Merge branch 'staging-next' into staging
This commit is contained in:
commit
e2e3861d6b
|
@ -44,9 +44,9 @@ Nixpkgs and NixOS are built and tested by our continuous integration
|
|||
system, [Hydra](https://hydra.nixos.org/).
|
||||
|
||||
* [Continuous package builds for unstable/master](https://hydra.nixos.org/jobset/nixos/trunk-combined)
|
||||
* [Continuous package builds for the NixOS 19.03 release](https://hydra.nixos.org/jobset/nixos/release-19.03)
|
||||
* [Continuous package builds for the NixOS 19.09 release](https://hydra.nixos.org/jobset/nixos/release-19.09)
|
||||
* [Tests for unstable/master](https://hydra.nixos.org/job/nixos/trunk-combined/tested#tabs-constituents)
|
||||
* [Tests for the NixOS 19.03 release](https://hydra.nixos.org/job/nixos/release-19.03/tested#tabs-constituents)
|
||||
* [Tests for the NixOS 19.09 release](https://hydra.nixos.org/job/nixos/release-19.09/tested#tabs-constituents)
|
||||
|
||||
Artifacts successfully built with Hydra are published to cache at
|
||||
https://cache.nixos.org/. When successful build and test criteria are
|
||||
|
|
|
@ -55,20 +55,7 @@
|
|||
<title>Rebar3</title>
|
||||
|
||||
<para>
|
||||
By default, Rebar3 wants to manage its own dependencies. This is perfectly acceptable in the normal, non-Nix setup, but in the Nix world, it is not. To rectify this, we provide two versions of Rebar3:
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
<para>
|
||||
<literal>rebar3</literal>: patched to remove the ability to download anything. When not running it via <literal>nix-shell</literal> or <literal>nix-build</literal>, it's probably not going to work as desired.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
<literal>rebar3-open</literal>: the normal, unmodified Rebar3. It should work exactly as would any other version of Rebar3. Any Erlang package should rely on <literal>rebar3</literal> instead. See <xref
|
||||
linkend="rebar3-packages"/>.
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
We provide a version of Rebar3, which is the normal, unmodified Rebar3, under <literal>rebar3</literal>. We also provide a helper to fetch Rebar3 dependencies from a lockfile under <literal>fetchRebar3Deps</literal>.
|
||||
</para>
|
||||
</section>
|
||||
|
||||
|
|
|
@ -356,6 +356,16 @@
|
|||
github = "alunduil";
|
||||
name = "Alex Brandt";
|
||||
};
|
||||
alva = {
|
||||
email = "alva@skogen.is";
|
||||
github = "fjallarefur";
|
||||
githubId = 42881386;
|
||||
name = "Alva";
|
||||
keys = [{
|
||||
longkeyid = "ed25519/0xF53E323342F7A6D3";
|
||||
fingerprint = "B422 CFB1 C9EF 73F7 E1E2 698D F53E 3233 42F7 A6D3A";
|
||||
}];
|
||||
};
|
||||
amar1729 = {
|
||||
email = "amar.paul16@gmail.com";
|
||||
github = "amar1729";
|
||||
|
@ -2272,7 +2282,7 @@
|
|||
name = "Frede Emil";
|
||||
};
|
||||
freepotion = {
|
||||
email = "free.potion@yandex.ru";
|
||||
email = "42352817+freepotion@users.noreply.github.com";
|
||||
github = "freepotion";
|
||||
githubId = 42352817;
|
||||
name = "Free Potion";
|
||||
|
@ -3551,6 +3561,12 @@
|
|||
github = "Lassulus";
|
||||
name = "Lassulus";
|
||||
};
|
||||
lattfein = {
|
||||
email = "lattfein@gmail.com";
|
||||
github = "lattfein";
|
||||
githubId = 53550838;
|
||||
name = "Koki Yasuno";
|
||||
};
|
||||
layus = {
|
||||
email = "layus.on@gmail.com";
|
||||
github = "layus";
|
||||
|
@ -3645,6 +3661,12 @@
|
|||
githubId = 307589;
|
||||
name = "Nathaniel Baxter";
|
||||
};
|
||||
liff = {
|
||||
email = "liff@iki.fi";
|
||||
github = "liff";
|
||||
githubId = 124475;
|
||||
name = "Olli Helenius";
|
||||
};
|
||||
lightbulbjim = {
|
||||
email = "chris@killred.net";
|
||||
github = "lightbulbjim";
|
||||
|
@ -4256,6 +4278,15 @@
|
|||
githubId = 5698461;
|
||||
name = "Maciej Kazulak";
|
||||
};
|
||||
mkf = {
|
||||
email = "m@mikf.pl";
|
||||
github = "mkf";
|
||||
name = "Michał Krzysztof Feiler";
|
||||
keys = [{
|
||||
longkeyid = "rsa4096/0xE35C2D7C2C6AC724";
|
||||
fingerprint = "1E36 9940 CC7E 01C4 CFE8 F20A E35C 2D7C 2C6A C724";
|
||||
}];
|
||||
};
|
||||
mkg = {
|
||||
email = "mkg@vt.edu";
|
||||
github = "mkgvt";
|
||||
|
@ -5892,6 +5923,12 @@
|
|||
githubId = 819413;
|
||||
name = "Benedict Aas";
|
||||
};
|
||||
shyim = {
|
||||
email = "s.sayakci@gmail.com";
|
||||
github = "shyim";
|
||||
githubId = 6224096;
|
||||
name = "Soner Sayakci";
|
||||
};
|
||||
siddharthist = {
|
||||
email = "langston.barrett@gmail.com";
|
||||
github = "langston-barrett";
|
||||
|
@ -6485,6 +6522,12 @@
|
|||
githubId = 224674;
|
||||
name = "Thomas Pham";
|
||||
};
|
||||
Thra11 = {
|
||||
email = "tahall256@protonmail.ch";
|
||||
github = "Thra11";
|
||||
githubId = 1391883;
|
||||
name = "Tom Hall";
|
||||
};
|
||||
tilpner = {
|
||||
email = "till@hoeppner.ws";
|
||||
github = "tilpner";
|
||||
|
@ -7028,6 +7071,12 @@
|
|||
githubId = 36407913;
|
||||
name = "Uli Baum";
|
||||
};
|
||||
xfix = {
|
||||
email = "konrad@borowski.pw";
|
||||
github = "xfix";
|
||||
githubId = 1297598;
|
||||
name = "Konrad Borowski";
|
||||
};
|
||||
xnaveira = {
|
||||
email = "xnaveira@gmail.com";
|
||||
github = "xnaveira";
|
||||
|
|
|
@ -68,3 +68,4 @@ say,,,,,
|
|||
std__debug,std._debug,,,,
|
||||
std_normalize,std.normalize,,,,
|
||||
stdlib,,,,,vyp
|
||||
pulseaudio,,,,,doronbehar
|
||||
|
|
|
|
@ -1,37 +0,0 @@
|
|||
<section xmlns="http://docbook.org/ns/docbook"
|
||||
version="5.0"
|
||||
xml:id="sec-installing-nspawn-container">
|
||||
<title>Installing into a nspawn container</title>
|
||||
|
||||
<para>
|
||||
For installing a NixOS into a systemd nspawn container the NixOS installation tools are needed.
|
||||
If you run another distribution than NixOS on your host,
|
||||
please follow <xref linkend="sec-installing-from-other-distro"/> steps 1, 2, and 3.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Create a NixOS configuration file <filename>/var/lib/machines/my-container/etc/nixos/configuration.nix</filename>.
|
||||
It is important that the container root file system is under <filename>/var/lib/machines</filename>.
|
||||
This is the standard location where <command>machinectl</command> will look for containers.
|
||||
If you choose place the root into another location you need to start the container directly with <command>systemd-nspawn</command>.
|
||||
The file needs to have at least following options enabled:
|
||||
<programlisting>
|
||||
<xref linkend="opt-boot.isContainer"/> = true;
|
||||
<xref linkend="opt-boot.loader.initScript.enable"/> = true;
|
||||
</programlisting>
|
||||
If your host uses <command>systemd-networkd</command> to configure the network,
|
||||
you can also enable <xref linkend="opt-networking.useNetworkd"/> to use networkd default network configuration for your host and container.
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Install the container by running following command:
|
||||
<screen>nixos-install --root /var/lib/machines/my-container \
|
||||
--no-channel-copy --no-root-passwd --no-bootloader</screen>
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Start the container by running following command:
|
||||
<screen>machinectl start my-container</screen>
|
||||
</para>
|
||||
|
||||
</section>
|
|
@ -68,7 +68,7 @@
|
|||
If you would like to continue the installation from a different machine you
|
||||
need to activate the SSH daemon via <command>systemctl start
|
||||
sshd</command>. You then must set a password for either <literal>root</literal> or
|
||||
<literal>nixos</literal> with <command>passwd></command> to be able to login.
|
||||
<literal>nixos</literal> with <command>passwd</command> to be able to login.
|
||||
</para>
|
||||
</section>
|
||||
</section>
|
||||
|
@ -563,8 +563,5 @@ Retype new UNIX password: ***</screen>
|
|||
<xi:include href="installing-from-other-distro.xml" />
|
||||
|
||||
<xi:include href="installing-behind-a-proxy.xml" />
|
||||
|
||||
<xi:include href="installing-nspawn-container.xml" />
|
||||
|
||||
</section>
|
||||
</chapter>
|
||||
|
|
|
@ -14,7 +14,7 @@
|
|||
<para>
|
||||
<emphasis>Stable channels</emphasis>, such as
|
||||
<literal
|
||||
xlink:href="https://nixos.org/channels/nixos-19.03">nixos-19.03</literal>.
|
||||
xlink:href="https://nixos.org/channels/nixos-19.09">nixos-19.09</literal>.
|
||||
These only get conservative bug fixes and package upgrades. For instance,
|
||||
a channel update may cause the Linux kernel on your system to be upgraded
|
||||
from 4.19.34 to 4.19.38 (a minor bug fix), but not from
|
||||
|
@ -38,7 +38,7 @@
|
|||
<para>
|
||||
<emphasis>Small channels</emphasis>, such as
|
||||
<literal
|
||||
xlink:href="https://nixos.org/channels/nixos-19.03-small">nixos-19.03-small</literal>
|
||||
xlink:href="https://nixos.org/channels/nixos-19.09-small">nixos-19.09-small</literal>
|
||||
or
|
||||
<literal
|
||||
xlink:href="https://nixos.org/channels/nixos-unstable-small">nixos-unstable-small</literal>.
|
||||
|
@ -63,8 +63,8 @@
|
|||
<para>
|
||||
When you first install NixOS, you’re automatically subscribed to the NixOS
|
||||
channel that corresponds to your installation source. For instance, if you
|
||||
installed from a 19.03 ISO, you will be subscribed to the
|
||||
<literal>nixos-19.03</literal> channel. To see which NixOS channel you’re
|
||||
installed from a 19.09 ISO, you will be subscribed to the
|
||||
<literal>nixos-19.09</literal> channel. To see which NixOS channel you’re
|
||||
subscribed to, run the following as root:
|
||||
<screen>
|
||||
# nix-channel --list | grep nixos
|
||||
|
@ -75,13 +75,13 @@ nixos https://nixos.org/channels/nixos-unstable
|
|||
# nix-channel --add https://nixos.org/channels/<replaceable>channel-name</replaceable> nixos
|
||||
</screen>
|
||||
(Be sure to include the <literal>nixos</literal> parameter at the end.) For
|
||||
instance, to use the NixOS 19.03 stable channel:
|
||||
instance, to use the NixOS 19.09 stable channel:
|
||||
<screen>
|
||||
# nix-channel --add https://nixos.org/channels/nixos-19.03 nixos
|
||||
# nix-channel --add https://nixos.org/channels/nixos-19.09 nixos
|
||||
</screen>
|
||||
If you have a server, you may want to use the “small” channel instead:
|
||||
<screen>
|
||||
# nix-channel --add https://nixos.org/channels/nixos-19.03-small nixos
|
||||
# nix-channel --add https://nixos.org/channels/nixos-19.09-small nixos
|
||||
</screen>
|
||||
And if you want to live on the bleeding edge:
|
||||
<screen>
|
||||
|
@ -127,7 +127,7 @@ nixos https://nixos.org/channels/nixos-unstable
|
|||
current channel. (To see when the service runs, see <command>systemctl
|
||||
list-timers</command>.) You can also specify a channel explicitly, e.g.
|
||||
<programlisting>
|
||||
<xref linkend="opt-system.autoUpgrade.channel"/> = https://nixos.org/channels/nixos-19.03;
|
||||
<xref linkend="opt-system.autoUpgrade.channel"/> = https://nixos.org/channels/nixos-19.09;
|
||||
</programlisting>
|
||||
</para>
|
||||
</section>
|
||||
|
|
|
@ -8,8 +8,8 @@
|
|||
<!-- <refmiscinfo class="version"><xi:include href="version.txt" parse="text"/></refmiscinfo> -->
|
||||
</refmeta>
|
||||
<refnamediv>
|
||||
<refname><filename>configuration.nix</filename>
|
||||
</refname><refpurpose>NixOS system configuration specification</refpurpose>
|
||||
<refname><filename>configuration.nix</filename></refname>
|
||||
<refpurpose>NixOS system configuration specification</refpurpose>
|
||||
</refnamediv>
|
||||
<refsection>
|
||||
<title>Description</title>
|
||||
|
|
|
@ -8,8 +8,8 @@
|
|||
<!-- <refmiscinfo class="version"><xi:include href="version.txt" parse="text"/></refmiscinfo> -->
|
||||
</refmeta>
|
||||
<refnamediv>
|
||||
<refname><command>nixos-build-vms</command>
|
||||
</refname><refpurpose>build a network of virtual machines from a network of NixOS configurations</refpurpose>
|
||||
<refname><command>nixos-build-vms</command></refname>
|
||||
<refpurpose>build a network of virtual machines from a network of NixOS configurations</refpurpose>
|
||||
</refnamediv>
|
||||
<refsynopsisdiv>
|
||||
<cmdsynopsis>
|
||||
|
|
|
@ -8,8 +8,8 @@
|
|||
<!-- <refmiscinfo class="version"><xi:include href="version.txt" parse="text"/></refmiscinfo> -->
|
||||
</refmeta>
|
||||
<refnamediv>
|
||||
<refname><command>nixos-enter</command>
|
||||
</refname><refpurpose>run a command in a NixOS chroot environment</refpurpose>
|
||||
<refname><command>nixos-enter</command></refname>
|
||||
<refpurpose>run a command in a NixOS chroot environment</refpurpose>
|
||||
</refnamediv>
|
||||
<refsynopsisdiv>
|
||||
<cmdsynopsis>
|
||||
|
|
|
@ -8,8 +8,8 @@
|
|||
<!-- <refmiscinfo class="version"><xi:include href="version.txt" parse="text"/></refmiscinfo> -->
|
||||
</refmeta>
|
||||
<refnamediv>
|
||||
<refname><command>nixos-generate-config</command>
|
||||
</refname><refpurpose>generate NixOS configuration modules</refpurpose>
|
||||
<refname><command>nixos-generate-config</command></refname>
|
||||
<refpurpose>generate NixOS configuration modules</refpurpose>
|
||||
</refnamediv>
|
||||
<refsynopsisdiv>
|
||||
<cmdsynopsis>
|
||||
|
|
|
@ -8,8 +8,8 @@
|
|||
<!-- <refmiscinfo class="version"><xi:include href="version.txt" parse="text"/></refmiscinfo> -->
|
||||
</refmeta>
|
||||
<refnamediv>
|
||||
<refname><command>nixos-install</command>
|
||||
</refname><refpurpose>install bootloader and NixOS</refpurpose>
|
||||
<refname><command>nixos-install</command></refname>
|
||||
<refpurpose>install bootloader and NixOS</refpurpose>
|
||||
</refnamediv>
|
||||
<refsynopsisdiv>
|
||||
<cmdsynopsis>
|
||||
|
|
|
@ -8,8 +8,8 @@
|
|||
<!-- <refmiscinfo class="version"><xi:include href="version.txt" parse="text"/></refmiscinfo> -->
|
||||
</refmeta>
|
||||
<refnamediv>
|
||||
<refname><command>nixos-option</command>
|
||||
</refname><refpurpose>inspect a NixOS configuration</refpurpose>
|
||||
<refname><command>nixos-option</command></refname>
|
||||
<refpurpose>inspect a NixOS configuration</refpurpose>
|
||||
</refnamediv>
|
||||
<refsynopsisdiv>
|
||||
<cmdsynopsis>
|
||||
|
|
|
@ -9,8 +9,8 @@
|
|||
</refmeta>
|
||||
|
||||
<refnamediv>
|
||||
<refname><command>nixos-rebuild</command>
|
||||
</refname><refpurpose>reconfigure a NixOS machine</refpurpose>
|
||||
<refname><command>nixos-rebuild</command></refname>
|
||||
<refpurpose>reconfigure a NixOS machine</refpurpose>
|
||||
</refnamediv>
|
||||
|
||||
<refsynopsisdiv>
|
||||
|
|
|
@ -7,8 +7,8 @@
|
|||
<refmiscinfo class="source">NixOS</refmiscinfo>
|
||||
</refmeta>
|
||||
<refnamediv>
|
||||
<refname><command>nixos-version</command>
|
||||
</refname><refpurpose>show the NixOS version</refpurpose>
|
||||
<refname><command>nixos-version</command></refname>
|
||||
<refpurpose>show the NixOS version</refpurpose>
|
||||
</refnamediv>
|
||||
<refsynopsisdiv>
|
||||
<cmdsynopsis>
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
xmlns:xi="http://www.w3.org/2001/XInclude"
|
||||
version="5.0"
|
||||
xml:id="sec-release-19.09">
|
||||
<title>Release 19.09 (“Loris”, 2019/09/??)</title>
|
||||
<title>Release 19.09 (“Loris”, 2019/10/09)</title>
|
||||
|
||||
<section xmlns="http://docbook.org/ns/docbook"
|
||||
xmlns:xlink="http://www.w3.org/1999/xlink"
|
||||
|
@ -23,6 +23,26 @@
|
|||
End of support is planned for end of April 2020, handing over to 20.03.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
Nix has been updated to 2.3; see its
|
||||
<link xlink:href="https://nixos.org/nix/manual/#ssec-relnotes-2.3">release
|
||||
notes</link>.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>Core version changes:</para>
|
||||
<para>systemd: 239 -> 243</para>
|
||||
<para>gcc: 7 -> 8</para>
|
||||
<para>glibc: 2.27 (unchanged)</para>
|
||||
<para>linux: 4.19 LTS (unchanged)</para>
|
||||
<para>openssl: 1.0 -> 1.1</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>Desktop version changes:</para>
|
||||
<para>plasma5: 5.14 -> 5.16</para>
|
||||
<para>gnome3: 3.30 -> 3.32</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
PHP now defaults to PHP 7.3, updated from 7.2.
|
||||
|
@ -512,6 +532,12 @@
|
|||
is set to <literal>/var/lib/gitlab/state</literal>, <literal>gitlab</literal> and all parent directories
|
||||
must be owned by either <literal>root</literal> or the user specified in <option>services.gitlab.user</option>.
|
||||
</para>
|
||||
<para>
|
||||
The <option>networking.useDHCP</option> option is unsupported in combination with
|
||||
<option>networking.useNetworkd</option> in anticipation of defaulting to it by default.
|
||||
It has to be set to <literal>false</literal> and enabled per
|
||||
interface with <option>networking.interfaces.<name>.useDHCP = true;</option>
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
|
@ -519,6 +545,22 @@
|
|||
Please use the fork <literal>cawbird</literal> instead which has been adapted to the API changes and is still maintained.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
The <literal>nodejs-11_x</literal> package has been removed as it's EOLed by upstream.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
Because of the systemd upgrade,
|
||||
<application>systemd-timesyncd</application> will no longer work if
|
||||
<option>system.stateVersion</option> is not set correctly. When
|
||||
upgrading from NixOS 19.03, please make sure that
|
||||
<option>system.stateVersion</option> is set to
|
||||
<literal>"19.03"</literal>, or lower if the installation dates back to an
|
||||
earlier version of NixOS.
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</section>
|
||||
|
||||
|
@ -717,7 +759,7 @@
|
|||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
This also configures the kernel to pass coredumps to <literal>systemd-coredump</literal>,
|
||||
This also configures the kernel to pass core dumps to <literal>systemd-coredump</literal>,
|
||||
and restricts the SysRq key combinations to the sync command only.
|
||||
These sysctl snippets can be found in <literal>/etc/sysctl.d/50-*.conf</literal>,
|
||||
and overridden via <link linkend="opt-boot.kernel.sysctl">boot.kernel.sysctl</link>
|
||||
|
@ -726,12 +768,15 @@
|
|||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
Coredumps are now acquired by <literal>systemd-coredump</literal> by default.
|
||||
<literal>systemd-coredump</literal> behaviour can still be modified via
|
||||
<option>systemd.coredump.extraConfig</option>.
|
||||
To stick to the old behaviour (having the kernel dump to a file called <literal>core</literal>
|
||||
in the working directory), without piping it through <literal>systemd-coredump</literal>, set
|
||||
<option>boot.kernel.sysctl."kernel.core_pattern"</option> to <literal>"core"</literal>.
|
||||
Core dumps are now processed by <literal>systemd-coredump</literal>
|
||||
by default. <literal>systemd-coredump</literal> behaviour can
|
||||
still be modified via
|
||||
<option>systemd.coredump.extraConfig</option>. To stick to the
|
||||
old behaviour (having the kernel dump to a file called
|
||||
<literal>core</literal> in the working directory), without piping
|
||||
it through <literal>systemd-coredump</literal>, set
|
||||
<option>systemd.coredump.enable</option> to
|
||||
<literal>false</literal>.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
|
|
|
@ -28,6 +28,14 @@
|
|||
Postgresql for NixOS service now defaults to v11.
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
The graphical installer image starts the graphical session automatically.
|
||||
Before you'd be greeted by a tty and asked to enter <command>systemctl start display-manager</command>.
|
||||
It is now possible to disable the display-manager from running by selecting the <literal>Disable display-manager</literal>
|
||||
quirk in the boot menu.
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</section>
|
||||
|
||||
|
|
|
@ -78,9 +78,7 @@ in
|
|||
# We're trying to use the same syntax for PAM variables and env variables.
|
||||
# That means we need to map the env variables that people might use to their
|
||||
# equivalent PAM variable.
|
||||
# Note: PAM_USER is a PAM_ITEM, HOME is an environment variable, they have
|
||||
# different syntax.
|
||||
replaceEnvVars = replaceStrings ["$HOME" "$USER"] ["\${HOME}" "@{PAM_USER}"];
|
||||
replaceEnvVars = replaceStrings ["$HOME" "$USER"] ["@{HOME}" "@{PAM_USER}"];
|
||||
|
||||
pamVariable = n: v:
|
||||
''${n} DEFAULT="${concatStringsSep ":" (map replaceEnvVars (toList v))}"'';
|
||||
|
|
|
@ -24,7 +24,7 @@ in {
|
|||
Specifies Unix ODBC drivers to be registered in
|
||||
<filename>/etc/odbcinst.ini</filename>. You may also want to
|
||||
add <literal>pkgs.unixODBC</literal> to the system path to get
|
||||
a command line client to connnect to ODBC databases.
|
||||
a command line client to connect to ODBC databases.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
|
|
@ -25,9 +25,6 @@ with lib;
|
|||
services.xserver = {
|
||||
enable = true;
|
||||
|
||||
# Don't start the X server by default.
|
||||
autorun = mkForce false;
|
||||
|
||||
# Automatically login as nixos.
|
||||
displayManager.slim = {
|
||||
enable = true;
|
||||
|
|
|
@ -24,7 +24,7 @@ let
|
|||
# Name appended to menuentry defaults to params if no specific name given.
|
||||
option.name or (if option ? params then "(${option.params})" else "")
|
||||
}' ${if option ? class then " --class ${option.class}" else ""} {
|
||||
linux ${defaults.image} ${defaults.params} ${
|
||||
linux ${defaults.image} \''${isoboot} ${defaults.params} ${
|
||||
option.params or ""
|
||||
}
|
||||
initrd ${defaults.initrd}
|
||||
|
@ -268,6 +268,12 @@ let
|
|||
set timeout=10
|
||||
${grubMenuCfg}
|
||||
|
||||
# If the parameter iso_path is set, append the findiso parameter to the kernel
|
||||
# line. We need this to allow the nixos iso to be booted from grub directly.
|
||||
if [ \''${iso_path} ] ; then
|
||||
set isoboot="findiso=\''${iso_path}"
|
||||
fi
|
||||
|
||||
#
|
||||
# Menu entries
|
||||
#
|
||||
|
@ -284,6 +290,14 @@ let
|
|||
${buildMenuAdditionalParamsGrub2 config "video=1920x1080@60"}
|
||||
}
|
||||
|
||||
# If we boot into a graphical environment where X is autoran
|
||||
# and always crashes, it makes the media unusable. Allow the user
|
||||
# to disable this.
|
||||
submenu "Disable display-manager" --class quirk-disable-displaymanager {
|
||||
${grubMenuCfg}
|
||||
${buildMenuAdditionalParamsGrub2 config "systemd.mask=display-manager.service"}
|
||||
}
|
||||
|
||||
# Some laptop and convertibles have the panel installed in an
|
||||
# inconvenient way, rotated away from the keyboard.
|
||||
# Those entries makes it easier to use the installer.
|
||||
|
@ -616,6 +630,9 @@ in
|
|||
{ source = "${efiDir}/EFI";
|
||||
target = "/EFI";
|
||||
}
|
||||
{ source = pkgs.writeText "loopback.cfg" "source /EFI/boot/grub.cfg";
|
||||
target = "/boot/grub/loopback.cfg";
|
||||
}
|
||||
] ++ optionals (config.boot.loader.grub.memtest86.enable && canx86BiosBoot) [
|
||||
{ source = "${pkgs.memtest86plus}/memtest.bin";
|
||||
target = "/boot/memtest.bin";
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
x86_64-linux = "/nix/store/3ds3cgji9vjxdbgp10av6smyym1126d1-nix-2.3";
|
||||
i686-linux = "/nix/store/ln1ndqvfpc9cdl03vqxi6kvlxm9wfv9g-nix-2.3";
|
||||
aarch64-linux = "/nix/store/n8a1rwzrp20qcr2c4hvyn6c5q9zx8csw-nix-2.3";
|
||||
x86_64-darwin = "/nix/store/jq6npmpld02sz4rgniz0qrsdfnm6j17a-nix-2.3";
|
||||
x86_64-linux = "/nix/store/6chjfy4j6hjwj5f8zcbbdg02i21x1qsi-nix-2.3.1";
|
||||
i686-linux = "/nix/store/xa8z7fwszjjm4kiwrxfc8xv9c1pzzm7a-nix-2.3.1";
|
||||
aarch64-linux = "/nix/store/8cac1ivcnchlpzmdjby2f71l1fwpnymr-nix-2.3.1";
|
||||
x86_64-darwin = "/nix/store/6639l9815ggdnb4aka22qcjy7p8w4hb9-nix-2.3.1";
|
||||
}
|
||||
|
|
|
@ -563,6 +563,24 @@ $fsAndSwap
|
|||
${\join "", (map { " $_\n" } (uniq @attrs))}}
|
||||
EOF
|
||||
|
||||
sub generateNetworkingDhcpConfig {
|
||||
my $config = <<EOF;
|
||||
# The global useDHCP flag is deprecated, therefore explicitly set to false here.
|
||||
# Per-interface useDHCP will be mandatory in the future, so this generated config
|
||||
# replicates the default behaviour.
|
||||
networking.useDHCP = false;
|
||||
EOF
|
||||
|
||||
foreach my $path (glob "/sys/class/net/*") {
|
||||
my $dev = basename($path);
|
||||
if ($dev ne "lo") {
|
||||
$config .= " networking.interfaces.$dev.useDHCP = true;\n";
|
||||
}
|
||||
}
|
||||
|
||||
return $config;
|
||||
}
|
||||
|
||||
|
||||
if ($showHardwareConfig) {
|
||||
print STDOUT $hwConfig;
|
||||
|
@ -606,6 +624,8 @@ EOF
|
|||
EOF
|
||||
}
|
||||
|
||||
my $networkingDhcpConfig = generateNetworkingDhcpConfig();
|
||||
|
||||
write_file($fn, <<EOF);
|
||||
@configuration@
|
||||
EOF
|
||||
|
|
|
@ -132,9 +132,8 @@ if [[ -z $noBootLoader ]]; then
|
|||
echo "installing the boot loader..."
|
||||
# Grub needs an mtab.
|
||||
ln -sfn /proc/mounts $mountPoint/etc/mtab
|
||||
export NIXOS_INSTALL_BOOTLOADER=1
|
||||
NIXOS_INSTALL_BOOTLOADER=1 nixos-enter --root "$mountPoint" -- /run/current-system/bin/switch-to-configuration boot
|
||||
fi
|
||||
nixos-enter --root "$mountPoint" -- /run/current-system/bin/switch-to-configuration boot
|
||||
|
||||
# Ask the user to set a root password, but only if the passwd command
|
||||
# exists (i.e. when mutable user accounts are enabled).
|
||||
|
|
|
@ -111,7 +111,7 @@ buildHostCmd() {
|
|||
if [ -z "$buildHost" ]; then
|
||||
"$@"
|
||||
elif [ -n "$remoteNix" ]; then
|
||||
ssh $SSHOPTS "$buildHost" PATH="$remoteNix:$PATH" "$@"
|
||||
ssh $SSHOPTS "$buildHost" env PATH="$remoteNix:$PATH" "$@"
|
||||
else
|
||||
ssh $SSHOPTS "$buildHost" "$@"
|
||||
fi
|
||||
|
|
|
@ -96,6 +96,7 @@ in
|
|||
# networking.hostName = "nixos"; # Define your hostname.
|
||||
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
|
||||
|
||||
$networkingDhcpConfig
|
||||
# Configure network proxy if necessary
|
||||
# networking.proxy.default = "http://user:password\@proxy:port/";
|
||||
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
|
||||
|
|
|
@ -328,7 +328,7 @@
|
|||
qemu-libvirtd = 301;
|
||||
# kvm = 302; # unused
|
||||
# render = 303; # unused
|
||||
zeronet = 304;
|
||||
# zeronet = 304; # removed 2019-01-03
|
||||
lirc = 305;
|
||||
lidarr = 306;
|
||||
slurm = 307;
|
||||
|
@ -629,7 +629,7 @@
|
|||
qemu-libvirtd = 301;
|
||||
kvm = 302; # default udev rules from systemd requires these
|
||||
render = 303; # default udev rules from systemd requires these
|
||||
zeronet = 304;
|
||||
# zeronet = 304; # removed 2019-01-03
|
||||
lirc = 305;
|
||||
lidarr = 306;
|
||||
slurm = 307;
|
||||
|
|
|
@ -128,7 +128,10 @@ in {
|
|||
|
||||
# directory creation needs to be separated from main service
|
||||
# because ReadWritePaths fails when the directory doesn't already exist
|
||||
systemd.tmpfiles.rules = [ "d ${dirOf cfg.output} 0755 root root -" ];
|
||||
systemd.tmpfiles.rules =
|
||||
let dir = dirOf cfg.output; in
|
||||
mkIf (dir != "/var/cache")
|
||||
[ "d ${dir} 0755 root root -" ];
|
||||
|
||||
systemd.services.update-locatedb =
|
||||
{ description = "Update Locate Database";
|
||||
|
|
|
@ -98,7 +98,6 @@
|
|||
./programs/autojump.nix
|
||||
./programs/bash/bash.nix
|
||||
./programs/bcc.nix
|
||||
./programs/blcr.nix
|
||||
./programs/browserpass.nix
|
||||
./programs/captive-browser.nix
|
||||
./programs/ccache.nix
|
||||
|
@ -143,7 +142,6 @@
|
|||
./programs/seahorse.nix
|
||||
./programs/slock.nix
|
||||
./programs/shadow.nix
|
||||
./programs/shell.nix
|
||||
./programs/spacefm.nix
|
||||
./programs/singularity.nix
|
||||
./programs/ssh.nix
|
||||
|
|
|
@ -1,27 +0,0 @@
|
|||
{ config, lib, ... }:
|
||||
|
||||
let
|
||||
inherit (lib) mkOption mkIf;
|
||||
cfg = config.environment.blcr;
|
||||
blcrPkg = config.boot.kernelPackages.blcr;
|
||||
in
|
||||
|
||||
{
|
||||
###### interface
|
||||
|
||||
options = {
|
||||
environment.blcr.enable = mkOption {
|
||||
default = false;
|
||||
description =
|
||||
"Whether to enable support for the BLCR checkpointing tool.";
|
||||
};
|
||||
};
|
||||
|
||||
###### implementation
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
boot.kernelModules = [ "blcr" "blcr_imports" ];
|
||||
boot.extraModulePackages = [ blcrPkg ];
|
||||
environment.systemPackages = [ blcrPkg ];
|
||||
};
|
||||
}
|
|
@ -1,54 +0,0 @@
|
|||
# This module defines a standard configuration for NixOS shells.
|
||||
|
||||
{ config, lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
{
|
||||
|
||||
config = {
|
||||
|
||||
environment.shellInit =
|
||||
''
|
||||
# Set up the per-user profile.
|
||||
mkdir -m 0755 -p "$NIX_USER_PROFILE_DIR"
|
||||
if [ "$(stat -c '%u' "$NIX_USER_PROFILE_DIR")" != "$(id -u)" ]; then
|
||||
echo "WARNING: the per-user profile dir $NIX_USER_PROFILE_DIR should belong to user id $(id -u)" >&2
|
||||
fi
|
||||
|
||||
if [ -w "$HOME" ]; then
|
||||
if ! [ -L "$HOME/.nix-profile" ]; then
|
||||
if [ "$USER" != root ]; then
|
||||
ln -s "$NIX_USER_PROFILE_DIR/profile" "$HOME/.nix-profile"
|
||||
else
|
||||
# Root installs in the system-wide profile by default.
|
||||
ln -s /nix/var/nix/profiles/default "$HOME/.nix-profile"
|
||||
fi
|
||||
fi
|
||||
|
||||
# Subscribe the root user to the NixOS channel by default.
|
||||
if [ "$USER" = root -a ! -e "$HOME/.nix-channels" ]; then
|
||||
echo "${config.system.defaultChannel} nixos" > "$HOME/.nix-channels"
|
||||
fi
|
||||
|
||||
# Create the per-user garbage collector roots directory.
|
||||
NIX_USER_GCROOTS_DIR="/nix/var/nix/gcroots/per-user/$USER"
|
||||
mkdir -m 0755 -p "$NIX_USER_GCROOTS_DIR"
|
||||
if [ "$(stat -c '%u' "$NIX_USER_GCROOTS_DIR")" != "$(id -u)" ]; then
|
||||
echo "WARNING: the per-user gcroots dir $NIX_USER_GCROOTS_DIR should belong to user id $(id -u)" >&2
|
||||
fi
|
||||
|
||||
# Set up a default Nix expression from which to install stuff.
|
||||
if [ ! -e "$HOME/.nix-defexpr" -o -L "$HOME/.nix-defexpr" ]; then
|
||||
rm -f "$HOME/.nix-defexpr"
|
||||
mkdir -p "$HOME/.nix-defexpr"
|
||||
if [ "$USER" != root ]; then
|
||||
ln -s /nix/var/nix/profiles/per-user/root/channels "$HOME/.nix-defexpr/channels_root"
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
'';
|
||||
|
||||
};
|
||||
|
||||
}
|
|
@ -233,7 +233,6 @@ with lib;
|
|||
(mkRemovedOptionModule [ "services" "mysql" "rootPassword" ] "Use socket authentication or set the password outside of the nix store.")
|
||||
(mkRemovedOptionModule [ "services" "zabbixServer" "dbPassword" ] "Use services.zabbixServer.database.passwordFile instead.")
|
||||
(mkRemovedOptionModule [ "systemd" "generator-packages" ] "Use systemd.packages instead.")
|
||||
(mkRemovedOptionModule [ "systemd" "coredump" "enable" ] "Enabled by default. Set boot.kernel.sysctl.\"kernel.core_pattern\" = \"core\"; to disable.")
|
||||
|
||||
# ZSH
|
||||
(mkRenamedOptionModule [ "programs" "zsh" "enableSyntaxHighlighting" ] [ "programs" "zsh" "syntaxHighlighting" "enable" ])
|
||||
|
@ -275,6 +274,9 @@ with lib;
|
|||
(mkRenamedOptionModule [ "networking" "extraResolvconfConf" ] [ "networking" "resolvconf" "extraConfig" ])
|
||||
(mkRenamedOptionModule [ "networking" "resolvconfOptions" ] [ "networking" "resolvconf" "extraOptions" ])
|
||||
|
||||
# BLCR
|
||||
(mkRemovedOptionModule [ "environment.blcr.enable" ] "The BLCR module has been removed")
|
||||
|
||||
# Redis
|
||||
(mkRemovedOptionModule [ "services" "redis" "user" ] "The redis module now is hardcoded to the redis user.")
|
||||
(mkRemovedOptionModule [ "services" "redis" "dbpath" ] "The redis module now uses /var/lib/redis as data directory.")
|
||||
|
|
|
@ -67,6 +67,7 @@ in
|
|||
users.users = optional (cfg.user == "memcached") {
|
||||
name = "memcached";
|
||||
description = "Memcached server user";
|
||||
isSystemUser = true;
|
||||
};
|
||||
|
||||
environment.systemPackages = [ memcached ];
|
||||
|
|
|
@ -12,6 +12,12 @@ in
|
|||
|
||||
{
|
||||
|
||||
imports = [
|
||||
(mkRemovedOptionModule
|
||||
["services" "gnome3" "gnome-settings-daemon" "package"]
|
||||
"")
|
||||
];
|
||||
|
||||
###### interface
|
||||
|
||||
options = {
|
||||
|
@ -20,13 +26,6 @@ in
|
|||
|
||||
enable = mkEnableOption "GNOME Settings Daemon";
|
||||
|
||||
# There are many forks of gnome-settings-daemon
|
||||
package = mkOption {
|
||||
type = types.package;
|
||||
default = pkgs.gnome3.gnome-settings-daemon;
|
||||
description = "Which gnome-settings-daemon package to use.";
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
};
|
||||
|
@ -36,9 +35,39 @@ in
|
|||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
environment.systemPackages = [ cfg.package ];
|
||||
environment.systemPackages = [
|
||||
pkgs.gnome3.gnome-settings-daemon
|
||||
];
|
||||
|
||||
services.udev.packages = [ cfg.package ];
|
||||
services.udev.packages = [
|
||||
pkgs.gnome3.gnome-settings-daemon
|
||||
];
|
||||
|
||||
systemd.packages = [
|
||||
pkgs.gnome3.gnome-settings-daemon
|
||||
];
|
||||
|
||||
systemd.user.targets."gnome-session-initialized".wants = [
|
||||
"gsd-color.target"
|
||||
"gsd-datetime.target"
|
||||
"gsd-keyboard.target"
|
||||
"gsd-media-keys.target"
|
||||
"gsd-print-notifications.target"
|
||||
"gsd-rfkill.target"
|
||||
"gsd-screensaver-proxy.target"
|
||||
"gsd-sharing.target"
|
||||
"gsd-smartcard.target"
|
||||
"gsd-sound.target"
|
||||
"gsd-wacom.target"
|
||||
"gsd-wwan.target"
|
||||
"gsd-a11y-settings.target"
|
||||
"gsd-housekeeping.target"
|
||||
"gsd-power.target"
|
||||
];
|
||||
|
||||
systemd.user.targets."gnome-session-x11-services".wants = [
|
||||
"gsd-xsettings.target"
|
||||
];
|
||||
|
||||
};
|
||||
|
||||
|
|
|
@ -181,7 +181,7 @@ in
|
|||
};
|
||||
|
||||
configFile = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
type = types.nullOr types.path;
|
||||
default = null;
|
||||
description = "Config file used for the whole dovecot configuration.";
|
||||
apply = v: if v != null then v else pkgs.writeText "dovecot.conf" dovecotConf;
|
||||
|
|
|
@ -7,6 +7,11 @@ let
|
|||
|
||||
ruby = cfg.packages.gitlab.ruby;
|
||||
|
||||
postgresqlPackage = if config.services.postgresql.enable then
|
||||
config.services.postgresql.package
|
||||
else
|
||||
pkgs.postgresql;
|
||||
|
||||
gitlabSocket = "${cfg.statePath}/tmp/sockets/gitlab.socket";
|
||||
gitalySocket = "${cfg.statePath}/tmp/sockets/gitaly.socket";
|
||||
pathUrlQuote = url: replaceStrings ["/"] ["%2F"] url;
|
||||
|
@ -22,6 +27,9 @@ let
|
|||
} // cfg.extraDatabaseConfig;
|
||||
};
|
||||
|
||||
# We only want to create a database if we're actually going to connect to it.
|
||||
databaseActuallyCreateLocally = cfg.databaseCreateLocally && cfg.databaseHost == "";
|
||||
|
||||
gitalyToml = pkgs.writeText "gitaly.toml" ''
|
||||
socket_path = "${lib.escape ["\""] gitalySocket}"
|
||||
bin_dir = "${cfg.packages.gitaly}/bin"
|
||||
|
@ -138,7 +146,7 @@ let
|
|||
mkdir -p $out/bin
|
||||
makeWrapper ${cfg.packages.gitlab.rubyEnv}/bin/rake $out/bin/gitlab-rake \
|
||||
${concatStrings (mapAttrsToList (name: value: "--set ${name} '${value}' ") gitlabEnv)} \
|
||||
--set PATH '${lib.makeBinPath [ pkgs.nodejs pkgs.gzip pkgs.git pkgs.gnutar config.services.postgresql.package pkgs.coreutils pkgs.procps ]}:$PATH' \
|
||||
--set PATH '${lib.makeBinPath [ pkgs.nodejs pkgs.gzip pkgs.git pkgs.gnutar postgresqlPackage pkgs.coreutils pkgs.procps ]}:$PATH' \
|
||||
--set RAKEOPT '-f ${cfg.packages.gitlab}/share/gitlab/Rakefile' \
|
||||
--run 'cd ${cfg.packages.gitlab}/share/gitlab'
|
||||
'';
|
||||
|
@ -153,7 +161,7 @@ let
|
|||
mkdir -p $out/bin
|
||||
makeWrapper ${cfg.packages.gitlab.rubyEnv}/bin/rails $out/bin/gitlab-rails \
|
||||
${concatStrings (mapAttrsToList (name: value: "--set ${name} '${value}' ") gitlabEnv)} \
|
||||
--set PATH '${lib.makeBinPath [ pkgs.nodejs pkgs.gzip pkgs.git pkgs.gnutar config.services.postgresql.package pkgs.coreutils pkgs.procps ]}:$PATH' \
|
||||
--set PATH '${lib.makeBinPath [ pkgs.nodejs pkgs.gzip pkgs.git pkgs.gnutar postgresqlPackage pkgs.coreutils pkgs.procps ]}:$PATH' \
|
||||
--run 'cd ${cfg.packages.gitlab}/share/gitlab'
|
||||
'';
|
||||
};
|
||||
|
@ -266,8 +274,8 @@ in {
|
|||
description = ''
|
||||
Whether a database should be automatically created on the
|
||||
local host. Set this to <literal>false</literal> if you plan
|
||||
on provisioning a local database yourself or use an external
|
||||
one.
|
||||
on provisioning a local database yourself. This has no effect
|
||||
if <option>services.gitlab.databaseHost</option> is customized.
|
||||
'';
|
||||
};
|
||||
|
||||
|
@ -557,8 +565,8 @@ in {
|
|||
|
||||
assertions = [
|
||||
{
|
||||
assertion = cfg.databaseCreateLocally -> (cfg.user == cfg.databaseUsername);
|
||||
message = "For local automatic database provisioning services.gitlab.user and services.gitlab.databaseUsername should be identical.";
|
||||
assertion = databaseActuallyCreateLocally -> (cfg.user == cfg.databaseUsername);
|
||||
message = ''For local automatic database provisioning (services.gitlab.databaseCreateLocally == true) with peer authentication (services.gitlab.databaseHost == "") to work services.gitlab.user and services.gitlab.databaseUsername must be identical.'';
|
||||
}
|
||||
{
|
||||
assertion = (cfg.databaseHost != "") -> (cfg.databasePasswordFile != null);
|
||||
|
@ -592,14 +600,14 @@ in {
|
|||
services.redis.enable = mkDefault true;
|
||||
|
||||
# We use postgres as the main data store.
|
||||
services.postgresql = optionalAttrs cfg.databaseCreateLocally {
|
||||
services.postgresql = optionalAttrs databaseActuallyCreateLocally {
|
||||
enable = true;
|
||||
ensureUsers = singleton { name = cfg.databaseUsername; };
|
||||
};
|
||||
# The postgresql module doesn't currently support concepts like
|
||||
# objects owners and extensions; for now we tack on what's needed
|
||||
# here.
|
||||
systemd.services.postgresql.postStart = mkAfter (optionalString cfg.databaseCreateLocally ''
|
||||
systemd.services.postgresql.postStart = mkAfter (optionalString databaseActuallyCreateLocally ''
|
||||
$PSQL -tAc "SELECT 1 FROM pg_database WHERE datname = '${cfg.databaseName}'" | grep -q 1 || $PSQL -tAc 'CREATE DATABASE "${cfg.databaseName}" OWNER "${cfg.databaseUsername}"'
|
||||
current_owner=$($PSQL -tAc "SELECT pg_catalog.pg_get_userbyid(datdba) FROM pg_catalog.pg_database WHERE datname = '${cfg.databaseName}'")
|
||||
if [[ "$current_owner" != "${cfg.databaseUsername}" ]]; then
|
||||
|
@ -675,7 +683,7 @@ in {
|
|||
wantedBy = [ "multi-user.target" ];
|
||||
environment = gitlabEnv;
|
||||
path = with pkgs; [
|
||||
config.services.postgresql.package
|
||||
postgresqlPackage
|
||||
gitAndTools.git
|
||||
ruby
|
||||
openssh
|
||||
|
@ -756,81 +764,13 @@ in {
|
|||
wantedBy = [ "multi-user.target" ];
|
||||
environment = gitlabEnv;
|
||||
path = with pkgs; [
|
||||
config.services.postgresql.package
|
||||
postgresqlPackage
|
||||
gitAndTools.git
|
||||
openssh
|
||||
nodejs
|
||||
procps
|
||||
gnupg
|
||||
];
|
||||
preStart = ''
|
||||
cp -f ${cfg.packages.gitlab}/share/gitlab/VERSION ${cfg.statePath}/VERSION
|
||||
rm -rf ${cfg.statePath}/db/*
|
||||
cp -rf --no-preserve=mode ${cfg.packages.gitlab}/share/gitlab/config.dist/* ${cfg.statePath}/config
|
||||
cp -rf --no-preserve=mode ${cfg.packages.gitlab}/share/gitlab/db/* ${cfg.statePath}/db
|
||||
|
||||
${cfg.packages.gitlab-shell}/bin/install
|
||||
|
||||
${optionalString cfg.smtp.enable ''
|
||||
install -m u=rw ${smtpSettings} ${cfg.statePath}/config/initializers/smtp_settings.rb
|
||||
${optionalString (cfg.smtp.passwordFile != null) ''
|
||||
smtp_password=$(<'${cfg.smtp.passwordFile}')
|
||||
${pkgs.replace}/bin/replace-literal -e '@smtpPassword@' "$smtp_password" '${cfg.statePath}/config/initializers/smtp_settings.rb'
|
||||
''}
|
||||
''}
|
||||
|
||||
(
|
||||
umask u=rwx,g=,o=
|
||||
|
||||
${pkgs.openssl}/bin/openssl rand -hex 32 > ${cfg.statePath}/gitlab_shell_secret
|
||||
|
||||
${if cfg.databasePasswordFile != null then ''
|
||||
export db_password="$(<'${cfg.databasePasswordFile}')"
|
||||
|
||||
if [[ -z "$db_password" ]]; then
|
||||
>&2 echo "Database password was an empty string!"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
${pkgs.jq}/bin/jq <${pkgs.writeText "database.yml" (builtins.toJSON databaseConfig)} \
|
||||
'.production.password = $ENV.db_password' \
|
||||
>'${cfg.statePath}/config/database.yml'
|
||||
''
|
||||
else ''
|
||||
${pkgs.jq}/bin/jq <${pkgs.writeText "database.yml" (builtins.toJSON databaseConfig)} \
|
||||
>'${cfg.statePath}/config/database.yml'
|
||||
''
|
||||
}
|
||||
|
||||
${utils.genJqSecretsReplacementSnippet
|
||||
gitlabConfig
|
||||
"${cfg.statePath}/config/gitlab.yml"
|
||||
}
|
||||
|
||||
if [[ -h '${cfg.statePath}/config/secrets.yml' ]]; then
|
||||
rm '${cfg.statePath}/config/secrets.yml'
|
||||
fi
|
||||
|
||||
export secret="$(<'${cfg.secrets.secretFile}')"
|
||||
export db="$(<'${cfg.secrets.dbFile}')"
|
||||
export otp="$(<'${cfg.secrets.otpFile}')"
|
||||
export jws="$(<'${cfg.secrets.jwsFile}')"
|
||||
${pkgs.jq}/bin/jq -n '{production: {secret_key_base: $ENV.secret,
|
||||
otp_key_base: $ENV.otp,
|
||||
db_key_base: $ENV.db,
|
||||
openid_connect_signing_key: $ENV.jws}}' \
|
||||
> '${cfg.statePath}/config/secrets.yml'
|
||||
)
|
||||
|
||||
initial_root_password="$(<'${cfg.initialRootPasswordFile}')"
|
||||
${gitlab-rake}/bin/gitlab-rake gitlab:db:configure GITLAB_ROOT_PASSWORD="$initial_root_password" \
|
||||
GITLAB_ROOT_EMAIL='${cfg.initialRootEmail}'
|
||||
|
||||
# We remove potentially broken links to old gitlab-shell versions
|
||||
rm -Rf ${cfg.statePath}/repositories/**/*.git/hooks
|
||||
|
||||
${pkgs.git}/bin/git config --global core.autocrlf "input"
|
||||
'';
|
||||
|
||||
serviceConfig = {
|
||||
Type = "simple";
|
||||
|
@ -839,6 +779,89 @@ in {
|
|||
TimeoutSec = "infinity";
|
||||
Restart = "on-failure";
|
||||
WorkingDirectory = "${cfg.packages.gitlab}/share/gitlab";
|
||||
ExecStartPre = let
|
||||
preStartFullPrivileges = ''
|
||||
shopt -s dotglob nullglob
|
||||
chown --no-dereference '${cfg.user}':'${cfg.group}' '${cfg.statePath}'/*
|
||||
chown --no-dereference '${cfg.user}':'${cfg.group}' '${cfg.statePath}'/config/*
|
||||
'';
|
||||
preStart = ''
|
||||
cp -f ${cfg.packages.gitlab}/share/gitlab/VERSION ${cfg.statePath}/VERSION
|
||||
rm -rf ${cfg.statePath}/db/*
|
||||
rm -rf ${cfg.statePath}/config/initializers/*
|
||||
cp -rf --no-preserve=mode ${cfg.packages.gitlab}/share/gitlab/config.dist/* ${cfg.statePath}/config
|
||||
cp -rf --no-preserve=mode ${cfg.packages.gitlab}/share/gitlab/db/* ${cfg.statePath}/db
|
||||
|
||||
${cfg.packages.gitlab-shell}/bin/install
|
||||
|
||||
${optionalString cfg.smtp.enable ''
|
||||
install -m u=rw ${smtpSettings} ${cfg.statePath}/config/initializers/smtp_settings.rb
|
||||
${optionalString (cfg.smtp.passwordFile != null) ''
|
||||
smtp_password=$(<'${cfg.smtp.passwordFile}')
|
||||
${pkgs.replace}/bin/replace-literal -e '@smtpPassword@' "$smtp_password" '${cfg.statePath}/config/initializers/smtp_settings.rb'
|
||||
''}
|
||||
''}
|
||||
|
||||
(
|
||||
umask u=rwx,g=,o=
|
||||
|
||||
${pkgs.openssl}/bin/openssl rand -hex 32 > ${cfg.statePath}/gitlab_shell_secret
|
||||
|
||||
if [[ -h '${cfg.statePath}/config/database.yml' ]]; then
|
||||
rm '${cfg.statePath}/config/database.yml'
|
||||
fi
|
||||
|
||||
${if cfg.databasePasswordFile != null then ''
|
||||
export db_password="$(<'${cfg.databasePasswordFile}')"
|
||||
|
||||
if [[ -z "$db_password" ]]; then
|
||||
>&2 echo "Database password was an empty string!"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
${pkgs.jq}/bin/jq <${pkgs.writeText "database.yml" (builtins.toJSON databaseConfig)} \
|
||||
'.production.password = $ENV.db_password' \
|
||||
>'${cfg.statePath}/config/database.yml'
|
||||
''
|
||||
else ''
|
||||
${pkgs.jq}/bin/jq <${pkgs.writeText "database.yml" (builtins.toJSON databaseConfig)} \
|
||||
>'${cfg.statePath}/config/database.yml'
|
||||
''
|
||||
}
|
||||
|
||||
${utils.genJqSecretsReplacementSnippet
|
||||
gitlabConfig
|
||||
"${cfg.statePath}/config/gitlab.yml"
|
||||
}
|
||||
|
||||
if [[ -h '${cfg.statePath}/config/secrets.yml' ]]; then
|
||||
rm '${cfg.statePath}/config/secrets.yml'
|
||||
fi
|
||||
|
||||
export secret="$(<'${cfg.secrets.secretFile}')"
|
||||
export db="$(<'${cfg.secrets.dbFile}')"
|
||||
export otp="$(<'${cfg.secrets.otpFile}')"
|
||||
export jws="$(<'${cfg.secrets.jwsFile}')"
|
||||
${pkgs.jq}/bin/jq -n '{production: {secret_key_base: $ENV.secret,
|
||||
otp_key_base: $ENV.otp,
|
||||
db_key_base: $ENV.db,
|
||||
openid_connect_signing_key: $ENV.jws}}' \
|
||||
> '${cfg.statePath}/config/secrets.yml'
|
||||
)
|
||||
|
||||
initial_root_password="$(<'${cfg.initialRootPasswordFile}')"
|
||||
${gitlab-rake}/bin/gitlab-rake gitlab:db:configure GITLAB_ROOT_PASSWORD="$initial_root_password" \
|
||||
GITLAB_ROOT_EMAIL='${cfg.initialRootEmail}' > /dev/null
|
||||
|
||||
# We remove potentially broken links to old gitlab-shell versions
|
||||
rm -Rf ${cfg.statePath}/repositories/**/*.git/hooks
|
||||
|
||||
${pkgs.git}/bin/git config --global core.autocrlf "input"
|
||||
'';
|
||||
in [
|
||||
"+${pkgs.writeShellScript "gitlab-pre-start-full-privileges" preStartFullPrivileges}"
|
||||
"${pkgs.writeShellScript "gitlab-pre-start" preStart}"
|
||||
];
|
||||
ExecStart = "${cfg.packages.gitlab.rubyEnv}/bin/unicorn -c ${cfg.statePath}/config/unicorn.rb -E production";
|
||||
};
|
||||
|
||||
|
|
|
@ -10,7 +10,6 @@ let
|
|||
|
||||
nixVersion = getVersion nix;
|
||||
|
||||
isNix20 = versionAtLeast nixVersion "2.0pre";
|
||||
isNix23 = versionAtLeast nixVersion "2.3pre";
|
||||
|
||||
makeNixBuildUser = nr:
|
||||
|
@ -28,39 +27,26 @@ let
|
|||
nixbldUsers = map makeNixBuildUser (range 1 cfg.nrBuildUsers);
|
||||
|
||||
nixConf =
|
||||
let
|
||||
# In Nix < 2.0, If we're using sandbox for builds, then provide
|
||||
# /bin/sh in the sandbox as a bind-mount to bash. This means we
|
||||
# also need to include the entire closure of bash. Nix >= 2.0
|
||||
# provides a /bin/sh by default.
|
||||
sh = pkgs.runtimeShell;
|
||||
binshDeps = pkgs.writeReferencesToFile sh;
|
||||
in
|
||||
pkgs.runCommand "nix.conf" { preferLocalBuild = true; extraOptions = cfg.extraOptions; } (''
|
||||
${optionalString (!isNix20) ''
|
||||
extraPaths=$(for i in $(cat ${binshDeps}); do if test -d $i; then echo $i; fi; done)
|
||||
''}
|
||||
assert versionAtLeast nixVersion "2.2";
|
||||
pkgs.runCommand "nix.conf" { preferLocalBuild = true; extraOptions = cfg.extraOptions; } (
|
||||
''
|
||||
cat > $out <<END
|
||||
# WARNING: this file is generated from the nix.* options in
|
||||
# your NixOS configuration, typically
|
||||
# /etc/nixos/configuration.nix. Do not edit it!
|
||||
build-users-group = nixbld
|
||||
${if isNix20 then "max-jobs" else "build-max-jobs"} = ${toString (cfg.maxJobs)}
|
||||
${if isNix20 then "cores" else "build-cores"} = ${toString (cfg.buildCores)}
|
||||
${if isNix20 then "sandbox" else "build-use-sandbox"} = ${if (builtins.isBool cfg.useSandbox) then boolToString cfg.useSandbox else cfg.useSandbox}
|
||||
${if isNix20 then "extra-sandbox-paths" else "build-sandbox-paths"} = ${toString cfg.sandboxPaths} ${optionalString (!isNix20) "/bin/sh=${sh} $(echo $extraPaths)"}
|
||||
${if isNix20 then "substituters" else "binary-caches"} = ${toString cfg.binaryCaches}
|
||||
${if isNix20 then "trusted-substituters" else "trusted-binary-caches"} = ${toString cfg.trustedBinaryCaches}
|
||||
${if isNix20 then "trusted-public-keys" else "binary-cache-public-keys"} = ${toString cfg.binaryCachePublicKeys}
|
||||
max-jobs = ${toString (cfg.maxJobs)}
|
||||
cores = ${toString (cfg.buildCores)}
|
||||
sandbox = ${if (builtins.isBool cfg.useSandbox) then boolToString cfg.useSandbox else cfg.useSandbox}
|
||||
extra-sandbox-paths = ${toString cfg.sandboxPaths}
|
||||
substituters = ${toString cfg.binaryCaches}
|
||||
trusted-substituters = ${toString cfg.trustedBinaryCaches}
|
||||
trusted-public-keys = ${toString cfg.binaryCachePublicKeys}
|
||||
auto-optimise-store = ${boolToString cfg.autoOptimiseStore}
|
||||
${if isNix20 then ''
|
||||
require-sigs = ${if cfg.requireSignedBinaryCaches then "true" else "false"}
|
||||
'' else ''
|
||||
signed-binary-caches = ${if cfg.requireSignedBinaryCaches then "*" else ""}
|
||||
''}
|
||||
require-sigs = ${if cfg.requireSignedBinaryCaches then "true" else "false"}
|
||||
trusted-users = ${toString cfg.trustedUsers}
|
||||
allowed-users = ${toString cfg.allowedUsers}
|
||||
${optionalString (isNix20 && !cfg.distributedBuilds) ''
|
||||
${optionalString (!cfg.distributedBuilds) ''
|
||||
builders =
|
||||
''}
|
||||
system-features = ${toString cfg.systemFeatures}
|
||||
|
@ -422,8 +408,7 @@ in
|
|||
|
||||
systemd.services.nix-daemon =
|
||||
{ path = [ nix pkgs.utillinux config.programs.ssh.package ]
|
||||
++ optionals cfg.distributedBuilds [ pkgs.gzip ]
|
||||
++ optionals (!isNix20) [ pkgs.openssl.bin ];
|
||||
++ optionals cfg.distributedBuilds [ pkgs.gzip ];
|
||||
|
||||
environment = cfg.envVars
|
||||
// { CURL_CA_BUNDLE = "/etc/ssl/certs/ca-certificates.crt"; }
|
||||
|
@ -440,34 +425,13 @@ in
|
|||
restartTriggers = [ nixConf ];
|
||||
};
|
||||
|
||||
nix.envVars =
|
||||
optionalAttrs (!isNix20) {
|
||||
NIX_CONF_DIR = "/etc/nix";
|
||||
|
||||
# Enable the copy-from-other-stores substituter, which allows
|
||||
# builds to be sped up by copying build results from remote
|
||||
# Nix stores. To do this, mount the remote file system on a
|
||||
# subdirectory of /run/nix/remote-stores.
|
||||
NIX_OTHER_STORES = "/run/nix/remote-stores/*/nix";
|
||||
}
|
||||
|
||||
// optionalAttrs (cfg.distributedBuilds && !isNix20) {
|
||||
NIX_BUILD_HOOK = "${nix}/libexec/nix/build-remote.pl";
|
||||
};
|
||||
|
||||
# Set up the environment variables for running Nix.
|
||||
environment.sessionVariables = cfg.envVars //
|
||||
{ NIX_PATH = cfg.nixPath;
|
||||
};
|
||||
|
||||
environment.extraInit = optionalString (!isNix20)
|
||||
environment.extraInit =
|
||||
''
|
||||
# Set up secure multi-user builds: non-root users build through the
|
||||
# Nix daemon.
|
||||
if [ "$USER" != root -o ! -w /nix/var/nix/db ]; then
|
||||
export NIX_REMOTE=daemon
|
||||
fi
|
||||
'' + ''
|
||||
if [ -e "$HOME/.nix-defexpr/channels" ]; then
|
||||
export NIX_PATH="$HOME/.nix-defexpr/channels''${NIX_PATH:+:$NIX_PATH}"
|
||||
fi
|
||||
|
@ -479,21 +443,15 @@ in
|
|||
|
||||
services.xserver.displayManager.hiddenUsers = map ({ name, ... }: name) nixbldUsers;
|
||||
|
||||
# FIXME: use systemd-tmpfiles to create Nix directories.
|
||||
system.activationScripts.nix = stringAfter [ "etc" "users" ]
|
||||
''
|
||||
# Nix initialisation.
|
||||
install -m 0755 -d \
|
||||
/nix/var/nix/gcroots \
|
||||
/nix/var/nix/temproots \
|
||||
/nix/var/nix/userpool \
|
||||
/nix/var/nix/profiles \
|
||||
/nix/var/nix/db \
|
||||
/nix/var/log/nix/drvs
|
||||
install -m 1777 -d \
|
||||
/nix/var/nix/gcroots/per-user \
|
||||
/nix/var/nix/profiles/per-user \
|
||||
/nix/var/nix/gcroots/tmp
|
||||
# Create directories in /nix.
|
||||
${nix}/bin/nix ping-store --no-net
|
||||
|
||||
# Subscribe the root user to the NixOS channel by default.
|
||||
if [ ! -e "/root/.nix-channels" ]; then
|
||||
echo "${config.system.defaultChannel} nixos" > "/root/.nix-channels"
|
||||
fi
|
||||
'';
|
||||
|
||||
nix.systemFeatures = mkDefault (
|
||||
|
|
|
@ -126,6 +126,8 @@ let
|
|||
'';
|
||||
description = ''
|
||||
Path to YAML file that contains tracing configuration.
|
||||
|
||||
See format details: <link xlink:href="https://thanos.io/tracing.md/#configuration"/>
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
@ -141,6 +143,8 @@ let
|
|||
<option>tracing.config-file</option> will default to its path.
|
||||
|
||||
If <option>tracing.config-file</option> is set this option has no effect.
|
||||
|
||||
See format details: <link xlink:href="https://thanos.io/tracing.md/#configuration"/>
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
@ -187,6 +191,8 @@ let
|
|||
'';
|
||||
description = ''
|
||||
Path to YAML file that contains object store configuration.
|
||||
|
||||
See format details: <link xlink:href="https://thanos.io/storage.md/#configuration"/>
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
@ -202,6 +208,8 @@ let
|
|||
<option>objstore.config-file</option> will default to its path.
|
||||
|
||||
If <option>objstore.config-file</option> is set this option has no effect.
|
||||
|
||||
See format details: <link xlink:href="https://thanos.io/storage.md/#configuration"/>
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
@ -276,6 +284,24 @@ let
|
|||
block-sync-concurrency = mkParamDef types.int 20 ''
|
||||
Number of goroutines to use when syncing blocks from object storage.
|
||||
'';
|
||||
|
||||
min-time = mkParamDef types.str "0000-01-01T00:00:00Z" ''
|
||||
Start of time range limit to serve.
|
||||
|
||||
Thanos Store serves only metrics, which happened later than this
|
||||
value. Option can be a constant time in RFC3339 format or time duration
|
||||
relative to current time, such as -1d or 2h45m. Valid duration units are
|
||||
ms, s, m, h, d, w, y.
|
||||
'';
|
||||
|
||||
max-time = mkParamDef types.str "9999-12-31T23:59:59Z" ''
|
||||
End of time range limit to serve.
|
||||
|
||||
Thanos Store serves only blocks, which happened eariler than this
|
||||
value. Option can be a constant time in RFC3339 format or time duration
|
||||
relative to current time, such as -1d or 2h45m. Valid duration units are
|
||||
ms, s, m, h, d, w, y.
|
||||
'';
|
||||
};
|
||||
|
||||
query = params.common cfg.query // {
|
||||
|
@ -560,6 +586,14 @@ let
|
|||
'';
|
||||
};
|
||||
|
||||
downsampling.disable = mkFlagParam ''
|
||||
Disables downsampling.
|
||||
|
||||
This is not recommended as querying long time ranges without
|
||||
non-downsampled data is not efficient and useful e.g it is not possible
|
||||
to render all samples for a human eye anyway
|
||||
'';
|
||||
|
||||
block-sync-concurrency = mkParamDef types.int 20 ''
|
||||
Number of goroutines to use when syncing block metadata from object storage.
|
||||
'';
|
||||
|
|
|
@ -3,6 +3,15 @@
|
|||
with lib;
|
||||
|
||||
let
|
||||
|
||||
isMa1sd =
|
||||
package:
|
||||
lib.hasPrefix "ma1sd" package.name;
|
||||
|
||||
isMxisd =
|
||||
package:
|
||||
lib.hasPrefix "mxisd" package.name;
|
||||
|
||||
cfg = config.services.mxisd;
|
||||
|
||||
server = optionalAttrs (cfg.server.name != null) { inherit (cfg.server) name; }
|
||||
|
@ -12,37 +21,41 @@ let
|
|||
matrix.domain = cfg.matrix.domain;
|
||||
key.path = "${cfg.dataDir}/signing.key";
|
||||
storage = {
|
||||
provider.sqlite.database = "${cfg.dataDir}/mxisd.db";
|
||||
provider.sqlite.database = if isMa1sd cfg.package
|
||||
then "${cfg.dataDir}/ma1sd.db"
|
||||
else "${cfg.dataDir}/mxisd.db";
|
||||
};
|
||||
} // optionalAttrs (server != {}) { inherit server; };
|
||||
|
||||
# merges baseConfig and extraConfig into a single file
|
||||
fullConfig = recursiveUpdate baseConfig cfg.extraConfig;
|
||||
|
||||
configFile = pkgs.writeText "mxisd-config.yaml" (builtins.toJSON fullConfig);
|
||||
configFile = if isMa1sd cfg.package
|
||||
then pkgs.writeText "ma1sd-config.yaml" (builtins.toJSON fullConfig)
|
||||
else pkgs.writeText "mxisd-config.yaml" (builtins.toJSON fullConfig);
|
||||
|
||||
in {
|
||||
options = {
|
||||
services.mxisd = {
|
||||
enable = mkEnableOption "mxisd matrix federated identity server";
|
||||
enable = mkEnableOption "matrix federated identity server";
|
||||
|
||||
package = mkOption {
|
||||
type = types.package;
|
||||
default = pkgs.mxisd;
|
||||
defaultText = "pkgs.mxisd";
|
||||
description = "The mxisd package to use";
|
||||
description = "The mxisd/ma1sd package to use";
|
||||
};
|
||||
|
||||
dataDir = mkOption {
|
||||
type = types.str;
|
||||
default = "/var/lib/mxisd";
|
||||
description = "Where data mxisd uses resides";
|
||||
description = "Where data mxisd/ma1sd uses resides";
|
||||
};
|
||||
|
||||
extraConfig = mkOption {
|
||||
type = types.attrs;
|
||||
default = {};
|
||||
description = "Extra options merged into the mxisd configuration";
|
||||
description = "Extra options merged into the mxisd/ma1sd configuration";
|
||||
};
|
||||
|
||||
matrix = {
|
||||
|
@ -62,7 +75,7 @@ in {
|
|||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
description = ''
|
||||
Public hostname of mxisd, if different from the Matrix domain.
|
||||
Public hostname of mxisd/ma1sd, if different from the Matrix domain.
|
||||
'';
|
||||
};
|
||||
|
||||
|
@ -103,11 +116,13 @@ in {
|
|||
after = [ "network.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
serviceConfig = {
|
||||
serviceConfig = let
|
||||
executable = if isMa1sd cfg.package then "ma1sd" else "mxisd";
|
||||
in {
|
||||
Type = "simple";
|
||||
User = "mxisd";
|
||||
Group = "mxisd";
|
||||
ExecStart = "${cfg.package}/bin/mxisd -c ${configFile}";
|
||||
ExecStart = "${cfg.package}/bin/${executable} -c ${configFile}";
|
||||
WorkingDirectory = cfg.dataDir;
|
||||
Restart = "on-failure";
|
||||
};
|
||||
|
|
|
@ -5,11 +5,25 @@ with lib;
|
|||
let
|
||||
cfg = config.networking.networkmanager;
|
||||
|
||||
basePackages = with pkgs; [
|
||||
crda
|
||||
modemmanager
|
||||
networkmanager
|
||||
networkmanager-fortisslvpn
|
||||
networkmanager-iodine
|
||||
networkmanager-l2tp
|
||||
networkmanager-openconnect
|
||||
networkmanager-openvpn
|
||||
networkmanager-vpnc
|
||||
] ++ optional (!delegateWireless && !enableIwd) wpa_supplicant;
|
||||
|
||||
dynamicHostsEnabled =
|
||||
cfg.dynamicHosts.enable && cfg.dynamicHosts.hostsDirs != {};
|
||||
|
||||
delegateWireless = config.networking.wireless.enable == true && cfg.unmanaged != [];
|
||||
|
||||
enableIwd = cfg.wifi.backend == "iwd";
|
||||
|
||||
# /var/lib/misc is for dnsmasq.leases.
|
||||
stateDirs = "/var/lib/NetworkManager /var/lib/dhclient /var/lib/misc";
|
||||
|
||||
|
@ -38,6 +52,7 @@ let
|
|||
|
||||
[device]
|
||||
wifi.scan-rand-mac-address=${if cfg.wifi.scanRandMacAddress then "yes" else "no"}
|
||||
wifi.backend=${cfg.wifi.backend}
|
||||
|
||||
${cfg.extraConfig}
|
||||
'';
|
||||
|
@ -176,25 +191,13 @@ in {
|
|||
'';
|
||||
};
|
||||
|
||||
# Ugly hack for using the correct gnome3 packageSet
|
||||
basePackages = mkOption {
|
||||
type = types.attrsOf types.package;
|
||||
default = { inherit (pkgs)
|
||||
networkmanager modemmanager crda
|
||||
networkmanager-openvpn networkmanager-vpnc
|
||||
networkmanager-openconnect networkmanager-fortisslvpn
|
||||
networkmanager-l2tp networkmanager-iodine; }
|
||||
// optionalAttrs (!delegateWireless) { inherit (pkgs) wpa_supplicant; };
|
||||
internal = true;
|
||||
};
|
||||
|
||||
packages = mkOption {
|
||||
type = types.listOf types.path;
|
||||
type = types.listOf types.package;
|
||||
default = [ ];
|
||||
description = ''
|
||||
Extra packages that provide NetworkManager plugins.
|
||||
'';
|
||||
apply = list: (attrValues cfg.basePackages) ++ list;
|
||||
apply = list: basePackages ++ list;
|
||||
};
|
||||
|
||||
dhcp = mkOption {
|
||||
|
@ -236,6 +239,15 @@ in {
|
|||
wifi = {
|
||||
macAddress = macAddressOpt;
|
||||
|
||||
backend = mkOption {
|
||||
type = types.enum [ "wpa_supplicant" "iwd" ];
|
||||
default = "wpa_supplicant";
|
||||
description = ''
|
||||
Specify the Wi-Fi backend used for the device.
|
||||
Currently supported are <option>wpa_supplicant</option> or <option>iwd</option> (experimental).
|
||||
'';
|
||||
};
|
||||
|
||||
powersave = mkOption {
|
||||
type = types.nullOr types.bool;
|
||||
default = null;
|
||||
|
@ -390,12 +402,12 @@ in {
|
|||
{ assertion = !dynamicHostsEnabled || (dynamicHostsEnabled && cfg.dns == "dnsmasq");
|
||||
message = ''
|
||||
To use networking.networkmanager.dynamicHosts you also need to set
|
||||
networking.networkmanager.dns = "dnsmasq"
|
||||
`networking.networkmanager.dns = "dnsmasq"`
|
||||
'';
|
||||
}
|
||||
];
|
||||
|
||||
environment.etc = with cfg.basePackages; [
|
||||
environment.etc = with pkgs; [
|
||||
{ source = configFile;
|
||||
target = "NetworkManager/NetworkManager.conf";
|
||||
}
|
||||
|
@ -510,6 +522,8 @@ in {
|
|||
wireless.enable = mkDefault false;
|
||||
}) // (mkIf cfg.enableStrongSwan {
|
||||
networkmanager.packages = [ pkgs.networkmanager_strongswan ];
|
||||
}) // (mkIf enableIwd {
|
||||
wireless.iwd.enable = true;
|
||||
});
|
||||
|
||||
security.polkit.extraConfig = polkitConf;
|
||||
|
|
|
@ -1,44 +1,39 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
inherit (lib) generators literalExample mkEnableOption mkIf mkOption recursiveUpdate types;
|
||||
cfg = config.services.zeronet;
|
||||
dataDir = "/var/lib/zeronet";
|
||||
configFile = pkgs.writeText "zeronet.conf" (generators.toINI {} (recursiveUpdate defaultSettings cfg.settings));
|
||||
|
||||
zConfFile = pkgs.writeTextFile {
|
||||
name = "zeronet.conf";
|
||||
|
||||
text = ''
|
||||
[global]
|
||||
data_dir = ${cfg.dataDir}
|
||||
log_dir = ${cfg.logDir}
|
||||
'' + lib.optionalString (cfg.port != null) ''
|
||||
ui_port = ${toString cfg.port}
|
||||
'' + lib.optionalString (cfg.fileserverPort != null) ''
|
||||
fileserver_port = ${toString cfg.fileserverPort}
|
||||
'' + lib.optionalString (cfg.torAlways) ''
|
||||
tor = always
|
||||
'' + cfg.extraConfig;
|
||||
defaultSettings = {
|
||||
global = {
|
||||
data_dir = dataDir;
|
||||
log_dir = dataDir;
|
||||
ui_port = cfg.port;
|
||||
fileserver_port = cfg.fileserverPort;
|
||||
tor = if !cfg.tor then "disable" else if cfg.torAlways then "always" else "enable";
|
||||
};
|
||||
};
|
||||
in with lib; {
|
||||
options.services.zeronet = {
|
||||
enable = mkEnableOption "zeronet";
|
||||
|
||||
dataDir = mkOption {
|
||||
type = types.path;
|
||||
default = "/var/lib/zeronet";
|
||||
example = "/home/okina/zeronet";
|
||||
description = "Path to the zeronet data directory.";
|
||||
};
|
||||
settings = mkOption {
|
||||
type = with types; attrsOf (oneOf [ str int bool (listOf str) ]);
|
||||
default = {};
|
||||
example = literalExample "global.tor = enable;";
|
||||
|
||||
logDir = mkOption {
|
||||
type = types.path;
|
||||
default = "/var/log/zeronet";
|
||||
example = "/home/okina/zeronet/log";
|
||||
description = "Path to the zeronet log directory.";
|
||||
description = ''
|
||||
<filename>zeronet.conf</filename> configuration. Refer to
|
||||
<link xlink:href="https://zeronet.readthedocs.io/en/latest/faq/#is-it-possible-to-use-a-configuration-file"/>
|
||||
for details on supported values;
|
||||
'';
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
type = types.nullOr types.int;
|
||||
default = null;
|
||||
type = types.int;
|
||||
default = 43110;
|
||||
example = 43110;
|
||||
description = "Optional zeronet web UI port.";
|
||||
};
|
||||
|
@ -63,22 +58,13 @@ in with lib; {
|
|||
default = false;
|
||||
description = "Use TOR for all zeronet traffic.";
|
||||
};
|
||||
|
||||
extraConfig = mkOption {
|
||||
type = types.lines;
|
||||
default = "";
|
||||
|
||||
description = ''
|
||||
Extra configuration. Contents will be added verbatim to the
|
||||
configuration file at the end.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
services.tor = mkIf cfg.tor {
|
||||
enable = true;
|
||||
controlPort = 9051;
|
||||
|
||||
extraConfig = ''
|
||||
CacheDirectoryGroupReadable 1
|
||||
CookieAuthentication 1
|
||||
|
@ -86,37 +72,25 @@ in with lib; {
|
|||
'';
|
||||
};
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d '${cfg.dataDir}' 750 zeronet zeronet - -"
|
||||
"d '${cfg.logDir}' 750 zeronet zeronet - -"
|
||||
];
|
||||
|
||||
systemd.services.zeronet = {
|
||||
description = "zeronet";
|
||||
after = [ "network.target" (optionalString cfg.tor "tor.service") ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
serviceConfig = {
|
||||
PrivateTmp = "yes";
|
||||
User = "zeronet";
|
||||
Group = "zeronet";
|
||||
ExecStart = "${pkgs.zeronet}/bin/zeronet --config_file ${zConfFile}";
|
||||
};
|
||||
};
|
||||
|
||||
users = {
|
||||
groups.zeronet.gid = config.ids.gids.zeronet;
|
||||
|
||||
users.zeronet = {
|
||||
description = "zeronet service user";
|
||||
home = cfg.dataDir;
|
||||
createHome = true;
|
||||
group = "zeronet";
|
||||
extraGroups = mkIf cfg.tor [ "tor" ];
|
||||
uid = config.ids.uids.zeronet;
|
||||
DynamicUser = true;
|
||||
StateDirectory = "zeronet";
|
||||
SupplementaryGroups = mkIf cfg.tor [ "tor" ];
|
||||
ExecStart = "${pkgs.zeronet}/bin/zeronet --config_file ${configFile}";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
imports = [
|
||||
(mkRemovedOptionModule [ "services" "zeronet" "dataDir" ] "Zeronet will store data by default in /var/lib/zeronet")
|
||||
(mkRemovedOptionModule [ "services" "zeronet" "logDir" ] "Zeronet will log by default in /var/lib/zeronet")
|
||||
];
|
||||
|
||||
meta.maintainers = with maintainers; [ chiiruno ];
|
||||
}
|
||||
|
|
|
@ -14,6 +14,15 @@ in {
|
|||
options.services.documize = {
|
||||
enable = mkEnableOption "Documize Wiki";
|
||||
|
||||
stateDirectoryName = mkOption {
|
||||
type = types.str;
|
||||
default = "documize";
|
||||
description = ''
|
||||
The name of the directory below <filename>/var/lib/private</filename>
|
||||
where documize runs in and stores, for example, backups.
|
||||
'';
|
||||
};
|
||||
|
||||
package = mkOption {
|
||||
type = types.package;
|
||||
default = pkgs.documize-community;
|
||||
|
@ -132,6 +141,8 @@ in {
|
|||
];
|
||||
Restart = "always";
|
||||
DynamicUser = "yes";
|
||||
StateDirectory = cfg.stateDirectoryName;
|
||||
WorkingDirectory = "/var/lib/${cfg.stateDirectoryName}";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
|
@ -61,7 +61,10 @@ let
|
|||
|
||||
${optionalString (cfg.httpConfig == "" && cfg.config == "") ''
|
||||
http {
|
||||
include ${cfg.package}/conf/mime.types;
|
||||
# The mime type definitions included with nginx are very incomplete, so
|
||||
# we use a list of mime types from the mailcap package, which is also
|
||||
# used by most other Linux distributions by default.
|
||||
include ${pkgs.mailcap}/etc/nginx/mime.types;
|
||||
include ${cfg.package}/conf/fastcgi.conf;
|
||||
include ${cfg.package}/conf/uwsgi_params;
|
||||
|
||||
|
@ -119,6 +122,14 @@ let
|
|||
include ${recommendedProxyConfig};
|
||||
''}
|
||||
|
||||
${optionalString (cfg.mapHashBucketSize != null) ''
|
||||
map_hash_bucket_size ${toString cfg.mapHashBucketSize};
|
||||
''}
|
||||
|
||||
${optionalString (cfg.mapHashMaxSize != null) ''
|
||||
map_hash_max_size ${toString cfg.mapHashMaxSize};
|
||||
''}
|
||||
|
||||
# $connection_upgrade is used for websocket proxying
|
||||
map $http_upgrade $connection_upgrade {
|
||||
default upgrade;
|
||||
|
@ -507,6 +518,23 @@ in
|
|||
'';
|
||||
};
|
||||
|
||||
mapHashBucketSize = mkOption {
|
||||
type = types.nullOr (types.enum [ 32 64 128 ]);
|
||||
default = null;
|
||||
description = ''
|
||||
Sets the bucket size for the map variables hash tables. Default
|
||||
value depends on the processor’s cache line size.
|
||||
'';
|
||||
};
|
||||
|
||||
mapHashMaxSize = mkOption {
|
||||
type = types.nullOr types.ints.positive;
|
||||
default = null;
|
||||
description = ''
|
||||
Sets the maximum size of the map variables hash tables.
|
||||
'';
|
||||
};
|
||||
|
||||
resolver = mkOption {
|
||||
type = types.submodule {
|
||||
options = {
|
||||
|
|
|
@ -28,6 +28,8 @@ let
|
|||
(pkg: "cp -rf ${pkg}/share/gsettings-schemas/*/glib-2.0/schemas/*.xml $out/share/gsettings-schemas/nixos-gsettings-overrides/glib-2.0/schemas\n")
|
||||
(defaultPackages ++ cfg.extraGSettingsOverridePackages)}
|
||||
|
||||
cp -f ${pkgs.gnome3.gnome-shell}/share/gsettings-schemas/*/glib-2.0/schemas/*.gschema.override $out/share/gsettings-schemas/nixos-gsettings-overrides/glib-2.0/schemas
|
||||
|
||||
chmod -R a+w $out/share/gsettings-schemas/nixos-gsettings-overrides
|
||||
cat - > $out/share/gsettings-schemas/nixos-gsettings-overrides/glib-2.0/schemas/nixos-defaults.gschema.override <<- EOF
|
||||
[org.gnome.desktop.background]
|
||||
|
@ -209,14 +211,6 @@ in
|
|||
|
||||
networking.networkmanager.enable = mkDefault true;
|
||||
|
||||
# Use the correct gnome3 packageSet
|
||||
networking.networkmanager.basePackages = {
|
||||
inherit (pkgs) networkmanager modemmanager wpa_supplicant crda;
|
||||
inherit (pkgs.gnome3) networkmanager-openvpn networkmanager-vpnc
|
||||
networkmanager-openconnect networkmanager-fortisslvpn
|
||||
networkmanager-iodine networkmanager-l2tp;
|
||||
};
|
||||
|
||||
services.xserver.updateDbusEnvironment = true;
|
||||
|
||||
# Needed for themes and backgrounds
|
||||
|
@ -238,22 +232,7 @@ in
|
|||
services.system-config-printer.enable = (mkIf config.services.printing.enable (mkDefault true));
|
||||
services.telepathy.enable = mkDefault true;
|
||||
|
||||
systemd.packages = with pkgs.gnome3; [ vino gnome-session gnome-settings-daemon ];
|
||||
|
||||
# gnome-settings-daemon.nix is shared between several desktop
|
||||
# environments (eg. mate and pantheon) so specify these gnome-shell specific
|
||||
# service dependencies here instead.
|
||||
systemd.user.targets."gnome-session-initialized".wants = [
|
||||
"gsd-a11y-settings.target" "gsd-housekeeping.target" "gsd-power.target"
|
||||
"gsd-color.target" "gsd-keyboard.target" "gsd-print-notifications.target"
|
||||
"gsd-datetime.target" "gsd-media-keys.target" "gsd-rfkill.target"
|
||||
"gsd-screensaver-proxy.target" "gsd-sound.target" "gsd-smartcard.target"
|
||||
"gsd-sharing.target" "gsd-wacom.target" "gsd-wwan.target"
|
||||
];
|
||||
|
||||
systemd.user.targets."gnome-session-x11-services".wants = [
|
||||
"gsd-xsettings.target"
|
||||
];
|
||||
systemd.packages = with pkgs.gnome3; [ vino gnome-session ];
|
||||
|
||||
services.avahi.enable = mkDefault true;
|
||||
|
||||
|
|
|
@ -85,6 +85,7 @@ in
|
|||
pkgs.gtk3.out
|
||||
pkgs.shared-mime-info
|
||||
pkgs.xdg-user-dirs # Update user dirs as described in https://freedesktop.org/wiki/Software/xdg-user-dirs/
|
||||
pkgs.mate.mate-settings-daemon
|
||||
];
|
||||
|
||||
programs.dconf.enable = true;
|
||||
|
@ -98,7 +99,7 @@ in
|
|||
services.gnome3.at-spi2-core.enable = true;
|
||||
services.gnome3.gnome-keyring.enable = true;
|
||||
services.gnome3.gnome-settings-daemon.enable = true;
|
||||
services.gnome3.gnome-settings-daemon.package = pkgs.mate.mate-settings-daemon;
|
||||
services.udev.packages = [ pkgs.mate.mate-settings-daemon ];
|
||||
services.gvfs.enable = true;
|
||||
services.upower.enable = config.powerManagement.enable;
|
||||
|
||||
|
|
|
@ -109,8 +109,9 @@ in
|
|||
services.pantheon.files.enable = mkDefault true;
|
||||
services.tumbler.enable = mkDefault true;
|
||||
services.system-config-printer.enable = (mkIf config.services.printing.enable (mkDefault true));
|
||||
services.dbus.packages = [
|
||||
pkgs.pantheon.switchboard-plug-power
|
||||
services.dbus.packages = with pkgs.pantheon; [
|
||||
switchboard-plug-power
|
||||
elementary-default-settings
|
||||
];
|
||||
services.pantheon.contractor.enable = mkDefault true;
|
||||
services.gnome3.at-spi2-core.enable = true;
|
||||
|
@ -119,7 +120,7 @@ in
|
|||
# TODO: gnome-keyring's xdg autostarts will still be in the environment (from elementary-session-settings) if disabled forcefully
|
||||
services.gnome3.gnome-keyring.enable = true;
|
||||
services.gnome3.gnome-settings-daemon.enable = true;
|
||||
services.gnome3.gnome-settings-daemon.package = pkgs.pantheon.elementary-settings-daemon;
|
||||
services.udev.packages = [ pkgs.pantheon.elementary-settings-daemon ];
|
||||
services.gvfs.enable = true;
|
||||
services.gnome3.rygel.enable = mkDefault true;
|
||||
services.gsignond.enable = mkDefault true;
|
||||
|
@ -154,11 +155,6 @@ in
|
|||
qt5.style = "adwaita";
|
||||
|
||||
networking.networkmanager.enable = mkDefault true;
|
||||
networking.networkmanager.basePackages =
|
||||
{ inherit (pkgs) networkmanager modemmanager wpa_supplicant crda;
|
||||
inherit (pkgs.gnome3) networkmanager-openvpn networkmanager-vpnc
|
||||
networkmanager-openconnect networkmanager-fortisslvpn
|
||||
networkmanager-iodine networkmanager-l2tp; };
|
||||
|
||||
# Override GSettings schemas
|
||||
environment.sessionVariables.NIX_GSETTINGS_OVERRIDES_DIR = "${nixos-gsettings-desktop-schemas}/share/gsettings-schemas/nixos-gsettings-overrides/glib-2.0/schemas";
|
||||
|
|
|
@ -183,7 +183,8 @@ in
|
|||
++ lib.optional config.hardware.pulseaudio.enable plasma-pa
|
||||
++ lib.optional config.powerManagement.enable powerdevil
|
||||
++ lib.optional config.services.colord.enable colord-kde
|
||||
++ lib.optionals config.services.samba.enable [ kdenetwork-filesharing pkgs.samba ];
|
||||
++ lib.optionals config.services.samba.enable [ kdenetwork-filesharing pkgs.samba ]
|
||||
++ lib.optional config.services.xserver.wacom.enable wacomtablet;
|
||||
|
||||
environment.pathsToLink = [
|
||||
# FIXME: modules should link subdirs of `/share` rather than relying on this
|
||||
|
|
|
@ -91,7 +91,11 @@ in
|
|||
++ optional config.powerManagement.enable xfce4-power-manager
|
||||
++ optionals config.hardware.pulseaudio.enable [
|
||||
pavucontrol
|
||||
xfce4-pulseaudio-plugin
|
||||
# volume up/down keys support:
|
||||
# xfce4-pulseaudio-plugin includes all the functionalities of xfce4-volumed-pulse
|
||||
# but can only be used with xfce4-panel, so for no-desktop usage we still include
|
||||
# xfce4-volumed-pulse
|
||||
(if cfg.noDesktop then xfce4-volumed-pulse else xfce4-pulseaudio-plugin)
|
||||
] ++ optionals cfg.enableXfwm [
|
||||
xfwm4
|
||||
xfwm4-themes
|
||||
|
@ -108,14 +112,6 @@ in
|
|||
"/share/gtksourceview-4.0"
|
||||
];
|
||||
|
||||
# Use the correct gnome3 packageSet
|
||||
networking.networkmanager.basePackages = mkIf config.networking.networkmanager.enable {
|
||||
inherit (pkgs) networkmanager modemmanager wpa_supplicant crda;
|
||||
inherit (pkgs.gnome3) networkmanager-openvpn networkmanager-vpnc
|
||||
networkmanager-openconnect networkmanager-fortisslvpn
|
||||
networkmanager-iodine networkmanager-l2tp;
|
||||
};
|
||||
|
||||
services.xserver.desktopManager.session = [{
|
||||
name = "xfce4-14";
|
||||
bgSupport = true;
|
||||
|
|
|
@ -152,6 +152,7 @@ in
|
|||
chown -R gdm:gdm /run/gdm/.config
|
||||
'' + optionalString config.services.gnome3.gnome-initial-setup.enable ''
|
||||
# Create stamp file for gnome-initial-setup to prevent run.
|
||||
mkdir -p /run/gdm/.config
|
||||
cat - > /run/gdm/.config/gnome-initial-setup-done <<- EOF
|
||||
yes
|
||||
EOF
|
||||
|
@ -164,10 +165,16 @@ in
|
|||
"rc-local.service"
|
||||
"systemd-machined.service"
|
||||
"systemd-user-sessions.service"
|
||||
"getty@tty1.service"
|
||||
"getty@tty${gdm.initialVT}.service"
|
||||
"plymouth-quit.service"
|
||||
"plymouth-start.service"
|
||||
];
|
||||
systemd.services.display-manager.conflicts = [
|
||||
"getty@tty1.service"
|
||||
"getty@tty${gdm.initialVT}.service"
|
||||
"plymouth-quit.service"
|
||||
];
|
||||
systemd.services.display-manager.onFailure = [
|
||||
"plymouth-quit.service"
|
||||
];
|
||||
|
||||
systemd.services.display-manager.serviceConfig = {
|
||||
|
@ -177,6 +184,9 @@ in
|
|||
BusName = "org.gnome.DisplayManager";
|
||||
StandardOutput = "syslog";
|
||||
StandardError = "inherit";
|
||||
ExecReload = "${pkgs.coreutils}/bin/kill -SIGHUP $MAINPID";
|
||||
KeyringMode = "shared";
|
||||
EnvironmentFile = "-/etc/locale.conf";
|
||||
};
|
||||
|
||||
systemd.services.display-manager.path = [ pkgs.gnome3.gnome-session ];
|
||||
|
|
|
@ -220,6 +220,42 @@ in
|
|||
exec ${lightdm}/sbin/lightdm
|
||||
'';
|
||||
|
||||
# Replaces getty and plymouth quit since it quits plymouth on it's own.
|
||||
systemd.services.display-manager.conflicts = [
|
||||
"getty@tty7.service"
|
||||
"plymouth-quit.service"
|
||||
];
|
||||
|
||||
# Pull in dependencies of services we replace.
|
||||
systemd.services.display-manager.after = [
|
||||
"rc-local.service"
|
||||
"systemd-machined.service"
|
||||
"systemd-user-sessions.service"
|
||||
"getty@tty7.service"
|
||||
"user.slice"
|
||||
];
|
||||
|
||||
# user.slice needs to be present
|
||||
systemd.services.display-manager.requires = [
|
||||
"user.slice"
|
||||
];
|
||||
|
||||
# lightdm stops plymouth so when it fails make sure plymouth stops.
|
||||
systemd.services.display-manager.onFailure = [
|
||||
"plymouth-quit.service"
|
||||
];
|
||||
|
||||
systemd.services.display-manager.serviceConfig = {
|
||||
BusName = "org.freedesktop.DisplayManager";
|
||||
IgnoreSIGPIPE = "no";
|
||||
# This allows lightdm to pass the LUKS password through to PAM.
|
||||
# login keyring is unlocked automatic when autologin is used.
|
||||
KeyringMode = "shared";
|
||||
KillMode = "mixed";
|
||||
StandardError = "inherit";
|
||||
StandardOutput = "syslog";
|
||||
};
|
||||
|
||||
environment.etc."lightdm/lightdm.conf".source = lightdmConf;
|
||||
environment.etc."lightdm/users.conf".source = usersConf;
|
||||
|
||||
|
|
|
@ -0,0 +1,23 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.xserver.windowManager.cwm;
|
||||
in
|
||||
{
|
||||
options = {
|
||||
services.xserver.windowManager.cwm.enable = mkEnableOption "cwm";
|
||||
};
|
||||
config = mkIf cfg.enable {
|
||||
services.xserver.windowManager.session = singleton
|
||||
{ name = "cwm";
|
||||
start =
|
||||
''
|
||||
cwm &
|
||||
waitPID=$!
|
||||
'';
|
||||
};
|
||||
environment.systemPackages = [ pkgs.cwm ];
|
||||
};
|
||||
}
|
|
@ -11,6 +11,7 @@ in
|
|||
./2bwm.nix
|
||||
./afterstep.nix
|
||||
./bspwm.nix
|
||||
./cwm.nix
|
||||
./dwm.nix
|
||||
./evilwm.nix
|
||||
./exwm.nix
|
||||
|
|
|
@ -184,14 +184,7 @@ in
|
|||
find /var/empty -mindepth 1 -delete
|
||||
chmod 0555 /var/empty
|
||||
chown root:root /var/empty
|
||||
|
||||
${ # reasons for not setting immutable flag:
|
||||
# 1. flag is not changeable inside a container
|
||||
# 2. systemd-nspawn can not perform chown in case of --private-users-chown
|
||||
# then the owner is nobody and ssh will not start
|
||||
optionalString (!config.boot.isContainer) ''
|
||||
${pkgs.e2fsprogs}/bin/chattr -f +i /var/empty || true
|
||||
''}
|
||||
'';
|
||||
|
||||
system.activationScripts.usrbinenv = if config.environment.usrbinenv != null
|
||||
|
|
|
@ -5,17 +5,20 @@ with lib;
|
|||
let
|
||||
|
||||
inherit (pkgs) plymouth;
|
||||
inherit (pkgs) nixos-icons;
|
||||
|
||||
cfg = config.boot.plymouth;
|
||||
|
||||
breezePlymouth = pkgs.breeze-plymouth.override {
|
||||
nixosBranding = true;
|
||||
nixosVersion = config.system.nixos.release;
|
||||
nixosBreezePlymouth = pkgs.breeze-plymouth.override {
|
||||
logoFile = cfg.logo;
|
||||
logoName = "nixos";
|
||||
osName = "NixOS";
|
||||
osVersion = config.system.nixos.release;
|
||||
};
|
||||
|
||||
themesEnv = pkgs.buildEnv {
|
||||
name = "plymouth-themes";
|
||||
paths = [ plymouth breezePlymouth ] ++ cfg.themePackages;
|
||||
paths = [ plymouth ] ++ cfg.themePackages;
|
||||
};
|
||||
|
||||
configFile = pkgs.writeText "plymouthd.conf" ''
|
||||
|
@ -35,7 +38,7 @@ in
|
|||
enable = mkEnableOption "Plymouth boot splash screen";
|
||||
|
||||
themePackages = mkOption {
|
||||
default = [];
|
||||
default = [ nixosBreezePlymouth ];
|
||||
type = types.listOf types.package;
|
||||
description = ''
|
||||
Extra theme packages for plymouth.
|
||||
|
@ -52,10 +55,7 @@ in
|
|||
|
||||
logo = mkOption {
|
||||
type = types.path;
|
||||
default = pkgs.fetchurl {
|
||||
url = "https://nixos.org/logo/nixos-hires.png";
|
||||
sha256 = "1ivzgd7iz0i06y36p8m5w48fd8pjqwxhdaavc0pxs7w1g7mcy5si";
|
||||
};
|
||||
default = "${nixos-icons}/share/icons/hicolor/128x128/apps/nix-snowflake.png";
|
||||
defaultText = ''pkgs.fetchurl {
|
||||
url = "https://nixos.org/logo/nixos-hires.png";
|
||||
sha256 = "1ivzgd7iz0i06y36p8m5w48fd8pjqwxhdaavc0pxs7w1g7mcy5si";
|
||||
|
|
|
@ -183,6 +183,12 @@ for o in $(cat /proc/cmdline); do
|
|||
copytoram)
|
||||
copytoram=1
|
||||
;;
|
||||
findiso=*)
|
||||
# if an iso name is supplied, try to find the device where
|
||||
# the iso resides on
|
||||
set -- $(IFS==; echo $o)
|
||||
isoPath=$2
|
||||
;;
|
||||
esac
|
||||
done
|
||||
|
||||
|
@ -442,6 +448,27 @@ if test -e /sys/power/resume -a -e /sys/power/disk; then
|
|||
fi
|
||||
fi
|
||||
|
||||
# If we have a path to an iso file, find the iso and link it to /dev/root
|
||||
if [ -n "$isoPath" ]; then
|
||||
mkdir -p /findiso
|
||||
|
||||
for delay in 5 10; do
|
||||
blkid | while read -r line; do
|
||||
device=$(echo "$line" | sed 's/:.*//')
|
||||
type=$(echo "$line" | sed 's/.*TYPE="\([^"]*\)".*/\1/')
|
||||
|
||||
mount -t "$type" "$device" /findiso
|
||||
if [ -e "/findiso$isoPath" ]; then
|
||||
ln -sf "/findiso$isoPath" /dev/root
|
||||
break 2
|
||||
else
|
||||
umount /findiso
|
||||
fi
|
||||
done
|
||||
|
||||
sleep "$delay"
|
||||
done
|
||||
fi
|
||||
|
||||
# Try to find and mount the root device.
|
||||
mkdir -p $targetRoot
|
||||
|
|
|
@ -142,7 +142,7 @@ fi
|
|||
# Record the boot configuration.
|
||||
ln -sfn "$systemConfig" /run/booted-system
|
||||
|
||||
# Prevent the booted system form being garbage-collected If it weren't
|
||||
# Prevent the booted system from being garbage-collected. If it weren't
|
||||
# a gcroot, if we were running a different kernel, switched system,
|
||||
# and garbage collected all, we could not load kernel modules anymore.
|
||||
ln -sfn /run/booted-system /nix/var/nix/gcroots/booted-system
|
||||
|
|
|
@ -546,6 +546,16 @@ in
|
|||
'';
|
||||
};
|
||||
|
||||
systemd.coredump.enable = mkOption {
|
||||
default = true;
|
||||
type = types.bool;
|
||||
description = ''
|
||||
Whether core dumps should be processed by
|
||||
<command>systemd-coredump</command>. If disabled, core dumps
|
||||
appear in the current directory of the crashing process.
|
||||
'';
|
||||
};
|
||||
|
||||
systemd.coredump.extraConfig = mkOption {
|
||||
default = "";
|
||||
type = types.lines;
|
||||
|
@ -861,8 +871,8 @@ in
|
|||
"tmpfiles.d/journal-nocow.conf".source = "${systemd}/example/tmpfiles.d/journal-nocow.conf";
|
||||
"tmpfiles.d/static-nodes-permissions.conf".source = "${systemd}/example/tmpfiles.d/static-nodes-permissions.conf";
|
||||
"tmpfiles.d/systemd.conf".source = "${systemd}/example/tmpfiles.d/systemd.conf";
|
||||
"tmpfiles.d/systemd-nspawn.conf".source = "${systemd}/example/tmpfiles.d/system-nspawn.conf";
|
||||
"tmpfiles.d/systemd-tmp.conf".source = "${systemd}/example/tmpfiles.d/system-tmp.conf";
|
||||
"tmpfiles.d/systemd-nspawn.conf".source = "${systemd}/example/tmpfiles.d/systemd-nspawn.conf";
|
||||
"tmpfiles.d/systemd-tmp.conf".source = "${systemd}/example/tmpfiles.d/systemd-tmp.conf";
|
||||
"tmpfiles.d/var.conf".source = "${systemd}/example/tmpfiles.d/var.conf";
|
||||
"tmpfiles.d/x11.conf".source = "${systemd}/example/tmpfiles.d/x11.conf";
|
||||
|
||||
|
@ -983,6 +993,10 @@ in
|
|||
# Don't bother with certain units in containers.
|
||||
systemd.services.systemd-remount-fs.unitConfig.ConditionVirtualization = "!container";
|
||||
systemd.services.systemd-random-seed.unitConfig.ConditionVirtualization = "!container";
|
||||
|
||||
boot.kernel.sysctl = mkIf (!cfg.coredump.enable) {
|
||||
"kernel.core_pattern" = "core";
|
||||
};
|
||||
};
|
||||
|
||||
# FIXME: Remove these eventually.
|
||||
|
|
|
@ -38,6 +38,12 @@ in
|
|||
} {
|
||||
assertion = cfg.defaultGateway6 == null || cfg.defaultGateway6.interface == null;
|
||||
message = "networking.defaultGateway6.interface is not supported by networkd.";
|
||||
} {
|
||||
assertion = cfg.useDHCP == false;
|
||||
message = ''
|
||||
networking.useDHCP is not supported by networkd.
|
||||
Please use per interface configuration and set the global option to false.
|
||||
'';
|
||||
} ] ++ flip mapAttrsToList cfg.bridges (n: { rstp, ... }: {
|
||||
assertion = !rstp;
|
||||
message = "networking.bridges.${n}.rstp is not supported by networkd.";
|
||||
|
@ -56,9 +62,7 @@ in
|
|||
genericNetwork = override:
|
||||
let gateway = optional (cfg.defaultGateway != null) cfg.defaultGateway.address
|
||||
++ optional (cfg.defaultGateway6 != null) cfg.defaultGateway6.address;
|
||||
in {
|
||||
DHCP = override (dhcpStr cfg.useDHCP);
|
||||
} // optionalAttrs (gateway != [ ]) {
|
||||
in optionalAttrs (gateway != [ ]) {
|
||||
routes = override [
|
||||
{
|
||||
routeConfig = {
|
||||
|
@ -97,7 +101,7 @@ in
|
|||
networks."40-${i.name}" = mkMerge [ (genericNetwork mkDefault) {
|
||||
name = mkDefault i.name;
|
||||
DHCP = mkForce (dhcpStr
|
||||
(if i.useDHCP != null then i.useDHCP else cfg.useDHCP && interfaceIps i == [ ]));
|
||||
(if i.useDHCP != null then i.useDHCP else false));
|
||||
address = forEach (interfaceIps i)
|
||||
(ip: "${ip.address}/${toString ip.prefixLength}");
|
||||
networkConfig.IPv6PrivacyExtensions = "kernel";
|
||||
|
|
|
@ -903,6 +903,11 @@ in
|
|||
Whether to use DHCP to obtain an IP address and other
|
||||
configuration for all network interfaces that are not manually
|
||||
configured.
|
||||
|
||||
Using this option is highly discouraged and also incompatible with
|
||||
<option>networking.useNetworkd</option>. Please use
|
||||
<option>networking.interfaces.<name>.useDHCP</option> instead
|
||||
and set this to false.
|
||||
'';
|
||||
};
|
||||
|
||||
|
|
|
@ -11,7 +11,7 @@ with lib;
|
|||
services.udisks2.enable = mkDefault false;
|
||||
powerManagement.enable = mkDefault false;
|
||||
|
||||
networking.useHostResolvConf = mkDefault (!config.services.resolved.enable);
|
||||
networking.useHostResolvConf = mkDefault true;
|
||||
|
||||
# Containers should be light-weight, so start sshd on demand.
|
||||
services.openssh.startWhenNeeded = mkDefault true;
|
||||
|
|
|
@ -824,5 +824,12 @@ in
|
|||
'';
|
||||
|
||||
environment.systemPackages = [ pkgs.nixos-container ];
|
||||
|
||||
boot.kernelModules = [
|
||||
"bridge"
|
||||
"macvlan"
|
||||
"tap"
|
||||
"tun"
|
||||
];
|
||||
});
|
||||
}
|
||||
|
|
|
@ -35,6 +35,7 @@ in
|
|||
boot-stage1 = handleTest ./boot-stage1.nix {};
|
||||
borgbackup = handleTest ./borgbackup.nix {};
|
||||
buildbot = handleTest ./buildbot.nix {};
|
||||
caddy = handleTest ./caddy.nix {};
|
||||
cadvisor = handleTestOn ["x86_64-linux"] ./cadvisor.nix {};
|
||||
cassandra = handleTest ./cassandra.nix {};
|
||||
ceph = handleTestOn ["x86_64-linux"] ./ceph.nix {};
|
||||
|
@ -262,7 +263,6 @@ in
|
|||
syncthing-relay = handleTest ./syncthing-relay.nix {};
|
||||
systemd = handleTest ./systemd.nix {};
|
||||
systemd-confinement = handleTest ./systemd-confinement.nix {};
|
||||
systemd-machinectl = handleTest ./systemd-machinectl.nix {};
|
||||
systemd-timesyncd = handleTest ./systemd-timesyncd.nix {};
|
||||
systemd-networkd-wireguard = handleTest ./systemd-networkd-wireguard.nix {};
|
||||
pdns-recursor = handleTest ./pdns-recursor.nix {};
|
||||
|
|
|
@ -0,0 +1,82 @@
|
|||
import ./make-test.nix ({ pkgs, ... }: {
|
||||
name = "caddy";
|
||||
meta = with pkgs.stdenv.lib.maintainers; {
|
||||
maintainers = [ xfix ];
|
||||
};
|
||||
|
||||
nodes = {
|
||||
webserver = { pkgs, lib, ... }: {
|
||||
services.caddy.enable = true;
|
||||
services.caddy.config = ''
|
||||
http://localhost {
|
||||
gzip
|
||||
|
||||
root ${
|
||||
pkgs.runCommand "testdir" {} ''
|
||||
mkdir "$out"
|
||||
echo hello world > "$out/example.html"
|
||||
''
|
||||
}
|
||||
}
|
||||
'';
|
||||
|
||||
nesting.clone = [
|
||||
{
|
||||
services.caddy.config = lib.mkForce ''
|
||||
http://localhost {
|
||||
gzip
|
||||
|
||||
root ${
|
||||
pkgs.runCommand "testdir2" {} ''
|
||||
mkdir "$out"
|
||||
echo changed > "$out/example.html"
|
||||
''
|
||||
}
|
||||
}
|
||||
'';
|
||||
}
|
||||
|
||||
{
|
||||
services.caddy.config = ''
|
||||
http://localhost:8080 {
|
||||
}
|
||||
'';
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
testScript = { nodes, ... }: let
|
||||
etagSystem = "${nodes.webserver.config.system.build.toplevel}/fine-tune/child-1";
|
||||
justReloadSystem = "${nodes.webserver.config.system.build.toplevel}/fine-tune/child-2";
|
||||
in ''
|
||||
my $url = 'http://localhost/example.html';
|
||||
$webserver->waitForUnit("caddy");
|
||||
$webserver->waitForOpenPort("80");
|
||||
|
||||
sub checkEtag {
|
||||
my $etag = $webserver->succeed(
|
||||
'curl -v '.$url.' 2>&1 | sed -n -e "s/^< [Ee][Tt][Aa][Gg]: *//p"'
|
||||
);
|
||||
$etag =~ s/\r?\n$//;
|
||||
my $httpCode = $webserver->succeed(
|
||||
'curl -w "%{http_code}" -X HEAD -H \'If-None-Match: '.$etag.'\' '.$url
|
||||
);
|
||||
die "HTTP code is not 304" unless $httpCode == 304;
|
||||
return $etag;
|
||||
}
|
||||
|
||||
subtest "check ETag if serving Nix store paths", sub {
|
||||
my $oldEtag = checkEtag;
|
||||
$webserver->succeed("${etagSystem}/bin/switch-to-configuration test >&2");
|
||||
$webserver->sleep(1); # race condition
|
||||
my $newEtag = checkEtag;
|
||||
die "Old ETag $oldEtag is the same as $newEtag" if $oldEtag eq $newEtag;
|
||||
};
|
||||
|
||||
subtest "config is reloaded on nixos-rebuild switch", sub {
|
||||
$webserver->succeed("${justReloadSystem}/bin/switch-to-configuration test >&2");
|
||||
$webserver->waitForOpenPort("8080");
|
||||
};
|
||||
'';
|
||||
})
|
|
@ -23,6 +23,7 @@ import ./make-test.nix ({ pkgs, ...} : {
|
|||
networking = {
|
||||
dhcpcd.enable = false;
|
||||
useNetworkd = true;
|
||||
useDHCP = false;
|
||||
interfaces.eth1.ipv6.addresses = mkOverride 0 [ { address = "fd00::1"; prefixLength = 64; } ];
|
||||
interfaces.eth1.ipv4.addresses = mkOverride 0 [ { address = "192.168.1.1"; prefixLength = 24; } ];
|
||||
};
|
||||
|
|
|
@ -10,12 +10,22 @@ import ./make-test.nix ({ pkgs, ... } : {
|
|||
services.mxisd.enable = true;
|
||||
services.mxisd.matrix.domain = "example.org";
|
||||
};
|
||||
|
||||
server_ma1sd = args : {
|
||||
services.mxisd.enable = true;
|
||||
services.mxisd.matrix.domain = "example.org";
|
||||
services.mxisd.package = pkgs.ma1sd;
|
||||
};
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
startAll;
|
||||
$server_mxisd->waitForUnit("mxisd.service");
|
||||
$server_mxisd->waitForOpenPort(8090);
|
||||
$server_mxisd->succeed("curl -Ssf \"http://127.0.0.1:8090/_matrix/identity/api/v1\"")
|
||||
$server_mxisd->succeed("curl -Ssf \"http://127.0.0.1:8090/_matrix/identity/api/v1\"");
|
||||
$server_ma1sd->waitForUnit("mxisd.service");
|
||||
$server_ma1sd->waitForOpenPort(8090);
|
||||
$server_ma1sd->succeed("curl -Ssf \"http://127.0.0.1:8090/_matrix/identity/api/v1\"")
|
||||
|
||||
'';
|
||||
})
|
||||
|
|
|
@ -72,6 +72,7 @@ let
|
|||
testCases = {
|
||||
loopback = {
|
||||
name = "Loopback";
|
||||
machine.networking.useDHCP = false;
|
||||
machine.networking.useNetworkd = networkd;
|
||||
testScript = ''
|
||||
startAll;
|
||||
|
@ -139,14 +140,16 @@ let
|
|||
virtualisation.vlans = [ 1 2 ];
|
||||
networking = {
|
||||
useNetworkd = networkd;
|
||||
useDHCP = true;
|
||||
useDHCP = false;
|
||||
interfaces.eth1 = {
|
||||
ipv4.addresses = mkOverride 0 [ ];
|
||||
ipv6.addresses = mkOverride 0 [ ];
|
||||
useDHCP = true;
|
||||
};
|
||||
interfaces.eth2 = {
|
||||
ipv4.addresses = mkOverride 0 [ ];
|
||||
ipv6.addresses = mkOverride 0 [ ];
|
||||
useDHCP = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
@ -320,13 +323,19 @@ let
|
|||
virtualisation.vlans = [ 1 ];
|
||||
networking = {
|
||||
useNetworkd = networkd;
|
||||
useDHCP = false;
|
||||
firewall.logReversePathDrops = true; # to debug firewall rules
|
||||
# reverse path filtering rules for the macvlan interface seem
|
||||
# to be incorrect, causing the test to fail. Disable temporarily.
|
||||
firewall.checkReversePath = false;
|
||||
useDHCP = true;
|
||||
macvlans.macvlan.interface = "eth1";
|
||||
interfaces.eth1.ipv4.addresses = mkOverride 0 [ ];
|
||||
interfaces.eth1 = {
|
||||
ipv4.addresses = mkOverride 0 [ ];
|
||||
useDHCP = true;
|
||||
};
|
||||
interfaces.macvlan = {
|
||||
useDHCP = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
testScript = { ... }:
|
||||
|
@ -440,6 +449,8 @@ let
|
|||
virtual = {
|
||||
name = "Virtual";
|
||||
machine = {
|
||||
networking.useNetworkd = networkd;
|
||||
networking.useDHCP = false;
|
||||
networking.interfaces.tap0 = {
|
||||
ipv4.addresses = [ { address = "192.168.1.1"; prefixLength = 24; } ];
|
||||
ipv6.addresses = [ { address = "2001:1470:fffd:2096::"; prefixLength = 64; } ];
|
||||
|
@ -489,6 +500,7 @@ let
|
|||
boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = true;
|
||||
networking = {
|
||||
useNetworkd = networkd;
|
||||
useDHCP = false;
|
||||
interfaces.eth1.ipv6.addresses = singleton {
|
||||
address = "fd00:1234:5678:1::1";
|
||||
prefixLength = 64;
|
||||
|
@ -514,11 +526,12 @@ let
|
|||
virtualisation.vlans = [ 1 ];
|
||||
networking = {
|
||||
useNetworkd = networkd;
|
||||
useDHCP = true;
|
||||
useDHCP = false;
|
||||
interfaces.eth1 = {
|
||||
preferTempAddress = true;
|
||||
ipv4.addresses = mkOverride 0 [ ];
|
||||
ipv6.addresses = mkOverride 0 [ ];
|
||||
useDHCP = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
@ -526,11 +539,12 @@ let
|
|||
virtualisation.vlans = [ 1 ];
|
||||
networking = {
|
||||
useNetworkd = networkd;
|
||||
useDHCP = true;
|
||||
useDHCP = false;
|
||||
interfaces.eth1 = {
|
||||
preferTempAddress = false;
|
||||
ipv4.addresses = mkOverride 0 [ ];
|
||||
ipv6.addresses = mkOverride 0 [ ];
|
||||
useDHCP = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
|
@ -16,6 +16,7 @@ in pkgs.lib.listToAttrs (pkgs.lib.crossLists (predictable: withNetworkd: {
|
|||
networking.usePredictableInterfaceNames = lib.mkForce predictable;
|
||||
networking.useNetworkd = withNetworkd;
|
||||
networking.dhcpcd.enable = !withNetworkd;
|
||||
networking.useDHCP = !withNetworkd;
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
|
|
|
@ -1,52 +0,0 @@
|
|||
import ./make-test.nix (let
|
||||
|
||||
container = { ... }: {
|
||||
boot.isContainer = true;
|
||||
|
||||
# use networkd to obtain systemd network setup
|
||||
networking.useNetworkd = true;
|
||||
|
||||
# systemd-nspawn expects /sbin/init
|
||||
boot.loader.initScript.enable = true;
|
||||
|
||||
imports = [ ../modules/profiles/minimal.nix ];
|
||||
};
|
||||
|
||||
containerSystem = (import ../lib/eval-config.nix {
|
||||
modules = [ container ];
|
||||
}).config.system.build.toplevel;
|
||||
|
||||
containerName = "container";
|
||||
containerRoot = "/var/lib/machines/${containerName}";
|
||||
|
||||
in {
|
||||
name = "systemd-machinectl";
|
||||
|
||||
machine = { lib, ... }: {
|
||||
# use networkd to obtain systemd network setup
|
||||
networking.useNetworkd = true;
|
||||
|
||||
# open DHCP server on interface to container
|
||||
networking.firewall.trustedInterfaces = [ "ve-+" ];
|
||||
|
||||
# do not try to access cache.nixos.org
|
||||
nix.binaryCaches = lib.mkForce [];
|
||||
|
||||
virtualisation.pathsInNixDB = [ containerSystem ];
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
startAll;
|
||||
|
||||
$machine->waitForUnit("default.target");
|
||||
$machine->succeed("mkdir -p ${containerRoot}");
|
||||
$machine->succeed("nixos-install --root ${containerRoot} --system ${containerSystem} --no-channel-copy --no-root-passwd --no-bootloader");
|
||||
|
||||
$machine->succeed("machinectl start ${containerName}");
|
||||
$machine->waitUntilSucceeds("systemctl -M ${containerName} is-active default.target");
|
||||
$machine->succeed("ping -n -c 1 ${containerName}");
|
||||
$machine->succeed("test `stat ${containerRoot}/var/empty -c %u%g` != 00");
|
||||
|
||||
$machine->succeed("machinectl stop ${containerName}");
|
||||
'';
|
||||
})
|
|
@ -2,6 +2,7 @@ let generateNodeConf = { lib, pkgs, config, privkpath, pubk, peerId, nodeId, ...
|
|||
imports = [ common/user-account.nix ];
|
||||
systemd.services.systemd-networkd.environment.SYSTEMD_LOG_LEVEL = "debug";
|
||||
networking.useNetworkd = true;
|
||||
networking.useDHCP = false;
|
||||
networking.firewall.enable = false;
|
||||
virtualisation.vlans = [ 1 ];
|
||||
environment.systemPackages = with pkgs; [ wireguard-tools ];
|
||||
|
|
|
@ -5,13 +5,13 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "flacon";
|
||||
version = "5.4.0";
|
||||
version = "5.5.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "flacon";
|
||||
repo = "flacon";
|
||||
rev = "v${version}";
|
||||
sha256 = "1j8gzk92kn10yb7rmvrnyq0ipda2swnkmsavqsk5ws0z600p3k93";
|
||||
sha256 = "05pvg5xhc2azwzld08m81r4b2krqdbcbm5lmdvg2zkk67xq9pqyd";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake pkgconfig makeWrapper ];
|
||||
|
|
|
@ -0,0 +1,44 @@
|
|||
{ lib, fetchFromGitHub, python3Packages, wrapQtAppsHook }:
|
||||
|
||||
let
|
||||
py = python3Packages;
|
||||
in py.buildPythonApplication rec {
|
||||
pname = "friture";
|
||||
version = "0.36";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "tlecomte";
|
||||
repo = "friture";
|
||||
rev = "v${version}";
|
||||
sha256 = "1pz8v0qbzqq3ig9w33cp027s6c8rj316x5sy8pqs5nsiny9ddnk6";
|
||||
};
|
||||
|
||||
# module imports scipy.misc.factorial, but it has been removed since scipy
|
||||
# 1.3.0; use scipy.special.factorial instead
|
||||
patches = [ ./factorial.patch ];
|
||||
|
||||
nativeBuildInputs = (with py; [ numpy cython scipy ]) ++
|
||||
[ wrapQtAppsHook ];
|
||||
|
||||
propagatedBuildInputs = with py; [
|
||||
sounddevice
|
||||
pyopengl
|
||||
docutils
|
||||
numpy
|
||||
pyqt5
|
||||
appdirs
|
||||
pyrr
|
||||
];
|
||||
|
||||
postFixup = ''
|
||||
wrapQtApp $out/bin/friture
|
||||
wrapQtApp $out/bin/.friture-wrapped
|
||||
'';
|
||||
|
||||
meta = with lib; {
|
||||
description = "A real-time audio analyzer";
|
||||
homepage = http://friture.org/;
|
||||
license = licenses.gpl3;
|
||||
maintainers = [ maintainers.laikq ];
|
||||
};
|
||||
}
|
|
@ -0,0 +1,13 @@
|
|||
diff --git a/friture/filter_design.py b/friture/filter_design.py
|
||||
index 9876c43..1cc749a 100644
|
||||
--- a/friture/filter_design.py
|
||||
+++ b/friture/filter_design.py
|
||||
@@ -2,7 +2,7 @@
|
||||
from numpy import pi, exp, arange, cos, sin, sqrt, zeros, ones, log, arange, set_printoptions
|
||||
# the three following lines are a workaround for a bug with scipy and py2exe
|
||||
# together. See http://www.pyinstaller.org/ticket/83 for reference.
|
||||
-from scipy.misc import factorial
|
||||
+from scipy.special import factorial
|
||||
import scipy
|
||||
scipy.factorial = factorial
|
||||
|
|
@ -9,11 +9,11 @@
|
|||
stdenv.mkDerivation rec {
|
||||
|
||||
pname = "kid3";
|
||||
version = "3.7.1";
|
||||
version = "3.8.0";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://sourceforge/project/kid3/kid3/${version}/${pname}-${version}.tar.gz";
|
||||
sha256 = "0xkrsjrbr3z8cn8hjf623l28r3b755gr11i0clv8d8i3s10vhbd8";
|
||||
sha256 = "1a6ixkkdp1fl3arylx06w73mwf26i0ibyplwwcn2kw5xsfxmbjp6";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ wrapQtAppsHook ];
|
||||
|
|
|
@ -1,13 +1,13 @@
|
|||
{ stdenv, fetchurl, unzip }:
|
||||
{ stdenv, fetchurl, unzip, mpg123 }:
|
||||
|
||||
stdenv.mkDerivation {
|
||||
name = "mp3gain-1.5.2";
|
||||
name = "mp3gain-1.6.2";
|
||||
src = fetchurl {
|
||||
url = "mirror://sourceforge/mp3gain/mp3gain-1_5_2-src.zip";
|
||||
sha256 = "1jkgry59m8cnnfq05b9y1h4x4wpy3iq8j68slb9qffwa3ajcgbfv";
|
||||
url = "mirror://sourceforge/mp3gain/mp3gain-1_6_2-src.zip";
|
||||
sha256 = "0varr6y7k8zarr56b42r0ad9g3brhn5vv3xjg1c0v19jxwr4gh2w";
|
||||
};
|
||||
|
||||
buildInputs = [ unzip ];
|
||||
buildInputs = [ unzip mpg123 ];
|
||||
|
||||
sourceRoot = ".";
|
||||
|
||||
|
|
|
@ -2,11 +2,11 @@
|
|||
|
||||
mkDerivation rec {
|
||||
pname = "padthv1";
|
||||
version = "0.9.9";
|
||||
version = "0.9.10";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://sourceforge/padthv1/${pname}-${version}.tar.gz";
|
||||
sha256 = "0axansxwa3vfc1n6a7jbaqyz6wmsffi37i4ggsl08gmqywz255xb";
|
||||
sha256 = "07gpq31a9iwk79yzndqzmw7snap7s4ifnsc4mfwkdga2zx13z0rx";
|
||||
};
|
||||
|
||||
buildInputs = [ libjack2 alsaLib libsndfile liblo lv2 qt5.qtbase qt5.qttools fftw ];
|
||||
|
|
|
@ -1,6 +1,8 @@
|
|||
{ stdenv, fetchurl, alsaLib, fluidsynth, libjack2, qt5, autoconf, pkgconfig }:
|
||||
{ stdenv, fetchurl, alsaLib, fluidsynth, libjack2, autoconf, pkgconfig
|
||||
, mkDerivation, qtbase, qttools, qtx11extras
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
mkDerivation rec {
|
||||
pname = "qsynth";
|
||||
version = "0.5.7";
|
||||
|
||||
|
@ -11,7 +13,7 @@ stdenv.mkDerivation rec {
|
|||
|
||||
nativeBuildInputs = [ autoconf pkgconfig ];
|
||||
|
||||
buildInputs = [ alsaLib fluidsynth libjack2 qt5.qtbase qt5.qttools qt5.qtx11extras ];
|
||||
buildInputs = [ alsaLib fluidsynth libjack2 qtbase qttools qtx11extras ];
|
||||
|
||||
enableParallelBuilding = true;
|
||||
|
||||
|
|
|
@ -65,5 +65,6 @@ python3.pkgs.buildPythonApplication rec {
|
|||
|
||||
maintainers = with maintainers; [ coroa sauyon ];
|
||||
homepage = https://quodlibet.readthedocs.io/en/latest/;
|
||||
broken = true;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -2,11 +2,11 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "samplv1";
|
||||
version = "0.9.9";
|
||||
version = "0.9.10";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://sourceforge/samplv1/${pname}-${version}.tar.gz";
|
||||
sha256 = "1y61wb0bzm1cz7y8xxv6hp8mrkfb9zm9irg6zs4g6aanw539r6l8";
|
||||
sha256 = "04p5jkighmc8rf7fzzy8ch6knqbxv03vhjzdfh9dva2mlzw9rvjj";
|
||||
};
|
||||
|
||||
buildInputs = [ libjack2 alsaLib liblo libsndfile lv2 qt5.qtbase qt5.qttools];
|
||||
|
|
|
@ -4,11 +4,11 @@
|
|||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "snd-19.6";
|
||||
name = "snd-19.7";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://sourceforge/snd/${name}.tar.gz";
|
||||
sha256 = "0s2qv8sznvw6559bi39qj9p072azh9qcb2b86w6w8clz2azjaa76";
|
||||
sha256 = "1pr3l9iadvwinmxfl9a2lsm67yi7w3rhxglidpd41m2ni8jf2rlm";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ pkgconfig ];
|
||||
|
|
|
@ -100,5 +100,6 @@ mkDerivation rec {
|
|||
license = lib.licenses.mit;
|
||||
maintainers = with lib.maintainers; [ Phlogistique kamilchm ];
|
||||
platforms = lib.platforms.linux;
|
||||
broken = true;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -6,16 +6,16 @@
|
|||
|
||||
rustPlatform.buildRustPackage rec {
|
||||
pname = "spotifyd";
|
||||
version = "0.2.16";
|
||||
version = "0.2.19";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "Spotifyd";
|
||||
repo = "spotifyd";
|
||||
rev = "v${version}";
|
||||
sha256 = "097hg18h7gya2w0wl5jkav79nb3qzcc4ycsryq7nhxa0h1agvinc";
|
||||
sha256 = "063b28ysj224m6ngns9i574i7vnp1x4g07cqjw908ch04yngcg1c";
|
||||
};
|
||||
|
||||
cargoSha256 = "0ar4bfwn3qxa6wsz2hd7nv1wr824h74jy3xqba2qsy0rsfwy1bmm";
|
||||
cargoSha256 = "0pqxqd5dyw9mjclrqkxzfnzsz74xl4bg0b86v5q6kc0a91zd49b9";
|
||||
|
||||
cargoBuildFlags = [
|
||||
"--no-default-features"
|
||||
|
@ -36,7 +36,7 @@ rustPlatform.buildRustPackage rec {
|
|||
description = "An open source Spotify client running as a UNIX daemon";
|
||||
homepage = "https://github.com/Spotifyd/spotifyd";
|
||||
license = with licenses; [ gpl3 ];
|
||||
maintainers = [ maintainers.anderslundstedt ];
|
||||
maintainers = [ maintainers.anderslundstedt maintainers.marsam ];
|
||||
platforms = platforms.unix;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -2,11 +2,11 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "synthv1";
|
||||
version = "0.9.9";
|
||||
version = "0.9.10";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://sourceforge/synthv1/${pname}-${version}.tar.gz";
|
||||
sha256 = "0cvamqzg74qfr7kzk3skimskmv0j3d1rmmpbpsmfcrg8srvyx9r2";
|
||||
sha256 = "1ssdm7aiaz908ydqwdx9khxnnd0yfacjgvbxg5p9s9xhkbqqc2f2";
|
||||
};
|
||||
|
||||
buildInputs = [ qt5.qtbase qt5.qttools libjack2 alsaLib liblo lv2 ];
|
||||
|
|
|
@ -2,6 +2,7 @@
|
|||
, fetchFromGitHub
|
||||
, cmake
|
||||
, ninja
|
||||
, vala
|
||||
, pkgconfig
|
||||
, pantheon
|
||||
, gtk3
|
||||
|
@ -34,7 +35,7 @@ stdenv.mkDerivation rec {
|
|||
cmake
|
||||
libxml2
|
||||
ninja
|
||||
pantheon.vala
|
||||
vala
|
||||
pkgconfig
|
||||
wrapGAppsHook
|
||||
];
|
||||
|
|
|
@ -3,12 +3,12 @@
|
|||
, libGLU, lv2, gtk2, cairo, pango, fftwFloat, zita-convolver }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
version = "20190714";
|
||||
version = "20190820";
|
||||
pname = "x42-plugins";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://gareus.org/misc/x42-plugins/${pname}-${version}.tar.xz";
|
||||
sha256 = "1mifmdy9pi1lg0h4nsvyjjnnni41vhgg34lks94mrx46wq90bgx4";
|
||||
sha256 = "0dqsa5yxm3nx50j9k28iillj4sx2mjndzyspymxx0ghir1qmi4vh";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ pkgconfig ];
|
||||
|
|
|
@ -10,16 +10,16 @@
|
|||
|
||||
rustPlatform.buildRustPackage rec {
|
||||
pname = "jormungandr";
|
||||
version = "0.5.5";
|
||||
version = "0.5.6";
|
||||
|
||||
src = fetchgit {
|
||||
url = "https://github.com/input-output-hk/${pname}";
|
||||
rev = "v${version}";
|
||||
sha256 = "1fzhmkx60b5fnx4x81g5ls93iixd3126m4q1smrpq8ksidw5xifa";
|
||||
rev = "v${version}+lock";
|
||||
sha256 = "0l6rxr1xjp5hfkf0qfx8qsa1slxn0ly28akci1rwgdhlzjn43zqr";
|
||||
fetchSubmodules = true;
|
||||
};
|
||||
|
||||
cargoSha256 = "1hkbzxp6ic1655cq45zv6dcyrk9rbmvscdl8wm8fbidabz4x8vqd";
|
||||
cargoSha256 = "0590gsghr25bzfmxfyrpg58a0l77y88jwnrkgjxf06x3d66kkn3l";
|
||||
|
||||
nativeBuildInputs = [ pkgconfig protobuf ];
|
||||
buildInputs = [ openssl ] ++ lib.optionals stdenv.isDarwin [ darwin.apple_sdk.frameworks.Security ];
|
||||
|
|
|
@ -26,5 +26,6 @@ rustPlatform.buildRustPackage rec {
|
|||
license = licenses.gpl3;
|
||||
maintainers = [ maintainers.akru ];
|
||||
platforms = platforms.linux;
|
||||
broken = true;
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,8 +1,11 @@
|
|||
{ channel, pname, version, build, sha256Hash }:
|
||||
|
||||
{ bash
|
||||
{ alsaLib
|
||||
, bash
|
||||
, buildFHSUserEnv
|
||||
, coreutils
|
||||
, dbus
|
||||
, expat
|
||||
, fetchurl
|
||||
, findutils
|
||||
, file
|
||||
|
@ -19,16 +22,24 @@
|
|||
, libpulseaudio
|
||||
, libGL
|
||||
, libX11
|
||||
, libxcb
|
||||
, libXcomposite
|
||||
, libXcursor
|
||||
, libXdamage
|
||||
, libXext
|
||||
, libXfixes
|
||||
, libXi
|
||||
, libXrandr
|
||||
, libXrender
|
||||
, libXtst
|
||||
, makeWrapper
|
||||
, nspr
|
||||
, nss
|
||||
, pciutils
|
||||
, pkgsi686Linux
|
||||
, setxkbmap
|
||||
, stdenv
|
||||
, systemd
|
||||
, unzip
|
||||
, which
|
||||
, runCommand
|
||||
|
@ -99,9 +110,20 @@ let
|
|||
libXrandr
|
||||
|
||||
# For Android emulator
|
||||
alsaLib
|
||||
dbus
|
||||
expat
|
||||
libpulseaudio
|
||||
libX11
|
||||
libxcb
|
||||
libXcomposite
|
||||
libXcursor
|
||||
libXdamage
|
||||
libXfixes
|
||||
libGL
|
||||
nspr
|
||||
nss
|
||||
systemd
|
||||
|
||||
# For GTKLookAndFeel
|
||||
gtk2
|
||||
|
|
|
@ -8,15 +8,15 @@ let
|
|||
inherit (gnome2) GConf gnome_vfs;
|
||||
};
|
||||
stableVersion = {
|
||||
version = "3.5.0.21"; # "Android Studio 3.5"
|
||||
build = "191.5791312";
|
||||
sha256Hash = "0vvk2vhklxg9wfi4lv4sahs5ahhb1mki1msy3yixmr56vipgv52p";
|
||||
version = "3.5.1.0"; # "Android Studio 3.5.1"
|
||||
build = "191.5900203";
|
||||
sha256Hash = "0afxlif8pkrl6m1lhiqri1qv4vf5mfm1yg6qk5rad0442hm3kz4l";
|
||||
};
|
||||
betaVersion = stableVersion;
|
||||
betaVersion = latestVersion;
|
||||
latestVersion = { # canary & dev
|
||||
version = "3.6.0.12"; # "Android Studio 3.6 Canary 12"
|
||||
build = "192.5871855";
|
||||
sha256Hash = "0pxvpxqdxv37sl72p7gml70k6kl717k6avw9p0l00cys0zbvb3zq";
|
||||
version = "3.6.0.13"; # "Android Studio 3.6 Beta 1"
|
||||
build = "192.5916306";
|
||||
sha256Hash = "0kvz3mgpfb3wqr1pw9847d5syswlzls3b4nilzgk6w127k2zmkfy";
|
||||
};
|
||||
in {
|
||||
# Attributes are named by their corresponding release channels
|
||||
|
|
|
@ -13,10 +13,10 @@ assert stdenv ? glibc;
|
|||
|
||||
let
|
||||
platform_major = "4";
|
||||
platform_minor = "12";
|
||||
platform_minor = "13";
|
||||
year = "2019";
|
||||
month = "06";
|
||||
timestamp = "201906051800";
|
||||
month = "09";
|
||||
timestamp = "201909161045";
|
||||
|
||||
in rec {
|
||||
|
||||
|
@ -34,7 +34,7 @@ in rec {
|
|||
src =
|
||||
fetchurl {
|
||||
url = "https://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/technology/epp/downloads/release/${year}-${month}/R/eclipse-cpp-${year}-${month}-R-linux-gtk-x86_64.tar.gz";
|
||||
sha512 = "3mfljabrwbwq256vvsp9qjb96hzlbpwgnb3wz806pbyh0ibfq6s1hn8kh5aaa2da5821v0ykcxa12jagj7naqp4g91jqxp1wb1ygz2q";
|
||||
sha512 = "0s9wvxd1bahlcdw7l6cyfi59p78j6gym3a3mn1z6dm6swxgyb2wjjl7hx8bkg0zs8x31bwllpdq22y2vcm6j57h40v53l3xkhy73m8v";
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -46,7 +46,7 @@ in rec {
|
|||
src =
|
||||
fetchurl {
|
||||
url = "https://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/technology/epp/downloads/release/${year}-${month}/R/eclipse-modeling-${year}-${month}-R-linux-gtk-x86_64.tar.gz";
|
||||
sha512 = "18p6xz6rq4w6j39b2k9kjpz8s1nljfq44g2cmvxqjgjfkq8lk4ij73ssyv1raly4wkm7r22ixacswdjmyj942k5vpv9y11i91hp1scv";
|
||||
sha512 = "09nc7ipv67h0gr7lkxsbxrgj9gn48348asn03ylcvflyrcxghqs8n11a75rwvdj98igdzpw922saicx5lqq5g2flfqiga97lwwhfiz5";
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -58,7 +58,7 @@ in rec {
|
|||
src =
|
||||
fetchurl {
|
||||
url = "https://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/eclipse/downloads/drops${platform_major}/R-${platform_major}.${platform_minor}-${timestamp}/eclipse-platform-${platform_major}.${platform_minor}-linux-gtk-x86_64.tar.gz";
|
||||
sha512 = "0qiyk95qhdqcfgg5hgc7pcpbpjy9jnx7l3vb7s4cgijdz2xz0n5psh11lpj3whk2amh4iwkyx7kn8fxdq7lm03rlgx67cbk7p8my16m";
|
||||
sha512 = "2c40wwrc2ip32n0m5cs8ds0g7cs7018acw8gjkd23msa4pr9x9511c3dj6rbnn1hwzf9yjq6vnjmib5qarxd3vly76jwxhf867l1f7v";
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -88,7 +88,7 @@ in rec {
|
|||
src =
|
||||
fetchurl {
|
||||
url = "https://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/eclipse/downloads/drops${platform_major}/R-${platform_major}.${platform_minor}-${timestamp}/eclipse-SDK-${platform_major}.${platform_minor}-linux-gtk-x86_64.tar.gz";
|
||||
sha512 = "3bbc8d66ms7nhg6f8gb0bnzjqz26wixpipn4n9qf0azcplrv2j91z8hjw1fx39dx4pqnsf442bkgab4qqhkpks7qq54110l01q6gvy9";
|
||||
sha512 = "2vm646d1crzzzysll3p5pjfljfjzxx4qd37dqcp6xjm91zg8iskli688h0lgla0rmbwz5kj509jp22m4rxkp3cbgd006dd0jr3icdls";
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -100,7 +100,7 @@ in rec {
|
|||
src =
|
||||
fetchurl {
|
||||
url = "https://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/technology/epp/downloads/release/${year}-${month}/R/eclipse-java-${year}-${month}-R-linux-gtk-x86_64.tar.gz";
|
||||
sha512 = "20qs1aagh4drsycvar3x42zy422zl34yg1p3vhxbqfbf7v3z1d3cxs9ah61x4bdxx9bkfwchasqp1wr15nflch9g0i50bdki3cgng1d";
|
||||
sha512 = "3zyxqd8iwrfgjjg91dfi4bda61rd2717hy53swmbygi48zaaam70swx997yp5qzxwjp3macdslfk6sqhq2qlcdwcdl6dmkry018jh7b";
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
@ -254,12 +254,12 @@ rec {
|
|||
|
||||
cdt = buildEclipseUpdateSite rec {
|
||||
name = "cdt-${version}";
|
||||
version = "9.8.1";
|
||||
version = "9.9.0";
|
||||
|
||||
src = fetchzip {
|
||||
stripRoot = false;
|
||||
url = "https://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/tools/cdt/releases/9.8/${name}/${name}.zip";
|
||||
sha256 = "0kxmwz75i8mv4wics9n0hspxhzl3glf5ry2v5mnl5j9gcf73b0nv";
|
||||
url = "https://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/tools/cdt/releases/9.9/${name}/${name}.zip";
|
||||
sha256 = "1vgx7ggilfwmx0bjrhk7mwlwg1c8lb141ilj3vzwxivlffihy054";
|
||||
};
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
|
@ -474,12 +474,12 @@ rec {
|
|||
|
||||
jdt = buildEclipseUpdateSite rec {
|
||||
name = "jdt-${version}";
|
||||
version = "4.12";
|
||||
version = "4.13";
|
||||
|
||||
src = fetchzip {
|
||||
stripRoot = false;
|
||||
url = https://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/eclipse/downloads/drops4/R-4.12-201906051800/org.eclipse.jdt-4.12.zip;
|
||||
sha256 = "0qscvqg69z4554n1yhl0xg1xz8ln3qsbgfzi7cg3xnnwnxfqz9cb";
|
||||
url = https://www.eclipse.org/downloads/download.php?r=1&nf=1&file=/eclipse/downloads/drops4/R-4.13-201909161045/org.eclipse.jdt-4.13.zip;
|
||||
sha256 = "0sfpxph0cszcx1cihzzjn60qid8sxgl2xyr9x46fld4ian5a7vbr";
|
||||
};
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
with stdenv.lib;
|
||||
|
||||
let
|
||||
version = "1.35";
|
||||
version = "1.36";
|
||||
in
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
|
@ -12,7 +12,7 @@ stdenv.mkDerivation rec {
|
|||
|
||||
src = fetchurl {
|
||||
url = "https://download.geany.org/${pname}-${version}.tar.bz2";
|
||||
sha256 = "179xfnvhcxsv54v2mlrhykqv2j7klniln5sffvqqpjmdvwyivvim";
|
||||
sha256 = "0gnm17cr4rf3pmkf0axz4a0fxwnvp55ji0q0lzy88yqbshyxv14i";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ pkgconfig intltool libintl ];
|
||||
|
|
|
@ -38,11 +38,11 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "gnome-builder";
|
||||
version = "3.34.0";
|
||||
version = "3.34.1";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://gnome/sources/${pname}/${stdenv.lib.versions.majorMinor version}/${pname}-${version}.tar.xz";
|
||||
sha256 = "19i2ipgw48fpd50wacwyhj35hajlg7qcyxpj8rsqk4g21ijfykrg";
|
||||
sha256 = "19018pq94cxf6fywd7fsmy98x56by5zfmh140pl530gaaw84cvhb";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
python3Packages.buildPythonApplication rec {
|
||||
pname = "manuskript";
|
||||
version = "0.9.0";
|
||||
version = "0.10.0";
|
||||
|
||||
format = "other";
|
||||
|
||||
|
@ -10,7 +10,7 @@ python3Packages.buildPythonApplication rec {
|
|||
repo = pname;
|
||||
owner = "olivierkes";
|
||||
rev = version;
|
||||
sha256 = "13y1s0kba1ib6g977n7h920kyr7abdw03kpal512m7iwa9g2kdw8";
|
||||
sha256 = "0q413vym7hzjpyg3krj5y63hwpncdifjkyswqmr76zg5yqnklnh3";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ wrapQtAppsHook ];
|
||||
|
|
|
@ -20,11 +20,11 @@ let
|
|||
|
||||
in stdenv.mkDerivation rec {
|
||||
pname = "nano";
|
||||
version = "4.4";
|
||||
version = "4.5";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://gnu/nano/${pname}-${version}.tar.xz";
|
||||
sha256 = "1iw2ypq34g1gfqyhgka2fz5yj5vrlz85q6zk7amgyj286ph25wia";
|
||||
sha256 = "0czmz1yq8s5qcxcmfjdxzg9nkhbmlc9q1nz04jvf57fdbs7w7mfy";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ texinfo ] ++ optional enableNls gettext;
|
||||
|
|
|
@ -26,7 +26,8 @@ stdenv.mkDerivation rec {
|
|||
'';
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
homepage = https://sourceforge.net/projects/nedit;
|
||||
homepage = "https://sourceforge.net/projects/nedit";
|
||||
description = "A fast, compact Motif/X11 plain text editor";
|
||||
platforms = with platforms; linux ++ darwin;
|
||||
license = licenses.gpl2;
|
||||
};
|
||||
|
|
|
@ -79,9 +79,11 @@ in
|
|||
|
||||
cmakeFlags = [
|
||||
"-DGPERF_PRG=${gperf}/bin/gperf"
|
||||
"-DLIBLUV_LIBRARY=${lua.pkgs.luv}/lib/lua/${lua.luaversion}/luv.so"
|
||||
"-DLUA_PRG=${neovimLuaEnv.interpreter}"
|
||||
]
|
||||
# FIXME: this is verry messy and strange.
|
||||
++ optional (!stdenv.isDarwin) "-DLIBLUV_LIBRARY=${lua.pkgs.luv}/lib/lua/${lua.luaversion}/luv.so"
|
||||
++ optional (stdenv.isDarwin) "-DLIBLUV_LIBRARY=${lua.pkgs.luv.libluv}/lib/lua/${lua.luaversion}/libluv.dylib"
|
||||
++ optional doCheck "-DBUSTED_PRG=${neovimLuaEnv}/bin/busted"
|
||||
++ optional (!lua.pkgs.isLuaJIT) "-DPREFER_LUA=ON"
|
||||
;
|
||||
|
|
|
@ -28,6 +28,7 @@ stdenv.mkDerivation rec {
|
|||
|
||||
meta = with stdenv.lib; {
|
||||
license = licenses.gpl2;
|
||||
description = "A hex editor";
|
||||
maintainers = with maintainers; [ peterhoeg bkchr ];
|
||||
platforms = platforms.linux;
|
||||
};
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ stdenv, fetchFromGitHub, pkgconfig, meson, ninja, python3
|
||||
{ stdenv, fetchFromGitHub, pkgconfig, meson, ninja, python3, vala
|
||||
, gtk3, desktop-file-utils, gtksourceview, webkitgtk, gtkspell3, pantheon
|
||||
, libgee, discount, wrapGAppsHook }:
|
||||
|
||||
|
@ -17,7 +17,7 @@ stdenv.mkDerivation rec {
|
|||
desktop-file-utils
|
||||
meson
|
||||
ninja
|
||||
pantheon.vala
|
||||
vala
|
||||
pkgconfig
|
||||
python3
|
||||
wrapGAppsHook
|
||||
|
|
|
@ -5,15 +5,15 @@ let
|
|||
in
|
||||
{
|
||||
sublime3-dev = common {
|
||||
buildVersion = "3208";
|
||||
buildVersion = "3210";
|
||||
dev = true;
|
||||
x32sha256 = "09k04fjryc0dc6173i6nwhi5xaan89n4lp0n083crvkqwp0qlf2i";
|
||||
x64sha256 = "12pn3yfm452m75dlyl0lyf82956j8raz2dglv328m81hbafflrj8";
|
||||
x32sha256 = "1ngr4c8h2mafy96mi8dd3g8mg5r9ha1cpcd8p3gz7jwpbypvkkbv";
|
||||
x64sha256 = "0j65a4ylgga1qzc74wf3k5craghahma8hwqg3zs1rgzz601nl693";
|
||||
} {};
|
||||
|
||||
sublime3 = common {
|
||||
buildVersion = "3207";
|
||||
x32sha256 = "14hfb8x8zb49zjq0pd8s73xk333gmf38h5b7g979czcmbhdxiyqy";
|
||||
x64sha256 = "1i1q9592sc8idvlpygksdkclh7h506hsz5l0i02g1814w0flzdmc";
|
||||
buildVersion = "3211";
|
||||
x32sha256 = "0w9hba1nl2hv1mri418n7v0m321b6wqphb1knll23ldv5fb0j1j8";
|
||||
x64sha256 = "1vkldmimyjhbgplcd6r27gvk64rr7cparfd44hy6qdyzwsjqqg0b";
|
||||
} {};
|
||||
}
|
||||
|
|
|
@ -136,6 +136,15 @@ stdenv.mkDerivation {
|
|||
find $out/share/man \( -name eVim.1 -or -name xxd.1 \) -delete
|
||||
'';
|
||||
|
||||
# We rely on the user's Xcode install to build. It may be located in an arbitrary place, and
|
||||
# it's not clear what system-level components it may require, so for now we'll just allow full
|
||||
# filesystem access. This way the package still can't access the network.
|
||||
sandboxProfile = ''
|
||||
(allow file-read* file-write* process-exec mach-lookup)
|
||||
; block homebrew dependencies
|
||||
(deny file-read* file-write* process-exec mach-lookup (subpath "/usr/local") (with no-log))
|
||||
'';
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "Vim - the text editor - for macOS";
|
||||
homepage = https://github.com/macvim-dev/macvim;
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue