dev/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Merge staging-next into staging

Browse Source
This commit is contained in:
github-actions[bot] 2024-06-21 12:01:53 +00:00 committed by GitHub
commit c6707a9686
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
275 changed files with 5428 additions and 1635 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
.github/CODEOWNERS vendored
View File

@ -152,6 +152,7 @@ nixos/modules/installer/tools/nix-fallback-paths.nix @raitobezarius
# C compilers
/pkgs/development/compilers/gcc
/pkgs/development/compilers/llvm @RossComputerGuy
/pkgs/development/compilers/emscripten @raitobezarius
/doc/languages-frameworks/emscripten.section.md @raitobezarius
@ -363,3 +364,16 @@ pkgs/by-name/lx/lxc* @adamcstephens
pkgs/by-name/lx/lxd* @adamcstephens
pkgs/os-specific/linux/lxc/ @adamcstephens
# ExpidusOS, Flutter
/pkgs/development/compilers/flutter @RossComputerGuy
/pkgs/desktops/expidus @RossComputerGuy
# GNU Tar & Zip
/pkgs/tools/archivers/gnutar @RossComputerGuy
/pkgs/tools/archivers/zip @RossComputerGuy
# SELinux
/pkgs/os-specific/linux/checkpolicy @RossComputerGuy
/pkgs/os-specific/linux/libselinux @RossComputerGuy
/pkgs/os-specific/linux/libsepol @RossComputerGuy

8
doc/languages-frameworks/ocaml.section.md
View File

@ -120,14 +120,6 @@ buildDunePackage rec {
}
```
Note about `minimalOCamlVersion`. A deprecated version of this argument was
spelled `minimumOCamlVersion`; setting the old attribute wrongly modifies the
derivation hash and is therefore inappropriate. As a technical dept, currently
packaged libraries may still use the old spelling: maintainers are invited to
fix this when updating packages. Massive renaming is strongly discouraged as it
would be challenging to review, difficult to test, and will cause unnecessary
rebuild.
The build will automatically fail if two distinct versions of the same library
are added to `buildInputs` (which usually happens transitively because of
`propagatedBuildInputs`). Set `dontDetectOcamlConflicts` to true to disable this

2
lib/attrsets.nix
View File

@ -11,7 +11,7 @@ let
in
rec {
inherit (builtins) attrNames listToAttrs hasAttr isAttrs getAttr removeAttrs;
inherit (builtins) attrNames listToAttrs hasAttr isAttrs getAttr removeAttrs intersectAttrs;
/**

6
lib/default.nix
View File

@ -87,8 +87,8 @@ let
recursiveUpdate matchAttrs mergeAttrsList overrideExisting showAttrPath getOutput
getBin getLib getDev getMan chooseDevOutputs zipWithNames zip
recurseIntoAttrs dontRecurseIntoAttrs cartesianProduct cartesianProductOfSets
mapCartesianProduct updateManyAttrsByPath;
inherit (self.lists) singleton forEach foldr fold foldl foldl' imap0 imap1
mapCartesianProduct updateManyAttrsByPath intersectAttrs removeAttrs;
inherit (self.lists) singleton forEach map foldr fold foldl foldl' imap0 imap1
ifilter0 concatMap flatten remove findSingle findFirst any all count
optional optionals toList range replicate partition zipListsWith zipLists
reverseList listDfs toposort sort sortOn naturalSort compareLists take
@ -105,7 +105,7 @@ let
escapeRegex escapeURL escapeXML replaceChars lowerChars
upperChars toLower toUpper addContextFrom splitString
removePrefix removeSuffix versionOlder versionAtLeast
getName getVersion
getName getVersion match split
cmakeOptionType cmakeBool cmakeFeature
mesonOption mesonBool mesonEnable
nameFromURL enableFeature enableFeatureAs withFeature

14
lib/licenses.nix
View File

@ -1278,11 +1278,21 @@ in mkLicense lset) ({
fullName = "xinetd License";
};
xskat = {
spdxId = "XSkat";
fullName = "XSkat License";
};
zlib = {
spdxId = "Zlib";
fullName = "zlib License";
};
zsh = {
url = "https://github.com/zsh-users/zsh/blob/master/LICENCE";
fulllName = "Zsh License";
};
zpl20 = {
spdxId = "ZPL-2.0";
fullName = "Zope Public License 2.0";
@ -1293,10 +1303,6 @@ in mkLicense lset) ({
fullName = "Zope Public License 2.1";
};
xskat = {
spdxId = "XSkat";
fullName = "XSkat License";
};
} // {
# TODO: remove legacy aliases
apsl10 = {

58
maintainers/maintainer-list.nix
View File

@ -1551,12 +1551,6 @@
githubId = 56009;
name = "Arcadio Rubio García";
};
arcayr = {
email = "nix@arcayr.online";
github = "arcayr";
githubId = 11192354;
name = "Elliot Speck";
};
archer-65 = {
email = "mario.liguori.056@gmail.com";
github = "archer-65";
@ -6506,6 +6500,18 @@
githubId = 8182846;
name = "Francesco Gazzetta";
};
fidgetingbits = {
name = "fidgetingbits";
email = "nixpkgs.xe7au@passmail.net";
matrix = "@fidgetingbits:matrix.org";
github = "fidgetingbits";
githubId = 13679876;
keys = [
{ fingerprint = "U+vNNrQxJRj3NPu9EoD0LFZssRbk6LBg4YPN5nFvQvs"; }
{ fingerprint = "lX5ewVcaQLxuzqI92gujs3jFNki4d8qF+PATexMijoQ"; }
{ fingerprint = "elY15tXap1tddxbBVoUoAioe1u0RDWti5rc9cauSmwo"; }
];
};
figsoda = {
email = "figsoda@pm.me";
matrix = "@figsoda:matrix.org";
@ -6812,6 +6818,14 @@
matrix = "@frogamic:beeper.com";
keys = [ { fingerprint = "779A 7CA8 D51C C53A 9C51 43F7 AAE0 70F0 67EC 00A5"; } ];
};
frontear = {
name = "Ali Rizvi";
email = "perm-iterate-0b@icloud.com";
matrix = "@frontear:matrix.org";
github = "Frontear";
githubId = 31909298;
keys = [ { fingerprint = "C170 11B7 C0AA BB3F 7415 022C BCB5 CEFD E222 82F5"; } ];
};
frontsideair = {
email = "photonia@gmail.com";
github = "frontsideair";
@ -8399,6 +8413,12 @@
githubId = 7403236;
name = "Markus J. Ankenbrand";
};
iivusly = {
email = "iivusly@icloud.com";
github = "iivusly";
githubId = 52052910;
name = "iivusly";
};
ikervagyok = {
email = "ikervagyok@gmail.com";
github = "ikervagyok";
@ -10574,13 +10594,6 @@
name = "Kat Inskip";
keys = [ { fingerprint = "9CC6 44B5 69CD A59B C874 C4C9 E8DD E3ED 1C90 F3A0"; } ];
};
kiwi = {
email = "envy1988@gmail.com";
github = "Kiwi";
githubId = 35715;
name = "Robert Djubek";
keys = [ { fingerprint = "8992 44FC D291 5CA2 0A97 802C 156C 88A5 B0A0 4B2A"; } ];
};
kjeremy = {
email = "kjeremy@gmail.com";
name = "Jeremy Kolb";
@ -13137,6 +13150,12 @@
githubId = 3269878;
name = "Miguel Madrid Mencía";
};
mimvoid = {
github = "mimvoid";
githubId = 153698678;
email = "mimvoid@proton.me";
name = "mimvoid";
};
mindavi = {
email = "rol3517@gmail.com";
github = "Mindavi";
@ -17688,13 +17707,6 @@
githubId = 226872;
name = "Samuel Ainsworth";
};
samueldr = {
email = "samuel@dionne-riel.com";
matrix = "@samueldr:matrix.org";
github = "samueldr";
githubId = 132835;
name = "Samuel Dionne-Riel";
};
samuelefacenda = {
name = "Samuele Facenda";
email = "samuele.facenda@gmail.com";
@ -20025,12 +20037,6 @@
githubId = 1391883;
name = "Tom Hall";
};
thubrecht = {
email = "tom@hubrecht.ovh";
github = "Tom-Hubrecht";
githubId = 26650391;
name = "Tom Hubrecht";
};
Thunderbottom = {
email = "chinmaydpai@gmail.com";
github = "Thunderbottom";

6
maintainers/team-list.nix
View File

@ -677,12 +677,6 @@ with lib.maintainers;
shortName = "Mercury Employees";
};
mobile = {
members = [ samueldr ];
scope = "Maintain Mobile NixOS.";
shortName = "Mobile";
};
nix = {
members = [
eelco

2
nixos/doc/manual/release-notes/rl-2405.section.md
View File

@ -62,7 +62,7 @@ In addition to numerous new and upgraded packages, this release has the followin
<!-- Please keep entries alphabetically sorted. -->
- [Anki Sync Server](https://docs.ankiweb.net/sync-server.html), the official sync server built into recent versions of Anki. Available as [services.anki-sync-server](#opt-services.anki-sync-server.enable).
The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been marked deprecated and will be dropped after 24.05 due to lack of maintenance of the anki-sync-server software.
The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been marked deprecated and will be dropped after 24.05 due to lack of maintenance of the ankisyncd software.
- [ALVR](https://github.com/alvr-org/alvr), a VR desktop streamer. Available as [programs.alvr](#opt-programs.alvr.enable).

10
nixos/doc/manual/release-notes/rl-2411.section.md
View File

@ -25,6 +25,16 @@
- `androidenv.androidPkgs_9_0` has been removed, and replaced with `androidenv.androidPkgs` for a more complete Android SDK including support for Android 9 and later.
- `wstunnel` has had a major version upgrade that entailed rewriting the program in Rust.
The module was updated to accommodate for breaking changes.
Breaking changes to the module API were minimised as much as possible,
but some were nonetheless inevitable due to changes in the upstream CLI.
Certain options were moved from separate CLI arguments into the forward specifications,
and those options were also removed from the module's API,
please consult the wstunnel man page for more detail.
Also be aware that if you have set additional options in `services.wstunnel.{clients,servers}.<name>.extraArgs`,
that those might have been removed or modified upstream.
- `nginx` package no longer includes `gd` and `geoip` dependencies. For enabling it, override `nginx` package with the optionals `withImageFilter` and `withGeoIP`.
- `openssh` and `openssh_hpn` are now compiled without Kerberos 5 / GSSAPI support in an effort to reduce the attack surface of the components for the majority of users. Users needing this support can

10
nixos/modules/config/swap.nix
View File

@ -275,7 +275,6 @@ in
chattr +C "$DEVICE" 2>/dev/null || true
dd if=/dev/zero of="$DEVICE" bs=1M count=${toString sw.size}
chmod 0600 ${sw.device}
${optionalString (!sw.randomEncryption.enable) "mkswap ${sw.realDevice}"}
fi
''}
@ -292,9 +291,12 @@ in
unitConfig.RequiresMountsFor = [ "${dirOf sw.device}" ];
unitConfig.DefaultDependencies = false; # needed to prevent a cycle
serviceConfig.Type = "oneshot";
serviceConfig.RemainAfterExit = sw.randomEncryption.enable;
serviceConfig.ExecStop = optionalString sw.randomEncryption.enable "${pkgs.cryptsetup}/bin/cryptsetup luksClose ${sw.deviceName}";
serviceConfig = {
Type = "oneshot";
RemainAfterExit = sw.randomEncryption.enable;
UMask = "0177";
ExecStop = optionalString sw.randomEncryption.enable "${pkgs.cryptsetup}/bin/cryptsetup luksClose ${sw.deviceName}";
};
restartIfChanged = false;
};

2
nixos/modules/services/matrix/synapse.nix
View File

@ -1121,7 +1121,7 @@ in {
The client listener on matrix-synapse is configured to use UNIX domain sockets.
This configuration is incompatible with the `register_new_matrix_user` script.
Disable `services.mastrix-synapse.enableRegistrationScript` to continue.
Disable `services.matrix-synapse.enableRegistrationScript` to continue.
'';
}
]

292
nixos/modules/services/misc/snapper.nix
View File

@ -1,16 +1,32 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
with lib;
let
cfg = config.services.snapper;
mkValue = v:
if isList v then "\"${concatMapStringsSep " " (escape [ "\\" " " ]) v}\""
else if v == true then "yes"
else if v == false then "no"
else if isString v then "\"${v}\""
else builtins.toJSON v;
mkValue =
v:
if isList v then
"\"${
concatMapStringsSep " " (escape [
"\\"
" "
]) v
}\""
else if v == true then
"yes"
else if v == false then
"no"
else if isString v then
"\"${v}\""
else
builtins.toJSON v;
mkKeyValue = k: v: "${k}=${mkValue v}";
@ -43,7 +59,7 @@ let
ALLOW_GROUPS = mkOption {
type = types.listOf safeStr;
default = [];
default = [ ];
description = ''
List of groups allowed to operate with the config.
@ -53,7 +69,7 @@ let
ALLOW_USERS = mkOption {
type = types.listOf safeStr;
default = [];
default = [ ];
example = [ "alice" ];
description = ''
List of users allowed to operate with the config. "root" is always
@ -78,6 +94,54 @@ let
Defines whether hourly snapshots should be created.
'';
};
TIMELINE_LIMIT_HOURLY = mkOption {
type = types.str;
default = "10";
description = ''
Limits for timeline cleanup.
'';
};
TIMELINE_LIMIT_DAILY = mkOption {
type = types.str;
default = "10";
description = ''
Limits for timeline cleanup.
'';
};
TIMELINE_LIMIT_WEEKLY = mkOption {
type = types.str;
default = "0";
description = ''
Limits for timeline cleanup.
'';
};
TIMELINE_LIMIT_MONTHLY = mkOption {
type = types.str;
default = "10";
description = ''
Limits for timeline cleanup.
'';
};
TIMELINE_LIMIT_QUARTERLY = mkOption {
type = types.str;
default = "0";
description = ''
Limits for timeline cleanup.
'';
};
TIMELINE_LIMIT_YEARLY = mkOption {
type = types.str;
default = "10";
description = ''
Limits for timeline cleanup.
'';
};
};
in
@ -152,112 +216,129 @@ in
is valid here, even if NixOS doesn't document it.
'';
type = types.attrsOf (types.submodule {
freeformType = types.attrsOf (types.oneOf [ (types.listOf safeStr) types.bool safeStr types.number ]);
type = types.attrsOf (
types.submodule {
freeformType = types.attrsOf (
types.oneOf [
(types.listOf safeStr)
types.bool
safeStr
types.number
]
);
options = configOptions;
});
options = configOptions;
}
);
};
};
config = mkIf (cfg.configs != {}) (let
documentation = [ "man:snapper(8)" "man:snapper-configs(5)" ];
in {
config = mkIf (cfg.configs != { }) (
let
documentation = [
"man:snapper(8)"
"man:snapper-configs(5)"
];
in
{
environment = {
environment = {
systemPackages = [ pkgs.snapper ];
systemPackages = [ pkgs.snapper ];
# Note: snapper/config-templates/default is only needed for create-config
# which is not the NixOS way to configure.
etc =
{
# Note: snapper/config-templates/default is only needed for create-config
# which is not the NixOS way to configure.
etc = {
"sysconfig/snapper".text = ''
SNAPPER_CONFIGS="${lib.concatStringsSep " " (builtins.attrNames cfg.configs)}"
'';
}
// (mapAttrs' (name: subvolume: nameValuePair "snapper/configs/${name}" ({
text = lib.generators.toKeyValue { inherit mkKeyValue; } (filterAttrs (k: v: v != defaultOf k) subvolume);
})) cfg.configs)
// (lib.optionalAttrs (cfg.filters != null) {
"snapper/filters/default.txt".text = cfg.filters;
});
};
services.dbus.packages = [ pkgs.snapper ];
systemd.services.snapperd = {
description = "DBus interface for snapper";
inherit documentation;
serviceConfig = {
Type = "dbus";
BusName = "org.opensuse.Snapper";
ExecStart = "${pkgs.snapper}/bin/snapperd";
CapabilityBoundingSet = "CAP_DAC_OVERRIDE CAP_FOWNER CAP_CHOWN CAP_FSETID CAP_SETFCAP CAP_SYS_ADMIN CAP_SYS_MODULE CAP_IPC_LOCK CAP_SYS_NICE";
LockPersonality = true;
NoNewPrivileges = false;
PrivateNetwork = true;
ProtectHostname = true;
RestrictAddressFamilies = "AF_UNIX";
RestrictRealtime = true;
"sysconfig/snapper".text = ''
SNAPPER_CONFIGS="${lib.concatStringsSep " " (builtins.attrNames cfg.configs)}"
'';
}
// (mapAttrs' (
name: subvolume:
nameValuePair "snapper/configs/${name}" ({
text = lib.generators.toKeyValue { inherit mkKeyValue; } (
filterAttrs (k: v: v != defaultOf k) subvolume
);
})
) cfg.configs)
// (lib.optionalAttrs (cfg.filters != null) { "snapper/filters/default.txt".text = cfg.filters; });
};
};
systemd.services.snapper-timeline = {
description = "Timeline of Snapper Snapshots";
inherit documentation;
requires = [ "local-fs.target" ];
serviceConfig.ExecStart = "${pkgs.snapper}/lib/snapper/systemd-helper --timeline";
};
services.dbus.packages = [ pkgs.snapper ];
systemd.timers.snapper-timeline = {
wantedBy = [ "timers.target" ];
timerConfig = {
Persistent = cfg.persistentTimer;
OnCalendar = cfg.snapshotInterval;
systemd.services.snapperd = {
description = "DBus interface for snapper";
inherit documentation;
serviceConfig = {
Type = "dbus";
BusName = "org.opensuse.Snapper";
ExecStart = "${pkgs.snapper}/bin/snapperd";
CapabilityBoundingSet = "CAP_DAC_OVERRIDE CAP_FOWNER CAP_CHOWN CAP_FSETID CAP_SETFCAP CAP_SYS_ADMIN CAP_SYS_MODULE CAP_IPC_LOCK CAP_SYS_NICE";
LockPersonality = true;
NoNewPrivileges = false;
PrivateNetwork = true;
ProtectHostname = true;
RestrictAddressFamilies = "AF_UNIX";
RestrictRealtime = true;
};
};
};
systemd.services.snapper-cleanup = {
description = "Cleanup of Snapper Snapshots";
inherit documentation;
serviceConfig.ExecStart = "${pkgs.snapper}/lib/snapper/systemd-helper --cleanup";
};
systemd.services.snapper-timeline = {
description = "Timeline of Snapper Snapshots";
inherit documentation;
requires = [ "local-fs.target" ];
serviceConfig.ExecStart = "${pkgs.snapper}/lib/snapper/systemd-helper --timeline";
};
systemd.timers.snapper-cleanup = {
description = "Cleanup of Snapper Snapshots";
inherit documentation;
wantedBy = [ "timers.target" ];
requires = [ "local-fs.target" ];
timerConfig.OnBootSec = "10m";
timerConfig.OnUnitActiveSec = cfg.cleanupInterval;
};
systemd.timers.snapper-timeline = {
wantedBy = [ "timers.target" ];
timerConfig = {
Persistent = cfg.persistentTimer;
OnCalendar = cfg.snapshotInterval;
};
};
systemd.services.snapper-boot = lib.mkIf cfg.snapshotRootOnBoot {
description = "Take snapper snapshot of root on boot";
inherit documentation;
serviceConfig.ExecStart = "${pkgs.snapper}/bin/snapper --config root create --cleanup-algorithm number --description boot";
serviceConfig.Type = "oneshot";
requires = [ "local-fs.target" ];
wantedBy = [ "multi-user.target" ];
unitConfig.ConditionPathExists = "/etc/snapper/configs/root";
};
systemd.services.snapper-cleanup = {
description = "Cleanup of Snapper Snapshots";
inherit documentation;
serviceConfig.ExecStart = "${pkgs.snapper}/lib/snapper/systemd-helper --cleanup";
};
assertions =
concatMap
(name:
let
sub = cfg.configs.${name};
in
[ { assertion = !(sub ? extraConfig);
message = ''
The option definition `services.snapper.configs.${name}.extraConfig' no longer has any effect; please remove it.
The contents of this option should be migrated to attributes on `services.snapper.configs.${name}'.
'';
}
] ++
systemd.timers.snapper-cleanup = {
description = "Cleanup of Snapper Snapshots";
inherit documentation;
wantedBy = [ "timers.target" ];
requires = [ "local-fs.target" ];
timerConfig.OnBootSec = "10m";
timerConfig.OnUnitActiveSec = cfg.cleanupInterval;
};
systemd.services.snapper-boot = lib.mkIf cfg.snapshotRootOnBoot {
description = "Take snapper snapshot of root on boot";
inherit documentation;
serviceConfig.ExecStart = "${pkgs.snapper}/bin/snapper --config root create --cleanup-algorithm number --description boot";
serviceConfig.Type = "oneshot";
requires = [ "local-fs.target" ];
wantedBy = [ "multi-user.target" ];
unitConfig.ConditionPathExists = "/etc/snapper/configs/root";
};
assertions = concatMap (
name:
let
sub = cfg.configs.${name};
in
[
{
assertion = !(sub ? extraConfig);
message = ''
The option definition `services.snapper.configs.${name}.extraConfig' no longer has any effect; please remove it.
The contents of this option should be migrated to attributes on `services.snapper.configs.${name}'.
'';
}
]
++
map
(attr: {
assertion = !(hasAttr attr sub);
@ -265,8 +346,11 @@ in
The option definition `services.snapper.configs.${name}.${attr}' has been renamed to `services.snapper.configs.${name}.${toUpper attr}'.
'';
})
[ "fstype" "subvolume" ]
)
(attrNames cfg.configs);
});
[
"fstype"
"subvolume"
]
) (attrNames cfg.configs);
}
);
}

2
nixos/modules/services/monitoring/grafana-reporter.nix
View File

@ -60,7 +60,7 @@ in {
"-templates ${cfg.templateDir}"
];
in {
ExecStart = "${pkgs.grafana_reporter}/bin/grafana-reporter ${args}";
ExecStart = "${pkgs.grafana-reporter}/bin/grafana-reporter ${args}";
};
};
};

1
nixos/modules/services/networking/netbird.nix
View File

@ -37,7 +37,6 @@ in
{
meta.maintainers = with maintainers; [
misuzu
thubrecht
];
meta.doc = ./netbird.md;

2
nixos/modules/services/networking/netbird/server.nix
View File

@ -16,7 +16,7 @@ in
{
meta = {
maintainers = with lib.maintainers; [thubrecht patrickdag];
maintainers = with lib.maintainers; [patrickdag];
doc = ./server.md;
};

427
nixos/modules/services/networking/wstunnel.nix
View File

@ -1,83 +1,94 @@
{ config, lib, options, pkgs, utils, ... }:
with lib;
{ config
, lib
, pkgs
, ...
}:
let
cfg = config.services.wstunnel;
attrsToArgs = attrs: utils.escapeSystemdExecArgs (
mapAttrsToList
(name: value: if value == true then "--${name}" else "--${name}=${value}")
attrs
);
hostPortToString = { host, port }: "${host}:${builtins.toString port}";
hostPortToString = { host, port }: "${host}:${toString port}";
hostPortSubmodule = {
options = {
host = mkOption {
host = lib.mkOption {
description = "The hostname.";
type = types.str;
type = lib.types.str;
};
port = mkOption {
port = lib.mkOption {
description = "The port.";
type = types.port;
type = lib.types.port;
};
};
};
commonOptions = {
enable = mkOption {
description = "Whether to enable this `wstunnel` instance.";
type = types.bool;
enable = lib.mkEnableOption "this `wstunnel` instance." // {
default = true;
};
package = mkPackageOption pkgs "wstunnel" {};
package = lib.mkPackageOption pkgs "wstunnel" { };
autoStart = mkOption {
description = "Whether this tunnel server should be started automatically.";
type = types.bool;
default = true;
};
autoStart =
lib.mkEnableOption "starting this wstunnel instance automatically." // {
default = true;
};
extraArgs = mkOption {
description = "Extra command line arguments to pass to `wstunnel`. Attributes of the form `argName = true;` will be translated to `--argName`, and `argName = \"value\"` to `--argName=value`.";
type = with types; attrsOf (either str bool);
default = {};
extraArgs = lib.mkOption {
description = ''
Extra command line arguments to pass to `wstunnel`.
Attributes of the form `argName = true;` will be translated to `--argName`,
and `argName = \"value\"` to `--argName value`.
'';
type = with lib.types; attrsOf (either str bool);
default = { };
example = {
"someNewOption" = true;
"someNewOptionWithValue" = "someValue";
};
};
loggingLevel = mkOption {
loggingLevel = lib.mkOption {
description = ''
Passed to --log-lvl
Control the log verbosity. i.e: TRACE, DEBUG, INFO, WARN, ERROR, OFF
For more details, checkout [EnvFilter](https://docs.rs/tracing-subscriber/latest/tracing_subscriber/filter/struct.EnvFilter.html#example-syntax)
'';
type = types.nullOr types.str;
type = lib.types.nullOr lib.types.str;
example = "INFO";
default = null;
};
environmentFile = mkOption {
description = "Environment file to be passed to the systemd service. Useful for passing secrets to the service to prevent them from being world-readable in the Nix store. Note however that the secrets are passed to `wstunnel` through the command line, which makes them locally readable for all users of the system at runtime.";
type = types.nullOr types.path;
environmentFile = lib.mkOption {
description = ''
Environment file to be passed to the systemd service.
Useful for passing secrets to the service to prevent them from being
world-readable in the Nix store.
Note however that the secrets are passed to `wstunnel` through
the command line, which makes them locally readable for all users of
the system at runtime.
'';
type = lib.types.nullOr lib.types.path;
default = null;
example = "/var/lib/secrets/wstunnelSecrets";
};
};
serverSubmodule = { config, ...}: {
serverSubmodule = { config, ... }: {
options = commonOptions // {
listen = mkOption {
description = "Address and port to listen on. Setting the port to a value below 1024 will also give the process the required `CAP_NET_BIND_SERVICE` capability.";
type = types.submodule hostPortSubmodule;
listen = lib.mkOption {
description = ''
Address and port to listen on.
Setting the port to a value below 1024 will also give the process
the required `CAP_NET_BIND_SERVICE` capability.
'';
type = lib.types.submodule hostPortSubmodule;
default = {
host = "0.0.0.0";
port = if config.enableHTTPS then 443 else 80;
};
defaultText = literalExpression ''
defaultText = lib.literalExpression ''
{
host = "0.0.0.0";
port = if enableHTTPS then 443 else 80;
@ -85,39 +96,50 @@ let
'';
};
restrictTo = mkOption {
description = "Accepted traffic will be forwarded only to this service. Set to `null` to allow forwarding to arbitrary addresses.";
type = types.listOf (types.submodule hostPortSubmodule);
default = [];
restrictTo = lib.mkOption {
description = ''
Accepted traffic will be forwarded only to this service.
'';
type = lib.types.listOf (lib.types.submodule hostPortSubmodule);
default = [ ];
example = [{
host = "127.0.0.1";
port = 51820;
}];
};
enableHTTPS = mkOption {
enableHTTPS = lib.mkOption {
description = "Use HTTPS for the tunnel server.";
type = types.bool;
type = lib.types.bool;
default = true;
};
tlsCertificate = mkOption {
description = "TLS certificate to use instead of the hardcoded one in case of HTTPS connections. Use together with `tlsKey`.";
type = types.nullOr types.path;
tlsCertificate = lib.mkOption {
description = ''
TLS certificate to use instead of the hardcoded one in case of HTTPS connections.
Use together with `tlsKey`.
'';
type = lib.types.nullOr lib.types.path;
default = null;
example = "/var/lib/secrets/cert.pem";
};
tlsKey = mkOption {
description = "TLS key to use instead of the hardcoded on in case of HTTPS connections. Use together with `tlsCertificate`.";
type = types.nullOr types.path;
tlsKey = lib.mkOption {
description = ''
TLS key to use instead of the hardcoded on in case of HTTPS connections.
Use together with `tlsCertificate`.
'';
type = lib.types.nullOr lib.types.path;
default = null;
example = "/var/lib/secrets/key.pem";
};
useACMEHost = mkOption {
description = "Use a certificate generated by the NixOS ACME module for the given host. Note that this will not generate a new certificate - you will need to do so with `security.acme.certs`.";
type = types.nullOr types.str;
useACMEHost = lib.mkOption {
description = ''
Use a certificate generated by the NixOS ACME module for the given host.
Note that this will not generate a new certificate - you will need to do so with `security.acme.certs`.
'';
type = lib.types.nullOr lib.types.str;
default = null;
example = "example.com";
};
@ -126,95 +148,113 @@ let
clientSubmodule = { config, ... }: {
options = commonOptions // {
connectTo = mkOption {
connectTo = lib.mkOption {
description = "Server address and port to connect to.";
type = types.str;
type = lib.types.str;
example = "https://wstunnel.server.com:8443";
};
localToRemote = mkOption {
localToRemote = lib.mkOption {
description = ''Listen on local and forwards traffic from remote.'';
type = types.listOf (types.str);
default = [];
type = lib.types.listOf (lib.types.str);
default = [ ];
example = [
"tcp://1212:google.com:443"
"unix:///tmp/wstunnel.sock:g.com:443"
];
};
remoteToLocal = mkOption {
remoteToLocal = lib.mkOption {
description = "Listen on remote and forwards traffic from local. Only tcp is supported";
type = types.listOf (types.str);
default = [];
type = lib.types.listOf lib.types.str;
default = [ ];
example = [
"tcp://1212:google.com:443"
"unix://wstunnel.sock:g.com:443"
];
};
addNetBind = mkEnableOption "Whether add CAP_NET_BIND_SERVICE to the tunnel service, this should be enabled if you want to bind port < 1024";
addNetBind = lib.mkEnableOption "Whether add CAP_NET_BIND_SERVICE to the tunnel service, this should be enabled if you want to bind port < 1024";
httpProxy = mkOption {
httpProxy = lib.mkOption {
description = ''
Proxy to use to connect to the wstunnel server (`USER:PASS@HOST:PORT`).
::: {.warning}
Passwords specified here will be world-readable in the Nix store! To pass a password to the service, point the `environmentFile` option to a file containing `PROXY_PASSWORD=<your-password-here>` and set this option to `<user>:$PROXY_PASSWORD@<host>:<port>`. Note however that this will also locally leak the passwords at runtime via e.g. /proc/<pid>/cmdline.
Passwords specified here will be world-readable in the Nix store!
To pass a password to the service, point the `environmentFile` option
to a file containing `PROXY_PASSWORD=<your-password-here>` and set
this option to `<user>:$PROXY_PASSWORD@<host>:<port>`.
Note however that this will also locally leak the passwords at
runtime via e.g. /proc/<pid>/cmdline.
:::
'';
type = types.nullOr types.str;
type = lib.types.nullOr lib.types.str;
default = null;
};
soMark = mkOption {
description = "Mark network packets with the SO_MARK sockoption with the specified value. Setting this option will also enable the required `CAP_NET_ADMIN` capability for the systemd service.";
type = types.nullOr types.int;
soMark = lib.mkOption {
description = ''
Mark network packets with the SO_MARK sockoption with the specified value.
Setting this option will also enable the required `CAP_NET_ADMIN` capability
for the systemd service.
'';
type = lib.types.nullOr lib.types.ints.unsigned;
default = null;
};
upgradePathPrefix = mkOption {
description = "Use a specific HTTP path prefix that will show up in the upgrade request to the `wstunnel` server. Useful when running `wstunnel` behind a reverse proxy.";
type = types.nullOr types.str;
upgradePathPrefix = lib.mkOption {
description = ''
Use a specific HTTP path prefix that will show up in the upgrade
request to the `wstunnel` server.
Useful when running `wstunnel` behind a reverse proxy.
'';
type = lib.types.nullOr lib.types.str;
default = null;
example = "wstunnel";
};
tlsSNI = mkOption {
tlsSNI = lib.mkOption {
description = "Use this as the SNI while connecting via TLS. Useful for circumventing hostname-based firewalls.";
type = types.nullOr types.str;
type = lib.types.nullOr lib.types.str;
default = null;
};
tlsVerifyCertificate = mkOption {
tlsVerifyCertificate = lib.mkOption {
description = "Whether to verify the TLS certificate of the server. It might be useful to set this to `false` when working with the `tlsSNI` option.";
type = types.bool;
type = lib.types.bool;
default = true;
};
# The original argument name `websocketPingFrequency` is a misnomer, as the frequency is the inverse of the interval.
websocketPingInterval = mkOption {
websocketPingInterval = lib.mkOption {
description = "Frequency at which the client will send websocket ping to the server.";
type = types.nullOr types.ints.unsigned;
type = lib.types.nullOr lib.types.ints.unsigned;
default = null;
};
upgradeCredentials = mkOption {
upgradeCredentials = lib.mkOption {
description = ''
Use these credentials to authenticate during the HTTP upgrade request (Basic authorization type, `USER:[PASS]`).
Use these credentials to authenticate during the HTTP upgrade request
(Basic authorization type, `USER:[PASS]`).
::: {.warning}
Passwords specified here will be world-readable in the Nix store! To pass a password to the service, point the `environmentFile` option to a file containing `HTTP_PASSWORD=<your-password-here>` and set this option to `<user>:$HTTP_PASSWORD`. Note however that this will also locally leak the passwords at runtime via e.g. /proc/<pid>/cmdline.
Passwords specified here will be world-readable in the Nix store!
To pass a password to the service, point the `environmentFile` option
to a file containing `HTTP_PASSWORD=<your-password-here>` and set this
option to `<user>:$HTTP_PASSWORD`.
Note however that this will also locally leak the passwords at runtime
via e.g. /proc/<pid>/cmdline.
:::
'';
type = types.nullOr types.str;
type = lib.types.nullOr lib.types.str;
default = null;
};
customHeaders = mkOption {
customHeaders = lib.mkOption {
description = "Custom HTTP headers to send during the upgrade request.";
type = types.attrsOf types.str;
default = {};
type = lib.types.attrsOf lib.types.str;
default = { };
example = {
"X-Some-Header" = "some-value";
};
@ -224,49 +264,63 @@ let
generateServerUnit = name: serverCfg: {
name = "wstunnel-server-${name}";
value = {
description = "wstunnel server - ${name}";
requires = [ "network.target" "network-online.target" ];
after = [ "network.target" "network-online.target" ];
wantedBy = optional serverCfg.autoStart "multi-user.target";
value =
let
certConfig = config.security.acme.certs.${serverCfg.useACMEHost};
in
{
description = "wstunnel server - ${name}";
requires = [ "network.target" "network-online.target" ];
after = [ "network.target" "network-online.target" ];
wantedBy = lib.optional serverCfg.autoStart "multi-user.target";
serviceConfig = let
certConfig = config.security.acme.certs."${serverCfg.useACMEHost}";
in {
Type = "simple";
ExecStart = with serverCfg; let
resolvedTlsCertificate = if useACMEHost != null
then "${certConfig.directory}/fullchain.pem"
else tlsCertificate;
resolvedTlsKey = if useACMEHost != null
then "${certConfig.directory}/key.pem"
else tlsKey;
in ''
${package}/bin/wstunnel \
environment.RUST_LOG = serverCfg.loggingLevel;
serviceConfig = {
Type = "exec";
EnvironmentFile =
lib.optional (serverCfg.environmentFile != null) serverCfg.environmentFile;
DynamicUser = true;
SupplementaryGroups =
lib.optional (serverCfg.useACMEHost != null) certConfig.group;
PrivateTmp = true;
AmbientCapabilities =
lib.optionals (serverCfg.listen.port < 1024) [ "CAP_NET_BIND_SERVICE" ];
NoNewPrivileges = true;
RestrictNamespaces = "uts ipc pid user cgroup";
ProtectSystem = "strict";
ProtectHome = true;
ProtectKernelTunables = true;
ProtectKernelModules = true;
ProtectControlGroups = true;
PrivateDevices = true;
RestrictSUIDSGID = true;
Restart = "on-failure";
RestartSec = 2;
RestartSteps = 20;
RestartMaxDelaySec = "5min";
};
script = with serverCfg; ''
${lib.getExe package} \
server \
${concatStringsSep " " (builtins.map (hostPair: "--restrict-to ${utils.escapeSystemdExecArg (hostPortToString hostPair)}") restrictTo)} \
${optionalString (resolvedTlsCertificate != null) "--tls-certificate ${utils.escapeSystemdExecArg resolvedTlsCertificate}"} \
${optionalString (resolvedTlsKey != null) "--tls-private-key ${utils.escapeSystemdExecArg resolvedTlsKey}"} \
${optionalString (loggingLevel != null) "--log-lvl ${loggingLevel}"} \
${attrsToArgs extraArgs} \
${utils.escapeSystemdExecArg "${if enableHTTPS then "wss" else "ws"}://${hostPortToString listen}"}
${lib.cli.toGNUCommandLineShell { } (
lib.recursiveUpdate
{
restrict-to = map hostPortToString restrictTo;
tls-certificate = if useACMEHost != null
then "${certConfig.directory}/fullchain.pem"
else "${tlsCertificate}";
tls-private-key = if useACMEHost != null
then "${certConfig.directory}/key.pem"
else "${tlsKey}";
}
extraArgs
)} \
${lib.escapeShellArg "${if enableHTTPS then "wss" else "ws"}://${hostPortToString listen}"}
'';
EnvironmentFile = optional (serverCfg.environmentFile != null) serverCfg.environmentFile;
DynamicUser = true;
SupplementaryGroups = optional (serverCfg.useACMEHost != null) certConfig.group;
PrivateTmp = true;
AmbientCapabilities = optionals (serverCfg.listen.port < 1024) [ "CAP_NET_BIND_SERVICE" ];
NoNewPrivileges = true;
RestrictNamespaces = "uts ipc pid user cgroup";
ProtectSystem = "strict";
ProtectHome = true;
ProtectKernelTunables = true;
ProtectKernelModules = true;
ProtectControlGroups = true;
PrivateDevices = true;
RestrictSUIDSGID = true;
};
};
};
generateClientUnit = name: clientCfg: {
@ -275,30 +329,19 @@ let
description = "wstunnel client - ${name}";
requires = [ "network.target" "network-online.target" ];
after = [ "network.target" "network-online.target" ];
wantedBy = optional clientCfg.autoStart "multi-user.target";
wantedBy = lib.optional clientCfg.autoStart "multi-user.target";
environment.RUST_LOG = clientCfg.loggingLevel;
serviceConfig = {
Type = "simple";
ExecStart = with clientCfg; ''
${package}/bin/wstunnel client \
${concatStringsSep " " (builtins.map (x: "--local-to-remote ${x}") localToRemote)} \
${concatStringsSep " " (builtins.map (x: "--remote-to-local ${x}") remoteToLocal)} \
${concatStringsSep " " (mapAttrsToList (n: v: "--http-headers \"${n}: ${v}\"") customHeaders)} \
${optionalString (httpProxy != null) "--http-proxy ${httpProxy}"} \
${optionalString (soMark != null) "--socket-so-mark=${toString soMark}"} \
${optionalString (upgradePathPrefix != null) "--http-upgrade-path-prefix ${upgradePathPrefix}"} \
${optionalString (tlsSNI != null) "--tls-sni-override ${tlsSNI}"} \
${optionalString tlsVerifyCertificate "--tls-verify-certificate"} \
${optionalString (websocketPingInterval != null) "--websocket-ping-frequency-sec ${toString websocketPingInterval}"} \
${optionalString (upgradeCredentials != null) "--http-upgrade-credentials ${upgradeCredentials}"} \
${optionalString (loggingLevel != null) "--log-lvl ${loggingLevel}"} \
${attrsToArgs extraArgs} \
${utils.escapeSystemdExecArg connectTo}
'';
EnvironmentFile = optional (clientCfg.environmentFile != null) clientCfg.environmentFile;
Type = "exec";
EnvironmentFile =
lib.optional (clientCfg.environmentFile != null) clientCfg.environmentFile;
DynamicUser = true;
PrivateTmp = true;
AmbientCapabilities = (optionals (clientCfg.soMark != null) [ "CAP_NET_ADMIN" ]) ++ (optionals (clientCfg.addNetBind) [ "CAP_NET_BIND_SERVICE" ]);
AmbientCapabilities =
(lib.optionals clientCfg.addNetBind [ "CAP_NET_BIND_SERVICE" ]) ++
(lib.optionals (clientCfg.soMark != null) [ "CAP_NET_ADMIN" ]);
NoNewPrivileges = true;
RestrictNamespaces = "uts ipc pid user cgroup";
ProtectSystem = "strict";
@ -308,17 +351,45 @@ let
ProtectControlGroups = true;
PrivateDevices = true;
RestrictSUIDSGID = true;
Restart = "on-failure";
RestartSec = 2;
RestartSteps = 20;
RestartMaxDelaySec = "5min";
};
script = with clientCfg; ''
${lib.getExe package} \
client \
${lib.cli.toGNUCommandLineShell { } (
lib.recursiveUpdate
{
local-to-remote = localToRemote;
remote-to-local = remoteToLocal;
http-headers = lib.mapAttrsToList (n: v: "${n}:${v}") customHeaders;
http-proxy = httpProxy;
socket-so-mark = soMark;
http-upgrade-path-prefix = upgradePathPrefix;
tls-sni-override = tlsSNI;
tls-verify-certificate = tlsVerifyCertificate;
websocket-ping-frequency-sec = websocketPingInterval;
http-upgrade-credentials = upgradeCredentials;
}
extraArgs
)} \
${lib.escapeShellArg connectTo}
'';
};
};
in {
in
{
options.services.wstunnel = {
enable = mkEnableOption "wstunnel";
enable = lib.mkEnableOption "wstunnel";
servers = mkOption {
servers = lib.mkOption {
description = "`wstunnel` servers to set up.";
type = types.attrsOf (types.submodule serverSubmodule);
default = {};
type = lib.types.attrsOf (lib.types.submodule serverSubmodule);
default = { };
example = {
"wg-tunnel" = {
listen = {
@ -336,13 +407,13 @@ in {
};
};
clients = mkOption {
clients = lib.mkOption {
description = "`wstunnel` clients to set up.";
type = types.attrsOf (types.submodule clientSubmodule);
default = {};
type = lib.types.attrsOf (lib.types.submodule clientSubmodule);
default = { };
example = {
"wg-tunnel" = {
connectTo = "https://wstunnel.server.com:8443";
connectTo = "wss://wstunnel.server.com:8443";
localToRemote = [
"tcp://1212:google.com:443"
"tcp://2:n.lan:4?proxy_protocol"
@ -356,28 +427,42 @@ in {
};
};
config = mkIf cfg.enable {
systemd.services = (mapAttrs' generateServerUnit (filterAttrs (n: v: v.enable) cfg.servers)) // (mapAttrs' generateClientUnit (filterAttrs (n: v: v.enable) cfg.clients));
config = lib.mkIf cfg.enable {
systemd.services =
(lib.mapAttrs' generateServerUnit (lib.filterAttrs (n: v: v.enable) cfg.servers)) //
(lib.mapAttrs' generateClientUnit (lib.filterAttrs (n: v: v.enable) cfg.clients));
assertions = (mapAttrsToList (name: serverCfg: {
assertion = !(serverCfg.useACMEHost != null && (serverCfg.tlsCertificate != null || serverCfg.tlsKey != null));
message = ''
Options services.wstunnel.servers."${name}".useACMEHost and services.wstunnel.servers."${name}".{tlsCertificate, tlsKey} are mutually exclusive.
'';
}) cfg.servers) ++
(mapAttrsToList (name: serverCfg: {
assertion = !((serverCfg.tlsCertificate != null || serverCfg.tlsKey != null) && !(serverCfg.tlsCertificate != null && serverCfg.tlsKey != null));
message = ''
services.wstunnel.servers."${name}".tlsCertificate and services.wstunnel.servers."${name}".tlsKey need to be set together.
'';
}) cfg.servers) ++
(mapAttrsToList (name: clientCfg: {
assertion = !(clientCfg.localToRemote == [] && clientCfg.remoteToLocal == []);
message = ''
Either one of services.wstunnel.clients."${name}".localToRemote or services.wstunnel.clients."${name}".remoteToLocal must be set.
'';
}) cfg.clients);
assertions =
(lib.mapAttrsToList
(name: serverCfg: {
assertion =
!(serverCfg.useACMEHost != null && serverCfg.tlsCertificate != null);
message = ''
Options services.wstunnel.servers."${name}".useACMEHost and services.wstunnel.servers."${name}".{tlsCertificate, tlsKey} are mutually exclusive.
'';
})
cfg.servers) ++
(lib.mapAttrsToList
(name: serverCfg: {
assertion =
(serverCfg.tlsCertificate == null && serverCfg.tlsKey == null) ||
(serverCfg.tlsCertificate != null && serverCfg.tlsKey != null);
message = ''
services.wstunnel.servers."${name}".tlsCertificate and services.wstunnel.servers."${name}".tlsKey need to be set together.
'';
})
cfg.servers) ++
(lib.mapAttrsToList
(name: clientCfg: {
assertion = !(clientCfg.localToRemote == [ ] && clientCfg.remoteToLocal == [ ]);
message = ''
Either one of services.wstunnel.clients."${name}".localToRemote or services.wstunnel.clients."${name}".remoteToLocal must be set.
'';
})
cfg.clients);
};
meta.maintainers = with maintainers; [ alyaeanyx neverbehave ];
meta.maintainers = with lib.maintainers; [ alyaeanyx rvdp neverbehave ];
}

4
nixos/modules/services/web-apps/firefly-iii.nix
View File

@ -33,10 +33,10 @@ let
${optionalString (cfg.settings.DB_CONNECTION == "sqlite")
"touch ${cfg.dataDir}/storage/database/database.sqlite"}
${artisan} cache:clear
${artisan} package:discover
${artisan} firefly-iii:upgrade-database
${artisan} firefly-iii:laravel-passport-keys
${artisan} cache:clear
${artisan} view:cache
${artisan} route:cache
${artisan} config:cache
@ -283,8 +283,6 @@ in {
before = [ "phpfpm-firefly-iii.service" ];
serviceConfig = {
ExecStart = firefly-iii-maintenance;
RuntimeDirectory = "phpfpm";
RuntimeDirectoryPreserve = true;
RemainAfterExit = true;
} // commonServiceConfig;
unitConfig.JoinsNamespaceOf = "phpfpm-firefly-iii.service";

2
nixos/modules/services/web-apps/mealie.nix
View File

@ -59,7 +59,7 @@ in
PRODUCTION = "true";
ALEMBIC_CONFIG_FILE="${pkg}/config/alembic.ini";
API_PORT = toString cfg.port;
BASE_URL = "http://localhost:${cfg.port}";
BASE_URL = "http://localhost:${toString cfg.port}";
DATA_DIR = "/var/lib/mealie";
CRF_MODEL_PATH = "/var/lib/mealie/model.crfmodel";
} // (builtins.mapAttrs (_: val: toString val) cfg.settings);

2
nixos/modules/virtualisation/oci-image.nix
View File

@ -9,10 +9,10 @@ in
config = {
system.build.OCIImage = import ../../lib/make-disk-image.nix {
inherit config lib pkgs;
inherit (cfg) diskSize;
name = "oci-image";
configFile = ./oci-config-user.nix;
format = "qcow2";
diskSize = 8192;
partitionTableType = if cfg.efi then "efi" else "legacy";
};

6
nixos/modules/virtualisation/oci-options.nix
View File

@ -9,6 +9,12 @@
Whether the OCI instance is using EFI.
'';
};
diskSize = lib.mkOption {
type = lib.types.int;
default = 8192;
description = "Size of the disk image created in MB.";
example = "diskSize = 12 * 1024; # 12GiB";
};
};
};
}

1
nixos/tests/all-tests.nix
View File

@ -1045,6 +1045,7 @@ in {
wordpress = handleTest ./wordpress.nix {};
wrappers = handleTest ./wrappers.nix {};
writefreely = handleTest ./web-apps/writefreely.nix {};
wstunnel = runTest ./wstunnel.nix;
xandikos = handleTest ./xandikos.nix {};
xautolock = handleTest ./xautolock.nix {};
xfce = handleTest ./xfce.nix {};

2
nixos/tests/crabfit.nix
View File

@ -4,7 +4,7 @@ import ./make-test-python.nix (
{
name = "crabfit";
meta.maintainers = with lib.maintainers; [ thubrecht ];
meta.maintainers = with lib.maintainers; [ ];
nodes = {
machine =

6
nixos/tests/matomo.nix
View File

@ -41,14 +41,14 @@ let
in {
matomo = matomoTest pkgs.matomo // {
name = "matomo";
meta.maintainers = with maintainers; [ florianjacob kiwi mmilata twey boozedog ];
meta.maintainers = with maintainers; [ florianjacob mmilata twey boozedog ];
};
matomo-beta = matomoTest pkgs.matomo-beta // {
name = "matomo-beta";
meta.maintainers = with maintainers; [ florianjacob kiwi mmilata twey boozedog ];
meta.maintainers = with maintainers; [ florianjacob mmilata twey boozedog ];
};
matomo_5 = matomoTest pkgs.matomo_5 // {
name = "matomo-5";
meta.maintainers = with maintainers; [ florianjacob kiwi mmilata twey boozedog ] ++ lib.teams.flyingcircus.members;
meta.maintainers = with maintainers; [ florianjacob mmilata twey boozedog ] ++ lib.teams.flyingcircus.members;
};
}

96
nixos/tests/wstunnel.nix Normal file
View File

@ -0,0 +1,96 @@
let
certs = import ./common/acme/server/snakeoil-certs.nix;
domain = certs.domain;
in
{
name = "wstunnel";
nodes = {
server = {
virtualisation.vlans = [ 1 ];
security.pki.certificateFiles = [ certs.ca.cert ];
networking = {
useNetworkd = true;
useDHCP = false;
firewall.enable = false;
};
systemd.network.networks."01-eth1" = {
name = "eth1";
networkConfig.Address = "10.0.0.1/24";
};
services.wstunnel = {
enable = true;
servers.my-server = {
listen = {
host = "10.0.0.1";
port = 443;
};
tlsCertificate = certs.${domain}.cert;
tlsKey = certs.${domain}.key;
};
};
};
client = {
virtualisation.vlans = [ 1 ];
security.pki.certificateFiles = [ certs.ca.cert ];
networking = {
useNetworkd = true;
useDHCP = false;
firewall.enable = false;
extraHosts = ''
10.0.0.1 ${domain}
'';
};
systemd.network.networks."01-eth1" = {
name = "eth1";
networkConfig.Address = "10.0.0.2/24";
};
services.wstunnel = {
enable = true;
clients.my-client = {
autoStart = false;
connectTo = "wss://${domain}:443";
localToRemote = [
"tcp://8080:localhost:2080"
];
remoteToLocal = [
"tcp://2081:localhost:8081"
];
};
};
};
};
testScript = /* python */ ''
start_all()
server.wait_for_unit("wstunnel-server-my-server.service")
client.wait_for_open_port(443, "10.0.0.1")
client.systemctl("start wstunnel-client-my-client.service")
client.wait_for_unit("wstunnel-client-my-client.service")
with subtest("connection from client to server"):
server.succeed("nc -l 2080 >/tmp/msg &")
client.sleep(1)
client.succeed('nc -w1 localhost 8080 <<<"Hello from client"')
server.succeed('grep "Hello from client" /tmp/msg')
with subtest("connection from server to client"):
client.succeed("nc -l 8081 >/tmp/msg &")
server.sleep(1)
server.succeed('nc -w1 localhost 2081 <<<"Hello from server"')
client.succeed('grep "Hello from server" /tmp/msg')
client.systemctl("stop wstunnel-client-my-client.service")
'';
}

10
pkgs/applications/audio/cmus/default.nix
View File

@ -8,12 +8,12 @@
, samplerateSupport ? jackSupport, libsamplerate ? null
, ossSupport ? false, alsa-oss ? null
, pulseaudioSupport ? config.pulseaudio or false, libpulseaudio ? null
, sndioSupport ? false, sndio ? null
, mprisSupport ? stdenv.isLinux, systemd ? null
# TODO: add these
#, artsSupport
#, roarSupport
#, sndioSupport
#, sunSupport
#, waveoutSupport
@ -59,11 +59,11 @@ let
(mkFlag samplerateSupport "CONFIG_SAMPLERATE=y" libsamplerate)
(mkFlag ossSupport "CONFIG_OSS=y" alsa-oss)
(mkFlag pulseaudioSupport "CONFIG_PULSE=y" libpulseaudio)
(mkFlag sndioSupport "CONFIG_SNDIO=y" sndio)
(mkFlag mprisSupport "CONFIG_MPRIS=y" systemd)
#(mkFlag artsSupport "CONFIG_ARTS=y")
#(mkFlag roarSupport "CONFIG_ROAR=y")
#(mkFlag sndioSupport "CONFIG_SNDIO=y")
#(mkFlag sunSupport "CONFIG_SUN=y")
#(mkFlag waveoutSupport "CONFIG_WAVEOUT=y")
@ -92,13 +92,13 @@ in
stdenv.mkDerivation rec {
pname = "cmus";
version = "2.10.0-unstable-2023-11-05";
version = "2.11.0";
src = fetchFromGitHub {
owner = "cmus";
repo = "cmus";
rev = "23afab39902d3d97c47697196b07581305337529";
sha256 = "sha256-pxDIYbeJMoaAuErCghWJpDSh1WbYbhgJ7+ca5WLCrOs=";
rev = "v${version}";
hash = "sha256-kUJC+ORLkYD57mPL/1p5VCm9yiNzVdOZhxp7sVP6oMw=";
};
nativeBuildInputs = [ pkg-config ];

2
pkgs/applications/audio/exaile/default.nix
View File

@ -51,7 +51,7 @@ stdenv.mkDerivation rec {
gst-plugins-ugly
gst-libav
]) ++ (with python3.pkgs; [
bsddb3
berkeleydb
dbus-python
mutagen
pygobject3

18
pkgs/applications/audio/giada/default.nix
View File

@ -21,15 +21,15 @@
, nlohmann_json
}:
stdenv.mkDerivation rec {
stdenv.mkDerivation (finalAttrs: {
pname = "giada";
version = "1.0.0";
src = fetchFromGitHub {
owner = "monocasual";
repo = pname;
rev = version;
sha256 = "sha256-vTOUS9mI4B3yRNnM2dNCH7jgMuD3ztdhe1FMgXUIt58=";
repo = "giada";
rev = finalAttrs.version;
hash = "sha256-vTOUS9mI4B3yRNnM2dNCH7jgMuD3ztdhe1FMgXUIt58=";
fetchSubmodules = true;
};
@ -66,12 +66,12 @@ stdenv.mkDerivation rec {
libXrandr
];
meta = with lib; {
meta = {
description = "Free, minimal, hardcore audio tool for DJs, live performers and electronic musicians";
mainProgram = "giada";
homepage = "https://giadamusic.com/";
license = licenses.gpl3;
maintainers = with maintainers; [ kashw2 ];
platforms = platforms.all;
license = lib.licenses.gpl3;
maintainers = with lib.maintainers; [ kashw2 ];
platforms = lib.platforms.all;
};
}
})

11
pkgs/applications/audio/spotify-qt/default.nix
View File

@ -1,4 +1,5 @@
{ fetchFromGitHub
{ stdenvNoCC
, fetchFromGitHub
, lib
, cmake
, mkDerivation
@ -26,12 +27,18 @@ mkDerivation rec {
installFlags = [ "DESTDIR=$(out)" ];
postInstall = lib.optionalString stdenvNoCC.isDarwin ''
mkdir -p $out/Applications
mv $out/bin/spotify-qt.app $out/Applications
ln $out/Applications/spotify-qt.app/Contents/MacOS/spotify-qt $out/bin/spotify-qt
'';
meta = with lib; {
description = "Lightweight unofficial Spotify client using Qt";
mainProgram = "spotify-qt";
homepage = "https://github.com/kraxarn/spotify-qt";
license = licenses.gpl3Only;
maintainers = with maintainers; [ ];
maintainers = with maintainers; [ iivusly ];
platforms = platforms.unix;
};
}

52
pkgs/applications/editors/vim/plugins/overrides.nix
View File

@ -60,6 +60,9 @@
, zsh
, # codeium-nvim dependencies
codeium
, # codesnap-nvim dependencies
clang
, libuv
, # command-t dependencies
getconf
, ruby
@ -400,6 +403,50 @@
'';
};
codesnap-nvim =
let
version = "1.3.1";
src = fetchFromGitHub {
owner = "mistricky";
repo = "codesnap.nvim";
rev = "refs/tags/v${version}";
hash = "sha256-nS/bAWsBQ1L4M9437Yp6FdmHoogzalKlLIAXnRZyMp0=";
};
codesnap-lib = rustPlatform.buildRustPackage {
pname = "codesnap-lib";
inherit version src;
sourceRoot = "${src.name}/generator";
cargoHash = "sha256-FTQl5WIGEf+RQKYJ4BbIE3cCeN+NYUp7VXIrpxB05tU=";
nativeBuildInputs = [
pkg-config
rustPlatform.bindgenHook
];
buildInputs = [
libuv.dev
] ++ lib.optionals stdenv.isDarwin [
darwin.apple_sdk.frameworks.AppKit
];
};
in
buildVimPlugin {
pname = "codesnap.nvim";
inherit version src;
# https://github.com/mistricky/codesnap.nvim/blob/main/scripts/build_generator.sh
postInstall = let
extension = if stdenv.isDarwin then "dylib" else "so";
in ''
cp ${codesnap-lib}/lib/libgenerator.${extension} lua/generator.so
'';
doInstallCheck = true;
nvimRequireCheck = "codesnap";
};
command-t = super.command-t.overrideAttrs {
nativeBuildInputs = [ getconf ruby ];
buildPhase = ''
@ -1485,6 +1532,11 @@
'';
};
todo-comments-nvim = super.todo-comments-nvim.overrideAttrs {
dependencies = [ self.plenary-nvim ];
nvimRequireCheck = "todo-comments";
};
tup =
let
# Based on the comment at the top of https://github.com/gittup/tup/blob/master/contrib/syntax/tup.vim

1
pkgs/applications/editors/vim/plugins/vim-plugin-names
View File

@ -191,6 +191,7 @@ https://github.com/neoclide/coc.nvim/,release,
https://github.com/manicmaniac/coconut.vim/,HEAD,
https://github.com/Exafunction/codeium.nvim/,HEAD,
https://github.com/Exafunction/codeium.vim/,HEAD,
https://github.com/mistricky/codesnap.nvim/,HEAD,
https://github.com/gorbit99/codewindow.nvim/,HEAD,
https://github.com/metakirby5/codi.vim/,,
https://github.com/tjdevries/colorbuddy.nvim/,,

4
pkgs/applications/editors/xed-editor/default.nix
View File

@ -19,13 +19,13 @@
stdenv.mkDerivation rec {
pname = "xed-editor";
version = "3.6.2";
version = "3.6.3";
src = fetchFromGitHub {
owner = "linuxmint";
repo = "xed";
rev = version;
sha256 = "sha256-+yY+vzDMeS4AMMAklzADD4/LAQgav3clM2CCK6xh47Q=";
sha256 = "sha256-xsNqzicI11dM/DjY00pXaPpQdHA0ltP23g34fMWUoUA=";
};
patches = [

2
pkgs/applications/kde/alligator.nix
View File

@ -38,6 +38,6 @@ mkDerivation rec {
# https://invent.kde.org/plasma-mobile/alligator/-/commit/db30f159c4700244532b17a260deb95551045b7a
# * SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only OR LicenseRef-KDE-Accepted-GPL
license = with licenses; [ gpl2Only gpl3Only ];
maintainers = with maintainers; [ samueldr ];
maintainers = with maintainers; [ ];
};
}

2
pkgs/applications/kde/audiotube.nix
View File

@ -66,6 +66,6 @@ mkDerivation rec {
homepage = "https://invent.kde.org/plasma-mobile/audiotube";
# https://invent.kde.org/plasma-mobile/audiotube/-/tree/c503d0607a3386112beaa9cf990ab85fe33ef115/LICENSES
license = with licenses; [ bsd2 cc0 gpl2Only gpl3Only ];
maintainers = with maintainers; [ samueldr ];
maintainers = with maintainers; [ ];
};
}

2
pkgs/applications/kde/calindori.nix
View File

@ -41,6 +41,6 @@ mkDerivation rec {
description = "Calendar for Plasma Mobile";
homepage = "https://invent.kde.org/plasma-mobile/calindori";
license = licenses.gpl3Plus;
maintainers = with maintainers; [ samueldr ];
maintainers = with maintainers; [ ];
};
}

2
pkgs/applications/kde/kalk.nix
View File

@ -46,6 +46,6 @@ mkDerivation rec {
mainProgram = "kalk";
homepage = "https://invent.kde.org/plasma-mobile/kalk";
license = licenses.gpl3Plus;
maintainers = with maintainers; [ samueldr ];
maintainers = with maintainers; [ ];
};
}

2
pkgs/applications/kde/kasts.nix
View File

@ -63,6 +63,6 @@ mkDerivation rec {
homepage = "https://apps.kde.org/kasts/";
# https://invent.kde.org/plasma-mobile/kasts/-/tree/master/LICENSES
license = with licenses; [ bsd2 cc-by-sa-40 cc0 gpl2Only gpl2Plus gpl3Only gpl3Plus lgpl3Plus ];
maintainers = with maintainers; [ samueldr ];
maintainers = with maintainers; [ ];
};
}

2
pkgs/applications/kde/kclock.nix
View File

@ -41,6 +41,6 @@ mkDerivation rec {
description = "Clock app for plasma mobile";
homepage = "https://invent.kde.org/plasma-mobile/kclock";
license = licenses.gpl2Plus;
maintainers = with maintainers; [ samueldr ];
maintainers = with maintainers; [ ];
};
}

2
pkgs/applications/kde/keysmith.nix
View File

@ -34,7 +34,7 @@ mkDerivation rec {
mainProgram = "keysmith";
license = licenses.gpl3;
homepage = "https://github.com/KDE/keysmith";
maintainers = with maintainers; [ samueldr shamilton ];
maintainers = with maintainers; [ shamilton ];
platforms = platforms.linux;
};
}

2
pkgs/applications/kde/koko.nix
View File

@ -77,6 +77,6 @@ mkDerivation rec {
homepage = "https://apps.kde.org/koko/";
# LGPL-2.1-only OR LGPL-3.0-only OR LicenseRef-KDE-Accepted-LGPL
license = [ licenses.lgpl3Only licenses.lgpl21Only ];
maintainers = with maintainers; [ samueldr ];
maintainers = with maintainers; [ ];
};
}

2
pkgs/applications/kde/kpublictransport.nix
View File

@ -10,7 +10,7 @@ mkDerivation {
pname = "kpublictransport";
meta = with lib; {
license = [ licenses.cc0 ];
maintainers = [ maintainers.samueldr ];
maintainers = [ ];
};
nativeBuildInputs = [ extra-cmake-modules ];

2
pkgs/applications/kde/krecorder.nix
View File

@ -38,6 +38,6 @@ mkDerivation rec {
mainProgram = "krecorder";
homepage = "https://invent.kde.org/plasma-mobile/krecorder";
license = licenses.gpl3Plus;
maintainers = with maintainers; [ samueldr ];
maintainers = with maintainers; [ ];
};
}

2
pkgs/applications/kde/ktrip.nix
View File

@ -43,6 +43,6 @@ mkDerivation rec {
homepage = "https://apps.kde.org/ktrip/";
# GPL-2.0-or-later
license = licenses.gpl2Plus;
maintainers = with maintainers; [ samueldr ];
maintainers = with maintainers; [ ];
};
}

2
pkgs/applications/kde/kweather.nix
View File

@ -44,6 +44,6 @@ mkDerivation rec {
mainProgram = "kweather";
homepage = "https://invent.kde.org/plasma-mobile/kweather";
license = with licenses; [ gpl2Plus cc-by-40 ];
maintainers = with maintainers; [ samueldr ];
maintainers = with maintainers; [ ];
};
}

48
pkgs/applications/misc/auto-multiple-choice/default.nix
View File

@ -37,31 +37,28 @@ stdenv.mkDerivation (finalAttrs: rec {
makeFlags = [
"PERLPATH=${perl}/bin/perl"
# We *need* to pass DESTDIR, as the Makefile ignores PREFIX.
"DESTDIR=$(out)"
# Relative paths.
"BINDIR=/bin"
"PERLDIR=/share/perl5"
"MODSDIR=/lib" # At runtime, AMC will test for that dir before
# defaulting to the "portable" strategy we use, so this test
# *must* fail. *But* this variable cannot be set to anything but
# "/lib" , because that name is hardcoded in the main executable
# and this variable controls both both the path AMC will check at
# runtime, AND the path where the actual modules will be stored at
# build-time. This has been reported upstream as
# https://project.auto-multiple-choice.net/issues/872
"TEXDIR=/tex/latex/" # what texlive.combine expects
"TEXDOCDIR=/share/doc/texmf/" # TODO where to put this?
"MAN1DIR=/share/man/man1"
"DESKTOPDIR=/share/applications"
"METAINFODIR=/share/metainfo"
"ICONSDIR=/share/auto-multiple-choice/icons"
"APPICONDIR=/share/icons/hicolor"
"LOCALEDIR=/share/locale"
"MODELSDIR=/share/auto-multiple-choice/models"
"DOCDIR=/share/doc/auto-multiple-choice"
"SHARED_MIMEINFO_DIR=/share/mime/packages"
"LANG_GTKSOURCEVIEW_DIR=/share/gtksourceview-4/language-specs"
# We *need* to set DESTDIR as empty and use absolute paths below,
# because the Makefile ignores PREFIX and MODSDIR is required to
# be an absolute path to not trigger "portable distribution" check
# in auto-multiple-choice.in.
"DESTDIR="
# Set variables from Makefile.conf to absolute paths
"BINDIR=${placeholder "out"}/bin"
"PERLDIR=${placeholder "out"}/share/perl5"
"MODSDIR=${placeholder "out"}/lib"
"TEXDIR=${placeholder "out"}/tex/latex/" # what texlive.combine expects
"TEXDOCDIR=${placeholder "out"}/share/doc/texmf/" # TODO where to put this?
"MAN1DIR=${placeholder "out"}/share/man/man1"
"DESKTOPDIR=${placeholder "out"}/share/applications"
"METAINFODIR=${placeholder "out"}/share/metainfo"
"ICONSDIR=${placeholder "out"}/share/auto-multiple-choice/icons"
"CSSDIR=${placeholder "out"}/share/auto-multiple-choice/gtk"
"APPICONDIR=${placeholder "out"}/share/icons/hicolor"
"LOCALEDIR=${placeholder "out"}/share/locale"
"MODELSDIR=${placeholder "out"}/share/auto-multiple-choice/models"
"DOCDIR=${placeholder "out"}/share/doc/auto-multiple-choice"
"SHARED_MIMEINFO_DIR=${placeholder "out"}/share/mime/packages"
"LANG_GTKSOURCEVIEW_DIR=${placeholder "out"}/share/gtksourceview-4/language-specs"
# Pretend to be redhat so `install` doesn't try to chown/chgrp.
"SYSTEM_TYPE=rpm"
"GCC=${stdenv.cc.targetPrefix}cc"
@ -93,6 +90,7 @@ stdenv.mkDerivation (finalAttrs: rec {
XMLWriter
]}:"$out/share/perl5 \
--prefix XDG_DATA_DIRS : "$out/share:$XDG_ICON_DIRS:$GSETTINGS_SCHEMAS_PATH" \
--prefix PATH : "$out/bin" \
--set TEXINPUTS ":.:$out/tex/latex"
'';

6
pkgs/applications/misc/cotp/default.nix
View File

@ -8,16 +8,16 @@
rustPlatform.buildRustPackage rec {
pname = "cotp";
version = "1.7.0";
version = "1.7.1";
src = fetchFromGitHub {
owner = "replydev";
repo = "cotp";
rev = "v${version}";
hash = "sha256-Qr4pHtTQfJjRiFI4vZAynRWyJWYqWHYhZH4Mgd6OgR8=";
hash = "sha256-6FriNAwxo+YnJWmCrScyafUEkJvEJz3O9Zoj9yerpSI=";
};
cargoHash = "sha256-U/kVN8oaNuZ9CdLkAQWK3H5kZv5qZgzWQwi8pHMVPcM=";
cargoHash = "sha256-/CW0CGhPjKd5oU2LYW4lPWKMATn9aJdjIy44yZJyU/E=";
buildInputs = lib.optionals stdenv.isLinux [ libxcb ]
++ lib.optionals stdenv.isDarwin [ AppKit ];

2
pkgs/applications/misc/gramps/default.nix
View File

@ -69,7 +69,7 @@ buildPythonApplication rec {
;
propagatedBuildInputs = with pythonPackages; [
bsddb3
berkeleydb
pyicu
pygobject3
pycairo

4
pkgs/applications/misc/keepassxc/default.nix
View File

@ -41,13 +41,13 @@
stdenv.mkDerivation rec {
pname = "keepassxc";
version = "2.7.8";
version = "2.7.9";
src = fetchFromGitHub {
owner = "keepassxreboot";
repo = "keepassxc";
rev = version;
hash = "sha256-Gb5/CPhn/phVVvz9BFv7rb12n/P3rPNl5r2gA+E5b0o=";
hash = "sha256-rnietdc8eDNTag0GaZ8VJb28JsKKD/qrQ0Gg6FMWpr0=";
};
env.NIX_CFLAGS_COMPILE = lib.optionalString stdenv.cc.isClang (toString [

2
pkgs/applications/misc/librecad/default.nix
View File

@ -72,7 +72,7 @@ mkDerivation rec {
description = "2D CAD package based on Qt";
homepage = "https://librecad.org";
license = licenses.gpl2Only;
maintainers = with maintainers; [ kiwi viric ];
maintainers = with maintainers; [ viric ];
platforms = platforms.linux;
};
}

2
pkgs/applications/misc/maliit-framework/default.nix
View File

@ -73,6 +73,6 @@ mkDerivation rec {
mainProgram = "maliit-server";
homepage = "http://maliit.github.io/";
license = licenses.lgpl21Plus;
maintainers = with maintainers; [ samueldr ];
maintainers = with maintainers; [ ];
};
}

2
pkgs/applications/misc/maliit-keyboard/default.nix
View File

@ -69,6 +69,6 @@ mkDerivation rec {
mainProgram = "maliit-keyboard";
homepage = "http://maliit.github.io/";
license = with licenses; [ lgpl3Only bsd3 cc-by-30 ];
maintainers = with maintainers; [ samueldr ];
maintainers = with maintainers; [ ];
};
}

4
pkgs/applications/misc/obsidian/default.nix
View File

@ -8,6 +8,7 @@
, writeScript
, undmg
, unzip
, commandLineArgs ? ""
}:
let
inherit (stdenv.hostPlatform) system;
@ -52,7 +53,8 @@ let
mkdir -p $out/bin
makeWrapper ${electron}/bin/electron $out/bin/obsidian \
--add-flags $out/share/obsidian/app.asar \
--add-flags "\''${NIXOS_OZONE_WL:+\''${WAYLAND_DISPLAY:+--ozone-platform=wayland}}"
--add-flags "\''${NIXOS_OZONE_WL:+\''${WAYLAND_DISPLAY:+--ozone-platform=wayland}}" \
--add-flags ${lib.escapeShellArg commandLineArgs}
install -m 444 -D resources/app.asar $out/share/obsidian/app.asar
install -m 444 -D resources/obsidian.asar $out/share/obsidian/obsidian.asar
install -m 444 -D "${desktopItem}/share/applications/"* \

12
pkgs/applications/networking/browsers/brave/default.nix
View File

@ -6,17 +6,17 @@ callPackage ./make-brave.nix (removeAttrs args [ "callPackage" ])
if stdenv.isAarch64 then
{
pname = "brave";
version = "1.66.118";
url = "https://github.com/brave/brave-browser/releases/download/v1.66.118/brave-browser_1.66.118_arm64.deb";
hash = "sha256-H2f6i86lDToHEkJ9JZCBp3tlpnI+zoFHY3YzLdp5lE4=";
version = "1.67.116";
url = "https://github.com/brave/brave-browser/releases/download/v1.67.116/brave-browser_1.67.116_arm64.deb";
hash = "sha256-YOvfXI+bSX3WZRBYXxGYhNme9NZl3ob/JYw6KshXn54=";
platform = "aarch64-linux";
}
else if stdenv.isx86_64 then
{
pname = "brave";
version = "1.66.118";
url = "https://github.com/brave/brave-browser/releases/download/v1.66.118/brave-browser_1.66.118_amd64.deb";
hash = "sha256-r7lpEOxECOqJ23XxTHqSy6KhyNPRwOkuJvnZUuuBN4k=";
version = "1.67.116";
url = "https://github.com/brave/brave-browser/releases/download/v1.67.116/brave-browser_1.67.116_amd64.deb";
hash = "sha256-J4ap0bEAg5Q40U155AdAyzereBAo8Q/YDedDVqYvaT4=";
platform = "x86_64-linux";
}
else

8
pkgs/applications/networking/browsers/chromium/upstream-info.nix
View File

@ -27,11 +27,11 @@
version = "2024-05-13";
};
ungoogled-patches = {
hash = "sha256-vQrUQMmNSw+b9nPzP1RmkncQHasmZvnxNHjfiPoMUXo=";
rev = "126.0.6478.61-1";
hash = "sha256-lj/XYWkEo7M1i3D5e1MVXTXh02U55lNoo+sxKpu8FNc=";
rev = "126.0.6478.114-1";
};
};
hash = "sha256-cB2jrasrtaFWM8tpG9leuC+jUAvoU8g5977cn4r7rbw=";
version = "126.0.6478.61";
hash = "sha256-sXP+/KXDoy3QnRoa9acGbsXKVCPspyNGtZTLMHBqxvw=";
version = "126.0.6478.114";
};
}

10
pkgs/applications/networking/browsers/librewolf/src.json
View File

@ -1,15 +1,15 @@
{
"packageVersion": "126.0.1-1",
"packageVersion": "127.0-1",
"source": {
"rev": "126.0.1-1",
"sha256": "0cac80073vkzd85ai9rbnwixs1h9bpy4dj2ri6jxdlqsy5d663km"
"rev": "127.0-1",
"sha256": "0zif9b7ky423bg3cf3njyxl465hrbsha1f1hxpdgccql0id5qr7r"
},
"settings": {
"rev": "1debc2d30949baff2d1e7df23e87900f1987a8ae",
"sha256": "12xgjv40mihbyfsah26vvdyb4yirydc1a884v2chnca4f5q00lc2"
},
"firefox": {
"version": "126.0.1",
"sha512": "249605c4891ee9271def187d161369bd3ccbd347f5f0e175d0239aced3cb9ae9655d3c134b7705bda80ea1e63c0a2ee8eb4e76db0840019683376c00f20fc7ac"
"version": "127.0",
"sha512": "5a17bce357e7f445c37540115f2c131ad5a055c0cf04f20bc2eaca18f8d241a99ac76739d172b38f2ad2681633f901a0a15893801082ac5db9e20e31fc8b8291"
}
}

6
pkgs/applications/networking/cluster/atmos/default.nix
View File

@ -2,16 +2,16 @@
buildGoModule rec {
pname = "atmos";
version = "1.79.0";
version = "1.81.0";
src = fetchFromGitHub {
owner = "cloudposse";
repo = pname;
rev = "v${version}";
sha256 = "sha256-bYeqeR+3EkEE7DtdQnjvVygssmHzn0WqOb+m0LE4hjo=";
sha256 = "sha256-drreGXCYpjF1UD1OUzuGh2rezEhHw7Zq0Y6JujLsMMk=";
};
vendorHash = "sha256-jI0gBRRNcL3tkfqPRazp4TdfsUEgdXtUDAujVwH1QMk=";
vendorHash = "sha256-ojl+dGrj+zmE2lqlclq3jA0K6AXdi9Ofhd4GA6nVrDo=";
ldflags = [ "-s" "-w" "-X github.com/cloudposse/atmos/cmd.Version=v${version}" ];

4
pkgs/applications/networking/cluster/glooctl/default.nix
View File

@ -6,13 +6,13 @@
buildGoModule rec {
pname = "glooctl";
version = "1.16.15";
version = "1.16.16";
src = fetchFromGitHub {
owner = "solo-io";
repo = "gloo";
rev = "v${version}";
hash = "sha256-VWtn0PyGYXURQmEhI0LbhIuEIbFLkhNWWI7c3wdh6H8=";
hash = "sha256-N7Yao/lRyzmbFDIqfvQoZXKGbYPxlA8HCD3tPkl8RKk=";
};
vendorHash = "sha256-wLB+sUaSOBb1VLx/iwlU4U6LKakUP+GbhdWfjlvCu84=";

6
pkgs/applications/networking/cluster/kubeseal/default.nix
View File

@ -2,16 +2,16 @@
buildGoModule rec {
pname = "kubeseal";
version = "0.26.3";
version = "0.27.0";
src = fetchFromGitHub {
owner = "bitnami-labs";
repo = "sealed-secrets";
rev = "v${version}";
sha256 = "sha256-2MU1/znfp2LfojfgFPovgcJbZLtqY+6O7YKZNhPIT8k=";
sha256 = "sha256-Ja+z+QmdU37RC9WIczlmzJWN6enhks3jDJLQMV+kfCY=";
};
vendorHash = "sha256-B50+G29ze1jPBTlFA0nvMfh25t4Xb3YCxEkPkjxKMj0=";
vendorHash = "sha256-QSF6/8FLXJrM5LAWW0NgDP6U0om2lXsOGP9qDasz+2c=";
subPackages = [ "cmd/kubeseal" ];

2
pkgs/applications/networking/cluster/nixops/plugins/nixops-digitalocean.nix
View File

@ -48,6 +48,6 @@ buildPythonPackage {
description = "NixOps Digitalocean plugin";
homepage = "https://github.com/nix-community/nixops-digitalocean";
license = licenses.lgpl3Only;
maintainers = with maintainers; [ kiwi ];
maintainers = with maintainers; [ ];
};
}

4
pkgs/applications/networking/flexget/default.nix
View File

@ -5,7 +5,7 @@
python3.pkgs.buildPythonApplication rec {
pname = "flexget";
version = "3.11.37";
version = "3.11.39";
pyproject = true;
# Fetch from GitHub in order to use `requirements.in`
@ -13,7 +13,7 @@ python3.pkgs.buildPythonApplication rec {
owner = "Flexget";
repo = "Flexget";
rev = "refs/tags/v${version}";
hash = "sha256-bZd/iLEGF5+Zt4kKAvUmjHiPKA1v1FWf5/BEcsLy9MU=";
hash = "sha256-saNxs+Xdf6OTRRcMTceU8/ITcYzwtP8VqRKxsWyas+o=";
};
postPatch = ''

4
pkgs/applications/networking/instant-messengers/rambox/default.nix
View File

@ -2,11 +2,11 @@
let
pname = "rambox";
version = "2.3.3";
version = "2.3.4";
src = fetchurl {
url = "https://github.com/ramboxapp/download/releases/download/v${version}/Rambox-${version}-linux-x64.AppImage";
hash = "sha256-Z6ux/liDpE0Fb4h0eAZC7F/Tt3eKlXQPBQVCd7Je9TI=";
hash = "sha256-YaLvqd0yr0wlsvjtoN/9GXoZIpjH26DInhWC0Vg62Rs=";
};
desktopItem = (makeDesktopItem {

4
pkgs/applications/networking/instant-messengers/signalbackup-tools/default.nix
View File

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "signalbackup-tools";
version = "20240610";
version = "20240615-1";
src = fetchFromGitHub {
owner = "bepaald";
repo = pname;
rev = version;
hash = "sha256-txtOCw7fakQavzpTJrVbelZdEw2mYNe9lb8p1zH6dyw=";
hash = "sha256-70lHZXGdPxT2d15oZW/hKrPS1qfpxH8O5jnyGy7CVz0=";
};
postPatch = ''

1
pkgs/applications/networking/instant-messengers/wire-desktop/default.nix
View File

@ -60,7 +60,6 @@ let
license = licenses.gpl3Plus;
maintainers = with maintainers; [
arianvp
kiwi
toonn
];
platforms = platforms.darwin ++ [

6
pkgs/applications/networking/znc/modules.nix
View File

@ -77,7 +77,7 @@ in
description = "ZNC clientaway module";
homepage = "https://github.com/kylef/znc-contrib";
license = licenses.gpl2;
maintainers = with maintainers; [ kiwi ];
maintainers = with maintainers; [ ];
};
};
@ -117,7 +117,7 @@ in
description = "ZNC ignore module";
homepage = "https://github.com/kylef/znc-contrib";
license = licenses.gpl2;
maintainers = with maintainers; [ kiwi ];
maintainers = with maintainers; [ ];
};
};
@ -137,7 +137,7 @@ in
description = "Palaver ZNC module";
homepage = "https://github.com/cocodelabs/znc-palaver";
license = licenses.mit;
maintainers = with maintainers; [ kiwi szlend ];
maintainers = with maintainers; [ szlend ];
};
};

1
pkgs/applications/office/scribus/default.nix
View File

@ -70,7 +70,6 @@ stdenv.mkDerivation (finalAttrs: {
meta = with lib; {
maintainers = with maintainers; [
kiwi
arthsmn
];
description = "Desktop Publishing (DTP) and Layout program";

2
pkgs/applications/plasma-mobile/plasma-dialer.nix
View File

@ -82,6 +82,6 @@ mkDerivation rec {
mainProgram = "plasmaphonedialer";
homepage = "https://invent.kde.org/plasma-mobile/plasma-dialer";
license = licenses.gpl3Plus;
maintainers = with maintainers; [ samueldr ];
maintainers = with maintainers; [ ];
};
}

2
pkgs/applications/plasma-mobile/plasma-phonebook.nix
View File

@ -37,6 +37,6 @@ mkDerivation rec {
homepage = "https://invent.kde.org/plasma-mobile/plasma-phonebook";
# https://invent.kde.org/plasma-mobile/plasma-phonebook/-/commit/3ac27760417e51c051c5dd44155c3f42dd000e4f
license = licenses.gpl3Plus;
maintainers = with maintainers; [ samueldr ];
maintainers = with maintainers; [ ];
};
}

2
pkgs/applications/plasma-mobile/plasma-settings.nix
View File

@ -53,6 +53,6 @@ mkDerivation rec {
homepage = "https://invent.kde.org/plasma-mobile/plasma-settings";
# https://invent.kde.org/plasma-mobile/plasma-settings/-/commit/a59007f383308503e59498b3036e1483bca26e35
license = licenses.gpl2Plus;
maintainers = with maintainers; [ samueldr ];
maintainers = with maintainers; [ ];
};
}

2
pkgs/applications/plasma-mobile/spacebar.nix
View File

@ -52,6 +52,6 @@ mkDerivation {
mainProgram = "spacebar";
homepage = "https://invent.kde.org/plasma-mobile/spacebar";
license = licenses.gpl2Plus;
maintainers = with maintainers; [ samueldr ];
maintainers = with maintainers; [ ];
};
}

4
pkgs/applications/science/logic/cbmc/default.nix
View File

@ -13,13 +13,13 @@
stdenv.mkDerivation rec {
pname = "cbmc";
version = "5.95.1";
version = "6.0.0";
src = fetchFromGitHub {
owner = "diffblue";
repo = pname;
rev = "${pname}-${version}";
sha256 = "sha256-fDLSo5EeHyPTliAqFp+5mfaB0iZXIMXeMyF21fjl5k4=";
sha256 = "sha256-mPRkkKN7Hz9Qi6a3fEwVFh7a9OaBFcksNw9qwNOarao=";
};
nativeBuildInputs = [

6
pkgs/applications/science/math/eigenmath/default.nix
View File

@ -7,13 +7,13 @@
stdenv.mkDerivation rec {
pname = "eigenmath";
version = "3.26-unstable-2024-06-09";
version = "3.27-unstable-2024-06-20";
src = fetchFromGitHub {
owner = "georgeweigt";
repo = pname;
rev = "285fc0133f0e7bb5e1e220b75246ce542ae50269";
hash = "sha256-ddED3PaHSSupe/QqMYj88GCmh9IrRvpAd4/WEpRTN00=";
rev = "c3e3da104dbef888c3e52659134d5e9bdc12764d";
hash = "sha256-fqCphnRQw79v7ZTCZU9ucm/R7BKY7yCZYDSnxD7uRS8=";
};
checkPhase = let emulator = stdenv.hostPlatform.emulator buildPackages; in ''

7
pkgs/applications/system/glances/default.nix
View File

@ -26,14 +26,15 @@
buildPythonApplication rec {
pname = "glances";
version = "4.0.7";
# use unstable to fix a build error for aarch64.
version = "4.0.8-unstable-2024-06-09";
disabled = isPyPy;
src = fetchFromGitHub {
owner = "nicolargo";
repo = "glances";
rev = "refs/tags/v${version}";
hash = "sha256-Vfsco8Wno57aPM7PtwCc/gI+6FnAG3H/t5OAUngDU5o=";
rev = "051006e12f7c90281dda4af60871b535b0dcdcb9";
hash = "sha256-iCK5soTACQwtCVMmMsFaqXvZtTKX9WbTul0mUeSWC2M=";
};
# On Darwin this package segfaults due to mismatch of pure and impure

4
pkgs/applications/terminal-emulators/iterm2/default.nix
View File

@ -11,11 +11,11 @@
stdenvNoCC.mkDerivation rec {
pname = "iterm2";
version = "3.4.23";
version = "3.5.2";
src = fetchzip {
url = "https://iterm2.com/downloads/stable/iTerm2-${lib.replaceStrings ["."] ["_"] version}.zip";
hash = "sha256-hQV/jGT/3JOvHBICyCeNnuSYMeeF7lfErN55f+Frg2w=";
hash = "sha256-WiRRxklI3A/3MtJY63jAkUVe8qa5jfRACzUESfwAmmw=";
};
dontFixup = true;

4
pkgs/applications/video/mlv-app/default.nix
View File

@ -54,9 +54,7 @@ mkDerivation rec {
description = "All in one MLV processing app that is pretty great";
homepage = "https://mlv.app";
license = licenses.gpl3;
maintainers = with maintainers; [
kiwi
];
maintainers = with maintainers; [ ];
platforms = platforms.linux;
mainProgram = "mlvapp";
};

4
pkgs/applications/video/mpv/scripts/mpvacious.nix
View File

@ -10,13 +10,13 @@
buildLua rec {
pname = "mpvacious";
version = "0.34";
version = "0.35";
src = fetchFromGitHub {
owner = "Ajatt-Tools";
repo = "mpvacious";
rev = "v${version}";
sha256 = "sha256-YsbeMWGpRi9wUdnrMA2YQXXWQUALxDOTs+gBJ56okkI=";
sha256 = "sha256-LcO17zkGkXWqSjWPTA3cVwRnmSrhTlS3W4RhhYaKgY4=";
};
passthru.updateScript = gitUpdater { rev-prefix = "v"; };

4
pkgs/applications/video/mpv/scripts/thumbnail.nix
View File

@ -8,13 +8,13 @@
buildLua rec {
pname = "mpv-thumbnail-script";
version = "0.5.3";
version = "0.5.4";
src = fetchFromGitHub {
owner = "marzzzello";
repo = "mpv_thumbnail_script";
rev = version;
sha256 = "sha256-J24Rou7BTE7zoiPlBkWuO9dtYJiuzkuwB4FROuzXzag=";
sha256 = "sha256-nflavx25skLj9kitneL6Uz3zI2DyMMhQC595npofzbQ=";
};
passthru.updateScript = gitUpdater { };

4
pkgs/applications/video/obs-studio/plugins/obs-vertical-canvas.nix
View File

@ -9,13 +9,13 @@
stdenv.mkDerivation rec {
pname = "obs-vertical-canvas";
version = "1.4.2";
version = "1.4.3";
src = fetchFromGitHub {
owner = "Aitum";
repo = "obs-vertical-canvas";
rev = version;
sha256 = "sha256-3lFM7bOzsKex6JUdbcw8MNS4PRzaN/E/vngdukgfV0s=";
sha256 = "sha256-nzuPjVwtWGPSNLnWNT4D03j1xZp37HH77t1DnilSQ8E=";
};
nativeBuildInputs = [ cmake ];

36
pkgs/applications/window-managers/hyprwm/hyprpaper/default.nix
View File

@ -2,14 +2,24 @@
, stdenv
, fetchFromGitHub
, cmake
, cairo
, expat
, file
, fribidi
, hyprlang
, libdatrie
, libGL
, libjpeg
, libselinux
, libsepol
, libthai
, libwebp
, mesa
, libXdmcp
, pango
, pcre
, pcre2
, pkg-config
, util-linux
, wayland
, wayland-protocols
, wayland-scanner
@ -33,13 +43,23 @@ stdenv.mkDerivation (finalAttrs: {
];
buildInputs = [
cairo
expat
file
fribidi
hyprlang
libdatrie
libGL
libjpeg
libselinux
libsepol
libthai
libwebp
mesa
libXdmcp
pango
pcre
pcre2
util-linux
wayland
wayland-protocols
];
@ -49,18 +69,6 @@ stdenv.mkDerivation (finalAttrs: {
--replace GIT_COMMIT_HASH '"${finalAttrs.src.rev}"'
'';
preConfigure = ''
make protocols
'';
installPhase = ''
runHook preInstall
install -Dm755 ./hyprpaper -t $out/bin
runHook postInstall
'';
meta = with lib; {
inherit (finalAttrs.src.meta) homepage;
description = "Blazing fast wayland wallpaper utility";

4
pkgs/build-support/build-fhsenv-bubblewrap/buildFHSEnv.nix
View File

@ -116,6 +116,10 @@ let
export PKG_CONFIG_PATH=/usr/lib/pkgconfig
export ACLOCAL_PATH=/usr/share/aclocal
# GStreamer searches for plugins relative to its real binary's location
# https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/bd97973ce0f2c5495bcda5cccd4f7ef7dcb7febc
export GST_PLUGIN_SYSTEM_PATH_1_0=/usr/lib/gstreamer-1.0:/usr/lib32/gstreamer-1.0
${profile}
'';

3
pkgs/build-support/ocaml/dune.nix
View File

@ -7,8 +7,7 @@ let Dune =
{ "1" = dune_1; "2" = dune_2; "3" = dune_3; }."${dune-version}"
; in
if (args ? minimumOCamlVersion && lib.versionOlder ocaml.version args.minimumOCamlVersion) ||
(args ? minimalOCamlVersion && lib.versionOlder ocaml.version args.minimalOCamlVersion)
if args ? minimalOCamlVersion && lib.versionOlder ocaml.version args.minimalOCamlVersion
then throw "${pname}-${version} is not available for OCaml ${ocaml.version}"
else

24
pkgs/build-support/rust/build-rust-crate/configure-crate.nix
View File

@ -198,13 +198,16 @@ in ''
)
set +e
EXTRA_BUILD=$(sed -n "s/^cargo:rustc-flags=\(.*\)/\1/p" target/build/${crateName}.opt | tr '\n' ' ' | sort -u)
EXTRA_FEATURES=$(sed -n "s/^cargo:rustc-cfg=\(.*\)/--cfg \1/p" target/build/${crateName}.opt | tr '\n' ' ')
EXTRA_LINK_ARGS=$(sed -n "s/^cargo:rustc-link-arg=\(.*\)/-C link-arg=\1/p" target/build/${crateName}.opt | tr '\n' ' ')
EXTRA_LINK_ARGS_BINS=$(sed -n "s/^cargo:rustc-link-arg-bins=\(.*\)/-C link-arg=\1/p" target/build/${crateName}.opt | tr '\n' ' ')
EXTRA_LINK_ARGS_LIB=$(sed -n "s/^cargo:rustc-link-arg-lib=\(.*\)/-C link-arg=\1/p" target/build/${crateName}.opt | tr '\n' ' ')
EXTRA_LINK_LIBS=$(sed -n "s/^cargo:rustc-link-lib=\(.*\)/\1/p" target/build/${crateName}.opt | tr '\n' ' ')
EXTRA_LINK_SEARCH=$(sed -n "s/^cargo:rustc-link-search=\(.*\)/\1/p" target/build/${crateName}.opt | tr '\n' ' ' | sort -u)
# We want to support the new prefix invocation syntax which uses two colons
# See https://doc.rust-lang.org/cargo/reference/build-scripts.html#outputs-of-the-build-script
EXTRA_BUILD=$(sed -n "s/^cargo::\{0,1\}rustc-flags=\(.*\)/\1/p" target/build/${crateName}.opt | tr '\n' ' ' | sort -u)
EXTRA_FEATURES=$(sed -n "s/^cargo::\{0,1\}rustc-cfg=\(.*\)/--cfg \1/p" target/build/${crateName}.opt | tr '\n' ' ')
EXTRA_LINK_ARGS=$(sed -n "s/^cargo::\{0,1\}rustc-link-arg=\(.*\)/-C link-arg=\1/p" target/build/${crateName}.opt | tr '\n' ' ')
EXTRA_LINK_ARGS_BINS=$(sed -n "s/^cargo::\{0,1\}rustc-link-arg-bins=\(.*\)/-C link-arg=\1/p" target/build/${crateName}.opt | tr '\n' ' ')
EXTRA_LINK_ARGS_LIB=$(sed -n "s/^cargo::\{0,1\}rustc-link-arg-lib=\(.*\)/-C link-arg=\1/p" target/build/${crateName}.opt | tr '\n' ' ')
EXTRA_LINK_LIBS=$(sed -n "s/^cargo::\{0,1\}rustc-link-lib=\(.*\)/\1/p" target/build/${crateName}.opt | tr '\n' ' ')
EXTRA_LINK_SEARCH=$(sed -n "s/^cargo::\{0,1\}rustc-link-search=\(.*\)/\1/p" target/build/${crateName}.opt | tr '\n' ' ' | sort -u)
# We want to read part of every line that has cargo:rustc-env= prefix and
# export it as environment variables. This turns out tricky if the lines
@ -217,14 +220,15 @@ in ''
#
_OLDIFS="$IFS"
IFS=$'\n'
for env in $(sed -n "s/^cargo:rustc-env=\(.*\)/\1/p" target/build/${crateName}.opt); do
for env in $(sed -n "s/^cargo::\{0,1\}rustc-env=\(.*\)/\1/p" target/build/${crateName}.opt); do
export "$env"
done
IFS="$_OLDIFS"
CRATENAME=$(echo ${crateName} | sed -e "s/\(.*\)-sys$/\U\1/" -e "s/-/_/g")
grep -P "^cargo:(?!(rustc-|warning=|rerun-if-changed=|rerun-if-env-changed))" target/build/${crateName}.opt \
| awk -F= "/^cargo:/ { sub(/^cargo:/, \"\", \$1); gsub(/-/, \"_\", \$1); print \"export \" toupper(\"DEP_$(echo $CRATENAME)_\" \$1) \"=\" \"\\\"\"\$2\"\\\"\" }" > target/env
grep -P "^cargo:(?!:?(rustc-|warning=|rerun-if-changed=|rerun-if-env-changed))" target/build/${crateName}.opt \
| awk -F= "/^cargo::metadata=/ { gsub(/-/, \"_\", \$2); print \"export \" toupper(\"DEP_$(echo $CRATENAME)_\" \$2) \"=\" \"\\\"\"\$3\"\\\"\"; next }
/^cargo:/ { sub(/^cargo::?/, \"\", \$1); gsub(/-/, \"_\", \$1); print \"export \" toupper(\"DEP_$(echo $CRATENAME)_\" \$1) \"=\" \"\\\"\"\$2\"\\\"\"; next }" > target/env
set -e
fi
runHook postConfigure

2
pkgs/build-support/rust/build-rust-crate/default.nix
View File

@ -49,6 +49,8 @@ let
filename =
if lib.any (x: x == "lib" || x == "rlib") dep.crateType
then "${dep.metadata}.rlib"
# Adjust lib filename for crates of type proc-macro. Proc macros are compiled/run on the build platform architecture.
else if (lib.attrByPath [ "procMacro" ] false dep) then "${dep.metadata}${stdenv.buildPlatform.extensions.library}"
else "${dep.metadata}${stdenv.hostPlatform.extensions.library}";
in
" --extern ${opts}${name}=${dep.lib}/lib/lib${extern}-${filename}"

47
pkgs/build-support/rust/build-rust-crate/test/default.nix
View File

@ -421,6 +421,53 @@ let
buildDependencies = [ depCrate ];
dependencies = [ depCrate ];
};
# Support new invocation prefix for build scripts `cargo::`
# https://doc.rust-lang.org/cargo/reference/build-scripts.html#outputs-of-the-build-script
buildScriptInvocationPrefix = let
depCrate = buildRustCrate: mkCrate buildRustCrate {
crateName = "bar";
src = mkFile "build.rs" ''
fn main() {
// Old invocation prefix
// We likely won't see be mixing these syntaxes in the same build script in the wild.
println!("cargo:key_old=value_old");
// New invocation prefix
println!("cargo::metadata=key=value");
println!("cargo::metadata=key_complex=complex(value)");
}
'';
};
in {
crateName = "foo";
src = symlinkJoin {
name = "build-script-and-main-invocation-prefix";
paths = [
(mkFile "src/main.rs" ''
const BUILDFOO: &'static str = env!("BUILDFOO");
#[test]
fn build_foo_check() { assert!(BUILDFOO == "yes(check)"); }
fn main() { }
'')
(mkFile "build.rs" ''
use std::env;
fn main() {
assert!(env::var_os("DEP_BAR_KEY_OLD").expect("metadata key 'key_old' not set in dependency") == "value_old");
assert!(env::var_os("DEP_BAR_KEY").expect("metadata key 'key' not set in dependency") == "value");
assert!(env::var_os("DEP_BAR_KEY_COMPLEX").expect("metadata key 'key_complex' not set in dependency") == "complex(value)");
println!("cargo::rustc-env=BUILDFOO=yes(check)");
}
'')
];
};
buildDependencies = [ (depCrate buildPackages.buildRustCrate) ];
dependencies = [ (depCrate buildRustCrate) ];
buildTests = true;
expectedTestOutputs = [ "test build_foo_check ... ok" ];
};
# Regression test for https://github.com/NixOS/nixpkgs/issues/74071
# Whenevever a build.rs file is generating files those should not be overlayed onto the actual source dir
buildRsOutDirOverlay = {

23
pkgs/build-support/trivial-builders/test/references/default.nix
View File

@ -93,21 +93,27 @@ let
};
});
in
testers.nixosTest {
name = "nixpkgs-trivial-builders";
nodes.machine = { ... }: {
testers.runNixOSTest ({ config, lib, ... }:
let
# Use the testScriptBin from guest pkgs.
# The attribute path to access the guest version of testScriptBin is
# tests.trivial-builders.references.config.node.pkgs.tests.trivial-builders.references.testScriptBin
# which is why passthru.guestTestScriptBin is provided.
guestTestScriptBin = config.node.pkgs.tests.trivial-builders.references.testScriptBin;
in
{
name = "nixpkgs-trivial-builders-references";
nodes.machine = { config, lib, pkgs, ... }: {
virtualisation.writableStore = true;
# Test runs without network, so we don't substitute and prepare our deps
nix.settings.substituters = lib.mkForce [ ];
environment.etc."pre-built-paths".source = writeText "pre-built-paths" (
builtins.toJSON [ testScriptBin ]
);
system.extraDependencies = [ guestTestScriptBin ];
};
testScript =
''
machine.succeed("""
${lib.getExe testScriptBin} 2>/dev/console
${lib.getExe guestTestScriptBin} 2>/dev/console
""")
'';
passthru = {
@ -118,6 +124,7 @@ testers.nixosTest {
samples
testScriptBin
;
inherit guestTestScriptBin;
};
meta = {
maintainers = with lib.maintainers; [
@ -125,4 +132,4 @@ testers.nixosTest {
ShamrockLee
];
};
}
})

41
pkgs/by-name/ar/arkenfox-userjs/package.nix Normal file
View File

@ -0,0 +1,41 @@
{
lib,
fetchurl,
stdenvNoCC,
nix-update-script,
}:
stdenvNoCC.mkDerivation (finalAttrs: {
pname = "arkenfox-userjs";
version = "126.1";
src = fetchurl {
url = "https://raw.githubusercontent.com/arkenfox/user.js/${finalAttrs.version}/user.js";
hash = "sha256-XRtG0iLKh8uqbeX7Rc2H6VJwZYJoNZPBlAfZEfrSCP4=";
};
dontUnpack = true;
installPhase = ''
runHook preInstall
install -Dm644 $src $out/user.js
install -Dm644 $src $out/user.cfg
substituteInPlace $out/user.cfg \
--replace-fail "user_pref" "defaultPref"
runHook postInstall
'';
passthru.updateScript = nix-update-script { };
meta = {
description = "A comprehensive user.js template for configuration and hardening";
homepage = "https://github.com/arkenfox/user.js";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [
linsui
Guanran928
];
platforms = lib.platforms.all;
};
})

2
pkgs/by-name/bi/bitwarden-desktop/package.nix
View File

@ -192,7 +192,7 @@ in buildNpmPackage rec {
inherit description;
homepage = "https://bitwarden.com";
license = lib.licenses.gpl3;
maintainers = with lib.maintainers; [ amarshall kiwi ];
maintainers = with lib.maintainers; [ amarshall ];
platforms = [ "x86_64-linux" ];
mainProgram = "bitwarden";
};

8
pkgs/by-name/ca/catppuccin-fcitx5/package.nix
View File

@ -2,6 +2,7 @@
lib,
stdenvNoCC,
fetchFromGitHub,
unstableGitUpdater,
}:
stdenvNoCC.mkDerivation {
pname = "catppuccin-fcitx5";
@ -14,6 +15,9 @@ stdenvNoCC.mkDerivation {
hash = "sha256-uFaCbyrEjv4oiKUzLVFzw+UY54/h7wh2cntqeyYwGps=";
};
dontConfigure = true;
dontBuild = true;
installPhase = ''
runHook preInstall
mkdir -p $out/share/fcitx5
@ -21,11 +25,13 @@ stdenvNoCC.mkDerivation {
runHook postInstall
'';
passthru.updateScript = unstableGitUpdater { };
meta = {
description = "Soothing pastel theme for Fcitx5";
homepage = "https://github.com/catppuccin/fcitx5";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ pluiedev ];
maintainers = with lib.maintainers; [ pluiedev Guanran928 ];
platforms = lib.platforms.all;
};
}

37
pkgs/by-name/ca/catppuccin-grub/package.nix Normal file
View File

@ -0,0 +1,37 @@
{
lib,
stdenvNoCC,
fetchFromGitHub,
flavor ? "mocha", # override with your chosen flavor
}:
let
version = "1.0.0";
in
stdenvNoCC.mkDerivation {
pname = "catppuccin-grub";
inherit version;
src = fetchFromGitHub {
owner = "catppuccin";
repo = "grub";
rev = "v${version}";
hash = "sha256-/bSolCta8GCZ4lP0u5NVqYQ9Y3ZooYCNdTwORNvR7M0=";
};
installPhase = ''
runHook preInstall
mkdir -p $out/
cp -r src/catppuccin-${flavor}-grub-theme/* "$out/"
runHook postInstall
'';
meta = {
description = "Soothing pastel theme for GRUB";
homepage = "https://github.com/catppuccin/grub";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [isabelroses mimvoid];
platforms = lib.platforms.linux;
};
}

10
pkgs/by-name/ca/catppuccin-gtk/package.nix
View File

@ -3,7 +3,6 @@
, fetchFromGitHub
, gtk3
, git
, colloid-gtk-theme
, python3
, sassc
, nix-update-script
@ -34,7 +33,8 @@ stdenvNoCC.mkDerivation {
owner = "catppuccin";
repo = "gtk";
rev = "v${version}";
hash = "sha256-8KyZtZqVVz5UKuGdLrUsR2djD3nsJDliHMtvFtUVim8=";
fetchSubmodules = true;
hash = "sha256-q5/VcFsm3vNEw55zq/vcM11eo456SYE5TQA3g2VQjGc=";
};
nativeBuildInputs = [
@ -46,12 +46,6 @@ stdenvNoCC.mkDerivation {
(python3.withPackages (ps: [ ps.catppuccin ]))
];
postUnpack = ''
rm -rf source/sources/colloid
cp -r ${colloid-gtk-theme.src} source/sources/colloid
chmod -R +w source/sources/colloid
'';
dontConfigure = true;
dontBuild = true;

4
pkgs/by-name/co/codux/package.nix
View File

@ -5,11 +5,11 @@
let
pname = "codux";
version = "15.28.0";
version = "15.29.0";
src = fetchurl {
url = "https://github.com/wixplosives/codux-versions/releases/download/${version}/Codux-${version}.x86_64.AppImage";
sha256 = "sha256-U4uOP2M/369bFOfkCncXzKCdYz9TwtzpUFNg63Oz978=";
sha256 = "sha256-BvDrhs37XGCQdQV2yQJZXlnNWVArFCMLfFlXuXz9ea0=";
};
appimageContents = appimageTools.extractType2 { inherit pname version src; };

2
pkgs/by-name/cr/crabfit-api/package.nix
View File

@ -68,7 +68,7 @@ rustPlatform.buildRustPackage {
description = "Enter your availability to find a time that works for everyone";
homepage = "https://github.com/GRA0007/crab.fit";
license = lib.licenses.gpl3;
maintainers = with lib.maintainers; [ thubrecht ];
maintainers = with lib.maintainers; [ ];
mainProgram = "crabfit-api";
};
}

2
pkgs/by-name/cr/crabfit-frontend/package.nix
View File

@ -113,6 +113,6 @@ stdenv.mkDerivation (finalAttrs: {
description = "Enter your availability to find a time that works for everyone";
homepage = "https://github.com/GRA0007/crab.fit";
license = lib.licenses.gpl3;
maintainers = with lib.maintainers; [ thubrecht ];
maintainers = with lib.maintainers; [ ];
};
})

4
pkgs/by-name/ek/eksctl/package.nix
View File

@ -6,13 +6,13 @@
buildGoModule rec {
pname = "eksctl";
version = "0.182.0";
version = "0.183.0";
src = fetchFromGitHub {
owner = "weaveworks";
repo = pname;
rev = version;
hash = "sha256-KCd0AuizmsdGOBh7YZLEKcehoygd19HjjFu7V6NsVVw=";
hash = "sha256-u2k5Icrqy71HNif/hOElsJoRsLk7CL3uE197ehWenhE=";
};
vendorHash = "sha256-eaEAC1jDmApcyn0RC5pvonYVWblRCB2PFTr/K5rZvtU=";

6
pkgs/by-name/ez/eza/package.nix
View File

@ -17,16 +17,16 @@
rustPlatform.buildRustPackage rec {
pname = "eza";
version = "0.18.18";
version = "0.18.19";
src = fetchFromGitHub {
owner = "eza-community";
repo = "eza";
rev = "v${version}";
hash = "sha256-MBu5zwidjIWs9z6DXYNGsHIwic3ipScAw6TZjSvEvJk=";
hash = "sha256-UP0z7rcOmwKqpmKkQy5/6W+XWKfAiEQifKOnrdCgBYo=";
};
cargoHash = "sha256-TsW3Rl4EKvrPPhEYzp0K3lBkDYJiehctT/FnkL3yazU=";
cargoHash = "sha256-x53sQ/DEx7SkQ8vECg/5lkcdJA3WbcDaYapbXub+9nA=";
nativeBuildInputs = [ cmake pkg-config installShellFiles pandoc ];
buildInputs = [ zlib ]

39
pkgs/by-name/fc/fcitx5-catppuccin/package.nix
View File

@ -1,39 +0,0 @@
{
lib,
stdenvNoCC,
fetchFromGitHub,
unstableGitUpdater,
}:
stdenvNoCC.mkDerivation {
pname = "fcitx5-catppuccin";
version = "0-unstable-2022-10-05";
src = fetchFromGitHub {
owner = "catppuccin";
repo = "fcitx5";
rev = "ce244cfdf43a648d984719fdfd1d60aab09f5c97";
hash = "sha256-uFaCbyrEjv4oiKUzLVFzw+UY54/h7wh2cntqeyYwGps=";
};
dontConfigure = true;
dontBuild = true;
installPhase = ''
runHook preInstall
mkdir -p $out/share/fcitx5/themes
cp -r src/catppuccin-* $out/share/fcitx5/themes
runHook postInstall
'';
passthru.updateScript = unstableGitUpdater { };
meta = with lib; {
description = "Soothing pastel theme for Fcitx5";
homepage = "https://github.com/catppuccin/fcitx5";
license = licenses.mit;
maintainers = with maintainers; [ Guanran928 ];
platforms = platforms.all;
};
}

8
pkgs/by-name/fi/firefly-iii/package.nix
View File

@ -8,20 +8,20 @@
let
pname = "firefly-iii";
version = "6.1.17";
version = "6.1.18";
phpPackage = php83;
src = fetchFromGitHub {
owner = "firefly-iii";
repo = "firefly-iii";
rev = "v${version}";
hash = "sha256-KbTHbhv+8Lv5fk1Z8nxICySk6MK6Xc3TNATSIUnENa4=";
hash = "sha256-mA7gvKhHouUUz1Aix7253O/+VcufoEFwdcJeZxnazEo=";
};
assets = buildNpmPackage {
pname = "${pname}-assets";
inherit version src;
npmDepsHash = "sha256-Nlz+zsvUx9X70uofh8dWEvru8SAQzIh+XxGGOH5npyY=";
npmDepsHash = "sha256-MoxkNxfVeIFkiNVzfehQ9FpC65kBj8ZmvwaRf4MVRIg=";
dontNpmBuild = true;
installPhase = ''
runHook preInstall
@ -36,7 +36,7 @@ in
phpPackage.buildComposerProject (finalAttrs: {
inherit pname src version;
vendorHash = "sha256-mDVmZUCER1eaTXhh8VIbGbPkkpOeE6fTBhq8UnTlWPc=";
vendorHash = "sha256-EpMypgj6lZDz6T94bGoCUH9IVwh7VB4Ds08AcCsreRw=";
passthru = {
inherit phpPackage;

10
pkgs/applications/networking/gabutdm/default.nix → pkgs/by-name/ga/gabutdm/package.nix
View File

@ -14,18 +14,19 @@
, json-glib
, qrencode
, curl
, libadwaita
, aria2
}:
stdenv.mkDerivation rec {
pname = "gabutdm";
version = "2.1.6";
version = "2.2.8";
src = fetchFromGitHub {
owner = "gabutakut";
repo = pname;
repo = "gabutdm";
rev = version;
hash = "sha256-ai5LsoK21XwXqL4LRuKsOR1/JV6LnP+1ZJ9fMHpj178=";
hash = "sha256-HF+zBDkA9fYauLUYsvJJxcRggHu+5qH4rm0IM/tL9Hc=";
};
nativeBuildInputs = [
@ -45,11 +46,12 @@ stdenv.mkDerivation rec {
json-glib
qrencode
curl
libadwaita
];
postPatch = ''
substituteInPlace meson/post_install.py \
--replace gtk-update-icon-cache gtk4-update-icon-cache
--replace-fail gtk-update-icon-cache gtk4-update-icon-cache
'';
preFixup = ''

6
pkgs/by-name/gi/git-instafix/package.nix
View File

@ -13,7 +13,7 @@ let
maintainers
;
version = "0.2.3";
version = "0.2.4";
in
rustPlatform.buildRustPackage {
pname = "git-instafix";
@ -23,10 +23,10 @@ rustPlatform.buildRustPackage {
owner = "quodlibetor";
repo = "git-instafix";
rev = "v${version}";
hash = "sha256-gh0/pD07oWODZAOu82KijOFWUHfqSHyGLXg67K/rhqo=";
hash = "sha256-lrGWt3y8IbGzOjp6k3nZD4CnC1S9aMpJPwNL/Mik5Lw=";
};
cargoHash = "sha256-FncpFgmbB186ZKl8XMjeNAFtAf1qlNW8hbhTOKBlUWc=";
cargoHash = "sha256-+mBxHC7AzHuQ/k9OwT92iL25aW0WXyPcG5SOsWdgV5U=";
buildInputs = [ libgit2 ];
nativeCheckInputs = [ git ];

36
pkgs/servers/monitoring/grafana-reporter/default.nix → pkgs/by-name/gr/grafana-reporter/package.nix
View File

@ -1,33 +1,41 @@
{ lib, buildGoPackage, fetchFromGitHub, tetex, makeWrapper }:
with lib;
buildGoPackage rec {
{ lib
, buildGoModule
, fetchFromGitHub
, tetex
, makeWrapper
}:
buildGoModule rec {
pname = "reporter";
version = "2.3.1";
rev = "v${version}";
goPackagePath = "github.com/IzakMarais/reporter";
nativeBuildInputs = [ makeWrapper ];
src = fetchFromGitHub {
inherit rev;
rev = "v${version}";
owner = "IzakMarais";
repo = "reporter";
sha256 = "sha256-lsraJwx56I2Gn8CePWUlQu1qdMp78P4xwPzLxetYUcw=";
};
nativeBuildInputs = [ makeWrapper ];
vendorHash = null;
postPatch = ''
go mod init github.com/IzakMarais/reporter
'';
postInstall = ''
wrapProgram $out/bin/grafana-reporter \
--prefix PATH : ${makeBinPath [ tetex ]}
--prefix PATH : ${lib.makeBinPath [ tetex ]}
'';
# Testing library used had a breaking API change and upstream didn't adapt.
doCheck = false;
meta = {
description = "PDF report generator from a Grafana dashboard";
mainProgram = "grafana-reporter";
homepage = "https://github.com/IzakMarais/reporter";
license = licenses.mit;
maintainers = with maintainers; [ disassembler ];
license = lib.licenses.mit;
maintainers = [ lib.maintainers.disassembler ];
};
}

71
pkgs/by-name/ht/httping/package.nix Normal file
View File

@ -0,0 +1,71 @@
{
cmake,
fetchFromGitHub,
fftw,
gettext,
lib,
libintl,
ncurses,
nix-update-script,
openssl,
stdenv,
testers,
}:
stdenv.mkDerivation (finalAttrs: {
pname = "httping";
version = "3.6";
src = fetchFromGitHub {
owner = "folkertvanheusden";
repo = "HTTPing";
rev = "refs/tags/v${finalAttrs.version}";
hash = "sha256-lDgQC3VzfcLqMOQSaRZ/znMamAAGYq/9C9bHgI4G7B8=";
};
nativeBuildInputs = [
cmake
gettext
];
buildInputs = [
fftw
libintl
ncurses
openssl
];
cmakeFlags = [
(lib.cmakeFeature "CMAKE_BUILD_TYPE" "Release")
];
installPhase = ''
runHook preInstall
install -D httping $out/bin/httping
runHook postInstall
'';
passthru = {
tests.version = testers.testVersion {
command = "${lib.getExe finalAttrs.finalPackage} --version";
package = finalAttrs.finalPackage;
};
updateScript = nix-update-script { };
};
meta = {
changelog = "https://github.com/folkertvanheusden/HTTPing/releases/tag/v${finalAttrs.version}";
description = "Ping with HTTP requests";
homepage = "https://vanheusden.com/httping";
license = lib.licenses.agpl3Only;
longDescription = ''
Give httping an url, and it'll show you how long it takes to connect,
send a request and retrieve the reply (only the headers). Be aware that
the transmission across the network also takes time! So it measures the
latency of the webserver + network. It supports IPv6.
'';
mainProgram = "httping";
maintainers = [ lib.maintainers.anthonyroussel ];
platforms = lib.platforms.linux;
};
})

4
pkgs/by-name/im/imposm/package.nix
View File

@ -2,13 +2,13 @@
buildGoModule rec {
pname = "imposm";
version = "0.12.0";
version = "0.13.2";
src = fetchFromGitHub {
owner = "omniscale";
repo = "imposm3";
rev = "v${version}";
hash = "sha256-xX4cV/iU7u/g9n7dtkkkCtNOPZK5oyprNHGDUuW+ees=";
hash = "sha256-KIQA2OXJldM+LJw5vv63vppE7J08gWjJzAc/GLnrImA=";
};
vendorHash = null;

Some files were not shown because too many files have changed in this diff Show More