dev/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Merge staging-next into staging

Browse Source
This commit is contained in:
github-actions[bot] 2023-09-12 06:01:38 +00:00 committed by GitHub
commit 25bf10cc3a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
34 changed files with 743 additions and 353 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
nixos/doc/manual/release-notes/rl-2311.section.md
View File

@ -265,6 +265,8 @@ The module update takes care of the new config syntax and the data itself (user
- The `cawbird` package is dropped from nixpkgs, as it got broken by the Twitter API closing down and has been abandoned upstream.
- `hardware.nvidia` gained `datacenter` options for enabling NVIDIA Data Center drivers and configuration of NVLink/NVSwitch topologies through `nv-fabricmanager`.
- Certificate generation via the `security.acme` now limits the concurrent number of running certificate renewals and generation jobs, to avoid spiking resource usage when processing many certificates at once. The limit defaults to *5* and can be adjusted via `maxConcurrentRenewals`. Setting it to *0* disables the limits altogether.
- New `boot.bcache.enable` (default enabled) allows completely removing `bcache` mount support.

534
nixos/modules/hardware/video/nvidia.nix
View File

@ -4,8 +4,10 @@
pkgs,
...
}: let
x11Enabled = config.services.xserver.enable
&& (lib.elem "nvidia" config.services.xserver.videoDrivers);
nvidia_x11 =
if (lib.elem "nvidia" config.services.xserver.videoDrivers)
if x11Enabled || cfg.datacenter.enable
then cfg.package
else null;
@ -18,9 +20,64 @@
primeEnabled = syncCfg.enable || reverseSyncCfg.enable || offloadCfg.enable;
busIDType = lib.types.strMatching "([[:print:]]+[\:\@][0-9]{1,3}\:[0-9]{1,2}\:[0-9])?";
ibtSupport = cfg.open || (nvidia_x11.ibtSupport or false);
settingsFormat = pkgs.formats.keyValue {};
in {
options = {
hardware.nvidia = {
datacenter.enable = lib.mkEnableOption (lib.mdDoc ''
Data Center drivers for NVIDIA cards on a NVLink topology.
'');
datacenter.settings = lib.mkOption {
type = settingsFormat.type;
default = {
LOG_LEVEL=4;
LOG_FILE_NAME="/var/log/fabricmanager.log";
LOG_APPEND_TO_LOG=1;
LOG_FILE_MAX_SIZE=1024;
LOG_USE_SYSLOG=0;
DAEMONIZE=1;
BIND_INTERFACE_IP="127.0.0.1";
STARTING_TCP_PORT=16000;
FABRIC_MODE=0;
FABRIC_MODE_RESTART=0;
STATE_FILE_NAME="/var/tmp/fabricmanager.state";
FM_CMD_BIND_INTERFACE="127.0.0.1";
FM_CMD_PORT_NUMBER=6666;
FM_STAY_RESIDENT_ON_FAILURES=0;
ACCESS_LINK_FAILURE_MODE=0;
TRUNK_LINK_FAILURE_MODE=0;
NVSWITCH_FAILURE_MODE=0;
ABORT_CUDA_JOBS_ON_FM_EXIT=1;
TOPOLOGY_FILE_PATH=nvidia_x11.fabricmanager + "/share/nvidia-fabricmanager/nvidia/nvswitch";
};
defaultText = lib.literalExpression ''
{
LOG_LEVEL=4;
LOG_FILE_NAME="/var/log/fabricmanager.log";
LOG_APPEND_TO_LOG=1;
LOG_FILE_MAX_SIZE=1024;
LOG_USE_SYSLOG=0;
DAEMONIZE=1;
BIND_INTERFACE_IP="127.0.0.1";
STARTING_TCP_PORT=16000;
FABRIC_MODE=0;
FABRIC_MODE_RESTART=0;
STATE_FILE_NAME="/var/tmp/fabricmanager.state";
FM_CMD_BIND_INTERFACE="127.0.0.1";
FM_CMD_PORT_NUMBER=6666;
FM_STAY_RESIDENT_ON_FAILURES=0;
ACCESS_LINK_FAILURE_MODE=0;
TRUNK_LINK_FAILURE_MODE=0;
NVSWITCH_FAILURE_MODE=0;
ABORT_CUDA_JOBS_ON_FM_EXIT=1;
TOPOLOGY_FILE_PATH=nvidia_x11.fabricmanager + "/share/nvidia-fabricmanager/nvidia/nvswitch";
}
'';
description = lib.mdDoc ''
Additional configuration options for fabricmanager.
'';
};
powerManagement.enable = lib.mkEnableOption (lib.mdDoc ''
experimental power management through systemd. For more information, see
the NVIDIA docs, on Chapter 21. Configuring Power Management Support.
@ -167,9 +224,15 @@ in {
It also drastically increases the time the driver needs to clock down after load.
'');
package = lib.mkPackageOptionMD config.boot.kernelPackages.nvidiaPackages "nvidia_x11" {
default = "stable";
package = lib.mkOption {
default = config.boot.kernelPackages.nvidiaPackages."${if cfg.datacenter.enable then "dc" else "stable"}";
defaultText = lib.literalExpression ''
config.boot.kernelPackages.nvidiaPackages."\$\{if cfg.datacenter.enable then "dc" else "stable"}"
'';
example = lib.mdDoc "config.boot.kernelPackages.nvidiaPackages.legacy_470";
description = lib.mdDoc ''
The NVIDIA driver package to use.
'';
};
open = lib.mkEnableOption (lib.mdDoc ''
@ -188,8 +251,46 @@ in {
then pCfg.intelBusId
else pCfg.amdgpuBusId;
in
lib.mkIf (nvidia_x11 != null) {
assertions = [
lib.mkIf (nvidia_x11 != null) (lib.mkMerge [
# Common
({
assertions = [
{
assertion = !(x11Enabled && cfg.datacenter.enable);
message = "You cannot configure both X11 and Data Center drivers at the same time.";
}
];
boot = {
blacklistedKernelModules = ["nouveau" "nvidiafb"];
kernelModules = [ "nvidia-uvm" ];
};
systemd.tmpfiles.rules =
lib.optional config.virtualisation.docker.enableNvidia
"L+ /run/nvidia-docker/bin - - - - ${nvidia_x11.bin}/origBin";
services.udev.extraRules =
''
# Create /dev/nvidia-uvm when the nvidia-uvm module is loaded.
KERNEL=="nvidia", RUN+="${pkgs.runtimeShell} -c 'mknod -m 666 /dev/nvidiactl c $$(grep nvidia-frontend /proc/devices | cut -d \ -f 1) 255'"
KERNEL=="nvidia", RUN+="${pkgs.runtimeShell} -c 'for i in $$(cat /proc/driver/nvidia/gpus/*/information | grep Minor | cut -d \ -f 4); do mknod -m 666 /dev/nvidia$${i} c $$(grep nvidia-frontend /proc/devices | cut -d \ -f 1) $${i}; done'"
KERNEL=="nvidia_modeset", RUN+="${pkgs.runtimeShell} -c 'mknod -m 666 /dev/nvidia-modeset c $$(grep nvidia-frontend /proc/devices | cut -d \ -f 1) 254'"
KERNEL=="nvidia_uvm", RUN+="${pkgs.runtimeShell} -c 'mknod -m 666 /dev/nvidia-uvm c $$(grep nvidia-uvm /proc/devices | cut -d \ -f 1) 0'"
KERNEL=="nvidia_uvm", RUN+="${pkgs.runtimeShell} -c 'mknod -m 666 /dev/nvidia-uvm-tools c $$(grep nvidia-uvm /proc/devices | cut -d \ -f 1) 1'"
'';
hardware.opengl = {
extraPackages = [
nvidia_x11.out
];
extraPackages32 = [
nvidia_x11.lib32
];
};
environment.systemPackages = [
nvidia_x11.bin
];
})
# X11
(lib.mkIf x11Enabled {
assertions = [
{
assertion = primeEnabled -> pCfg.intelBusId == "" || pCfg.amdgpuBusId == "";
message = "You cannot configure both an Intel iGPU and an AMD APU. Pick the one corresponding to your processor.";
@ -248,227 +349,207 @@ in {
{
assertion = cfg.dynamicBoost.enable -> lib.versionAtLeast nvidia_x11.version "510.39.01";
message = "NVIDIA's Dynamic Boost feature only exists on versions >= 510.39.01";
}
];
}];
# If Optimus/PRIME is enabled, we:
# - Specify the configured NVIDIA GPU bus ID in the Device section for the
# "nvidia" driver.
# - Add the AllowEmptyInitialConfiguration option to the Screen section for the
# "nvidia" driver, in order to allow the X server to start without any outputs.
# - Add a separate Device section for the Intel GPU, using the "modesetting"
# driver and with the configured BusID.
# - OR add a separate Device section for the AMD APU, using the "amdgpu"
# driver and with the configures BusID.
# - Reference that Device section from the ServerLayout section as an inactive
# device.
# - Configure the display manager to run specific `xrandr` commands which will
# configure/enable displays connected to the Intel iGPU / AMD APU.
# If Optimus/PRIME is enabled, we:
# - Specify the configured NVIDIA GPU bus ID in the Device section for the
# "nvidia" driver.
# - Add the AllowEmptyInitialConfiguration option to the Screen section for the
# "nvidia" driver, in order to allow the X server to start without any outputs.
# - Add a separate Device section for the Intel GPU, using the "modesetting"
# driver and with the configured BusID.
# - OR add a separate Device section for the AMD APU, using the "amdgpu"
# driver and with the configures BusID.
# - Reference that Device section from the ServerLayout section as an inactive
# device.
# - Configure the display manager to run specific `xrandr` commands which will
# configure/enable displays connected to the Intel iGPU / AMD APU.
# reverse sync implies offloading
hardware.nvidia.prime.offload.enable = lib.mkDefault reverseSyncCfg.enable;
# reverse sync implies offloading
hardware.nvidia.prime.offload.enable = lib.mkDefault reverseSyncCfg.enable;
services.xserver.drivers =
lib.optional primeEnabled {
name = igpuDriver;
display = offloadCfg.enable;
modules = lib.optional (igpuDriver == "amdgpu") pkgs.xorg.xf86videoamdgpu;
deviceSection =
''
BusID "${igpuBusId}"
''
+ lib.optionalString (syncCfg.enable && igpuDriver != "amdgpu") ''
Option "AccelMethod" "none"
'';
}
++ lib.singleton {
name = "nvidia";
modules = [nvidia_x11.bin];
display = !offloadCfg.enable;
deviceSection =
lib.optionalString primeEnabled
''
BusID "${pCfg.nvidiaBusId}"
''
+ lib.optionalString pCfg.allowExternalGpu ''
Option "AllowExternalGpus"
'';
screenSection =
''
Option "RandRRotation" "on"
''
+ lib.optionalString syncCfg.enable ''
Option "AllowEmptyInitialConfiguration"
''
+ lib.optionalString cfg.forceFullCompositionPipeline ''
Option "metamodes" "nvidia-auto-select +0+0 {ForceFullCompositionPipeline=On}"
Option "AllowIndirectGLXProtocol" "off"
Option "TripleBuffer" "on"
'';
};
services.xserver.serverLayoutSection =
lib.optionalString syncCfg.enable ''
Inactive "Device-${igpuDriver}[0]"
''
+ lib.optionalString reverseSyncCfg.enable ''
Inactive "Device-nvidia[0]"
''
+ lib.optionalString offloadCfg.enable ''
Option "AllowNVIDIAGPUScreens"
'';
services.xserver.displayManager.setupCommands = let
gpuProviderName =
if igpuDriver == "amdgpu"
then
# find the name of the provider if amdgpu
"`${lib.getExe pkgs.xorg.xrandr} --listproviders | ${lib.getExe pkgs.gnugrep} -i AMD | ${lib.getExe pkgs.gnused} -n 's/^.*name://p'`"
else igpuDriver;
providerCmdParams =
if syncCfg.enable
then "\"${gpuProviderName}\" NVIDIA-0"
else "NVIDIA-G0 \"${gpuProviderName}\"";
in
lib.optionalString (syncCfg.enable || reverseSyncCfg.enable) ''
# Added by nvidia configuration module for Optimus/PRIME.
${lib.getExe pkgs.xorg.xrandr} --setprovideroutputsource ${providerCmdParams}
${lib.getExe pkgs.xorg.xrandr} --auto
'';
environment.etc = {
"nvidia/nvidia-application-profiles-rc" = lib.mkIf nvidia_x11.useProfiles {source = "${nvidia_x11.bin}/share/nvidia/nvidia-application-profiles-rc";};
# 'nvidia_x11' installs it's files to /run/opengl-driver/...
"egl/egl_external_platform.d".source = "/run/opengl-driver/share/egl/egl_external_platform.d/";
};
hardware.opengl = {
extraPackages = [
nvidia_x11.out
pkgs.nvidia-vaapi-driver
];
extraPackages32 = [
nvidia_x11.lib32
pkgs.pkgsi686Linux.nvidia-vaapi-driver
];
};
environment.systemPackages =
[nvidia_x11.bin]
++ lib.optional cfg.nvidiaSettings nvidia_x11.settings
++ lib.optional cfg.nvidiaPersistenced nvidia_x11.persistenced
++ lib.optional offloadCfg.enableOffloadCmd
(pkgs.writeShellScriptBin "nvidia-offload" ''
export __NV_PRIME_RENDER_OFFLOAD=1
export __NV_PRIME_RENDER_OFFLOAD_PROVIDER=NVIDIA-G0
export __GLX_VENDOR_LIBRARY_NAME=nvidia
export __VK_LAYER_NV_optimus=NVIDIA_only
exec "$@"
'');
systemd.packages = lib.optional cfg.powerManagement.enable nvidia_x11.out;
systemd.services = let
nvidiaService = state: {
description = "NVIDIA system ${state} actions";
path = [pkgs.kbd];
serviceConfig = {
Type = "oneshot";
ExecStart = "${nvidia_x11.out}/bin/nvidia-sleep.sh '${state}'";
services.xserver.drivers =
lib.optional primeEnabled {
name = igpuDriver;
display = offloadCfg.enable;
modules = lib.optional (igpuDriver == "amdgpu") pkgs.xorg.xf86videoamdgpu;
deviceSection =
''
BusID "${igpuBusId}"
''
+ lib.optionalString (syncCfg.enable && igpuDriver != "amdgpu") ''
Option "AccelMethod" "none"
'';
}
++ lib.singleton {
name = "nvidia";
modules = [nvidia_x11.bin];
display = !offloadCfg.enable;
deviceSection =
lib.optionalString primeEnabled
''
BusID "${pCfg.nvidiaBusId}"
''
+ lib.optionalString pCfg.allowExternalGpu ''
Option "AllowExternalGpus"
'';
screenSection =
''
Option "RandRRotation" "on"
''
+ lib.optionalString syncCfg.enable ''
Option "AllowEmptyInitialConfiguration"
''
+ lib.optionalString cfg.forceFullCompositionPipeline ''
Option "metamodes" "nvidia-auto-select +0+0 {ForceFullCompositionPipeline=On}"
Option "AllowIndirectGLXProtocol" "off"
Option "TripleBuffer" "on"
'';
};
before = ["systemd-${state}.service"];
requiredBy = ["systemd-${state}.service"];
services.xserver.serverLayoutSection =
lib.optionalString syncCfg.enable ''
Inactive "Device-${igpuDriver}[0]"
''
+ lib.optionalString reverseSyncCfg.enable ''
Inactive "Device-nvidia[0]"
''
+ lib.optionalString offloadCfg.enable ''
Option "AllowNVIDIAGPUScreens"
'';
services.xserver.displayManager.setupCommands = let
gpuProviderName =
if igpuDriver == "amdgpu"
then
# find the name of the provider if amdgpu
"`${lib.getExe pkgs.xorg.xrandr} --listproviders | ${lib.getExe pkgs.gnugrep} -i AMD | ${lib.getExe pkgs.gnused} -n 's/^.*name://p'`"
else igpuDriver;
providerCmdParams =
if syncCfg.enable
then "\"${gpuProviderName}\" NVIDIA-0"
else "NVIDIA-G0 \"${gpuProviderName}\"";
in
lib.optionalString (syncCfg.enable || reverseSyncCfg.enable) ''
# Added by nvidia configuration module for Optimus/PRIME.
${lib.getExe pkgs.xorg.xrandr} --setprovideroutputsource ${providerCmdParams}
${lib.getExe pkgs.xorg.xrandr} --auto
'';
environment.etc = {
"nvidia/nvidia-application-profiles-rc" = lib.mkIf nvidia_x11.useProfiles {source = "${nvidia_x11.bin}/share/nvidia/nvidia-application-profiles-rc";};
# 'nvidia_x11' installs it's files to /run/opengl-driver/...
"egl/egl_external_platform.d".source = "/run/opengl-driver/share/egl/egl_external_platform.d/";
};
in
lib.mkMerge [
(lib.mkIf cfg.powerManagement.enable {
nvidia-suspend = nvidiaService "suspend";
nvidia-hibernate = nvidiaService "hibernate";
nvidia-resume =
(nvidiaService "resume")
// {
before = [];
after = ["systemd-suspend.service" "systemd-hibernate.service"];
requiredBy = ["systemd-suspend.service" "systemd-hibernate.service"];
};
})
(lib.mkIf cfg.nvidiaPersistenced {
"nvidia-persistenced" = {
description = "NVIDIA Persistence Daemon";
wantedBy = ["multi-user.target"];
serviceConfig = {
Type = "forking";
Restart = "always";
PIDFile = "/var/run/nvidia-persistenced/nvidia-persistenced.pid";
ExecStart = "${lib.getExe nvidia_x11.persistenced} --verbose";
ExecStopPost = "${pkgs.coreutils}/bin/rm -rf /var/run/nvidia-persistenced";
};
hardware.opengl = {
extraPackages = [
pkgs.nvidia-vaapi-driver
];
extraPackages32 = [
pkgs.pkgsi686Linux.nvidia-vaapi-driver
];
};
environment.systemPackages =
lib.optional cfg.nvidiaSettings nvidia_x11.settings
++ lib.optional cfg.nvidiaPersistenced nvidia_x11.persistenced
++ lib.optional offloadCfg.enableOffloadCmd
(pkgs.writeShellScriptBin "nvidia-offload" ''
export __NV_PRIME_RENDER_OFFLOAD=1
export __NV_PRIME_RENDER_OFFLOAD_PROVIDER=NVIDIA-G0
export __GLX_VENDOR_LIBRARY_NAME=nvidia
export __VK_LAYER_NV_optimus=NVIDIA_only
exec "$@"
'');
systemd.packages = lib.optional cfg.powerManagement.enable nvidia_x11.out;
systemd.services = let
nvidiaService = state: {
description = "NVIDIA system ${state} actions";
path = [pkgs.kbd];
serviceConfig = {
Type = "oneshot";
ExecStart = "${nvidia_x11.out}/bin/nvidia-sleep.sh '${state}'";
};
})
(lib.mkIf cfg.dynamicBoost.enable {
"nvidia-powerd" = {
description = "nvidia-powerd service";
path = [
pkgs.util-linux # nvidia-powerd wants lscpu
];
wantedBy = ["multi-user.target"];
serviceConfig = {
Type = "dbus";
BusName = "nvidia.powerd.server";
ExecStart = "${nvidia_x11.bin}/bin/nvidia-powerd";
before = ["systemd-${state}.service"];
requiredBy = ["systemd-${state}.service"];
};
in
lib.mkMerge [
(lib.mkIf cfg.powerManagement.enable {
nvidia-suspend = nvidiaService "suspend";
nvidia-hibernate = nvidiaService "hibernate";
nvidia-resume =
(nvidiaService "resume")
// {
before = [];
after = ["systemd-suspend.service" "systemd-hibernate.service"];
requiredBy = ["systemd-suspend.service" "systemd-hibernate.service"];
};
})
(lib.mkIf cfg.nvidiaPersistenced {
"nvidia-persistenced" = {
description = "NVIDIA Persistence Daemon";
wantedBy = ["multi-user.target"];
serviceConfig = {
Type = "forking";
Restart = "always";
PIDFile = "/var/run/nvidia-persistenced/nvidia-persistenced.pid";
ExecStart = "${lib.getExe nvidia_x11.persistenced} --verbose";
ExecStopPost = "${pkgs.coreutils}/bin/rm -rf /var/run/nvidia-persistenced";
};
};
};
})
];
})
(lib.mkIf cfg.dynamicBoost.enable {
"nvidia-powerd" = {
description = "nvidia-powerd service";
path = [
pkgs.util-linux # nvidia-powerd wants lscpu
];
wantedBy = ["multi-user.target"];
serviceConfig = {
Type = "dbus";
BusName = "nvidia.powerd.server";
ExecStart = "${nvidia_x11.bin}/bin/nvidia-powerd";
};
};
})
];
services.acpid.enable = true;
services.acpid.enable = true;
services.dbus.packages = lib.optional cfg.dynamicBoost.enable nvidia_x11.bin;
services.dbus.packages = lib.optional cfg.dynamicBoost.enable nvidia_x11.bin;
hardware.firmware = lib.optional cfg.open nvidia_x11.firmware;
hardware.firmware = lib.optional cfg.open nvidia_x11.firmware;
systemd.tmpfiles.rules =
lib.optional (nvidia_x11.persistenced != null && config.virtualisation.docker.enableNvidia)
"L+ /run/nvidia-docker/extras/bin/nvidia-persistenced - - - - ${nvidia_x11.persistenced}/origBin/nvidia-persistenced";
systemd.tmpfiles.rules =
lib.optional config.virtualisation.docker.enableNvidia
"L+ /run/nvidia-docker/bin - - - - ${nvidia_x11.bin}/origBin"
++ lib.optional (nvidia_x11.persistenced != null && config.virtualisation.docker.enableNvidia)
"L+ /run/nvidia-docker/extras/bin/nvidia-persistenced - - - - ${nvidia_x11.persistenced}/origBin/nvidia-persistenced";
boot = {
extraModulePackages =
if cfg.open
then [nvidia_x11.open]
else [nvidia_x11.bin];
# nvidia-uvm is required by CUDA applications.
kernelModules =
lib.optionals config.services.xserver.enable ["nvidia" "nvidia_modeset" "nvidia_drm"];
boot = {
blacklistedKernelModules = ["nouveau" "nvidiafb"];
# If requested enable modesetting via kernel parameter.
kernelParams =
lib.optional (offloadCfg.enable || cfg.modesetting.enable) "nvidia-drm.modeset=1"
++ lib.optional cfg.powerManagement.enable "nvidia.NVreg_PreserveVideoMemoryAllocations=1"
++ lib.optional cfg.open "nvidia.NVreg_OpenRmEnableUnsupportedGpus=1"
++ lib.optional (config.boot.kernelPackages.kernel.kernelAtLeast "6.2" && !ibtSupport) "ibt=off";
extraModulePackages =
if cfg.open
then [nvidia_x11.open]
else [nvidia_x11.bin];
# nvidia-uvm is required by CUDA applications.
kernelModules =
["nvidia-uvm"]
++ lib.optionals config.services.xserver.enable ["nvidia" "nvidia_modeset" "nvidia_drm"];
# If requested enable modesetting via kernel parameter.
kernelParams =
lib.optional (offloadCfg.enable || cfg.modesetting.enable) "nvidia-drm.modeset=1"
++ lib.optional cfg.powerManagement.enable "nvidia.NVreg_PreserveVideoMemoryAllocations=1"
++ lib.optional cfg.open "nvidia.NVreg_OpenRmEnableUnsupportedGpus=1"
++ lib.optional (config.boot.kernelPackages.kernel.kernelAtLeast "6.2" && !ibtSupport) "ibt=off";
# enable finegrained power management
extraModprobeConfig = lib.optionalString cfg.powerManagement.finegrained ''
options nvidia "NVreg_DynamicPowerManagement=0x02"
'';
};
services.udev.extraRules =
''
# Create /dev/nvidia-uvm when the nvidia-uvm module is loaded.
KERNEL=="nvidia", RUN+="${pkgs.runtimeShell} -c 'mknod -m 666 /dev/nvidiactl c $$(grep nvidia-frontend /proc/devices | cut -d \ -f 1) 255'"
KERNEL=="nvidia", RUN+="${pkgs.runtimeShell} -c 'for i in $$(cat /proc/driver/nvidia/gpus/*/information | grep Minor | cut -d \ -f 4); do mknod -m 666 /dev/nvidia$${i} c $$(grep nvidia-frontend /proc/devices | cut -d \ -f 1) $${i}; done'"
KERNEL=="nvidia_modeset", RUN+="${pkgs.runtimeShell} -c 'mknod -m 666 /dev/nvidia-modeset c $$(grep nvidia-frontend /proc/devices | cut -d \ -f 1) 254'"
KERNEL=="nvidia_uvm", RUN+="${pkgs.runtimeShell} -c 'mknod -m 666 /dev/nvidia-uvm c $$(grep nvidia-uvm /proc/devices | cut -d \ -f 1) 0'"
KERNEL=="nvidia_uvm", RUN+="${pkgs.runtimeShell} -c 'mknod -m 666 /dev/nvidia-uvm-tools c $$(grep nvidia-uvm /proc/devices | cut -d \ -f 1) 1'"
''
+ lib.optionalString cfg.powerManagement.finegrained (
# enable finegrained power management
extraModprobeConfig = lib.optionalString cfg.powerManagement.finegrained ''
options nvidia "NVreg_DynamicPowerManagement=0x02"
'';
};
services.udev.extraRules =
lib.optionalString cfg.powerManagement.finegrained (
lib.optionalString (lib.versionOlder config.boot.kernelPackages.kernel.version "5.5") ''
# Remove NVIDIA USB xHCI Host Controller devices, if present
ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x0c0330", ATTR{remove}="1"
@ -489,5 +570,30 @@ in {
ACTION=="unbind", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x030200", TEST=="power/control", ATTR{power/control}="on"
''
);
};
})
# Data Center
(lib.mkIf (cfg.datacenter.enable) {
boot.extraModulePackages = [
nvidia_x11.bin
];
systemd.services.nvidia-fabricmanager = {
enable = true;
description = "Start NVIDIA NVLink Management";
wantedBy = [ "multi-user.target" ];
unitConfig.After = [ "network-online.target" ];
unitConfig.Requires = [ "network-online.target" ];
serviceConfig = {
Type = "forking";
TimeoutStartSec = 240;
ExecStart = let
nv-fab-conf = settingsFormat.generate "fabricmanager.conf" cfg.datacenter.settings;
in
nvidia_x11.fabricmanager + "/bin/nv-fabricmanager -c " + nv-fab-conf;
LimitCORE="infinity";
};
};
environment.systemPackages =
lib.optional cfg.datacenter.enable nvidia_x11.fabricmanager;
})
]);
}

1
nixos/modules/module-list.nix
View File

@ -1250,6 +1250,7 @@
./services/web-apps/matomo.nix
./services/web-apps/mattermost.nix
./services/web-apps/mediawiki.nix
./services/web-apps/meme-bingo-web.nix
./services/web-apps/miniflux.nix
./services/web-apps/monica.nix
./services/web-apps/moodle.nix

93
nixos/modules/services/web-apps/meme-bingo-web.nix Normal file
View File

@ -0,0 +1,93 @@
{ config, lib, pkgs, ... }:
let
inherit (lib) mkEnableOption mkIf mkOption mdDoc types literalExpression;
cfg = config.services.meme-bingo-web;
in {
options = {
services.meme-bingo-web = {
enable = mkEnableOption (mdDoc ''
A web app for the meme bingo, rendered entirely on the web server and made interactive with forms.
Note: The application's author suppose to run meme-bingo-web behind a reverse proxy for SSL and HTTP/3.
'');
package = mkOption {
type = types.package;
default = pkgs.meme-bingo-web;
defaultText = literalExpression "pkgs.meme-bingo-web";
description = mdDoc "meme-bingo-web package to use.";
};
baseUrl = mkOption {
description = mdDoc ''
URL to be used for the HTML <base> element on all HTML routes.
'';
type = types.str;
default = "http://localhost:41678/";
example = "https://bingo.example.com/";
};
port = mkOption {
description = mdDoc ''
Port to be used for the web server.
'';
type = types.port;
default = 41678;
example = 21035;
};
};
};
config = mkIf cfg.enable {
systemd.services.meme-bingo-web = {
description = "A web app for playing meme bingos.";
wantedBy = [ "multi-user.target" ];
environment = {
MEME_BINGO_BASE = cfg.baseUrl;
MEME_BINGO_PORT = toString cfg.port;
};
path = [ cfg.package ];
serviceConfig = {
User = "meme-bingo-web";
Group = "meme-bingo-web";
DynamicUser = true;
ExecStart = "${cfg.package}/bin/meme-bingo-web";
Restart = "always";
RestartSec = 1;
# Hardening
CapabilityBoundingSet = [ "" ];
DeviceAllow = [ "/dev/random" ];
LockPersonality = true;
PrivateDevices = true;
PrivateUsers = true;
ProcSubset = "pid";
ProtectSystem = "strict";
ProtectClock = true;
ProtectControlGroups = true;
ProtectHome = true;
ProtectHostname = true;
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
ProtectProc = "invisible";
RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ];
RestrictNamespaces = true;
RestrictRealtime = true;
SystemCallArchitectures = "native";
SystemCallFilter = [ "@system-service" "~@privileged" "~@resources" ];
UMask = "0077";
RestrictSUIDSGID = true;
RemoveIPC = true;
NoNewPrivileges = true;
MemoryDenyWriteExecute = true;
};
};
};
}

2
nixos/tests/postgis.nix
View File

@ -9,7 +9,7 @@ import ./make-test-python.nix ({ pkgs, ...} : {
{ pkgs, ... }:
{
services.postgresql = let mypg = pkgs.postgresql_11; in {
services.postgresql = let mypg = pkgs.postgresql; in {
enable = true;
package = mypg;
extraPlugins = with mypg.pkgs; [

4
pkgs/applications/audio/tidal-hifi/default.nix
View File

@ -36,11 +36,11 @@
stdenv.mkDerivation (finalAttrs: {
pname = "tidal-hifi";
version = "5.7.0";
version = "5.7.1";
src = fetchurl {
url = "https://github.com/Mastermindzh/tidal-hifi/releases/download/${finalAttrs.version}/tidal-hifi_${finalAttrs.version}_amd64.deb";
sha256 = "sha256-fA6zXmLfcZJt5/umdY4gdqGdbH3afsaanmK/i+Js5HQ=";
sha256 = "sha256-7wBQgoglLS67aiQsF9iUeFoJDDqq0fJgu5BSyH+HI7M=";
};
nativeBuildInputs = [ autoPatchelfHook dpkg makeWrapper ];

4
pkgs/applications/editors/emacs/generic.nix
View File

@ -65,7 +65,7 @@
, withNativeCompilation ?
if nativeComp != null
then lib.warn "nativeComp option is deprecated and will be removed; use withNativeCompilation instead" nativeComp
else true
else stdenv.buildPlatform.canExecute stdenv.hostPlatform
, noGui ? false
, srcRepo ? true
, withAcl ? false
@ -405,6 +405,6 @@ mkDerivation (finalAttrs: {
};
meta = meta // {
broken = !(stdenv.buildPlatform.canExecute stdenv.hostPlatform);
broken = withNativeCompilation && !(stdenv.buildPlatform.canExecute stdenv.hostPlatform);
};
})

1
pkgs/applications/misc/gallery-dl/default.nix
View File

@ -38,6 +38,7 @@ buildPythonApplication rec {
homepage = "https://github.com/mikf/gallery-dl";
changelog = "https://github.com/mikf/gallery-dl/blob/v${version}/CHANGELOG.md";
license = licenses.gpl2Only;
mainProgram = "gallery-dl";
maintainers = with maintainers; [ dawidsowa marsam ];
};
}

5
pkgs/applications/networking/browsers/nyxt/default.nix
View File

@ -3,7 +3,7 @@
, glib, gdk-pixbuf, cairo
, mailcap, pango, gtk3
, glib-networking, gsettings-desktop-schemas
, xclip, notify-osd, enchant
, xclip, wl-clipboard, notify-osd, enchant
}:
stdenv.mkDerivation rec {
@ -41,9 +41,8 @@ stdenv.mkDerivation rec {
cp -f $src/assets/nyxt_''${i}x''${i}.png "$out/share/icons/hicolor/''${i}x''${i}/apps/nyxt.png"
done
# Need to suffix PATH with xclip to be able to copy/paste in Nyxt even if xclip/xsel/wl-clipboard are not in the user's PATH
mkdir -p $out/bin && makeWrapper $src/bin/nyxt $out/bin/nyxt \
--suffix PATH : ${lib.makeBinPath [ xclip ]} \
--prefix PATH : ${lib.makeBinPath [ xclip wl-clipboard ]} \
--prefix GST_PLUGIN_SYSTEM_PATH_1_0 : "${GST_PLUGIN_SYSTEM_PATH_1_0}" \
--argv0 nyxt "''${gappsWrapperArgs[@]}"
'';

2
pkgs/applications/networking/instant-messengers/webcord/webcord-vencord/default.nix
View File

@ -5,6 +5,8 @@
}:
webcord.overrideAttrs (old: {
pname = "webcord-vencord";
patches = (old.patches or [ ]) ++ [
(substituteAll {
src = ./add-extension.patch;

10
pkgs/applications/video/pitivi/default.nix
View File

@ -16,6 +16,7 @@
, meson
, ninja
, gsettings-desktop-schemas
, hicolor-icon-theme
}:
python3.pkgs.buildPythonApplication rec {
@ -74,6 +75,13 @@ python3.pkgs.buildPythonApplication rec {
librosa
];
preFixup = ''
gappsWrapperArgs+=(
# The icon theme is hardcoded.
--prefix XDG_DATA_DIRS : "${hicolor-icon-theme}/share"
)
'';
postPatch = ''
patchShebangs ./getenvvar.py
'';
@ -94,7 +102,7 @@ python3.pkgs.buildPythonApplication rec {
that can appeal to newbies and professionals alike.
'';
license = licenses.lgpl21Plus;
maintainers = with maintainers; [];
maintainers = with maintainers; [ akechishiro ];
platforms = platforms.linux;
};
}

6
pkgs/by-name/ri/ripsecrets/package.nix
View File

@ -5,16 +5,16 @@
rustPlatform.buildRustPackage rec {
pname = "ripsecrets";
version = "0.1.6";
version = "0.1.7";
src = fetchFromGitHub {
owner = "sirwart";
repo = "ripsecrets";
rev = "v${version}";
hash = "sha256-p3421sQko/WulSNUxXpjsHPAtRoHHg61angfxJpoyFg=";
hash = "sha256-NDSMxIq6eBXOv/mI662vsIIOfWQEzQ5fDGznC4+gFyE=";
};
cargoHash = "sha256-DJkEhqW5DZOmoNiS4nw+i2G0+KN2d7FbBuKp7fdAwMk=";
cargoHash = "sha256-vp2gQUf6TWFkJ09STOlqlEB+jsGrVGAmix2eSgBDG/o=";
meta = with lib; {
description = "A command-line tool to prevent committing secret keys into your source code";

50
pkgs/development/lisp-modules/packages.nix
View File

@ -218,18 +218,6 @@ let
};
};
cl-webkit2_3_5_9 = build-asdf-system {
inherit (super.cl-webkit2) pname systems nativeLibs lispLibs;
version = "3.5.9";
src = pkgs.fetchFromGitHub {
owner = "joachifm";
repo = "cl-webkit";
rev = "3.5.9";
sha256 = "sha256-YJo5ahL6+HLeJrxFBuZZjuK3OfA6DnAu82vvXMsNBgI=";
};
};
prompter = build-asdf-system {
pname = "prompter";
version = "0.1.0";
@ -258,12 +246,12 @@ let
nasdf = build-asdf-system {
pname = "nasdf";
version = "20230524-git";
version = "20230911-git";
src = pkgs.fetchFromGitHub {
owner = "atlas-engineer";
repo = "ntemplate";
rev = "51a884f388ec526c32914093fcad6bb2434e3c14";
sha256 = "sha256-bjQPkiHAxhjsHCnWpCGMsmQlGDJFGtQEdevnhK2k+kY=";
rev = "ab7a018f3a67a999c72710644b10b4545130c139";
sha256 = "sha256-fXGh0h6CXLoBgK1jRxkSNyQVAY1gvi4iyHQBuzueR5Y=";
};
};
@ -370,7 +358,7 @@ let
nyxt-gtk = build-asdf-system {
pname = "nyxt";
version = "3.6.0";
version = "3.7.0";
lispLibs = (with super; [
alexandria
@ -410,7 +398,6 @@ let
spinneret
slynk
trivia
trivial-clipboard
trivial-features
trivial-garbage
trivial-package-local-nicknames
@ -418,9 +405,31 @@ let
unix-opts
cluffer
cl-cffi-gtk
cl-gobject-introspection
quri
sqlite
# TODO: Remove these overrides after quicklisp updates past the June 2023 release
(trivial-clipboard.overrideAttrs (final: prev: {
src = pkgs.fetchFromGitHub {
owner = "snmsts";
repo = "trivial-clipboard";
rev = "6ddf8d5dff8f5c2102af7cd1a1751cbe6408377b";
sha256 = "sha256-n15IuTkqAAh2c1OfNbZfCAQJbH//QXeH0Bl1/5OpFRM=";
};}))
(cl-gobject-introspection.overrideAttrs (final: prev: {
src = pkgs.fetchFromGitHub {
owner = "andy128k";
repo = "cl-gobject-introspection";
rev = "83beec4492948b52aae4d4152200de5d5c7ac3e9";
sha256 = "sha256-g/FwWE+Rzmzm5Y+irvd1AJodbp6kPHJIFOFDPhaRlXc=";
};}))
(cl-webkit2.overrideAttrs (final: prev: {
src = pkgs.fetchFromGitHub {
owner = "joachifm";
repo = "cl-webkit";
rev = "66fd0700111586425c9942da1694b856fb15cf41";
sha256 = "sha256-t/B9CvQTekEEsM/ZEp47Mn6NeZaTYFsTdRqclfX9BNg=";
};
}))
]) ++ (with self; [
history-tree
nhooks
@ -432,7 +441,6 @@ let
nsymbols
nclasses
nfiles
cl-webkit2_3_5_9
swank
cl-containers
]);
@ -440,8 +448,8 @@ let
src = pkgs.fetchFromGitHub {
owner = "atlas-engineer";
repo = "nyxt";
rev = "3.6.0";
sha256 = "sha256-DaPEKdYf5R+RS7VQzbdLSqZvEQfxjeGEdX8rwmHRLrY=";
rev = "3.7.0";
sha256 = "sha256-viiyO4fX3uyGuvojQ1rYYKBldRdVNzeJX1KYlYwfWVU=";
};
nativeBuildInputs = [ pkgs.makeWrapper ];

4
pkgs/development/python-modules/aiohomekit/default.nix
View File

@ -19,7 +19,7 @@
buildPythonPackage rec {
pname = "aiohomekit";
version = "3.0.2";
version = "3.0.3";
format = "pyproject";
disabled = pythonOlder "3.9";
@ -28,7 +28,7 @@ buildPythonPackage rec {
owner = "Jc2k";
repo = pname;
rev = "refs/tags/${version}";
hash = "sha256-EE8+VoZ755wd8s3Gm0lziu+1r4rAFgdjEtqI0apoZ7E=";
hash = "sha256-6fNsiHddnsdjei0/wqx5ifWhM3bALlYG5Gli69+FmnM=";
};
nativeBuildInputs = [

4
pkgs/development/python-modules/aiovodafone/default.nix
View File

@ -10,7 +10,7 @@
buildPythonPackage rec {
pname = "aiovodafone";
version = "0.1.0";
version = "0.2.0";
format = "pyproject";
disabled = pythonOlder "3.10";
@ -19,7 +19,7 @@ buildPythonPackage rec {
owner = "chemelli74";
repo = "aiovodafone";
rev = "refs/tags/v${version}";
hash = "sha256-VO+lQK+0bSQqnFiLzRMnVTpTJRjv2fZhDbIoTiMFWFI=";
hash = "sha256-KIYVGPJSOWEWXuYQXmRgtXwL3kI371jvx7vbfTni2jI=";
};
postPatch = ''

141
pkgs/development/python-modules/bokeh/default.nix
View File

@ -1,43 +1,68 @@
{ buildPythonPackage
{ lib
, stdenv
, buildPythonPackage
, fetchPypi
, futures ? null
, isPy27
, isPyPy
, fetchFromGitHub
, pythonOlder
, substituteAll
, colorama
, contourpy
, jinja2
, lib
, mock
, numpy
, nodejs
, packaging
, pillow
#, pytestCheckHook#
, pytest
, python-dateutil
, pyyaml
, selenium
, six
, substituteAll
, tornado
, typing-extensions
, pytz
, flaky
, networkx
, beautifulsoup4
, requests
, nbconvert
, icalendar
, pandas
, pythonImportsCheckHook
, pillow
, tornado
, pytestCheckHook
, pyyaml
, setuptools
, setuptools-git-versioning
, xyzservices
, beautifulsoup4
, channels
, click
, colorcet
, coverage
, firefox
, geckodriver
, isort
, json5
, nbconvert
, networkx
, psutil
, pygments
, pygraphviz
, pytest
, pytest-asyncio
, pytest-xdist
, pytest-timeout
, requests
, scipy
, selenium
, toml
, typing-extensions
}:
buildPythonPackage rec {
pname = "bokeh";
# update together with panel which is not straightforward
version = "2.4.3";
version = "3.2.2";
format = "pyproject";
disabled = pythonOlder "3.9";
src = fetchPypi {
inherit pname version;
hash = "sha256-7zOAEWGvN5Zlq3o0aE8iCYYeOu/VyAOiH7u5nZSHSwM=";
hash = "sha256-spWbhSTWnsTniGvDZAdEXwqS4fGVMNO/xARSNqG3pv8=";
};
src_test = fetchFromGitHub {
owner = "bokeh";
repo = pname;
rev = "refs/tags/${version}";
hash = "sha256-PK9iLOCcivr4oF9Riq73dzxGfxzWRk3bdrCCpRrTv5g=";
};
patches = [
@ -48,48 +73,58 @@ buildPythonPackage rec {
})
];
disabled = isPyPy || isPy27;
nativeBuildInputs = [
pythonImportsCheckHook
];
pythonImportsCheck = [
"bokeh"
colorama
nodejs
setuptools
setuptools-git-versioning
];
nativeCheckInputs = [
mock
pytest
pillow
selenium
pytz
flaky
networkx
pytestCheckHook
beautifulsoup4
requests
channels
click
colorcet
coverage
firefox
geckodriver
isort
json5
nbconvert
icalendar
pandas
networkx
psutil
pygments
pygraphviz
pytest
pytest-asyncio
pytest-xdist
pytest-timeout
requests
scipy
selenium
toml
typing-extensions
];
propagatedBuildInputs = [
pillow
jinja2
python-dateutil
six
pyyaml
tornado
contourpy
numpy
packaging
typing-extensions
]
++ lib.optionals ( isPy27 ) [
futures
pandas
pillow
pyyaml
tornado
xyzservices
];
# This test suite is a complete pain. Somehow it can't find its fixtures.
doCheck = false;
doCheck = false; # need more work
pytestFlagsArray = "tests/test_defaults.py";
pythonImportsCheck = [ "bokeh" ];
preCheck = ''
cp -rv ''${src_test}/tests/* ./tests/
'';
meta = {
description = "Statistical and novel interactive HTML plots for Python";

13
pkgs/development/python-modules/bokeh/hardcode-nodejs-npmjs-paths.patch
View File

@ -1,9 +1,8 @@
diff --git a/bokeh/util/compiler.py b/bokeh/util/compiler.py
index a752aad7d..8af05ff63 100644
--- a/bokeh/util/compiler.py
+++ b/bokeh/util/compiler.py
@@ -442,8 +442,8 @@ def _detect_nodejs():
raise RuntimeError('node.js v%s or higher is needed to allow compilation of custom models ' % version +
diff -ru a/src/bokeh/util/compiler.py b/src/bokeh/util/compiler.py
--- a/src/bokeh/util/compiler.py
+++ b/src/bokeh/util/compiler.py
@@ -411,8 +411,8 @@
raise RuntimeError(f'node.js v{version_repr} or higher is needed to allow compilation of custom models ' +
'("conda install nodejs" or follow https://nodejs.org/en/download/)')
-_nodejs = None
@ -11,5 +10,5 @@ index a752aad7d..8af05ff63 100644
+_nodejs = "@node_bin@"
+_npmjs = "@npm_bin@"
def _nodejs_path():
def _nodejs_path() -> str:
global _nodejs

10
pkgs/development/python-modules/intake/default.nix
View File

@ -26,7 +26,7 @@
buildPythonPackage rec {
pname = "intake";
version = "0.7.0";
version = "unstable-2023-08-24";
format = "setuptools";
disabled = pythonOlder "3.7";
@ -34,8 +34,8 @@ buildPythonPackage rec {
src = fetchFromGitHub {
owner = pname;
repo = pname;
rev = "refs/tags/${version}";
hash = "sha256-2LUblA8eVCOfVJ6BJayralNiv6EFt6MzR5ptKksVNA4=";
rev = "81b1567a2030adfb22b856b4f63cefe35de68983";
hash = "sha256-S2PoUN0Bao5VULfHhgbXXowopPLm/njAHO3dIM8ILno=";
};
propagatedBuildInputs = [
@ -79,6 +79,8 @@ buildPythonPackage rec {
--replace "'pytest-runner'" ""
'';
__darwinAllowLocalNetworking = true;
preCheck = ''
export HOME=$(mktemp -d);
export PATH="$PATH:$out/bin";
@ -106,7 +108,7 @@ buildPythonPackage rec {
"test_ndarray"
"test_python"
# Timing-based, flaky on darwin and possibly others
"TestServerV1Source.test_idle_timer"
"test_idle_timer"
# arrow-cpp-13 related
"test_read"
"test_pickle"

7
pkgs/development/python-modules/livelossplot/default.nix
View File

@ -13,18 +13,15 @@
buildPythonPackage rec {
pname = "livelossplot";
version = "0.5.4";
version = "0.5.5";
disabled = pythonOlder "3.6";
# version number in source is wrong in this release
postPatch = ''substituteInPlace ${pname}/version.py --replace "0.5.3" "0.5.4"'';
src = fetchFromGitHub {
owner = "stared";
repo = pname;
rev = "v${version}";
sha256 = "IV6YAidoqVoKvpy+LNNHTPpobiDoGX59bHqJcBtaydk=";
sha256 = "sha256-YU8vX4SubI6txmC/i5fOjcvWfuDFm8+SPmie8Eb1qRs=";
};
propagatedBuildInputs = [ bokeh ipython matplotlib numpy ];

4
pkgs/development/python-modules/netutils/default.nix
View File

@ -13,7 +13,7 @@
buildPythonPackage rec {
pname = "netutils";
version = "1.5.0";
version = "1.6.0";
format = "pyproject";
disabled = pythonOlder "3.8";
@ -22,7 +22,7 @@ buildPythonPackage rec {
owner = "networktocode";
repo = pname;
rev = "refs/tags/v${version}";
hash = "sha256-uUw48EBUpEUw+A8wxw3qXrnqmFWQzg/zb+8qAGRSlUw=";
hash = "sha256-ocajE7E4xIatEmv58/9gEpWF2plJdiZXjk6ajD2vTzw=";
};
nativeBuildInputs = [

4
pkgs/development/python-modules/panel/default.nix
View File

@ -16,7 +16,7 @@
buildPythonPackage rec {
pname = "panel";
version = "0.14.4";
version = "1.2.2";
format = "wheel";
@ -25,7 +25,7 @@ buildPythonPackage rec {
# tries to fetch even more artifacts
src = fetchPypi {
inherit pname version format;
hash = "sha256-3U/PL8cnbNPw3xEM56YZesQEDXTE79yMCSsjdxwfUU0=";
hash = "sha256-RMRjxcUp6MTs001wdNfC/e6diOcgtqrSaVIOSQfPgTs=";
};
nativeBuildInputs = [

6
pkgs/development/python-modules/simplefix/default.nix
View File

@ -2,13 +2,13 @@
buildPythonPackage rec {
pname = "simplefix";
version = "1.0.15";
version = "1.0.16";
src = fetchFromGitHub {
repo = "simplefix";
owner = "da4089";
rev = "v${version}";
hash = "sha256-GQHMotxNRuRv6zXhrD02T+aFgfYe3RnvUGADsBeSPbA=";
rev = "refs/tags/v${version}";
hash = "sha256-dkwmWCOeTAoeSY8+1wg7RWX/d57JWc8bGagzrEPMAIU=";
};
checkPhase = ''

4
pkgs/development/tools/database/sqlfluff/default.nix
View File

@ -5,14 +5,14 @@
python3.pkgs.buildPythonApplication rec {
pname = "sqlfluff";
version = "2.3.1";
version = "2.3.2";
format = "setuptools";
src = fetchFromGitHub {
owner = pname;
repo = pname;
rev = "refs/tags/${version}";
hash = "sha256-olwvg/smXPDqKvSdpp30SEsHYWNQXU9ISbOmJH7MKLo=";
hash = "sha256-buDDu5UQmO1ImWXzqwlFZHYbn2FUjAxs8KbQX+g/mvg=";
};
propagatedBuildInputs = with python3.pkgs; [

4
pkgs/development/tools/language-servers/ruff-lsp/default.nix
View File

@ -15,7 +15,7 @@
buildPythonPackage rec {
pname = "ruff-lsp";
version = "0.0.38";
version = "0.0.39";
format = "pyproject";
disabled = pythonOlder "3.7";
@ -23,7 +23,7 @@ buildPythonPackage rec {
owner = "astral-sh";
repo = "ruff-lsp";
rev = "v${version}";
hash = "sha256-JWobbaXmIcd+c/EikiuUva5aHm3VDdeAQK60Krl6tVE=";
hash = "sha256-hbnSx59uSzXHeAhZPZnCzxl+mCZIdr29uUPfQCsm/Ww=";
};
postPatch = ''

12
pkgs/os-specific/linux/nvidia-x11/default.nix
View File

@ -75,6 +75,18 @@ rec {
url = "https://developer.nvidia.com/downloads/vulkan-beta-${lib.concatStrings (lib.splitString "." version)}-linux";
};
# data center driver compatible with current default cudaPackages
dc = dc_520;
dc_520 = generic rec {
version = "520.61.05";
url = "https://us.download.nvidia.com/tesla/${version}/NVIDIA-Linux-x86_64-${version}.run";
sha256_64bit = "sha256-EPYWZwOur/6iN/otDMrNDpNXr1mzu8cIqQl8lXhQlzU==";
fabricmanagerSha256 = "sha256-o8Kbmkg7qczKQclaGvEyXNzEOWq9ZpQZn9syeffnEiE==";
useSettings = false;
usePersistenced = false;
useFabricmanager = true;
};
# Update note:
# If you add a legacy driver here, also update `top-level/linux-kernels.nix`,
# adding to the `nvidia_x11_legacy*` entries.

47
pkgs/os-specific/linux/nvidia-x11/fabricmanager.nix Normal file
View File

@ -0,0 +1,47 @@
nvidia_x11: sha256:
{ stdenv, lib, fetchurl, patchelf }:
let
sys = with lib; concatStringsSep "-" (reverseList (splitString "-" stdenv.system));
bsys = builtins.replaceStrings ["_"] ["-"] sys;
fmver = nvidia_x11.version;
in
stdenv.mkDerivation rec {
pname = "fabricmanager";
version = fmver;
src = fetchurl {
url = "https://developer.download.nvidia.com/compute/cuda/redist/fabricmanager/" +
"${sys}/${pname}-${sys}-${fmver}-archive.tar.xz";
inherit sha256;
};
phases = [ "unpackPhase" "installPhase" ];
installPhase = ''
find .
mkdir -p $out/{bin,share/nvidia-fabricmanager}
for bin in nv{-fabricmanager,switch-audit};do
${patchelf}/bin/patchelf \
--set-interpreter ${stdenv.cc.libc}/lib/ld-${bsys}.so.2 \
--set-rpath ${lib.makeLibraryPath [ stdenv.cc.libc ]} \
bin/$bin
done
mv bin/nv{-fabricmanager,switch-audit} $out/bin/.
for d in etc systemd share/nvidia;do
mv $d $out/share/nvidia-fabricmanager/.
done
for d in include lib;do
mv $d $out/.
done
'';
meta = with lib; {
homepage = "https://www.nvidia.com/object/unix.html";
description = "Fabricmanager daemon for NVLink intialization and control";
license = licenses.unfreeRedistributable;
platforms = nvidia_x11.meta.platforms;
mainProgram = "nv-fabricmanager";
maintainers = with maintainers; [ edwtjo ];
};
}

63
pkgs/os-specific/linux/nvidia-x11/generic.nix
View File

@ -4,14 +4,19 @@
, sha256_64bit
, sha256_aarch64 ? null
, openSha256 ? null
, settingsSha256
, settingsSha256 ? null
, settingsVersion ? version
, persistencedSha256
, persistencedSha256 ? null
, persistencedVersion ? version
, fabricmanagerSha256 ? null
, fabricmanagerVersion ? version
, useGLVND ? true
, useProfiles ? true
, preferGtk2 ? false
, settings32Bit ? false
, useSettings ? true
, usePersistenced ? true
, useFabricmanager ? false
, ibtSupport ? false
, prePatch ? ""
@ -33,14 +38,21 @@
disable32Bit ? stdenv.hostPlatform.system == "aarch64-linux"
# 32 bit libs only version of this package
, lib32 ? null
# Whether to extract the GSP firmware
, firmware ? openSha256 != null
# Whether to extract the GSP firmware, datacenter drivers needs to extract the
# firmware
, firmware ? openSha256 != null || useFabricmanager
# Whether the user accepts the NVIDIA Software License
, config, acceptLicense ? config.nvidia.acceptLicense or false
}:
with lib;
assert !libsOnly -> kernel != null;
assert versionOlder version "391" -> sha256_32bit != null;
assert useSettings -> settingsSha256 != null;
assert usePersistenced -> persistencedSha256 != null;
assert useFabricmanager -> fabricmanagerSha256 != null;
assert useFabricmanager -> !(useSettings || usePersistenced);
let
nameSuffix = optionalString (!libsOnly) "-${kernel.version}";
@ -54,12 +66,33 @@ let
dbus # for nvidia-powerd
]);
# maybe silly since we've ignored this previously and just unfree..
throwLicense = throw ''
Use of NVIDIA Software requires license acceptance of the license:
- License For Customer Use of NVIDIA Software [1]
You can express acceptance by setting acceptLicense to true your nixpkgs.config.
Example:
configuration.nix:
nixpkgs.config.allowUnfree = true;
nixpkgs.config.nvidia.acceptLicense = true;
config.nix:
allowUnfree = true;
nvidia.acceptLicense = true;
[1]: https://www.nvidia.com/content/DriverDownloads/licence.php?lang=us
'';
self = stdenv.mkDerivation {
name = "nvidia-x11-${version}${nameSuffix}";
name = "nvidia-${if useFabricmanager then "dc" else "x11"}-${version}${nameSuffix}";
builder = ./builder.sh;
src =
if !acceptLicense && (openSha256 == null) then throwLicense else
if stdenv.hostPlatform.system == "x86_64-linux" then
fetchurl {
urls = if args ? url then [ args.url ] else [
@ -127,11 +160,17 @@ let
nvidia_x11 = self;
broken = brokenOpen;
}) openSha256;
settings = (if settings32Bit then pkgsi686Linux.callPackage else callPackage) (import ./settings.nix self settingsSha256) {
withGtk2 = preferGtk2;
withGtk3 = !preferGtk2;
};
persistenced = mapNullable (hash: callPackage (import ./persistenced.nix self hash) { }) persistencedSha256;
settings = if useSettings then
(if settings32Bit then pkgsi686Linux.callPackage else callPackage) (import ./settings.nix self settingsSha256) {
withGtk2 = preferGtk2;
withGtk3 = !preferGtk2;
} else {};
persistenced = if usePersistenced then
mapNullable (hash: callPackage (import ./persistenced.nix self hash) { }) persistencedSha256
else {};
fabricmanager = if useFabricmanager then
mapNullable (hash: callPackage (import ./fabricmanager.nix self hash) { }) fabricmanagerSha256
else {};
inherit persistencedVersion settingsVersion;
compressFirmware = false;
ibtSupport = ibtSupport || (lib.versionAtLeast version "530");
@ -141,12 +180,12 @@ let
meta = with lib; {
homepage = "https://www.nvidia.com/object/unix.html";
description = "X.org driver and kernel module for NVIDIA graphics cards";
description = "${if useFabricmanager then "Data Center" else "X.org"} driver and kernel module for NVIDIA cards";
license = licenses.unfreeRedistributable;
platforms = [ "x86_64-linux" ]
++ optionals (sha256_32bit != null) [ "i686-linux" ]
++ optionals (sha256_aarch64 != null) [ "aarch64-linux" ];
maintainers = with maintainers; [ jonringer kiskae ];
maintainers = with maintainers; [ jonringer kiskae edwtjo ];
priority = 4; # resolves collision with xorg-server's "lib/xorg/modules/extensions/libglx.so"
inherit broken;
};

7
pkgs/servers/sql/postgresql/ext/postgis.nix
View File

@ -16,13 +16,13 @@
}:
stdenv.mkDerivation rec {
pname = "postgis";
version = "3.3.3";
version = "3.4.0";
outputs = [ "out" "doc" ];
src = fetchurl {
url = "https://download.osgeo.org/postgis/source/postgis-${version}.tar.gz";
sha256 = "sha256-dOs1bj+F8UIzeRATNgiBtnSPeAgcxoj/nW8PZzp2LRM=";
sha256 = "sha256-rum2CmyITTVBZLMJbEZX8yRFQYZgf4WdHOBdiZeYr50=";
};
buildInputs = [ libxml2 postgresql geos proj gdal json_c protobufc pcre2.dev ]
@ -35,7 +35,7 @@ stdenv.mkDerivation rec {
preConfigure = ''
sed -i 's@/usr/bin/file@${file}/bin/file@' configure
configureFlags="--datadir=$out/share/postgresql --datarootdir=$out/share/postgresql --bindir=$out/bin --docdir=$doc/share/doc/${pname} --with-gdalconfig=${gdal}/bin/gdal-config --with-jsondir=${json_c.dev}"
configureFlags="--datadir=$out/share/postgresql --datarootdir=$out/share/postgresql --bindir=$out/bin --docdir=$doc/share/doc/${pname} --with-gdalconfig=${gdal}/bin/gdal-config --with-jsondir=${json_c.dev} --disable-extension-upgrades-install"
makeFlags="PERL=${perl}/bin/perl datadir=$out/share/postgresql pkglibdir=$out/lib bindir=$out/bin docdir=$doc/share/doc/${pname}"
'';
@ -76,5 +76,6 @@ stdenv.mkDerivation rec {
license = licenses.gpl2;
maintainers = [ maintainers.marcweber ];
inherit (postgresql.meta) platforms;
broken = versionOlder postgresql.version "12";
};
}

34
pkgs/servers/web-apps/meme-bingo-web/default.nix Normal file
View File

@ -0,0 +1,34 @@
{ lib, fetchFromGitea, rustPlatform, makeWrapper }:
rustPlatform.buildRustPackage rec {
pname = "meme-bingo-web";
version = "0.2.0";
src = fetchFromGitea {
domain = "codeberg.org";
owner = "annaaurora";
repo = "meme-bingo-web";
rev = "v${version}";
hash = "sha256-6hQra+10TaaQGzwiYfL+WHmGc6f0Hn8Tybd0lA5t0qc=";
};
cargoHash = "sha256-/hBymxNAzyfapUL5Whkg4NBLA7Fc8A1npXEa9MXTAz4=";
nativeBuildInputs = [ makeWrapper ];
postInstall = ''
mkdir -p $out/share/meme-bingo-web
cp -r {templates,static} $out/share/meme-bingo-web/
wrapProgram $out/bin/meme-bingo-web \
--set MEME_BINGO_TEMPLATES $out/share/meme-bingo-web/templates \
--set MEME_BINGO_STATIC $out/share/meme-bingo-web/static
'';
meta = with lib; {
description = "Play meme bingo using this neat web app";
homepage = "https://codeberg.org/annaaurora/meme-bingo-web";
license = licenses.unlicense;
maintainers = with maintainers; [ annaaurora ];
};
}

4
pkgs/tools/admin/azure-cli/default.nix
View File

@ -1,14 +1,14 @@
{ stdenv, lib, python3, fetchPypi, fetchFromGitHub, installShellFiles }:
let
version = "2.51.0";
version = "2.52.0";
src = fetchFromGitHub {
name = "azure-cli-${version}-src";
owner = "Azure";
repo = "azure-cli";
rev = "azure-cli-${version}";
hash = "sha512-KjkR1YKvL5stfmIbrfzj9Ons4iYyiKQdLiRh7I7Dd43lvJwXaYLNjIYL5SOX3F3D9nmNxCb0qmYAQH0iEmyVjw==";
hash = "sha256-wa0LmBMv3eQIsWEKMAHks+TvBZmTdFepPGG5XQRvZXk=";
};
# put packages that needs to be overridden in the py package scope

4
pkgs/tools/admin/azure-cli/python-packages.nix
View File

@ -289,8 +289,8 @@ let
azure-mgmt-containerregistry = overrideAzureMgmtPackage super.azure-mgmt-containerregistry "10.1.0" "zip"
"sha256-VrX9YfYNvlA8+eNqHCp35BAeQZzQKakZs7ZZKwT8oYc=";
azure-mgmt-monitor = (overrideAzureMgmtPackage super.azure-mgmt-monitor "5.0.0" "zip"
"sha256-eL9KJowxTF7hZJQQQCNJZ7l+rKPFM8wP5vEigt3ZFGE=").overridePythonAttrs (attrs: {
azure-mgmt-monitor = (overrideAzureMgmtPackage super.azure-mgmt-monitor "6.0.2" "tar.gz"
"sha256-X/v1AOSZq3kSsbptJs7yZIDZrkEVMgGbt41yViGW4Hs=").overridePythonAttrs (attrs: {
propagatedBuildInputs = attrs.propagatedBuildInputs or [ ] ++ [ self.msrest ];
});

6
pkgs/tools/networking/sing-box/default.nix
View File

@ -11,16 +11,16 @@
buildGoModule rec {
pname = "sing-box";
version = "1.4.1";
version = "1.4.2";
src = fetchFromGitHub {
owner = "SagerNet";
repo = pname;
rev = "v${version}";
hash = "sha256-AB+JNac9553Viw/XVqLFAQnEOwweCz3ltyUbB1gYMmM=";
hash = "sha256-OBLgAuZIqR+81rN886gIai8+uUxHDbOWnGz6jYZnGm8=";
};
vendorHash = "sha256-Je5852dIKjlTAym00V2gNz89Hrl8QygEfkybZlLVktY=";
vendorHash = "sha256-oDUjiMAG/vkSYS1c8lwqVlFzyvTIQrUSeJohHS9X9I0=";
tags = [
"with_quic"

2
pkgs/top-level/all-packages.nix
View File

@ -33854,6 +33854,8 @@ with pkgs;
melody = callPackage ../tools/misc/melody { };
meme-bingo-web = callPackage ../servers/web-apps/meme-bingo-web { };
meme-image-generator = callPackage ../applications/graphics/meme-image-generator { };
meme-suite = callPackage ../applications/science/biology/meme-suite { };

2
pkgs/top-level/linux-kernels.nix
View File

@ -410,6 +410,8 @@ in {
nvidia_x11_legacy470 = nvidiaPackages.legacy_470;
nvidia_x11_production = nvidiaPackages.production;
nvidia_x11_vulkan_beta = nvidiaPackages.vulkan_beta;
nvidia_dc = nvidiaPackages.dc;
nvidia_dc_520 = nvidiaPackages.dc_520;
# this is not a replacement for nvidia_x11*
# only the opensource kernel driver exposed for hydra to build