public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge staging into staging-next

Browse Source
This commit is contained in:
Frederik Rietdijk 2018-08-09 18:28:50 +02:00
commit f02206d63d
482 changed files with 12667 additions and 10125 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
doc/old/cross.txt
View File

@ -64,7 +64,7 @@ stdenv.mkDerivation {
sha256 = "1ian3kwh2vg6hr3ymrv48s04gijs539vzrq62xr76bxbhbwnz2np"; sha256 = "1ian3kwh2vg6hr3ymrv48s04gijs539vzrq62xr76bxbhbwnz2np";
}; };
inherit noSysDirs; inherit noSysDirs;
configureFlags = "--target=arm-linux"; configureFlags = [ "--target=arm-linux" ];
} }
--- ---

48
doc/package-notes.xml
View File

@ -705,4 +705,52 @@ overrides = super: self: rec {
</programlisting> </programlisting>
</para> </para>
</section> </section>
<section xml:id="sec-citrix">
<title>Citrix Receiver</title>
<para>
The <link xlink:href="https://www.citrix.com/products/receiver/">Citrix Receiver</link> is a remote
desktop viewer which provides access to
<link xlink:href="https://www.citrix.com/products/xenapp-xendesktop/">XenDesktop</link> installations.
</para>
<section xml:id="sec-citrix-base">
<title>Basic usage</title>
<para>
The tarball archive needs to be downloaded manually as the licenses agreements of the vendor
need to be accepted first. This is available at the
<link xlink:href="https://www.citrix.com/downloads/citrix-receiver/">download page at citrix.com</link>.
Then run <literal>nix-prefetch-url file://$PWD/linuxx64-$version.tar.gz</literal>.
With the archive available in the store the package can be built and installed with Nix.
</para>
<para>
<emphasis>Note: it's recommended to install <literal>Citrix Receiver</literal> using
<literal>nix-env -i</literal> or globally to ensure that the <literal>.desktop</literal> files
are installed properly into <literal>$XDG_CONFIG_DIRS</literal>. Otherwise it won't
be possible to open <literal>.ica</literal> files
automatically from the browser to start a Citrix connection.</emphasis>
</para>
</section>
<section xml:id="sec-citrix-custom-certs">
<title>Custom certificates</title>
<para>
The <literal>Citrix Receiver</literal> in <literal>nixpkgs</literal> trusts several certificates
<link xlink:href="https://curl.haxx.se/docs/caextract.html">from the Mozilla database</link> by default.
However several companies using Citrix might require their own corporate certificate. On distros with imperative
packaging these certs can be stored easily in
<link xlink:href="https://developer-docs.citrix.com/projects/receiver-for-linux-command-reference/en/13.7/"><literal>$ICAROOT</literal></link>,
however this directory is a store path in <literal>nixpkgs</literal>. In order to work around this issue the package provides a simple
mechanism to add custom certificates without rebuilding the entire package using <literal>symlinkJoin</literal>:
<programlisting>
<![CDATA[with import <nixpkgs> { config.allowUnfree = true; };
let extraCerts = [ ./custom-cert-1.pem ./custom-cert-2.pem /* ... */ ]; in
citrix_receiver.override {
inherit extraCerts;
}]]>
</programlisting>
</para>
</section>
</section>
</chapter> </chapter>

10
maintainers/maintainer-list.nix
View File

@ -807,6 +807,11 @@
github = "coroa"; github = "coroa";
name = "Jonas Hörsch"; name = "Jonas Hörsch";
}; };
costrouc = {
email = "chris.ostrouchov@gmail.com";
github = "costrouc";
name = "Chris Ostrouchov";
};
couchemar = { couchemar = {
email = "couchemar@yandex.ru"; email = "couchemar@yandex.ru";
github = "couchemar"; github = "couchemar";
@ -1842,6 +1847,11 @@
github = "jluttine"; github = "jluttine";
name = "Jaakko Luttinen"; name = "Jaakko Luttinen";
}; };
jmettes = {
email = "jonathan@jmettes.com";
github = "jmettes";
name = "Jonathan Mettes";
};
Jo = { Jo = {
email = "0x4A6F@shackspace.de"; email = "0x4A6F@shackspace.de";
name = "Joachim Ernst"; name = "Joachim Ernst";

24
nixos/doc/manual/release-notes/rl-1809.xml
View File

@ -73,6 +73,14 @@ $ nix-instantiate -E '(import &lt;nixpkgsunstable&gt; {}).gitFull'
</para> </para>
<itemizedlist> <itemizedlist>
<listitem>
<para>
The <varname>services.cassandra</varname> module has been reworked and
was rewritten from scratch. The service has succeeding tests for
the versions 2.1, 2.2, 3.0 and 3.11 of <link
xlink:href="https://cassandra.apache.org/">Apache Cassandra</link>.
</para>
</listitem>
<listitem> <listitem>
<para> <para>
There is a new <varname>services.foundationdb</varname> module for deploying There is a new <varname>services.foundationdb</varname> module for deploying
@ -119,6 +127,12 @@ $ nix-instantiate -E '(import &lt;nixpkgsunstable&gt; {}).gitFull'
</para> </para>
<itemizedlist> <itemizedlist>
<listitem>
<para>
The deprecated <varname>services.cassandra</varname> module has
seen a complete rewrite. (See above.)
</para>
</listitem>
<listitem> <listitem>
<para> <para>
<literal>lib.strict</literal> is removed. Use <literal>lib.strict</literal> is removed. Use
@ -176,6 +190,16 @@ $ nix-instantiate -E '(import &lt;nixpkgsunstable&gt; {}).gitFull'
which indicates that the nix output hash will be used as tag. which indicates that the nix output hash will be used as tag.
</para> </para>
</listitem> </listitem>
<listitem>
<para>
Options
<literal>boot.initrd.luks.devices.<replaceable>name</replaceable>.yubikey.ramfsMountPoint</literal>
<literal>boot.initrd.luks.devices.<replaceable>name</replaceable>.yubikey.storage.mountPoint</literal>
were removed. <literal>luksroot.nix</literal> module never supported more than one YubiKey at
a time anyway, hence those options never had any effect. You should be able to remove them
from your config without any issues.
</para>
</listitem>
</itemizedlist> </itemizedlist>
</section> </section>

3
nixos/modules/installer/cd-dvd/installation-cd-base.nix
View File

@ -29,8 +29,5 @@ with lib;
# Add Memtest86+ to the CD. # Add Memtest86+ to the CD.
boot.loader.grub.memtest86.enable = true; boot.loader.grub.memtest86.enable = true;
# Allow the user to log in as root without a password.
users.users.root.initialHashedPassword = "";
system.stateVersion = mkDefault "18.03"; system.stateVersion = mkDefault "18.03";
} }

3
nixos/modules/installer/cd-dvd/sd-image-aarch64.nix
View File

@ -33,9 +33,6 @@ in
# Also increase the amount of CMA to ensure the virtual console on the RPi3 works. # Also increase the amount of CMA to ensure the virtual console on the RPi3 works.
boot.kernelParams = ["cma=32M" "console=ttyS0,115200n8" "console=ttyAMA0,115200n8" "console=tty0"]; boot.kernelParams = ["cma=32M" "console=ttyS0,115200n8" "console=ttyAMA0,115200n8" "console=tty0"];
# FIXME: this probably should be in installation-device.nix
users.users.root.initialHashedPassword = "";
sdImage = { sdImage = {
populateBootCommands = let populateBootCommands = let
configTxt = pkgs.writeText "config.txt" '' configTxt = pkgs.writeText "config.txt" ''

3
nixos/modules/installer/cd-dvd/sd-image-armv7l-multiplatform.nix
View File

@ -34,9 +34,6 @@ in
# - ttySAC2: for Exynos (ODROID-XU3) # - ttySAC2: for Exynos (ODROID-XU3)
boot.kernelParams = ["console=ttyS0,115200n8" "console=ttymxc0,115200n8" "console=ttyAMA0,115200n8" "console=ttyO0,115200n8" "console=ttySAC2,115200n8" "console=tty0"]; boot.kernelParams = ["console=ttyS0,115200n8" "console=ttymxc0,115200n8" "console=ttyAMA0,115200n8" "console=ttyO0,115200n8" "console=ttySAC2,115200n8" "console=tty0"];
# FIXME: this probably should be in installation-device.nix
users.users.root.initialHashedPassword = "";
sdImage = { sdImage = {
populateBootCommands = let populateBootCommands = let
configTxt = pkgs.writeText "config.txt" '' configTxt = pkgs.writeText "config.txt" ''

3
nixos/modules/installer/cd-dvd/sd-image-raspberrypi.nix
View File

@ -27,9 +27,6 @@ in
boot.consoleLogLevel = lib.mkDefault 7; boot.consoleLogLevel = lib.mkDefault 7;
boot.kernelPackages = pkgs.linuxPackages_rpi; boot.kernelPackages = pkgs.linuxPackages_rpi;
# FIXME: this probably should be in installation-device.nix
users.users.root.initialHashedPassword = "";
sdImage = { sdImage = {
populateBootCommands = let populateBootCommands = let
configTxt = pkgs.writeText "config.txt" '' configTxt = pkgs.writeText "config.txt" ''

3
nixos/modules/installer/netboot/netboot-base.nix
View File

@ -14,7 +14,4 @@ with lib;
../../profiles/base.nix ../../profiles/base.nix
../../profiles/installation-device.nix ../../profiles/installation-device.nix
]; ];
# Allow the user to log in as root without a password.
users.users.root.initialHashedPassword = "";
} }

2
nixos/modules/misc/ids.nix
View File

@ -324,6 +324,7 @@
hadoop = 297; hadoop = 297;
hydron = 298; hydron = 298;
cfssl = 299; cfssl = 299;
cassandra = 300;
# When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399! # When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399!
@ -608,6 +609,7 @@
hadoop = 297; hadoop = 297;
hydron = 298; hydron = 298;
cfssl = 299; cfssl = 299;
cassandra = 300;
# When adding a gid, make sure it doesn't match an existing # When adding a gid, make sure it doesn't match an existing
# uid. Users and groups with the same name should have equal # uid. Users and groups with the same name should have equal

1
nixos/modules/module-list.nix
View File

@ -201,6 +201,7 @@
./services/databases/4store-endpoint.nix ./services/databases/4store-endpoint.nix
./services/databases/4store.nix ./services/databases/4store.nix
./services/databases/aerospike.nix ./services/databases/aerospike.nix
./services/databases/cassandra.nix
./services/databases/clickhouse.nix ./services/databases/clickhouse.nix
./services/databases/couchdb.nix ./services/databases/couchdb.nix
./services/databases/firebird.nix ./services/databases/firebird.nix

4
nixos/modules/profiles/installation-device.nix
View File

@ -86,5 +86,9 @@ with lib;
networking.firewall.logRefusedConnections = mkDefault false; networking.firewall.logRefusedConnections = mkDefault false;
environment.systemPackages = [ pkgs.vim ]; environment.systemPackages = [ pkgs.vim ];
# Allow the user to log in as root without a password.
users.users.root.initialHashedPassword = "";
}; };
} }

655
nixos/modules/services/databases/cassandra.nix
View File

@ -4,445 +4,288 @@ with lib;
let let
cfg = config.services.cassandra; cfg = config.services.cassandra;
cassandraPackage = cfg.package.override { defaultUser = "cassandra";
jre = cfg.jre; cassandraConfig = flip recursiveUpdate cfg.extraConfig
}; ({ commitlog_sync = "batch";
cassandraUser = { commitlog_sync_batch_window_in_ms = 2;
name = cfg.user; partitioner = "org.apache.cassandra.dht.Murmur3Partitioner";
home = "/var/lib/cassandra"; endpoint_snitch = "SimpleSnitch";
description = "Cassandra role user"; seed_provider =
}; [{ class_name = "org.apache.cassandra.locator.SimpleSeedProvider";
parameters = [ { seeds = "127.0.0.1"; } ];
cassandraRackDcProperties = '' }];
dc=${cfg.dc} data_file_directories = [ "${cfg.homeDir}/data" ];
rack=${cfg.rack} commitlog_directory = "${cfg.homeDir}/commitlog";
''; saved_caches_directory = "${cfg.homeDir}/saved_caches";
} // (if builtins.compareVersions cfg.package.version "3" >= 0
cassandraConf = '' then { hints_directory = "${cfg.homeDir}/hints"; }
cluster_name: ${cfg.clusterName} else {})
num_tokens: 256 );
auto_bootstrap: ${boolToString cfg.autoBootstrap} cassandraConfigWithAddresses = cassandraConfig //
hinted_handoff_enabled: ${boolToString cfg.hintedHandOff} ( if isNull cfg.listenAddress
hinted_handoff_throttle_in_kb: ${builtins.toString cfg.hintedHandOffThrottle} then { listen_interface = cfg.listenInterface; }
max_hints_delivery_threads: 2 else { listen_address = cfg.listenAddress; }
max_hint_window_in_ms: 10800000 # 3 hours ) // (
authenticator: ${cfg.authenticator} if isNull cfg.rpcAddress
authorizer: ${cfg.authorizer} then { rpc_interface = cfg.rpcInterface; }
permissions_validity_in_ms: 2000 else { rpc_address = cfg.rpcAddress; }
partitioner: org.apache.cassandra.dht.Murmur3Partitioner );
data_file_directories: cassandraEtc = pkgs.stdenv.mkDerivation
${builtins.concatStringsSep "\n" (map (v: " - "+v) cfg.dataDirs)} { name = "cassandra-etc";
commitlog_directory: ${cfg.commitLogDirectory} cassandraYaml = builtins.toJSON cassandraConfigWithAddresses;
disk_failure_policy: stop cassandraEnvPkg = "${cfg.package}/conf/cassandra-env.sh";
key_cache_size_in_mb: buildCommand = ''
key_cache_save_period: 14400 mkdir -p "$out"
row_cache_size_in_mb: 0
row_cache_save_period: 0
saved_caches_directory: ${cfg.savedCachesDirectory}
commitlog_sync: ${cfg.commitLogSync}
commitlog_sync_period_in_ms: ${builtins.toString cfg.commitLogSyncPeriod}
commitlog_segment_size_in_mb: 32
seed_provider:
- class_name: org.apache.cassandra.locator.SimpleSeedProvider
parameters:
- seeds: "${builtins.concatStringsSep "," cfg.seeds}"
concurrent_reads: ${builtins.toString cfg.concurrentReads}
concurrent_writes: ${builtins.toString cfg.concurrentWrites}
memtable_flush_queue_size: 4
trickle_fsync: false
trickle_fsync_interval_in_kb: 10240
storage_port: 7000
ssl_storage_port: 7001
listen_address: ${cfg.listenAddress}
start_native_transport: true
native_transport_port: 9042
start_rpc: true
rpc_address: ${cfg.rpcAddress}
rpc_port: 9160
rpc_keepalive: true
rpc_server_type: sync
thrift_framed_transport_size_in_mb: 15
incremental_backups: ${boolToString cfg.incrementalBackups}
snapshot_before_compaction: false
auto_snapshot: true
column_index_size_in_kb: 64
in_memory_compaction_limit_in_mb: 64
multithreaded_compaction: false
compaction_throughput_mb_per_sec: 16
compaction_preheat_key_cache: true
read_request_timeout_in_ms: 10000
range_request_timeout_in_ms: 10000
write_request_timeout_in_ms: 10000
cas_contention_timeout_in_ms: 1000
truncate_request_timeout_in_ms: 60000
request_timeout_in_ms: 10000
cross_node_timeout: false
endpoint_snitch: ${cfg.snitch}
dynamic_snitch_update_interval_in_ms: 100
dynamic_snitch_reset_interval_in_ms: 600000
dynamic_snitch_badness_threshold: 0.1
request_scheduler: org.apache.cassandra.scheduler.NoScheduler
server_encryption_options:
internode_encryption: ${cfg.internodeEncryption}
keystore: ${cfg.keyStorePath}
keystore_password: ${cfg.keyStorePassword}
truststore: ${cfg.trustStorePath}
truststore_password: ${cfg.trustStorePassword}
client_encryption_options:
enabled: ${boolToString cfg.clientEncryption}
keystore: ${cfg.keyStorePath}
keystore_password: ${cfg.keyStorePassword}
internode_compression: all
inter_dc_tcp_nodelay: false
preheat_kernel_page_cache: false
streaming_socket_timeout_in_ms: ${toString cfg.streamingSocketTimoutInMS}
'';
cassandraLog = ''
log4j.rootLogger=${cfg.logLevel},stdout
log4j.appender.stdout=org.apache.log4j.ConsoleAppender
log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
log4j.appender.stdout.layout.ConversionPattern=%5p [%t] %d{HH:mm:ss,SSS} %m%n
'';
cassandraConfFile = pkgs.writeText "cassandra.yaml" cassandraConf;
cassandraLogFile = pkgs.writeText "log4j-server.properties" cassandraLog;
cassandraRackFile = pkgs.writeText "cassandra-rackdc.properties" cassandraRackDcProperties;
cassandraEnvironment = {
CASSANDRA_HOME = cassandraPackage;
JAVA_HOME = cfg.jre;
CASSANDRA_CONF = "/etc/cassandra";
};
echo "$cassandraYaml" > "$out/cassandra.yaml"
ln -s "$cassandraEnvPkg" "$out/cassandra-env.sh"
'';
};
in { in {
###### interface
options.services.cassandra = { options.services.cassandra = {
enable = mkOption { enable = mkEnableOption ''
description = "Whether to enable cassandra."; Apache Cassandra Scalable and highly available database.
default = false; '';
type = types.bool;
};
package = mkOption {
description = "Cassandra package to use.";
default = pkgs.cassandra;
defaultText = "pkgs.cassandra";
type = types.package;
};
jre = mkOption {
description = "JRE package to run cassandra service.";
default = pkgs.jre;
defaultText = "pkgs.jre";
type = types.package;
};
user = mkOption { user = mkOption {
description = "User that runs cassandra service."; type = types.str;
default = "cassandra"; default = defaultUser;
type = types.string; description = "Run Apache Cassandra under this user.";
}; };
group = mkOption { group = mkOption {
description = "Group that runs cassandra service.";
default = "cassandra";
type = types.string;
};
envFile = mkOption {
description = "path to cassandra-env.sh";
default = "${cassandraPackage}/conf/cassandra-env.sh";
defaultText = "\${cassandraPackage}/conf/cassandra-env.sh";
type = types.path;
};
clusterName = mkOption {
description = "set cluster name";
default = "cassandra";
example = "prod-cluster0";
type = types.string;
};
commitLogDirectory = mkOption {
description = "directory for commit logs";
default = "/var/lib/cassandra/commit_log";
type = types.string;
};
savedCachesDirectory = mkOption {
description = "directory for saved caches";
default = "/var/lib/cassandra/saved_caches";
type = types.string;
};
hintedHandOff = mkOption {
description = "enable hinted handoff";
default = true;
type = types.bool;
};
hintedHandOffThrottle = mkOption {
description = "hinted hand off throttle rate in kb";
default = 1024;
type = types.int;
};
commitLogSync = mkOption {
description = "commitlog sync method";
default = "periodic";
type = types.str; type = types.str;
example = "batch"; default = defaultUser;
description = "Run Apache Cassandra under this group.";
}; };
commitLogSyncPeriod = mkOption { homeDir = mkOption {
description = "commitlog sync period in ms ";
default = 10000;
type = types.int;
};
envScript = mkOption {
default = "${cassandraPackage}/conf/cassandra-env.sh";
defaultText = "\${cassandraPackage}/conf/cassandra-env.sh";
type = types.path; type = types.path;
description = "Supply your own cassandra-env.sh rather than using the default"; default = "/var/lib/cassandra";
description = ''
Home directory for Apache Cassandra.
'';
}; };
extraParams = mkOption { package = mkOption {
description = "add additional lines to cassandra-env.sh"; type = types.package;
default = pkgs.cassandra;
defaultText = "pkgs.cassandra";
example = literalExample "pkgs.cassandra_3_11";
description = ''
The Apache Cassandra package to use.
'';
};
jvmOpts = mkOption {
type = types.listOf types.str;
default = []; default = [];
example = [''JVM_OPTS="$JVM_OPTS -Dcassandra.available_processors=1"'']; description = ''
type = types.listOf types.str; Populate the JVM_OPT environment variable.
}; '';
dataDirs = mkOption {
type = types.listOf types.path;
default = [ "/var/lib/cassandra/data" ];
description = "Data directories for cassandra";
};
logLevel = mkOption {
type = types.str;
default = "INFO";
description = "default logging level for log4j";
};
internodeEncryption = mkOption {
description = "enable internode encryption";
default = "none";
example = "all";
type = types.str;
};
clientEncryption = mkOption {
description = "enable client encryption";
default = false;
type = types.bool;
};
trustStorePath = mkOption {
description = "path to truststore";
default = ".conf/truststore";
type = types.str;
};
keyStorePath = mkOption {
description = "path to keystore";
default = ".conf/keystore";
type = types.str;
};
keyStorePassword = mkOption {
description = "password to keystore";
default = "cassandra";
type = types.str;
};
trustStorePassword = mkOption {
description = "password to truststore";
default = "cassandra";
type = types.str;
};
seeds = mkOption {
description = "password to truststore";
default = [ "127.0.0.1" ];
type = types.listOf types.str;
};
concurrentWrites = mkOption {
description = "number of concurrent writes allowed";
default = 32;
type = types.int;
};
concurrentReads = mkOption {
description = "number of concurrent reads allowed";
default = 32;
type = types.int;
}; };
listenAddress = mkOption { listenAddress = mkOption {
description = "listen address"; type = types.nullOr types.str;
default = "localhost"; default = "127.0.0.1";
type = types.str; example = literalExample "null";
description = ''
Address or interface to bind to and tell other Cassandra nodes
to connect to. You _must_ change this if you want multiple
nodes to be able to communicate!
Set listenAddress OR listenInterface, not both.
Leaving it blank leaves it up to
InetAddress.getLocalHost(). This will always do the Right
Thing _if_ the node is properly configured (hostname, name
resolution, etc), and the Right Thing is to use the address
associated with the hostname (it might not be).
Setting listen_address to 0.0.0.0 is always wrong.
'';
};
listenInterface = mkOption {
type = types.nullOr types.str;
default = null;
example = "eth1";
description = ''
Set listenAddress OR listenInterface, not both. Interfaces
must correspond to a single address, IP aliasing is not
supported.
'';
}; };
rpcAddress = mkOption { rpcAddress = mkOption {
description = "rpc listener address"; type = types.nullOr types.str;
default = "localhost"; default = "127.0.0.1";
type = types.str; example = literalExample "null";
};
incrementalBackups = mkOption {
description = "enable incremental backups";
default = false;
type = types.bool;
};
snitch = mkOption {
description = "snitch to use for topology discovery";
default = "GossipingPropertyFileSnitch";
example = "Ec2Snitch";
type = types.str;
};
dc = mkOption {
description = "datacenter for use in topology configuration";
default = "DC1";
example = "DC1";
type = types.str;
};
rack = mkOption {
description = "rack for use in topology configuration";
default = "RAC1";
example = "RAC1";
type = types.str;
};
authorizer = mkOption {
description = "
Authorization backend, implementing IAuthorizer; used to limit access/provide permissions
";
default = "AllowAllAuthorizer";
example = "CassandraAuthorizer";
type = types.str;
};
authenticator = mkOption {
description = "
Authentication backend, implementing IAuthenticator; used to identify users
";
default = "AllowAllAuthenticator";
example = "PasswordAuthenticator";
type = types.str;
};
autoBootstrap = mkOption {
description = "It makes new (non-seed) nodes automatically migrate the right data to themselves.";
default = true;
type = types.bool;
};
streamingSocketTimoutInMS = mkOption {
description = "Enable or disable socket timeout for streaming operations";
default = 3600000; #CASSANDRA-8611
example = 120;
type = types.int;
};
repairStartAt = mkOption {
default = "Sun";
type = types.string;
description = '' description = ''
Defines realtime (i.e. wallclock) timers with calendar event The address or interface to bind the native transport server to.
expressions. For more details re: systemd OnCalendar at
https://www.freedesktop.org/software/systemd/man/systemd.time.html#Displaying%20Time%20Spans Set rpcAddress OR rpcInterface, not both.
'';
example = ["weekly" "daily" "08:05:40" "mon,fri *-1/2-1,3 *:30:45"]; Leaving rpcAddress blank has the same effect as on
}; listenAddress (i.e. it will be based on the configured hostname
repairRandomizedDelayInSec = mkOption { of the node).
default = 0;
type = types.int; Note that unlike listenAddress, you can specify 0.0.0.0, but you
description = ''Delay the timer by a randomly selected, evenly distributed must also set extraConfig.broadcast_rpc_address to a value other
amount of time between 0 and the specified time value. re: systemd timer than 0.0.0.0.
RandomizedDelaySec for more details
For security reasons, you should not expose this port to the
internet. Firewall it if needed.
''; '';
}; };
repairPostStop = mkOption { rpcInterface = mkOption {
type = types.nullOr types.str;
default = null; default = null;
type = types.nullOr types.string; example = "eth1";
description = '' description = ''
Run a script when repair is over. One can use it to send statsd events, email, etc. Set rpcAddress OR rpcInterface, not both. Interfaces must
correspond to a single address, IP aliasing is not supported.
''; '';
}; };
repairPostStart = mkOption {
default = null; extraConfig = mkOption {
type = types.nullOr types.string; type = types.attrs;
default = {};
example =
{ commitlog_sync_batch_window_in_ms = 3;
};
description = '' description = ''
Run a script when repair starts. One can use it to send statsd events, email, etc. Extra options to be merged into cassandra.yaml as nix attribute set.
It has same semantics as systemd ExecStopPost; So, if it fails, unit is consisdered
failed.
''; '';
}; };
fullRepairInterval = mkOption {
type = types.nullOr types.str;
default = "3w";
example = literalExample "null";
description = ''
Set the interval how often full repairs are run, i.e.
`nodetool repair --full` is executed. See
https://cassandra.apache.org/doc/latest/operating/repair.html
for more information.
Set to `null` to disable full repairs.
'';
};
fullRepairOptions = mkOption {
type = types.listOf types.str;
default = [];
example = [ "--partitioner-range" ];
description = ''
Options passed through to the full repair command.
'';
};
incrementalRepairInterval = mkOption {
type = types.nullOr types.str;
default = "3d";
example = literalExample "null";
description = ''
Set the interval how often incremental repairs are run, i.e.
`nodetool repair` is executed. See
https://cassandra.apache.org/doc/latest/operating/repair.html
for more information.
Set to `null` to disable incremental repairs.
'';
};
incrementalRepairOptions = mkOption {
type = types.listOf types.string;
default = [];
example = [ "--partitioner-range" ];
description = ''
Options passed through to the incremental repair command.
'';
};
}; };
###### implementation
config = mkIf cfg.enable { config = mkIf cfg.enable {
assertions =
environment.etc."cassandra/cassandra-rackdc.properties" = { [ { assertion =
source = cassandraRackFile; ((isNull cfg.listenAddress)
}; || (isNull cfg.listenInterface)
environment.etc."cassandra/cassandra.yaml" = { ) && !((isNull cfg.listenAddress)
source = cassandraConfFile; && (isNull cfg.listenInterface)
}; );
environment.etc."cassandra/log4j-server.properties" = { message = "You have to set either listenAddress or listenInterface";
source = cassandraLogFile; }
}; { assertion =
environment.etc."cassandra/cassandra-env.sh" = { ((isNull cfg.rpcAddress)
text = '' || (isNull cfg.rpcInterface)
${builtins.readFile cfg.envFile} ) && !((isNull cfg.rpcAddress)
${concatStringsSep "\n" cfg.extraParams} && (isNull cfg.rpcInterface)
''; );
}; message = "You have to set either rpcAddress or rpcInterface";
systemd.services.cassandra = { }
description = "Cassandra Daemon";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
environment = cassandraEnvironment;
restartTriggers = [ cassandraConfFile cassandraLogFile cassandraRackFile ];
serviceConfig = {
User = cfg.user;
PermissionsStartOnly = true;
LimitAS = "infinity";
LimitNOFILE = "100000";
LimitNPROC = "32768";
LimitMEMLOCK = "infinity";
};
script = ''
${cassandraPackage}/bin/cassandra -f
'';
path = [
cfg.jre
cassandraPackage
pkgs.coreutils
]; ];
preStart = '' users = mkIf (cfg.user == defaultUser) {
mkdir -m 0700 -p /etc/cassandra/triggers extraUsers."${defaultUser}" =
mkdir -m 0700 -p /var/lib/cassandra /var/log/cassandra { group = cfg.group;
chown ${cfg.user} /var/lib/cassandra /var/log/cassandra /etc/cassandra/triggers home = cfg.homeDir;
''; createHome = true;
postStart = '' uid = config.ids.uids.cassandra;
sleep 2 description = "Cassandra service user";
while ! nodetool status >/dev/null 2>&1; do };
sleep 2 extraGroups."${defaultUser}".gid = config.ids.gids.cassandra;
done
nodetool status
'';
}; };
environment.systemPackages = [ cassandraPackage ]; systemd.services.cassandra =
{ description = "Apache Cassandra service";
networking.firewall.allowedTCPPorts = [ after = [ "network.target" ];
7000 environment =
7001 { CASSANDRA_CONF = "${cassandraEtc}";
9042 JVM_OPTS = builtins.concatStringsSep " " cfg.jvmOpts;
9160 };
]; wantedBy = [ "multi-user.target" ];
serviceConfig =
users.users.cassandra = { User = cfg.user;
if config.ids.uids ? "cassandra" Group = cfg.group;
then { uid = config.ids.uids.cassandra; } // cassandraUser ExecStart = "${cfg.package}/bin/cassandra -f";
else cassandraUser ; SuccessExitStatus = 143;
};
boot.kernel.sysctl."vm.swappiness" = pkgs.lib.mkOptionDefault 0;
systemd.timers."cassandra-repair" = {
timerConfig = {
OnCalendar = "${toString cfg.repairStartAt}";
RandomizedDelaySec = cfg.repairRandomizedDelayInSec;
}; };
};
systemd.services."cassandra-repair" = { systemd.services.cassandra-full-repair =
description = "Cassandra repair daemon"; { description = "Perform a full repair on this Cassandra node";
environment = cassandraEnvironment; after = [ "cassandra.service" ];
script = "${cassandraPackage}/bin/nodetool repair -pr"; requires = [ "cassandra.service" ];
postStop = mkIf (cfg.repairPostStop != null) cfg.repairPostStop; serviceConfig =
postStart = mkIf (cfg.repairPostStart != null) cfg.repairPostStart; { User = cfg.user;
serviceConfig = { Group = cfg.group;
User = cfg.user; ExecStart =
lib.concatStringsSep " "
([ "${cfg.package}/bin/nodetool" "repair" "--full"
] ++ cfg.fullRepairOptions);
};
};
systemd.timers.cassandra-full-repair =
mkIf (!isNull cfg.fullRepairInterval) {
description = "Schedule full repairs on Cassandra";
wantedBy = [ "timers.target" ];
timerConfig =
{ OnBootSec = cfg.fullRepairInterval;
OnUnitActiveSec = cfg.fullRepairInterval;
Persistent = true;
};
};
systemd.services.cassandra-incremental-repair =
{ description = "Perform an incremental repair on this cassandra node.";
after = [ "cassandra.service" ];
requires = [ "cassandra.service" ];
serviceConfig =
{ User = cfg.user;
Group = cfg.group;
ExecStart =
lib.concatStringsSep " "
([ "${cfg.package}/bin/nodetool" "repair"
] ++ cfg.incrementalRepairOptions);
};
};
systemd.timers.cassandra-incremental-repair =
mkIf (!isNull cfg.incrementalRepairInterval) {
description = "Schedule incremental repairs on Cassandra";
wantedBy = [ "timers.target" ];
timerConfig =
{ OnBootSec = cfg.incrementalRepairInterval;
OnUnitActiveSec = cfg.incrementalRepairInterval;
Persistent = true;
};
}; };
};
}; };
} }

7
nixos/modules/services/hardware/fwupd.nix
View File

@ -71,6 +71,13 @@ in {
BlacklistPlugins=${lib.concatStringsSep ";" cfg.blacklistPlugins} BlacklistPlugins=${lib.concatStringsSep ";" cfg.blacklistPlugins}
''; '';
}; };
"fwupd/uefi.conf" = {
source = pkgs.writeText "uefi.conf" ''
[uefi]
OverrideESPMountPoint=${config.boot.loader.efi.efiSysMountPoint}
'';
};
} // originalEtc // extraTrustedKeys; } // originalEtc // extraTrustedKeys;
services.dbus.packages = [ pkgs.fwupd ]; services.dbus.packages = [ pkgs.fwupd ];

15
nixos/modules/services/networking/zerotierone.nix
View File

@ -17,6 +17,15 @@ in
''; '';
}; };
options.services.zerotierone.port = mkOption {
default = 9993;
example = 9993;
type = types.int;
description = ''
Network port used by ZeroTier.
'';
};
options.services.zerotierone.package = mkOption { options.services.zerotierone.package = mkOption {
default = pkgs.zerotierone; default = pkgs.zerotierone;
defaultText = "pkgs.zerotierone"; defaultText = "pkgs.zerotierone";
@ -40,7 +49,7 @@ in
touch "/var/lib/zerotier-one/networks.d/${netId}.conf" touch "/var/lib/zerotier-one/networks.d/${netId}.conf"
'') cfg.joinNetworks); '') cfg.joinNetworks);
serviceConfig = { serviceConfig = {
ExecStart = "${cfg.package}/bin/zerotier-one"; ExecStart = "${cfg.package}/bin/zerotier-one -p${toString cfg.port}";
Restart = "always"; Restart = "always";
KillMode = "process"; KillMode = "process";
}; };
@ -49,8 +58,8 @@ in
# ZeroTier does not issue DHCP leases, but some strangers might... # ZeroTier does not issue DHCP leases, but some strangers might...
networking.dhcpcd.denyInterfaces = [ "zt*" ]; networking.dhcpcd.denyInterfaces = [ "zt*" ];
# ZeroTier receives UDP transmissions on port 9993 by default # ZeroTier receives UDP transmissions
networking.firewall.allowedUDPPorts = [ 9993 ]; networking.firewall.allowedUDPPorts = [ cfg.port ];
environment.systemPackages = [ cfg.package ]; environment.systemPackages = [ cfg.package ];
}; };

13
nixos/modules/services/system/cloud-init.nix
View File

@ -104,8 +104,9 @@ in
systemd.services.cloud-init = systemd.services.cloud-init =
{ description = "Initial cloud-init job (metadata service crawler)"; { description = "Initial cloud-init job (metadata service crawler)";
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
wants = [ "local-fs.target" "cloud-init-local.service" "sshd.service" "sshd-keygen.service" ]; wants = [ "local-fs.target" "network-online.target" "cloud-init-local.service"
after = [ "local-fs.target" "network.target" "cloud-init-local.service" ]; "sshd.service" "sshd-keygen.service" ];
after = [ "local-fs.target" "network-online.target" "cloud-init-local.service" ];
before = [ "sshd.service" "sshd-keygen.service" ]; before = [ "sshd.service" "sshd-keygen.service" ];
requires = [ "network.target "]; requires = [ "network.target "];
path = path; path = path;
@ -121,8 +122,8 @@ in
systemd.services.cloud-config = systemd.services.cloud-config =
{ description = "Apply the settings specified in cloud-config"; { description = "Apply the settings specified in cloud-config";
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
wants = [ "network.target" ]; wants = [ "network-online.target" ];
after = [ "network.target" "syslog.target" "cloud-config.target" ]; after = [ "network-online.target" "syslog.target" "cloud-config.target" ];
path = path; path = path;
serviceConfig = serviceConfig =
@ -137,8 +138,8 @@ in
systemd.services.cloud-final = systemd.services.cloud-final =
{ description = "Execute cloud user/final scripts"; { description = "Execute cloud user/final scripts";
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
wants = [ "network.target" ]; wants = [ "network-online.target" ];
after = [ "network.target" "syslog.target" "cloud-config.service" "rc-local.service" ]; after = [ "network-online.target" "syslog.target" "cloud-config.service" "rc-local.service" ];
requires = [ "cloud-config.target" ]; requires = [ "cloud-config.target" ];
path = path; path = path;
serviceConfig = serviceConfig =

2
nixos/modules/services/x11/desktop-managers/plasma5.nix
View File

@ -224,7 +224,7 @@ in
# Update the start menu for each user that has `isNormalUser` set. # Update the start menu for each user that has `isNormalUser` set.
system.activationScripts.plasmaSetup = stringAfter [ "users" "groups" ] system.activationScripts.plasmaSetup = stringAfter [ "users" "groups" ]
(concatStringsSep "\n" (concatStringsSep "\n"
(mapAttrsToList (name: value: "${pkgs.su}/bin/su ${name} -c kbuildsycoca5") (mapAttrsToList (name: value: "${pkgs.su}/bin/su ${name} -c ${pkgs.libsForQt5.kservice}/bin/kbuildsycoca5")
(filterAttrs (n: v: v.isNormalUser) config.users.users))); (filterAttrs (n: v: v.isNormalUser) config.users.users)));
}) })
]; ];

345
nixos/modules/system/boot/luksroot.nix
View File

@ -5,61 +5,171 @@ with lib;
let let
luks = config.boot.initrd.luks; luks = config.boot.initrd.luks;
openCommand = name': { name, device, header, keyFile, keyFileSize, allowDiscards, yubikey, fallbackToPassword, ... }: assert name' == name; '' commonFunctions = ''
die() {
echo "$@" >&2
exit 1
}
# Wait for a target (e.g. device, keyFile, header, ...) to appear.
wait_target() { wait_target() {
local name="$1" local name="$1"
local target="$2" local target="$2"
local secs="''${3:-10}"
local desc="''${4:-$name $target to appear}"
if [ ! -e $target ]; then if [ ! -e $target ]; then
echo -n "Waiting 10 seconds for $name $target to appear" echo -n "Waiting $secs seconds for $desc..."
local success=false; local success=false;
for try in $(seq 10); do for try in $(seq $secs); do
echo -n "." echo -n "."
sleep 1 sleep 1
if [ -e $target ]; then success=true break; fi if [ -e $target ]; then
success=true
break
fi
done done
if [ $success = true ]; then if [ $success == true ]; then
echo " - success"; echo " - success";
return 0
else else
echo " - failure"; echo " - failure";
return 1
fi fi
fi fi
return 0
} }
wait_yubikey() {
local secs="''${1:-10}"
ykinfo -v 1>/dev/null 2>&1
if [ $? != 0 ]; then
echo -n "Waiting $secs seconds for Yubikey to appear..."
local success=false
for try in $(seq $secs); do
echo -n .
sleep 1
ykinfo -v 1>/dev/null 2>&1
if [ $? == 0 ]; then
success=true
break
fi
done
if [ $success == true ]; then
echo " - success";
return 0
else
echo " - failure";
return 1
fi
fi
return 0
}
'';
preCommands = ''
# A place to store crypto things
# A ramfs is used here to ensure that the file used to update
# the key slot with cryptsetup will never get swapped out.
# Warning: Do NOT replace with tmpfs!
mkdir -p /crypt-ramfs
mount -t ramfs none /crypt-ramfs
# For Yubikey salt storage
mkdir -p /crypt-storage
# Disable all input echo for the whole stage. We could use read -s
# instead but that would ocasionally leak characters between read
# invocations.
stty -echo
'';
postCommands = ''
stty echo
umount /crypt-storage 2>/dev/null
umount /crypt-ramfs 2>/dev/null
'';
openCommand = name': { name, device, header, keyFile, keyFileSize, keyFileOffset, allowDiscards, yubikey, fallbackToPassword, ... }: assert name' == name;
let
csopen = "cryptsetup luksOpen ${device} ${name} ${optionalString allowDiscards "--allow-discards"} ${optionalString (header != null) "--header=${header}"}";
cschange = "cryptsetup luksChangeKey ${device} ${optionalString (header != null) "--header=${header}"}";
in ''
# Wait for luksRoot (and optionally keyFile and/or header) to appear, e.g. # Wait for luksRoot (and optionally keyFile and/or header) to appear, e.g.
# if on a USB drive. # if on a USB drive.
wait_target "device" ${device} wait_target "device" ${device} || die "${device} is unavailable"
${optionalString (keyFile != null) ''
wait_target "key file" ${keyFile}
''}
${optionalString (header != null) '' ${optionalString (header != null) ''
wait_target "header" ${header} wait_target "header" ${header} || die "${header} is unavailable"
''} ''}
open_normally() { do_open_passphrase() {
echo luksOpen ${device} ${name} ${optionalString allowDiscards "--allow-discards"} \ local passphrase
${optionalString (header != null) "--header=${header}"} \
> /.luksopen_args while true; do
${optionalString (keyFile != null) '' echo -n "Passphrase for ${device}: "
${optionalString fallbackToPassword "if [ -e ${keyFile} ]; then"} passphrase=
echo " --key-file=${keyFile} ${optionalString (keyFileSize != null) "--keyfile-size=${toString keyFileSize}"}" \ while true; do
>> /.luksopen_args if [ -e /crypt-ramfs/passphrase ]; then
${optionalString fallbackToPassword '' echo "reused"
else passphrase=$(cat /crypt-ramfs/passphrase)
echo "keyfile ${keyFile} not found -- fallback to interactive unlocking" break
fi else
''} # ask cryptsetup-askpass
''} echo -n "${device}" > /crypt-ramfs/device
cryptsetup-askpass
rm /.luksopen_args # and try reading it from /dev/console with a timeout
IFS= read -t 1 -r passphrase
if [ -n "$passphrase" ]; then
${if luks.reusePassphrases then ''
# remember it for the next device
echo -n "$passphrase" > /crypt-ramfs/passphrase
'' else ''
# Don't save it to ramfs. We are very paranoid
''}
echo
break
fi
fi
done
echo -n "Verifiying passphrase for ${device}..."
echo -n "$passphrase" | ${csopen} --key-file=-
if [ $? == 0 ]; then
echo " - success"
${if luks.reusePassphrases then ''
# we don't rm here because we might reuse it for the next device
'' else ''
rm -f /crypt-ramfs/passphrase
''}
break
else
echo " - failure"
# ask for a different one
rm -f /crypt-ramfs/passphrase
fi
done
} }
${optionalString (luks.yubikeySupport && (yubikey != null)) '' # LUKS
open_normally() {
${if (keyFile != null) then ''
if wait_target "key file" ${keyFile}; then
${csopen} --key-file=${keyFile} \
${optionalString (keyFileSize != null) "--keyfile-size=${toString keyFileSize}"} \
${optionalString (keyFileOffset != null) "--keyfile-offset=${toString keyFileOffset}"}
else
${if fallbackToPassword then "echo" else "die"} "${keyFile} is unavailable"
echo " - failing back to interactive password prompt"
do_open_passphrase
fi
'' else ''
do_open_passphrase
''}
}
${if luks.yubikeySupport && (yubikey != null) then ''
# Yubikey
rbtohex() { rbtohex() {
( od -An -vtx1 | tr -d ' \n' ) ( od -An -vtx1 | tr -d ' \n' )
} }
@ -68,8 +178,7 @@ let
( tr '[:lower:]' '[:upper:]' | sed -e 's/\([0-9A-F]\{2\}\)/\\\\\\x\1/gI' | xargs printf ) ( tr '[:lower:]' '[:upper:]' | sed -e 's/\([0-9A-F]\{2\}\)/\\\\\\x\1/gI' | xargs printf )
} }
open_yubikey() { do_open_yubikey() {
# Make all of these local to this function # Make all of these local to this function
# to prevent their values being leaked # to prevent their values being leaked
local salt local salt
@ -85,19 +194,18 @@ let
local new_response local new_response
local new_k_luks local new_k_luks
mkdir -p ${yubikey.storage.mountPoint} mount -t ${yubikey.storage.fsType} ${yubikey.storage.device} /crypt-storage || \
mount -t ${yubikey.storage.fsType} ${toString yubikey.storage.device} ${yubikey.storage.mountPoint} die "Failed to mount Yubikey salt storage device"
salt="$(cat ${yubikey.storage.mountPoint}${yubikey.storage.path} | sed -n 1p | tr -d '\n')" salt="$(cat /crypt-storage${yubikey.storage.path} | sed -n 1p | tr -d '\n')"
iterations="$(cat ${yubikey.storage.mountPoint}${yubikey.storage.path} | sed -n 2p | tr -d '\n')" iterations="$(cat /crypt-storage${yubikey.storage.path} | sed -n 2p | tr -d '\n')"
challenge="$(echo -n $salt | openssl-wrap dgst -binary -sha512 | rbtohex)" challenge="$(echo -n $salt | openssl-wrap dgst -binary -sha512 | rbtohex)"
response="$(ykchalresp -${toString yubikey.slot} -x $challenge 2>/dev/null)" response="$(ykchalresp -${toString yubikey.slot} -x $challenge 2>/dev/null)"
for try in $(seq 3); do for try in $(seq 3); do
${optionalString yubikey.twoFactor '' ${optionalString yubikey.twoFactor ''
echo -n "Enter two-factor passphrase: " echo -n "Enter two-factor passphrase: "
read -s k_user read -r k_user
echo echo
''} ''}
@ -107,9 +215,9 @@ let
k_luks="$(echo | pbkdf2-sha512 ${toString yubikey.keyLength} $iterations $response | rbtohex)" k_luks="$(echo | pbkdf2-sha512 ${toString yubikey.keyLength} $iterations $response | rbtohex)"
fi fi
echo -n "$k_luks" | hextorb | cryptsetup luksOpen ${device} ${name} ${optionalString allowDiscards "--allow-discards"} --key-file=- echo -n "$k_luks" | hextorb | ${csopen} --key-file=-
if [ $? == "0" ]; then if [ $? == 0 ]; then
opened=true opened=true
break break
else else
@ -118,11 +226,7 @@ let
fi fi
done done
if [ "$opened" == false ]; then [ "$opened" == false ] && die "Maximum authentication errors reached"
umount ${yubikey.storage.mountPoint}
echo "Maximum authentication errors reached"
exit 1
fi
echo -n "Gathering entropy for new salt (please enter random keys to generate entropy if this blocks for long)..." echo -n "Gathering entropy for new salt (please enter random keys to generate entropy if this blocks for long)..."
for i in $(seq ${toString yubikey.saltLength}); do for i in $(seq ${toString yubikey.saltLength}); do
@ -147,69 +251,52 @@ let
new_k_luks="$(echo | pbkdf2-sha512 ${toString yubikey.keyLength} $new_iterations $new_response | rbtohex)" new_k_luks="$(echo | pbkdf2-sha512 ${toString yubikey.keyLength} $new_iterations $new_response | rbtohex)"
fi fi
mkdir -p ${yubikey.ramfsMountPoint} echo -n "$new_k_luks" | hextorb > /crypt-ramfs/new_key
# A ramfs is used here to ensure that the file used to update echo -n "$k_luks" | hextorb | ${cschange} --key-file=- /crypt-ramfs/new_key
# the key slot with cryptsetup will never get swapped out.
# Warning: Do NOT replace with tmpfs!
mount -t ramfs none ${yubikey.ramfsMountPoint}
echo -n "$new_k_luks" | hextorb > ${yubikey.ramfsMountPoint}/new_key if [ $? == 0 ]; then
echo -n "$k_luks" | hextorb | cryptsetup luksChangeKey ${device} --key-file=- ${yubikey.ramfsMountPoint}/new_key echo -ne "$new_salt\n$new_iterations" > /crypt-storage${yubikey.storage.path}
if [ $? == "0" ]; then
echo -ne "$new_salt\n$new_iterations" > ${yubikey.storage.mountPoint}${yubikey.storage.path}
else else
echo "Warning: Could not update LUKS key, current challenge persists!" echo "Warning: Could not update LUKS key, current challenge persists!"
fi fi
rm -f ${yubikey.ramfsMountPoint}/new_key rm -f /crypt-ramfs/new_key
umount ${yubikey.ramfsMountPoint} umount /crypt-storage
rm -rf ${yubikey.ramfsMountPoint}
umount ${yubikey.storage.mountPoint}
} }
${optionalString (yubikey.gracePeriod > 0) '' open_yubikey() {
echo -n "Waiting ${toString yubikey.gracePeriod} seconds as grace..." if wait_yubikey ${toString yubikey.gracePeriod}; then
for i in $(seq ${toString yubikey.gracePeriod}); do do_open_yubikey
sleep 1 else
echo -n . echo "No yubikey found, falling back to non-yubikey open procedure"
done open_normally
echo "ok" fi
''} }
yubikey_missing=true open_yubikey
ykinfo -v 1>/dev/null 2>&1 '' else ''
if [ $? != "0" ]; then
echo -n "waiting 10 seconds for yubikey to appear..."
for try in $(seq 10); do
sleep 1
ykinfo -v 1>/dev/null 2>&1
if [ $? == "0" ]; then
yubikey_missing=false
break
fi
echo -n .
done
echo "ok"
else
yubikey_missing=false
fi
if [ "$yubikey_missing" == true ]; then
echo "no yubikey found, falling back to non-yubikey open procedure"
open_normally
else
open_yubikey
fi
''}
# open luksRoot and scan for logical volumes
${optionalString ((!luks.yubikeySupport) || (yubikey == null)) ''
open_normally open_normally
''} ''}
''; '';
askPass = pkgs.writeScriptBin "cryptsetup-askpass" ''
#!/bin/sh
${commonFunctions}
while true; do
wait_target "luks" /crypt-ramfs/device 10 "LUKS to request a passphrase" || die "Passphrase is not requested now"
device=$(cat /crypt-ramfs/device)
echo -n "Passphrase for $device: "
IFS= read -rs passphrase
echo
rm /crypt-ramfs/device
echo -n "$passphrase" > /crypt-ramfs/passphrase
done
'';
preLVM = filterAttrs (n: v: v.preLVM) luks.devices; preLVM = filterAttrs (n: v: v.preLVM) luks.devices;
postLVM = filterAttrs (n: v: !v.preLVM) luks.devices; postLVM = filterAttrs (n: v: !v.preLVM) luks.devices;
@ -255,6 +342,22 @@ in
''; '';
}; };
boot.initrd.luks.reusePassphrases = mkOption {
type = types.bool;
default = true;
description = ''
When opening a new LUKS device try reusing last successful
passphrase.
Useful for mounting a number of devices that use the same
passphrase without retyping it several times.
Such setup can be useful if you use <command>cryptsetup
luksSuspend</command>. Different LUKS devices will still have
different master keys even when using the same passphrase.
'';
};
boot.initrd.luks.devices = mkOption { boot.initrd.luks.devices = mkOption {
default = { }; default = { };
example = { "luksroot".device = "/dev/disk/by-uuid/430e9eff-d852-4f68-aa3b-2fa3599ebe08"; }; example = { "luksroot".device = "/dev/disk/by-uuid/430e9eff-d852-4f68-aa3b-2fa3599ebe08"; };
@ -316,6 +419,19 @@ in
''; '';
}; };
keyFileOffset = mkOption {
default = null;
example = 4096;
type = types.nullOr types.int;
description = ''
The offset of the key file. Use this in combination with
<literal>keyFileSize</literal> to use part of a file as key file
(often the case if a raw device or partition is used as a key file).
If not specified, the key begins at the first byte of
<literal>keyFile</literal>.
'';
};
# FIXME: get rid of this option. # FIXME: get rid of this option.
preLVM = mkOption { preLVM = mkOption {
default = true; default = true;
@ -383,15 +499,9 @@ in
}; };
gracePeriod = mkOption { gracePeriod = mkOption {
default = 2; default = 10;
type = types.int; type = types.int;
description = "Time in seconds to wait before attempting to find the Yubikey."; description = "Time in seconds to wait for the Yubikey.";
};
ramfsMountPoint = mkOption {
default = "/crypt-ramfs";
type = types.str;
description = "Path where the ramfs used to update the LUKS key will be mounted during early boot.";
}; };
/* TODO: Add to the documentation of the current module: /* TODO: Add to the documentation of the current module:
@ -414,12 +524,6 @@ in
description = "The filesystem of the unencrypted device."; description = "The filesystem of the unencrypted device.";
}; };
mountPoint = mkOption {
default = "/crypt-storage";
type = types.str;
description = "Path where the unencrypted device will be mounted during early boot.";
};
path = mkOption { path = mkOption {
default = "/crypt-storage/default"; default = "/crypt-storage/default";
type = types.str; type = types.str;
@ -432,8 +536,8 @@ in
}; };
}); });
}; };
};
}; })); }));
}; };
boot.initrd.luks.yubikeySupport = mkOption { boot.initrd.luks.yubikeySupport = mkOption {
@ -463,18 +567,8 @@ in
# copy the cryptsetup binary and it's dependencies # copy the cryptsetup binary and it's dependencies
boot.initrd.extraUtilsCommands = '' boot.initrd.extraUtilsCommands = ''
copy_bin_and_libs ${pkgs.cryptsetup}/bin/cryptsetup copy_bin_and_libs ${pkgs.cryptsetup}/bin/cryptsetup
copy_bin_and_libs ${askPass}/bin/cryptsetup-askpass
cat > $out/bin/cryptsetup-askpass <<EOF sed -i s,/bin/sh,$out/bin/sh, $out/bin/cryptsetup-askpass
#!$out/bin/sh -e
if [ -e /.luksopen_args ]; then
cryptsetup \$(cat /.luksopen_args)
killall -q cryptsetup
else
echo "Passphrase is not requested now"
exit 1
fi
EOF
chmod +x $out/bin/cryptsetup-askpass
${optionalString luks.yubikeySupport '' ${optionalString luks.yubikeySupport ''
copy_bin_and_libs ${pkgs.yubikey-personalization}/bin/ykchalresp copy_bin_and_libs ${pkgs.yubikey-personalization}/bin/ykchalresp
@ -506,8 +600,9 @@ in
''} ''}
''; '';
boot.initrd.preLVMCommands = concatStrings (mapAttrsToList openCommand preLVM); boot.initrd.preFailCommands = postCommands;
boot.initrd.postDeviceCommands = concatStrings (mapAttrsToList openCommand postLVM); boot.initrd.preLVMCommands = commonFunctions + preCommands + concatStrings (mapAttrsToList openCommand preLVM) + postCommands;
boot.initrd.postDeviceCommands = commonFunctions + preCommands + concatStrings (mapAttrsToList openCommand postLVM) + postCommands;
environment.systemPackages = [ pkgs.cryptsetup ]; environment.systemPackages = [ pkgs.cryptsetup ];
}; };

10
nixos/modules/system/boot/stage-1.nix
View File

@ -179,7 +179,7 @@ let
fi fi
done done
if [ -z "${toString pkgs.stdenv.isCross}" ]; then if [ -z "${toString (pkgs.stdenv.hostPlatform != pkgs.stdenv.buildPlatform)}" ]; then
# Make sure that the patchelf'ed binaries still work. # Make sure that the patchelf'ed binaries still work.
echo "testing patched programs..." echo "testing patched programs..."
$out/bin/ash -c 'echo hello world' | grep "hello world" $out/bin/ash -c 'echo hello world' | grep "hello world"
@ -248,6 +248,14 @@ let
isExecutable = true; isExecutable = true;
postInstall = ''
echo checking syntax
# check both with bash
${pkgs.bash}/bin/sh -n $target
# and with ash shell, just in case
${extraUtils}/bin/ash -n $target
'';
inherit udevRules extraUtils modulesClosure; inherit udevRules extraUtils modulesClosure;
inherit (config.boot) resumeDevice; inherit (config.boot) resumeDevice;

6
nixos/modules/system/boot/systemd.nix
View File

@ -65,6 +65,7 @@ let
"systemd-user-sessions.service" "systemd-user-sessions.service"
"dbus-org.freedesktop.machine1.service" "dbus-org.freedesktop.machine1.service"
"user@.service" "user@.service"
"user-runtime-dir@.service"
# Journal. # Journal.
"systemd-journald.socket" "systemd-journald.socket"
@ -189,9 +190,8 @@ let
]; ];
makeJobScript = name: text: makeJobScript = name: text:
let mkScriptName = s: (replaceChars [ "\\" ] [ "-" ] (shellEscape s) ); let mkScriptName = s: "unit-script-" + (replaceChars [ "\\" "@" ] [ "-" "_" ] (shellEscape s) );
x = pkgs.writeTextFile { name = "unit-script"; executable = true; destination = "/bin/${mkScriptName name}"; inherit text; }; in pkgs.writeTextFile { name = mkScriptName name; executable = true; inherit text; };
in "${x}/bin/${mkScriptName name}";
unitConfig = { config, ... }: { unitConfig = { config, ... }: {
config = { config = {

89
nixos/tests/cassandra.nix
View File

@ -1,68 +1,71 @@
import ./make-test.nix ({ pkgs, ...}: import ./make-test.nix ({ pkgs, ...}:
let let
user = "cassandra"; # Change this to test a different version of Cassandra:
nodeCfg = nodes: selfIP: cassandraOpts: testPackage = pkgs.cassandra;
{ cassandraCfg =
services.cassandra = { { enable = true;
enable = true; listenAddress = null;
listenAddress = selfIP; listenInterface = "eth1";
rpcAddress = "0.0.0.0"; rpcAddress = null;
seeds = [ "192.168.1.1" ]; rpcInterface = "eth1";
package = pkgs.cassandra_2_0; extraConfig =
jre = pkgs.openjdk; { start_native_transport = true;
clusterName = "ci ahoy"; seed_provider =
authenticator = "PasswordAuthenticator"; [{ class_name = "org.apache.cassandra.locator.SimpleSeedProvider";
authorizer = "CassandraAuthorizer"; parameters = [ { seeds = "cass0"; } ];
user = user; }];
} // cassandraOpts; };
nixpkgs.config.allowUnfree = true; package = testPackage;
};
nodeCfg = extra: {pkgs, config, ...}:
{ environment.systemPackages = [ testPackage ];
networking.firewall.enable = false;
services.cassandra = cassandraCfg // extra;
virtualisation.memorySize = 1024; virtualisation.memorySize = 1024;
}; };
in in
{ {
name = "cassandra-ci"; name = "cassandra-ci";
nodes = { nodes = {
cass0 = { nodes, ... }: nodeCfg nodes "192.168.1.1" {}; cass0 = nodeCfg {};
cass1 = { nodes, ... }: nodeCfg nodes "192.168.1.2" {}; cass1 = nodeCfg {};
cass2 = { nodes, ... }: nodeCfg nodes "192.168.1.3" { cass2 = nodeCfg { jvmOpts = [ "-Dcassandra.replace_address=cass1" ]; };
extraParams = [
''JVM_OPTS="$JVM_OPTS -Dcassandra.replace_address=192.168.1.2"''
];
listenAddress = "192.168.1.3";
};
}; };
testScript = '' testScript = ''
subtest "start seed", sub { subtest "timers exist", sub {
$cass0->succeed("systemctl list-timers | grep cassandra-full-repair.timer");
$cass0->succeed("systemctl list-timers | grep cassandra-incremental-repair.timer");
};
subtest "can connect via cqlsh", sub {
$cass0->waitForUnit("cassandra.service"); $cass0->waitForUnit("cassandra.service");
$cass0->waitForOpenPort(9160); $cass0->waitUntilSucceeds("nc -z cass0 9042");
$cass0->execute("echo show version | cqlsh localhost -u cassandra -p cassandra"); $cass0->succeed("echo 'show version;' | cqlsh cass0");
sleep 2;
$cass0->succeed("echo show version | cqlsh localhost -u cassandra -p cassandra");
$cass1->start;
}; };
subtest "cassandra user/group", sub { subtest "nodetool is operational", sub {
$cass0->succeed("id \"${user}\" >/dev/null"); $cass0->waitForUnit("cassandra.service");
$cass1->succeed("id \"${user}\" >/dev/null"); $cass0->waitUntilSucceeds("nc -z localhost 7199");
$cass0->succeed("nodetool status --resolve-ip | egrep '^UN[[:space:]]+cass0'");
}; };
subtest "bring up cassandra cluster", sub { subtest "bring up cluster", sub {
$cass1->waitForUnit("cassandra.service"); $cass1->waitForUnit("cassandra.service");
$cass0->waitUntilSucceeds("nodetool status | grep -c UN | grep 2"); $cass1->waitUntilSucceeds("nodetool status | egrep -c '^UN' | grep 2");
$cass0->succeed("nodetool status --resolve-ip | egrep '^UN[[:space:]]+cass1'");
}; };
subtest "break and fix node", sub { subtest "break and fix node", sub {
$cass0->block; $cass1->block;
$cass0->waitUntilSucceeds("nodetool status | grep -c DN | grep 1"); $cass0->waitUntilSucceeds("nodetool status --resolve-ip | egrep -c '^DN[[:space:]]+cass1'");
$cass0->unblock; $cass0->succeed("nodetool status | egrep -c '^UN' | grep 1");
$cass0->waitUntilSucceeds("nodetool status | grep -c UN | grep 2"); $cass1->unblock;
$cass1->waitUntilSucceeds("nodetool status | egrep -c '^UN' | grep 2");
$cass0->succeed("nodetool status | egrep -c '^UN' | grep 2");
}; };
subtest "replace crashed node", sub { subtest "replace crashed node", sub {
$cass1->crash; $cass1->crash;
$cass2->start;
$cass2->waitForUnit("cassandra.service"); $cass2->waitForUnit("cassandra.service");
$cass0->waitUntilFails("nodetool status | grep UN | grep 192.168.1.2"); $cass0->waitUntilFails("nodetool status --resolve-ip | egrep '^UN[[:space:]]+cass1'");
$cass0->waitUntilSucceeds("nodetool status | grep UN | grep 192.168.1.3"); $cass0->waitUntilSucceeds("nodetool status --resolve-ip | egrep '^UN[[:space:]]+cass2'");
}; };
''; '';
}) })

4
pkgs/applications/altcoins/go-ethereum.nix
View File

@ -2,7 +2,7 @@
buildGoPackage rec { buildGoPackage rec {
name = "go-ethereum-${version}"; name = "go-ethereum-${version}";
version = "1.8.11"; version = "1.8.13";
goPackagePath = "github.com/ethereum/go-ethereum"; goPackagePath = "github.com/ethereum/go-ethereum";
# Fix for usb-related segmentation faults on darwin # Fix for usb-related segmentation faults on darwin
@ -16,7 +16,7 @@ buildGoPackage rec {
owner = "ethereum"; owner = "ethereum";
repo = "go-ethereum"; repo = "go-ethereum";
rev = "v${version}"; rev = "v${version}";
sha256 = "1b4za0hszb95jnj97g4xkrgcl0bydllznm0wj6rpi6cwmdr0h8na"; sha256 = "123jkyb293z7ww3sa9ji5rw7xd229isi03k4ayyh5p7rr0dg8al0";
}; };
meta = with stdenv.lib; { meta = with stdenv.lib; {

4
pkgs/applications/audio/bitwig-studio/bitwig-studio2.nix
View File

@ -3,11 +3,11 @@
bitwig-studio1.overrideAttrs (oldAttrs: rec { bitwig-studio1.overrideAttrs (oldAttrs: rec {
name = "bitwig-studio-${version}"; name = "bitwig-studio-${version}";
version = "2.3.2"; version = "2.3.5";
src = fetchurl { src = fetchurl {
url = "https://downloads.bitwig.com/stable/${version}/bitwig-studio-${version}.deb"; url = "https://downloads.bitwig.com/stable/${version}/bitwig-studio-${version}.deb";
sha256 = "10ji4jqnnlhv4bgvhqwysprax6jcjk4759jskr9imwj6qjnj3vzn"; sha256 = "1v62z08hqla8fz5m7hl9ynf2hpr0j0arm0nb5lpd99qrv36ibrsc";
}; };
buildInputs = bitwig-studio1.buildInputs ++ [ ffmpeg ]; buildInputs = bitwig-studio1.buildInputs ++ [ ffmpeg ];

13
pkgs/applications/audio/cantata/default.nix
View File

@ -28,7 +28,7 @@ assert withOnlineServices -> withTaglib;
assert withReplaygain -> withTaglib; assert withReplaygain -> withTaglib;
let let
version = "2.2.0"; version = "2.3.2";
pname = "cantata"; pname = "cantata";
fstat = x: fn: "-DENABLE_" + fn + "=" + (if x then "ON" else "OFF"); fstat = x: fn: "-DENABLE_" + fn + "=" + (if x then "ON" else "OFF");
fstats = x: map (fstat x); fstats = x: map (fstat x);
@ -42,18 +42,9 @@ in stdenv.mkDerivation rec {
owner = "CDrummond"; owner = "CDrummond";
repo = "cantata"; repo = "cantata";
rev = "v${version}"; rev = "v${version}";
sha256 = "1b633chgfs8rya78bzzck5zijna15d1y4nmrz4dcjp862ks5y5q6"; sha256 = "11hjday5vj0wzkc8yb5wbs05jwa8mvgxswd5qvhpci0zkl975yzn";
}; };
patches = [
# patch is needed for 2.2.0 with qt 5.10 (doesn't harm earlier versions)
(fetchpatch {
url = "https://github.com/CDrummond/cantata/commit/4da7a9128f2c5eaf23ae2a5006d300dc4f21fc6a.patch";
sha256 = "1z21ax3542z7hm628xv110lmplaspb407jzgfk16xkphww5qyphj";
name = "fix_qt_510.patch";
})
];
buildInputs = [ vlc qtbase qtmultimedia qtsvg ] buildInputs = [ vlc qtbase qtmultimedia qtsvg ]
++ stdenv.lib.optionals withTaglib [ taglib taglib_extras ] ++ stdenv.lib.optionals withTaglib [ taglib taglib_extras ]
++ stdenv.lib.optionals withReplaygain [ ffmpeg speex mpg123 ] ++ stdenv.lib.optionals withReplaygain [ ffmpeg speex mpg123 ]

2
pkgs/applications/audio/lingot/default.nix
View File

@ -13,7 +13,7 @@ stdenv.mkDerivation {
nativeBuildInputs = [ pkgconfig ]; nativeBuildInputs = [ pkgconfig ];
buildInputs = [ intltool gtk2 alsaLib libglade ]; buildInputs = [ intltool gtk2 alsaLib libglade ];
configureFlags = "--disable-jack"; configureFlags = [ "--disable-jack" ];
meta = { meta = {
description = "Not a Guitar-Only tuner"; description = "Not a Guitar-Only tuner";

2
pkgs/applications/audio/mhwaveedit/default.nix
View File

@ -20,7 +20,7 @@ stdenv.mkDerivation rec {
pkgconfig libpulseaudio makeWrapper pkgconfig libpulseaudio makeWrapper
]; ];
configureFlags = "--with-default-ladspa-path=${ladspaPlugins}/lib/ladspa"; configureFlags = [ "--with-default-ladspa-path=${ladspaPlugins}/lib/ladspa" ];
postInstall = '' postInstall = ''
wrapProgram $out/bin/mhwaveedit \ wrapProgram $out/bin/mhwaveedit \

13
pkgs/applications/audio/puredata/default.nix
View File

@ -15,13 +15,12 @@ stdenv.mkDerivation rec {
buildInputs = [ alsaLib libjack2 fftw ]; buildInputs = [ alsaLib libjack2 fftw ];
configureFlags = '' configureFlags = [
--enable-alsa "--enable-alsa"
--enable-jack "--enable-jack"
--enable-fftw "--enable-fftw"
--disable-portaudio "--disable-portaudio"
];
'';
# https://github.com/pure-data/pure-data/issues/188 # https://github.com/pure-data/pure-data/issues/188
# --disable-oss # --disable-oss

4
pkgs/applications/audio/qjackctl/default.nix
View File

@ -1,14 +1,14 @@
{ stdenv, fetchurl, pkgconfig, alsaLib, libjack2, dbus, qtbase, qttools, qtx11extras }: { stdenv, fetchurl, pkgconfig, alsaLib, libjack2, dbus, qtbase, qttools, qtx11extras }:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
version = "0.5.2"; version = "0.5.3";
name = "qjackctl-${version}"; name = "qjackctl-${version}";
# some dependencies such as killall have to be installed additionally # some dependencies such as killall have to be installed additionally
src = fetchurl { src = fetchurl {
url = "mirror://sourceforge/qjackctl/${name}.tar.gz"; url = "mirror://sourceforge/qjackctl/${name}.tar.gz";
sha256 = "0nqr5f82lry3i4if8wdmrqsw84m45ijyj4psll30plxx5732zzaz"; sha256 = "0x08af8m5l8qy9av3dlldsg58ny9nc69h1s4i6hqkvj24jwy6fw1";
}; };
buildInputs = [ buildInputs = [

4
pkgs/applications/audio/qsampler/default.nix
View File

@ -3,11 +3,11 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "qsampler-${version}"; name = "qsampler-${version}";
version = "0.5.1"; version = "0.5.2";
src = fetchurl { src = fetchurl {
url = "mirror://sourceforge/qsampler/${name}.tar.gz"; url = "mirror://sourceforge/qsampler/${name}.tar.gz";
sha256 = "18j4cwmn7waih9x5b66cba2aa85spqqp507bf19ahsb5gl358yhh"; sha256 = "0xb0j57k03pkdl7yl5mcv1i21ljnxcq6b9h3zp6mris916lj45zq";
}; };
nativeBuildInputs = [ autoconf automake libtool pkgconfig qttools ]; nativeBuildInputs = [ autoconf automake libtool pkgconfig qttools ];

6
pkgs/applications/audio/qsynth/default.nix
View File

@ -2,15 +2,15 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "qsynth-${version}"; name = "qsynth-${version}";
version = "0.5.1"; version = "0.5.2";
src = fetchurl { src = fetchurl {
url = "mirror://sourceforge/qsynth/${name}.tar.gz"; url = "mirror://sourceforge/qsynth/${name}.tar.gz";
sha256 = "0kpk1rnhbifbvm4xvw8i0d4ksk78pf505qvg08k89kqkg32494ap"; sha256 = "1rfkaxq1pyc4hv3l0i6wicianbcbm1wp53kh9i5d4jsljgisd1dv";
}; };
# cmake is looking for qsynth.desktop.in and fails if it doesn't find it # cmake is looking for qsynth.desktop.in and fails if it doesn't find it
# seems like a bug and can presumable go in the next version after 0.5.1 # seems like a bug and can presumable go in the next version after 0.5.2
postPatch = '' postPatch = ''
mv src/qsynth.desktop src/qsynth.desktop.in mv src/qsynth.desktop src/qsynth.desktop.in
''; '';

2
pkgs/applications/audio/schismtracker/default.nix
View File

@ -14,7 +14,7 @@ stdenv.mkDerivation rec {
export ac_cv_prog_ac_ct_WINDRES= export ac_cv_prog_ac_ct_WINDRES=
''; '';
configureFlags = "--enable-dependency-tracking"; configureFlags = [ "--enable-dependency-tracking" ];
buildInputs = [ alsaLib python SDL ]; buildInputs = [ alsaLib python SDL ];

8
pkgs/applications/audio/transcode/default.nix
View File

@ -10,9 +10,11 @@ stdenv.mkDerivation rec {
buildInputs = [ flac lame zlib libjpeg libvorbis libtheora libxml2 lzo buildInputs = [ flac lame zlib libjpeg libvorbis libtheora libxml2 lzo
libdvdread pkgconfig x264 libmpeg2 xvidcore ]; libdvdread pkgconfig x264 libmpeg2 xvidcore ];
configureFlags = "--disable-ffmpeg --disable-libavcodec --disable-libavformat configureFlags = [
--enable-lzo --enable-ogg --enable-vorbis --enable-theora --enable-libxml2 "--disable-ffmpeg" "--disable-libavcodec" "--disable-libavformat"
--enable-x264 --enable-libmpeg2 --enable-xvid"; "--enable-lzo" "--enable-ogg" "--enable-vorbis" "--enable-theora" "--enable-libxml2"
"--enable-x264" "--enable-libmpeg2" "--enable-xvid"
];
enableParallelBuilding = true; enableParallelBuilding = true;

12
pkgs/applications/editors/android-studio/default.nix
View File

@ -8,9 +8,9 @@ let
inherit (gnome2) GConf gnome_vfs; inherit (gnome2) GConf gnome_vfs;
}; };
stableVersion = { stableVersion = {
version = "3.1.3.0"; # "Android Studio 3.1.3" version = "3.1.4.0"; # "Android Studio 3.1.4"
build = "173.4819257"; build = "173.4907809";
sha256Hash = "196yaswbxh2nd83gimjxr8ggr5xkdxq7n3xlh6ax73v59pj4hryq"; sha256Hash = "0xx6yprylmcb32ipmwdcfkgddlm1nrxi1w68miclvgrbk015brf2";
}; };
betaVersion = { betaVersion = {
version = "3.2.0.22"; # "Android Studio 3.2 Beta 5" version = "3.2.0.22"; # "Android Studio 3.2 Beta 5"
@ -18,9 +18,9 @@ let
sha256Hash = "016nyn1pqviy089hg0dq7m4cqb39fdxdcy4zknkaq7dmgv1dj6x9"; sha256Hash = "016nyn1pqviy089hg0dq7m4cqb39fdxdcy4zknkaq7dmgv1dj6x9";
}; };
latestVersion = { # canary & dev latestVersion = { # canary & dev
version = "3.3.0.3"; # "Android Studio 3.3 Canary 4" version = "3.3.0.4"; # "Android Studio 3.3 Canary 5"
build = "182.4924367"; build = "182.4928781";
sha256Hash = "03fxjxlsbrpklsss1nvlkb41skr5ymmq9vdns8iikcm1ng925vfd"; sha256Hash = "110gh5ylgf1p8z0rdnvc6clkq3v721v6pjvll66a8v4zgz9ay8b4";
}; };
in rec { in rec {
# Old alias # Old alias

2
pkgs/applications/editors/elvis/default.nix
View File

@ -36,7 +36,7 @@ stdenv.mkDerivation rec {
done done
''; '';
configureFlags = "--ioctl=termios"; configureFlags = [ "--ioctl=termios" ];
meta = { meta = {
homepage = http://elvis.vi-editor.org/; homepage = http://elvis.vi-editor.org/;

2
pkgs/applications/editors/emacs-modes/bbdb/default.nix
View File

@ -12,7 +12,7 @@ stdenv.mkDerivation rec {
patches = [ ./install-infodir.patch ]; patches = [ ./install-infodir.patch ];
buildInputs = [emacs texinfo ctags]; buildInputs = [emacs texinfo ctags];
configureFlags = "--with-package-dir=$$out/share/emacs/site-lisp"; configureFlags = [ "--with-package-dir=$$out/share/emacs/site-lisp" ];
preInstall = "mkdir -p $out/info"; preInstall = "mkdir -p $out/info";
installTargets = "install-pkg texinfo"; installTargets = "install-pkg texinfo";
postInstall = '' postInstall = ''

2
pkgs/applications/editors/emacs-modes/maude/default.nix
View File

@ -9,7 +9,7 @@ stdenv.mkDerivation {
}; };
buildInputs = [emacs]; buildInputs = [emacs];
configureFlags = "--with-lispdir=$$out/share/emacs/site-lisp"; configureFlags = [ "--with-lispdir=$$out/share/emacs/site-lisp" ];
meta = { meta = {
description = "Emacs mode for the programming language Maude"; description = "Emacs mode for the programming language Maude";

3
pkgs/applications/editors/gobby/default.nix
View File

@ -19,9 +19,6 @@ in stdenv.mkDerivation rec {
buildInputs = [ gtkmm2 gsasl gtksourceview libxmlxx libinf intltool ] buildInputs = [ gtkmm2 gsasl gtksourceview libxmlxx libinf intltool ]
++ stdenv.lib.optional gnomeSupport gnome_vfs; ++ stdenv.lib.optional gnomeSupport gnome_vfs;
configureFlags = ''
'';
meta = with stdenv.lib; { meta = with stdenv.lib; {
homepage = http://gobby.0x539.de/; homepage = http://gobby.0x539.de/;
description = "A GTK-based collaborative editor supporting multiple documents in one session and a multi-user chat"; description = "A GTK-based collaborative editor supporting multiple documents in one session and a multi-user chat";

6
pkgs/applications/editors/kakoune/default.nix
View File

@ -4,12 +4,12 @@ with stdenv.lib;
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "kakoune-unstable-${version}"; name = "kakoune-unstable-${version}";
version = "2018-05-21"; version = "2018-08-05";
src = fetchFromGitHub { src = fetchFromGitHub {
repo = "kakoune"; repo = "kakoune";
owner = "mawww"; owner = "mawww";
rev = "878d2a4bdb674a5e7703a66e530520f48efba641"; rev = "ae75032936ed9ffa2bf14589fef115d3d684a7c6";
sha256 = "0pwy6ilsb62s1792gjyvhvq8shj60l8lx26b58zvpfb54an4s6rk"; sha256 = "1qm6i8vzr4wjxxdvhr54pan0ysxq1sn880bz8p2w9y6qa91yd3m3";
}; };
nativeBuildInputs = [ pkgconfig ]; nativeBuildInputs = [ pkgconfig ];
buildInputs = [ ncurses asciidoc docbook_xsl libxslt ]; buildInputs = [ ncurses asciidoc docbook_xsl libxslt ];

10
pkgs/applications/editors/nano/default.nix
View File

@ -32,11 +32,11 @@ in stdenv.mkDerivation rec {
outputs = [ "out" "info" ]; outputs = [ "out" "info" ];
configureFlags = '' configureFlags = [
--sysconfdir=/etc "--sysconfdir=/etc"
${optionalString (!enableNls) "--disable-nls"} (stdenv.lib.enableFeature enableNls "nls")
${optionalString enableTiny "--enable-tiny"} (stdenv.lib.enableFeature enableTiny "tiny")
''; ];
postInstall = '' postInstall = ''
cp ${nixSyntaxHighlight}/nix.nanorc $out/share/nano/ cp ${nixSyntaxHighlight}/nix.nanorc $out/share/nano/

11
pkgs/applications/editors/vim/configurable.nix
View File

@ -6,6 +6,7 @@ args@{ source ? "default", callPackage, fetchurl, stdenv, ncurses, pkgconfig, ge
, libICE , libICE
, vimPlugins , vimPlugins
, makeWrapper , makeWrapper
, wrapGAppsHook
# apple frameworks # apple frameworks
, CoreServices, CoreData, Cocoa, Foundation, libobjc, cf-private , CoreServices, CoreData, Cocoa, Foundation, libobjc, cf-private
@ -73,15 +74,6 @@ in stdenv.mkDerivation rec {
src = builtins.getAttr source { src = builtins.getAttr source {
"default" = common.src; # latest release "default" = common.src; # latest release
"vim-nox" =
{
# vim nox branch: client-server without X by uing sockets
# REGION AUTO UPDATE: { name="vim-nox"; type="hg"; url="https://code.google.com/r/yukihironakadaira-vim-cmdsrv-nox/"; branch="cmdsrv-nox"; }
src = (fetchurl { url = "http://mawercer.de/~nix/repos/vim-nox-hg-2082fc3.tar.bz2"; sha256 = "293164ca1df752b7f975fd3b44766f5a1db752de6c7385753f083499651bd13a"; });
name = "vim-nox-hg-2082fc3";
# END
}.src;
}; };
patches = [ ./cflags-prune.diff ] ++ stdenv.lib.optional ftNixSupport ./ft-nix-support.patch; patches = [ ./cflags-prune.diff ] ++ stdenv.lib.optional ftNixSupport ./ft-nix-support.patch;
@ -131,6 +123,7 @@ in stdenv.mkDerivation rec {
++ stdenv.lib.optional wrapPythonDrv makeWrapper ++ stdenv.lib.optional wrapPythonDrv makeWrapper
++ stdenv.lib.optional nlsSupport gettext ++ stdenv.lib.optional nlsSupport gettext
++ stdenv.lib.optional perlSupport perl ++ stdenv.lib.optional perlSupport perl
++ stdenv.lib.optional (guiSupport == "gtk3") wrapGAppsHook
; ;
buildInputs = [ ncurses libX11 libXext libSM libXpm libXt libXaw libXau buildInputs = [ ncurses libX11 libXext libSM libXpm libXt libXaw libXau

40
pkgs/applications/graphics/animbar/default.nix Normal file
View File

@ -0,0 +1,40 @@
{ stdenv, lib, fetchurl, cmake, qt4, file, gcc }:
stdenv.mkDerivation rec {
pname = "animbar";
version = "1.2";
name = "${pname}-${version}";
src = fetchurl {
url = "mirror://sourceforge/${pname}/${name}.tar.bz2";
sha256 = "0836nwcpyfdrapyj3hbg3wh149ihc26pc78h01adpc7c0r7d9pr9";
};
nativeBuildInputs = [ cmake ];
buildInputs = [ qt4 file ];
installPhase = ''
mkdir -p $out/bin $out/share/pixmaps
cp src/animbar $out/bin
cp ../icon/* $out/share/pixmaps
'';
meta = with lib; {
description = "Create your own animation on paper and transparancy";
longDescription = ''
Animbar lets you easily create your own animation on paper and
transparancy. From a set of input images two output images are
computed, that are printed one on paper and one on
transparency. By moving the transparency over the paper you
create a fascinating animation effect. This kind of animation
technique is hundreds of years old and known under several
names: picket fence animation, barrier grid animation, Moiré
animation, to name a few.
'';
homepage = http://animbar.mnim.org;
maintainers = with maintainers; [ leenaars ];
platforms = platforms.linux;
license = licenses.gpl3;
};
}

2
pkgs/applications/graphics/dia/default.nix
View File

@ -24,7 +24,7 @@ stdenv.mkDerivation rec {
preConfigure = '' preConfigure = ''
NOCONFIGURE=1 ./autogen.sh # autoreconfHook is not enough NOCONFIGURE=1 ./autogen.sh # autoreconfHook is not enough
''; '';
configureFlags = stdenv.lib.optionalString withGNOME "--enable-gnome"; configureFlags = stdenv.lib.optional withGNOME "--enable-gnome";
hardeningDisable = [ "format" ]; hardeningDisable = [ "format" ];

8
pkgs/applications/graphics/processing3/default.nix
View File

@ -1,14 +1,14 @@
{ stdenv, fetchFromGitHub, fetchurl, xmlstarlet, makeWrapper, ant, jdk, rsync, javaPackages, libXxf86vm, gsettings-desktop-schemas }: { stdenv, fetchFromGitHub, fetchurl, xmlstarlet, makeWrapper, ant, jdk, rsync, javaPackages, libXxf86vm, gsettings-desktop-schemas }:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
version = "3.3.7"; version = "3.4";
name = "processing3-${version}"; name = "processing3-${version}";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "processing"; owner = "processing";
repo = "processing"; repo = "processing";
rev = "processing-0264-3.3.7"; rev = "processing-0265-${version}";
sha256 = "0a20z19lmc4xarfnr7xshcmlv3xkc2dgjxknis0iv79gxnwlqhpq"; sha256 = "12wpxgn2wd5vbasx9584w5yb1s319smq1zh8m7dvp7gkqw9plwp4";
}; };
nativeBuildInputs = [ ant rsync makeWrapper ]; nativeBuildInputs = [ ant rsync makeWrapper ];
@ -23,7 +23,7 @@ stdenv.mkDerivation rec {
${xmlstarlet}/bin/xmlstarlet ed --inplace -P -d '//get[@src="http://download.processing.org/reference.zip"]' build/build.xml ${xmlstarlet}/bin/xmlstarlet ed --inplace -P -d '//get[@src="http://download.processing.org/reference.zip"]' build/build.xml
install -D -m0444 ${fetchurl { install -D -m0444 ${fetchurl {
url = http://download.processing.org/reference.zip; url = http://download.processing.org/reference.zip;
sha256 = "104zig026y8vbl4qksmscjq0bms8mi2jmri1ijdlbkxcqnv9bnlf"; sha256 = "0dli1bdgw8hsx7g7b048ap81v2za9maa6pfcwdqm3qkfypr8q7pr";
} }
} ./java/reference.zip } ./java/reference.zip

2
pkgs/applications/graphics/xara/default.nix
View File

@ -12,7 +12,7 @@ stdenv.mkDerivation {
nativeBuildInputs = [ automake pkgconfig gettext perl zip ]; nativeBuildInputs = [ automake pkgconfig gettext perl zip ];
buildInputs = [ wxGTK gtk2 libxml2 freetype pango ]; buildInputs = [ wxGTK gtk2 libxml2 freetype pango ];
configureFlags = "--disable-svnversion"; configureFlags = [ "--disable-svnversion" ];
patches = map fetchurl (import ./debian-patches.nix); patches = map fetchurl (import ./debian-patches.nix);

2
pkgs/applications/misc/cgminer/default.nix
View File

@ -17,7 +17,7 @@ stdenv.mkDerivation rec {
xorg.libX11 xorg.libXext xorg.libXinerama jansson xorg.libX11 xorg.libXext xorg.libXinerama jansson
]; ];
configureScript = "./autogen.sh"; configureScript = "./autogen.sh";
configureFlags = "--enable-scrypt --enable-opencl"; configureFlags = [ "--enable-scrypt" "--enable-opencl" ];
NIX_LDFLAGS = "-lgcc_s -lX11 -lXext -lXinerama"; NIX_LDFLAGS = "-lgcc_s -lX11 -lXext -lXinerama";
preConfigure = '' preConfigure = ''

2
pkgs/applications/misc/fetchmail/default.nix
View File

@ -13,7 +13,7 @@ stdenv.mkDerivation {
buildInputs = [ openssl ]; buildInputs = [ openssl ];
configureFlags = "--with-ssl=${openssl.dev}"; configureFlags = [ "--with-ssl=${openssl.dev}" ];
meta = { meta = {
homepage = http://www.fetchmail.info/; homepage = http://www.fetchmail.info/;

2
pkgs/applications/misc/font-manager/default.nix
View File

@ -46,7 +46,7 @@ stdenv.mkDerivation rec {
substituteInPlace configure --replace "/usr/bin/file" "${file}/bin/file" substituteInPlace configure --replace "/usr/bin/file" "${file}/bin/file"
''; '';
configureFlags = "--disable-pycompile"; configureFlags = [ "--disable-pycompile" ];
meta = { meta = {
homepage = https://fontmanager.github.io/; homepage = https://fontmanager.github.io/;

2
pkgs/applications/misc/gksu/default.nix
View File

@ -35,7 +35,7 @@ stdenv.mkDerivation rec {
sed -i -e 's|/usr/bin/x-terminal-emulator|-l gnome-terminal|g' gksu.desktop sed -i -e 's|/usr/bin/x-terminal-emulator|-l gnome-terminal|g' gksu.desktop
''; '';
configureFlags = "--disable-nautilus-extension"; configureFlags = [ "--disable-nautilus-extension" ];
meta = { meta = {
description = "A graphical frontend for libgksu"; description = "A graphical frontend for libgksu";

2
pkgs/applications/misc/jigdo/default.nix
View File

@ -19,7 +19,7 @@ stdenv.mkDerivation {
buildInputs = [ db gtk2 bzip2 ]; buildInputs = [ db gtk2 bzip2 ];
configureFlags = "--without-libdb"; configureFlags = [ "--without-libdb" ];
meta = { meta = {
description = "Download utility that can fetch files from several sources simultaneously"; description = "Download utility that can fetch files from several sources simultaneously";

8
pkgs/applications/misc/lilyterm/default.nix
View File

@ -40,10 +40,10 @@ stdenv.mkDerivation rec {
preConfigure = "sh autogen.sh"; preConfigure = "sh autogen.sh";
configureFlags = '' configureFlags = [
--enable-nls "--enable-nls"
--enable-safe-mode "--enable-safe-mode"
''; ];
meta = with stdenv.lib; { meta = with stdenv.lib; {
description = "A fast, lightweight terminal emulator"; description = "A fast, lightweight terminal emulator";

2
pkgs/applications/misc/notify-osd/default.nix
View File

@ -15,7 +15,7 @@ stdenv.mkDerivation rec {
gnome3.gsettings-desktop-schemas gnome3.gsettings-desktop-schemas
]; ];
configureFlags = "--libexecdir=$(out)/bin"; configureFlags = [ "--libexecdir=$(out)/bin" ];
preFixup = '' preFixup = ''
wrapProgram "$out/bin/notify-osd" \ wrapProgram "$out/bin/notify-osd" \

4
pkgs/applications/misc/overmind/default.nix
View File

@ -2,7 +2,7 @@
buildGoPackage rec { buildGoPackage rec {
name = "overmind-${version}"; name = "overmind-${version}";
version = "1.1.1"; version = "2.0.0.beta1";
goPackagePath = "github.com/DarthSim/overmind"; goPackagePath = "github.com/DarthSim/overmind";
nativeBuildInputs = [ makeWrapper ]; nativeBuildInputs = [ makeWrapper ];
@ -15,7 +15,7 @@ buildGoPackage rec {
owner = "DarthSim"; owner = "DarthSim";
repo = "overmind"; repo = "overmind";
rev = "v${version}"; rev = "v${version}";
sha256 = "0gdsbm54ln07jv1kgg53fiavx18xxw4f21lfcdl74ijk6bx4jbzv"; sha256 = "15fch3qszdm8bj1m9hxky9zgk6f5gpbswwfslg84qdjf4iwr5drq";
}; };
meta = with stdenv.lib; { meta = with stdenv.lib; {

6
pkgs/applications/misc/ranger/default.nix
View File

@ -1,11 +1,11 @@
{ stdenv, fetchFromGitHub, pythonPackages, file, less { stdenv, fetchFromGitHub, python3Packages, file, less
, imagePreviewSupport ? true, w3m ? null}: , imagePreviewSupport ? true, w3m ? null}:
with stdenv.lib; with stdenv.lib;
assert imagePreviewSupport -> w3m != null; assert imagePreviewSupport -> w3m != null;
pythonPackages.buildPythonApplication rec { python3Packages.buildPythonApplication rec {
name = "ranger-${version}"; name = "ranger-${version}";
version = "1.9.1"; version = "1.9.1";
@ -16,7 +16,7 @@ pythonPackages.buildPythonApplication rec {
sha256= "1zhds37j1scxa9b183qbrjwxqldrdk581c5xiy81vg17sndb1kqj"; sha256= "1zhds37j1scxa9b183qbrjwxqldrdk581c5xiy81vg17sndb1kqj";
}; };
checkInputs = with pythonPackages; [ pytest ]; checkInputs = with python3Packages; [ pytest ];
propagatedBuildInputs = [ file ]; propagatedBuildInputs = [ file ];
checkPhase = '' checkPhase = ''

16
pkgs/applications/misc/solaar/default.nix
View File

@ -1,11 +1,13 @@
{fetchurl, stdenv, gtk3, python34Packages, gobjectIntrospection}: {fetchFromGitHub, stdenv, gtk3, python34Packages, gobjectIntrospection}:
python34Packages.buildPythonApplication rec { python34Packages.buildPythonApplication rec {
name = "solaar-${version}"; name = "solaar-unstable-${version}";
version = "0.9.2"; version = "2018-02-02";
namePrefix = ""; namePrefix = "";
src = fetchurl { src = fetchFromGitHub {
sha256 = "0954grz2adggfzcj4df4mpr4d7qyl7w8rb4j2s0f9ymawl92i05j"; owner = "pwr";
url = "https://github.com/pwr/Solaar/archive/${version}.tar.gz"; repo = "Solaar";
rev = "59b7285fdfc875119f0c92cfd5f5909e8a8e578c";
sha256 = "0zy5vmjzdybnjf0mpp8rny11sc43gmm8172svsm9s51h7x0v83y3";
}; };
propagatedBuildInputs = [python34Packages.pygobject3 python34Packages.pyudev gobjectIntrospection gtk3]; propagatedBuildInputs = [python34Packages.pygobject3 python34Packages.pyudev gobjectIntrospection gtk3];
@ -35,6 +37,6 @@ python34Packages.buildPythonApplication rec {
license = licenses.gpl2; license = licenses.gpl2;
homepage = https://pwr.github.io/Solaar/; homepage = https://pwr.github.io/Solaar/;
platforms = platforms.linux; platforms = platforms.linux;
maintainers = [maintainers.spinus]; maintainers = [maintainers.spinus maintainers.ysndr];
}; };
} }

12
pkgs/applications/misc/taskjuggler/2.x/default.nix
View File

@ -44,12 +44,12 @@ stdenv.mkDerivation rec {
HOME=$TMPDIR HOME=$TMPDIR
''; '';
configureFlags = " configureFlags = [
--without-arts --disable-docs "--without-arts" "--disable-docs"
--x-includes=${libX11.dev}/include "--x-includes=${libX11.dev}/include"
--x-libraries=${libX11.out}/lib "--x-libraries=${libX11.out}/lib"
--with-qt-dir=${qt3} "--with-qt-dir=${qt3}"
"; ];
preInstall = '' preInstall = ''
mkdir -p $out/share/emacs/site-lisp/ mkdir -p $out/share/emacs/site-lisp/

19
pkgs/applications/misc/toggldesktop/TogglDesktop.pro Normal file
View File

@ -0,0 +1,19 @@
QT += core network widgets
DEFINES += APP_ENVIRONMENT=\\\"production\\\"
DEFINES += APP_VERSION=\\\"@version@\\\"
TARGET = toggldesktop
TEMPLATE = app
SOURCES += *.cpp
HEADERS += *.h
FORMS += *.ui
RESOURCES += *.qrc
target.path = $$PREFIX
INSTALLS += target
CONFIG += link_pkgconfig
PKGCONFIG += bugsnag-qt qxtglobalshortcut qt-oauth-lib toggl x11 xscrnsaver

148
pkgs/applications/misc/toggldesktop/default.nix Normal file
View File

@ -0,0 +1,148 @@
{ stdenv, fetchzip, buildEnv, makeDesktopItem, runCommand, writeText, pkgconfig
, cmake, qmake, cacert, jsoncpp, libX11, libXScrnSaver, lua, openssl, poco
, qtbase, qtwebkit, qtx11extras, sqlite }:
let
name = "toggldesktop-${version}";
version = "7.4.231";
src = fetchzip {
url = "https://github.com/toggl/toggldesktop/archive/v${version}.tar.gz";
sha256 = "01hqkx9dljnhwnyqi6mmzfp02hnbi2j50rsfiasniqrkbi99x9v1";
};
bugsnag-qt = stdenv.mkDerivation rec {
name = "bugsnag-qt-${version}";
version = "20180522.005732";
src = fetchzip {
url = "https://github.com/yegortimoshenko/bugsnag-qt/archive/${version}.tar.gz";
sha256 = "02s6mlggh0i4a856md46dipy6mh47isap82jlwmjr7hfsk2ykgnq";
};
nativeBuildInputs = [ qmake ];
buildInputs = [ qtbase ];
};
qxtglobalshortcut = stdenv.mkDerivation rec {
name = "qxtglobalshortcut-${version}";
version = "f584471dada2099ba06c574bdfdd8b078c2e3550";
src = fetchzip {
url = "https://github.com/hluk/qxtglobalshortcut/archive/${version}.tar.gz";
sha256 = "1iy17gypav10z8aa62s5jb6mq9y4kb9ms4l61ydmk3xwlap7igw1";
};
nativeBuildInputs = [ cmake ];
buildInputs = [ qtbase qtx11extras ];
};
qt-oauth-lib = stdenv.mkDerivation rec {
name = "qt-oauth-lib-${version}";
version = "20180521.233208";
src = fetchzip {
url = "https://github.com/yegortimoshenko/qt-oauth-lib/archive/${version}.tar.gz";
sha256 = "0f46d44slzvzaqx0lksvv14lsc1jp8vd2mragxd61r820hybf5z3";
};
nativeBuildInputs = [ qmake ];
buildInputs = [ qtbase qtwebkit ];
};
poco-pc = writeText "poco.pc" ''
Name: Poco
Description: ${poco.meta.description}
Version: ${poco.version}
Libs: -L${poco}/lib -lPocoDataSQLite -lPocoData -lPocoNet -lPocoNetSSL -lPocoCrypto -lPocoUtil -lPocoXML -lPocoFoundation
Cflags: -I${poco}/include/Poco
'';
poco-pc-wrapped = runCommand "poco-pc-wrapped" {} ''
mkdir -p $out/lib/pkgconfig && ln -s ${poco-pc} $_/poco.pc
'';
libtoggl = stdenv.mkDerivation {
name = "libtoggl-${version}";
inherit src version;
sourceRoot = "source/src";
nativeBuildInputs = [ qmake pkgconfig ];
buildInputs = [ jsoncpp lua openssl poco poco-pc-wrapped sqlite libX11 ];
postPatch = ''
cat ${./libtoggl.pro} > libtoggl.pro
rm get_focused_window_{mac,windows}.cc
'';
};
toggldesktop = stdenv.mkDerivation {
name = "${name}-unwrapped";
inherit src version;
sourceRoot = "source/src/ui/linux/TogglDesktop";
postPatch = ''
substituteAll ${./TogglDesktop.pro} TogglDesktop.pro
substituteInPlace toggl.cpp \
--replace ./../../../toggl_api.h toggl_api.h
'';
postInstall = ''
ln -s ${cacert}/etc/ssl/certs/ca-bundle.crt $out/cacert.pem
'';
nativeBuildInputs = [ qmake pkgconfig ];
buildInputs = [
bugsnag-qt
libtoggl
qxtglobalshortcut
qtbase
qtwebkit
qt-oauth-lib
qtx11extras
libX11
libXScrnSaver
];
};
toggldesktop-icons = stdenv.mkDerivation {
name = "${name}-icons";
inherit (toggldesktop) src sourceRoot;
installPhase = ''
for f in icons/*; do
mkdir -p $out/share/icons/hicolor/$(basename $f)/apps
mv $f/toggldesktop.png $_
done
'';
};
toggldesktop-wrapped = runCommand "toggldesktop-wrapped" {} ''
mkdir -p $out/bin && ln -s ${toggldesktop}/toggldesktop $_
'';
desktopItem = makeDesktopItem rec {
categories = "Utility;";
desktopName = "Toggl";
genericName = desktopName;
name = "toggldesktop";
exec = "${toggldesktop-wrapped}/bin/toggldesktop";
icon = "toggldesktop";
};
in
buildEnv {
inherit name;
paths = [ desktopItem toggldesktop-icons toggldesktop-wrapped ];
meta = with stdenv.lib; {
description = "Client for Toggl time tracking service";
homepage = https://github.com/toggl/toggldesktop;
license = licenses.bsd3;
maintainers = with maintainers; [ yegortimoshenko ];
platforms = platforms.linux;
};
}

20
pkgs/applications/misc/toggldesktop/libtoggl.pro Normal file
View File

@ -0,0 +1,20 @@
TARGET = toggl
TEMPLATE = lib
SOURCES += *.cc
HEADERS += *.h
headers.files = $$HEADERS
headers.path = $$PREFIX/include
target.path = $$PREFIX/lib
INSTALLS += headers target
CONFIG += create_prl create_pc link_pkgconfig
PKGCONFIG += jsoncpp openssl lua poco sqlite3 x11
QMAKE_PKGCONFIG_NAME = $$TARGET
QMAKE_PKGCONFIG_PREFIX = $$PREFIX
QMAKE_PKGCONFIG_LIBDIR = $$target.path
QMAKE_PKGCONFIG_INCDIR = $$headers.path
QMAKE_PKGCONFIG_DESTDIR = pkgconfig

6
pkgs/applications/misc/wordnet/default.nix
View File

@ -17,8 +17,10 @@ stdenv.mkDerivation rec {
''; '';
# Needs the path to `tclConfig.sh' and `tkConfig.sh'. # Needs the path to `tclConfig.sh' and `tkConfig.sh'.
configureFlags = "--with-tcl=" + tcl + "/lib " + configureFlags = [
"--with-tk=" + tk + "/lib"; "--with-tcl=${tcl}/lib"
"--with-tk=${tk}/lib"
];
postInstall = '' postInstall = ''
wrapProgram $out/bin/wishwn --set TK_LIBRARY "${tk}/lib/${tk.libPrefix}" wrapProgram $out/bin/wishwn --set TK_LIBRARY "${tk}/lib/${tk.libPrefix}"

2
pkgs/applications/networking/browsers/dillo/default.nix
View File

@ -17,7 +17,7 @@ stdenv.mkDerivation rec {
buildInputs = with stdenv.lib; buildInputs = with stdenv.lib;
[ perl fltk openssl libjpeg libpng libXcursor libXi libXinerama ]; [ perl fltk openssl libjpeg libpng libXcursor libXi libXinerama ];
configureFlags = "--enable-ssl"; configureFlags = [ "--enable-ssl" ];
meta = with stdenv.lib; { meta = with stdenv.lib; {
homepage = https://www.dillo.org/; homepage = https://www.dillo.org/;

794
pkgs/applications/networking/browsers/firefox-bin/beta_sources.nix
View File

File diff suppressed because it is too large Load Diff

794
pkgs/applications/networking/browsers/firefox-bin/devedition_sources.nix
View File

File diff suppressed because it is too large Load Diff

6
pkgs/applications/networking/browsers/palemoon/default.nix
View File

@ -10,14 +10,14 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "palemoon-${version}"; name = "palemoon-${version}";
version = "27.9.2"; version = "27.9.4";
src = fetchFromGitHub { src = fetchFromGitHub {
name = "palemoon-src"; name = "palemoon-src";
owner = "MoonchildProductions"; owner = "MoonchildProductions";
repo = "Pale-Moon"; repo = "Pale-Moon";
rev = version + "_Release"; rev = version + "_Release";
sha256 = "0v6vgkxac2s1hw1namvrjysj2k1kbkabwdxrpq6kyd8svr7n974r"; sha256 = "0ir5gzhw98gfn15x58g1fwi11jd7gysvacqxg1v0jdjhgdl4m5sx";
}; };
desktopItem = makeDesktopItem { desktopItem = makeDesktopItem {
@ -79,6 +79,8 @@ stdenv.mkDerivation rec {
chmod u+w . chmod u+w .
''; '';
hardeningDisable = [ "format" ];
buildPhase = '' buildPhase = ''
cd $builddir cd $builddir
$src/mach build $src/mach build

6
pkgs/applications/networking/ids/daq/default.nix
View File

@ -11,7 +11,11 @@ stdenv.mkDerivation rec {
buildInputs = [ flex bison libpcap libdnet libnfnetlink libnetfilter_queue]; buildInputs = [ flex bison libpcap libdnet libnfnetlink libnetfilter_queue];
configureFlags = "--enable-nfq-module=yes --with-dnet-includes=${libdnet}/includes --with-dnet-libraries=${libdnet}/lib"; configureFlags = [
"--enable-nfq-module=yes"
"--with-dnet-includes=${libdnet}/includes"
"--with-dnet-libraries=${libdnet}/lib"
];
meta = { meta = {
description = "Data AcQuisition library (DAQ), for packet I/O"; description = "Data AcQuisition library (DAQ), for packet I/O";

7
pkgs/applications/networking/ids/snort/default.nix
View File

@ -14,7 +14,12 @@ stdenv.mkDerivation rec {
enableParallelBuilding = true; enableParallelBuilding = true;
configureFlags = "--disable-static-daq --enable-control-socket --with-daq-includes=${daq}/includes --with-daq-libraries=${daq}/lib"; configureFlags = [
"--disable-static-daq"
"--enable-control-socket"
"--with-daq-includes=${daq}/includes"
"--with-daq-libraries=${daq}/lib"
];
postInstall = '' postInstall = ''
wrapProgram $out/bin/snort --add-flags "--daq-dir ${daq}/lib/daq --dynamic-preprocessor-lib-dir $out/lib/snort_dynamicpreprocessor/ --dynamic-engine-lib-dir $out/lib/snort_dynamicengine" wrapProgram $out/bin/snort --add-flags "--daq-dir ${daq}/lib/daq --dynamic-preprocessor-lib-dir $out/lib/snort_dynamicpreprocessor/ --dynamic-engine-lib-dir $out/lib/snort_dynamicengine"

6
pkgs/applications/networking/instant-messengers/amsn/default.nix
View File

@ -7,7 +7,11 @@ stdenv.mkDerivation {
sha256 = "0b8ir7spxnsz8f7kvr9f1k91nsy8cb65q6jv2l55b04fl20x4z7r"; sha256 = "0b8ir7spxnsz8f7kvr9f1k91nsy8cb65q6jv2l55b04fl20x4z7r";
}; };
configureFlags = "--with-tcl=${tcl}/lib --with-tk=${tk}/lib --enable-static"; configureFlags = [
"--with-tcl=${tcl}/lib"
"--with-tk=${tk}/lib"
"--enable-static"
];
buildInputs = [which tcl tk xlibsWrapper libpng libjpeg makeWrapper]; buildInputs = [which tcl tk xlibsWrapper libpng libjpeg makeWrapper];

6
pkgs/applications/networking/instant-messengers/mcabber/default.nix
View File

@ -14,7 +14,11 @@ stdenv.mkDerivation rec {
nativeBuildInputs = [ pkgconfig ]; nativeBuildInputs = [ pkgconfig ];
buildInputs = [ openssl ncurses glib loudmouth libotr gpgme ]; buildInputs = [ openssl ncurses glib loudmouth libotr gpgme ];
configureFlags = "--with-openssl=${openssl.dev} --enable-modules --enable-otr"; configureFlags = [
"--with-openssl=${openssl.dev}"
"--enable-modules"
"--enable-otr"
];
doCheck = true; doCheck = true;

14
pkgs/applications/networking/instant-messengers/pybitmessage/default.nix
View File

@ -1,18 +1,18 @@
{ stdenv, fetchFromGitHub, pythonPackages, openssl }: { stdenv, fetchFromGitHub, python2Packages, openssl }:
pythonPackages.buildPythonApplication rec { python2Packages.buildPythonApplication rec {
name = "pybitmessage-${version}"; pname = "pybitmessage";
version = "0.6.2"; version = "0.6.3.2";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "bitmessage"; owner = "bitmessage";
repo = "PyBitmessage"; repo = "PyBitmessage";
rev = "v${version}"; rev = version;
sha256 = "04sgns9qczzw2152gqdr6bjyy4fmgs26cz8n3qck94l0j51rxhz8"; sha256 = "1lmhbpwsqh1v93krlqqhafw2pc3y0qp8zby186yllbph6s8kdp35";
}; };
propagatedBuildInputs = with pythonPackages; [ msgpack-python pyqt4 numpy pyopencl ] ++ [ openssl ]; propagatedBuildInputs = with python2Packages; [ msgpack-python pyqt4 numpy pyopencl ] ++ [ openssl ];
preConfigure = '' preConfigure = ''
# Remove interaction and misleading output # Remove interaction and misleading output

4
pkgs/applications/networking/instant-messengers/signal-desktop/default.nix
View File

@ -55,11 +55,11 @@ let
in stdenv.mkDerivation rec { in stdenv.mkDerivation rec {
name = "signal-desktop-${version}"; name = "signal-desktop-${version}";
version = "1.15.0"; version = "1.15.3";
src = fetchurl { src = fetchurl {
url = "https://updates.signal.org/desktop/apt/pool/main/s/signal-desktop/signal-desktop_${version}_amd64.deb"; url = "https://updates.signal.org/desktop/apt/pool/main/s/signal-desktop/signal-desktop_${version}_amd64.deb";
sha256 = "1q73jx92h8zwk1dn103ymskz35q6kfiqc44886jr0p7mlpndqsa4"; sha256 = "009bcy90dvwiizya387fqrh3a8l0czgs4wnddxndy9gd477sn704";
}; };
phases = [ "unpackPhase" "installPhase" ]; phases = [ "unpackPhase" "installPhase" ];

2
pkgs/applications/networking/instant-messengers/silc-client/default.nix
View File

@ -21,7 +21,7 @@ stdenv.mkDerivation {
hardeningDisable = [ "format" ]; hardeningDisable = [ "format" ];
configureFlags = "--with-ncurses=${ncurses.dev}"; configureFlags = [ "--with-ncurses=${ncurses.dev}" ];
preConfigure = stdenv.lib.optionalString enablePlugin '' preConfigure = stdenv.lib.optionalString enablePlugin ''
configureFlags="$configureFlags --with-silc-plugin=$out/lib/irssi" configureFlags="$configureFlags --with-silc-plugin=$out/lib/irssi"

2
pkgs/applications/networking/instant-messengers/telepathy/gabble/default.nix
View File

@ -14,7 +14,7 @@ stdenv.mkDerivation rec {
checkInputs = [ dbus.daemon ]; checkInputs = [ dbus.daemon ];
configureFlags = "--with-ca-certificates=/etc/ssl/certs/ca-certificates.crt"; configureFlags = [ "--with-ca-certificates=/etc/ssl/certs/ca-certificates.crt" ];
enableParallelBuilding = true; enableParallelBuilding = true;
doCheck = true; doCheck = true;

2
pkgs/applications/networking/instant-messengers/telepathy/logger/default.nix
View File

@ -18,7 +18,7 @@ stdenv.mkDerivation rec {
dbus telepathy-glib.python dbus telepathy-glib.python
]; ];
configureFlags = "--enable-call"; configureFlags = [ "--enable-call" ];
preFixup = '' preFixup = ''
wrapProgram "$out/libexec/telepathy-logger" \ wrapProgram "$out/libexec/telepathy-logger" \

2
pkgs/applications/networking/instant-messengers/telepathy/salut/default.nix
View File

@ -16,7 +16,7 @@ stdenv.mkDerivation rec {
nativeBuildInputs = [ libxslt pkgconfigUpstream ]; nativeBuildInputs = [ libxslt pkgconfigUpstream ];
configureFlags = "--disable-avahi-tests"; configureFlags = [ "--disable-avahi-tests" ];
meta = with stdenv.lib; { meta = with stdenv.lib; {
description = "Link-local XMPP connection manager for Telepathy"; description = "Link-local XMPP connection manager for Telepathy";

6
pkgs/applications/networking/ipfs/default.nix
View File

@ -2,7 +2,7 @@
buildGoPackage rec { buildGoPackage rec {
name = "ipfs-${version}"; name = "ipfs-${version}";
version = "0.4.15"; version = "0.4.17";
rev = "v${version}"; rev = "v${version}";
goPackagePath = "github.com/ipfs/go-ipfs"; goPackagePath = "github.com/ipfs/go-ipfs";
@ -10,7 +10,7 @@ buildGoPackage rec {
extraSrcPaths = [ extraSrcPaths = [
(fetchgx { (fetchgx {
inherit name src; inherit name src;
sha256 = "0bysfh2hd040i8lnyzhy96frflls4kdnlw748cl51ngqg3rwbhgz"; sha256 = "0grdgnr67r3qh0ppc3flrhcw8zlvx10mxypd8q2mhkil9w4dpcna";
}) })
]; ];
@ -18,7 +18,7 @@ buildGoPackage rec {
owner = "ipfs"; owner = "ipfs";
repo = "go-ipfs"; repo = "go-ipfs";
inherit rev; inherit rev;
sha256 = "1ry4a4pq26dbwy2b9cwi3xjaiyq6sng9lxnb1n30zxhp4w7rla2h"; sha256 = "18skmchdqd54wfqhibscqvc360l5ig6vmxd73ivf3bcpj3zvgq7q";
}; };
meta = with stdenv.lib; { meta = with stdenv.lib; {

5
pkgs/applications/networking/newsreaders/slrn/default.nix
View File

@ -18,7 +18,10 @@ stdenv.mkDerivation {
-e "s|/bin/rm|rm|" -e "s|/bin/rm|rm|"
''; '';
configureFlags = "--with-slang=${slang.dev} --with-ssl=${openssl.dev}"; configureFlags = [
"--with-slang=${slang.dev}"
"--with-ssl=${openssl.dev}"
];
buildInputs = [ slang ncurses openssl ]; buildInputs = [ slang ncurses openssl ];

3
pkgs/applications/networking/p2p/deluge/default.nix
View File

@ -18,7 +18,8 @@ pythonPackages.buildPythonPackage rec {
]; ];
propagatedBuildInputs = with pythonPackages; [ propagatedBuildInputs = with pythonPackages; [
pyGtkGlade libtorrentRasterbar twisted Mako chardet pyxdg pyopenssl service-identity pyGtkGlade twisted Mako chardet pyxdg pyopenssl service-identity
libtorrentRasterbar.dev libtorrentRasterbar.python
]; ];
nativeBuildInputs = [ intltool ]; nativeBuildInputs = [ intltool ];

52
pkgs/applications/networking/remote/citrix-receiver/default.nix
View File

@ -39,50 +39,6 @@ let
}); });
versionInfo = { versionInfo = {
"13.4.0" = rec {
major = "13";
minor = "4";
patch = "0";
x64hash = "133brs0sq6d0mgr19rc6ig1n9ahm3ryi23v5nrgqfh0hgxqcrrjb";
x86hash = "0r7jfl5yqv1s2npy8l9gsn0gbb82f6raa092ppkc8xy5pni5sh7l";
x64suffix = "10109380";
x86suffix = x64suffix;
homepage = https://www.citrix.com/downloads/citrix-receiver/legacy-receiver-for-linux/receiver-for-linux-latest-13-4.html;
};
"13.5.0" = rec {
major = "13";
minor = "5";
patch = "0";
x64hash = "1r24mhkpcc0z95n597p07fz92pd1b8qqzp2z6w07rmb9wb8mpd4x";
x86hash = "0pwxshlryzhkl86cj9ryybm54alhzjx0gpp67fnvdn5r64wy1nd1";
x64suffix = "10185126";
x86suffix = x64suffix;
homepage = https://www.citrix.com/downloads/citrix-receiver/legacy-receiver-for-linux/receiver-for-linux-latest-13-5.html;
};
"13.6.0" = rec {
major = "13";
minor = "6";
patch = "0";
x64hash = "6e423be41d5bb8186bcca3fbb4ede54dc3f00b8d2aeb216ae4aabffef9310d34";
x86hash = "0ba3eba208b37844904d540b3011075ed5cecf429a0ab6c6cd52f2d0fd841ad2";
x64suffix = "10243651";
x86suffix = x64suffix;
homepage = https://www.citrix.com/downloads/citrix-receiver/legacy-receiver-for-linux/receiver-for-linux-136.html;
};
"13.7.0" = {
major = "13";
minor = "7";
patch = "0";
x64hash = "18fb374b9fb8e249b79178500dddca7a1f275411c6537e7695da5dcf19c5ba91";
x86hash = "4c68723b0327cf6f12da824056fce2b7853c38e6163a48c9d222b93dd8da75b6";
x64suffix = "10276927";
x86suffix = "10276925";
homepage = https://www.citrix.com/downloads/citrix-receiver/legacy-receiver-for-linux/receiver-for-linux-137.html;
};
"13.8.0" = { "13.8.0" = {
major = "13"; major = "13";
minor = "8"; minor = "8";
@ -156,7 +112,7 @@ let
''; '';
}; };
phases = [ "unpackPhase" "installPhase" ]; dontBuild = true;
sourceRoot = "."; sourceRoot = ".";
@ -203,6 +159,8 @@ let
}; };
installPhase = '' installPhase = ''
runHook preInstall
export ICAInstDir="$out/opt/citrix-icaclient" export ICAInstDir="$out/opt/citrix-icaclient"
sed -i \ sed -i \
@ -262,13 +220,15 @@ let
# We introduce a dependency on the source file so that it need not be redownloaded everytime # We introduce a dependency on the source file so that it need not be redownloaded everytime
echo $src >> "$out/share/nix_dependencies.pin" echo $src >> "$out/share/nix_dependencies.pin"
runHook postInstall
''; '';
meta = with stdenv.lib; { meta = with stdenv.lib; {
license = stdenv.lib.licenses.unfree; license = stdenv.lib.licenses.unfree;
inherit homepage; inherit homepage;
description = "Citrix Receiver"; description = "Citrix Receiver";
maintainers = with maintainers; [ obadz a1russell ]; maintainers = with maintainers; [ obadz a1russell ma27 ];
platforms = platforms.linux; platforms = platforms.linux;
}; };
}; };

19
pkgs/applications/networking/remote/citrix-receiver/wrapper.nix Normal file
View File

@ -0,0 +1,19 @@
{ citrix_receiver, extraCerts ? [], symlinkJoin }:
let
mkCertCopy = certPath:
"cp ${certPath} $out/opt/citrix-icaclient/keystore/cacerts/";
in
if builtins.length extraCerts == 0 then citrix_receiver else symlinkJoin {
name = "citrix-with-extra-certs-${citrix_receiver.version}";
paths = [ citrix_receiver ];
postBuild = ''
${builtins.concatStringsSep "\n" (map mkCertCopy extraCerts)}
sed -i -E "s,-icaroot (.+citrix-icaclient),-icaroot $out/opt/citrix-icaclient," $out/bin/wfica
'';
}

4
pkgs/applications/networking/remote/remmina/default.nix
View File

@ -10,7 +10,7 @@
}: }:
let let
version = "1.2.30.1"; version = "1.2.31.2";
desktopItem = makeDesktopItem { desktopItem = makeDesktopItem {
name = "remmina"; name = "remmina";
@ -29,7 +29,7 @@ in stdenv.mkDerivation {
owner = "Remmina"; owner = "Remmina";
repo = "Remmina"; repo = "Remmina";
rev = "v${version}"; rev = "v${version}";
sha256 = "1jz20yv84a8m9gm9fsz0jii8ag90v1scmbkkx9gk38ax5il7ilvn"; sha256 = "09jdrs2hbr9wyd5yqw5bri41rnfnxxyh98mlv6ig2phlvs9cg73d";
}; };
nativeBuildInputs = [ pkgconfig ]; nativeBuildInputs = [ pkgconfig ];

16
pkgs/applications/networking/sync/lsyncd/default.nix
View File

@ -1,18 +1,26 @@
{ stdenv, fetchFromGitHub, cmake, lua, pkgconfig, rsync, { stdenv, fetchFromGitHub, fetchpatch, cmake, lua, pkgconfig, rsync,
asciidoc, libxml2, docbook_xml_dtd_45, docbook_xsl, libxslt }: asciidoc, libxml2, docbook_xml_dtd_45, docbook_xsl, libxslt }:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "lsyncd-${version}"; name = "lsyncd-${version}";
version = "2.2.2"; version = "2.2.3";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "axkibe"; owner = "axkibe";
repo = "lsyncd"; repo = "lsyncd";
rev = "release-${version}"; rev = "release-${version}";
sha256 = "1q2ixp52r96ckghgmxdbms6xrq8dbziimp8gmgzqfq4lk1v1w80y"; sha256 = "1hbsih5hfq9lhgnxm0wb5mrj6xmlk2l0i9a79wzd5f6cnjil9l3x";
}; };
patchPhase = '' patches = [
(fetchpatch {
sha256 = "0b0h2qxh73l502p7phf6qgl8576nf6fvqqp2x5wy3nz7sc9qb1z8";
name = "fix-non-versioned-lua-not-search-in-cmake.patch";
url = "https://github.com/axkibe/lsyncd/pull/500/commits/0af99d8d5ba35118e8799684a2d4a8ea4b0c6957.patch";
})
];
postPatch = ''
substituteInPlace default-rsync.lua \ substituteInPlace default-rsync.lua \
--replace "/usr/bin/rsync" "${rsync}/bin/rsync" --replace "/usr/bin/rsync" "${rsync}/bin/rsync"
''; '';

11
pkgs/applications/networking/znc/default.nix
View File

@ -24,10 +24,13 @@ stdenv.mkDerivation rec {
++ optional withTcl tcl ++ optional withTcl tcl
++ optional withCyrus cyrus_sasl; ++ optional withCyrus cyrus_sasl;
configureFlags = optionalString withPerl "--enable-perl " configureFlags = [
+ optionalString withPython "--enable-python " (stdenv.lib.enableFeature withPerl "perl")
+ optionalString withTcl "--enable-tcl --with-tcl=${tcl}/lib " (stdenv.lib.enableFeature withPython "python")
+ optionalString withCyrus "--enable-cyrus "; (stdenv.lib.enableFeature withTcl "tcl")
(stdenv.lib.withFeatureAs withTcl "tcl" "${tcl}/lib")
(stdenv.lib.enableFeature withCyrus "cyrus")
];
meta = with stdenv.lib; { meta = with stdenv.lib; {
description = "Advanced IRC bouncer"; description = "Advanced IRC bouncer";

8
pkgs/applications/office/gnucash/2.4.nix
View File

@ -27,7 +27,13 @@ stdenv.mkDerivation rec {
]; ];
propagatedUserEnvPkgs = [ gconf ]; propagatedUserEnvPkgs = [ gconf ];
configureFlags = "CFLAGS=-O3 CXXFLAGS=-O3 --disable-dbi --enable-ofx --enable-aqbanking"; configureFlags = [
"CFLAGS=-O3"
"CXXFLAGS=-O3"
"--disable-dbi"
"--enable-ofx"
"--enable-aqbanking"
];
postInstall = '' postInstall = ''
# Auto-updaters don't make sense in Nix. # Auto-updaters don't make sense in Nix.

2
pkgs/applications/office/gnumeric/default.nix
View File

@ -16,7 +16,7 @@ in stdenv.mkDerivation rec {
sha256 = "26cceb7fa97dc7eee7181a79a6251a85b1f1464dcaaaf7624829f7439c5f7d3f"; sha256 = "26cceb7fa97dc7eee7181a79a6251a85b1f1464dcaaaf7624829f7439c5f7d3f";
}; };
configureFlags = "--disable-component"; configureFlags = [ "--disable-component" ];
prePatch = '' prePatch = ''
substituteInPlace doc/C/gnumeric.xml \ substituteInPlace doc/C/gnumeric.xml \

6
pkgs/applications/office/ledger/2.6.3.nix
View File

@ -10,7 +10,11 @@ stdenv.mkDerivation rec {
buildInputs = [ emacs gmp pcre expat ]; buildInputs = [ emacs gmp pcre expat ];
configureFlags = "CPPFLAGS=-DNDEBUG CFLAGS=-O3 CXXFLAGS=-O3"; configureFlags = [
"CPPFLAGS=-DNDEBUG"
"CFLAGS=-O3"
"CXXFLAGS=-O3"
];
doCheck = true; doCheck = true;

4
pkgs/applications/office/tryton/default.nix
View File

@ -14,10 +14,10 @@ with stdenv.lib;
python2Packages.buildPythonApplication rec { python2Packages.buildPythonApplication rec {
pname = "tryton"; pname = "tryton";
version = "4.8.3"; version = "4.8.4";
src = python2Packages.fetchPypi { src = python2Packages.fetchPypi {
inherit pname version; inherit pname version;
sha256 = "1e2862bbe7c943afbbdf2232cdc55f75d2357640115c7f1483f0814b2c5a6882"; sha256 = "6cf3091424853e1270d61f3a9b15ad8e6b36a44c28becf216c324ca8dc1474b0";
}; };
nativeBuildInputs = [ pkgconfig gobjectIntrospection ]; nativeBuildInputs = [ pkgconfig gobjectIntrospection ];
propagatedBuildInputs = with python2Packages; [ propagatedBuildInputs = with python2Packages; [

4
pkgs/applications/office/trytond/default.nix
View File

@ -5,10 +5,10 @@ with stdenv.lib;
python2Packages.buildPythonApplication rec { python2Packages.buildPythonApplication rec {
pname = "trytond"; pname = "trytond";
version = "4.8.2"; version = "4.8.3";
src = python2Packages.fetchPypi { src = python2Packages.fetchPypi {
inherit pname version; inherit pname version;
sha256 = "ec5c419418517bf9f7d2af08b2bfd3bcc7526f6d6f07d122abf1699c728ae2a9"; sha256 = "11d01dc984d9274229b5c80f883679d130a55e14e9124b051274fce9aea4ef77";
}; };
# Tells the tests which database to use # Tells the tests which database to use

7
pkgs/applications/science/biology/ncbi-tools/default.nix
View File

@ -15,7 +15,12 @@ stdenv.mkDerivation rec {
sha256 = "1b2v0dcdqn3bysgdkj57sxmd6s0hc9wpnxssviz399g6plhxggbr"; sha256 = "1b2v0dcdqn3bysgdkj57sxmd6s0hc9wpnxssviz399g6plhxggbr";
}; };
configureFlags = "--without-debug --with-bin-release --with-dll --without-static"; configureFlags = [
"--without-debug"
"--with-bin-release"
"--with-dll"
"--without-static"
];
buildInputs = [ cpio ]; buildInputs = [ cpio ];
meta = { meta = {

4
pkgs/applications/science/chemistry/gwyddion/default.nix
View File

@ -2,11 +2,11 @@
with stdenv.lib; with stdenv.lib;
let version = "2.48"; in
stdenv.mkDerivation { stdenv.mkDerivation {
name = "gwyddion-${version}"; name = "gwyddion-${version}";
version = "2.48";
src = fetchurl { src = fetchurl {
url = "http://sourceforge.net/projects/gwyddion/files/gwyddion/2.48/gwyddion-2.48.tar.xz"; url = "http://sourceforge.net/projects/gwyddion/files/gwyddion/${version}/gwyddion-${version}.tar.xz";
sha256 = "119iw58ac2wn4cas6js8m7r1n4gmmkga6b1y711xzcyjp9hshgwx"; sha256 = "119iw58ac2wn4cas6js8m7r1n4gmmkga6b1y711xzcyjp9hshgwx";
}; };
nativeBuildInputs = [ pkgconfig ]; nativeBuildInputs = [ pkgconfig ];

16
pkgs/applications/science/chemistry/octopus/default.nix
View File

@ -17,14 +17,14 @@ in stdenv.mkDerivation {
nativeBuildInputs = [ perl procps fftw.dev ]; nativeBuildInputs = [ perl procps fftw.dev ];
buildInputs = [ libyaml gfortran libxc openblas gsl fftw.out netcdf arpack ]; buildInputs = [ libyaml gfortran libxc openblas gsl fftw.out netcdf arpack ];
configureFlags = '' configureFlags = [
--with-yaml-prefix=${libyaml} "--with-yaml-prefix=${libyaml}"
--with-blas=-lopenblas "--with-blas=-lopenblas"
--with-lapack=-lopenblas "--with-lapack=-lopenblas"
--with-fftw-prefix=${fftwAll} "--with-fftw-prefix=${fftwAll}"
--with-gsl-prefix=${gsl} "--with-gsl-prefix=${gsl}"
--with-libxc-prefix=${libxc} "--with-libxc-prefix=${libxc}"
''; ];
doCheck = false; doCheck = false;
checkTarget = "check-short"; checkTarget = "check-short";

4
pkgs/applications/science/electronics/geda/default.nix
View File

@ -9,7 +9,9 @@ stdenv.mkDerivation rec {
sha256 = "08dpa506xk4gjbbi8vnxcb640wq4ihlgmhzlssl52nhvxwx7gx5v"; sha256 = "08dpa506xk4gjbbi8vnxcb640wq4ihlgmhzlssl52nhvxwx7gx5v";
}; };
configureFlags = "--disable-update-xdg-database"; configureFlags = [
"--disable-update-xdg-database"
];
nativeBuildInputs = [ pkgconfig ]; nativeBuildInputs = [ pkgconfig ];
buildInputs = [ guile gtk2 flex gawk perl ]; buildInputs = [ guile gtk2 flex gawk perl ];

6
pkgs/applications/science/electronics/xcircuit/default.nix
View File

@ -17,7 +17,11 @@ in stdenv.mkDerivation {
nativeBuildInputs = [ autoreconfHook automake pkgconfig ]; nativeBuildInputs = [ autoreconfHook automake pkgconfig ];
hardeningDisable = [ "format" ]; hardeningDisable = [ "format" ];
configureFlags = "--with-tcl=${tcl}/lib --with-tk=${tk}/lib --with-ngspice=${getBin ngspice}/bin/ngspice"; configureFlags = [
"--with-tcl=${tcl}/lib"
"--with-tk=${tk}/lib"
"--with-ngspice=${getBin ngspice}/bin/ngspice"
];
buildInputs = with xorg; [ cairo ghostscript libSM libXt libICE libX11 libXpm tcl tk zlib ]; buildInputs = with xorg; [ cairo ghostscript libSM libXt libICE libX11 libXpm tcl tk zlib ];

5
pkgs/applications/science/logic/eprover/default.nix
View File

@ -14,7 +14,10 @@ stdenv.mkDerivation rec {
preConfigure = '' preConfigure = ''
sed -e 's/ *CC *= *gcc$//' -i Makefile.vars sed -e 's/ *CC *= *gcc$//' -i Makefile.vars
''; '';
configureFlags = "--exec-prefix=$(out) --man-prefix=$(out)/share/man"; configureFlags = [
"--exec-prefix=$(out)"
"--man-prefix=$(out)/share/man"
];
meta = with stdenv.lib; { meta = with stdenv.lib; {
description = "Automated theorem prover for full first-order logic with equality"; description = "Automated theorem prover for full first-order logic with equality";

2
pkgs/applications/science/logic/hol/default.nix
View File

@ -15,7 +15,7 @@ in
let let
polymlEnableShared = with pkgs; lib.overrideDerivation polyml (attrs: { polymlEnableShared = with pkgs; lib.overrideDerivation polyml (attrs: {
configureFlags = "--enable-shared"; configureFlags = [ "--enable-shared" ];
}); });
in in

6
pkgs/applications/science/logic/symbiyosys/default.nix
View File

@ -2,13 +2,13 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "symbiyosys-${version}"; name = "symbiyosys-${version}";
version = "2018.05.03"; version = "2018.07.26";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "yosyshq"; owner = "yosyshq";
repo = "symbiyosys"; repo = "symbiyosys";
rev = "35d956c7bb77c0602d198035b2d73a9c61cb4de4"; rev = "2fef25f93dd1cb5137a08e71f507e3eee8100fb1";
sha256 = "02zg3nkwp3fdjwz1agvsn55k1xipwh2rradb0bgjrjpsmmw63gda"; sha256 = "103fga0n11h4n2q346xyz3k0615d9lgx2b8sqr1pwn2hx26kchav";
}; };
buildInputs = [ python3 yosys ]; buildInputs = [ python3 yosys ];

2
pkgs/applications/science/math/cbc/default.nix
View File

@ -8,7 +8,7 @@ stdenv.mkDerivation {
sha256 = "1w8axdzm05xf5y13c31w7rc5z6ywxqxiwafnxcq3p195kgj0915a"; sha256 = "1w8axdzm05xf5y13c31w7rc5z6ywxqxiwafnxcq3p195kgj0915a";
}; };
configureFlags = "-C"; configureFlags = [ "-C" ];
enableParallelBuilding = true; enableParallelBuilding = true;

2
pkgs/applications/science/math/ginac/default.nix
View File

@ -16,7 +16,7 @@ stdenv.mkDerivation rec {
preConfigure = "patchShebangs ginsh"; preConfigure = "patchShebangs ginsh";
configureFlags = "--disable-rpath"; configureFlags = [ "--disable-rpath" ];
meta = with stdenv.lib; { meta = with stdenv.lib; {
description = "GiNaC is Not a CAS"; description = "GiNaC is Not a CAS";

2
pkgs/applications/science/math/ripser/default.nix
View File

@ -13,10 +13,10 @@ assert useGoogleHashmap -> sparsehash != null;
let let
inherit (stdenv.lib) optional; inherit (stdenv.lib) optional;
version = "1.0";
in in
stdenv.mkDerivation { stdenv.mkDerivation {
name = "ripser-${version}"; name = "ripser-${version}";
version = "1.0";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "Ripser"; owner = "Ripser";

7
pkgs/applications/science/math/sage/sage-src.nix
View File

@ -129,6 +129,13 @@ stdenv.mkDerivation rec {
url = "https://git.sagemath.org/sage.git/patch/?id=2ab1546b3e21d1d0ab3b4fcd58576848b3a2d888"; url = "https://git.sagemath.org/sage.git/patch/?id=2ab1546b3e21d1d0ab3b4fcd58576848b3a2d888";
sha256 = "1c5gnasq7y9xxj762bn79bis0zi8d9bgg7jzlf64ifixsrc5cymb"; sha256 = "1c5gnasq7y9xxj762bn79bis0zi8d9bgg7jzlf64ifixsrc5cymb";
}) })
# arb 2.13.0 -> 2.14.0
(fetchpatch {
name = "arb-2.14.0.patch";
url = "https://git.sagemath.org/sage.git/patch?id2=8.4.beta0&id=8bef4fd2876a61969b516fe4eb3b8ad7cc076c5e";
sha256 = "00p3hfsfn3w2vxgd9fjd23mz7xfxjfravf8ysjxkyd657jbkpjmk";
})
]; ];
patches = nixPatches ++ packageUpgradePatches ++ [ patches = nixPatches ++ packageUpgradePatches ++ [

52
pkgs/applications/science/math/scilab/default.nix
View File

@ -29,35 +29,29 @@ stdenv.mkDerivation rec {
/* /*
--with-atlas-library=DIR Atlas library files are in DIR and we use Atlas --with-atlas-library=DIR Atlas library files are in DIR and we use Atlas
*/ */
configureFlags = "" configureFlags = [
# use gcc C compiler and gnu Fortran compiler (g77 or gfortran) # use gcc C compiler and gnu Fortran compiler (g77 or gfortran)
+ " --with-gcc --with-g77" "--with-gcc" "--with-g77"
# use Xaw3d widgets given with Scilab # do not compile with PVM library
+ (lib.optionalString (!withXaw3d) " --with-local-xaw") "--without-pvm"
# do not compile with PVM library # compile with GTK
+ " --without-pvm" (stdenv.lib.enableFeature withGtk "gtk")
# compile with GTK (stdenv.lib.enableFeature withGtk "gtk2")
+ (if withGtk then " # compile with ocaml
--with-gtk --with-gtk2 (stdenv.lib.withFeature withOCaml "ocaml")
" else " # do not compile Java interface
--without-gtk --without-gtk2 "--without-java"
") # use the X Window System
# compile with TCL/TK (stdenv.lib.withFeature withX "x")
+ (lib.optionalString withTk " # compile with TCL/TK
--with-tk ] ++ lib.optionals withTk [
--with-tcl-library=${tcl}/lib "--with-tk"
--with-tcl-include=${tcl}/include "--with-tcl-library=${tcl}/lib"
--with-tk-library=${tk}/lib "--with-tcl-include=${tcl}/include"
--with-tk-include=${tk}/include "--with-tk-library=${tk}/lib"
") "--with-tk-include=${tk}/include"
# do not use Gtk widgets ] # use Xaw3d widgets given with Scilab
+ " --without-gtk --without-gtk2" ++ lib.optional (!withXaw3d) "--with-local-xaw"
# compile with ocaml
+ (if withOCaml then " --with-ocaml" else " --without-ocaml")
# do not compile Java interface
+ " --without-java"
# use the X Window System
+ lib.optionalString withX "--with-x"
; ;
makeFlags = "all"; makeFlags = "all";

2
pkgs/applications/science/misc/boinc/default.nix
View File

@ -35,7 +35,7 @@ stdenv.mkDerivation rec {
enableParallelBuilding = true; enableParallelBuilding = true;
configureFlags = "--disable-server"; configureFlags = [ "--disable-server" ];
meta = { meta = {
description = "Free software for distributed and grid computing"; description = "Free software for distributed and grid computing";

Some files were not shown because too many files have changed in this diff Show More