From 5983883898cc0a28ed4b196cd500cf1acba12c83 Mon Sep 17 00:00:00 2001 From: Louis Bettens Date: Tue, 19 Jan 2021 17:49:17 +0100 Subject: [PATCH 01/26] spacevim: 1.5.0 -> 1.6.0 --- pkgs/applications/editors/spacevim/default.nix | 4 ++-- pkgs/applications/editors/spacevim/helptags.patch | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/editors/spacevim/default.nix b/pkgs/applications/editors/spacevim/default.nix index 2193d0ea5bb..2aca7ddd5c5 100644 --- a/pkgs/applications/editors/spacevim/default.nix +++ b/pkgs/applications/editors/spacevim/default.nix @@ -13,12 +13,12 @@ let spacevimdir = format.generate "init.toml" spacevim_config; in mkDerivation rec { pname = "spacevim"; - version = "1.5.0"; + version = "1.6.0"; src = fetchFromGitHub { owner = "SpaceVim"; repo = "SpaceVim"; rev = "v${version}"; - sha256 = "1xw4l262x7wzs1m65bddwqf3qx4254ykddsw3c3p844pb3mzqhh7"; + sha256 = "sha256-QQdtjEdbuzmf0Rw+u2ZltLihnJt8LqkfTrLDWLAnCLE="; }; nativeBuildInputs = [ makeWrapper vim-customized]; diff --git a/pkgs/applications/editors/spacevim/helptags.patch b/pkgs/applications/editors/spacevim/helptags.patch index e8b31c57419..bc0f9140c7b 100644 --- a/pkgs/applications/editors/spacevim/helptags.patch +++ b/pkgs/applications/editors/spacevim/helptags.patch @@ -2,7 +2,7 @@ diff --git a/autoload/SpaceVim.vim b/autoload/SpaceVim.vim index 16688680..fcafd6f7 100644 --- a/autoload/SpaceVim.vim +++ b/autoload/SpaceVim.vim -@@ -1255,13 +1255,6 @@ function! SpaceVim#end() abort +@@ -1355,13 +1355,6 @@ function! SpaceVim#end() abort let &helplang = 'jp' endif "" From dd6ebb78719fe1c56a4fc487de6882c4e4fc7b92 Mon Sep 17 00:00:00 2001 From: talyz Date: Wed, 13 Jan 2021 11:01:01 +0100 Subject: [PATCH 02/26] google-compute-config: Reintroduce fetch-ssh-keys Reintroduce the `fetch-ssh-keys` service so that GCE images that work with NixOps can once again be built. Also, reformat the code a bit. The service was removed in 88570538b3b19d60b00bc3905bbaaef17e5a5c94, likely due to a comment saying it should be removed. It was still needed for images to work with NixOps, however, and probably needed to be replaced or rewritten rather than removed. --- .../virtualisation/google-compute-config.nix | 63 +++++++++++++++++++ 1 file changed, 63 insertions(+) diff --git a/nixos/modules/virtualisation/google-compute-config.nix b/nixos/modules/virtualisation/google-compute-config.nix index 327324f2921..2068924c44b 100644 --- a/nixos/modules/virtualisation/google-compute-config.nix +++ b/nixos/modules/virtualisation/google-compute-config.nix @@ -69,6 +69,69 @@ in # GC has 1460 MTU networking.interfaces.eth0.mtu = 1460; + systemd.services.fetch-ssh-keys = { + description = "Fetch host keys and authorized_keys for root user"; + + wantedBy = [ "sshd.service" ]; + before = [ "sshd.service" ]; + after = [ "network-online.target" ]; + wants = [ "network-online.target" ]; + + script = + let + wget = "${pkgs.wget}/bin/wget --retry-connrefused -t 15 --waitretry=10 --header='Metadata-Flavor: Google'"; + mktemp = "mktemp --tmpdir=/run"; + in '' + # When dealing with cryptographic keys, we want to keep things private. + umask 077 + mkdir -m 0700 -p /root/.ssh + + echo "Obtaining SSH keys..." + AUTH_KEYS=$(${mktemp}) + ${wget} -O $AUTH_KEYS http://metadata.google.internal/computeMetadata/v1/instance/attributes/sshKeys + if [ -s $AUTH_KEYS ]; then + # Read in key one by one, split in case Google decided + # to append metadata (it does sometimes) and add to + # authorized_keys if not already present. + touch /root/.ssh/authorized_keys + NEW_KEYS=$(${mktemp}) + # Yes this is a nix escape of two single quotes. + while IFS=''' read -r line || [[ -n "$line" ]]; do + keyLine=$(echo -n "$line" | cut -d ':' -f2) + IFS=' ' read -r -a array <<< "$keyLine" + if [ ''${#array[@]} -ge 3 ]; then + echo ''${array[@]:0:3} >> $NEW_KEYS + echo "Added ''${array[@]:2} to authorized_keys" + fi + done < $AUTH_KEYS + mv $NEW_KEYS /root/.ssh/authorized_keys + chmod 600 /root/.ssh/authorized_keys + rm -f $KEY_PUB + else + echo "Downloading http://metadata.google.internal/computeMetadata/v1/project/attributes/sshKeys failed." + false + fi + rm -f $AUTH_KEYS + + SSH_HOST_KEYS_DIR=$(${mktemp} -d) + ${wget} -O $SSH_HOST_KEYS_DIR/ssh_host_ed25519_key http://metadata.google.internal/computeMetadata/v1/instance/attributes/ssh_host_ed25519_key + ${wget} -O $SSH_HOST_KEYS_DIR/ssh_host_ed25519_key.pub http://metadata.google.internal/computeMetadata/v1/instance/attributes/ssh_host_ed25519_key_pub + if [ -s $SSH_HOST_KEYS_DIR/ssh_host_ed25519_key -a -s $SSH_HOST_KEYS_DIR/ssh_host_ed25519_key.pub ]; then + mv -f $SSH_HOST_KEYS_DIR/ssh_host_ed25519_key* /etc/ssh/ + chmod 600 /etc/ssh/ssh_host_ed25519_key + chmod 644 /etc/ssh/ssh_host_ed25519_key.pub + else + echo "Setup of ssh host keys from http://metadata.google.internal/computeMetadata/v1/instance/attributes/ failed." + false + fi + rm -rf $SSH_HOST_KEYS_DIR + ''; + serviceConfig.Type = "oneshot"; + serviceConfig.RemainAfterExit = true; + serviceConfig.StandardError = "journal+console"; + serviceConfig.StandardOutput = "journal+console"; + }; + systemd.services.google-instance-setup = { description = "Google Compute Engine Instance Setup"; after = [ "network-online.target" "network.target" "rsyslog.service" ]; From f27ed66a5cb2739f89e88747773d54c95313cb4f Mon Sep 17 00:00:00 2001 From: taku0 Date: Sat, 30 Jan 2021 19:58:55 +0900 Subject: [PATCH 03/26] thunderbird-bin: change from name to pname + version --- .../networking/mailreaders/thunderbird-bin/default.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pkgs/applications/networking/mailreaders/thunderbird-bin/default.nix b/pkgs/applications/networking/mailreaders/thunderbird-bin/default.nix index b1905359cd3..f9027285c13 100644 --- a/pkgs/applications/networking/mailreaders/thunderbird-bin/default.nix +++ b/pkgs/applications/networking/mailreaders/thunderbird-bin/default.nix @@ -63,12 +63,11 @@ let defaultSource = lib.findFirst (sourceMatches "en-US") {} sources; source = lib.findFirst (sourceMatches systemLocale) defaultSource sources; - - name = "thunderbird-bin-${version}"; in stdenv.mkDerivation { - inherit name; + pname = "thunderbird-bin"; + inherit version; src = fetchurl { url = "https://download-installer.cdn.mozilla.net/pub/thunderbird/releases/${version}/${source.arch}/${source.locale}/thunderbird-${version}.tar.bz2"; @@ -169,7 +168,8 @@ stdenv.mkDerivation { ''; passthru.updateScript = import ./../../browsers/firefox-bin/update.nix { - inherit name writeScript xidel coreutils gnused gnugrep curl gnupg runtimeShell; + inherit writeScript xidel coreutils gnused gnugrep curl gnupg runtimeShell; + name = "thunderbird-bin-${version}"; baseName = "thunderbird"; channel = "release"; basePath = "pkgs/applications/networking/mailreaders/thunderbird-bin"; From 1f3c9fd0ef36319f0cb8db7ef62580467a660224 Mon Sep 17 00:00:00 2001 From: Andrey Golovizin Date: Wed, 10 Feb 2021 19:53:35 +0100 Subject: [PATCH 04/26] nixos/tests/networking: fix DHCP range Exclude static 192.168.*.2 addresses from the dynamic address range to prevent different interfaces from getting the same address. Seems like configuring a fixed IPv4 address does not automatically exclude it from the dynamic address range. Should fix occasional failures of nixos.tests.networking.scripted.macvlan and possibly other networking tests relying on DHCP. --- nixos/tests/networking.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/tests/networking.nix b/nixos/tests/networking.nix index 4fc5d48e0e1..58adab9d40a 100644 --- a/nixos/tests/networking.nix +++ b/nixos/tests/networking.nix @@ -35,7 +35,7 @@ let extraConfig = flip concatMapStrings vlanIfs (n: '' subnet 192.168.${toString n}.0 netmask 255.255.255.0 { option routers 192.168.${toString n}.1; - range 192.168.${toString n}.2 192.168.${toString n}.254; + range 192.168.${toString n}.3 192.168.${toString n}.254; } '') ; From 15d6eacb1564c7c6467f9a50a91426000593dc33 Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Tue, 22 Dec 2020 10:49:19 +0100 Subject: [PATCH 05/26] nixos/{networkd,dhcpcd}: remove udev-settle hack systemd-udev-settle is a terrible hack[1] and should never[2] ever[3] used, seriously it's very bad. It was used as a stop-gap solution for issue #39069, but thanks to PR #79532 it can be removed now. [1]: https://github.com/systemd/systemd/issues/7293#issuecomment-592941764 [2]: https://github.com/NixOS/nixpkgs/issues/73095 [3]: https://github.com/NixOS/nixpkgs/issues/107341 --- nixos/modules/services/networking/dhcpcd.nix | 3 +-- nixos/modules/system/boot/networkd.nix | 3 --- 2 files changed, 1 insertion(+), 5 deletions(-) diff --git a/nixos/modules/services/networking/dhcpcd.nix b/nixos/modules/services/networking/dhcpcd.nix index d10bffd9147..31e4b6ad298 100644 --- a/nixos/modules/services/networking/dhcpcd.nix +++ b/nixos/modules/services/networking/dhcpcd.nix @@ -191,9 +191,8 @@ in { description = "DHCP Client"; wantedBy = [ "multi-user.target" ] ++ optional (!hasDefaultGatewaySet) "network-online.target"; - wants = [ "network.target" "systemd-udev-settle.service" ]; + wants = [ "network.target" ]; before = [ "network-online.target" ]; - after = [ "systemd-udev-settle.service" ]; restartTriggers = [ exitHook ]; diff --git a/nixos/modules/system/boot/networkd.nix b/nixos/modules/system/boot/networkd.nix index 3b01bc00baf..914d3e62eb4 100644 --- a/nixos/modules/system/boot/networkd.nix +++ b/nixos/modules/system/boot/networkd.nix @@ -1553,9 +1553,6 @@ in wantedBy = [ "multi-user.target" ]; aliases = [ "dbus-org.freedesktop.network1.service" ]; restartTriggers = map (x: x.source) (attrValues unitFiles); - # prevent race condition with interface renaming (#39069) - requires = [ "systemd-udev-settle.service" ]; - after = [ "systemd-udev-settle.service" ]; }; systemd.services.systemd-networkd-wait-online = { From 65325292da4b653fa5cae1dd8a0547015cfc0205 Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Thu, 18 Feb 2021 18:03:00 +0100 Subject: [PATCH 06/26] nixos/stage-1: install networkd link files Renaming an interface must be done in stage-1: otherwise udev will report the interface as ready and network daemons (networkd, dhcpcd, etc.) will bring it up. Once up the interface can't be changed and the renaming will fail. Note: link files are read directly by udev, so they can be used even without networkd enabled. --- nixos/modules/system/boot/stage-1.nix | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/nixos/modules/system/boot/stage-1.nix b/nixos/modules/system/boot/stage-1.nix index 44287f3cf09..4074f2e0235 100644 --- a/nixos/modules/system/boot/stage-1.nix +++ b/nixos/modules/system/boot/stage-1.nix @@ -205,13 +205,22 @@ let ''; # */ + # Networkd link files are used early by udev to set up interfaces early. + # This must be done in stage 1 to avoid race conditions between udev and + # network daemons. linkUnits = pkgs.runCommand "link-units" { allowedReferences = [ extraUtils ]; preferLocalBuild = true; - } '' + } ('' mkdir -p $out cp -v ${udev}/lib/systemd/network/*.link $out/ - ''; + '' + ( + let + links = filterAttrs (n: v: hasSuffix ".link" n) config.systemd.network.units; + files = mapAttrsToList (n: v: "${v.unit}/${n}") links; + in + concatMapStringsSep "\n" (file: "cp -v ${file} $out/") files + )); udevRules = pkgs.runCommand "udev-rules" { allowedReferences = [ extraUtils ]; From 8e59a682a5e937b4ad6f1246ca59196b8558446d Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Thu, 18 Feb 2021 19:14:00 +0100 Subject: [PATCH 07/26] nixos/udev: add option to install rules in initrd Note: this moves the example rule used to rename network interfaces in the new udev.initrdRules option, which is required since 115cdd1c. --- nixos/modules/services/hardware/udev.nix | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) diff --git a/nixos/modules/services/hardware/udev.nix b/nixos/modules/services/hardware/udev.nix index 63027f7744d..d48b5444677 100644 --- a/nixos/modules/services/hardware/udev.nix +++ b/nixos/modules/services/hardware/udev.nix @@ -202,12 +202,26 @@ in ''; }; - extraRules = mkOption { + initrdRules = mkOption { default = ""; example = '' SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:1D:60:B9:6D:4F", KERNEL=="eth*", NAME="my_fast_network_card" ''; type = types.lines; + description = '' + udev rules to include in the initrd + only. They'll be written into file + 99-local.rules. Thus they are read and applied + after the essential initrd rules. + ''; + }; + + extraRules = mkOption { + default = ""; + example = '' + ENV{ID_VENDOR_ID}=="046d", ENV{ID_MODEL_ID}=="0825", ENV{PULSE_IGNORE}="1" + ''; + type = types.lines; description = '' Additional udev rules. They'll be written into file 99-local.rules. Thus they are @@ -284,6 +298,13 @@ in boot.kernelParams = mkIf (!config.networking.usePredictableInterfaceNames) [ "net.ifnames=0" ]; + boot.initrd.extraUdevRulesCommands = optionalString (cfg.initrdRules != "") + '' + cat <<'EOF' > $out/99-local.rules + ${cfg.initrdRules} + EOF + ''; + environment.etc = { "udev/rules.d".source = udevRules; From 7384c81e986d27aa08c451b21b6508c1ecf767a2 Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Thu, 18 Feb 2021 18:12:48 +0100 Subject: [PATCH 08/26] nixos/tests/networking: test interface renaming --- nixos/tests/networking.nix | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/nixos/tests/networking.nix b/nixos/tests/networking.nix index 4fc5d48e0e1..62e9c2f62ad 100644 --- a/nixos/tests/networking.nix +++ b/nixos/tests/networking.nix @@ -672,6 +672,30 @@ let ), "The IPv6 routing table has not been properly cleaned:\n{}".format(ipv6Residue) ''; }; + rename = { + name = "RenameInterface"; + machine = { pkgs, ... }: { + virtualisation.vlans = [ 1 ]; + networking = { + useNetworkd = networkd; + useDHCP = false; + }; + } // + (if networkd + then { systemd.network.links."10-custom_name" = { + matchConfig.MACAddress = "52:54:00:12:01:01"; + linkConfig.Name = "custom_name"; + }; + } + else { services.udev.initrdRules = '' + SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="52:54:00:12:01:01", KERNEL=="eth*", NAME="custom_name" + ''; + }); + testScript = '' + machine.succeed("udevadm settle") + print(machine.succeed("ip link show dev custom_name")) + ''; + }; # even with disabled networkd, systemd.network.links should work # (as it's handled by udev, not networkd) link = { From aafaf3ba97c2b7a370d865f98bcb316ea5a044aa Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Fri, 19 Feb 2021 00:55:43 +0100 Subject: [PATCH 09/26] nixos/docs: add section on renaming interfaces --- nixos/doc/manual/configuration/networking.xml | 1 + .../configuration/renaming-interfaces.xml | 67 +++++++++++++++++++ 2 files changed, 68 insertions(+) create mode 100644 nixos/doc/manual/configuration/renaming-interfaces.xml diff --git a/nixos/doc/manual/configuration/networking.xml b/nixos/doc/manual/configuration/networking.xml index 02cf811e0bd..8369e9c9c85 100644 --- a/nixos/doc/manual/configuration/networking.xml +++ b/nixos/doc/manual/configuration/networking.xml @@ -15,5 +15,6 @@ + diff --git a/nixos/doc/manual/configuration/renaming-interfaces.xml b/nixos/doc/manual/configuration/renaming-interfaces.xml new file mode 100644 index 00000000000..d760bb3a4da --- /dev/null +++ b/nixos/doc/manual/configuration/renaming-interfaces.xml @@ -0,0 +1,67 @@ +
+ Renaming network interfaces + + + NixOS uses the udev + predictable naming scheme + to assign names to network interfaces. This means that by default + cards are not given the traditional names like + eth0 or eth1, whose order can + change unpredictably across reboots. Instead, relying on physical + locations and firmware information, the scheme produces names like + ens1, enp2s0, etc. + + + + These names are predictable but less memorable and not necessarily + stable: for example installing new hardware or changing firmware + settings can result in a + name change. + If this is undesirable, for example if you have a single ethernet + card, you can revert to the traditional scheme by setting + to + false. + + +
+ Assigning custom names + + In case there are multiple interfaces of the same type, it’s better to + assign custom names based on the device hardware address. For + example, we assign the name wan to the interface + with MAC address 52:54:00:12:01:01 using a + netword link unit: + + + systemd.network.links."10-wan" = { + matchConfig.MACAddress = "52:54:00:12:01:01"; + linkConfig.Name = "wan"; + }; + + + Note that links are directly read by udev, not networkd, + and will work even if networkd is disabled. + + + Alternatively, we can use a plain old udev rule: + + + services.udev.initrdRules = '' + SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", \ + ATTR{address}=="52:54:00:12:01:01", KERNEL=="eth*", NAME="wan" + ''; + + + + The rule must be installed in the initrd using + services.udev.initrdRules, not the usual + services.udev.extraRules option. This is to avoid race + conditions with other programs controlling the interface. + +
+ +
From d683d26d899c9c3011cf651d7e5ade072d4c800d Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Fri, 19 Feb 2021 00:59:16 +0100 Subject: [PATCH 10/26] nixos/release-notes: warn on interface renaming --- nixos/doc/manual/release-notes/rl-2105.xml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/nixos/doc/manual/release-notes/rl-2105.xml b/nixos/doc/manual/release-notes/rl-2105.xml index 6dd14d6051e..ff2ce2a2163 100644 --- a/nixos/doc/manual/release-notes/rl-2105.xml +++ b/nixos/doc/manual/release-notes/rl-2105.xml @@ -91,6 +91,16 @@ + + + If you are using to assign + custom names to network interfaces, this may stop working due to a change + in the initialisation of dhcpcd and systemd networkd. To avoid this, either + move them to or see the new + Assigning custom names section + of the NixOS manual for an example using networkd links. + + systemd-journal2gelf no longer parses json and expects the receiving system to handle it. How to achieve this with Graylog is described in this GitHub issue. From 05ba4b06b7e700f0519d21cbc65569b102492f52 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Fri, 19 Feb 2021 14:08:18 +0100 Subject: [PATCH 11/26] python3Packages.pysmbc: 1.0.21 -> 1.0.23 --- .../python-modules/pysmbc/default.nix | 24 ++++++++++++------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/pkgs/development/python-modules/pysmbc/default.nix b/pkgs/development/python-modules/pysmbc/default.nix index bea1438f679..93aa6606c7d 100644 --- a/pkgs/development/python-modules/pysmbc/default.nix +++ b/pkgs/development/python-modules/pysmbc/default.nix @@ -1,23 +1,31 @@ -{ lib, buildPythonPackage, fetchPypi -, samba, pkg-config -, setuptools }: +{ lib +, buildPythonPackage +, fetchPypi +, samba +, pkg-config +}: buildPythonPackage rec { - version = "1.0.21"; pname = "pysmbc"; + version = "1.0.23"; src = fetchPypi { inherit pname version; - extension = "tar.bz2"; - sha256 = "14b75f358ical7zzqh3g1qkh2dxwxn2gz7sah5f5svndqkd3z8jy"; + sha256 = "1y0n1n6jkzf4mr5lqfc73l2m0qp56gvxwfjnx2vj8c0hh5i1gnq8"; }; nativeBuildInputs = [ pkg-config ]; - buildInputs = [ setuptools samba ]; + + buildInputs = [ samba ]; + + # Tests would require a local SMB server + doCheck = false; + pythonImportsCheck = [ "smbc" ]; meta = with lib; { description = "libsmbclient binding for Python"; homepage = "https://github.com/hamano/pysmbc"; - license = licenses.gpl2Plus; + license = with licenses; [ gpl2Plus ]; + maintainers = with maintainers; [ fab ]; }; } From 95f96de78ed47fc77eaffe9399fb672f549fccb3 Mon Sep 17 00:00:00 2001 From: talyz Date: Thu, 11 Feb 2021 21:16:51 +0100 Subject: [PATCH 12/26] gce/fetch-ssh-keys: Put script in separate file, use PrivateTmp... ...check the script with shfmt and shellcheck + some other minor refactoring. --- .../fetch-instance-ssh-keys.bash | 36 ++++++++++ .../virtualisation/google-compute-config.nix | 68 ++++--------------- 2 files changed, 51 insertions(+), 53 deletions(-) create mode 100644 nixos/modules/virtualisation/fetch-instance-ssh-keys.bash diff --git a/nixos/modules/virtualisation/fetch-instance-ssh-keys.bash b/nixos/modules/virtualisation/fetch-instance-ssh-keys.bash new file mode 100644 index 00000000000..4a860196111 --- /dev/null +++ b/nixos/modules/virtualisation/fetch-instance-ssh-keys.bash @@ -0,0 +1,36 @@ +#!/usr/bin/env bash + +set -euo pipefail + +WGET() { + wget --retry-connrefused -t 15 --waitretry=10 --header='Metadata-Flavor: Google' "$@" +} + +# When dealing with cryptographic keys, we want to keep things private. +umask 077 +mkdir -p /root/.ssh + +echo "Fetching authorized keys..." +WGET -O /tmp/auth_keys http://metadata.google.internal/computeMetadata/v1/instance/attributes/sshKeys + +# Read keys one by one, split in case Google decided +# to append metadata (it does sometimes) and add to +# authorized_keys if not already present. +touch /root/.ssh/authorized_keys +while IFS='' read -r line || [[ -n "$line" ]]; do + keyLine=$(echo -n "$line" | cut -d ':' -f2) + IFS=' ' read -r -a array <<<"$keyLine" + if [[ ${#array[@]} -ge 3 ]]; then + echo "${array[@]:0:3}" >>/tmp/new_keys + echo "Added ${array[*]:2} to authorized_keys" + fi +done > $NEW_KEYS - echo "Added ''${array[@]:2} to authorized_keys" - fi - done < $AUTH_KEYS - mv $NEW_KEYS /root/.ssh/authorized_keys - chmod 600 /root/.ssh/authorized_keys - rm -f $KEY_PUB - else - echo "Downloading http://metadata.google.internal/computeMetadata/v1/project/attributes/sshKeys failed." - false - fi - rm -f $AUTH_KEYS - - SSH_HOST_KEYS_DIR=$(${mktemp} -d) - ${wget} -O $SSH_HOST_KEYS_DIR/ssh_host_ed25519_key http://metadata.google.internal/computeMetadata/v1/instance/attributes/ssh_host_ed25519_key - ${wget} -O $SSH_HOST_KEYS_DIR/ssh_host_ed25519_key.pub http://metadata.google.internal/computeMetadata/v1/instance/attributes/ssh_host_ed25519_key_pub - if [ -s $SSH_HOST_KEYS_DIR/ssh_host_ed25519_key -a -s $SSH_HOST_KEYS_DIR/ssh_host_ed25519_key.pub ]; then - mv -f $SSH_HOST_KEYS_DIR/ssh_host_ed25519_key* /etc/ssh/ - chmod 600 /etc/ssh/ssh_host_ed25519_key - chmod 644 /etc/ssh/ssh_host_ed25519_key.pub - else - echo "Setup of ssh host keys from http://metadata.google.internal/computeMetadata/v1/instance/attributes/ failed." - false - fi - rm -rf $SSH_HOST_KEYS_DIR + serviceConfig = { + Type = "oneshot"; + ExecStart = pkgs.runCommand "fetch-instance-ssh-keys" { } '' + cp ${./fetch-instance-ssh-keys.bash} $out + chmod +x $out + ${pkgs.shfmt}/bin/shfmt -i 4 -d $out + ${pkgs.shellcheck}/bin/shellcheck $out + patchShebangs $out ''; - serviceConfig.Type = "oneshot"; - serviceConfig.RemainAfterExit = true; - serviceConfig.StandardError = "journal+console"; - serviceConfig.StandardOutput = "journal+console"; + PrivateTmp = true; + StandardError = "journal+console"; + StandardOutput = "journal+console"; + }; }; systemd.services.google-instance-setup = { From b76056aebcdddf7e68170a57314c4c6afd599d49 Mon Sep 17 00:00:00 2001 From: Louis Bettens Date: Sat, 20 Feb 2021 10:16:45 +0100 Subject: [PATCH 13/26] spacevim: fix #110407 --- pkgs/applications/editors/spacevim/default.nix | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/editors/spacevim/default.nix b/pkgs/applications/editors/spacevim/default.nix index c32130986b8..88d18573240 100644 --- a/pkgs/applications/editors/spacevim/default.nix +++ b/pkgs/applications/editors/spacevim/default.nix @@ -1,5 +1,5 @@ { ripgrep, git, fzf, makeWrapper, vim_configurable, vimPlugins, fetchFromGitHub -, lib, stdenv, formats, spacevim_config ? import ./init.nix }: +, lib, stdenv, formats, runCommand, spacevim_config ? import ./init.nix }: let format = formats.toml {}; @@ -10,7 +10,10 @@ let # ~/.cache/vimfiles/repos vimrcConfig.packages.myVimPackage = with vimPlugins; { start = [ ]; }; }; - spacevimdir = format.generate "init.toml" spacevim_config; + spacevimdir = runCommand "SpaceVim.d" { } '' + mkdir -p $out + cp ${format.generate "init.toml" spacevim_config} $out/init.toml + ''; in stdenv.mkDerivation rec { pname = "spacevim"; version = "1.5.0"; From f49a63ece6ddf9aba40a91b62df29c6069379997 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Sat, 20 Feb 2021 11:58:25 +0100 Subject: [PATCH 14/26] metasploit: 6.0.30 -> 6.0.31 --- pkgs/tools/security/metasploit/Gemfile | 2 +- pkgs/tools/security/metasploit/Gemfile.lock | 13 +++++++------ pkgs/tools/security/metasploit/default.nix | 4 ++-- pkgs/tools/security/metasploit/gemset.nix | 18 +++++++++--------- 4 files changed, 19 insertions(+), 18 deletions(-) diff --git a/pkgs/tools/security/metasploit/Gemfile b/pkgs/tools/security/metasploit/Gemfile index 86c44ef0953..ff2d70f3924 100644 --- a/pkgs/tools/security/metasploit/Gemfile +++ b/pkgs/tools/security/metasploit/Gemfile @@ -1,4 +1,4 @@ # frozen_string_literal: true source "https://rubygems.org" -gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/6.0.30" +gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/6.0.31" diff --git a/pkgs/tools/security/metasploit/Gemfile.lock b/pkgs/tools/security/metasploit/Gemfile.lock index dd5d4dc2f6b..60aa8ce9eb0 100644 --- a/pkgs/tools/security/metasploit/Gemfile.lock +++ b/pkgs/tools/security/metasploit/Gemfile.lock @@ -1,9 +1,9 @@ GIT remote: https://github.com/rapid7/metasploit-framework - revision: f444c3995f21f9e9eaba63d465fac7d60ba88ebb - ref: refs/tags/6.0.30 + revision: 56ef940a085620b127d61a516bc10241a795f92b + ref: refs/tags/6.0.31 specs: - metasploit-framework (6.0.30) + metasploit-framework (6.0.31) actionpack (~> 5.2.2) activerecord (~> 5.2.2) activesupport (~> 5.2.2) @@ -124,7 +124,7 @@ GEM arel-helpers (2.12.0) activerecord (>= 3.1.0, < 7) aws-eventstream (1.1.0) - aws-partitions (1.427.0) + aws-partitions (1.428.0) aws-sdk-core (3.112.0) aws-eventstream (~> 1, >= 1.0.2) aws-partitions (~> 1, >= 1.239.0) @@ -215,7 +215,7 @@ GEM activesupport (~> 5.2.2) railties (~> 5.2.2) metasploit-payloads (2.0.28) - metasploit_data_models (4.1.1) + metasploit_data_models (4.1.2) activerecord (~> 5.2.2) activesupport (~> 5.2.2) arel-helpers @@ -224,6 +224,7 @@ GEM pg railties (~> 5.2.2) recog (~> 2.0) + webrick metasploit_payloads-mettle (1.0.6) method_source (1.0.0) mini_portile2 (2.5.0) @@ -326,7 +327,7 @@ GEM rex-text rex-socket (0.1.25) rex-core - rex-sslscan (0.1.5) + rex-sslscan (0.1.6) rex-core rex-socket rex-text diff --git a/pkgs/tools/security/metasploit/default.nix b/pkgs/tools/security/metasploit/default.nix index 619cc9c3192..2268bcc5d3d 100644 --- a/pkgs/tools/security/metasploit/default.nix +++ b/pkgs/tools/security/metasploit/default.nix @@ -8,13 +8,13 @@ let }; in stdenv.mkDerivation rec { pname = "metasploit-framework"; - version = "6.0.30"; + version = "6.0.31"; src = fetchFromGitHub { owner = "rapid7"; repo = "metasploit-framework"; rev = version; - sha256 = "sha256-DD/nFbSNs3nVNe+W+5zAmDlvMCseYuWWpKX9Dp+9Etc="; + sha256 = "sha256-wt7VeS8NnmJHMhry/68W1S1f9jUnsSHnhUSrCQN1qNM="; }; buildInputs = [ makeWrapper ]; diff --git a/pkgs/tools/security/metasploit/gemset.nix b/pkgs/tools/security/metasploit/gemset.nix index 72f60a90ea4..429e685b8f0 100644 --- a/pkgs/tools/security/metasploit/gemset.nix +++ b/pkgs/tools/security/metasploit/gemset.nix @@ -114,10 +114,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1v7dwyqkwdbp4f627y459lj22vimjzwhk2z987bcncq2ml7ldrfz"; + sha256 = "13rvpllihvpksf1jqwa2i5vbv2hhb34viaidw4rkxr3dyygkdpj8"; type = "gem"; }; - version = "1.427.0"; + version = "1.428.0"; }; aws-sdk-core = { groups = ["default"]; @@ -524,12 +524,12 @@ platforms = []; source = { fetchSubmodules = false; - rev = "f444c3995f21f9e9eaba63d465fac7d60ba88ebb"; - sha256 = "1mqjpnghxzd5ljbfaqhy5cq6yfcqq2fgp5pg6papkcwdnhayfgqc"; + rev = "56ef940a085620b127d61a516bc10241a795f92b"; + sha256 = "1lx8fl1hkas4hpkj3c976pv5ybfm2spzzwhs693n57hd5xwxbpn2"; type = "git"; url = "https://github.com/rapid7/metasploit-framework"; }; - version = "6.0.30"; + version = "6.0.31"; }; metasploit-model = { groups = ["default"]; @@ -556,10 +556,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1czqg49b7n9n2iqp6r4f1cxh8kd39gbjvydq09hzmzdmkwxh3x1f"; + sha256 = "1kzlvq20ml4b5lr1qbrkmivdi37mxi8fasdqg4yla2libfbdz008"; type = "gem"; }; - version = "4.1.1"; + version = "4.1.2"; }; metasploit_payloads-mettle = { groups = ["default"]; @@ -1086,10 +1086,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "06gbx45q653ajcx099p0yxdqqxazfznbrqshd4nwiwg1p498lmyx"; + sha256 = "0r58n1ifbay1gq3kln9yg5iqjwp69l0pmb9sqakhqwhjlhzqx2kr"; type = "gem"; }; - version = "0.1.5"; + version = "0.1.6"; }; rex-struct2 = { groups = ["default"]; From e76c069163465dcf8ac599f073914345b77e172d Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Sat, 20 Feb 2021 11:42:51 +0000 Subject: [PATCH 15/26] python37Packages.google-cloud-bigquery: 2.8.0 -> 2.9.0 --- .../python-modules/google-cloud-bigquery/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/google-cloud-bigquery/default.nix b/pkgs/development/python-modules/google-cloud-bigquery/default.nix index a2664265171..644c7ef9185 100644 --- a/pkgs/development/python-modules/google-cloud-bigquery/default.nix +++ b/pkgs/development/python-modules/google-cloud-bigquery/default.nix @@ -17,11 +17,11 @@ buildPythonPackage rec { pname = "google-cloud-bigquery"; - version = "2.8.0"; + version = "2.9.0"; src = fetchPypi { inherit pname version; - sha256 = "c4c43f7f440d6e5bb2895d21122af5de65b487ea2c69cea466a516bb826ab921"; + sha256 = "33fcbdf5567bdb7657fb3485f061e7f1b45361f65fdafc168ab9172117fd9a5a"; }; propagatedBuildInputs = [ From def775866f61cdee1dcbbf2b2715c7314e69149c Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Sat, 20 Feb 2021 16:32:33 +0100 Subject: [PATCH 16/26] python3Packages.yalesmartalarmclient: init at 0.3.1 --- .../yalesmartalarmclient/default.nix | 30 +++++++++++++++++++ pkgs/top-level/python-packages.nix | 2 ++ 2 files changed, 32 insertions(+) create mode 100644 pkgs/development/python-modules/yalesmartalarmclient/default.nix diff --git a/pkgs/development/python-modules/yalesmartalarmclient/default.nix b/pkgs/development/python-modules/yalesmartalarmclient/default.nix new file mode 100644 index 00000000000..a4ca97e27ac --- /dev/null +++ b/pkgs/development/python-modules/yalesmartalarmclient/default.nix @@ -0,0 +1,30 @@ +{ lib +, buildPythonPackage +, fetchFromGitHub +, requests +}: + +buildPythonPackage rec { + pname = "yalesmartalarmclient"; + version = "0.3.1"; + + src = fetchFromGitHub { + owner = "domwillcode"; + repo = "yale-smart-alarm-client"; + rev = "v${version}"; + sha256 = "0fscp9n66h8a8khvjs2rjgm95xsdckpknadnyxqdmhw3hlj0aw6h"; + }; + + propagatedBuildInputs = [ requests ]; + + # Project has no tests + doCheck = false; + pythonImportsCheck = [ "yalesmartalarmclient" ]; + + meta = with lib; { + description = "Python module to interface with Yale Smart Alarm Systems"; + homepage = "https://github.com/mampfes/python-wiffi"; + license = with licenses; [ asl20 ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 8e9824fe901..d67b31e9c3d 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -8512,6 +8512,8 @@ in { yahooweather = callPackage ../development/python-modules/yahooweather { }; + yalesmartalarmclient = callPackage ../development/python-modules/yalesmartalarmclient { }; + yamale = callPackage ../development/python-modules/yamale { }; yamllint = callPackage ../development/python-modules/yamllint { }; From 3b100e6db13e472223805a539f62899c10735323 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Sat, 20 Feb 2021 16:32:52 +0100 Subject: [PATCH 17/26] home-assistant: update component-packages --- pkgs/servers/home-assistant/component-packages.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/servers/home-assistant/component-packages.nix b/pkgs/servers/home-assistant/component-packages.nix index 3c244696f1f..fe0d0a16022 100644 --- a/pkgs/servers/home-assistant/component-packages.nix +++ b/pkgs/servers/home-assistant/component-packages.nix @@ -953,7 +953,7 @@ "xiaomi_tv" = ps: with ps; [ ]; # missing inputs: pymitv "xmpp" = ps: with ps; [ slixmpp ]; "xs1" = ps: with ps; [ ]; # missing inputs: xs1-api-client - "yale_smart_alarm" = ps: with ps; [ ]; # missing inputs: yalesmartalarmclient + "yale_smart_alarm" = ps: with ps; [ yalesmartalarmclient ]; "yamaha" = ps: with ps; [ rxv ]; "yamaha_musiccast" = ps: with ps; [ ]; # missing inputs: pymusiccast "yandex_transport" = ps: with ps; [ ]; # missing inputs: aioymaps From 1aee338519982431256d49c25d28a4c16b144a13 Mon Sep 17 00:00:00 2001 From: 0x4A6F <0x4A6F@users.noreply.github.com> Date: Sat, 20 Feb 2021 15:33:41 +0000 Subject: [PATCH 18/26] xandikos: 0.2.3 -> 0.2.5 --- pkgs/servers/xandikos/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/servers/xandikos/default.nix b/pkgs/servers/xandikos/default.nix index 5241139cfa3..60480b3ac2b 100644 --- a/pkgs/servers/xandikos/default.nix +++ b/pkgs/servers/xandikos/default.nix @@ -6,13 +6,13 @@ python3Packages.buildPythonApplication rec { pname = "xandikos"; - version = "0.2.3"; + version = "0.2.5"; src = fetchFromGitHub { owner = "jelmer"; repo = "xandikos"; rev = "v${version}"; - sha256 = "1x0bylmdizirvlcn6ryd43lffpmlq0cklj3jz956scmxgq4p6wby"; + sha256 = "sha256-/pr8ZqgYk24CdJNAETCDF4ZtufXkVEu1Zw25PcPEo7M="; }; propagatedBuildInputs = with python3Packages; [ From c14eb379f8af2c447e4a98eba95a822cebf8e93b Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Sat, 20 Feb 2021 17:06:19 +0000 Subject: [PATCH 19/26] python37Packages.google-cloud-container: 2.3.0 -> 2.3.1 --- .../python-modules/google-cloud-container/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/google-cloud-container/default.nix b/pkgs/development/python-modules/google-cloud-container/default.nix index 1cf94d220e6..4a14080e5e9 100644 --- a/pkgs/development/python-modules/google-cloud-container/default.nix +++ b/pkgs/development/python-modules/google-cloud-container/default.nix @@ -12,11 +12,11 @@ buildPythonPackage rec { pname = "google-cloud-container"; - version = "2.3.0"; + version = "2.3.1"; src = fetchPypi { inherit pname version; - sha256 = "04f9mx1wxy3l9dvzvvr579fnjp1fdqhgplv5y2gl7h2mvn281k8d"; + sha256 = "69e10c999c64996822aa2ca138cffcdf0f1e04bdbdb7206c286fa17fb800703a"; }; propagatedBuildInputs = [ google-api-core grpc_google_iam_v1 libcst proto-plus ]; From 92bc0f7bc61baf88e40a6c846f9ce352407f49a2 Mon Sep 17 00:00:00 2001 From: Louis Bettens Date: Sat, 20 Feb 2021 18:08:41 +0100 Subject: [PATCH 20/26] spacevim: best practices --- pkgs/applications/editors/spacevim/default.nix | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/pkgs/applications/editors/spacevim/default.nix b/pkgs/applications/editors/spacevim/default.nix index 88d18573240..930c8f919e4 100644 --- a/pkgs/applications/editors/spacevim/default.nix +++ b/pkgs/applications/editors/spacevim/default.nix @@ -28,13 +28,19 @@ in stdenv.mkDerivation rec { buildInputs = [ vim-customized ]; buildPhase = '' + runHook preBuild # generate the helptags vim -u NONE -c "helptags $(pwd)/doc" -c q + runHook postBuild ''; - patches = [ ./helptags.patch ]; + patches = [ + # Don't generate helptags at runtime into read-only $SPACEVIMDIR + ./helptags.patch + ]; installPhase = '' + runHook preInstall mkdir -p $out/bin cp -r $(pwd) $out/SpaceVim @@ -43,6 +49,7 @@ in stdenv.mkDerivation rec { makeWrapper "${vim-customized}/bin/vim" "$out/bin/spacevim" \ --add-flags "-u $out/SpaceVim/vimrc" --set SPACEVIMDIR "${spacevimdir}/" \ --prefix PATH : ${lib.makeBinPath [ fzf git ripgrep]} + runHook postInstall ''; meta = with lib; { From 4b1655f47e3b0d9bc6b2fdc7e240e40a4b9d5072 Mon Sep 17 00:00:00 2001 From: Michael Lingelbach Date: Sat, 20 Feb 2021 09:41:17 -0800 Subject: [PATCH 21/26] sumneko-lua-language-server: 1.11.2 -> 1.16.0 --- .../development/tools/sumneko-lua-language-server/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/tools/sumneko-lua-language-server/default.nix b/pkgs/development/tools/sumneko-lua-language-server/default.nix index d63493ba7a1..f962447feb7 100644 --- a/pkgs/development/tools/sumneko-lua-language-server/default.nix +++ b/pkgs/development/tools/sumneko-lua-language-server/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "sumneko-lua-language-server"; - version = "1.11.2"; + version = "1.16.0"; src = fetchFromGitHub { owner = "sumneko"; repo = "lua-language-server"; rev = version; - sha256 = "1cnzwfqmzlzi6797l37arhhx2l6wsvs3jjgxdxwdbgq3rfz1ncr8"; + sha256 = "1fqhvmz7a4qgz3zq6qgpcjhhhm2j4wpx0385n3zcphd9h9s3a9xa"; fetchSubmodules = true; }; From 5363f1714b632a87fdbb7f160ee2a90e77f2db36 Mon Sep 17 00:00:00 2001 From: Ivan Babrou Date: Tue, 9 Feb 2021 20:55:08 -0800 Subject: [PATCH 22/26] mesa: fix missing timespec_get on aarch64-darwin This doesn't affect any other target. See: https://gitlab.freedesktop.org/mesa/mesa/-/issues/1020 --- .../libraries/mesa/aarch64-darwin.patch | 33 +++++++++++++++++++ pkgs/development/libraries/mesa/default.nix | 4 +++ 2 files changed, 37 insertions(+) create mode 100644 pkgs/development/libraries/mesa/aarch64-darwin.patch diff --git a/pkgs/development/libraries/mesa/aarch64-darwin.patch b/pkgs/development/libraries/mesa/aarch64-darwin.patch new file mode 100644 index 00000000000..e60a4ffa308 --- /dev/null +++ b/pkgs/development/libraries/mesa/aarch64-darwin.patch @@ -0,0 +1,33 @@ +From 8ac29b952e638ec1ea8c3734a3b91253e50c336d Mon Sep 17 00:00:00 2001 +From: Jeremy Huddleston Sequoia +Date: Sun, 24 Jan 2021 21:10:29 -0800 +Subject: [PATCH 4/4] Hack to address build failure when using newer macOS SDKs + with older deployment targets + +Signed-off-by: Jeremy Huddleston Sequoia +--- + include/c11/threads_posix.h | 8 +++++++- + 1 file changed, 7 insertions(+), 1 deletion(-) + +diff --git a/include/c11/threads_posix.h b/include/c11/threads_posix.h +index 45cb6075e6e..355d725f7da 100644 +--- a/include/c11/threads_posix.h ++++ b/include/c11/threads_posix.h +@@ -382,7 +382,13 @@ tss_set(tss_t key, void *val) + + /*-------------------- 7.25.7 Time functions --------------------*/ + // 7.25.6.1 +-#ifndef HAVE_TIMESPEC_GET ++#if !defined(HAVE_TIMESPEC_GET) || defined(__APPLE__) ++ ++#ifdef __APPLE__ ++#include ++#define timespec_get(ts, b) mesa_timespec_get(ts, b) ++#endif ++ + static inline int + timespec_get(struct timespec *ts, int base) + { +-- +2.29.2 (Apple Git-129) + diff --git a/pkgs/development/libraries/mesa/default.nix b/pkgs/development/libraries/mesa/default.nix index 36a0b52f357..e7c87bbc2c7 100644 --- a/pkgs/development/libraries/mesa/default.nix +++ b/pkgs/development/libraries/mesa/default.nix @@ -65,6 +65,10 @@ stdenv.mkDerivation { url = "https://gitlab.freedesktop.org/mesa/mesa/commit/aebbf819df6d1e.patch"; sha256 = "17248hyzg43d73c86p077m4lv1pkncaycr3l27hwv9k4ija9zl8q"; }) + ] ++ optionals (stdenv.isDarwin && stdenv.isAarch64) [ + # Fix aarch64-darwin build, remove when upstreaam supports it out of the box. + # See: https://gitlab.freedesktop.org/mesa/mesa/-/issues/1020 + ./aarch64-darwin.patch ]; postPatch = '' From 25cf4b000971538581457d2a9ca5b3e99819f5d1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Domen=20Ko=C5=BEar?= Date: Sat, 20 Feb 2021 18:53:43 +0000 Subject: [PATCH 23/26] pipewire: 0.3.21 -> 0.3.22 --- pkgs/development/libraries/pipewire/default.nix | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/pipewire/default.nix b/pkgs/development/libraries/pipewire/default.nix index fc566d91e91..93cef9b659f 100644 --- a/pkgs/development/libraries/pipewire/default.nix +++ b/pkgs/development/libraries/pipewire/default.nix @@ -13,6 +13,7 @@ , glib , dbus , alsaLib +, SDL2 , libjack2 , udev , libva @@ -42,7 +43,7 @@ let self = stdenv.mkDerivation rec { pname = "pipewire"; - version = "0.3.21"; + version = "0.3.22"; outputs = [ "out" @@ -60,7 +61,7 @@ let owner = "pipewire"; repo = "pipewire"; rev = version; - hash = "sha256:2YJzPTMPIoQQeNja3F53SD4gtpdSlbD/i77hBWiQfuQ="; + hash = "sha256:1ywna5f5v8s79ivrqfwwc8vy6sn3a2zvfwqyalf1fypj5d90w8g9"; }; patches = [ @@ -86,6 +87,7 @@ let alsaLib dbus glib + SDL2 libjack2 libsndfile ncurses From 2210eb352bca997658dd3d7221ec6f3f7b8db457 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= Date: Sat, 20 Feb 2021 20:12:40 +0100 Subject: [PATCH 24/26] gtk*: remove myself from meta.maintainers I haven't been really paying attention to it for years. Fortunately, others have been taking care of GTK+GNOME. --- pkgs/development/libraries/gtk/3.x.nix | 2 +- pkgs/development/libraries/gtk/4.x.nix | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/gtk/3.x.nix b/pkgs/development/libraries/gtk/3.x.nix index 5180df63460..159b03a26e1 100644 --- a/pkgs/development/libraries/gtk/3.x.nix +++ b/pkgs/development/libraries/gtk/3.x.nix @@ -214,7 +214,7 @@ stdenv.mkDerivation rec { ''; homepage = "https://www.gtk.org/"; license = licenses.lgpl2Plus; - maintainers = with maintainers; [ raskin vcunat lethalman worldofpeace ]; + maintainers = with maintainers; [ raskin lethalman worldofpeace ]; platforms = platforms.all; changelog = "https://gitlab.gnome.org/GNOME/gtk/-/raw/${version}/NEWS"; }; diff --git a/pkgs/development/libraries/gtk/4.x.nix b/pkgs/development/libraries/gtk/4.x.nix index 59b0b080a52..8eb35d467e1 100644 --- a/pkgs/development/libraries/gtk/4.x.nix +++ b/pkgs/development/libraries/gtk/4.x.nix @@ -226,7 +226,7 @@ stdenv.mkDerivation rec { ''; homepage = "https://www.gtk.org/"; license = licenses.lgpl2Plus; - maintainers = with maintainers; [ raskin vcunat lethalman worldofpeace ]; + maintainers = with maintainers; [ raskin lethalman worldofpeace ]; platforms = platforms.all; changelog = "https://gitlab.gnome.org/GNOME/gtk/-/raw/${version}/NEWS"; }; From f80482241b584c688ee5610ada7b116fa2184b02 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Sat, 20 Feb 2021 22:46:41 +0000 Subject: [PATCH 25/26] hugo: 0.80.0 -> 0.81.0 --- pkgs/applications/misc/hugo/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/misc/hugo/default.nix b/pkgs/applications/misc/hugo/default.nix index 35246a45da2..a4c32b9b931 100644 --- a/pkgs/applications/misc/hugo/default.nix +++ b/pkgs/applications/misc/hugo/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "hugo"; - version = "0.80.0"; + version = "0.81.0"; src = fetchFromGitHub { owner = "gohugoio"; repo = pname; rev = "v${version}"; - sha256 = "0xs9y5lj0mya6ag625x8j91mn9l9r13gxaqxyvl1fl40y2yjz1zm"; + sha256 = "sha256-9YroUxcLixu+MNL37JByCulCHv0WxWGwqBQ/+FGtZLw="; }; - vendorSha256 = "172mcs8p43bsdkd2hxg9qn6018fh8f36kxx0vgnq5q6fqsb6s1f6"; + vendorSha256 = "sha256-5gQyoLirXajkzxKxzcuPnjECL2mJPiHS65lYkyIpKs8="; doCheck = false; From 1173ecf67374d140d19be1485818d85daba9979e Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Sat, 20 Feb 2021 23:03:44 +0000 Subject: [PATCH 26/26] ipfs: 0.7.0 -> 0.8.0 --- pkgs/applications/networking/ipfs/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/networking/ipfs/default.nix b/pkgs/applications/networking/ipfs/default.nix index c54b4428819..1b648108e78 100644 --- a/pkgs/applications/networking/ipfs/default.nix +++ b/pkgs/applications/networking/ipfs/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "ipfs"; - version = "0.7.0"; + version = "0.8.0"; rev = "v${version}"; # go-ipfs makes changes to it's source tarball that don't match the git source. src = fetchurl { url = "https://github.com/ipfs/go-ipfs/releases/download/${rev}/go-ipfs-source.tar.gz"; - sha256 = "1fkzwm4qxxpmbjammk6s5qcyjxivfa0ydqz4mpz1w756c4jq0jf3"; + sha256 = "sha256-uK3+Ekr5AM6mmGmjFSj1Rotm5pbH657BYUlP9B39WEw="; }; # tarball contains multiple files/directories