public
/
nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' into closure-size

This commit is contained in:
Vladimír Čunát 2016-02-14 08:33:51 +01:00
parent 34922a3951 6a036d9fca
commit d039c87984
671 changed files with 37363 additions and 16671 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
doc/haskell-users-guide.md
View File

@ -234,7 +234,7 @@ library promises to give its users access to GHC's installation paths. Only,
the library can't possible know that path when it's compiled, because the path the library can't possible know that path when it's compiled, because the path
GHC considers its own is determined only much later, when the user configures GHC considers its own is determined only much later, when the user configures
it through `ghcWithPackages`. So we [patched it through `ghcWithPackages`. So we [patched
ghc-paths](https://github.com/NixOS/nixpkgs/blob/master/pkgs/development/haskell-modules/ghc-paths-nix.patch) ghc-paths](https://github.com/NixOS/nixpkgs/blob/master/pkgs/development/haskell-modules/patches/ghc-paths-nix.patch)
to return the paths found in those environment variables at run-time rather to return the paths found in those environment variables at run-time rather
than trying to guess them at compile-time. than trying to guess them at compile-time.

11
lib/maintainers.nix
View File

@ -27,6 +27,7 @@
anderspapitto = "Anders Papitto <anderspapitto@gmail.com>"; anderspapitto = "Anders Papitto <anderspapitto@gmail.com>";
andres = "Andres Loeh <ksnixos@andres-loeh.de>"; andres = "Andres Loeh <ksnixos@andres-loeh.de>";
andrewrk = "Andrew Kelley <superjoe30@gmail.com>"; andrewrk = "Andrew Kelley <superjoe30@gmail.com>";
aneeshusa = "Aneesh Agrawal <aneeshusa@gmail.com>";
antono = "Antono Vasiljev <self@antono.info>"; antono = "Antono Vasiljev <self@antono.info>";
ardumont = "Antoine R. Dumont <eniotna.t@gmail.com>"; ardumont = "Antoine R. Dumont <eniotna.t@gmail.com>";
aristid = "Aristid Breitkreuz <aristidb@gmail.com>"; aristid = "Aristid Breitkreuz <aristidb@gmail.com>";
@ -93,10 +94,11 @@
eduarrrd = "Eduard Bachmakov <e.bachmakov@gmail.com>"; eduarrrd = "Eduard Bachmakov <e.bachmakov@gmail.com>";
edwtjo = "Edward Tjörnhammar <ed@cflags.cc>"; edwtjo = "Edward Tjörnhammar <ed@cflags.cc>";
eelco = "Eelco Dolstra <eelco.dolstra@logicblox.com>"; eelco = "Eelco Dolstra <eelco.dolstra@logicblox.com>";
ehmry = "Emery Hemingway <emery@vfemail.net>";
eikek = "Eike Kettner <eike.kettner@posteo.de>"; eikek = "Eike Kettner <eike.kettner@posteo.de>";
elasticdog = "Aaron Bull Schaefer <aaron@elasticdog.com>"; elasticdog = "Aaron Bull Schaefer <aaron@elasticdog.com>";
elitak = "Eric Litak <elitak@gmail.com>";
ellis = "Ellis Whitehead <nixos@ellisw.net>"; ellis = "Ellis Whitehead <nixos@ellisw.net>";
ehmry = "Emery Hemingway <emery@vfemail.net>";
epitrochoid = "Mabry Cervin <mpcervin@uncg.edu>"; epitrochoid = "Mabry Cervin <mpcervin@uncg.edu>";
ericbmerritt = "Eric Merritt <eric@afiniate.com>"; ericbmerritt = "Eric Merritt <eric@afiniate.com>";
ericsagnes = "Eric Sagnes <eric.sagnes@gmail.com>"; ericsagnes = "Eric Sagnes <eric.sagnes@gmail.com>";
@ -104,6 +106,7 @@
ertes = "Ertugrul Söylemez <ertesx@gmx.de>"; ertes = "Ertugrul Söylemez <ertesx@gmx.de>";
exi = "Reno Reckling <nixos@reckling.org>"; exi = "Reno Reckling <nixos@reckling.org>";
exlevan = "Alexey Levan <exlevan@gmail.com>"; exlevan = "Alexey Levan <exlevan@gmail.com>";
fadenb = "Tristan Helmich <tristan.helmich+nixos@gmail.com>";
falsifian = "James Cook <james.cook@utoronto.ca>"; falsifian = "James Cook <james.cook@utoronto.ca>";
flosse = "Markus Kohlhase <mail@markus-kohlhase.de>"; flosse = "Markus Kohlhase <mail@markus-kohlhase.de>";
fluffynukeit = "Daniel Austin <dan@fluffynukeit.com>"; fluffynukeit = "Daniel Austin <dan@fluffynukeit.com>";
@ -124,7 +127,7 @@
gfxmonk = "Tim Cuthbertson <tim@gfxmonk.net>"; gfxmonk = "Tim Cuthbertson <tim@gfxmonk.net>";
giogadi = "Luis G. Torres <lgtorres42@gmail.com>"; giogadi = "Luis G. Torres <lgtorres42@gmail.com>";
gleber = "Gleb Peregud <gleber.p@gmail.com>"; gleber = "Gleb Peregud <gleber.p@gmail.com>";
globin = "Robin Gloster <robin@glob.in>"; globin = "Robin Gloster <mail@glob.in>";
goibhniu = "Cillian de Róiste <cillian.deroiste@gmail.com>"; goibhniu = "Cillian de Róiste <cillian.deroiste@gmail.com>";
gridaphobe = "Eric Seidel <eric@seidel.io>"; gridaphobe = "Eric Seidel <eric@seidel.io>";
guibert = "David Guibert <david.guibert@gmail.com>"; guibert = "David Guibert <david.guibert@gmail.com>";
@ -159,6 +162,7 @@
jzellner = "Jeff Zellner <jeffz@eml.cc>"; jzellner = "Jeff Zellner <jeffz@eml.cc>";
kamilchm = "Kamil Chmielewski <kamil.chm@gmail.com>"; kamilchm = "Kamil Chmielewski <kamil.chm@gmail.com>";
kampfschlaefer = "Arnold Krille <arnold@arnoldarts.de>"; kampfschlaefer = "Arnold Krille <arnold@arnoldarts.de>";
kevincox = "Kevin Cox <kevincox@kevincox.ca>";
khumba = "Bryan Gardiner <bog@khumba.net>"; khumba = "Bryan Gardiner <bog@khumba.net>";
kkallio = "Karn Kallio <tierpluspluslists@gmail.com>"; kkallio = "Karn Kallio <tierpluspluslists@gmail.com>";
koral = "Koral <koral@mailoo.org>"; koral = "Koral <koral@mailoo.org>";
@ -300,6 +304,7 @@
taeer = "Taeer Bar-Yam <taeer@necsi.edu>"; taeer = "Taeer Bar-Yam <taeer@necsi.edu>";
tailhook = "Paul Colomiets <paul@colomiets.name>"; tailhook = "Paul Colomiets <paul@colomiets.name>";
taktoa = "Remy Goldschmidt <taktoa@gmail.com>"; taktoa = "Remy Goldschmidt <taktoa@gmail.com>";
tavyc = "Octavian Cerna <octavian.cerna@gmail.com>";
telotortium = "Robert Irelan <rirelan@gmail.com>"; telotortium = "Robert Irelan <rirelan@gmail.com>";
thall = "Niclas Thall <niclas.thall@gmail.com>"; thall = "Niclas Thall <niclas.thall@gmail.com>";
thammers = "Tobias Hammerschmidt <jawr@gmx.de>"; thammers = "Tobias Hammerschmidt <jawr@gmx.de>";
@ -315,9 +320,11 @@
tstrobel = "Thomas Strobel <ts468@cam.ac.uk>"; tstrobel = "Thomas Strobel <ts468@cam.ac.uk>";
ttuegel = "Thomas Tuegel <ttuegel@gmail.com>"; ttuegel = "Thomas Tuegel <ttuegel@gmail.com>";
tv = "Tomislav Viljetić <tv@shackspace.de>"; tv = "Tomislav Viljetić <tv@shackspace.de>";
tvestelind = "Tomas Vestelind <tomas.vestelind@fripost.org>";
twey = "James Twey Kay <twey@twey.co.uk>"; twey = "James Twey Kay <twey@twey.co.uk>";
urkud = "Yury G. Kudryashov <urkud+nix@ya.ru>"; urkud = "Yury G. Kudryashov <urkud+nix@ya.ru>";
vandenoever = "Jos van den Oever <jos@vandenoever.info>"; vandenoever = "Jos van den Oever <jos@vandenoever.info>";
vanzef = "Ivan Solyankin <vanzef@gmail.com>";
vbgl = "Vincent Laporte <Vincent.Laporte@gmail.com>"; vbgl = "Vincent Laporte <Vincent.Laporte@gmail.com>";
vbmithr = "Vincent Bernardoff <vb@luminar.eu.org>"; vbmithr = "Vincent Bernardoff <vb@luminar.eu.org>";
vcunat = "Vladimír Čunát <vcunat@gmail.com>"; vcunat = "Vladimír Čunát <vcunat@gmail.com>";

2
nixos/doc/manual/configuration/config-file.xml
View File

@ -157,7 +157,7 @@ boot.kernel.sysctl."net.ipv4.tcp_keepalive_time" = 60;
fileSystems."/boot" = fileSystems."/boot" =
{ device = "/dev/sda1"; { device = "/dev/sda1";
fsType = "ext4"; fsType = "ext4";
options = "rw,data=ordered,relatime"; options = [ "rw" "data=ordered" "relatime" ];
}; };
</programlisting> </programlisting>
</para> </para>

15
nixos/doc/manual/default.nix
View File

@ -17,7 +17,7 @@ let
# Clean up declaration sites to not refer to the NixOS source tree. # Clean up declaration sites to not refer to the NixOS source tree.
optionsList' = flip map optionsList (opt: opt // { optionsList' = flip map optionsList (opt: opt // {
declarations = map (fn: stripAnyPrefixes fn) opt.declarations; declarations = map stripAnyPrefixes opt.declarations;
} }
// optionalAttrs (opt ? example) { example = substFunction opt.example; } // optionalAttrs (opt ? example) { example = substFunction opt.example; }
// optionalAttrs (opt ? default) { default = substFunction opt.default; } // optionalAttrs (opt ? default) { default = substFunction opt.default; }
@ -28,16 +28,9 @@ let
# or else the build will fail. # or else the build will fail.
# #
# E.g. if some `options` came from modules in ${pkgs.customModules}/nix, # E.g. if some `options` came from modules in ${pkgs.customModules}/nix,
# you'd need to include `extraSources = [ "#{pkgs.customModules}" ]` # you'd need to include `extraSources = [ pkgs.customModules ]`
herePrefix = toString ../../..; prefixesToStrip = map (p: "${toString p}/") ([ ../../.. ] ++ extraSources);
prefixesToStrip = [ herePrefix ] ++ extraSources; stripAnyPrefixes = flip (fold removePrefix) prefixesToStrip;
stripAnyPrefixes = fn:
flip (flip fold fn) prefixesToStrip (fn: prefix:
if substring 0 (stringLength prefix) fn == prefix then
substring (stringLength prefix + 1) 1000 fn
else
fn);
# Convert the list of options into an XML file. # Convert the list of options into an XML file.
optionsXML = builtins.toFile "options.xml" (builtins.toXML optionsList'); optionsXML = builtins.toFile "options.xml" (builtins.toXML optionsList');

4
nixos/doc/manual/man-nixos-generate-config.xml
View File

@ -165,13 +165,13 @@ look like this:
fileSystems."/" = fileSystems."/" =
{ device = "/dev/disk/by-label/nixos"; { device = "/dev/disk/by-label/nixos";
fsType = "ext3"; fsType = "ext3";
options = "rw,data=ordered,relatime"; options = [ "rw" "data=ordered" "relatime" ];
}; };
fileSystems."/boot" = fileSystems."/boot" =
{ device = "/dev/sda1"; { device = "/dev/sda1";
fsType = "ext3"; fsType = "ext3";
options = "rw,errors=continue,user_xattr,acl,barrier=1,data=writeback,relatime"; options = [ "rw" "errors=continue" "user_xattr" "acl" "barrier=1" "data=writeback" "relatime" ];
}; };
swapDevices = swapDevices =

16
nixos/doc/manual/release-notes/rl-unstable.xml
View File

@ -42,6 +42,7 @@ nixos.path = ./nixpkgs-unstable-2015-12-06/nixos;
<itemizedlist> <itemizedlist>
<listitem><para><literal>services/monitoring/longview.nix</literal></para></listitem> <listitem><para><literal>services/monitoring/longview.nix</literal></para></listitem>
<listitem><para><literal>services/web-apps/pump.io.nix</literal></para></listitem> <listitem><para><literal>services/web-apps/pump.io.nix</literal></para></listitem>
<listitem><para><literal>services/security/haka.nix</literal></para></listitem>
</itemizedlist> </itemizedlist>
</para> </para>
@ -155,6 +156,21 @@ nginx.override {
options and more.</para> options and more.</para>
</listitem> </listitem>
<listitem>
<para>Filesystem options should now be configured as a list of strings, not
a comma-separated string. The old style will continue to work, but print a
warning, until the 16.09 release. An example of the new style:
<programlisting>
fileSystems."/example" = {
device = "/dev/sdc";
fsType = "btrfs";
options = [ "noatime" "compress=lzo" "space_cache" "autodefrag" ];
};
</programlisting>
</para>
</listitem>
<listitem> <listitem>
<para>CUPS, installed by <literal>services.printing</literal> module, now <para>CUPS, installed by <literal>services.printing</literal> module, now
has its data directory in <filename>/var/lib/cups</filename>. Old has its data directory in <filename>/var/lib/cups</filename>. Old

4
nixos/modules/config/zram.nix
View File

@ -99,10 +99,8 @@ in
set -u set -u
set -o pipefail set -o pipefail
PATH=${pkgs.procps}/bin:${pkgs.gnugrep}/bin:${pkgs.gnused}/bin
# Calculate memory to use for zram # Calculate memory to use for zram
totalmem=$(free | grep -e "^Mem:" | sed -e 's/^Mem: *//' -e 's/ *.*//') totalmem=$(${pkgs.gnugrep}/bin/grep 'MemTotal: ' /proc/meminfo | ${pkgs.gawk}/bin/awk '{print $2}')
mem=$(((totalmem * ${toString cfg.memoryPercent} / 100 / ${toString cfg.numDevices}) * 1024)) mem=$(((totalmem * ${toString cfg.memoryPercent} / 100 / ${toString cfg.numDevices}) * 1024))
echo $mem > /sys/class/block/${dev}/disksize echo $mem > /sys/class/block/${dev}/disksize

45
nixos/modules/hardware/video/webcam/facetimehd.nix Normal file
View File

@ -0,0 +1,45 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.hardware.facetimehd;
kernelPackages = config.boot.kernelPackages;
in
{
options.hardware.facetimehd.enable = mkEnableOption "facetimehd kernel module";
config = mkIf cfg.enable {
assertions = singleton {
assertion = versionAtLeast kernelPackages.kernel.version "3.19";
message = "facetimehd is not supported for kernels older than 3.19";
};
boot.kernelModules = [ "facetimehd" ];
boot.blacklistedKernelModules = [ "bdc_pci" ];
boot.extraModulePackages = [ kernelPackages.facetimehd ];
hardware.firmware = [ pkgs.facetimehd-firmware ];
# unload module during suspend/hibernate as it crashes the whole system
powerManagement.powerDownCommands = ''
${pkgs.module_init_tools}/bin/rmmod -f facetimehd
'';
# and load it back on resume
powerManagement.resumeCommands = ''
export MODULE_DIR=/run/current-system/kernel-modules/lib/modules
${pkgs.module_init_tools}/bin/modprobe -v facetimehd
'';
};
}

8
nixos/modules/installer/cd-dvd/iso-image.nix
View File

@ -249,7 +249,7 @@ in
fileSystems."/" = fileSystems."/" =
{ fsType = "tmpfs"; { fsType = "tmpfs";
options = "mode=0755"; options = [ "mode=0755" ];
}; };
# Note that /dev/root is a symlink to the actual root device # Note that /dev/root is a symlink to the actual root device
@ -266,20 +266,20 @@ in
fileSystems."/nix/.ro-store" = fileSystems."/nix/.ro-store" =
{ fsType = "squashfs"; { fsType = "squashfs";
device = "/iso/nix-store.squashfs"; device = "/iso/nix-store.squashfs";
options = "loop"; options = [ "loop" ];
neededForBoot = true; neededForBoot = true;
}; };
fileSystems."/nix/.rw-store" = fileSystems."/nix/.rw-store" =
{ fsType = "tmpfs"; { fsType = "tmpfs";
options = "mode=0755"; options = [ "mode=0755" ];
neededForBoot = true; neededForBoot = true;
}; };
fileSystems."/nix/store" = fileSystems."/nix/store" =
{ fsType = "unionfs-fuse"; { fsType = "unionfs-fuse";
device = "unionfs"; device = "unionfs";
options = "allow_other,cow,nonempty,chroot=/mnt-root,max_files=32768,hide_meta_files,dirs=/nix/.rw-store=rw:/nix/.ro-store=ro"; options = [ "allow_other" "cow" "nonempty" "chroot=/mnt-root" "max_files=32768" "hide_meta_files" "dirs=/nix/.rw-store=rw:/nix/.ro-store=ro" ];
}; };
boot.initrd.availableKernelModules = [ "squashfs" "iso9660" "usb-storage" ]; boot.initrd.availableKernelModules = [ "squashfs" "iso9660" "usb-storage" ];

3
nixos/modules/installer/cd-dvd/system-tarball-sheevaplug.nix
View File

@ -86,8 +86,7 @@ in
system.boot.loader.kernelFile = "uImage"; system.boot.loader.kernelFile = "uImage";
boot.initrd.availableKernelModules = boot.initrd.availableKernelModules =
[ "mvsdio" "mmc_block" "reiserfs" "ext3" "ums-cypress" "rtc_mv" [ "mvsdio" "reiserfs" "ext3" "ums-cypress" "rtc_mv" "ext4" ];
"ext4" ];
boot.postBootCommands = boot.postBootCommands =
'' ''

2
nixos/modules/installer/cd-dvd/system-tarball.nix
View File

@ -43,7 +43,7 @@ in
# so that we don't need to know its device. # so that we don't need to know its device.
fileSystems = [ ]; fileSystems = [ ];
# boot.initrd.availableKernelModules = [ "mvsdio" "mmc_block" "reiserfs" "ext3" "ext4" ]; # boot.initrd.availableKernelModules = [ "mvsdio" "reiserfs" "ext3" "ext4" ];
# boot.initrd.kernelModules = [ "rtc_mv" ]; # boot.initrd.kernelModules = [ "rtc_mv" ];

4
nixos/modules/installer/tools/nixos-generate-config.pl
View File

@ -349,7 +349,7 @@ foreach my $fs (read_file("/proc/self/mountinfo")) {
fileSystems.\"$mountPoint\" = fileSystems.\"$mountPoint\" =
{ device = \"$base$path\"; { device = \"$base$path\";
fsType = \"none\"; fsType = \"none\";
options = \"bind\"; options = \[ \"bind\" \];
}; };
EOF EOF
@ -409,7 +409,7 @@ EOF
if (scalar @extraOptions > 0) { if (scalar @extraOptions > 0) {
$fileSystems .= <<EOF; $fileSystems .= <<EOF;
options = \"${\join ",", uniq(@extraOptions)}\"; options = \[ ${\join " ", map { "\"" . $_ . "\"" } uniq(@extraOptions)} \];
EOF EOF
} }

5
nixos/modules/installer/tools/nixos-install.sh
View File

@ -73,11 +73,6 @@ if ! test -e "$mountPoint"; then
exit 1 exit 1
fi fi
if ! grep -F -q " $mountPoint " /proc/mounts; then
echo "$mountPoint doesn't appear to be a mount point"
exit 1
fi
# Mount some stuff in the target root directory. # Mount some stuff in the target root directory.
mkdir -m 0755 -p $mountPoint/dev $mountPoint/proc $mountPoint/sys $mountPoint/etc $mountPoint/run $mountPoint/home mkdir -m 0755 -p $mountPoint/dev $mountPoint/proc $mountPoint/sys $mountPoint/etc $mountPoint/run $mountPoint/home

7
nixos/modules/installer/tools/nixos-rebuild.sh
View File

@ -149,10 +149,11 @@ nixBuild() {
local j="$1"; shift 1 local j="$1"; shift 1
instArgs+=("$i" "$j") instArgs+=("$i" "$j")
;; ;;
-I) -I) # We don't want this in buildArgs
# We don't want this in buildArgs
shift 1 shift 1
;; ;;
--no-out-link) # We don't want this in buildArgs
;;
"<"*) # nix paths "<"*) # nix paths
instArgs+=("$i") instArgs+=("$i")
;; ;;
@ -329,7 +330,7 @@ fi
if [ -z "$rollback" ]; then if [ -z "$rollback" ]; then
echo "building the system configuration..." >&2 echo "building the system configuration..." >&2
if [ "$action" = switch -o "$action" = boot ]; then if [ "$action" = switch -o "$action" = boot ]; then
pathToConfig="$(nixBuild '<nixpkgs/nixos>' -A system "${extraBuildFlags[@]}")" pathToConfig="$(nixBuild '<nixpkgs/nixos>' --no-out-link -A system "${extraBuildFlags[@]}")"
copyToTarget "$pathToConfig" copyToTarget "$pathToConfig"
targetHostCmd nix-env -p "$profile" --set "$pathToConfig" targetHostCmd nix-env -p "$profile" --set "$pathToConfig"
elif [ "$action" = test -o "$action" = build -o "$action" = dry-build -o "$action" = dry-activate ]; then elif [ "$action" = test -o "$action" = build -o "$action" = dry-build -o "$action" = dry-activate ]; then

9
nixos/modules/module-list.nix
View File

@ -42,6 +42,7 @@
./hardware/video/bumblebee.nix ./hardware/video/bumblebee.nix
./hardware/video/nvidia.nix ./hardware/video/nvidia.nix
./hardware/video/ati.nix ./hardware/video/ati.nix
./hardware/video/webcam/facetimehd.nix
./installer/tools/auto-upgrade.nix ./installer/tools/auto-upgrade.nix
./installer/tools/nixos-checkout.nix ./installer/tools/nixos-checkout.nix
./installer/tools/tools.nix ./installer/tools/tools.nix
@ -395,6 +396,7 @@
./services/security/fprintd.nix ./services/security/fprintd.nix
./services/security/fprot.nix ./services/security/fprot.nix
./services/security/frandom.nix ./services/security/frandom.nix
./services/security/haka.nix
./services/security/haveged.nix ./services/security/haveged.nix
./services/security/hologram.nix ./services/security/hologram.nix
./services/security/munge.nix ./services/security/munge.nix
@ -460,10 +462,10 @@
./system/boot/coredump.nix ./system/boot/coredump.nix
./system/boot/emergency-mode.nix ./system/boot/emergency-mode.nix
./system/boot/initrd-network.nix ./system/boot/initrd-network.nix
./system/boot/initrd-ssh.nix
./system/boot/kernel.nix ./system/boot/kernel.nix
./system/boot/kexec.nix ./system/boot/kexec.nix
./system/boot/loader/efi.nix ./system/boot/loader/efi.nix
./system/boot/loader/loader.nix
./system/boot/loader/generations-dir/generations-dir.nix ./system/boot/loader/generations-dir/generations-dir.nix
./system/boot/loader/generic-extlinux-compatible ./system/boot/loader/generic-extlinux-compatible
./system/boot/loader/grub/grub.nix ./system/boot/loader/grub/grub.nix
@ -471,15 +473,16 @@
./system/boot/loader/grub/memtest.nix ./system/boot/loader/grub/memtest.nix
./system/boot/loader/gummiboot/gummiboot.nix ./system/boot/loader/gummiboot/gummiboot.nix
./system/boot/loader/init-script/init-script.nix ./system/boot/loader/init-script/init-script.nix
./system/boot/loader/loader.nix
./system/boot/loader/raspberrypi/raspberrypi.nix ./system/boot/loader/raspberrypi/raspberrypi.nix
./system/boot/luksroot.nix ./system/boot/luksroot.nix
./system/boot/modprobe.nix ./system/boot/modprobe.nix
./system/boot/networkd.nix
./system/boot/resolved.nix
./system/boot/shutdown.nix ./system/boot/shutdown.nix
./system/boot/stage-1.nix ./system/boot/stage-1.nix
./system/boot/stage-2.nix ./system/boot/stage-2.nix
./system/boot/systemd.nix ./system/boot/systemd.nix
./system/boot/networkd.nix
./system/boot/resolved.nix
./system/boot/timesyncd.nix ./system/boot/timesyncd.nix
./system/boot/tmp.nix ./system/boot/tmp.nix
./system/etc/etc.nix ./system/etc/etc.nix

3
nixos/modules/programs/ssh.nix
View File

@ -186,6 +186,9 @@ in
ForwardX11 ${if cfg.forwardX11 then "yes" else "no"} ForwardX11 ${if cfg.forwardX11 then "yes" else "no"}
# Allow DSA keys for now. (These were deprecated in OpenSSH 7.0.)
PubkeyAcceptedKeyTypes +ssh-dss
${cfg.extraConfig} ${cfg.extraConfig}
''; '';

4
nixos/modules/security/acme.nix
View File

@ -56,8 +56,8 @@ let
plugins = mkOption { plugins = mkOption {
type = types.listOf (types.enum [ type = types.listOf (types.enum [
"cert.der" "cert.pem" "chain.der" "chain.pem" "external_pem.sh" "cert.der" "cert.pem" "chain.pem" "external_pem.sh"
"fullchain.der" "fullchain.pem" "key.der" "key.pem" "account_key.json" "fullchain.pem" "full.pem" "key.der" "key.pem" "account_key.json"
]); ]);
default = [ "fullchain.pem" "key.pem" "account_key.json" ]; default = [ "fullchain.pem" "key.pem" "account_key.json" ];
description = '' description = ''

30
nixos/modules/services/databases/postgresql.nix
View File

@ -158,7 +158,7 @@ in
# Note: when changing the default, make it conditional on # Note: when changing the default, make it conditional on
# system.stateVersion to maintain compatibility with existing # system.stateVersion to maintain compatibility with existing
# systems! # systems!
mkDefault pkgs.postgresql94; mkDefault (if versionAtLeast config.system.stateVersion "16.03" then pkgs.postgresql95 else pkgs.postgresql94);
services.postgresql.authentication = mkAfter services.postgresql.authentication = mkAfter
'' ''
@ -177,7 +177,7 @@ in
users.extraGroups.postgres.gid = config.ids.gids.postgres; users.extraGroups.postgres.gid = config.ids.gids.postgres;
environment.systemPackages = [postgresql]; environment.systemPackages = [ postgresql ];
systemd.services.postgresql = systemd.services.postgresql =
{ description = "PostgreSQL Server"; { description = "PostgreSQL Server";
@ -187,35 +187,37 @@ in
environment.PGDATA = cfg.dataDir; environment.PGDATA = cfg.dataDir;
path = [ pkgs.su postgresql ]; path = [ postgresql ];
preStart = preStart =
'' ''
# Initialise the database. # Create data directory.
if ! test -e ${cfg.dataDir}/PG_VERSION; then if ! test -e ${cfg.dataDir}/PG_VERSION; then
mkdir -m 0700 -p ${cfg.dataDir} mkdir -m 0700 -p ${cfg.dataDir}
rm -f ${cfg.dataDir}/*.conf rm -f ${cfg.dataDir}/*.conf
if [ "$(id -u)" = 0 ]; then chown -R postgres:postgres ${cfg.dataDir}
chown -R postgres ${cfg.dataDir}
su -s ${pkgs.stdenv.shell} postgres -c 'initdb -U root'
else
# For non-root operation.
initdb
fi fi
''; # */
script =
''
# Initialise the database.
if ! test -e ${cfg.dataDir}/PG_VERSION; then
initdb -U root
# See postStart! # See postStart!
touch "${cfg.dataDir}/.first_startup" touch "${cfg.dataDir}/.first_startup"
fi fi
ln -sfn "${configFile}" "${cfg.dataDir}/postgresql.conf" ln -sfn "${configFile}" "${cfg.dataDir}/postgresql.conf"
${optionalString (cfg.recoveryConfig != null) '' ${optionalString (cfg.recoveryConfig != null) ''
ln -sfn "${pkgs.writeText "recovery.conf" cfg.recoveryConfig}" \ ln -sfn "${pkgs.writeText "recovery.conf" cfg.recoveryConfig}" \
"${cfg.dataDir}/recovery.conf" "${cfg.dataDir}/recovery.conf"
''} ''}
''; # */
exec postgres ${toString flags}
'';
serviceConfig = serviceConfig =
{ ExecStart = "@${postgresql}/bin/postgres postgres ${toString flags}"; { ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
User = "postgres"; User = "postgres";
Group = "postgres"; Group = "postgres";
PermissionsStartOnly = true; PermissionsStartOnly = true;

176
nixos/modules/services/hardware/acpid.nix
View File

@ -4,112 +4,39 @@ with lib;
let let
canonicalHandlers = {
powerEvent = {
event = "button/power.*";
action = config.services.acpid.powerEventCommands;
};
lidEvent = {
event = "button/lid.*";
action = config.services.acpid.lidEventCommands;
};
acEvent = {
event = "ac_adapter.*";
action = config.services.acpid.acEventCommands;
};
};
acpiConfDir = pkgs.runCommand "acpi-events" {} acpiConfDir = pkgs.runCommand "acpi-events" {}
'' ''
mkdir -p $out mkdir -p $out
${ ${
# Generate a configuration file for each event. (You can't have # Generate a configuration file for each event. (You can't have
# multiple events in one config file...) # multiple events in one config file...)
let f = event: let f = name: handler:
'' ''
fn=$out/${event.name} fn=$out/${name}
echo "event=${event.event}" > $fn echo "event=${handler.event}" > $fn
echo "action=${pkgs.writeScript "${event.name}.sh" event.action}" >> $fn echo "action=${pkgs.writeScript "${name}.sh" (concatStringsSep "\n" [ "#! ${pkgs.bash}/bin/sh" handler.action ])}" >> $fn
''; '';
in lib.concatMapStrings f events in concatStringsSep "\n" (mapAttrsToList f (canonicalHandlers // config.services.acpid.handlers))
} }
''; '';
events = [powerEvent lidEvent acEvent muteEvent volumeDownEvent volumeUpEvent cdPlayEvent cdNextEvent cdPrevEvent];
# Called when the power button is pressed.
powerEvent =
{ name = "power-button";
event = "button/power.*";
action =
''
#! ${pkgs.bash}/bin/sh
${config.services.acpid.powerEventCommands}
'';
};
# Called when the laptop lid is opened/closed.
lidEvent =
{ name = "lid";
event = "button/lid.*";
action =
''
#! ${pkgs.bash}/bin/sh
${config.services.acpid.lidEventCommands}
'';
};
# Called when the AC power is connected or disconnected.
acEvent =
{ name = "ac-power";
event = "ac_adapter.*";
action =
''
#! ${pkgs.bash}/bin/sh
${config.services.acpid.acEventCommands}
'';
};
muteEvent = {
name = "mute";
event = "button/mute.*";
action = ''
#! ${pkgs.bash}/bin/sh
${config.services.acpid.muteCommands}
'';
};
volumeDownEvent = {
name = "volume-down";
event = "button/volumedown.*";
action = ''
#! ${pkgs.bash}/bin/sh
${config.services.acpid.volumeDownEventCommands}
'';
};
volumeUpEvent = {
name = "volume-up";
event = "button/volumeup.*";
action = ''
#! ${pkgs.bash}/bin/sh
${config.services.acpid.volumeUpEventCommands}
'';
};
cdPlayEvent = {
name = "cd-play";
event = "cd/play.*";
action = ''
#! ${pkgs.bash}/bin/sh
${config.services.acpid.cdPlayEventCommands}
'';
};
cdNextEvent = {
name = "cd-next";
event = "cd/next.*";
action = ''
#! ${pkgs.bash}/bin/sh
${config.services.acpid.cdNextEventCommands}
'';
};
cdPrevEvent = {
name = "cd-prev";
event = "cd/prev.*";
action = ''
#! ${pkgs.bash}/bin/sh
${config.services.acpid.cdPrevEventCommands}
'';
};
in in
{ {
@ -126,6 +53,29 @@ in
description = "Whether to enable the ACPI daemon."; description = "Whether to enable the ACPI daemon.";
}; };
handlers = mkOption {
type = types.attrsOf (types.submodule {
options = {
event = mkOption {
type = types.str;
example = [ "button/power.*" "button/lid.*" "ac_adapter.*" "button/mute.*" "button/volumedown.*" "cd/play.*" "cd/next.*" ];
description = "Event type.";
};
action = mkOption {
type = types.lines;
description = "Shell commands to execute when the event is triggered.";
};
};
});
description = "Event handlers.";
default = {};
example = { mute = { event = "button/mute.*"; action = "amixer set Master toggle"; }; };
};
powerEventCommands = mkOption { powerEventCommands = mkOption {
type = types.lines; type = types.lines;
default = ""; default = "";
@ -144,42 +94,6 @@ in
description = "Shell commands to execute on an ac_adapter.* event."; description = "Shell commands to execute on an ac_adapter.* event.";
}; };
muteCommands = mkOption {
type = types.lines;
default = "";
description = "Shell commands to execute on an button/mute.* event.";
};
volumeDownEventCommands = mkOption {
type = types.lines;
default = "";
description = "Shell commands to execute on an button/volumedown.* event.";
};
volumeUpEventCommands = mkOption {
type = types.lines;
default = "";
description = "Shell commands to execute on an button/volumeup.* event.";
};
cdPlayEventCommands = mkOption {
type = types.lines;
default = "";
description = "Shell commands to execute on an cd/play.* event.";
};
cdNextEventCommands = mkOption {
type = types.lines;
default = "";
description = "Shell commands to execute on an cd/next.* event.";
};
cdPrevEventCommands = mkOption {
type = types.lines;
default = "";
description = "Shell commands to execute on an cd/prev.* event.";
};
}; };
}; };

58
nixos/modules/services/hardware/bluetooth.nix
View File

@ -1,6 +1,43 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
with lib; with lib;
let
bluez-bluetooth = if config.services.xserver.desktopManager.kde4.enable then pkgs.bluez else pkgs.bluez5;
configBluez = {
description = "Bluetooth Service";
serviceConfig = {
Type = "dbus";
BusName = "org.bluez";
ExecStart = "${bluez-bluetooth}/sbin/bluetoothd -n";
};
wantedBy = [ "bluetooth.target" ];
};
configBluez5 = {
description = "Bluetooth Service";
serviceConfig = {
Type = "dbus";
BusName = "org.bluez";
ExecStart = "${bluez-bluetooth}/sbin/bluetoothd -n";
NotifyAccess="main";
CapabilityBoundingSet="CAP_NET_ADMIN CAP_NET_BIND_SERVICE";
LimitNPROC=1;
};
wantedBy = [ "bluetooth.target" ];
};
obexConfig = {
description = "Bluetooth OBEX service";
serviceConfig = {
Type = "dbus";
BusName = "org.bluez.obex";
ExecStart = "${bluez-bluetooth}/sbin/obexd";
};
};
bluezConfig = if config.services.xserver.desktopManager.kde4.enable then configBluez else configBluez5;
in
{ {
@ -16,26 +53,15 @@ with lib;
}; };
###### implementation ###### implementation
config = mkIf config.hardware.bluetooth.enable { config = mkIf config.hardware.bluetooth.enable {
environment.systemPackages = [ pkgs.bluez pkgs.openobex pkgs.obexftp ]; environment.systemPackages = [ bluez-bluetooth pkgs.openobex pkgs.obexftp ];
services.udev.packages = [ bluez-bluetooth ];
services.udev.packages = [ pkgs.bluez ]; services.dbus.packages = [ bluez-bluetooth ];
systemd.services."dbus-org.bluez" = bluezConfig;
services.dbus.packages = [ pkgs.bluez ]; systemd.services."dbus-org.bluez.obex" = obexConfig;
systemd.services."dbus-org.bluez" = {
description = "Bluetooth Service";
serviceConfig = {
Type = "dbus";
BusName = "org.bluez";
ExecStart = "${pkgs.bluez}/sbin/bluetoothd -n";
};
wantedBy = [ "bluetooth.target" ];
};
}; };

81
nixos/modules/services/hardware/udev.nix
View File

@ -16,6 +16,12 @@ let
destination = "/etc/udev/rules.d/10-local.rules"; destination = "/etc/udev/rules.d/10-local.rules";
}; };
extraHwdbFile = pkgs.writeTextFile {
name = "extra-hwdb-file";
text = cfg.extraHwdb;
destination = "/etc/udev/hwdb.d/10-local.hwdb";
};
nixosRules = '' nixosRules = ''
# Miscellaneous devices. # Miscellaneous devices.
KERNEL=="kvm", MODE="0666" KERNEL=="kvm", MODE="0666"
@ -55,7 +61,9 @@ let
--replace \"/sbin/modprobe \"${config.system.sbin.modprobe}/sbin/modprobe \ --replace \"/sbin/modprobe \"${config.system.sbin.modprobe}/sbin/modprobe \
--replace \"/sbin/mdadm \"${pkgs.mdadm}/sbin/mdadm \ --replace \"/sbin/mdadm \"${pkgs.mdadm}/sbin/mdadm \
--replace \"/sbin/blkid \"${pkgs.utillinux}/sbin/blkid \ --replace \"/sbin/blkid \"${pkgs.utillinux}/sbin/blkid \
--replace \"/bin/mount \"${pkgs.utillinux}/bin/mount --replace \"/bin/mount \"${pkgs.utillinux}/bin/mount \
--replace /usr/bin/readlink ${pkgs.coreutils}/bin/readlink \
--replace /usr/bin/basename ${pkgs.coreutils}/bin/basename
done done
echo -n "Checking that all programs called by relative paths in udev rules exist in ${udev}/lib/udev... " echo -n "Checking that all programs called by relative paths in udev rules exist in ${udev}/lib/udev... "
@ -86,10 +94,30 @@ let
done done
echo "OK" echo "OK"
filesToFixup="$(for i in "$out"/*; do
grep -l '\B\(/usr\)\?/s\?bin' "$i" || :
done)"
if [ -n "$filesToFixup" ]; then
echo "Consider fixing the following udev rules:" echo "Consider fixing the following udev rules:"
echo "$filesToFixup" | while read localFile; do
remoteFile="origin unknown"
for i in ${toString cfg.packages}; do for i in ${toString cfg.packages}; do
grep -l '\(RUN+\|IMPORT{program}\)="\(/usr\)\?/s\?bin' $i/*/udev/rules.d/* || true for j in "$i"/*/udev/rules.d/*; do
[ -e "$out/$(basename "$j")" ] || continue
[ "$(basename "$j")" = "$(basename "$localFile")" ] || continue
remoteFile="originally from $j"
break 2
done done
done
refs="$(
grep -o '\B\(/usr\)\?/s\?bin/[^ "]\+' "$localFile" \
| sed -e ':r;N;''${s/\n/ and /;br};s/\n/, /g;br'
)"
echo "$localFile ($remoteFile) contains references to $refs."
done
exit 1
fi
${optionalString config.networking.usePredictableInterfaceNames '' ${optionalString config.networking.usePredictableInterfaceNames ''
cp ${./80-net-setup-link.rules} $out/80-net-setup-link.rules cp ${./80-net-setup-link.rules} $out/80-net-setup-link.rules
@ -104,6 +132,27 @@ let
''; # */ ''; # */
}; };
hwdbBin = stdenv.mkDerivation {
name = "hwdb.bin";
preferLocalBuild = true;
allowSubstitutes = false;
buildCommand = ''
mkdir -p etc/udev/hwdb.d
for i in ${toString ([udev] ++ cfg.packages)}; do
echo "Adding hwdb files for package $i"
for j in $i/{etc,lib}/udev/hwdb.d/*; do
ln -s $j etc/udev/hwdb.d/$(basename $j)
done
done
echo "Generating hwdb database..."
${udev}/bin/udevadm hwdb --update --root=$(pwd)
mv etc/udev/hwdb.bin $out
'';
};
# Udev has a 512-character limit for ENV{PATH}, so create a symlink # Udev has a 512-character limit for ENV{PATH}, so create a symlink
# tree to work around this. # tree to work around this.
udevPath = pkgs.buildEnv { udevPath = pkgs.buildEnv {
@ -168,6 +217,21 @@ in
''; '';
}; };
extraHwdb = mkOption {
default = "";
example = ''
evdev:input:b0003v05AFp8277*
KEYBOARD_KEY_70039=leftalt
KEYBOARD_KEY_700e2=leftctrl
'';
type = types.lines;
description = ''
Additional <command>hwdb</command> files. They'll be written
into file <filename>10-local.hwdb</filename>. Thus they are
read before all other files.
'';
};
}; };
hardware.firmware = mkOption { hardware.firmware = mkOption {
@ -216,7 +280,7 @@ in
services.udev.extraRules = nixosRules; services.udev.extraRules = nixosRules;
services.udev.packages = [ extraUdevRules ]; services.udev.packages = [ extraUdevRules extraHwdbFile ];
services.udev.path = [ pkgs.coreutils pkgs.gnused pkgs.gnugrep pkgs.utillinux udev ]; services.udev.path = [ pkgs.coreutils pkgs.gnused pkgs.gnugrep pkgs.utillinux udev ];
@ -224,6 +288,9 @@ in
[ { source = udevRules; [ { source = udevRules;
target = "udev/rules.d"; target = "udev/rules.d";
} }
{ source = hwdbBin;
target = "udev/hwdb.bin";
}
]; ];
system.requiredKernelConfig = with config.lib.kernelConfig; [ system.requiredKernelConfig = with config.lib.kernelConfig; [
@ -241,13 +308,6 @@ in
echo "" > /proc/sys/kernel/hotplug echo "" > /proc/sys/kernel/hotplug
fi fi
# Regenerate the hardware database /var/lib/udev/hwdb.bin
# whenever systemd changes.
if [ ! -e /var/lib/udev/prev-systemd -o "$(readlink /var/lib/udev/prev-systemd)" != ${config.systemd.package} ]; then
echo "regenerating udev hardware database..."
${config.systemd.package}/bin/udevadm hwdb --update && ln -sfn ${config.systemd.package} /var/lib/udev/prev-systemd
fi
# Allow the kernel to find our firmware. # Allow the kernel to find our firmware.
if [ -e /sys/module/firmware_class/parameters/path ]; then if [ -e /sys/module/firmware_class/parameters/path ]; then
echo -n "${config.hardware.firmware}/lib/firmware" > /sys/module/firmware_class/parameters/path echo -n "${config.hardware.firmware}/lib/firmware" > /sys/module/firmware_class/parameters/path
@ -256,6 +316,7 @@ in
systemd.services.systemd-udevd = systemd.services.systemd-udevd =
{ environment.MODULE_DIR = "/run/booted-system/kernel-modules/lib/modules"; { environment.MODULE_DIR = "/run/booted-system/kernel-modules/lib/modules";
restartTriggers = cfg.packages;
}; };
}; };

6
nixos/modules/services/logging/logstash.nix
View File

@ -85,7 +85,7 @@ in
type = types.lines; type = types.lines;
default = ''stdin { type => "example" }''; default = ''stdin { type => "example" }'';
description = "Logstash input configuration."; description = "Logstash input configuration.";
example = '' example = literalExample ''
# Read from journal # Read from journal
pipe { pipe {
command => "''${pkgs.systemd}/bin/journalctl -f -o json" command => "''${pkgs.systemd}/bin/journalctl -f -o json"
@ -98,7 +98,7 @@ in
type = types.lines; type = types.lines;
default = ''noop {}''; default = ''noop {}'';
description = "logstash filter configuration."; description = "logstash filter configuration.";
example = '' example = literalExample ''
if [type] == "syslog" { if [type] == "syslog" {
# Keep only relevant systemd fields # Keep only relevant systemd fields
# http://www.freedesktop.org/software/systemd/man/systemd.journal-fields.html # http://www.freedesktop.org/software/systemd/man/systemd.journal-fields.html
@ -114,7 +114,7 @@ in
outputConfig = mkOption { outputConfig = mkOption {
type = types.lines; type = types.lines;
default = ''stdout { debug => true debug_format => "json"}''; default = literalExample ''stdout { debug => true debug_format => "json"}'';
description = "Logstash output configuration."; description = "Logstash output configuration.";
example = '' example = ''
redis { host => "localhost" data_type => "list" key => "logstash" codec => json } redis { host => "localhost" data_type => "list" key => "logstash" codec => json }

1
nixos/modules/services/mail/dovecot.nix
View File

@ -13,6 +13,7 @@ let
'' ''
base_dir = ${baseDir} base_dir = ${baseDir}
protocols = ${concatStringsSep " " cfg.protocols} protocols = ${concatStringsSep " " cfg.protocols}
sendmail_path = /var/setuid-wrappers/sendmail
'' ''
(if isNull cfg.sslServerCert then '' (if isNull cfg.sslServerCert then ''

5
nixos/modules/services/mail/dspam.nix
View File

@ -109,6 +109,9 @@ in {
Group = cfg.group; Group = cfg.group;
RuntimeDirectory = optional (cfg.domainSocket == defaultSock) "dspam"; RuntimeDirectory = optional (cfg.domainSocket == defaultSock) "dspam";
PermissionsStartOnly = true; PermissionsStartOnly = true;
# DSPAM segfaults on just about every error
Restart = "on-failure";
RestartSec = "1s";
}; };
preStart = '' preStart = ''
@ -136,7 +139,7 @@ in {
restartTriggers = [ cfgfile ]; restartTriggers = [ cfgfile ];
serviceConfig = { serviceConfig = {
ExecStart = "${dspam}/bin/dspam_maintenance"; ExecStart = "${dspam}/bin/dspam_maintenance --verbose";
Type = "oneshot"; Type = "oneshot";
User = cfg.user; User = cfg.user;
Group = cfg.group; Group = cfg.group;

21
nixos/modules/services/mail/opensmtpd.nix
View File

@ -9,6 +9,11 @@ let
conf = writeText "smtpd.conf" cfg.serverConfiguration; conf = writeText "smtpd.conf" cfg.serverConfiguration;
args = concatStringsSep " " cfg.extraServerArgs; args = concatStringsSep " " cfg.extraServerArgs;
sendmail = pkgs.runCommand "opensmtpd-sendmail" {} ''
mkdir -p $out/bin
ln -s ${opensmtpd}/sbin/smtpctl $out/bin/sendmail
'';
in { in {
###### interface ###### interface
@ -23,6 +28,15 @@ in {
description = "Whether to enable the OpenSMTPD server."; description = "Whether to enable the OpenSMTPD server.";
}; };
addSendmailToSystemPath = mkOption {
type = types.bool;
default = true;
description = ''
Whether to add OpenSMTPD's sendmail binary to the
system path or not.
'';
};
extraServerArgs = mkOption { extraServerArgs = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
default = []; default = [];
@ -64,7 +78,7 @@ in {
###### implementation ###### implementation
config = mkIf config.services.opensmtpd.enable { config = mkIf cfg.enable {
users.extraGroups = { users.extraGroups = {
smtpd.gid = config.ids.gids.smtpd; smtpd.gid = config.ids.gids.smtpd;
smtpq.gid = config.ids.gids.smtpq; smtpq.gid = config.ids.gids.smtpq;
@ -98,9 +112,6 @@ in {
environment.OPENSMTPD_PROC_PATH = "${procEnv}/libexec/opensmtpd"; environment.OPENSMTPD_PROC_PATH = "${procEnv}/libexec/opensmtpd";
}; };
environment.systemPackages = [ (pkgs.runCommand "opensmtpd-sendmail" {} '' environment.systemPackages = mkIf cfg.addSendmailToSystemPath [ sendmail ];
mkdir -p $out/bin
ln -s ${opensmtpd}/sbin/smtpctl $out/bin/sendmail
'') ];
}; };
} }

32
nixos/modules/services/mail/postfix.nix
View File

@ -13,6 +13,18 @@ let
haveTransport = cfg.transport != ""; haveTransport = cfg.transport != "";
haveVirtual = cfg.virtual != ""; haveVirtual = cfg.virtual != "";
clientAccess =
if (cfg.dnsBlacklistOverrides != "")
then [ "check_client_access hash:/etc/postfix/client_access" ]
else [];
dnsBl =
if (cfg.dnsBlacklists != [])
then [ (concatStringsSep ", " (map (s: "reject_rbl_client " + s) cfg.dnsBlacklists)) ]
else [];
clientRestrictions = concatStringsSep ", " (clientAccess ++ dnsBl);
mainCf = mainCf =
'' ''
compatibility_level = 2 compatibility_level = 2
@ -104,6 +116,9 @@ let
+ optionalString haveVirtual '' + optionalString haveVirtual ''
virtual_alias_maps = hash:/etc/postfix/virtual virtual_alias_maps = hash:/etc/postfix/virtual
'' ''
+ optionalString (cfg.dnsBlacklists != []) ''
smtpd_client_restrictions = ${clientRestrictions}
''
+ cfg.extraConfig; + cfg.extraConfig;
masterCf = '' masterCf = ''
@ -161,6 +176,7 @@ let
aliasesFile = pkgs.writeText "postfix-aliases" aliases; aliasesFile = pkgs.writeText "postfix-aliases" aliases;
virtualFile = pkgs.writeText "postfix-virtual" cfg.virtual; virtualFile = pkgs.writeText "postfix-virtual" cfg.virtual;
checkClientAccessFile = pkgs.writeText "postfix-check-client-access" cfg.dnsBlacklistOverrides;
mainCfFile = pkgs.writeText "postfix-main.cf" mainCf; mainCfFile = pkgs.writeText "postfix-main.cf" mainCf;
masterCfFile = pkgs.writeText "postfix-master.cf" masterCf; masterCfFile = pkgs.writeText "postfix-master.cf" masterCf;
transportFile = pkgs.writeText "postfix-transport" cfg.transport; transportFile = pkgs.writeText "postfix-transport" cfg.transport;
@ -366,6 +382,17 @@ in
"; ";
}; };
dnsBlacklists = mkOption {
default = [];
type = with types; listOf string;
description = "dns blacklist servers to use with smtpd_client_restrictions";
};
dnsBlacklistOverrides = mkOption {
default = "";
description = "contents of check_client_access for overriding dnsBlacklists";
};
extraMasterConf = mkOption { extraMasterConf = mkOption {
type = types.lines; type = types.lines;
default = ""; default = "";
@ -461,7 +488,7 @@ in
rm -rf /var/lib/postfix/conf rm -rf /var/lib/postfix/conf
mkdir -p /var/lib/postfix/conf mkdir -p /var/lib/postfix/conf
chmod 0755 /var/lib/postfix/conf chmod 0755 /var/lib/postfix/conf
ln -sf ${pkgs.postfix}/etc/postfix/postfix-files ln -sf ${pkgs.postfix}/etc/postfix/postfix-files /var/lib/postfix/conf/postfix-files
ln -sf ${mainCfFile} /var/lib/postfix/conf/main.cf ln -sf ${mainCfFile} /var/lib/postfix/conf/main.cf
ln -sf ${masterCfFile} /var/lib/postfix/conf/master.cf ln -sf ${masterCfFile} /var/lib/postfix/conf/master.cf
@ -494,6 +521,9 @@ in
(mkIf haveVirtual { (mkIf haveVirtual {
services.postfix.mapFiles."virtual" = virtualFile; services.postfix.mapFiles."virtual" = virtualFile;
}) })
(mkIf (cfg.dnsBlacklists != []) {
services.postfix.mapFiles."client_access" = checkClientAccessFile;
})
]); ]);
} }

6
nixos/modules/services/mail/postsrsd.nix
View File

@ -95,7 +95,11 @@ in {
preStart = '' preStart = ''
if [ ! -e "${cfg.secretsFile}" ]; then if [ ! -e "${cfg.secretsFile}" ]; then
echo "WARNING: secrets file not found, autogenerating!" echo "WARNING: secrets file not found, autogenerating!"
mkdir -p -m750 "$(dirname "${cfg.secretsFile}")" DIR="$(dirname "${cfg.secretsFile}")"
if [ ! -d "$DIR" ]; then
mkdir -p -m750 "$DIR"
chown "${cfg.user}:${cfg.group}" "$DIR"
fi
dd if=/dev/random bs=18 count=1 | base64 > "${cfg.secretsFile}" dd if=/dev/random bs=18 count=1 | base64 > "${cfg.secretsFile}"
chmod 600 "${cfg.secretsFile}" chmod 600 "${cfg.secretsFile}"
fi fi

1
nixos/modules/services/misc/gitit.nix
View File

@ -35,7 +35,6 @@ let
}; };
haskellPackages = mkOption { haskellPackages = mkOption {
type = types.attrsOf types.package;
default = pkgs.haskellPackages; default = pkgs.haskellPackages;
defaultText = "pkgs.haskellPackages"; defaultText = "pkgs.haskellPackages";
example = literalExample "pkgs.haskell.packages.ghc784"; example = literalExample "pkgs.haskell.packages.ghc784";

2
nixos/modules/services/misc/sundtek.nix
View File

@ -23,7 +23,7 @@ in
Type = "oneshot"; Type = "oneshot";
ExecStart = '' ExecStart = ''
${pkgs.sundtek}/bin/mediasrv -d -v -p ${pkgs.sundtek}/bin ;\ ${pkgs.sundtek}/bin/mediasrv -d -v -p ${pkgs.sundtek}/bin ;\
${pkgs.sundtek}/bin/mediaclient --start=5 --wait-for-devices ${pkgs.sundtek}/bin/mediaclient --start --wait-for-devices
''; '';
ExecStop = "${pkgs.sundtek}/bin/mediaclient --shutdown"; ExecStop = "${pkgs.sundtek}/bin/mediaclient --shutdown";
RemainAfterExit = true; RemainAfterExit = true;

6
nixos/modules/services/networking/connman.nix
View File

@ -53,13 +53,13 @@ in {
config = mkIf cfg.enable { config = mkIf cfg.enable {
assertions = [{ assertions = [{
assertion = config.networking.useDHCP == false; assertion = !config.networking.useDHCP;
message = "You can not use services.networking.connman with services.networking.useDHCP"; message = "You can not use services.networking.connman with services.networking.useDHCP";
}{ }{
assertion = config.networking.wireless.enable == true; assertion = config.networking.wireless.enable;
message = "You must use services.networking.connman with services.networking.wireless"; message = "You must use services.networking.connman with services.networking.wireless";
}{ }{
assertion = config.networking.networkmanager.enable == false; assertion = !config.networking.networkmanager.enable;
message = "You can not use services.networking.connman with services.networking.networkmanager"; message = "You can not use services.networking.connman with services.networking.networkmanager";
}]; }];

240
nixos/modules/services/networking/i2pd.nix
View File

@ -12,21 +12,69 @@ let
toOneZero = b: if b then "1" else "0"; toOneZero = b: if b then "1" else "0";
mkEndpointOpt = name: addr: port: {
name = mkOption {
type = types.str;
default = name;
description = "The endpoint name.";
};
address = mkOption {
type = types.str;
default = addr;
description = "Bind address for ${name} endpoint. Default: " + addr;
};
port = mkOption {
type = types.int;
default = port;
description = "Bind port for ${name} endoint. Default: " + toString port;
};
};
commonTunOpts = let
i2cpOpts = {
length = mkOption {
type = types.int;
description = "Guaranteed minimum hops.";
default = 3;
};
quantity = mkOption {
type = types.int;
description = "Number of simultaneous tunnels.";
default = 5;
};
};
in name: {
outbound = i2cpOpts;
inbound = i2cpOpts;
crypto.tagsToSend = mkOption {
type = types.int;
description = "Number of ElGamal/AES tags to send.";
default = 40;
};
destination = mkOption {
type = types.str;
description = "Remote endpoint, I2P hostname or b32.i2p address.";
};
keys = mkOption {
type = types.str;
default = name + "-keys.dat";
description = "Keyset used for tunnel identity.";
};
} // mkEndpointOpt name "127.0.0.1" 0;
i2pdConf = pkgs.writeText "i2pd.conf" '' i2pdConf = pkgs.writeText "i2pd.conf" ''
v6 = ${toOneZero cfg.enableIPv6} ipv6 = ${toOneZero cfg.enableIPv6}
unreachable = ${toOneZero cfg.unreachable} notransit = ${toOneZero cfg.notransit}
floodfill = ${toOneZero cfg.floodfill} floodfill = ${toOneZero cfg.floodfill}
${if isNull cfg.port then "" else "port = ${toString cfg.port}"} ${if isNull cfg.port then "" else "port = ${toString cfg.port}"}
httpproxyport = ${toString cfg.proxy.httpPort} ${flip concatMapStrings
socksproxyport = ${toString cfg.proxy.socksPort} (collect (proto: proto ? port && proto ? address && proto ? name) cfg.proto)
ircaddress = ${cfg.irc.host} (proto: let portStr = toString proto.port; in ''
ircport = ${toString cfg.irc.port} [${proto.name}]
ircdest = ${cfg.irc.dest} address = ${proto.address}
irckeys = ${cfg.irc.keyFile} port = ${toString proto.port}
eepport = ${toString cfg.eep.port} '')
${if isNull cfg.sam.port then "" else "--samport=${toString cfg.sam.port}"} }
eephost = ${cfg.eep.host}
eepkeys = ${cfg.eep.keyFile}
''; '';
i2pdTunnelConf = pkgs.writeText "i2pd-tunnels.conf" '' i2pdTunnelConf = pkgs.writeText "i2pd-tunnels.conf" ''
@ -39,10 +87,15 @@ let
keys = ${tun.keys} keys = ${tun.keys}
address = ${tun.address} address = ${tun.address}
port = ${toString tun.port} port = ${toString tun.port}
inbound.length = ${toString tun.inbound.length}
outbound.length = ${toString tun.outbound.length}
inbound.quantity = ${toString tun.inbound.quantity}
outbound.quantity = ${toString tun.outbound.quantity}
crypto.tagsToSend = ${toString tun.crypto.tagsToSend}
'') '')
} }
${flip concatMapStrings ${flip concatMapStrings
(collect (tun: tun ? port && tun ? host) cfg.outTunnels) (collect (tun: tun ? port && tun ? host) cfg.inTunnels)
(tun: let portStr = toString tun.port; in '' (tun: let portStr = toString tun.port; in ''
[${tun.name}] [${tun.name}]
type = server type = server
@ -59,10 +112,10 @@ let
i2pdSh = pkgs.writeScriptBin "i2pd" '' i2pdSh = pkgs.writeScriptBin "i2pd" ''
#!/bin/sh #!/bin/sh
${if isNull cfg.extIp then extip else ""} ${if isNull cfg.extIp then extip else ""}
${pkgs.i2pd}/bin/i2pd --log=1 --daemon=0 --service=0 \ ${pkgs.i2pd}/bin/i2pd --log=1 \
--host=${if isNull cfg.extIp then "$EXTIP" else cfg.extIp} \ --host=${if isNull cfg.extIp then "$EXTIP" else cfg.extIp} \
--conf=${i2pdConf} \ --conf=${i2pdConf} \
--tunnelscfg=${i2pdTunnelConf} --tunconf=${i2pdTunnelConf}
''; '';
in in
@ -91,11 +144,11 @@ in
''; '';
}; };
unreachable = mkOption { notransit = mkOption {
type = types.bool; type = types.bool;
default = false; default = false;
description = '' description = ''
If the router is declared to be unreachable and needs introduction nodes. Tells the router to not accept transit tunnels during startup.
''; '';
}; };
@ -123,135 +176,24 @@ in
''; '';
}; };
http = { proto.http = mkEndpointOpt "http" "127.0.0.1" 7070;
port = mkOption { proto.sam = mkEndpointOpt "sam" "127.0.0.1" 7656;
type = types.int; proto.bob = mkEndpointOpt "bob" "127.0.0.1" 2827;
default = 7070; proto.i2pControl = mkEndpointOpt "i2pcontrol" "127.0.0.1" 7650;
description = '' proto.httpProxy = mkEndpointOpt "httpproxy" "127.0.0.1" 4446;
HTTP listen port. proto.socksProxy = mkEndpointOpt "socksproxy" "127.0.0.1" 4447;
'';
};
};
proxy = {
httpPort = mkOption {
type = types.int;
default = 4446;
description = ''
HTTP proxy listen port.
'';
};
socksPort = mkOption {
type = types.int;
default = 4447;
description = ''
SOCKS proxy listen port.
'';
};
};
irc = {
host = mkOption {
type = types.str;
default = "127.0.0.1";
description = ''
Address to forward incoming traffic to. 127.0.0.1 by default.
'';
};
dest = mkOption {
type = types.str;
default = "irc.postman.i2p";
description = ''
Destination I2P tunnel endpoint address of IRC server. irc.postman.i2p by default.
'';
};
port = mkOption {
type = types.int;
default = 6668;
description = ''
Local IRC tunnel endoint port to listen on. 6668 by default.
'';
};
keyFile = mkOption {
type = types.str;
default = "privKeys.dat";
description = ''
File name containing destination keys. privKeys.dat by default.
'';
};
};
eep = {
host = mkOption {
type = types.str;
default = "127.0.0.1";
description = ''
Address to forward incoming traffic to. 127.0.0.1 by default.
'';
};
port = mkOption {
type = types.int;
default = 80;
description = ''
Port to forward incoming traffic to. 80 by default.
'';
};
keyFile = mkOption {
type = types.str;
default = "privKeys.dat";
description = ''
File name containing destination keys. privKeys.dat by default.
'';
};
};
sam = {
port = mkOption {
type = with types; nullOr int;
default = null;
description = ''
Local SAM tunnel endpoint. Usually 7656. SAM is disabled if not specified.
'';
};
};
outTunnels = mkOption { outTunnels = mkOption {
default = {}; default = {};
type = with types; loaOf optionSet; type = with types; loaOf optionSet;
description = '' description = ''
Connect to someone as a client and establish a local accept endpoint
''; '';
options = [ ({ name, config, ... }: { options = [ ({ name, config, ... }: {
options = commonTunOpts name;
options = {
name = mkOption {
type = types.str;
description = "The name of the tunnel.";
};
destination = mkOption {
type = types.str;
description = "Remote endpoint, I2P hostname or b32.i2p address.";
};
keys = mkOption {
type = types.str;
default = name + "-keys.dat";
description = "Keyset used for tunnel identity.";
};
address = mkOption {
type = types.str;
default = "127.0.0.1";
description = "Local bind address for tunnel.";
};
port = mkOption {
type = types.int;
default = 0;
description = "Local tunnel listen port.";
};
};
config = { config = {
name = mkDefault name; name = mkDefault name;
}; };
}) ]; }) ];
}; };
@ -259,42 +201,22 @@ in
default = {}; default = {};
type = with types; loaOf optionSet; type = with types; loaOf optionSet;
description = '' description = ''
Serve something on I2P network at port and delegate requests to address inPort.
''; '';
options = [ ({ name, config, ... }: { options = [ ({ name, config, ... }: {
options = { options = {
name = mkOption {
type = types.str;
description = "The name of the tunnel.";
};
keys = mkOption {
type = types.path;
default = name + "-keys.dat";
description = "Keyset used for tunnel identity.";
};
address = mkOption {
type = types.str;
default = "127.0.0.1";
description = "Local service IP address.";
};
port = mkOption {
type = types.int;
default = 0;
description = "Local tunnel listen port.";
};
inPort = mkOption { inPort = mkOption {
type = types.int; type = types.int;
default = 0; default = 0;
description = "I2P service port. Default to the tunnel's listen port."; description = "Service port. Default to the tunnel's listen port.";
}; };
accessList = mkOption { accessList = mkOption {
type = with types; listOf str; type = with types; listOf str;
default = []; default = [];
description = "I2P nodes that are allowed to connect to this service."; description = "I2P nodes that are allowed to connect to this service.";
}; };
} // commonTunOpts name;
};
config = { config = {
name = mkDefault name; name = mkDefault name;

13
nixos/modules/services/networking/ssh/sshd.nix
View File

@ -52,6 +52,8 @@ let
)); ));
in listToAttrs (map mkAuthKeyFile usersWithKeys); in listToAttrs (map mkAuthKeyFile usersWithKeys);
supportOldHostKeys = !versionAtLeast config.system.stateVersion "15.07";
in in
{ {
@ -177,7 +179,7 @@ in
default = default =
[ { type = "rsa"; bits = 4096; path = "/etc/ssh/ssh_host_rsa_key"; } [ { type = "rsa"; bits = 4096; path = "/etc/ssh/ssh_host_rsa_key"; }
{ type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; } { type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; }
] ++ optionals (!versionAtLeast config.system.stateVersion "15.07") ] ++ optionals supportOldHostKeys
[ { type = "dsa"; path = "/etc/ssh/ssh_host_dsa_key"; } [ { type = "dsa"; path = "/etc/ssh/ssh_host_dsa_key"; }
{ type = "ecdsa"; bits = 521; path = "/etc/ssh/ssh_host_ecdsa_key"; } { type = "ecdsa"; bits = 521; path = "/etc/ssh/ssh_host_ecdsa_key"; }
]; ];
@ -347,6 +349,15 @@ in
${flip concatMapStrings cfg.hostKeys (k: '' ${flip concatMapStrings cfg.hostKeys (k: ''
HostKey ${k.path} HostKey ${k.path}
'')} '')}
# Allow DSA client keys for now. (These were deprecated
# in OpenSSH 7.0.)
PubkeyAcceptedKeyTypes +ssh-dss
# Re-enable DSA host keys for now.
${optionalString supportOldHostKeys ''
HostKeyAlgorithms +ssh-dss
''}
''; '';
assertions = [{ assertion = if cfg.forwardX11 then cfgc.setXAuthLocation else true; assertions = [{ assertion = if cfg.forwardX11 then cfgc.setXAuthLocation else true;

12
nixos/modules/services/networking/tinc.nix
View File

@ -95,6 +95,16 @@ in
''; '';
}; };
chroot = mkOption {
default = true;
type = types.bool;
description = ''
Change process root directory to the directory where the config file is located (/etc/tinc/netname/), for added security.
The chroot is performed after all the initialization is done, after writing pid files and opening network sockets.
Note that tinc can't run scripts anymore (such as tinc-down or host-up), unless it is setup to be runnable inside chroot environment.
'';
};
}; };
}; };
}; };
@ -166,7 +176,7 @@ in
fi fi
''; '';
script = '' script = ''
tincd -D -U tinc.${network} -n ${network} --pidfile /run/tinc.${network}.pid -d ${toString data.debugLevel} tincd -D -U tinc.${network} -n ${network} ${optionalString (data.chroot) "-R"} --pidfile /run/tinc.${network}.pid -d ${toString data.debugLevel}
''; '';
}) })
); );

2
nixos/modules/services/networking/unifi.nix
View File

@ -61,6 +61,8 @@ in
partOf = systemdMountPoints; partOf = systemdMountPoints;
bindsTo = systemdMountPoints; bindsTo = systemdMountPoints;
unitConfig.RequiresMountsFor = stateDir; unitConfig.RequiresMountsFor = stateDir;
# This a HACK to fix missing dependencies of dynamic libs extracted from jars
environment.LD_LIBRARY_PATH = with pkgs.stdenv; "${cc.cc}/lib";
preStart = '' preStart = ''
# Ensure privacy of state # Ensure privacy of state

28
nixos/modules/services/networking/wpa_supplicant.nix
View File

@ -8,11 +8,15 @@ let
${optionalString cfg.userControlled.enable '' ${optionalString cfg.userControlled.enable ''
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=${cfg.userControlled.group} ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=${cfg.userControlled.group}
update_config=1''} update_config=1''}
${concatStringsSep "\n" (mapAttrsToList (ssid: networkConfig: '' ${concatStringsSep "\n" (mapAttrsToList (ssid: networkConfig: let
psk = if networkConfig.psk != null
then ''"${networkConfig.psk}"''
else networkConfig.pskRaw;
in ''
network={ network={
ssid="${ssid}" ssid="${ssid}"
${optionalString (networkConfig.psk != null) ''psk="${networkConfig.psk}"''} ${optionalString (psk != null) ''psk=${psk}''}
${optionalString (networkConfig.psk == null) ''key_mgmt=NONE''} ${optionalString (psk == null) ''key_mgmt=NONE''}
} }
'') cfg.networks)} '') cfg.networks)}
'' else "/etc/wpa_supplicant.conf"; '' else "/etc/wpa_supplicant.conf";
@ -49,6 +53,19 @@ in {
Be aware that these will be written to the nix store Be aware that these will be written to the nix store
in plaintext! in plaintext!
Mutually exclusive with <varname>pskRaw</varname>.
'';
};
pskRaw = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
The network's pre-shared key in hex defaulting
to being a network without any authentication.
Mutually exclusive with <varname>psk</varname>.
''; '';
}; };
}; };
@ -95,6 +112,11 @@ in {
config = mkMerge [ config = mkMerge [
(mkIf cfg.enable { (mkIf cfg.enable {
assertions = flip mapAttrsToList cfg.networks (name: cfg: {
assertion = cfg.psk == null || cfg.pskRaw == null;
message = ''networking.wireless."${name}".psk and networking.wireless."${name}".pskRaw are mutually exclusive'';
});
environment.systemPackages = [ pkgs.wpa_supplicant ]; environment.systemPackages = [ pkgs.wpa_supplicant ];
services.dbus.packages = [ pkgs.wpa_supplicant ]; services.dbus.packages = [ pkgs.wpa_supplicant ];

13
nixos/modules/services/search/elasticsearch.nix
View File

@ -9,6 +9,8 @@ let
network.host: ${cfg.listenAddress} network.host: ${cfg.listenAddress}
network.port: ${toString cfg.port} network.port: ${toString cfg.port}
network.tcp.port: ${toString cfg.tcp_port} network.tcp.port: ${toString cfg.tcp_port}
# TODO: find a way to enable security manager
security.manager.enabled: false
cluster.name: ${cfg.cluster_name} cluster.name: ${cfg.cluster_name}
${cfg.extraConf} ${cfg.extraConf}
''; '';
@ -39,8 +41,8 @@ in {
package = mkOption { package = mkOption {
description = "Elasticsearch package to use."; description = "Elasticsearch package to use.";
default = pkgs.elasticsearch; default = pkgs.elasticsearch2;
defaultText = "pkgs.elasticsearch"; defaultText = "pkgs.elasticsearch2";
type = types.package; type = types.package;
}; };
@ -129,7 +131,9 @@ in {
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
after = [ "network-interfaces.target" ]; after = [ "network-interfaces.target" ];
path = [ pkgs.inetutils ]; path = [ pkgs.inetutils ];
environment = { ES_HOME = cfg.dataDir; }; environment = {
ES_HOME = cfg.dataDir;
};
serviceConfig = { serviceConfig = {
ExecStart = "${cfg.package}/bin/elasticsearch -Des.path.conf=${configDir} ${toString cfg.extraCmdLineOptions}"; ExecStart = "${cfg.package}/bin/elasticsearch -Des.path.conf=${configDir} ${toString cfg.extraCmdLineOptions}";
User = "elasticsearch"; User = "elasticsearch";
@ -137,10 +141,11 @@ in {
}; };
preStart = '' preStart = ''
mkdir -m 0700 -p ${cfg.dataDir} mkdir -m 0700 -p ${cfg.dataDir}
if [ "$(id -u)" = 0 ]; then chown -R elasticsearch ${cfg.dataDir}; fi
# Install plugins # Install plugins
ln -sfT ${esPlugins}/plugins ${cfg.dataDir}/plugins ln -sfT ${esPlugins}/plugins ${cfg.dataDir}/plugins
ln -sfT ${cfg.package}/lib ${cfg.dataDir}/lib
if [ "$(id -u)" = 0 ]; then chown -R elasticsearch ${cfg.dataDir}; fi
''; '';
postStart = mkBefore '' postStart = mkBefore ''
until ${pkgs.curl.bin}/bin/curl -s -o /dev/null ${cfg.listenAddress}:${toString cfg.port}; do until ${pkgs.curl.bin}/bin/curl -s -o /dev/null ${cfg.listenAddress}:${toString cfg.port}; do

53
nixos/modules/services/search/kibana.nix
View File

@ -7,37 +7,33 @@ let
cfgFile = pkgs.writeText "kibana.json" (builtins.toJSON ( cfgFile = pkgs.writeText "kibana.json" (builtins.toJSON (
(filterAttrsRecursive (n: v: v != null) ({ (filterAttrsRecursive (n: v: v != null) ({
server = {
host = cfg.listenAddress; host = cfg.listenAddress;
port = cfg.port; port = cfg.port;
ssl = { ssl_cert_file = cfg.cert;
cert = cfg.cert; ssl_key_file = cfg.key;
key = cfg.key;
};
};
kibana = { kibana_index = cfg.index;
index = cfg.index; default_app_id = cfg.defaultAppId;
defaultAppId = cfg.defaultAppId;
};
elasticsearch = { elasticsearch_url = cfg.elasticsearch.url;
url = cfg.elasticsearch.url; kibana_elasticsearch_username = cfg.elasticsearch.username;
username = cfg.elasticsearch.username; kibana_elasticsearch_password = cfg.elasticsearch.password;
password = cfg.elasticsearch.password; kibana_elasticsearch_cert = cfg.elasticsearch.cert;
ssl = { kibana_elasticsearch_key = cfg.elasticsearch.key;
cert = cfg.elasticsearch.cert;
key = cfg.elasticsearch.key;
ca = cfg.elasticsearch.ca; ca = cfg.elasticsearch.ca;
};
};
logging = { bundled_plugin_ids = [
verbose = cfg.logLevel == "verbose"; "plugins/dashboard/index"
quiet = cfg.logLevel == "quiet"; "plugins/discover/index"
silent = cfg.logLevel == "silent"; "plugins/doc/index"
dest = "stdout"; "plugins/kibana/index"
}; "plugins/markdown_vis/index"
"plugins/metric_vis/index"
"plugins/settings/index"
"plugins/table_vis/index"
"plugins/vis_types/index"
"plugins/visualize/index"
];
} // cfg.extraConf) } // cfg.extraConf)
))); )));
in { in {
@ -118,12 +114,6 @@ in {
}; };
}; };
logLevel = mkOption {
description = "Kibana log level";
default = "normal";
type = types.enum ["verbose" "normal" "silent" "quiet"];
};
package = mkOption { package = mkOption {
description = "Kibana package to use"; description = "Kibana package to use";
default = pkgs.kibana; default = pkgs.kibana;
@ -149,6 +139,7 @@ in {
description = "Kibana Service"; description = "Kibana Service";
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
after = [ "network-interfaces.target" "elasticsearch.service" ]; after = [ "network-interfaces.target" "elasticsearch.service" ];
environment = { BABEL_CACHE_PATH = "${cfg.dataDir}/.babelcache.json"; };
serviceConfig = { serviceConfig = {
ExecStart = "${cfg.package}/bin/kibana --config ${cfgFile}"; ExecStart = "${cfg.package}/bin/kibana --config ${cfgFile}";
User = "kibana"; User = "kibana";

156
nixos/modules/services/security/haka.nix Normal file
View File

@ -0,0 +1,156 @@
# This module defines global configuration for Haka.
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.haka;
haka = cfg.package;
hakaConf = pkgs.writeText "haka.conf"
''
[general]
configuration = ${if lib.strings.hasPrefix "/" cfg.configFile
then "${cfg.configFile}"
else "${haka}/share/haka/sample/${cfg.configFile}"}
${optionalString (builtins.lessThan 0 cfg.threads) "thread = ${cfg.threads}"}
[packet]
${optionalString cfg.pcap ''module = "packet/pcap"''}
${optionalString cfg.nfqueue ''module = "packet/nqueue"''}
${optionalString cfg.dump.enable ''dump = "yes"''}
${optionalString cfg.dump.enable ''dump_input = "${cfg.dump.input}"''}
${optionalString cfg.dump.enable ''dump_output = "${cfg.dump.output}"''}
interfaces = "${lib.strings.concatStringsSep "," cfg.interfaces}"
[log]
# Select the log module
module = "log/syslog"
# Set the default logging level
#level = "info,packet=debug"
[alert]
# Select the alert module
module = "alert/syslog"
# Disable alert on standard output
#alert_on_stdout = no
# alert/file module option
#file = "/dev/null"
'';
in
{
###### interface
options = {
services.haka = {
enable = mkEnableOption "Haka";
package = mkOption {
default = pkgs.haka;
type = types.package;
description = "
Which Haka derivation to use.
";
};
configFile = mkOption {
default = "empty.lua";
example = "/srv/haka/myfilter.lua";
type = types.string;
description = ''
Specify which configuration file Haka uses.
It can be absolute path or a path relative to the sample directory of
the haka git repo.
'';
};
interfaces = mkOption {
default = [ "eth0" ];
example = [ "any" ];
type = with types; listOf string;
description = ''
Specify which interface(s) Haka listens to.
Use 'any' to listen to all interfaces.
'';
};
threads = mkOption {
default = 0;
example = 4;
type = types.int;
description = ''
The number of threads that will be used.
All system threads are used by default.
'';
};
pcap = mkOption {
default = true;
example = false;
type = types.bool;
description = "Whether to enable pcap";
};
nfqueue = mkEnableOption "nfqueue";
dump.enable = mkEnableOption "dump";
dump.input = mkOption {
default = "/tmp/input.pcap";
example = "/path/to/file.pcap";
type = types.path;
description = "Path to file where incoming packets are dumped";
};
dump.output = mkOption {
default = "/tmp/output.pcap";
example = "/path/to/file.pcap";
type = types.path;
description = "Path to file where outgoing packets are dumped";
};
};
};
###### implementation
config = mkIf cfg.enable {
assertions = [
{ assertion = cfg.pcap != cfg.nfqueue;
message = "either pcap or nfqueue can be enabled, not both.";
}
{ assertion = cfg.nfqueue -> !dump.enable;
message = "dump can only be used with nfqueue.";
}
{ assertion = cfg.interfaces != [];
message = "at least one interface must be specified.";
}];
environment.systemPackages = [ haka ];
systemd.services.haka = {
description = "Haka";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig = {
ExecStart = "${haka}/bin/haka -c ${hakaConf}";
ExecStop = "${haka}/bin/hakactl stop";
User = "root";
Type = "forking";
};
};
};
}

4
nixos/modules/services/web-servers/apache-httpd/mediawiki.nix
View File

@ -83,11 +83,11 @@ let
# Unpack Mediawiki and put the config file in its root directory. # Unpack Mediawiki and put the config file in its root directory.
mediawikiRoot = pkgs.stdenv.mkDerivation rec { mediawikiRoot = pkgs.stdenv.mkDerivation rec {
name= "mediawiki-1.23.9"; name= "mediawiki-1.23.13";
src = pkgs.fetchurl { src = pkgs.fetchurl {
url = "http://download.wikimedia.org/mediawiki/1.23/${name}.tar.gz"; url = "http://download.wikimedia.org/mediawiki/1.23/${name}.tar.gz";
sha256 = "1l7k4g0pgz92yvrfr52w26x740s4362v0gc95pk0i30vn2sp5bql"; sha256 = "168wpf53n4ksj2g5q5r0hxapx6238dvsfng5ff9ixk6axsn0j5d0";
}; };
skins = config.skins; skins = config.skins;

8
nixos/modules/services/x11/desktop-managers/default.nix
View File

@ -64,7 +64,13 @@ in
else if any (w: w.name == defaultDM) cfg.session.list then else if any (w: w.name == defaultDM) cfg.session.list then
defaultDM defaultDM
else else
throw "Default desktop manager ($(defaultDM)) not found."; throw ''
Default desktop manager (${defaultDM}) not found.
Probably you want to change
services.xserver.desktopManager.default = "${defaultDM}";
to one of
${concatMapStringsSep "\n " (w: "services.xserver.desktopManager.default = \"${w.name}\";") cfg.session.list}
'';
}; };
}; };

2
nixos/modules/services/x11/desktop-managers/gnome3.nix
View File

@ -64,7 +64,7 @@ in {
environment.gnome3.packageSet = mkOption { environment.gnome3.packageSet = mkOption {
type = types.nullOr types.package; type = types.nullOr types.package;
default = null; default = null;
example = literalExample "pkgs.gnome3_16"; example = literalExample "pkgs.gnome3_18";
description = "Which GNOME 3 package set to use."; description = "Which GNOME 3 package set to use.";
apply = p: if p == null then pkgs.gnome3 else p; apply = p: if p == null then pkgs.gnome3 else p;
}; };

6
nixos/modules/services/x11/desktop-managers/kde4.nix
View File

@ -108,6 +108,12 @@ in
sed -e '/nix\\store\|nix\/store/ d' -i $HOME/.config/Trolltech.conf sed -e '/nix\\store\|nix\/store/ d' -i $HOME/.config/Trolltech.conf
fi fi
# Load PulseAudio module for routing support.
# See http://colin.guthr.ie/2009/10/so-how-does-the-kde-pulseaudio-support-work-anyway/
${optionalString config.hardware.pulseaudio.enable ''
${config.hardware.pulseaudio.package}/bin/pactl load-module module-device-manager "do_routing=1"
''}
# Start KDE. # Start KDE.
exec ${kde_workspace}/bin/startkde exec ${kde_workspace}/bin/startkde
''; '';

10
nixos/modules/services/x11/desktop-managers/kde5.nix
View File

@ -55,7 +55,15 @@ in
services.xserver.desktopManager.session = singleton { services.xserver.desktopManager.session = singleton {
name = "kde5"; name = "kde5";
bgSupport = true; bgSupport = true;
start = ''exec startkde;''; start = ''
# Load PulseAudio module for routing support.
# See http://colin.guthr.ie/2009/10/so-how-does-the-kde-pulseaudio-support-work-anyway/
${optionalString config.hardware.pulseaudio.enable ''
${config.hardware.pulseaudio.package}/bin/pactl load-module module-device-manager "do_routing=1"
''}
exec startkde
'';
}; };
security.setuidOwners = singleton { security.setuidOwners = singleton {

3
nixos/modules/services/x11/display-managers/default.nix
View File

@ -83,9 +83,6 @@ let
# Publish access credentials in the root window. # Publish access credentials in the root window.
${config.hardware.pulseaudio.package.out}/bin/pactl load-module module-x11-publish "display=$DISPLAY" ${config.hardware.pulseaudio.package.out}/bin/pactl load-module module-x11-publish "display=$DISPLAY"
# Keep track of devices. Mostly useful for Phonon/KDE.
${config.hardware.pulseaudio.package.out}/bin/pactl load-module module-device-manager "do_routing=1"
''} ''}
# Tell systemd about our $DISPLAY. This is needed by the # Tell systemd about our $DISPLAY. This is needed by the

2
nixos/modules/services/x11/display-managers/lightdm.nix
View File

@ -86,7 +86,7 @@ in
}; };
background = mkOption { background = mkOption {
type = types.path; type = types.str;
description = '' description = ''
The background image or color to use. The background image or color to use.
''; '';

29
nixos/modules/services/x11/hardware/synaptics.nix
View File

@ -62,6 +62,13 @@ in {
description = "Cursor speed factor for highest-speed finger motion."; description = "Cursor speed factor for highest-speed finger motion.";
}; };
scrollDelta = mkOption {
type = types.nullOr types.int;
default = null;
example = 75;
description = "Move distance of the finger for a scroll event.";
};
twoFingerScroll = mkOption { twoFingerScroll = mkOption {
type = types.bool; type = types.bool;
default = false; default = false;
@ -122,6 +129,20 @@ in {
description = "Whether to enable palm detection (hardware support required)"; description = "Whether to enable palm detection (hardware support required)";
}; };
palmMinWidth = mkOption {
type = types.nullOr types.int;
default = null;
example = 5;
description = "Minimum finger width at which touch is considered a palm";
};
palmMinZ = mkOption {
type = types.nullOr types.int;
default = null;
example = 20;
description = "Minimum finger pressure at which touch is considered a palm";
};
horizontalScroll = mkOption { horizontalScroll = mkOption {
type = types.bool; type = types.bool;
default = true; default = true;
@ -174,8 +195,12 @@ in {
Option "HorizTwoFingerScroll" "${if cfg.horizTwoFingerScroll then "1" else "0"}" Option "HorizTwoFingerScroll" "${if cfg.horizTwoFingerScroll then "1" else "0"}"
Option "VertEdgeScroll" "${if cfg.vertEdgeScroll then "1" else "0"}" Option "VertEdgeScroll" "${if cfg.vertEdgeScroll then "1" else "0"}"
Option "HorizEdgeScroll" "${if cfg.horizEdgeScroll then "1" else "0"}" Option "HorizEdgeScroll" "${if cfg.horizEdgeScroll then "1" else "0"}"
${if cfg.palmDetect then ''Option "PalmDetect" "1"'' else ""} ${optionalString cfg.palmDetect ''Option "PalmDetect" "1"''}
${if cfg.horizontalScroll then "" else ''Option "HorizScrollDelta" "0"''} ${optionalString (cfg.palmMinWidth != null) ''Option "PalmMinWidth" "${toString cfg.palmMinWidth}"''}
${optionalString (cfg.palmMinZ != null) ''Option "PalmMinZ" "${toString cfg.palmMinZ}"''}
${optionalString (cfg.scrollDelta != null) ''Option "VertScrollDelta" "${toString cfg.scrollDelta}"''}
${if !cfg.horizontalScroll then ''Option "HorizScrollDelta" "0"''
else (optionalString (cfg.scrollDelta != null) ''Option "HorizScrollDelta" "${toString cfg.scrollDelta}"'')}
${cfg.additionalOptions} ${cfg.additionalOptions}
EndSection EndSection
''; '';

2
nixos/modules/services/x11/window-managers/i3.nix
View File

@ -34,6 +34,6 @@ in
''; '';
}]; }];
}; };
environment.systemPackages = with pkgs; [ i3 i3status dmenu ]; environment.systemPackages = with pkgs; [ i3 ];
}; };
} }

2
nixos/modules/system/activation/switch-to-configuration.pl
View File

@ -323,7 +323,7 @@ foreach my $device (keys %$prevSwaps) {
# Should we have systemd re-exec itself? # Should we have systemd re-exec itself?
my $prevSystemd = abs_path("/proc/1/exe") or die; my $prevSystemd = abs_path("/proc/1/exe") // "/unknown";
my $newSystemd = abs_path("@systemd@/lib/systemd/systemd") or die; my $newSystemd = abs_path("@systemd@/lib/systemd/systemd") or die;
my $restartSystemd = $prevSystemd ne $newSystemd; my $restartSystemd = $prevSystemd ne $newSystemd;

156
nixos/modules/system/boot/initrd-network.nix
View File

@ -3,9 +3,28 @@
with lib; with lib;
let let
cfg = config.boot.initrd.network; cfg = config.boot.initrd.network;
udhcpcScript = pkgs.writeScript "udhcp-script"
''
#! /bin/sh
if [ "$1" = bound ]; then
ip address add "$ip/$mask" dev "$interface"
if [ -n "$router" ]; then
ip route add default via "$router" dev "$interface"
fi
if [ -n "$dns" ]; then
rm -f /etc/resolv.conf
for i in $dns; do
echo "nameserver $dns" >> /etc/resolv.conf
done
fi
fi
'';
in in
{ {
options = { options = {
@ -14,82 +33,25 @@ in
type = types.bool; type = types.bool;
default = false; default = false;
description = '' description = ''
Add network connectivity support to initrd. Add network connectivity support to initrd. The network may be
configured using the <literal>ip</literal> kernel parameter,
Network options are configured via <literal>ip</literal> kernel as described in <link
option, according to the kernel documentation. xlink:href="https://www.kernel.org/doc/Documentation/filesystems/nfs/nfsroot.txt">the
kernel documentation</link>. Otherwise, if
<option>networking.useDHCP</option> is enabled, an IP address
is acquired using DHCP.
''; '';
}; };
boot.initrd.network.ssh.enable = mkOption { boot.initrd.network.postCommands = mkOption {
type = types.bool; default = "";
default = false; type = types.lines;
description = '' description = ''
Start SSH service during initrd boot. It can be used to debug failing Shell commands to be executed after stage 1 of the
boot on a remote server, enter pasphrase for an encrypted partition etc. boot has initialised the network.
Service is killed when stage-1 boot is finished.
''; '';
}; };
boot.initrd.network.ssh.port = mkOption {
type = types.int;
default = 22;
description = ''
Port on which SSH initrd service should listen.
'';
};
boot.initrd.network.ssh.shell = mkOption {
type = types.str;
default = "/bin/ash";
description = ''
Login shell of the remote user. Can be used to limit actions user can do.
'';
};
boot.initrd.network.ssh.hostRSAKey = mkOption {
type = types.nullOr types.path;
default = null;
description = ''
RSA SSH private key file in the Dropbear format.
WARNING: This key is contained insecurely in the global Nix store. Do NOT
use your regular SSH host private keys for this purpose or you'll expose
them to regular users!
'';
};
boot.initrd.network.ssh.hostDSSKey = mkOption {
type = types.nullOr types.path;
default = null;
description = ''
DSS SSH private key file in the Dropbear format.
WARNING: This key is contained insecurely in the global Nix store. Do NOT
use your regular SSH host private keys for this purpose or you'll expose
them to regular users!
'';
};
boot.initrd.network.ssh.hostECDSAKey = mkOption {
type = types.nullOr types.path;
default = null;
description = ''
ECDSA SSH private key file in the Dropbear format.
WARNING: This key is contained insecurely in the global Nix store. Do NOT
use your regular SSH host private keys for this purpose or you'll expose
them to regular users!
'';
};
boot.initrd.network.ssh.authorizedKeys = mkOption {
type = types.listOf types.str;
default = config.users.extraUsers.root.openssh.authorizedKeys.keys;
description = ''
Authorized keys for the root user on initrd.
'';
};
}; };
@ -99,18 +61,11 @@ in
boot.initrd.extraUtilsCommands = '' boot.initrd.extraUtilsCommands = ''
copy_bin_and_libs ${pkgs.mkinitcpio-nfs-utils}/bin/ipconfig copy_bin_and_libs ${pkgs.mkinitcpio-nfs-utils}/bin/ipconfig
'' + optionalString cfg.ssh.enable ''
copy_bin_and_libs ${pkgs.dropbear}/bin/dropbear
cp -pv ${pkgs.glibc.out}/lib/libnss_files.so.* $out/lib
''; '';
boot.initrd.extraUtilsCommandsTest = optionalString cfg.ssh.enable '' boot.initrd.preLVMCommands = mkBefore (
$out/bin/dropbear -V # Search for interface definitions in command line.
''; ''
boot.initrd.postEarlyDeviceCommands = ''
# Search for interface definitions in command line
for o in $(cat /proc/cmdline); do for o in $(cat /proc/cmdline); do
case $o in case $o in
ip=*) ip=*)
@ -118,32 +73,31 @@ in
;; ;;
esac esac
done done
'' + optionalString cfg.ssh.enable '' ''
if [ -n "$hasNetwork" ]; then
mkdir /dev/pts
mount -t devpts devpts /dev/pts
mkdir -p /etc # Otherwise, use DHCP.
echo 'root:x:0:0:root:/root:${cfg.ssh.shell}' > /etc/passwd + optionalString config.networking.useDHCP ''
echo '${cfg.ssh.shell}' > /etc/shells if [ -z "$hasNetwork" ]; then
echo 'passwd: files' > /etc/nsswitch.conf
mkdir -p /var/log # Bring up all interfaces.
touch /var/log/lastlog for iface in $(cd /sys/class/net && ls); do
echo "bringing up network interface $iface..."
ip link set "$iface" up
done
mkdir -p /etc/dropbear # Acquire a DHCP lease.
${optionalString (cfg.ssh.hostRSAKey != null) "ln -s ${cfg.ssh.hostRSAKey} /etc/dropbear/dropbear_rsa_host_key"} echo "acquiring IP address via DHCP..."
${optionalString (cfg.ssh.hostDSSKey != null) "ln -s ${cfg.ssh.hostDSSKey} /etc/dropbear/dropbear_dss_host_key"} udhcpc --quit --now --script ${udhcpcScript} && hasNetwork=1
${optionalString (cfg.ssh.hostECDSAKey != null) "ln -s ${cfg.ssh.hostECDSAKey} /etc/dropbear/dropbear_ecdsa_host_key"}
mkdir -p /root/.ssh
${concatStrings (map (key: ''
echo -n ${escapeShellArg key} >> /root/.ssh/authorized_keys
'') cfg.ssh.authorizedKeys)}
dropbear -s -j -k -E -m -p ${toString cfg.ssh.port}
fi fi
''; ''
+ ''
if [ -n "$hasNetwork" ]; then
echo "networking is up!"
${cfg.postCommands}
fi
'');
}; };
} }

124
nixos/modules/system/boot/initrd-ssh.nix Normal file
View File

@ -0,0 +1,124 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.boot.initrd.network.ssh;
in
{
options = {
boot.initrd.network.ssh.enable = mkOption {
type = types.bool;
default = false;
description = ''
Start SSH service during initrd boot. It can be used to debug failing
boot on a remote server, enter pasphrase for an encrypted partition etc.
Service is killed when stage-1 boot is finished.
'';
};
boot.initrd.network.ssh.port = mkOption {
type = types.int;
default = 22;
description = ''
Port on which SSH initrd service should listen.
'';
};
boot.initrd.network.ssh.shell = mkOption {
type = types.str;
default = "/bin/ash";
description = ''
Login shell of the remote user. Can be used to limit actions user can do.
'';
};
boot.initrd.network.ssh.hostRSAKey = mkOption {
type = types.nullOr types.path;
default = null;
description = ''
RSA SSH private key file in the Dropbear format.
WARNING: This key is contained insecurely in the global Nix store. Do NOT
use your regular SSH host private keys for this purpose or you'll expose
them to regular users!
'';
};
boot.initrd.network.ssh.hostDSSKey = mkOption {
type = types.nullOr types.path;
default = null;
description = ''
DSS SSH private key file in the Dropbear format.
WARNING: This key is contained insecurely in the global Nix store. Do NOT
use your regular SSH host private keys for this purpose or you'll expose
them to regular users!
'';
};
boot.initrd.network.ssh.hostECDSAKey = mkOption {
type = types.nullOr types.path;
default = null;
description = ''
ECDSA SSH private key file in the Dropbear format.
WARNING: This key is contained insecurely in the global Nix store. Do NOT
use your regular SSH host private keys for this purpose or you'll expose
them to regular users!
'';
};
boot.initrd.network.ssh.authorizedKeys = mkOption {
type = types.listOf types.str;
default = config.users.extraUsers.root.openssh.authorizedKeys.keys;
description = ''
Authorized keys for the root user on initrd.
'';
};
};
config = mkIf (config.boot.initrd.network.enable && cfg.enable) {
boot.initrd.extraUtilsCommands = ''
copy_bin_and_libs ${pkgs.dropbear}/bin/dropbear
cp -pv ${pkgs.glibc}/lib/libnss_files.so.* $out/lib
'';
boot.initrd.extraUtilsCommandsTest = ''
$out/bin/dropbear -V
'';
boot.initrd.network.postCommands = ''
mkdir /dev/pts
mount -t devpts devpts /dev/pts
echo '${cfg.shell}' > /etc/shells
echo 'root:x:0:0:root:/root:${cfg.shell}' > /etc/passwd
echo 'passwd: files' > /etc/nsswitch.conf
mkdir -p /var/log
touch /var/log/lastlog
mkdir -p /etc/dropbear
${optionalString (cfg.hostRSAKey != null) "ln -s ${cfg.hostRSAKey} /etc/dropbear/dropbear_rsa_host_key"}
${optionalString (cfg.hostDSSKey != null) "ln -s ${cfg.hostDSSKey} /etc/dropbear/dropbear_dss_host_key"}
${optionalString (cfg.hostECDSAKey != null) "ln -s ${cfg.hostECDSAKey} /etc/dropbear/dropbear_ecdsa_host_key"}
mkdir -p /root/.ssh
${concatStrings (map (key: ''
echo -n ${escapeShellArg key} >> /root/.ssh/authorized_keys
'') cfg.authorizedKeys)}
dropbear -s -j -k -E -m -p ${toString cfg.port}
'';
};
}

3
nixos/modules/system/boot/kernel.nix
View File

@ -184,6 +184,9 @@ in
"ide_disk" "ide_disk"
"ide_generic" "ide_generic"
# SD cards and internal eMMC drives.
"mmc_block"
# Support USB keyboards, in case the boot fails and we only have # Support USB keyboards, in case the boot fails and we only have
# a USB keyboard. # a USB keyboard.
"uhci_hcd" "uhci_hcd"

7
nixos/modules/system/boot/loader/init-script/init-script-builder.sh
View File

@ -80,8 +80,13 @@ for generation in $(
| sort -n -r); do | sort -n -r); do
link=/nix/var/nix/profiles/system-$generation-link link=/nix/var/nix/profiles/system-$generation-link
date=$(stat --printf="%y\n" $link | sed 's/\..*//') date=$(stat --printf="%y\n" $link | sed 's/\..*//')
if [ -d $link/kernel ]; then
kernelVersion=$(cd $(dirname $(readlink -f $link/kernel))/lib/modules && echo *) kernelVersion=$(cd $(dirname $(readlink -f $link/kernel))/lib/modules && echo *)
addEntry "NixOS - Configuration $generation ($date - $kernelVersion)" $link "$generation ($date)" suffix="($date - $kernelVersion)"
else
suffix="($date)"
fi
addEntry "NixOS - Configuration $generation $suffix" $link "$generation ($date)"
done done
mv $tmpOther $targetOther mv $tmpOther $targetOther

4
nixos/modules/system/boot/stage-1-init.sh
View File

@ -150,10 +150,6 @@ udevadm trigger --action=add
udevadm settle udevadm settle
# Additional devices initialization.
@postEarlyDeviceCommands@
# Load boot-time keymap before any LVM/LUKS initialization # Load boot-time keymap before any LVM/LUKS initialization
@extraUtils@/bin/busybox loadkmap < "@busyboxKeymap@" @extraUtils@/bin/busybox loadkmap < "@busyboxKeymap@"

20
nixos/modules/system/boot/stage-1.nix
View File

@ -66,10 +66,6 @@ let
copy_bin_and_libs $BIN copy_bin_and_libs $BIN
done done
# Copy modprobe.
copy_bin_and_libs ${pkgs.kmod}/bin/kmod
ln -sf kmod $out/bin/modprobe
# Copy resize2fs if needed. # Copy resize2fs if needed.
${optionalString (any (fs: fs.autoResize) (attrValues config.fileSystems)) '' ${optionalString (any (fs: fs.autoResize) (attrValues config.fileSystems)) ''
# We need mke2fs in the initrd. # We need mke2fs in the initrd.
@ -161,7 +157,9 @@ let
--replace /sbin/blkid ${extraUtils}/bin/blkid \ --replace /sbin/blkid ${extraUtils}/bin/blkid \
--replace ${pkgs.lvm2}/sbin ${extraUtils}/bin \ --replace ${pkgs.lvm2}/sbin ${extraUtils}/bin \
--replace /sbin/mdadm ${extraUtils}/bin/mdadm \ --replace /sbin/mdadm ${extraUtils}/bin/mdadm \
--replace /bin/sh ${extraUtils}/bin/sh --replace /bin/sh ${extraUtils}/bin/sh \
--replace /usr/bin/readlink ${extraUtils}/bin/readlink \
--replace /usr/bin/basename ${extraUtils}/bin/basename
done done
# Work around a bug in QEMU, which doesn't implement the "READ # Work around a bug in QEMU, which doesn't implement the "READ
@ -203,13 +201,13 @@ let
inherit (config.boot) resumeDevice devSize runSize; inherit (config.boot) resumeDevice devSize runSize;
inherit (config.boot.initrd) checkJournalingFS inherit (config.boot.initrd) checkJournalingFS
preLVMCommands preDeviceCommands postEarlyDeviceCommands postDeviceCommands postMountCommands kernelModules; preLVMCommands preDeviceCommands postDeviceCommands postMountCommands kernelModules;
resumeDevices = map (sd: if sd ? device then sd.device else "/dev/disk/by-label/${sd.label}") resumeDevices = map (sd: if sd ? device then sd.device else "/dev/disk/by-label/${sd.label}")
(filter (sd: (sd ? label || hasPrefix "/dev/" sd.device) && !sd.randomEncryption) config.swapDevices); (filter (sd: (sd ? label || hasPrefix "/dev/" sd.device) && !sd.randomEncryption) config.swapDevices);
fsInfo = fsInfo =
let f = fs: [ fs.mountPoint (if fs.device != null then fs.device else "/dev/disk/by-label/${fs.label}") fs.fsType fs.options ]; let f = fs: [ fs.mountPoint (if fs.device != null then fs.device else "/dev/disk/by-label/${fs.label}") fs.fsType (builtins.concatStringsSep "," fs.options) ];
in pkgs.writeText "initrd-fsinfo" (concatStringsSep "\n" (concatMap f fileSystems)); in pkgs.writeText "initrd-fsinfo" (concatStringsSep "\n" (concatMap f fileSystems));
setHostId = optionalString (config.networking.hostId != null) '' setHostId = optionalString (config.networking.hostId != null) ''
@ -322,14 +320,6 @@ in
''; '';
}; };
boot.initrd.postEarlyDeviceCommands = mkOption {
default = "";
type = types.lines;
description = ''
Shell commands to be executed early after creation of device nodes.
'';
};
boot.initrd.postMountCommands = mkOption { boot.initrd.postMountCommands = mkOption {
default = ""; default = "";
type = types.lines; type = types.lines;

18
nixos/modules/tasks/filesystems.nix
View File

@ -41,11 +41,15 @@ let
}; };
options = mkOption { options = mkOption {
default = "defaults"; default = [ "defaults" ];
example = "data=journal"; example = [ "data=journal" ];
type = types.commas; # FIXME: should be a list
description = "Options used to mount the file system."; description = "Options used to mount the file system.";
}; } // (if versionAtLeast lib.nixpkgsVersion "16.09" then {
type = types.listOf types.str;
} else {
type = types.either types.commas (types.listOf types.str);
apply = x: if isList x then x else lib.strings.splitString "," (builtins.trace "warning: passing a comma-separated string for filesystem options is deprecated; use a list of strings instead. This will become a hard error in 16.09." x);
});
autoFormat = mkOption { autoFormat = mkOption {
default = false; default = false;
@ -112,7 +116,7 @@ in
"/data" = { "/data" = {
device = "/dev/hda2"; device = "/dev/hda2";
fsType = "ext3"; fsType = "ext3";
options = "data=journal"; options = [ "data=journal" ];
}; };
"/bigdisk".label = "bigdisk"; "/bigdisk".label = "bigdisk";
}; };
@ -127,7 +131,7 @@ in
<command>mount</command>; defaults to <command>mount</command>; defaults to
<literal>"auto"</literal>), and <literal>options</literal> <literal>"auto"</literal>), and <literal>options</literal>
(the mount options passed to <command>mount</command> using the (the mount options passed to <command>mount</command> using the
<option>-o</option> flag; defaults to <literal>"defaults"</literal>). <option>-o</option> flag; defaults to <literal>[ "defaults" ]</literal>).
Instead of specifying <literal>device</literal>, you can also Instead of specifying <literal>device</literal>, you can also
specify a volume label (<literal>label</literal>) for file specify a volume label (<literal>label</literal>) for file
@ -177,7 +181,7 @@ in
else throw "No device specified for mount point ${fs.mountPoint}.") else throw "No device specified for mount point ${fs.mountPoint}.")
+ " " + fs.mountPoint + " " + fs.mountPoint
+ " " + fs.fsType + " " + fs.fsType
+ " " + fs.options + " " + builtins.concatStringsSep "," fs.options
+ " 0" + " 0"
+ " " + (if skipCheck fs then "0" else + " " + (if skipCheck fs then "0" else
if fs.mountPoint == "/" then "1" else "2") if fs.mountPoint == "/" then "1" else "2")

17
nixos/modules/tasks/kbd.nix
View File

@ -12,6 +12,8 @@ let
FONT=${config.i18n.consoleFont} FONT=${config.i18n.consoleFont}
${colors} ${colors}
''; '';
setVconsole = !config.boot.isContainer;
in in
{ {
@ -41,14 +43,21 @@ in
###### implementation ###### implementation
config = { config = mkMerge [
(mkIf (!setVconsole) {
systemd.services."systemd-vconsole-setup".enable = false;
})
(mkIf setVconsole {
environment.systemPackages = [ pkgs.kbd ]; environment.systemPackages = [ pkgs.kbd ];
# Let systemd-vconsole-setup.service do the work of setting up the # Let systemd-vconsole-setup.service do the work of setting up the
# virtual consoles. FIXME: trigger a restart of # virtual consoles. FIXME: trigger a restart of
# systemd-vconsole-setup.service if /etc/vconsole.conf changes. # systemd-vconsole-setup.service if /etc/vconsole.conf changes.
environment.etc."vconsole.conf".source = vconsoleConf; environment.etc = [ {
target = "vconsole.conf";
source = vconsoleConf;
} ];
# This is identical to the systemd-vconsole-setup.service unit # This is identical to the systemd-vconsole-setup.service unit
# shipped with systemd, except that it uses /dev/tty1 instead of # shipped with systemd, except that it uses /dev/tty1 instead of
@ -60,7 +69,7 @@ in
after = [ "systemd-udev-settle.service" ]; after = [ "systemd-udev-settle.service" ];
restartTriggers = [ vconsoleConf ]; restartTriggers = [ vconsoleConf ];
}; };
})
}; ];
} }

7
nixos/modules/tasks/network-interfaces-scripted.nix
View File

@ -144,15 +144,12 @@ in
fi fi
${config.systemd.package}/bin/systemctl start ip-up.target ${config.systemd.package}/bin/systemctl start ip-up.target
''; '';
preStop = preStop = flip concatMapStrings (ips) (ip:
''
echo "releasing configured ip's..."
'' + flip concatMapStrings (ips) (ip:
let let
address = "${ip.address}/${toString ip.prefixLength}"; address = "${ip.address}/${toString ip.prefixLength}";
in in
'' ''
echo -n "Deleting ${address}..." echo -n "deleting ${address}..."
ip addr del "${address}" dev "${i.name}" >/dev/null 2>&1 || echo -n " Failed" ip addr del "${address}" dev "${i.name}" >/dev/null 2>&1 || echo -n " Failed"
echo "" echo ""
''); '');

2
nixos/modules/tasks/network-interfaces.nix
View File

@ -927,7 +927,7 @@ in
pkgs.nettools pkgs.nettools
pkgs.openresolv pkgs.openresolv
] ]
++ optionals (!config.boot.isContainer) [ ++ optionals config.networking.wireless.enable [
pkgs.wirelesstools # FIXME: obsolete? pkgs.wirelesstools # FIXME: obsolete?
pkgs.iw pkgs.iw
pkgs.rfkill pkgs.rfkill

29
nixos/modules/virtualisation/amazon-image.nix
View File

@ -20,8 +20,7 @@ let cfg = config.ec2; in
autoResize = true; autoResize = true;
}; };
boot.initrd.kernelModules = [ "xen-blkfront" ]; boot.initrd.kernelModules = [ "xen-blkfront" "xen-netfront" ];
boot.kernelModules = [ "xen-netfront" ];
boot.kernelParams = mkIf cfg.hvm [ "console=ttyS0" ]; boot.kernelParams = mkIf cfg.hvm [ "console=ttyS0" ];
# Prevent the nouveau kernel module from being loaded, as it # Prevent the nouveau kernel module from being loaded, as it
@ -44,6 +43,8 @@ let cfg = config.ec2; in
kill -9 -1 kill -9 -1
''; '';
boot.initrd.network.enable = true;
# Mount all formatted ephemeral disks and activate all swap devices. # Mount all formatted ephemeral disks and activate all swap devices.
# We cannot do this with the fileSystems and swapDevices options # We cannot do this with the fileSystems and swapDevices options
# because the set of devices is dependent on the instance type # because the set of devices is dependent on the instance type
@ -55,6 +56,28 @@ let cfg = config.ec2; in
# Nix operations. # Nix operations.
boot.initrd.postMountCommands = boot.initrd.postMountCommands =
'' ''
metaDir=$targetRoot/etc/ec2-metadata
mkdir -m 0755 -p "$metaDir"
echo "getting EC2 instance metadata..."
if ! [ -e "$metaDir/ami-manifest-path" ]; then
wget -q -O "$metaDir/ami-manifest-path" http://169.254.169.254/1.0/meta-data/ami-manifest-path
fi
if ! [ -e "$metaDir/user-data" ]; then
wget -q -O "$metaDir/user-data" http://169.254.169.254/1.0/user-data
chmod 600 "$metaDir/user-data"
fi
if ! [ -e "$metaDir/hostname" ]; then
wget -q -O "$metaDir/hostname" http://169.254.169.254/1.0/meta-data/hostname
fi
if ! [ -e "$metaDir/public-keys-0-openssh-key" ]; then
wget -q -O "$metaDir/public-keys-0-openssh-key" http://169.254.169.254/1.0/meta-data/public-keys/0/openssh-key
fi
diskNr=0 diskNr=0
diskForUnionfs= diskForUnionfs=
for device in /dev/xvd[abcde]*; do for device in /dev/xvd[abcde]*; do
@ -81,7 +104,7 @@ let cfg = config.ec2; in
mkdir -m 1777 -p $targetRoot/$diskForUnionfs/root/tmp $targetRoot/tmp mkdir -m 1777 -p $targetRoot/$diskForUnionfs/root/tmp $targetRoot/tmp
mount --bind $targetRoot/$diskForUnionfs/root/tmp $targetRoot/tmp mount --bind $targetRoot/$diskForUnionfs/root/tmp $targetRoot/tmp
if [ ! -e $targetRoot/.ebs ]; then if [ "$(cat "$metaDir/ami-manifest-path")" != "(unknown)" ]; then
mkdir -m 755 -p $targetRoot/$diskForUnionfs/root/var $targetRoot/var mkdir -m 755 -p $targetRoot/$diskForUnionfs/root/var $targetRoot/var
mount --bind $targetRoot/$diskForUnionfs/root/var $targetRoot/var mount --bind $targetRoot/$diskForUnionfs/root/var $targetRoot/var

23
nixos/modules/virtualisation/amazon-init.nix
View File

@ -4,18 +4,17 @@
let let
bootScript = pkgs.writeScript "bootscript.sh" '' bootScript = pkgs.writeScript "bootscript.sh" ''
#!${pkgs.stdenv.shell} -eux #!${pkgs.stdenv.shell} -eu
echo "attempting to fetch configuration from user-data..." echo "attempting to fetch configuration from EC2 user data..."
export PATH=${config.nix.package}/bin:${pkgs.wget}/bin:${pkgs.systemd}/bin:${pkgs.gnugrep}/bin:${pkgs.gnused}/bin:${config.system.build.nixos-rebuild}/bin:$PATH export PATH=${config.nix.package}/bin:${pkgs.systemd}/bin:${pkgs.gnugrep}/bin:${pkgs.gnused}/bin:${config.system.build.nixos-rebuild}/bin:$PATH
export NIX_PATH=/nix/var/nix/profiles/per-user/root/channels/nixos:nixos-config=/etc/nixos/configuration.nix:/nix/var/nix/profiles/per-user/root/channels export NIX_PATH=/nix/var/nix/profiles/per-user/root/channels/nixos:nixos-config=/etc/nixos/configuration.nix:/nix/var/nix/profiles/per-user/root/channels
userData="$(mktemp)" userData=/etc/ec2-metadata/user-data
wget -q --wait=1 --tries=0 --retry-connrefused -O - http://169.254.169.254/2011-01-01/user-data > "$userData"
if [ -s "$userData" ]; then
if [[ $? -eq 0 ]]; then
echo "user-data fetched"
# If the user-data looks like it could be a nix expression, # If the user-data looks like it could be a nix expression,
# copy it over. Also, look for a magic three-hash comment and set # copy it over. Also, look for a magic three-hash comment and set
# that as the channel. # that as the channel.
@ -30,17 +29,17 @@ let
nix-channel --update nix-channel --update
fi fi
echo "setting configuration" echo "setting configuration from EC2 user data"
cp "$userData" /etc/nixos/configuration.nix cp "$userData" /etc/nixos/configuration.nix
else else
echo "user-data does not appear to be a nix expression; ignoring" echo "user data does not appear to be a Nix expression; ignoring"
exit
fi fi
else else
echo "failed to fetch user-data" echo "no user data is available"
exit
fi fi
type -f nixos-rebuild
nixos-rebuild switch nixos-rebuild switch
''; '';
in { in {

9
nixos/modules/virtualisation/azure-agent.nix
View File

@ -8,10 +8,11 @@ let
waagent = with pkgs; stdenv.mkDerivation rec { waagent = with pkgs; stdenv.mkDerivation rec {
name = "waagent-2.0"; name = "waagent-2.0";
src = pkgs.fetchgit { src = pkgs.fetchFromGitHub {
url = https://github.com/Phreedom/WALinuxAgent.git; owner = "phreedom";
rev = "9dba81c7b1239c7971ec96e405e403c7cd224e6b"; repo = "WALinuxAgent";
sha256 = "0khxk3ns3z37v26f2qj6m3m698a0vqpc9bxg5p7fyr3xza5gzwhs"; rev = "1d31fe8cbc7f842993eed9b33a3d3f5410c364e3";
sha256 = "1s53pfmy3azp0rmympmnphyq96sr9jy07pbsfza6mdzpalx1ripl";
}; };
buildInputs = [ makeWrapper python pythonPackages.wrapPython ]; buildInputs = [ makeWrapper python pythonPackages.wrapPython ];
runtimeDeps = [ findutils gnugrep gawk coreutils openssl openssh runtimeDeps = [ findutils gnugrep gawk coreutils openssl openssh

38
nixos/modules/virtualisation/ec2-data.nix
View File

@ -1,6 +1,6 @@
# This module defines a systemd service that obtains the SSH key and # This module defines a systemd service that sets the SSH host key and
# host name of virtual machines running on Amazon EC2, Eucalyptus and # authorized client key and host name of virtual machines running on
# OpenStack Compute (Nova). # Amazon EC2, Eucalyptus and OpenStack Compute (Nova).
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
@ -9,55 +9,49 @@ with lib;
{ {
config = { config = {
systemd.services.fetch-ec2-data = systemd.services.apply-ec2-data =
{ description = "Fetch EC2 Data"; { description = "Apply EC2 Data";
wantedBy = [ "multi-user.target" "sshd.service" ]; wantedBy = [ "multi-user.target" "sshd.service" ];
before = [ "sshd.service" ]; before = [ "sshd.service" ];
wants = [ "ip-up.target" ];
after = [ "ip-up.target" ];
path = [ pkgs.wget pkgs.iproute ]; path = [ pkgs.iproute ];
script = script =
'' ''
wget="wget -q --retry-connrefused -O -"
${optionalString (config.networking.hostName == "") '' ${optionalString (config.networking.hostName == "") ''
echo "setting host name..." echo "setting host name..."
${pkgs.nettools}/bin/hostname $($wget http://169.254.169.254/1.0/meta-data/hostname) if [ -s /etc/ec2-metadata/hostname ]; then
${pkgs.nettools}/bin/hostname $(cat /etc/ec2-metadata/hostname)
fi
''} ''}
# Don't download the SSH key if it has already been injected
# into the image (a Nova feature).
if ! [ -e /root/.ssh/authorized_keys ]; then if ! [ -e /root/.ssh/authorized_keys ]; then
echo "obtaining SSH key..." echo "obtaining SSH key..."
mkdir -m 0700 -p /root/.ssh mkdir -m 0700 -p /root/.ssh
$wget http://169.254.169.254/1.0/meta-data/public-keys/0/openssh-key > /root/key.pub if [ -s /etc/ec2-metadata/public-keys-0-openssh-key ]; then
if [ $? -eq 0 -a -e /root/key.pub ]; then cat /etc/ec2-metadata/public-keys-0-openssh-key >> /root/.ssh/authorized_keys
cat /root/key.pub >> /root/.ssh/authorized_keys
echo "new key added to authorized_keys" echo "new key added to authorized_keys"
chmod 600 /root/.ssh/authorized_keys chmod 600 /root/.ssh/authorized_keys
rm -f /root/key.pub
fi fi
fi fi
# Extract the intended SSH host key for this machine from # Extract the intended SSH host key for this machine from
# the supplied user data, if available. Otherwise sshd will # the supplied user data, if available. Otherwise sshd will
# generate one normally. # generate one normally.
$wget http://169.254.169.254/2011-01-01/user-data > /root/user-data || true userData=/etc/ec2-metadata/user-data
mkdir -m 0755 -p /etc/ssh mkdir -m 0755 -p /etc/ssh
key="$(sed 's/|/\n/g; s/SSH_HOST_DSA_KEY://; t; d' /root/user-data)" key="$(sed 's/|/\n/g; s/SSH_HOST_DSA_KEY://; t; d' $userData)"
key_pub="$(sed 's/SSH_HOST_DSA_KEY_PUB://; t; d' /root/user-data)" key_pub="$(sed 's/SSH_HOST_DSA_KEY_PUB://; t; d' $userData)"
if [ -n "$key" -a -n "$key_pub" -a ! -e /etc/ssh/ssh_host_dsa_key ]; then if [ -n "$key" -a -n "$key_pub" -a ! -e /etc/ssh/ssh_host_dsa_key ]; then
(umask 077; echo "$key" > /etc/ssh/ssh_host_dsa_key) (umask 077; echo "$key" > /etc/ssh/ssh_host_dsa_key)
echo "$key_pub" > /etc/ssh/ssh_host_dsa_key.pub echo "$key_pub" > /etc/ssh/ssh_host_dsa_key.pub
fi fi
key="$(sed 's/|/\n/g; s/SSH_HOST_ED25519_KEY://; t; d' /root/user-data)" key="$(sed 's/|/\n/g; s/SSH_HOST_ED25519_KEY://; t; d' $userData)"
key_pub="$(sed 's/SSH_HOST_ED25519_KEY_PUB://; t; d' /root/user-data)" key_pub="$(sed 's/SSH_HOST_ED25519_KEY_PUB://; t; d' $userData)"
if [ -n "$key" -a -n "$key_pub" -a ! -e /etc/ssh/ssh_host_ed25519_key ]; then if [ -n "$key" -a -n "$key_pub" -a ! -e /etc/ssh/ssh_host_ed25519_key ]; then
(umask 077; echo "$key" > /etc/ssh/ssh_host_ed25519_key) (umask 077; echo "$key" > /etc/ssh/ssh_host_ed25519_key)
echo "$key_pub" > /etc/ssh/ssh_host_ed25519_key.pub echo "$key_pub" > /etc/ssh/ssh_host_ed25519_key.pub

13
nixos/modules/virtualisation/qemu-vm.nix
View File

@ -110,6 +110,7 @@ let
# Generate a hard disk image containing a /boot partition and GRUB # Generate a hard disk image containing a /boot partition and GRUB
# in the MBR. Used when the `useBootLoader' option is set. # in the MBR. Used when the `useBootLoader' option is set.
# FIXME: use nixos/lib/make-disk-image.nix.
bootDisk = bootDisk =
pkgs.vmTools.runInLinuxVM ( pkgs.vmTools.runInLinuxVM (
pkgs.runCommand "nixos-boot-disk" pkgs.runCommand "nixos-boot-disk"
@ -427,38 +428,38 @@ in
${if cfg.writableStore then "/nix/.ro-store" else "/nix/store"} = ${if cfg.writableStore then "/nix/.ro-store" else "/nix/store"} =
{ device = "store"; { device = "store";
fsType = "9p"; fsType = "9p";
options = "trans=virtio,version=9p2000.L,cache=loose"; options = [ "trans=virtio" "version=9p2000.L" "cache=loose" ];
neededForBoot = true; neededForBoot = true;
}; };
"/tmp/xchg" = "/tmp/xchg" =
{ device = "xchg"; { device = "xchg";
fsType = "9p"; fsType = "9p";
options = "trans=virtio,version=9p2000.L,cache=loose"; options = [ "trans=virtio" "version=9p2000.L" "cache=loose" ];
neededForBoot = true; neededForBoot = true;
}; };
"/tmp/shared" = "/tmp/shared" =
{ device = "shared"; { device = "shared";
fsType = "9p"; fsType = "9p";
options = "trans=virtio,version=9p2000.L"; options = [ "trans=virtio" "version=9p2000.L" ];
neededForBoot = true; neededForBoot = true;
}; };
} // optionalAttrs cfg.writableStore } // optionalAttrs cfg.writableStore
{ "/nix/store" = { "/nix/store" =
{ fsType = "unionfs-fuse"; { fsType = "unionfs-fuse";
device = "unionfs"; device = "unionfs";
options = "allow_other,cow,nonempty,chroot=/mnt-root,max_files=32768,hide_meta_files,dirs=/nix/.rw-store=rw:/nix/.ro-store=ro"; options = [ "allow_other" "cow" "nonempty" "chroot=/mnt-root" "max_files=32768" "hide_meta_files" "dirs=/nix/.rw-store=rw:/nix/.ro-store=ro" ];
}; };
} // optionalAttrs (cfg.writableStore && cfg.writableStoreUseTmpfs) } // optionalAttrs (cfg.writableStore && cfg.writableStoreUseTmpfs)
{ "/nix/.rw-store" = { "/nix/.rw-store" =
{ fsType = "tmpfs"; { fsType = "tmpfs";
options = "mode=0755"; options = [ "mode=0755" ];
neededForBoot = true; neededForBoot = true;
}; };
} // optionalAttrs cfg.useBootLoader } // optionalAttrs cfg.useBootLoader
{ "/boot" = { "/boot" =
{ device = "/dev/vdb2"; { device = "/dev/vdb2";
fsType = "vfat"; fsType = "vfat";
options = "ro"; options = [ "ro" ];
noCheck = true; # fsck fails on a r/o filesystem noCheck = true; # fsck fails on a r/o filesystem
}; };
}); });

1
nixos/release.nix
View File

@ -248,6 +248,7 @@ in rec {
tests.ipv6 = callTest tests/ipv6.nix {}; tests.ipv6 = callTest tests/ipv6.nix {};
tests.jenkins = callTest tests/jenkins.nix {}; tests.jenkins = callTest tests/jenkins.nix {};
tests.kde4 = callTest tests/kde4.nix {}; tests.kde4 = callTest tests/kde4.nix {};
tests.initrdNetwork = callTest tests/initrd-network.nix {};
tests.kubernetes = hydraJob (import tests/kubernetes.nix { system = "x86_64-linux"; }); tests.kubernetes = hydraJob (import tests/kubernetes.nix { system = "x86_64-linux"; });
tests.latestKernel.login = callTest tests/login.nix { latestKernel = true; }; tests.latestKernel.login = callTest tests/login.nix { latestKernel = true; };
#tests.lightdm = callTest tests/lightdm.nix {}; #tests.lightdm = callTest tests/lightdm.nix {};

4
nixos/tests/chromium.nix
View File

@ -2,8 +2,8 @@ import ./make-test.nix (
{ pkgs { pkgs
, channelMap ? { , channelMap ? {
stable = pkgs.chromium; stable = pkgs.chromium;
beta = pkgs.chromiumBeta; #beta = pkgs.chromiumBeta;
dev = pkgs.chromiumDev; #dev = pkgs.chromiumDev;
} }
, ... , ...
}: rec { }: rec {

12
nixos/tests/ec2.nix
View File

@ -10,9 +10,10 @@ let
inherit system; inherit system;
modules = [ modules = [
../maintainers/scripts/ec2/amazon-image.nix ../maintainers/scripts/ec2/amazon-image.nix
../../nixos/modules/testing/test-instrumentation.nix ../modules/testing/test-instrumentation.nix
{ boot.initrd.kernelModules = [ "virtio" "virtio_blk" "virtio_pci" "virtio_ring" ]; ../modules/profiles/minimal.nix
ec2.hvm = true; ../modules/profiles/qemu-guest.nix
{ ec2.hvm = true;
# Hack to make the partition resizing work in QEMU. # Hack to make the partition resizing work in QEMU.
boot.initrd.postDeviceCommands = mkBefore boot.initrd.postDeviceCommands = mkBefore
@ -33,6 +34,7 @@ let
ln -s ${pkgs.writeText "userData" userData} $out/2011-01-01/user-data ln -s ${pkgs.writeText "userData" userData} $out/2011-01-01/user-data
mkdir -p $out/1.0/meta-data mkdir -p $out/1.0/meta-data
echo "${hostname}" > $out/1.0/meta-data/hostname echo "${hostname}" > $out/1.0/meta-data/hostname
echo "(unknown)" > $out/1.0/meta-data/ami-manifest-path
'' + optionalString (sshPublicKey != null) '' '' + optionalString (sshPublicKey != null) ''
mkdir -p $out/1.0/meta-data/public-keys/0 mkdir -p $out/1.0/meta-data/public-keys/0
ln -s ${pkgs.writeText "sshPublicKey" sshPublicKey} $out/1.0/meta-data/public-keys/0/openssh-key ln -s ${pkgs.writeText "sshPublicKey" sshPublicKey} $out/1.0/meta-data/public-keys/0/openssh-key
@ -56,7 +58,7 @@ let
# again when it deletes link-local addresses.) Ideally we'd # again when it deletes link-local addresses.) Ideally we'd
# turn off the DHCP server, but qemu does not have an option # turn off the DHCP server, but qemu does not have an option
# to do that. # to do that.
my $startCommand = "qemu-kvm -m 768 -net nic -net 'user,net=169.0.0.0/8,guestfwd=tcp:169.254.169.254:80-cmd:${pkgs.micro-httpd}/bin/micro_httpd ${metaData}'"; my $startCommand = "qemu-kvm -m 768 -net nic,vlan=0,model=virtio -net 'user,vlan=0,net=169.0.0.0/8,guestfwd=tcp:169.254.169.254:80-cmd:${pkgs.micro-httpd}/bin/micro_httpd ${metaData}'";
$startCommand .= " -drive file=$diskImage,if=virtio,werror=report"; $startCommand .= " -drive file=$diskImage,if=virtio,werror=report";
$startCommand .= " \$QEMU_OPTS"; $startCommand .= " \$QEMU_OPTS";
@ -92,6 +94,8 @@ in {
$machine->waitForFile("/root/user-data"); $machine->waitForFile("/root/user-data");
$machine->waitForUnit("sshd.service"); $machine->waitForUnit("sshd.service");
$machine->succeed("grep unknown /etc/ec2-metadata/ami-manifest-path");
# We have no keys configured on the client side yet, so this should fail # We have no keys configured on the client side yet, so this should fail
$machine->fail("ssh -o BatchMode=yes localhost exit"); $machine->fail("ssh -o BatchMode=yes localhost exit");

24
nixos/tests/haka.nix Normal file
View File

@ -0,0 +1,24 @@
# This test runs haka and probes it with hakactl
import ./make-test.nix ({ pkgs, ...} : {
name = "haka";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ tvestelind ];
};
nodes = {
haka =
{ config, pkgs, ... }:
{
services.haka.enable = true;
};
};
testScript = ''
startAll;
$haka->waitForUnit("haka.service");
$haka->succeed("hakactl status");
$haka->succeed("hakactl stop");
'';
})

22
nixos/tests/initrd-network.nix Normal file
View File

@ -0,0 +1,22 @@
import ./make-test.nix ({ pkgs, ...} : {
name = "initrd-network";
meta.maintainers = [ pkgs.stdenv.lib.maintainers.eelco ];
machine = { config, pkgs, ... }: {
imports = [ ../modules/profiles/minimal.nix ];
boot.initrd.network.enable = true;
boot.initrd.network.postCommands =
''
ip addr | grep 10.0.2.15 || exit 1
ping -c1 10.0.2.2 || exit 1
'';
};
testScript =
''
startAll;
$machine->waitForUnit("multi-user.target");
$machine->succeed("ip link >&2");
'';
})

2
nixos/tests/misc.nix
View File

@ -16,7 +16,7 @@ import ./make-test.nix ({ pkgs, ...} : {
systemd.tmpfiles.rules = [ "d /tmp 1777 root root 10d" ]; systemd.tmpfiles.rules = [ "d /tmp 1777 root root 10d" ];
fileSystems = mkVMOverride { "/tmp2" = fileSystems = mkVMOverride { "/tmp2" =
{ fsType = "tmpfs"; { fsType = "tmpfs";
options = "mode=1777,noauto"; options = [ "mode=1777" "noauto" ];
}; };
}; };
systemd.automounts = singleton systemd.automounts = singleton

2
nixos/tests/nfs.nix
View File

@ -8,7 +8,7 @@ let
[ { mountPoint = "/data"; [ { mountPoint = "/data";
device = "server:/data"; device = "server:/data";
fsType = "nfs"; fsType = "nfs";
options = "vers=${toString version}"; options = [ "vers=${toString version}" ];
} }
]; ];
networking.firewall.enable = false; # FIXME: only open statd networking.firewall.enable = false; # FIXME: only open statd

4
nixos/tests/simple.nix
View File

@ -4,7 +4,9 @@ import ./make-test.nix ({ pkgs, ...} : {
maintainers = [ eelco ]; maintainers = [ eelco ];
}; };
machine = { config, pkgs, ... }: { }; machine = { config, pkgs, ... }: {
imports = [ ../modules/profiles/minimal.nix ];
};
testScript = testScript =
'' ''

4
pkgs/applications/audio/abcde/default.nix
View File

@ -1,4 +1,4 @@
{ stdenv, fetchurl, libcdio, cddiscid, wget, bash, vorbis-tools, id3v2, eyeD3 { stdenv, fetchurl, libcdio, cddiscid, wget, bash, which, vorbis-tools, id3v2, eyeD3
, lame, flac, eject, mkcue , lame, flac, eject, mkcue
, perl, DigestSHA, MusicBrainz, MusicBrainzDiscID , perl, DigestSHA, MusicBrainz, MusicBrainzDiscID
, makeWrapper }: , makeWrapper }:
@ -50,7 +50,7 @@ in
--replace '#!/usr/bin/perl' '#!${perl}/bin/perl' --replace '#!/usr/bin/perl' '#!${perl}/bin/perl'
wrapProgram "$out/bin/abcde" --prefix PATH ":" \ wrapProgram "$out/bin/abcde" --prefix PATH ":" \
"$out/bin:${libcdio}/bin:${cddiscid}/bin:${wget}/bin:${vorbis-tools}/bin:${id3v2}/bin:${eyeD3}/bin:${lame}/bin" "$out/bin:${which}/bin:${libcdio}/bin:${cddiscid}/bin:${wget}/bin:${vorbis-tools}/bin:${id3v2}/bin:${eyeD3}/bin:${lame}/bin:${flac}/bin"
wrapProgram "$out/bin/cddb-tool" --prefix PATH ":" \ wrapProgram "$out/bin/cddb-tool" --prefix PATH ":" \
"${wget}/bin" "${wget}/bin"

3
pkgs/applications/audio/deadbeef/default.nix
View File

@ -12,6 +12,7 @@
, midiSupport ? false, wildmidi ? null , midiSupport ? false, wildmidi ? null
, wavpackSupport ? false, wavpack ? null , wavpackSupport ? false, wavpack ? null
, ffmpegSupport ? false, ffmpeg ? null , ffmpegSupport ? false, ffmpeg ? null
, apeSupport ? true, yasm ? null
# misc plugins # misc plugins
, zipSupport ? true, libzip ? null , zipSupport ? true, libzip ? null
, artworkSupport ? true, imlib2 ? null , artworkSupport ? true, imlib2 ? null
@ -38,6 +39,7 @@ assert cdaSupport -> (libcdio != null && libcddb != null);
assert aacSupport -> faad2 != null; assert aacSupport -> faad2 != null;
assert zipSupport -> libzip != null; assert zipSupport -> libzip != null;
assert ffmpegSupport -> ffmpeg != null; assert ffmpegSupport -> ffmpeg != null;
assert apeSupport -> yasm != null;
assert artworkSupport -> imlib2 != null; assert artworkSupport -> imlib2 != null;
assert hotkeysSupport -> libX11 != null; assert hotkeysSupport -> libX11 != null;
assert osdSupport -> dbus != null; assert osdSupport -> dbus != null;
@ -68,6 +70,7 @@ stdenv.mkDerivation rec {
++ optional aacSupport faad2 ++ optional aacSupport faad2
++ optional zipSupport libzip ++ optional zipSupport libzip
++ optional ffmpegSupport ffmpeg ++ optional ffmpegSupport ffmpeg
++ optional apeSupport yasm
++ optional artworkSupport imlib2 ++ optional artworkSupport imlib2
++ optional hotkeysSupport libX11 ++ optional hotkeysSupport libX11
++ optional osdSupport dbus ++ optional osdSupport dbus

11
pkgs/applications/audio/faust/faust1.nix
View File

@ -1,6 +1,6 @@
{ stdenv { stdenv
, coreutils , coreutils
, fetchgit , fetchurl
, makeWrapper , makeWrapper
, pkgconfig , pkgconfig
}: }:
@ -9,12 +9,11 @@ with stdenv.lib.strings;
let let
version = "8-1-2015"; version = "0.9.73";
src = fetchgit { src = fetchurl {
url = git://git.code.sf.net/p/faudiostream/code; url = "http://downloads.sourceforge.net/project/faudiostream/faust-${version}.tgz";
rev = "4db76fdc02b6aec8d15a5af77fcd5283abe963ce"; sha256 = "0x2scxkwvvjx7b7smj5xb8kr269qakf49z3fxpasd9g7025q44k5";
sha256 = "f1ac92092ee173e4bcf6b2cb1ac385a7c390fb362a578a403b2b6edd5dc7d5d0";
}; };
meta = with stdenv.lib; { meta = with stdenv.lib; {

0
pkgs/applications/audio/faust/default.nix → pkgs/applications/audio/faust/faust2.nix
View File

2
pkgs/applications/audio/ladspa-sdk/default.nix
View File

@ -3,7 +3,7 @@ stdenv.mkDerivation rec {
name = "ladspa-sdk-${version}"; name = "ladspa-sdk-${version}";
version = "1.13"; version = "1.13";
src = fetchurl { src = fetchurl {
url = "http://www.ladspa.org/download/ladspa_sdk_${version}.tgz"; url = "http://http.debian.net/debian/pool/main/l/ladspa-sdk/ladspa-sdk_${version}.orig.tar.gz";
sha256 = "0srh5n2l63354bc0srcrv58rzjkn4gv8qjqzg8dnq3rs4m7kzvdm"; sha256 = "0srh5n2l63354bc0srcrv58rzjkn4gv8qjqzg8dnq3rs4m7kzvdm";
}; };

35
pkgs/applications/audio/ladspa-sdk/ladspah.nix
View File

@ -1,17 +1,26 @@
{ runCommand, fetchurl }: { stdenv, fetchurl }:
stdenv.mkDerivation rec {
let name = "ladspa.h-${version}";
version = "1.13";
src = fetchurl { src = fetchurl {
url = http://www.ladspa.org/ladspa_sdk/ladspa.h.txt; url = "http://http.debian.net/debian/pool/main/l/ladspa-sdk/ladspa-sdk_${version}.orig.tar.gz";
sha256 = "1b908csn85ng9sz5s5d1mqk711cmawain2z8px2ajngihdrynb67"; sha256 = "0srh5n2l63354bc0srcrv58rzjkn4gv8qjqzg8dnq3rs4m7kzvdm";
}; };
in installPhase = ''
runCommand "ladspa.h"
{ meta.description = "LADSPA format audio plugins"; }
''
mkdir -p $out/include mkdir -p $out/include
cp ${src} $out/include/ladspa.h cp src/ladspa.h $out/include/ladspa.h
'' '';
meta = {
description = "LADSPA format audio plugins header file";
longDescription = ''
The ladspa.h API header file from the LADSPA SDK.
For the full SDK, use the ladspa-sdk package.
'';
homepage = http://www.ladspa.org/ladspa_sdk/overview.html;
license = stdenv.lib.licenses.lgpl2;
maintainers = [ stdenv.lib.maintainers.magnetophon ];
platforms = stdenv.lib.platforms.all;
};
}

6
pkgs/applications/audio/non/default.nix
View File

@ -4,12 +4,12 @@ ladspaH, liblrdf, liblo, libsigcxx
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "non-${version}"; name = "non-${version}";
version = "2015-12-16"; version = "2016-02-07";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "original-male"; owner = "original-male";
repo = "non"; repo = "non";
rev = "5d274f430c867f73ed1dcb306b49be0371d28128"; rev = "1ef382fbbea598fdb56b25244a703c64ecaf8446";
sha256 = "1yckac3r1hqn5p450j4lf4349v4knjj7n9s5p3wdcvxhs0pjv2sy"; sha256 = "1mi3nm0nrrqlk36920irvqf5080lbnj1qc8vnxspgwkjjqgdc22g";
}; };
buildInputs = [ pkgconfig python2 cairo libjpeg ntk libjack2 libsndfile buildInputs = [ pkgconfig python2 cairo libjpeg ntk libjack2 libsndfile

36
pkgs/applications/audio/qtscrobbler/default.nix Normal file
View File

@ -0,0 +1,36 @@
{ stdenv, lib, fetchurl, withMtp ? true, libmtp, pkgconfig, which, qt4 }:
stdenv.mkDerivation rec {
name = "qtscrobbler-${version}";
version = "0.11";
src = fetchurl {
url = "mirror://sourceforge/qtscrob/qtscrob/${version}/qtscrob-${version}.tar.bz2";
sha256 = "01c8e48f616ed09504833d27d92fd62f455bd645ea2d1cc2a5f4c287d641daba";
};
nativeBuildInputs = lib.optionals withMtp [ pkgconfig which ];
buildInputs = [ qt4 ] ++ lib.optional withMtp libmtp;
enableParallelBuilding = true;
postPatch = ''
cd src
sed -i "s,/usr/local,$out," common.pri
'';
configurePhase = "qmake";
meta = with lib; {
description = "Qt based last.fm scrobbler";
longDescription = ''
QTScrobbler is a tool to upload information about the tracks you have played from your Digital Audio Player (DAP) to your last.fm account.
It is able to gather this information from Apple iPods or DAPs running the Rockbox replacement firmware.
'';
homepage = http://qtscrob.sourceforge.net;
license = licenses.gpl2;
maintainers = [ maintainers.vanzef ];
platforms = platforms.linux;
};
}

73
pkgs/applications/audio/sonata/default.nix Normal file
View File

@ -0,0 +1,73 @@
{ pkgs, stdenv, fetchFromGitHub, pkgconfig, intltool, wrapGAppsHook,
python, buildPythonPackage, isPy3k,
gnome3, gtk3, gobjectIntrospection,
dbus, pygobject3, mpd2 }:
with pkgs.lib;
buildPythonPackage rec {
name = "sonata-${version}";
version = "1.7b1";
namePrefix = "";
src = fetchFromGitHub {
owner = "multani";
repo = "sonata";
rev = "v${version}";
sha256 = "1npbxlrg6k154qybfd250nq2p96kxdsdkj9wwnp93gljnii3g8wh";
};
disabled = !isPy3k;
buildInputs = [
pkgconfig intltool wrapGAppsHook
gnome3.gnome_themes_standard gnome3.defaultIconTheme
gnome3.gsettings_desktop_schemas
];
postPatch = ''
# Remove "Local MPD" tab which is not suitable for NixOS.
sed -i '/localmpd/d' sonata/consts.py
'';
propagatedUserEnvPkgs = [ gnome3.gnome_themes_standard ];
propagatedBuildInputs = [
gobjectIntrospection gtk3 pygobject3
];
# The optional tagpy dependency (for editing metadata) is not yet
# included because it's difficult to build.
pythonPath = [ dbus pygobject3 mpd2 ];
meta = {
description = "An elegant client for the Music Player Daemon";
longDescription = ''
Sonata is an elegant client for the Music Player Daemon.
Written in Python and using the GTK+ 3 widget set, its features
include:
- Expanded and collapsed views
- Automatic remote and local album art
- Library browsing by folders, or by genre/artist/album
- User-configurable columns
- Automatic fetching of lyrics
- Playlist and stream support
- Support for editing song tags (not in NixOS version)
- Drag and drop to copy files
- Popup notification
- Library and playlist searching, filter as you type
- Audioscrobbler (last.fm) 1.2 support
- Multiple MPD profiles
- Keyboard friendly
- Support for multimedia keys
- Commandline control
- Available in 24 languages
'';
homepage = "http://www.nongnu.org/sonata/";
license = stdenv.lib.licenses.gpl3;
platforms = stdenv.lib.platforms.linux;
maintainers = [ stdenv.lib.maintainers.rvl ];
};
}

9
pkgs/applications/audio/spotify/default.nix
View File

@ -87,7 +87,14 @@ stdenv.mkDerivation {
# Desktop file # Desktop file
mkdir -p "$out/share/applications/" mkdir -p "$out/share/applications/"
cp "$out/share/spotify/spotify.desktop" "$out/share/applications/" cp "$out/share/spotify/spotify.desktop" "$out/share/applications/"
sed -i "s|Icon=.*|Icon=$out/share/spotify/Icons/spotify-linux-512.png|" "$out/share/applications/spotify.desktop"
# Icons
for i in 16 22 24 32 48 64 128 256 512; do
ixi="$i"x"$i"
mkdir -p "$out/share/icons/hicolor/$ixi/apps"
ln -s "$out/share/spotify/icons/spotify-linux-$i.png" \
"$out/share/icons/hicolor/$ixi/apps/spotify-client.png"
done
''; '';
dontStrip = true; dontStrip = true;

29
pkgs/applications/audio/timemachine/default.nix Normal file
View File

@ -0,0 +1,29 @@
{ stdenv, fetchFromGitHub, autoconf, automake, pkgconfig, gtk2
, libjack2, libsndfile
}:
stdenv.mkDerivation rec {
name = "timemachine-${version}";
version = "0.3.1";
src = fetchFromGitHub {
owner = "swh";
repo = "timemachine";
rev = "1966d8524d4e4c47c525473bab3b010a168adc98";
sha256 = "0w5alysixnvlkfl79wf7vs5wsw2vgxl3gqxxcm0zbmhjdpmjpcal";
};
buildInputs = [ autoconf automake pkgconfig gtk2 libjack2
libsndfile
];
preConfigure = "./autogen.sh";
meta = {
description = "JACK audio recorder";
homepage = http://plugin.org.uk/timemachine/;
license = stdenv.lib.licenses.lgpl2;
platforms = stdenv.lib.platforms.linux;
maintainers = [ stdenv.lib.maintainers.nico202 ];
};
}

6
pkgs/applications/display-managers/slim/default.nix
View File

@ -18,13 +18,17 @@ stdenv.mkDerivation rec {
# slim's broken PAM session handling (see # slim's broken PAM session handling (see
# http://developer.berlios.de/bugs/?func=detailbug&bug_id=19102&group_id=2663). # http://developer.berlios.de/bugs/?func=detailbug&bug_id=19102&group_id=2663).
./run-once.patch ./run-once.patch
# Ensure that sessions appear in sort order, rather than in
# directory order.
./sort-sessions.patch
]; ];
preConfigure = "substituteInPlace CMakeLists.txt --replace /lib $out/lib"; preConfigure = "substituteInPlace CMakeLists.txt --replace /lib $out/lib";
cmakeFlags = [ "-DUSE_PAM=1" ]; cmakeFlags = [ "-DUSE_PAM=1" ];
NIX_CFLAGS_COMPILE = "-I${freetype}/include/freetype"; NIX_CFLAGS_COMPILE = "-I${freetype}/include/freetype -std=c++11";
enableParallelBuilding = true; enableParallelBuilding = true;

40
pkgs/applications/display-managers/slim/sort-sessions.patch Normal file
View File

@ -0,0 +1,40 @@
diff -ru -x '*~' slim-1.3.6-orig/cfg.cpp slim-1.3.6/cfg.cpp
--- slim-1.3.6-orig/cfg.cpp 2013-10-02 00:38:05.000000000 +0200
+++ slim-1.3.6/cfg.cpp 2016-01-30 10:35:51.108766802 +0100
@@ -14,6 +14,7 @@
#include <iostream>
#include <unistd.h>
#include <stdlib.h>
+#include <algorithm>
#include <sys/types.h>
#include <sys/stat.h>
@@ -293,6 +294,8 @@
sessions.clear();
+ typedef pair<string,string> session_t;
+
if( !strSessionDir.empty() ) {
DIR *pDir = opendir(strSessionDir.c_str());
@@ -325,7 +328,7 @@
}
}
desktop_file.close();
- pair<string,string> session(session_name,session_exec);
+ session_t session(session_name,session_exec);
sessions.push_back(session);
cout << session_exec << " - " << session_name << endl;
}
@@ -341,6 +344,10 @@
pair<string,string> session("","");
sessions.push_back(session);
}
+
+ std::sort(sessions.begin(), sessions.end(), [](session_t& a, session_t& b) -> bool{
+ return a.first < b.first;
+ });
}
pair<string,string> Cfg::nextSession() {

4
pkgs/applications/editors/atom/default.nix
View File

@ -16,11 +16,11 @@ let
}; };
in stdenv.mkDerivation rec { in stdenv.mkDerivation rec {
name = "atom-${version}"; name = "atom-${version}";
version = "1.4.0"; version = "1.4.3";
src = fetchurl { src = fetchurl {
url = "https://github.com/atom/atom/releases/download/v${version}/atom-amd64.deb"; url = "https://github.com/atom/atom/releases/download/v${version}/atom-amd64.deb";
sha256 = "0dipww58p0sm99jn1ariisha9wsnhl7rnd8achpxqkf4b3vwi5iz"; sha256 = "15ix5ww3ny5ylgmmxpkc32li6af2vc4a2p6aymx9c472fra0c41x";
name = "${name}.deb"; name = "${name}.deb";
}; };

78
pkgs/applications/editors/eclipse/default.nix
View File

@ -12,7 +12,7 @@ rec {
buildEclipse = import ./build-eclipse.nix args; buildEclipse = import ./build-eclipse.nix args;
eclipse_sdk_35 = buildEclipse { eclipse-sdk-35 = buildEclipse {
name = "eclipse-sdk-3.5.2"; name = "eclipse-sdk-3.5.2";
description = "Eclipse Classic"; description = "Eclipse Classic";
src = src =
@ -27,10 +27,9 @@ rec {
md5 = "bde55a2354dc224cf5f26e5320e72dac"; md5 = "bde55a2354dc224cf5f26e5320e72dac";
}; };
}; };
eclipse_sdk_35 = eclipse-sdk-35; # backward compatibility, added 2016-01-30
# !!! Use mirror://eclipse/. eclipse-sdk-36 = buildEclipse {
eclipse_sdk_36 = buildEclipse {
name = "eclipse-sdk-3.6.2"; name = "eclipse-sdk-3.6.2";
description = "Eclipse Classic"; description = "Eclipse Classic";
src = src =
@ -45,9 +44,10 @@ rec {
sha256 = "1bh8ykliqr8wbciv13vpiy50rvm7yszk7y8dslr796dbwhi5b1cj"; sha256 = "1bh8ykliqr8wbciv13vpiy50rvm7yszk7y8dslr796dbwhi5b1cj";
}; };
}; };
eclipse_sdk_36 = eclipse-sdk-36; # backward compatibility, added 2016-01-30
eclipse_scala_sdk_40 = buildEclipse { eclipse-scala-sdk-40 = buildEclipse {
name = "eclipse-scala_sdk-4.0.0"; name = "eclipse-scala-sdk-4.0.0";
description = "Eclipse IDE for Scala Developers"; description = "Eclipse IDE for Scala Developers";
src = src =
if stdenv.system == "x86_64-linux" then if stdenv.system == "x86_64-linux" then
@ -61,8 +61,9 @@ rec {
sha256 = "f422aea5903c97d212264a5a43c6ebc638aecbd4ce5e6078d92618725bc5d31e"; sha256 = "f422aea5903c97d212264a5a43c6ebc638aecbd4ce5e6078d92618725bc5d31e";
}; };
}; };
eclipse_scala_sdk_40 = eclipse-scala-sdk-40; # backward compatibility, added 2016-01-30
eclipse_cpp_36 = buildEclipse { eclipse-cpp-36 = buildEclipse {
name = "eclipse-cpp-3.6.2"; name = "eclipse-cpp-3.6.2";
description = "Eclipse IDE for C/C++ Developers"; description = "Eclipse IDE for C/C++ Developers";
src = src =
@ -77,8 +78,9 @@ rec {
sha1 = "1156e4bc0253ae3a3a4e54839e4944dc64d3108f"; sha1 = "1156e4bc0253ae3a3a4e54839e4944dc64d3108f";
}; };
}; };
eclipse_cpp_36 = eclipse-cpp-36; # backward compatibility, added 2016-01-30
eclipse_modeling_36 = buildEclipse { eclipse-modeling-36 = buildEclipse {
name = "eclipse-modeling-3.6.2"; name = "eclipse-modeling-3.6.2";
description = "Eclipse Modeling Tools (includes Incubating components)"; description = "Eclipse Modeling Tools (includes Incubating components)";
src = src =
@ -93,8 +95,9 @@ rec {
sha1 = "696377895bb26445de39d82a916b7e69edb1d939"; sha1 = "696377895bb26445de39d82a916b7e69edb1d939";
}; };
}; };
eclipse_modeling_36 = eclipse-modeling-36; # backward compatibility, added 2016-01-30
eclipse_sdk_37 = buildEclipse { eclipse-sdk-37 = buildEclipse {
name = "eclipse-sdk-3.7"; name = "eclipse-sdk-3.7";
description = "Eclipse Classic"; description = "Eclipse Classic";
sources = { sources = {
@ -108,8 +111,9 @@ rec {
}; };
}; };
}; };
eclipse_sdk_37 = eclipse-sdk-37; # backward compatibility, added 2016-01-30
eclipse_cpp_37 = buildEclipse { eclipse-cpp-37 = buildEclipse {
name = "eclipse-cpp-3.7"; name = "eclipse-cpp-3.7";
description = "Eclipse IDE for C/C++ Developers"; description = "Eclipse IDE for C/C++ Developers";
src = src =
@ -124,8 +128,9 @@ rec {
sha256 = "1cvg1vgyazrkinwzlvlf0dpl197p4784752srqybqylyj5psdi3b"; sha256 = "1cvg1vgyazrkinwzlvlf0dpl197p4784752srqybqylyj5psdi3b";
}; };
}; };
eclipse_cpp_37 = eclipse-cpp-37; # backward compatibility, added 2016-01-30
eclipse_cpp_42 = buildEclipse { eclipse-cpp-42 = buildEclipse {
name = "eclipse-cpp-4.2"; name = "eclipse-cpp-4.2";
description = "Eclipse IDE for C/C++ Developers"; description = "Eclipse IDE for C/C++ Developers";
src = src =
@ -140,8 +145,9 @@ rec {
sha256 = "1a4s9qlhfpfpdhvffyglnfdr3dq5r2ywcxqywhqi95yhq5nmsgyk"; sha256 = "1a4s9qlhfpfpdhvffyglnfdr3dq5r2ywcxqywhqi95yhq5nmsgyk";
}; };
}; };
eclipse_cpp_42 = eclipse-cpp-42; # backward compatibility, added 2016-01-30
eclipse_cpp_43 = buildEclipse { eclipse-cpp-43 = buildEclipse {
name = "eclipse-cpp-4.3.2"; name = "eclipse-cpp-4.3.2";
description = "Eclipse IDE for C/C++ Developers"; description = "Eclipse IDE for C/C++ Developers";
src = src =
@ -156,41 +162,44 @@ rec {
sha256 = "0d6jlj7hwz8blx6csrlyi2h2prql0wckbh7ihwjmgclwpcpj84g6"; sha256 = "0d6jlj7hwz8blx6csrlyi2h2prql0wckbh7ihwjmgclwpcpj84g6";
}; };
}; };
eclipse_cpp_43 = eclipse-cpp-43; # backward compatibility, added 2016-01-30
eclipse_cpp_44 = buildEclipse { eclipse-cpp-44 = buildEclipse {
name = "eclipse-cpp-4.4"; name = "eclipse-cpp-4.4.2";
description = "Eclipse IDE for C/C++ Developers"; description = "Eclipse IDE for C/C++ Developers";
src = src =
if stdenv.system == "x86_64-linux" then if stdenv.system == "x86_64-linux" then
fetchurl { fetchurl {
url = http://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/technology/epp/downloads/release/luna/R/eclipse-cpp-luna-R-linux-gtk-x86_64.tar.gz; url = http://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/technology/epp/downloads/release/luna/SR2/eclipse-cpp-luna-SR2-linux-gtk-x86_64.tar.gz;
md5 = "b0a6ee33e8108a7ff4682ab911271b04"; sha256 = "1vxwj7yihgipvrb3gksmddqkarzazpwk3mh1mjnw0i5xz2y32ba4";
} }
else else
fetchurl { fetchurl {
url = http://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/technology/epp/downloads/release/luna/R/eclipse-cpp-luna-R-linux-gtk.tar.gz; url = http://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/technology/epp/downloads/release/luna/SR2/eclipse-cpp-luna-SR2-linux-gtk.tar.gz;
md5 = "5000f93cecf6ef9af112f0df6e8c87f3"; sha256 = "1yn7yzzx8izc199c8w4f7vrc0b08idyq0dn113i8123b0mxw5lkp";
}; };
}; };
eclipse_cpp_44 = eclipse-cpp-44; # backward compatibility, added 2016-01-30
eclipse_cpp_45 = buildEclipse { eclipse-cpp-45 = buildEclipse {
name = "eclipse-cpp-4.5"; name = "eclipse-cpp-4.5.1";
description = "Eclipse IDE for C/C++ Developers, Mars release"; description = "Eclipse IDE for C/C++ Developers, Mars release";
src = src =
if stdenv.system == "x86_64-linux" then if stdenv.system == "x86_64-linux" then
fetchurl { fetchurl {
url = http://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/technology/epp/downloads/release/mars/R/eclipse-cpp-mars-R-linux-gtk-x86_64.tar.gz; url = http://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/technology/epp/downloads/release/mars/1/eclipse-cpp-mars-1-linux-gtk-x86_64.tar.gz;
sha1 = "11f9583e23ae68eb675107e6c9acc48e0a2520ae"; sha256 = "1j6rsgr44kya2v7y34ifscajqk7lnq1w9m9fx4i0qgby84sy4xj7";
} }
else if stdenv.system == "i686-linux" then else if stdenv.system == "i686-linux" then
fetchurl { fetchurl {
url = http://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/technology/epp/downloads/release/mars/R/eclipse-cpp-mars-R-linux-gtk.tar.gz; url = http://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/technology/epp/downloads/release/mars/1/eclipse-cpp-mars-1-linux-gtk.tar.gz;
sha1 = "45dddb8c8f2ec79b7e25cc13d93785863ffe4791"; sha256 = "0qsbvjkq0ssxbnafh4gs8pfclynqis3nf7xlxx4w3k20jcjx7sr2";
} }
else throw "Unsupported system: ${stdenv.system}"; else throw "Unsupported system: ${stdenv.system}";
}; };
eclipse_cpp_45 = eclipse-cpp-45; # backward compatibility, added 2016-01-30
eclipse_sdk_421 = buildEclipse { eclipse-sdk-421 = buildEclipse {
name = "eclipse-sdk-4.2.1"; name = "eclipse-sdk-4.2.1";
description = "Eclipse Classic"; description = "Eclipse Classic";
src = src =
@ -205,8 +214,9 @@ rec {
sha256 = "1av6qm9wkbyk123qqf38f0jq4jv2bj9wp6fmpnl55zg6qr463c1w"; sha256 = "1av6qm9wkbyk123qqf38f0jq4jv2bj9wp6fmpnl55zg6qr463c1w";
}; };
}; };
eclipse_sdk_421 = eclipse-sdk-421; # backward compatibility, added 2016-01-30
eclipse_sdk_422 = buildEclipse { eclipse-sdk-422 = buildEclipse {
name = "eclipse-sdk-4.2.2"; name = "eclipse-sdk-4.2.2";
description = "Eclipse Classic"; description = "Eclipse Classic";
sources = { sources = {
@ -220,8 +230,9 @@ rec {
}; };
}; };
}; };
eclipse_sdk_422 = eclipse-sdk-422; # backward compatibility, added 2016-01-30
eclipse_sdk_431 = buildEclipse { eclipse-sdk-431 = buildEclipse {
name = "eclipse-sdk-4.3.1"; name = "eclipse-sdk-4.3.1";
description = "Eclipse Classic"; description = "Eclipse Classic";
sources = { sources = {
@ -235,8 +246,9 @@ rec {
}; };
}; };
}; };
eclipse_sdk_431 = eclipse-sdk-431; # backward compatibility, added 2016-01-30
eclipse_sdk_44 = buildEclipse { eclipse-sdk-44 = buildEclipse {
name = "eclipse-sdk-4.4"; name = "eclipse-sdk-4.4";
description = "Eclipse Classic"; description = "Eclipse Classic";
sources = { sources = {
@ -250,8 +262,9 @@ rec {
}; };
}; };
}; };
eclipse_sdk_44 = eclipse-sdk-44; # backward compatibility, added 2016-01-30
eclipse_sdk_442 = buildEclipse { eclipse-sdk-442 = buildEclipse {
name = "eclipse-sdk-4.4.2"; name = "eclipse-sdk-4.4.2";
description = "Eclipse Classic"; description = "Eclipse Classic";
sources = { sources = {
@ -265,8 +278,9 @@ rec {
}; };
}; };
}; };
eclipse_sdk_442 = eclipse-sdk-442; # backward compatibility, added 2016-01-30
eclipse_sdk_45 = buildEclipse { eclipse-sdk-45 = buildEclipse {
name = "eclipse-sdk-4.5"; name = "eclipse-sdk-4.5";
description = "Eclipse Mars Classic"; description = "Eclipse Mars Classic";
sources = { sources = {
@ -280,8 +294,9 @@ rec {
}; };
}; };
}; };
eclipse_sdk_45 = eclipse-sdk-45; # backward compatibility, added 2016-01-30
eclipse_sdk_451 = buildEclipse { eclipse-sdk-451 = buildEclipse {
name = "eclipse-sdk-4.5.1"; name = "eclipse-sdk-4.5.1";
description = "Eclipse Mars Classic"; description = "Eclipse Mars Classic";
sources = { sources = {
@ -295,6 +310,7 @@ rec {
}; };
}; };
}; };
eclipse_sdk_451 = eclipse-sdk-451; # backward compatibility, added 2016-01-30
eclipse-platform = eclipse-platform-451; eclipse-platform = eclipse-platform-451;

12
pkgs/applications/editors/eclipse/plugins.nix
View File

@ -171,12 +171,12 @@ rec {
checkstyle = buildEclipseUpdateSite rec { checkstyle = buildEclipseUpdateSite rec {
name = "checkstyle-${version}"; name = "checkstyle-${version}";
version = "6.11.1.201510102004"; version = "6.14.0.201601142217";
src = fetchzip { src = fetchzip {
stripRoot = false; stripRoot = false;
url = "mirror://sourceforge/project/eclipse-cs/Eclipse%20Checkstyle%20Plug-in/6.11.1/net.sf.eclipsecs-updatesite_${version}-bin.zip"; url = "mirror://sourceforge/project/eclipse-cs/Eclipse%20Checkstyle%20Plug-in/6.14.0/net.sf.eclipsecs-updatesite_${version}-bin.zip";
sha256 = "0l9nfx7a3qdx1pvjgc6ck4rxh7yrvqsskr190yrxxwmpnyj9cjs4"; sha256 = "0ysxir1fv0mb9xnidc9hv6llnk48lkav0sryjbx7pw7vy1f8nd4c";
}; };
meta = with stdenv.lib; { meta = with stdenv.lib; {
@ -318,12 +318,12 @@ rec {
gnuarmeclipse = buildEclipseUpdateSite rec { gnuarmeclipse = buildEclipseUpdateSite rec {
name = "gnuarmeclipse-${version}"; name = "gnuarmeclipse-${version}";
version = "2.8.1-201504061754"; version = "2.11.1-201512141335";
src = fetchzip { src = fetchzip {
stripRoot = false; stripRoot = false;
url = "mirror://sourceforge/project/gnuarmeclipse/Current%20Releases/2.x/ilg.gnuarmeclipse.repository-${version}.zip"; url = "https://github.com/gnuarmeclipse/plug-ins/releases/download/v${version}/ilg.gnuarmeclipse.repository-${version}.zip";
sha256 = "08jsnyis1ry62cidr9sl11ylyxbkwh834nlhx6qp31gh1l439px9"; sha256 = "1ijvnahfw2wc860la7kj8b52z2sfm8k1yk62bl0d4lq60y3aycg9";
}; };
meta = with stdenv.lib; { meta = with stdenv.lib; {

2
pkgs/applications/editors/emacs-modes/color-theme-solarized/default.nix
View File

@ -27,7 +27,7 @@ stdenv.mkDerivation rec {
meta = { meta = {
description = "Precision colors for machines and people"; description = "Precision colors for machines and people";
homepage = http://ethanschoonover.com/solarized; homepage = http://ethanschoonover.com/solarized;
maintainer = "Samuel Rivas <samuelrivas@gmail.com>"; maintainers = "Samuel Rivas <samuelrivas@gmail.com>";
license = stdenv.lib.licenses.mit; license = stdenv.lib.licenses.mit;
platforms = stdenv.lib.platforms.all; platforms = stdenv.lib.platforms.all;

105
pkgs/applications/editors/emacs-modes/elpa-generated.nix
View File

@ -28,10 +28,10 @@
ada-mode = callPackage ({ cl-lib ? null, elpaBuild, emacs, fetchurl, lib, wisi }: ada-mode = callPackage ({ cl-lib ? null, elpaBuild, emacs, fetchurl, lib, wisi }:
elpaBuild { elpaBuild {
pname = "ada-mode"; pname = "ada-mode";
version = "5.1.8"; version = "5.1.9";
src = fetchurl { src = fetchurl {
url = "http://elpa.gnu.org/packages/ada-mode-5.1.8.tar"; url = "http://elpa.gnu.org/packages/ada-mode-5.1.9.tar";
sha256 = "015lmliwk4qa2sbs9spxik6dnwsf1a34py6anklf92qnmzhjicy6"; sha256 = "04hwy9py22c4vpbk24idbyavjdjpm1akvnfigdzx35zljdrvk3l7";
}; };
packageRequires = [ cl-lib emacs wisi ]; packageRequires = [ cl-lib emacs wisi ];
meta = { meta = {
@ -148,10 +148,10 @@
}) {}; }) {};
auctex = callPackage ({ elpaBuild, fetchurl, lib }: elpaBuild { auctex = callPackage ({ elpaBuild, fetchurl, lib }: elpaBuild {
pname = "auctex"; pname = "auctex";
version = "11.89"; version = "11.89.1";
src = fetchurl { src = fetchurl {
url = "http://elpa.gnu.org/packages/auctex-11.89.tar"; url = "http://elpa.gnu.org/packages/auctex-11.89.1.tar";
sha256 = "0ggk2q17wq4y9yw5b9mykk153ihphazjdj1fl4lv0zblgnrxz5l5"; sha256 = "0nqp12l5x2h0hxl8p3l6aiz4mvdf79zz84z1wl3q2prliac3xz17";
}; };
packageRequires = []; packageRequires = [];
meta = { meta = {
@ -188,10 +188,10 @@
avy = callPackage ({ cl-lib ? null, elpaBuild, emacs, fetchurl, lib }: avy = callPackage ({ cl-lib ? null, elpaBuild, emacs, fetchurl, lib }:
elpaBuild { elpaBuild {
pname = "avy"; pname = "avy";
version = "0.3.0"; version = "0.4.0";
src = fetchurl { src = fetchurl {
url = "http://elpa.gnu.org/packages/avy-0.3.0.tar"; url = "http://elpa.gnu.org/packages/avy-0.4.0.tar";
sha256 = "1ycfqabx949s7dgp9vhyb9phpxw83gjw4cc7914gr84bqlkj0458"; sha256 = "1vbp37ndv5930x120n0isxxxfs8d5wqlrbnxvp6h3ahbbv0zdcsn";
}; };
packageRequires = [ cl-lib emacs ]; packageRequires = [ cl-lib emacs ];
meta = { meta = {
@ -417,10 +417,10 @@
}) {}; }) {};
debbugs = callPackage ({ async, elpaBuild, fetchurl, lib }: elpaBuild { debbugs = callPackage ({ async, elpaBuild, fetchurl, lib }: elpaBuild {
pname = "debbugs"; pname = "debbugs";
version = "0.8"; version = "0.9";
src = fetchurl { src = fetchurl {
url = "http://elpa.gnu.org/packages/debbugs-0.8.tar"; url = "http://elpa.gnu.org/packages/debbugs-0.9.tar";
sha256 = "1wp5wa2a0rwvpfdzd2b78k6vd26qbyqwl4p2c2s5l7zkqy258in5"; sha256 = "1wc6kw7hihqqdx8qyl01akygycnan44x400hwrcf54m3hb4isa0k";
}; };
packageRequires = [ async ]; packageRequires = [ async ];
meta = { meta = {
@ -445,10 +445,10 @@
diff-hl = callPackage ({ cl-lib ? null, elpaBuild, fetchurl, lib }: diff-hl = callPackage ({ cl-lib ? null, elpaBuild, fetchurl, lib }:
elpaBuild { elpaBuild {
pname = "diff-hl"; pname = "diff-hl";
version = "1.8.2"; version = "1.8.3";
src = fetchurl { src = fetchurl {
url = "http://elpa.gnu.org/packages/diff-hl-1.8.2.tar"; url = "http://elpa.gnu.org/packages/diff-hl-1.8.3.tar";
sha256 = "1y0v5fiizkmhzafiscrcqjzxpwjcag5rx79lq3iplh58vxlmb65w"; sha256 = "1i3ngx5gmjl1a15y6d0xmcgdimn7ghrqkbzqisz4ra3dgwbbb3f9";
}; };
packageRequires = [ cl-lib ]; packageRequires = [ cl-lib ];
meta = { meta = {
@ -684,6 +684,19 @@
license = lib.licenses.free; license = lib.licenses.free;
}; };
}) {}; }) {};
gnome-c-style = callPackage ({ elpaBuild, fetchurl, lib }: elpaBuild {
pname = "gnome-c-style";
version = "0.1";
src = fetchurl {
url = "http://elpa.gnu.org/packages/gnome-c-style-0.1.tar";
sha256 = "09w68jbpzyyhcaqw335qpr840j7xx0j81zxxkxq4ahqv6ck27v4x";
};
packageRequires = [];
meta = {
homepage = "http://elpa.gnu.org/packages/gnome-c-style.html";
license = lib.licenses.free;
};
}) {};
gnorb = callPackage ({ cl-lib ? null, elpaBuild, fetchurl, lib }: gnorb = callPackage ({ cl-lib ? null, elpaBuild, fetchurl, lib }:
elpaBuild { elpaBuild {
pname = "gnorb"; pname = "gnorb";
@ -923,6 +936,20 @@
license = lib.licenses.free; license = lib.licenses.free;
}; };
}) {}; }) {};
loccur = callPackage ({ cl-lib ? null, elpaBuild, fetchurl, lib }:
elpaBuild {
pname = "loccur";
version = "1.2.2";
src = fetchurl {
url = "http://elpa.gnu.org/packages/loccur-1.2.2.el";
sha256 = "0ij5wzxysaikiccw7mjbw1sfylvih0n6b6yyp55vn8w1z2dba0xk";
};
packageRequires = [ cl-lib ];
meta = {
homepage = "http://elpa.gnu.org/packages/loccur.html";
license = lib.licenses.free;
};
}) {};
markchars = callPackage ({ elpaBuild, fetchurl, lib }: elpaBuild { markchars = callPackage ({ elpaBuild, fetchurl, lib }: elpaBuild {
pname = "markchars"; pname = "markchars";
version = "0.2.0"; version = "0.2.0";
@ -1017,10 +1044,10 @@
}) {}; }) {};
multishell = callPackage ({ elpaBuild, fetchurl, lib }: elpaBuild { multishell = callPackage ({ elpaBuild, fetchurl, lib }: elpaBuild {
pname = "multishell"; pname = "multishell";
version = "1.0.4"; version = "1.1.2";
src = fetchurl { src = fetchurl {
url = "http://elpa.gnu.org/packages/multishell-1.0.4.el"; url = "http://elpa.gnu.org/packages/multishell-1.1.2.tar";
sha256 = "11nx9h1c039h7md7pr1xlc3kla8n0vq6pa54i25wakf5n30019f4"; sha256 = "1y0b6ri0kgxj0jw1cyb796lsy3ipzb7syvmj7pqpx9myzpvd3hz3";
}; };
packageRequires = []; packageRequires = [];
meta = { meta = {
@ -1175,10 +1202,10 @@
}) {}; }) {};
org = callPackage ({ elpaBuild, fetchurl, lib }: elpaBuild { org = callPackage ({ elpaBuild, fetchurl, lib }: elpaBuild {
pname = "org"; pname = "org";
version = "20160118"; version = "20160201";
src = fetchurl { src = fetchurl {
url = "http://elpa.gnu.org/packages/org-20160118.tar"; url = "http://elpa.gnu.org/packages/org-20160201.tar";
sha256 = "107jzpykg5fgd4wzppn2ayvrg2l6z7mnlq8v7r52x15400k9xnxr"; sha256 = "1lyvfpksl88c9d7k2w4k3iswgjah51k9f8fdi3jbfwivd814m9nb";
}; };
packageRequires = []; packageRequires = [];
meta = { meta = {
@ -1332,6 +1359,19 @@
license = lib.licenses.free; license = lib.licenses.free;
}; };
}) {}; }) {};
rnc-mode = callPackage ({ elpaBuild, fetchurl, lib }: elpaBuild {
pname = "rnc-mode";
version = "0.1";
src = fetchurl {
url = "http://elpa.gnu.org/packages/rnc-mode-0.1.el";
sha256 = "18hm9g05ld8i1apr28dmd9ccq6dc0w6rdqhi0k7ka95jxxdr9m6d";
};
packageRequires = [];
meta = {
homepage = "http://elpa.gnu.org/packages/rnc-mode.html";
license = lib.licenses.free;
};
}) {};
rudel = callPackage ({ elpaBuild, fetchurl, lib }: elpaBuild { rudel = callPackage ({ elpaBuild, fetchurl, lib }: elpaBuild {
pname = "rudel"; pname = "rudel";
version = "0.3"; version = "0.3";
@ -1663,10 +1703,10 @@
}) {}; }) {};
wcheck-mode = callPackage ({ elpaBuild, fetchurl, lib }: elpaBuild { wcheck-mode = callPackage ({ elpaBuild, fetchurl, lib }: elpaBuild {
pname = "wcheck-mode"; pname = "wcheck-mode";
version = "2016.1.5"; version = "2016.1.30";
src = fetchurl { src = fetchurl {
url = "http://elpa.gnu.org/packages/wcheck-mode-2016.1.5.el"; url = "http://elpa.gnu.org/packages/wcheck-mode-2016.1.30.el";
sha256 = "0axd32sw1papxz4yscjg85a2li8a8m8z5fn2jzb3620700j86jb3"; sha256 = "0hzrxnslfl04h083njy7wp4hhgrqpyz0cnm73v348kr1i4wx9xjq";
}; };
packageRequires = []; packageRequires = [];
meta = { meta = {
@ -1729,10 +1769,10 @@
wisi = callPackage ({ cl-lib ? null, elpaBuild, emacs, fetchurl, lib }: wisi = callPackage ({ cl-lib ? null, elpaBuild, emacs, fetchurl, lib }:
elpaBuild { elpaBuild {
pname = "wisi"; pname = "wisi";
version = "1.1.1"; version = "1.1.2";
src = fetchurl { src = fetchurl {
url = "http://elpa.gnu.org/packages/wisi-1.1.1.tar"; url = "http://elpa.gnu.org/packages/wisi-1.1.2.tar";
sha256 = "14bpir7kng8b4m1yna4iahhp2z0saagc2i8z53apd39msbplay3r"; sha256 = "04gryfpgbviviwbnvv3sh280pzasr59cp5xz1s0yf0n4d3rv2df3";
}; };
packageRequires = [ cl-lib emacs ]; packageRequires = [ cl-lib emacs ];
meta = { meta = {
@ -1806,14 +1846,15 @@
license = lib.licenses.free; license = lib.licenses.free;
}; };
}) {}; }) {};
ztree = callPackage ({ elpaBuild, fetchurl, lib }: elpaBuild { ztree = callPackage ({ cl-lib ? null, elpaBuild, fetchurl, lib }:
elpaBuild {
pname = "ztree"; pname = "ztree";
version = "1.0.2"; version = "1.0.3";
src = fetchurl { src = fetchurl {
url = "http://elpa.gnu.org/packages/ztree-1.0.2.tar"; url = "http://elpa.gnu.org/packages/ztree-1.0.3.tar";
sha256 = "0rm9b7cw5md9zbgbq89kh8wb5jdjrqy9g43psdws19z6j532g665"; sha256 = "1mwzk48sah4w5jmlmzqxnwhnlnc2mf25ayhgymv24sv8c6hdllsw";
}; };
packageRequires = []; packageRequires = [ cl-lib ];
meta = { meta = {
homepage = "http://elpa.gnu.org/packages/ztree.html"; homepage = "http://elpa.gnu.org/packages/ztree.html";
license = lib.licenses.free; license = lib.licenses.free;

8429
pkgs/applications/editors/emacs-modes/melpa-generated.nix
View File

File diff suppressed because it is too large Load Diff

3373
pkgs/applications/editors/emacs-modes/melpa-stable-generated.nix
View File

File diff suppressed because it is too large Load Diff

6
pkgs/applications/editors/idea/default.nix
View File

@ -148,14 +148,14 @@ in
android-studio = buildAndroidStudio rec { android-studio = buildAndroidStudio rec {
name = "android-studio-${version}"; name = "android-studio-${version}";
version = "1.5.0.4"; version = "1.5.1.0";
build = "141.2422023"; build = "141.2456560";
description = "Android development environment based on IntelliJ IDEA"; description = "Android development environment based on IntelliJ IDEA";
license = stdenv.lib.licenses.asl20; license = stdenv.lib.licenses.asl20;
src = fetchurl { src = fetchurl {
url = "https://dl.google.com/dl/android/studio/ide-zips/${version}" + url = "https://dl.google.com/dl/android/studio/ide-zips/${version}" +
"/android-studio-ide-${build}-linux.zip"; "/android-studio-ide-${build}-linux.zip";
sha256 = "1sjxs9cq7mdalxmzp6v2gwbg1w8p43c2cp5j4v212w66h5rqv11z"; sha256 = "0p6h21jd0xx3xzdrfv9530n1ssyc3xigr3fg33r8ain4k6n02vj6";
}; };
}; };

55
pkgs/applications/editors/lighttable/default.nix
View File

@ -1,6 +1,6 @@
{ stdenv, fetchurl, buildEnv, makeDesktopItem, makeWrapper, zlib, glib, alsaLib { stdenv, fetchurl, buildEnv, zlib, glib, alsaLib, makeDesktopItem
, dbus, gtk, atk, pango, freetype, fontconfig, libgnome_keyring3, gdk_pixbuf , dbus, gtk, atk, pango, freetype, fontconfig, libgnome_keyring3, gdk_pixbuf
, cairo, cups, expat, libgpgerror, nspr, gnome3, nss, xorg, libudev , cairo, cups, expat, libgpgerror, nspr, gnome3, nss, xorg, libudev, libnotify
}: }:
let let
@ -8,51 +8,58 @@ let
stdenv.cc.cc zlib glib dbus gtk atk pango freetype libgnome_keyring3 nss stdenv.cc.cc zlib glib dbus gtk atk pango freetype libgnome_keyring3 nss
fontconfig gdk_pixbuf cairo cups expat libgpgerror alsaLib nspr gnome3.gconf fontconfig gdk_pixbuf cairo cups expat libgpgerror alsaLib nspr gnome3.gconf
xorg.libXrender xorg.libX11 xorg.libXext xorg.libXdamage xorg.libXtst xorg.libXrender xorg.libX11 xorg.libXext xorg.libXdamage xorg.libXtst
xorg.libXcomposite xorg.libXi xorg.libXfixes xorg.libXcomposite xorg.libXi xorg.libXfixes libnotify xorg.libXrandr
]; xorg.libXcursor
];
desktopItem = makeDesktopItem {
name = "LightTable";
exec = "light";
comment = "LightTable";
desktopName = "LightTable";
genericName = "the next generation code editor";
};
in in
assert stdenv.system == "i686-linux" || stdenv.system == "x86_64-linux";
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "lighttable-${version}"; name = "lighttable-${version}";
version = "0.7.2"; version = "0.8.1";
src = src =
if stdenv.system == "i686-linux" then
fetchurl {
name = "LightTableLinux.tar.gz";
url = "https://d35ac8ww5dfjyg.cloudfront.net/playground/bins/${version}/LightTableLinux.tar.gz";
sha256 = "1q5m50r319xn9drfv3cyfja87b7dfhni9d9gmz9733idq3l5fl9i";
}
else
fetchurl { fetchurl {
name = "LightTableLinux64.tar.gz"; name = "LightTableLinux64.tar.gz";
url = "https://d35ac8ww5dfjyg.cloudfront.net/playground/bins/${version}/LightTableLinux64.tar.gz"; url = "https://github.com/LightTable/LightTable/releases/download/${version}/${name}-linux.tar.gz";
sha256 = "1jnn103v5qrplkb5ik9p8whfqclcq2r1qv666hp3jaiwb46vhf3c"; sha256 = "06fj725xfhf3fwrf7dya7ijmxq3v76kfmd4lr2067a92zhlwr5pv";
}; };
buildInputs = [ makeWrapper ];
phases = [ "installPhase" ]; phases = [ "installPhase" ];
installPhase = '' installPhase = ''
tar xvf ${src} tar xf ${src}
mkdir -p $out/bin mkdir -p $out/{bin,share/LightTable}
mv LightTable $out/ mv ./${name}-linux/* $out/share/LightTable
patchelf \ patchelf \
--interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" \ --interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" \
--set-rpath ${libPath}:${stdenv.cc.cc}/lib${stdenv.lib.optionalString stdenv.is64bit "64"} \ --set-rpath ${libPath}:${libPath}/lib64:$out/share/LightTable \
$out/LightTable/ltbin $out/share/LightTable/LightTable
ln -sf ${libudev.out}/lib/libudev.so.1 $out/LightTable/libudev.so.0 mv $out/share/LightTable/light $out/bin/light
makeWrapper $out/LightTable/ltbin $out/bin/lighttable \ ln -sf ${libudev.out}/lib/libudev.so.1 $out/share/LightTable/libudev.so.0
--prefix "LD_LIBRARY_PATH" : $out/LightTable substituteInPlace $out/bin/light \
--replace "/usr/lib/x86_64-linux-gnu" "${libudev.out}/lib" \
--replace "/lib/x86_64-linux-gnu" "$out/share/LightTable" \
--replace 'HERE=`dirname $(readlink -f $0)`' "HERE=$out/share/LightTable"
mkdir -p "$out"/share/applications
cp "${desktopItem}/share/applications/LightTable.desktop" "$out"/share/applications/
''; '';
meta = with stdenv.lib; { meta = with stdenv.lib; {
description = "the next generation code editor"; description = "the next generation code editor";
homepage = http://www.lighttable.com/; homepage = http://www.lighttable.com/;
license = licenses.gpl3; license = licenses.gpl3;
maintainers = [ maintainers.matejc ];
platforms = [ "x86_64-linux" ];
}; };
} }

14
pkgs/applications/editors/sublime3/default.nix
View File

@ -6,7 +6,7 @@ assert stdenv.system == "i686-linux" || stdenv.system == "x86_64-linux";
assert gksuSupport -> gksu != null; assert gksuSupport -> gksu != null;
let let
build = "3083"; build = "3103";
libPath = stdenv.lib.makeLibraryPath [glib xorg.libX11 gtk cairo pango]; libPath = stdenv.lib.makeLibraryPath [glib xorg.libX11 gtk cairo pango];
redirects = [ "/usr/bin/pkexec=${pkexecPath}" ] redirects = [ "/usr/bin/pkexec=${pkexecPath}" ]
++ stdenv.lib.optional gksuSupport "/usr/bin/gksudo=${gksu}/bin/gksudo"; ++ stdenv.lib.optional gksuSupport "/usr/bin/gksudo=${gksu}/bin/gksudo";
@ -18,15 +18,15 @@ in let
src = src =
if stdenv.system == "i686-linux" then if stdenv.system == "i686-linux" then
fetchurl { fetchurl {
name = "sublimetext-3.0.83.tar.bz2"; name = "sublimetext-${build}.tar.bz2";
url = "http://c758482.r82.cf2.rackcdn.com/sublime_text_3_build_${build}_x32.tar.bz2"; url = "https://download.sublimetext.com/sublime_text_3_build_${build}_x32.tar.bz2";
sha256 = "0r9irk2gdwdx0dk7lgssr4krfvf3lf71pzaz5hyjc704zaxf5s49"; sha256 = "1qidnczndyhyp9rfzmpqah00lrx7z1a0fy7a13lzwqq3gslhwf1l";
} }
else else
fetchurl { fetchurl {
name = "sublimetext-3.0.83.tar.bz2"; name = "sublimetext-${build}.tar.bz2";
url = "http://c758482.r82.cf2.rackcdn.com/sublime_text_3_build_${build}_x64.tar.bz2"; url = "https://download.sublimetext.com/sublime_text_3_build_${build}_x64.tar.bz2";
sha256 = "1vhlrqz7xscmjnxpz60mdpvflanl26d7673ml7psd75n0zvcfra5"; sha256 = "1x8kb3prs6wa5s5rj0gfq96zx6k5q3s168yhfsa36x2szi6x6y4x";
}; };
dontStrip = true; dontStrip = true;

1
pkgs/applications/editors/vim/configurable.nix
View File

@ -154,6 +154,7 @@ composableDerivation {
multibyteSupport = config.vim.multibyte or false; multibyteSupport = config.vim.multibyte or false;
cscopeSupport = config.vim.cscope or true; cscopeSupport = config.vim.cscope or true;
netbeansSupport = config.netbeans or true; # eg envim is using it netbeansSupport = config.netbeans or true; # eg envim is using it
ximSupport = config.vim.xim or false;
# by default, compile with darwin support if we're compiling on darwin, but # by default, compile with darwin support if we're compiling on darwin, but
# allow this to be disabled by setting config.vim.darwin to false # allow this to be disabled by setting config.vim.darwin to false

35
pkgs/applications/graphics/darktable/default.nix
View File

@ -1,46 +1,35 @@
{ stdenv, fetchurl, libsoup, graphicsmagick, SDL, json_glib { stdenv, fetchurl, libsoup, graphicsmagick, SDL, json_glib
, GConf, atk, cairo, cmake, curl, dbus_glib, exiv2, glib , GConf, atk, cairo, cmake, curl, dbus_glib, exiv2, glib
, libgnome_keyring, gtk, ilmbase, intltool, lcms, lcms2 , libgnome_keyring, gtk3, ilmbase, intltool, lcms, lcms2
, lensfun, libXau, libXdmcp, libexif, libglade, libgphoto2, libjpeg , lensfun, libXau, libXdmcp, libexif, libglade, libgphoto2, libjpeg
, libpng, libpthreadstubs, libraw1394, librsvg, libtiff, libxcb , libpng, libpthreadstubs, librsvg, libtiff, libxcb
, openexr, pixman, pkgconfig, sqlite, bash, libxslt, openjpeg , openexr, pixman, pkgconfig, sqlite, bash, libxslt, openjpeg
, mesa }: , mesa, lua, pugixml, colord, colord-gtk, libxshmfence, libxkbcommon
, epoxy, at_spi2_core, libwebp, libsecret, wrapGAppsHook, gnome3
}:
assert stdenv ? glibc; assert stdenv ? glibc;
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
version = "1.6.9"; version = "2.0.0";
name = "darktable-${version}"; name = "darktable-${version}";
src = fetchurl { src = fetchurl {
url = "https://github.com/darktable-org/darktable/releases/download/release-${version}/darktable-${version}.tar.xz"; url = "https://github.com/darktable-org/darktable/releases/download/release-${version}/darktable-${version}.tar.xz";
sha256 = "0wri89ygjpv7npiz58mnydhgldywp6arqp9jq3v0g54a56fiwwhg"; sha256 = "1cbwvzqn3158cy7r499rdwipx7fpb30lrrvh6jy5a4xvpcjzbwnl";
}; };
buildInputs = buildInputs =
[ GConf atk cairo cmake curl dbus_glib exiv2 glib libgnome_keyring gtk [ GConf atk cairo cmake curl dbus_glib exiv2 glib libgnome_keyring gtk3
ilmbase intltool lcms lcms2 lensfun libXau libXdmcp libexif ilmbase intltool lcms lcms2 lensfun libXau libXdmcp libexif
libglade libgphoto2 libjpeg libpng libpthreadstubs libraw1394 libglade libgphoto2 libjpeg libpng libpthreadstubs
librsvg libtiff libxcb openexr pixman pkgconfig sqlite libxslt librsvg libtiff libxcb openexr pixman pkgconfig sqlite libxslt
libsoup graphicsmagick SDL json_glib openjpeg mesa libsoup graphicsmagick SDL json_glib openjpeg mesa lua pugixml
colord colord-gtk libxshmfence libxkbcommon epoxy at_spi2_core
libwebp libsecret wrapGAppsHook gnome3.adwaita-icon-theme
]; ];
preConfigure = ''
export NIX_CFLAGS_COMPILE="$NIX_CFLAGS_COMPILE -I${gtk.dev}/include/gtk-2.0"
export NIX_CFLAGS_COMPILE="$NIX_CFLAGS_COMPILE -I${gtk.out}/lib/gtk-2.0/include"
export NIX_CFLAGS_COMPILE="$NIX_CFLAGS_COMPILE -I${cairo.dev}/include/cairo"
export NIX_CFLAGS_COMPILE="$NIX_CFLAGS_COMPILE -I${atk.dev}/include/atk-1.0"
export NIX_CFLAGS_COMPILE="$NIX_CFLAGS_COMPILE -I${ilmbase}/include/OpenEXR"
export NIX_CFLAGS_COMPILE="$NIX_CFLAGS_COMPILE -I${openexr}/include/OpenEXR"
'';
cmakeFlags = [ cmakeFlags = [
"-DPTHREAD_INCLUDE_DIR=${stdenv.glibc.dev}/include"
"-DPTHREAD_LIBRARY=${stdenv.glibc.out}/lib/libpthread.so"
"-DCMAKE_BUILD_TYPE=Release"
"-DBINARY_PACKAGE_BUILD=1"
"-DGTK2_GLIBCONFIG_INCLUDE_DIR=${glib.out}/lib/glib-2.0/include"
"-DGTK2_GDKCONFIG_INCLUDE_DIR=${gtk.out}/lib/gtk-2.0/include"
"-DBUILD_USERMANUAL=False" "-DBUILD_USERMANUAL=False"
]; ];

17
pkgs/applications/graphics/imv/default.nix
View File

@ -1,19 +1,16 @@
{ stdenv, fetchFromGitHub, { stdenv, fetchgit, SDL2, SDL2_ttf, freeimage }:
SDL2, freeimage
}:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "imv-${version}"; name = "imv-${version}";
version = "1.1.0"; version = "2.0.0";
src = fetchFromGitHub { src = fetchgit {
owner = "eXeC64"; url = "https://github.com/eXeC64/imv.git";
repo = "imv"; rev = "bc90a0adcc5b22d2bf0158333eb6dfb34c402d48";
rev = "4d1a6d581b70b25d9533c5c788aab6900ebf82bb"; sha256 = "1bzx57d9mcxw9s72pdbdbwq9pns946jl6p2g881z43w68gimlpw7";
sha256 = "1c5r4pqqypir8ymicxyn2k7mhq8nl88b3x6giaafd77ssjn0vz9r";
}; };
buildInputs = [ SDL2 freeimage ]; buildInputs = [ SDL2 SDL2_ttf freeimage ];
configurePhase = "substituteInPlace Makefile --replace /usr $out"; configurePhase = "substituteInPlace Makefile --replace /usr $out";

3
pkgs/applications/graphics/sane/backends/generic.nix
View File

@ -50,6 +50,9 @@ stdenv.mkDerivation {
mkdir -p $out/etc/udev/rules.d/ mkdir -p $out/etc/udev/rules.d/
./tools/sane-desc -m udev > $out/etc/udev/rules.d/49-libsane.rules || \ ./tools/sane-desc -m udev > $out/etc/udev/rules.d/49-libsane.rules || \
cp tools/udev/libsane.rules $out/etc/udev/rules.d/49-libsane.rules cp tools/udev/libsane.rules $out/etc/udev/rules.d/49-libsane.rules
# the created 49-libsane references /bin/sh
substituteInPlace $out/etc/udev/rules.d/49-libsane.rules \
--replace "RUN+=\"/bin/sh" "RUN+=\"${stdenv.shell}"
substituteInPlace $out/lib/libsane.la \ substituteInPlace $out/lib/libsane.la \
--replace "-ljpeg" "-L${libjpeg}/lib -ljpeg" --replace "-ljpeg" "-L${libjpeg}/lib -ljpeg"

48
pkgs/applications/graphics/synfigstudio/default.nix
View File

@ -1,51 +1,67 @@
{ stdenv, fetchurl, boost, cairo, fontsConf, gettext, glibmm, gtk3, gtkmm3 { stdenv, fetchFromGitHub, boost, cairo, fontsConf, gettext, glibmm, gtk3, gtkmm3
, libjack2, libsigcxx, libtool, libxmlxx, makeWrapper, mlt-qt5, pango, pkgconfig , libjack2, libsigcxx, libtool, libxmlxx, makeWrapper, mlt-qt5, pango, pkgconfig
, imagemagick, intltool , imagemagick, intltool, autoreconfHook, which
}: }:
let let
version = "1.0.1"; version = "1.0.2";
ETL = stdenv.mkDerivation rec { ETL = stdenv.mkDerivation rec {
name = "ETL-0.04.19"; name = "ETL-0.04.19";
src = fetchurl { src = fetchFromGitHub {
url = "http://download.tuxfamily.org/synfig/releases/${version}/${name}.tar.gz"; repo = "synfig";
sha256 = "1zmqv2fa5zxprza3wbhk5mxjk7491jqshxxai92s7fdiza0nhs91"; owner = "synfig";
rev = version;
sha256 = "09ldkvzczqvb1yvlibd62y56dkyprxlr0w3rk38rcs7jnrhj2cqc";
}; };
postUnpack = "sourceRoot=\${sourceRoot}/ETL/";
buildInputs = [ autoreconfHook ];
}; };
synfig = stdenv.mkDerivation rec { synfig = stdenv.mkDerivation rec {
name = "synfig-${version}"; name = "synfig-${version}";
src = fetchurl { src = fetchFromGitHub {
url = "http://download.tuxfamily.org/synfig/releases/${version}/${name}.tar.gz"; repo = "synfig";
sha256 = "0l1f2xwmzds32g46fqwsq7j5qlnfps6944chbv14d3ynzgyyp1i3"; owner = "synfig";
rev = version;
sha256 = "09ldkvzczqvb1yvlibd62y56dkyprxlr0w3rk38rcs7jnrhj2cqc";
}; };
postUnpack = "sourceRoot=\${sourceRoot}/synfig-core/";
configureFlags = [ configureFlags = [
"--with-boost=${boost.dev}" "--with-boost=${boost.dev}"
"--with-boost-libdir=${boost.lib}/lib" "--with-boost-libdir=${boost.lib}/lib"
]; ];
buildInputs = [ buildInputs = [
ETL boost cairo gettext glibmm mlt-qt5 libsigcxx libtool libxmlxx pango ETL boost cairo gettext glibmm mlt-qt5 libsigcxx libxmlxx pango
pkgconfig pkgconfig autoreconfHook
]; ];
}; };
in in
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "synfigstudio-${version}"; name = "synfigstudio-${version}";
src = fetchurl { src = fetchFromGitHub {
url = "http://download.tuxfamily.org/synfig/releases/${version}/${name}.tar.gz"; repo = "synfig";
sha256 = "0jfa946rfh0dbagp18zknlj9ffrd4h45xcy2dh2vlhn6jdm08yfi"; owner = "synfig";
rev = version;
sha256 = "09ldkvzczqvb1yvlibd62y56dkyprxlr0w3rk38rcs7jnrhj2cqc";
}; };
postUnpack = "sourceRoot=\${sourceRoot}/synfig-studio/";
preConfigure = "./bootstrap.sh";
buildInputs = [ buildInputs = [
ETL boost cairo gettext glibmm gtk3 gtkmm3 imagemagick intltool ETL boost cairo gettext glibmm gtk3 gtkmm3 imagemagick intltool
libjack2 libsigcxx libtool libxmlxx makeWrapper mlt-qt5 pkgconfig libjack2 libsigcxx libxmlxx makeWrapper mlt-qt5 pkgconfig
synfig synfig autoreconfHook which
]; ];
postInstall = '' postInstall = ''

2
pkgs/applications/misc/adobe-reader/default.nix
View File

@ -22,6 +22,8 @@ stdenv.mkDerivation {
libPath = stdenv.lib.makeLibraryPath libPath = stdenv.lib.makeLibraryPath
[ stdenv.cc.cc libX11 zlib libxml2 cups pango atk gtk glib gdk_pixbuf ]; [ stdenv.cc.cc libX11 zlib libxml2 cups pango atk gtk glib gdk_pixbuf ];
passthru.mozillaPlugin = "/libexec/adobe-reader/Browser/intellinux";
meta = { meta = {
description = "Adobe Reader, a viewer for PDF documents"; description = "Adobe Reader, a viewer for PDF documents";
homepage = http://www.adobe.com/products/reader; homepage = http://www.adobe.com/products/reader;

Some files were not shown because too many files have changed in this diff Show More