgs/applications/networking/browsers/ungoogled-chromium/update.nix Normal file
View File

@ -0,0 +1,271 @@
let maybePkgs = import ../../../../../. {}; in
{ stdenv ? maybePkgs.stdenv
, runCommand ? maybePkgs.runCommand
, fetchurl ? maybePkgs.fetchurl
, writeText ? maybePkgs.writeText
, curl ? maybePkgs.curl
, cacert ? maybePkgs.cacert
, nix ? maybePkgs.nix
}:
let
inherit (stdenv) lib;
sources = if builtins.pathExists ./upstream-info.nix
then import ./upstream-info.nix
else {};
bucketURL = "https://commondatastorage.googleapis.com/"
+ "chromium-browser-official";
mkVerURL = version: "${bucketURL}/chromium-${version}.tar.xz";
debURL = "https://dl.google.com/linux/chrome/deb/pool/main/g";
getDebURL = channelName: version: arch: mirror: let
packageSuffix = if channelName == "dev" then "unstable" else channelName;
packageName = "google-chrome-${packageSuffix}";
in "${mirror}/${packageName}/${packageName}_${version}-1_${arch}.deb";
# Untrusted mirrors, don't try to update from them!
debMirrors = [
"http://95.31.35.30/chrome/pool/main/g"
"http://mirror.pcbeta.com/google/chrome/deb/pool/main/g"
"http://repo.fdzh.org/chrome/deb/pool/main/g"
];
in {
getChannel = channel: let
chanAttrs = builtins.getAttr channel sources;
in {
inherit channel;
inherit (chanAttrs) version;
main = fetchurl {
url = mkVerURL chanAttrs.version;
inherit (chanAttrs) sha256;
};
binary = fetchurl (let
mkUrls = arch: let
mkURLForMirror = getDebURL channel chanAttrs.version arch;
in map mkURLForMirror ([ debURL ] ++ debMirrors);
in if stdenv.is64bit && chanAttrs ? sha256bin64 then {
urls = mkUrls "amd64";
sha256 = chanAttrs.sha256bin64;
} else if !stdenv.is64bit && chanAttrs ? sha256bin32 then {
urls = mkUrls "i386";
sha256 = chanAttrs.sha256bin32;
} else throw "No Chrome plugins are available for your architecture.");
};
update = let
csv2nix = name: src: import (runCommand "${name}.nix" {
src = builtins.fetchurl src;
} ''
esc() { echo "\"$(echo "$1" | sed -e 's/"\\$/\\&/')\""; } # ohai emacs "
IFS=, read -r -a headings <<< "$(head -n1 "$src")"
echo "[" > "$out"
tail -n +2 "$src" | while IFS=, read -r -a line; do
echo " {"
for idx in "''${!headings[@]}"; do
echo " $(esc "''${headings[idx]}") = $(esc ''${line[$idx]});"
done
echo " }"
done >> "$out"
echo "]" >> "$out"
'');
channels = lib.fold lib.recursiveUpdate {} (map (attrs: {
${attrs.os}.${attrs.channel} = attrs // {
history = let
drvName = "omahaproxy-${attrs.os}.${attrs.channel}-info";
history = csv2nix drvName "http://omahaproxy.appspot.com/history";
cond = h: attrs.os == h.os && attrs.channel == h.channel
&& lib.versionOlder h.version attrs.current_version;
# Note that this is a *reverse* sort!
sorter = a: b: lib.versionOlder b.version a.version;
sorted = builtins.sort sorter (lib.filter cond history);
in map (lib.flip removeAttrs ["os" "channel"]) sorted;
version = attrs.current_version;
};
}) (csv2nix "omahaproxy-info" "http://omahaproxy.appspot.com/all?csv=1"));
/*
XXX: This is essentially the same as:
builtins.tryEval (builtins.fetchurl url)
... except that tryEval on fetchurl isn't working and doesn't catch
errors for fetchurl, so we go for a different approach.
We only have fixed-output derivations that can have networking access, so
we abuse SHA1 and its weaknesses to forge a fixed-output derivation which
is not so fixed, because it emits different contents that have the same
SHA1 hash.
Using this method, we can distinguish whether the URL is available or
whether it's not based on the actual content.
So let's use tryEval as soon as it's working with fetchurl in Nix.
*/
tryFetch = url: let
# SHA1 hash collisions from https://shattered.io/static/shattered.pdf:
collisions = runCommand "sha1-collisions" {
outputs = [ "out" "good" "bad" ];
base64 = ''
QlpoOTFBWSZTWbL5V5MABl///////9Pv///v////+/////HDdK739/677r+W3/75rUNr4
Aa/AAAAAAACgEVTRtQDQAaA0AAyGmjTQGmgAAANGgAaMIAYgGgAABo0AAAAAADQAIAGQ0
MgDIGmjQA0DRk0AaMQ0DQAGIANGgAAGRoNGQMRpo0GIGgBoGQAAIAGQ0MgDIGmjQA0DRk
0AaMQ0DQAGIANGgAAGRoNGQMRpo0GIGgBoGQAAIAGQ0MgDIGmjQA0DRk0AaMQ0DQAGIAN
GgAAGRoNGQMRpo0GIGgBoGQAAIAGQ0MgDIGmjQA0DRk0AaMQ0DQAGIANGgAAGRoNGQMRp
o0GIGgBoGQAABVTUExEZATTICnkxNR+p6E09JppoyamjGhkm0ammIyaekbUejU9JiGnqZ
qaaDxJ6m0JkZMQ2oaYmJ6gxqMyE2TUzJqfItligtJQJfYbl9Zy9QjQuB5mHQRdSSXCCTH
MgmSDYmdOoOmLTBJWiCpOhMQYpQlOYpJjn+wQUJSTCEpOMekaFaaNB6glCC0hKEJdHr6B
mUIHeph7YxS8WJYyGwgWnMTFJBDFSxSCCYljiEk7HZgJzJVDHJxMgY6tCEIIWgsKSlSZ0
S8GckoIIF+551Ro4RCw260VCEpWJSlpWx/PMrLyVoyhWMAneDilBcUIeZ1j6NCkus0qUC
Wnahhk5KT4GpWMh3vm2nJWjTL9Qg+84iExBJhNKpbV9tvEN265t3fu/TKkt4rXFTsV+Nc
upJXhOhOhJMQQktrqt4K8mSh9M2DAO2X7uXGVL9YQxUtzQmS7uBndL7M6R7vX869VxqPu
renSuHYNq1yTXOfNWLwgvKlRlFYqLCs6OChDp0HuTzCWscmGudLyqUuwVGG75nmyZhKpJ
yOE/pOZyHyrZxGM51DYIN+Jc8yVJgAykxKCEtW55MlfudLg3KG6TtozalunXrroSxUpVL
StWrWLFihMnVpkyZOrQnUrE6xq1CGtJlbAb5ShMbV1CZgqlKC0wCFCpMmUKSEkvFLaZC8
wHOCVAlvzaJQ/T+XLb5Dh5TNM67p6KZ4e4ZSGyVENx2O27LzrTIteAreTkMZpW95GS0CE
JYhMc4nToTJ0wQhKEyddaLb/rTqmgJSlkpnALxMhlNmuKEpkEkqhKUoEq3SoKUpIQcDgW
lC0rYahMmLuPQ0fHqZaF4v2W8IoJ2EhMhYmSw7qql27WJS+G4rUplToFi2rSv0NSrVvDU
pltQ8Lv6F8pXyxmFBSxiLSxglNC4uvXVKmAtusXy4YXGX1ixedEvXF1aX6t8adYnYCpC6
rW1ZzdZYlCCxKEv8vpbqdSsXl8v1jCQv0KEPxPTa/5rtWSF1dSgg4z4KjfIMNtgwWoWLE
sRhKxsSA9ji7V5LRPwtumeQ8V57UtFSPIUmtQdOQfseI2Ly1DMtk4Jl8n927w34zrWG6P
i4jzC82js/46Rt2IZoadWxOtMInS2xYmcu8mOw9PLYxQ4bdfFw3ZPf/g2pzSwZDhGrZAl
9lqky0W+yeanadC037xk496t0Dq3ctfmqmjgie8ln9k6Q0K1krb3dK9el4Xsu44LpGcen
r2eQZ1s1IhOhnE56WnXf0BLWn9Xz15fMkzi4kpVxiTKGEpffErEEMvEeMZhUl6yD1SdeJ
YbxzGNM3ak2TAaglLZlDCVnoM6wV5DRrycwF8Zh/fRsdmhkMfAO1duwknrsFwrzePWeMw
l107DWzymxdQwiSXx/lncnn75jL9mUzw2bUDqj20LTgtawxK2SlQg1CCZDQMgSpEqLjRM
sykM9zbSIUqil0zNk7Nu+b5J0DKZlhl9CtpGKgX5uyp0idoJ3we9bSrY7PupnUL5eWiDp
V5mmnNUhOnYi8xyClkLbNmAXyoWk7GaVrM2umkbpqHDzDymiKjetgzTocWNsJ2E0zPcfh
t46J4ipaXGCfF7fuO0a70c82bvqo3HceIcRlshgu73seO8BqlLIap2z5jTOY+T2ucCnBt
Atva3aHdchJg9AJ5YdKHz7LoA3VKmeqxAlFyEnQLBxB2PAhAZ8KvmuR6ELXws1Qr13Nd1
i4nsp189jqvaNzt+0nEnIaniuP1+/UOZdyfoZh57ku8sYHKdvfW/jYSUks+0rK+qtte+p
y8jWL9cOJ0fV8rrH/t+85/p1z2N67p/ZsZ3JmdyliL7lrNxZUlx0MVIl6PxXOUuGOeArW
3vuEvJ2beoh7SGyZKHKbR2bBWO1d49JDIcVM6lQtu9UO8ec8pOnXmkcponBPLNM2CwZ9k
NC/4ct6rQkPkQHMcV/8XckU4UJCy+VeTA==
'';
} ''
echo "$base64" | base64 -d | tar xj
mv good.pdf "$good"
mv bad.pdf "$bad"
touch "$out"
'';
cacheVal = let
urlHash = builtins.hashString "sha256" url;
timeSlice = builtins.currentTime / 600;
in "${urlHash}-${toString timeSlice}";
in {
success = import (runCommand "check-success" {
result = stdenv.mkDerivation {
name = "tryfetch-${cacheVal}";
inherit url;
outputHash = "d00bbe65d80f6d53d5c15da7c6b4f0a655c5a86a";
outputHashMode = "flat";
outputHashAlgo = "sha1";
nativeBuildInputs = [ curl ];
preferLocalBuild = true;
inherit (collisions) good bad;
buildCommand = ''
if SSL_CERT_FILE="${cacert}/etc/ssl/certs/ca-bundle.crt" \
curl -s -L -f -I "$url" > /dev/null; then
cp "$good" "$out"
else
cp "$bad" "$out"
fi
'';
impureEnvVars = lib.fetchers.proxyImpureEnvVars;
};
inherit (collisions) good;
} ''
if cmp -s "$result" "$good"; then
echo true > "$out"
else
echo false > "$out"
fi
'');
value = builtins.fetchurl url;
};
fetchLatest = channel: let
result = tryFetch (mkVerURL channel.version);
in if result.success then result.value else fetchLatest (channel // {
version = if channel.history != []
then (lib.head channel.history).version
else throw "Unfortunately there's no older version than " +
"${channel.version} available for channel " +
"${channel.channel} on ${channel.os}.";
history = lib.tail channel.history;
});
getHash = path: import (runCommand "gethash.nix" {
inherit path;
nativeBuildInputs = [ nix ];
} ''
sha256="$(nix-hash --flat --base32 --type sha256 "$path")"
echo "\"$sha256\"" > "$out"
'');
isLatest = channel: version: let
ourVersion = sources.${channel}.version or null;
in if ourVersion == null then false
else lib.versionOlder version sources.${channel}.version
|| version == sources.${channel}.version;
# We only support GNU/Linux right now.
linuxChannels = let
genLatest = channelName: channel: let
newUpstream = {
inherit (channel) version;
sha256 = getHash (fetchLatest channel);
};
keepOld = let
oldChannel = sources.${channelName};
in {
inherit (oldChannel) version sha256;
} // lib.optionalAttrs (oldChannel ? sha256bin32) {
inherit (oldChannel) sha256bin32;
} // lib.optionalAttrs (oldChannel ? sha256bin64) {
inherit (oldChannel) sha256bin64;
};
in if isLatest channelName channel.version then keepOld else newUpstream;
in lib.mapAttrs genLatest channels.linux;
getLinuxFlash = channelName: channel: let
inherit (channel) version;
fetchArch = arch: tryFetch (getDebURL channelName version arch debURL);
packages = lib.genAttrs ["i386" "amd64"] fetchArch;
isNew = arch: attr: !(builtins.hasAttr attr channel)
&& packages.${arch}.success;
in channel // lib.optionalAttrs (isNew "i386" "sha256bin32") {
sha256bin32 = getHash (packages.i386.value);
} // lib.optionalAttrs (isNew "amd64" "sha256bin64") {
sha256bin64 = getHash (packages.amd64.value);
};
newChannels = lib.mapAttrs getLinuxFlash linuxChannels;
dumpAttrs = indent: attrs: let
mkVal = val: if lib.isAttrs val then dumpAttrs (indent + 1) val
else "\"${lib.escape ["$" "\\" "\""] (toString val)}\"";
mkIndent = level: lib.concatStrings (builtins.genList (_: " ") level);
mkAttr = key: val: "${mkIndent (indent + 1)}${key} = ${mkVal val};\n";
attrLines = lib.mapAttrsToList mkAttr attrs;
in "{\n" + (lib.concatStrings attrLines) + (mkIndent indent) + "}";
in writeText "chromium-new-upstream-info.nix" ''
# This file is autogenerated from update.sh in the same directory.
${dumpAttrs 0 newChannels}
'';
}

4
pkgs/applications/networking/browsers/ungoogled-chromium/update.sh Executable file
View File

@ -0,0 +1,4 @@
#!/bin/sh -e
cd "$(dirname "$0")"
sp="$(nix-build --builders "" -Q --no-out-link update.nix -A update)"
cat "$sp" > upstream-info.nix

18
pkgs/applications/networking/browsers/ungoogled-chromium/upstream-info.nix Normal file
View File

@ -0,0 +1,18 @@
# This file is autogenerated from update.sh in the same directory.
{
beta = {
sha256 = "0i0szd749ihb08rxnsmsbxq75b6x952wpk94jwc0ncv6gb83zkx2";
sha256bin64 = "1y70kmfz9nv507b0zdda7zfk2ac9qh9m2gq00aphdmzd0al7skj8";
version = "81.0.4044.92";
};
dev = {
sha256 = "1rydvjmv62zj95sf0fgsyipqz2hphbxm60y8q0813wq9ym35d4yy";
sha256bin64 = "1m6740lw7xjjp1lplwp9ii4d3l7dfa9jrv5bysm4ar5pb9kywrai";
version = "83.0.4100.3";
};
stable = {
sha256 = "0i0szd749ihb08rxnsmsbxq75b6x952wpk94jwc0ncv6gb83zkx2";
sha256bin64 = "1ig899cpahw1xfhdff5xj6w4k8jja5smxvrcbw6b0jcjmawdrf72";
version = "81.0.4044.92";
};
}

2
pkgs/applications/networking/cluster/cni/plugins.nix
View File

@ -37,6 +37,6 @@ buildGoPackage rec {
homepage = "https://github.com/containernetworking/plugins";
license = licenses.asl20;
platforms = platforms.linux;
maintainers = with maintainers; [ cstrahan saschagrunert ];
maintainers = with maintainers; [ cstrahan ] ++ teams.podman.members;
};
}

4
pkgs/applications/networking/cluster/helm/default.nix
View File

@ -2,13 +2,13 @@
buildGoModule rec {
pname = "helm";
version = "3.1.2";
version = "3.1.3";
src = fetchFromGitHub {
owner = "helm";
repo = "helm";
rev = "v${version}";
sha256 = "0pg5cwgyfb4isy2fn233kj3bdn0i8qqp90yzix0khs5maalpnrk1";
sha256 = "1j6pr1a9ff32bnjq9rncllmfpraip5r2fj3zsljw5jq68x5wamdc";
};
modSha256 = "0618zzi4x37ahsrazsr82anghhfva8yaryzb3p5d737p3ixbiyv8";

6
pkgs/applications/networking/dnscontrol/default.nix
View File

@ -6,8 +6,6 @@ buildGoPackage rec {
goPackagePath = "github.com/StackExchange/dnscontrol";
goDeps = ./deps.nix;
src = fetchFromGitHub {
owner = "StackExchange";
repo = pname;
@ -15,9 +13,7 @@ buildGoPackage rec {
sha256 = "1j8i4k7bqkqmi6dmc9fxfab49a7qigig72rlbga902lw336p6cc7";
};
postInstall = ''
rm $bin/bin/{build,convertzone,generate,validate}
'';
subPackages = [ "." ];
meta = with stdenv.lib; {
description = "Synchronize your DNS to multiple providers from a simple DSL";

1236
pkgs/applications/networking/dnscontrol/deps.nix generated
View File

File diff suppressed because it is too large Load Diff

2
pkgs/applications/networking/instant-messengers/rambox/default.nix
View File

@ -41,7 +41,7 @@ in stdenv.mkDerivation rec {
meta = with stdenv.lib; {
description = "Free and Open Source messaging and emailing app that combines common web applications into one";
homepage = "http://rambox.pro";
homepage = "https://rambox.pro";
license = licenses.mit;
maintainers = with maintainers; [ gnidorah ma27 ];
platforms = ["i686-linux" "x86_64-linux"];

4
pkgs/applications/networking/instant-messengers/ricochet/default.nix
View File

@ -1,9 +1,9 @@
{ stdenv, fetchurl, pkgconfig, makeDesktopItem
{ mkDerivation, stdenv, fetchurl, pkgconfig, makeDesktopItem
, qtbase, qttools, qtmultimedia, qtquick1, qtquickcontrols
, openssl, protobuf, qmake
}:
stdenv.mkDerivation rec {
mkDerivation rec {
pname = "ricochet";
version = "1.1.4";

4
pkgs/applications/networking/instant-messengers/signal-desktop/default.nix
View File

@ -23,7 +23,7 @@ let
else "");
in stdenv.mkDerivation rec {
pname = "signal-desktop";
version = "1.33.1"; # Please backport all updates to the stable channel.
version = "1.33.3"; # Please backport all updates to the stable channel.
# All releases have a limited lifetime and "expire" 90 days after the release.
# When releases "expire" the application becomes unusable until an update is
# applied. The expiration date for the current release can be extracted with:
@ -33,7 +33,7 @@ in stdenv.mkDerivation rec {
src = fetchurl {
url = "https://updates.signal.org/desktop/apt/pool/main/s/signal-desktop/signal-desktop_${version}_amd64.deb";
sha256 = "0p9ak0cmk9b77dzbw4y2xmxqg211y62n7ckggwf7bcg48wzj0jy7";
sha256 = "1brw1hidmrznb55cb794yvgzin7sf3cxnffivmag4vf2a2vcvf4y";
};
nativeBuildInputs = [

4
pkgs/applications/networking/instant-messengers/swift-im/default.nix
View File

@ -1,9 +1,9 @@
{ stdenv, fetchurl, pkgconfig, qttools, scons
{ mkDerivation, stdenv, fetchurl, pkgconfig, qttools, scons
, GConf, avahi, boost, hunspell, libXScrnSaver, libedit, libidn, libnatpmp, libxml2
, lua, miniupnpc, openssl, qtbase, qtmultimedia, qtsvg, qtwebkit, qtx11extras, zlib
}:
stdenv.mkDerivation rec {
mkDerivation rec {
pname = "swift-im";
version = "4.0.2";

4
pkgs/applications/networking/instant-messengers/telegram/tdesktop/default.nix
View File

@ -19,12 +19,12 @@ with lib;
mkDerivation rec {
pname = "telegram-desktop";
version = "2.0.1";
version = "2.1.0";
# Telegram-Desktop with submodules
src = fetchurl {
url = "https://github.com/telegramdesktop/tdesktop/releases/download/v${version}/tdesktop-${version}-full.tar.gz";
sha256 = "0g3jw4can9gmp48s3b8s1w8n9xi54i142y74fszxf9jyq5drzlff";
sha256 = "0l5917w90z9pg1al1hzcycb4yxv03vc88jg958ifl9nlvz1arll6";
};
postPatch = ''

4
pkgs/applications/networking/instant-messengers/tensor/default.nix
View File

@ -1,9 +1,9 @@
{ stdenv, fetchgit, qtbase, qtquickcontrols, qmake, makeDesktopItem }:
{ mkDerivation, stdenv, fetchgit, qtbase, qtquickcontrols, qmake, makeDesktopItem }:
# we now have libqmatrixclient so a future version of tensor that supports it
# should use that
stdenv.mkDerivation rec {
mkDerivation rec {
pname = "tensor-git";
version = "2017-02-21";

7
pkgs/applications/networking/msmtp/default.nix
View File

@ -1,4 +1,4 @@
{ stdenv, lib, fetchurl, autoreconfHook, pkgconfig, texinfo
{ stdenv, lib, fetchurl, fetchpatch, autoreconfHook, pkgconfig, texinfo
, netcat-gnu, gnutls, gsasl, libidn2, Security
, withKeyring ? true, libsecret ? null
, systemd ? null }:
@ -16,8 +16,13 @@ in stdenv.mkDerivation rec {
sha256 = "1rarck61mz3mwg0l30vjj6j9fq6gc7gic0r1c1ppwpq2izj57jzc";
};
# the 2nd patch should go when 1.8.9 is released
patches = [
./paths.patch
(fetchpatch {
url = "https://github.com/marlam/msmtp-mirror/commit/c78f24347ec996c7a3830b48403bf3736afca071.patch";
sha256 = "0d4sc2f5838jriv65wahpgvwckkzqhdk3hs660fyg80si2i0l1bx";
})
];
buildInputs = [ gnutls gsasl libidn2 ]

24
pkgs/applications/networking/p2p/stig/default.nix
View File

@ -1,9 +1,9 @@
{ lib
, fetchFromGitHub
, python3
, python3Packages
}:
python3.pkgs.buildPythonApplication rec {
python3Packages.buildPythonApplication rec {
pname = "stig";
# This project has a different concept for pre release / alpha,
# Read the project's README for details: https://github.com/rndusr/stig#stig
@ -26,7 +26,7 @@ python3.pkgs.buildPythonApplication rec {
--replace "urwidtrees>=1.0.3dev0" "urwidtrees"
'';
propagatedBuildInputs = with python3.pkgs; [
propagatedBuildInputs = with python3Packages; [
urwid
urwidtrees
aiohttp
@ -38,17 +38,23 @@ python3.pkgs.buildPythonApplication rec {
setproctitle
];
checkInputs = with python3.pkgs; [
checkInputs = with python3Packages; [
asynctest
pytest
pytestCheckHook
];
# test_string__month_day_hour_minute_second fails on darwin
checkPhase = ''
LC_ALL=en_US.utf8 pytest tests \
--deselect=tests/client_test/ttypes_test.py::TestTimestamp::test_string__month_day_hour_minute_second
dontUseSetuptoolsCheck = true;
preCheck = ''
export LC_ALL=C
'';
pytestFlagsArray = [
"tests"
# test_string__month_day_hour_minute_second fails on darwin
"--deselect=tests/client_test/ttypes_test.py::TestTimestamp::test_string__month_day_hour_minute_second"
];
meta = with lib; {
description = "TUI and CLI for the BitTorrent client Transmission";
homepage = "https://github.com/rndusr/stig";

4
pkgs/applications/networking/p2p/tixati/default.nix
View File

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
pname = "tixati";
version = "2.67";
version = "2.72";
src = fetchurl {
url = "https://download2.tixati.com/download/tixati-${version}-1.x86_64.manualinstall.tar.gz";
sha256 = "0510wkwmwrlv61958zd5nsc4lr0l0lka3jf4pq3dyiyfsf4k20rq";
sha256 = "04si7xwbpvljdbngmzlfvkn51wih3aqcb5g6r76wdh3pfpppskhr";
};
installPhase = ''

84
pkgs/applications/office/elementary-planner/0001-Revert-Add-patch.patch
View File

@ -1,84 +0,0 @@
From a6d8bd67416c848f9bf52f4746bda34216ae9993 Mon Sep 17 00:00:00 2001
From: worldofpeace <worldofpeace@protonmail.ch>
Date: Sun, 19 Apr 2020 12:48:59 -0400
Subject: [PATCH] Revert "Add patch"
This reverts commit c44127936b785afda0e914da4c1dc1e66a0ac97b.
---
src/Application.vala | 49 --------------------------------------------
1 file changed, 49 deletions(-)
diff --git a/src/Application.vala b/src/Application.vala
index 43d52fbc..82a9ebe5 100644
--- a/src/Application.vala
+++ b/src/Application.vala
@@ -127,66 +127,17 @@ public class Planner : Gtk.Application {
utils.apply_theme_changed ();
- // Set Theme and Icon
Gtk.Settings.get_default ().set_property ("gtk-icon-theme-name", "elementary");
Gtk.Settings.get_default ().set_property ("gtk-theme-name", "elementary");
- // Path Theme
- var command = new Granite.Services.SimpleCommand (".", "echo $DESKTOP_SESSION");
- command.run ();
- command.output_changed.connect ((text) => {
- print ("DESKTOP_SESSION: %s\n".printf (text));
- });
-
- if (get_os_info ("PRETTY_NAME") == null || get_os_info ("PRETTY_NAME").index_of ("elementary") == -1) {
- string CSS = """
- window decoration {
- box-shadow: none;
- margin: 1px;
- }
- """;
-
- var _provider = new Gtk.CssProvider ();
- _provider.load_from_data (CSS, CSS.length);
-
- Gtk.StyleContext.add_provider_for_screen (
- Gdk.Screen.get_default (), _provider,
- Gtk.STYLE_PROVIDER_PRIORITY_APPLICATION
- );
- }
-
// Set shortcut
string quick_add_shortcut = settings.get_string ("quick-add-shortcut");
if (quick_add_shortcut == "") {
quick_add_shortcut = "<Primary>Tab";
settings.set_string ("quick-add-shortcut", quick_add_shortcut);
}
-
utils.set_quick_add_shortcut (quick_add_shortcut);
}
-
- public string get_os_info (string field) {
- string return_value = "";
- var file = File.new_for_path ("/etc/os-release");
- try {
- var osrel = new Gee.HashMap<string, string> ();
- var dis = new DataInputStream (file.read ());
- string line;
- // Read lines until end of file (null) is reached
- while ((line = dis.read_line (null)) != null) {
- var osrel_component = line.split ("=", 2);
- if (osrel_component.length == 2) {
- osrel[osrel_component[0]] = osrel_component[1].replace ("\"", "");
- }
- }
-
- return_value = osrel[field];
- } catch (Error e) {
- warning ("Couldn't read os-release file, assuming elementary OS");
- }
-
- return return_value;
- }
public override int command_line (ApplicationCommandLine command_line) {
bool silence_mode = false;
--
2.25.1

35
pkgs/applications/office/elementary-planner/default.nix
View File

@ -1,6 +1,12 @@
{ stdenv, fetchFromGitHub, fetchpatch
, meson, ninja, pkgconfig, desktop-file-utils
, python3, vala, wrapGAppsHook
{ stdenv
, fetchFromGitHub
, meson
, ninja
, pkgconfig
, desktop-file-utils
, python3
, vala
, wrapGAppsHook
, evolution-data-server
, libical
, libgee
@ -15,25 +21,15 @@
stdenv.mkDerivation rec {
pname = "elementary-planner";
version = "2.3.2";
version = "2.3.3";
src = fetchFromGitHub {
owner = "alainm23";
repo = "planner";
rev = version;
sha256 = "1kjk1zafx71zmax3whzpx6mzl037wlxri30bl2k9y9rg3fd09arr";
sha256 = "1jc668hg26vb1q50abm6k566v9qimgs9skkwmlgi5h37vxm3ai1x";
};
patches = [
# Revert a patch the works around some stylesheet issues:
# https://github.com/alainm23/planner/issues/268
# https://github.com/alainm23/planner/issues/303
# The don't seem to be a problem with Pantheon on NixOS
# and for some reason produce the opposite effect with
# pantheon's stylesheet.
./0001-Revert-Add-patch.patch
];
nativeBuildInputs = [
desktop-file-utils
meson
@ -63,8 +59,15 @@ stdenv.mkDerivation rec {
patchShebangs build-aux/meson/post_install.py
'';
preFixup = ''
gappsWrapperArgs+=(
# the theme is hardcoded
--prefix XDG_DATA_DIRS : "${pantheon.elementary-gtk-theme}/share"
)
'';
meta = with stdenv.lib; {
description = "Task and project manager designed to elementary OS";
description = "Task manager with Todoist support designed for GNU/Linux 🚀";
homepage = "https://planner-todo.web.app";
license = licenses.gpl3;
maintainers = with maintainers; [ dtzWill ] ++ pantheon.maintainers;

2
pkgs/applications/office/scribus/unstable.nix
View File

@ -116,7 +116,7 @@ mkDerivation rec {
];
platforms = platforms.linux;
description = "Desktop Publishing (DTP) and Layout program for Linux";
homepage = "http://www.scribus.net";
homepage = "https://www.scribus.net";
# There are a lot of licenses... https://github.com/scribusproject/scribus/blob/20508d69ca4fc7030477db8dee79fd1e012b52d2/COPYING#L15-L19
license = with licenses; [
bsd3

58
pkgs/applications/science/biology/quast/default.nix Normal file
View File

@ -0,0 +1,58 @@
{ stdenv, fetchurl, python3Packages, zlib, bash, coreutils }:
let
pythonPackages = python3Packages;
inherit (pythonPackages) python;
in
pythonPackages.buildPythonApplication rec {
pname = "quast";
version = "5.0.2";
src = fetchurl {
url = "https://github.com/ablab/quast/releases/download/${pname}_${version}/${pname}-${version}.tar.gz";
sha256 = "13ml8qywbb4cc7wf2x7z5mz1rjqg51ab8wkizwcg4f6c40zgif6d";
};
pythonPath = with pythonPackages; [ simplejson joblib setuptools matplotlib ];
nativeBuildInputs = [ coreutils ];
buildInputs = [ zlib ] ++ pythonPath;
dontConfigure = true;
dontBuild = true;
installPhase = ''
substituteInPlace quast_libs/bedtools/Makefile \
--replace "/bin/bash" "${bash}/bin/bash"
mkdir -p "$out/${python.sitePackages}"
export PYTHONPATH="$out/${python.sitePackages}:$PYTHONPATH"
${python.interpreter} setup.py install \
--install-lib=$out/${python.sitePackages} \
--prefix="$out"
'';
postFixup = ''
for file in $(find $out -type f -type f -perm /0111); do
old_rpath=$(patchelf --print-rpath $file) && \
patchelf --set-rpath $old_rpath:${stdenv.cc.cc.lib}/lib $file || true
done
# Link to the master program
ln -s $out/bin/quast.py $out/bin/quast
'';
dontPatchELF = true;
# Tests need to download data files, so manual run after packaging is needed
doCheck = false;
meta = with stdenv.lib ; {
description = "Evaluates genome assemblies by computing various metrics";
homepage = "https://github.com/ablab/quast";
license = licenses.gpl2;
maintainers = [ maintainers.bzizou ];
platforms = platforms.all;
};
}

4
pkgs/applications/science/electronics/caneda/default.nix
View File

@ -1,6 +1,6 @@
{stdenv, fetchFromGitHub, cmake, qtbase, qttools, qtsvg, qwt }:
{ mkDerivation, stdenv, fetchFromGitHub, cmake, qtbase, qttools, qtsvg, qwt }:
stdenv.mkDerivation rec {
mkDerivation rec {
pname = "caneda";
version = "0.3.1";

2
pkgs/applications/science/logic/verifast/default.nix
View File

@ -43,7 +43,7 @@ stdenv.mkDerivation rec {
meta = {
description = "Verification for C and Java programs via separation logic";
homepage = "http://people.cs.kuleuven.be/~bart.jacobs/verifast/";
license = stdenv.lib.licenses.msrla;
license = stdenv.lib.licenses.mit;
platforms = [ "x86_64-linux" ];
maintainers = [ stdenv.lib.maintainers.thoughtpolice ];
};

2
pkgs/applications/science/misc/rink/default.nix
View File

@ -24,7 +24,7 @@ rustPlatform.buildRustPackage rec {
meta = with stdenv.lib; {
description = "Unit-aware calculator";
homepage = "http://rink.tiffnix.com";
homepage = "https://rink.tiffnix.com";
license = with licenses; [ mpl20 gpl3 ];
maintainers = with maintainers; [ sb0 filalex77 ];
};

2
pkgs/applications/science/misc/snakemake/default.nix
View File

@ -28,7 +28,7 @@ python3Packages.buildPythonApplication rec {
doCheck = false; # Tests depend on Google Cloud credentials at ${HOME}/gcloud-service-key.json
meta = with stdenv.lib; {
homepage = "http://snakemake.bitbucket.io";
homepage = "https://snakemake.bitbucket.io";
license = licenses.mit;
description = "Python-based execution environment for make-like workflows";
longDescription = ''

4
pkgs/applications/science/robotics/mavproxy/default.nix
View File

@ -3,11 +3,11 @@
buildPythonApplication rec {
pname = "MAVProxy";
version = "1.8.18";
version = "1.8.19";
src = fetchPypi {
inherit pname version;
sha256 = "1fi4m3591wws5cq43q8aljf91mzs6i9yhn9rimhpfrskbyf9knvm";
sha256 = "1rbq2nm01212rp5xbl8p8kjl2mpgfppkwjsq3lnfw1v6g0m4359h";
};
propagatedBuildInputs = [

2
pkgs/applications/version-management/arch/default.nix
View File

@ -4,7 +4,7 @@ stdenv.mkDerivation rec {
name = "tla-1.3.5";
src = fetchurl {
url = "ftp://ftp.gnu.org/old-gnu/gnu-arch/" + name + ".tar.gz";
url = "https://ftp.gnu.org/old-gnu/gnu-arch/" + name + ".tar.gz";
sha256 = "01mfzj1i6p4s8191cgd5850hds1zls88hkf9rb6qx1vqjv585aj0";
};

4
pkgs/applications/version-management/git-and-tools/diff-so-fancy/default.nix
View File

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "diff-so-fancy";
version = "1.2.7";
version = "1.3.0";
src = fetchFromGitHub {
owner = "so-fancy";
repo = "diff-so-fancy";
rev = "v${version}";
sha256 = "0y5cp236gi6h7llzai5d27086l4zz58mz1zs01r97xnnmjs9vw21";
sha256 = "0aavxahzha2mms4vdwysk79pa6wzswpfwgsq2hwaxnaf66maahfl";
};
# Perl is needed here for patchShebangs

8
pkgs/applications/version-management/git-and-tools/gh/default.nix
View File

@ -2,19 +2,19 @@
buildGoModule rec {
pname = "gh";
version = "0.6.4";
version = "0.7.0";
src = fetchFromGitHub {
owner = "cli";
repo = "cli";
rev = "v${version}";
sha256 = "0na8zfvcmdy968i47x6qd1jwfaphy5h18ff7ym5sxyia9a27yhf8";
sha256 = "054mag8jgxkvx2f95ha10n45v4xv5lms69w76g95z18m62qhjcyl";
};
modSha256 = "102v30wr9wmd6n20qdvgs5mp2s639pwbqqd71r8q52f42p694bi1";
modSha256 = "0v33x9bnwjfg4425vralnsb4i22c0g1rcmaga9911v0i7d51k0fn";
buildFlagsArray = [
"-ldflags=-X github.com/cli/cli/command.Version=${version}"
"-ldflags=-s -w -X github.com/cli/cli/command.Version=${version}"
];
subPackages = [ "cmd/gh" ];

14
pkgs/applications/version-management/git-and-tools/git-gone/default.nix
View File

@ -1,23 +1,27 @@
{ stdenv, fetchFromGitHub, rustPlatform, pkgconfig, makeWrapper, openssl, git, libiconv, Security }:
{ stdenv, fetchFromGitHub, rustPlatform, pkgconfig, makeWrapper, openssl, git, libiconv, Security, installShellFiles }:
rustPlatform.buildRustPackage rec {
pname = "git-gone";
version = "0.3.0";
version = "0.3.2";
src = fetchFromGitHub {
owner = "lunaryorn";
repo = pname;
rev = "v${version}";
sha256 = "05wlng563p9iy0ky3z23a4jakcix887fb45r7j2mk0fp5ykdjmzh";
sha256 = "0zc4cb1dg30np5yc4ymkr894qs2bk0r123i302md00niayk4njyd";
};
cargoSha256 = "1scp9rzn59akxsf9p48j1zq6clbwdyasnyi4j28nj03ghvdv2i33";
cargoSha256 = "1d892889ml7sqyxzmjipq5fvizb4abqhmmn450qm7yam9fn5q5wf";
nativeBuildInputs = [ pkgconfig makeWrapper ];
nativeBuildInputs = [ pkgconfig makeWrapper installShellFiles ];
buildInputs = [ openssl ]
++ stdenv.lib.optionals stdenv.isDarwin [ libiconv Security ];
postInstall = ''
installManPage git-gone.1
'';
postFixup = ''
wrapProgram $out/bin/git-gone --prefix PATH : "${stdenv.lib.makeBinPath [ git ]}"
'';

11
pkgs/applications/video/bomi/default.nix
View File

@ -1,7 +1,7 @@
{ config, stdenv, fetchFromGitHub
{ mkDerivation, config, stdenv, fetchFromGitHub
, fetchpatch, pkgconfig, perl, python, which
, libX11, libxcb, libGLU, libGL
, qtbase, qtdeclarative, qtquickcontrols, qttools, qtx11extras, qmake, makeWrapper
, qtbase, qtdeclarative, qtquickcontrols, qttools, qtx11extras, qmake
, libchardet
, ffmpeg
@ -29,7 +29,7 @@ assert pulseSupport -> libpulseaudio != null;
assert cddaSupport -> libcdda != null;
assert youtubeSupport -> youtube-dl != null;
stdenv.mkDerivation rec {
mkDerivation rec {
pname = "bomi";
version = "0.9.11";
@ -90,8 +90,9 @@ stdenv.mkDerivation rec {
patchShebangs build-mpv
'';
dontWrapQtApps = true;
postInstall = ''
wrapProgram $out/bin/bomi \
wrapQtApp $out/bin/bomi \
${optionalString youtubeSupport "--prefix PATH ':' '${youtube-dl}/bin'"}
'';
@ -105,7 +106,7 @@ stdenv.mkDerivation rec {
++ optional cddaSupport "--enable-cdda"
;
nativeBuildInputs = [ makeWrapper pkgconfig perl python which qttools qmake ];
nativeBuildInputs = [ pkgconfig perl python which qttools qmake ];
meta = with stdenv.lib; {
description = "Powerful and easy-to-use multimedia player";

4
pkgs/applications/video/qmediathekview/default.nix
View File

@ -1,6 +1,6 @@
{ stdenv, fetchFromGitHub, qtbase, qttools, xz, boost, qmake, pkgconfig }:
{ mkDerivation, stdenv, fetchFromGitHub, qtbase, qttools, xz, boost, qmake, pkgconfig }:
stdenv.mkDerivation rec {
mkDerivation rec {
pname = "QMediathekView";
version = "2019-01-06";

4
pkgs/applications/video/qstopmotion/default.nix
View File

@ -1,8 +1,8 @@
{ stdenv, fetchurl, qt5, ffmpeg, guvcview, cmake, ninja, libxml2
{ mkDerivation, stdenv, fetchurl, qt5, ffmpeg, guvcview, cmake, ninja, libxml2
, gettext, pkgconfig, libgphoto2, gphoto2, v4l-utils, libv4l, pcre
, qwt, extra-cmake-modules }:
stdenv.mkDerivation rec {
mkDerivation rec {
pname = "qstopmotion";
version = "2.4.1";

4
pkgs/applications/virtualization/aqemu/default.nix
View File

@ -1,7 +1,7 @@
{ cmake, fetchFromGitHub, libvncserver, qemu, qtbase, stdenv
{ mkDerivation, cmake, fetchFromGitHub, libvncserver, qemu, qtbase, stdenv
}:
stdenv.mkDerivation rec {
mkDerivation rec {
pname = "aqemu";
version = "0.9.2";

2
pkgs/applications/virtualization/cri-o/default.nix
View File

@ -57,7 +57,7 @@ in buildGoPackage rec {
description = ''Open Container Initiative-based implementation of the
Kubernetes Container Runtime Interface'';
license = licenses.asl20;
maintainers = with maintainers; [ saschagrunert ];
maintainers = with maintainers; [ ] ++ teams.podman.members;
platforms = platforms.linux;
};
}

12
pkgs/applications/virtualization/crosvm/default.nix
View File

@ -1,5 +1,5 @@
{ stdenv, rustPlatform, fetchgit, runCommand, symlinkJoin
, pkgconfig, minijail, dtc, libusb1, libcap
{ stdenv, lib, rustPlatform, fetchgit, runCommand, symlinkJoin
, pkgconfig, minijail, dtc, libusb1, libcap, linux
}:
let
@ -53,7 +53,7 @@ in
./default-seccomp-policy-dir.diff
];
cargoSha256 = "1s9nfgfqk140hg08i0xzylnrgrx84dqss0vnvhxnydwy9q03nk7r";
cargoSha256 = "0lhivwvdihslwp81i3sa5q88p5hr83bzkvklrcgf6x73arwk8kdz";
nativeBuildInputs = [ pkgconfig ];
@ -73,13 +73,17 @@ in
cp seccomp/${arch}/* $out/share/policy/
'';
CROSVM_CARGO_TEST_KERNEL_BINARY =
lib.optionalString (stdenv.buildPlatform == stdenv.hostPlatform)
"${linux}/${stdenv.hostPlatform.platform.kernelTarget}";
passthru = {
inherit adhdSrc;
src = crosvmSrc;
updateScript = ./update.py;
};
meta = with stdenv.lib; {
meta = with lib; {
description = "A secure virtual machine monitor for KVM";
homepage = "https://chromium.googlesource.com/chromiumos/platform/crosvm/";
maintainers = with maintainers; [ qyliss ];

2
pkgs/applications/virtualization/crosvm/update.py
View File

@ -17,7 +17,7 @@ components = ['chromiumos/platform/crosvm', 'chromiumos/third_party/adhd']
git_root = 'https://chromium.googlesource.com/'
manifest_versions = f'{git_root}chromiumos/manifest-versions'
buildspecs_url = f'{manifest_versions}/+/refs/heads/master/paladin/buildspecs/'
buildspecs_url = f'{manifest_versions}/+/refs/heads/master/full/buildspecs/'
# CrOS version numbers look like this:
# [<chrome-major-version>.]<tip-build>.<branch-build>.<branch-branch-build>

22
pkgs/applications/virtualization/crosvm/upstream-info.json
View File

@ -1,19 +1,23 @@
{
"version": "79.12607.0.0-rc4",
"version": "81.12871.0.0-rc1",
"components": {
"chromiumos/platform/crosvm": {
"url": "https://chromium.googlesource.com/chromiumos/platform/crosvm",
"rev": "cfb7db44eb9e5a0bca9a22bfb985252ef74ab251",
"date": "2019-10-17T23:22:08+00:00",
"sha256": "0gm1ggyzh9qfizm36jmh71c3anygxj1840cm94h71kzg9kiw0330",
"fetchSubmodules": false
"rev": "8b8c01e1ad31718932491e4aee63f56109a138e2",
"date": "2020-01-25T02:28:10+00:00",
"sha256": "1qmf1k06pwynh15c3nr9m6v90z2pkk930xniwvlvbvnazrk4rllg",
"fetchSubmodules": false,
"deepClone": false,
"leaveDotGit": false
},
"chromiumos/third_party/adhd": {
"url": "https://chromium.googlesource.com/chromiumos/third_party/adhd",
"rev": "a8df1c52bde3bfd2aebc1d7adcd6f195eb212cb1",
"date": "2019-10-17T18:53:18+00:00",
"sha256": "1hyvnvwr5ka9zw4h7hhl6fpsfl2acp3zy4wr5qrw8s1cn8ljr9vy",
"fetchSubmodules": false
"rev": "f361d5b02623274723bff251dafa1e2a2887b013",
"date": "2020-01-23T18:37:46+00:00",
"sha256": "1p8iwjwgmcgmzri03ik2jaid8l0ch0bzn6z9z64dix1hlrvrlliw",
"fetchSubmodules": false,
"deepClone": false,
"leaveDotGit": false
}
}
}

3
pkgs/applications/virtualization/podman/default.nix
View File

@ -9,6 +9,7 @@
, libseccomp
, systemd
, go-md2man
, nixosTests
}:
buildGoPackage rec {
@ -45,6 +46,8 @@ buildGoPackage rec {
MANDIR=$man/share/man make install.man
'';
passthru.tests.podman = nixosTests.podman;
meta = with stdenv.lib; {
homepage = "https://podman.io/";
description = "A program for managing pods, containers and container images";

14
pkgs/applications/virtualization/virtualbox/default.nix
View File

@ -19,10 +19,9 @@ with stdenv.lib;
let
python = python3;
buildType = "release";
# Remember to change the extpackRev and version in extpack.nix and
# guest-additions/default.nix as well.
main = "59f8f5774473f593e3eb5940e2a337e0674bcd9854164b2578fd43f896260c99";
version = "6.1.4";
# Use maintainers/scripts/update.nix to update the version and all related hashes or
# change the hashes in extpack.nix and guest-additions/default.nix as well manually.
version = "6.1.6";
iasl' = iasl.overrideAttrs (old: rec {
inherit (old) pname;
@ -39,7 +38,7 @@ in stdenv.mkDerivation {
src = fetchurl {
url = "https://download.virtualbox.org/virtualbox/${version}/VirtualBox-${version}.tar.bz2";
sha256 = main;
sha256 = "b031c30d770f28c5f884071ad933e8c1f83e65b93aaba03a4012077c1d90a54f";
};
outputs = [ "out" "modsrc" ];
@ -108,6 +107,10 @@ in stdenv.mkDerivation {
postPatch = ''
sed -i -e 's|/sbin/ifconfig|${nettools}/bin/ifconfig|' \
src/VBox/HostDrivers/adpctl/VBoxNetAdpCtl.cpp
'' + optionalString headless ''
# Fix compile error in version 6.1.6
substituteInPlace src/VBox/HostServices/SharedClipboard/VBoxSharedClipboardSvc-x11-stubs.cpp \
--replace PSHCLFORMATDATA PSHCLFORMATS
'';
# first line: ugly hack, and it isn't yet clear why it's a problem
@ -216,6 +219,7 @@ in stdenv.mkDerivation {
passthru = {
inherit version; # for guest additions
inherit extensionPack; # for inclusion in profile to prevent gc
updateScript = ./update.sh;
};
meta = {

2
pkgs/applications/virtualization/virtualbox/extpack.nix
View File

@ -12,7 +12,7 @@ fetchurl rec {
# Manually sha256sum the extensionPack file, must be hex!
# Thus do not use `nix-prefetch-url` but instead plain old `sha256sum`.
# Checksums can also be found at https://www.virtualbox.org/download/hashes/${version}/SHA256SUMS
let value = "3b73798d776ff223ea8025b1a45001762f8d4e5bcd1ea61449773c1249935800";
let value = "80b96b4b51a502141f6a8981f1493ade08a00762622c39e48319e5b122119bf3";
in assert (builtins.stringLength value) == 64; value;
meta = {

2
pkgs/applications/virtualization/virtualbox/guest-additions/default.nix
View File

@ -26,7 +26,7 @@ in stdenv.mkDerivation rec {
src = fetchurl {
url = "http://download.virtualbox.org/virtualbox/${version}/VBoxGuestAdditions_${version}.iso";
sha256 = "e2846a7576cce1b92a7c0744f41eaac750248d6e31dfca5c45d5766648b394c7";
sha256 = "bcde4691dea7de93b65a10a43dda2b8f52e570f820992ad281c9bb5c8dede181";
};
KERN_DIR = "${kernel.dev}/lib/modules/${kernel.modDirVersion}/build";

85
pkgs/applications/virtualization/virtualbox/update.py
View File

@ -1,85 +0,0 @@
#!/usr/bin/env nix-shell
#!nix-shell -i python3 -p python3
import os
import re
import json
import urllib.request
from distutils.version import LooseVersion
UPSTREAM_INFO_FILE = os.path.join(
os.path.dirname(os.path.abspath(__file__)),
"upstream-info.json"
)
def fetch_latest_version():
url = "http://download.virtualbox.org/virtualbox/LATEST.TXT"
return urllib.request.urlopen(url).read().strip().decode()
def load_upstream_info():
try:
with open(UPSTREAM_INFO_FILE, 'r') as fp:
return json.load(fp)
except FileNotFoundError:
return {'version': "0"}
def save_upstream_info(contents):
remark = "Generated using update.py from the same directory."
contents['__NOTE'] = remark
data = json.dumps(contents, indent=2, sort_keys=True)
with open(UPSTREAM_INFO_FILE, 'w') as fp:
fp.write(data + "\n")
def fetch_file_table(version):
url = "http://download.virtualbox.org/virtualbox/{}/SHA256SUMS"
url = url.format(version)
result = {}
for line in urllib.request.urlopen(url):
sha, name = line.rstrip().split()
result[name.lstrip(b'*').decode()] = sha.decode()
return result
def update_to_version(version):
extpack_start = 'Oracle_VM_VirtualBox_Extension_Pack-'
version_re = version.replace('.', '\\.')
attribute_map = {
'extpack': r'^' + extpack_start + r'[^-]+-[^.]+.vbox-extpack$',
'extpackRev': r'^' + extpack_start + r'[^-]+-([^.]+).vbox-extpack$',
'main': r'^VirtualBox-' + version_re + r'.tar.bz2$',
'guest': r'^VBoxGuestAdditions_' + version_re + r'.iso$',
}
table = fetch_file_table(version)
new_attrs = {'version': version}
for attr, searchexpr in attribute_map.items():
result = [re.search(searchexpr, key) for key in table.keys()]
filtered = filter(lambda m: m is not None, result)
found = [m.groups()[0] if len(m.groups()) > 0 else table[m.group(0)]
for m in filtered if m is not None]
if len(found) == 0:
msg = "No package found for attribute {}".format(attr)
raise AssertionError(msg)
elif len(found) != 1:
msg = "More than one package found for attribute {}: ".format(attr)
msg += ', '.join(found)
raise AssertionError(msg)
else:
new_attrs[attr] = found[0]
return new_attrs
info = load_upstream_info()
latest = fetch_latest_version()
if LooseVersion(info['version']) < LooseVersion(latest):
print("Updating to version {}...".format(latest), end="", flush=True)
new_attrs = update_to_version(latest)
save_upstream_info(new_attrs)
print(" done.")
else:
print("Version {} is already the latest one.".format(info['version']))

44
pkgs/applications/virtualization/virtualbox/update.sh Executable file
View File

@ -0,0 +1,44 @@
#!/usr/bin/env nix-shell
#!nix-shell -i bash -p curl common-updater-scripts nix-prefetch-scripts jq
set -xeuo pipefail
nixpkgs="$(git rev-parse --show-toplevel)"
attr=virtualbox
oldVersion="$(nix-instantiate --eval -E "with import $nixpkgs {}; $attr.version or (builtins.parseDrvName $attr.name).version" | tr -d '"')"
latestVersion="$(curl -sS https://download.virtualbox.org/virtualbox/LATEST.TXT)"
function fileShaSum() {
echo "$1" | grep -w $2 | cut -f1 -d' '
}
function oldHash() {
nix-instantiate --eval --strict -A "$1.drvAttrs.outputHash" | tr -d '"'
}
function nixFile() {
nix-instantiate --eval --strict -A "${1}.meta.position" | sed -re 's/^"(.*):[0-9]+"$/\1/'
}
if [ ! "$oldVersion" = "$latestVersion" ]; then
shaSums=$(curl -sS https://download.virtualbox.org/virtualbox/$latestVersion/SHA256SUMS)
virtualBoxShaSum=$(fileShaSum "$shaSums" "VirtualBox-$latestVersion.tar.bz2")
extpackShaSum=$(fileShaSum "$shaSums" "Oracle_VM_VirtualBox_Extension_Pack-$latestVersion.vbox-extpack")
guestAdditionsShaSum=$(fileShaSum "$shaSums" "*VBoxGuestAdditions_$latestVersion.iso")
virtualboxNixFile=$(nixFile ${attr})
extpackNixFile=$(nixFile ${attr}Extpack)
guestAdditionsNixFile=$(nixFile linuxPackages.${attr}GuestAdditions)
extpackOldShaSum=$(oldHash ${attr}Extpack)
guestAdditionsOldShaSum=$(oldHash linuxPackages.${attr}GuestAdditions.src)
update-source-version $attr $latestVersion $virtualBoxShaSum
sed -i -e 's|value = "'$extpackOldShaSum'"|value = "'$extpackShaSum'"|' $extpackNixFile
sed -i -e 's|sha256 = "'$guestAdditionsOldShaSum'"|sha256 = "'$guestAdditionsShaSum'"|' $guestAdditionsNixFile
git add $virtualboxNixFile $extpackNixFile $guestAdditionsNixFile
git commit -m "$attr: ${oldVersion} -> ${latestVersion}"
else
echo "$attr is already up-to-date"
fi

2
pkgs/applications/window-managers/sway/wrapper.nix
View File

@ -14,8 +14,8 @@ let
baseWrapper = writeShellScriptBin "sway" ''
set -o errexit
if [ ! "$_SWAY_WRAPPER_ALREADY_EXECUTED" ]; then
export _SWAY_WRAPPER_ALREADY_EXECUTED=1
${extraSessionCommands}
export _SWAY_WRAPPER_ALREADY_EXECUTED=1
fi
if [ "$DBUS_SESSION_BUS_ADDRESS" ]; then
export DBUS_SESSION_BUS_ADDRESS

4
pkgs/build-support/alternatives/blas/default.nix
View File

@ -63,7 +63,7 @@ stdenv.mkDerivation {
installPhase = (''
mkdir -p $out/lib $dev/include $dev/lib/pkgconfig
libblas="${lib.getLib blasProvider}/lib/libblas${stdenv.hostPlatform.extensions.sharedLibrary}"
libblas="${lib.getLib blasProvider}/lib/libblas${canonicalExtension}"
if ! [ -e "$libblas" ]; then
echo "$libblas does not exist, ${blasProvider.name} does not provide libblas."
@ -100,7 +100,7 @@ Libs: -L$out/lib -lblas
Cflags: -I$dev/include
EOF
libcblas="${lib.getLib blasProvider}/lib/libcblas${stdenv.hostPlatform.extensions.sharedLibrary}"
libcblas="${lib.getLib blasProvider}/lib/libcblas${canonicalExtension}"
if ! [ -e "$libcblas" ]; then
echo "$libcblas does not exist, ${blasProvider.name} does not provide libcblas."

Some files were not shown because too many files have changed in this diff Show More