Merge master into staging-next
This commit is contained in:
commit
b71232fc53
4
.github/CONTRIBUTING.md
vendored
4
.github/CONTRIBUTING.md
vendored
@ -53,9 +53,9 @@ For package version upgrades and such a one-line commit message is usually suffi
|
||||
To [backport a change into a release branch](https://nixos.org/nixpkgs/manual/#submitting-changes-stable-release-branches):
|
||||
|
||||
1. Take note of the commit in which the change was introduced into `master`.
|
||||
2. Check out the target _release branch_, e.g. `release-19.09`. Do not use a _channel branch_ like `nixos-19.09` or `nixpkgs-19.09`.
|
||||
2. Check out the target _release branch_, e.g. `release-20.03`. Do not use a _channel branch_ like `nixos-20.03` or `nixpkgs-20.03`.
|
||||
3. Use `git cherry-pick -x <original commit>`.
|
||||
4. Open your backport PR. Make sure to select the release branch (e.g. `release-19.09`) as the target branch of the PR, and link to the PR in which the original change was made to `master`.
|
||||
4. Open your backport PR. Make sure to select the release branch (e.g. `release-20.03`) as the target branch of the PR, and link to the PR in which the original change was made to `master`.
|
||||
|
||||
## Reviewing contributions
|
||||
|
||||
|
@ -45,9 +45,9 @@ Nixpkgs and NixOS are built and tested by our continuous integration
|
||||
system, [Hydra](https://hydra.nixos.org/).
|
||||
|
||||
* [Continuous package builds for unstable/master](https://hydra.nixos.org/jobset/nixos/trunk-combined)
|
||||
* [Continuous package builds for the NixOS 19.09 release](https://hydra.nixos.org/jobset/nixos/release-19.09)
|
||||
* [Continuous package builds for the NixOS 20.03 release](https://hydra.nixos.org/jobset/nixos/release-20.03)
|
||||
* [Tests for unstable/master](https://hydra.nixos.org/job/nixos/trunk-combined/tested#tabs-constituents)
|
||||
* [Tests for the NixOS 19.09 release](https://hydra.nixos.org/job/nixos/release-19.09/tested#tabs-constituents)
|
||||
* [Tests for the NixOS 20.03 release](https://hydra.nixos.org/job/nixos/release-20.03/tested#tabs-constituents)
|
||||
|
||||
Artifacts successfully built with Hydra are published to cache at
|
||||
https://cache.nixos.org/. When successful build and test criteria are
|
||||
|
@ -63,7 +63,7 @@ type2.AppImage: ELF 64-bit LSB executable, x86-64, version 1 (SYSV) (Lepton 3.x)
|
||||
appimageTools.wrapType2 { # or wrapType1
|
||||
name = "patchwork"; <co xml:id='ex-appimageTools-wrapping-1' />
|
||||
src = fetchurl { <co xml:id='ex-appimageTools-wrapping-2' />
|
||||
url = https://github.com/ssbc/patchwork/releases/download/v3.11.4/Patchwork-3.11.4-linux-x86_64.AppImage;
|
||||
url = "https://github.com/ssbc/patchwork/releases/download/v3.11.4/Patchwork-3.11.4-linux-x86_64.AppImage";
|
||||
sha256 = "1blsprpkvm0ws9b96gb36f0rbf8f5jgmw4x6dsb1kswr4ysf591s";
|
||||
};
|
||||
extraPkgs = pkgs: with pkgs; [ ]; <co xml:id='ex-appimageTools-wrapping-3' />
|
||||
|
@ -412,7 +412,7 @@ buildPythonPackage rec {
|
||||
|
||||
meta = with lib; {
|
||||
description = "A pythonic wrapper around FFTW, the FFT library, presenting a unified interface for all the supported transforms";
|
||||
homepage = http://hgomersall.github.com/pyFFTW;
|
||||
homepage = "http://hgomersall.github.com/pyFFTW";
|
||||
license = with licenses; [ bsd2 bsd3 ];
|
||||
maintainers = with maintainers; [ fridh ];
|
||||
};
|
||||
|
@ -32,7 +32,7 @@ bundlerEnv rec {
|
||||
|
||||
meta = with lib; {
|
||||
description = "A monitoring framework that aims to be simple, malleable, and scalable";
|
||||
homepage = http://sensuapp.org/;
|
||||
homepage = "http://sensuapp.org/";
|
||||
license = with licenses; mit;
|
||||
maintainers = with maintainers; [ theuni ];
|
||||
platforms = platforms.unix;
|
||||
@ -69,7 +69,7 @@ bundlerApp {
|
||||
|
||||
meta = with lib; {
|
||||
description = "Tool and libraries for maintaining Ruby gems.";
|
||||
homepage = https://github.com/nyarly/corundum;
|
||||
homepage = "https://github.com/nyarly/corundum";
|
||||
license = licenses.mit;
|
||||
maintainers = [ maintainers.nyarly ];
|
||||
platforms = platforms.unix;
|
||||
|
@ -149,31 +149,4 @@ EOF
|
||||
]]></programlisting>
|
||||
</para>
|
||||
</section>
|
||||
|
||||
<section xml:id="sec-language-texlive-known-problems">
|
||||
<title>Known problems</title>
|
||||
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
<para>
|
||||
Some tools are still missing, e.g. luajittex;
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
some apps aren't packaged/tested yet (asymptote, biber, etc.);
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
feature/bug: when a package is rejected by <varname>pkgFilter</varname>, its dependencies are still propagated;
|
||||
</para>
|
||||
</listitem>
|
||||
<listitem>
|
||||
<para>
|
||||
in case of any bugs or feature requests, file a github issue or better a pull request and /cc @vcunat.
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</section>
|
||||
</section>
|
||||
|
@ -60,7 +60,7 @@ stdenv.mkDerivation {
|
||||
name = "binutils-2.16.1-arm";
|
||||
builder = ./builder.sh;
|
||||
src = fetchurl {
|
||||
url = http://ftp.nluug.nl/gnu/binutils/binutils-2.16.1.tar.bz2;
|
||||
url = "http://ftp.nluug.nl/gnu/binutils/binutils-2.16.1.tar.bz2";
|
||||
sha256 = "1ian3kwh2vg6hr3ymrv48s04gijs539vzrq62xr76bxbhbwnz2np";
|
||||
};
|
||||
inherit noSysDirs;
|
||||
@ -84,7 +84,7 @@ stdenv.mkDerivation {
|
||||
name = "linux-headers-2.6.13.1-arm";
|
||||
builder = ./builder.sh;
|
||||
src = fetchurl {
|
||||
url = http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.13.1.tar.bz2;
|
||||
url = "http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.13.1.tar.bz2";
|
||||
sha256 = "12qxmc827fjhaz53kjy7vyrzsaqcg78amiqsb3qm20z26w705lma";
|
||||
};
|
||||
}
|
||||
|
@ -190,7 +190,7 @@ preConfigure = "configureFlagsArray=(\"CFLAGS=-O0 -g\")";</programlisting>
|
||||
The function <function>fetchurl</function> now has support for two different kinds of mirroring of files. First, it has support for <emphasis>content-addressable mirrors</emphasis>. For example, given the <function>fetchurl</function> call
|
||||
<programlisting>
|
||||
fetchurl {
|
||||
url = http://releases.mozilla.org/<replaceable>...</replaceable>/firefox-2.0.0.6-source.tar.bz2;
|
||||
url = "http://releases.mozilla.org/<replaceable>...</replaceable>/firefox-2.0.0.6-source.tar.bz2";
|
||||
sha1 = "eb72f55e4a8bf08e8c6ef227c0ade3d068ba1082";
|
||||
}</programlisting>
|
||||
<function>fetchurl</function> will first try to download this file from <link
|
||||
|
@ -14,7 +14,7 @@
|
||||
stdenv.mkDerivation {
|
||||
name = "libfoo-1.2.3";
|
||||
src = fetchurl {
|
||||
url = http://example.org/libfoo-1.2.3.tar.bz2;
|
||||
url = "http://example.org/libfoo-1.2.3.tar.bz2";
|
||||
sha256 = "0x2g1jqygyr5wiwg4ma1nd7w4ydpy82z9gkcv8vh2v8dn3y58v5m";
|
||||
};
|
||||
}</programlisting>
|
||||
|
@ -2,7 +2,7 @@
|
||||
let
|
||||
|
||||
spdx = lic: lic // {
|
||||
url = "http://spdx.org/licenses/${lic.spdxId}.html";
|
||||
url = "https://spdx.org/licenses/${lic.spdxId}.html";
|
||||
};
|
||||
|
||||
in
|
||||
@ -40,13 +40,13 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
|
||||
|
||||
amazonsl = {
|
||||
fullName = "Amazon Software License";
|
||||
url = "http://aws.amazon.com/asl/";
|
||||
url = "https://aws.amazon.com/asl/";
|
||||
free = false;
|
||||
};
|
||||
|
||||
amd = {
|
||||
fullName = "AMD License Agreement";
|
||||
url = "http://developer.amd.com/amd-license-agreement/";
|
||||
url = "https://developer.amd.com/amd-license-agreement/";
|
||||
free = false;
|
||||
};
|
||||
|
||||
@ -230,7 +230,7 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
|
||||
|
||||
eapl = {
|
||||
fullName = "EPSON AVASYS PUBLIC LICENSE";
|
||||
url = "http://avasys.jp/hp/menu000000700/hpg000000603.htm";
|
||||
url = "https://avasys.jp/hp/menu000000700/hpg000000603.htm";
|
||||
free = false;
|
||||
};
|
||||
|
||||
@ -271,6 +271,11 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
|
||||
fullName = "European Union Public License 1.1";
|
||||
};
|
||||
|
||||
eupl12 = spdx {
|
||||
spdxId = "EUPL-1.2";
|
||||
fullName = "European Union Public License 1.2";
|
||||
};
|
||||
|
||||
fdl12 = spdx {
|
||||
spdxId = "GFDL-1.2-only";
|
||||
fullName = "GNU Free Documentation License v1.2 only";
|
||||
@ -293,7 +298,7 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
|
||||
|
||||
ffsl = {
|
||||
fullName = "Floodgap Free Software License";
|
||||
url = "http://www.floodgap.com/software/ffsl/license.html";
|
||||
url = "https://www.floodgap.com/software/ffsl/license.html";
|
||||
free = false;
|
||||
};
|
||||
|
||||
@ -370,7 +375,7 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
|
||||
# Intel's license, seems free
|
||||
iasl = {
|
||||
fullName = "iASL";
|
||||
url = "http://www.calculate-linux.org/packages/licenses/iASL";
|
||||
url = "https://old.calculate-linux.org/packages/licenses/iASL";
|
||||
};
|
||||
|
||||
ijg = spdx {
|
||||
@ -385,13 +390,13 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
|
||||
|
||||
inria-compcert = {
|
||||
fullName = "INRIA Non-Commercial License Agreement for the CompCert verified compiler";
|
||||
url = "http://compcert.inria.fr/doc/LICENSE";
|
||||
url = "http://compcert.inria.fr/doc/LICENSE"; # https is broken
|
||||
free = false;
|
||||
};
|
||||
|
||||
inria-icesl = {
|
||||
fullName = "INRIA Non-Commercial License Agreement for IceSL";
|
||||
url = "http://shapeforge.loria.fr/icesl/EULA_IceSL_binary.pdf";
|
||||
url = "http://shapeforge.loria.fr/icesl/EULA_IceSL_binary.pdf"; # https is broken
|
||||
free = false;
|
||||
};
|
||||
|
||||
@ -469,7 +474,7 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
|
||||
|
||||
llgpl21 = {
|
||||
fullName = "Lisp LGPL; GNU Lesser General Public License version 2.1 with Franz Inc. preamble for clarification of LGPL terms in context of Lisp";
|
||||
url = "http://opensource.franz.com/preamble.html";
|
||||
url = "https://opensource.franz.com/preamble.html";
|
||||
};
|
||||
|
||||
lppl12 = spdx {
|
||||
@ -493,7 +498,7 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
|
||||
};
|
||||
|
||||
# spdx.org does not (yet) differentiate between the X11 and Expat versions
|
||||
# for details see http://en.wikipedia.org/wiki/MIT_License#Various_versions
|
||||
# for details see https://en.wikipedia.org/wiki/MIT_License#Various_versions
|
||||
mit = spdx {
|
||||
spdxId = "MIT";
|
||||
fullName = "MIT License";
|
||||
@ -596,7 +601,7 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
|
||||
psfl = spdx {
|
||||
spdxId = "Python-2.0";
|
||||
fullName = "Python Software Foundation License version 2";
|
||||
#url = http://docs.python.org/license.html;
|
||||
url = "https://docs.python.org/license.html";
|
||||
};
|
||||
|
||||
publicDomain = {
|
||||
@ -620,7 +625,7 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
|
||||
|
||||
qwt = {
|
||||
fullName = "Qwt License, Version 1.0";
|
||||
url = "http://qwt.sourceforge.net/qwtlicense.html";
|
||||
url = "https://qwt.sourceforge.io/qwtlicense.html";
|
||||
};
|
||||
|
||||
ruby = spdx {
|
||||
@ -646,7 +651,7 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
|
||||
smail = {
|
||||
shortName = "smail";
|
||||
fullName = "SMAIL General Public License";
|
||||
url = "http://metadata.ftp-master.debian.org/changelogs/main/d/debianutils/debianutils_4.8.1_copyright";
|
||||
url = "https://sources.debian.org/copyright/license/debianutils/4.9.1/";
|
||||
};
|
||||
|
||||
sspl = {
|
||||
@ -663,7 +668,7 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
|
||||
|
||||
ufl = {
|
||||
fullName = "Ubuntu Font License 1.0";
|
||||
url = "http://font.ubuntu.com/ufl/ubuntu-font-licence-1.0.txt";
|
||||
url = "https://ubuntu.com/legal/font-licence";
|
||||
};
|
||||
|
||||
unfree = {
|
||||
@ -740,7 +745,7 @@ lib.mapAttrs (n: v: v // { shortName = n; }) {
|
||||
|
||||
xfig = {
|
||||
fullName = "xfig";
|
||||
url = "http://mcj.sourceforge.net/authors.html#xfig";
|
||||
url = "http://mcj.sourceforge.net/authors.html#xfig"; # https is broken
|
||||
};
|
||||
|
||||
zlib = spdx {
|
||||
|
@ -7816,6 +7816,12 @@
|
||||
githubId = 563054;
|
||||
name = "Thomas Tuegel";
|
||||
};
|
||||
turion = {
|
||||
email = "programming@manuelbaerenz.de";
|
||||
github = "turion";
|
||||
githubId = 303489;
|
||||
name = "Manuel Bärenz";
|
||||
};
|
||||
tv = {
|
||||
email = "tv@krebsco.de";
|
||||
github = "4z3";
|
||||
|
@ -14,7 +14,7 @@
|
||||
<para>
|
||||
<emphasis>Stable channels</emphasis>, such as
|
||||
<literal
|
||||
xlink:href="https://nixos.org/channels/nixos-19.09">nixos-19.09</literal>.
|
||||
xlink:href="https://nixos.org/channels/nixos-20.03">nixos-20.03</literal>.
|
||||
These only get conservative bug fixes and package upgrades. For instance,
|
||||
a channel update may cause the Linux kernel on your system to be upgraded
|
||||
from 4.19.34 to 4.19.38 (a minor bug fix), but not from
|
||||
@ -38,7 +38,7 @@
|
||||
<para>
|
||||
<emphasis>Small channels</emphasis>, such as
|
||||
<literal
|
||||
xlink:href="https://nixos.org/channels/nixos-19.09-small">nixos-19.09-small</literal>
|
||||
xlink:href="https://nixos.org/channels/nixos-20.03-small">nixos-20.03-small</literal>
|
||||
or
|
||||
<literal
|
||||
xlink:href="https://nixos.org/channels/nixos-unstable-small">nixos-unstable-small</literal>.
|
||||
@ -63,8 +63,8 @@
|
||||
<para>
|
||||
When you first install NixOS, you’re automatically subscribed to the NixOS
|
||||
channel that corresponds to your installation source. For instance, if you
|
||||
installed from a 19.09 ISO, you will be subscribed to the
|
||||
<literal>nixos-19.09</literal> channel. To see which NixOS channel you’re
|
||||
installed from a 20.03 ISO, you will be subscribed to the
|
||||
<literal>nixos-20.03</literal> channel. To see which NixOS channel you’re
|
||||
subscribed to, run the following as root:
|
||||
<screen>
|
||||
# nix-channel --list | grep nixos
|
||||
@ -75,13 +75,13 @@ nixos https://nixos.org/channels/nixos-unstable
|
||||
# nix-channel --add https://nixos.org/channels/<replaceable>channel-name</replaceable> nixos
|
||||
</screen>
|
||||
(Be sure to include the <literal>nixos</literal> parameter at the end.) For
|
||||
instance, to use the NixOS 19.09 stable channel:
|
||||
instance, to use the NixOS 20.03 stable channel:
|
||||
<screen>
|
||||
# nix-channel --add https://nixos.org/channels/nixos-19.09 nixos
|
||||
# nix-channel --add https://nixos.org/channels/nixos-20.03 nixos
|
||||
</screen>
|
||||
If you have a server, you may want to use the “small” channel instead:
|
||||
<screen>
|
||||
# nix-channel --add https://nixos.org/channels/nixos-19.09-small nixos
|
||||
# nix-channel --add https://nixos.org/channels/nixos-20.03-small nixos
|
||||
</screen>
|
||||
And if you want to live on the bleeding edge:
|
||||
<screen>
|
||||
@ -132,7 +132,7 @@ nixos https://nixos.org/channels/nixos-unstable
|
||||
kernel, initrd or kernel modules.
|
||||
You can also specify a channel explicitly, e.g.
|
||||
<programlisting>
|
||||
<xref linkend="opt-system.autoUpgrade.channel"/> = https://nixos.org/channels/nixos-19.09;
|
||||
<xref linkend="opt-system.autoUpgrade.channel"/> = https://nixos.org/channels/nixos-20.03;
|
||||
</programlisting>
|
||||
</para>
|
||||
</section>
|
||||
|
@ -3,7 +3,7 @@
|
||||
xmlns:xi="http://www.w3.org/2001/XInclude"
|
||||
version="5.0"
|
||||
xml:id="sec-release-20.03">
|
||||
<title>Release 20.03 (“Markhor”, 2020.03/??)</title>
|
||||
<title>Release 20.03 (“Markhor”, 2020.04/20)</title>
|
||||
|
||||
<section xmlns="http://docbook.org/ns/docbook"
|
||||
xmlns:xlink="http://www.w3.org/1999/xlink"
|
||||
|
@ -255,6 +255,7 @@ environment.systemPackages = [
|
||||
# sudo /run/current-system/fine-tune/child-1/bin/switch-to-configuration test
|
||||
</programlisting>
|
||||
</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
</section>
|
||||
|
||||
|
@ -10,14 +10,6 @@ let
|
||||
|
||||
videoDrivers = config.services.xserver.videoDrivers;
|
||||
|
||||
makePackage = p: pkgs.buildEnv {
|
||||
name = "mesa-drivers+txc-${p.mesa.version}";
|
||||
paths =
|
||||
[ p.mesa.drivers
|
||||
(if cfg.s3tcSupport then p.libtxc_dxtn else p.libtxc_dxtn_s2tc)
|
||||
];
|
||||
};
|
||||
|
||||
package = pkgs.buildEnv {
|
||||
name = "opengl-drivers";
|
||||
paths = [ cfg.package ] ++ cfg.extraPackages;
|
||||
@ -34,6 +26,9 @@ in
|
||||
|
||||
imports = [
|
||||
(mkRenamedOptionModule [ "services" "xserver" "vaapiDrivers" ] [ "hardware" "opengl" "extraPackages" ])
|
||||
(mkRemovedOptionModule [ "hardware" "opengl" "s3tcSupport" ] ''
|
||||
S3TC support is now always enabled in Mesa.
|
||||
'')
|
||||
];
|
||||
|
||||
options = {
|
||||
@ -74,17 +69,6 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
s3tcSupport = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Make S3TC(S3 Texture Compression) via libtxc_dxtn available
|
||||
to OpenGL drivers instead of the patent-free S2TC replacement.
|
||||
|
||||
Using this library may require a patent license depending on your location.
|
||||
'';
|
||||
};
|
||||
|
||||
package = mkOption {
|
||||
type = types.package;
|
||||
internal = true;
|
||||
@ -166,8 +150,8 @@ in
|
||||
environment.sessionVariables.LD_LIBRARY_PATH = mkIf cfg.setLdLibraryPath
|
||||
([ "/run/opengl-driver/lib" ] ++ optional cfg.driSupport32Bit "/run/opengl-driver-32/lib");
|
||||
|
||||
hardware.opengl.package = mkDefault (makePackage pkgs);
|
||||
hardware.opengl.package32 = mkDefault (makePackage pkgs.pkgsi686Linux);
|
||||
hardware.opengl.package = mkDefault pkgs.mesa.drivers;
|
||||
hardware.opengl.package32 = mkDefault pkgs.pkgsi686Linux.mesa.drivers;
|
||||
|
||||
boot.extraModulePackages = optional (elem "virtualbox" videoDrivers) kernelPackages.virtualboxGuestAdditions;
|
||||
};
|
||||
|
@ -180,7 +180,7 @@ sub pciCheck {
|
||||
) )
|
||||
{
|
||||
# we need e.g. brcmfmac43602-pcie.bin
|
||||
push @imports, "<nixpkgs/nixos/modules/hardware/network/broadcom-43xx.nix>";
|
||||
push @imports, "(modulesPath + \"/hardware/network/broadcom-43xx.nix\")";
|
||||
}
|
||||
|
||||
# Can't rely on $module here, since the module may not be loaded
|
||||
@ -279,7 +279,7 @@ if ($virt eq "oracle") {
|
||||
|
||||
# Likewise for QEMU.
|
||||
if ($virt eq "qemu" || $virt eq "kvm" || $virt eq "bochs") {
|
||||
push @imports, "<nixpkgs/nixos/modules/profiles/qemu-guest.nix>";
|
||||
push @imports, "(modulesPath + \"/profiles/qemu-guest.nix\")";
|
||||
}
|
||||
|
||||
# Also for Hyper-V.
|
||||
@ -296,7 +296,7 @@ if ($virt eq "systemd-nspawn") {
|
||||
|
||||
# Provide firmware for devices that are not detected by this script,
|
||||
# unless we're in a VM/container.
|
||||
push @imports, "<nixpkgs/nixos/modules/installer/scan/not-detected.nix>"
|
||||
push @imports, "(modulesPath + \"/installer/scan/not-detected.nix\")"
|
||||
if $virt eq "none";
|
||||
|
||||
|
||||
@ -549,7 +549,7 @@ my $hwConfig = <<EOF;
|
||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, ... }:
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =${\multiLineList(" ", @imports)};
|
||||
|
@ -546,6 +546,7 @@
|
||||
./services/monitoring/teamviewer.nix
|
||||
./services/monitoring/telegraf.nix
|
||||
./services/monitoring/thanos.nix
|
||||
./services/monitoring/tuptime.nix
|
||||
./services/monitoring/ups.nix
|
||||
./services/monitoring/uptime.nix
|
||||
./services/monitoring/vnstat.nix
|
||||
|
@ -7,7 +7,7 @@ with lib;
|
||||
|
||||
{
|
||||
meta = {
|
||||
maintainers = [ maintainers.joachifm ];
|
||||
maintainers = [ maintainers.joachifm maintainers.emily ];
|
||||
};
|
||||
|
||||
boot.kernelPackages = mkDefault pkgs.linuxPackages_hardened;
|
||||
@ -21,8 +21,6 @@ with lib;
|
||||
|
||||
security.lockKernelModules = mkDefault true;
|
||||
|
||||
security.allowUserNamespaces = mkDefault false;
|
||||
|
||||
security.protectKernelImage = mkDefault true;
|
||||
|
||||
security.allowSimultaneousMultithreading = mkDefault false;
|
||||
@ -37,15 +35,9 @@ with lib;
|
||||
# Slab/slub sanity checks, redzoning, and poisoning
|
||||
"slub_debug=FZP"
|
||||
|
||||
# Disable slab merging to make certain heap overflow attacks harder
|
||||
"slab_nomerge"
|
||||
|
||||
# Overwrite free'd memory
|
||||
"page_poison=1"
|
||||
|
||||
# Disable legacy virtual syscalls
|
||||
"vsyscall=none"
|
||||
|
||||
# Enable page allocator randomization
|
||||
"page_alloc.shuffle=1"
|
||||
];
|
||||
@ -82,38 +74,12 @@ with lib;
|
||||
# (e.g., parent/child)
|
||||
boot.kernel.sysctl."kernel.yama.ptrace_scope" = mkOverride 500 1;
|
||||
|
||||
# Restrict access to kernel ring buffer (information leaks)
|
||||
boot.kernel.sysctl."kernel.dmesg_restrict" = mkDefault true;
|
||||
|
||||
# Hide kptrs even for processes with CAP_SYSLOG
|
||||
boot.kernel.sysctl."kernel.kptr_restrict" = mkOverride 500 2;
|
||||
|
||||
# Unprivileged access to bpf() has been used for privilege escalation in
|
||||
# the past
|
||||
boot.kernel.sysctl."kernel.unprivileged_bpf_disabled" = mkDefault true;
|
||||
|
||||
# Disable bpf() JIT (to eliminate spray attacks)
|
||||
boot.kernel.sysctl."net.core.bpf_jit_enable" = mkDefault false;
|
||||
|
||||
# ... or at least apply some hardening to it
|
||||
boot.kernel.sysctl."net.core.bpf_jit_harden" = mkDefault true;
|
||||
|
||||
# Raise ASLR entropy for 64bit & 32bit, respectively.
|
||||
#
|
||||
# Note: mmap_rnd_compat_bits may not exist on 64bit.
|
||||
boot.kernel.sysctl."vm.mmap_rnd_bits" = mkDefault 32;
|
||||
boot.kernel.sysctl."vm.mmap_rnd_compat_bits" = mkDefault 16;
|
||||
|
||||
# Allowing users to mmap() memory starting at virtual address 0 can turn a
|
||||
# NULL dereference bug in the kernel into code execution with elevated
|
||||
# privilege. Mitigate by enforcing a minimum base addr beyond the NULL memory
|
||||
# space. This breaks applications that require mapping the 0 page, such as
|
||||
# dosemu or running 16bit applications under wine. It also breaks older
|
||||
# versions of qemu.
|
||||
#
|
||||
# The value is taken from the KSPP recommendations (Debian uses 4096).
|
||||
boot.kernel.sysctl."vm.mmap_min_addr" = mkDefault 65536;
|
||||
|
||||
# Disable ftrace debugging
|
||||
boot.kernel.sysctl."kernel.ftrace_enabled" = mkDefault false;
|
||||
|
||||
@ -140,7 +106,4 @@ with lib;
|
||||
# Ignore outgoing ICMP redirects (this is ipv4 only)
|
||||
boot.kernel.sysctl."net.ipv4.conf.all.send_redirects" = mkDefault false;
|
||||
boot.kernel.sysctl."net.ipv4.conf.default.send_redirects" = mkDefault false;
|
||||
|
||||
# Restrict userfaultfd syscalls to processes with the SYS_PTRACE capability
|
||||
boot.kernel.sysctl."vm.unprivileged_userfaultfd" = mkDefault false;
|
||||
}
|
||||
|
@ -343,7 +343,9 @@ in
|
||||
|
||||
# Test that existing cert is older than new cert
|
||||
KEY=${spath}/certificates/${keyName}.key
|
||||
KEY_CHANGED=no
|
||||
if [ -e $KEY -a $KEY -nt key.pem ]; then
|
||||
KEY_CHANGED=yes
|
||||
cp -p ${spath}/certificates/${keyName}.key key.pem
|
||||
cp -p ${spath}/certificates/${keyName}.crt fullchain.pem
|
||||
cp -p ${spath}/certificates/${keyName}.issuer.crt chain.pem
|
||||
@ -354,7 +356,10 @@ in
|
||||
chmod ${fileMode} *.pem
|
||||
chown '${data.user}:${data.group}' *.pem
|
||||
|
||||
${data.postRun}
|
||||
if [ "$KEY_CHANGED" = "yes" ]; then
|
||||
: # noop in case postRun is empty
|
||||
${data.postRun}
|
||||
fi
|
||||
'';
|
||||
in
|
||||
"+${script}";
|
||||
|
@ -153,7 +153,7 @@ in
|
||||
defaultText = "pkgs.cockroachdb";
|
||||
description = ''
|
||||
The CockroachDB derivation to use for running the service.
|
||||
|
||||
|
||||
This would primarily be useful to enable Enterprise Edition features
|
||||
in your own custom CockroachDB build (Nixpkgs CockroachDB binaries
|
||||
only contain open source features and open source code).
|
||||
|
@ -91,6 +91,8 @@ in {
|
||||
};
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [ rss2email ];
|
||||
|
||||
services.rss2email.config.to = cfg.to;
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
|
@ -132,7 +132,7 @@ in
|
||||
example = literalExample ''
|
||||
{
|
||||
dkuk-redmine_alex_skin = builtins.fetchurl {
|
||||
url = https://bitbucket.org/dkuk/redmine_alex_skin/get/1842ef675ef3.zip;
|
||||
url = "https://bitbucket.org/dkuk/redmine_alex_skin/get/1842ef675ef3.zip";
|
||||
sha256 = "0hrin9lzyi50k4w2bd2b30vrf1i4fi1c0gyas5801wn8i7kpm9yl";
|
||||
};
|
||||
}
|
||||
@ -146,7 +146,7 @@ in
|
||||
example = literalExample ''
|
||||
{
|
||||
redmine_env_auth = builtins.fetchurl {
|
||||
url = https://github.com/Intera/redmine_env_auth/archive/0.6.zip;
|
||||
url = "https://github.com/Intera/redmine_env_auth/archive/0.6.zip";
|
||||
sha256 = "0yyr1yjd8gvvh832wdc8m3xfnhhxzk2pk3gm2psg5w9jdvd6skak";
|
||||
};
|
||||
}
|
||||
|
84
nixos/modules/services/monitoring/tuptime.nix
Normal file
84
nixos/modules/services/monitoring/tuptime.nix
Normal file
@ -0,0 +1,84 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
|
||||
cfg = config.services.tuptime;
|
||||
|
||||
in {
|
||||
|
||||
options.services.tuptime = {
|
||||
|
||||
enable = mkEnableOption "the total uptime service";
|
||||
|
||||
timer = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
description = "Whether to regularly log uptime to detect bad shutdowns.";
|
||||
};
|
||||
|
||||
period = mkOption {
|
||||
type = types.str;
|
||||
default = "*:0/5";
|
||||
description = "systemd calendar event";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
environment.systemPackages = [ pkgs.tuptime ];
|
||||
|
||||
users.users.tuptime.description = "tuptime database owner";
|
||||
|
||||
systemd = {
|
||||
services = {
|
||||
|
||||
tuptime = {
|
||||
description = "the total uptime service";
|
||||
documentation = [ "man:tuptime(1)" ];
|
||||
after = [ "time-sync.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
StateDirectory = "tuptime";
|
||||
Type = "oneshot";
|
||||
User = "tuptime";
|
||||
RemainAfterExit = true;
|
||||
ExecStart = "${pkgs.tuptime}/bin/tuptime -x";
|
||||
ExecStop = "${pkgs.tuptime}/bin/tuptime -xg";
|
||||
};
|
||||
};
|
||||
|
||||
tuptime-oneshot = mkIf cfg.timer.enable {
|
||||
description = "the tuptime scheduled execution unit";
|
||||
serviceConfig = {
|
||||
StateDirectory = "tuptime";
|
||||
Type = "oneshot";
|
||||
User = "tuptime";
|
||||
ExecStart = "${pkgs.tuptime}/bin/tuptime -x";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
timers.tuptime = mkIf cfg.timer.enable {
|
||||
description = "the tuptime scheduled execution timer";
|
||||
# this timer should be started if the service is started
|
||||
# even if the timer was previously stopped
|
||||
wantedBy = [ "tuptime.service" "timers.target" ];
|
||||
# this timer should be stopped if the service is stopped
|
||||
partOf = [ "tuptime.service" ];
|
||||
timerConfig = {
|
||||
OnBootSec = "1min";
|
||||
OnCalendar = cfg.timer.period;
|
||||
Unit = "tuptime-oneshot.service";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
meta.maintainers = [ maintainers.evils ];
|
||||
|
||||
}
|
@ -92,6 +92,11 @@ in
|
||||
|
||||
systemd.services.systemd-timedated.environment = { SYSTEMD_TIMEDATED_NTP_SERVICES = "chronyd.service"; };
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d ${stateDir} 0755 chrony chrony - -"
|
||||
"f ${keyFile} 0640 chrony chrony -"
|
||||
];
|
||||
|
||||
systemd.services.chronyd =
|
||||
{ description = "chrony NTP daemon";
|
||||
|
||||
@ -103,13 +108,6 @@ in
|
||||
|
||||
path = [ pkgs.chrony ];
|
||||
|
||||
preStart = ''
|
||||
mkdir -m 0755 -p ${stateDir}
|
||||
touch ${keyFile}
|
||||
chmod 0640 ${keyFile}
|
||||
chown chrony:chrony ${stateDir} ${keyFile}
|
||||
'';
|
||||
|
||||
unitConfig.ConditionCapability = "CAP_SYS_TIME";
|
||||
serviceConfig =
|
||||
{ Type = "simple";
|
||||
@ -118,7 +116,7 @@ in
|
||||
ProtectHome = "yes";
|
||||
ProtectSystem = "full";
|
||||
PrivateTmp = "yes";
|
||||
|
||||
StateDirectory = "chrony";
|
||||
};
|
||||
|
||||
};
|
||||
|
@ -58,7 +58,7 @@ in {
|
||||
default = {};
|
||||
example = literalExample ''
|
||||
{
|
||||
domain = https://bw.domain.tld:8443;
|
||||
domain = "https://bw.domain.tld:8443";
|
||||
signupsAllowed = true;
|
||||
rocketPort = 8222;
|
||||
rocketLog = "critical";
|
||||
|
@ -3,13 +3,14 @@
|
||||
let
|
||||
|
||||
inherit (lib) mkEnableOption mkForce mkIf mkMerge mkOption optionalAttrs recursiveUpdate types;
|
||||
inherit (lib) concatMapStringsSep flatten mapAttrs mapAttrs' mapAttrsToList nameValuePair concatMapStringSep;
|
||||
|
||||
cfg = config.services.dokuwiki;
|
||||
eachSite = config.services.dokuwiki;
|
||||
|
||||
user = config.services.nginx.user;
|
||||
user = "dokuwiki";
|
||||
group = config.services.nginx.group;
|
||||
|
||||
dokuwikiAclAuthConfig = pkgs.writeText "acl.auth.php" ''
|
||||
dokuwikiAclAuthConfig = cfg: pkgs.writeText "acl.auth.php" ''
|
||||
# acl.auth.php
|
||||
# <?php exit()?>
|
||||
#
|
||||
@ -18,244 +19,353 @@ let
|
||||
${toString cfg.acl}
|
||||
'';
|
||||
|
||||
dokuwikiLocalConfig = pkgs.writeText "local.php" ''
|
||||
dokuwikiLocalConfig = cfg: pkgs.writeText "local.php" ''
|
||||
<?php
|
||||
$conf['savedir'] = '${cfg.stateDir}';
|
||||
$conf['superuser'] = '${toString cfg.superUser}';
|
||||
$conf['useacl'] = '${toString cfg.aclUse}';
|
||||
$conf['disableactions'] = '${cfg.disableActions}';
|
||||
${toString cfg.extraConfig}
|
||||
'';
|
||||
|
||||
dokuwikiPluginsLocalConfig = pkgs.writeText "plugins.local.php" ''
|
||||
dokuwikiPluginsLocalConfig = cfg: pkgs.writeText "plugins.local.php" ''
|
||||
<?php
|
||||
${cfg.pluginsConfig}
|
||||
'';
|
||||
|
||||
pkg = hostName: cfg: pkgs.stdenv.mkDerivation rec {
|
||||
pname = "dokuwiki-${hostName}";
|
||||
version = src.version;
|
||||
src = cfg.package;
|
||||
|
||||
installPhase = ''
|
||||
mkdir -p $out
|
||||
cp -r * $out/
|
||||
|
||||
# symlink the dokuwiki config
|
||||
ln -s ${dokuwikiLocalConfig cfg} $out/share/dokuwiki/local.php
|
||||
|
||||
# symlink plugins config
|
||||
ln -s ${dokuwikiPluginsLocalConfig cfg} $out/share/dokuwiki/plugins.local.php
|
||||
|
||||
# symlink acl
|
||||
ln -s ${dokuwikiAclAuthConfig cfg} $out/share/dokuwiki/acl.auth.php
|
||||
|
||||
# symlink additional plugin(s) and templates(s)
|
||||
${concatMapStringsSep "\n" (template: "ln -s ${template} $out/share/dokuwiki/lib/tpl/${template.name}") cfg.templates}
|
||||
${concatMapStringsSep "\n" (plugin: "ln -s ${plugin} $out/share/dokuwiki/lib/plugins/${plugin.name}") cfg.plugins}
|
||||
'';
|
||||
};
|
||||
|
||||
siteOpts = { config, lib, name, ...}: {
|
||||
options = {
|
||||
enable = mkEnableOption "DokuWiki web application.";
|
||||
|
||||
package = mkOption {
|
||||
type = types.package;
|
||||
default = pkgs.dokuwiki;
|
||||
description = "Which dokuwiki package to use.";
|
||||
};
|
||||
|
||||
hostName = mkOption {
|
||||
type = types.str;
|
||||
default = "localhost";
|
||||
description = "FQDN for the instance.";
|
||||
};
|
||||
|
||||
stateDir = mkOption {
|
||||
type = types.path;
|
||||
default = "/var/lib/dokuwiki/${name}/data";
|
||||
description = "Location of the dokuwiki state directory.";
|
||||
};
|
||||
|
||||
acl = mkOption {
|
||||
type = types.nullOr types.lines;
|
||||
default = null;
|
||||
example = "* @ALL 8";
|
||||
description = ''
|
||||
Access Control Lists: see <link xlink:href="https://www.dokuwiki.org/acl"/>
|
||||
Mutually exclusive with services.dokuwiki.aclFile
|
||||
Set this to a value other than null to take precedence over aclFile option.
|
||||
|
||||
Warning: Consider using aclFile instead if you do not
|
||||
want to store the ACL in the world-readable Nix store.
|
||||
'';
|
||||
};
|
||||
|
||||
aclFile = mkOption {
|
||||
type = with types; nullOr str;
|
||||
default = if (config.aclUse && config.acl == null) then "/var/lib/dokuwiki/${name}/users.auth.php" else null;
|
||||
description = ''
|
||||
Location of the dokuwiki acl rules. Mutually exclusive with services.dokuwiki.acl
|
||||
Mutually exclusive with services.dokuwiki.acl which is preferred.
|
||||
Consult documentation <link xlink:href="https://www.dokuwiki.org/acl"/> for further instructions.
|
||||
Example: <link xlink:href="https://github.com/splitbrain/dokuwiki/blob/master/conf/acl.auth.php.dist"/>
|
||||
'';
|
||||
example = "/var/lib/dokuwiki/${name}/acl.auth.php";
|
||||
};
|
||||
|
||||
aclUse = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
Necessary for users to log in into the system.
|
||||
Also limits anonymous users. When disabled,
|
||||
everyone is able to create and edit content.
|
||||
'';
|
||||
};
|
||||
|
||||
pluginsConfig = mkOption {
|
||||
type = types.lines;
|
||||
default = ''
|
||||
$plugins['authad'] = 0;
|
||||
$plugins['authldap'] = 0;
|
||||
$plugins['authmysql'] = 0;
|
||||
$plugins['authpgsql'] = 0;
|
||||
'';
|
||||
description = ''
|
||||
List of the dokuwiki (un)loaded plugins.
|
||||
'';
|
||||
};
|
||||
|
||||
superUser = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = "@admin";
|
||||
description = ''
|
||||
You can set either a username, a list of usernames (“admin1,admin2”),
|
||||
or the name of a group by prepending an @ char to the groupname
|
||||
Consult documentation <link xlink:href="https://www.dokuwiki.org/config:superuser"/> for further instructions.
|
||||
'';
|
||||
};
|
||||
|
||||
usersFile = mkOption {
|
||||
type = with types; nullOr str;
|
||||
default = if config.aclUse then "/var/lib/dokuwiki/${name}/users.auth.php" else null;
|
||||
description = ''
|
||||
Location of the dokuwiki users file. List of users. Format:
|
||||
login:passwordhash:Real Name:email:groups,comma,separated
|
||||
Create passwordHash easily by using:$ mkpasswd -5 password `pwgen 8 1`
|
||||
Example: <link xlink:href="https://github.com/splitbrain/dokuwiki/blob/master/conf/users.auth.php.dist"/>
|
||||
'';
|
||||
example = "/var/lib/dokuwiki/${name}/users.auth.php";
|
||||
};
|
||||
|
||||
disableActions = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = "";
|
||||
example = "search,register";
|
||||
description = ''
|
||||
Disable individual action modes. Refer to
|
||||
<link xlink:href="https://www.dokuwiki.org/config:action_modes"/>
|
||||
for details on supported values.
|
||||
'';
|
||||
};
|
||||
|
||||
extraConfig = mkOption {
|
||||
type = types.nullOr types.lines;
|
||||
default = null;
|
||||
example = ''
|
||||
$conf['title'] = 'My Wiki';
|
||||
$conf['userewrite'] = 1;
|
||||
'';
|
||||
description = ''
|
||||
DokuWiki configuration. Refer to
|
||||
<link xlink:href="https://www.dokuwiki.org/config"/>
|
||||
for details on supported values.
|
||||
'';
|
||||
};
|
||||
|
||||
plugins = mkOption {
|
||||
type = types.listOf types.path;
|
||||
default = [];
|
||||
description = ''
|
||||
List of path(s) to respective plugin(s) which are copied from the 'plugin' directory.
|
||||
<note><para>These plugins need to be packaged before use, see example.</para></note>
|
||||
'';
|
||||
example = ''
|
||||
# Let's package the icalevents plugin
|
||||
plugin-icalevents = pkgs.stdenv.mkDerivation {
|
||||
name = "icalevents";
|
||||
# Download the plugin from the dokuwiki site
|
||||
src = pkgs.fetchurl {
|
||||
url = https://github.com/real-or-random/dokuwiki-plugin-icalevents/releases/download/2017-06-16/dokuwiki-plugin-icalevents-2017-06-16.zip;
|
||||
sha256 = "e40ed7dd6bbe7fe3363bbbecb4de481d5e42385b5a0f62f6a6ce6bf3a1f9dfa8";
|
||||
};
|
||||
sourceRoot = ".";
|
||||
# We need unzip to build this package
|
||||
buildInputs = [ pkgs.unzip ];
|
||||
# Installing simply means copying all files to the output directory
|
||||
installPhase = "mkdir -p $out; cp -R * $out/";
|
||||
};
|
||||
|
||||
# And then pass this theme to the plugin list like this:
|
||||
plugins = [ plugin-icalevents ];
|
||||
'';
|
||||
};
|
||||
|
||||
templates = mkOption {
|
||||
type = types.listOf types.path;
|
||||
default = [];
|
||||
description = ''
|
||||
List of path(s) to respective template(s) which are copied from the 'tpl' directory.
|
||||
<note><para>These templates need to be packaged before use, see example.</para></note>
|
||||
'';
|
||||
example = ''
|
||||
# Let's package the bootstrap3 theme
|
||||
template-bootstrap3 = pkgs.stdenv.mkDerivation {
|
||||
name = "bootstrap3";
|
||||
# Download the theme from the dokuwiki site
|
||||
src = pkgs.fetchurl {
|
||||
url = https://github.com/giterlizzi/dokuwiki-template-bootstrap3/archive/v2019-05-22.zip;
|
||||
sha256 = "4de5ff31d54dd61bbccaf092c9e74c1af3a4c53e07aa59f60457a8f00cfb23a6";
|
||||
};
|
||||
# We need unzip to build this package
|
||||
buildInputs = [ pkgs.unzip ];
|
||||
# Installing simply means copying all files to the output directory
|
||||
installPhase = "mkdir -p $out; cp -R * $out/";
|
||||
};
|
||||
|
||||
# And then pass this theme to the template list like this:
|
||||
templates = [ template-bootstrap3 ];
|
||||
'';
|
||||
};
|
||||
|
||||
poolConfig = mkOption {
|
||||
type = with types; attrsOf (oneOf [ str int bool ]);
|
||||
default = {
|
||||
"pm" = "dynamic";
|
||||
"pm.max_children" = 32;
|
||||
"pm.start_servers" = 2;
|
||||
"pm.min_spare_servers" = 2;
|
||||
"pm.max_spare_servers" = 4;
|
||||
"pm.max_requests" = 500;
|
||||
};
|
||||
description = ''
|
||||
Options for the dokuwiki PHP pool. See the documentation on <literal>php-fpm.conf</literal>
|
||||
for details on configuration directives.
|
||||
'';
|
||||
};
|
||||
|
||||
nginx = mkOption {
|
||||
type = types.submodule (
|
||||
recursiveUpdate
|
||||
(import ../web-servers/nginx/vhost-options.nix { inherit config lib; })
|
||||
{
|
||||
# Enable encryption by default,
|
||||
options.forceSSL.default = true;
|
||||
options.enableACME.default = true;
|
||||
}
|
||||
);
|
||||
default = {forceSSL = true; enableACME = true;};
|
||||
example = {
|
||||
serverAliases = [
|
||||
"wiki.\${config.networking.domain}"
|
||||
];
|
||||
enableACME = false;
|
||||
};
|
||||
description = ''
|
||||
With this option, you can customize the nginx virtualHost which already has sensible defaults for DokuWiki.
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
in
|
||||
{
|
||||
options.services.dokuwiki = {
|
||||
enable = mkEnableOption "DokuWiki web application.";
|
||||
|
||||
hostName = mkOption {
|
||||
type = types.str;
|
||||
default = "localhost";
|
||||
description = "FQDN for the instance.";
|
||||
};
|
||||
|
||||
stateDir = mkOption {
|
||||
type = types.path;
|
||||
default = "/var/lib/dokuwiki/data";
|
||||
description = "Location of the dokuwiki state directory.";
|
||||
};
|
||||
|
||||
acl = mkOption {
|
||||
type = types.nullOr types.lines;
|
||||
default = null;
|
||||
example = "* @ALL 8";
|
||||
description = ''
|
||||
Access Control Lists: see <link xlink:href="https://www.dokuwiki.org/acl"/>
|
||||
Mutually exclusive with services.dokuwiki.aclFile
|
||||
Set this to a value other than null to take precedence over aclFile option.
|
||||
'';
|
||||
};
|
||||
|
||||
aclFile = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
default = null;
|
||||
description = ''
|
||||
Location of the dokuwiki acl rules. Mutually exclusive with services.dokuwiki.acl
|
||||
Mutually exclusive with services.dokuwiki.acl which is preferred.
|
||||
Consult documentation <link xlink:href="https://www.dokuwiki.org/acl"/> for further instructions.
|
||||
Example: <link xlink:href="https://github.com/splitbrain/dokuwiki/blob/master/conf/acl.auth.php.dist"/>
|
||||
'';
|
||||
};
|
||||
|
||||
aclUse = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
Necessary for users to log in into the system.
|
||||
Also limits anonymous users. When disabled,
|
||||
everyone is able to create and edit content.
|
||||
'';
|
||||
};
|
||||
|
||||
pluginsConfig = mkOption {
|
||||
type = types.lines;
|
||||
default = ''
|
||||
$plugins['authad'] = 0;
|
||||
$plugins['authldap'] = 0;
|
||||
$plugins['authmysql'] = 0;
|
||||
$plugins['authpgsql'] = 0;
|
||||
'';
|
||||
description = ''
|
||||
List of the dokuwiki (un)loaded plugins.
|
||||
'';
|
||||
};
|
||||
|
||||
superUser = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = "@admin";
|
||||
description = ''
|
||||
You can set either a username, a list of usernames (“admin1,admin2”),
|
||||
or the name of a group by prepending an @ char to the groupname
|
||||
Consult documentation <link xlink:href="https://www.dokuwiki.org/config:superuser"/> for further instructions.
|
||||
'';
|
||||
};
|
||||
|
||||
usersFile = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
default = null;
|
||||
description = ''
|
||||
Location of the dokuwiki users file. List of users. Format:
|
||||
login:passwordhash:Real Name:email:groups,comma,separated
|
||||
Create passwordHash easily by using:$ mkpasswd -5 password `pwgen 8 1`
|
||||
Example: <link xlink:href="https://github.com/splitbrain/dokuwiki/blob/master/conf/users.auth.php.dist"/>
|
||||
'';
|
||||
};
|
||||
|
||||
extraConfig = mkOption {
|
||||
type = types.nullOr types.lines;
|
||||
default = null;
|
||||
example = ''
|
||||
$conf['title'] = 'My Wiki';
|
||||
$conf['userewrite'] = 1;
|
||||
'';
|
||||
description = ''
|
||||
DokuWiki configuration. Refer to
|
||||
<link xlink:href="https://www.dokuwiki.org/config"/>
|
||||
for details on supported values.
|
||||
'';
|
||||
};
|
||||
|
||||
poolConfig = mkOption {
|
||||
type = with types; attrsOf (oneOf [ str int bool ]);
|
||||
default = {
|
||||
"pm" = "dynamic";
|
||||
"pm.max_children" = 32;
|
||||
"pm.start_servers" = 2;
|
||||
"pm.min_spare_servers" = 2;
|
||||
"pm.max_spare_servers" = 4;
|
||||
"pm.max_requests" = 500;
|
||||
};
|
||||
description = ''
|
||||
Options for the dokuwiki PHP pool. See the documentation on <literal>php-fpm.conf</literal>
|
||||
for details on configuration directives.
|
||||
'';
|
||||
};
|
||||
|
||||
nginx = mkOption {
|
||||
type = types.submodule (
|
||||
recursiveUpdate
|
||||
(import ../web-servers/nginx/vhost-options.nix { inherit config lib; })
|
||||
{
|
||||
# Enable encryption by default,
|
||||
options.forceSSL.default = true;
|
||||
options.enableACME.default = true;
|
||||
}
|
||||
);
|
||||
default = {forceSSL = true; enableACME = true;};
|
||||
example = {
|
||||
serverAliases = [
|
||||
"wiki.\${config.networking.domain}"
|
||||
];
|
||||
enableACME = false;
|
||||
};
|
||||
description = ''
|
||||
With this option, you can customize the nginx virtualHost which already has sensible defaults for DokuWiki.
|
||||
'';
|
||||
# interface
|
||||
options = {
|
||||
services.dokuwiki = mkOption {
|
||||
type = types.attrsOf (types.submodule siteOpts);
|
||||
default = {};
|
||||
description = "Sepcification of one or more dokuwiki sites to service.";
|
||||
};
|
||||
};
|
||||
|
||||
# implementation
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = mkIf (eachSite != {}) {
|
||||
|
||||
warnings = mkIf (cfg.superUser == null) ["Not setting services.dokuwiki.superUser will impair your ability to administer DokuWiki"];
|
||||
warnings = mapAttrsToList (hostName: cfg: mkIf (cfg.superUser == null) "Not setting services.dokuwiki.${hostName} superUser will impair your ability to administer DokuWiki") eachSite;
|
||||
|
||||
assertions = [
|
||||
{
|
||||
assertion = cfg.aclUse -> (cfg.acl != null || cfg.aclFile != null);
|
||||
message = "Either services.dokuwiki.acl or services.dokuwiki.aclFile is mandatory when aclUse is true";
|
||||
}
|
||||
{
|
||||
assertion = cfg.usersFile != null -> cfg.aclUse != false;
|
||||
message = "services.dokuwiki.aclUse must be true when usersFile is not null";
|
||||
}
|
||||
];
|
||||
assertions = flatten (mapAttrsToList (hostName: cfg:
|
||||
[{
|
||||
assertion = cfg.aclUse -> (cfg.acl != null || cfg.aclFile != null);
|
||||
message = "Either services.dokuwiki.${hostName}.acl or services.dokuwiki.${hostName}.aclFile is mandatory if aclUse true";
|
||||
}
|
||||
{
|
||||
assertion = cfg.usersFile != null -> cfg.aclUse != false;
|
||||
message = "services.dokuwiki.${hostName}.aclUse must must be true if usersFile is not null";
|
||||
}
|
||||
]) eachSite);
|
||||
|
||||
services.phpfpm.pools.dokuwiki = {
|
||||
inherit user;
|
||||
inherit group;
|
||||
phpEnv = {
|
||||
DOKUWIKI_LOCAL_CONFIG = "${dokuwikiLocalConfig}";
|
||||
DOKUWIKI_PLUGINS_LOCAL_CONFIG = "${dokuwikiPluginsLocalConfig}";
|
||||
} //optionalAttrs (cfg.usersFile != null) {
|
||||
DOKUWIKI_USERS_AUTH_CONFIG = "${cfg.usersFile}";
|
||||
} //optionalAttrs (cfg.aclUse) {
|
||||
DOKUWIKI_ACL_AUTH_CONFIG = if (cfg.acl != null) then "${dokuwikiAclAuthConfig}" else "${toString cfg.aclFile}";
|
||||
};
|
||||
|
||||
settings = {
|
||||
"listen.mode" = "0660";
|
||||
"listen.owner" = user;
|
||||
"listen.group" = group;
|
||||
} // cfg.poolConfig;
|
||||
};
|
||||
services.phpfpm.pools = mapAttrs' (hostName: cfg: (
|
||||
nameValuePair "dokuwiki-${hostName}" {
|
||||
inherit user;
|
||||
inherit group;
|
||||
phpEnv = {
|
||||
DOKUWIKI_LOCAL_CONFIG = "${dokuwikiLocalConfig cfg}";
|
||||
DOKUWIKI_PLUGINS_LOCAL_CONFIG = "${dokuwikiPluginsLocalConfig cfg}";
|
||||
} // optionalAttrs (cfg.usersFile != null) {
|
||||
DOKUWIKI_USERS_AUTH_CONFIG = "${cfg.usersFile}";
|
||||
} //optionalAttrs (cfg.aclUse) {
|
||||
DOKUWIKI_ACL_AUTH_CONFIG = if (cfg.acl != null) then "${dokuwikiAclAuthConfig cfg}" else "${toString cfg.aclFile}";
|
||||
};
|
||||
|
||||
settings = {
|
||||
"listen.mode" = "0660";
|
||||
"listen.owner" = user;
|
||||
"listen.group" = group;
|
||||
} // cfg.poolConfig;
|
||||
})) eachSite;
|
||||
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
|
||||
virtualHosts = {
|
||||
${cfg.hostName} = mkMerge [ cfg.nginx {
|
||||
root = mkForce "${pkgs.dokuwiki}/share/dokuwiki/";
|
||||
extraConfig = "fastcgi_param HTTPS on;";
|
||||
virtualHosts = mapAttrs (hostName: cfg: mkMerge [ cfg.nginx {
|
||||
root = mkForce "${pkg hostName cfg}/share/dokuwiki";
|
||||
extraConfig = "fastcgi_param HTTPS on;";
|
||||
|
||||
locations."~ /(conf/|bin/|inc/|install.php)" = {
|
||||
extraConfig = "deny all;";
|
||||
};
|
||||
locations."~ /(conf/|bin/|inc/|install.php)" = {
|
||||
extraConfig = "deny all;";
|
||||
};
|
||||
|
||||
locations."~ ^/data/" = {
|
||||
root = "${cfg.stateDir}";
|
||||
extraConfig = "internal;";
|
||||
};
|
||||
locations."~ ^/data/" = {
|
||||
root = "${cfg.stateDir}";
|
||||
extraConfig = "internal;";
|
||||
};
|
||||
|
||||
locations."~ ^/lib.*\.(js|css|gif|png|ico|jpg|jpeg)$" = {
|
||||
extraConfig = "expires 365d;";
|
||||
};
|
||||
locations."~ ^/lib.*\.(js|css|gif|png|ico|jpg|jpeg)$" = {
|
||||
extraConfig = "expires 365d;";
|
||||
};
|
||||
|
||||
locations."/" = {
|
||||
priority = 1;
|
||||
index = "doku.php";
|
||||
extraConfig = ''try_files $uri $uri/ @dokuwiki;'';
|
||||
};
|
||||
locations."/" = {
|
||||
priority = 1;
|
||||
index = "doku.php";
|
||||
extraConfig = ''try_files $uri $uri/ @dokuwiki;'';
|
||||
};
|
||||
|
||||
locations."@dokuwiki" = {
|
||||
extraConfig = ''
|
||||
locations."@dokuwiki" = {
|
||||
extraConfig = ''
|
||||
# rewrites "doku.php/" out of the URLs if you set the userwrite setting to .htaccess in dokuwiki config page
|
||||
rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
|
||||
rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
|
||||
rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
|
||||
rewrite ^/(.*) /doku.php?id=$1&$args last;
|
||||
'';
|
||||
};
|
||||
'';
|
||||
};
|
||||
|
||||
locations."~ \.php$" = {
|
||||
extraConfig = ''
|
||||
locations."~ \.php$" = {
|
||||
extraConfig = ''
|
||||
try_files $uri $uri/ /doku.php;
|
||||
include ${pkgs.nginx}/conf/fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_param REDIRECT_STATUS 200;
|
||||
fastcgi_pass unix:${config.services.phpfpm.pools.dokuwiki.socket};
|
||||
fastcgi_pass unix:${config.services.phpfpm.pools."dokuwiki-${hostName}".socket};
|
||||
fastcgi_param HTTPS on;
|
||||
'';
|
||||
};
|
||||
}];
|
||||
};
|
||||
|
||||
'';
|
||||
};
|
||||
}]) eachSite;
|
||||
};
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
systemd.tmpfiles.rules = flatten (mapAttrsToList (hostName: cfg: [
|
||||
"d ${cfg.stateDir}/attic 0750 ${user} ${group} - -"
|
||||
"d ${cfg.stateDir}/cache 0750 ${user} ${group} - -"
|
||||
"d ${cfg.stateDir}/index 0750 ${user} ${group} - -"
|
||||
@ -266,7 +376,13 @@ in
|
||||
"d ${cfg.stateDir}/meta 0750 ${user} ${group} - -"
|
||||
"d ${cfg.stateDir}/pages 0750 ${user} ${group} - -"
|
||||
"d ${cfg.stateDir}/tmp 0750 ${user} ${group} - -"
|
||||
];
|
||||
] ++ lib.optional (cfg.aclFile != null) "C ${cfg.aclFile} 0640 ${user} ${group} - ${pkg hostName cfg}/share/dokuwiki/conf/acl.auth.php.dist"
|
||||
++ lib.optional (cfg.usersFile != null) "C ${cfg.usersFile} 0640 ${user} ${group} - ${pkg hostName cfg}/share/dokuwiki/conf/users.auth.php.dist"
|
||||
) eachSite);
|
||||
|
||||
users.users.${user} = {
|
||||
group = group;
|
||||
isSystemUser = true;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
@ -105,7 +105,7 @@ let
|
||||
name = "embed-pdf-viewer-plugin";
|
||||
# Download the theme from the wordpress site
|
||||
src = pkgs.fetchurl {
|
||||
url = https://downloads.wordpress.org/plugin/embed-pdf-viewer.2.0.3.zip;
|
||||
url = "https://downloads.wordpress.org/plugin/embed-pdf-viewer.2.0.3.zip";
|
||||
sha256 = "1rhba5h5fjlhy8p05zf0p14c9iagfh96y91r36ni0rmk6y891lyd";
|
||||
};
|
||||
# We need unzip to build this package
|
||||
@ -132,7 +132,7 @@ let
|
||||
name = "responsive-theme";
|
||||
# Download the theme from the wordpress site
|
||||
src = pkgs.fetchurl {
|
||||
url = https://downloads.wordpress.org/theme/responsive.3.14.zip;
|
||||
url = "https://downloads.wordpress.org/theme/responsive.3.14.zip";
|
||||
sha256 = "0rjwm811f4aa4q43r77zxlpklyb85q08f9c8ns2akcarrvj5ydx3";
|
||||
};
|
||||
# We need unzip to build this package
|
||||
|
@ -894,6 +894,13 @@ in
|
||||
"sysctl.d/50-coredump.conf".source = "${systemd}/example/sysctl.d/50-coredump.conf";
|
||||
"sysctl.d/50-default.conf".source = "${systemd}/example/sysctl.d/50-default.conf";
|
||||
|
||||
"tmpfiles.d/00-nixos.conf".text = ''
|
||||
# This file is created automatically and should not be modified.
|
||||
# Please change the option ‘systemd.tmpfiles.rules’ instead.
|
||||
|
||||
${concatStringsSep "\n" cfg.tmpfiles.rules}
|
||||
'';
|
||||
|
||||
"tmpfiles.d/home.conf".source = "${systemd}/example/tmpfiles.d/home.conf";
|
||||
"tmpfiles.d/journal-nocow.conf".source = "${systemd}/example/tmpfiles.d/journal-nocow.conf";
|
||||
"tmpfiles.d/portables.conf".source = "${systemd}/example/tmpfiles.d/portables.conf";
|
||||
@ -906,13 +913,6 @@ in
|
||||
"tmpfiles.d/var.conf".source = "${systemd}/example/tmpfiles.d/var.conf";
|
||||
"tmpfiles.d/x11.conf".source = "${systemd}/example/tmpfiles.d/x11.conf";
|
||||
|
||||
"tmpfiles.d/nixos.conf".text = ''
|
||||
# This file is created automatically and should not be modified.
|
||||
# Please change the option ‘systemd.tmpfiles.rules’ instead.
|
||||
|
||||
${concatStringsSep "\n" cfg.tmpfiles.rules}
|
||||
'';
|
||||
|
||||
"systemd/system-generators" = { source = hooks "generators" cfg.generators; };
|
||||
"systemd/system-shutdown" = { source = hooks "shutdown" cfg.shutdown; };
|
||||
});
|
||||
|
@ -463,10 +463,15 @@ in
|
||||
A specification of the desired configuration of this
|
||||
container, as a NixOS module.
|
||||
'';
|
||||
type = lib.mkOptionType {
|
||||
type = let
|
||||
confPkgs = if config.pkgs == null then pkgs else config.pkgs;
|
||||
in lib.mkOptionType {
|
||||
name = "Toplevel NixOS config";
|
||||
merge = loc: defs: (import ../../lib/eval-config.nix {
|
||||
merge = loc: defs: (import (confPkgs.path + "/nixos/lib/eval-config.nix") {
|
||||
inherit system;
|
||||
pkgs = confPkgs;
|
||||
baseModules = import (confPkgs.path + "/nixos/modules/module-list.nix");
|
||||
inherit (confPkgs) lib;
|
||||
modules =
|
||||
let
|
||||
extraConfig = {
|
||||
@ -515,6 +520,15 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
pkgs = mkOption {
|
||||
type = types.nullOr types.attrs;
|
||||
default = null;
|
||||
example = literalExample "pkgs";
|
||||
description = ''
|
||||
Customise which nixpkgs to use for this container.
|
||||
'';
|
||||
};
|
||||
|
||||
ephemeral = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
|
@ -75,6 +75,7 @@ in rec {
|
||||
(onFullSupported "nixos.tests.fontconfig-default-fonts")
|
||||
(onFullSupported "nixos.tests.gnome3")
|
||||
(onFullSupported "nixos.tests.gnome3-xorg")
|
||||
(onFullSupported "nixos.tests.hardened")
|
||||
(onSystems ["x86_64-linux"] "nixos.tests.hibernate")
|
||||
(onFullSupported "nixos.tests.i3wm")
|
||||
(onSystems ["x86_64-linux"] "nixos.tests.installer.btrfsSimple")
|
||||
@ -96,6 +97,8 @@ in rec {
|
||||
(onFullSupported "nixos.tests.keymap.dvp")
|
||||
(onFullSupported "nixos.tests.keymap.neo")
|
||||
(onFullSupported "nixos.tests.keymap.qwertz")
|
||||
(onFullSupported "nixos.tests.latestKernel.hardened")
|
||||
(onFullSupported "nixos.tests.latestKernel.login")
|
||||
(onFullSupported "nixos.tests.lightdm")
|
||||
(onFullSupported "nixos.tests.login")
|
||||
(onFullSupported "nixos.tests.misc")
|
||||
|
@ -1,5 +1,5 @@
|
||||
let
|
||||
commonConfig = ./common/letsencrypt/common.nix;
|
||||
commonConfig = ./common/acme/client;
|
||||
|
||||
dnsScript = {writeScript, dnsAddress, bash, curl}: writeScript "dns-hook.sh" ''
|
||||
#!${bash}/bin/bash
|
||||
@ -16,8 +16,8 @@ in import ./make-test-python.nix {
|
||||
name = "acme";
|
||||
|
||||
nodes = rec {
|
||||
letsencrypt = { nodes, lib, ... }: {
|
||||
imports = [ ./common/letsencrypt ];
|
||||
acme = { nodes, lib, ... }: {
|
||||
imports = [ ./common/acme/server ];
|
||||
networking.nameservers = lib.mkForce [
|
||||
nodes.dnsserver.config.networking.primaryIPAddress
|
||||
];
|
||||
@ -33,8 +33,7 @@ in import ./make-test-python.nix {
|
||||
serviceConfig = {
|
||||
ExecStart = "${pkgs.pebble}/bin/pebble-challtestsrv -dns01 ':53' -defaultIPv6 '' -defaultIPv4 '${nodes.webserver.config.networking.primaryIPAddress}'";
|
||||
# Required to bind on privileged ports.
|
||||
User = "root";
|
||||
Group = "root";
|
||||
AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ];
|
||||
};
|
||||
};
|
||||
};
|
||||
@ -45,19 +44,16 @@ in import ./make-test-python.nix {
|
||||
nodes.dnsserver.config.networking.primaryIPAddress
|
||||
];
|
||||
networking.firewall.allowedTCPPorts = [ 80 ];
|
||||
security.acme = {
|
||||
server = "https://acme-v02.api.letsencrypt.org/dir";
|
||||
certs."standalone.com" = {
|
||||
webroot = "/var/lib/acme/acme-challenges";
|
||||
};
|
||||
security.acme.certs."standalone.test" = {
|
||||
webroot = "/var/lib/acme/acme-challenges";
|
||||
};
|
||||
systemd.targets."acme-finished-standalone.com" = {};
|
||||
systemd.services."acme-standalone.com" = {
|
||||
wants = [ "acme-finished-standalone.com.target" ];
|
||||
before = [ "acme-finished-standalone.com.target" ];
|
||||
systemd.targets."acme-finished-standalone.test" = {};
|
||||
systemd.services."acme-standalone.test" = {
|
||||
wants = [ "acme-finished-standalone.test.target" ];
|
||||
before = [ "acme-finished-standalone.test.target" ];
|
||||
};
|
||||
services.nginx.enable = true;
|
||||
services.nginx.virtualHosts."standalone.com" = {
|
||||
services.nginx.virtualHosts."standalone.test" = {
|
||||
locations."/.well-known/acme-challenge".root = "/var/lib/acme/acme-challenges";
|
||||
};
|
||||
};
|
||||
@ -71,16 +67,16 @@ in import ./make-test-python.nix {
|
||||
|
||||
# A target remains active. Use this to probe the fact that
|
||||
# a service fired eventhough it is not RemainAfterExit
|
||||
systemd.targets."acme-finished-a.example.com" = {};
|
||||
systemd.services."acme-a.example.com" = {
|
||||
wants = [ "acme-finished-a.example.com.target" ];
|
||||
before = [ "acme-finished-a.example.com.target" ];
|
||||
systemd.targets."acme-finished-a.example.test" = {};
|
||||
systemd.services."acme-a.example.test" = {
|
||||
wants = [ "acme-finished-a.example.test.target" ];
|
||||
before = [ "acme-finished-a.example.test.target" ];
|
||||
after = [ "nginx.service" ];
|
||||
};
|
||||
|
||||
services.nginx.enable = true;
|
||||
|
||||
services.nginx.virtualHosts."a.example.com" = {
|
||||
services.nginx.virtualHosts."a.example.test" = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations."/".root = pkgs.runCommand "docroot" {} ''
|
||||
@ -89,16 +85,16 @@ in import ./make-test-python.nix {
|
||||
'';
|
||||
};
|
||||
|
||||
security.acme.server = "https://acme-v02.api.letsencrypt.org/dir";
|
||||
security.acme.server = "https://acme.test/dir";
|
||||
|
||||
specialisation.second-cert.configuration = {pkgs, ...}: {
|
||||
systemd.targets."acme-finished-b.example.com" = {};
|
||||
systemd.services."acme-b.example.com" = {
|
||||
wants = [ "acme-finished-b.example.com.target" ];
|
||||
before = [ "acme-finished-b.example.com.target" ];
|
||||
systemd.targets."acme-finished-b.example.test" = {};
|
||||
systemd.services."acme-b.example.test" = {
|
||||
wants = [ "acme-finished-b.example.test.target" ];
|
||||
before = [ "acme-finished-b.example.test.target" ];
|
||||
after = [ "nginx.service" ];
|
||||
};
|
||||
services.nginx.virtualHosts."b.example.com" = {
|
||||
services.nginx.virtualHosts."b.example.test" = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations."/".root = pkgs.runCommand "docroot" {} ''
|
||||
@ -108,8 +104,8 @@ in import ./make-test-python.nix {
|
||||
};
|
||||
};
|
||||
specialisation.dns-01.configuration = {pkgs, config, nodes, lib, ...}: {
|
||||
security.acme.certs."example.com" = {
|
||||
domain = "*.example.com";
|
||||
security.acme.certs."example.test" = {
|
||||
domain = "*.example.test";
|
||||
dnsProvider = "exec";
|
||||
dnsPropagationCheck = false;
|
||||
credentialsFile = with pkgs; writeText "wildcard.env" ''
|
||||
@ -118,17 +114,17 @@ in import ./make-test-python.nix {
|
||||
user = config.services.nginx.user;
|
||||
group = config.services.nginx.group;
|
||||
};
|
||||
systemd.targets."acme-finished-example.com" = {};
|
||||
systemd.services."acme-example.com" = {
|
||||
wants = [ "acme-finished-example.com.target" ];
|
||||
before = [ "acme-finished-example.com.target" "nginx.service" ];
|
||||
systemd.targets."acme-finished-example.test" = {};
|
||||
systemd.services."acme-example.test" = {
|
||||
wants = [ "acme-finished-example.test.target" ];
|
||||
before = [ "acme-finished-example.test.target" "nginx.service" ];
|
||||
wantedBy = [ "nginx.service" ];
|
||||
};
|
||||
services.nginx.virtualHosts."c.example.com" = {
|
||||
services.nginx.virtualHosts."c.example.test" = {
|
||||
forceSSL = true;
|
||||
sslCertificate = config.security.acme.certs."example.com".directory + "/cert.pem";
|
||||
sslTrustedCertificate = config.security.acme.certs."example.com".directory + "/full.pem";
|
||||
sslCertificateKey = config.security.acme.certs."example.com".directory + "/key.pem";
|
||||
sslCertificate = config.security.acme.certs."example.test".directory + "/cert.pem";
|
||||
sslTrustedCertificate = config.security.acme.certs."example.test".directory + "/full.pem";
|
||||
sslCertificateKey = config.security.acme.certs."example.test".directory + "/key.pem";
|
||||
locations."/".root = pkgs.runCommand "docroot" {} ''
|
||||
mkdir -p "$out"
|
||||
echo hello world > "$out/index.html"
|
||||
@ -159,46 +155,44 @@ in import ./make-test-python.nix {
|
||||
client.start()
|
||||
dnsserver.start()
|
||||
|
||||
letsencrypt.wait_for_unit("default.target")
|
||||
acme.wait_for_unit("default.target")
|
||||
dnsserver.wait_for_unit("pebble-challtestsrv.service")
|
||||
client.succeed(
|
||||
'curl --data \'{"host": "acme-v02.api.letsencrypt.org", "addresses": ["${nodes.letsencrypt.config.networking.primaryIPAddress}"]}\' http://${nodes.dnsserver.config.networking.primaryIPAddress}:8055/add-a'
|
||||
'curl --data \'{"host": "acme.test", "addresses": ["${nodes.acme.config.networking.primaryIPAddress}"]}\' http://${nodes.dnsserver.config.networking.primaryIPAddress}:8055/add-a'
|
||||
)
|
||||
client.succeed(
|
||||
'curl --data \'{"host": "standalone.com", "addresses": ["${nodes.acmeStandalone.config.networking.primaryIPAddress}"]}\' http://${nodes.dnsserver.config.networking.primaryIPAddress}:8055/add-a'
|
||||
'curl --data \'{"host": "standalone.test", "addresses": ["${nodes.acmeStandalone.config.networking.primaryIPAddress}"]}\' http://${nodes.dnsserver.config.networking.primaryIPAddress}:8055/add-a'
|
||||
)
|
||||
|
||||
letsencrypt.start()
|
||||
acme.start()
|
||||
acmeStandalone.start()
|
||||
|
||||
letsencrypt.wait_for_unit("default.target")
|
||||
letsencrypt.wait_for_unit("pebble.service")
|
||||
acme.wait_for_unit("default.target")
|
||||
acme.wait_for_unit("pebble.service")
|
||||
|
||||
with subtest("can request certificate with HTTPS-01 challenge"):
|
||||
acmeStandalone.wait_for_unit("default.target")
|
||||
acmeStandalone.succeed("systemctl start acme-standalone.com.service")
|
||||
acmeStandalone.wait_for_unit("acme-finished-standalone.com.target")
|
||||
acmeStandalone.succeed("systemctl start acme-standalone.test.service")
|
||||
acmeStandalone.wait_for_unit("acme-finished-standalone.test.target")
|
||||
|
||||
client.wait_for_unit("default.target")
|
||||
|
||||
client.succeed("curl https://acme-v02.api.letsencrypt.org:15000/roots/0 > /tmp/ca.crt")
|
||||
client.succeed(
|
||||
"curl https://acme-v02.api.letsencrypt.org:15000/intermediate-keys/0 >> /tmp/ca.crt"
|
||||
)
|
||||
client.succeed("curl https://acme.test:15000/roots/0 > /tmp/ca.crt")
|
||||
client.succeed("curl https://acme.test:15000/intermediate-keys/0 >> /tmp/ca.crt")
|
||||
|
||||
with subtest("Can request certificate for nginx service"):
|
||||
webserver.wait_for_unit("acme-finished-a.example.com.target")
|
||||
webserver.wait_for_unit("acme-finished-a.example.test.target")
|
||||
client.succeed(
|
||||
"curl --cacert /tmp/ca.crt https://a.example.com/ | grep -qF 'hello world'"
|
||||
"curl --cacert /tmp/ca.crt https://a.example.test/ | grep -qF 'hello world'"
|
||||
)
|
||||
|
||||
with subtest("Can add another certificate for nginx service"):
|
||||
webserver.succeed(
|
||||
"/run/current-system/specialisation/second-cert/bin/switch-to-configuration test"
|
||||
)
|
||||
webserver.wait_for_unit("acme-finished-b.example.com.target")
|
||||
webserver.wait_for_unit("acme-finished-b.example.test.target")
|
||||
client.succeed(
|
||||
"curl --cacert /tmp/ca.crt https://b.example.com/ | grep -qF 'hello world'"
|
||||
"curl --cacert /tmp/ca.crt https://b.example.test/ | grep -qF 'hello world'"
|
||||
)
|
||||
|
||||
with subtest("Can request wildcard certificates using DNS-01 challenge"):
|
||||
@ -208,9 +202,9 @@ in import ./make-test-python.nix {
|
||||
webserver.succeed(
|
||||
"/run/current-system/specialisation/dns-01/bin/switch-to-configuration test"
|
||||
)
|
||||
webserver.wait_for_unit("acme-finished-example.com.target")
|
||||
webserver.wait_for_unit("acme-finished-example.test.target")
|
||||
client.succeed(
|
||||
"curl --cacert /tmp/ca.crt https://c.example.com/ | grep -qF 'hello world'"
|
||||
"curl --cacert /tmp/ca.crt https://c.example.test/ | grep -qF 'hello world'"
|
||||
)
|
||||
'';
|
||||
}
|
||||
|
@ -22,7 +22,7 @@ let
|
||||
in
|
||||
{
|
||||
_3proxy = handleTest ./3proxy.nix {};
|
||||
acme = handleTestOn ["x86_64-linux"] ./acme.nix {};
|
||||
acme = handleTest ./acme.nix {};
|
||||
atd = handleTest ./atd.nix {};
|
||||
automysqlbackup = handleTest ./automysqlbackup.nix {};
|
||||
avahi = handleTest ./avahi.nix {};
|
||||
@ -51,7 +51,9 @@ in
|
||||
cloud-init = handleTest ./cloud-init.nix {};
|
||||
codimd = handleTest ./codimd.nix {};
|
||||
consul = handleTest ./consul.nix {};
|
||||
cockroachdb = handleTestOn ["x86_64-linux"] ./cockroachdb.nix {};
|
||||
containers-bridge = handleTest ./containers-bridge.nix {};
|
||||
containers-custom-pkgs.nix = handleTest ./containers-custom-pkgs.nix {};
|
||||
containers-ephemeral = handleTest ./containers-ephemeral.nix {};
|
||||
containers-extra_veth = handleTest ./containers-extra_veth.nix {};
|
||||
containers-hosts = handleTest ./containers-hosts.nix {};
|
||||
@ -160,6 +162,7 @@ in
|
||||
# kubernetes.e2e should eventually replace kubernetes.rbac when it works
|
||||
#kubernetes.e2e = handleTestOn ["x86_64-linux"] ./kubernetes/e2e.nix {};
|
||||
kubernetes.rbac = handleTestOn ["x86_64-linux"] ./kubernetes/rbac.nix {};
|
||||
latestKernel.hardened = handleTest ./hardened.nix { latestKernel = true; };
|
||||
latestKernel.login = handleTest ./login.nix { latestKernel = true; };
|
||||
ldap = handleTest ./ldap.nix {};
|
||||
leaps = handleTest ./leaps.nix {};
|
||||
@ -311,6 +314,7 @@ in
|
||||
trilium-server = handleTestOn ["x86_64-linux"] ./trilium-server.nix {};
|
||||
trezord = handleTest ./trezord.nix {};
|
||||
trickster = handleTest ./trickster.nix {};
|
||||
tuptime = handleTest ./tuptime.nix {};
|
||||
udisks2 = handleTest ./udisks2.nix {};
|
||||
upnp = handleTest ./upnp.nix {};
|
||||
uwsgi = handleTest ./uwsgi.nix {};
|
||||
|
@ -1,7 +1,7 @@
|
||||
# This performs a full 'end-to-end' test of a multi-node CockroachDB cluster
|
||||
# using the built-in 'cockroach workload' command, to simulate a semi-realistic
|
||||
# test load. It generally takes anywhere from 3-5 minutes to run and 1-2GB of
|
||||
# RAM (though each of 3 workers gets 1GB allocated)
|
||||
# RAM (though each of 3 workers gets 2GB allocated)
|
||||
#
|
||||
# CockroachDB requires synchronized system clocks within a small error window
|
||||
# (~500ms by default) on each node in order to maintain a multi-node cluster.
|
||||
@ -55,7 +55,7 @@ let
|
||||
|
||||
{
|
||||
# Bank/TPC-C benchmarks take some memory to complete
|
||||
virtualisation.memorySize = 1024;
|
||||
virtualisation.memorySize = 2048;
|
||||
|
||||
# Install the KVM PTP "Virtualized Clock" driver. This allows a /dev/ptp0
|
||||
# device to appear as a reference clock, synchronized to the host clock.
|
||||
@ -88,6 +88,8 @@ let
|
||||
services.cockroachdb.listen.address = myAddr;
|
||||
services.cockroachdb.join = lib.mkIf (joinNode != null) joinNode;
|
||||
|
||||
systemd.services.chronyd.unitConfig.ConditionPathExists = "/dev/ptp0";
|
||||
|
||||
# Hold startup until Chrony has performed its first measurement (which
|
||||
# will probably result in a full timeskip, thanks to makestep)
|
||||
systemd.services.cockroachdb.preStart = ''
|
||||
@ -95,7 +97,7 @@ let
|
||||
'';
|
||||
};
|
||||
|
||||
in import ./make-test.nix ({ pkgs, ...} : {
|
||||
in import ./make-test-python.nix ({ pkgs, ...} : {
|
||||
name = "cockroachdb";
|
||||
meta.maintainers = with pkgs.stdenv.lib.maintainers;
|
||||
[ thoughtpolice ];
|
||||
@ -110,17 +112,13 @@ in import ./make-test.nix ({ pkgs, ...} : {
|
||||
# there's otherwise no way to guarantee that node1 will start before the others try
|
||||
# to join it.
|
||||
testScript = ''
|
||||
$node1->start;
|
||||
$node1->waitForUnit("cockroachdb");
|
||||
|
||||
$node2->start;
|
||||
$node2->waitForUnit("cockroachdb");
|
||||
|
||||
$node3->start;
|
||||
$node3->waitForUnit("cockroachdb");
|
||||
|
||||
$node1->mustSucceed("cockroach sql --host=192.168.1.1 --insecure -e 'SHOW ALL CLUSTER SETTINGS' 2>&1");
|
||||
$node1->mustSucceed("cockroach workload init bank 'postgresql://root\@192.168.1.1:26257?sslmode=disable'");
|
||||
$node1->mustSucceed("cockroach workload run bank --duration=1m 'postgresql://root\@192.168.1.1:26257?sslmode=disable'");
|
||||
for node in node1, node2, node3:
|
||||
node.start()
|
||||
node.wait_for_unit("cockroachdb")
|
||||
node1.succeed(
|
||||
"cockroach sql --host=192.168.1.1 --insecure -e 'SHOW ALL CLUSTER SETTINGS' 2>&1",
|
||||
"cockroach workload init bank 'postgresql://root@192.168.1.1:26257?sslmode=disable'",
|
||||
"cockroach workload run bank --duration=1m 'postgresql://root@192.168.1.1:26257?sslmode=disable'",
|
||||
)
|
||||
'';
|
||||
})
|
||||
|
15
nixos/tests/common/acme/client/default.nix
Normal file
15
nixos/tests/common/acme/client/default.nix
Normal file
@ -0,0 +1,15 @@
|
||||
{ lib, nodes, pkgs, ... }:
|
||||
|
||||
let
|
||||
acme-ca = nodes.acme.config.test-support.acme.caCert;
|
||||
in
|
||||
|
||||
{
|
||||
security.acme = {
|
||||
server = "https://acme.test/dir";
|
||||
email = "hostmaster@example.test";
|
||||
acceptTerms = true;
|
||||
};
|
||||
|
||||
security.pki.certificateFiles = [ acme-ca ];
|
||||
}
|
@ -1,27 +1,27 @@
|
||||
# The certificate for the ACME service is exported as:
|
||||
#
|
||||
# config.test-support.letsencrypt.caCert
|
||||
# config.test-support.acme.caCert
|
||||
#
|
||||
# This value can be used inside the configuration of other test nodes to inject
|
||||
# the snakeoil certificate into security.pki.certificateFiles or into package
|
||||
# overlays.
|
||||
#
|
||||
# Another value that's needed if you don't use a custom resolver (see below for
|
||||
# notes on that) is to add the letsencrypt node as a nameserver to every node
|
||||
# notes on that) is to add the acme node as a nameserver to every node
|
||||
# that needs to acquire certificates using ACME, because otherwise the API host
|
||||
# for letsencrypt.org can't be resolved.
|
||||
# for acme.test can't be resolved.
|
||||
#
|
||||
# A configuration example of a full node setup using this would be this:
|
||||
#
|
||||
# {
|
||||
# letsencrypt = import ./common/letsencrypt;
|
||||
# acme = import ./common/acme/server;
|
||||
#
|
||||
# example = { nodes, ... }: {
|
||||
# networking.nameservers = [
|
||||
# nodes.letsencrypt.config.networking.primaryIPAddress
|
||||
# nodes.acme.config.networking.primaryIPAddress
|
||||
# ];
|
||||
# security.pki.certificateFiles = [
|
||||
# nodes.letsencrypt.config.test-support.letsencrypt.caCert
|
||||
# nodes.acme.config.test-support.acme.caCert
|
||||
# ];
|
||||
# };
|
||||
# }
|
||||
@ -33,9 +33,9 @@
|
||||
# override networking.nameservers like this:
|
||||
#
|
||||
# {
|
||||
# letsencrypt = { nodes, ... }: {
|
||||
# imports = [ ./common/letsencrypt ];
|
||||
# networking.nameservers = [
|
||||
# acme = { nodes, lib, ... }: {
|
||||
# imports = [ ./common/acme/server ];
|
||||
# networking.nameservers = lib.mkForce [
|
||||
# nodes.myresolver.config.networking.primaryIPAddress
|
||||
# ];
|
||||
# };
|
||||
@ -55,16 +55,16 @@
|
||||
let
|
||||
snakeOilCerts = import ./snakeoil-certs.nix;
|
||||
|
||||
wfeDomain = "acme-v02.api.letsencrypt.org";
|
||||
wfeDomain = "acme.test";
|
||||
wfeCertFile = snakeOilCerts.${wfeDomain}.cert;
|
||||
wfeKeyFile = snakeOilCerts.${wfeDomain}.key;
|
||||
|
||||
siteDomain = "letsencrypt.org";
|
||||
siteDomain = "acme.test";
|
||||
siteCertFile = snakeOilCerts.${siteDomain}.cert;
|
||||
siteKeyFile = snakeOilCerts.${siteDomain}.key;
|
||||
pebble = pkgs.pebble;
|
||||
resolver = let
|
||||
message = "You need to define a resolver for the letsencrypt test module.";
|
||||
message = "You need to define a resolver for the acme test module.";
|
||||
firstNS = lib.head config.networking.nameservers;
|
||||
in if config.networking.nameservers == [] then throw message else firstNS;
|
||||
|
||||
@ -76,15 +76,16 @@ let
|
||||
httpPort = 80;
|
||||
tlsPort = 443;
|
||||
ocspResponderURL = "http://0.0.0.0:4002";
|
||||
strict = true;
|
||||
};
|
||||
|
||||
pebbleConfFile = pkgs.writeText "pebble.conf" (builtins.toJSON pebbleConf);
|
||||
pebbleDataDir = "/root/pebble";
|
||||
|
||||
in {
|
||||
imports = [ ../resolver.nix ];
|
||||
imports = [ ../../resolver.nix ];
|
||||
|
||||
options.test-support.letsencrypt.caCert = lib.mkOption {
|
||||
options.test-support.acme.caCert = lib.mkOption {
|
||||
type = lib.types.path;
|
||||
description = ''
|
||||
A certificate file to use with the <literal>nodes</literal> attribute to
|
||||
@ -98,7 +99,7 @@ in {
|
||||
resolver.enable = let
|
||||
isLocalResolver = config.networking.nameservers == [ "127.0.0.1" ];
|
||||
in lib.mkOverride 900 isLocalResolver;
|
||||
letsencrypt.caCert = snakeOilCerts.ca.cert;
|
||||
acme.caCert = snakeOilCerts.ca.cert;
|
||||
};
|
||||
|
||||
# This has priority 140, because modules/testing/test-instrumentation.nix
|
||||
@ -126,8 +127,7 @@ in {
|
||||
'';
|
||||
serviceConfig = {
|
||||
# Required to bind on privileged ports.
|
||||
User = "root";
|
||||
Group = "root";
|
||||
AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ];
|
||||
};
|
||||
};
|
||||
};
|
@ -1,10 +1,9 @@
|
||||
{ pkgs ? import <nixpkgs> {}
|
||||
, lib ? pkgs.lib
|
||||
|
||||
, domains ? [ "acme-v02.api.letsencrypt.org" "letsencrypt.org" ]
|
||||
, domains ? [ "acme.test" ]
|
||||
}:
|
||||
|
||||
pkgs.runCommand "letsencrypt-snakeoil-ca" {
|
||||
pkgs.runCommand "acme-snakeoil-ca" {
|
||||
nativeBuildInputs = [ pkgs.openssl ];
|
||||
} ''
|
||||
addpem() {
|
171
nixos/tests/common/acme/server/snakeoil-certs.nix
Normal file
171
nixos/tests/common/acme/server/snakeoil-certs.nix
Normal file
@ -0,0 +1,171 @@
|
||||
# Generated via mkcert.sh in the same directory.
|
||||
{
|
||||
ca.key = builtins.toFile "ca.key" ''
|
||||
-----BEGIN PRIVATE KEY-----
|
||||
MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQDCnVZGEn68ezXl
|
||||
DWE5gjsCPqutR4nxw/wvIbAxB2Vk2WeQ6HGvt2Jdrz5qer2IXd76YtpQeqd+ffet
|
||||
aLtMeFTr+Xy9yqEpx2AfvmEEcLnuiWbsUGZzsHwW7/4kPgAFBy9TwJn/k892lR6u
|
||||
QYa0QS39CX85kLMZ/LZXUyClIBa+IxT1OovmGqMOr4nGASRQP6d/nnyn41Knat/d
|
||||
tpyaa5zgfYwA6YW6UxcywvBSpMOXM0/82BFZGyALt3nQ+ffmrtKcvMjsNLBFaslV
|
||||
+zYO1PMbLbTCW8SmJTjhzuapXtBHruvoe24133XWlvcP1ylaTx0alwiQWJr1XEOU
|
||||
WLEFTgOTeRyiVDxDunpz+7oGcwzcdOG8nCgd6w0aYaECz1zvS3FYTQz+MiqmEkx6
|
||||
s4bj1U90I0kwUJbeWjjrGO7Y9Qq4i19GafDg7cAMn9eHCiNbNrPj6t/gfaVbCrbk
|
||||
m3ZVjkvLTQ2mb2lv7+tVii45227iNPuNS6lx2FVlr/DXiRrOVfghPvoOxUfXzogJ
|
||||
hZLV4Zki+ycbGQa5w8YMDYCv4c08dKA7AatVhNS60c1zgQNjuWF3BvocSySyGUon
|
||||
VT6h1DYlJ9YAqgqNpedgNR9kpp034SMhB7dj9leB6LRMA+c1fG/T+1lDbkA+vope
|
||||
pt4+30oDcCTYfEifl1HwqNw/bXDm1wIDAQABAoICABPbd/UYaAQVUk93yQbUKe81
|
||||
s9CvbvzTMYUhm9e02Hyszitz/D2gqZHDksvMkFA8u8aylXIGwdZfRglUmV/ZG1kk
|
||||
kLzQ0xbvN/ilNUL9uYsETBMqtPly9YZloHnUNa5NqF+UVGJGk7GWz5WaLANybx3V
|
||||
fTzDbfLl3TkVy0vt9UQbUkUfXyzwZNjXwmgIr8rcY9vasP90a3eXqRX3Tw1Wk6A4
|
||||
TzO8oB994O0WBO150Fc6Lhwvc72yzddENlLDXq8UAXtqq9mmGqJKnhZ+1mo3AkMw
|
||||
q7P1JyCIxcAMm26GtRvLVljXV0x5640kxDrCin6jeeW/qWkJEW6dpmuZjR5scmLI
|
||||
/9n8H+fGzdZH8bOPPotMy12doj3vJqvew3p0eIkmVctYMJKD0j/CWjvKJNE3Yx4O
|
||||
Ls47X/dEypX6anR1HQUXcpd6JfRWdIJANo2Duaz+HYbyA88bHcJL9shFYcjLs3sX
|
||||
R/TvnnKHvw/ud7XBgvLGwGAf/cDEuLI2tv+V7tkMGrMUv+gUJNZaJaCpdt+1iUwO
|
||||
QFq8APyBNn6FFw54TwXWfSjfSNh3geIMLHuErYVu9MIXvB7Yhh+ZvLcfLbmckhAX
|
||||
wb39RRHnCWvnw5Bm9hnsDhqfDsIoP+2wvUkViyHOmrKi8nSJhSk19C8AuQtSVcJg
|
||||
5op+epEmjt70GHt52nuBAoIBAQD2a4Ftp4QxWE2d6oAFI6WPrX7nAwI5/ezCbO/h
|
||||
yoYAn6ucTVnn5/5ITJ8V4WTWZ4lkoZP3YSJiCyBhs8fN63J+RaJ/bFRblHDns1HA
|
||||
2nlMVdNLg6uOfjgUJ8Y6xVM0J2dcFtwIFyK5pfZ7loxMZfvuovg74vDOi2vnO3dO
|
||||
16DP3zUx6B/yIt57CYn8NWTq+MO2bzKUnczUQRx0yEzPOfOmVbcqGP8f7WEdDWXm
|
||||
7scjjN53OPyKzLOVEhOMsUhIMBMO25I9ZpcVkyj3/nj+fFLf/XjOTM00M/S/KnOj
|
||||
RwaWffx6mSYS66qNc5JSsojhIiYyiGVEWIznBpNWDU35y/uXAoIBAQDKLj0dyig2
|
||||
kj1r3HvdgK4sRULqBQFMqE9ylxDmpJxAj6/A8hJ0RCBR57vnIIZMzK4+6K0l3VBJ
|
||||
ukzXJHJLPkZ0Uuo2zLuRLkyjBECH6KYznyTkUVRn50Oq6IoP6WTCfd3Eg+7AKYY1
|
||||
VFo2iR8sxeSQQ+AylFy6QcQ1xPIW30Jj1/LFjrRdRggapPEekpJec0pEqhasT8rR
|
||||
UFhRL2NdZnL5b7ZlsJc7gZKEJgNfxgzaCzloqLcjCgGpOhLKx0fFsNOqHcbIGMwG
|
||||
6wQCOyNghQJ6AZtRD5TYCJow92FchWjoTIaMJ8RjMKQmxpiwM6wQG4J78Hd3mbhf
|
||||
q0hiQhPHaNbBAoIBAFeIeMFq8BpXM7sUwcURlI4lIx8Mgo33FVM7PzsFpfQyw9MR
|
||||
5w3p6vnjvd8X4aoHvVZxzw3hA0WwjiAmrKMJL/KK6d45rP2bDUBBAplvAgeLtTLt
|
||||
4tMLIwCF4HSgA55TIPQlaqO1FDC+M4BTSiMZVxS970/WnZPBEuNgzFDFZ+pvb4X6
|
||||
3t40ZLNwAAQHM4IEPAFiHqWMKGZ9eo5BWIeEHnjHmfjqSDYfLJAVYk1WJIcMUzom
|
||||
lA76CBC8CxW/I94AtcRhWuFUv/Z5/+OYEYLUxtuqPm+J+JrCmf4OJmWppT1wI2+p
|
||||
V00BSeRVWXTm1piieM8ahF5y1hp6y3uV3k0NmKECggEBAMC42Ms3s6NpPSE+99eJ
|
||||
3P0YPJOkl7uByNGbTKH+kW89SDRsy8iGVCSe9892gm5cwU/4LWyljO3qp2qBNG2i
|
||||
/DfP/bCk8bqPXsAZwoWK8DrO3bTCDepJWYhlx40pVkHLBwVXGdOVAXh+YswPY2cj
|
||||
cB9QhDrSj52AKU9z36yLvtY7uBA3Wph6tCjpx2n0H4/m6AmR9LDmEpf5tWYV/OrA
|
||||
SKKaqUw/y7kOZyKOtbKqr/98qYmpIYFF/ZVZZSZkVXcNeoZzgdOlR37ksVqLEsrj
|
||||
nxu7wli/uItBj/FTLjyqcvjUUYDyO1KtwBuyPUPgzYhBIN2Rt9+K6WRQelwnToFL
|
||||
30ECggEBALzozykZj2sr3z8tQQRZuXLGotUFGsQCB8ikeqoeB8FbNNkC+qgflQGv
|
||||
zLRB2KWOvnboc94wVgBJH43xG0HBibZnBhUO8/HBI/WlmyEj9KQ/ZskUK4GVZkB6
|
||||
r/81ASLwH+P/rqrLEjcp1SIPPevjzCWD9VYR5m/qPHLNxStwGSrPjtPzgaFxhq84
|
||||
Jl+YVmNqVlrOKYYfIPh8exPLiTti3wfM61pVYFv56PI2gd5ysMWYnuN+vK0sbmZh
|
||||
cIWwykcKlODIngI7IzYqt8NuIJI0jrYyHgtUw4jaJzdF4mEOplGONxdz15jAGHtg
|
||||
JUsBXFNz132nP4iIr3UKrPedQZijSi4=
|
||||
-----END PRIVATE KEY-----
|
||||
'';
|
||||
ca.cert = builtins.toFile "ca.cert" ''
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIFDzCCAvegAwIBAgIUTRDYSWJvmlhwIR3pzVrIQfnboLEwDQYJKoZIhvcNAQEL
|
||||
BQAwFjEUMBIGA1UEAwwLU25ha2VvaWwgQ0EwIBcNMjAwMzIyMjI1NjE3WhgPMjEy
|
||||
MDAyMjcyMjU2MTdaMBYxFDASBgNVBAMMC1NuYWtlb2lsIENBMIICIjANBgkqhkiG
|
||||
9w0BAQEFAAOCAg8AMIICCgKCAgEAwp1WRhJ+vHs15Q1hOYI7Aj6rrUeJ8cP8LyGw
|
||||
MQdlZNlnkOhxr7diXa8+anq9iF3e+mLaUHqnfn33rWi7THhU6/l8vcqhKcdgH75h
|
||||
BHC57olm7FBmc7B8Fu/+JD4ABQcvU8CZ/5PPdpUerkGGtEEt/Ql/OZCzGfy2V1Mg
|
||||
pSAWviMU9TqL5hqjDq+JxgEkUD+nf558p+NSp2rf3bacmmuc4H2MAOmFulMXMsLw
|
||||
UqTDlzNP/NgRWRsgC7d50Pn35q7SnLzI7DSwRWrJVfs2DtTzGy20wlvEpiU44c7m
|
||||
qV7QR67r6HtuNd911pb3D9cpWk8dGpcIkFia9VxDlFixBU4Dk3kcolQ8Q7p6c/u6
|
||||
BnMM3HThvJwoHesNGmGhAs9c70txWE0M/jIqphJMerOG49VPdCNJMFCW3lo46xju
|
||||
2PUKuItfRmnw4O3ADJ/XhwojWzaz4+rf4H2lWwq25Jt2VY5Ly00Npm9pb+/rVYou
|
||||
Odtu4jT7jUupcdhVZa/w14kazlX4IT76DsVH186ICYWS1eGZIvsnGxkGucPGDA2A
|
||||
r+HNPHSgOwGrVYTUutHNc4EDY7lhdwb6HEskshlKJ1U+odQ2JSfWAKoKjaXnYDUf
|
||||
ZKadN+EjIQe3Y/ZXgei0TAPnNXxv0/tZQ25APr6KXqbePt9KA3Ak2HxIn5dR8Kjc
|
||||
P21w5tcCAwEAAaNTMFEwHQYDVR0OBBYEFCIoeYSYjtMiPrmxfHmcrsZkyTpvMB8G
|
||||
A1UdIwQYMBaAFCIoeYSYjtMiPrmxfHmcrsZkyTpvMA8GA1UdEwEB/wQFMAMBAf8w
|
||||
DQYJKoZIhvcNAQELBQADggIBAHPdwOgAxyhIhbqFObNftW8K3sptorB/Fj6jwYCm
|
||||
mHleFueqQnjTHMWsflOjREvQp1M307FWooGj+KQkjwvAyDc/Hmy7WgJxBg9p3vc+
|
||||
/Xf/e7ZfBl8rv7vH8VXW/BC1vVsILdFncrgTrP8/4psV50/cl1F4+nPBiekvvxwZ
|
||||
k+R7SgeSvcWT7YlOG8tm1M3al4F4mWzSRkYjkrXmwRCKAiya9xcGSt0Bob+LoM/O
|
||||
mpDGV/PMC1WAoDc1mMuXN2hSc0n68xMcuFs+dj/nQYn8uL5pzOxpX9560ynKyLDv
|
||||
yOzQlM2VuZ7H2hSIeYOFgrtHJJwhDtzjmUNDQpQdp9Fx+LONQTS1VLCTXND2i/3F
|
||||
10X6PkdnLEn09RiPt5qy20pQkICxoEydmlwpFs32musYfJPdBPkZqZWrwINBv2Wb
|
||||
HfOmEB4xUvXufZ5Ju5icgggBkyNA3PCLo0GZFRrMtvA7i9IXOcXNR+njhKa9246V
|
||||
QQfeWiz05RmIvgShJYVsnZWtael8ni366d+UXypBYncohimyNlAD1n+Bh3z0PvBB
|
||||
+FK4JgOSeouM4SuBHdwmlZ/H0mvfUG81Y8Jbrw0yuRHtuCtX5HpN5GKpZPHDE7aQ
|
||||
fEShVB/GElC3n3DvgK9OJBeVVhYQgUEfJi4rsSxt3cdEI0NrdckUoZbApWVJ3CBc
|
||||
F8Y7
|
||||
-----END CERTIFICATE-----
|
||||
'';
|
||||
"acme.test".key = builtins.toFile "acme.test.key" ''
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIJKAIBAAKCAgEAlgQTZjKfs3aHw0J993k7jFAs+hVRPf//zHMAiUkPKUYPTSl1
|
||||
TxS/bPbhWzSoom00j4SLhGGGhbd+lnvTg0uvKbxskgATfw5clbm1ZN+gx4DuxwjL
|
||||
V3xIxpeSY+PKzs5z8w/k+AJh+zOPyXwH3ut3C+ogp1S/5IhmzV3a/yU/6k0zpGxj
|
||||
N6ZPRTXFrz93I1pPeCkJz90l7tj+2uFc9xtM20NQX52f0Y2oShcG8fKdNZVzuHHk
|
||||
ZXkrZIhou55/nRy2jKgFeD3GQQfa9rwPWrVybQ6tKMMkoazB/Unky9xcTI2LJarf
|
||||
xgHDO9v9yFBvmR4UM8B3kM82NHoENtHaZ2mmiMGZzTEQlf8xwYyHFrqBFIVRWEUr
|
||||
7rr/O5Qr9gIN0T4u367HCexVYAKzbO2P9h75czzjMMoGkbXze9SMQ/ikrxEmwAHg
|
||||
r1Xxh6iQYmgPNk8AR3d9+o2I7WJZMUYZARLnuhVr9BNXv510iqZTqX8lcyL5fEj3
|
||||
ST4Ab+H7rfevZt6NU26iJLBYAjrA2mSvH+wvkboxrgSS8xYPkOW8NLNEbbodzofI
|
||||
pB+SaK53OIk0bj9c1YAgrSNER/TDTgDXrWUNrlfVZ/M7+AEdeU06wi7sVhVif6OB
|
||||
D3OpgKSNjeE6TuJH80Pi5MWugSFBr792Xb6uhVoPiVOFN+qiGB6UkwBgSKkCAwEA
|
||||
AQKCAgAmN7OZfZwh5DiCDhZ5TXFWNba/n16rJOTN+R5R20L5iNetGLrCAs8hu2N+
|
||||
ENRFTPzu8x14BEB5IF4niDRCZq2hPFeMemh9HfOIUV9c63vSV459NkhXaVpA/axV
|
||||
tlqchQwVCB+U70Z28JPZCLgYmnQhnOvktTqNxhIqj5aTGbJGxpQ5d0Nvkfbv8tsB
|
||||
4nE/mGpWel39jqFzT+Tdbjx414Ok+GkpcsacZDJTbbpfOSfD1uc8PgepskzTt8y2
|
||||
v5JTPFVlUAjUsSgouQ+XfCGNQlx8XBjRIaXbal+hX4niRald91FTr0yC7UAHp+vn
|
||||
dFZ586fB526OfbuZctxP+vZhEhFSseQKxHQ0tB8me81xH44daVNr9PPUM69FDT3j
|
||||
ygJaUJjNEG3vVzePCDzhmxTmz2/rAClp77WTWziBWDoA6YWDDzhgNPrXWzLIbZIx
|
||||
ue9ZbGEOh/u5ZzrEXxKCz9FjDe9wQu3TeYUe0M+ejzwWgn7zdWDvjjmtLUUuun2Y
|
||||
wW7WANpu32qvB/V+qssw4O63tbRiwneRCnb8AF2ixgyWr6xyZwch4kacv1KMiixf
|
||||
gO/5GTj7ba5GcdGoktJb29cUEgz13yPd106RsHK4vcggFxfMbOVauNRIo6ddLwyS
|
||||
8UMxLf2i2cToOLkHZrIb8FgimmzRoBd3yYzwVJBydiVcsrHQAQKCAQEAxlzFYCiQ
|
||||
hjEtblGnrkOC7Hx6HvqMelViOkGN8Y9VczG4GhwntmSE2nbpaAKhFBGdLfuSI3tJ
|
||||
Lf24f0IGgAhzPmpo2TjbxPO3YSKFTH71fznVBhtQ1iSxwZ1InXktnuhot6VSDx6A
|
||||
sbHSy1hMFy3nj+Zj5+fQ89tclzBzG9bCShaauO39KrPMwKi6CYoYdGhXBC3+OpHY
|
||||
zBNvmDTxG2kW8L42rlf14EH4pAlgKs4eeZbpcbZ6fXURP2hToHJ8swyKw/1p12WA
|
||||
cc19BKFJXL8nNP4uCf/fI0mVYpytz5KwUzG+z+umDqk+RRCH4mNB28xvEEuEyp/e
|
||||
/C5Is+WrlDAA6QKCAQEAwZsK4AJ/w4Xf4Q/SsnZJO9bfP1ejJjzKElt8rG28JXeb
|
||||
+FjykZZ6vw2gt2Boest2n9N4fBwaRkaHVtVS4iAmaDXozTlcvCLs2rVjPSguuQtW
|
||||
80CKg6+dux+6gFN8IGzDCiX3pWUnhhiXvCcRYEcvgpH6GA5vuCNrXrjH0JFC0kef
|
||||
aaDMGMTbzhc2IIRztmWU4v8YJSSy5KOkIQLWO+7u9aGx9IqT5/z3gx3XrItyl0Bk
|
||||
aQmZEh7JOSyhmGhhf5LdeTLu2YgRw3/tzS+lPMX3+UPw99k9MdTOFn2pww5AdRmg
|
||||
aBIzV+/LBYG0pPRl0D8/6yzGVBPuUDQpmK9Z3gsxwQKCAQEAnNkMZN2Ocd1+6+V7
|
||||
LmtJog9HTSmWXMEZG7FsOJ661Yxx44txx2IyPsCaDNlPXxwSaiKrSo0Yr1oZQd8G
|
||||
XsTPw4HGiETSWijQTulJ99PH8SLck6iTwdBgEhV5LrN75FQnQVdizHu1DUzrvkiC
|
||||
Wi29FWb6howiCEDjNNVln5SwKn83NpVQgyyK8ag4+oQMlDdQ3wgzJ0Ld53hS3Eq4
|
||||
f5EYR6JQgIki7YGcxrB3L0GujTxMONMuhfdEfRvUTGFawwVe0FyYDW7AIrx2Z2vV
|
||||
I5YuvVNjOhrt6OwtSD1VnnWCITaLh8LwmlUu3NOWbudHUzKSe5MLXGEPo95BNKad
|
||||
hl5yyQKCAQBNo0gMJtRnawMpdLfwewDJL1SdSR6S0ePS0r8/Qk4l1D5GrByyB183
|
||||
yFY/0zhyra7nTt1NH9PlhJj3WFqBdZURSzUNP0iR5YuH9R9Twg5ihEqdB6/EOSOO
|
||||
i521okTvl83q/ui9ecAMxUXr3NrZ+hHyUWmyRe/FLub6uCzg1a+vNauWpzXRZPgk
|
||||
QCijh5oDdd7r3JIpKvtWNs01s7aHmDxZYjtDrmK7sDTtboUzm0QbpWXevUuV+aSF
|
||||
+gDfZlRa3WFVHfisYSWGeYG6O7YOlfDoE7fJHGOu3QC8Ai6Wmtt8Wgd6VHokdHO8
|
||||
xJPVZnCBvyt5up3Zz5hMr25S3VazdVfBAoIBAHVteqTGqWpKFxekGwR0RqE30wmN
|
||||
iIEwFhgOZ8sQ+6ViZJZUR4Nn2fchn2jVwF8V8J1GrJbTknqzAwdXtO3FbgfmmyF2
|
||||
9VbS/GgomXhA9vJkM4KK3Iwo/y/nE9hRhtzuVE0QPudz2fyfaDgnWjcNM59064tH
|
||||
88361LVJm3ixyWSBD41UZ7NgWWJX1y2f073vErsfcPpavF5lhn1oSkQnOlgMJsnl
|
||||
24qeuzAgTWu/2rFpIA2EK30Bgvsl3pjJxHwyNDAgklV7C783LIoAHi7VO7tzZ6iF
|
||||
dmD5XLfcUZc3eaB7XehNQKBXDGLJeI5AFmjsHka5GUoitkU2PFrg/3+nJmg=
|
||||
-----END RSA PRIVATE KEY-----
|
||||
'';
|
||||
"acme.test".cert = builtins.toFile "acme.test.cert" ''
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIEoTCCAokCAgKaMA0GCSqGSIb3DQEBCwUAMBYxFDASBgNVBAMMC1NuYWtlb2ls
|
||||
IENBMCAXDTIwMDMyMjIyNTYxOFoYDzIxMjAwMjI3MjI1NjE4WjAUMRIwEAYDVQQD
|
||||
DAlhY21lLnRlc3QwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCWBBNm
|
||||
Mp+zdofDQn33eTuMUCz6FVE9///McwCJSQ8pRg9NKXVPFL9s9uFbNKiibTSPhIuE
|
||||
YYaFt36We9ODS68pvGySABN/DlyVubVk36DHgO7HCMtXfEjGl5Jj48rOznPzD+T4
|
||||
AmH7M4/JfAfe63cL6iCnVL/kiGbNXdr/JT/qTTOkbGM3pk9FNcWvP3cjWk94KQnP
|
||||
3SXu2P7a4Vz3G0zbQ1BfnZ/RjahKFwbx8p01lXO4ceRleStkiGi7nn+dHLaMqAV4
|
||||
PcZBB9r2vA9atXJtDq0owyShrMH9SeTL3FxMjYslqt/GAcM72/3IUG+ZHhQzwHeQ
|
||||
zzY0egQ20dpnaaaIwZnNMRCV/zHBjIcWuoEUhVFYRSvuuv87lCv2Ag3RPi7frscJ
|
||||
7FVgArNs7Y/2HvlzPOMwygaRtfN71IxD+KSvESbAAeCvVfGHqJBiaA82TwBHd336
|
||||
jYjtYlkxRhkBEue6FWv0E1e/nXSKplOpfyVzIvl8SPdJPgBv4fut969m3o1TbqIk
|
||||
sFgCOsDaZK8f7C+RujGuBJLzFg+Q5bw0s0Rtuh3Oh8ikH5Jornc4iTRuP1zVgCCt
|
||||
I0RH9MNOANetZQ2uV9Vn8zv4AR15TTrCLuxWFWJ/o4EPc6mApI2N4TpO4kfzQ+Lk
|
||||
xa6BIUGvv3Zdvq6FWg+JU4U36qIYHpSTAGBIqQIDAQABMA0GCSqGSIb3DQEBCwUA
|
||||
A4ICAQBCDs0V4z00Ze6Ask3qDOLAPo4k85QCfItlRZmwl2XbPZq7kbe13MqF2wxx
|
||||
yiLalm6veK+ehU9MYN104hJZnuce5iEcZurk+8A+Pwn1Ifz+oWKVbUtUP3uV8Sm3
|
||||
chktJ2H1bebXtNJE5TwvdHiUkXU9ywQt2FkxiTSl6+eac7JKEQ8lVN/o6uYxF5ds
|
||||
+oIZplb7bv2XxsRCzq55F2tJX7fIzqXrSa+lQTnfLGmDVMAQX4TRB/lx0Gqd1a9y
|
||||
qGfFnZ7xVyW97f6PiL8MoxPfd2I2JzrzGyP/igNbFOW0ho1OwfxVmvZeS7fQSc5e
|
||||
+qu+nwnFfl0S4cHRif3G3zmz8Ryx9LM5TYkH41qePIHxoEO2sV0DgWJvbSjysV2S
|
||||
EU2a31dJ0aZ+z6YtZVpHlujKMVzxVTrqj74trS4LvU5h/9hv7e1gjYdox1TO0HMK
|
||||
mtDfgBevB21Tvxpz67Ijf31HvfTmCerKJEOjGnbYmyYpMeMNSONRDcToWk8sUwvi
|
||||
OWa5jlUFRAxgXNM09vCTPi9aRUhcFqACqfAd6I1NqGVlfplLWrc7SWaSa+PsLfBf
|
||||
4EOZfk8iEKBVeYXNjg+CcD8j8yk/oEs816/jpihIk8haCDRWYWGKyyGnwn6OQb8d
|
||||
MdRO2b7Oi/AAmEF3jMlICqv286GIYK5qTKk2/CKHlOLPnsWEuA==
|
||||
-----END CERTIFICATE-----
|
||||
'';
|
||||
}
|
@ -1,12 +0,0 @@
|
||||
{ lib, nodes, pkgs, ... }: let
|
||||
letsencrypt-ca = nodes.letsencrypt.config.test-support.letsencrypt.caCert;
|
||||
in {
|
||||
networking.nameservers = [
|
||||
nodes.letsencrypt.config.networking.primaryIPAddress
|
||||
];
|
||||
|
||||
security.acme.acceptTerms = true;
|
||||
security.acme.email = "webmaster@example.com";
|
||||
|
||||
security.pki.certificateFiles = [ letsencrypt-ca ];
|
||||
}
|
@ -1,254 +0,0 @@
|
||||
# Generated via mkcert.sh in the same directory.
|
||||
{
|
||||
ca.key = builtins.toFile "ca.key" ''
|
||||
-----BEGIN PRIVATE KEY-----
|
||||
MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDQ0b23I1srJZwR
|
||||
2MMdvSJK5pcwLfrXU+4gEZEnWNyT8yeVweya+8vmNNOlvK3zxf+ZiY/7aQ0RZJMO
|
||||
h2+VdlgHmr2QKhQTf1HwfZA/06FolD3/DcS+DMJMSTVr179/XLndeVVZUqU7tjvB
|
||||
AWKSIS8H2hSF1UOPi9gBDR8MwCP6Qgj8WYhbkt9q47/lO96qAmm6U1F+Q7RYM9ZQ
|
||||
IWI81N0Ms5wJocg7n6S19iV66ePh7APapZFYup61gFGWfahmA217ELIZd56n8yjO
|
||||
F0epb9sC0XpYCDRrYKBWLqPiv+6wvdZtZvALItyIv08ZwXlBkFg3LbAAhPnf0Vxz
|
||||
pYysQmyyyzkgy252n+Sie0kx+B4qm6fOkpfgYlPSVTb2dXx/be/SE08u0a9FO0fZ
|
||||
pkByWEZJUUwngsJgLUa7MorQf3avxozfC25XqvzbieZfSXlA7mOUclZbC/WUFpyj
|
||||
MlyJU2eCQ8wSwsPXl91oxcYlOkuVLgd41gr9pGXQSuKIkrgbfkftjg2tDC+7g7O8
|
||||
qrdF42FjbZjIx/74AasmsGh4GTQtiSkvEnTstioC6aCV44DlJWbBIMvkyawubjUl
|
||||
Ppij0H66Y9Q4tEc/ktc7oGQfqqluyLb43TeobTPHALsNeAYb39rMtBo5DDCUc81s
|
||||
fuDMhMr/oYXKrFstUsg5AY6mJaRG0QIDAQABAoICAF5ZVfmoPOoKzTB3GvmV2iez
|
||||
dj4rmDmwT1gn98iqasdiRtFwVGJWQHNcDQDGdmY9YNZThD2Y4nGoWpVm9jC2zuFo
|
||||
thusF3QTw8cARKvCCBzDVhumce1YwHVNYpi+W2TFValOyBRathN7rBXxdUMHQUOv
|
||||
8jPh/uudyNP4xL2zFs5dBchW/7g4bT/TdYGyglGYU4L/YEPHfXWYvk1oOAW6O8Ig
|
||||
aPElKt5drEMW2yplATSzua4RvtEzSMBDIRn43pxxEgdXrNC67nF9+ULc2+Efi/oD
|
||||
Ad9CncSiXO9zlVK/W655p6e4qd6uOqyCm8/MTegkuub7eplRe8D3zGjoNN4kCQ4S
|
||||
rckVvIDDb6vZk7PKx9F7GWIqaG/YvFFFKO1MrAZg7SguFA6PtGOYAFocT03P6KXT
|
||||
l2SnZQWKyxUAlh4tOBGlRFgGCx/krRIKbgNYn/qk/ezcRl8c7GpOPh+b7Icoq7u3
|
||||
l4tIVBBHqS8uGgtyi+YwuJeht2MV1aEcSkykKLh2ipp8tb6spORJUkhjawDjvxeQ
|
||||
GztN30Xh2riTXYZ0HExVTtJa8jyvFyp/97ptPIJXaVt2A2KIS3sBFHKnpY+/OrQg
|
||||
uUauYgi13WFHsKOxZL9GYGk7Ujd8bw4CEcJFxKY7bhpGVI6Du7NRkUDWN0+0yusI
|
||||
2szCJ7+ZqJkrc1+GrI/RAoIBAQDseAEggOLYZkpU2Pht15ZbxjM9ayT2ANq1+RTu
|
||||
LjJx4gv2/o/XJCfMZCL0b9TJqtYeH+N6G9oDRJ99VIhUPedhWSYdj9Qj+rPd++TS
|
||||
bp+MoSjmfUfxLTDrmFHL7ppquAE65aDy3B5c+OCb0I4X6CILUf0LynBzgl4kdrzN
|
||||
U6BG3Mt0RiGPojlPV82B9ZUF/09YAz7BIz9X3KMhze1Gps5OeGuUnc9O2IAJYkrj
|
||||
ur9H2YlNS4w+IjRLAXSXUqC8bqPZp6WTo1G/rlyAkIRXCGN90uk5JQvXoj9immFO
|
||||
WaylbdcNG3YcGutreYeZL/UIWF6zCdc6pYG0cCBJS6S/RN7FAoIBAQDiERrLuUbV
|
||||
3fx/a8uMeZop6hXtQpF7jlFxqUmza7QSvBuwks4QVJF+qMSiSvKDkCKqZD4qVf4N
|
||||
TMxEj5vNR0PbnmDshyKJNGVjEauKJSb65CFDUcL1eR/A/oJvxiIdN1Z4cPrpnRux
|
||||
/zIfPuYfYHpdz52buxxmlD7bfwYmVKVpnzjB9z0I1CasZ5uqB0Z8H0OLyUu8S4ju
|
||||
RfkKBDMgVl2q96i8ZvX4C1b7XuimIUqv4WHq5+ejcYirgrYtUbBIaDU3/LORcJdy
|
||||
/K76L1/up70RTDUYYm/HKaRy+vMTpUsZJ7Qbh0hrvQkUvNQ1HXjprW2AePIYi33N
|
||||
h3mb1ulqw4idAoIBAQCsn0YjVjNDShkFK4bfmLv4rw2Ezoyi0SjYIsb2wN6uaBfX
|
||||
7SlQIuKywH8L9f9eYMoCH8FNyLs0G4paUbVb2fzpAc1jUzXINiHL8TCvtXXfkV5s
|
||||
NBSqqRTHR+CegMZVFZJATpVZ9PptYHmHBY5VQW5o2SdizhudFxRmhg95zIx6boBP
|
||||
l0q0sfYoR66MKpzpTeG8HFJZZ8O7/iNQcCXAp9B/VEUkrrdBlaaSMyD8cb1lVBZ5
|
||||
SKdOTGXkQ2G7feQ86n/OSiYDSvxIc56vc9BIQKVwmuEKiFLGzXh8ILrcGXaBJVgS
|
||||
B3QHPFeTk5o7Z9j2iJxJEuv9sginkhrfpsrTnhEJAoIBACkrUkTtjd/e2F/gIqaH
|
||||
crLVZX7a06G7rktTuA9LuvR6e1Rxt8Mzk3eMhprDqVyaQCXlsYiGNoj3hm+p84az
|
||||
xsDVG/OXPIveFeSv0ByNXYbtSr12w1lu4ICGGP0ACTBm5oFymc83hFarEdas3r2y
|
||||
FTbGW36D2c04jCXvARCz85fDnlN8kgnskMpu5+NUBdsO2n83fmphGyPBbHQNhb4K
|
||||
3G4JQhplab/tWL7YbufqQi67jdh4uS+Duo75c/HW4ZKeH6r9gzomVf5j0/3N6NuO
|
||||
gpkG1tiE/LQ5ejBSUTgvrvh6yYsF3QN53pB/PuoZXu63Xay62ePsa1GlrVjbD5EY
|
||||
4OUCggEAJFr7F7AQLMJTAxHFLCsZZ0ZZ+tXYclBC4eHPkZ6sD5jvL3KIpW3Q7jXk
|
||||
oIoD/XEX4B+Qe5M3jQJ/Y5ZJETHcgfcHZbDpCKN2WHQgldQbAJiFd4GY1OegdVsr
|
||||
7TC8jh3Q2eYjzL8u4z7LSNI6aQSv1eWE7S1Q5j/sX/YYDR4W3CBMeIUpqoDWpn87
|
||||
czbIRyA/4L0Y/HLpg/ZCbvtJZbsQwYXhyqfbjlm4BRQ6JiC5uEBKvuDRUXToBJta
|
||||
JU8XMm+Ae5Ogrw7P6hg68dWpagfjb7UZ7Zxv+VDsbrU6KsDcyGCAwrrRZou/6KUG
|
||||
Eq4OVTSu/s8gmY94tgbjeOaLUPEPmg==
|
||||
-----END PRIVATE KEY-----
|
||||
'';
|
||||
ca.cert = builtins.toFile "ca.cert" ''
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIFDzCCAvegAwIBAgIUU9rbCLTuvaI6gjSsFsJJjfLWIX8wDQYJKoZIhvcNAQEL
|
||||
BQAwFjEUMBIGA1UEAwwLU25ha2VvaWwgQ0EwIBcNMTkxMDE4MDc1NDEyWhgPMjEx
|
||||
OTA5MjQwNzU0MTJaMBYxFDASBgNVBAMMC1NuYWtlb2lsIENBMIICIjANBgkqhkiG
|
||||
9w0BAQEFAAOCAg8AMIICCgKCAgEA0NG9tyNbKyWcEdjDHb0iSuaXMC3611PuIBGR
|
||||
J1jck/MnlcHsmvvL5jTTpbyt88X/mYmP+2kNEWSTDodvlXZYB5q9kCoUE39R8H2Q
|
||||
P9OhaJQ9/w3EvgzCTEk1a9e/f1y53XlVWVKlO7Y7wQFikiEvB9oUhdVDj4vYAQ0f
|
||||
DMAj+kII/FmIW5LfauO/5TveqgJpulNRfkO0WDPWUCFiPNTdDLOcCaHIO5+ktfYl
|
||||
eunj4ewD2qWRWLqetYBRln2oZgNtexCyGXeep/MozhdHqW/bAtF6WAg0a2CgVi6j
|
||||
4r/usL3WbWbwCyLciL9PGcF5QZBYNy2wAIT539Fcc6WMrEJssss5IMtudp/kontJ
|
||||
MfgeKpunzpKX4GJT0lU29nV8f23v0hNPLtGvRTtH2aZAclhGSVFMJ4LCYC1GuzKK
|
||||
0H92r8aM3wtuV6r824nmX0l5QO5jlHJWWwv1lBacozJciVNngkPMEsLD15fdaMXG
|
||||
JTpLlS4HeNYK/aRl0EriiJK4G35H7Y4NrQwvu4OzvKq3ReNhY22YyMf++AGrJrBo
|
||||
eBk0LYkpLxJ07LYqAumgleOA5SVmwSDL5MmsLm41JT6Yo9B+umPUOLRHP5LXO6Bk
|
||||
H6qpbsi2+N03qG0zxwC7DXgGG9/azLQaOQwwlHPNbH7gzITK/6GFyqxbLVLIOQGO
|
||||
piWkRtECAwEAAaNTMFEwHQYDVR0OBBYEFAZcEiVphGxBT4OWXbM6lKu96dvbMB8G
|
||||
A1UdIwQYMBaAFAZcEiVphGxBT4OWXbM6lKu96dvbMA8GA1UdEwEB/wQFMAMBAf8w
|
||||
DQYJKoZIhvcNAQELBQADggIBAGJ5Jnxq1IQ++IRYxCE7r7BqzzF+HTx0EWKkSOmt
|
||||
eSPqeOdhC26hJlclgGZXAF/Xosmn8vkSQMHhj/jr4HI0VF9IyvDUJm8AKsnOgu/7
|
||||
DUey3lEUdOtJpTG9NyTOcrzxToMJ+hWlFLZKxx2dk4FLIvTLjmo1VHM97Bat7XYW
|
||||
IrL9RRIZ25V+eCYtlR7XYjceGFQ0rCdp8SFIQwC6C/AH2tV3b1AJFsND9PcoLu7c
|
||||
//fH+WUQCcD/N0grdC/QCX7AFWzd4rKQ8gjfND4TSYFTSDwW10Mud4kAVhY2P1sY
|
||||
Y3ZpnxWrCHbIZMbszlbMyD+cjsCBnNvOtYGm7pDut/371rllVcB/uOWYWMCtKPoj
|
||||
0elPrwNMrK+P+wceNBCRQO+9gwzB589F2morFTtsob/qtpAygW8Sfl8M+iLWXeYS
|
||||
c3LBLnj0TpgXKRWg7wgIWKSZx9v6pgy70U0qvkjNS1XseUCPf7hfAbxT3xF+37Dw
|
||||
zZRwF4WAWqdnJoOey21mgc+a2DQzqtykA6KfHgCqNFfDbQXPXvNy25DDThbk+paX
|
||||
G2M2EWtr+Nv9s/zm7Xv/pOXlgMFavaj+ikqZ4wfJf6c/sMOdZJtMA4TsYtAJgbc8
|
||||
ts+0eymTq4v5S8/fW51Lbjw6hc1Kcm8k7NbHSi9sEjBfxFLTZNQ5eb4NGr9Od3sU
|
||||
kgwJ
|
||||
-----END CERTIFICATE-----
|
||||
'';
|
||||
"acme-v02.api.letsencrypt.org".key = builtins.toFile "acme-v02.api.letsencrypt.org.key" ''
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIJKQIBAAKCAgEApny0WhfDwEXe6WDTCw8qBuMAPDr88pj6kbhQWfzAW2c0TggJ
|
||||
Etjs9dktENeTpSl14nnLVMiSYIJPYY3KbOIFQH1qDaOuQ7NaOhj9CdMTm5r9bl+C
|
||||
YAyqLIMQ9AAZDhUcQjOy3moiL7ClFHlkFYuEzZBO9DF7hJpfUFIs0Idg50mNoZh/
|
||||
K/fb4P2skNjfCjjomTRUmZHxT6G00ImSTtSaYbN/WHut1xXwJvOoT1nlEA/PghKm
|
||||
JJ9ZuRMSddUJmjL+sT09L8LVkK8CKeHi4r58DHM0D0u8owIFV9qsXd5UvZHaNgvQ
|
||||
4OAWGukMX+TxRuqkUZkaj84vnNL+ttEMl4jedw0ImzNtCOYehDyTPRkfng5PLWMS
|
||||
vWbwyP8jDd2578mSbx5BF7ypYX366+vknjIFyZ5WezcC1pscIHxLoEwuhuf+knN+
|
||||
kFkLOHeYbqQrU6mxSnu9q0hnNvGUkTP0a/1aLOGRfQ5C/pxpE/Rebi8qfM/OJFd4
|
||||
mSxGL93JUTXWAItiIeBnQpIne65/Ska9dWynOEfIb0okdet3kfmNHz3zc17dZ5g4
|
||||
AdOSCgHAlQgFt/Qd8W6xXUe4C5Mfv2ctxRrfQhDwtB6rMByPwzImnciC2h3vCwD3
|
||||
vS/vjUyWICyhZyi2LZDUQz+sCKBXCYYcYh8ThFO40j5x1OnYMq7XQvyl8QkCAwEA
|
||||
AQKCAgBSAfdssWwRF9m3p6QNPIj9H3AMOxpB/azffqTFzsSJwYp4LWkayZPfffy+
|
||||
4RGvN38D8e6ActP3ifjEGu3tOGBR5fUJhujeHEiDea+a2Ug9S9kuNwmnelWQ23bM
|
||||
Wgf9cdSbn4+qEymHyEFolmsAWdsuzri1fHJVXR06GWBNz4GiLA8B3HY4GD1M1Gfe
|
||||
aZVkGagpXyeVBdiR2xuP5VQWVI8/NQWzdiipW/sRlNABVkyI3uDeN4VzYLL3gTeE
|
||||
p021kQz4DSxIjHZacHpmWwhBnIbKMy0fo7TlrqcnIWXqTwv63Q9Zs/RN8NOyqb0Y
|
||||
t1NKFWafcwUsdOnrG9uv/cVwF1FNE8puydaOi8rL1zAeK89JH8NRQ02wohR9w8qy
|
||||
b2tB6DyGMtuqBt8Il6GA16ZoEuaXeayvlsvDEmG1cS9ZwBvfgrVPAmlm2AYdIf5B
|
||||
RHIJu4BJC6Nn2ehVLqxx1QDhog3SOnAsCmcfg5g/fCwxcVMLIhODFoiKYGeMitDG
|
||||
Q4e5JKcOg+RR8PT/n4eY4rUDBGtsR+Nw8S2DWgXmSufyfDtKCjZB4IuLWPS29tNh
|
||||
zF6iYfoiTWzrSs/yqPSKIFpv+PWZwkKSvjdxia6lSBYYEON4W2QICEtiEs+SvcG4
|
||||
0eIqWM+rRmPnJyMfGqX6GCs3rHDQB2VNJPBCYPQalJ/KwZumAQKCAQEA0ezM6qPJ
|
||||
1JM/fddgeQ50h0T9TRXVUTCISxXza+l4NuFt1NdqUOdHsGtbL1JR4GaQUG8qD1/P
|
||||
R39YgnQEQimxpmYLCZkobkwPxTZm9oiMXpcJrlN4PB5evaWShRSv3mgigpt3Wzml
|
||||
Td+2R9RoA/hvF/wEyIvaWznYOyugBC7GXs20dNnZDULhUapeQu7r6JvgmxBOby7S
|
||||
0FbhGplBiSDETzZURqzH/GMJKaJtNgyyVf3Hbg4mZAQDWoBRr+8HxsNbDkxP6e91
|
||||
QrPHy2VZFiaTmJfoxRhyMTn7/JZaLJaUHDOniOsdMj/V7vMCgpfBqh5vR8bKzuPy
|
||||
ZINggpcFPp1IYQKCAQEAywc7AQoktMBCru/3vzBqUveXbR3RKzNyZCTH5CMm3UNH
|
||||
zmblFgqF2nxzNil21GqAXzSwZk5FyHbkeD3yvEZm+bXzsZTDNokAwoiTgyrr2tf8
|
||||
GLMlCHHl5euIh1xHuyg/oKajVGOoXUXK8piqiDpQKd3Zwc6u2oyQlh+gYTPKh+7i
|
||||
ilipkYawoE6teb6JUGpvU+d27INgNhB2oDEXY3pG2PbV+wv229ykSZxh1sJUdDwT
|
||||
a8eTg+3pCGXtOZiJoQTFwKUlD2WYTGqS4Gx6dIJco5k+ZikGNST1JGE64Jl4MZdI
|
||||
rtyvpcYblh5Q14sJGvp4kWYS9tjEM8pA+4Z9th3JqQKCAQEAkidH0+UM1A9gmQCm
|
||||
jiHeR39ky5Jz3f7oJT63J15479yrVxBTWNhtNQrJhXzOvGkr+JQsuF+ANMsYmFql
|
||||
zFqy8KMC9D/JwmD6adeif+o5sHF/r/s1LsYGOAtao4TvnOzrefs7ciwERt+GTSQ4
|
||||
9uq0jgJMYkPcVr9DKI8K7V6ThdW52dECKRVzQiRXVEp7vIsqKUuFECuNYrfaKWai
|
||||
FhLWGkA9FKee5L0e1/naB1N3ph72Bk2btO6GVzAXr2HADEZe0umWiczJ2xLH+3go
|
||||
Oh/JiufYi8ClYFh6dDVJutlrbOcZsV3gCegfzikqijmWABcIavSgpsJVNF2zh7gV
|
||||
Uq62gQKCAQAdO2FHeQpn6/at8WceY/4rC/MFhvGC4tlpidIuCtGhsfo4wZ/iWImF
|
||||
N73u4nF1jBAHpTJwyHxLrLKgjWrRqOFSutvniZ/BzmAJolh63kcvL0Hg3IpMePm8
|
||||
7PivZJ3/WIAwxU1m7SJkq5PY8ho7mwnHvWWI/hU26l42/z68QBS9FawQd0uS5G2x
|
||||
5yIbEU/8ABcfYYhB7XiA0EYEMo1HiWeB/ag5iTN13ILbBmUf4sL+KVgygH3A1RRk
|
||||
XSiWzluij2lZn22ClgIjnoSfQ38uH0bvVzUgyG9YX4XcQxOTGwWvPjT82FGB8NAw
|
||||
ARVqs14QQFfzt1qrp/I38rsAfBDFk+xhAoIBAQCEKNk/oJcy9t/jMIbLcn6z3aCc
|
||||
Fn8GBPSXtFj0t6weN5lHof+cggw4owMFWQQyAXxo/K6NnKNydMPZ5qjtLsHNpbpQ
|
||||
aT1Or0/1YR1bJ8Lo82B4QM++7F761GWQPvE/tyrfPkfkWl92ITIpmnlw4wycRlkq
|
||||
9anI2fnj1nIZwixzE2peb6PcsZU2HOs9uZ5RRd9wia696I7IpNibs4O4J2WTm4va
|
||||
+NeYif3V2g9qwgT0Va0c9/Jlg3b58R0vA8j/VCU5I0TyXpkB3Xapx+pvEdZ3viUL
|
||||
mXZaVotmWjgBXGDtd2VQg2ZiAMXHn3RzXSgV4Z+A/XacRs75h9bNw0ZJYrz1
|
||||
-----END RSA PRIVATE KEY-----
|
||||
'';
|
||||
"acme-v02.api.letsencrypt.org".cert = builtins.toFile "acme-v02.api.letsencrypt.org.cert" ''
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIEtDCCApwCAgKaMA0GCSqGSIb3DQEBCwUAMBYxFDASBgNVBAMMC1NuYWtlb2ls
|
||||
IENBMCAXDTE5MTAxODA3NTQxM1oYDzIxMTkwOTI0MDc1NDEzWjAnMSUwIwYDVQQD
|
||||
DBxhY21lLXYwMi5hcGkubGV0c2VuY3J5cHQub3JnMIICIjANBgkqhkiG9w0BAQEF
|
||||
AAOCAg8AMIICCgKCAgEApny0WhfDwEXe6WDTCw8qBuMAPDr88pj6kbhQWfzAW2c0
|
||||
TggJEtjs9dktENeTpSl14nnLVMiSYIJPYY3KbOIFQH1qDaOuQ7NaOhj9CdMTm5r9
|
||||
bl+CYAyqLIMQ9AAZDhUcQjOy3moiL7ClFHlkFYuEzZBO9DF7hJpfUFIs0Idg50mN
|
||||
oZh/K/fb4P2skNjfCjjomTRUmZHxT6G00ImSTtSaYbN/WHut1xXwJvOoT1nlEA/P
|
||||
ghKmJJ9ZuRMSddUJmjL+sT09L8LVkK8CKeHi4r58DHM0D0u8owIFV9qsXd5UvZHa
|
||||
NgvQ4OAWGukMX+TxRuqkUZkaj84vnNL+ttEMl4jedw0ImzNtCOYehDyTPRkfng5P
|
||||
LWMSvWbwyP8jDd2578mSbx5BF7ypYX366+vknjIFyZ5WezcC1pscIHxLoEwuhuf+
|
||||
knN+kFkLOHeYbqQrU6mxSnu9q0hnNvGUkTP0a/1aLOGRfQ5C/pxpE/Rebi8qfM/O
|
||||
JFd4mSxGL93JUTXWAItiIeBnQpIne65/Ska9dWynOEfIb0okdet3kfmNHz3zc17d
|
||||
Z5g4AdOSCgHAlQgFt/Qd8W6xXUe4C5Mfv2ctxRrfQhDwtB6rMByPwzImnciC2h3v
|
||||
CwD3vS/vjUyWICyhZyi2LZDUQz+sCKBXCYYcYh8ThFO40j5x1OnYMq7XQvyl8QkC
|
||||
AwEAATANBgkqhkiG9w0BAQsFAAOCAgEAkx0GLPuCvKSLTHxVLh5tP4jxSGG/zN37
|
||||
PeZLu3QJTdRdRc8bgeOGXAVEVFbqOLTNTsuY1mvpiv2V6wxR6nns+PIHeLY/UOdc
|
||||
mOreKPtMU2dWPp3ybec2Jwii6PhAXZJ26AKintmug1psMw7662crR3SCnn85/CvW
|
||||
192vhr5gM1PqLBIlbsX0tAqxAwBe1YkxBb9vCq8NVghJlKme49xnwGULMTGs15MW
|
||||
hIPx6sW93zwrGiTsDImH49ILGF+NcX1AgAq90nG0j/l5zhDgXGJglX+K1xP99X1R
|
||||
de3I4uoufPa5q+Pjmhy7muL+o4Qt0D0Vm86RqqjTkNPsr7gAJtt66A7TJrYiIoKn
|
||||
GTIBsgM6egeFLLYQsT0ap/59HJismO2Pjx4Jk/jHOkC8TJsXQNRq1Km76VMBnuc0
|
||||
2CMoD9pb38GjUUH94D4hJK4Ls/gJMF3ftKUyR8Sr/LjE6qU6Yj+ZpeEQP4kW9ANq
|
||||
Lv9KSNDQQpRTL4LwGLTGomksLTQEekge7/q4J2TQRZNYJ/mxnrBKRcv9EAMgBMXq
|
||||
Q+7GHtKDv9tJVlMfG/MRD3CMuuSRiT3OVbvMMkFzsPkqxYAP1CqE/JGvh67TzKI+
|
||||
MUfXKehA6TKuxrTVqCtoFIfGaqA9IWyoRTtugYq/xssB9ESeEYGeaM1A9Yueqz+h
|
||||
KkBZO00jHSE=
|
||||
-----END CERTIFICATE-----
|
||||
'';
|
||||
"letsencrypt.org".key = builtins.toFile "letsencrypt.org.key" ''
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIJKgIBAAKCAgEA9dpdPEyzD3/BBds7tA/51s+WmLFyWuFrq4yMd2R+vi5gvK7n
|
||||
lLNVKhYgiTmK2Um+UEpGucJqZHcTSZA1Bz4S/8ND/AI9I6EmwvBinY5/PubxEALk
|
||||
9YiDA+IzH8ZGFM8wXg7fMbbJAsyv+SHAtr2jmCsggrpuD5fgzs2p+F2q0+oVoeFw
|
||||
MAOUdAf2jNtNLEj2Q6MiR5Xq+wFOcRtXlNlXWIX3NrmubO/xOpDNpsyjyYC5Ld+W
|
||||
06MS5bTHSdv56AkUg2PugMChj15TOddEJIK8zPXFTlMYye9SKwjhNUZovfe4xXCa
|
||||
Tj2nmzrcuMKLz+S3sKQeTWjiRcY3w4zTlAbhtGXDjXjhMObrHoWM8e3cTL4NJMvt
|
||||
tNStXficxbeTbIiYu+7dtF0q+iWaZqexc6PdAaIpFZ0XSw+i5iLdQZmBwzY7NLlH
|
||||
pQupfh6ze0qDUVZAMDubo4JKUTBzH6QTuhHx+uUm7Lc8YdNArn7o/vMZDQym1Eia
|
||||
xKxZuCGaqFvq8ZK4nBVsHfcXbhF/XD2HMid3t7ImbREVu9qnc+En+acU/SJaaL3r
|
||||
jMW6HLVMr6+vQrCzYkvLzKYpoUm9D1Kcn6d8Ofxl2iCaY9CkMr5/6J1p1wcTdcN7
|
||||
IVQ/DFBeTDauyWbyZkO/lPoZoakWyXOx9S9tgClzhFmNgRkZv9wN+QguNDcCAwEA
|
||||
AQKCAgEA0ndlacGfaJ1NeN39dmBW2XZMzdrassJXkjx34528gsLhPaXdyobbWXQn
|
||||
1lHUc7+VlNaBRXUR73+gm1FAlDqnuRxIjuy7ukyzCh8PzSG3/PlnVPWlXCzJPAHh
|
||||
EkqCpD3agirpF34LBsKDwxsKB2bBLft9kWxX3DGA2olmAKDvJQs4CaUcjX4DEHHg
|
||||
tyTmJAsyByUYq3/D8a1koZ9ukpadF8NXpxm+ILQoJqLf6vM1I8N2w7atP/BStSLV
|
||||
mH0gq2tajEB4ZPCDXmC5jsKiKz9gsXWUu0CX8AdYqE6pvRnRgQ8Ytq1265QMb+8s
|
||||
FV82oXqDZkyZRFuNmX3fLyDX39kkTcVS37S56Gzk4EzDWE/u2RXCAPeWla2zUFYI
|
||||
hg8X4ZAwbZRODtK2cZTuCZEILM/iKmtSgHC+aQhp18EUAefa7WGrRD4AvbTxH4VF
|
||||
ek60bwISBk5Mhf39MwqIiQxGOFmfLsQReZvzH4jI5zfDXf/0yZ/1SdGeu6+Walt0
|
||||
V81Ua/DB6zshHpeSP74HMuJHZ4DOQfcV/ndyzvoP84pAjenSx6O034OwQTkpoMI/
|
||||
f/2rK8kdzYSL4f//kFMuRLqmAwOmAFYB2oMo0/YaIoQ4vgTHDKTSxj5mbno56GdT
|
||||
huMAVMKskaCSVbyMB/xyQG7senLItVv+HafVk6ChMUbkIjv9zgECggEBAP+ux1RG
|
||||
cETGjK2U3CRoHGxR7FwaX6hkSokG+aFdVLer+WUrZmR8Ccvh2ALpm8K1G6TTk/5X
|
||||
ZeVX4+1VFYDeTHMN8g20usS5mw3v2GF3fGxGLe4q56l4/4kKMZOrSBuWH4niiIKD
|
||||
0QogdzWkpQJ93nMbZxZ5lk+lRZVf3qSm6nzyP468ndrfI57Ov5OUIWZ7KhTUH9IK
|
||||
8/urUk+lEvyzQmNTlt5ZZXRz7cR01K8chx1zevVAyynzSuGjTysaBN7LTT0v3yVu
|
||||
96yKNsxJvuIz2+4qSjhbnN4jH+feN0VsdF3+Qkru0lBmLVgJl4X67XFaAKMDU9yv
|
||||
3alS53Pkol+Dy1cCggEBAPYodofHC1ydoOmCvUAq4oJNtyI4iIOY/ch3sxVhkNyi
|
||||
KBscQqbay/DiXFiNl+NsemzB1PrHzvCaqKcBKw537XzeKqUgYuVLkFGubf9bDhXi
|
||||
wSRcYbU/oNTgiTgXPW8wH60uIoLaiNi1/YjO2zh4GEY/kFqSuD54Y91iFmcC75bv
|
||||
OjCNugnRdpRjOFhaeNx75tdverR37w3APVZuBSv3bJlMPCtaf+fEAKxJxeqCs3Oq
|
||||
rtsw2TQ4TqfE8/w9qPCVv3bQbMbO48SwjxAz47qH2h3qGu3Ov8badeARe+Ou7nuI
|
||||
U13gPuPOhPXIQP/MYOyamPJdFyng1b8vyNsfjOcWMiECggEAEkMgl6NkV3U7DRbp
|
||||
1mvdQ9tiH33+wR9Qt5LY966b43aUHKbJ7Hlzla1u6V5YMsMO02oNUwhZDdWGQShn
|
||||
ncnC+iDP3iy/flenfIpaETQgnfcxRqan31H2Joqk2eBNCTNi001r5K6XmrqQ6TL2
|
||||
WkQ1RFF7vn42vz+VxcKQO4B0lTIUWhSczcpMWAZ6ZocZD6HScqRoFW+U16/39Bpd
|
||||
TdFb944742vNNFEndXXGzy8hc3gRGz1ihX+MJKuuduyn1mX9AVbPAHR5mkhQ+6x0
|
||||
xuFfXxaEMJxSiwdFOyGDHyFM+n2zrHh8ayOxL22X9gjjNspv6zTMo6GoGnUCdSOq
|
||||
eVoHhwKCAQEAot5O3rOB/vuEljwcv7IgQJrvCsNg/8FgWR1p7kGpuXHJG3btWrz1
|
||||
pyH+e9DjqGQD9KWjJ3LAp02NPUJ2nJIZHj9Y8/yjspb2nDTPLt+uSCjKJibBt0ys
|
||||
O219HRGzYjfzHYCi8PVrCggQAk7rmUdMuF4iQutE4ICDgtz9eZbls3YBiFKdvxVK
|
||||
Yg/sHflucmPAbtah13prPyvs6ZzN6zNANYXNYdn1OwHieBwvyWRFG8jY/MorTHPd
|
||||
BwA3drPNbbGHBzQMZNZKub8gSVYr3SU52gUlYCclmIq+50xqLlF2FWIz1q8irVPd
|
||||
gUnIR/eQQbxgaivRwbGze1ZAjUsozVVQQQKCAQEA9uAKU3O06bEUGj+L0G+7R7r/
|
||||
bi2DNi2kLJ7jyq+n0OqcHEQ1zFK4LAPaXY0yMYXieUzhivMGLSNDiubGO2/KxkFF
|
||||
REXUFgYWZYMwrKsUuscybB64cQDwzD0oXrhvEa2PHecdG6AZ63iLcHaaDzyCPID/
|
||||
wtljekLO2jbJ5esXZd016lykFfUd/K4KP1DGyI2Dkq6q0gTc/Y36gDAcPhIWtzna
|
||||
UujYCe3a8DWCElH4geKXaB5ABbV1eJ8Lch599lXJ9Hszem6QNosFsPaHDCcqLS9H
|
||||
yy2WA6CY2LVU7kONN+O0kxs2fVbxIkI+d/LZyX/yIGlkXcAzL07llIlrTAYebQ==
|
||||
-----END RSA PRIVATE KEY-----
|
||||
'';
|
||||
"letsencrypt.org".cert = builtins.toFile "letsencrypt.org.cert" ''
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIEpzCCAo8CAgKaMA0GCSqGSIb3DQEBCwUAMBYxFDASBgNVBAMMC1NuYWtlb2ls
|
||||
IENBMCAXDTE5MTAxODA3NTQxNVoYDzIxMTkwOTI0MDc1NDE1WjAaMRgwFgYDVQQD
|
||||
DA9sZXRzZW5jcnlwdC5vcmcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC
|
||||
AQD12l08TLMPf8EF2zu0D/nWz5aYsXJa4WurjIx3ZH6+LmC8rueUs1UqFiCJOYrZ
|
||||
Sb5QSka5wmpkdxNJkDUHPhL/w0P8Aj0joSbC8GKdjn8+5vEQAuT1iIMD4jMfxkYU
|
||||
zzBeDt8xtskCzK/5IcC2vaOYKyCCum4Pl+DOzan4XarT6hWh4XAwA5R0B/aM200s
|
||||
SPZDoyJHler7AU5xG1eU2VdYhfc2ua5s7/E6kM2mzKPJgLkt35bToxLltMdJ2/no
|
||||
CRSDY+6AwKGPXlM510QkgrzM9cVOUxjJ71IrCOE1Rmi997jFcJpOPaebOty4wovP
|
||||
5LewpB5NaOJFxjfDjNOUBuG0ZcONeOEw5usehYzx7dxMvg0ky+201K1d+JzFt5Ns
|
||||
iJi77t20XSr6JZpmp7Fzo90BoikVnRdLD6LmIt1BmYHDNjs0uUelC6l+HrN7SoNR
|
||||
VkAwO5ujgkpRMHMfpBO6EfH65Sbstzxh00Cufuj+8xkNDKbUSJrErFm4IZqoW+rx
|
||||
kricFWwd9xduEX9cPYcyJ3e3siZtERW72qdz4Sf5pxT9IlpoveuMxboctUyvr69C
|
||||
sLNiS8vMpimhSb0PUpyfp3w5/GXaIJpj0KQyvn/onWnXBxN1w3shVD8MUF5MNq7J
|
||||
ZvJmQ7+U+hmhqRbJc7H1L22AKXOEWY2BGRm/3A35CC40NwIDAQABMA0GCSqGSIb3
|
||||
DQEBCwUAA4ICAQBbJwE+qc0j6JGHWe0TGjv1viJU3WuyJkMRi+ejx0p/k7Ntp5An
|
||||
2wLC7b/lVP/Nh+PKY/iXWn/BErv2MUo4POc1g8svgxsmMMh5KGGieIfGs7xT+JMH
|
||||
dzZZM+pUpIB5fEO5JfjiOEOKDdAvRSs0mTAVYZEokGkXSNWyylvEaA16mHtMgPjo
|
||||
Lm75d0O66RfJDdd/hTl8umGpF7kEGW1qYk2QmuPr7AqOa8na7olL5fMPh6Q7yRqx
|
||||
GIS9JKQ0fWl8Ngk09WfwUN/kEMcp9Jl5iunNRkbpUJIM/lHFkSA7yOFFL+dVWzd4
|
||||
2r+ddJXTFzW8Rwt65l8SV2MEhijEamKva3mqKLIRWxDsfFVT1T04LWFtnzMW4Z29
|
||||
UHF9Pi7XSyKz0Y/Lz31mNTkjJYbOvbnwok8lc3wFWHc+lummZk8IkCq8xfqzwmwX
|
||||
Ow6EV+Q6VaQpOHumQZ12pBBLtL8DyDhWaRUgVy2vYpwYsMYa5BFMcKCynjlSewo9
|
||||
G2hNoW45cQZP1qHltRR9Xad7SaP7iTETDCiR7AWOqSpDipSh9eMfVW97ZbSfz+vl
|
||||
xl8PZEZMTRIIRVXsPP+E8gtDUhUQp2+Vcz8r6q71qslXM09xl/501uaNjCc3hH2R
|
||||
iw2N77Lho1F3FrBbHdML3RYHZI55eC9iQw6R4S+R4b+iWLJoHzHrW61itg==
|
||||
-----END CERTIFICATE-----
|
||||
'';
|
||||
}
|
@ -18,7 +18,7 @@
|
||||
defining this option needs to be explicitly imported.
|
||||
|
||||
The reason this option exists is for the
|
||||
<filename>nixos/tests/common/letsencrypt</filename> module, which
|
||||
<filename>nixos/tests/common/acme/server</filename> module, which
|
||||
needs that option to disable the resolver once the user has set its own
|
||||
resolver.
|
||||
'';
|
||||
|
42
nixos/tests/containers-custom-pkgs.nix
Normal file
42
nixos/tests/containers-custom-pkgs.nix
Normal file
@ -0,0 +1,42 @@
|
||||
# Test for NixOS' container support.
|
||||
|
||||
import ./make-test-python.nix ({ pkgs, lib, ...} : let
|
||||
|
||||
customPkgs = pkgs // {
|
||||
hello = pkgs.hello.overrideAttrs(old: {
|
||||
name = "custom-hello";
|
||||
});
|
||||
};
|
||||
|
||||
in {
|
||||
name = "containers-hosts";
|
||||
meta = with lib.maintainers; {
|
||||
maintainers = [ adisbladis ];
|
||||
};
|
||||
|
||||
machine =
|
||||
{ ... }:
|
||||
{
|
||||
virtualisation.memorySize = 256;
|
||||
virtualisation.vlans = [];
|
||||
|
||||
containers.simple = {
|
||||
autoStart = true;
|
||||
pkgs = customPkgs;
|
||||
config = {pkgs, config, ... }: {
|
||||
environment.systemPackages = [
|
||||
pkgs.hello
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
start_all()
|
||||
machine.wait_for_unit("default.target")
|
||||
machine.succeed(
|
||||
"test $(nixos-container run simple -- readlink -f /run/current-system/sw/bin/hello) = ${customPkgs.hello}/bin/hello"
|
||||
)
|
||||
'';
|
||||
})
|
@ -1,29 +1,74 @@
|
||||
import ./make-test-python.nix ({ lib, ... }:
|
||||
import ./make-test-python.nix ({ pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
{
|
||||
name = "dokuwiki";
|
||||
meta.maintainers = with maintainers; [ maintainers."1000101" ];
|
||||
|
||||
nodes.machine =
|
||||
{ pkgs, ... }:
|
||||
{ services.dokuwiki = {
|
||||
enable = true;
|
||||
acl = " ";
|
||||
superUser = null;
|
||||
nginx = {
|
||||
forceSSL = false;
|
||||
enableACME = false;
|
||||
};
|
||||
};
|
||||
let
|
||||
template-bootstrap3 = pkgs.stdenv.mkDerivation {
|
||||
name = "bootstrap3";
|
||||
# Download the theme from the dokuwiki site
|
||||
src = pkgs.fetchurl {
|
||||
url = https://github.com/giterlizzi/dokuwiki-template-bootstrap3/archive/v2019-05-22.zip;
|
||||
sha256 = "4de5ff31d54dd61bbccaf092c9e74c1af3a4c53e07aa59f60457a8f00cfb23a6";
|
||||
};
|
||||
# We need unzip to build this package
|
||||
buildInputs = [ pkgs.unzip ];
|
||||
# Installing simply means copying all files to the output directory
|
||||
installPhase = "mkdir -p $out; cp -R * $out/";
|
||||
};
|
||||
|
||||
|
||||
# Let's package the icalevents plugin
|
||||
plugin-icalevents = pkgs.stdenv.mkDerivation {
|
||||
name = "icalevents";
|
||||
# Download the plugin from the dokuwiki site
|
||||
src = pkgs.fetchurl {
|
||||
url = https://github.com/real-or-random/dokuwiki-plugin-icalevents/releases/download/2017-06-16/dokuwiki-plugin-icalevents-2017-06-16.zip;
|
||||
sha256 = "e40ed7dd6bbe7fe3363bbbecb4de481d5e42385b5a0f62f6a6ce6bf3a1f9dfa8";
|
||||
};
|
||||
# We need unzip to build this package
|
||||
buildInputs = [ pkgs.unzip ];
|
||||
sourceRoot = ".";
|
||||
# Installing simply means copying all files to the output directory
|
||||
installPhase = "mkdir -p $out; cp -R * $out/";
|
||||
};
|
||||
|
||||
in {
|
||||
name = "dokuwiki";
|
||||
meta.maintainers = with pkgs.lib.maintainers; [ "1000101" ];
|
||||
|
||||
machine = { ... }: {
|
||||
services.dokuwiki."site1.local" = {
|
||||
aclUse = false;
|
||||
superUser = "admin";
|
||||
nginx = {
|
||||
forceSSL = false;
|
||||
enableACME = false;
|
||||
};
|
||||
};
|
||||
services.dokuwiki."site2.local" = {
|
||||
aclUse = true;
|
||||
superUser = "admin";
|
||||
nginx = {
|
||||
forceSSL = false;
|
||||
enableACME = false;
|
||||
};
|
||||
templates = [ template-bootstrap3 ];
|
||||
plugins = [ plugin-icalevents ];
|
||||
};
|
||||
networking.hosts."127.0.0.1" = [ "site1.local" "site2.local" ];
|
||||
};
|
||||
|
||||
testScript = ''
|
||||
machine.start()
|
||||
machine.wait_for_unit("phpfpm-dokuwiki.service")
|
||||
site_names = ["site1.local", "site2.local"]
|
||||
|
||||
start_all()
|
||||
|
||||
machine.wait_for_unit("phpfpm-dokuwiki-site1.local.service")
|
||||
machine.wait_for_unit("phpfpm-dokuwiki-site2.local.service")
|
||||
|
||||
machine.wait_for_unit("nginx.service")
|
||||
|
||||
machine.wait_for_open_port(80)
|
||||
machine.succeed("curl -sSfL http://localhost/ | grep 'DokuWiki'")
|
||||
|
||||
machine.succeed("curl -sSfL http://site1.local/ | grep 'DokuWiki'")
|
||||
machine.succeed("curl -sSfL http://site2.local/ | grep 'DokuWiki'")
|
||||
'';
|
||||
})
|
||||
|
@ -1,4 +1,4 @@
|
||||
import ./make-test.nix ({ pkgs, ...} : {
|
||||
import ./make-test.nix ({ pkgs, latestKernel ? false, ... } : {
|
||||
name = "hardened";
|
||||
meta = with pkgs.stdenv.lib.maintainers; {
|
||||
maintainers = [ joachifm ];
|
||||
@ -10,6 +10,8 @@ import ./make-test.nix ({ pkgs, ...} : {
|
||||
{ users.users.alice = { isNormalUser = true; extraGroups = [ "proc" ]; };
|
||||
users.users.sybil = { isNormalUser = true; group = "wheel"; };
|
||||
imports = [ ../modules/profiles/hardened.nix ];
|
||||
boot.kernelPackages =
|
||||
lib.mkIf latestKernel pkgs.linuxPackages_latest_hardened;
|
||||
environment.memoryAllocator.provider = "graphene-hardened";
|
||||
nix.useSandbox = false;
|
||||
virtualisation.emptyDiskImages = [ 4096 ];
|
||||
@ -23,7 +25,9 @@ import ./make-test.nix ({ pkgs, ...} : {
|
||||
options = [ "noauto" ];
|
||||
};
|
||||
};
|
||||
boot.extraModulePackages = [ config.boot.kernelPackages.wireguard ];
|
||||
boot.extraModulePackages =
|
||||
optional (versionOlder config.boot.kernelPackages.kernel.version "5.6")
|
||||
config.boot.kernelPackages.wireguard;
|
||||
boot.kernelModules = [ "wireguard" ];
|
||||
};
|
||||
|
||||
@ -76,7 +80,8 @@ import ./make-test.nix ({ pkgs, ...} : {
|
||||
|
||||
# Test userns
|
||||
subtest "userns", sub {
|
||||
$machine->fail("unshare --user");
|
||||
$machine->succeed("unshare --user true");
|
||||
$machine->fail("su -l alice -c 'unshare --user true'");
|
||||
};
|
||||
|
||||
# Test dmesg restriction
|
||||
|
@ -91,6 +91,7 @@ in
|
||||
ibus = callInstalledTest ./ibus.nix {};
|
||||
libgdata = callInstalledTest ./libgdata.nix {};
|
||||
glib-testing = callInstalledTest ./glib-testing.nix {};
|
||||
libjcat = callInstalledTest ./libjcat.nix {};
|
||||
libxmlb = callInstalledTest ./libxmlb.nix {};
|
||||
malcontent = callInstalledTest ./malcontent.nix {};
|
||||
ostree = callInstalledTest ./ostree.nix {};
|
||||
|
5
nixos/tests/installed-tests/libjcat.nix
Normal file
5
nixos/tests/installed-tests/libjcat.nix
Normal file
@ -0,0 +1,5 @@
|
||||
{ pkgs, makeInstalledTest, ... }:
|
||||
|
||||
makeInstalledTest {
|
||||
tested = pkgs.libjcat;
|
||||
}
|
29
nixos/tests/tuptime.nix
Normal file
29
nixos/tests/tuptime.nix
Normal file
@ -0,0 +1,29 @@
|
||||
import ./make-test-python.nix ({ pkgs, ...} : {
|
||||
name = "tuptime";
|
||||
meta = with pkgs.stdenv.lib.maintainers; {
|
||||
maintainers = [ evils ];
|
||||
};
|
||||
|
||||
machine = { pkgs, ... }: {
|
||||
imports = [ ../modules/profiles/minimal.nix ];
|
||||
services.tuptime.enable = true;
|
||||
};
|
||||
|
||||
testScript =
|
||||
''
|
||||
# see if it starts
|
||||
start_all()
|
||||
machine.wait_for_unit("multi-user.target")
|
||||
machine.succeed("tuptime | grep 'System startups:[[:blank:]]*1'")
|
||||
machine.succeed("tuptime | grep 'System uptime:[[:blank:]]*100.0%'")
|
||||
machine.shutdown()
|
||||
|
||||
# restart machine and see if it correctly reports the reboot
|
||||
machine.start()
|
||||
machine.wait_for_unit("multi-user.target")
|
||||
machine.succeed("tuptime | grep 'System startups:[[:blank:]]*2'")
|
||||
machine.succeed("tuptime | grep 'System shutdowns:[[:blank:]]*1 ok'")
|
||||
machine.shutdown()
|
||||
'';
|
||||
})
|
||||
|
@ -19,7 +19,7 @@
|
||||
|
||||
rustPlatform.buildRustPackage rec {
|
||||
pname = "contrast";
|
||||
version = "0.0.2";
|
||||
version = "0.0.3";
|
||||
|
||||
src = fetchFromGitLab {
|
||||
domain = "gitlab.gnome.org";
|
||||
@ -27,10 +27,10 @@ rustPlatform.buildRustPackage rec {
|
||||
owner = "design";
|
||||
repo = "contrast";
|
||||
rev = version;
|
||||
sha256 = "0rm705zrk9rfv31pwbqxrswi5v6vhnghxa8dgxjmcrh00l8dm6j9";
|
||||
sha256 = "0kk3mv7a6y258109xvgicmsi0lw0rcs00gfyivl5hdz7qh47iccy";
|
||||
};
|
||||
|
||||
cargoSha256 = "0qj0vmxa1d6war1vb3zgkf1drvk7awm970fw6692hd9msa9c1kkf";
|
||||
cargoSha256 = "0vi8nv4hkhsgqgz36xacwkk5cxirg6li44nbmk3x7vx7c64hzybq";
|
||||
|
||||
nativeBuildInputs = [
|
||||
desktop-file-utils
|
||||
|
@ -11,13 +11,13 @@ stdenv.mkDerivation {
|
||||
};
|
||||
|
||||
buildInputs = [ libpulseaudio ];
|
||||
|
||||
configureFlagsArray =
|
||||
|
||||
configureFlags =
|
||||
[ "--without-test" "--without-contrib" "--disable-devdsp"
|
||||
"--enable-pulse" "--disable-alsa" "--disable-midi"
|
||||
"--disable-nas" "--disable-dsound" "--disable-i18n" ];
|
||||
|
||||
makeFlagsArray = [ "tests=" ];
|
||||
makeFlags = [ "tests=" ];
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "gameboy sound player";
|
||||
|
34
pkgs/applications/audio/hydrogen/unstable.nix
Normal file
34
pkgs/applications/audio/hydrogen/unstable.nix
Normal file
@ -0,0 +1,34 @@
|
||||
{ stdenv, fetchFromGitHub, cmake, pkgconfig, wrapQtAppsHook
|
||||
, alsaLib, ladspa-sdk, lash, libarchive, libjack2, liblo, libpulseaudio, libsndfile, lrdf
|
||||
, qtbase, qttools, qtxmlpatterns
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "hydrogen";
|
||||
version = "1.0.0-beta2";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "hydrogen-music";
|
||||
repo = pname;
|
||||
rev = version;
|
||||
sha256 = "1s3jrdyjpm92flw9mkkxchnj0wz8nn1y1kifii8ws252iiqjya4a";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake pkgconfig wrapQtAppsHook ];
|
||||
buildInputs = [
|
||||
alsaLib ladspa-sdk lash libarchive libjack2 liblo libpulseaudio libsndfile lrdf
|
||||
qtbase qttools qtxmlpatterns
|
||||
];
|
||||
|
||||
cmakeFlags = [
|
||||
"-DWANT_DEBUG=OFF"
|
||||
];
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "Advanced drum machine";
|
||||
homepage = "http://www.hydrogen-music.org";
|
||||
license = licenses.gpl2;
|
||||
platforms = platforms.linux;
|
||||
maintainers = with maintainers; [ goibhniu orivej ];
|
||||
};
|
||||
}
|
@ -23,7 +23,7 @@
|
||||
|
||||
python3.pkgs.buildPythonApplication rec {
|
||||
pname = "lollypop";
|
||||
version = "1.2.32";
|
||||
version = "1.2.35";
|
||||
|
||||
format = "other";
|
||||
doCheck = false;
|
||||
@ -32,7 +32,7 @@ python3.pkgs.buildPythonApplication rec {
|
||||
url = "https://gitlab.gnome.org/World/lollypop";
|
||||
rev = "refs/tags/${version}";
|
||||
fetchSubmodules = true;
|
||||
sha256 = "03x6qihd349pq5lmgahb77sys60g16v5v6qkdlzf8k88451k8p7n";
|
||||
sha256 = "19nw9qh17yyi9ih1nwngbbwjx1vr26haqhmzsdqf0yjgsgf9vldx";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
@ -5,13 +5,13 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "lsp-plugins";
|
||||
version = "1.1.15";
|
||||
version = "1.1.19";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "sadko4u";
|
||||
repo = pname;
|
||||
rev = "${pname}-${version}";
|
||||
sha256 = "0lynyjs5zp27gnzcv8a23pvb7c1ghzc2dspypca3ciq40bfpfzik";
|
||||
sha256 = "1wiph3vxhydc6mr9hn2c6crd4cx592l2zv0wrzgmpnlm1lflzpbg";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ pkgconfig php makeWrapper ];
|
||||
|
@ -33,7 +33,7 @@ mkDerivation rec {
|
||||
description = "Music notation and composition software";
|
||||
homepage = "https://musescore.org/";
|
||||
license = licenses.gpl2;
|
||||
maintainers = with maintainers; [ vandenoever ];
|
||||
maintainers = with maintainers; [ vandenoever turion ];
|
||||
platforms = platforms.linux;
|
||||
repositories.git = "https://github.com/musescore/MuseScore";
|
||||
};
|
||||
|
@ -41,7 +41,7 @@ mkDerivation rec {
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "A soundfont editor for creating musical instruments";
|
||||
homepage = https://www.polyphone-soundfonts.com/;
|
||||
homepage = "https://www.polyphone-soundfonts.com/";
|
||||
license = licenses.gpl3;
|
||||
maintainers = [ maintainers.maxdamantus ];
|
||||
platforms = platforms.linux;
|
||||
|
@ -2,6 +2,9 @@
|
||||
, withALSA ? true, alsaLib ? null
|
||||
, withPulseAudio ? false, libpulseaudio ? null
|
||||
, withPortAudio ? false, portaudio ? null
|
||||
, withMpris ? false
|
||||
, withKeyring ? false
|
||||
, dbus ? null
|
||||
}:
|
||||
|
||||
rustPlatform.buildRustPackage rec {
|
||||
@ -20,7 +23,7 @@ rustPlatform.buildRustPackage rec {
|
||||
cargoBuildFlags = [
|
||||
"--no-default-features"
|
||||
"--features"
|
||||
"${stdenv.lib.optionalString withALSA "alsa_backend,"}${stdenv.lib.optionalString withPulseAudio "pulseaudio_backend,"}${stdenv.lib.optionalString withPortAudio "portaudio_backend,"}"
|
||||
"${stdenv.lib.optionalString withALSA "alsa_backend,"}${stdenv.lib.optionalString withPulseAudio "pulseaudio_backend,"}${stdenv.lib.optionalString withPortAudio "portaudio_backend,"}${stdenv.lib.optionalString withMpris "dbus_mpris,"}${stdenv.lib.optionalString withKeyring "dbus_keyring,"}"
|
||||
];
|
||||
|
||||
nativeBuildInputs = [ pkgconfig ];
|
||||
@ -28,7 +31,8 @@ rustPlatform.buildRustPackage rec {
|
||||
buildInputs = [ openssl ]
|
||||
++ stdenv.lib.optional withALSA alsaLib
|
||||
++ stdenv.lib.optional withPulseAudio libpulseaudio
|
||||
++ stdenv.lib.optional withPortAudio portaudio;
|
||||
++ stdenv.lib.optional withPortAudio portaudio
|
||||
++ stdenv.lib.optional (withMpris || withKeyring) dbus;
|
||||
|
||||
doCheck = false;
|
||||
|
||||
|
@ -2,18 +2,19 @@
|
||||
|
||||
buildGoModule rec {
|
||||
pname = "go-ethereum";
|
||||
version = "1.9.12";
|
||||
version = "1.9.13";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "ethereum";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "143imiphyzk3009cfnqj7q013pb1wva13zq63byfj3d204b58cg6";
|
||||
sha256 = "1yqqflp73yvjy6bp05xd1nv5fc6p1nx7g4spbssxf3ws96pdh425";
|
||||
};
|
||||
|
||||
modSha256 = "15a8if5gx361nrqgv201jy8saq1ir1g18rpqzdmavg4ic75si5x1";
|
||||
modSha256 = "07xrw3fivfpbkg4mp8ghrj1bishfas82dbd780fymgs2h74iigf3";
|
||||
|
||||
subPackages = [
|
||||
"cmd/abidump"
|
||||
"cmd/abigen"
|
||||
"cmd/bootnode"
|
||||
"cmd/checkpoint-admin"
|
||||
|
@ -8,9 +8,9 @@ let
|
||||
inherit (gnome2) GConf gnome_vfs;
|
||||
};
|
||||
stableVersion = {
|
||||
version = "3.6.2.0"; # "Android Studio 3.6.2"
|
||||
build = "192.6308749";
|
||||
sha256Hash = "04r4iwlmns1lf3wfd32cqmndbdz9rf7hfbi5r6qmvpi8j83fghvr";
|
||||
version = "3.6.3.0"; # "Android Studio 3.6.3"
|
||||
build = "192.6392135";
|
||||
sha256Hash = "0apxmp341m7mbpm2df3qvsbaifwy6yqq746kbhbwlw8bn9hrzv1k";
|
||||
};
|
||||
betaVersion = {
|
||||
version = "4.0.0.13"; # "Android Studio 4.0 Beta 4"
|
||||
@ -18,9 +18,9 @@ let
|
||||
sha256Hash = "0lchi3l50826n1af1z24yclpf27v2q5p1zjbvcmn37wz46d4s4g2";
|
||||
};
|
||||
latestVersion = { # canary & dev
|
||||
version = "4.1.0.5"; # "Android Studio 4.1 Canary 5"
|
||||
build = "193.6362631";
|
||||
sha256Hash = "1q9wbqnwpq0mz8rz4c0v7mfaazymq6xv20dv4fll6p2q63qk71qp";
|
||||
version = "4.1.0.6"; # "Android Studio 4.1 Canary 6"
|
||||
build = "193.6381907";
|
||||
sha256Hash = "0sa5plr96m90wv5hi9bqwa11j6k8k9wa0ji8qmlimdhnpyzhsdrx";
|
||||
};
|
||||
in {
|
||||
# Attributes are named by their corresponding release channels
|
||||
|
@ -1,4 +1,4 @@
|
||||
{ stdenv, lib, fetchurl, ncurses, xlibsWrapper, libXaw, libXpm
|
||||
{ stdenv, lib, fetchurl, fetchpatch, ncurses, xlibsWrapper, libXaw, libXpm
|
||||
, Xaw3d, libXcursor, pkgconfig, gettext, libXft, dbus, libpng, libjpeg, libungif
|
||||
, libtiff, librsvg, gconf, libxml2, imagemagick, gnutls, libselinux
|
||||
, alsaLib, cairo, acl, gpm, AppKit, GSS, ImageIO, m17n_lib, libotf
|
||||
@ -44,6 +44,11 @@ stdenv.mkDerivation rec {
|
||||
patches = [
|
||||
./clean-env.patch
|
||||
./tramp-detect-wrapped-gvfsd.patch
|
||||
# unbreak macOS unexec
|
||||
(fetchpatch {
|
||||
url = https://github.com/emacs-mirror/emacs/commit/888ffd960c06d56a409a7ff15b1d930d25c56089.patch;
|
||||
sha256 = "08q3ygdigqwky70r47rcgzlkc5jy82xiq8am5kwwy891wlpl7frw";
|
||||
})
|
||||
];
|
||||
|
||||
postPatch = lib.optionalString srcRepo ''
|
||||
|
@ -2,7 +2,7 @@
|
||||
|
||||
buildGoPackage rec {
|
||||
pname = "micro";
|
||||
version = "1.4.1";
|
||||
version = "2.0.3";
|
||||
|
||||
goPackagePath = "github.com/zyedidia/micro";
|
||||
|
||||
@ -10,13 +10,15 @@ buildGoPackage rec {
|
||||
owner = "zyedidia";
|
||||
repo = "micro";
|
||||
rev = "v${version}";
|
||||
sha256 = "0m9p6smb5grdazsgr3m1x4rry9ihhlgl9ildhvfp53czrifbx0m5";
|
||||
sha256 = "017m9kb3gfrgzd06f1nma1i3m5rb0hzpgdikb86lsyv8ik18y12z";
|
||||
fetchSubmodules = true;
|
||||
};
|
||||
|
||||
subPackages = [ "cmd/micro" ];
|
||||
|
||||
buildFlagsArray = [ "-ldflags=" "-X main.Version=${version}" ];
|
||||
buildFlagsArray = [ "-ldflags=" "-X ${goPackagePath}/internal/util.Version=${version}" ];
|
||||
|
||||
goDeps = ./deps.nix;
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
homepage = "https://micro-editor.github.io";
|
||||
|
336
pkgs/applications/editors/micro/deps.nix
generated
Normal file
336
pkgs/applications/editors/micro/deps.nix
generated
Normal file
@ -0,0 +1,336 @@
|
||||
# file generated from go.mod using vgo2nix (https://github.com/adisbladis/vgo2nix)
|
||||
[
|
||||
{
|
||||
goPackagePath = "github.com/blang/semver";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/blang/semver";
|
||||
rev = "v3.5.1";
|
||||
sha256 = "13ws259bwcibkclbr82ilhk6zadm63kxklxhk12wayklj8ghhsmy";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/chzyer/logex";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/chzyer/logex";
|
||||
rev = "v1.1.10";
|
||||
sha256 = "08pbjj3wx9acavlwyr055isa8a5hnmllgdv5k6ra60l5y1brmlq4";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/chzyer/readline";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/chzyer/readline";
|
||||
rev = "2972be24d48e";
|
||||
sha256 = "104q8dazj8yf6b089jjr82fy9h1g80zyyzvp3g8b44a7d8ngjj6r";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/chzyer/test";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/chzyer/test";
|
||||
rev = "a1ea475d72b1";
|
||||
sha256 = "0rns2aqk22i9xsgyap0pq8wi4cfaxsri4d9q6xxhhyma8jjsnj2k";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/davecgh/go-spew";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/davecgh/go-spew";
|
||||
rev = "v1.1.1";
|
||||
sha256 = "0hka6hmyvp701adzag2g26cxdj47g21x6jz4sc6jjz1mn59d474y";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/dustin/go-humanize";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/dustin/go-humanize";
|
||||
rev = "v1.0.0";
|
||||
sha256 = "1kqf1kavdyvjk7f8kx62pnm7fbypn9z1vbf8v2qdh3y7z7a0cbl3";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/gdamore/encoding";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/gdamore/encoding";
|
||||
rev = "v1.0.0";
|
||||
sha256 = "1vmm5zll92i2fm4ajqx0gyx0p9j36496x5nabi3y0x7h0inv0pk9";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/go-errors/errors";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/go-errors/errors";
|
||||
rev = "v1.0.1";
|
||||
sha256 = "0rznpknk19rxkr7li6dqs52c26pjazp69lh493l4ny4sxn5922lp";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/kballard/go-shellquote";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/kballard/go-shellquote";
|
||||
rev = "95032a82bc51";
|
||||
sha256 = "1rspvmnsikdq95jmx3dykxd4k1rmgl98ryjrysvl0cf18hl1vq80";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/kr/pretty";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/kr/pretty";
|
||||
rev = "v0.1.0";
|
||||
sha256 = "18m4pwg2abd0j9cn5v3k2ksk9ig4vlwxmlw9rrglanziv9l967qp";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/kr/pty";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/kr/pty";
|
||||
rev = "v1.1.1";
|
||||
sha256 = "0383f0mb9kqjvncqrfpidsf8y6ns5zlrc91c6a74xpyxjwvzl2y6";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/kr/text";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/kr/text";
|
||||
rev = "v0.1.0";
|
||||
sha256 = "1gm5bsl01apvc84bw06hasawyqm4q84vx1pm32wr9jnd7a8vjgj1";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/lucasb-eyer/go-colorful";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/lucasb-eyer/go-colorful";
|
||||
rev = "v1.0.3";
|
||||
sha256 = "12bgz6dxbb2ki1g3x7fg9ipsjgfkd58fp7cdpv63h4kvlj2n7j69";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/mattn/go-isatty";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/mattn/go-isatty";
|
||||
rev = "v0.0.11";
|
||||
sha256 = "0h671sv7hfprja495kavazkalkx7xzaqksjh13brcnwq67ijrali";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/mattn/go-runewidth";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/mattn/go-runewidth";
|
||||
rev = "v0.0.7";
|
||||
sha256 = "1snr8mk63vz2h44knq26dm81p83887v7kb09iywqmx0nqzngih66";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/mitchellh/go-homedir";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/mitchellh/go-homedir";
|
||||
rev = "v1.1.0";
|
||||
sha256 = "0ydzkipf28hwj2bfxqmwlww47khyk6d152xax4bnyh60f4lq3nx1";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/pmezard/go-difflib";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/pmezard/go-difflib";
|
||||
rev = "v1.0.0";
|
||||
sha256 = "0c1cn55m4rypmscgf0rrb88pn58j3ysvc2d0432dp3c6fqg6cnzw";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/robertkrimen/otto";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/robertkrimen/otto";
|
||||
rev = "c382bd3c16ff";
|
||||
sha256 = "043y6l647snsz71mdy84s2d3kn22aj6rbqd6c1vd8absvamqhlxa";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/sergi/go-diff";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/sergi/go-diff";
|
||||
rev = "v1.1.0";
|
||||
sha256 = "0ir8ali2vx0j7pipmlfd6k8c973akyy2nmbjrf008fm800zcp7z2";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/stretchr/objx";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/stretchr/objx";
|
||||
rev = "v0.1.0";
|
||||
sha256 = "19ynspzjdynbi85xw06mh8ad5j0qa1vryvxjgvbnyrr8rbm4vd8w";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/stretchr/testify";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/stretchr/testify";
|
||||
rev = "v1.4.0";
|
||||
sha256 = "187i5g88sxfy4vxpm7dw1gwv29pa2qaq475lxrdh5livh69wqfjb";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/yuin/gopher-lua";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/yuin/gopher-lua";
|
||||
rev = "ab39c6098bdb";
|
||||
sha256 = "13b0rrpv3988qw8rq6z7npajn1my059ybhafi5mxff9jw09k9sja";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/zyedidia/clipboard";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/zyedidia/clipboard";
|
||||
rev = "241f98e9b197";
|
||||
sha256 = "1glc8w30sijpbppcvaf3503rmx5nxqkcgw87dr2pr3q3vv1bg3zi";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/zyedidia/glob";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/zyedidia/glob";
|
||||
rev = "dd4023a66dc3";
|
||||
sha256 = "1vqw4xbqq6j8p5m7mwxvb448w69vjvgzx0ndsfzdh2cxfirwp3y7";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/zyedidia/highlight";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/zyedidia/highlight";
|
||||
rev = "201131ce5cf5";
|
||||
sha256 = "0blaynf32swmqddx2hcrifrfssj9c04kwnbdy42h3kzxihrwz4ps";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/zyedidia/json5";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/zyedidia/json5";
|
||||
rev = "2da050b1a98d";
|
||||
sha256 = "1sgydazf3npr788b4w17ydmlh3fd1zmpriv9b69967ww90ckh2kz";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/zyedidia/poller";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/zyedidia/poller";
|
||||
rev = "v1.0.1";
|
||||
sha256 = "10cjrqfk1j0l55bdbpm7kv4mqc665pngc8avai0p9chq03y2654g";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/zyedidia/pty";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/zyedidia/pty";
|
||||
rev = "v2.0.0";
|
||||
sha256 = "1n946ld8y2v2wfbwsxv8rfaicxbw3w8pk11ryc8iybmw7hkmmf79";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/zyedidia/tcell";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/zyedidia/tcell";
|
||||
rev = "v1.4.4";
|
||||
sha256 = "0d62a9csab15b64y09jcbvq71065wliw4bd5m7lfpl5k8rmrrdyi";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/zyedidia/terminal";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/zyedidia/terminal";
|
||||
rev = "533c623e2415";
|
||||
sha256 = "16l628f3zgl5yp9z5zkfy2hyl2sckw4d6mg3iqv2jjvh4i8yhrsm";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "golang.org/x/sys";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://go.googlesource.com/sys";
|
||||
rev = "33540a1f6037";
|
||||
sha256 = "0fjcv0vzvi6za0b4xmnk3932pr9f9gczzf03y0kgq3ry9rqg169y";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "golang.org/x/text";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://go.googlesource.com/text";
|
||||
rev = "v0.3.2";
|
||||
sha256 = "0flv9idw0jm5nm8lx25xqanbkqgfiym6619w575p7nrdh0riqwqh";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "golang.org/x/tools";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://go.googlesource.com/tools";
|
||||
rev = "90fa682c2a6e";
|
||||
sha256 = "03ic2xsy51jw9749wl7gszdbz99iijbd2bckgygl6cm9w5m364ak";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "gopkg.in/check.v1";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://gopkg.in/check.v1";
|
||||
rev = "41f04d3bba15";
|
||||
sha256 = "0vfk9czmlxmp6wndq8k17rhnjxal764mxfhrccza7nwlia760pjy";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "gopkg.in/sourcemap.v1";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://gopkg.in/sourcemap.v1";
|
||||
rev = "v1.0.5";
|
||||
sha256 = "08rf2dl13hbnm3fq2cm0nnsspy9fhf922ln23cz5463cv7h62as4";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "gopkg.in/yaml.v2";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://gopkg.in/yaml.v2";
|
||||
rev = "v2.2.7";
|
||||
sha256 = "0k5xcwkd3wmcx54isk7ck9cwp8fapfhyqdz3f13kxp77cxqizazj";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "layeh.com/gopher-luar";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/layeh/gopher-luar";
|
||||
rev = "v1.0.7";
|
||||
sha256 = "1rdbni3q7zajmiy62ccvbfgqjzppk5212wpwks2ba726hvyf85mj";
|
||||
};
|
||||
}
|
||||
]
|
@ -54,7 +54,7 @@ in
|
||||
homepage = "https://github.com/VSCodium/vscodium";
|
||||
downloadPage = "https://github.com/VSCodium/vscodium/releases";
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ synthetica ];
|
||||
maintainers = with maintainers; [ synthetica turion ];
|
||||
platforms = [ "x86_64-linux" "x86_64-darwin" ];
|
||||
};
|
||||
}
|
||||
|
@ -11,7 +11,7 @@ mkDerivation {
|
||||
name = "konsole";
|
||||
meta = {
|
||||
license = with lib.licenses; [ gpl2 lgpl21 fdl12 ];
|
||||
maintainers = [ lib.maintainers.ttuegel ];
|
||||
maintainers = with lib.maintainers; [ ttuegel turion ];
|
||||
};
|
||||
nativeBuildInputs = [ extra-cmake-modules kdoctools ];
|
||||
buildInputs = [
|
||||
|
@ -21,7 +21,7 @@ mkDerivation {
|
||||
meta = with lib; {
|
||||
homepage = "http://www.kde.org";
|
||||
license = with licenses; [ gpl2 lgpl21 fdl12 bsd3 ];
|
||||
maintainers = with maintainers; [ ttuegel ];
|
||||
maintainers = with maintainers; [ ttuegel turion ];
|
||||
platforms = lib.platforms.linux;
|
||||
};
|
||||
}
|
||||
|
@ -104,6 +104,12 @@ rustPlatform.buildRustPackage rec {
|
||||
'' else ''
|
||||
install -D extra/linux/Alacritty.desktop -t $out/share/applications/
|
||||
install -D extra/logo/alacritty-term.svg $out/share/icons/hicolor/scalable/apps/Alacritty.svg
|
||||
|
||||
# patchelf generates an ELF that binutils' "strip" doesn't like:
|
||||
# strip: not enough room for program headers, try linking with -N
|
||||
# As a workaround, strip manually before running patchelf.
|
||||
strip -S $out/bin/alacritty
|
||||
|
||||
patchelf --set-rpath "${lib.makeLibraryPath rpathLibs}" $out/bin/alacritty
|
||||
''
|
||||
) + ''
|
||||
|
27
pkgs/applications/misc/ausweisapp2/default.nix
Normal file
27
pkgs/applications/misc/ausweisapp2/default.nix
Normal file
@ -0,0 +1,27 @@
|
||||
{ stdenv, mkDerivation, fetchFromGitHub, cmake, pkgconfig, pcsclite, qtsvg, qttools, qtwebsockets
|
||||
, qtquickcontrols2, qtgraphicaleffects }:
|
||||
|
||||
mkDerivation rec {
|
||||
pname = "AusweisApp2";
|
||||
version = "1.20.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "Governikus";
|
||||
repo = "AusweisApp2";
|
||||
rev = "${version}";
|
||||
sha256 = "0qkwdaxhig4qjim7h20j6ln6w76ycppfc786nd8l69bd1qv46m40";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake pkgconfig ];
|
||||
|
||||
buildInputs = [ qtsvg qttools qtwebsockets qtquickcontrols2 qtgraphicaleffects pcsclite ];
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "Authentication software for the German ID card";
|
||||
downloadPage = "https://github.com/Governikus/AusweisApp2/releases";
|
||||
homepage = "https://www.ausweisapp.bund.de/ausweisapp2/";
|
||||
license = licenses.eupl12;
|
||||
maintainers = with maintainers; [ b4dm4n ];
|
||||
platforms = platforms.linux;
|
||||
};
|
||||
}
|
@ -7,29 +7,24 @@
|
||||
, qtbase
|
||||
, qttools
|
||||
, qtx11extras
|
||||
, sqlite
|
||||
}:
|
||||
|
||||
mkDerivation rec {
|
||||
pname = "birdtray";
|
||||
version = "1.7.0";
|
||||
version = "1.8.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "gyunaev";
|
||||
repo = pname;
|
||||
rev = "RELEASE_${version}";
|
||||
sha256 = "0wj2lq5bz1p0cf6yj43v3ifxschcrh5amwx30wqw2m4bb8syzjw1";
|
||||
rev = version;
|
||||
sha256 = "15d0gz889vf9b2a046m93s5kdi6lw2sqjd5gaxgjkjrs20x5vr18";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake pkgconfig ];
|
||||
buildInputs = [
|
||||
qtbase qtx11extras sqlite
|
||||
qtbase qttools qtx11extras
|
||||
];
|
||||
|
||||
installPhase = ''
|
||||
install -Dm755 birdtray $out/bin/birdtray
|
||||
'';
|
||||
|
||||
meta = with lib; {
|
||||
description = "Mail system tray notification icon for Thunderbird";
|
||||
homepage = "https://github.com/gyunaev/birdtray";
|
||||
|
@ -2,7 +2,7 @@
|
||||
|
||||
let
|
||||
pname = "joplin-desktop";
|
||||
version = "1.0.179";
|
||||
version = "1.0.200";
|
||||
desktopItem = makeDesktopItem {
|
||||
name = "Joplin";
|
||||
exec = "joplin-desktop";
|
||||
@ -13,7 +13,7 @@ in appimageTools.wrapType2 rec {
|
||||
name = "${pname}-${version}";
|
||||
src = fetchurl {
|
||||
url = "https://github.com/laurent22/joplin/releases/download/v${version}/Joplin-${version}.AppImage";
|
||||
sha256 = "0v7d5wzwiznl755pl6jfg33g6jxr1cbm9j13jpbmfi497hj8w82k";
|
||||
sha256 = "14gwv8i6dprvl96mifadq0zj77a82rww8xd5bmzm8ql6sidi2216";
|
||||
};
|
||||
|
||||
|
||||
@ -40,9 +40,9 @@ in appimageTools.wrapType2 rec {
|
||||
applications directly or from your own text editor. The notes are in
|
||||
Markdown format.
|
||||
'';
|
||||
homepage = "https://joplin.cozic.net/";
|
||||
homepage = "https://joplinapp.org";
|
||||
license = licenses.mit;
|
||||
maintainers = with maintainers; [ rafaelgg raquelgb ];
|
||||
maintainers = with maintainers; [ hugoreeves rafaelgg raquelgb ];
|
||||
platforms = [ "x86_64-linux" ];
|
||||
};
|
||||
}
|
||||
|
@ -1,4 +1,10 @@
|
||||
{ stdenv, fetchFromGitHub, cmake, makeWrapper, qttools, darwin
|
||||
{ stdenv
|
||||
, fetchFromGitHub
|
||||
, fetchpatch
|
||||
, cmake
|
||||
, makeWrapper
|
||||
, qttools
|
||||
, darwin
|
||||
|
||||
, curl
|
||||
, glibcLocales
|
||||
@ -33,13 +39,13 @@ with stdenv.lib;
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "keepassxc";
|
||||
version = "2.5.2";
|
||||
version = "2.5.4";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "keepassxreboot";
|
||||
repo = "keepassxc";
|
||||
rev = version;
|
||||
sha256 = "0z5bd17qaq7zpv96gw6qwv6rb4xx7xjq86ss6wm5zskcrraf7r7n";
|
||||
sha256 = "1xih9q1pxszalc0l29fmjxwn1vrrrrbnhc8gmi8brw5sclhbs6bh";
|
||||
};
|
||||
|
||||
NIX_CFLAGS_COMPILE = stdenv.lib.optionalString stdenv.cc.isClang [
|
||||
@ -57,6 +63,11 @@ stdenv.mkDerivation rec {
|
||||
|
||||
patches = [
|
||||
./darwin.patch
|
||||
# use wl-copy on Wayland - can be dropped with the next version update
|
||||
(fetchpatch {
|
||||
url = "https://github.com/keepassxreboot/keepassxc/commit/6128e5d58294f26411160f44da91087ebe7f4b07.patch";
|
||||
sha256 = "16q0h7kijqjdbskmk4ar6p3g8vcxr0bq1zrlq2bk16pk10nv4bh1";
|
||||
})
|
||||
];
|
||||
|
||||
cmakeFlags = [
|
||||
@ -79,7 +90,8 @@ stdenv.mkDerivation rec {
|
||||
export LC_ALL="en_US.UTF-8"
|
||||
export QT_QPA_PLATFORM=offscreen
|
||||
export QT_PLUGIN_PATH="${qtbase.bin}/${qtbase.qtPluginPrefix}"
|
||||
make test ARGS+="-E testgui --output-on-failure"
|
||||
# testcli and testgui are flaky - skip them both
|
||||
make test ARGS+="-E 'testcli|testgui' --output-on-failure"
|
||||
'';
|
||||
|
||||
nativeBuildInputs = [ cmake wrapQtAppsHook qttools ];
|
||||
@ -116,7 +128,7 @@ stdenv.mkDerivation rec {
|
||||
longDescription = "A community fork of KeePassX, which is itself a port of KeePass Password Safe. The goal is to extend and improve KeePassX with new features and bugfixes to provide a feature-rich, fully cross-platform and modern open-source password manager. Accessible via native cross-platform GUI, CLI, and browser integration with the KeePassXC Browser Extension (https://github.com/keepassxreboot/keepassxc-browser).";
|
||||
homepage = "https://keepassxc.org/";
|
||||
license = licenses.gpl2;
|
||||
maintainers = with maintainers; [ jonafato ];
|
||||
maintainers = with maintainers; [ jonafato turion ];
|
||||
platforms = platforms.linux ++ platforms.darwin;
|
||||
};
|
||||
}
|
||||
|
@ -6,10 +6,10 @@ index 74b1a7ff..0a713a32 100644
|
||||
set(PLUGIN_INSTALL_DIR ".")
|
||||
set(DATA_INSTALL_DIR "share")
|
||||
elseif(APPLE AND WITH_APP_BUNDLE)
|
||||
+ set(CMAKE_INSTALL_PREFIX "${CMAKE_INSTALL_PREFIX}/Applications")
|
||||
+ set(CMAKE_INSTALL_PREFIX "${CMAKE_INSTALL_PREFIX}/Applications")
|
||||
set(BUNDLE_INSTALL_DIR "${PROGNAME}.app/Contents")
|
||||
set(CMAKE_INSTALL_MANDIR "${PROGNAME}.app/Contents/Resources/man")
|
||||
set(CLI_INSTALL_DIR "${PROGNAME}.app/Contents/MacOS")
|
||||
set(PROXY_INSTALL_DIR "${PROGNAME}.app/Contents/MacOS")
|
||||
@@ -369,12 +370,6 @@ set(CMAKE_AUTORCC ON)
|
||||
|
||||
if(APPLE)
|
||||
|
@ -20,7 +20,7 @@ in mkDerivation rec {
|
||||
description = "Norton/Total Commander clone for KDE";
|
||||
license = licenses.gpl2;
|
||||
homepage = "http://www.krusader.org";
|
||||
maintainers = with maintainers; [ sander ];
|
||||
maintainers = with maintainers; [ sander turion ];
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ extra-cmake-modules kdoctools wrapGAppsHook ];
|
||||
|
@ -94,7 +94,7 @@ in buildFHSUserEnv {
|
||||
libsndfile libtheora libogg libvorbis libopus libGLU libpcap libpulseaudio
|
||||
libao libusb libevdev udev libgcrypt libxml2 libusb libpng libmpeg2 libv4l
|
||||
libjpeg libxkbcommon libass libcdio libjack2 libsamplerate libzip libmad libaio
|
||||
libcap libtiff libva libgphoto2 libxslt libtxc_dxtn libsndfile giflib zlib glib
|
||||
libcap libtiff libva libgphoto2 libxslt libsndfile giflib zlib glib
|
||||
alsaLib zziplib bash dbus keyutils zip cabextract freetype unzip coreutils
|
||||
readline gcc SDL SDL2 curl graphite2 gtk2 gtk3 udev ncurses wayland libglvnd
|
||||
vulkan-loader xdg_utils sqlite gnutls libbsd
|
||||
|
@ -44,7 +44,7 @@ buildPythonApplication {
|
||||
A graphical pdf (and epub, cbz, ...) reader that works
|
||||
inside the kitty terminal.
|
||||
'';
|
||||
homepage = https://github.com/dsanson/termpdf.py;
|
||||
homepage = "https://github.com/dsanson/termpdf.py";
|
||||
maintainers = with maintainers; [ teto ];
|
||||
license = licenses.mit;
|
||||
};
|
||||
|
@ -82,11 +82,11 @@ in
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "brave";
|
||||
version = "1.5.123";
|
||||
version = "1.7.92";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://github.com/brave/brave-browser/releases/download/v${version}/brave-browser_${version}_amd64.deb";
|
||||
sha256 = "1yv6hfjqzcd60b0bjpfbj8d4s2yf10swanxhbmnslcqp6ajb2nqr";
|
||||
sha256 = "1f262xh88c83m6ixqxc69z8kvkl3qbjc6jnv2g8n0flw8s70hs7z";
|
||||
};
|
||||
|
||||
dontConfigure = true;
|
||||
|
@ -24,8 +24,13 @@
|
||||
, libdrm ? null, wayland ? null, mesa_drivers ? null, libxkbcommon ? null # useOzone
|
||||
|
||||
# package customization
|
||||
, useVaapi ? false
|
||||
, useOzone ? false
|
||||
, useVaapi ? !(useOzone || stdenv.isAarch64) # Built if supported, but disabled in the wrapper
|
||||
# VA-API TODOs:
|
||||
# - Ozone: M81 fails to build due to "ozone_platform_gbm = false"
|
||||
# - Possible solutions: Write a patch to fix the build (wrong gn dependencies)
|
||||
# or build with minigbm
|
||||
# - AArch64: Causes serious regressions (https://github.com/NixOS/nixpkgs/pull/85253#issuecomment-614405879)
|
||||
, gnomeSupport ? false, gnome ? null
|
||||
, gnomeKeyringSupport ? false, libgnome-keyring3 ? null
|
||||
, proprietaryCodecs ? true
|
||||
@ -127,10 +132,10 @@ let
|
||||
libXScrnSaver libXcursor libXtst libGLU libGL
|
||||
pciutils protobuf speechd libXdamage at-spi2-core
|
||||
jre
|
||||
] ++ optional gnomeKeyringSupport libgnome-keyring3
|
||||
] ++ optional useVaapi libva
|
||||
++ optional gnomeKeyringSupport libgnome-keyring3
|
||||
++ optionals gnomeSupport [ gnome.GConf libgcrypt ]
|
||||
++ optionals cupsSupport [ libgcrypt cups ]
|
||||
++ optional useVaapi libva
|
||||
++ optional pulseSupport libpulseaudio
|
||||
++ optionals useOzone [ libdrm wayland mesa_drivers libxkbcommon ];
|
||||
|
||||
@ -149,9 +154,9 @@ let
|
||||
#
|
||||
# ++ optionals (channel == "dev") [ ( githubPatch "<patch>" "0000000000000000000000000000000000000000000000000000000000000000" ) ]
|
||||
# ++ optional (versionRange "68" "72") ( githubPatch "<patch>" "0000000000000000000000000000000000000000000000000000000000000000" )
|
||||
] ++ optionals (useVaapi) ([
|
||||
# source: https://aur.archlinux.org/cgit/aur.git/tree/vaapi-fix.patch?h=chromium-vaapi
|
||||
./patches/vaapi-fix.patch
|
||||
] ++ optionals (useVaapi) ([ # Fixes for the VA-API build:
|
||||
./patches/enable-vdpau-support-for-nvidia.patch # https://aur.archlinux.org/cgit/aur.git/tree/vdpau-support.patch?h=chromium-vaapi
|
||||
./patches/enable-video-acceleration-on-linux.patch # Can be controlled at runtime (i.e. without rebuilding Chromium)
|
||||
] ++ optionals (versionRange "81" "82") [
|
||||
(githubPatch "5b2ff215473e0526b5b24aeff4ad90d369b21c75" "0n00vh8wfpn2ay5fqsxcsx0zadnv7mihm72bcvnrfzh75nzbg902")
|
||||
(githubPatch "98e343ab369e4262511b5fce547728e3e5eefba8" "00wwp653jk0k0yvix00vr7ymgck9dj7fxjwx4nc67ynn84dh6064")
|
||||
|
@ -6,13 +6,15 @@
|
||||
, lib
|
||||
|
||||
# package customization
|
||||
# Note: enable* flags should not require full rebuilds (i.e. only affect the wrapper)
|
||||
, channel ? "stable"
|
||||
, gnomeSupport ? false, gnome ? null
|
||||
, gnomeKeyringSupport ? false
|
||||
, proprietaryCodecs ? true
|
||||
, enablePepperFlash ? false
|
||||
, enableWideVine ? false
|
||||
, useVaapi ? false # test video on radeon, before enabling this
|
||||
, useVaapi ? false # Deprecated, use enableVaapi instead!
|
||||
, enableVaapi ? false # Disabled by default due to unofficial support and issues on radeon
|
||||
, useOzone ? false
|
||||
, cupsSupport ? true
|
||||
, pulseSupport ? config.pulseaudio or stdenv.isLinux
|
||||
@ -33,7 +35,7 @@ let
|
||||
upstream-info = (callPackage ./update.nix {}).getChannel channel;
|
||||
|
||||
mkChromiumDerivation = callPackage ./common.nix ({
|
||||
inherit gnome gnomeSupport gnomeKeyringSupport proprietaryCodecs cupsSupport pulseSupport useVaapi useOzone;
|
||||
inherit gnome gnomeSupport gnomeKeyringSupport proprietaryCodecs cupsSupport pulseSupport useOzone;
|
||||
gnChromium = gn;
|
||||
} // lib.optionalAttrs (channel != "stable") {
|
||||
# TODO: Remove after we can update gn for the stable channel (backward incompatible changes):
|
||||
@ -127,6 +129,14 @@ let
|
||||
cp -a ${widevineCdm}/WidevineCdm $out/libexec/chromium/
|
||||
''
|
||||
else browser;
|
||||
|
||||
optionalVaapiFlags = if useVaapi # TODO: Remove after 20.09:
|
||||
then throw ''
|
||||
Chromium's useVaapi was replaced by enableVaapi and you don't need to pass
|
||||
"--ignore-gpu-blacklist" anymore (also no rebuilds are required anymore).
|
||||
'' else lib.optionalString
|
||||
(!enableVaapi)
|
||||
"--add-flags --disable-accelerated-video-decode --add-flags --disable-accelerated-video-encode";
|
||||
in stdenv.mkDerivation {
|
||||
name = "chromium${suffix}-${version}";
|
||||
inherit version;
|
||||
@ -146,15 +156,14 @@ in stdenv.mkDerivation {
|
||||
buildCommand = let
|
||||
browserBinary = "${chromiumWV}/libexec/chromium/chromium";
|
||||
getWrapperFlags = plugin: "$(< \"${plugin}/nix-support/wrapper-flags\")";
|
||||
libPath = stdenv.lib.makeLibraryPath ([]
|
||||
++ stdenv.lib.optional useVaapi libva
|
||||
);
|
||||
libPath = stdenv.lib.makeLibraryPath [ libva ];
|
||||
|
||||
in with stdenv.lib; ''
|
||||
mkdir -p "$out/bin"
|
||||
|
||||
eval makeWrapper "${browserBinary}" "$out/bin/chromium" \
|
||||
--add-flags ${escapeShellArg (escapeShellArg commandLineArgs)} \
|
||||
${optionalVaapiFlags} \
|
||||
${concatMapStringsSep " " getWrapperFlags chromium.plugins.enabled}
|
||||
|
||||
ed -v -s "$out/bin/chromium" << EOF
|
||||
|
@ -0,0 +1,48 @@
|
||||
From b2144fd28e09cd52e7a88a62a9d9b54cf9922f9f Mon Sep 17 00:00:00 2001
|
||||
From: Michael Weiss <dev.primeos@gmail.com>
|
||||
Date: Tue, 14 Apr 2020 14:16:10 +0200
|
||||
Subject: [PATCH] Enable accelerated video decode on Linux
|
||||
|
||||
This will enable accelerated video decode on Linux by default (i.e.
|
||||
without "--ignore-gpu-blacklist"), but on NixOS we'll provide
|
||||
"--disable-accelerated-video-decode" and
|
||||
"--disable-accelerated-video-encode" by default to avoid regressions
|
||||
(e.g. VA-API doesn't work properly for some radeon drivers).
|
||||
|
||||
Video acceleration can then be enabled via:
|
||||
chromium.override { enableVaapi = true; }
|
||||
without rebuilding Chromium.
|
||||
---
|
||||
gpu/config/software_rendering_list.json | 16 ----------------
|
||||
1 file changed, 16 deletions(-)
|
||||
|
||||
diff --git a/gpu/config/software_rendering_list.json b/gpu/config/software_rendering_list.json
|
||||
index 22712bdbf38f..a06dd19a50e4 100644
|
||||
--- a/gpu/config/software_rendering_list.json
|
||||
+++ b/gpu/config/software_rendering_list.json
|
||||
@@ -336,22 +336,6 @@
|
||||
]
|
||||
},
|
||||
{
|
||||
- "id": 48,
|
||||
- "description": "Accelerated video decode is unavailable on Linux",
|
||||
- "cr_bugs": [137247, 1032907],
|
||||
- "os": {
|
||||
- "type": "linux"
|
||||
- },
|
||||
- "exceptions": [
|
||||
- {
|
||||
- "machine_model_name": ["Chromecast"]
|
||||
- }
|
||||
- ],
|
||||
- "features": [
|
||||
- "accelerated_video_decode"
|
||||
- ]
|
||||
- },
|
||||
- {
|
||||
"id": 50,
|
||||
"description": "Disable VMware software renderer on older Mesa",
|
||||
"cr_bugs": [145531, 332596, 571899, 629434],
|
||||
--
|
||||
2.11.0
|
||||
|
@ -45,11 +45,11 @@ let
|
||||
|
||||
flash = stdenv.mkDerivation rec {
|
||||
pname = "flashplayer-ppapi";
|
||||
version = "32.0.0.344";
|
||||
version = "32.0.0.363";
|
||||
|
||||
src = fetchzip {
|
||||
url = "https://fpdownload.adobe.com/pub/flashplayer/pdc/${version}/flash_player_ppapi_linux.x86_64.tar.gz";
|
||||
sha256 = "05ijlgsby9zxx0qs6f3vav1z0p6xr1cg6idl4akxvfmsl6hn6hkq";
|
||||
sha256 = "0znk8an892mykgbz56hyv3gz65vc9mhb3vn96c6bsvicwl1fn460";
|
||||
stripRoot = false;
|
||||
};
|
||||
|
||||
|
@ -46,7 +46,6 @@ let
|
||||
"icedtea"
|
||||
"enableGoogleTalkPlugin"
|
||||
"enableFriBIDPlugin"
|
||||
"enableGnomeExtensions"
|
||||
"enableBluejeans"
|
||||
"enableAdobeReader"
|
||||
];
|
||||
|
@ -74,7 +74,7 @@ let
|
||||
in
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "flashplayer";
|
||||
version = "32.0.0.344";
|
||||
version = "32.0.0.363";
|
||||
|
||||
src = fetchurl {
|
||||
url =
|
||||
@ -85,14 +85,14 @@ stdenv.mkDerivation rec {
|
||||
sha256 =
|
||||
if debug then
|
||||
if arch == "x86_64" then
|
||||
"1kkwijxlcs1rlqxr1vj51h95fwwrp5m0c9lngqpncgmmhh8v9dyr"
|
||||
"06711k4vbn6mqfd8gvx2snsxyalhw15hn5b64sja8726z5rxvzy7"
|
||||
else
|
||||
"0r47s19fw7gsph73rd5jb2zfsjwz7mjawm6c49rir9rsa0zxrsks"
|
||||
"0v584aqhy4xk08afi3ypkq4mqjq57y136z82i5ixyim88dqbaf4f"
|
||||
else
|
||||
if arch == "x86_64" then
|
||||
"1ki3i7zw0q48xf01xjfm1mpizc5flk768p9hqxpg881r4h65dh6b"
|
||||
"1g1ijxypm8a8mfc1x58gksmaakqpp7xmf277wiir8zqjn3vd6c64"
|
||||
else
|
||||
"1v527i60sljwyvv4l1kg9ml05skjgm3naynlswd35hsz258jnxl4";
|
||||
"13nbxmqmbxqvdhdwdqimim2f9fz3y2vrsx6b3pck6352m4i4wzh8";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ unzip ];
|
||||
|
@ -50,7 +50,7 @@
|
||||
|
||||
stdenv.mkDerivation {
|
||||
pname = "flashplayer-standalone";
|
||||
version = "32.0.0.344";
|
||||
version = "32.0.0.363";
|
||||
|
||||
src = fetchurl {
|
||||
url =
|
||||
@ -60,9 +60,9 @@ stdenv.mkDerivation {
|
||||
"https://fpdownload.macromedia.com/pub/flashplayer/updaters/32/flash_player_sa_linux.x86_64.tar.gz";
|
||||
sha256 =
|
||||
if debug then
|
||||
"1ymsk07xmnanyv86r58ar1l4wgjarlq0fc111ajc76pp8dsxnfx8"
|
||||
"03zhza8lvc1nvz3racwfsajfd6rnbw3g56dp5wvr1qmaps8xaaqg"
|
||||
else
|
||||
"0wiwpn4a0jxslw4ahalq74rksn82y0aqa3lrjr9qs7kdcak74vky";
|
||||
"0bhp7jv2l2agfzr8m564k749a5g75dw1390phlwvf49n1h8ldap2";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ unzip ];
|
||||
|
@ -1,18 +1,19 @@
|
||||
{ stdenv, fetchFromGitHub, buildGoPackage }:
|
||||
{ lib, fetchFromGitHub, buildGoPackage }:
|
||||
|
||||
buildGoPackage rec {
|
||||
pname = "cni";
|
||||
version = "0.7.0";
|
||||
version = "0.7.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "containernetworking";
|
||||
repo = pname;
|
||||
rev = "v${version}";
|
||||
sha256 = "15ad323dw44k82bfx9r8w5q2kn7jix60p9v4ciyzx2p5pip36wp8";
|
||||
sha256 = "02qn1br8164d99978acalisy1sx294g1axnii4yh1wji0fc735xz";
|
||||
};
|
||||
|
||||
goPackagePath = "github.com/containernetworking/cni";
|
||||
meta = with stdenv.lib; {
|
||||
|
||||
meta = with lib; {
|
||||
description = "Container Network Interface - networking for Linux containers";
|
||||
license = licenses.asl20;
|
||||
homepage = "https://github.com/containernetworking/cni";
|
||||
|
@ -1,210 +0,0 @@
|
||||
# file generated from go.mod using vgo2nix (https://github.com/adisbladis/vgo2nix)
|
||||
[
|
||||
{
|
||||
goPackagePath = "github.com/Microsoft/go-winio";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/Microsoft/go-winio";
|
||||
rev = "v0.4.11";
|
||||
sha256 = "14y1gryr3pb3zy09v2g8dh89m363rfd9sch0wgbabh531hfx72vn";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/Microsoft/hcsshim";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/Microsoft/hcsshim";
|
||||
rev = "v0.7.4";
|
||||
sha256 = "0hky9p6xvkkx2jfkd4fy2d6iaikvlzalyw67gypyqyxygf2hsshg";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/alexflint/go-filemutex";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/alexflint/go-filemutex";
|
||||
rev = "72bdc8eae2ae";
|
||||
sha256 = "082y6y9zv40q3kaqvsv6fyaw2fc42j0sn9z0dl9rbiz4szixj3c4";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/buger/jsonparser";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/buger/jsonparser";
|
||||
rev = "f4dd9f5a6b44";
|
||||
sha256 = "12qa2n33s7yz88ywpr3k9kg3b4gm6rqgnv28iyikyxw8h5jascz5";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/containernetworking/cni";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/containernetworking/cni";
|
||||
rev = "v0.7.0";
|
||||
sha256 = "15ad323dw44k82bfx9r8w5q2kn7jix60p9v4ciyzx2p5pip36wp8";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/coreos/go-iptables";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/coreos/go-iptables";
|
||||
rev = "v0.4.1";
|
||||
sha256 = "0id1npqw3rd5rrkslf6i9yy6lpmd7l5qcglln38g85ylq7inysyi";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/coreos/go-systemd";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/coreos/go-systemd";
|
||||
rev = "39ca1b05acc7";
|
||||
sha256 = "1kzqrrzqspa5qm7kwslxl3m16lqzns23c24rv474ajzwmj3ixmx1";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/d2g/dhcp4";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/d2g/dhcp4";
|
||||
rev = "f0e4d29ff023";
|
||||
sha256 = "07gn9bjvnlfz2jv9wdq3gxxxm9lpwgrwk8z65072jdrz9rs9izpr";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/d2g/dhcp4client";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/d2g/dhcp4client";
|
||||
rev = "bed07e1bc5b8";
|
||||
sha256 = "0kyjalv1kah7sk3i96abg71cgy5s9kzpff2zc7mwj69vicbj7mi3";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/d2g/dhcp4server";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/d2g/dhcp4server";
|
||||
rev = "477b11cea4dc";
|
||||
sha256 = "010dpw6cxrsm6dm49w1q6qpz5xz3lbi5viz6wywxk49fxvnzmx9l";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/godbus/dbus";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/godbus/dbus";
|
||||
rev = "885f9cc04c9c";
|
||||
sha256 = "0wjpaj4vr5lvpnwc5faf3qizd7zd2v9yq0fm0558wap1hiyqb8x8";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/j-keck/arping";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/j-keck/arping";
|
||||
rev = "2cf9dc699c56";
|
||||
sha256 = "1bid8mpx3j4546ni0a6q5xyz7hb854g95qnxqmg5jzs9vrcird3c";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/juju/errors";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/juju/errors";
|
||||
rev = "22422dad46e1";
|
||||
sha256 = "1766ys24y9qgngaqbx0g84lmh54b3369v8hk5fa1k8si2d34fxas";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/mattn/go-shellwords";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/mattn/go-shellwords";
|
||||
rev = "v1.0.3";
|
||||
sha256 = "1pg7pl25wvpl2dbpyrv9p1r7prnqimxlf6136vn0dfm54j2x4mnr";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/onsi/ginkgo";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/onsi/ginkgo";
|
||||
rev = "7f8ab55aaf3b";
|
||||
sha256 = "0nas6wqdym4jx42kw9wj80b58r69k9qhnvglz009lj34g5gba7rw";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/onsi/gomega";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/onsi/gomega";
|
||||
rev = "2152b45fa28a";
|
||||
sha256 = "0amjlkawp84mmdqjgdamf93p1546cla6h4wwrx7hf5r862r2qcw2";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/safchain/ethtool";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/safchain/ethtool";
|
||||
rev = "42ed695e3de8";
|
||||
sha256 = "0n5hkrzc1bh46nidcssx4539kvcmgj501v3kzh2pljpg27509daj";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/sirupsen/logrus";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/sirupsen/logrus";
|
||||
rev = "v1.0.6";
|
||||
sha256 = "029irw2lsbqi944gdrbkwdw0m2794sqni4g21gsnmz142hbzds8c";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/vishvananda/netlink";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/vishvananda/netlink";
|
||||
rev = "023a6dafdcdf";
|
||||
sha256 = "1i5q8r8rg7lxzvq2vhbf25lrkzdlgficfv0bxg9rf7cgg6z819sn";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "github.com/vishvananda/netns";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://github.com/vishvananda/netns";
|
||||
rev = "13995c7128cc";
|
||||
sha256 = "1zk6w8158qi4niva5rijchbv9ixgmijsgqshh54wdaav4xrhjshn";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "golang.org/x/crypto";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://go.googlesource.com/crypto";
|
||||
rev = "7c1a557ab941";
|
||||
sha256 = "1f1q9mby8m7ws3gbj90v0prhnf4g2sgf74azmw31kzwd6azlar3m";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "golang.org/x/net";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://go.googlesource.com/net";
|
||||
rev = "49bb7cea24b1";
|
||||
sha256 = "111q4qm3hcjvzvyv9y5rz8ydnyg48rckcygxqy6gv63q618wz6gn";
|
||||
};
|
||||
}
|
||||
{
|
||||
goPackagePath = "golang.org/x/sys";
|
||||
fetch = {
|
||||
type = "git";
|
||||
url = "https://go.googlesource.com/sys";
|
||||
rev = "66b7b1311ac8";
|
||||
sha256 = "00ny4r2bbj6rz939iy9g699acqydq7rfi6r6awn25w9i2dld9m13";
|
||||
};
|
||||
}
|
||||
]
|
@ -1,24 +1,22 @@
|
||||
{ stdenv, lib, fetchFromGitHub, go, removeReferencesTo, buildGoPackage }:
|
||||
{ lib, fetchFromGitHub, buildGoPackage }:
|
||||
|
||||
buildGoPackage rec {
|
||||
pname = "cni-plugins";
|
||||
version = "0.8.4";
|
||||
version = "0.8.5";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "containernetworking";
|
||||
repo = "plugins";
|
||||
rev = "v${version}";
|
||||
sha256 = "02kz6y3klhbriybsskn4hmldwli28cycnp2klsm2x0y9c73iczdp";
|
||||
sha256 = "17c8pvpn0dpda6ah7irr9hhd8sk7mnm32zv72nc5pxg1xvfpaipi";
|
||||
};
|
||||
|
||||
goDeps = ./plugins-deps.nix;
|
||||
goPackagePath = "github.com/containernetworking/plugins";
|
||||
|
||||
subPackages = [
|
||||
"plugins/meta/bandwidth"
|
||||
"plugins/meta/firewall"
|
||||
"plugins/meta/flannel"
|
||||
"plugins/meta/portmap"
|
||||
"plugins/meta/sbr"
|
||||
"plugins/meta/tuning"
|
||||
"plugins/ipam/dhcp"
|
||||
"plugins/ipam/host-local"
|
||||
"plugins/ipam/static"
|
||||
"plugins/main/bridge"
|
||||
"plugins/main/host-device"
|
||||
"plugins/main/ipvlan"
|
||||
@ -26,10 +24,14 @@ buildGoPackage rec {
|
||||
"plugins/main/macvlan"
|
||||
"plugins/main/ptp"
|
||||
"plugins/main/vlan"
|
||||
"plugins/ipam/dhcp"
|
||||
"plugins/ipam/host-local"
|
||||
"plugins/ipam/static"
|
||||
"plugins/meta/bandwidth"
|
||||
"plugins/meta/firewall"
|
||||
"plugins/meta/flannel"
|
||||
"plugins/meta/portmap"
|
||||
"plugins/meta/sbr"
|
||||
"plugins/meta/tuning"
|
||||
];
|
||||
|
||||
meta = with lib; {
|
||||
description = "Some standard networking plugins, maintained by the CNI team";
|
||||
homepage = "https://github.com/containernetworking/plugins";
|
||||
|
@ -1,4 +1,4 @@
|
||||
{ stdenv, lib, buildEnv, buildGoPackage, fetchFromGitHub, makeWrapper
|
||||
{ stdenv, lib, buildEnv, buildGoPackage, fetchFromGitHub, makeWrapper, coreutils
|
||||
, runCommand, writeText, terraform-providers }:
|
||||
|
||||
let
|
||||
@ -18,6 +18,12 @@ let
|
||||
inherit sha256;
|
||||
};
|
||||
|
||||
postPatch = ''
|
||||
# speakeasy hardcodes /bin/stty https://github.com/bgentry/speakeasy/issues/22
|
||||
substituteInPlace vendor/github.com/bgentry/speakeasy/speakeasy_unix.go \
|
||||
--replace "/bin/stty" "${coreutils}/bin/stty"
|
||||
'';
|
||||
|
||||
postInstall = ''
|
||||
# remove all plugins, they are part of the main binary now
|
||||
for i in $bin/bin/*; do
|
||||
|
@ -5,11 +5,11 @@ let
|
||||
in
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "zeek";
|
||||
version = "3.1.1";
|
||||
version = "3.1.2";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://old.zeek.org/downloads/zeek-${version}.tar.gz";
|
||||
sha256 = "0siybzdp8w62jqk5vdi5fxwvj6cn4r6c2d4z2axd4rj5vhv5zvx2";
|
||||
url = "https://download.zeek.org/zeek-${version}.tar.gz";
|
||||
sha256 = "18aa4pfwav8m6vq7cr4bhfg243da54ak933rqbriljnhsrgp4n0q";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake flex bison file ];
|
||||
|
@ -1,14 +1,14 @@
|
||||
{ stdenv, fetchFromGitHub, python3Packages }:
|
||||
|
||||
python3Packages.buildPythonApplication rec {
|
||||
name = "gmailieer-${version}";
|
||||
version = "1.0";
|
||||
pname = "lieer";
|
||||
version = "1.1";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "gauteh";
|
||||
repo = "gmailieer";
|
||||
repo = "lieer";
|
||||
rev = "v${version}";
|
||||
sha256 = "1zzylv8xbcrh34bz0s29dawzcyx39lai8y8wk0bl4x75v1jfynvf";
|
||||
sha256 = "19jx3sm925nrzl26km1bxbp6y5gk1mzwadd79vip2jl70b3xk9f8";
|
||||
};
|
||||
|
||||
propagatedBuildInputs = with python3Packages; [
|
||||
@ -27,8 +27,8 @@ python3Packages.buildPythonApplication rec {
|
||||
tags in the notmuch database may be pushed back remotely to your
|
||||
GMail account.
|
||||
'';
|
||||
homepage = "https://github.com/gauteh/gmailieer";
|
||||
repositories.git = "https://github.com/gauteh/gmailieer.git";
|
||||
homepage = "https://lieer.gaute.vetsj.com/";
|
||||
repositories.git = "https://github.com/gauteh/lieer.git";
|
||||
license = licenses.gpl3Plus;
|
||||
maintainers = with maintainers; [ kaiha ];
|
||||
};
|
@ -9,11 +9,11 @@ let
|
||||
|
||||
in stdenv.mkDerivation rec {
|
||||
pname = "msmtp";
|
||||
version = "1.8.7";
|
||||
version = "1.8.8";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://marlam.de/${pname}/releases/${pname}-${version}.tar.xz";
|
||||
sha256 = "1waiiksa57byb7gvx1zmh6srvl6r8rvwqklk0slb3iaf4kfbqlws";
|
||||
sha256 = "1rarck61mz3mwg0l30vjj6j9fq6gc7gic0r1c1ppwpq2izj57jzc";
|
||||
};
|
||||
|
||||
patches = [
|
||||
|
@ -0,0 +1,84 @@
|
||||
From a6d8bd67416c848f9bf52f4746bda34216ae9993 Mon Sep 17 00:00:00 2001
|
||||
From: worldofpeace <worldofpeace@protonmail.ch>
|
||||
Date: Sun, 19 Apr 2020 12:48:59 -0400
|
||||
Subject: [PATCH] Revert "Add patch"
|
||||
|
||||
This reverts commit c44127936b785afda0e914da4c1dc1e66a0ac97b.
|
||||
---
|
||||
src/Application.vala | 49 --------------------------------------------
|
||||
1 file changed, 49 deletions(-)
|
||||
|
||||
diff --git a/src/Application.vala b/src/Application.vala
|
||||
index 43d52fbc..82a9ebe5 100644
|
||||
--- a/src/Application.vala
|
||||
+++ b/src/Application.vala
|
||||
@@ -127,66 +127,17 @@ public class Planner : Gtk.Application {
|
||||
|
||||
utils.apply_theme_changed ();
|
||||
|
||||
- // Set Theme and Icon
|
||||
Gtk.Settings.get_default ().set_property ("gtk-icon-theme-name", "elementary");
|
||||
Gtk.Settings.get_default ().set_property ("gtk-theme-name", "elementary");
|
||||
|
||||
- // Path Theme
|
||||
- var command = new Granite.Services.SimpleCommand (".", "echo $DESKTOP_SESSION");
|
||||
- command.run ();
|
||||
- command.output_changed.connect ((text) => {
|
||||
- print ("DESKTOP_SESSION: %s\n".printf (text));
|
||||
- });
|
||||
-
|
||||
- if (get_os_info ("PRETTY_NAME") == null || get_os_info ("PRETTY_NAME").index_of ("elementary") == -1) {
|
||||
- string CSS = """
|
||||
- window decoration {
|
||||
- box-shadow: none;
|
||||
- margin: 1px;
|
||||
- }
|
||||
- """;
|
||||
-
|
||||
- var _provider = new Gtk.CssProvider ();
|
||||
- _provider.load_from_data (CSS, CSS.length);
|
||||
-
|
||||
- Gtk.StyleContext.add_provider_for_screen (
|
||||
- Gdk.Screen.get_default (), _provider,
|
||||
- Gtk.STYLE_PROVIDER_PRIORITY_APPLICATION
|
||||
- );
|
||||
- }
|
||||
-
|
||||
// Set shortcut
|
||||
string quick_add_shortcut = settings.get_string ("quick-add-shortcut");
|
||||
if (quick_add_shortcut == "") {
|
||||
quick_add_shortcut = "<Primary>Tab";
|
||||
settings.set_string ("quick-add-shortcut", quick_add_shortcut);
|
||||
}
|
||||
-
|
||||
utils.set_quick_add_shortcut (quick_add_shortcut);
|
||||
}
|
||||
-
|
||||
- public string get_os_info (string field) {
|
||||
- string return_value = "";
|
||||
- var file = File.new_for_path ("/etc/os-release");
|
||||
- try {
|
||||
- var osrel = new Gee.HashMap<string, string> ();
|
||||
- var dis = new DataInputStream (file.read ());
|
||||
- string line;
|
||||
- // Read lines until end of file (null) is reached
|
||||
- while ((line = dis.read_line (null)) != null) {
|
||||
- var osrel_component = line.split ("=", 2);
|
||||
- if (osrel_component.length == 2) {
|
||||
- osrel[osrel_component[0]] = osrel_component[1].replace ("\"", "");
|
||||
- }
|
||||
- }
|
||||
-
|
||||
- return_value = osrel[field];
|
||||
- } catch (Error e) {
|
||||
- warning ("Couldn't read os-release file, assuming elementary OS");
|
||||
- }
|
||||
-
|
||||
- return return_value;
|
||||
- }
|
||||
|
||||
public override int command_line (ApplicationCommandLine command_line) {
|
||||
bool silence_mode = false;
|
||||
--
|
||||
2.25.1
|
||||
|
@ -15,15 +15,25 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "elementary-planner";
|
||||
version = "2.2.14";
|
||||
version = "2.3.2";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "alainm23";
|
||||
repo = "planner";
|
||||
rev = version;
|
||||
sha256 = "14k5kiknr0d3my17p4v20iiqzifpz3y80gdzj8vdxic8yk2yr1ap";
|
||||
sha256 = "1kjk1zafx71zmax3whzpx6mzl037wlxri30bl2k9y9rg3fd09arr";
|
||||
};
|
||||
|
||||
patches = [
|
||||
# Revert a patch the works around some stylesheet issues:
|
||||
# https://github.com/alainm23/planner/issues/268
|
||||
# https://github.com/alainm23/planner/issues/303
|
||||
# The don't seem to be a problem with Pantheon on NixOS
|
||||
# and for some reason produce the opposite effect with
|
||||
# pantheon's stylesheet.
|
||||
./0001-Revert-Add-patch.patch
|
||||
];
|
||||
|
||||
nativeBuildInputs = [
|
||||
desktop-file-utils
|
||||
meson
|
||||
|
@ -62,6 +62,11 @@ in (stdenv.mkDerivation rec {
|
||||
|
||||
patches = [
|
||||
./xdg-open-brief.patch
|
||||
(fetchpatch {
|
||||
url = "https://git.pld-linux.org/gitweb.cgi?p=packages/libreoffice.git;a=blob_plain;f=poppler-0.86.patch;h=76b8356d5f22ef537a83b0f9b0debab591f152fe;hb=a2737a61353e305a9ee69640fb20d4582c218008";
|
||||
name = "poppler-0.86.patch";
|
||||
sha256 = "0q6k4l8imgp8ailcv0qx5l83afyw44hah24fi7gjrm9xgv5sbb8j";
|
||||
})
|
||||
];
|
||||
|
||||
tarballPath = "external/tarballs";
|
||||
|
@ -728,11 +728,11 @@
|
||||
md5name = "a754c02f7051c2f21e52f8669a421b50485afcde9a581674d6106326b189d126-postgresql-9.2.24.tar.bz2";
|
||||
}
|
||||
{
|
||||
name = "Python-3.7.6.tar.xz";
|
||||
url = "http://dev-www.libreoffice.org/src/Python-3.7.6.tar.xz";
|
||||
sha256 = "55a2cce72049f0794e9a11a84862e9039af9183603b78bc60d89539f82cf533f";
|
||||
name = "Python-3.7.7.tar.xz";
|
||||
url = "http://dev-www.libreoffice.org/src/Python-3.7.7.tar.xz";
|
||||
sha256 = "06a0a9f1bf0d8cd1e4121194d666c4e28ddae4dd54346de6c343206599f02136";
|
||||
md5 = "";
|
||||
md5name = "55a2cce72049f0794e9a11a84862e9039af9183603b78bc60d89539f82cf533f-Python-3.7.6.tar.xz";
|
||||
md5name = "06a0a9f1bf0d8cd1e4121194d666c4e28ddae4dd54346de6c343206599f02136-Python-3.7.7.tar.xz";
|
||||
}
|
||||
{
|
||||
name = "QR-Code-generator-1.4.0.tar.gz";
|
||||
|
@ -8,8 +8,8 @@ rec {
|
||||
|
||||
major = "6";
|
||||
minor = "4";
|
||||
patch = "1";
|
||||
tweak = "1";
|
||||
patch = "3";
|
||||
tweak = "2";
|
||||
|
||||
subdir = "${major}.${minor}.${patch}";
|
||||
|
||||
@ -17,13 +17,13 @@ rec {
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://download.documentfoundation.org/libreoffice/src/${subdir}/libreoffice-${version}.tar.xz";
|
||||
sha256 = "03fqpkilz4yi35l447hb9r8gjwj23l61bpdkwg21jm8blm8kkvyj";
|
||||
sha256 = "1cmbrhha7mlflnlbpla8fix07cxcgkdb7krnrgs1bylf31y5855w";
|
||||
};
|
||||
|
||||
# FIXME rename
|
||||
translations = fetchSrc {
|
||||
name = "translations";
|
||||
sha256 = "0a7arjlxxy7hjm1brxwd124bf1gkbl92bgygi3sbbhbsv07pjdcr";
|
||||
sha256 = "06z9hz4m3kdcljjc6y5s18001axjibj9xiyakdndkl9pmnnhn9h3";
|
||||
};
|
||||
|
||||
# the "dictionaries" archive is not used for LO build because we already build hunspellDicts packages from
|
||||
@ -31,6 +31,6 @@ rec {
|
||||
|
||||
help = fetchSrc {
|
||||
name = "help";
|
||||
sha256 = "1hfllrdyxrg5mgqry3dcrhjbdrd0d27k5mvv4sfj7nwjlmjh8rqq";
|
||||
sha256 = "0mpgrwg8z1q38j03l6m1sdpcplyjd5nz1nqaa13vfkryj2lflw45";
|
||||
};
|
||||
}
|
||||
|
@ -2,11 +2,11 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "verilator";
|
||||
version = "4.030";
|
||||
version = "4.032";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://www.veripool.org/ftp/${pname}-${version}.tgz";
|
||||
sha256 = "07ldkf7xkr31n1dmx82bmzam8bvc1vsp32k76vd7yzn7r853qyky";
|
||||
sha256 = "1l3rhgw7pk59dz7dyhcl0iygn6c9rv9bv131rfzg66asxfwbfq1s";
|
||||
};
|
||||
|
||||
enableParallelBuilding = true;
|
||||
|
@ -1,34 +1,40 @@
|
||||
{ stdenv, fetchFromGitHub, ocamlPackages, omake }:
|
||||
{ lib, fetchFromGitHub, ocamlPackages, rsync }:
|
||||
|
||||
stdenv.mkDerivation {
|
||||
name = "beluga-20180403";
|
||||
ocamlPackages.buildDunePackage {
|
||||
pname = "beluga";
|
||||
version = "unstable-2020-03-11";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "Beluga-lang";
|
||||
repo = "Beluga";
|
||||
rev = "046aa59f008be70a7c4700b723bed0214ea8b687";
|
||||
sha256 = "0m68y0r0wdw3mg2jks68bihaww7sg305zdfnic1rkndq2cxv0mld";
|
||||
rev = "6133b2f572219333f304bb4f77c177592324c55b";
|
||||
sha256 = "0sy6mi50z3mvs5z7dx38piydapk89all81rh038x3559b5fsk68q";
|
||||
};
|
||||
|
||||
nativeBuildInputs = with ocamlPackages; [ findlib ocamlbuild omake ];
|
||||
buildInputs = with ocamlPackages; [ ocaml ulex ocaml_extlib ];
|
||||
useDune2 = true;
|
||||
|
||||
installPhase = ''
|
||||
mkdir -p $out
|
||||
cp -r bin $out/
|
||||
buildInputs = with ocamlPackages; [
|
||||
gen sedlex_2 ocaml_extlib dune-build-info linenoise
|
||||
];
|
||||
|
||||
mkdir -p $out/share/beluga
|
||||
cp -r tools/ examples/ $out/share/beluga
|
||||
postPatch = ''
|
||||
patchShebangs ./TEST ./run_harpoon_test.sh
|
||||
'';
|
||||
|
||||
checkPhase = "./TEST";
|
||||
checkInputs = [ rsync ];
|
||||
doCheck = true;
|
||||
|
||||
postInstall = ''
|
||||
mkdir -p $out/share/emacs/site-lisp/beluga/
|
||||
cp -r tools/beluga-mode.el $out/share/emacs/site-lisp/beluga
|
||||
'';
|
||||
|
||||
meta = {
|
||||
meta = with lib; {
|
||||
description = "A functional language for reasoning about formal systems";
|
||||
homepage = "http://complogic.cs.mcgill.ca/beluga/";
|
||||
license = stdenv.lib.licenses.gpl3Plus;
|
||||
maintainers = [ stdenv.lib.maintainers.bcdarwin ];
|
||||
platforms = stdenv.lib.platforms.unix;
|
||||
license = licenses.gpl3Plus;
|
||||
maintainers = [ maintainers.bcdarwin ];
|
||||
platforms = platforms.unix;
|
||||
};
|
||||
}
|
||||
|
@ -2,13 +2,13 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "lean";
|
||||
version = "3.8.0";
|
||||
version = "3.9.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "leanprover-community";
|
||||
repo = "lean";
|
||||
rev = "v${version}";
|
||||
sha256 = "0frs2vhxlzdliyydb462c1886dn585zd7yp7hdxzsri2v6gdh89g";
|
||||
sha256 = "0sklw211cmqp4y0c6nycfavpdxdpfwhq9a4sbwdlqd5agyf85h1j";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake ];
|
||||
|
@ -1,17 +1,20 @@
|
||||
{ lib, fetchFromGitHub, rustPlatform }:
|
||||
{ lib, fetchFromGitHub, rustPlatform, llvmPackages }:
|
||||
|
||||
rustPlatform.buildRustPackage rec {
|
||||
pname = "delta";
|
||||
version = "0.0.17";
|
||||
version = "0.0.18";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "dandavison";
|
||||
repo = pname;
|
||||
rev = version;
|
||||
sha256 = "1j01h60snciqp4psyxf67j3gbmi02c1baprsg9frzjacawbx8cz7";
|
||||
sha256 = "0cpd60861k9nd2gbzyb2hg5npnkgvsnyrvv7mlm30vb1833gz94z";
|
||||
};
|
||||
|
||||
cargoSha256 = "176bfd57gc9casvk0p10ilvzw3q3rkkv7qflja778vrwr9zrmkzq";
|
||||
LLVM_CONFIG_PATH = "${llvmPackages.llvm}/bin/llvm-config";
|
||||
LIBCLANG_PATH = "${llvmPackages.libclang.lib}/lib";
|
||||
|
||||
cargoSha256 = "12gl50q5hf6nq571fqxfv61z4mwfjyw4jb2yqyqbsinwj2frwaxn";
|
||||
|
||||
meta = with lib; {
|
||||
homepage = "https://github.com/dandavison/delta";
|
||||
|
@ -1,8 +1,10 @@
|
||||
source 'https://rubygems.org'
|
||||
|
||||
ruby '>= 2.3.0', '< 2.7.0' if Bundler::VERSION >= '1.12.0'
|
||||
gem "bundler", ">= 1.5.0"
|
||||
|
||||
gem "rails", "5.2.4.1"
|
||||
gem 'rails', '5.2.4.2'
|
||||
gem 'sprockets', '~> 3.7.2' if RUBY_VERSION < '2.5'
|
||||
gem "rouge", "~> 3.12.0"
|
||||
gem "request_store", "~> 1.4.1"
|
||||
gem "mini_mime", "~> 1.0.1"
|
||||
|
@ -1,19 +1,19 @@
|
||||
GEM
|
||||
remote: https://rubygems.org/
|
||||
specs:
|
||||
actioncable (5.2.4.1)
|
||||
actionpack (= 5.2.4.1)
|
||||
actioncable (5.2.4.2)
|
||||
actionpack (= 5.2.4.2)
|
||||
nio4r (~> 2.0)
|
||||
websocket-driver (>= 0.6.1)
|
||||
actionmailer (5.2.4.1)
|
||||
actionpack (= 5.2.4.1)
|
||||
actionview (= 5.2.4.1)
|
||||
activejob (= 5.2.4.1)
|
||||
actionmailer (5.2.4.2)
|
||||
actionpack (= 5.2.4.2)
|
||||
actionview (= 5.2.4.2)
|
||||
activejob (= 5.2.4.2)
|
||||
mail (~> 2.5, >= 2.5.4)
|
||||
rails-dom-testing (~> 2.0)
|
||||
actionpack (5.2.4.1)
|
||||
actionview (= 5.2.4.1)
|
||||
activesupport (= 5.2.4.1)
|
||||
actionpack (5.2.4.2)
|
||||
actionview (= 5.2.4.2)
|
||||
activesupport (= 5.2.4.2)
|
||||
rack (~> 2.0, >= 2.0.8)
|
||||
rack-test (>= 0.6.3)
|
||||
rails-dom-testing (~> 2.0)
|
||||
@ -21,26 +21,26 @@ GEM
|
||||
actionpack-xml_parser (2.0.1)
|
||||
actionpack (>= 5.0)
|
||||
railties (>= 5.0)
|
||||
actionview (5.2.4.1)
|
||||
activesupport (= 5.2.4.1)
|
||||
actionview (5.2.4.2)
|
||||
activesupport (= 5.2.4.2)
|
||||
builder (~> 3.1)
|
||||
erubi (~> 1.4)
|
||||
rails-dom-testing (~> 2.0)
|
||||
rails-html-sanitizer (~> 1.0, >= 1.0.3)
|
||||
activejob (5.2.4.1)
|
||||
activesupport (= 5.2.4.1)
|
||||
activejob (5.2.4.2)
|
||||
activesupport (= 5.2.4.2)
|
||||
globalid (>= 0.3.6)
|
||||
activemodel (5.2.4.1)
|
||||
activesupport (= 5.2.4.1)
|
||||
activerecord (5.2.4.1)
|
||||
activemodel (= 5.2.4.1)
|
||||
activesupport (= 5.2.4.1)
|
||||
activemodel (5.2.4.2)
|
||||
activesupport (= 5.2.4.2)
|
||||
activerecord (5.2.4.2)
|
||||
activemodel (= 5.2.4.2)
|
||||
activesupport (= 5.2.4.2)
|
||||
arel (>= 9.0)
|
||||
activestorage (5.2.4.1)
|
||||
actionpack (= 5.2.4.1)
|
||||
activerecord (= 5.2.4.1)
|
||||
activestorage (5.2.4.2)
|
||||
actionpack (= 5.2.4.2)
|
||||
activerecord (= 5.2.4.2)
|
||||
marcel (~> 0.3.1)
|
||||
activesupport (5.2.4.1)
|
||||
activesupport (5.2.4.2)
|
||||
concurrent-ruby (~> 1.0, >= 1.0.2)
|
||||
i18n (>= 0.7, < 2)
|
||||
minitest (~> 5.1)
|
||||
@ -59,8 +59,8 @@ GEM
|
||||
regexp_parser (~> 1.5)
|
||||
xpath (~> 3.2)
|
||||
childprocess (3.0.0)
|
||||
concurrent-ruby (1.1.5)
|
||||
crass (1.0.5)
|
||||
concurrent-ruby (1.1.6)
|
||||
crass (1.0.6)
|
||||
css_parser (1.7.1)
|
||||
addressable
|
||||
csv (3.1.2)
|
||||
@ -73,58 +73,58 @@ GEM
|
||||
concurrent-ruby (~> 1.0)
|
||||
jaro_winkler (1.5.4)
|
||||
json (2.3.0)
|
||||
loofah (2.4.0)
|
||||
loofah (2.5.0)
|
||||
crass (~> 1.0.2)
|
||||
nokogiri (>= 1.5.9)
|
||||
mail (2.7.1)
|
||||
mini_mime (>= 0.1.1)
|
||||
marcel (0.3.3)
|
||||
mimemagic (~> 0.3.2)
|
||||
method_source (0.9.2)
|
||||
mimemagic (0.3.3)
|
||||
method_source (1.0.0)
|
||||
mimemagic (0.3.4)
|
||||
mini_magick (4.9.5)
|
||||
mini_mime (1.0.2)
|
||||
mini_portile2 (2.4.0)
|
||||
minitest (5.13.0)
|
||||
mocha (1.11.1)
|
||||
minitest (5.14.0)
|
||||
mocha (1.11.2)
|
||||
mysql2 (0.5.3)
|
||||
net-ldap (0.16.2)
|
||||
nio4r (2.5.2)
|
||||
nokogiri (1.10.7)
|
||||
nokogiri (1.10.9)
|
||||
mini_portile2 (~> 2.4.0)
|
||||
parallel (1.19.1)
|
||||
parser (2.6.5.0)
|
||||
parser (2.7.1.0)
|
||||
ast (~> 2.4.0)
|
||||
pg (1.1.4)
|
||||
public_suffix (4.0.1)
|
||||
puma (3.12.2)
|
||||
rack (2.0.8)
|
||||
public_suffix (4.0.4)
|
||||
puma (3.12.4)
|
||||
rack (2.2.2)
|
||||
rack-openid (1.4.2)
|
||||
rack (>= 1.1.0)
|
||||
ruby-openid (>= 2.1.8)
|
||||
rack-test (1.1.0)
|
||||
rack (>= 1.0, < 3)
|
||||
rails (5.2.4.1)
|
||||
actioncable (= 5.2.4.1)
|
||||
actionmailer (= 5.2.4.1)
|
||||
actionpack (= 5.2.4.1)
|
||||
actionview (= 5.2.4.1)
|
||||
activejob (= 5.2.4.1)
|
||||
activemodel (= 5.2.4.1)
|
||||
activerecord (= 5.2.4.1)
|
||||
activestorage (= 5.2.4.1)
|
||||
activesupport (= 5.2.4.1)
|
||||
rails (5.2.4.2)
|
||||
actioncable (= 5.2.4.2)
|
||||
actionmailer (= 5.2.4.2)
|
||||
actionpack (= 5.2.4.2)
|
||||
actionview (= 5.2.4.2)
|
||||
activejob (= 5.2.4.2)
|
||||
activemodel (= 5.2.4.2)
|
||||
activerecord (= 5.2.4.2)
|
||||
activestorage (= 5.2.4.2)
|
||||
activesupport (= 5.2.4.2)
|
||||
bundler (>= 1.3.0)
|
||||
railties (= 5.2.4.1)
|
||||
railties (= 5.2.4.2)
|
||||
sprockets-rails (>= 2.0.0)
|
||||
rails-dom-testing (2.0.3)
|
||||
activesupport (>= 4.2.0)
|
||||
nokogiri (>= 1.6)
|
||||
rails-html-sanitizer (1.3.0)
|
||||
loofah (~> 2.3)
|
||||
railties (5.2.4.1)
|
||||
actionpack (= 5.2.4.1)
|
||||
activesupport (= 5.2.4.1)
|
||||
railties (5.2.4.2)
|
||||
actionpack (= 5.2.4.2)
|
||||
activesupport (= 5.2.4.2)
|
||||
method_source
|
||||
rake (>= 0.8.7)
|
||||
thor (>= 0.19.0, < 2.0)
|
||||
@ -135,15 +135,15 @@ GEM
|
||||
rbpdf-font (~> 1.19.0)
|
||||
rbpdf-font (1.19.1)
|
||||
redcarpet (3.5.0)
|
||||
regexp_parser (1.6.0)
|
||||
regexp_parser (1.7.0)
|
||||
request_store (1.4.1)
|
||||
rack (>= 1.4)
|
||||
roadie (3.5.1)
|
||||
roadie (4.0.0)
|
||||
css_parser (~> 1.4)
|
||||
nokogiri (~> 1.8)
|
||||
roadie-rails (2.1.0)
|
||||
roadie-rails (2.1.1)
|
||||
railties (>= 5.1, < 6.1)
|
||||
roadie (~> 3.1)
|
||||
roadie (>= 3.1, < 5.0)
|
||||
rouge (3.12.0)
|
||||
rubocop (0.76.0)
|
||||
jaro_winkler (~> 1.5.1)
|
||||
@ -152,15 +152,15 @@ GEM
|
||||
rainbow (>= 2.2.2, < 4.0)
|
||||
ruby-progressbar (~> 1.7)
|
||||
unicode-display_width (>= 1.4.0, < 1.7)
|
||||
rubocop-performance (1.5.1)
|
||||
rubocop-performance (1.5.2)
|
||||
rubocop (>= 0.71.0)
|
||||
rubocop-rails (2.3.2)
|
||||
rack (>= 1.1)
|
||||
rubocop (>= 0.72.0)
|
||||
ruby-openid (2.9.2)
|
||||
ruby-progressbar (1.10.1)
|
||||
rubyzip (2.0.0)
|
||||
selenium-webdriver (3.142.6)
|
||||
rubyzip (2.3.0)
|
||||
selenium-webdriver (3.142.7)
|
||||
childprocess (>= 0.5, < 4.0)
|
||||
rubyzip (>= 1.2.2)
|
||||
simplecov (0.17.1)
|
||||
@ -177,15 +177,15 @@ GEM
|
||||
sprockets (>= 3.0.0)
|
||||
thor (1.0.1)
|
||||
thread_safe (0.3.6)
|
||||
tzinfo (1.2.5)
|
||||
tzinfo (1.2.7)
|
||||
thread_safe (~> 0.1)
|
||||
unicode-display_width (1.6.0)
|
||||
unicode-display_width (1.6.1)
|
||||
websocket-driver (0.7.1)
|
||||
websocket-extensions (>= 0.1.0)
|
||||
websocket-extensions (0.1.4)
|
||||
xpath (3.2.0)
|
||||
nokogiri (~> 1.8)
|
||||
yard (0.9.20)
|
||||
yard (0.9.24)
|
||||
|
||||
PLATFORMS
|
||||
ruby
|
||||
@ -208,7 +208,7 @@ DEPENDENCIES
|
||||
pg (~> 1.1.4)
|
||||
puma (~> 3.7)
|
||||
rack-openid
|
||||
rails (= 5.2.4.1)
|
||||
rails (= 5.2.4.2)
|
||||
rails-dom-testing
|
||||
rbpdf (~> 1.20.0)
|
||||
redcarpet (~> 3.5.0)
|
||||
@ -224,5 +224,8 @@ DEPENDENCIES
|
||||
tzinfo-data
|
||||
yard
|
||||
|
||||
RUBY VERSION
|
||||
ruby 2.6.6p146
|
||||
|
||||
BUNDLED WITH
|
||||
2.1.4
|
||||
|
@ -1,13 +1,13 @@
|
||||
{ stdenv, fetchurl, bundlerEnv, ruby }:
|
||||
|
||||
let
|
||||
version = "4.1.0";
|
||||
version = "4.1.1";
|
||||
rubyEnv = bundlerEnv {
|
||||
name = "redmine-env-${version}";
|
||||
|
||||
inherit ruby;
|
||||
gemdir = ./.;
|
||||
groups = [ "ldap" "openid" ];
|
||||
groups = [ "development" "ldap" "markdown" "minimagick" "openid" "test" ];
|
||||
};
|
||||
in
|
||||
stdenv.mkDerivation rec {
|
||||
@ -16,7 +16,7 @@ in
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://www.redmine.org/releases/${pname}-${version}.tar.gz";
|
||||
sha256 = "1fxc0xql54cfvj4g8v31vsv19jbij326qkgdz2h5xlp09r821wli";
|
||||
sha256 = "1nndy5hz8zvfglxf1f3bsb1pkrfwinfxzkdan1vjs3rkckkszyh5";
|
||||
};
|
||||
|
||||
buildInputs = [ rubyEnv rubyEnv.wrappedRuby rubyEnv.bundler ];
|
||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user