public
/
nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' into closure-size

This commit is contained in:
Vladimír Čunát 2016-02-14 08:33:51 +01:00
parent 34922a3951 6a036d9fca
commit d039c87984
671 changed files with 37363 additions and 16671 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
doc/haskell-users-guide.md
View File

@ -234,7 +234,7 @@ library promises to give its users access to GHC's installation paths. Only,
the library can't possible know that path when it's compiled, because the path
GHC considers its own is determined only much later, when the user configures
it through `ghcWithPackages`. So we [patched
ghc-paths](https://github.com/NixOS/nixpkgs/blob/master/pkgs/development/haskell-modules/ghc-paths-nix.patch)
ghc-paths](https://github.com/NixOS/nixpkgs/blob/master/pkgs/development/haskell-modules/patches/ghc-paths-nix.patch)
to return the paths found in those environment variables at run-time rather
than trying to guess them at compile-time.

11
lib/maintainers.nix
View File

@ -27,6 +27,7 @@
anderspapitto = "Anders Papitto <anderspapitto@gmail.com>";
andres = "Andres Loeh <ksnixos@andres-loeh.de>";
andrewrk = "Andrew Kelley <superjoe30@gmail.com>";
aneeshusa = "Aneesh Agrawal <aneeshusa@gmail.com>";
antono = "Antono Vasiljev <self@antono.info>";
ardumont = "Antoine R. Dumont <eniotna.t@gmail.com>";
aristid = "Aristid Breitkreuz <aristidb@gmail.com>";
@ -93,10 +94,11 @@
eduarrrd = "Eduard Bachmakov <e.bachmakov@gmail.com>";
edwtjo = "Edward Tjörnhammar <ed@cflags.cc>";
eelco = "Eelco Dolstra <eelco.dolstra@logicblox.com>";
ehmry = "Emery Hemingway <emery@vfemail.net>";
eikek = "Eike Kettner <eike.kettner@posteo.de>";
elasticdog = "Aaron Bull Schaefer <aaron@elasticdog.com>";
elitak = "Eric Litak <elitak@gmail.com>";
ellis = "Ellis Whitehead <nixos@ellisw.net>";
ehmry = "Emery Hemingway <emery@vfemail.net>";
epitrochoid = "Mabry Cervin <mpcervin@uncg.edu>";
ericbmerritt = "Eric Merritt <eric@afiniate.com>";
ericsagnes = "Eric Sagnes <eric.sagnes@gmail.com>";
@ -104,6 +106,7 @@
ertes = "Ertugrul Söylemez <ertesx@gmx.de>";
exi = "Reno Reckling <nixos@reckling.org>";
exlevan = "Alexey Levan <exlevan@gmail.com>";
fadenb = "Tristan Helmich <tristan.helmich+nixos@gmail.com>";
falsifian = "James Cook <james.cook@utoronto.ca>";
flosse = "Markus Kohlhase <mail@markus-kohlhase.de>";
fluffynukeit = "Daniel Austin <dan@fluffynukeit.com>";
@ -124,7 +127,7 @@
gfxmonk = "Tim Cuthbertson <tim@gfxmonk.net>";
giogadi = "Luis G. Torres <lgtorres42@gmail.com>";
gleber = "Gleb Peregud <gleber.p@gmail.com>";
globin = "Robin Gloster <robin@glob.in>";
globin = "Robin Gloster <mail@glob.in>";
goibhniu = "Cillian de Róiste <cillian.deroiste@gmail.com>";
gridaphobe = "Eric Seidel <eric@seidel.io>";
guibert = "David Guibert <david.guibert@gmail.com>";
@ -159,6 +162,7 @@
jzellner = "Jeff Zellner <jeffz@eml.cc>";
kamilchm = "Kamil Chmielewski <kamil.chm@gmail.com>";
kampfschlaefer = "Arnold Krille <arnold@arnoldarts.de>";
kevincox = "Kevin Cox <kevincox@kevincox.ca>";
khumba = "Bryan Gardiner <bog@khumba.net>";
kkallio = "Karn Kallio <tierpluspluslists@gmail.com>";
koral = "Koral <koral@mailoo.org>";
@ -300,6 +304,7 @@
taeer = "Taeer Bar-Yam <taeer@necsi.edu>";
tailhook = "Paul Colomiets <paul@colomiets.name>";
taktoa = "Remy Goldschmidt <taktoa@gmail.com>";
tavyc = "Octavian Cerna <octavian.cerna@gmail.com>";
telotortium = "Robert Irelan <rirelan@gmail.com>";
thall = "Niclas Thall <niclas.thall@gmail.com>";
thammers = "Tobias Hammerschmidt <jawr@gmx.de>";
@ -315,9 +320,11 @@
tstrobel = "Thomas Strobel <ts468@cam.ac.uk>";
ttuegel = "Thomas Tuegel <ttuegel@gmail.com>";
tv = "Tomislav Viljetić <tv@shackspace.de>";
tvestelind = "Tomas Vestelind <tomas.vestelind@fripost.org>";
twey = "James Twey Kay <twey@twey.co.uk>";
urkud = "Yury G. Kudryashov <urkud+nix@ya.ru>";
vandenoever = "Jos van den Oever <jos@vandenoever.info>";
vanzef = "Ivan Solyankin <vanzef@gmail.com>";
vbgl = "Vincent Laporte <Vincent.Laporte@gmail.com>";
vbmithr = "Vincent Bernardoff <vb@luminar.eu.org>";
vcunat = "Vladimír Čunát <vcunat@gmail.com>";

2
nixos/doc/manual/configuration/config-file.xml
View File

@ -157,7 +157,7 @@ boot.kernel.sysctl."net.ipv4.tcp_keepalive_time" = 60;
fileSystems."/boot" =
{ device = "/dev/sda1";
fsType = "ext4";
options = "rw,data=ordered,relatime";
options = [ "rw" "data=ordered" "relatime" ];
};
</programlisting>
</para>

15
nixos/doc/manual/default.nix
View File

@ -17,7 +17,7 @@ let
# Clean up declaration sites to not refer to the NixOS source tree.
optionsList' = flip map optionsList (opt: opt // {
declarations = map (fn: stripAnyPrefixes fn) opt.declarations;
declarations = map stripAnyPrefixes opt.declarations;
}
// optionalAttrs (opt ? example) { example = substFunction opt.example; }
// optionalAttrs (opt ? default) { default = substFunction opt.default; }
@ -28,16 +28,9 @@ let
# or else the build will fail.
#
# E.g. if some `options` came from modules in ${pkgs.customModules}/nix,
# you'd need to include `extraSources = [ "#{pkgs.customModules}" ]`
herePrefix = toString ../../..;
prefixesToStrip = [ herePrefix ] ++ extraSources;
stripAnyPrefixes = fn:
flip (flip fold fn) prefixesToStrip (fn: prefix:
if substring 0 (stringLength prefix) fn == prefix then
substring (stringLength prefix + 1) 1000 fn
else
fn);
# you'd need to include `extraSources = [ pkgs.customModules ]`
prefixesToStrip = map (p: "${toString p}/") ([ ../../.. ] ++ extraSources);
stripAnyPrefixes = flip (fold removePrefix) prefixesToStrip;
# Convert the list of options into an XML file.
optionsXML = builtins.toFile "options.xml" (builtins.toXML optionsList');

4
nixos/doc/manual/man-nixos-generate-config.xml
View File

@ -165,13 +165,13 @@ look like this:
fileSystems."/" =
{ device = "/dev/disk/by-label/nixos";
fsType = "ext3";
options = "rw,data=ordered,relatime";
options = [ "rw" "data=ordered" "relatime" ];
};
fileSystems."/boot" =
{ device = "/dev/sda1";
fsType = "ext3";
options = "rw,errors=continue,user_xattr,acl,barrier=1,data=writeback,relatime";
options = [ "rw" "errors=continue" "user_xattr" "acl" "barrier=1" "data=writeback" "relatime" ];
};
swapDevices =

16
nixos/doc/manual/release-notes/rl-unstable.xml
View File

@ -42,6 +42,7 @@ nixos.path = ./nixpkgs-unstable-2015-12-06/nixos;
<itemizedlist>
<listitem><para><literal>services/monitoring/longview.nix</literal></para></listitem>
<listitem><para><literal>services/web-apps/pump.io.nix</literal></para></listitem>
<listitem><para><literal>services/security/haka.nix</literal></para></listitem>
</itemizedlist>
</para>
@ -155,6 +156,21 @@ nginx.override {
options and more.</para>
</listitem>
<listitem>
<para>Filesystem options should now be configured as a list of strings, not
a comma-separated string. The old style will continue to work, but print a
warning, until the 16.09 release. An example of the new style:
<programlisting>
fileSystems."/example" = {
device = "/dev/sdc";
fsType = "btrfs";
options = [ "noatime" "compress=lzo" "space_cache" "autodefrag" ];
};
</programlisting>
</para>
</listitem>
<listitem>
<para>CUPS, installed by <literal>services.printing</literal> module, now
has its data directory in <filename>/var/lib/cups</filename>. Old

6
nixos/modules/config/zram.nix
View File

@ -98,11 +98,9 @@ in
script = ''
set -u
set -o pipefail
PATH=${pkgs.procps}/bin:${pkgs.gnugrep}/bin:${pkgs.gnused}/bin
# Calculate memory to use for zram
totalmem=$(free | grep -e "^Mem:" | sed -e 's/^Mem: *//' -e 's/ *.*//')
totalmem=$(${pkgs.gnugrep}/bin/grep 'MemTotal: ' /proc/meminfo | ${pkgs.gawk}/bin/awk '{print $2}')
mem=$(((totalmem * ${toString cfg.memoryPercent} / 100 / ${toString cfg.numDevices}) * 1024))
echo $mem > /sys/class/block/${dev}/disksize

45
nixos/modules/hardware/video/webcam/facetimehd.nix Normal file
View File

@ -0,0 +1,45 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.hardware.facetimehd;
kernelPackages = config.boot.kernelPackages;
in
{
options.hardware.facetimehd.enable = mkEnableOption "facetimehd kernel module";
config = mkIf cfg.enable {
assertions = singleton {
assertion = versionAtLeast kernelPackages.kernel.version "3.19";
message = "facetimehd is not supported for kernels older than 3.19";
};
boot.kernelModules = [ "facetimehd" ];
boot.blacklistedKernelModules = [ "bdc_pci" ];
boot.extraModulePackages = [ kernelPackages.facetimehd ];
hardware.firmware = [ pkgs.facetimehd-firmware ];
# unload module during suspend/hibernate as it crashes the whole system
powerManagement.powerDownCommands = ''
${pkgs.module_init_tools}/bin/rmmod -f facetimehd
'';
# and load it back on resume
powerManagement.resumeCommands = ''
export MODULE_DIR=/run/current-system/kernel-modules/lib/modules
${pkgs.module_init_tools}/bin/modprobe -v facetimehd
'';
};
}

8
nixos/modules/installer/cd-dvd/iso-image.nix
View File

@ -249,7 +249,7 @@ in
fileSystems."/" =
{ fsType = "tmpfs";
options = "mode=0755";
options = [ "mode=0755" ];
};
# Note that /dev/root is a symlink to the actual root device
@ -266,20 +266,20 @@ in
fileSystems."/nix/.ro-store" =
{ fsType = "squashfs";
device = "/iso/nix-store.squashfs";
options = "loop";
options = [ "loop" ];
neededForBoot = true;
};
fileSystems."/nix/.rw-store" =
{ fsType = "tmpfs";
options = "mode=0755";
options = [ "mode=0755" ];
neededForBoot = true;
};
fileSystems."/nix/store" =
{ fsType = "unionfs-fuse";
device = "unionfs";
options = "allow_other,cow,nonempty,chroot=/mnt-root,max_files=32768,hide_meta_files,dirs=/nix/.rw-store=rw:/nix/.ro-store=ro";
options = [ "allow_other" "cow" "nonempty" "chroot=/mnt-root" "max_files=32768" "hide_meta_files" "dirs=/nix/.rw-store=rw:/nix/.ro-store=ro" ];
};
boot.initrd.availableKernelModules = [ "squashfs" "iso9660" "usb-storage" ];

3
nixos/modules/installer/cd-dvd/system-tarball-sheevaplug.nix
View File

@ -86,8 +86,7 @@ in
system.boot.loader.kernelFile = "uImage";
boot.initrd.availableKernelModules =
[ "mvsdio" "mmc_block" "reiserfs" "ext3" "ums-cypress" "rtc_mv"
"ext4" ];
[ "mvsdio" "reiserfs" "ext3" "ums-cypress" "rtc_mv" "ext4" ];
boot.postBootCommands =
''

2
nixos/modules/installer/cd-dvd/system-tarball.nix
View File

@ -43,7 +43,7 @@ in
# so that we don't need to know its device.
fileSystems = [ ];
# boot.initrd.availableKernelModules = [ "mvsdio" "mmc_block" "reiserfs" "ext3" "ext4" ];
# boot.initrd.availableKernelModules = [ "mvsdio" "reiserfs" "ext3" "ext4" ];
# boot.initrd.kernelModules = [ "rtc_mv" ];

4
nixos/modules/installer/tools/nixos-generate-config.pl
View File

@ -349,7 +349,7 @@ foreach my $fs (read_file("/proc/self/mountinfo")) {
fileSystems.\"$mountPoint\" =
{ device = \"$base$path\";
fsType = \"none\";
options = \"bind\";
options = \[ \"bind\" \];
};
EOF
@ -409,7 +409,7 @@ EOF
if (scalar @extraOptions > 0) {
$fileSystems .= <<EOF;
options = \"${\join ",", uniq(@extraOptions)}\";
options = \[ ${\join " ", map { "\"" . $_ . "\"" } uniq(@extraOptions)} \];
EOF
}

5
nixos/modules/installer/tools/nixos-install.sh
View File

@ -73,11 +73,6 @@ if ! test -e "$mountPoint"; then
exit 1
fi
if ! grep -F -q " $mountPoint " /proc/mounts; then
echo "$mountPoint doesn't appear to be a mount point"
exit 1
fi
# Mount some stuff in the target root directory.
mkdir -m 0755 -p $mountPoint/dev $mountPoint/proc $mountPoint/sys $mountPoint/etc $mountPoint/run $mountPoint/home

7
nixos/modules/installer/tools/nixos-rebuild.sh
View File

@ -149,10 +149,11 @@ nixBuild() {
local j="$1"; shift 1
instArgs+=("$i" "$j")
;;
-I)
# We don't want this in buildArgs
-I) # We don't want this in buildArgs
shift 1
;;
--no-out-link) # We don't want this in buildArgs
;;
"<"*) # nix paths
instArgs+=("$i")
;;
@ -329,7 +330,7 @@ fi
if [ -z "$rollback" ]; then
echo "building the system configuration..." >&2
if [ "$action" = switch -o "$action" = boot ]; then
pathToConfig="$(nixBuild '<nixpkgs/nixos>' -A system "${extraBuildFlags[@]}")"
pathToConfig="$(nixBuild '<nixpkgs/nixos>' --no-out-link -A system "${extraBuildFlags[@]}")"
copyToTarget "$pathToConfig"
targetHostCmd nix-env -p "$profile" --set "$pathToConfig"
elif [ "$action" = test -o "$action" = build -o "$action" = dry-build -o "$action" = dry-activate ]; then

9
nixos/modules/module-list.nix
View File

@ -42,6 +42,7 @@
./hardware/video/bumblebee.nix
./hardware/video/nvidia.nix
./hardware/video/ati.nix
./hardware/video/webcam/facetimehd.nix
./installer/tools/auto-upgrade.nix
./installer/tools/nixos-checkout.nix
./installer/tools/tools.nix
@ -395,6 +396,7 @@
./services/security/fprintd.nix
./services/security/fprot.nix
./services/security/frandom.nix
./services/security/haka.nix
./services/security/haveged.nix
./services/security/hologram.nix
./services/security/munge.nix
@ -460,10 +462,10 @@
./system/boot/coredump.nix
./system/boot/emergency-mode.nix
./system/boot/initrd-network.nix
./system/boot/initrd-ssh.nix
./system/boot/kernel.nix
./system/boot/kexec.nix
./system/boot/loader/efi.nix
./system/boot/loader/loader.nix
./system/boot/loader/generations-dir/generations-dir.nix
./system/boot/loader/generic-extlinux-compatible
./system/boot/loader/grub/grub.nix
@ -471,15 +473,16 @@
./system/boot/loader/grub/memtest.nix
./system/boot/loader/gummiboot/gummiboot.nix
./system/boot/loader/init-script/init-script.nix
./system/boot/loader/loader.nix
./system/boot/loader/raspberrypi/raspberrypi.nix
./system/boot/luksroot.nix
./system/boot/modprobe.nix
./system/boot/networkd.nix
./system/boot/resolved.nix
./system/boot/shutdown.nix
./system/boot/stage-1.nix
./system/boot/stage-2.nix
./system/boot/systemd.nix
./system/boot/networkd.nix
./system/boot/resolved.nix
./system/boot/timesyncd.nix
./system/boot/tmp.nix
./system/etc/etc.nix

3
nixos/modules/programs/ssh.nix
View File

@ -186,6 +186,9 @@ in
ForwardX11 ${if cfg.forwardX11 then "yes" else "no"}
# Allow DSA keys for now. (These were deprecated in OpenSSH 7.0.)
PubkeyAcceptedKeyTypes +ssh-dss
${cfg.extraConfig}
'';

4
nixos/modules/security/acme.nix
View File

@ -56,8 +56,8 @@ let
plugins = mkOption {
type = types.listOf (types.enum [
"cert.der" "cert.pem" "chain.der" "chain.pem" "external_pem.sh"
"fullchain.der" "fullchain.pem" "key.der" "key.pem" "account_key.json"
"cert.der" "cert.pem" "chain.pem" "external_pem.sh"
"fullchain.pem" "full.pem" "key.der" "key.pem" "account_key.json"
]);
default = [ "fullchain.pem" "key.pem" "account_key.json" ];
description = ''

38
nixos/modules/services/databases/postgresql.nix
View File

@ -158,7 +158,7 @@ in
# Note: when changing the default, make it conditional on
# system.stateVersion to maintain compatibility with existing
# systems!
mkDefault pkgs.postgresql94;
mkDefault (if versionAtLeast config.system.stateVersion "16.03" then pkgs.postgresql95 else pkgs.postgresql94);
services.postgresql.authentication = mkAfter
''
@ -177,7 +177,7 @@ in
users.extraGroups.postgres.gid = config.ids.gids.postgres;
environment.systemPackages = [postgresql];
environment.systemPackages = [ postgresql ];
systemd.services.postgresql =
{ description = "PostgreSQL Server";
@ -187,35 +187,37 @@ in
environment.PGDATA = cfg.dataDir;
path = [ pkgs.su postgresql ];
path = [ postgresql ];
preStart =
''
# Create data directory.
if ! test -e ${cfg.dataDir}/PG_VERSION; then
mkdir -m 0700 -p ${cfg.dataDir}
rm -f ${cfg.dataDir}/*.conf
chown -R postgres:postgres ${cfg.dataDir}
fi
''; # */
script =
''
# Initialise the database.
if ! test -e ${cfg.dataDir}/PG_VERSION; then
mkdir -m 0700 -p ${cfg.dataDir}
rm -f ${cfg.dataDir}/*.conf
if [ "$(id -u)" = 0 ]; then
chown -R postgres ${cfg.dataDir}
su -s ${pkgs.stdenv.shell} postgres -c 'initdb -U root'
else
# For non-root operation.
initdb
fi
# See postStart!
touch "${cfg.dataDir}/.first_startup"
initdb -U root
# See postStart!
touch "${cfg.dataDir}/.first_startup"
fi
ln -sfn "${configFile}" "${cfg.dataDir}/postgresql.conf"
${optionalString (cfg.recoveryConfig != null) ''
ln -sfn "${pkgs.writeText "recovery.conf" cfg.recoveryConfig}" \
"${cfg.dataDir}/recovery.conf"
''}
''; # */
exec postgres ${toString flags}
'';
serviceConfig =
{ ExecStart = "@${postgresql}/bin/postgres postgres ${toString flags}";
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
{ ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
User = "postgres";
Group = "postgres";
PermissionsStartOnly = true;

176
nixos/modules/services/hardware/acpid.nix
View File

@ -4,112 +4,39 @@ with lib;
let
canonicalHandlers = {
powerEvent = {
event = "button/power.*";
action = config.services.acpid.powerEventCommands;
};
lidEvent = {
event = "button/lid.*";
action = config.services.acpid.lidEventCommands;
};
acEvent = {
event = "ac_adapter.*";
action = config.services.acpid.acEventCommands;
};
};
acpiConfDir = pkgs.runCommand "acpi-events" {}
''
mkdir -p $out
${
# Generate a configuration file for each event. (You can't have
# multiple events in one config file...)
let f = event:
let f = name: handler:
''
fn=$out/${event.name}
echo "event=${event.event}" > $fn
echo "action=${pkgs.writeScript "${event.name}.sh" event.action}" >> $fn
fn=$out/${name}
echo "event=${handler.event}" > $fn
echo "action=${pkgs.writeScript "${name}.sh" (concatStringsSep "\n" [ "#! ${pkgs.bash}/bin/sh" handler.action ])}" >> $fn
'';
in lib.concatMapStrings f events
in concatStringsSep "\n" (mapAttrsToList f (canonicalHandlers // config.services.acpid.handlers))
}
'';
events = [powerEvent lidEvent acEvent muteEvent volumeDownEvent volumeUpEvent cdPlayEvent cdNextEvent cdPrevEvent];
# Called when the power button is pressed.
powerEvent =
{ name = "power-button";
event = "button/power.*";
action =
''
#! ${pkgs.bash}/bin/sh
${config.services.acpid.powerEventCommands}
'';
};
# Called when the laptop lid is opened/closed.
lidEvent =
{ name = "lid";
event = "button/lid.*";
action =
''
#! ${pkgs.bash}/bin/sh
${config.services.acpid.lidEventCommands}
'';
};
# Called when the AC power is connected or disconnected.
acEvent =
{ name = "ac-power";
event = "ac_adapter.*";
action =
''
#! ${pkgs.bash}/bin/sh
${config.services.acpid.acEventCommands}
'';
};
muteEvent = {
name = "mute";
event = "button/mute.*";
action = ''
#! ${pkgs.bash}/bin/sh
${config.services.acpid.muteCommands}
'';
};
volumeDownEvent = {
name = "volume-down";
event = "button/volumedown.*";
action = ''
#! ${pkgs.bash}/bin/sh
${config.services.acpid.volumeDownEventCommands}
'';
};
volumeUpEvent = {
name = "volume-up";
event = "button/volumeup.*";
action = ''
#! ${pkgs.bash}/bin/sh
${config.services.acpid.volumeUpEventCommands}
'';
};
cdPlayEvent = {
name = "cd-play";
event = "cd/play.*";
action = ''
#! ${pkgs.bash}/bin/sh
${config.services.acpid.cdPlayEventCommands}
'';
};
cdNextEvent = {
name = "cd-next";
event = "cd/next.*";
action = ''
#! ${pkgs.bash}/bin/sh
${config.services.acpid.cdNextEventCommands}
'';
};
cdPrevEvent = {
name = "cd-prev";
event = "cd/prev.*";
action = ''
#! ${pkgs.bash}/bin/sh
${config.services.acpid.cdPrevEventCommands}
'';
};
in
{
@ -126,6 +53,29 @@ in
description = "Whether to enable the ACPI daemon.";
};
handlers = mkOption {
type = types.attrsOf (types.submodule {
options = {
event = mkOption {
type = types.str;
example = [ "button/power.*" "button/lid.*" "ac_adapter.*" "button/mute.*" "button/volumedown.*" "cd/play.*" "cd/next.*" ];
description = "Event type.";
};
action = mkOption {
type = types.lines;
description = "Shell commands to execute when the event is triggered.";
};
};
});
description = "Event handlers.";
default = {};
example = { mute = { event = "button/mute.*"; action = "amixer set Master toggle"; }; };
};
powerEventCommands = mkOption {
type = types.lines;
default = "";
@ -144,42 +94,6 @@ in
description = "Shell commands to execute on an ac_adapter.* event.";
};
muteCommands = mkOption {
type = types.lines;
default = "";
description = "Shell commands to execute on an button/mute.* event.";
};
volumeDownEventCommands = mkOption {
type = types.lines;
default = "";
description = "Shell commands to execute on an button/volumedown.* event.";
};
volumeUpEventCommands = mkOption {
type = types.lines;
default = "";
description = "Shell commands to execute on an button/volumeup.* event.";
};
cdPlayEventCommands = mkOption {
type = types.lines;
default = "";
description = "Shell commands to execute on an cd/play.* event.";
};
cdNextEventCommands = mkOption {
type = types.lines;
default = "";
description = "Shell commands to execute on an cd/next.* event.";
};
cdPrevEventCommands = mkOption {
type = types.lines;
default = "";
description = "Shell commands to execute on an cd/prev.* event.";
};
};
};

60
nixos/modules/services/hardware/bluetooth.nix
View File

@ -1,6 +1,43 @@
{ config, lib, pkgs, ... }:
with lib;
let
bluez-bluetooth = if config.services.xserver.desktopManager.kde4.enable then pkgs.bluez else pkgs.bluez5;
configBluez = {
description = "Bluetooth Service";
serviceConfig = {
Type = "dbus";
BusName = "org.bluez";
ExecStart = "${bluez-bluetooth}/sbin/bluetoothd -n";
};
wantedBy = [ "bluetooth.target" ];
};
configBluez5 = {
description = "Bluetooth Service";
serviceConfig = {
Type = "dbus";
BusName = "org.bluez";
ExecStart = "${bluez-bluetooth}/sbin/bluetoothd -n";
NotifyAccess="main";
CapabilityBoundingSet="CAP_NET_ADMIN CAP_NET_BIND_SERVICE";
LimitNPROC=1;
};
wantedBy = [ "bluetooth.target" ];
};
obexConfig = {
description = "Bluetooth OBEX service";
serviceConfig = {
Type = "dbus";
BusName = "org.bluez.obex";
ExecStart = "${bluez-bluetooth}/sbin/obexd";
};
};
bluezConfig = if config.services.xserver.desktopManager.kde4.enable then configBluez else configBluez5;
in
{
@ -16,26 +53,15 @@ with lib;
};
###### implementation
config = mkIf config.hardware.bluetooth.enable {
environment.systemPackages = [ pkgs.bluez pkgs.openobex pkgs.obexftp ];
services.udev.packages = [ pkgs.bluez ];
services.dbus.packages = [ pkgs.bluez ];
systemd.services."dbus-org.bluez" = {
description = "Bluetooth Service";
serviceConfig = {
Type = "dbus";
BusName = "org.bluez";
ExecStart = "${pkgs.bluez}/sbin/bluetoothd -n";
};
wantedBy = [ "bluetooth.target" ];
};
environment.systemPackages = [ bluez-bluetooth pkgs.openobex pkgs.obexftp ];
services.udev.packages = [ bluez-bluetooth ];
services.dbus.packages = [ bluez-bluetooth ];
systemd.services."dbus-org.bluez" = bluezConfig;
systemd.services."dbus-org.bluez.obex" = obexConfig;
};

87
nixos/modules/services/hardware/udev.nix
View File

@ -16,6 +16,12 @@ let
destination = "/etc/udev/rules.d/10-local.rules";
};
extraHwdbFile = pkgs.writeTextFile {
name = "extra-hwdb-file";
text = cfg.extraHwdb;
destination = "/etc/udev/hwdb.d/10-local.hwdb";
};
nixosRules = ''
# Miscellaneous devices.
KERNEL=="kvm", MODE="0666"
@ -55,7 +61,9 @@ let
--replace \"/sbin/modprobe \"${config.system.sbin.modprobe}/sbin/modprobe \
--replace \"/sbin/mdadm \"${pkgs.mdadm}/sbin/mdadm \
--replace \"/sbin/blkid \"${pkgs.utillinux}/sbin/blkid \
--replace \"/bin/mount \"${pkgs.utillinux}/bin/mount
--replace \"/bin/mount \"${pkgs.utillinux}/bin/mount \
--replace /usr/bin/readlink ${pkgs.coreutils}/bin/readlink \
--replace /usr/bin/basename ${pkgs.coreutils}/bin/basename
done
echo -n "Checking that all programs called by relative paths in udev rules exist in ${udev}/lib/udev... "
@ -86,10 +94,30 @@ let
done
echo "OK"
echo "Consider fixing the following udev rules:"
for i in ${toString cfg.packages}; do
grep -l '\(RUN+\|IMPORT{program}\)="\(/usr\)\?/s\?bin' $i/*/udev/rules.d/* || true
done
filesToFixup="$(for i in "$out"/*; do
grep -l '\B\(/usr\)\?/s\?bin' "$i" || :
done)"
if [ -n "$filesToFixup" ]; then
echo "Consider fixing the following udev rules:"
echo "$filesToFixup" | while read localFile; do
remoteFile="origin unknown"
for i in ${toString cfg.packages}; do
for j in "$i"/*/udev/rules.d/*; do
[ -e "$out/$(basename "$j")" ] || continue
[ "$(basename "$j")" = "$(basename "$localFile")" ] || continue
remoteFile="originally from $j"
break 2
done
done
refs="$(
grep -o '\B\(/usr\)\?/s\?bin/[^ "]\+' "$localFile" \
| sed -e ':r;N;''${s/\n/ and /;br};s/\n/, /g;br'
)"
echo "$localFile ($remoteFile) contains references to $refs."
done
exit 1
fi
${optionalString config.networking.usePredictableInterfaceNames ''
cp ${./80-net-setup-link.rules} $out/80-net-setup-link.rules
@ -104,6 +132,27 @@ let
''; # */
};
hwdbBin = stdenv.mkDerivation {
name = "hwdb.bin";
preferLocalBuild = true;
allowSubstitutes = false;
buildCommand = ''
mkdir -p etc/udev/hwdb.d
for i in ${toString ([udev] ++ cfg.packages)}; do
echo "Adding hwdb files for package $i"
for j in $i/{etc,lib}/udev/hwdb.d/*; do
ln -s $j etc/udev/hwdb.d/$(basename $j)
done
done
echo "Generating hwdb database..."
${udev}/bin/udevadm hwdb --update --root=$(pwd)
mv etc/udev/hwdb.bin $out
'';
};
# Udev has a 512-character limit for ENV{PATH}, so create a symlink
# tree to work around this.
udevPath = pkgs.buildEnv {
@ -168,6 +217,21 @@ in
'';
};
extraHwdb = mkOption {
default = "";
example = ''
evdev:input:b0003v05AFp8277*
KEYBOARD_KEY_70039=leftalt
KEYBOARD_KEY_700e2=leftctrl
'';
type = types.lines;
description = ''
Additional <command>hwdb</command> files. They'll be written
into file <filename>10-local.hwdb</filename>. Thus they are
read before all other files.
'';
};
};
hardware.firmware = mkOption {
@ -216,7 +280,7 @@ in
services.udev.extraRules = nixosRules;
services.udev.packages = [ extraUdevRules ];
services.udev.packages = [ extraUdevRules extraHwdbFile ];
services.udev.path = [ pkgs.coreutils pkgs.gnused pkgs.gnugrep pkgs.utillinux udev ];
@ -224,6 +288,9 @@ in
[ { source = udevRules;
target = "udev/rules.d";
}
{ source = hwdbBin;
target = "udev/hwdb.bin";
}
];
system.requiredKernelConfig = with config.lib.kernelConfig; [
@ -241,13 +308,6 @@ in
echo "" > /proc/sys/kernel/hotplug
fi
# Regenerate the hardware database /var/lib/udev/hwdb.bin
# whenever systemd changes.
if [ ! -e /var/lib/udev/prev-systemd -o "$(readlink /var/lib/udev/prev-systemd)" != ${config.systemd.package} ]; then
echo "regenerating udev hardware database..."
${config.systemd.package}/bin/udevadm hwdb --update && ln -sfn ${config.systemd.package} /var/lib/udev/prev-systemd
fi
# Allow the kernel to find our firmware.
if [ -e /sys/module/firmware_class/parameters/path ]; then
echo -n "${config.hardware.firmware}/lib/firmware" > /sys/module/firmware_class/parameters/path
@ -256,6 +316,7 @@ in
systemd.services.systemd-udevd =
{ environment.MODULE_DIR = "/run/booted-system/kernel-modules/lib/modules";
restartTriggers = cfg.packages;
};
};

6
nixos/modules/services/logging/logstash.nix
View File

@ -85,7 +85,7 @@ in
type = types.lines;
default = ''stdin { type => "example" }'';
description = "Logstash input configuration.";
example = ''
example = literalExample ''
# Read from journal
pipe {
command => "''${pkgs.systemd}/bin/journalctl -f -o json"
@ -98,7 +98,7 @@ in
type = types.lines;
default = ''noop {}'';
description = "logstash filter configuration.";
example = ''
example = literalExample ''
if [type] == "syslog" {
# Keep only relevant systemd fields
# http://www.freedesktop.org/software/systemd/man/systemd.journal-fields.html
@ -114,7 +114,7 @@ in
outputConfig = mkOption {
type = types.lines;
default = ''stdout { debug => true debug_format => "json"}'';
default = literalExample ''stdout { debug => true debug_format => "json"}'';
description = "Logstash output configuration.";
example = ''
redis { host => "localhost" data_type => "list" key => "logstash" codec => json }

1
nixos/modules/services/mail/dovecot.nix
View File

@ -13,6 +13,7 @@ let
''
base_dir = ${baseDir}
protocols = ${concatStringsSep " " cfg.protocols}
sendmail_path = /var/setuid-wrappers/sendmail
''
(if isNull cfg.sslServerCert then ''

5
nixos/modules/services/mail/dspam.nix
View File

@ -109,6 +109,9 @@ in {
Group = cfg.group;
RuntimeDirectory = optional (cfg.domainSocket == defaultSock) "dspam";
PermissionsStartOnly = true;
# DSPAM segfaults on just about every error
Restart = "on-failure";
RestartSec = "1s";
};
preStart = ''
@ -136,7 +139,7 @@ in {
restartTriggers = [ cfgfile ];
serviceConfig = {
ExecStart = "${dspam}/bin/dspam_maintenance";
ExecStart = "${dspam}/bin/dspam_maintenance --verbose";
Type = "oneshot";
User = cfg.user;
Group = cfg.group;

21
nixos/modules/services/mail/opensmtpd.nix
View File

@ -9,6 +9,11 @@ let
conf = writeText "smtpd.conf" cfg.serverConfiguration;
args = concatStringsSep " " cfg.extraServerArgs;
sendmail = pkgs.runCommand "opensmtpd-sendmail" {} ''
mkdir -p $out/bin
ln -s ${opensmtpd}/sbin/smtpctl $out/bin/sendmail
'';
in {
###### interface
@ -23,6 +28,15 @@ in {
description = "Whether to enable the OpenSMTPD server.";
};
addSendmailToSystemPath = mkOption {
type = types.bool;
default = true;
description = ''
Whether to add OpenSMTPD's sendmail binary to the
system path or not.
'';
};
extraServerArgs = mkOption {
type = types.listOf types.str;
default = [];
@ -64,7 +78,7 @@ in {
###### implementation
config = mkIf config.services.opensmtpd.enable {
config = mkIf cfg.enable {
users.extraGroups = {
smtpd.gid = config.ids.gids.smtpd;
smtpq.gid = config.ids.gids.smtpq;
@ -98,9 +112,6 @@ in {
environment.OPENSMTPD_PROC_PATH = "${procEnv}/libexec/opensmtpd";
};
environment.systemPackages = [ (pkgs.runCommand "opensmtpd-sendmail" {} ''
mkdir -p $out/bin
ln -s ${opensmtpd}/sbin/smtpctl $out/bin/sendmail
'') ];
environment.systemPackages = mkIf cfg.addSendmailToSystemPath [ sendmail ];
};
}

32
nixos/modules/services/mail/postfix.nix
View File

@ -13,6 +13,18 @@ let
haveTransport = cfg.transport != "";
haveVirtual = cfg.virtual != "";
clientAccess =
if (cfg.dnsBlacklistOverrides != "")
then [ "check_client_access hash:/etc/postfix/client_access" ]
else [];
dnsBl =
if (cfg.dnsBlacklists != [])
then [ (concatStringsSep ", " (map (s: "reject_rbl_client " + s) cfg.dnsBlacklists)) ]
else [];
clientRestrictions = concatStringsSep ", " (clientAccess ++ dnsBl);
mainCf =
''
compatibility_level = 2
@ -104,6 +116,9 @@ let
+ optionalString haveVirtual ''
virtual_alias_maps = hash:/etc/postfix/virtual
''
+ optionalString (cfg.dnsBlacklists != []) ''
smtpd_client_restrictions = ${clientRestrictions}
''
+ cfg.extraConfig;
masterCf = ''
@ -161,6 +176,7 @@ let
aliasesFile = pkgs.writeText "postfix-aliases" aliases;
virtualFile = pkgs.writeText "postfix-virtual" cfg.virtual;
checkClientAccessFile = pkgs.writeText "postfix-check-client-access" cfg.dnsBlacklistOverrides;
mainCfFile = pkgs.writeText "postfix-main.cf" mainCf;
masterCfFile = pkgs.writeText "postfix-master.cf" masterCf;
transportFile = pkgs.writeText "postfix-transport" cfg.transport;
@ -366,6 +382,17 @@ in
";
};
dnsBlacklists = mkOption {
default = [];
type = with types; listOf string;
description = "dns blacklist servers to use with smtpd_client_restrictions";
};
dnsBlacklistOverrides = mkOption {
default = "";
description = "contents of check_client_access for overriding dnsBlacklists";
};
extraMasterConf = mkOption {
type = types.lines;
default = "";
@ -461,7 +488,7 @@ in
rm -rf /var/lib/postfix/conf
mkdir -p /var/lib/postfix/conf
chmod 0755 /var/lib/postfix/conf
ln -sf ${pkgs.postfix}/etc/postfix/postfix-files
ln -sf ${pkgs.postfix}/etc/postfix/postfix-files /var/lib/postfix/conf/postfix-files
ln -sf ${mainCfFile} /var/lib/postfix/conf/main.cf
ln -sf ${masterCfFile} /var/lib/postfix/conf/master.cf
@ -494,6 +521,9 @@ in
(mkIf haveVirtual {
services.postfix.mapFiles."virtual" = virtualFile;
})
(mkIf (cfg.dnsBlacklists != []) {
services.postfix.mapFiles."client_access" = checkClientAccessFile;
})
]);
}

6
nixos/modules/services/mail/postsrsd.nix
View File

@ -95,7 +95,11 @@ in {
preStart = ''
if [ ! -e "${cfg.secretsFile}" ]; then
echo "WARNING: secrets file not found, autogenerating!"
mkdir -p -m750 "$(dirname "${cfg.secretsFile}")"
DIR="$(dirname "${cfg.secretsFile}")"
if [ ! -d "$DIR" ]; then
mkdir -p -m750 "$DIR"
chown "${cfg.user}:${cfg.group}" "$DIR"
fi
dd if=/dev/random bs=18 count=1 | base64 > "${cfg.secretsFile}"
chmod 600 "${cfg.secretsFile}"
fi

1
nixos/modules/services/misc/gitit.nix
View File

@ -35,7 +35,6 @@ let
};
haskellPackages = mkOption {
type = types.attrsOf types.package;
default = pkgs.haskellPackages;
defaultText = "pkgs.haskellPackages";
example = literalExample "pkgs.haskell.packages.ghc784";

2
nixos/modules/services/misc/sundtek.nix
View File

@ -23,7 +23,7 @@ in
Type = "oneshot";
ExecStart = ''
${pkgs.sundtek}/bin/mediasrv -d -v -p ${pkgs.sundtek}/bin ;\
${pkgs.sundtek}/bin/mediaclient --start=5 --wait-for-devices
${pkgs.sundtek}/bin/mediaclient --start --wait-for-devices
'';
ExecStop = "${pkgs.sundtek}/bin/mediaclient --shutdown";
RemainAfterExit = true;

6
nixos/modules/services/networking/connman.nix
View File

@ -53,13 +53,13 @@ in {
config = mkIf cfg.enable {
assertions = [{
assertion = config.networking.useDHCP == false;
assertion = !config.networking.useDHCP;
message = "You can not use services.networking.connman with services.networking.useDHCP";
}{
assertion = config.networking.wireless.enable == true;
assertion = config.networking.wireless.enable;
message = "You must use services.networking.connman with services.networking.wireless";
}{
assertion = config.networking.networkmanager.enable == false;
assertion = !config.networking.networkmanager.enable;
message = "You can not use services.networking.connman with services.networking.networkmanager";
}];

294
nixos/modules/services/networking/i2pd.nix
View File

@ -12,21 +12,69 @@ let
toOneZero = b: if b then "1" else "0";
mkEndpointOpt = name: addr: port: {
name = mkOption {
type = types.str;
default = name;
description = "The endpoint name.";
};
address = mkOption {
type = types.str;
default = addr;
description = "Bind address for ${name} endpoint. Default: " + addr;
};
port = mkOption {
type = types.int;
default = port;
description = "Bind port for ${name} endoint. Default: " + toString port;
};
};
commonTunOpts = let
i2cpOpts = {
length = mkOption {
type = types.int;
description = "Guaranteed minimum hops.";
default = 3;
};
quantity = mkOption {
type = types.int;
description = "Number of simultaneous tunnels.";
default = 5;
};
};
in name: {
outbound = i2cpOpts;
inbound = i2cpOpts;
crypto.tagsToSend = mkOption {
type = types.int;
description = "Number of ElGamal/AES tags to send.";
default = 40;
};
destination = mkOption {
type = types.str;
description = "Remote endpoint, I2P hostname or b32.i2p address.";
};
keys = mkOption {
type = types.str;
default = name + "-keys.dat";
description = "Keyset used for tunnel identity.";
};
} // mkEndpointOpt name "127.0.0.1" 0;
i2pdConf = pkgs.writeText "i2pd.conf" ''
v6 = ${toOneZero cfg.enableIPv6}
unreachable = ${toOneZero cfg.unreachable}
ipv6 = ${toOneZero cfg.enableIPv6}
notransit = ${toOneZero cfg.notransit}
floodfill = ${toOneZero cfg.floodfill}
${if isNull cfg.port then "" else "port = ${toString cfg.port}"}
httpproxyport = ${toString cfg.proxy.httpPort}
socksproxyport = ${toString cfg.proxy.socksPort}
ircaddress = ${cfg.irc.host}
ircport = ${toString cfg.irc.port}
ircdest = ${cfg.irc.dest}
irckeys = ${cfg.irc.keyFile}
eepport = ${toString cfg.eep.port}
${if isNull cfg.sam.port then "" else "--samport=${toString cfg.sam.port}"}
eephost = ${cfg.eep.host}
eepkeys = ${cfg.eep.keyFile}
${flip concatMapStrings
(collect (proto: proto ? port && proto ? address && proto ? name) cfg.proto)
(proto: let portStr = toString proto.port; in ''
[${proto.name}]
address = ${proto.address}
port = ${toString proto.port}
'')
}
'';
i2pdTunnelConf = pkgs.writeText "i2pd-tunnels.conf" ''
@ -39,10 +87,15 @@ let
keys = ${tun.keys}
address = ${tun.address}
port = ${toString tun.port}
inbound.length = ${toString tun.inbound.length}
outbound.length = ${toString tun.outbound.length}
inbound.quantity = ${toString tun.inbound.quantity}
outbound.quantity = ${toString tun.outbound.quantity}
crypto.tagsToSend = ${toString tun.crypto.tagsToSend}
'')
}
${flip concatMapStrings
(collect (tun: tun ? port && tun ? host) cfg.outTunnels)
(collect (tun: tun ? port && tun ? host) cfg.inTunnels)
(tun: let portStr = toString tun.port; in ''
[${tun.name}]
type = server
@ -59,10 +112,10 @@ let
i2pdSh = pkgs.writeScriptBin "i2pd" ''
#!/bin/sh
${if isNull cfg.extIp then extip else ""}
${pkgs.i2pd}/bin/i2pd --log=1 --daemon=0 --service=0 \
${pkgs.i2pd}/bin/i2pd --log=1 \
--host=${if isNull cfg.extIp then "$EXTIP" else cfg.extIp} \
--conf=${i2pdConf} \
--tunnelscfg=${i2pdTunnelConf}
--tunconf=${i2pdTunnelConf}
'';
in
@ -91,11 +144,11 @@ in
'';
};
unreachable = mkOption {
notransit = mkOption {
type = types.bool;
default = false;
description = ''
If the router is declared to be unreachable and needs introduction nodes.
Tells the router to not accept transit tunnels during startup.
'';
};
@ -111,7 +164,7 @@ in
type = with types; nullOr int;
default = null;
description = ''
I2P listen port. If no one is given the router will pick between 9111 and 30777.
I2P listen port. If no one is given the router will pick between 9111 and 30777.
'';
};
@ -123,184 +176,53 @@ in
'';
};
http = {
port = mkOption {
type = types.int;
default = 7070;
description = ''
HTTP listen port.
'';
};
};
proxy = {
httpPort = mkOption {
type = types.int;
default = 4446;
description = ''
HTTP proxy listen port.
'';
};
socksPort = mkOption {
type = types.int;
default = 4447;
description = ''
SOCKS proxy listen port.
'';
};
};
irc = {
host = mkOption {
type = types.str;
default = "127.0.0.1";
description = ''
Address to forward incoming traffic to. 127.0.0.1 by default.
'';
};
dest = mkOption {
type = types.str;
default = "irc.postman.i2p";
description = ''
Destination I2P tunnel endpoint address of IRC server. irc.postman.i2p by default.
'';
};
port = mkOption {
type = types.int;
default = 6668;
description = ''
Local IRC tunnel endoint port to listen on. 6668 by default.
'';
};
keyFile = mkOption {
type = types.str;
default = "privKeys.dat";
description = ''
File name containing destination keys. privKeys.dat by default.
'';
};
};
eep = {
host = mkOption {
type = types.str;
default = "127.0.0.1";
description = ''
Address to forward incoming traffic to. 127.0.0.1 by default.
'';
};
port = mkOption {
type = types.int;
default = 80;
description = ''
Port to forward incoming traffic to. 80 by default.
'';
};
keyFile = mkOption {
type = types.str;
default = "privKeys.dat";
description = ''
File name containing destination keys. privKeys.dat by default.
'';
};
};
sam = {
port = mkOption {
type = with types; nullOr int;
default = null;
description = ''
Local SAM tunnel endpoint. Usually 7656. SAM is disabled if not specified.
'';
};
};
proto.http = mkEndpointOpt "http" "127.0.0.1" 7070;
proto.sam = mkEndpointOpt "sam" "127.0.0.1" 7656;
proto.bob = mkEndpointOpt "bob" "127.0.0.1" 2827;
proto.i2pControl = mkEndpointOpt "i2pcontrol" "127.0.0.1" 7650;
proto.httpProxy = mkEndpointOpt "httpproxy" "127.0.0.1" 4446;
proto.socksProxy = mkEndpointOpt "socksproxy" "127.0.0.1" 4447;
outTunnels = mkOption {
default = {};
type = with types; loaOf optionSet;
description = ''
'';
options = [ ({ name, config, ... }: {
options = {
name = mkOption {
type = types.str;
description = "The name of the tunnel.";
};
destination = mkOption {
type = types.str;
description = "Remote endpoint, I2P hostname or b32.i2p address.";
};
keys = mkOption {
type = types.str;
default = name + "-keys.dat";
description = "Keyset used for tunnel identity.";
};
address = mkOption {
type = types.str;
default = "127.0.0.1";
description = "Local bind address for tunnel.";
};
port = mkOption {
type = types.int;
default = 0;
description = "Local tunnel listen port.";
};
};
config = {
name = mkDefault name;
};
}) ];
type = with types; loaOf optionSet;
description = ''
Connect to someone as a client and establish a local accept endpoint
'';
options = [ ({ name, config, ... }: {
options = commonTunOpts name;
config = {
name = mkDefault name;
};
}) ];
};
inTunnels = mkOption {
default = {};
type = with types; loaOf optionSet;
description = ''
'';
options = [ ({ name, config, ... }: {
type = with types; loaOf optionSet;
description = ''
Serve something on I2P network at port and delegate requests to address inPort.
'';
options = [ ({ name, config, ... }: {
options = {
options = {
inPort = mkOption {
type = types.int;
default = 0;
description = "Service port. Default to the tunnel's listen port.";
};
accessList = mkOption {
type = with types; listOf str;
default = [];
description = "I2P nodes that are allowed to connect to this service.";
};
} // commonTunOpts name;
name = mkOption {
type = types.str;
description = "The name of the tunnel.";
};
keys = mkOption {
type = types.path;
default = name + "-keys.dat";
description = "Keyset used for tunnel identity.";
};
address = mkOption {
type = types.str;
default = "127.0.0.1";
description = "Local service IP address.";
};
port = mkOption {
type = types.int;
default = 0;
description = "Local tunnel listen port.";
};
inPort = mkOption {
type = types.int;
default = 0;
description = "I2P service port. Default to the tunnel's listen port.";
};
accessList = mkOption {
type = with types; listOf str;
default = [];
description = "I2P nodes that are allowed to connect to this service.";
};
config = {
name = mkDefault name;
};
};
config = {
name = mkDefault name;
};
}) ];
}) ];
};
};
};

13
nixos/modules/services/networking/ssh/sshd.nix
View File

@ -52,6 +52,8 @@ let
));
in listToAttrs (map mkAuthKeyFile usersWithKeys);
supportOldHostKeys = !versionAtLeast config.system.stateVersion "15.07";
in
{
@ -177,7 +179,7 @@ in
default =
[ { type = "rsa"; bits = 4096; path = "/etc/ssh/ssh_host_rsa_key"; }
{ type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; }
] ++ optionals (!versionAtLeast config.system.stateVersion "15.07")
] ++ optionals supportOldHostKeys
[ { type = "dsa"; path = "/etc/ssh/ssh_host_dsa_key"; }
{ type = "ecdsa"; bits = 521; path = "/etc/ssh/ssh_host_ecdsa_key"; }
];
@ -347,6 +349,15 @@ in
${flip concatMapStrings cfg.hostKeys (k: ''
HostKey ${k.path}
'')}
# Allow DSA client keys for now. (These were deprecated
# in OpenSSH 7.0.)
PubkeyAcceptedKeyTypes +ssh-dss
# Re-enable DSA host keys for now.
${optionalString supportOldHostKeys ''
HostKeyAlgorithms +ssh-dss
''}
'';
assertions = [{ assertion = if cfg.forwardX11 then cfgc.setXAuthLocation else true;

12
nixos/modules/services/networking/tinc.nix
View File

@ -95,6 +95,16 @@ in
'';
};
chroot = mkOption {
default = true;
type = types.bool;
description = ''
Change process root directory to the directory where the config file is located (/etc/tinc/netname/), for added security.
The chroot is performed after all the initialization is done, after writing pid files and opening network sockets.
Note that tinc can't run scripts anymore (such as tinc-down or host-up), unless it is setup to be runnable inside chroot environment.
'';
};
};
};
};
@ -166,7 +176,7 @@ in
fi
'';
script = ''
tincd -D -U tinc.${network} -n ${network} --pidfile /run/tinc.${network}.pid -d ${toString data.debugLevel}
tincd -D -U tinc.${network} -n ${network} ${optionalString (data.chroot) "-R"} --pidfile /run/tinc.${network}.pid -d ${toString data.debugLevel}
'';
})
);

2
nixos/modules/services/networking/unifi.nix
View File

@ -61,6 +61,8 @@ in
partOf = systemdMountPoints;
bindsTo = systemdMountPoints;
unitConfig.RequiresMountsFor = stateDir;
# This a HACK to fix missing dependencies of dynamic libs extracted from jars
environment.LD_LIBRARY_PATH = with pkgs.stdenv; "${cc.cc}/lib";
preStart = ''
# Ensure privacy of state

28
nixos/modules/services/networking/wpa_supplicant.nix
View File

@ -8,11 +8,15 @@ let
${optionalString cfg.userControlled.enable ''
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=${cfg.userControlled.group}
update_config=1''}
${concatStringsSep "\n" (mapAttrsToList (ssid: networkConfig: ''
${concatStringsSep "\n" (mapAttrsToList (ssid: networkConfig: let
psk = if networkConfig.psk != null
then ''"${networkConfig.psk}"''
else networkConfig.pskRaw;
in ''
network={
ssid="${ssid}"
${optionalString (networkConfig.psk != null) ''psk="${networkConfig.psk}"''}
${optionalString (networkConfig.psk == null) ''key_mgmt=NONE''}
${optionalString (psk != null) ''psk=${psk}''}
${optionalString (psk == null) ''key_mgmt=NONE''}
}
'') cfg.networks)}
'' else "/etc/wpa_supplicant.conf";
@ -49,6 +53,19 @@ in {
Be aware that these will be written to the nix store
in plaintext!
Mutually exclusive with <varname>pskRaw</varname>.
'';
};
pskRaw = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
The network's pre-shared key in hex defaulting
to being a network without any authentication.
Mutually exclusive with <varname>psk</varname>.
'';
};
};
@ -95,6 +112,11 @@ in {
config = mkMerge [
(mkIf cfg.enable {
assertions = flip mapAttrsToList cfg.networks (name: cfg: {
assertion = cfg.psk == null || cfg.pskRaw == null;
message = ''networking.wireless."${name}".psk and networking.wireless."${name}".pskRaw are mutually exclusive'';
});
environment.systemPackages = [ pkgs.wpa_supplicant ];
services.dbus.packages = [ pkgs.wpa_supplicant ];

13
nixos/modules/services/search/elasticsearch.nix
View File

@ -9,6 +9,8 @@ let
network.host: ${cfg.listenAddress}
network.port: ${toString cfg.port}
network.tcp.port: ${toString cfg.tcp_port}
# TODO: find a way to enable security manager
security.manager.enabled: false
cluster.name: ${cfg.cluster_name}
${cfg.extraConf}
'';
@ -39,8 +41,8 @@ in {
package = mkOption {
description = "Elasticsearch package to use.";
default = pkgs.elasticsearch;
defaultText = "pkgs.elasticsearch";
default = pkgs.elasticsearch2;
defaultText = "pkgs.elasticsearch2";
type = types.package;
};
@ -129,7 +131,9 @@ in {
wantedBy = [ "multi-user.target" ];
after = [ "network-interfaces.target" ];
path = [ pkgs.inetutils ];
environment = { ES_HOME = cfg.dataDir; };
environment = {
ES_HOME = cfg.dataDir;
};
serviceConfig = {
ExecStart = "${cfg.package}/bin/elasticsearch -Des.path.conf=${configDir} ${toString cfg.extraCmdLineOptions}";
User = "elasticsearch";
@ -137,10 +141,11 @@ in {
};
preStart = ''
mkdir -m 0700 -p ${cfg.dataDir}
if [ "$(id -u)" = 0 ]; then chown -R elasticsearch ${cfg.dataDir}; fi
# Install plugins
ln -sfT ${esPlugins}/plugins ${cfg.dataDir}/plugins
ln -sfT ${cfg.package}/lib ${cfg.dataDir}/lib
if [ "$(id -u)" = 0 ]; then chown -R elasticsearch ${cfg.dataDir}; fi
'';
postStart = mkBefore ''
until ${pkgs.curl.bin}/bin/curl -s -o /dev/null ${cfg.listenAddress}:${toString cfg.port}; do

59
nixos/modules/services/search/kibana.nix
View File

@ -7,37 +7,33 @@ let
cfgFile = pkgs.writeText "kibana.json" (builtins.toJSON (
(filterAttrsRecursive (n: v: v != null) ({
server = {
host = cfg.listenAddress;
port = cfg.port;
ssl = {
cert = cfg.cert;
key = cfg.key;
};
};
host = cfg.listenAddress;
port = cfg.port;
ssl_cert_file = cfg.cert;
ssl_key_file = cfg.key;
kibana = {
index = cfg.index;
defaultAppId = cfg.defaultAppId;
};
kibana_index = cfg.index;
default_app_id = cfg.defaultAppId;
elasticsearch = {
url = cfg.elasticsearch.url;
username = cfg.elasticsearch.username;
password = cfg.elasticsearch.password;
ssl = {
cert = cfg.elasticsearch.cert;
key = cfg.elasticsearch.key;
ca = cfg.elasticsearch.ca;
};
};
elasticsearch_url = cfg.elasticsearch.url;
kibana_elasticsearch_username = cfg.elasticsearch.username;
kibana_elasticsearch_password = cfg.elasticsearch.password;
kibana_elasticsearch_cert = cfg.elasticsearch.cert;
kibana_elasticsearch_key = cfg.elasticsearch.key;
ca = cfg.elasticsearch.ca;
logging = {
verbose = cfg.logLevel == "verbose";
quiet = cfg.logLevel == "quiet";
silent = cfg.logLevel == "silent";
dest = "stdout";
};
bundled_plugin_ids = [
"plugins/dashboard/index"
"plugins/discover/index"
"plugins/doc/index"
"plugins/kibana/index"
"plugins/markdown_vis/index"
"plugins/metric_vis/index"
"plugins/settings/index"
"plugins/table_vis/index"
"plugins/vis_types/index"
"plugins/visualize/index"
];
} // cfg.extraConf)
)));
in {
@ -118,12 +114,6 @@ in {
};
};
logLevel = mkOption {
description = "Kibana log level";
default = "normal";
type = types.enum ["verbose" "normal" "silent" "quiet"];
};
package = mkOption {
description = "Kibana package to use";
default = pkgs.kibana;
@ -149,6 +139,7 @@ in {
description = "Kibana Service";
wantedBy = [ "multi-user.target" ];
after = [ "network-interfaces.target" "elasticsearch.service" ];
environment = { BABEL_CACHE_PATH = "${cfg.dataDir}/.babelcache.json"; };
serviceConfig = {
ExecStart = "${cfg.package}/bin/kibana --config ${cfgFile}";
User = "kibana";

156
nixos/modules/services/security/haka.nix Normal file
View File

@ -0,0 +1,156 @@
# This module defines global configuration for Haka.
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.haka;
haka = cfg.package;
hakaConf = pkgs.writeText "haka.conf"
''
[general]
configuration = ${if lib.strings.hasPrefix "/" cfg.configFile
then "${cfg.configFile}"
else "${haka}/share/haka/sample/${cfg.configFile}"}
${optionalString (builtins.lessThan 0 cfg.threads) "thread = ${cfg.threads}"}
[packet]
${optionalString cfg.pcap ''module = "packet/pcap"''}
${optionalString cfg.nfqueue ''module = "packet/nqueue"''}
${optionalString cfg.dump.enable ''dump = "yes"''}
${optionalString cfg.dump.enable ''dump_input = "${cfg.dump.input}"''}
${optionalString cfg.dump.enable ''dump_output = "${cfg.dump.output}"''}
interfaces = "${lib.strings.concatStringsSep "," cfg.interfaces}"
[log]
# Select the log module
module = "log/syslog"
# Set the default logging level
#level = "info,packet=debug"
[alert]
# Select the alert module
module = "alert/syslog"
# Disable alert on standard output
#alert_on_stdout = no
# alert/file module option
#file = "/dev/null"
'';
in
{
###### interface
options = {
services.haka = {
enable = mkEnableOption "Haka";
package = mkOption {
default = pkgs.haka;
type = types.package;
description = "
Which Haka derivation to use.
";
};
configFile = mkOption {
default = "empty.lua";
example = "/srv/haka/myfilter.lua";
type = types.string;
description = ''
Specify which configuration file Haka uses.
It can be absolute path or a path relative to the sample directory of
the haka git repo.
'';
};
interfaces = mkOption {
default = [ "eth0" ];
example = [ "any" ];
type = with types; listOf string;
description = ''
Specify which interface(s) Haka listens to.
Use 'any' to listen to all interfaces.
'';
};
threads = mkOption {
default = 0;
example = 4;
type = types.int;
description = ''
The number of threads that will be used.
All system threads are used by default.
'';
};
pcap = mkOption {
default = true;
example = false;
type = types.bool;
description = "Whether to enable pcap";
};
nfqueue = mkEnableOption "nfqueue";
dump.enable = mkEnableOption "dump";
dump.input = mkOption {
default = "/tmp/input.pcap";
example = "/path/to/file.pcap";
type = types.path;
description = "Path to file where incoming packets are dumped";
};
dump.output = mkOption {
default = "/tmp/output.pcap";
example = "/path/to/file.pcap";
type = types.path;
description = "Path to file where outgoing packets are dumped";
};
};
};
###### implementation
config = mkIf cfg.enable {
assertions = [
{ assertion = cfg.pcap != cfg.nfqueue;
message = "either pcap or nfqueue can be enabled, not both.";
}
{ assertion = cfg.nfqueue -> !dump.enable;
message = "dump can only be used with nfqueue.";
}
{ assertion = cfg.interfaces != [];
message = "at least one interface must be specified.";
}];
environment.systemPackages = [ haka ];
systemd.services.haka = {
description = "Haka";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig = {
ExecStart = "${haka}/bin/haka -c ${hakaConf}";
ExecStop = "${haka}/bin/hakactl stop";
User = "root";
Type = "forking";
};
};
};
}

4
nixos/modules/services/web-servers/apache-httpd/mediawiki.nix
View File

@ -83,11 +83,11 @@ let
# Unpack Mediawiki and put the config file in its root directory.
mediawikiRoot = pkgs.stdenv.mkDerivation rec {
name= "mediawiki-1.23.9";
name= "mediawiki-1.23.13";
src = pkgs.fetchurl {
url = "http://download.wikimedia.org/mediawiki/1.23/${name}.tar.gz";
sha256 = "1l7k4g0pgz92yvrfr52w26x740s4362v0gc95pk0i30vn2sp5bql";
sha256 = "168wpf53n4ksj2g5q5r0hxapx6238dvsfng5ff9ixk6axsn0j5d0";
};
skins = config.skins;

8
nixos/modules/services/x11/desktop-managers/default.nix
View File

@ -64,7 +64,13 @@ in
else if any (w: w.name == defaultDM) cfg.session.list then
defaultDM
else
throw "Default desktop manager ($(defaultDM)) not found.";
throw ''
Default desktop manager (${defaultDM}) not found.
Probably you want to change
services.xserver.desktopManager.default = "${defaultDM}";
to one of
${concatMapStringsSep "\n " (w: "services.xserver.desktopManager.default = \"${w.name}\";") cfg.session.list}
'';
};
};

2
nixos/modules/services/x11/desktop-managers/gnome3.nix
View File

@ -64,7 +64,7 @@ in {
environment.gnome3.packageSet = mkOption {
type = types.nullOr types.package;
default = null;
example = literalExample "pkgs.gnome3_16";
example = literalExample "pkgs.gnome3_18";
description = "Which GNOME 3 package set to use.";
apply = p: if p == null then pkgs.gnome3 else p;
};

6
nixos/modules/services/x11/desktop-managers/kde4.nix
View File

@ -108,6 +108,12 @@ in
sed -e '/nix\\store\|nix\/store/ d' -i $HOME/.config/Trolltech.conf
fi
# Load PulseAudio module for routing support.
# See http://colin.guthr.ie/2009/10/so-how-does-the-kde-pulseaudio-support-work-anyway/
${optionalString config.hardware.pulseaudio.enable ''
${config.hardware.pulseaudio.package}/bin/pactl load-module module-device-manager "do_routing=1"
''}
# Start KDE.
exec ${kde_workspace}/bin/startkde
'';

10
nixos/modules/services/x11/desktop-managers/kde5.nix
View File

@ -55,7 +55,15 @@ in
services.xserver.desktopManager.session = singleton {
name = "kde5";
bgSupport = true;
start = ''exec startkde;'';
start = ''
# Load PulseAudio module for routing support.
# See http://colin.guthr.ie/2009/10/so-how-does-the-kde-pulseaudio-support-work-anyway/
${optionalString config.hardware.pulseaudio.enable ''
${config.hardware.pulseaudio.package}/bin/pactl load-module module-device-manager "do_routing=1"
''}
exec startkde
'';
};
security.setuidOwners = singleton {

3
nixos/modules/services/x11/display-managers/default.nix
View File

@ -83,9 +83,6 @@ let
# Publish access credentials in the root window.
${config.hardware.pulseaudio.package.out}/bin/pactl load-module module-x11-publish "display=$DISPLAY"
# Keep track of devices. Mostly useful for Phonon/KDE.
${config.hardware.pulseaudio.package.out}/bin/pactl load-module module-device-manager "do_routing=1"
''}
# Tell systemd about our $DISPLAY. This is needed by the

2
nixos/modules/services/x11/display-managers/lightdm.nix
View File

@ -86,7 +86,7 @@ in
};
background = mkOption {
type = types.path;
type = types.str;
description = ''
The background image or color to use.
'';

29
nixos/modules/services/x11/hardware/synaptics.nix
View File

@ -62,6 +62,13 @@ in {
description = "Cursor speed factor for highest-speed finger motion.";
};
scrollDelta = mkOption {
type = types.nullOr types.int;
default = null;
example = 75;
description = "Move distance of the finger for a scroll event.";
};
twoFingerScroll = mkOption {
type = types.bool;
default = false;
@ -122,6 +129,20 @@ in {
description = "Whether to enable palm detection (hardware support required)";
};
palmMinWidth = mkOption {
type = types.nullOr types.int;
default = null;
example = 5;
description = "Minimum finger width at which touch is considered a palm";
};
palmMinZ = mkOption {
type = types.nullOr types.int;
default = null;
example = 20;
description = "Minimum finger pressure at which touch is considered a palm";
};
horizontalScroll = mkOption {
type = types.bool;
default = true;
@ -174,8 +195,12 @@ in {
Option "HorizTwoFingerScroll" "${if cfg.horizTwoFingerScroll then "1" else "0"}"
Option "VertEdgeScroll" "${if cfg.vertEdgeScroll then "1" else "0"}"
Option "HorizEdgeScroll" "${if cfg.horizEdgeScroll then "1" else "0"}"
${if cfg.palmDetect then ''Option "PalmDetect" "1"'' else ""}
${if cfg.horizontalScroll then "" else ''Option "HorizScrollDelta" "0"''}
${optionalString cfg.palmDetect ''Option "PalmDetect" "1"''}
${optionalString (cfg.palmMinWidth != null) ''Option "PalmMinWidth" "${toString cfg.palmMinWidth}"''}
${optionalString (cfg.palmMinZ != null) ''Option "PalmMinZ" "${toString cfg.palmMinZ}"''}
${optionalString (cfg.scrollDelta != null) ''Option "VertScrollDelta" "${toString cfg.scrollDelta}"''}
${if !cfg.horizontalScroll then ''Option "HorizScrollDelta" "0"''
else (optionalString (cfg.scrollDelta != null) ''Option "HorizScrollDelta" "${toString cfg.scrollDelta}"'')}
${cfg.additionalOptions}
EndSection
'';

2
nixos/modules/services/x11/window-managers/i3.nix
View File

@ -34,6 +34,6 @@ in
'';
}];
};
environment.systemPackages = with pkgs; [ i3 i3status dmenu ];
environment.systemPackages = with pkgs; [ i3 ];
};
}

2
nixos/modules/system/activation/switch-to-configuration.pl
View File

@ -323,7 +323,7 @@ foreach my $device (keys %$prevSwaps) {
# Should we have systemd re-exec itself?
my $prevSystemd = abs_path("/proc/1/exe") or die;
my $prevSystemd = abs_path("/proc/1/exe") // "/unknown";
my $newSystemd = abs_path("@systemd@/lib/systemd/systemd") or die;
my $restartSystemd = $prevSystemd ne $newSystemd;

170
nixos/modules/system/boot/initrd-network.nix
View File

@ -3,9 +3,28 @@
with lib;
let
cfg = config.boot.initrd.network;
udhcpcScript = pkgs.writeScript "udhcp-script"
''
#! /bin/sh
if [ "$1" = bound ]; then
ip address add "$ip/$mask" dev "$interface"
if [ -n "$router" ]; then
ip route add default via "$router" dev "$interface"
fi
if [ -n "$dns" ]; then
rm -f /etc/resolv.conf
for i in $dns; do
echo "nameserver $dns" >> /etc/resolv.conf
done
fi
fi
'';
in
{
options = {
@ -14,82 +33,25 @@ in
type = types.bool;
default = false;
description = ''
Add network connectivity support to initrd.
Network options are configured via <literal>ip</literal> kernel
option, according to the kernel documentation.
Add network connectivity support to initrd. The network may be
configured using the <literal>ip</literal> kernel parameter,
as described in <link
xlink:href="https://www.kernel.org/doc/Documentation/filesystems/nfs/nfsroot.txt">the
kernel documentation</link>. Otherwise, if
<option>networking.useDHCP</option> is enabled, an IP address
is acquired using DHCP.
'';
};
boot.initrd.network.ssh.enable = mkOption {
type = types.bool;
default = false;
boot.initrd.network.postCommands = mkOption {
default = "";
type = types.lines;
description = ''
Start SSH service during initrd boot. It can be used to debug failing
boot on a remote server, enter pasphrase for an encrypted partition etc.
Service is killed when stage-1 boot is finished.
Shell commands to be executed after stage 1 of the
boot has initialised the network.
'';
};
boot.initrd.network.ssh.port = mkOption {
type = types.int;
default = 22;
description = ''
Port on which SSH initrd service should listen.
'';
};
boot.initrd.network.ssh.shell = mkOption {
type = types.str;
default = "/bin/ash";
description = ''
Login shell of the remote user. Can be used to limit actions user can do.
'';
};
boot.initrd.network.ssh.hostRSAKey = mkOption {
type = types.nullOr types.path;
default = null;
description = ''
RSA SSH private key file in the Dropbear format.
WARNING: This key is contained insecurely in the global Nix store. Do NOT
use your regular SSH host private keys for this purpose or you'll expose
them to regular users!
'';
};
boot.initrd.network.ssh.hostDSSKey = mkOption {
type = types.nullOr types.path;
default = null;
description = ''
DSS SSH private key file in the Dropbear format.
WARNING: This key is contained insecurely in the global Nix store. Do NOT
use your regular SSH host private keys for this purpose or you'll expose
them to regular users!
'';
};
boot.initrd.network.ssh.hostECDSAKey = mkOption {
type = types.nullOr types.path;
default = null;
description = ''
ECDSA SSH private key file in the Dropbear format.
WARNING: This key is contained insecurely in the global Nix store. Do NOT
use your regular SSH host private keys for this purpose or you'll expose
them to regular users!
'';
};
boot.initrd.network.ssh.authorizedKeys = mkOption {
type = types.listOf types.str;
default = config.users.extraUsers.root.openssh.authorizedKeys.keys;
description = ''
Authorized keys for the root user on initrd.
'';
};
};
@ -99,51 +61,43 @@ in
boot.initrd.extraUtilsCommands = ''
copy_bin_and_libs ${pkgs.mkinitcpio-nfs-utils}/bin/ipconfig
'' + optionalString cfg.ssh.enable ''
copy_bin_and_libs ${pkgs.dropbear}/bin/dropbear
cp -pv ${pkgs.glibc.out}/lib/libnss_files.so.* $out/lib
'';
boot.initrd.extraUtilsCommandsTest = optionalString cfg.ssh.enable ''
$out/bin/dropbear -V
'';
boot.initrd.preLVMCommands = mkBefore (
# Search for interface definitions in command line.
''
for o in $(cat /proc/cmdline); do
case $o in
ip=*)
ipconfig $o && hasNetwork=1
;;
esac
done
''
boot.initrd.postEarlyDeviceCommands = ''
# Search for interface definitions in command line
for o in $(cat /proc/cmdline); do
case $o in
ip=*)
ipconfig $o && hasNetwork=1
;;
esac
done
'' + optionalString cfg.ssh.enable ''
if [ -n "$hasNetwork" ]; then
mkdir /dev/pts
mount -t devpts devpts /dev/pts
# Otherwise, use DHCP.
+ optionalString config.networking.useDHCP ''
if [ -z "$hasNetwork" ]; then
mkdir -p /etc
echo 'root:x:0:0:root:/root:${cfg.ssh.shell}' > /etc/passwd
echo '${cfg.ssh.shell}' > /etc/shells
echo 'passwd: files' > /etc/nsswitch.conf
# Bring up all interfaces.
for iface in $(cd /sys/class/net && ls); do
echo "bringing up network interface $iface..."
ip link set "$iface" up
done
mkdir -p /var/log
touch /var/log/lastlog
# Acquire a DHCP lease.
echo "acquiring IP address via DHCP..."
udhcpc --quit --now --script ${udhcpcScript} && hasNetwork=1
fi
''
mkdir -p /etc/dropbear
${optionalString (cfg.ssh.hostRSAKey != null) "ln -s ${cfg.ssh.hostRSAKey} /etc/dropbear/dropbear_rsa_host_key"}
${optionalString (cfg.ssh.hostDSSKey != null) "ln -s ${cfg.ssh.hostDSSKey} /etc/dropbear/dropbear_dss_host_key"}
${optionalString (cfg.ssh.hostECDSAKey != null) "ln -s ${cfg.ssh.hostECDSAKey} /etc/dropbear/dropbear_ecdsa_host_key"}
mkdir -p /root/.ssh
${concatStrings (map (key: ''
echo -n ${escapeShellArg key} >> /root/.ssh/authorized_keys
'') cfg.ssh.authorizedKeys)}
dropbear -s -j -k -E -m -p ${toString cfg.ssh.port}
fi
'';
+ ''
if [ -n "$hasNetwork" ]; then
echo "networking is up!"
${cfg.postCommands}
fi
'');
};
}

124
nixos/modules/system/boot/initrd-ssh.nix Normal file
View File

@ -0,0 +1,124 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.boot.initrd.network.ssh;
in
{
options = {
boot.initrd.network.ssh.enable = mkOption {
type = types.bool;
default = false;
description = ''
Start SSH service during initrd boot. It can be used to debug failing
boot on a remote server, enter pasphrase for an encrypted partition etc.
Service is killed when stage-1 boot is finished.
'';
};
boot.initrd.network.ssh.port = mkOption {
type = types.int;
default = 22;
description = ''
Port on which SSH initrd service should listen.
'';
};
boot.initrd.network.ssh.shell = mkOption {
type = types.str;
default = "/bin/ash";
description = ''
Login shell of the remote user. Can be used to limit actions user can do.
'';
};
boot.initrd.network.ssh.hostRSAKey = mkOption {
type = types.nullOr types.path;
default = null;
description = ''
RSA SSH private key file in the Dropbear format.
WARNING: This key is contained insecurely in the global Nix store. Do NOT
use your regular SSH host private keys for this purpose or you'll expose
them to regular users!
'';
};
boot.initrd.network.ssh.hostDSSKey = mkOption {
type = types.nullOr types.path;
default = null;
description = ''
DSS SSH private key file in the Dropbear format.
WARNING: This key is contained insecurely in the global Nix store. Do NOT
use your regular SSH host private keys for this purpose or you'll expose
them to regular users!
'';
};
boot.initrd.network.ssh.hostECDSAKey = mkOption {
type = types.nullOr types.path;
default = null;
description = ''
ECDSA SSH private key file in the Dropbear format.
WARNING: This key is contained insecurely in the global Nix store. Do NOT
use your regular SSH host private keys for this purpose or you'll expose
them to regular users!
'';
};
boot.initrd.network.ssh.authorizedKeys = mkOption {
type = types.listOf types.str;
default = config.users.extraUsers.root.openssh.authorizedKeys.keys;
description = ''
Authorized keys for the root user on initrd.
'';
};
};
config = mkIf (config.boot.initrd.network.enable && cfg.enable) {
boot.initrd.extraUtilsCommands = ''
copy_bin_and_libs ${pkgs.dropbear}/bin/dropbear
cp -pv ${pkgs.glibc}/lib/libnss_files.so.* $out/lib
'';
boot.initrd.extraUtilsCommandsTest = ''
$out/bin/dropbear -V
'';
boot.initrd.network.postCommands = ''
mkdir /dev/pts
mount -t devpts devpts /dev/pts
echo '${cfg.shell}' > /etc/shells
echo 'root:x:0:0:root:/root:${cfg.shell}' > /etc/passwd
echo 'passwd: files' > /etc/nsswitch.conf
mkdir -p /var/log
touch /var/log/lastlog
mkdir -p /etc/dropbear
${optionalString (cfg.hostRSAKey != null) "ln -s ${cfg.hostRSAKey} /etc/dropbear/dropbear_rsa_host_key"}
${optionalString (cfg.hostDSSKey != null) "ln -s ${cfg.hostDSSKey} /etc/dropbear/dropbear_dss_host_key"}
${optionalString (cfg.hostECDSAKey != null) "ln -s ${cfg.hostECDSAKey} /etc/dropbear/dropbear_ecdsa_host_key"}
mkdir -p /root/.ssh
${concatStrings (map (key: ''
echo -n ${escapeShellArg key} >> /root/.ssh/authorized_keys
'') cfg.authorizedKeys)}
dropbear -s -j -k -E -m -p ${toString cfg.port}
'';
};
}

3
nixos/modules/system/boot/kernel.nix
View File

@ -184,6 +184,9 @@ in
"ide_disk"
"ide_generic"
# SD cards and internal eMMC drives.
"mmc_block"
# Support USB keyboards, in case the boot fails and we only have
# a USB keyboard.
"uhci_hcd"

9
nixos/modules/system/boot/loader/init-script/init-script-builder.sh
View File

@ -80,8 +80,13 @@ for generation in $(
| sort -n -r); do
link=/nix/var/nix/profiles/system-$generation-link
date=$(stat --printf="%y\n" $link | sed 's/\..*//')
kernelVersion=$(cd $(dirname $(readlink -f $link/kernel))/lib/modules && echo *)
addEntry "NixOS - Configuration $generation ($date - $kernelVersion)" $link "$generation ($date)"
if [ -d $link/kernel ]; then
kernelVersion=$(cd $(dirname $(readlink -f $link/kernel))/lib/modules && echo *)
suffix="($date - $kernelVersion)"
else
suffix="($date)"
fi
addEntry "NixOS - Configuration $generation $suffix" $link "$generation ($date)"
done
mv $tmpOther $targetOther

4
nixos/modules/system/boot/stage-1-init.sh
View File

@ -150,10 +150,6 @@ udevadm trigger --action=add
udevadm settle
# Additional devices initialization.
@postEarlyDeviceCommands@
# Load boot-time keymap before any LVM/LUKS initialization
@extraUtils@/bin/busybox loadkmap < "@busyboxKeymap@"

20
nixos/modules/system/boot/stage-1.nix
View File

@ -66,10 +66,6 @@ let
copy_bin_and_libs $BIN
done
# Copy modprobe.
copy_bin_and_libs ${pkgs.kmod}/bin/kmod
ln -sf kmod $out/bin/modprobe
# Copy resize2fs if needed.
${optionalString (any (fs: fs.autoResize) (attrValues config.fileSystems)) ''
# We need mke2fs in the initrd.
@ -161,7 +157,9 @@ let
--replace /sbin/blkid ${extraUtils}/bin/blkid \
--replace ${pkgs.lvm2}/sbin ${extraUtils}/bin \
--replace /sbin/mdadm ${extraUtils}/bin/mdadm \
--replace /bin/sh ${extraUtils}/bin/sh
--replace /bin/sh ${extraUtils}/bin/sh \
--replace /usr/bin/readlink ${extraUtils}/bin/readlink \
--replace /usr/bin/basename ${extraUtils}/bin/basename
done
# Work around a bug in QEMU, which doesn't implement the "READ
@ -203,13 +201,13 @@ let
inherit (config.boot) resumeDevice devSize runSize;
inherit (config.boot.initrd) checkJournalingFS
preLVMCommands preDeviceCommands postEarlyDeviceCommands postDeviceCommands postMountCommands kernelModules;
preLVMCommands preDeviceCommands postDeviceCommands postMountCommands kernelModules;
resumeDevices = map (sd: if sd ? device then sd.device else "/dev/disk/by-label/${sd.label}")
(filter (sd: (sd ? label || hasPrefix "/dev/" sd.device) && !sd.randomEncryption) config.swapDevices);
fsInfo =
let f = fs: [ fs.mountPoint (if fs.device != null then fs.device else "/dev/disk/by-label/${fs.label}") fs.fsType fs.options ];
let f = fs: [ fs.mountPoint (if fs.device != null then fs.device else "/dev/disk/by-label/${fs.label}") fs.fsType (builtins.concatStringsSep "," fs.options) ];
in pkgs.writeText "initrd-fsinfo" (concatStringsSep "\n" (concatMap f fileSystems));
setHostId = optionalString (config.networking.hostId != null) ''
@ -322,14 +320,6 @@ in
'';
};
boot.initrd.postEarlyDeviceCommands = mkOption {
default = "";
type = types.lines;
description = ''
Shell commands to be executed early after creation of device nodes.
'';
};
boot.initrd.postMountCommands = mkOption {
default = "";
type = types.lines;

18
nixos/modules/tasks/filesystems.nix
View File

@ -41,11 +41,15 @@ let
};
options = mkOption {
default = "defaults";
example = "data=journal";
type = types.commas; # FIXME: should be a list
default = [ "defaults" ];
example = [ "data=journal" ];
description = "Options used to mount the file system.";
};
} // (if versionAtLeast lib.nixpkgsVersion "16.09" then {
type = types.listOf types.str;
} else {
type = types.either types.commas (types.listOf types.str);
apply = x: if isList x then x else lib.strings.splitString "," (builtins.trace "warning: passing a comma-separated string for filesystem options is deprecated; use a list of strings instead. This will become a hard error in 16.09." x);
});
autoFormat = mkOption {
default = false;
@ -112,7 +116,7 @@ in
"/data" = {
device = "/dev/hda2";
fsType = "ext3";
options = "data=journal";
options = [ "data=journal" ];
};
"/bigdisk".label = "bigdisk";
};
@ -127,7 +131,7 @@ in
<command>mount</command>; defaults to
<literal>"auto"</literal>), and <literal>options</literal>
(the mount options passed to <command>mount</command> using the
<option>-o</option> flag; defaults to <literal>"defaults"</literal>).
<option>-o</option> flag; defaults to <literal>[ "defaults" ]</literal>).
Instead of specifying <literal>device</literal>, you can also
specify a volume label (<literal>label</literal>) for file
@ -177,7 +181,7 @@ in
else throw "No device specified for mount point ${fs.mountPoint}.")
+ " " + fs.mountPoint
+ " " + fs.fsType
+ " " + fs.options
+ " " + builtins.concatStringsSep "," fs.options
+ " 0"
+ " " + (if skipCheck fs then "0" else
if fs.mountPoint == "/" then "1" else "2")

45
nixos/modules/tasks/kbd.nix
View File

@ -12,6 +12,8 @@ let
FONT=${config.i18n.consoleFont}
${colors}
'';
setVconsole = !config.boot.isContainer;
in
{
@ -41,26 +43,33 @@ in
###### implementation
config = {
config = mkMerge [
(mkIf (!setVconsole) {
systemd.services."systemd-vconsole-setup".enable = false;
})
environment.systemPackages = [ pkgs.kbd ];
(mkIf setVconsole {
environment.systemPackages = [ pkgs.kbd ];
# Let systemd-vconsole-setup.service do the work of setting up the
# virtual consoles. FIXME: trigger a restart of
# systemd-vconsole-setup.service if /etc/vconsole.conf changes.
environment.etc."vconsole.conf".source = vconsoleConf;
# Let systemd-vconsole-setup.service do the work of setting up the
# virtual consoles. FIXME: trigger a restart of
# systemd-vconsole-setup.service if /etc/vconsole.conf changes.
environment.etc = [ {
target = "vconsole.conf";
source = vconsoleConf;
} ];
# This is identical to the systemd-vconsole-setup.service unit
# shipped with systemd, except that it uses /dev/tty1 instead of
# /dev/tty0 to prevent putting the X server in non-raw mode, and
# it has a restart trigger.
systemd.services."systemd-vconsole-setup" =
{ wantedBy = [ "multi-user.target" ];
before = [ "display-manager.service" ];
after = [ "systemd-udev-settle.service" ];
restartTriggers = [ vconsoleConf ];
};
};
# This is identical to the systemd-vconsole-setup.service unit
# shipped with systemd, except that it uses /dev/tty1 instead of
# /dev/tty0 to prevent putting the X server in non-raw mode, and
# it has a restart trigger.
systemd.services."systemd-vconsole-setup" =
{ wantedBy = [ "multi-user.target" ];
before = [ "display-manager.service" ];
after = [ "systemd-udev-settle.service" ];
restartTriggers = [ vconsoleConf ];
};
})
];
}

7
nixos/modules/tasks/network-interfaces-scripted.nix
View File

@ -144,15 +144,12 @@ in
fi
${config.systemd.package}/bin/systemctl start ip-up.target
'';
preStop =
''
echo "releasing configured ip's..."
'' + flip concatMapStrings (ips) (ip:
preStop = flip concatMapStrings (ips) (ip:
let
address = "${ip.address}/${toString ip.prefixLength}";
in
''
echo -n "Deleting ${address}..."
echo -n "deleting ${address}..."
ip addr del "${address}" dev "${i.name}" >/dev/null 2>&1 || echo -n " Failed"
echo ""
'');

2
nixos/modules/tasks/network-interfaces.nix
View File

@ -927,7 +927,7 @@ in
pkgs.nettools
pkgs.openresolv
]
++ optionals (!config.boot.isContainer) [
++ optionals config.networking.wireless.enable [
pkgs.wirelesstools # FIXME: obsolete?
pkgs.iw
pkgs.rfkill

29
nixos/modules/virtualisation/amazon-image.nix
View File

@ -20,8 +20,7 @@ let cfg = config.ec2; in
autoResize = true;
};
boot.initrd.kernelModules = [ "xen-blkfront" ];
boot.kernelModules = [ "xen-netfront" ];
boot.initrd.kernelModules = [ "xen-blkfront" "xen-netfront" ];
boot.kernelParams = mkIf cfg.hvm [ "console=ttyS0" ];
# Prevent the nouveau kernel module from being loaded, as it
@ -44,6 +43,8 @@ let cfg = config.ec2; in
kill -9 -1
'';
boot.initrd.network.enable = true;
# Mount all formatted ephemeral disks and activate all swap devices.
# We cannot do this with the fileSystems and swapDevices options
# because the set of devices is dependent on the instance type
@ -55,6 +56,28 @@ let cfg = config.ec2; in
# Nix operations.
boot.initrd.postMountCommands =
''
metaDir=$targetRoot/etc/ec2-metadata
mkdir -m 0755 -p "$metaDir"
echo "getting EC2 instance metadata..."
if ! [ -e "$metaDir/ami-manifest-path" ]; then
wget -q -O "$metaDir/ami-manifest-path" http://169.254.169.254/1.0/meta-data/ami-manifest-path
fi
if ! [ -e "$metaDir/user-data" ]; then
wget -q -O "$metaDir/user-data" http://169.254.169.254/1.0/user-data
chmod 600 "$metaDir/user-data"
fi
if ! [ -e "$metaDir/hostname" ]; then
wget -q -O "$metaDir/hostname" http://169.254.169.254/1.0/meta-data/hostname
fi
if ! [ -e "$metaDir/public-keys-0-openssh-key" ]; then
wget -q -O "$metaDir/public-keys-0-openssh-key" http://169.254.169.254/1.0/meta-data/public-keys/0/openssh-key
fi
diskNr=0
diskForUnionfs=
for device in /dev/xvd[abcde]*; do
@ -81,7 +104,7 @@ let cfg = config.ec2; in
mkdir -m 1777 -p $targetRoot/$diskForUnionfs/root/tmp $targetRoot/tmp
mount --bind $targetRoot/$diskForUnionfs/root/tmp $targetRoot/tmp
if [ ! -e $targetRoot/.ebs ]; then
if [ "$(cat "$metaDir/ami-manifest-path")" != "(unknown)" ]; then
mkdir -m 755 -p $targetRoot/$diskForUnionfs/root/var $targetRoot/var
mount --bind $targetRoot/$diskForUnionfs/root/var $targetRoot/var

23
nixos/modules/virtualisation/amazon-init.nix
View File

@ -4,18 +4,17 @@
let
bootScript = pkgs.writeScript "bootscript.sh" ''
#!${pkgs.stdenv.shell} -eux
#!${pkgs.stdenv.shell} -eu
echo "attempting to fetch configuration from user-data..."
echo "attempting to fetch configuration from EC2 user data..."
export PATH=${config.nix.package}/bin:${pkgs.wget}/bin:${pkgs.systemd}/bin:${pkgs.gnugrep}/bin:${pkgs.gnused}/bin:${config.system.build.nixos-rebuild}/bin:$PATH
export PATH=${config.nix.package}/bin:${pkgs.systemd}/bin:${pkgs.gnugrep}/bin:${pkgs.gnused}/bin:${config.system.build.nixos-rebuild}/bin:$PATH
export NIX_PATH=/nix/var/nix/profiles/per-user/root/channels/nixos:nixos-config=/etc/nixos/configuration.nix:/nix/var/nix/profiles/per-user/root/channels
userData="$(mktemp)"
wget -q --wait=1 --tries=0 --retry-connrefused -O - http://169.254.169.254/2011-01-01/user-data > "$userData"
userData=/etc/ec2-metadata/user-data
if [ -s "$userData" ]; then
if [[ $? -eq 0 ]]; then
echo "user-data fetched"
# If the user-data looks like it could be a nix expression,
# copy it over. Also, look for a magic three-hash comment and set
# that as the channel.
@ -30,17 +29,17 @@ let
nix-channel --update
fi
echo "setting configuration"
echo "setting configuration from EC2 user data"
cp "$userData" /etc/nixos/configuration.nix
else
echo "user-data does not appear to be a nix expression; ignoring"
echo "user data does not appear to be a Nix expression; ignoring"
exit
fi
else
echo "failed to fetch user-data"
echo "no user data is available"
exit
fi
type -f nixos-rebuild
nixos-rebuild switch
'';
in {

9
nixos/modules/virtualisation/azure-agent.nix
View File

@ -8,10 +8,11 @@ let
waagent = with pkgs; stdenv.mkDerivation rec {
name = "waagent-2.0";
src = pkgs.fetchgit {
url = https://github.com/Phreedom/WALinuxAgent.git;
rev = "9dba81c7b1239c7971ec96e405e403c7cd224e6b";
sha256 = "0khxk3ns3z37v26f2qj6m3m698a0vqpc9bxg5p7fyr3xza5gzwhs";
src = pkgs.fetchFromGitHub {
owner = "phreedom";
repo = "WALinuxAgent";
rev = "1d31fe8cbc7f842993eed9b33a3d3f5410c364e3";
sha256 = "1s53pfmy3azp0rmympmnphyq96sr9jy07pbsfza6mdzpalx1ripl";
};
buildInputs = [ makeWrapper python pythonPackages.wrapPython ];
runtimeDeps = [ findutils gnugrep gawk coreutils openssl openssh

38
nixos/modules/virtualisation/ec2-data.nix
View File

@ -1,6 +1,6 @@
# This module defines a systemd service that obtains the SSH key and
# host name of virtual machines running on Amazon EC2, Eucalyptus and
# OpenStack Compute (Nova).
# This module defines a systemd service that sets the SSH host key and
# authorized client key and host name of virtual machines running on
# Amazon EC2, Eucalyptus and OpenStack Compute (Nova).
{ config, lib, pkgs, ... }:
@ -9,55 +9,49 @@ with lib;
{
config = {
systemd.services.fetch-ec2-data =
{ description = "Fetch EC2 Data";
systemd.services.apply-ec2-data =
{ description = "Apply EC2 Data";
wantedBy = [ "multi-user.target" "sshd.service" ];
before = [ "sshd.service" ];
wants = [ "ip-up.target" ];
after = [ "ip-up.target" ];
path = [ pkgs.wget pkgs.iproute ];
path = [ pkgs.iproute ];
script =
''
wget="wget -q --retry-connrefused -O -"
${optionalString (config.networking.hostName == "") ''
echo "setting host name..."
${pkgs.nettools}/bin/hostname $($wget http://169.254.169.254/1.0/meta-data/hostname)
if [ -s /etc/ec2-metadata/hostname ]; then
${pkgs.nettools}/bin/hostname $(cat /etc/ec2-metadata/hostname)
fi
''}
# Don't download the SSH key if it has already been injected
# into the image (a Nova feature).
if ! [ -e /root/.ssh/authorized_keys ]; then
echo "obtaining SSH key..."
mkdir -m 0700 -p /root/.ssh
$wget http://169.254.169.254/1.0/meta-data/public-keys/0/openssh-key > /root/key.pub
if [ $? -eq 0 -a -e /root/key.pub ]; then
cat /root/key.pub >> /root/.ssh/authorized_keys
if [ -s /etc/ec2-metadata/public-keys-0-openssh-key ]; then
cat /etc/ec2-metadata/public-keys-0-openssh-key >> /root/.ssh/authorized_keys
echo "new key added to authorized_keys"
chmod 600 /root/.ssh/authorized_keys
rm -f /root/key.pub
fi
fi
# Extract the intended SSH host key for this machine from
# the supplied user data, if available. Otherwise sshd will
# generate one normally.
$wget http://169.254.169.254/2011-01-01/user-data > /root/user-data || true
userData=/etc/ec2-metadata/user-data
mkdir -m 0755 -p /etc/ssh
key="$(sed 's/|/\n/g; s/SSH_HOST_DSA_KEY://; t; d' /root/user-data)"
key_pub="$(sed 's/SSH_HOST_DSA_KEY_PUB://; t; d' /root/user-data)"
key="$(sed 's/|/\n/g; s/SSH_HOST_DSA_KEY://; t; d' $userData)"
key_pub="$(sed 's/SSH_HOST_DSA_KEY_PUB://; t; d' $userData)"
if [ -n "$key" -a -n "$key_pub" -a ! -e /etc/ssh/ssh_host_dsa_key ]; then
(umask 077; echo "$key" > /etc/ssh/ssh_host_dsa_key)
echo "$key_pub" > /etc/ssh/ssh_host_dsa_key.pub
fi
key="$(sed 's/|/\n/g; s/SSH_HOST_ED25519_KEY://; t; d' /root/user-data)"
key_pub="$(sed 's/SSH_HOST_ED25519_KEY_PUB://; t; d' /root/user-data)"
key="$(sed 's/|/\n/g; s/SSH_HOST_ED25519_KEY://; t; d' $userData)"
key_pub="$(sed 's/SSH_HOST_ED25519_KEY_PUB://; t; d' $userData)"
if [ -n "$key" -a -n "$key_pub" -a ! -e /etc/ssh/ssh_host_ed25519_key ]; then
(umask 077; echo "$key" > /etc/ssh/ssh_host_ed25519_key)
echo "$key_pub" > /etc/ssh/ssh_host_ed25519_key.pub

13
nixos/modules/virtualisation/qemu-vm.nix
View File

@ -110,6 +110,7 @@ let
# Generate a hard disk image containing a /boot partition and GRUB
# in the MBR. Used when the `useBootLoader' option is set.
# FIXME: use nixos/lib/make-disk-image.nix.
bootDisk =
pkgs.vmTools.runInLinuxVM (
pkgs.runCommand "nixos-boot-disk"
@ -427,38 +428,38 @@ in
${if cfg.writableStore then "/nix/.ro-store" else "/nix/store"} =
{ device = "store";
fsType = "9p";
options = "trans=virtio,version=9p2000.L,cache=loose";
options = [ "trans=virtio" "version=9p2000.L" "cache=loose" ];
neededForBoot = true;
};
"/tmp/xchg" =
{ device = "xchg";
fsType = "9p";
options = "trans=virtio,version=9p2000.L,cache=loose";
options = [ "trans=virtio" "version=9p2000.L" "cache=loose" ];
neededForBoot = true;
};
"/tmp/shared" =
{ device = "shared";
fsType = "9p";
options = "trans=virtio,version=9p2000.L";
options = [ "trans=virtio" "version=9p2000.L" ];
neededForBoot = true;
};
} // optionalAttrs cfg.writableStore
{ "/nix/store" =
{ fsType = "unionfs-fuse";
device = "unionfs";
options = "allow_other,cow,nonempty,chroot=/mnt-root,max_files=32768,hide_meta_files,dirs=/nix/.rw-store=rw:/nix/.ro-store=ro";
options = [ "allow_other" "cow" "nonempty" "chroot=/mnt-root" "max_files=32768" "hide_meta_files" "dirs=/nix/.rw-store=rw:/nix/.ro-store=ro" ];
};
} // optionalAttrs (cfg.writableStore && cfg.writableStoreUseTmpfs)
{ "/nix/.rw-store" =
{ fsType = "tmpfs";
options = "mode=0755";
options = [ "mode=0755" ];
neededForBoot = true;
};
} // optionalAttrs cfg.useBootLoader
{ "/boot" =
{ device = "/dev/vdb2";
fsType = "vfat";
options = "ro";
options = [ "ro" ];
noCheck = true; # fsck fails on a r/o filesystem
};
});

1
nixos/release.nix
View File

@ -248,6 +248,7 @@ in rec {
tests.ipv6 = callTest tests/ipv6.nix {};
tests.jenkins = callTest tests/jenkins.nix {};
tests.kde4 = callTest tests/kde4.nix {};
tests.initrdNetwork = callTest tests/initrd-network.nix {};
tests.kubernetes = hydraJob (import tests/kubernetes.nix { system = "x86_64-linux"; });
tests.latestKernel.login = callTest tests/login.nix { latestKernel = true; };
#tests.lightdm = callTest tests/lightdm.nix {};

4
nixos/tests/chromium.nix
View File

@ -2,8 +2,8 @@ import ./make-test.nix (
{ pkgs
, channelMap ? {
stable = pkgs.chromium;
beta = pkgs.chromiumBeta;
dev = pkgs.chromiumDev;
#beta = pkgs.chromiumBeta;
#dev = pkgs.chromiumDev;
}
, ...
}: rec {

12
nixos/tests/ec2.nix
View File

@ -10,9 +10,10 @@ let
inherit system;
modules = [
../maintainers/scripts/ec2/amazon-image.nix
../../nixos/modules/testing/test-instrumentation.nix
{ boot.initrd.kernelModules = [ "virtio" "virtio_blk" "virtio_pci" "virtio_ring" ];
ec2.hvm = true;
../modules/testing/test-instrumentation.nix
../modules/profiles/minimal.nix
../modules/profiles/qemu-guest.nix
{ ec2.hvm = true;
# Hack to make the partition resizing work in QEMU.
boot.initrd.postDeviceCommands = mkBefore
@ -33,6 +34,7 @@ let
ln -s ${pkgs.writeText "userData" userData} $out/2011-01-01/user-data
mkdir -p $out/1.0/meta-data
echo "${hostname}" > $out/1.0/meta-data/hostname
echo "(unknown)" > $out/1.0/meta-data/ami-manifest-path
'' + optionalString (sshPublicKey != null) ''
mkdir -p $out/1.0/meta-data/public-keys/0
ln -s ${pkgs.writeText "sshPublicKey" sshPublicKey} $out/1.0/meta-data/public-keys/0/openssh-key
@ -56,7 +58,7 @@ let
# again when it deletes link-local addresses.) Ideally we'd
# turn off the DHCP server, but qemu does not have an option
# to do that.
my $startCommand = "qemu-kvm -m 768 -net nic -net 'user,net=169.0.0.0/8,guestfwd=tcp:169.254.169.254:80-cmd:${pkgs.micro-httpd}/bin/micro_httpd ${metaData}'";
my $startCommand = "qemu-kvm -m 768 -net nic,vlan=0,model=virtio -net 'user,vlan=0,net=169.0.0.0/8,guestfwd=tcp:169.254.169.254:80-cmd:${pkgs.micro-httpd}/bin/micro_httpd ${metaData}'";
$startCommand .= " -drive file=$diskImage,if=virtio,werror=report";
$startCommand .= " \$QEMU_OPTS";
@ -92,6 +94,8 @@ in {
$machine->waitForFile("/root/user-data");
$machine->waitForUnit("sshd.service");
$machine->succeed("grep unknown /etc/ec2-metadata/ami-manifest-path");
# We have no keys configured on the client side yet, so this should fail
$machine->fail("ssh -o BatchMode=yes localhost exit");

24
nixos/tests/haka.nix Normal file
View File

@ -0,0 +1,24 @@
# This test runs haka and probes it with hakactl
import ./make-test.nix ({ pkgs, ...} : {
name = "haka";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ tvestelind ];
};
nodes = {
haka =
{ config, pkgs, ... }:
{
services.haka.enable = true;
};
};
testScript = ''
startAll;
$haka->waitForUnit("haka.service");
$haka->succeed("hakactl status");
$haka->succeed("hakactl stop");
'';
})

22
nixos/tests/initrd-network.nix Normal file
View File

@ -0,0 +1,22 @@
import ./make-test.nix ({ pkgs, ...} : {
name = "initrd-network";
meta.maintainers = [ pkgs.stdenv.lib.maintainers.eelco ];
machine = { config, pkgs, ... }: {
imports = [ ../modules/profiles/minimal.nix ];
boot.initrd.network.enable = true;
boot.initrd.network.postCommands =
''
ip addr | grep 10.0.2.15 || exit 1
ping -c1 10.0.2.2 || exit 1
'';
};
testScript =
''
startAll;
$machine->waitForUnit("multi-user.target");
$machine->succeed("ip link >&2");
'';
})

2
nixos/tests/misc.nix
View File

@ -16,7 +16,7 @@ import ./make-test.nix ({ pkgs, ...} : {
systemd.tmpfiles.rules = [ "d /tmp 1777 root root 10d" ];
fileSystems = mkVMOverride { "/tmp2" =
{ fsType = "tmpfs";
options = "mode=1777,noauto";
options = [ "mode=1777" "noauto" ];
};
};
systemd.automounts = singleton

2
nixos/tests/nfs.nix
View File

@ -8,7 +8,7 @@ let
[ { mountPoint = "/data";
device = "server:/data";
fsType = "nfs";
options = "vers=${toString version}";
options = [ "vers=${toString version}" ];
}
];
networking.firewall.enable = false; # FIXME: only open statd

4
nixos/tests/simple.nix
View File

@ -4,7 +4,9 @@ import ./make-test.nix ({ pkgs, ...} : {
maintainers = [ eelco ];
};
machine = { config, pkgs, ... }: { };
machine = { config, pkgs, ... }: {
imports = [ ../modules/profiles/minimal.nix ];
};
testScript =
''

4
pkgs/applications/audio/abcde/default.nix
View File

@ -1,4 +1,4 @@
{ stdenv, fetchurl, libcdio, cddiscid, wget, bash, vorbis-tools, id3v2, eyeD3
{ stdenv, fetchurl, libcdio, cddiscid, wget, bash, which, vorbis-tools, id3v2, eyeD3
, lame, flac, eject, mkcue
, perl, DigestSHA, MusicBrainz, MusicBrainzDiscID
, makeWrapper }:
@ -50,7 +50,7 @@ in
--replace '#!/usr/bin/perl' '#!${perl}/bin/perl'
wrapProgram "$out/bin/abcde" --prefix PATH ":" \
"$out/bin:${libcdio}/bin:${cddiscid}/bin:${wget}/bin:${vorbis-tools}/bin:${id3v2}/bin:${eyeD3}/bin:${lame}/bin"
"$out/bin:${which}/bin:${libcdio}/bin:${cddiscid}/bin:${wget}/bin:${vorbis-tools}/bin:${id3v2}/bin:${eyeD3}/bin:${lame}/bin:${flac}/bin"
wrapProgram "$out/bin/cddb-tool" --prefix PATH ":" \
"${wget}/bin"

3
pkgs/applications/audio/deadbeef/default.nix
View File

@ -12,6 +12,7 @@
, midiSupport ? false, wildmidi ? null
, wavpackSupport ? false, wavpack ? null
, ffmpegSupport ? false, ffmpeg ? null
, apeSupport ? true, yasm ? null
# misc plugins
, zipSupport ? true, libzip ? null
, artworkSupport ? true, imlib2 ? null
@ -38,6 +39,7 @@ assert cdaSupport -> (libcdio != null && libcddb != null);
assert aacSupport -> faad2 != null;
assert zipSupport -> libzip != null;
assert ffmpegSupport -> ffmpeg != null;
assert apeSupport -> yasm != null;
assert artworkSupport -> imlib2 != null;
assert hotkeysSupport -> libX11 != null;
assert osdSupport -> dbus != null;
@ -68,6 +70,7 @@ stdenv.mkDerivation rec {
++ optional aacSupport faad2
++ optional zipSupport libzip
++ optional ffmpegSupport ffmpeg
++ optional apeSupport yasm
++ optional artworkSupport imlib2
++ optional hotkeysSupport libX11
++ optional osdSupport dbus

11
pkgs/applications/audio/faust/faust1.nix
View File

@ -1,6 +1,6 @@
{ stdenv
, coreutils
, fetchgit
, fetchurl
, makeWrapper
, pkgconfig
}:
@ -9,12 +9,11 @@ with stdenv.lib.strings;
let
version = "8-1-2015";
version = "0.9.73";
src = fetchgit {
url = git://git.code.sf.net/p/faudiostream/code;
rev = "4db76fdc02b6aec8d15a5af77fcd5283abe963ce";
sha256 = "f1ac92092ee173e4bcf6b2cb1ac385a7c390fb362a578a403b2b6edd5dc7d5d0";
src = fetchurl {
url = "http://downloads.sourceforge.net/project/faudiostream/faust-${version}.tgz";
sha256 = "0x2scxkwvvjx7b7smj5xb8kr269qakf49z3fxpasd9g7025q44k5";
};
meta = with stdenv.lib; {

0
pkgs/applications/audio/faust/default.nix → pkgs/applications/audio/faust/faust2.nix
View File

4
pkgs/applications/audio/ladspa-sdk/default.nix
View File

@ -3,7 +3,7 @@ stdenv.mkDerivation rec {
name = "ladspa-sdk-${version}";
version = "1.13";
src = fetchurl {
url = "http://www.ladspa.org/download/ladspa_sdk_${version}.tgz";
url = "http://http.debian.net/debian/pool/main/l/ladspa-sdk/ladspa-sdk_${version}.orig.tar.gz";
sha256 = "0srh5n2l63354bc0srcrv58rzjkn4gv8qjqzg8dnq3rs4m7kzvdm";
};
@ -17,7 +17,7 @@ stdenv.mkDerivation rec {
description = "The SDK for the LADSPA audio plugin standard";
longDescription = ''
The LADSPA SDK, including the ladspa.h API header file,
ten example LADSPA plugins and
ten example LADSPA plugins and
three example programs (applyplugin, analyseplugin and listplugins).
'';
homepage = http://www.ladspa.org/ladspa_sdk/overview.html;

35
pkgs/applications/audio/ladspa-sdk/ladspah.nix
View File

@ -1,17 +1,26 @@
{ runCommand, fetchurl }:
let
{ stdenv, fetchurl }:
stdenv.mkDerivation rec {
name = "ladspa.h-${version}";
version = "1.13";
src = fetchurl {
url = http://www.ladspa.org/ladspa_sdk/ladspa.h.txt;
sha256 = "1b908csn85ng9sz5s5d1mqk711cmawain2z8px2ajngihdrynb67";
url = "http://http.debian.net/debian/pool/main/l/ladspa-sdk/ladspa-sdk_${version}.orig.tar.gz";
sha256 = "0srh5n2l63354bc0srcrv58rzjkn4gv8qjqzg8dnq3rs4m7kzvdm";
};
in
runCommand "ladspa.h"
{ meta.description = "LADSPA format audio plugins"; }
''
installPhase = ''
mkdir -p $out/include
cp ${src} $out/include/ladspa.h
''
cp src/ladspa.h $out/include/ladspa.h
'';
meta = {
description = "LADSPA format audio plugins header file";
longDescription = ''
The ladspa.h API header file from the LADSPA SDK.
For the full SDK, use the ladspa-sdk package.
'';
homepage = http://www.ladspa.org/ladspa_sdk/overview.html;
license = stdenv.lib.licenses.lgpl2;
maintainers = [ stdenv.lib.maintainers.magnetophon ];
platforms = stdenv.lib.platforms.all;
};
}

6
pkgs/applications/audio/non/default.nix
View File

@ -4,12 +4,12 @@ ladspaH, liblrdf, liblo, libsigcxx
stdenv.mkDerivation rec {
name = "non-${version}";
version = "2015-12-16";
version = "2016-02-07";
src = fetchFromGitHub {
owner = "original-male";
repo = "non";
rev = "5d274f430c867f73ed1dcb306b49be0371d28128";
sha256 = "1yckac3r1hqn5p450j4lf4349v4knjj7n9s5p3wdcvxhs0pjv2sy";
rev = "1ef382fbbea598fdb56b25244a703c64ecaf8446";
sha256 = "1mi3nm0nrrqlk36920irvqf5080lbnj1qc8vnxspgwkjjqgdc22g";
};
buildInputs = [ pkgconfig python2 cairo libjpeg ntk libjack2 libsndfile

36
pkgs/applications/audio/qtscrobbler/default.nix Normal file
View File

@ -0,0 +1,36 @@
{ stdenv, lib, fetchurl, withMtp ? true, libmtp, pkgconfig, which, qt4 }:
stdenv.mkDerivation rec {
name = "qtscrobbler-${version}";
version = "0.11";
src = fetchurl {
url = "mirror://sourceforge/qtscrob/qtscrob/${version}/qtscrob-${version}.tar.bz2";
sha256 = "01c8e48f616ed09504833d27d92fd62f455bd645ea2d1cc2a5f4c287d641daba";
};
nativeBuildInputs = lib.optionals withMtp [ pkgconfig which ];
buildInputs = [ qt4 ] ++ lib.optional withMtp libmtp;
enableParallelBuilding = true;
postPatch = ''
cd src
sed -i "s,/usr/local,$out," common.pri
'';
configurePhase = "qmake";
meta = with lib; {
description = "Qt based last.fm scrobbler";
longDescription = ''
QTScrobbler is a tool to upload information about the tracks you have played from your Digital Audio Player (DAP) to your last.fm account.
It is able to gather this information from Apple iPods or DAPs running the Rockbox replacement firmware.
'';
homepage = http://qtscrob.sourceforge.net;
license = licenses.gpl2;
maintainers = [ maintainers.vanzef ];
platforms = platforms.linux;
};
}

73
pkgs/applications/audio/sonata/default.nix Normal file
View File

@ -0,0 +1,73 @@
{ pkgs, stdenv, fetchFromGitHub, pkgconfig, intltool, wrapGAppsHook,
python, buildPythonPackage, isPy3k,
gnome3, gtk3, gobjectIntrospection,
dbus, pygobject3, mpd2 }:
with pkgs.lib;
buildPythonPackage rec {
name = "sonata-${version}";
version = "1.7b1";
namePrefix = "";
src = fetchFromGitHub {
owner = "multani";
repo = "sonata";
rev = "v${version}";
sha256 = "1npbxlrg6k154qybfd250nq2p96kxdsdkj9wwnp93gljnii3g8wh";
};
disabled = !isPy3k;
buildInputs = [
pkgconfig intltool wrapGAppsHook
gnome3.gnome_themes_standard gnome3.defaultIconTheme
gnome3.gsettings_desktop_schemas
];
postPatch = ''
# Remove "Local MPD" tab which is not suitable for NixOS.
sed -i '/localmpd/d' sonata/consts.py
'';
propagatedUserEnvPkgs = [ gnome3.gnome_themes_standard ];
propagatedBuildInputs = [
gobjectIntrospection gtk3 pygobject3
];
# The optional tagpy dependency (for editing metadata) is not yet
# included because it's difficult to build.
pythonPath = [ dbus pygobject3 mpd2 ];
meta = {
description = "An elegant client for the Music Player Daemon";
longDescription = ''
Sonata is an elegant client for the Music Player Daemon.
Written in Python and using the GTK+ 3 widget set, its features
include:
- Expanded and collapsed views
- Automatic remote and local album art
- Library browsing by folders, or by genre/artist/album
- User-configurable columns
- Automatic fetching of lyrics
- Playlist and stream support
- Support for editing song tags (not in NixOS version)
- Drag and drop to copy files
- Popup notification
- Library and playlist searching, filter as you type
- Audioscrobbler (last.fm) 1.2 support
- Multiple MPD profiles
- Keyboard friendly
- Support for multimedia keys
- Commandline control
- Available in 24 languages
'';
homepage = "http://www.nongnu.org/sonata/";
license = stdenv.lib.licenses.gpl3;
platforms = stdenv.lib.platforms.linux;
maintainers = [ stdenv.lib.maintainers.rvl ];
};
}

9
pkgs/applications/audio/spotify/default.nix
View File

@ -87,7 +87,14 @@ stdenv.mkDerivation {
# Desktop file
mkdir -p "$out/share/applications/"
cp "$out/share/spotify/spotify.desktop" "$out/share/applications/"
sed -i "s|Icon=.*|Icon=$out/share/spotify/Icons/spotify-linux-512.png|" "$out/share/applications/spotify.desktop"
# Icons
for i in 16 22 24 32 48 64 128 256 512; do
ixi="$i"x"$i"
mkdir -p "$out/share/icons/hicolor/$ixi/apps"
ln -s "$out/share/spotify/icons/spotify-linux-$i.png" \
"$out/share/icons/hicolor/$ixi/apps/spotify-client.png"
done
'';
dontStrip = true;

29
pkgs/applications/audio/timemachine/default.nix Normal file
View File

@ -0,0 +1,29 @@
{ stdenv, fetchFromGitHub, autoconf, automake, pkgconfig, gtk2
, libjack2, libsndfile
}:
stdenv.mkDerivation rec {
name = "timemachine-${version}";
version = "0.3.1";
src = fetchFromGitHub {
owner = "swh";
repo = "timemachine";
rev = "1966d8524d4e4c47c525473bab3b010a168adc98";
sha256 = "0w5alysixnvlkfl79wf7vs5wsw2vgxl3gqxxcm0zbmhjdpmjpcal";
};
buildInputs = [ autoconf automake pkgconfig gtk2 libjack2
libsndfile
];
preConfigure = "./autogen.sh";
meta = {
description = "JACK audio recorder";
homepage = http://plugin.org.uk/timemachine/;
license = stdenv.lib.licenses.lgpl2;
platforms = stdenv.lib.platforms.linux;
maintainers = [ stdenv.lib.maintainers.nico202 ];
};
}

6
pkgs/applications/display-managers/slim/default.nix
View File

@ -18,13 +18,17 @@ stdenv.mkDerivation rec {
# slim's broken PAM session handling (see
# http://developer.berlios.de/bugs/?func=detailbug&bug_id=19102&group_id=2663).
./run-once.patch
# Ensure that sessions appear in sort order, rather than in
# directory order.
./sort-sessions.patch
];
preConfigure = "substituteInPlace CMakeLists.txt --replace /lib $out/lib";
cmakeFlags = [ "-DUSE_PAM=1" ];
NIX_CFLAGS_COMPILE = "-I${freetype}/include/freetype";
NIX_CFLAGS_COMPILE = "-I${freetype}/include/freetype -std=c++11";
enableParallelBuilding = true;

40
pkgs/applications/display-managers/slim/sort-sessions.patch Normal file
View File

@ -0,0 +1,40 @@
diff -ru -x '*~' slim-1.3.6-orig/cfg.cpp slim-1.3.6/cfg.cpp
--- slim-1.3.6-orig/cfg.cpp 2013-10-02 00:38:05.000000000 +0200
+++ slim-1.3.6/cfg.cpp 2016-01-30 10:35:51.108766802 +0100
@@ -14,6 +14,7 @@
#include <iostream>
#include <unistd.h>
#include <stdlib.h>
+#include <algorithm>
#include <sys/types.h>
#include <sys/stat.h>
@@ -293,6 +294,8 @@
sessions.clear();
+ typedef pair<string,string> session_t;
+
if( !strSessionDir.empty() ) {
DIR *pDir = opendir(strSessionDir.c_str());
@@ -325,7 +328,7 @@
}
}
desktop_file.close();
- pair<string,string> session(session_name,session_exec);
+ session_t session(session_name,session_exec);
sessions.push_back(session);
cout << session_exec << " - " << session_name << endl;
}
@@ -341,6 +344,10 @@
pair<string,string> session("","");
sessions.push_back(session);
}
+
+ std::sort(sessions.begin(), sessions.end(), [](session_t& a, session_t& b) -> bool{
+ return a.first < b.first;
+ });
}
pair<string,string> Cfg::nextSession() {

4
pkgs/applications/editors/atom/default.nix
View File

@ -16,11 +16,11 @@ let
};
in stdenv.mkDerivation rec {
name = "atom-${version}";
version = "1.4.0";
version = "1.4.3";
src = fetchurl {
url = "https://github.com/atom/atom/releases/download/v${version}/atom-amd64.deb";
sha256 = "0dipww58p0sm99jn1ariisha9wsnhl7rnd8achpxqkf4b3vwi5iz";
sha256 = "15ix5ww3ny5ylgmmxpkc32li6af2vc4a2p6aymx9c472fra0c41x";
name = "${name}.deb";
};

78
pkgs/applications/editors/eclipse/default.nix
View File

@ -12,7 +12,7 @@ rec {
buildEclipse = import ./build-eclipse.nix args;
eclipse_sdk_35 = buildEclipse {
eclipse-sdk-35 = buildEclipse {
name = "eclipse-sdk-3.5.2";
description = "Eclipse Classic";
src =
@ -27,10 +27,9 @@ rec {
md5 = "bde55a2354dc224cf5f26e5320e72dac";
};
};
eclipse_sdk_35 = eclipse-sdk-35; # backward compatibility, added 2016-01-30
# !!! Use mirror://eclipse/.
eclipse_sdk_36 = buildEclipse {
eclipse-sdk-36 = buildEclipse {
name = "eclipse-sdk-3.6.2";
description = "Eclipse Classic";
src =
@ -45,9 +44,10 @@ rec {
sha256 = "1bh8ykliqr8wbciv13vpiy50rvm7yszk7y8dslr796dbwhi5b1cj";
};
};
eclipse_sdk_36 = eclipse-sdk-36; # backward compatibility, added 2016-01-30
eclipse_scala_sdk_40 = buildEclipse {
name = "eclipse-scala_sdk-4.0.0";
eclipse-scala-sdk-40 = buildEclipse {
name = "eclipse-scala-sdk-4.0.0";
description = "Eclipse IDE for Scala Developers";
src =
if stdenv.system == "x86_64-linux" then
@ -61,8 +61,9 @@ rec {
sha256 = "f422aea5903c97d212264a5a43c6ebc638aecbd4ce5e6078d92618725bc5d31e";
};
};
eclipse_scala_sdk_40 = eclipse-scala-sdk-40; # backward compatibility, added 2016-01-30
eclipse_cpp_36 = buildEclipse {
eclipse-cpp-36 = buildEclipse {
name = "eclipse-cpp-3.6.2";
description = "Eclipse IDE for C/C++ Developers";
src =
@ -77,8 +78,9 @@ rec {
sha1 = "1156e4bc0253ae3a3a4e54839e4944dc64d3108f";
};
};
eclipse_cpp_36 = eclipse-cpp-36; # backward compatibility, added 2016-01-30
eclipse_modeling_36 = buildEclipse {
eclipse-modeling-36 = buildEclipse {
name = "eclipse-modeling-3.6.2";
description = "Eclipse Modeling Tools (includes Incubating components)";
src =
@ -93,8 +95,9 @@ rec {
sha1 = "696377895bb26445de39d82a916b7e69edb1d939";
};
};
eclipse_modeling_36 = eclipse-modeling-36; # backward compatibility, added 2016-01-30
eclipse_sdk_37 = buildEclipse {
eclipse-sdk-37 = buildEclipse {
name = "eclipse-sdk-3.7";
description = "Eclipse Classic";
sources = {
@ -108,8 +111,9 @@ rec {
};
};
};
eclipse_sdk_37 = eclipse-sdk-37; # backward compatibility, added 2016-01-30
eclipse_cpp_37 = buildEclipse {
eclipse-cpp-37 = buildEclipse {
name = "eclipse-cpp-3.7";
description = "Eclipse IDE for C/C++ Developers";
src =
@ -124,8 +128,9 @@ rec {
sha256 = "1cvg1vgyazrkinwzlvlf0dpl197p4784752srqybqylyj5psdi3b";
};
};
eclipse_cpp_37 = eclipse-cpp-37; # backward compatibility, added 2016-01-30
eclipse_cpp_42 = buildEclipse {
eclipse-cpp-42 = buildEclipse {
name = "eclipse-cpp-4.2";
description = "Eclipse IDE for C/C++ Developers";
src =
@ -140,8 +145,9 @@ rec {
sha256 = "1a4s9qlhfpfpdhvffyglnfdr3dq5r2ywcxqywhqi95yhq5nmsgyk";
};
};
eclipse_cpp_42 = eclipse-cpp-42; # backward compatibility, added 2016-01-30
eclipse_cpp_43 = buildEclipse {
eclipse-cpp-43 = buildEclipse {
name = "eclipse-cpp-4.3.2";
description = "Eclipse IDE for C/C++ Developers";
src =
@ -156,41 +162,44 @@ rec {
sha256 = "0d6jlj7hwz8blx6csrlyi2h2prql0wckbh7ihwjmgclwpcpj84g6";
};
};
eclipse_cpp_43 = eclipse-cpp-43; # backward compatibility, added 2016-01-30
eclipse_cpp_44 = buildEclipse {
name = "eclipse-cpp-4.4";
eclipse-cpp-44 = buildEclipse {
name = "eclipse-cpp-4.4.2";
description = "Eclipse IDE for C/C++ Developers";
src =
if stdenv.system == "x86_64-linux" then
fetchurl {
url = http://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/technology/epp/downloads/release/luna/R/eclipse-cpp-luna-R-linux-gtk-x86_64.tar.gz;
md5 = "b0a6ee33e8108a7ff4682ab911271b04";
url = http://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/technology/epp/downloads/release/luna/SR2/eclipse-cpp-luna-SR2-linux-gtk-x86_64.tar.gz;
sha256 = "1vxwj7yihgipvrb3gksmddqkarzazpwk3mh1mjnw0i5xz2y32ba4";
}
else
fetchurl {
url = http://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/technology/epp/downloads/release/luna/R/eclipse-cpp-luna-R-linux-gtk.tar.gz;
md5 = "5000f93cecf6ef9af112f0df6e8c87f3";
url = http://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/technology/epp/downloads/release/luna/SR2/eclipse-cpp-luna-SR2-linux-gtk.tar.gz;
sha256 = "1yn7yzzx8izc199c8w4f7vrc0b08idyq0dn113i8123b0mxw5lkp";
};
};
eclipse_cpp_44 = eclipse-cpp-44; # backward compatibility, added 2016-01-30
eclipse_cpp_45 = buildEclipse {
name = "eclipse-cpp-4.5";
eclipse-cpp-45 = buildEclipse {
name = "eclipse-cpp-4.5.1";
description = "Eclipse IDE for C/C++ Developers, Mars release";
src =
if stdenv.system == "x86_64-linux" then
fetchurl {
url = http://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/technology/epp/downloads/release/mars/R/eclipse-cpp-mars-R-linux-gtk-x86_64.tar.gz;
sha1 = "11f9583e23ae68eb675107e6c9acc48e0a2520ae";
url = http://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/technology/epp/downloads/release/mars/1/eclipse-cpp-mars-1-linux-gtk-x86_64.tar.gz;
sha256 = "1j6rsgr44kya2v7y34ifscajqk7lnq1w9m9fx4i0qgby84sy4xj7";
}
else if stdenv.system == "i686-linux" then
fetchurl {
url = http://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/technology/epp/downloads/release/mars/R/eclipse-cpp-mars-R-linux-gtk.tar.gz;
sha1 = "45dddb8c8f2ec79b7e25cc13d93785863ffe4791";
url = http://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/technology/epp/downloads/release/mars/1/eclipse-cpp-mars-1-linux-gtk.tar.gz;
sha256 = "0qsbvjkq0ssxbnafh4gs8pfclynqis3nf7xlxx4w3k20jcjx7sr2";
}
else throw "Unsupported system: ${stdenv.system}";
};
eclipse_cpp_45 = eclipse-cpp-45; # backward compatibility, added 2016-01-30
eclipse_sdk_421 = buildEclipse {
eclipse-sdk-421 = buildEclipse {
name = "eclipse-sdk-4.2.1";
description = "Eclipse Classic";
src =
@ -205,8 +214,9 @@ rec {
sha256 = "1av6qm9wkbyk123qqf38f0jq4jv2bj9wp6fmpnl55zg6qr463c1w";
};
};
eclipse_sdk_421 = eclipse-sdk-421; # backward compatibility, added 2016-01-30
eclipse_sdk_422 = buildEclipse {
eclipse-sdk-422 = buildEclipse {
name = "eclipse-sdk-4.2.2";
description = "Eclipse Classic";
sources = {
@ -220,8 +230,9 @@ rec {
};
};
};
eclipse_sdk_422 = eclipse-sdk-422; # backward compatibility, added 2016-01-30
eclipse_sdk_431 = buildEclipse {
eclipse-sdk-431 = buildEclipse {
name = "eclipse-sdk-4.3.1";
description = "Eclipse Classic";
sources = {
@ -235,8 +246,9 @@ rec {
};
};
};
eclipse_sdk_431 = eclipse-sdk-431; # backward compatibility, added 2016-01-30
eclipse_sdk_44 = buildEclipse {
eclipse-sdk-44 = buildEclipse {
name = "eclipse-sdk-4.4";
description = "Eclipse Classic";
sources = {
@ -250,8 +262,9 @@ rec {
};
};
};
eclipse_sdk_44 = eclipse-sdk-44; # backward compatibility, added 2016-01-30
eclipse_sdk_442 = buildEclipse {
eclipse-sdk-442 = buildEclipse {
name = "eclipse-sdk-4.4.2";
description = "Eclipse Classic";
sources = {
@ -265,8 +278,9 @@ rec {
};
};
};
eclipse_sdk_442 = eclipse-sdk-442; # backward compatibility, added 2016-01-30
eclipse_sdk_45 = buildEclipse {
eclipse-sdk-45 = buildEclipse {
name = "eclipse-sdk-4.5";
description = "Eclipse Mars Classic";
sources = {
@ -280,8 +294,9 @@ rec {
};
};
};
eclipse_sdk_45 = eclipse-sdk-45; # backward compatibility, added 2016-01-30
eclipse_sdk_451 = buildEclipse {
eclipse-sdk-451 = buildEclipse {
name = "eclipse-sdk-4.5.1";
description = "Eclipse Mars Classic";
sources = {
@ -295,6 +310,7 @@ rec {
};
};
};
eclipse_sdk_451 = eclipse-sdk-451; # backward compatibility, added 2016-01-30
eclipse-platform = eclipse-platform-451;

12
pkgs/applications/editors/eclipse/plugins.nix
View File

@ -171,12 +171,12 @@ rec {
checkstyle = buildEclipseUpdateSite rec {
name = "checkstyle-${version}";
version = "6.11.1.201510102004";
version = "6.14.0.201601142217";
src = fetchzip {
stripRoot = false;
url = "mirror://sourceforge/project/eclipse-cs/Eclipse%20Checkstyle%20Plug-in/6.11.1/net.sf.eclipsecs-updatesite_${version}-bin.zip";
sha256 = "0l9nfx7a3qdx1pvjgc6ck4rxh7yrvqsskr190yrxxwmpnyj9cjs4";
url = "mirror://sourceforge/project/eclipse-cs/Eclipse%20Checkstyle%20Plug-in/6.14.0/net.sf.eclipsecs-updatesite_${version}-bin.zip";
sha256 = "0ysxir1fv0mb9xnidc9hv6llnk48lkav0sryjbx7pw7vy1f8nd4c";
};
meta = with stdenv.lib; {
@ -318,12 +318,12 @@ rec {
gnuarmeclipse = buildEclipseUpdateSite rec {
name = "gnuarmeclipse-${version}";
version = "2.8.1-201504061754";
version = "2.11.1-201512141335";
src = fetchzip {
stripRoot = false;
url = "mirror://sourceforge/project/gnuarmeclipse/Current%20Releases/2.x/ilg.gnuarmeclipse.repository-${version}.zip";
sha256 = "08jsnyis1ry62cidr9sl11ylyxbkwh834nlhx6qp31gh1l439px9";
url = "https://github.com/gnuarmeclipse/plug-ins/releases/download/v${version}/ilg.gnuarmeclipse.repository-${version}.zip";
sha256 = "1ijvnahfw2wc860la7kj8b52z2sfm8k1yk62bl0d4lq60y3aycg9";
};
meta = with stdenv.lib; {

2
pkgs/applications/editors/emacs-modes/color-theme-solarized/default.nix
View File

@ -27,7 +27,7 @@ stdenv.mkDerivation rec {
meta = {
description = "Precision colors for machines and people";
homepage = http://ethanschoonover.com/solarized;
maintainer = "Samuel Rivas <samuelrivas@gmail.com>";
maintainers = "Samuel Rivas <samuelrivas@gmail.com>";
license = stdenv.lib.licenses.mit;
platforms = stdenv.lib.platforms.all;

105
pkgs/applications/editors/emacs-modes/elpa-generated.nix
View File

@ -28,10 +28,10 @@
ada-mode = callPackage ({ cl-lib ? null, elpaBuild, emacs, fetchurl, lib, wisi }:
elpaBuild {
pname = "ada-mode";
version = "5.1.8";
version = "5.1.9";
src = fetchurl {
url = "http://elpa.gnu.org/packages/ada-mode-5.1.8.tar";
sha256 = "015lmliwk4qa2sbs9spxik6dnwsf1a34py6anklf92qnmzhjicy6";
url = "http://elpa.gnu.org/packages/ada-mode-5.1.9.tar";
sha256 = "04hwy9py22c4vpbk24idbyavjdjpm1akvnfigdzx35zljdrvk3l7";
};
packageRequires = [ cl-lib emacs wisi ];
meta = {
@ -148,10 +148,10 @@
}) {};
auctex = callPackage ({ elpaBuild, fetchurl, lib }: elpaBuild {
pname = "auctex";
version = "11.89";
version = "11.89.1";
src = fetchurl {
url = "http://elpa.gnu.org/packages/auctex-11.89.tar";
sha256 = "0ggk2q17wq4y9yw5b9mykk153ihphazjdj1fl4lv0zblgnrxz5l5";
url = "http://elpa.gnu.org/packages/auctex-11.89.1.tar";
sha256 = "0nqp12l5x2h0hxl8p3l6aiz4mvdf79zz84z1wl3q2prliac3xz17";
};
packageRequires = [];
meta = {
@ -188,10 +188,10 @@
avy = callPackage ({ cl-lib ? null, elpaBuild, emacs, fetchurl, lib }:
elpaBuild {
pname = "avy";
version = "0.3.0";
version = "0.4.0";
src = fetchurl {
url = "http://elpa.gnu.org/packages/avy-0.3.0.tar";
sha256 = "1ycfqabx949s7dgp9vhyb9phpxw83gjw4cc7914gr84bqlkj0458";
url = "http://elpa.gnu.org/packages/avy-0.4.0.tar";
sha256 = "1vbp37ndv5930x120n0isxxxfs8d5wqlrbnxvp6h3ahbbv0zdcsn";
};
packageRequires = [ cl-lib emacs ];
meta = {
@ -417,10 +417,10 @@
}) {};
debbugs = callPackage ({ async, elpaBuild, fetchurl, lib }: elpaBuild {
pname = "debbugs";
version = "0.8";
version = "0.9";
src = fetchurl {
url = "http://elpa.gnu.org/packages/debbugs-0.8.tar";
sha256 = "1wp5wa2a0rwvpfdzd2b78k6vd26qbyqwl4p2c2s5l7zkqy258in5";
url = "http://elpa.gnu.org/packages/debbugs-0.9.tar";
sha256 = "1wc6kw7hihqqdx8qyl01akygycnan44x400hwrcf54m3hb4isa0k";
};
packageRequires = [ async ];
meta = {
@ -445,10 +445,10 @@
diff-hl = callPackage ({ cl-lib ? null, elpaBuild, fetchurl, lib }:
elpaBuild {
pname = "diff-hl";
version = "1.8.2";
version = "1.8.3";
src = fetchurl {
url = "http://elpa.gnu.org/packages/diff-hl-1.8.2.tar";
sha256 = "1y0v5fiizkmhzafiscrcqjzxpwjcag5rx79lq3iplh58vxlmb65w";
url = "http://elpa.gnu.org/packages/diff-hl-1.8.3.tar";
sha256 = "1i3ngx5gmjl1a15y6d0xmcgdimn7ghrqkbzqisz4ra3dgwbbb3f9";
};
packageRequires = [ cl-lib ];
meta = {
@ -684,6 +684,19 @@
license = lib.licenses.free;
};
}) {};
gnome-c-style = callPackage ({ elpaBuild, fetchurl, lib }: elpaBuild {
pname = "gnome-c-style";
version = "0.1";
src = fetchurl {
url = "http://elpa.gnu.org/packages/gnome-c-style-0.1.tar";
sha256 = "09w68jbpzyyhcaqw335qpr840j7xx0j81zxxkxq4ahqv6ck27v4x";
};
packageRequires = [];
meta = {
homepage = "http://elpa.gnu.org/packages/gnome-c-style.html";
license = lib.licenses.free;
};
}) {};
gnorb = callPackage ({ cl-lib ? null, elpaBuild, fetchurl, lib }:
elpaBuild {
pname = "gnorb";
@ -923,6 +936,20 @@
license = lib.licenses.free;
};
}) {};
loccur = callPackage ({ cl-lib ? null, elpaBuild, fetchurl, lib }:
elpaBuild {
pname = "loccur";
version = "1.2.2";
src = fetchurl {
url = "http://elpa.gnu.org/packages/loccur-1.2.2.el";
sha256 = "0ij5wzxysaikiccw7mjbw1sfylvih0n6b6yyp55vn8w1z2dba0xk";
};
packageRequires = [ cl-lib ];
meta = {
homepage = "http://elpa.gnu.org/packages/loccur.html";
license = lib.licenses.free;
};
}) {};
markchars = callPackage ({ elpaBuild, fetchurl, lib }: elpaBuild {
pname = "markchars";
version = "0.2.0";
@ -1017,10 +1044,10 @@
}) {};
multishell = callPackage ({ elpaBuild, fetchurl, lib }: elpaBuild {
pname = "multishell";
version = "1.0.4";
version = "1.1.2";
src = fetchurl {
url = "http://elpa.gnu.org/packages/multishell-1.0.4.el";
sha256 = "11nx9h1c039h7md7pr1xlc3kla8n0vq6pa54i25wakf5n30019f4";
url = "http://elpa.gnu.org/packages/multishell-1.1.2.tar";
sha256 = "1y0b6ri0kgxj0jw1cyb796lsy3ipzb7syvmj7pqpx9myzpvd3hz3";
};
packageRequires = [];
meta = {
@ -1175,10 +1202,10 @@
}) {};
org = callPackage ({ elpaBuild, fetchurl, lib }: elpaBuild {
pname = "org";
version = "20160118";
version = "20160201";
src = fetchurl {
url = "http://elpa.gnu.org/packages/org-20160118.tar";
sha256 = "107jzpykg5fgd4wzppn2ayvrg2l6z7mnlq8v7r52x15400k9xnxr";
url = "http://elpa.gnu.org/packages/org-20160201.tar";
sha256 = "1lyvfpksl88c9d7k2w4k3iswgjah51k9f8fdi3jbfwivd814m9nb";
};
packageRequires = [];
meta = {
@ -1332,6 +1359,19 @@
license = lib.licenses.free;
};
}) {};
rnc-mode = callPackage ({ elpaBuild, fetchurl, lib }: elpaBuild {
pname = "rnc-mode";
version = "0.1";
src = fetchurl {
url = "http://elpa.gnu.org/packages/rnc-mode-0.1.el";
sha256 = "18hm9g05ld8i1apr28dmd9ccq6dc0w6rdqhi0k7ka95jxxdr9m6d";
};
packageRequires = [];
meta = {
homepage = "http://elpa.gnu.org/packages/rnc-mode.html";
license = lib.licenses.free;
};
}) {};
rudel = callPackage ({ elpaBuild, fetchurl, lib }: elpaBuild {
pname = "rudel";
version = "0.3";
@ -1663,10 +1703,10 @@
}) {};
wcheck-mode = callPackage ({ elpaBuild, fetchurl, lib }: elpaBuild {
pname = "wcheck-mode";
version = "2016.1.5";
version = "2016.1.30";
src = fetchurl {
url = "http://elpa.gnu.org/packages/wcheck-mode-2016.1.5.el";
sha256 = "0axd32sw1papxz4yscjg85a2li8a8m8z5fn2jzb3620700j86jb3";
url = "http://elpa.gnu.org/packages/wcheck-mode-2016.1.30.el";
sha256 = "0hzrxnslfl04h083njy7wp4hhgrqpyz0cnm73v348kr1i4wx9xjq";
};
packageRequires = [];
meta = {
@ -1729,10 +1769,10 @@
wisi = callPackage ({ cl-lib ? null, elpaBuild, emacs, fetchurl, lib }:
elpaBuild {
pname = "wisi";
version = "1.1.1";
version = "1.1.2";
src = fetchurl {
url = "http://elpa.gnu.org/packages/wisi-1.1.1.tar";
sha256 = "14bpir7kng8b4m1yna4iahhp2z0saagc2i8z53apd39msbplay3r";
url = "http://elpa.gnu.org/packages/wisi-1.1.2.tar";
sha256 = "04gryfpgbviviwbnvv3sh280pzasr59cp5xz1s0yf0n4d3rv2df3";
};
packageRequires = [ cl-lib emacs ];
meta = {
@ -1806,14 +1846,15 @@
license = lib.licenses.free;
};
}) {};
ztree = callPackage ({ elpaBuild, fetchurl, lib }: elpaBuild {
ztree = callPackage ({ cl-lib ? null, elpaBuild, fetchurl, lib }:
elpaBuild {
pname = "ztree";
version = "1.0.2";
version = "1.0.3";
src = fetchurl {
url = "http://elpa.gnu.org/packages/ztree-1.0.2.tar";
sha256 = "0rm9b7cw5md9zbgbq89kh8wb5jdjrqy9g43psdws19z6j532g665";
url = "http://elpa.gnu.org/packages/ztree-1.0.3.tar";
sha256 = "1mwzk48sah4w5jmlmzqxnwhnlnc2mf25ayhgymv24sv8c6hdllsw";
};
packageRequires = [];
packageRequires = [ cl-lib ];
meta = {
homepage = "http://elpa.gnu.org/packages/ztree.html";
license = lib.licenses.free;

8429
pkgs/applications/editors/emacs-modes/melpa-generated.nix
View File

File diff suppressed because it is too large Load Diff

3373
pkgs/applications/editors/emacs-modes/melpa-stable-generated.nix
View File

File diff suppressed because it is too large Load Diff

6
pkgs/applications/editors/idea/default.nix
View File

@ -148,14 +148,14 @@ in
android-studio = buildAndroidStudio rec {
name = "android-studio-${version}";
version = "1.5.0.4";
build = "141.2422023";
version = "1.5.1.0";
build = "141.2456560";
description = "Android development environment based on IntelliJ IDEA";
license = stdenv.lib.licenses.asl20;
src = fetchurl {
url = "https://dl.google.com/dl/android/studio/ide-zips/${version}" +
"/android-studio-ide-${build}-linux.zip";
sha256 = "1sjxs9cq7mdalxmzp6v2gwbg1w8p43c2cp5j4v212w66h5rqv11z";
sha256 = "0p6h21jd0xx3xzdrfv9530n1ssyc3xigr3fg33r8ain4k6n02vj6";
};
};

57
pkgs/applications/editors/lighttable/default.nix
View File

@ -1,6 +1,6 @@
{ stdenv, fetchurl, buildEnv, makeDesktopItem, makeWrapper, zlib, glib, alsaLib
{ stdenv, fetchurl, buildEnv, zlib, glib, alsaLib, makeDesktopItem
, dbus, gtk, atk, pango, freetype, fontconfig, libgnome_keyring3, gdk_pixbuf
, cairo, cups, expat, libgpgerror, nspr, gnome3, nss, xorg, libudev
, cairo, cups, expat, libgpgerror, nspr, gnome3, nss, xorg, libudev, libnotify
}:
let
@ -8,51 +8,58 @@ let
stdenv.cc.cc zlib glib dbus gtk atk pango freetype libgnome_keyring3 nss
fontconfig gdk_pixbuf cairo cups expat libgpgerror alsaLib nspr gnome3.gconf
xorg.libXrender xorg.libX11 xorg.libXext xorg.libXdamage xorg.libXtst
xorg.libXcomposite xorg.libXi xorg.libXfixes
];
xorg.libXcomposite xorg.libXi xorg.libXfixes libnotify xorg.libXrandr
xorg.libXcursor
];
desktopItem = makeDesktopItem {
name = "LightTable";
exec = "light";
comment = "LightTable";
desktopName = "LightTable";
genericName = "the next generation code editor";
};
in
assert stdenv.system == "i686-linux" || stdenv.system == "x86_64-linux";
stdenv.mkDerivation rec {
name = "lighttable-${version}";
version = "0.7.2";
version = "0.8.1";
src =
if stdenv.system == "i686-linux" then
fetchurl {
name = "LightTableLinux.tar.gz";
url = "https://d35ac8ww5dfjyg.cloudfront.net/playground/bins/${version}/LightTableLinux.tar.gz";
sha256 = "1q5m50r319xn9drfv3cyfja87b7dfhni9d9gmz9733idq3l5fl9i";
}
else
src =
fetchurl {
name = "LightTableLinux64.tar.gz";
url = "https://d35ac8ww5dfjyg.cloudfront.net/playground/bins/${version}/LightTableLinux64.tar.gz";
sha256 = "1jnn103v5qrplkb5ik9p8whfqclcq2r1qv666hp3jaiwb46vhf3c";
url = "https://github.com/LightTable/LightTable/releases/download/${version}/${name}-linux.tar.gz";
sha256 = "06fj725xfhf3fwrf7dya7ijmxq3v76kfmd4lr2067a92zhlwr5pv";
};
buildInputs = [ makeWrapper ];
phases = [ "installPhase" ];
installPhase = ''
tar xvf ${src}
mkdir -p $out/bin
mv LightTable $out/
tar xf ${src}
mkdir -p $out/{bin,share/LightTable}
mv ./${name}-linux/* $out/share/LightTable
patchelf \
--interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" \
--set-rpath ${libPath}:${stdenv.cc.cc}/lib${stdenv.lib.optionalString stdenv.is64bit "64"} \
$out/LightTable/ltbin
--set-rpath ${libPath}:${libPath}/lib64:$out/share/LightTable \
$out/share/LightTable/LightTable
ln -sf ${libudev.out}/lib/libudev.so.1 $out/LightTable/libudev.so.0
mv $out/share/LightTable/light $out/bin/light
makeWrapper $out/LightTable/ltbin $out/bin/lighttable \
--prefix "LD_LIBRARY_PATH" : $out/LightTable
ln -sf ${libudev.out}/lib/libudev.so.1 $out/share/LightTable/libudev.so.0
substituteInPlace $out/bin/light \
--replace "/usr/lib/x86_64-linux-gnu" "${libudev.out}/lib" \
--replace "/lib/x86_64-linux-gnu" "$out/share/LightTable" \
--replace 'HERE=`dirname $(readlink -f $0)`' "HERE=$out/share/LightTable"
mkdir -p "$out"/share/applications
cp "${desktopItem}/share/applications/LightTable.desktop" "$out"/share/applications/
'';
meta = with stdenv.lib; {
description = "the next generation code editor";
homepage = http://www.lighttable.com/;
license = licenses.gpl3;
maintainers = [ maintainers.matejc ];
platforms = [ "x86_64-linux" ];
};
}

14
pkgs/applications/editors/sublime3/default.nix
View File

@ -6,7 +6,7 @@ assert stdenv.system == "i686-linux" || stdenv.system == "x86_64-linux";
assert gksuSupport -> gksu != null;
let
build = "3083";
build = "3103";
libPath = stdenv.lib.makeLibraryPath [glib xorg.libX11 gtk cairo pango];
redirects = [ "/usr/bin/pkexec=${pkexecPath}" ]
++ stdenv.lib.optional gksuSupport "/usr/bin/gksudo=${gksu}/bin/gksudo";
@ -18,15 +18,15 @@ in let
src =
if stdenv.system == "i686-linux" then
fetchurl {
name = "sublimetext-3.0.83.tar.bz2";
url = "http://c758482.r82.cf2.rackcdn.com/sublime_text_3_build_${build}_x32.tar.bz2";
sha256 = "0r9irk2gdwdx0dk7lgssr4krfvf3lf71pzaz5hyjc704zaxf5s49";
name = "sublimetext-${build}.tar.bz2";
url = "https://download.sublimetext.com/sublime_text_3_build_${build}_x32.tar.bz2";
sha256 = "1qidnczndyhyp9rfzmpqah00lrx7z1a0fy7a13lzwqq3gslhwf1l";
}
else
fetchurl {
name = "sublimetext-3.0.83.tar.bz2";
url = "http://c758482.r82.cf2.rackcdn.com/sublime_text_3_build_${build}_x64.tar.bz2";
sha256 = "1vhlrqz7xscmjnxpz60mdpvflanl26d7673ml7psd75n0zvcfra5";
name = "sublimetext-${build}.tar.bz2";
url = "https://download.sublimetext.com/sublime_text_3_build_${build}_x64.tar.bz2";
sha256 = "1x8kb3prs6wa5s5rj0gfq96zx6k5q3s168yhfsa36x2szi6x6y4x";
};
dontStrip = true;

1
pkgs/applications/editors/vim/configurable.nix
View File

@ -154,6 +154,7 @@ composableDerivation {
multibyteSupport = config.vim.multibyte or false;
cscopeSupport = config.vim.cscope or true;
netbeansSupport = config.netbeans or true; # eg envim is using it
ximSupport = config.vim.xim or false;
# by default, compile with darwin support if we're compiling on darwin, but
# allow this to be disabled by setting config.vim.darwin to false

35
pkgs/applications/graphics/darktable/default.nix
View File

@ -1,46 +1,35 @@
{ stdenv, fetchurl, libsoup, graphicsmagick, SDL, json_glib
, GConf, atk, cairo, cmake, curl, dbus_glib, exiv2, glib
, libgnome_keyring, gtk, ilmbase, intltool, lcms, lcms2
, libgnome_keyring, gtk3, ilmbase, intltool, lcms, lcms2
, lensfun, libXau, libXdmcp, libexif, libglade, libgphoto2, libjpeg
, libpng, libpthreadstubs, libraw1394, librsvg, libtiff, libxcb
, libpng, libpthreadstubs, librsvg, libtiff, libxcb
, openexr, pixman, pkgconfig, sqlite, bash, libxslt, openjpeg
, mesa }:
, mesa, lua, pugixml, colord, colord-gtk, libxshmfence, libxkbcommon
, epoxy, at_spi2_core, libwebp, libsecret, wrapGAppsHook, gnome3
}:
assert stdenv ? glibc;
stdenv.mkDerivation rec {
version = "1.6.9";
version = "2.0.0";
name = "darktable-${version}";
src = fetchurl {
url = "https://github.com/darktable-org/darktable/releases/download/release-${version}/darktable-${version}.tar.xz";
sha256 = "0wri89ygjpv7npiz58mnydhgldywp6arqp9jq3v0g54a56fiwwhg";
sha256 = "1cbwvzqn3158cy7r499rdwipx7fpb30lrrvh6jy5a4xvpcjzbwnl";
};
buildInputs =
[ GConf atk cairo cmake curl dbus_glib exiv2 glib libgnome_keyring gtk
[ GConf atk cairo cmake curl dbus_glib exiv2 glib libgnome_keyring gtk3
ilmbase intltool lcms lcms2 lensfun libXau libXdmcp libexif
libglade libgphoto2 libjpeg libpng libpthreadstubs libraw1394
libglade libgphoto2 libjpeg libpng libpthreadstubs
librsvg libtiff libxcb openexr pixman pkgconfig sqlite libxslt
libsoup graphicsmagick SDL json_glib openjpeg mesa
libsoup graphicsmagick SDL json_glib openjpeg mesa lua pugixml
colord colord-gtk libxshmfence libxkbcommon epoxy at_spi2_core
libwebp libsecret wrapGAppsHook gnome3.adwaita-icon-theme
];
preConfigure = ''
export NIX_CFLAGS_COMPILE="$NIX_CFLAGS_COMPILE -I${gtk.dev}/include/gtk-2.0"
export NIX_CFLAGS_COMPILE="$NIX_CFLAGS_COMPILE -I${gtk.out}/lib/gtk-2.0/include"
export NIX_CFLAGS_COMPILE="$NIX_CFLAGS_COMPILE -I${cairo.dev}/include/cairo"
export NIX_CFLAGS_COMPILE="$NIX_CFLAGS_COMPILE -I${atk.dev}/include/atk-1.0"
export NIX_CFLAGS_COMPILE="$NIX_CFLAGS_COMPILE -I${ilmbase}/include/OpenEXR"
export NIX_CFLAGS_COMPILE="$NIX_CFLAGS_COMPILE -I${openexr}/include/OpenEXR"
'';
cmakeFlags = [
"-DPTHREAD_INCLUDE_DIR=${stdenv.glibc.dev}/include"
"-DPTHREAD_LIBRARY=${stdenv.glibc.out}/lib/libpthread.so"
"-DCMAKE_BUILD_TYPE=Release"
"-DBINARY_PACKAGE_BUILD=1"
"-DGTK2_GLIBCONFIG_INCLUDE_DIR=${glib.out}/lib/glib-2.0/include"
"-DGTK2_GDKCONFIG_INCLUDE_DIR=${gtk.out}/lib/gtk-2.0/include"
"-DBUILD_USERMANUAL=False"
];

17
pkgs/applications/graphics/imv/default.nix
View File

@ -1,19 +1,16 @@
{ stdenv, fetchFromGitHub,
SDL2, freeimage
}:
{ stdenv, fetchgit, SDL2, SDL2_ttf, freeimage }:
stdenv.mkDerivation rec {
name = "imv-${version}";
version = "1.1.0";
version = "2.0.0";
src = fetchFromGitHub {
owner = "eXeC64";
repo = "imv";
rev = "4d1a6d581b70b25d9533c5c788aab6900ebf82bb";
sha256 = "1c5r4pqqypir8ymicxyn2k7mhq8nl88b3x6giaafd77ssjn0vz9r";
src = fetchgit {
url = "https://github.com/eXeC64/imv.git";
rev = "bc90a0adcc5b22d2bf0158333eb6dfb34c402d48";
sha256 = "1bzx57d9mcxw9s72pdbdbwq9pns946jl6p2g881z43w68gimlpw7";
};
buildInputs = [ SDL2 freeimage ];
buildInputs = [ SDL2 SDL2_ttf freeimage ];
configurePhase = "substituteInPlace Makefile --replace /usr $out";

3
pkgs/applications/graphics/sane/backends/generic.nix
View File

@ -50,6 +50,9 @@ stdenv.mkDerivation {
mkdir -p $out/etc/udev/rules.d/
./tools/sane-desc -m udev > $out/etc/udev/rules.d/49-libsane.rules || \
cp tools/udev/libsane.rules $out/etc/udev/rules.d/49-libsane.rules
# the created 49-libsane references /bin/sh
substituteInPlace $out/etc/udev/rules.d/49-libsane.rules \
--replace "RUN+=\"/bin/sh" "RUN+=\"${stdenv.shell}"
substituteInPlace $out/lib/libsane.la \
--replace "-ljpeg" "-L${libjpeg}/lib -ljpeg"

48
pkgs/applications/graphics/synfigstudio/default.nix
View File

@ -1,51 +1,67 @@
{ stdenv, fetchurl, boost, cairo, fontsConf, gettext, glibmm, gtk3, gtkmm3
{ stdenv, fetchFromGitHub, boost, cairo, fontsConf, gettext, glibmm, gtk3, gtkmm3
, libjack2, libsigcxx, libtool, libxmlxx, makeWrapper, mlt-qt5, pango, pkgconfig
, imagemagick, intltool
, imagemagick, intltool, autoreconfHook, which
}:
let
version = "1.0.1";
version = "1.0.2";
ETL = stdenv.mkDerivation rec {
name = "ETL-0.04.19";
src = fetchurl {
url = "http://download.tuxfamily.org/synfig/releases/${version}/${name}.tar.gz";
sha256 = "1zmqv2fa5zxprza3wbhk5mxjk7491jqshxxai92s7fdiza0nhs91";
src = fetchFromGitHub {
repo = "synfig";
owner = "synfig";
rev = version;
sha256 = "09ldkvzczqvb1yvlibd62y56dkyprxlr0w3rk38rcs7jnrhj2cqc";
};
postUnpack = "sourceRoot=\${sourceRoot}/ETL/";
buildInputs = [ autoreconfHook ];
};
synfig = stdenv.mkDerivation rec {
name = "synfig-${version}";
src = fetchurl {
url = "http://download.tuxfamily.org/synfig/releases/${version}/${name}.tar.gz";
sha256 = "0l1f2xwmzds32g46fqwsq7j5qlnfps6944chbv14d3ynzgyyp1i3";
src = fetchFromGitHub {
repo = "synfig";
owner = "synfig";
rev = version;
sha256 = "09ldkvzczqvb1yvlibd62y56dkyprxlr0w3rk38rcs7jnrhj2cqc";
};
postUnpack = "sourceRoot=\${sourceRoot}/synfig-core/";
configureFlags = [
"--with-boost=${boost.dev}"
"--with-boost-libdir=${boost.lib}/lib"
];
buildInputs = [
ETL boost cairo gettext glibmm mlt-qt5 libsigcxx libtool libxmlxx pango
pkgconfig
ETL boost cairo gettext glibmm mlt-qt5 libsigcxx libxmlxx pango
pkgconfig autoreconfHook
];
};
in
stdenv.mkDerivation rec {
name = "synfigstudio-${version}";
src = fetchurl {
url = "http://download.tuxfamily.org/synfig/releases/${version}/${name}.tar.gz";
sha256 = "0jfa946rfh0dbagp18zknlj9ffrd4h45xcy2dh2vlhn6jdm08yfi";
src = fetchFromGitHub {
repo = "synfig";
owner = "synfig";
rev = version;
sha256 = "09ldkvzczqvb1yvlibd62y56dkyprxlr0w3rk38rcs7jnrhj2cqc";
};
postUnpack = "sourceRoot=\${sourceRoot}/synfig-studio/";
preConfigure = "./bootstrap.sh";
buildInputs = [
ETL boost cairo gettext glibmm gtk3 gtkmm3 imagemagick intltool
libjack2 libsigcxx libtool libxmlxx makeWrapper mlt-qt5 pkgconfig
synfig
libjack2 libsigcxx libxmlxx makeWrapper mlt-qt5 pkgconfig
synfig autoreconfHook which
];
postInstall = ''

2
pkgs/applications/misc/adobe-reader/default.nix
View File

@ -22,6 +22,8 @@ stdenv.mkDerivation {
libPath = stdenv.lib.makeLibraryPath
[ stdenv.cc.cc libX11 zlib libxml2 cups pango atk gtk glib gdk_pixbuf ];
passthru.mozillaPlugin = "/libexec/adobe-reader/Browser/intellinux";
meta = {
description = "Adobe Reader, a viewer for PDF documents";
homepage = http://www.adobe.com/products/reader;

Some files were not shown because too many files have changed in this diff Show More