dev/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Merge branch 'master' into staging-next

Browse Source
This commit is contained in:
Vladimír Čunát 2023-02-08 21:50:23 +01:00
commit 1e42908aa7
No known key found for this signature in database
GPG Key ID: E747DF1F9575A3AA
217 changed files with 3838 additions and 4238 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
doc/contributing/coding-conventions.chapter.md
View File

@ -204,13 +204,13 @@ The key words _must_, _must not_, _required_, _shall_, _shall not_, _should_, _s
In Nixpkgs, there are generally three different names associated with a package: In Nixpkgs, there are generally three different names associated with a package:
- The `name` attribute of the derivation (excluding the version part). This is what most users see, in particular when using `nix-env`. - The `pname` attribute of the derivation. This is what most users see, in particular when using `nix-env`.
- The variable name used for the instantiated package in `all-packages.nix`, and when passing it as a dependency to other functions. Typically this is called the _package attribute name_. This is what Nix expression authors see. It can also be used when installing using `nix-env -iA`. - The variable name used for the instantiated package in `all-packages.nix`, and when passing it as a dependency to other functions. Typically this is called the _package attribute name_. This is what Nix expression authors see. It can also be used when installing using `nix-env -iA`.
- The filename for (the directory containing) the Nix expression. - The filename for (the directory containing) the Nix expression.
Most of the time, these are the same. For instance, the package `e2fsprogs` has a `name` attribute `"e2fsprogs-version"`, is bound to the variable name `e2fsprogs` in `all-packages.nix`, and the Nix expression is in `pkgs/os-specific/linux/e2fsprogs/default.nix`. Most of the time, these are the same. For instance, the package `e2fsprogs` has a `pname` attribute `"e2fsprogs"`, is bound to the variable name `e2fsprogs` in `all-packages.nix`, and the Nix expression is in `pkgs/os-specific/linux/e2fsprogs/default.nix`.
There are a few naming guidelines: There are a few naming guidelines:

35
nixos/doc/manual/default.nix
View File

@ -21,6 +21,8 @@ let
withManOptDedupPatch = true; withManOptDedupPatch = true;
}; };
manpageUrls = pkgs.path + "/doc/manpage-urls.json";
# We need to strip references to /nix/store/* from options, # We need to strip references to /nix/store/* from options,
# including any `extraSources` if some modules came from elsewhere, # including any `extraSources` if some modules came from elsewhere,
# or else the build will fail. # or else the build will fail.
@ -72,7 +74,7 @@ let
nativeBuildInputs = [ pkgs.nixos-render-docs ]; nativeBuildInputs = [ pkgs.nixos-render-docs ];
} '' } ''
nixos-render-docs manual docbook \ nixos-render-docs manual docbook \
--manpage-urls ${pkgs.path + "/doc/manpage-urls.json"} \ --manpage-urls ${manpageUrls} \
"$out" \ "$out" \
--section \ --section \
--section-id modules \ --section-id modules \
@ -255,9 +257,12 @@ in rec {
manpages = runCommand "nixos-manpages" manpages = runCommand "nixos-manpages"
{ inherit sources; { inherit sources;
nativeBuildInputs = [ nativeBuildInputs = [
buildPackages.installShellFiles
] ++ lib.optionals allowDocBook [
buildPackages.libxml2.bin buildPackages.libxml2.bin
buildPackages.libxslt.bin buildPackages.libxslt.bin
buildPackages.installShellFiles ] ++ lib.optionals (! allowDocBook) [
buildPackages.nixos-render-docs
]; ];
allowedReferences = ["out"]; allowedReferences = ["out"];
} }
@ -265,14 +270,24 @@ in rec {
# Generate manpages. # Generate manpages.
mkdir -p $out/share/man/man8 mkdir -p $out/share/man/man8
installManPage ${./manpages}/* installManPage ${./manpages}/*
xsltproc --nonet \ ${if allowDocBook
--maxdepth 6000 \ then ''
--param man.output.in.separate.dir 1 \ xsltproc --nonet \
--param man.output.base.dir "'$out/share/man/'" \ --maxdepth 6000 \
--param man.endnotes.are.numbered 0 \ --param man.output.in.separate.dir 1 \
--param man.break.after.slash 1 \ --param man.output.base.dir "'$out/share/man/'" \
${docbook_xsl_ns}/xml/xsl/docbook/manpages/docbook.xsl \ --param man.endnotes.are.numbered 0 \
${manual-combined}/man-pages-combined.xml --param man.break.after.slash 1 \
${docbook_xsl_ns}/xml/xsl/docbook/manpages/docbook.xsl \
${manual-combined}/man-pages-combined.xml
''
else ''
mkdir -p $out/share/man/man5
nixos-render-docs options manpage \
--revision ${lib.escapeShellArg revision} \
${optionsJSON}/share/doc/nixos/options.json \
$out/share/man/man5/configuration.nix.5
''}
''; '';
} }

4
nixos/doc/manual/from_md/release-notes/rl-2305.section.xml
View File

@ -577,8 +577,8 @@
</listitem> </listitem>
<listitem> <listitem>
<para> <para>
<literal>services.openssh.cyphers</literal> to <literal>services.openssh.ciphers</literal> to
<literal>services.openssh.settings.Cyphers</literal> <literal>services.openssh.settings.Ciphers</literal>
</para> </para>
</listitem> </listitem>
<listitem> <listitem>

2
nixos/doc/manual/release-notes/rl-2305.section.md
View File

@ -137,7 +137,7 @@ In addition to numerous new and upgraded packages, this release has the followin
- `services.openssh.logLevel` to `services.openssh.settings.LogLevel` - `services.openssh.logLevel` to `services.openssh.settings.LogLevel`
- `services.openssh.kexAlgorithms` to `services.openssh.settings.KexAlgorithms` - `services.openssh.kexAlgorithms` to `services.openssh.settings.KexAlgorithms`
- `services.openssh.macs` to `services.openssh.settings.Macs` - `services.openssh.macs` to `services.openssh.settings.Macs`
- `services.openssh.cyphers` to `services.openssh.settings.Cyphers` - `services.openssh.ciphers` to `services.openssh.settings.Ciphers`
- `services.openssh.gatewayPorts` to `services.openssh.settings.GatewayPorts` - `services.openssh.gatewayPorts` to `services.openssh.settings.GatewayPorts`
- `services.mastodon` gained a tootctl wrapped named `mastodon-tootctl` similar to `nextcloud-occ` which can be executed from any user and switches to the configured mastodon user with sudo and sources the environment variables. - `services.mastodon` gained a tootctl wrapped named `mastodon-tootctl` similar to `nextcloud-occ` which can be executed from any user and switches to the configured mastodon user with sudo and sources the environment variables.

2
nixos/lib/make-options-doc/default.nix
View File

@ -78,7 +78,7 @@ let
title = args.title or null; title = args.title or null;
name = args.name or (lib.concatStringsSep "." args.path); name = args.name or (lib.concatStringsSep "." args.path);
in '' in ''
- [`${lib.optionalString (title != null) "${title} aka "}pkgs.${name}`]( - [${lib.optionalString (title != null) "${title} aka "}`pkgs.${name}`](
https://search.nixos.org/packages?show=${name}&sort=relevance&query=${name} https://search.nixos.org/packages?show=${name}&sort=relevance&query=${name}
)${ )${
lib.optionalString (args ? comment) "\n\n ${args.comment}" lib.optionalString (args ? comment) "\n\n ${args.comment}"

2
nixos/modules/config/stevenblack.nix
View File

@ -15,7 +15,7 @@ let
in in
{ {
options.networking.stevenblack = { options.networking.stevenblack = {
enable = mkEnableOption (mdDoc "Enable the stevenblack hosts file blocklist."); enable = mkEnableOption (mdDoc "Enable the stevenblack hosts file blocklist");
block = mkOption { block = mkOption {
type = types.listOf (types.enum [ "fakenews" "gambling" "porn" "social" ]); type = types.listOf (types.enum [ "fakenews" "gambling" "porn" "social" ]);

4
nixos/modules/programs/k3b.nix
View File

@ -28,7 +28,7 @@ with lib;
k3b k3b
dvdplusrwtools dvdplusrwtools
cdrdao cdrdao
cdrkit cdrtools
]; ];
security.wrappers = { security.wrappers = {
@ -44,7 +44,7 @@ with lib;
owner = "root"; owner = "root";
group = "cdrom"; group = "cdrom";
permissions = "u+wrx,g+x"; permissions = "u+wrx,g+x";
source = "${pkgs.cdrkit}/bin/cdrecord"; source = "${pkgs.cdrtools}/bin/cdrecord";
}; };
}; };

2
nixos/modules/programs/proxychains.nix
View File

@ -86,7 +86,7 @@ in {
description = lib.mdDoc "Proxy DNS requests - no leak for DNS data."; description = lib.mdDoc "Proxy DNS requests - no leak for DNS data.";
}; };
quietMode = mkEnableOption (lib.mdDoc "Quiet mode (no output from the library)."); quietMode = mkEnableOption (lib.mdDoc "Quiet mode (no output from the library)");
remoteDNSSubnet = mkOption { remoteDNSSubnet = mkOption {
type = types.enum [ 10 127 224 ]; type = types.enum [ 10 127 224 ];

2
nixos/modules/security/polkit.nix
View File

@ -14,7 +14,7 @@ in
security.polkit.enable = mkEnableOption (lib.mdDoc "polkit"); security.polkit.enable = mkEnableOption (lib.mdDoc "polkit");
security.polkit.debug = mkEnableOption (lib.mdDoc "debug logs from polkit. This is required in order to see log messages from rule definitions."); security.polkit.debug = mkEnableOption (lib.mdDoc "debug logs from polkit. This is required in order to see log messages from rule definitions");
security.polkit.extraConfig = mkOption { security.polkit.extraConfig = mkOption {
type = types.lines; type = types.lines;

2
nixos/modules/services/backup/zfs-replication.nix
View File

@ -9,7 +9,7 @@ let
in { in {
options = { options = {
services.zfs.autoReplication = { services.zfs.autoReplication = {
enable = mkEnableOption (lib.mdDoc "ZFS snapshot replication."); enable = mkEnableOption (lib.mdDoc "ZFS snapshot replication");
followDelete = mkOption { followDelete = mkOption {
description = lib.mdDoc "Remove remote snapshots that don't have a local correspondent."; description = lib.mdDoc "Remove remote snapshots that don't have a local correspondent.";

2
nixos/modules/services/cluster/kubernetes/addon-manager.nix
View File

@ -62,7 +62,7 @@ in
''; '';
}; };
enable = mkEnableOption (lib.mdDoc "Kubernetes addon manager."); enable = mkEnableOption (lib.mdDoc "Kubernetes addon manager");
}; };
###### implementation ###### implementation

2
nixos/modules/services/cluster/kubernetes/kubelet.nix
View File

@ -146,7 +146,7 @@ in
default = "unix:///run/containerd/containerd.sock"; default = "unix:///run/containerd/containerd.sock";
}; };
enable = mkEnableOption (lib.mdDoc "Kubernetes kubelet."); enable = mkEnableOption (lib.mdDoc "Kubernetes kubelet");
extraOpts = mkOption { extraOpts = mkOption {
description = lib.mdDoc "Kubernetes kubelet extra command line options."; description = lib.mdDoc "Kubernetes kubelet extra command line options.";

4
nixos/modules/services/desktops/gnome/evolution-data-server.nix
View File

@ -27,7 +27,7 @@ with lib;
options = { options = {
services.gnome.evolution-data-server = { services.gnome.evolution-data-server = {
enable = mkEnableOption (lib.mdDoc "Evolution Data Server, a collection of services for storing addressbooks and calendars."); enable = mkEnableOption (lib.mdDoc "Evolution Data Server, a collection of services for storing addressbooks and calendars");
plugins = mkOption { plugins = mkOption {
type = types.listOf types.package; type = types.listOf types.package;
default = [ ]; default = [ ];
@ -35,7 +35,7 @@ with lib;
}; };
}; };
programs.evolution = { programs.evolution = {
enable = mkEnableOption (lib.mdDoc "Evolution, a Personal information management application that provides integrated mail, calendaring and address book functionality."); enable = mkEnableOption (lib.mdDoc "Evolution, a Personal information management application that provides integrated mail, calendaring and address book functionality");
plugins = mkOption { plugins = mkOption {
type = types.listOf types.package; type = types.listOf types.package;
default = [ ]; default = [ ];

2
nixos/modules/services/development/zammad.nix
View File

@ -28,7 +28,7 @@ in
options = { options = {
services.zammad = { services.zammad = {
enable = mkEnableOption (lib.mdDoc "Zammad, a web-based, open source user support/ticketing solution."); enable = mkEnableOption (lib.mdDoc "Zammad, a web-based, open source user support/ticketing solution");
package = mkOption { package = mkOption {
type = types.package; type = types.package;

2
nixos/modules/services/games/freeciv.nix
View File

@ -54,7 +54,7 @@ in
default = 0; default = 0;
description = lib.mdDoc "Set debug log level."; description = lib.mdDoc "Set debug log level.";
}; };
options.exit-on-end = mkEnableOption (lib.mdDoc "exit instead of restarting when a game ends."); options.exit-on-end = mkEnableOption (lib.mdDoc "exit instead of restarting when a game ends");
options.Guests = mkEnableOption (lib.mdDoc "guests to login if auth is enabled"); options.Guests = mkEnableOption (lib.mdDoc "guests to login if auth is enabled");
options.Newusers = mkEnableOption (lib.mdDoc "new users to login if auth is enabled"); options.Newusers = mkEnableOption (lib.mdDoc "new users to login if auth is enabled");
options.port = mkOption { options.port = mkOption {

2
nixos/modules/services/hardware/udisks2.nix
View File

@ -19,7 +19,7 @@ in
services.udisks2 = { services.udisks2 = {
enable = mkEnableOption (lib.mdDoc "udisks2, a DBus service that allows applications to query and manipulate storage devices."); enable = mkEnableOption (lib.mdDoc "udisks2, a DBus service that allows applications to query and manipulate storage devices");
settings = mkOption rec { settings = mkOption rec {
type = types.attrsOf settingsFormat.type; type = types.attrsOf settingsFormat.type;

14
nixos/modules/services/mail/dovecot.nix
View File

@ -171,11 +171,11 @@ in
options.services.dovecot2 = { options.services.dovecot2 = {
enable = mkEnableOption (lib.mdDoc "the dovecot 2.x POP3/IMAP server"); enable = mkEnableOption (lib.mdDoc "the dovecot 2.x POP3/IMAP server");
enablePop3 = mkEnableOption (lib.mdDoc "starting the POP3 listener (when Dovecot is enabled)."); enablePop3 = mkEnableOption (lib.mdDoc "starting the POP3 listener (when Dovecot is enabled)");
enableImap = mkEnableOption (lib.mdDoc "starting the IMAP listener (when Dovecot is enabled).") // { default = true; }; enableImap = mkEnableOption (lib.mdDoc "starting the IMAP listener (when Dovecot is enabled)") // { default = true; };
enableLmtp = mkEnableOption (lib.mdDoc "starting the LMTP listener (when Dovecot is enabled)."); enableLmtp = mkEnableOption (lib.mdDoc "starting the LMTP listener (when Dovecot is enabled)");
protocols = mkOption { protocols = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
@ -300,9 +300,9 @@ in
description = lib.mdDoc "Path to the server's private key."; description = lib.mdDoc "Path to the server's private key.";
}; };
enablePAM = mkEnableOption (lib.mdDoc "creating a own Dovecot PAM service and configure PAM user logins.") // { default = true; }; enablePAM = mkEnableOption (lib.mdDoc "creating a own Dovecot PAM service and configure PAM user logins") // { default = true; };
enableDHE = mkEnableOption (lib.mdDoc "enable ssl_dh and generation of primes for the key exchange.") // { default = true; }; enableDHE = mkEnableOption (lib.mdDoc "enable ssl_dh and generation of primes for the key exchange") // { default = true; };
sieveScripts = mkOption { sieveScripts = mkOption {
type = types.attrsOf types.path; type = types.attrsOf types.path;
@ -310,7 +310,7 @@ in
description = lib.mdDoc "Sieve scripts to be executed. Key is a sequence, e.g. 'before2', 'after' etc."; description = lib.mdDoc "Sieve scripts to be executed. Key is a sequence, e.g. 'before2', 'after' etc.";
}; };
showPAMFailure = mkEnableOption (lib.mdDoc "showing the PAM failure message on authentication error (useful for OTPW)."); showPAMFailure = mkEnableOption (lib.mdDoc "showing the PAM failure message on authentication error (useful for OTPW)");
mailboxes = mkOption { mailboxes = mkOption {
type = with types; coercedTo type = with types; coercedTo
@ -326,7 +326,7 @@ in
description = lib.mdDoc "Configure mailboxes and auto create or subscribe them."; description = lib.mdDoc "Configure mailboxes and auto create or subscribe them.";
}; };
enableQuota = mkEnableOption (lib.mdDoc "the dovecot quota service."); enableQuota = mkEnableOption (lib.mdDoc "the dovecot quota service");
quotaPort = mkOption { quotaPort = mkOption {
type = types.str; type = types.str;

2
nixos/modules/services/misc/atuin.nix
View File

@ -8,7 +8,7 @@ in
{ {
options = { options = {
services.atuin = { services.atuin = {
enable = mkEnableOption (mdDoc "Enable server for shell history sync with atuin."); enable = mkEnableOption (mdDoc "Enable server for shell history sync with atuin");
openRegistration = mkOption { openRegistration = mkOption {
type = types.bool; type = types.bool;

2
nixos/modules/services/misc/input-remapper.nix
View File

@ -6,7 +6,7 @@ let cfg = config.services.input-remapper; in
{ {
options = { options = {
services.input-remapper = { services.input-remapper = {
enable = mkEnableOption (lib.mdDoc "input-remapper, an easy to use tool to change the mapping of your input device buttons."); enable = mkEnableOption (lib.mdDoc "input-remapper, an easy to use tool to change the mapping of your input device buttons");
package = mkPackageOptionMD pkgs "input-remapper" { }; package = mkPackageOptionMD pkgs "input-remapper" { };
enableUdevRules = mkEnableOption (lib.mdDoc "udev rules added by input-remapper to handle hotplugged devices. Currently disabled by default due to https://github.com/sezanzeb/input-remapper/issues/140"); enableUdevRules = mkEnableOption (lib.mdDoc "udev rules added by input-remapper to handle hotplugged devices. Currently disabled by default due to https://github.com/sezanzeb/input-remapper/issues/140");
serviceWantedBy = mkOption { serviceWantedBy = mkOption {

2
nixos/modules/services/misc/sourcehut/default.nix
View File

@ -438,7 +438,7 @@ in
}; };
options."lists.sr.ht" = commonServiceSettings "lists" // { options."lists.sr.ht" = commonServiceSettings "lists" // {
allow-new-lists = mkEnableOption (lib.mdDoc "Allow creation of new lists."); allow-new-lists = mkEnableOption (lib.mdDoc "Allow creation of new lists");
notify-from = mkOption { notify-from = mkOption {
description = lib.mdDoc "Outgoing email for notifications generated by users."; description = lib.mdDoc "Outgoing email for notifications generated by users.";
type = types.str; type = types.str;

2
nixos/modules/services/monitoring/mackerel-agent.nix
View File

@ -11,7 +11,7 @@ in {
# the upstream package runs as root, but doesn't seem to be strictly # the upstream package runs as root, but doesn't seem to be strictly
# necessary for basic functionality # necessary for basic functionality
runAsRoot = mkEnableOption (lib.mdDoc "Whether to run as root."); runAsRoot = mkEnableOption (lib.mdDoc "Whether to run as root");
autoRetirement = mkEnableOption (lib.mdDoc '' autoRetirement = mkEnableOption (lib.mdDoc ''
Whether to automatically retire the host upon OS shutdown. Whether to automatically retire the host upon OS shutdown.

6
nixos/modules/services/monitoring/prometheus/exporters/unpoller.nix
View File

@ -24,9 +24,9 @@ in {
inherit (options.services.unpoller.unifi) controllers; inherit (options.services.unpoller.unifi) controllers;
inherit (options.services.unpoller) loki; inherit (options.services.unpoller) loki;
log = { log = {
debug = mkEnableOption (lib.mdDoc "debug logging including line numbers, high resolution timestamps, per-device logs."); debug = mkEnableOption (lib.mdDoc "debug logging including line numbers, high resolution timestamps, per-device logs");
quiet = mkEnableOption (lib.mdDoc "startup and error logs only."); quiet = mkEnableOption (lib.mdDoc "startup and error logs only");
prometheusErrors = mkEnableOption (lib.mdDoc "emitting errors to prometheus."); prometheusErrors = mkEnableOption (lib.mdDoc "emitting errors to prometheus");
}; };
}; };

4
nixos/modules/services/monitoring/uptime-kuma.nix
View File

@ -11,7 +11,7 @@ in
options = { options = {
services.uptime-kuma = { services.uptime-kuma = {
enable = mkEnableOption (mdDoc "Uptime Kuma, this assumes a reverse proxy to be set."); enable = mkEnableOption (mdDoc "Uptime Kuma, this assumes a reverse proxy to be set");
package = mkOption { package = mkOption {
type = types.package; type = types.package;
@ -20,7 +20,7 @@ in
description = lib.mdDoc "Uptime Kuma package to use."; description = lib.mdDoc "Uptime Kuma package to use.";
}; };
appriseSupport = mkEnableOption (mdDoc "apprise support for notifications."); appriseSupport = mkEnableOption (mdDoc "apprise support for notifications");
settings = lib.mkOption { settings = lib.mkOption {
type = lib.types.submodule { freeformType = with lib.types; attrsOf str; }; type = lib.types.submodule { freeformType = with lib.types; attrsOf str; };

6
nixos/modules/services/network-filesystems/moosefs.nix
View File

@ -85,7 +85,7 @@ in {
description = lib.mdDoc "Run daemons as user moosefs instead of root."; description = lib.mdDoc "Run daemons as user moosefs instead of root.";
}; };
client.enable = mkEnableOption (lib.mdDoc "Moosefs client."); client.enable = mkEnableOption (lib.mdDoc "Moosefs client");
master = { master = {
enable = mkOption { enable = mkOption {
@ -131,7 +131,7 @@ in {
}; };
metalogger = { metalogger = {
enable = mkEnableOption (lib.mdDoc "Moosefs metalogger daemon."); enable = mkEnableOption (lib.mdDoc "Moosefs metalogger daemon");
settings = mkOption { settings = mkOption {
type = types.submodule { type = types.submodule {
@ -149,7 +149,7 @@ in {
}; };
chunkserver = { chunkserver = {
enable = mkEnableOption (lib.mdDoc "Moosefs chunkserver daemon."); enable = mkEnableOption (lib.mdDoc "Moosefs chunkserver daemon");
openFirewall = mkOption { openFirewall = mkOption {
type = types.bool; type = types.bool;

2
nixos/modules/services/networking/blockbook-frontend.nix
View File

@ -10,7 +10,7 @@ let
options = { options = {
enable = mkEnableOption (lib.mdDoc "blockbook-frontend application."); enable = mkEnableOption (lib.mdDoc "blockbook-frontend application");
package = mkOption { package = mkOption {
type = types.package; type = types.package;

2
nixos/modules/services/networking/ssh/sshd.nix
View File

@ -106,7 +106,7 @@ in
(mkRenamedOptionModule [ "services" "openssh" "permitRootLogin" ] [ "services" "openssh" "settings" "PermitRootLogin" ]) (mkRenamedOptionModule [ "services" "openssh" "permitRootLogin" ] [ "services" "openssh" "settings" "PermitRootLogin" ])
(mkRenamedOptionModule [ "services" "openssh" "logLevel" ] [ "services" "openssh" "settings" "LogLevel" ]) (mkRenamedOptionModule [ "services" "openssh" "logLevel" ] [ "services" "openssh" "settings" "LogLevel" ])
(mkRenamedOptionModule [ "services" "openssh" "macs" ] [ "services" "openssh" "settings" "Macs" ]) (mkRenamedOptionModule [ "services" "openssh" "macs" ] [ "services" "openssh" "settings" "Macs" ])
(mkRenamedOptionModule [ "services" "openssh" "cyphers" ] [ "services" "openssh" "settings" "Cyphers" ]) (mkRenamedOptionModule [ "services" "openssh" "ciphers" ] [ "services" "openssh" "settings" "Ciphers" ])
(mkRenamedOptionModule [ "services" "openssh" "kexAlgorithms" ] [ "services" "openssh" "settings" "KexAlgorithms" ]) (mkRenamedOptionModule [ "services" "openssh" "kexAlgorithms" ] [ "services" "openssh" "settings" "KexAlgorithms" ])
(mkRenamedOptionModule [ "services" "openssh" "gatewayPorts" ] [ "services" "openssh" "settings" "GatewayPorts" ]) (mkRenamedOptionModule [ "services" "openssh" "gatewayPorts" ] [ "services" "openssh" "settings" "GatewayPorts" ])
(mkRenamedOptionModule [ "services" "openssh" "forwardX11" ] [ "services" "openssh" "settings" "X11Forwarding" ]) (mkRenamedOptionModule [ "services" "openssh" "forwardX11" ] [ "services" "openssh" "settings" "X11Forwarding" ])

2
nixos/modules/services/security/kanidm.nix
View File

@ -55,7 +55,7 @@ in
options.services.kanidm = { options.services.kanidm = {
enableClient = lib.mkEnableOption (lib.mdDoc "the Kanidm client"); enableClient = lib.mkEnableOption (lib.mdDoc "the Kanidm client");
enableServer = lib.mkEnableOption (lib.mdDoc "the Kanidm server"); enableServer = lib.mkEnableOption (lib.mdDoc "the Kanidm server");
enablePam = lib.mkEnableOption (lib.mdDoc "the Kanidm PAM and NSS integration."); enablePam = lib.mkEnableOption (lib.mdDoc "the Kanidm PAM and NSS integration");
serverSettings = lib.mkOption { serverSettings = lib.mkOption {
type = lib.types.submodule { type = lib.types.submodule {

2
nixos/modules/services/web-apps/cloudlog.nix
View File

@ -68,7 +68,7 @@ let
in in
{ {
options.services.cloudlog = with types; { options.services.cloudlog = with types; {
enable = mkEnableOption (mdDoc "Whether to enable Cloudlog."); enable = mkEnableOption (mdDoc "Whether to enable Cloudlog");
dataDir = mkOption { dataDir = mkOption {
type = str; type = str;
default = "/var/lib/cloudlog"; default = "/var/lib/cloudlog";

2
nixos/modules/services/web-apps/dokuwiki.nix
View File

@ -148,7 +148,7 @@ let
]; ];
options = { options = {
enable = mkEnableOption (lib.mdDoc "DokuWiki web application."); enable = mkEnableOption (lib.mdDoc "DokuWiki web application");
package = mkOption { package = mkOption {
type = types.package; type = types.package;

2
nixos/modules/services/web-apps/galene.nix
View File

@ -12,7 +12,7 @@ in
{ {
options = { options = {
services.galene = { services.galene = {
enable = mkEnableOption (lib.mdDoc "Galene Service."); enable = mkEnableOption (lib.mdDoc "Galene Service");
stateDir = mkOption { stateDir = mkOption {
default = defaultstateDir; default = defaultstateDir;

2
nixos/modules/services/web-apps/hledger-web.nix
View File

@ -7,7 +7,7 @@ in {
enable = mkEnableOption (lib.mdDoc "hledger-web service"); enable = mkEnableOption (lib.mdDoc "hledger-web service");
serveApi = mkEnableOption (lib.mdDoc "Serve only the JSON web API, without the web UI."); serveApi = mkEnableOption (lib.mdDoc "Serve only the JSON web API, without the web UI");
host = mkOption { host = mkOption {
type = types.str; type = types.str;

2
nixos/modules/services/web-apps/jirafeau.nix
View File

@ -36,7 +36,7 @@ in
description = lib.mdDoc "Location of Jirafeau storage directory."; description = lib.mdDoc "Location of Jirafeau storage directory.";
}; };
enable = mkEnableOption (lib.mdDoc "Jirafeau file upload application."); enable = mkEnableOption (lib.mdDoc "Jirafeau file upload application");
extraConfig = mkOption { extraConfig = mkOption {
type = types.lines; type = types.lines;

2
nixos/modules/services/web-apps/limesurvey.nix
View File

@ -32,7 +32,7 @@ in
# interface # interface
options.services.limesurvey = { options.services.limesurvey = {
enable = mkEnableOption (lib.mdDoc "Limesurvey web application."); enable = mkEnableOption (lib.mdDoc "Limesurvey web application");
database = { database = {
type = mkOption { type = mkOption {

1
nixos/modules/services/x11/desktop-managers/plasma5.nix
View File

@ -448,6 +448,7 @@ in
dolphin-plugins dolphin-plugins
ffmpegthumbs ffmpegthumbs
kdegraphics-thumbnailers kdegraphics-thumbnailers
pkgs.kio-admin
kio-extras kio-extras
]; ];
optionalPackages = [ optionalPackages = [

4
nixos/modules/services/x11/extra-layouts.nix
View File

@ -106,9 +106,9 @@ in
description = lib.mdDoc '' description = lib.mdDoc ''
Extra custom layouts that will be included in the xkb configuration. Extra custom layouts that will be included in the xkb configuration.
Information on how to create a new layout can be found here: Information on how to create a new layout can be found here:
[](https://www.x.org/releases/current/doc/xorg-docs/input/XKB-Enhancing.html#Defining_New_Layouts). <https://www.x.org/releases/current/doc/xorg-docs/input/XKB-Enhancing.html#Defining_New_Layouts>.
For more examples see For more examples see
[](https://wiki.archlinux.org/index.php/X_KeyBoard_extension#Basic_examples) <https://wiki.archlinux.org/index.php/X_KeyBoard_extension#Basic_examples>
''; '';
}; };

10
nixos/modules/system/boot/initrd-ssh.nix
View File

@ -128,13 +128,13 @@ in
HostKey ${initrdKeyPath path} HostKey ${initrdKeyPath path}
'')} '')}
KexAlgorithms ${concatStringsSep "," sshdCfg.kexAlgorithms} KexAlgorithms ${concatStringsSep "," sshdCfg.settings.KexAlgorithms}
Ciphers ${concatStringsSep "," sshdCfg.ciphers} Ciphers ${concatStringsSep "," sshdCfg.settings.Ciphers}
MACs ${concatStringsSep "," sshdCfg.macs} MACs ${concatStringsSep "," sshdCfg.settings.Macs}
LogLevel ${sshdCfg.logLevel} LogLevel ${sshdCfg.settings.LogLevel}
${if sshdCfg.useDns then '' ${if sshdCfg.settings.UseDns then ''
UseDNS yes UseDNS yes
'' else '' '' else ''
UseDNS no UseDNS no

2
nixos/modules/system/boot/kernel.nix
View File

@ -20,7 +20,7 @@ in
###### interface ###### interface
options = { options = {
boot.kernel.enable = mkEnableOption (lib.mdDoc "the Linux kernel. This is useful for systemd-like containers which do not require a kernel.") // { boot.kernel.enable = mkEnableOption (lib.mdDoc "the Linux kernel. This is useful for systemd-like containers which do not require a kernel") // {
default = true; default = true;
}; };

13
nixos/modules/system/boot/luksroot.nix
View File

@ -929,7 +929,14 @@ in
++ (if builtins.elem "xts" luks.cryptoModules then ["ecb"] else []); ++ (if builtins.elem "xts" luks.cryptoModules then ["ecb"] else []);
# copy the cryptsetup binary and it's dependencies # copy the cryptsetup binary and it's dependencies
boot.initrd.extraUtilsCommands = mkIf (!config.boot.initrd.systemd.enable) '' boot.initrd.extraUtilsCommands = let
pbkdf2-sha512 = pkgs.runCommandCC "pbkdf2-sha512" { buildInputs = [ pkgs.openssl ]; } ''
mkdir -p "$out/bin"
cc -O3 -lcrypto ${./pbkdf2-sha512.c} -o "$out/bin/pbkdf2-sha512"
strip -s "$out/bin/pbkdf2-sha512"
'';
in
mkIf (!config.boot.initrd.systemd.enable) ''
copy_bin_and_libs ${pkgs.cryptsetup}/bin/cryptsetup copy_bin_and_libs ${pkgs.cryptsetup}/bin/cryptsetup
copy_bin_and_libs ${askPass}/bin/cryptsetup-askpass copy_bin_and_libs ${askPass}/bin/cryptsetup-askpass
sed -i s,/bin/sh,$out/bin/sh, $out/bin/cryptsetup-askpass sed -i s,/bin/sh,$out/bin/sh, $out/bin/cryptsetup-askpass
@ -939,9 +946,7 @@ in
copy_bin_and_libs ${pkgs.yubikey-personalization}/bin/ykinfo copy_bin_and_libs ${pkgs.yubikey-personalization}/bin/ykinfo
copy_bin_and_libs ${pkgs.openssl.bin}/bin/openssl copy_bin_and_libs ${pkgs.openssl.bin}/bin/openssl
cc -O3 -I${pkgs.openssl.dev}/include -L${lib.getLib pkgs.openssl}/lib ${./pbkdf2-sha512.c} -o pbkdf2-sha512 -lcrypto copy_bin_and_libs ${pbkdf2-sha512}/bin/pbkdf2-sha512
strip -s pbkdf2-sha512
copy_bin_and_libs pbkdf2-sha512
mkdir -p $out/etc/ssl mkdir -p $out/etc/ssl
cp -pdv ${pkgs.openssl.out}/etc/ssl/openssl.cnf $out/etc/ssl cp -pdv ${pkgs.openssl.out}/etc/ssl/openssl.cnf $out/etc/ssl

18
nixos/modules/tasks/filesystems/envfs.nix
View File

@ -7,11 +7,11 @@ let
device = "none"; device = "none";
fsType = "envfs"; fsType = "envfs";
options = [ options = [
"fallback-path=${pkgs.runCommand "fallback-path" {} '' "fallback-path=${pkgs.runCommand "fallback-path" {} (''
mkdir -p $out mkdir -p $out
ln -s ${pkgs.coreutils}/bin/env $out/env ln -s ${config.environment.usrbinenv} $out/env
ln -s ${config.system.build.binsh}/bin/sh $out/sh ln -s ${config.environment.binsh} $out/sh
''}" '' + cfg.extraFallbackPathCommands)}"
]; ];
}; };
"/bin" = { "/bin" = {
@ -31,11 +31,19 @@ in {
etc. etc.
''; '';
}; };
package = lib.mkOption { package = lib.mkOption {
type = lib.types.package; type = lib.types.package;
description = lib.mdDoc "Which package to use for the envfs.";
default = pkgs.envfs; default = pkgs.envfs;
defaultText = lib.literalExpression "pkgs.envfs"; defaultText = lib.literalExpression "pkgs.envfs";
description = lib.mdDoc "Which package to use for the envfs.";
};
extraFallbackPathCommands = lib.mkOption {
type = lib.types.lines;
default = "";
example = "ln -s $''{pkgs.bash}/bin/bash $out/bash";
description = lib.mdDoc "Extra commands to run in the package that contains fallback executables in case not other executable is found";
}; };
}; };
}; };

4
pkgs/applications/audio/callaudiod/default.nix
View File

@ -11,14 +11,14 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "callaudiod"; pname = "callaudiod";
version = "0.1.4"; version = "0.1.7";
src = fetchFromGitLab { src = fetchFromGitLab {
domain = "gitlab.com"; domain = "gitlab.com";
owner = "mobian1"; owner = "mobian1";
repo = pname; repo = pname;
rev = version; rev = version;
sha256 = "sha256-71+9ALz55aqxXRBRwOcs9fwiQK31pJ9E72pGRmt0OkE="; sha256 = "sha256-BDEu3ASlnovMK0lQC+CQvpXvtdt33BRntstPAWaAnsg=";
}; };
strictDeps = true; strictDeps = true;

4
pkgs/applications/audio/snapcast/default.nix
View File

@ -9,13 +9,13 @@ assert pulseaudioSupport -> libpulseaudio != null;
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "snapcast"; pname = "snapcast";
version = "0.26.0"; version = "0.27.0";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "badaix"; owner = "badaix";
repo = "snapcast"; repo = "snapcast";
rev = "v${version}"; rev = "v${version}";
sha256 = "sha256-CCifn9OEFM//Hk1PJj8T3MXIV8pXCTdBBXPsHuZwLyQ="; sha256 = "sha256-dlK1xQQqst4VQjioC7MZzqXwMC+JfqtvnD5lrOqGhYI=";
}; };
nativeBuildInputs = [ cmake pkg-config ]; nativeBuildInputs = [ cmake pkg-config ];

6
pkgs/applications/blockchains/erigon/default.nix
View File

@ -2,7 +2,7 @@
let let
pname = "erigon"; pname = "erigon";
version = "2.37.0"; version = "2.38.1";
in in
buildGoModule { buildGoModule {
inherit pname version; inherit pname version;
@ -11,11 +11,11 @@ buildGoModule {
owner = "ledgerwatch"; owner = "ledgerwatch";
repo = pname; repo = pname;
rev = "v${version}"; rev = "v${version}";
sha256 = "sha256-r/mumt/f0wrOsXyEHo/NX0lJGt8zqXEVNC+9DWDkHAM="; sha256 = "sha256-sLJMmSEUQNsodZ9Ms0ipDwN2QOYa9pZTlEqt4CF23Sc=";
fetchSubmodules = true; fetchSubmodules = true;
}; };
vendorSha256 = "sha256-vSJZ1wIx1CiLE04ZBDnQDQqM2v8BBLxw5qbAsixC3/U="; vendorSha256 = "sha256-KESY+PSbWQHPJphop4GnVF4T8Q/MPb2GFDEko0ieXEM=";
proxyVendor = true; proxyVendor = true;
# Build errors in mdbx when format hardening is enabled: # Build errors in mdbx when format hardening is enabled:

28
pkgs/applications/blockchains/torq/default.nix
View File

@ -1,9 +1,10 @@
{ lib { lib
, buildGoModule , buildGoModule
, buildNpmPackage
, fetchFromGitHub , fetchFromGitHub
}: }:
buildGoModule rec { let
pname = "torq"; pname = "torq";
version = "0.17.3"; version = "0.17.3";
@ -14,6 +15,27 @@ buildGoModule rec {
hash = "sha256-fqHJZi1NQCrZqsa+N+FVYZ8s9o0D555Sqn5qNlJ1MmI="; hash = "sha256-fqHJZi1NQCrZqsa+N+FVYZ8s9o0D555Sqn5qNlJ1MmI=";
}; };
web = buildNpmPackage {
pname = "${pname}-frontend";
inherit version;
src = "${src}/web";
npmDepsHash = "sha256-8mUfTFzPjQlQvhC3zZf+WruDBkYnmGt3yckNi0CPWs0=";
# copied from upstream Dockerfile
npmInstallFlags = [ "--legacy-peer-deps" ];
TSX_COMPILE_ON_ERROR="true";
ESLINT_NO_DEV_ERRORS="true";
# override npmInstallHook, we only care about the build/ directory
installPhase = ''
mkdir $out
cp -r build $out/
'';
};
in
buildGoModule rec {
inherit pname version src;
vendorHash = "sha256-HETN2IMnpxnTyg6bQDpoD0saJu+gKocdEf0VzEi12Gs="; vendorHash = "sha256-HETN2IMnpxnTyg6bQDpoD0saJu+gKocdEf0VzEi12Gs=";
subPackages = [ "cmd/torq" ]; subPackages = [ "cmd/torq" ];
@ -24,6 +46,10 @@ buildGoModule rec {
"-X github.com/lncapital/torq/build.version=v${version}" "-X github.com/lncapital/torq/build.version=v${version}"
]; ];
postInstall = ''
ln -s ${web} $out/web
'';
meta = with lib; { meta = with lib; {
description = "Capital management tool for lightning network nodes"; description = "Capital management tool for lightning network nodes";
license = licenses.mit; license = licenses.mit;

4
pkgs/applications/editors/vscode/extensions/default.nix
View File

@ -2580,8 +2580,8 @@ let
mktplcRef = { mktplcRef = {
name = "code-spell-checker"; name = "code-spell-checker";
publisher = "streetsidesoftware"; publisher = "streetsidesoftware";
version = "2.15.0"; version = "2.16.0";
sha256 = "sha256-YfcO/01nO+92xZEJgYyLYAkqXMqfV/QDkcN9Dnjp5ZA="; sha256 = "sha256-Qr4cYAEvAkvvE6KytVeInJzcMQJZqr/e/KPfelVzjUA=";
}; };
meta = with lib; { meta = with lib; {
changelog = "https://marketplace.visualstudio.com/items/streetsidesoftware.code-spell-checker/changelog"; changelog = "https://marketplace.visualstudio.com/items/streetsidesoftware.code-spell-checker/changelog";

10
pkgs/applications/graphics/ImageMagick/6.x.nix
View File

@ -21,6 +21,7 @@
, libde265Support ? true, libde265 , libde265Support ? true, libde265
, fftw , fftw
, ApplicationServices, Foundation , ApplicationServices, Foundation
, testers
}: }:
let let
@ -33,14 +34,14 @@ let
else null; else null;
in in
stdenv.mkDerivation rec { stdenv.mkDerivation (finalAttrs: {
pname = "imagemagick"; pname = "imagemagick";
version = "6.9.12-68"; version = "6.9.12-68";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "ImageMagick"; owner = "ImageMagick";
repo = "ImageMagick6"; repo = "ImageMagick6";
rev = version; rev = finalAttrs.version;
sha256 = "sha256-slQcA0cblxtG/1DiJx5swUh7Kfwgz5HG70eqJFLaQJI="; sha256 = "sha256-slQcA0cblxtG/1DiJx5swUh7Kfwgz5HG70eqJFLaQJI=";
}; };
@ -109,10 +110,13 @@ stdenv.mkDerivation rec {
done done
''; '';
passthru.tests.pkg-config = testers.testMetaPkgConfig finalAttrs.finalPackage;
meta = with lib; { meta = with lib; {
homepage = "https://legacy.imagemagick.org/"; homepage = "https://legacy.imagemagick.org/";
changelog = "https://legacy.imagemagick.org/script/changelog.php"; changelog = "https://legacy.imagemagick.org/script/changelog.php";
description = "A software suite to create, edit, compose, or convert bitmap images"; description = "A software suite to create, edit, compose, or convert bitmap images";
pkgConfigModules = [ "ImageMagick" "MagickWand" ];
platforms = platforms.linux ++ platforms.darwin; platforms = platforms.linux ++ platforms.darwin;
maintainers = with maintainers; [ ]; maintainers = with maintainers; [ ];
license = licenses.asl20; license = licenses.asl20;
@ -137,4 +141,4 @@ stdenv.mkDerivation rec {
"CVE-2022-2719" "CVE-2022-2719"
]; ];
}; };
} })

8
pkgs/applications/graphics/ImageMagick/default.nix
View File

@ -45,14 +45,14 @@ let
else null; else null;
in in
stdenv.mkDerivation rec { stdenv.mkDerivation (finalAttrs: {
pname = "imagemagick"; pname = "imagemagick";
version = "7.1.0-61"; version = "7.1.0-61";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "ImageMagick"; owner = "ImageMagick";
repo = "ImageMagick"; repo = "ImageMagick";
rev = version; rev = finalAttrs.version;
hash = "sha256-g7WeqPpPd1gceU+s+vRDpb41IX1lzpiqh3cAYeFdUlg="; hash = "sha256-g7WeqPpPd1gceU+s+vRDpb41IX1lzpiqh3cAYeFdUlg=";
}; };
@ -126,14 +126,16 @@ stdenv.mkDerivation rec {
passthru.tests = { passthru.tests = {
version = testers.testVersion { package = imagemagick; }; version = testers.testVersion { package = imagemagick; };
inherit (python3.pkgs) img2pdf; inherit (python3.pkgs) img2pdf;
pkg-config = testers.testMetaPkgConfig finalAttrs.finalPackage;
}; };
meta = with lib; { meta = with lib; {
homepage = "http://www.imagemagick.org/"; homepage = "http://www.imagemagick.org/";
description = "A software suite to create, edit, compose, or convert bitmap images"; description = "A software suite to create, edit, compose, or convert bitmap images";
pkgConfigModules = [ "ImageMagick" "MagickWand" ];
platforms = platforms.linux ++ platforms.darwin; platforms = platforms.linux ++ platforms.darwin;
maintainers = with maintainers; [ erictapen dotlambda ]; maintainers = with maintainers; [ erictapen dotlambda ];
license = licenses.asl20; license = licenses.asl20;
mainProgram = "magick"; mainProgram = "magick";
}; };
} })

4
pkgs/applications/graphics/drawio/default.nix
View File

@ -11,11 +11,11 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "drawio"; pname = "drawio";
version = "20.8.10"; version = "20.8.16";
src = fetchurl { src = fetchurl {
url = "https://github.com/jgraph/drawio-desktop/releases/download/v${version}/drawio-x86_64-${version}.rpm"; url = "https://github.com/jgraph/drawio-desktop/releases/download/v${version}/drawio-x86_64-${version}.rpm";
sha256 = "118e9c9a328c92aeeda3c5925c8d8ed50d0993c07715726447ee720699958626"; sha256 = "sha256-FBnyogqf5BHLRInjJzC2dENnAwFcWMHDvJ+F0I3ffVg=";
}; };
nativeBuildInputs = [ nativeBuildInputs = [

18
pkgs/applications/misc/1password-gui/default.nix
View File

@ -9,43 +9,43 @@
let let
pname = "1password"; pname = "1password";
version = if channel == "stable" then "8.9.10" else "8.9.12-4.BETA"; version = if channel == "stable" then "8.9.14" else "8.10.0-20.BETA";
sources = { sources = {
stable = { stable = {
x86_64-linux = { x86_64-linux = {
url = "https://downloads.1password.com/linux/tar/stable/x86_64/1password-${version}.x64.tar.gz"; url = "https://downloads.1password.com/linux/tar/stable/x86_64/1password-${version}.x64.tar.gz";
sha256 = "sha256-aoa00W5zvZQeHKd2Eqyrxl5Z1PwLMHc5lkMUskLiD74="; sha256 = "sha256-rlLzPDPOmzamDnRxuvgrpAW0QrMINw/PsdLxOiBpMnA=";
}; };
aarch64-linux = { aarch64-linux = {
url = "https://downloads.1password.com/linux/tar/stable/aarch64/1password-${version}.arm64.tar.gz"; url = "https://downloads.1password.com/linux/tar/stable/aarch64/1password-${version}.arm64.tar.gz";
sha256 = "sha256-Zt64UGKI3+DayS6XP7jTE+pxv52tUUZbUHiuzjcm1JI="; sha256 = "sha256-hJTqFr6/KOl4C+1oyo/zrnCbqvRQin6HjyLKOppUl/M=";
}; };
x86_64-darwin = { x86_64-darwin = {
url = "https://downloads.1password.com/mac/1Password-${version}-x86_64.zip"; url = "https://downloads.1password.com/mac/1Password-${version}-x86_64.zip";
sha256 = "sha256-sx9eASpMcgkIH1GRzJMqSQa5Y5GJlYU/20CZFyFK+OU="; sha256 = "sha256-3/aiUj+WYZfPItYrYNQKsUSpkRTgOhyb8L5gURt1O74=";
}; };
aarch64-darwin = { aarch64-darwin = {
url = "https://downloads.1password.com/mac/1Password-${version}-aarch64.zip"; url = "https://downloads.1password.com/mac/1Password-${version}-aarch64.zip";
sha256 = "sha256-Z1cEynO9iWZra542CVGmefrTNerMe13OcTAzWXNi8jI="; sha256 = "sha256-n0xqD5WbcC9B6spisa5V7JJRXGZubBwzJFUS8edvz/Q=";
}; };
}; };
beta = { beta = {
x86_64-linux = { x86_64-linux = {
url = "https://downloads.1password.com/linux/tar/beta/x86_64/1password-${version}.x64.tar.gz"; url = "https://downloads.1password.com/linux/tar/beta/x86_64/1password-${version}.x64.tar.gz";
sha256 = "sha256-/WXaLINqLFLft+wrmr+fV0kM9qS5w4etFiGltnzoVdo="; sha256 = "sha256-r2MRyw0dfD3vGnCcPW624K5rSaNSCjTVW4cWFgPAIaY=";
}; };
aarch64-linux = { aarch64-linux = {
url = "https://downloads.1password.com/linux/tar/beta/aarch64/1password-${version}.arm64.tar.gz"; url = "https://downloads.1password.com/linux/tar/beta/aarch64/1password-${version}.arm64.tar.gz";
sha256 = "sha256-Zv9uHkFCZ0flBMAwQBjNhqFWhAXKyHBfZk733hbSag4="; sha256 = "sha256-98sv4yLvLw8J5uQBB66qTV3lRWnyeZiifhEOW7shz8s=";
}; };
x86_64-darwin = { x86_64-darwin = {
url = "https://downloads.1password.com/mac/1Password-${version}-x86_64.zip"; url = "https://downloads.1password.com/mac/1Password-${version}-x86_64.zip";
sha256 = "sha256-Vryk6nMQY+0NIgwJkZ2j3vrxyhrzxbe96jbyoNbPIR0="; sha256 = "sha256-ezHk6OgUsmFfMfsY+yyWqn+6JgHSmpkFWGNCCaBv/Bo=";
}; };
aarch64-darwin = { aarch64-darwin = {
url = "https://downloads.1password.com/mac/1Password-${version}-aarch64.zip"; url = "https://downloads.1password.com/mac/1Password-${version}-aarch64.zip";
sha256 = "sha256-74iOaNkuPRKUsTNNd7UTpy5ahjoMmxiNT84Op5ztRGk="; sha256 = "sha256-JmCrEBucXGPpGbiKOxA8vu6bUVYsavfsYA5QY58Grnw=";
}; };
}; };
}; };

46
pkgs/applications/misc/1password-gui/update.sh Executable file
View File

@ -0,0 +1,46 @@
#!/usr/bin/env nix-shell
#!nix-shell -i bash -p jq
#shellcheck shell=bash
CURRENT_HASH=""
print_hash() {
OS="$1"
CHANNEL="$2"
ARCH="$3"
VERSION="$4"
if [[ "$OS" == "linux" ]]; then
if [[ "$ARCH" == "x86_64" ]]; then
EXT="x64.tar.gz"
else
EXT="arm64.tar.gz"
fi
URL="https://downloads.1password.com/${OS}/tar/${CHANNEL}/${ARCH}/1password-${VERSION}.${EXT}"
else
EXT="$ARCH.zip"
URL="https://downloads.1password.com/${OS}/1Password-${VERSION}-${EXT}"
fi
CURRENT_HASH=$(nix store prefetch-file "$URL" --json | jq -r '.hash')
echo "$CHANNEL ${ARCH}-${OS}: $CURRENT_HASH"
}
if [[ -z "$STABLE_VER" ]]; then
echo "No 'STABLE_VER' environment variable provided, skipping"
else
print_hash "linux" "stable" "x86_64" "$STABLE_VER"
print_hash "linux" "stable" "aarch64" "$STABLE_VER"
print_hash "mac" "stable" "x86_64" "$STABLE_VER"
print_hash "mac" "stable" "aarch64" "$STABLE_VER"
fi
if [[ -z "$BETA_VER" ]]; then
echo "No 'BETA_VER' environment variable provided, skipping"
else
print_hash "linux" "beta" "x86_64" "$BETA_VER"
print_hash "linux" "beta" "aarch64" "$BETA_VER"
print_hash "mac" "beta" "x86_64" "$BETA_VER"
print_hash "mac" "beta" "aarch64" "$BETA_VER"
fi

4
pkgs/applications/misc/cubiomes-viewer/default.nix
View File

@ -9,13 +9,13 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "cubiomes-viewer"; pname = "cubiomes-viewer";
version = "3.0.1"; version = "3.1.0";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "Cubitect"; owner = "Cubitect";
repo = pname; repo = pname;
rev = version; rev = version;
sha256 = "sha256-UPphXaxq/Hnt1U3J+lgwa0lp3vX1B/Ou8eqD9rHe3sw="; sha256 = "sha256-pA+SWktSjgH7lRqK14yJX2ziLoKpxMCpEIh0H6slpxw=";
fetchSubmodules = true; fetchSubmodules = true;
}; };

46
pkgs/applications/misc/gcfflasher/default.nix Normal file
View File

@ -0,0 +1,46 @@
{ lib
, stdenv
, fetchFromGitHub
, pkg-config
, libgpiod
, cmake
}:
stdenv.mkDerivation rec {
pname = "gcfflasher";
version = "4.0.3-beta";
src = fetchFromGitHub {
owner = "dresden-elektronik";
repo = pname;
rev = "refs/tags/v${version}";
hash = "sha256-m+iDBfsHo+PLYd3K8JaKwhIXcnj+Q8w7gIgmHp+0plk=";
};
nativeBuildInputs = [
pkg-config
cmake
];
postPatch = ''
substituteInPlace CMakeLists.txt \
--replace 'main_windows.c' 'main_posix.c'
'';
buildInputs = lib.optionals stdenv.isLinux [
libgpiod
];
installPhase = ''
runHook preInstall
install -Dm0755 GCFFlasher $out/bin/GCFFlasher
runHook postInstall
'';
meta = with lib; {
description = "CFFlasher is the tool to program the firmware of dresden elektronik's Zigbee products";
license = licenses.bsd3;
homepage = "https://github.com/dresden-elektronik/gcfflasher";
maintainers = with maintainers; [ fleaz ];
};
}

4
pkgs/applications/misc/klayout/default.nix
View File

@ -5,13 +5,13 @@
mkDerivation rec { mkDerivation rec {
pname = "klayout"; pname = "klayout";
version = "0.28.4"; version = "0.28.5";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "KLayout"; owner = "KLayout";
repo = "klayout"; repo = "klayout";
rev = "v${version}"; rev = "v${version}";
hash = "sha256-6RIzgC/PA2DqO24vKu+d/+GttufUbIH+k9GZe09M0vM="; hash = "sha256-fjKxQ3oVtnFwzLeeE6kN0jKE5PIfBZubTF54KO+k/DE=";
}; };
postPatch = '' postPatch = ''

6
pkgs/applications/misc/nwg-panel/default.nix
View File

@ -14,13 +14,13 @@
python3Packages.buildPythonApplication rec { python3Packages.buildPythonApplication rec {
pname = "nwg-panel"; pname = "nwg-panel";
version = "0.7.11"; version = "0.7.16";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "nwg-piotr"; owner = "nwg-piotr";
repo = "nwg-panel"; repo = "nwg-panel";
rev = "refs/tags/v${version}"; rev = "refs/tags/v${version}";
sha256 = "sha256-Esr1OPyQCCQIOfgkl6RIn93ZaJkF0O2RM9ObIgBlPi4="; sha256 = "sha256-dwnDrFQZVz6Vxa8bX0gFPBZFQwRJ3+wUy6Rsxvb2dhw=";
}; };
# No tests # No tests
@ -56,6 +56,6 @@ python3Packages.buildPythonApplication rec {
description = "GTK3-based panel for Sway window manager"; description = "GTK3-based panel for Sway window manager";
license = licenses.mit; license = licenses.mit;
platforms = platforms.linux; platforms = platforms.linux;
maintainers = with maintainers; [ berbiche ]; maintainers = with maintainers; [ ];
}; };
} }

6
pkgs/applications/misc/oxker/default.nix
View File

@ -2,14 +2,14 @@
rustPlatform.buildRustPackage rec { rustPlatform.buildRustPackage rec {
pname = "oxker"; pname = "oxker";
version = "0.2.1"; version = "0.2.3";
src = fetchCrate { src = fetchCrate {
inherit pname version; inherit pname version;
sha256 = "sha256-CsfzQN7n/LsNIivJShDG02cHwPktkXl/0udBSPz0i2U="; sha256 = "sha256-J+3wi1nqkxR3ZDfR+F3rvFjUz1DJ7/jhjmcvFdMzWYc=";
}; };
cargoHash = "sha256-FSuhG+ZSQzwj1YB3xs3A1uFWPhwK8FIfVfUY9V/J2Z8="; cargoHash = "sha256-oQPCUm/X2vt6wN5AKhtgq8tzQQrp0H42bBK7Az+I9BE=";
meta = with lib; { meta = with lib; {
description = "A simple tui to view & control docker containers"; description = "A simple tui to view & control docker containers";

8
pkgs/applications/misc/yubioath-flutter/default.nix
View File

@ -10,19 +10,19 @@
}: }:
let let
vendorHashes = { vendorHashes = {
x86_64-linux = "sha256-BwhWA8N0S55XkljDKPNkDhsj0QSpmJJ5MwEnrPjymS8="; x86_64-linux = "sha256-Upe0cEDG02RJD50Ht9VNMwkelsJHX8zOuJZssAhMuMY=";
aarch64-linux = "sha256-T1aGz3+2Sls+rkUVDUo39Ky2igg+dxGSUaf3qpV7ovQ="; aarch64-linux = "sha256-lKER4+gcyFqnCvgBl/qdVBCbUpocWUnXGLXsX82MSy4=";
}; };
in in
flutter.mkFlutterApp rec { flutter.mkFlutterApp rec {
pname = "yubioath-flutter"; pname = "yubioath-flutter";
version = "6.0.2"; version = "6.1.0";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "Yubico"; owner = "Yubico";
repo = "yubioath-flutter"; repo = "yubioath-flutter";
rev = version; rev = version;
sha256 = "13nh5qpq02c6azfdh4cbzhlrq0hs9is45q5z5cnxg84hrx26hd4k"; sha256 = "sha256-N9/qwC79mG9r+zMPLHSPjNSQ+srGtnXuKsf0ijtH7CI=";
}; };
passthru.helper = python3.pkgs.callPackage ./helper.nix { inherit src version meta; }; passthru.helper = python3.pkgs.callPackage ./helper.nix { inherit src version meta; };

41
pkgs/applications/networking/cluster/k3s/1_23/0001-script-download-strip-downloading-just-package-CRD.patch Normal file
View File

@ -0,0 +1,41 @@
From 6f53bd36a40da4c71486e3b79f6e32d53d6eea5d Mon Sep 17 00:00:00 2001
From: Euan Kemp <euank@euank.com>
Date: Thu, 3 Feb 2022 23:50:40 -0800
Subject: [PATCH 2/2] scrips/download: strip downloading, just package CRD
The CRD packaging is a complicated set of commands, so let's reuse it.
---
scripts/download | 10 ++--------
1 file changed, 2 insertions(+), 8 deletions(-)
diff --git a/scripts/download b/scripts/download
index 5effc0562a..82361803ee 100755
--- a/scripts/download
+++ b/scripts/download
@@ -24,12 +24,6 @@ rm -rf ${CONTAINERD_DIR}
mkdir -p ${CHARTS_DIR}
mkdir -p ${DATA_DIR}
-curl --compressed -sfL https://github.com/k3s-io/k3s-root/releases/download/${VERSION_ROOT}/k3s-root-${ARCH}.tar | tar xf - --exclude=bin/socat
-
-git clone --single-branch --branch=${VERSION_RUNC} --depth=1 https://github.com/opencontainers/runc ${RUNC_DIR}
-
-git clone --single-branch --branch=${VERSION_CONTAINERD} --depth=1 https://github.com/k3s-io/containerd ${CONTAINERD_DIR}
-
setup_tmp() {
TMP_DIR=$(mktemp -d --tmpdir=${CHARTS_DIR})
cleanup() {
@@ -44,8 +38,8 @@ setup_tmp() {
download_and_package_traefik () {
echo "Downloading Traefik Helm chart from ${TRAEFIK_URL}"
- curl -sfL ${TRAEFIK_URL} -o ${TMP_DIR}/${TRAEFIK_FILE}
- code=$?
+ # nixpkgs: copy in our known traefik chart instead
+ cp $TRAEFIK_CHART_FILE ${TMP_DIR}/${TRAEFIK_FILE}
if [ $code -ne 0 ]; then
echo "Error: Failed to download Traefik Helm chart!"
--
2.34.1

331
pkgs/applications/networking/cluster/k3s/1_23/default.nix Normal file
View File

@ -0,0 +1,331 @@
{ stdenv
, lib
, makeWrapper
, socat
, iptables
, iproute2
, bridge-utils
, btrfs-progs
, conntrack-tools
, buildGoModule
, runc
, rsync
, kmod
, libseccomp
, pkg-config
, ethtool
, util-linux
, fetchFromGitHub
, fetchurl
, fetchzip
, fetchgit
, zstd
, yq-go
, nixosTests
, k3s
, pkgsBuildBuild
}:
with lib;
# k3s is a kinda weird derivation. One of the main points of k3s is the
# simplicity of it being one binary that can perform several tasks.
# However, when you have a good package manager (like nix), that doesn't
# actually make much of a difference; you don't really care if it's one binary
# or 10 since with a good package manager, installing and running it is
# identical.
# Since upstream k3s packages itself as one large binary with several
# "personalities" (in the form of subcommands like 'k3s agent' and 'k3s
# kubectl'), it ends up being easiest to mostly mimic upstream packaging, with
# some exceptions.
# K3s also carries patches to some packages (such as containerd and cni
# plugins), so we intentionally use the k3s versions of those binaries for k3s,
# even if the upstream version of those binaries exist in nixpkgs already. In
# the end, that means we have a thick k3s binary that behaves like the upstream
# one for the most part.
# However, k3s also bundles several pieces of unpatched software, from the
# strongswan vpn software, to iptables, to socat, conntrack, busybox, etc.
# Those pieces of software we entirely ignore upstream's handling of, and just
# make sure they're in the path if desired.
let
k3sVersion = "1.23.6+k3s1"; # k3s git tag
k3sCommit = "418c3fa858b69b12b9cefbcff0526f666a6236b9"; # k3s git commit at the above version
k3sRepoSha256 = "0fmw491dn5mpi058mr7sij51i5m4qg2grx30cnl3h2v4s0sdkx2i";
k3sVendorSha256 = "sha256-iHg5ySMaiSWXs98YGmxPwdZr4zdBIFma12dNEuf30Hs=";
# taken from ./manifests/traefik.yaml, extracted from '.spec.chart' https://github.com/k3s-io/k3s/blob/v1.23.3%2Bk3s1/scripts/download#L9
# The 'patch' and 'minor' versions are currently hardcoded as single digits only, so ignore the trailing two digits. Weird, I know.
traefikChartVersion = "10.19.3";
traefikChartSha256 = "04zg5li957svgscdmkzmzjkwljaljyav68rzxmhakkwgav6q9058";
# taken from ./scripts/version.sh VERSION_ROOT https://github.com/k3s-io/k3s/blob/v1.23.3%2Bk3s1/scripts/version.sh#L47
k3sRootVersion = "0.11.0";
k3sRootSha256 = "016n56vi09xkvjph7wgzb2m86mhd5x65fs4d11pmh20hl249r620";
# taken from ./scripts/version.sh VERSION_CNIPLUGINS https://github.com/k3s-io/k3s/blob/v1.23.3%2Bk3s1/scripts/version.sh#L45
k3sCNIVersion = "1.0.1-k3s1";
k3sCNISha256 = "11ihlzzdnqf9p21y0a4ckpbxac016nm7746dcykhj26ym9zxyv92";
# taken from go.mod, the 'github.com/containerd/containerd' line
# run `grep github.com/containerd/containerd go.mod | head -n1 | awk '{print $4}'`
containerdVersion = "1.5.11-k3s2";
containerdSha256 = "16132snvrg8r0vwm6c0lz0q6fx686s2ix53nm3aka9a83xs75vf2";
# run `grep github.com/kubernetes-sigs/cri-tools go.mod | head -n1 | awk '{print $4}'` in the k3s repo at the tag
criCtlVersion = "1.22.0-k3s1";
baseMeta = k3s.meta;
# https://github.com/k3s-io/k3s/blob/5fb370e53e0014dc96183b8ecb2c25a61e891e76/scripts/build#L19-L40
versionldflags = [
"-X github.com/rancher/k3s/pkg/version.Version=v${k3sVersion}"
"-X github.com/rancher/k3s/pkg/version.GitCommit=${lib.substring 0 8 k3sCommit}"
"-X k8s.io/client-go/pkg/version.gitVersion=v${k3sVersion}"
"-X k8s.io/client-go/pkg/version.gitCommit=${k3sCommit}"
"-X k8s.io/client-go/pkg/version.gitTreeState=clean"
"-X k8s.io/client-go/pkg/version.buildDate=1970-01-01T01:01:01Z"
"-X k8s.io/component-base/version.gitVersion=v${k3sVersion}"
"-X k8s.io/component-base/version.gitCommit=${k3sCommit}"
"-X k8s.io/component-base/version.gitTreeState=clean"
"-X k8s.io/component-base/version.buildDate=1970-01-01T01:01:01Z"
"-X github.com/kubernetes-sigs/cri-tools/pkg/version.Version=v${criCtlVersion}"
"-X github.com/containerd/containerd/version.Version=v${containerdVersion}"
"-X github.com/containerd/containerd/version.Package=github.com/k3s-io/containerd"
];
# bundled into the k3s binary
traefikChart = fetchurl {
url = "https://helm.traefik.io/traefik/traefik-${traefikChartVersion}.tgz";
sha256 = traefikChartSha256;
};
# so, k3s is a complicated thing to package
# This derivation attempts to avoid including any random binaries from the
# internet. k3s-root is _mostly_ binaries built to be bundled in k3s (which
# we don't care about doing, we can add those as build or runtime
# dependencies using a real package manager).
# In addition to those binaries, it's also configuration though (right now
# mostly strongswan configuration), and k3s does use those files.
# As such, we download it in order to grab 'etc' and bundle it into the final
# k3s binary.
k3sRoot = fetchzip {
# Note: marked as apache 2.0 license
url = "https://github.com/k3s-io/k3s-root/releases/download/v${k3sRootVersion}/k3s-root-amd64.tar";
sha256 = k3sRootSha256;
stripRoot = false;
};
k3sCNIPlugins = buildGoModule rec {
pname = "k3s-cni-plugins";
version = k3sCNIVersion;
vendorSha256 = null;
subPackages = [ "." ];
src = fetchFromGitHub {
owner = "rancher";
repo = "plugins";
rev = "v${version}";
sha256 = k3sCNISha256;
};
postInstall = ''
mv $out/bin/plugins $out/bin/cni
'';
meta = baseMeta // {
description = "CNI plugins, as patched by rancher for k3s";
};
};
# Grab this separately from a build because it's used by both stages of the
# k3s build.
k3sRepo = fetchgit {
url = "https://github.com/k3s-io/k3s";
rev = "v${k3sVersion}";
sha256 = k3sRepoSha256;
};
# Stage 1 of the k3s build:
# Let's talk about how k3s is structured.
# One of the ideas of k3s is that there's the single "k3s" binary which can
# do everything you need, from running a k3s server, to being a worker node,
# to running kubectl.
# The way that actually works is that k3s is a single go binary that contains
# a bunch of bindata that it unpacks at runtime into directories (either the
# user's home directory or /var/lib/rancher if run as root).
# This bindata includes both binaries and configuration.
# In order to let nixpkgs do all its autostripping/patching/etc, we split this into two derivations.
# First, we build all the binaries that get packed into the thick k3s binary
# (and output them from one derivation so they'll all be suitably patched up).
# Then, we bundle those binaries into our thick k3s binary and use that as
# the final single output.
# This approach was chosen because it ensures the bundled binaries all are
# correctly built to run with nix (we can lean on the existing buildGoModule
# stuff), and we can again lean on that tooling for the final k3s binary too.
# Other alternatives would be to manually run the
# strip/patchelf/remove-references step ourselves in the installPhase of the
# derivation when we've built all the binaries, but haven't bundled them in
# with generated bindata yet.
k3sServer = buildGoModule rec {
pname = "k3s-server";
version = k3sVersion;
src = k3sRepo;
vendorSha256 = k3sVendorSha256;
nativeBuildInputs = [ pkg-config ];
buildInputs = [ libseccomp ];
subPackages = [ "cmd/server" ];
ldflags = versionldflags;
# create the multicall symlinks for k3s
postInstall = ''
mv $out/bin/server $out/bin/k3s
pushd $out
# taken verbatim from https://github.com/k3s-io/k3s/blob/v1.23.3%2Bk3s1/scripts/build#L105-L113
ln -s k3s ./bin/k3s-agent
ln -s k3s ./bin/k3s-server
ln -s k3s ./bin/k3s-etcd-snapshot
ln -s k3s ./bin/k3s-secrets-encrypt
ln -s k3s ./bin/k3s-certificate
ln -s k3s ./bin/kubectl
ln -s k3s ./bin/crictl
ln -s k3s ./bin/ctr
popd
'';
meta = baseMeta // {
description = "The various binaries that get packaged into the final k3s binary";
};
};
k3sContainerd = buildGoModule {
pname = "k3s-containerd";
version = containerdVersion;
src = fetchFromGitHub {
owner = "k3s-io";
repo = "containerd";
rev = "v${containerdVersion}";
sha256 = containerdSha256;
};
vendorSha256 = null;
buildInputs = [ btrfs-progs ];
subPackages = [ "cmd/containerd" "cmd/containerd-shim-runc-v2" ];
ldflags = versionldflags;
};
in
buildGoModule rec {
pname = "k3s";
version = k3sVersion;
src = k3sRepo;
vendorSha256 = k3sVendorSha256;
patches = [
./0001-script-download-strip-downloading-just-package-CRD.patch
];
postPatch = ''
# Nix prefers dynamically linked binaries over static binary.
substituteInPlace scripts/package-cli \
--replace '"$LDFLAGS $STATIC" -o' \
'"$LDFLAGS" -o' \
--replace "STATIC=\"-extldflags \'-static\'\"" \
""
# Upstream codegen fails with trimpath set. Removes "trimpath" for 'go generate':
substituteInPlace scripts/package-cli \
--replace '"''${GO}" generate' \
'GOFLAGS="" \
GOOS="${pkgsBuildBuild.go.GOOS}" \
GOARCH="${pkgsBuildBuild.go.GOARCH}" \
CC="${pkgsBuildBuild.stdenv.cc}/bin/cc" \
"''${GO}" generate'
'';
# Important utilities used by the kubelet, see
# https://github.com/kubernetes/kubernetes/issues/26093#issuecomment-237202494
# Note the list in that issue is stale and some aren't relevant for k3s.
k3sRuntimeDeps = [
kmod
socat
iptables
iproute2
bridge-utils
ethtool
util-linux # kubelet wants 'nsenter' from util-linux: https://github.com/kubernetes/kubernetes/issues/26093#issuecomment-705994388
conntrack-tools
];
buildInputs = k3sRuntimeDeps;
nativeBuildInputs = [
makeWrapper
rsync
yq-go
zstd
];
# embedded in the final k3s cli
propagatedBuildInputs = [
k3sCNIPlugins
k3sContainerd
k3sServer
runc
];
# We override most of buildPhase due to peculiarities in k3s's build.
# Specifically, it has a 'go generate' which runs part of the package. See
# this comment:
# https://github.com/NixOS/nixpkgs/pull/158089#discussion_r799965694
# So, why do we use buildGoModule at all? For the `vendorSha256` / `go mod download` stuff primarily.
buildPhase = ''
patchShebangs ./scripts/package-cli ./scripts/download ./scripts/build-upload
# copy needed 'go generate' inputs into place
mkdir -p ./bin/aux
rsync -a --no-perms ${k3sServer}/bin/ ./bin/
ln -vsf ${runc}/bin/runc ./bin/runc
ln -vsf ${k3sCNIPlugins}/bin/cni ./bin/cni
ln -vsf ${k3sContainerd}/bin/* ./bin/
rsync -a --no-perms --chmod u=rwX ${k3sRoot}/etc/ ./etc/
mkdir -p ./build/static/charts
# Note, upstream's chart has a 00 suffix. This seems to not matter though, so we're ignoring that naming detail.
export TRAEFIK_CHART_FILE=${traefikChart}
# place the traefik chart using their code since it's complicated
# We trim the actual download, see patches
./scripts/download
export ARCH=$GOARCH
export DRONE_TAG="v${k3sVersion}"
export DRONE_COMMIT="${k3sCommit}"
# use ./scripts/package-cli to run 'go generate' + 'go build'
./scripts/package-cli
mkdir -p $out/bin
'';
# Otherwise it depends on 'getGoDirs', which is normally set in buildPhase
doCheck = false;
installPhase = ''
# wildcard to match the arm64 build too
install -m 0755 dist/artifacts/k3s* -D $out/bin/k3s
wrapProgram $out/bin/k3s \
--prefix PATH : ${lib.makeBinPath k3sRuntimeDeps} \
--prefix PATH : "$out/bin"
'';
doInstallCheck = true;
installCheckPhase = ''
$out/bin/k3s --version | grep -F "v${k3sVersion}" >/dev/null
'';
# Fix-Me: Needs to be adapted specifically for 1.23
# passthru.updateScript = ./update.sh;
# Fix-Me: Needs to be adapted specifically for 1.23
# passthru.tests = { inherit (nixosTests) k3s-single-node k3s-single-node-docker; };
meta = baseMeta;
}

41
pkgs/applications/networking/cluster/k3s/1_24/0001-script-download-strip-downloading-just-package-CRD.patch Normal file
View File

@ -0,0 +1,41 @@
From 6f53bd36a40da4c71486e3b79f6e32d53d6eea5d Mon Sep 17 00:00:00 2001
From: Euan Kemp <euank@euank.com>
Date: Thu, 3 Feb 2022 23:50:40 -0800
Subject: [PATCH 2/2] scrips/download: strip downloading, just package CRD
The CRD packaging is a complicated set of commands, so let's reuse it.
---
scripts/download | 10 ++--------
1 file changed, 2 insertions(+), 8 deletions(-)
diff --git a/scripts/download b/scripts/download
index 5effc0562a..82361803ee 100755
--- a/scripts/download
+++ b/scripts/download
@@ -24,12 +24,6 @@ rm -rf ${CONTAINERD_DIR}
mkdir -p ${CHARTS_DIR}
mkdir -p ${DATA_DIR}
-curl --compressed -sfL https://github.com/k3s-io/k3s-root/releases/download/${VERSION_ROOT}/k3s-root-${ARCH}.tar | tar xf - --exclude=bin/socat
-
-git clone --single-branch --branch=${VERSION_RUNC} --depth=1 https://github.com/opencontainers/runc ${RUNC_DIR}
-
-git clone --single-branch --branch=${VERSION_CONTAINERD} --depth=1 https://github.com/k3s-io/containerd ${CONTAINERD_DIR}
-
setup_tmp() {
TMP_DIR=$(mktemp -d --tmpdir=${CHARTS_DIR})
cleanup() {
@@ -44,8 +38,8 @@ setup_tmp() {
download_and_package_traefik () {
echo "Downloading Traefik Helm chart from ${TRAEFIK_URL}"
- curl -sfL ${TRAEFIK_URL} -o ${TMP_DIR}/${TRAEFIK_FILE}
- code=$?
+ # nixpkgs: copy in our known traefik chart instead
+ cp $TRAEFIK_CHART_FILE ${TMP_DIR}/${TRAEFIK_FILE}
if [ $code -ne 0 ]; then
echo "Error: Failed to download Traefik Helm chart!"
--
2.34.1

329
pkgs/applications/networking/cluster/k3s/1_24/default.nix Normal file
View File

@ -0,0 +1,329 @@
{ stdenv
, lib
, makeWrapper
, socat
, iptables
, iproute2
, bridge-utils
, btrfs-progs
, conntrack-tools
, buildGoModule
, runc
, rsync
, kmod
, libseccomp
, pkg-config
, ethtool
, util-linux
, fetchFromGitHub
, fetchurl
, fetchzip
, fetchgit
, zstd
, yq-go
, nixosTests
, k3s
, pkgsBuildBuild
}:
# k3s is a kinda weird derivation. One of the main points of k3s is the
# simplicity of it being one binary that can perform several tasks.
# However, when you have a good package manager (like nix), that doesn't
# actually make much of a difference; you don't really care if it's one binary
# or 10 since with a good package manager, installing and running it is
# identical.
# Since upstream k3s packages itself as one large binary with several
# "personalities" (in the form of subcommands like 'k3s agent' and 'k3s
# kubectl'), it ends up being easiest to mostly mimic upstream packaging, with
# some exceptions.
# K3s also carries patches to some packages (such as containerd and cni
# plugins), so we intentionally use the k3s versions of those binaries for k3s,
# even if the upstream version of those binaries exist in nixpkgs already. In
# the end, that means we have a thick k3s binary that behaves like the upstream
# one for the most part.
# However, k3s also bundles several pieces of unpatched software, from the
# strongswan vpn software, to iptables, to socat, conntrack, busybox, etc.
# Those pieces of software we entirely ignore upstream's handling of, and just
# make sure they're in the path if desired.
let
k3sVersion = "1.24.4+k3s1"; # k3s git tag
k3sCommit = "c3f830e9b9ed8a4d9d0e2aa663b4591b923a296e"; # k3s git commit at the above version
k3sRepoSha256 = "00ns6n7jxnacah8ahndhgdb160prgsqhswbb5809kkgvig7k8b27";
k3sVendorSha256 = "sha256-ReZvJCgxqffG2H39JlynGPUBSV5ngPkRtAoZ++OQZZI=";
# taken from ./manifests/traefik.yaml, extracted from '.spec.chart' https://github.com/k3s-io/k3s/blob/v1.23.3%2Bk3s1/scripts/download#L9
# The 'patch' and 'minor' versions are currently hardcoded as single digits only, so ignore the trailing two digits. Weird, I know.
traefikChartVersion = "10.19.3";
traefikChartSha256 = "04zg5li957svgscdmkzmzjkwljaljyav68rzxmhakkwgav6q9058";
# taken from ./scripts/version.sh VERSION_ROOT https://github.com/k3s-io/k3s/blob/v1.23.3%2Bk3s1/scripts/version.sh#L47
k3sRootVersion = "0.11.0";
k3sRootSha256 = "016n56vi09xkvjph7wgzb2m86mhd5x65fs4d11pmh20hl249r620";
# taken from ./scripts/version.sh VERSION_CNIPLUGINS https://github.com/k3s-io/k3s/blob/v1.23.3%2Bk3s1/scripts/version.sh#L45
k3sCNIVersion = "1.1.1-k3s1";
k3sCNISha256 = "14mb3zsqibj1sn338gjmsyksbm0mxv9p016dij7zidccx2rzn6nl";
# taken from go.mod, the 'github.com/containerd/containerd' line
# run `grep github.com/containerd/containerd go.mod | head -n1 | awk '{print $4}'`
containerdVersion = "1.5.13-k3s1";
containerdSha256 = "09bj4ghwbsj9whkv1d5icqs52k64m449j8b73dmak2wz62fbzbvp";
# run `grep github.com/kubernetes-sigs/cri-tools go.mod | head -n1 | awk '{print $4}'` in the k3s repo at the tag
criCtlVersion = "1.24.0-k3s1";
baseMeta = k3s.meta;
# https://github.com/k3s-io/k3s/blob/5fb370e53e0014dc96183b8ecb2c25a61e891e76/scripts/build#L19-L40
versionldflags = [
"-X github.com/rancher/k3s/pkg/version.Version=v${k3sVersion}"
"-X github.com/rancher/k3s/pkg/version.GitCommit=${lib.substring 0 8 k3sCommit}"
"-X k8s.io/client-go/pkg/version.gitVersion=v${k3sVersion}"
"-X k8s.io/client-go/pkg/version.gitCommit=${k3sCommit}"
"-X k8s.io/client-go/pkg/version.gitTreeState=clean"
"-X k8s.io/client-go/pkg/version.buildDate=1970-01-01T01:01:01Z"
"-X k8s.io/component-base/version.gitVersion=v${k3sVersion}"
"-X k8s.io/component-base/version.gitCommit=${k3sCommit}"
"-X k8s.io/component-base/version.gitTreeState=clean"
"-X k8s.io/component-base/version.buildDate=1970-01-01T01:01:01Z"
"-X github.com/kubernetes-sigs/cri-tools/pkg/version.Version=v${criCtlVersion}"
"-X github.com/containerd/containerd/version.Version=v${containerdVersion}"
"-X github.com/containerd/containerd/version.Package=github.com/k3s-io/containerd"
];
# bundled into the k3s binary
traefikChart = fetchurl {
url = "https://helm.traefik.io/traefik/traefik-${traefikChartVersion}.tgz";
sha256 = traefikChartSha256;
};
# so, k3s is a complicated thing to package
# This derivation attempts to avoid including any random binaries from the
# internet. k3s-root is _mostly_ binaries built to be bundled in k3s (which
# we don't care about doing, we can add those as build or runtime
# dependencies using a real package manager).
# In addition to those binaries, it's also configuration though (right now
# mostly strongswan configuration), and k3s does use those files.
# As such, we download it in order to grab 'etc' and bundle it into the final
# k3s binary.
k3sRoot = fetchzip {
# Note: marked as apache 2.0 license
url = "https://github.com/k3s-io/k3s-root/releases/download/v${k3sRootVersion}/k3s-root-amd64.tar";
sha256 = k3sRootSha256;
stripRoot = false;
};
k3sCNIPlugins = buildGoModule rec {
pname = "k3s-cni-plugins";
version = k3sCNIVersion;
vendorSha256 = null;
subPackages = [ "." ];
src = fetchFromGitHub {
owner = "rancher";
repo = "plugins";
rev = "v${version}";
sha256 = k3sCNISha256;
};
postInstall = ''
mv $out/bin/plugins $out/bin/cni
'';
meta = baseMeta // {
description = "CNI plugins, as patched by rancher for k3s";
};
};
# Grab this separately from a build because it's used by both stages of the
# k3s build.
k3sRepo = fetchgit {
url = "https://github.com/k3s-io/k3s";
rev = "v${k3sVersion}";
sha256 = k3sRepoSha256;
};
# Stage 1 of the k3s build:
# Let's talk about how k3s is structured.
# One of the ideas of k3s is that there's the single "k3s" binary which can
# do everything you need, from running a k3s server, to being a worker node,
# to running kubectl.
# The way that actually works is that k3s is a single go binary that contains
# a bunch of bindata that it unpacks at runtime into directories (either the
# user's home directory or /var/lib/rancher if run as root).
# This bindata includes both binaries and configuration.
# In order to let nixpkgs do all its autostripping/patching/etc, we split this into two derivations.
# First, we build all the binaries that get packed into the thick k3s binary
# (and output them from one derivation so they'll all be suitably patched up).
# Then, we bundle those binaries into our thick k3s binary and use that as
# the final single output.
# This approach was chosen because it ensures the bundled binaries all are
# correctly built to run with nix (we can lean on the existing buildGoModule
# stuff), and we can again lean on that tooling for the final k3s binary too.
# Other alternatives would be to manually run the
# strip/patchelf/remove-references step ourselves in the installPhase of the
# derivation when we've built all the binaries, but haven't bundled them in
# with generated bindata yet.
k3sServer = buildGoModule rec {
pname = "k3s-server";
version = k3sVersion;
src = k3sRepo;
vendorSha256 = k3sVendorSha256;
nativeBuildInputs = [ pkg-config ];
buildInputs = [ libseccomp ];
subPackages = [ "cmd/server" ];
ldflags = versionldflags;
# create the multicall symlinks for k3s
postInstall = ''
mv $out/bin/server $out/bin/k3s
pushd $out
# taken verbatim from https://github.com/k3s-io/k3s/blob/v1.23.3%2Bk3s1/scripts/build#L105-L113
ln -s k3s ./bin/k3s-agent
ln -s k3s ./bin/k3s-server
ln -s k3s ./bin/k3s-etcd-snapshot
ln -s k3s ./bin/k3s-secrets-encrypt
ln -s k3s ./bin/k3s-certificate
ln -s k3s ./bin/kubectl
ln -s k3s ./bin/crictl
ln -s k3s ./bin/ctr
popd
'';
meta = baseMeta // {
description = "The various binaries that get packaged into the final k3s binary";
};
};
k3sContainerd = buildGoModule {
pname = "k3s-containerd";
version = containerdVersion;
src = fetchFromGitHub {
owner = "k3s-io";
repo = "containerd";
rev = "v${containerdVersion}";
sha256 = containerdSha256;
};
vendorSha256 = null;
buildInputs = [ btrfs-progs ];
subPackages = [ "cmd/containerd" "cmd/containerd-shim-runc-v2" ];
ldflags = versionldflags;
};
in
buildGoModule rec {
pname = "k3s";
version = k3sVersion;
src = k3sRepo;
vendorSha256 = k3sVendorSha256;
patches = [
./0001-script-download-strip-downloading-just-package-CRD.patch
];
postPatch = ''
# Nix prefers dynamically linked binaries over static binary.
substituteInPlace scripts/package-cli \
--replace '"$LDFLAGS $STATIC" -o' \
'"$LDFLAGS" -o' \
--replace "STATIC=\"-extldflags \'-static\'\"" \
""
# Upstream codegen fails with trimpath set. Removes "trimpath" for 'go generate':
substituteInPlace scripts/package-cli \
--replace '"''${GO}" generate' \
'GOFLAGS="" \
GOOS="${pkgsBuildBuild.go.GOOS}" \
GOARCH="${pkgsBuildBuild.go.GOARCH}" \
CC="${pkgsBuildBuild.stdenv.cc}/bin/cc" \
"''${GO}" generate'
'';
# Important utilities used by the kubelet, see
# https://github.com/kubernetes/kubernetes/issues/26093#issuecomment-237202494
# Note the list in that issue is stale and some aren't relevant for k3s.
k3sRuntimeDeps = [
kmod
socat
iptables
iproute2
bridge-utils
ethtool
util-linux # kubelet wants 'nsenter' from util-linux: https://github.com/kubernetes/kubernetes/issues/26093#issuecomment-705994388
conntrack-tools
];
buildInputs = k3sRuntimeDeps;
nativeBuildInputs = [
makeWrapper
rsync
yq-go
zstd
];
# embedded in the final k3s cli
propagatedBuildInputs = [
k3sCNIPlugins
k3sContainerd
k3sServer
runc
];
# We override most of buildPhase due to peculiarities in k3s's build.
# Specifically, it has a 'go generate' which runs part of the package. See
# this comment:
# https://github.com/NixOS/nixpkgs/pull/158089#discussion_r799965694
# So, why do we use buildGoModule at all? For the `vendorSha256` / `go mod download` stuff primarily.
buildPhase = ''
patchShebangs ./scripts/package-cli ./scripts/download ./scripts/build-upload
# copy needed 'go generate' inputs into place
mkdir -p ./bin/aux
rsync -a --no-perms ${k3sServer}/bin/ ./bin/
ln -vsf ${runc}/bin/runc ./bin/runc
ln -vsf ${k3sCNIPlugins}/bin/cni ./bin/cni
ln -vsf ${k3sContainerd}/bin/* ./bin/
rsync -a --no-perms --chmod u=rwX ${k3sRoot}/etc/ ./etc/
mkdir -p ./build/static/charts
# Note, upstream's chart has a 00 suffix. This seems to not matter though, so we're ignoring that naming detail.
export TRAEFIK_CHART_FILE=${traefikChart}
# place the traefik chart using their code since it's complicated
# We trim the actual download, see patches
./scripts/download
export ARCH=$GOARCH
export DRONE_TAG="v${k3sVersion}"
export DRONE_COMMIT="${k3sCommit}"
# use ./scripts/package-cli to run 'go generate' + 'go build'
./scripts/package-cli
mkdir -p $out/bin
'';
# Otherwise it depends on 'getGoDirs', which is normally set in buildPhase
doCheck = false;
installPhase = ''
# wildcard to match the arm64 build too
install -m 0755 dist/artifacts/k3s* -D $out/bin/k3s
wrapProgram $out/bin/k3s \
--prefix PATH : ${lib.makeBinPath k3sRuntimeDeps} \
--prefix PATH : "$out/bin"
'';
doInstallCheck = true;
installCheckPhase = ''
$out/bin/k3s --version | grep -F "v${k3sVersion}" >/dev/null
'';
# Fix-Me: Needs to be adapted specifically for 1.24
# passthru.updateScript = ./update.sh;
# Fix-Me: Needs to be adapted specifically for 1.24
# passthru.tests = nixosTests.k3s;
meta = baseMeta;
}

41
pkgs/applications/networking/cluster/k3s/1_25/0001-script-download-strip-downloading-just-package-CRD.patch Normal file
View File

@ -0,0 +1,41 @@
From 6f53bd36a40da4c71486e3b79f6e32d53d6eea5d Mon Sep 17 00:00:00 2001
From: Euan Kemp <euank@euank.com>
Date: Thu, 3 Feb 2022 23:50:40 -0800
Subject: [PATCH 2/2] scrips/download: strip downloading, just package CRD
The CRD packaging is a complicated set of commands, so let's reuse it.
---
scripts/download | 10 ++--------
1 file changed, 2 insertions(+), 8 deletions(-)
diff --git a/scripts/download b/scripts/download
index 5effc0562a..82361803ee 100755
--- a/scripts/download
+++ b/scripts/download
@@ -24,12 +24,6 @@ rm -rf ${CONTAINERD_DIR}
mkdir -p ${CHARTS_DIR}
mkdir -p ${DATA_DIR}
-curl --compressed -sfL https://github.com/k3s-io/k3s-root/releases/download/${VERSION_ROOT}/k3s-root-${ARCH}.tar | tar xf - --exclude=bin/socat
-
-git clone --single-branch --branch=${VERSION_RUNC} --depth=1 https://github.com/opencontainers/runc ${RUNC_DIR}
-
-git clone --single-branch --branch=${VERSION_CONTAINERD} --depth=1 https://github.com/k3s-io/containerd ${CONTAINERD_DIR}
-
setup_tmp() {
TMP_DIR=$(mktemp -d --tmpdir=${CHARTS_DIR})
cleanup() {
@@ -44,8 +38,8 @@ setup_tmp() {
download_and_package_traefik () {
echo "Downloading Traefik Helm chart from ${TRAEFIK_URL}"
- curl -sfL ${TRAEFIK_URL} -o ${TMP_DIR}/${TRAEFIK_FILE}
- code=$?
+ # nixpkgs: copy in our known traefik chart instead
+ cp $TRAEFIK_CHART_FILE ${TMP_DIR}/${TRAEFIK_FILE}
if [ $code -ne 0 ]; then
echo "Error: Failed to download Traefik Helm chart!"
--
2.34.1

329
pkgs/applications/networking/cluster/k3s/1_25/default.nix Normal file
View File

@ -0,0 +1,329 @@
{ stdenv
, lib
, makeWrapper
, socat
, iptables
, iproute2
, bridge-utils
, btrfs-progs
, conntrack-tools
, buildGoModule
, runc
, rsync
, kmod
, libseccomp
, pkg-config
, ethtool
, util-linux
, fetchFromGitHub
, fetchurl
, fetchzip
, fetchgit
, zstd
, yq-go
, nixosTests
, pkgsBuildBuild
, k3s
}:
# k3s is a kinda weird derivation. One of the main points of k3s is the
# simplicity of it being one binary that can perform several tasks.
# However, when you have a good package manager (like nix), that doesn't
# actually make much of a difference; you don't really care if it's one binary
# or 10 since with a good package manager, installing and running it is
# identical.
# Since upstream k3s packages itself as one large binary with several
# "personalities" (in the form of subcommands like 'k3s agent' and 'k3s
# kubectl'), it ends up being easiest to mostly mimic upstream packaging, with
# some exceptions.
# K3s also carries patches to some packages (such as containerd and cni
# plugins), so we intentionally use the k3s versions of those binaries for k3s,
# even if the upstream version of those binaries exist in nixpkgs already. In
# the end, that means we have a thick k3s binary that behaves like the upstream
# one for the most part.
# However, k3s also bundles several pieces of unpatched software, from the
# strongswan vpn software, to iptables, to socat, conntrack, busybox, etc.
# Those pieces of software we entirely ignore upstream's handling of, and just
# make sure they're in the path if desired.
let
k3sVersion = "1.25.3+k3s1"; # k3s git tag
k3sCommit = "f2585c1671b31b4b34bddbb3bf4e7d69662b0821"; # k3s git commit at the above version
k3sRepoSha256 = "0zwf3iwjcidx14zw36s1hr0q8wmmbfc0rfqwd7fmpjq597h8zkms";
k3sVendorSha256 = "sha256-U67tJRGqPFk5AfRe7I50zKGC9HJ2oh+iI/C7qF/76BQ=";
# taken from ./manifests/traefik.yaml, extracted from '.spec.chart' https://github.com/k3s-io/k3s/blob/v1.23.3%2Bk3s1/scripts/download#L9
# The 'patch' and 'minor' versions are currently hardcoded as single digits only, so ignore the trailing two digits. Weird, I know.
traefikChartVersion = "12.0.0";
traefikChartSha256 = "1sqmi71fi3ad5dh5fmsp9mv80x6pkgqwi4r9fr8l6i9sdnai6f1a";
# taken from ./scripts/version.sh VERSION_ROOT https://github.com/k3s-io/k3s/blob/v1.23.3%2Bk3s1/scripts/version.sh#L47
k3sRootVersion = "0.11.0";
k3sRootSha256 = "016n56vi09xkvjph7wgzb2m86mhd5x65fs4d11pmh20hl249r620";
# taken from ./scripts/version.sh VERSION_CNIPLUGINS https://github.com/k3s-io/k3s/blob/v1.23.3%2Bk3s1/scripts/version.sh#L45
k3sCNIVersion = "1.1.1-k3s1";
k3sCNISha256 = "14mb3zsqibj1sn338gjmsyksbm0mxv9p016dij7zidccx2rzn6nl";
# taken from go.mod, the 'github.com/containerd/containerd' line
# run `grep github.com/containerd/containerd go.mod | head -n1 | awk '{print $4}'`
containerdVersion = "1.5.13-k3s2";
containerdSha256 = "1pfr2ji4aij9js90gf4a3hqnhyw5hshcjdccm62l700j68gs5z97";
# run `grep github.com/kubernetes-sigs/cri-tools go.mod | head -n1 | awk '{print $4}'` in the k3s repo at the tag
criCtlVersion = "1.25.0-k3s1";
baseMeta = k3s.meta;
# https://github.com/k3s-io/k3s/blob/5fb370e53e0014dc96183b8ecb2c25a61e891e76/scripts/build#L19-L40
versionldflags = [
"-X github.com/rancher/k3s/pkg/version.Version=v${k3sVersion}"
"-X github.com/rancher/k3s/pkg/version.GitCommit=${lib.substring 0 8 k3sCommit}"
"-X k8s.io/client-go/pkg/version.gitVersion=v${k3sVersion}"
"-X k8s.io/client-go/pkg/version.gitCommit=${k3sCommit}"
"-X k8s.io/client-go/pkg/version.gitTreeState=clean"
"-X k8s.io/client-go/pkg/version.buildDate=1970-01-01T01:01:01Z"
"-X k8s.io/component-base/version.gitVersion=v${k3sVersion}"
"-X k8s.io/component-base/version.gitCommit=${k3sCommit}"
"-X k8s.io/component-base/version.gitTreeState=clean"
"-X k8s.io/component-base/version.buildDate=1970-01-01T01:01:01Z"
"-X github.com/kubernetes-sigs/cri-tools/pkg/version.Version=v${criCtlVersion}"
"-X github.com/containerd/containerd/version.Version=v${containerdVersion}"
"-X github.com/containerd/containerd/version.Package=github.com/k3s-io/containerd"
];
# bundled into the k3s binary
traefikChart = fetchurl {
url = "https://helm.traefik.io/traefik/traefik-${traefikChartVersion}.tgz";
sha256 = traefikChartSha256;
};
# so, k3s is a complicated thing to package
# This derivation attempts to avoid including any random binaries from the
# internet. k3s-root is _mostly_ binaries built to be bundled in k3s (which
# we don't care about doing, we can add those as build or runtime
# dependencies using a real package manager).
# In addition to those binaries, it's also configuration though (right now
# mostly strongswan configuration), and k3s does use those files.
# As such, we download it in order to grab 'etc' and bundle it into the final
# k3s binary.
k3sRoot = fetchzip {
# Note: marked as apache 2.0 license
url = "https://github.com/k3s-io/k3s-root/releases/download/v${k3sRootVersion}/k3s-root-amd64.tar";
sha256 = k3sRootSha256;
stripRoot = false;
};
k3sCNIPlugins = buildGoModule rec {
pname = "k3s-cni-plugins";
version = k3sCNIVersion;
vendorSha256 = null;
subPackages = [ "." ];
src = fetchFromGitHub {
owner = "rancher";
repo = "plugins";
rev = "v${version}";
sha256 = k3sCNISha256;
};
postInstall = ''
mv $out/bin/plugins $out/bin/cni
'';
meta = baseMeta // {
description = "CNI plugins, as patched by rancher for k3s";
};
};
# Grab this separately from a build because it's used by both stages of the
# k3s build.
k3sRepo = fetchgit {
url = "https://github.com/k3s-io/k3s";
rev = "v${k3sVersion}";
sha256 = k3sRepoSha256;
};
# Stage 1 of the k3s build:
# Let's talk about how k3s is structured.
# One of the ideas of k3s is that there's the single "k3s" binary which can
# do everything you need, from running a k3s server, to being a worker node,
# to running kubectl.
# The way that actually works is that k3s is a single go binary that contains
# a bunch of bindata that it unpacks at runtime into directories (either the
# user's home directory or /var/lib/rancher if run as root).
# This bindata includes both binaries and configuration.
# In order to let nixpkgs do all its autostripping/patching/etc, we split this into two derivations.
# First, we build all the binaries that get packed into the thick k3s binary
# (and output them from one derivation so they'll all be suitably patched up).
# Then, we bundle those binaries into our thick k3s binary and use that as
# the final single output.
# This approach was chosen because it ensures the bundled binaries all are
# correctly built to run with nix (we can lean on the existing buildGoModule
# stuff), and we can again lean on that tooling for the final k3s binary too.
# Other alternatives would be to manually run the
# strip/patchelf/remove-references step ourselves in the installPhase of the
# derivation when we've built all the binaries, but haven't bundled them in
# with generated bindata yet.
k3sServer = buildGoModule rec {
pname = "k3s-server";
version = k3sVersion;
src = k3sRepo;
vendorSha256 = k3sVendorSha256;
nativeBuildInputs = [ pkg-config ];
buildInputs = [ libseccomp ];
subPackages = [ "cmd/server" ];
ldflags = versionldflags;
# create the multicall symlinks for k3s
postInstall = ''
mv $out/bin/server $out/bin/k3s
pushd $out
# taken verbatim from https://github.com/k3s-io/k3s/blob/v1.23.3%2Bk3s1/scripts/build#L105-L113
ln -s k3s ./bin/k3s-agent
ln -s k3s ./bin/k3s-server
ln -s k3s ./bin/k3s-etcd-snapshot
ln -s k3s ./bin/k3s-secrets-encrypt
ln -s k3s ./bin/k3s-certificate
ln -s k3s ./bin/kubectl
ln -s k3s ./bin/crictl
ln -s k3s ./bin/ctr
popd
'';
meta = baseMeta // {
description = "The various binaries that get packaged into the final k3s binary";
};
};
k3sContainerd = buildGoModule {
pname = "k3s-containerd";
version = containerdVersion;
src = fetchFromGitHub {
owner = "k3s-io";
repo = "containerd";
rev = "v${containerdVersion}";
sha256 = containerdSha256;
};
vendorSha256 = null;
buildInputs = [ btrfs-progs ];
subPackages = [ "cmd/containerd" "cmd/containerd-shim-runc-v2" ];
ldflags = versionldflags;
};
in
buildGoModule rec {
pname = "k3s";
version = k3sVersion;
src = k3sRepo;
vendorSha256 = k3sVendorSha256;
patches = [
./0001-script-download-strip-downloading-just-package-CRD.patch
];
postPatch = ''
# Nix prefers dynamically linked binaries over static binary.
substituteInPlace scripts/package-cli \
--replace '"$LDFLAGS $STATIC" -o' \
'"$LDFLAGS" -o' \
--replace "STATIC=\"-extldflags \'-static\'\"" \
""
# Upstream codegen fails with trimpath set. Removes "trimpath" for 'go generate':
substituteInPlace scripts/package-cli \
--replace '"''${GO}" generate' \
'GOFLAGS="" \
GOOS="${pkgsBuildBuild.go.GOOS}" \
GOARCH="${pkgsBuildBuild.go.GOARCH}" \
CC="${pkgsBuildBuild.stdenv.cc}/bin/cc" \
"''${GO}" generate'
'';
# Important utilities used by the kubelet, see
# https://github.com/kubernetes/kubernetes/issues/26093#issuecomment-237202494
# Note the list in that issue is stale and some aren't relevant for k3s.
k3sRuntimeDeps = [
kmod
socat
iptables
iproute2
bridge-utils
ethtool
util-linux # kubelet wants 'nsenter' from util-linux: https://github.com/kubernetes/kubernetes/issues/26093#issuecomment-705994388
conntrack-tools
];
buildInputs = k3sRuntimeDeps;
nativeBuildInputs = [
makeWrapper
rsync
yq-go
zstd
];
# embedded in the final k3s cli
propagatedBuildInputs = [
k3sCNIPlugins
k3sContainerd
k3sServer
runc
];
# We override most of buildPhase due to peculiarities in k3s's build.
# Specifically, it has a 'go generate' which runs part of the package. See
# this comment:
# https://github.com/NixOS/nixpkgs/pull/158089#discussion_r799965694
# So, why do we use buildGoModule at all? For the `vendorSha256` / `go mod download` stuff primarily.
buildPhase = ''
patchShebangs ./scripts/package-cli ./scripts/download ./scripts/build-upload
# copy needed 'go generate' inputs into place
mkdir -p ./bin/aux
rsync -a --no-perms ${k3sServer}/bin/ ./bin/
ln -vsf ${runc}/bin/runc ./bin/runc
ln -vsf ${k3sCNIPlugins}/bin/cni ./bin/cni
ln -vsf ${k3sContainerd}/bin/* ./bin/
rsync -a --no-perms --chmod u=rwX ${k3sRoot}/etc/ ./etc/
mkdir -p ./build/static/charts
# Note, upstream's chart has a 00 suffix. This seems to not matter though, so we're ignoring that naming detail.
export TRAEFIK_CHART_FILE=${traefikChart}
# place the traefik chart using their code since it's complicated
# We trim the actual download, see patches
./scripts/download
export ARCH=$GOARCH
export DRONE_TAG="v${k3sVersion}"
export DRONE_COMMIT="${k3sCommit}"
# use ./scripts/package-cli to run 'go generate' + 'go build'
./scripts/package-cli
mkdir -p $out/bin
'';
# Otherwise it depends on 'getGoDirs', which is normally set in buildPhase
doCheck = false;
installPhase = ''
# wildcard to match the arm64 build too
install -m 0755 dist/artifacts/k3s* -D $out/bin/k3s
wrapProgram $out/bin/k3s \
--prefix PATH : ${lib.makeBinPath k3sRuntimeDeps} \
--prefix PATH : "$out/bin"
'';
doInstallCheck = true;
installCheckPhase = ''
$out/bin/k3s --version | grep -F "v${k3sVersion}" >/dev/null
'';
# Fix-Me: Needs to be adapted specifically for 1.25
# passthru.updateScript = ./update.sh;
# Fix-Me: Needs to be adapted specifically for 1.25
# passthru.tests = nixosTests.k3s;
meta = baseMeta;
}

0
pkgs/applications/networking/cluster/k3s/chart-versions.nix → pkgs/applications/networking/cluster/k3s/1_26/chart-versions.nix
View File

0
pkgs/applications/networking/cluster/k3s/default.nix → pkgs/applications/networking/cluster/k3s/1_26/default.nix
View File

0
pkgs/applications/networking/cluster/k3s/update.sh → pkgs/applications/networking/cluster/k3s/1_26/update.sh
View File

9
pkgs/applications/networking/cluster/temporal/default.nix
View File

@ -2,16 +2,18 @@
buildGoModule rec { buildGoModule rec {
pname = "temporal"; pname = "temporal";
version = "1.17.5"; version = "1.19.1";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "temporalio"; owner = "temporalio";
repo = "temporal"; repo = "temporal";
rev = "v${version}"; rev = "v${version}";
sha256 = "sha256-u8GyaXpiVZdPDoPAqIa+TY+JQFZeSGOLrUy+e3E4kig="; hash = "sha256-j2+K/ZDDNakofrToxhyA1gh534l3Eq6G/fNXE0ktceY=";
}; };
vendorSha256 = "sha256-MT/BmGTdyEzmXjuwlA6WhLIWlrQz3Wc4Tl5dMI1587Q="; vendorHash = "sha256-KkgyL37VJy1DhfCB5RJpjczBPbzQwt1xsovQ0xCXGr4=";
excludedPackages = [ "./build" ];
CGO_ENABLED = 0; CGO_ENABLED = 0;
@ -26,6 +28,7 @@ buildGoModule rec {
install -Dm755 "$GOPATH/bin/server" -T $out/bin/temporal-server install -Dm755 "$GOPATH/bin/server" -T $out/bin/temporal-server
install -Dm755 "$GOPATH/bin/cassandra" -T $out/bin/temporal-cassandra-tool install -Dm755 "$GOPATH/bin/cassandra" -T $out/bin/temporal-cassandra-tool
install -Dm755 "$GOPATH/bin/sql" -T $out/bin/temporal-sql-tool install -Dm755 "$GOPATH/bin/sql" -T $out/bin/temporal-sql-tool
install -Dm755 "$GOPATH/bin/tdbg" -T $out/bin/tdbg
runHook postInstall runHook postInstall
''; '';

8
pkgs/applications/networking/cluster/terraform-providers/providers.json
View File

@ -812,11 +812,11 @@
"vendorHash": "sha256-LRIfxQGwG988HE5fftGl6JmBG7tTknvmgpm4Fu1NbWI=" "vendorHash": "sha256-LRIfxQGwG988HE5fftGl6JmBG7tTknvmgpm4Fu1NbWI="
}, },
"oci": { "oci": {
"hash": "sha256-L8y00f+57hndpVevliJ2kNqpGeNR2Jv/FHbqkAUIRMI=", "hash": "sha256-ecel4aXOqkPmeOzG5G/D8vmjo2HP9TG+c8H27pCYn2g=",
"homepage": "https://registry.terraform.io/providers/oracle/oci", "homepage": "https://registry.terraform.io/providers/oracle/oci",
"owner": "oracle", "owner": "oracle",
"repo": "terraform-provider-oci", "repo": "terraform-provider-oci",
"rev": "v4.105.0", "rev": "v4.106.0",
"spdx": "MPL-2.0", "spdx": "MPL-2.0",
"vendorHash": null "vendorHash": null
}, },
@ -1091,11 +1091,11 @@
"vendorHash": "sha256-2wPmLpjhG6QgG+BUCO0oIzHjBOWIOYuptgdtSIm9TZw=" "vendorHash": "sha256-2wPmLpjhG6QgG+BUCO0oIzHjBOWIOYuptgdtSIm9TZw="
}, },
"tencentcloud": { "tencentcloud": {
"hash": "sha256-QJUxLwKG3XabACbAvLLKBG9+cmCYRQFpRTWRU6rKwfI=", "hash": "sha256-yVI1f86Gpkwl3jCAs5d54rZS8lM7cjbwWq+HUXwi8EU=",
"homepage": "https://registry.terraform.io/providers/tencentcloudstack/tencentcloud", "homepage": "https://registry.terraform.io/providers/tencentcloudstack/tencentcloud",
"owner": "tencentcloudstack", "owner": "tencentcloudstack",
"repo": "terraform-provider-tencentcloud", "repo": "terraform-provider-tencentcloud",
"rev": "v1.79.7", "rev": "v1.79.8",
"spdx": "MPL-2.0", "spdx": "MPL-2.0",
"vendorHash": null "vendorHash": null
}, },

6
pkgs/applications/networking/cluster/velero/default.nix
View File

@ -2,14 +2,14 @@
buildGoModule rec { buildGoModule rec {
pname = "velero"; pname = "velero";
version = "1.10.0"; version = "1.10.1";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "vmware-tanzu"; owner = "vmware-tanzu";
repo = "velero"; repo = "velero";
rev = "v${version}"; rev = "v${version}";
sha256 = "sha256-PBCTVws5N42q68rKcMLW7GgZvdsQgmdlsKMpJ5bCF00="; sha256 = "sha256-jN45chUeoGJGJWD6Rj6duNE36/QCzPqci8V3h1OHtw4=";
}; };
ldflags = [ ldflags = [
@ -20,7 +20,7 @@ buildGoModule rec {
"-X github.com/vmware-tanzu/velero/pkg/buildinfo.GitSHA=none" "-X github.com/vmware-tanzu/velero/pkg/buildinfo.GitSHA=none"
]; ];
vendorSha256 = "sha256-5Po8TRCE6VP+RcaIJImYjElTMHHS/2JwbrHreeWLxio="; vendorHash = "sha256-mvVwf4w/65L+F6aiTNf2jmJtaT1EpWCQJ6r9NHUUUqQ=";
excludedPackages = [ "issue-template-gen" "release-tools" "v1" "velero-restic-restore-helper" ]; excludedPackages = [ "issue-template-gen" "release-tools" "v1" "velero-restic-restore-helper" ];

4
pkgs/applications/networking/feedreaders/rssguard/default.nix
View File

@ -2,13 +2,13 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "rssguard"; pname = "rssguard";
version = "4.3.1"; version = "4.3.2";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "martinrotter"; owner = "martinrotter";
repo = pname; repo = pname;
rev = version; rev = version;
sha256 = "sha256-hfUtxPGPhPC2VgGLLIaYHlEMpXHAPZ5fkLL0glhyQcY="; sha256 = "sha256-2h9fVah0WZ8X0GsCLtiUWRan1Gkl4WBxuEQ3gx4FFBo=";
}; };
buildInputs = [ qtwebengine qttools ]; buildInputs = [ qtwebengine qttools ];

31
pkgs/applications/networking/instant-messengers/element/keytar/default.nix
View File

@ -1,5 +1,5 @@
{ lib, stdenv, fetchFromGitHub, nodejs, python3, callPackage, removeReferencesTo { lib, stdenv, fetchFromGitHub, nodejs, python3, callPackage, removeReferencesTo
, fixup_yarn_lock, yarn, pkg-config, libsecret, xcbuild, Security, AppKit, fetchYarnDeps }: , pkg-config, libsecret, xcbuild, Security, AppKit, fetchNpmDeps, npmHooks }:
let let
pinData = lib.importJSON ./pin.json; pinData = lib.importJSON ./pin.json;
@ -15,39 +15,26 @@ in stdenv.mkDerivation rec {
sha256 = pinData.srcHash; sha256 = pinData.srcHash;
}; };
nativeBuildInputs = [ nodejs python3 yarn pkg-config ] nativeBuildInputs = [
nodejs python3 pkg-config
npmHooks.npmConfigHook
]
++ lib.optional stdenv.isDarwin xcbuild; ++ lib.optional stdenv.isDarwin xcbuild;
buildInputs = lib.optionals (!stdenv.isDarwin) [ libsecret ] buildInputs = lib.optionals (!stdenv.isDarwin) [ libsecret ]
++ lib.optionals stdenv.isDarwin [ Security AppKit ]; ++ lib.optionals stdenv.isDarwin [ Security AppKit ];
npm_config_nodedir = nodejs; npmDeps = fetchNpmDeps {
inherit src;
yarnOfflineCache = fetchYarnDeps { hash = pinData.npmHash;
yarnLock = ./yarn.lock;
sha256 = pinData.yarnHash;
}; };
buildPhase = ''
runHook preBuild
cp ${./yarn.lock} ./yarn.lock
chmod u+w . ./yarn.lock
export HOME=$PWD/tmp
mkdir -p $HOME
yarn config --offline set yarn-offline-mirror $yarnOfflineCache
${fixup_yarn_lock}/bin/fixup_yarn_lock yarn.lock
yarn install --offline --frozen-lockfile --ignore-platform --ignore-scripts --no-progress --non-interactive
patchShebangs node_modules/
node_modules/.bin/node-gyp rebuild
runHook postBuild
'';
doCheck = false; doCheck = false;
installPhase = '' installPhase = ''
runHook preInstall runHook preInstall
shopt -s extglob shopt -s extglob
rm -rf node_modules rm -rf node_modules
rm -rf $HOME
mkdir -p $out mkdir -p $out
cp -r ./!(build) $out cp -r ./!(build) $out
install -D -t $out/build/Release build/Release/keytar.node install -D -t $out/build/Release build/Release/keytar.node

6
pkgs/applications/networking/instant-messengers/element/keytar/pin.json
View File

@ -1,5 +1,5 @@
{ {
"version": "7.7.0", "version": "7.9.0",
"srcHash": "sd6h+vDJGvmXFhOm4MDAljb4dAOMBB8W1IL7JSfJWyo=", "srcHash": "Mnl0Im2hZJXJEtyXb5rgMntekkUAnOG2MN1bwfgh0eg=",
"yarnHash": "1m75hvl06mcj260hicbmv75p94h73gw5d24zpm5wxwc0q8v8wzfl" "npmHash": "sha256-ldfRWV+HXBdBYO2ZiGbVFSHV4/bMG43U7w+sJ4kpVUY="
} }

8
pkgs/applications/networking/instant-messengers/element/keytar/update.sh
View File

@ -1,5 +1,5 @@
#!/usr/bin/env nix-shell #!/usr/bin/env nix-shell
#!nix-shell -I nixpkgs=../../../../../../ -i bash -p wget prefetch-yarn-deps yarn #!nix-shell -I nixpkgs=../../../../../../ -i bash -p wget prefetch-npm-deps
if [ "$#" -gt 1 ] || [[ "$1" == -* ]]; then if [ "$#" -gt 1 ] || [[ "$1" == -* ]]; then
echo "Regenerates packaging data for the keytar package." echo "Regenerates packaging data for the keytar package."
@ -22,10 +22,8 @@ SRC="https://raw.githubusercontent.com/atom/node-keytar/v$version"
wget "$SRC/package-lock.json" wget "$SRC/package-lock.json"
wget "$SRC/package.json" wget "$SRC/package.json"
rm -f yarn.lock npm_hash=$(prefetch-npm-deps package-lock.json)
yarn import
rm -rf node_modules package.json package-lock.json rm -rf node_modules package.json package-lock.json
yarn_hash=$(prefetch-yarn-deps yarn.lock)
src_hash=$(nix-prefetch-github atom node-keytar --rev v${version} | jq -r .sha256) src_hash=$(nix-prefetch-github atom node-keytar --rev v${version} | jq -r .sha256)
@ -33,6 +31,6 @@ cat > pin.json << EOF
{ {
"version": "$version", "version": "$version",
"srcHash": "$src_hash", "srcHash": "$src_hash",
"yarnHash": "$yarn_hash" "npmHash": "$npm_hash"
} }
EOF EOF

2531
pkgs/applications/networking/instant-messengers/element/keytar/yarn.lock
View File

File diff suppressed because it is too large Load Diff

8
pkgs/applications/networking/instant-messengers/element/seshat/pin.json
View File

@ -1,6 +1,6 @@
{ {
"version": "2.3.0", "version": "2.3.3",
"srcHash": "JyqtM1CCRgxAAdhgQYaIUYPnxEcDrlW1SjDCmsrPL34=", "srcHash": "HmKHWFoO8TQ9S/RcJnJ3h85/2uSkqGrgLnX82hkux4Q=",
"yarnHash": "0bym6i1f0i3bs4fncbiwzwmbxp7j14rz1v4kyvsl02qs97qw1jac", "yarnHash": "1cbkv8ap7f8vxl5brzqb86d2dyxg555sz67cldrp0vgnk8sq6ibp",
"cargoHash": "sha256-EjtH96SC2kgan631+wlu9LStGKm6ljCR4x3/WpCTS0E=" "cargoHash": "sha256-WsgTbQ91aZZV5sIuFVjsccdiXivjtAUC1Zs/4uNk1zU="
} }

59
pkgs/applications/networking/instant-messengers/flare-signal/default.nix Normal file
View File

@ -0,0 +1,59 @@
{ lib
, stdenv
, fetchFromGitLab
, meson
, ninja
, pkg-config
, protobuf
, libsecret
, libadwaita
, rustPlatform
, desktop-file-utils
, wrapGAppsHook4
}:
stdenv.mkDerivation rec {
pname = "flare";
version = "0.6.0";
src = fetchFromGitLab {
domain = "gitlab.com";
owner = "Schmiddiii";
repo = pname;
rev = version;
hash = "sha256-wY95sXWGDjEy8vvP79XliJOn5GQkAvDmOXKmRz0TPEw=";
};
cargoDeps = rustPlatform.fetchCargoTarball {
inherit src;
name = "${pname}-${version}";
hash = "sha256-J3MGQlPYGjhZKH599vfW2WhkXx+Tdr53PviiVpye4R0=";
};
nativeBuildInputs = [
desktop-file-utils # for update-desktop-database
meson
ninja
pkg-config
wrapGAppsHook4
] ++ (with rustPlatform; [
cargoSetupHook
rust.cargo
rust.rustc
]);
buildInputs = [
libadwaita
libsecret
protobuf
];
meta = {
changelog = "https://gitlab.com/Schmiddiii/flare/-/blob/${src.rev}/CHANGELOG.md";
description = "An unofficial Signal GTK client";
homepage = "https://gitlab.com/Schmiddiii/flare";
license = lib.licenses.agpl3Plus;
maintainers = with lib.maintainers; [ dotlambda tomfitzhenry ];
platforms = lib.platforms.linux;
};
}

12
pkgs/applications/networking/instant-messengers/zoom-us/default.nix
View File

@ -48,23 +48,23 @@ let
# and often with different versions. We write them on three lines # and often with different versions. We write them on three lines
# like this (rather than using {}) so that the updater script can # like this (rather than using {}) so that the updater script can
# find where to edit them. # find where to edit them.
versions.aarch64-darwin = "5.13.6.14918"; versions.aarch64-darwin = "5.13.7.15481";
versions.x86_64-darwin = "5.13.6.14918"; versions.x86_64-darwin = "5.13.7.15481";
versions.x86_64-linux = "5.13.5.431"; versions.x86_64-linux = "5.13.7.683";
srcs = { srcs = {
aarch64-darwin = fetchurl { aarch64-darwin = fetchurl {
url = "https://zoom.us/client/${versions.aarch64-darwin}/zoomusInstallerFull.pkg?archType=arm64"; url = "https://zoom.us/client/${versions.aarch64-darwin}/zoomusInstallerFull.pkg?archType=arm64";
name = "zoomusInstallerFull.pkg"; name = "zoomusInstallerFull.pkg";
hash = "sha256-QY9z1bTKtL32HE4XWnBIvCNmDF+3x5N9BdfqJA+24fA="; hash = "sha256-lCg8xCEuZSWnd4fieug9xjudE9q6pNICRsbvA4ATVK8=";
}; };
x86_64-darwin = fetchurl { x86_64-darwin = fetchurl {
url = "https://zoom.us/client/${versions.x86_64-darwin}/zoomusInstallerFull.pkg"; url = "https://zoom.us/client/${versions.x86_64-darwin}/zoomusInstallerFull.pkg";
hash = "sha256-eSPKzxDPXCbME0eTTDlfsI5KM5qRm79JTtnGJvpiS98="; hash = "sha256-jmMpkqUga/KQJfXFbGURcWQudnCKlIi5NGY6LuekjKw=";
}; };
x86_64-linux = fetchurl { x86_64-linux = fetchurl {
url = "https://zoom.us/client/${versions.x86_64-linux}/zoom_x86_64.pkg.tar.xz"; url = "https://zoom.us/client/${versions.x86_64-linux}/zoom_x86_64.pkg.tar.xz";
hash = "sha256-R0IMV/+R7AGFy/ZvNyyvIBv10t1x1U1X6jdHoo6UHKY="; hash = "sha256-1aA3W9eXYhjxr39PoTSAVG7mToFInF7uz8MCiJhk/10=";
}; };
}; };

4
pkgs/applications/networking/mailreaders/thunderbird/packages.nix
View File

@ -5,13 +5,13 @@ rec {
thunderbird-102 = (buildMozillaMach rec { thunderbird-102 = (buildMozillaMach rec {
pname = "thunderbird"; pname = "thunderbird";
version = "102.7.1"; version = "102.7.2";
application = "comm/mail"; application = "comm/mail";
applicationName = "Mozilla Thunderbird"; applicationName = "Mozilla Thunderbird";
binaryName = pname; binaryName = pname;
src = fetchurl { src = fetchurl {
url = "mirror://mozilla/thunderbird/releases/${version}/source/thunderbird-${version}.source.tar.xz"; url = "mirror://mozilla/thunderbird/releases/${version}/source/thunderbird-${version}.source.tar.xz";
sha512 = "6310f3f122a1a61917ec2d0efe3a031b199ac13681e9fb4035abc0f4de0dbafb12accffbd63facb23f2cebf0124a13f7538a33176a2a513d1f685bee40db50ba"; sha512 = "7371079d59cceb47fdd0e9661f79eae7510ab0f5bf8e80c21952dfb5fed3db72279a4ac9d3a3de3617194fb36a9420ae814a69ee19a93ba242d2aa2b921e3010";
}; };
extraPatches = [ extraPatches = [
# The file to be patched is different from firefox's `no-buildconfig-ffx90.patch`. # The file to be patched is different from firefox's `no-buildconfig-ffx90.patch`.

11
pkgs/applications/networking/nextcloud-client/0001-Explicitly-copy-dbus-files-into-the-store-dir.patch
View File

@ -8,18 +8,13 @@ Subject: [PATCH] Explicitly copy dbus files into the store dir
1 file changed, 1 insertion(+), 1 deletion(-) 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/shell_integration/libcloudproviders/CMakeLists.txt b/shell_integration/libcloudproviders/CMakeLists.txt diff --git a/shell_integration/libcloudproviders/CMakeLists.txt b/shell_integration/libcloudproviders/CMakeLists.txt
index 1f35335..7f76951 100644 index 2e7349ef7..512d4b188 100644
--- a/shell_integration/libcloudproviders/CMakeLists.txt --- a/shell_integration/libcloudproviders/CMakeLists.txt
+++ b/shell_integration/libcloudproviders/CMakeLists.txt +++ b/shell_integration/libcloudproviders/CMakeLists.txt
@@ -19,7 +19,7 @@ MACRO(PKGCONFIG_GETVAR _package _var _output_variable) @@ -1,5 +1,6 @@
ENDMACRO(PKGCONFIG_GETVAR _package _var _output_variable)
macro(dbus_add_activation_service _sources) macro(dbus_add_activation_service _sources)
- PKGCONFIG_GETVAR(dbus-1 session_bus_services_dir _install_dir) pkg_get_variable(_install_dir dbus-1 session_bus_services_dir)
+ set(_install_dir "${CMAKE_INSTALL_DATADIR}/dbus-1/service") + set(_install_dir "${CMAKE_INSTALL_DATADIR}/dbus-1/service")
foreach (_i ${_sources}) foreach (_i ${_sources})
get_filename_component(_service_file ${_i} ABSOLUTE) get_filename_component(_service_file ${_i} ABSOLUTE)
string(REGEX REPLACE "\\.service.*$" ".service" _output_file ${_i}) string(REGEX REPLACE "\\.service.*$" ".service" _output_file ${_i})
--
2.19.2

4
pkgs/applications/networking/nextcloud-client/default.nix
View File

@ -26,7 +26,7 @@
mkDerivation rec { mkDerivation rec {
pname = "nextcloud-client"; pname = "nextcloud-client";
version = "3.6.6"; version = "3.7.1";
outputs = [ "out" "dev" ]; outputs = [ "out" "dev" ];
@ -34,7 +34,7 @@ mkDerivation rec {
owner = "nextcloud"; owner = "nextcloud";
repo = "desktop"; repo = "desktop";
rev = "v${version}"; rev = "v${version}";
sha256 = "sha256-P3LSgrcMZZM0OY3yQz8t3Cf5spJJTB+JTIpoT9U3+xc="; sha256 = "sha256-MbxGS1Msb3xCW0z8FrIZEY3XaBa4BmN+JFBkV/Pf79A=";
}; };
patches = [ patches = [

6
pkgs/applications/networking/remote/teamviewer/default.nix
View File

@ -26,11 +26,11 @@ mkDerivation rec {
pname = "teamviewer"; pname = "teamviewer";
# teamviewer itself has not development files but the dev output removes propagated other dev outputs from runtime # teamviewer itself has not development files but the dev output removes propagated other dev outputs from runtime
outputs = [ "out" "dev" ]; outputs = [ "out" "dev" ];
version = "15.35.7"; version = "15.38.3";
src = fetchurl { src = fetchurl {
url = "https://dl.tvcdn.de/download/linux/version_15x/teamviewer_${version}_amd64.deb"; url = "https://dl.tvcdn.de/download/linux/version_${lib.versions.major version}x/teamviewer_${version}_amd64.deb";
sha256 = "sha256-KNUhe0c6Th2pW7+Lmo62FYdOv+8t7Z5/eQkYPN8eusc="; sha256 = "sha256-+GGpGV8rl15VQvPRA2PWngQI4VoxCrZ0ArEm9FgdOVE=";
}; };
unpackPhase = '' unpackPhase = ''

19
pkgs/applications/networking/sniffnet/default.nix
View File

@ -1,9 +1,11 @@
{ lib { lib
, rustPlatform , rustPlatform
, fetchCrate , fetchFromGitHub
, pkg-config , pkg-config
, libpcap , libpcap
, stdenv , stdenv
, alsa-lib
, expat
, fontconfig , fontconfig
, libGL , libGL
, xorg , xorg
@ -12,20 +14,24 @@
rustPlatform.buildRustPackage rec { rustPlatform.buildRustPackage rec {
pname = "sniffnet"; pname = "sniffnet";
version = "1.0.1"; version = "1.1.0";
src = fetchCrate { src = fetchFromGitHub {
inherit pname version; owner = "gyulyvgc";
sha256 = "sha256-8K774j04BOEuJjnFYjaSctPwBrKYYKqjFS2+PyxJ2FM="; repo = "sniffnet";
rev = "v${version}";
hash = "sha256-zqk0N1S0vylleyyXaSflIZyWncZV0+wbSy1oAbyLx/4=";
}; };
cargoSha256 = "sha256-096i4wDdoJCICd0L2QNY+7cKHQnijK22zj4XaQNuko8="; cargoHash = "sha256-9CTA7Yh2O5S8DvRjwvkrb4ye0/8f+l0tsTxNBMmxLpQ=";
nativeBuildInputs = [ pkg-config ]; nativeBuildInputs = [ pkg-config ];
buildInputs = [ buildInputs = [
libpcap libpcap
] ++ lib.optionals stdenv.isLinux [ ] ++ lib.optionals stdenv.isLinux [
alsa-lib
expat
fontconfig fontconfig
libGL libGL
xorg.libX11 xorg.libX11
@ -34,6 +40,7 @@ rustPlatform.buildRustPackage rec {
xorg.libXrandr xorg.libXrandr
] ++ lib.optionals stdenv.isDarwin [ ] ++ lib.optionals stdenv.isDarwin [
darwin.apple_sdk.frameworks.AppKit darwin.apple_sdk.frameworks.AppKit
rustPlatform.bindgenHook
]; ];
postFixup = lib.optionalString stdenv.isLinux '' postFixup = lib.optionalString stdenv.isLinux ''

4
pkgs/applications/radio/hackrf/default.nix
View File

@ -2,13 +2,13 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "hackrf"; pname = "hackrf";
version = "2022.09.1"; version = "2023.01.1";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "greatscottgadgets"; owner = "greatscottgadgets";
repo = "hackrf"; repo = "hackrf";
rev = "v${version}"; rev = "v${version}";
sha256 = "sha256-c+9DEMxioIbEDNTdLSOnxX1zpFk07K9rlGP9goEJMlU="; sha256 = "sha256-zvSSCNtqHOZVlrBggjgxEyUTqTiAIAhdzUkm4Pm9b3k=";
}; };
nativeBuildInputs = [ nativeBuildInputs = [

10
pkgs/applications/radio/soapysdr/default.nix
View File

@ -5,7 +5,8 @@
, python ? null , python ? null
, ncurses, swig2 , ncurses, swig2
, extraPackages ? [] , extraPackages ? []
} : , testers
}:
let let
@ -14,7 +15,7 @@ let
modulesPath = "lib/SoapySDR/modules" + modulesVersion; modulesPath = "lib/SoapySDR/modules" + modulesVersion;
extraPackagesSearchPath = lib.makeSearchPath modulesPath extraPackages; extraPackagesSearchPath = lib.makeSearchPath modulesPath extraPackages;
in stdenv.mkDerivation { in stdenv.mkDerivation (finalAttrs: {
pname = "soapysdr"; pname = "soapysdr";
inherit version; inherit version;
@ -58,12 +59,15 @@ in stdenv.mkDerivation {
done done
''; '';
passthru.tests.pkg-config = testers.testMetaPkgConfig finalAttrs.finalPackage;
meta = with lib; { meta = with lib; {
homepage = "https://github.com/pothosware/SoapySDR"; homepage = "https://github.com/pothosware/SoapySDR";
description = "Vendor and platform neutral SDR support library"; description = "Vendor and platform neutral SDR support library";
license = licenses.boost; license = licenses.boost;
maintainers = with maintainers; [ markuskowa ]; maintainers = with maintainers; [ markuskowa ];
mainProgram = "SoapySDRUtil"; mainProgram = "SoapySDRUtil";
pkgConfigModules = [ "SoapySDR" ];
platforms = platforms.unix; platforms = platforms.unix;
}; };
} })

2
pkgs/applications/science/math/bliss/default.nix
View File

@ -32,6 +32,6 @@ stdenv.mkDerivation rec {
description = "An open source tool for computing automorphism groups and canonical forms of graphs. It has both a command line user interface as well as C++ and C programming language APIs"; description = "An open source tool for computing automorphism groups and canonical forms of graphs. It has both a command line user interface as well as C++ and C programming language APIs";
homepage = "http://www.tcs.hut.fi/Software/bliss/"; homepage = "http://www.tcs.hut.fi/Software/bliss/";
license = licenses.lgpl3; license = licenses.lgpl3;
platforms = [ "i686-linux" "x86_64-linux" ]; platforms = [ "i686-linux" "x86_64-linux" "aarch64-linux" ];
}; };
} }

4
pkgs/applications/science/math/polymake/default.nix
View File

@ -25,13 +25,13 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "polymake"; pname = "polymake";
version = "4.8"; version = "4.9";
src = fetchurl { src = fetchurl {
# "The minimal version is a packager friendly version which omits # "The minimal version is a packager friendly version which omits
# the bundled sources of cdd, lrs, libnormaliz, nauty and jReality." # the bundled sources of cdd, lrs, libnormaliz, nauty and jReality."
url = "https://polymake.org/lib/exe/fetch.php/download/polymake-${version}-minimal.tar.bz2"; url = "https://polymake.org/lib/exe/fetch.php/download/polymake-${version}-minimal.tar.bz2";
sha256 = "sha256-GfsAypJBpHwpvoEl/IzJ1gQfeMcYwB7oNe01xWJ+86w="; sha256 = "sha256-BMkLgms6JsWmPhi+MZv/Eqie8BKL+KaPtk3xBZSyWfM=";
}; };
nativeBuildInputs = [ nativeBuildInputs = [

4
pkgs/applications/science/molecular-dynamics/gromacs/default.nix
View File

@ -19,11 +19,11 @@ let
in stdenv.mkDerivation rec { in stdenv.mkDerivation rec {
pname = "gromacs"; pname = "gromacs";
version = "2022.4"; version = "2023";
src = fetchurl { src = fetchurl {
url = "ftp://ftp.gromacs.org/pub/gromacs/gromacs-${version}.tar.gz"; url = "ftp://ftp.gromacs.org/pub/gromacs/gromacs-${version}.tar.gz";
sha256 = "sha256-xRG+YC/ylAIGW1CQaEHe+YdSY5uSqV8bChBg2bXicpc="; sha256 = "sha256-rJLG2nL7vMpBT9io2Xnlbs8XxMHNq+0tpc+05yd7e6g=";
}; };
nativeBuildInputs = [ cmake ]; nativeBuildInputs = [ cmake ];

6
pkgs/applications/version-management/gfold/default.nix
View File

@ -12,7 +12,7 @@
let let
pname = "gfold"; pname = "gfold";
version = "4.2.0"; version = "4.3.0";
in in
rustPlatform.buildRustPackage { rustPlatform.buildRustPackage {
inherit pname version; inherit pname version;
@ -21,10 +21,10 @@ rustPlatform.buildRustPackage {
owner = "nickgerace"; owner = "nickgerace";
repo = pname; repo = pname;
rev = version; rev = version;
sha256 = "sha256-cH4FhXrdT0ejpyt8G2rSGw9WE9sfOXRkSA9+FVwRmtQ="; sha256 = "sha256-yvMp5x1uiJGkWHnwfONx4pVotSSE6sTW4uqWpI2AFXg=";
}; };
cargoSha256 = "sha256-NmVmqBzRUdumWQ9MzolZTo0VQW9JTjIyYRwUTzGiQZ4="; cargoHash = "sha256-MBWaNjs840twU9SQLvgVcXTT0RN2QJ7PiaAohiiQu3s=";
buildInputs = lib.optionals stdenv.isDarwin [ libiconv Security ]; buildInputs = lib.optionals stdenv.isDarwin [ libiconv Security ];

6
pkgs/applications/version-management/gh/default.nix
View File

@ -2,16 +2,16 @@
buildGoModule rec { buildGoModule rec {
pname = "gh"; pname = "gh";
version = "2.22.1"; version = "2.23.0";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "cli"; owner = "cli";
repo = "cli"; repo = "cli";
rev = "v${version}"; rev = "v${version}";
hash = "sha256-TREy2pzVAHClwbryfEgX2WqtQ8+RmJtCNrESeaHDHMs="; hash = "sha256-91TmPIjFOCeZmbobn3mIJis5qofJFmNGuX19+Cyo8Ck=";
}; };
vendorHash = "sha256-OjTl43UQGGHqCrw0kMBShuS8aonjWczfzQGmGJLhdrU="; vendorHash = "sha256-NiXC0ooUkAqFCLp3eRBpryazQU94gSnw0gYFwQNeCo4=";
nativeBuildInputs = [ installShellFiles ]; nativeBuildInputs = [ installShellFiles ];

4
pkgs/applications/version-management/git-machete/default.nix
View File

@ -12,13 +12,13 @@
buildPythonApplication rec { buildPythonApplication rec {
pname = "git-machete"; pname = "git-machete";
version = "3.14.3"; version = "3.15.0";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "virtuslab"; owner = "virtuslab";
repo = pname; repo = pname;
rev = "v${version}"; rev = "v${version}";
hash = "sha256-VOny8r00JYUT4Z7LukvWTH9ZTn86vn2Dc1YhPmtdE5s="; hash = "sha256-HSgCvHjSOrMPsdOPtgFUeK6b0ioVnwTtg2oHGg4BrZw=";
}; };
nativeBuildInputs = [ installShellFiles ]; nativeBuildInputs = [ installShellFiles ];

6
pkgs/applications/version-management/glab/default.nix
View File

@ -2,16 +2,16 @@
buildGoModule rec { buildGoModule rec {
pname = "glab"; pname = "glab";
version = "1.24.1"; version = "1.25.3";
src = fetchFromGitLab { src = fetchFromGitLab {
owner = "gitlab-org"; owner = "gitlab-org";
repo = "cli"; repo = "cli";
rev = "v${version}"; rev = "v${version}";
sha256 = "sha256-CUchYPMBTINkMJg8TC8rKMVkrcj/Gy+ZxV7jbtMFvpg="; hash = "sha256-x/VH6cRrJZ2t2iftBPC86FcgIwjRNzV11MwLG2y+Paw=";
}; };
vendorSha256 = "sha256-NuK63ibb1t+HnSR/gCFS7HWVtfGLazVx2M+qxRNCR1I="; vendorHash = "sha256-FZ1CiR8Rj/sMoCnQm6ArGQfRTlvmD14EZDmufnlTSTk=";
ldflags = [ ldflags = [
"-s" "-s"

10
pkgs/applications/version-management/sourcehut/default.nix
View File

@ -2,6 +2,7 @@
, callPackage , callPackage
, recurseIntoAttrs , recurseIntoAttrs
, nixosTests , nixosTests
, config
}: }:
# To expose the *srht modules, they have to be a python module so we use `buildPythonModule` # To expose the *srht modules, they have to be a python module so we use `buildPythonModule`
@ -28,12 +29,10 @@ let
}; };
}; };
in in
with python.pkgs; recurseIntoAttrs { with python.pkgs; recurseIntoAttrs ({
inherit python; inherit python;
coresrht = toPythonApplication srht; coresrht = toPythonApplication srht;
buildsrht = toPythonApplication buildsrht; buildsrht = toPythonApplication buildsrht;
# Added 2022-10-29
dispatchsrht = throw "dispatch is deprecated. See https://sourcehut.org/blog/2022-08-01-dispatch-deprecation-plans/ for more information.";
gitsrht = toPythonApplication gitsrht; gitsrht = toPythonApplication gitsrht;
hgsrht = toPythonApplication hgsrht; hgsrht = toPythonApplication hgsrht;
hubsrht = toPythonApplication hubsrht; hubsrht = toPythonApplication hubsrht;
@ -46,4 +45,7 @@ with python.pkgs; recurseIntoAttrs {
passthru.tests = { passthru.tests = {
nixos-sourcehut = nixosTests.sourcehut; nixos-sourcehut = nixosTests.sourcehut;
}; };
} } // lib.optionalAttrs config.allowAliases {
# Added 2022-10-29
dispatchsrht = throw "dispatch is deprecated. See https://sourcehut.org/blog/2022-08-01-dispatch-deprecation-plans/ for more information.";
})

354
pkgs/applications/video/handbrake/default.nix
View File

@ -25,7 +25,7 @@
, numactl , numactl
, writeText , writeText
# Processing, video codecs, containers # Processing, video codecs, containers
, ffmpeg-full , ffmpeg_5-full
, nv-codec-headers , nv-codec-headers
, libogg , libogg
, x264 , x264
@ -34,6 +34,7 @@
, libtheora , libtheora
, dav1d , dav1d
, zimg , zimg
, svt-av1
# Codecs, audio # Codecs, audio
, libopus , libopus
, lame , lame
@ -84,57 +85,55 @@
}: }:
let let
version = "1.5.1"; version = "1.6.1";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "HandBrake"; owner = "HandBrake";
repo = "HandBrake"; repo = "HandBrake";
rev = version; rev = version;
sha256 = "1kk11zl1mk37d4cvbc75gfndmma7vy3vkp4gmkyl92kiz6zadhyy"; sha256 = "sha256-0MJ1inMNA6s8l2S0wnpM2c7FxOoOHxs9u4E/rgKfjJo=";
}; };
# Handbrake maintains a set of ffmpeg patches. In particular, these # Handbrake maintains a set of ffmpeg patches. In particular, these
# patches are required for subtitle timing to work correctly. See: # patches are required for subtitle timing to work correctly. See:
# https://github.com/HandBrake/HandBrake/issues/4029 # https://github.com/HandBrake/HandBrake/issues/4029
ffmpeg-version = "4.4.1"; ffmpeg-version = "5.1.1";
ffmpeg-hb = (ffmpeg-full.override { withSdl2 = false; }).overrideAttrs (old: { ffmpeg-hb = ffmpeg_5-full.overrideAttrs (old: {
version = ffmpeg-version; version = ffmpeg-version;
src = fetchurl { src = fetchurl {
url = "https://www.ffmpeg.org/releases/ffmpeg-${ffmpeg-version}.tar.bz2"; url = "https://www.ffmpeg.org/releases/ffmpeg-${ffmpeg-version}.tar.bz2";
hash = "sha256-j8nyCsXtlRFanihWR63Q7t1cwamKA5raFMEyRS+YrEI="; hash = "sha256-zQ4W+QNCEmbVzN3t97g7nldUrvS596fwbOnkyALwVFs=";
}; };
patches = old.patches or [] ++ [ patches = old.patches or [ ] ++ [
"${src}/contrib/ffmpeg/A01-qsv-scale-fix-green-stripes.patch" "${src}/contrib/ffmpeg/A01-qsv-libavfilter-qsvvpp-change-the-output-frame-s-width-a.patch"
"${src}/contrib/ffmpeg/A02-qsv-interpolation.patch" "${src}/contrib/ffmpeg/A02-qsv-configure-ensure-enable-libmfx-uses-libmfx-1.x.patch"
"${src}/contrib/ffmpeg/A03-qsv-dx11-ffmpeg44.patch" "${src}/contrib/ffmpeg/A03-qsv-configure-fix-the-check-for-MFX_CODEC_VP9.patch"
"${src}/contrib/ffmpeg/A04-configure-ensure-the-right-libmfx-version-is-used-wh.patch" "${src}/contrib/ffmpeg/A04-qsv-remove-mfx-prefix-from-mfx-headers.patch"
"${src}/contrib/ffmpeg/A05-qsv-add-includedir-mfx-to-the-search-path-for-old-ve.patch" "${src}/contrib/ffmpeg/A05-qsv-load-user-plugin-for-MFX_VERSION-2.0.patch"
"${src}/contrib/ffmpeg/A06-qsv-load-user-plugin-for-MFX_VERSION-2.0.patch" "${src}/contrib/ffmpeg/A06-qsv-build-audio-related-code-when-MFX_VERSION-2.0.patch"
"${src}/contrib/ffmpeg/A07-qsv-build-audio-related-code-when-MFX_VERSION-2.0.patch" "${src}/contrib/ffmpeg/A07-qsvenc-support-multi-frame-encode-when-MFX_VERSION-2.patch"
"${src}/contrib/ffmpeg/A08-qsvenc-don-t-support-multi-frame-encode-when-MFX_VER.patch" "${src}/contrib/ffmpeg/A08-qsvenc-support-MFX_RATECONTROL_LA_EXT-when-MFX_VERSI.patch"
"${src}/contrib/ffmpeg/A09-qsvenc-don-t-support-MFX_RATECONTROL_LA_EXT-when-MFX.patch" "${src}/contrib/ffmpeg/A09-qsv-support-OPAQUE-memory-when-MFX_VERSION-2.0.patch"
"${src}/contrib/ffmpeg/A10-qsv-don-t-support-OPAQUE-memory-when-MFX_VERSION-2.0.patch" "${src}/contrib/ffmpeg/A10-qsv-configure-add-enable-libvpl-option.patch"
"${src}/contrib/ffmpeg/A11-qsv-opaque-deinterlace.patch" "${src}/contrib/ffmpeg/A11-qsv-use-a-new-method-to-create-mfx-session-when-usin.patch"
"${src}/contrib/ffmpeg/A12-qsv-opaque-vpp.patch" "${src}/contrib/ffmpeg/A12-qsv-fix-decode-10bit-hdr.patch"
"${src}/contrib/ffmpeg/A13-qsv-opaque-hwcontext_qsv.patch" "${src}/contrib/ffmpeg/A13-mov-read-name-track-tag-written-by-movenc.patch"
"${src}/contrib/ffmpeg/A14-configure-check-mfxdefs.h-instead-of-mfxvp9.h-for-MF.patch" "${src}/contrib/ffmpeg/A14-movenc-write-3gpp-track-titl-tag.patch"
"${src}/contrib/ffmpeg/A15-configure-allow-user-to-build-FFmpeg-against-oneVPL.patch" "${src}/contrib/ffmpeg/A15-mov-read-3gpp-udta-tags.patch"
"${src}/contrib/ffmpeg/A16-qsv-add-macro-QSV_ONEVPL-for-the-oneVPL-SDK.patch" "${src}/contrib/ffmpeg/A16-movenc-write-3gpp-track-names-tags-for-all-available.patch"
"${src}/contrib/ffmpeg/A17-qsv-use-a-new-method-to-create-mfx-session-when-usin.patch" "${src}/contrib/ffmpeg/A17-FFmpeg-devel-amfenc-Add-support-for-pict_type-field.patch"
"${src}/contrib/ffmpeg/A18-qsv-new-method-hwcontext_qsv.patch" "${src}/contrib/ffmpeg/A18-dvdsubdec-fix-processing-of-partial-packets.patch"
"${src}/contrib/ffmpeg/A19-qsv-fix-session-for-d3d11-device.patch" "${src}/contrib/ffmpeg/A19-ccaption_dec-return-number-of-bytes-used.patch"
"${src}/contrib/ffmpeg/A20-mov-read-name-track-tag-written-by-movenc.patch" "${src}/contrib/ffmpeg/A20-dvdsubdec-return-number-of-bytes-used.patch"
"${src}/contrib/ffmpeg/A21-movenc-write-3gpp-track-titl-tag.patch" "${src}/contrib/ffmpeg/A21-dvdsubdec-use-pts-of-initial-packet.patch"
"${src}/contrib/ffmpeg/A22-mov-read-3gpp-udta-tags.patch" "${src}/contrib/ffmpeg/A22-matroskaenc-aac-extradata-updated.patch"
"${src}/contrib/ffmpeg/A23-movenc-write-3gpp-track-names-tags-for-all-available.patch" "${src}/contrib/ffmpeg/A23-ccaption_dec-fix-pts-in-real_time-mode.patch"
"${src}/contrib/ffmpeg/A24-FFmpeg-devel-amfenc-Add-support-for-pict_type-field.patch" "${src}/contrib/ffmpeg/A24-fix-eac3-dowmix.patch"
"${src}/contrib/ffmpeg/A25-dvdsubdec-fix-processing-of-partial-packets.patch" "${src}/contrib/ffmpeg/A25-enable-truehd-pass.patch"
"${src}/contrib/ffmpeg/A26-ccaption_dec-return-number-of-bytes-used.patch" "${src}/contrib/ffmpeg/A26-Update-the-min-version-to-1.4.23.0-for-AMF-SDK.patch"
"${src}/contrib/ffmpeg/A27-dvdsubdec-return-number-of-bytes-used.patch" "${src}/contrib/ffmpeg/A27-avcodec-amfenc-Fixes-the-color-information-in-the-ou.patch"
"${src}/contrib/ffmpeg/A28-dvdsubdec-use-pts-of-initial-packet.patch" "${src}/contrib/ffmpeg/A28-avcodec-amfenc-HDR-metadata.patch"
"${src}/contrib/ffmpeg/A29-matroskaenc-aac-extradata-updated.patch" "${src}/contrib/ffmpeg/A30-svt-av1-backports.patch"
"${src}/contrib/ffmpeg/A30-ccaption_dec-fix-pts-in-real_time-mode.patch"
"${src}/contrib/ffmpeg/A32-qsv-fix-decode-10bit-hdr.patch"
]; ];
}); });
@ -151,148 +150,151 @@ let
inherit (lib) optional optionals optionalString versions; inherit (lib) optional optionals optionalString versions;
in in
let self = stdenv.mkDerivation rec { let
pname = "handbrake"; self = stdenv.mkDerivation rec {
inherit version src; pname = "handbrake";
inherit version src;
postPatch = '' postPatch = ''
install -Dm444 ${versionFile} ${versionFile.name} install -Dm444 ${versionFile} ${versionFile.name}
patchShebangs scripts patchShebangs scripts
substituteInPlace libhb/hb.c \ substituteInPlace libhb/hb.c \
--replace 'return hb_version;' 'return "${version}";' --replace 'return hb_version;' 'return "${version}";'
# Force using nixpkgs dependencies # Force using nixpkgs dependencies
sed -i '/MODULES += contrib/d' make/include/main.defs sed -i '/MODULES += contrib/d' make/include/main.defs
sed -e 's/^[[:space:]]*\(meson\|ninja\|nasm\)[[:space:]]*= ToolProbe.*$//g' \ sed -e 's/^[[:space:]]*\(meson\|ninja\|nasm\)[[:space:]]*= ToolProbe.*$//g' \
-e '/ ## Additional library and tool checks/,/ ## MinGW specific library and tool checks/d' \ -e '/ ## Additional library and tool checks/,/ ## MinGW specific library and tool checks/d' \
-i make/configure.py -i make/configure.py
'' + optionalString stdenv.isDarwin '' '' + optionalString stdenv.isDarwin ''
# Use the Nix-provided libxml2 instead of the patched version available on # Use the Nix-provided libxml2 instead of the patched version available on
# the Handbrake website. # the Handbrake website.
substituteInPlace libhb/module.defs \ substituteInPlace libhb/module.defs \
--replace '$(CONTRIB.build/)include/libxml2' ${libxml2.dev}/include/libxml2 --replace '$(CONTRIB.build/)include/libxml2' ${libxml2.dev}/include/libxml2
# Prevent the configure script from failing if xcodebuild isn't available, # Prevent the configure script from failing if xcodebuild isn't available,
# which it isn't in the Nix context. (The actual build goes fine without # which it isn't in the Nix context. (The actual build goes fine without
# xcodebuild.) # xcodebuild.)
sed -e '/xcodebuild = ToolProbe/s/abort=.\+)/abort=False)/' -i make/configure.py sed -e '/xcodebuild = ToolProbe/s/abort=.\+)/abort=False)/' -i make/configure.py
'' + optionalString stdenv.isLinux '' '' + optionalString stdenv.isLinux ''
# Use the Nix-provided libxml2 instead of the system-provided one. # Use the Nix-provided libxml2 instead of the system-provided one.
substituteInPlace libhb/module.defs \ substituteInPlace libhb/module.defs \
--replace /usr/include/libxml2 ${libxml2.dev}/include/libxml2 --replace /usr/include/libxml2 ${libxml2.dev}/include/libxml2
'';
nativeBuildInputs = [
autoconf
automake
libtool
m4
pkg-config
python3
]
++ optionals useGtk [ intltool wrapGAppsHook ];
buildInputs = [
a52dec
dav1d
ffmpeg-hb
fontconfig
freetype
fribidi
harfbuzz
jansson
lame
libass
libbluray
libdvdcss
libdvdnav
libdvdread
libiconv
libjpeg_turbo
libogg
libopus
libsamplerate
libtheora
libvorbis
libvpx
libxml2
speex
x264
x265
xz
zimg
]
++ optional (!stdenv.isDarwin) numactl
++ optionals useGtk [
dbus-glib
glib
gst_all_1.gst-plugins-base
gst_all_1.gstreamer
gtk3
hicolor-icon-theme
libappindicator-gtk3
libgudev
libnotify
udev
]
++ optional useFdk fdk_aac
++ optionals stdenv.isDarwin [ AudioToolbox Foundation libobjc VideoToolbox ]
# NOTE: 2018-12-27: Handbrake supports nv-codec-headers for Linux only,
# look at ./make/configure.py search "enable_nvenc"
++ optional stdenv.isLinux nv-codec-headers;
configureFlags = [
"--disable-df-fetch"
"--disable-df-verify"
"--disable-gtk-update-checks"
]
++ optional (!useGtk) "--disable-gtk"
++ optional useFdk "--enable-fdk-aac"
++ optional stdenv.isDarwin "--disable-xcode"
++ optional stdenv.hostPlatform.isx86 "--harden";
# NOTE: 2018-12-27: Check NixOS HandBrake test if changing
NIX_LDFLAGS = [ "-lx265" ];
makeFlags = [ "--directory=build" ];
passthru.tests = {
basic-conversion =
let
# Big Buck Bunny example, licensed under CC Attribution 3.0.
testMkv = fetchurl {
url = "https://github.com/Matroska-Org/matroska-test-files/blob/cf0792be144ac470c4b8052cfe19bb691993e3a2/test_files/test1.mkv?raw=true";
sha256 = "1hfxbbgxwfkzv85pvpvx55a72qsd0hxjbm9hkl5r3590zw4s75h9";
};
in
runCommand "${pname}-${version}-basic-conversion" { nativeBuildInputs = [ self ]; } ''
mkdir -p $out
cd $out
HandBrakeCLI -i ${testMkv} -o test.mp4 -e x264 -q 20 -B 160
test -e test.mp4
HandBrakeCLI -i ${testMkv} -o test.mkv -e x264 -q 20 -B 160
test -e test.mkv
'';
version = testers.testVersion { package = self; command = "HandBrakeCLI --version"; };
};
meta = with lib; {
homepage = "https://handbrake.fr/";
description = "A tool for converting video files and ripping DVDs";
longDescription = ''
Tool for converting and remuxing video files
into selection of modern and widely supported codecs
and containers. Very versatile and customizable.
Package provides:
CLI - `HandbrakeCLI`
GTK GUI - `ghb`
''; '';
license = licenses.gpl2Only;
maintainers = with maintainers; [ Anton-Latukha wmertens ]; nativeBuildInputs = [
platforms = with platforms; unix; autoconf
broken = stdenv.isDarwin && lib.versionOlder stdenv.hostPlatform.darwinMinVersion "10.13"; automake
libtool
m4
pkg-config
python3
]
++ optionals useGtk [ intltool wrapGAppsHook ];
buildInputs = [
a52dec
dav1d
ffmpeg-hb
fontconfig
freetype
fribidi
harfbuzz
jansson
lame
libass
libbluray
libdvdcss
libdvdnav
libdvdread
libiconv
libjpeg_turbo
libogg
libopus
libsamplerate
libtheora
libvorbis
libvpx
libxml2
speex
svt-av1
x264
x265
xz
zimg
]
++ optional (!stdenv.isDarwin) numactl
++ optionals useGtk [
dbus-glib
glib
gst_all_1.gst-plugins-base
gst_all_1.gstreamer
gtk3
hicolor-icon-theme
libappindicator-gtk3
libgudev
libnotify
udev
]
++ optional useFdk fdk_aac
++ optionals stdenv.isDarwin [ AudioToolbox Foundation libobjc VideoToolbox ]
# NOTE: 2018-12-27: Handbrake supports nv-codec-headers for Linux only,
# look at ./make/configure.py search "enable_nvenc"
++ optional stdenv.isLinux nv-codec-headers;
configureFlags = [
"--disable-df-fetch"
"--disable-df-verify"
"--disable-gtk-update-checks"
]
++ optional (!useGtk) "--disable-gtk"
++ optional useFdk "--enable-fdk-aac"
++ optional stdenv.isDarwin "--disable-xcode"
++ optional stdenv.hostPlatform.isx86 "--harden";
# NOTE: 2018-12-27: Check NixOS HandBrake test if changing
NIX_LDFLAGS = [ "-lx265" ];
makeFlags = [ "--directory=build" ];
passthru.tests = {
basic-conversion =
let
# Big Buck Bunny example, licensed under CC Attribution 3.0.
testMkv = fetchurl {
url = "https://github.com/Matroska-Org/matroska-test-files/blob/cf0792be144ac470c4b8052cfe19bb691993e3a2/test_files/test1.mkv?raw=true";
sha256 = "1hfxbbgxwfkzv85pvpvx55a72qsd0hxjbm9hkl5r3590zw4s75h9";
};
in
runCommand "${pname}-${version}-basic-conversion" { nativeBuildInputs = [ self ]; } ''
mkdir -p $out
cd $out
HandBrakeCLI -i ${testMkv} -o test.mp4 -e x264 -q 20 -B 160
test -e test.mp4
HandBrakeCLI -i ${testMkv} -o test.mkv -e x264 -q 20 -B 160
test -e test.mkv
'';
version = testers.testVersion { package = self; command = "HandBrakeCLI --version"; };
};
meta = with lib; {
homepage = "https://handbrake.fr/";
description = "A tool for converting video files and ripping DVDs";
longDescription = ''
Tool for converting and remuxing video files
into selection of modern and widely supported codecs
and containers. Very versatile and customizable.
Package provides:
CLI - `HandbrakeCLI`
GTK GUI - `ghb`
'';
license = licenses.gpl2Only;
maintainers = with maintainers; [ Anton-Latukha wmertens ];
platforms = with platforms; unix;
broken = stdenv.isDarwin && lib.versionOlder stdenv.hostPlatform.darwinMinVersion "10.13";
};
}; };
}; in
in self self

3
pkgs/build-support/build-graalvm-native-image/default.nix
View File

@ -10,7 +10,6 @@
# except in special cases. In most cases, use extraNativeBuildArgs instead # except in special cases. In most cases, use extraNativeBuildArgs instead
, nativeImageBuildArgs ? [ , nativeImageBuildArgs ? [
"-jar" jar "-jar" jar
"-H:CLibraryPath=${lib.getLib graalvm}/lib"
(lib.optionalString stdenv.isDarwin "-H:-CheckToolchain") (lib.optionalString stdenv.isDarwin "-H:-CheckToolchain")
"-H:Name=${executable}" "-H:Name=${executable}"
"--verbose" "--verbose"
@ -50,6 +49,8 @@ stdenv.mkDerivation (args // {
runHook postInstall runHook postInstall
''; '';
disallowedReferences = [ graalvmDrv ];
meta = { meta = {
# default to graalvm's platforms # default to graalvm's platforms
platforms = graalvmDrv.meta.platforms; platforms = graalvmDrv.meta.platforms;

6
pkgs/data/documentation/scheme-manpages/default.nix
View File

@ -2,13 +2,13 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "scheme-manpages"; pname = "scheme-manpages";
version = "unstable-2022-07-04"; version = "unstable-2023-02-06";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "schemedoc"; owner = "schemedoc";
repo = "manpages"; repo = "manpages";
rev = "0b95de112857b185b83141ac9324fb0e786c56df"; rev = "ccaa76761a1b100e99287c120196bd5f32d4a403";
sha256 = "sha256-HWkZJd4t7gsbbSGiQ92Lav9EMBPMLXmXFT6HVfyFLSI="; hash = "sha256-RL/94dQiZJ60cXHQ9r4P3hRBqe55oUissCmSp4XLM+o=";
}; };
dontBuild = true; dontBuild = true;

11
pkgs/data/fonts/iosevka/default.nix
View File

@ -1,9 +1,8 @@
{ stdenv { stdenv
, lib , lib
, pkgs
, buildNpmPackage , buildNpmPackage
, fetchFromGitHub , fetchFromGitHub
, nodejs , darwin
, remarshal , remarshal
, ttfautohint-nox , ttfautohint-nox
# Custom font set options. # Custom font set options.
@ -67,7 +66,13 @@ buildNpmPackage rec {
npmDepsHash = "sha256-Ncf07ggyOnz/2SpgdmaYS2X/8Bad+J2sz8Yyx9Iri3E="; npmDepsHash = "sha256-Ncf07ggyOnz/2SpgdmaYS2X/8Bad+J2sz8Yyx9Iri3E=";
nativeBuildInputs = [ nodejs remarshal ttfautohint-nox ]; nativeBuildInputs = [
remarshal
ttfautohint-nox
] ++ lib.optionals stdenv.isDarwin [
# libtool
darwin.cctools
];
buildPlan = buildPlan =
if builtins.isAttrs privateBuildPlan then if builtins.isAttrs privateBuildPlan then

18
pkgs/desktops/deepin/default.nix
View File

@ -3,6 +3,15 @@ let
packages = self: packages = self:
let let
inherit (self) callPackage; inherit (self) callPackage;
replaceAll = x: y: ''
echo Replacing "${x}" to "${y}":
for file in $(grep -rl "${x}"); do
echo -- $file
substituteInPlace $file \
--replace "${x}" "${y}"
done
'';
in { in {
#### LIBRARIES #### LIBRARIES
dtkcommon = callPackage ./library/dtkcommon { }; dtkcommon = callPackage ./library/dtkcommon { };
@ -30,6 +39,15 @@ let
deepin-picker = callPackage ./apps/deepin-picker { }; deepin-picker = callPackage ./apps/deepin-picker { };
deepin-terminal = callPackage ./apps/deepin-terminal { }; deepin-terminal = callPackage ./apps/deepin-terminal { };
#### Go Packages
go-lib = callPackage ./go-package/go-lib { inherit replaceAll; };
go-gir-generator = callPackage ./go-package/go-gir-generator { };
go-dbus-factory = callPackage ./go-package/go-dbus-factory { };
deepin-pw-check = callPackage ./go-package/deepin-pw-check { };
#### TOOLS
deepin-gettext-tools = callPackage ./tools/deepin-gettext-tools { };
#### ARTWORK #### ARTWORK
dde-account-faces = callPackage ./artwork/dde-account-faces { }; dde-account-faces = callPackage ./artwork/dde-account-faces { };
deepin-icon-theme = callPackage ./artwork/deepin-icon-theme { }; deepin-icon-theme = callPackage ./artwork/deepin-icon-theme { };

84
pkgs/desktops/deepin/go-package/deepin-pw-check/default.nix Normal file
View File

@ -0,0 +1,84 @@
{ stdenv
, lib
, fetchFromGitHub
, buildGoPackage
, pkg-config
, deepin-gettext-tools
, go-dbus-factory
, go-gir-generator
, go-lib
, gtk3
, glib
, libxcrypt
, gettext
, iniparser
, cracklib
, linux-pam
}:
buildGoPackage rec {
pname = "deepin-pw-check";
version = "5.1.18";
goPackagePath = "github.com/linuxdeepin/deepin-pw-check";
src = fetchFromGitHub {
owner = "linuxdeepin";
repo = pname;
rev = version;
sha256 = "sha256-v1Z4ArkrejjOCO1vD+BhfEl9pTfuvKgLM6Ont0IUCQk=";
};
goDeps = ./deps.nix;
nativeBuildInputs = [
pkg-config
gettext
deepin-gettext-tools
];
buildInputs = [
go-dbus-factory
go-gir-generator
go-lib
glib
libxcrypt
gtk3
iniparser
cracklib
linux-pam
];
postPatch = ''
sed -i 's|iniparser/||' */*.c
substituteInPlace misc/pkgconfig/libdeepin_pw_check.pc \
--replace "/usr" "$out"
substituteInPlace misc/system-services/com.deepin.daemon.PasswdConf.service \
--replace "/usr/lib/deepin-pw-check/deepin-pw-check" "$out/lib/deepin-pw-check/deepin-pw-check"
'';
buildPhase = ''
runHook preBuild
GOPATH="$GOPATH:${go-dbus-factory}/share/gocode"
GOPATH="$GOPATH:${go-gir-generator}/share/gocode"
GOPATH="$GOPATH:${go-lib}/share/gocode"
make -C go/src/${goPackagePath}
runHook postBuild
'';
installPhase = ''
runHook preInstall
make install PREFIX="$out" PKG_FILE_DIR=$out/lib/pkg-config PAM_MODULE_DIR=$out/etc/pam.d -C go/src/${goPackagePath}
# https://github.com/linuxdeepin/deepin-pw-check/blob/d5597482678a489077a506a87f06d2b6c4e7e4ed/debian/rules#L21
ln -s $out/lib/libdeepin_pw_check.so $out/lib/libdeepin_pw_check.so.1
runHook postInstall
'';
meta = with lib; {
description = "Tool to verify the validity of the password";
homepage = "https://github.com/linuxdeepin/deepin-pw-check";
license = licenses.gpl3Plus;
platforms = platforms.linux;
maintainers = teams.deepin.members;
};
}

75
pkgs/desktops/deepin/go-package/deepin-pw-check/deps.nix generated Normal file
View File

@ -0,0 +1,75 @@
[
{
goPackagePath = "github.com/fsnotify/fsnotify";
fetch = {
type = "git";
url = "https://github.com/fsnotify/fsnotify";
rev = "v1.5.1";
sha256 = "sha256-B8kZ8yiWgallT7R2j1kSRJcJkSGFVf9ise+TpXa+7XY=";
};
}
{
goPackagePath = "github.com/godbus/dbus";
fetch = {
type = "git";
url = "https://github.com/godbus/dbus";
rev = "v5.1.0";
sha256 = "sha256-JSPtmkGEStBEVrKGszeLCb7P38SzQKgMiDC3eDppXs0=";
};
}
{
goPackagePath = "github.com/stretchr/testify";
fetch = {
type = "git";
url = "https://github.com/stretchr/testify";
rev = "v1.7.1";
sha256 = "sha256-disUVIHiIDSj/go3APtJH8awSl8QwKRRFLKI7LRnl0w=";
};
}
{
goPackagePath = "golang.org/x/sys";
fetch = {
type = "git";
url = "https://github.com/golang/sys";
rev = "289d7a0edf712062d9f1484b07bdf2383f48802f";
sha256 = "sha256-AzS/J3OocI7mA0xsIfQzyskNKVija7F2yvuts+EFJBs=";
};
}
{
goPackagePath = "gopkg.in/yaml.v3";
fetch = {
type = "git";
url = "https://github.com/go-yaml/yaml";
rev = "496545a6307b2a7d7a710fd516e5e16e8ab62dbc";
sha256 = "sha256-j8yDji+vqsitpRZirpb4w/Em8nstgf28wpwkcrOlxBk=";
};
}
{
goPackagePath = "github.com/davecgh/go-spew";
fetch = {
type = "git";
url = "https://github.com/davecgh/go-spew";
rev = "v1.1.1";
sha256 = "sha256-nhzSUrE1fCkN0+RL04N4h8jWmRFPPPWbCuDc7Ss0akI=";
};
}
{
goPackagePath = "github.com/stretchr/objx";
fetch = {
type = "git";
url = "https://github.com/stretchr/objx";
rev = "v0.3.0";
sha256 = "sha256-T753/EiD5Cpk6H2JFhd+s1gFvpNptG2XlEHxZF6dQaw=";
};
}
{
goPackagePath = "github.com/pmezard/go-difflib";
fetch = {
type = "git";
url = "https://github.com/pmezard/go-difflib";
rev = "5d4384ee4fb2527b0a1256a821ebfc92f91efefc";
sha256 = "sha256-XA4Oj1gdmdV/F/+8kMI+DBxKPthZ768hbKsO3d9Gx90=";
};
}
]

26
pkgs/desktops/deepin/go-package/go-dbus-factory/default.nix Normal file
View File

@ -0,0 +1,26 @@
{ stdenv
, lib
, fetchFromGitHub
}:
stdenv.mkDerivation rec {
pname = "go-dbus-factory";
version = "1.10.23";
src = fetchFromGitHub {
owner = "linuxdeepin";
repo = pname;
rev = version;
sha256 = "sha256-6u9Bpoa80j/K1MipncfM378/qmSSMZAlx88jE4hHYBk=";
};
makeFlags = [ "PREFIX=${placeholder "out"}" ];
meta = with lib; {
description = "Generate go binding of D-Bus interfaces";
homepage = "https://github.com/linuxdeepin/go-dbus-factory";
license = licenses.gpl3Plus;
platforms = platforms.linux;
maintainers = teams.deepin.members;
};
}

43
pkgs/desktops/deepin/go-package/go-gir-generator/default.nix Normal file
View File

@ -0,0 +1,43 @@
{ stdenv
, lib
, fetchFromGitHub
, go
, pkg-config
, libgudev
, gobject-introspection
}:
stdenv.mkDerivation rec {
pname = "go-gir-generator";
version = "2.2.0";
src = fetchFromGitHub {
owner = "linuxdeepin";
repo = pname;
rev = version;
sha256 = "sha256-lFseui/M3+TyfYoa+rnS0cGhN6gdLrgpzgOwqzYcyPk=";
};
nativeBuildInputs = [
pkg-config
go
];
buildInputs = [
libgudev
gobject-introspection
];
makeFlags = [
"PREFIX=${placeholder "out"}"
"GOCACHE=$(TMPDIR)/go-cache"
];
meta = with lib; {
description = "Generate static golang bindings for GObject";
homepage = "https://github.com/linuxdeepin/go-gir-generator";
license = licenses.gpl3Plus;
platforms = platforms.linux;
maintainers = teams.deepin.members;
};
}

45
pkgs/desktops/deepin/go-package/go-lib/default.nix Normal file
View File

@ -0,0 +1,45 @@
{ stdenv
, lib
, fetchFromGitHub
, fetchpatch
, replaceAll
, runtimeShell
}:
stdenv.mkDerivation rec {
pname = "go-lib";
version = "5.8.27";
src = fetchFromGitHub {
owner = "linuxdeepin";
repo = pname;
rev = version;
sha256 = "sha256-ZV5zWu7UvNKVcVo79/iKMhF4H09rGyDCvEL61H05lZc=";
};
patches = [
(fetchpatch {
name = "fix_IsDir_for_symlink";
url = "https://github.com/linuxdeepin/go-lib/commit/79239904679dc70a11e1ac8e65670afcfdd7c122.patch";
sha256 = "sha256-RsN9hK26i/W6P/+e1l1spCLdlgIEWTehhIW6POBOvW4=";
})
];
postPatch = replaceAll "/bin/sh" "${runtimeShell}";
installPhase = ''
runHook preInstall
mkdir -p $out/share/gocode/src/github.com/linuxdeepin/go-lib
cp -a * $out/share/gocode/src/github.com/linuxdeepin/go-lib
rm -r $out/share/gocode/src/github.com/linuxdeepin/go-lib/debian
runHook postInstall
'';
meta = with lib; {
description = "Library containing many useful go routines for things such as glib, gettext, archive, graphic, etc";
homepage = "https://github.com/linuxdeepin/go-lib";
license = licenses.gpl3Plus;
platforms = platforms.linux;
maintainers = teams.deepin.members;
};
}

Some files were not shown because too many files have changed in this diff Show More