dev/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Merge master into haskell-updates

Browse Source
This commit is contained in:
github-actions[bot] 2024-10-04 00:16:09 +00:00 committed by GitHub
commit d4db941d79
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
186 changed files with 7564 additions and 1446 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
maintainers/maintainer-list.nix
View File

@ -5028,6 +5028,12 @@
github = "definfo";
githubId = 66514911;
};
deftdawg = {
name = "DeftDawg";
github = "deftdawg";
email = "deftdawg@gmail.com";
githubId = 4991612;
};
deifactor = {
name = "Ash Zahlen";
email = "ext0l@riseup.net";
@ -10747,6 +10753,13 @@
githubId = 46386452;
name = "Jeroen Wijenbergh";
};
jwillikers = {
email = "jordan@jwillikers.com";
github = "jwillikers";
githubId = 19399197;
name = "Jordan Williams";
keys = [ { fingerprint = "A6AB 406A F5F1 DE02 CEA3 B6F0 9FB4 2B0E 7F65 7D8C"; } ];
};
jwygoda = {
email = "jaroslaw@wygoda.me";
github = "jwygoda";

10
nixos/doc/manual/release-notes/rl-2411.section.md
View File

@ -17,6 +17,10 @@
[2.24](https://nix.dev/manual/nix/latest/release-notes/rl-2.24).
Notable changes include improvements to Git fetching, documentation comment support in `nix-repl> :doc`, as well as many quality of life improvements.
- This will be the last release of Nixpkgs to support versions of CUDA prior to CUDA 12.0.
These versions only work with old compiler versions that will be unsupported by the time of the Nixpkgs 25.05 release.
In future, users should expect CUDA versions to be dropped as the compiler versions they require leave upstream support windows.
- Convenience options for `amdgpu`, open source driver for Radeon cards, is now available under `hardware.amdgpu`.
- [AMDVLK](https://github.com/GPUOpen-Drivers/AMDVLK), AMD's open source Vulkan driver, is now available to be configured as `hardware.amdgpu.amdvlk` option.
@ -128,6 +132,8 @@
- [Gotenberg](https://gotenberg.dev), an API server for converting files to PDFs that can be used alongside Paperless-ngx. Available as [services.gotenberg](options.html#opt-services.gotenberg).
- [Suricata](https://suricata.io/), a free and open source, mature, fast and robust network threat detection engine. Available as [services.suricata](options.html#opt-services.suricata).
- [Playerctld](https://github.com/altdesktop/playerctl), a daemon to track media player activity. Available as [services.playerctld](option.html#opt-services.playerctld).
- [MenhirLib](https://gitlab.inria.fr/fpottier/menhir/-/tree/master/coq-menhirlib) A support library for verified Coq parsers produced by Menhir.
@ -163,6 +169,8 @@
- [Veilid](https://veilid.com), a headless server that enables privacy-focused data sharing and messaging on a peer-to-peer network. Available as [services.veilid](#opt-services.veilid.enable).
- [Fedimint](https://github.com/fedimint/fedimint), a module based system for building federated applications (Federated E-Cash Mint). Available as [services.fedimintd](#opt-services.fedimintd).
## Backward Incompatibilities {#sec-release-24.11-incompatibilities}
- The `sound` options have been removed or renamed, as they had a lot of unintended side effects. See [below](#sec-release-24.11-migration-sound) for details.
@ -618,6 +626,8 @@
- `nix.channel.enable = false` no longer implies `nix.settings.nix-path = []`.
Since Nix 2.13, a `nix-path` set in `nix.conf` cannot be overridden by the `NIX_PATH` configuration variable.
- ZFS now imports its pools in `postResumeCommands` rather than `postDeviceCommands`. If you had `postDeviceCommands` scripts that depended on ZFS pools being imported, those now need to be in `postResumeCommands`.
## Detailed migration information {#sec-release-24.11-migration}
### `sound` options removal {#sec-release-24.11-migration-sound}

40
nixos/modules/config/terminfo.nix
View File

@ -24,25 +24,35 @@
config = {
# This should not contain packages that are broken or can't build, since it
# will break this expression
#
# Currently broken packages:
# - contour
#
# can be generated with:
# lib.attrNames (lib.filterAttrs
# (_: drv: (builtins.tryEval (lib.isDerivation drv && drv ? terminfo)).value)
# pkgs)
environment.systemPackages = lib.mkIf config.environment.enableAllTerminfo (map (x: x.terminfo) (with pkgs.pkgsBuildBuild; [
alacritty
contour
foot
kitty
mtm
rio
rxvt-unicode-unwrapped
rxvt-unicode-unwrapped-emoji
st
termite
tmux
wezterm
yaft
]));
environment.systemPackages = lib.mkIf config.environment.enableAllTerminfo (
map (x: x.terminfo) (
with pkgs.pkgsBuildBuild;
[
alacritty
foot
kitty
mtm
rio
rxvt-unicode-unwrapped
rxvt-unicode-unwrapped-emoji
st
termite
tmux
wezterm
yaft
]
)
);
environment.pathsToLink = [
"/share/terminfo"

2
nixos/modules/installer/cd-dvd/iso-image.nix
View File

@ -8,7 +8,7 @@ let
* to a menuentry for use in grub.
*
* * defaults: {name, image, params, initrd}
* * options: [ option... ]
* * options: [ option... ]
* * option: {name, params, class}
*/
menuBuilderGrub2 =

1
nixos/modules/module-list.nix
View File

@ -1031,6 +1031,7 @@
./services/networking/expressvpn.nix
./services/networking/fakeroute.nix
./services/networking/fastnetmon-advanced.nix
./services/networking/fedimintd.nix
./services/networking/ferm.nix
./services/networking/firefox-syncserver.nix
./services/networking/fireqos.nix

2
nixos/modules/security/acme/default.nix
View File

@ -344,7 +344,7 @@ let
serviceConfig = commonServiceConfig // {
Group = data.group;
# Let's Encrypt Failed Validation Limit allows 5 retries per hour, per account, hostname and hour.
# Let's Encrypt Failed Validation Limit allows 5 retries per hour, per account, hostname and hour.
# This avoids eating them all up if something is misconfigured upon the first try.
RestartSec = 15 * 60;

2
nixos/modules/services/monitoring/datadog-agent.nix
View File

@ -288,7 +288,7 @@ in {
path = [ ];
script = ''
export DD_API_KEY=$(head -n 1 ${cfg.apiKeyFile})
${datadogPkg}/bin/trace-agent -config /etc/datadog-agent/datadog.yaml
${datadogPkg}/bin/trace-agent --config /etc/datadog-agent/datadog.yaml
'';
});

4
nixos/modules/services/monitoring/prometheus/exporters/dnsmasq.nix
View File

@ -21,8 +21,8 @@ in
};
leasesPath = mkOption {
type = types.path;
default = "/var/lib/misc/dnsmasq.leases";
example = "/var/lib/dnsmasq/dnsmasq.leases";
default = "/var/lib/dnsmasq/dnsmasq.leases";
example = "/var/lib/misc/dnsmasq.leases";
description = ''
Path to the `dnsmasq.leases` file.
'';

304
nixos/modules/services/networking/fedimintd.nix Normal file
View File

@ -0,0 +1,304 @@
{
config,
lib,
pkgs,
...
}:
let
inherit (lib)
concatLists
filterAttrs
mapAttrs'
mapAttrsToList
mkEnableOption
mkIf
mkOption
mkOverride
mkPackageOption
nameValuePair
recursiveUpdate
types
;
fedimintdOpts =
{
config,
lib,
name,
...
}:
{
options = {
enable = mkEnableOption "fedimintd";
package = mkPackageOption pkgs "fedimint" { };
environment = mkOption {
type = types.attrsOf types.str;
description = "Extra Environment variables to pass to the fedimintd.";
default = {
RUST_BACKTRACE = "1";
};
example = {
RUST_LOG = "info,fm=debug";
RUST_BACKTRACE = "1";
};
};
p2p = {
openFirewall = mkOption {
type = types.bool;
default = true;
description = "Opens port in firewall for fedimintd's p2p port";
};
port = mkOption {
type = types.port;
default = 8173;
description = "Port to bind on for p2p connections from peers";
};
bind = mkOption {
type = types.str;
default = "0.0.0.0";
description = "Address to bind on for p2p connections from peers";
};
url = mkOption {
type = types.str;
example = "fedimint://p2p.myfedimint.com";
description = ''
Public address for p2p connections from peers
'';
};
};
api = {
openFirewall = mkOption {
type = types.bool;
default = false;
description = "Opens port in firewall for fedimintd's api port";
};
port = mkOption {
type = types.port;
default = 8174;
description = "Port to bind on for API connections relied by the reverse proxy/tls terminator.";
};
bind = mkOption {
type = types.str;
default = "127.0.0.1";
description = "Address to bind on for API connections relied by the reverse proxy/tls terminator.";
};
url = mkOption {
type = types.str;
description = ''
Public URL of the API address of the reverse proxy/tls terminator. Usually starting with `wss://`.
'';
};
};
bitcoin = {
network = mkOption {
type = types.str;
default = "signet";
example = "bitcoin";
description = "Bitcoin network to participate in.";
};
rpc = {
url = mkOption {
type = types.str;
default = "http://127.0.0.1:38332";
example = "signet";
description = "Bitcoin node (bitcoind/electrum/esplora) address to connect to";
};
kind = mkOption {
type = types.str;
default = "bitcoind";
example = "electrum";
description = "Kind of a bitcoin node.";
};
secretFile = mkOption {
type = types.nullOr types.path;
default = null;
description = ''
If set the URL specified in `bitcoin.rpc.url` will get the content of this file added
as an URL password, so `http://user@example.com` will turn into `http://user:SOMESECRET@example.com`.
Example:
`/etc/nix-bitcoin-secrets/bitcoin-rpcpassword-public` (for nix-bitcoin default)
'';
};
};
};
consensus.finalityDelay = mkOption {
type = types.ints.unsigned;
default = 10;
description = "Consensus peg-in finality delay.";
};
dataDir = mkOption {
type = types.path;
default = "/var/lib/fedimintd-${name}/";
readOnly = true;
description = ''
Path to the data dir fedimintd will use to store its data.
Note that due to using the DynamicUser feature of systemd, this value should not be changed
and is set to be read only.
'';
};
nginx = {
enable = mkOption {
type = types.bool;
default = false;
description = ''
Whether to configure nginx for fedimintd
'';
};
fqdn = mkOption {
type = types.str;
example = "api.myfedimint.com";
description = "Public domain of the API address of the reverse proxy/tls terminator.";
};
config = mkOption {
type = types.submodule (
recursiveUpdate (import ../web-servers/nginx/vhost-options.nix {
inherit config lib;
}) { }
);
default = { };
description = "Overrides to the nginx vhost section for api";
};
};
};
};
in
{
options = {
services.fedimintd = mkOption {
type = types.attrsOf (types.submodule fedimintdOpts);
default = { };
description = "Specification of one or more fedimintd instances.";
};
};
config =
let
eachFedimintd = filterAttrs (fedimintdName: cfg: cfg.enable) config.services.fedimintd;
eachFedimintdNginx = filterAttrs (fedimintdName: cfg: cfg.nginx.enable) eachFedimintd;
in
mkIf (eachFedimintd != { }) {
networking.firewall.allowedTCPPorts = concatLists (
mapAttrsToList (
fedimintdName: cfg:
(lib.optional cfg.api.openFirewall cfg.api.port ++ lib.optional cfg.p2p.openFirewall cfg.p2p.port)
) eachFedimintd
);
systemd.services = mapAttrs' (
fedimintdName: cfg:
(nameValuePair "fedimintd-${fedimintdName}" (
let
startScript = pkgs.writeShellScript "fedimintd-start" (
(
if cfg.bitcoin.rpc.secretFile != null then
''
secret=$(${pkgs.coreutils}/bin/head -n 1 "${cfg.bitcoin.rpc.secretFile}")
prefix="''${FM_BITCOIN_RPC_URL%*@*}" # Everything before the last '@'
suffix="''${FM_BITCOIN_RPC_URL##*@}" # Everything after the last '@'
FM_BITCOIN_RPC_URL="''${prefix}:''${secret}@''${suffix}"
''
else
""
)
+ ''
exec ${cfg.package}/bin/fedimintd
''
);
in
{
description = "Fedimint Server";
documentation = [ "https://github.com/fedimint/fedimint/" ];
wantedBy = [ "multi-user.target" ];
environment = lib.mkMerge [
{
FM_BIND_P2P = "${cfg.p2p.bind}:${toString cfg.p2p.port}";
FM_BIND_API = "${cfg.api.bind}:${toString cfg.api.port}";
FM_P2P_URL = cfg.p2p.url;
FM_API_URL = cfg.api.url;
FM_DATA_DIR = cfg.dataDir;
FM_BITCOIN_NETWORK = cfg.bitcoin.network;
FM_BITCOIN_RPC_URL = cfg.bitcoin.rpc.url;
FM_BITCOIN_RPC_KIND = cfg.bitcoin.rpc.kind;
}
cfg.environment
];
serviceConfig = {
DynamicUser = true;
StateDirectory = "fedimintd-${fedimintdName}";
StateDirectoryMode = "0700";
ExecStart = startScript;
Restart = "always";
RestartSec = 10;
StartLimitBurst = 5;
UMask = "007";
LimitNOFILE = "100000";
LockPersonality = true;
MemoryDenyWriteExecute = true;
NoNewPrivileges = true;
PrivateDevices = true;
PrivateMounts = true;
PrivateTmp = true;
ProtectClock = true;
ProtectControlGroups = true;
ProtectHostname = true;
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
ProtectSystem = "full";
RestrictAddressFamilies = [
"AF_INET"
"AF_INET6"
];
RestrictNamespaces = true;
RestrictRealtime = true;
SystemCallArchitectures = "native";
SystemCallFilter = [
"@system-service"
"~@privileged"
];
};
}
))
) eachFedimintd;
services.nginx.virtualHosts = mapAttrs' (
fedimintdName: cfg:
(nameValuePair cfg.nginx.fqdn (
lib.mkMerge [
cfg.nginx.config
{
# Note: we want by default to enable OpenSSL, but it seems anything 100 and above is
# overriden by default value from vhost-options.nix
enableACME = mkOverride 99 true;
forceSSL = mkOverride 99 true;
# Currently Fedimint API only support JsonRPC on `/ws/` endpoint, so no need to handle `/`
locations."/ws/" = {
proxyPass = "http://127.0.0.1:${toString cfg.api.port}/";
proxyWebsockets = true;
extraConfig = ''
proxy_pass_header Authorization;
'';
};
}
]
))
) eachFedimintdNginx;
};
meta.maintainers = with lib.maintainers; [ dpc ];
}

282
nixos/modules/services/networking/suricata/default.nix Normal file
View File

@ -0,0 +1,282 @@
{
config,
pkgs,
lib,
...
}:
let
cfg = config.services.suricata;
pkg = cfg.package;
yaml = pkgs.formats.yaml { };
inherit (lib)
mkEnableOption
mkPackageOption
mkOption
types
literalExpression
filterAttrsRecursive
concatStringsSep
strings
lists
mkIf
;
in
{
meta.maintainers = with lib.maintainers; [ felbinger ];
options.services.suricata = {
enable = mkEnableOption "Suricata";
package = mkPackageOption pkgs "suricata" { };
configFile = mkOption {
type = types.path;
visible = false;
default = pkgs.writeTextFile {
name = "suricata.yaml";
text = ''
%YAML 1.1
---
${builtins.readFile (
yaml.generate "suricata-settings-raw.yaml" (
filterAttrsRecursive (name: value: value != null) cfg.settings
)
)}
'';
};
description = ''
Configuration file for suricata.
It is not usual to override the default values; it is recommended to use `settings`.
If you want to include extra configuration to the file, use the `settings.includes`.
'';
};
settings = mkOption {
type = types.submodule (import ./settings.nix { inherit config lib yaml; });
example = literalExpression ''
vars.address-groups.HOME_NET = "192.168.178.0/24";
outputs = [
{
fast = {
enabled = true;
filename = "fast.log";
append = "yes";
};
}
{
eve-log = {
enabled = true;
filetype = "regular";
filename = "eve.json";
community-id = true;
types = [
{
alert.tagged-packets = "yes";
}
];
};
}
];
af-packet = [
{
interface = "eth0";
cluster-id = "99";
cluster-type = "cluster_flow";
defrag = "yes";
}
{
interface = "default";
}
];
af-xdp = [
{
interface = "eth1";
}
];
dpdk.interfaces = [
{
interface = "eth2";
}
];
pcap = [
{
interface = "eth3";
}
];
app-layer.protocols = {
telnet.enabled = "yes";
dnp3.enabled = "yes";
modbus.enabled = "yes";
};
'';
description = "Suricata settings";
};
enabledSources = mkOption {
type = types.listOf types.str;
# see: nix-shell -p suricata python3Packages.pyyaml --command 'suricata-update list-sources'
default = [
"et/open"
"etnetera/aggressive"
"stamus/lateral"
"oisf/trafficid"
"tgreen/hunting"
"sslbl/ja3-fingerprints"
"sslbl/ssl-fp-blacklist"
"malsilo/win-malware"
"pawpatrules"
];
description = ''
List of sources that should be enabled.
Currently sources which require a secret-code are not supported.
'';
};
disabledRules = mkOption {
type = types.listOf types.str;
# protocol dnp3 seams to be disabled, which causes the signature evaluation to fail, so we disable the
# dnp3 rules, see https://github.com/OISF/suricata/blob/master/rules/dnp3-events.rules for more details
default = [
"2270000"
"2270001"
"2270002"
"2270003"
"2270004"
];
description = ''
List of rules that should be disabled.
'';
};
};
config =
let
captureInterfaces =
let
inherit (lists) unique optionals;
in
unique (
map (e: e.interface) (
(optionals (cfg.settings.af-packet != null) cfg.settings.af-packet)
++ (optionals (cfg.settings.af-xdp != null) cfg.settings.af-xdp)
++ (optionals (
cfg.settings.dpdk != null && cfg.settings.dpdk.interfaces != null
) cfg.settings.dpdk.interfaces)
++ (optionals (cfg.settings.pcap != null) cfg.settings.pcap)
)
);
in
mkIf cfg.enable {
assertions = [
{
assertion = (builtins.length captureInterfaces) > 0;
message = ''
At least one capture interface must be configured:
- `services.suricata.settings.af-packet`
- `services.suricata.settings.af-xdp`
- `services.suricata.settings.dpdk.interfaces`
- `services.suricata.settings.pcap`
'';
}
];
boot.kernelModules = mkIf (cfg.settings.af-packet != null) [ "af_packet" ];
users = {
groups.${cfg.settings.run-as.group} = { };
users.${cfg.settings.run-as.user} = {
group = cfg.settings.run-as.group;
isSystemUser = true;
};
};
systemd.tmpfiles.rules = [
"d ${cfg.settings."default-log-dir"} 755 ${cfg.settings.run-as.user} ${cfg.settings.run-as.group}"
"d /var/lib/suricata 755 ${cfg.settings.run-as.user} ${cfg.settings.run-as.group}"
"d ${cfg.settings."default-rule-path"} 755 ${cfg.settings.run-as.user} ${cfg.settings.run-as.group}"
];
systemd.services = {
suricata-update = {
description = "Update Suricata Rules";
wantedBy = [ "multi-user.target" ];
wants = [ "network-online.target" ];
after = [ "network-online.target" ];
script =
let
python = pkgs.python3.withPackages (ps: with ps; [ pyyaml ]);
enabledSourcesCmds = map (
src: "${python.interpreter} ${pkg}/bin/suricata-update enable-source ${src}"
) cfg.enabledSources;
in
''
${concatStringsSep "\n" enabledSourcesCmds}
${python.interpreter} ${pkg}/bin/suricata-update update-sources
${python.interpreter} ${pkg}/bin/suricata-update update --suricata-conf ${cfg.configFile} --no-test \
--disable-conf ${pkgs.writeText "suricata-disable-conf" "${concatStringsSep "\n" cfg.disabledRules}"}
'';
serviceConfig = {
Type = "oneshot";
PrivateTmp = true;
PrivateDevices = true;
PrivateIPC = true;
DynamicUser = true;
User = cfg.settings.run-as.user;
Group = cfg.settings.run-as.group;
ReadOnlyPaths = cfg.configFile;
ReadWritePaths = [
"/var/lib/suricata"
cfg.settings."default-rule-path"
];
};
};
suricata = {
description = "Suricata";
wantedBy = [ "multi-user.target" ];
after = [ "suricata-update.service" ];
serviceConfig =
let
interfaceOptions = strings.concatMapStrings (interface: " -i ${interface}") captureInterfaces;
in
{
ExecStartPre = "!${pkg}/bin/suricata -c ${cfg.configFile} -T";
ExecStart = "!${pkg}/bin/suricata -c ${cfg.configFile}${interfaceOptions}";
Restart = "on-failure";
User = cfg.settings.run-as.user;
Group = cfg.settings.run-as.group;
NoNewPrivileges = true;
PrivateTmp = true;
PrivateDevices = true;
PrivateIPC = true;
ProtectSystem = "strict";
DevicePolicy = "closed";
LockPersonality = true;
MemoryDenyWriteExecute = true;
ProtectHostname = true;
ProtectProc = true;
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
ProtectControlGroups = true;
ProcSubset = "pid";
RestrictNamespaces = true;
RestrictRealtime = true;
RestrictSUIDSGID = true;
SystemCallArchitectures = "native";
RemoveIPC = true;
ReadOnlyPaths = cfg.configFile;
ReadWritePaths = cfg.settings."default-log-dir";
RuntimeDirectory = "suricata";
};
};
};
};
}

625
nixos/modules/services/networking/suricata/settings.nix Normal file
View File

@ -0,0 +1,625 @@
{
lib,
config,
yaml,
...
}:
let
cfg = config.services.suricata;
inherit (lib)
mkEnableOption
mkOption
types
literalExpression
;
mkDisableOption =
name:
mkEnableOption name
// {
default = true;
example = false;
};
in
{
freeformType = yaml.type;
options = {
vars = mkOption {
type = types.nullOr (
types.submodule {
options = {
address-groups = mkOption {
type = (
types.submodule {
options = {
HOME_NET = mkOption { default = "[192.168.0.0/16,10.0.0.0/8,172.16.0.0/12]"; };
EXTERNAL_NET = mkOption { default = "!$HOME_NET"; };
HTTP_SERVERS = mkOption { default = "$HOME_NET"; };
SMTP_SERVERS = mkOption { default = "$HOME_NET"; };
SQL_SERVERS = mkOption { default = "$HOME_NET"; };
DNS_SERVERS = mkOption { default = "$HOME_NET"; };
TELNET_SERVERS = mkOption { default = "$HOME_NET"; };
AIM_SERVERS = mkOption { default = "$EXTERNAL_NET"; };
DC_SERVERS = mkOption { default = "$HOME_NET"; };
DNP3_SERVER = mkOption { default = "$HOME_NET"; };
DNP3_CLIENT = mkOption { default = "$HOME_NET"; };
MODBUS_CLIENT = mkOption { default = "$HOME_NET"; };
MODBUS_SERVER = mkOption { default = "$HOME_NET"; };
ENIP_CLIENT = mkOption { default = "$HOME_NET"; };
ENIP_SERVER = mkOption { default = "$HOME_NET"; };
};
}
);
default = { };
example = {
HOME_NET = "[192.168.0.0/16,10.0.0.0/8,172.16.0.0/12]";
EXTERNAL_NET = "!$HOME_NET";
HTTP_SERVERS = "$HOME_NET";
SMTP_SERVERS = "$HOME_NET";
SQL_SERVERS = "$HOME_NET";
DNS_SERVERS = "$HOME_NET";
TELNET_SERVERS = "$HOME_NET";
AIM_SERVERS = "$EXTERNAL_NET";
DC_SERVERS = "$HOME_NET";
DNP3_SERVER = "$HOME_NET";
DNP3_CLIENT = "$HOME_NET";
MODBUS_CLIENT = "$HOME_NET";
MODBUS_SERVER = "$HOME_NET";
ENIP_CLIENT = "$HOME_NET";
ENIP_SERVER = "$HOME_NET";
};
description = ''
The address group variables for suricata, if not defined the
default value of suricata (see example) will be used.
Your settings will extend the predefined values in example.
'';
};
port-groups = mkOption {
type = with types; nullOr (attrsOf str);
default = {
HTTP_PORTS = "80";
SHELLCODE_PORTS = "!80";
ORACLE_PORTS = "1521";
SSH_PORTS = "22";
DNP3_PORTS = "20000";
MODBUS_PORTS = "502";
FILE_DATA_PORTS = "[$HTTP_PORTS,110,143]";
FTP_PORTS = "21";
GENEVE_PORTS = "6081";
VXLAN_PORTS = "4789";
TEREDO_PORTS = "3544";
};
description = ''
The port group variables for suricata.
'';
};
};
}
);
default = { }; # add default values to config
};
stats = mkOption {
type =
with types;
nullOr (submodule {
options = {
enable = mkEnableOption "suricata global stats";
interval = mkOption {
type = types.str;
default = "8";
description = ''
The interval field (in seconds) controls the interval at
which stats are updated in the log.
'';
};
decoder-events = mkOption {
type = types.bool;
default = true;
description = ''
Add decode events to stats
'';
};
decoder-events-prefix = mkOption {
type = types.str;
default = "decoder.event";
description = ''
Decoder event prefix in stats. Has been 'decoder' before, but that leads
to missing events in the eve.stats records.
'';
};
stream-events = mkOption {
type = types.bool;
default = false;
description = ''
Add stream events as stats.
'';
};
};
});
default = null; # do not add to config unless specified
};
plugins = mkOption {
type = with types; nullOr (listOf path);
default = null;
description = ''
Plugins -- Experimental -- specify the filename for each plugin shared object
'';
};
outputs = mkOption {
type =
with types;
nullOr (
listOf (
attrsOf (submodule {
freeformType = yaml.type;
options = {
enabled = mkEnableOption "<NAME>";
};
})
)
);
default = null;
example = literalExpression ''
[
{
fast = {
enabled = "yes";
filename = "fast.log";
append = "yes";
};
}
{
eve-log = {
enabled = "yes";
filetype = "regular";
filename = "eve.json";
community-id = true;
types = [
{
alert.tagged-packets = "yes";
}
];
};
}
];
'';
description = ''
Configure the type of alert (and other) logging you would like.
Valid values for <NAME> are e. g. `fast`, `eve-log`, `syslog`, `file-store`, ...
- `fast`: a line based alerts log similar to Snort's fast.log
- `eve-log`: Extensible Event Format (nicknamed EVE) event log in JSON format
For more details regarding the configuration, checkout the shipped suricata.yaml
```shell
nix-shell -p suricata yq coreutils-full --command 'yq < $(dirname $(which suricata))/../etc/suricata/suricata.yaml'
```
and the [suricata documentation](https://docs.suricata.io/en/latest/output/index.html).
'';
};
"default-log-dir" = mkOption {
type = types.str;
default = "/var/log/suricata";
description = ''
The default logging directory. Any log or output file will be placed here if it's
not specified with a full path name. This can be overridden with the -l command
line parameter.
'';
};
logging = {
"default-log-level" = mkOption {
type = types.enum [
"error"
"warning"
"notice"
"info"
"perf"
"config"
"debug"
];
default = "notice";
description = ''
The default log level: can be overridden in an output section.
Note that debug level logging will only be emitted if Suricata was
compiled with the --enable-debug configure option.
'';
};
"default-log-format" = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
The default output format. Optional parameter, should default to
something reasonable if not provided. Can be overridden in an
output section. You can leave this out to get the default.
'';
};
"default-output-filter" = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
A regex to filter output. Can be overridden in an output section.
Defaults to empty (no filter).
'';
};
"stacktrace-on-signal" = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
Requires libunwind to be available when Suricata is configured and built.
If a signal unexpectedly terminates Suricata, displays a brief diagnostic
message with the offending stacktrace if enabled.
'';
};
outputs = {
console = {
enable = mkDisableOption "logging to console";
};
file = {
enable = mkDisableOption "logging to file";
level = mkOption {
type = types.enum [
"error"
"warning"
"notice"
"info"
"perf"
"config"
"debug"
];
default = "info";
description = ''
Loglevel for logs written to the logfile
'';
};
filename = mkOption {
type = types.str;
default = "suricata.log";
description = ''
Filename of the logfile
'';
};
format = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
Logformat for logs written to the logfile
'';
};
type = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
Type of logfile
'';
};
};
syslog = {
enable = mkEnableOption "logging to syslog";
facility = mkOption {
type = types.str;
default = "local5";
description = ''
Facility to log to
'';
};
format = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
Logformat for logs send to syslog
'';
};
type = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
Type of logs send to syslog
'';
};
};
};
};
"af-packet" = mkOption {
type =
with types;
nullOr (
listOf (submodule {
freeformType = yaml.type;
options = {
interface = mkOption {
type = types.str;
default = null;
};
};
})
);
default = null;
description = ''
Linux high speed capture support
'';
};
"af-xdp" = mkOption {
type =
with types;
nullOr (
listOf (submodule {
freeformType = yaml.type;
options = {
interface = mkOption {
type = types.str;
default = null;
};
};
})
);
default = null;
description = ''
Linux high speed af-xdp capture support, see
[docs/capture-hardware/af-xdp](https://docs.suricata.io/en/suricata-7.0.3/capture-hardware/af-xdp.html)
'';
};
"dpdk" = mkOption {
type =
with types;
nullOr (submodule {
options = {
eal-params.proc-type = mkOption {
type = with types; nullOr str;
default = null;
};
interfaces = mkOption {
type =
with types;
nullOr (
listOf (submodule {
freeformType = yaml.type;
options = {
interface = mkOption {
type = types.str;
default = null;
};
};
})
);
default = null;
};
};
});
default = null;
description = ''
DPDK capture support, see
[docs/capture-hardware/dpdk](https://docs.suricata.io/en/suricata-7.0.3/capture-hardware/dpdk.html)
'';
};
"pcap" = mkOption {
type =
with types;
nullOr (
listOf (submodule {
freeformType = yaml.type;
options = {
interface = mkOption {
type = types.str;
default = null;
};
};
})
);
default = null;
description = ''
Cross platform libpcap capture support
'';
};
"pcap-file".checksum-checks = mkOption {
type = types.enum [
"yes"
"no"
"auto"
];
default = "auto";
description = ''
Possible values are:
- yes: checksum validation is forced
- no: checksum validation is disabled
- auto: Suricata uses a statistical approach to detect when
checksum off-loading is used. (default)
Warning: 'checksum-validation' must be set to yes to have checksum tested
'';
};
"app-layer" = mkOption {
type =
with types;
nullOr (submodule {
options = {
"error-policy" = mkOption {
type = types.enum [
"drop-flow"
"pass-flow"
"bypass"
"drop-packet"
"pass-packet"
"reject"
"ignore"
];
default = "ignore";
description = ''
The error-policy setting applies to all app-layer parsers. Values can be
"drop-flow", "pass-flow", "bypass", "drop-packet", "pass-packet", "reject" or
"ignore" (the default).
'';
};
protocols = mkOption {
type =
with types;
nullOr (
attrsOf (submodule {
freeformType = yaml.type;
options = {
enabled = mkOption {
type = types.enum [
"yes"
"no"
"detection-only"
];
default = "no";
description = ''
The option "enabled" takes 3 values - "yes", "no", "detection-only".
"yes" enables both detection and the parser, "no" disables both, and
"detection-only" enables protocol detection only (parser disabled).
'';
};
};
})
);
default = null;
};
};
});
default = null; # do not add to config unless specified
};
"run-as" = {
user = mkOption {
type = types.str;
default = "suricata";
description = "Run Suricata with a specific user-id";
};
group = mkOption {
type = types.str;
default = "suricata";
description = "Run Suricata with a specific group-id";
};
};
"host-mode" = mkOption {
type = types.enum [
"router"
"sniffer-only"
"auto"
];
default = "auto";
description = ''
If the Suricata box is a router for the sniffed networks, set it to 'router'. If
it is a pure sniffing setup, set it to 'sniffer-only'. If set to auto, the variable
is internally switched to 'router' in IPS mode and 'sniffer-only' in IDS mode.
This feature is currently only used by the reject* keywords.
'';
};
"unix-command" = mkOption {
type =
with types;
nullOr (submodule {
options = {
enabled = mkOption {
type = types.either types.bool (types.enum [ "auto" ]);
default = "auto";
};
filename = mkOption {
type = types.path;
default = "/run/suricata/suricata-command.socket";
};
};
});
default = { };
description = ''
Unix command socket that can be used to pass commands to Suricata.
An external tool can then connect to get information from Suricata
or trigger some modifications of the engine. Set enabled to yes
to activate the feature. In auto mode, the feature will only be
activated in live capture mode. You can use the filename variable to set
the file name of the socket.
'';
};
"exception-policy" = mkOption {
type = types.enum [
"auto"
"drop-packet"
"drop-flow"
"reject"
"bypass"
"pass-packet"
"pass-flow"
"ignore"
];
default = "auto";
description = ''
Define a common behavior for all exception policies.
In IPS mode, the default is drop-flow. For cases when that's not possible, the
engine will fall to drop-packet. To fallback to old behavior (setting each of
them individually, or ignoring all), set this to ignore.
All values available for exception policies can be used, and there is one
extra option: auto - which means drop-flow or drop-packet (as explained above)
in IPS mode, and ignore in IDS mode. Exception policy values are: drop-packet,
drop-flow, reject, bypass, pass-packet, pass-flow, ignore (disable).
'';
};
"default-rule-path" = mkOption {
type = types.path;
default = "/var/lib/suricata/rules";
description = "Path in which suricata-update managed rules are stored by default";
};
"rule-files" = mkOption {
type = types.listOf types.str;
default = [ "suricata.rules" ];
description = "Files to load suricata-update managed rules, relative to 'default-rule-path'";
};
"classification-file" = mkOption {
type = types.str;
default = "/var/lib/suricata/rules/classification.config";
description = "Suricata classification configuration file";
};
"reference-config-file" = mkOption {
type = types.str;
default = "${cfg.package}/etc/suricata/reference.config";
description = "Suricata reference configuration file";
};
"threshold-file" = mkOption {
type = types.str;
default = "${cfg.package}/etc/suricata/threshold.config";
description = "Suricata threshold configuration file";
};
includes = mkOption {
type = with types; nullOr (listOf path);
default = null;
description = ''
Files to include in the suricata configuration. See
[docs/configuration/suricata-yaml](https://docs.suricata.io/en/suricata-7.0.3/configuration/suricata-yaml.html)
for available options.
'';
};
};
}

2
nixos/modules/services/web-apps/nextcloud.nix
View File

@ -1020,7 +1020,7 @@ in {
'';
serviceConfig.Type = "oneshot";
serviceConfig.User = "nextcloud";
# On Nextcloud ≥ 26, it is not necessary to patch the database files to prevent
# On Nextcloud ≥ 26, it is not necessary to patch the database files to prevent
# an automatic creation of the database user.
environment.NC_setup_create_db_user = lib.mkIf (nextcloudGreaterOrEqualThan "26") "false";
};

2
nixos/modules/services/web-apps/pixelfed.nix
View File

@ -406,7 +406,7 @@ in {
# is unnecessary as it's part of the installPhase of pixelfed.
# Install Horizon
# FIXME: require write access to public/ — should be done as part of install — pixelfed-manage horizon:publish
# FIXME: require write access to public/ — should be done as part of install — pixelfed-manage horizon:publish
# Perform the first migration.
[[ ! -f ${cfg.dataDir}/.initial-migration ]] && pixelfed-manage migrate --force && touch ${cfg.dataDir}/.initial-migration

89
nixos/tests/acme.nix
View File

@ -407,7 +407,6 @@ in {
''
import time
TOTAL_RETRIES = 20
@ -428,6 +427,16 @@ in {
return retries + 1
def protect(self, func):
def wrapper(*args, retries: int = 0, **kwargs):
try:
return func(*args, **kwargs)
except Exception as err:
retries = self.handle_fail(retries, err.args)
return wrapper(*args, retries=retries, **kwargs)
return wrapper
backoff = BackoffTracker()
@ -437,11 +446,13 @@ in {
# quickly switch between derivations
root_specs = "/tmp/specialisation"
node.execute(
f"test -e {root_specs}"
f" || ln -s $(readlink /run/current-system)/specialisation {root_specs}"
f"test -e {root_specs}"
f" || ln -s $(readlink /run/current-system)/specialisation {root_specs}"
)
switcher_path = f"/run/current-system/specialisation/{name}/bin/switch-to-configuration"
switcher_path = (
f"/run/current-system/specialisation/{name}/bin/switch-to-configuration"
)
rc, _ = node.execute(f"test -e '{switcher_path}'")
if rc > 0:
switcher_path = f"/tmp/specialisation/{name}/bin/switch-to-configuration"
@ -465,38 +476,45 @@ in {
actual_issuer = node.succeed(
f"openssl x509 -noout -issuer -in /var/lib/acme/{cert_name}/{fname}"
).partition("=")[2]
print(f"{fname} issuer: {actual_issuer}")
assert issuer.lower() in actual_issuer.lower()
assert (
issuer.lower() in actual_issuer.lower()
), f"{fname} issuer mismatch. Expected {issuer} got {actual_issuer}"
# Ensure cert comes before chain in fullchain.pem
def check_fullchain(node, cert_name):
subject_data = node.succeed(
f"openssl crl2pkcs7 -nocrl -certfile /var/lib/acme/{cert_name}/fullchain.pem"
" | openssl pkcs7 -print_certs -noout"
cert_file = f"/var/lib/acme/{cert_name}/fullchain.pem"
num_certs = node.succeed(f"grep -o 'END CERTIFICATE' {cert_file}")
assert len(num_certs.strip().split("\n")) > 1, "Insufficient certs in fullchain.pem"
first_cert_data = node.succeed(
f"grep -m1 -B50 'END CERTIFICATE' {cert_file}"
" | openssl x509 -noout -text"
)
for line in subject_data.lower().split("\n"):
if "subject" in line:
print(f"First subject in fullchain.pem: {line}")
assert cert_name.lower() in line
for line in first_cert_data.lower().split("\n"):
if "dns:" in line:
print(f"First DNSName in fullchain.pem: {line}")
assert cert_name.lower() in line, f"{cert_name} not found in {line}"
return
assert False
def check_connection(node, domain, retries=0):
@backoff.protect
def check_connection(node, domain):
result = node.succeed(
"openssl s_client -brief -verify 2 -CAfile /tmp/ca.crt"
f" -servername {domain} -connect {domain}:443 < /dev/null 2>&1"
)
for line in result.lower().split("\n"):
if "verification" in line and "error" in line:
retries = backoff.handle_fail(retries, f"Failed to connect to https://{domain}")
return check_connection(node, domain, retries)
assert not (
"verification" in line and "error" in line
), f"Failed to connect to https://{domain}"
def check_connection_key_bits(node, domain, bits, retries=0):
@backoff.protect
def check_connection_key_bits(node, domain, bits):
result = node.succeed(
"openssl s_client -CAfile /tmp/ca.crt"
f" -servername {domain} -connect {domain}:443 < /dev/null"
@ -504,12 +522,11 @@ in {
)
print("Key type:", result)
if bits not in result:
retries = backoff.handle_fail(retries, f"Did not find expected number of bits ({bits}) in key")
return check_connection_key_bits(node, domain, bits, retries)
assert bits in result, f"Did not find expected number of bits ({bits}) in key"
def check_stapling(node, domain, retries=0):
@backoff.protect
def check_stapling(node, domain):
# Pebble doesn't provide a full OCSP responder, so just check the URL
result = node.succeed(
"openssl s_client -CAfile /tmp/ca.crt"
@ -518,30 +535,28 @@ in {
)
print("OCSP Responder URL:", result)
if "${caDomain}:4002" not in result.lower():
retries = backoff.handle_fail(retries, "OCSP Stapling check failed")
return check_stapling(node, domain, retries)
assert "${caDomain}:4002" in result.lower(), "OCSP Stapling check failed"
def download_ca_certs(node, retries=0):
exit_code, _ = node.execute("curl https://${caDomain}:15000/roots/0 > /tmp/ca.crt")
exit_code_2, _ = node.execute(
"curl https://${caDomain}:15000/intermediate-keys/0 >> /tmp/ca.crt"
@backoff.protect
def download_ca_certs(node):
node.succeed("curl https://${caDomain}:15000/roots/0 > /tmp/ca.crt")
node.succeed("curl https://${caDomain}:15000/intermediate-keys/0 >> /tmp/ca.crt")
@backoff.protect
def set_a_record(node):
node.succeed(
'curl --data \'{"host": "${caDomain}", "addresses": ["${nodes.acme.networking.primaryIPAddress}"]}\' http://${dnsServerIP nodes}:8055/add-a'
)
if exit_code + exit_code_2 > 0:
retries = backoff.handle_fail(retries, "Failed to connect to pebble to download root CA certs")
return download_ca_certs(node, retries)
start_all()
dnsserver.wait_for_unit("pebble-challtestsrv.service")
client.wait_for_unit("default.target")
client.succeed(
'curl --data \'{"host": "${caDomain}", "addresses": ["${nodes.acme.networking.primaryIPAddress}"]}\' http://${dnsServerIP nodes}:8055/add-a'
)
set_a_record(client)
acme.systemctl("start network-online.target")
acme.wait_for_unit("network-online.target")
@ -638,7 +653,7 @@ in {
webserver.wait_for_unit("acme-finished-lego.example.test.target")
webserver.wait_for_unit("nginx.service")
webserver.succeed("echo HENLO && systemctl cat nginx.service")
webserver.succeed("test \"$(stat -c '%U' /var/lib/acme/* | uniq)\" = \"root\"")
webserver.succeed('test "$(stat -c \'%U\' /var/lib/acme/* | uniq)" = "root"')
check_connection(client, "a.example.test")
check_connection(client, "lego.example.test")

2
nixos/tests/all-tests.nix
View File

@ -322,6 +322,7 @@ in {
fancontrol = handleTest ./fancontrol.nix {};
fanout = handleTest ./fanout.nix {};
fcitx5 = handleTest ./fcitx5 {};
fedimintd = runTest ./fedimintd.nix;
fenics = handleTest ./fenics.nix {};
ferm = handleTest ./ferm.nix {};
ferretdb = handleTest ./ferretdb.nix {};
@ -942,6 +943,7 @@ in {
sudo = handleTest ./sudo.nix {};
sudo-rs = handleTest ./sudo-rs.nix {};
sunshine = handleTest ./sunshine.nix {};
suricata = handleTest ./suricata.nix {};
suwayomi-server = handleTest ./suwayomi-server.nix {};
swap-file-btrfs = handleTest ./swap-file-btrfs.nix {};
swap-partition = handleTest ./swap-partition.nix {};

37
nixos/tests/fedimintd.nix Normal file
View File

@ -0,0 +1,37 @@
# This test runs the fedimintd and verifies that it starts
{ pkgs, ... }:
{
name = "fedimintd";
meta = with pkgs.lib.maintainers; {
maintainers = [ dpc ];
};
nodes.machine =
{ ... }:
{
services.fedimintd."mainnet" = {
enable = true;
p2p = {
url = "fedimint://example.com";
};
api = {
url = "wss://example.com";
};
environment = {
"FM_REL_NOTES_ACK" = "0_4_xyz";
};
};
};
testScript =
{ nodes, ... }:
''
start_all()
machine.wait_for_unit("fedimintd-mainnet.service")
machine.wait_for_open_port(${toString nodes.machine.services.fedimintd.mainnet.api.port})
'';
}

4
nixos/tests/scrutiny.nix
View File

@ -49,10 +49,6 @@ import ./make-test-python.nix ({ lib, ... }:
testScript = ''
start_all()
# Wait for InfluxDB to be available
machine.wait_for_unit("influxdb2")
machine.wait_for_open_port(8086)
# Wait for Scrutiny to be available
machine.wait_for_unit("scrutiny")
machine.wait_for_open_port(8080)

2
nixos/tests/slurm.nix
View File

@ -154,7 +154,7 @@ in {
with subtest("run_distributed_command"):
# Run `hostname` on 3 nodes of the partition (so on all the 3 nodes).
# The output must contain the 3 different names
# The output must contain the 3 different names
submit.succeed("srun -N 3 hostname | sort | uniq | wc -l | xargs test 3 -eq")
with subtest("check_slurm_dbd"):

86
nixos/tests/suricata.nix Normal file
View File

@ -0,0 +1,86 @@
import ./make-test-python.nix (
{ lib, pkgs, ... }:
{
name = "suricata";
meta.maintainers = with lib.maintainers; [ felbinger ];
nodes = {
ids = {
imports = [
../modules/profiles/minimal.nix
../modules/services/networking/suricata/default.nix
];
networking.interfaces.eth1 = {
useDHCP = false;
ipv4.addresses = [
{
address = "192.168.1.2";
prefixLength = 24;
}
];
};
# disable suricata-update because this requires an Internet connection
systemd.services.suricata-update.enable = false;
# install suricata package to make suricatasc program available
environment.systemPackages = with pkgs; [ suricata ];
services.suricata = {
enable = true;
settings = {
vars.address-groups.HOME_NET = "192.168.1.0/24";
unix-command.enabled = true;
outputs = [ { fast.enabled = true; } ];
af-packet = [ { interface = "eth1"; } ];
classification-file = "${pkgs.suricata}/etc/suricata/classification.config";
};
};
# create suricata.rules with the rule to detect the output of the id command
systemd.tmpfiles.rules = [
''f /var/lib/suricata/rules/suricata.rules 644 suricata suricata 0 alert ip any any -> any any (msg:"GPL ATTACK_RESPONSE id check returned root"; content:"uid=0|28|root|29|"; classtype:bad-unknown; sid:2100498; rev:7; metadata:created_at 2010_09_23, updated_at 2019_07_26;)''
];
};
helper = {
imports = [ ../modules/profiles/minimal.nix ];
networking.interfaces.eth1 = {
useDHCP = false;
ipv4.addresses = [
{
address = "192.168.1.1";
prefixLength = 24;
}
];
};
services.nginx = {
enable = true;
virtualHosts."localhost".locations = {
"/id/".return = "200 'uid=0(root) gid=0(root) groups=0(root)'";
};
};
networking.firewall.allowedTCPPorts = [ 80 ];
};
};
testScript = ''
start_all()
# check that configuration has been applied correctly with suricatasc
with subtest("suricata configuration test"):
ids.wait_for_unit("suricata.service")
assert '1' in ids.succeed("suricatasc -c 'iface-list' | ${pkgs.jq}/bin/jq .message.count")
# test detection of events based on a static ruleset (output of id command)
with subtest("suricata rule test"):
helper.wait_for_unit("nginx.service")
ids.wait_for_unit("suricata.service")
ids.succeed("curl http://192.168.1.1/id/")
assert "id check returned root [**] [Classification: Potentially Bad Traffic]" in ids.succeed("tail -n 1 /var/log/suricata/fast.log"), "Suricata didn't detect the output of id comment"
'';
}
)

4
nixos/tests/wstunnel.nix
View File

@ -1,3 +1,5 @@
{ lib, ... }:
let
certs = import ./common/acme/server/snakeoil-certs.nix;
domain = certs.domain;
@ -6,6 +8,8 @@ in
{
name = "wstunnel";
meta.platforms = lib.platforms.linux;
nodes = {
server = {
virtualisation.vlans = [ 1 ];

6
pkgs/applications/audio/songrec/default.nix
View File

@ -12,16 +12,16 @@
rustPlatform.buildRustPackage rec {
pname = "songrec";
version = "0.4.2";
version = "0.4.3";
src = fetchFromGitHub {
owner = "marin-m";
repo = pname;
rev = version;
hash = "sha256-S44gtyz6L6uaLm3q75y8S4NJb77Vfy+Sd+J06IroHIM=";
hash = "sha256-pTonrxlYvfuLRKMXW0Lao4KCoNFlMzE9rH+hwpa60JY=";
};
cargoHash = "sha256-f2xAWh+y0Jw7QVLZBkajMLN3ocCyRsR480ai7+07LM4=";
cargoHash = "sha256-2BXUZD63xzHpUi8lk2fV5qBmeq6Gzpq0uEcKfbReANI=";
nativeBuildInputs = [ pkg-config ];

8
pkgs/applications/editors/vim/plugins/overrides.nix
View File

@ -587,19 +587,19 @@ in
cord-nvim =
let
version = "2024-07-19";
version = "0-unstable-2024-09-26";
src = fetchFromGitHub {
owner = "vyfor";
repo = "cord.nvim";
rev = "cd97c25320fb0a672b11bcd95d8332bb3088ecce";
hash = "sha256-66NtKteM1mvHP5wAU4e9JbsF+bq91lmCDcTh/6RPhoo=";
rev = "a26b00d58c42174aadf975917b49cec67650545f";
hash = "sha256-jUxBvWnj0+axuw2SZ2zLzlhZS0tu+Bk8+wHtXENofkw=";
};
extension = if stdenv.hostPlatform.isDarwin then "dylib" else "so";
rustPackage = rustPlatform.buildRustPackage {
pname = "cord.nvim-rust";
inherit version src;
cargoHash = "sha256-6FYf4pHEPxvhKHHPmkjQ40zPxaiypnpDxF8kNH+h+tg=";
cargoHash = "sha256-M5mTdBACTaUVZhPpMOf1KQ3BcQpEoD2isAKRn+iAWjc=";
installPhase = let
cargoTarget = stdenv.hostPlatform.rust.cargoShortTarget;

14
pkgs/applications/editors/vscode/extensions/equinusocio.vsc-material-theme/default.nix
View File

@ -4,22 +4,16 @@ vscode-utils.buildVscodeMarketplaceExtension {
mktplcRef = {
name = "vsc-material-theme";
publisher = "Equinusocio";
version = "34.3.1";
hash = "sha256-3yxFTMtjJR1b4EzBDfm55HF9chrya5OUF5wN+KHEduE=";
version = "34.7.5";
hash = "sha256-6YMr64MTtJrmMMMPW/s6hMh/IilDqLMrspKRPT4uSpM=";
};
# extensions wants to write at the /nix/store path, so we patch it to use the globalStorageUri instead.
prePatch = ''
substituteInPlace ./build/core/extension-manager.js \
--replace-fail "path_1.posix.join(extensionFolderUri.path, env_1.USER_CONFIG_FILE_NAME)" "path_1.posix.join(ExtensionContext.globalStorageUri.fsPath, env_1.USER_CONFIG_FILE_NAME)"
'';
meta = with lib; {
changelog = "https://marketplace.visualstudio.com/items/Equinusocio.vsc-material-theme/changelog";
description = "Most epic theme now for Visual Studio Code";
downloadPage = "https://marketplace.visualstudio.com/items?itemName=Equinusocio.vsc-material-theme";
homepage = "https://github.com/material-theme/vsc-material-theme";
license = licenses.asl20;
homepage = "https://www.material-theme.dev/";
license = licenses.unfree;
maintainers = with maintainers; [ stunkymonkey ];
};
}

4
pkgs/applications/file-managers/clifm/default.nix
View File

@ -11,13 +11,13 @@
stdenv.mkDerivation rec {
pname = "clifm";
version = "1.20";
version = "1.21";
src = fetchFromGitHub {
owner = "leo-arch";
repo = pname;
rev = "v${version}";
hash = "sha256-TKQxNl+RTPQAE7mMALugm3rg8mPZq3eD/uW23DLws8I=";
hash = "sha256-x7Mdt8XcTtqxaHo28jrpyYPHZ/X1g9h4aulrW3YIXGQ=";
};
buildInputs = [

35
pkgs/applications/graphics/dosage/default.nix
View File

@ -1,22 +1,43 @@
{ lib, python3Packages, fetchPypi }:
{
lib,
python3Packages,
fetchPypi,
}:
python3Packages.buildPythonApplication rec {
pname = "dosage";
version = "2.17";
version = "3.0";
src = fetchPypi {
inherit pname version;
sha256 = "0vmxgn9wd3j80hp4gr5iq06jrl4gryz5zgfdd2ah30d12sfcfig0";
sha256 = "sha256-mHV/U9Vqv7fSsLYNrCXckkJ1YpsccLd8HsJ78IwLX0Y=";
};
pyproject = true;
nativeCheckInputs = with python3Packages; [
pytestCheckHook pytest-xdist responses
pytestCheckHook
pytest-xdist
responses
];
nativeBuildInputs = with python3Packages; [ setuptools-scm ];
build-system = [ python3Packages.setuptools-scm ];
propagatedBuildInputs = with python3Packages; [
colorama imagesize lxml requests setuptools six
dependencies = with python3Packages; [
colorama
imagesize
lxml
requests
six
platformdirs
];
disabledTests = [
# need network connect to api.github.com
"test_update_available"
"test_no_update_available"
"test_update_broken"
"test_current"
];
meta = {

6
pkgs/applications/misc/lscolors/default.nix
View File

@ -2,14 +2,14 @@
rustPlatform.buildRustPackage rec {
pname = "lscolors";
version = "0.19.0";
version = "0.20.0";
src = fetchCrate {
inherit version pname;
hash = "sha256-9xYWjpeXg646JEW7faRLE1Au6LRVU6QQ7zfAwmYffT0=";
hash = "sha256-EUUPVSpHc9tN1Hi7917hJ2psTZq5nnGw6PBeApvlVtw=";
};
cargoHash = "sha256-gtcznStbuYWcBPKZ/hdH15cwRQL0+Q0fZHe+YW5Rek0=";
cargoHash = "sha256-1wAHd0WrJfjxDyGRAJjXGFY9ZBFlBOQFr2+cxoTufW0=";
buildFeatures = [ "nu-ansi-term" ];

42
pkgs/applications/misc/slweb/default.nix
View File

@ -1,42 +0,0 @@
{ lib
, stdenv
, fetchFromSourcehut
, redo-apenwarr
, testers
}:
stdenv.mkDerivation (finalAttrs: {
pname = "slweb";
version = "0.9.0";
src = fetchFromSourcehut {
owner = "~strahinja";
repo = "slweb";
rev = "v${finalAttrs.version}";
hash = "sha256-QDHcp5pCmapgOlJpDDyyC12JOfh/biDyF6O+iKGbOGg=";
};
nativeBuildInputs = [ redo-apenwarr ];
installPhase = ''
runHook preInstall
export FALLBACKVER=${finalAttrs.version}
PREFIX=$out redo install
runHook postInstall
'';
enableParallelBuilding = true;
passthru.tests.version = testers.testVersion {
package = finalAttrs.finalPackage;
};
meta = with lib; {
description = "Static website generator which aims at being simplistic";
homepage = "https://strahinja.srht.site/slweb/";
license = licenses.gpl3Plus;
platforms = platforms.linux;
maintainers = with maintainers; [ GaetanLepage ];
mainProgram = "slweb";
};
})

12
pkgs/applications/networking/browsers/chromium/upstream-info.nix
View File

@ -1,11 +1,11 @@
{
stable = {
chromedriver = {
hash_darwin = "sha256-m5kuSeaK4v8GtjlqJOP3isN/o+9uOxPuSEegi0nYaOM=";
hash_darwin = "sha256-cWY8P3D+PrIlbEdMYPp+4cFQZfOLbGeebC1Glg53Sx4=";
hash_darwin_aarch64 =
"sha256-9WQH8Z7v3PtFKHA6bsrXgCJDWevh1YPjPyDp7M/xhlI=";
hash_linux = "sha256-dp060EKhFI4aRTBGLB8PyqeOj25Ov5Bd29KyESUDcwQ=";
version = "129.0.6668.70";
"sha256-Tu11SCTlB+8/ao0uS7AbknB5WuvN+cw/gHiyL6xKH1o=";
hash_linux = "sha256-Da+xaXNNP8eRccq87LBxMb+2oXJ4WRGLdWoCAhG2yAQ=";
version = "129.0.6668.89";
};
deps = {
gn = {
@ -15,8 +15,8 @@
version = "2024-08-19";
};
};
hash = "sha256-L9h9jbwEMcUi/cu7FP2O/6wD0Br/3SzWCazu7m9ua+o=";
version = "129.0.6668.70";
hash = "sha256-+n9LjRLFvVB/pYkSrRCxln/Xn2paFyoY+mJGD73NtII=";
version = "129.0.6668.89";
};
ungoogled-chromium = {
deps = {

4
pkgs/applications/networking/cluster/arkade/default.nix
View File

@ -6,13 +6,13 @@
buildGoModule rec {
pname = "arkade";
version = "0.11.26";
version = "0.11.27";
src = fetchFromGitHub {
owner = "alexellis";
repo = "arkade";
rev = version;
hash = "sha256-p3rLQQwuJ/5AUzsQfGA9JSoifYaG4vAE2NaNfTf6/uk=";
hash = "sha256-5/QAtaAAiIzpvOl43A4OqnIcKlfdxehGjmCREFRKXTs=";
};
CGO_ENABLED = 0;

4
pkgs/applications/networking/cluster/opentofu/default.nix
View File

@ -14,13 +14,13 @@
let
package = buildGoModule rec {
pname = "opentofu";
version = "1.8.2";
version = "1.8.3";
src = fetchFromGitHub {
owner = "opentofu";
repo = "opentofu";
rev = "v${version}";
hash = "sha256-kBI3Jgi4fDOx5bknTMlcI2K3LxKj6Q4dunbG9N33Ps0=";
hash = "sha256-+1ctvUz1Prhon+w5fGO+IQCYl7uEMZwAYMfQut7fmO4=";
};
vendorHash = "sha256-cM2DSP2ss3vleUhPBIdyxKeWJxtHpdjL5b5HVS/iC6o=";

6
pkgs/applications/networking/cluster/talosctl/default.nix
View File

@ -2,16 +2,16 @@
buildGoModule rec {
pname = "talosctl";
version = "1.7.6";
version = "1.8.0";
src = fetchFromGitHub {
owner = "siderolabs";
repo = "talos";
rev = "v${version}";
hash = "sha256-uyPnln1Cj4j1oPVERBIHMJXJWR+jPUq6AE7rZXr2yQo=";
hash = "sha256-Ezie6RQsigmJgdvnSVk6awuUu2kODSio9DNg4bow76M=";
};
vendorHash = "sha256-ZJGhPT2KYYIMKmRWqdOppvXSD2W8kYtxK/900TdVdUg=";
vendorHash = "sha256-9qkealjjdBO659fdWdgFii3ThPRwKpYasB03L3Bktqs=";
ldflags = [ "-s" "-w" ];

4
pkgs/applications/networking/cluster/tf-summarize/default.nix
View File

@ -7,13 +7,13 @@
buildGoModule rec {
pname = "tf-summarize";
version = "0.3.10";
version = "0.3.11";
src = fetchFromGitHub {
owner = "dineshba";
repo = "tf-summarize";
rev = "v${version}";
hash = "sha256-OmGJgy36Jv7/kyGg2y1cNS1r6n1C/plfC0s6q08Wox4=";
hash = "sha256-HXmFxbYfzEp6hxdmvNcSI+8zM3wh7pVpFjquwP/t4PU=";
};
vendorHash = "sha256-nfontEgMj2qPbrM35iR7b65qrkWHCMY1v944iYdNLG8=";

4
pkgs/applications/networking/cluster/zarf/default.nix
View File

@ -7,13 +7,13 @@
buildGoModule rec {
pname = "zarf";
version = "0.39.0";
version = "0.40.1";
src = fetchFromGitHub {
owner = "defenseunicorns";
repo = "zarf";
rev = "v${version}";
hash = "sha256-ATC+eoM3B21iG/ih31vlxBjnJ6zwmuxOLiw4nHKTp4o=";
hash = "sha256-tSMaDb8lflkedDa5ICXthqMpWBkHg+UQ20aTrF4+hUQ=";
};
vendorHash = "sha256-7G+gROPw8Ab6iGMr7vnmC7jAm7jLPd5pbLOkKqDKIDc=";

13
pkgs/applications/science/logic/btor2tools/default.nix
View File

@ -21,11 +21,24 @@ stdenv.mkDerivation rec {
cp -v lib/libbtor2parser.* $lib/lib
'';
doInstallCheck = true;
installCheckPhase = ''
runHook preInstallCheck
# make sure shared libraries are present and program can be executed
$out/bin/btorsim -h > /dev/null
runHook postInstallCheck
'';
outputs = [ "out" "dev" "lib" ];
cmakeFlags = [
# RPATH of binary /nix/store/.../bin/btorsim contains a forbidden reference to /build/
"-DCMAKE_SKIP_BUILD_RPATH=ON"
] ++ lib.optionals stdenv.hostPlatform.isDarwin [
"-DCMAKE_BUILD_WITH_INSTALL_NAME_DIR=ON"
];
meta = with lib; {

12
pkgs/applications/science/logic/easycrypt/default.nix
View File

@ -1,14 +1,14 @@
{ lib, stdenv, fetchFromGitHub, ocamlPackages, why3, python3 }:
{ lib, stdenv, darwin, fetchFromGitHub, ocamlPackages, why3, python3 }:
stdenv.mkDerivation rec {
pname = "easycrypt";
version = "2024.01";
version = "2024.09";
src = fetchFromGitHub {
owner = pname;
repo = pname;
rev = "r${version}";
hash = "sha256-UYDoVMi5TtYxgPq5nkp/oRtcMcHl2p7KAG8ptvuOL5U=";
hash = "sha256-ZGYklG1eXfytRKzFvRSB6jFrOCm1gjyG8W78eMve5Ng=";
};
nativeBuildInputs = with ocamlPackages; [
@ -17,10 +17,12 @@ stdenv.mkDerivation rec {
menhir
ocaml
python3.pkgs.wrapPython
];
] ++ lib.optional stdenv.hostPlatform.isDarwin darwin.sigtool;
buildInputs = with ocamlPackages; [
batteries
dune-build-info
dune-site
inifiles
why3
yojson
@ -32,7 +34,7 @@ stdenv.mkDerivation rec {
strictDeps = true;
postPatch = ''
substituteInPlace dune-project --replace '(name easycrypt)' '(name easycrypt)(version ${version})'
substituteInPlace dune-project --replace-fail '(name easycrypt)' '(name easycrypt)(version ${version})'
'';
pythonPath = with python3.pkgs; [ pyyaml ];

3
pkgs/applications/terminal-emulators/contour/default.nix
View File

@ -99,5 +99,8 @@ stdenv.mkDerivation (final: {
maintainers = with maintainers; [ moni ];
platforms = platforms.unix;
mainProgram = "contour";
# This was caused by boxed-cpp 1.4.2 -> 1.4.3
# More details in issue #345752
broken = true;
};
})

4
pkgs/applications/version-management/git-town/default.nix
View File

@ -2,13 +2,13 @@
buildGoModule rec {
pname = "git-town";
version = "16.2.1";
version = "16.3.0";
src = fetchFromGitHub {
owner = "git-town";
repo = "git-town";
rev = "v${version}";
hash = "sha256-/60n/JvT7XRfEVic6Jmi05WpsAy4mRsE/GAnetTMC1I=";
hash = "sha256-q4bRUz6ZI6y0AYEDMUBMN1YJxmHkIDDkUiMd4rQbDHk=";
};
vendorHash = null;

6
pkgs/applications/version-management/gql/default.nix
View File

@ -9,16 +9,16 @@
rustPlatform.buildRustPackage rec {
pname = "gql";
version = "0.27.0";
version = "0.28.0";
src = fetchFromGitHub {
owner = "AmrDeveloper";
repo = "GQL";
rev = version;
hash = "sha256-/cL/Ts5RbClGqs5D93RTC7A5fr6Ca1c1sNbVZE4zK+E=";
hash = "sha256-BA94Q8nRf4NptVBHSMYLMEklB9vHaXRU1+o7shXhkZQ=";
};
cargoHash = "sha256-o9eTOauQF5sf8UPyG0os2NQLsNkAIUOGhmMsZo6Kncw=";
cargoHash = "sha256-L+o0ZhTI7x01DpGuhWrvzvSZDYHc++31svWTJ41qx90=";
nativeBuildInputs = [
pkg-config

3
pkgs/applications/video/kodi/addons/iagl/default.nix
View File

@ -1,4 +1,4 @@
{ lib, buildKodiAddon, fetchFromGitHub, dateutil, requests, routing, vfs-libarchive, archive_tool, youtube }:
{ lib, buildKodiAddon, fetchFromGitHub, dateutil, requests, routing, vfs-libarchive, archive_tool, youtube, infotagger }:
buildKodiAddon rec {
pname = "iagl";
@ -19,6 +19,7 @@ buildKodiAddon rec {
vfs-libarchive
archive_tool
youtube
infotagger
];
meta = with lib; {

4
pkgs/applications/video/kodi/addons/radioparadise/default.nix
View File

@ -3,11 +3,11 @@
buildKodiAddon rec {
pname = "radioparadise";
namespace = "script.radioparadise";
version = "2.0.0";
version = "2.0.1";
src = fetchzip {
url = "https://mirrors.kodi.tv/addons/${lib.toLower rel}/script.radioparadise/script.radioparadise-${version}.zip";
sha256 = "sha256-eRCP0XMQHmyDrZ8Y6RGFfxQ1r26/bWbE/PJz4PET7D8=";
sha256 = "sha256-osQoOFr1vyTgZdlq1gNmhhDY37e+4SFqN3uX3yT8NQE=";
};
propagatedBuildInputs = [

4
pkgs/applications/video/kodi/addons/youtube/default.nix
View File

@ -3,13 +3,13 @@
buildKodiAddon rec {
pname = "youtube";
namespace = "plugin.video.youtube";
version = "7.0.9.2";
version = "7.1.0";
src = fetchFromGitHub {
owner = "anxdpanic";
repo = "plugin.video.youtube";
rev = "v${version}";
hash = "sha256-42BBvXIrPAAhNgrGyPTK5dgg2DACPTT6/jRUoYcihFA=";
hash = "sha256-I3dSGcPQVVhn4RO8CHtn3FG2dheSv4XiDO7w+MtTjRU=";
};
propagatedBuildInputs = [

4
pkgs/applications/video/mpv/scripts/modernx-zydezu.nix
View File

@ -7,14 +7,14 @@
}:
buildLua (finalAttrs: {
pname = "modernx-zydezu";
version = "0.3.6.6";
version = "0.3.7";
scriptPath = "modernx.lua";
src = fetchFromGitHub {
owner = "zydezu";
repo = "ModernX";
rev = finalAttrs.version;
hash = "sha256-Jt3Y/4no3dUOopjvbS/dBGU0vw9Lq4o5inb4efuyYBM=";
hash = "sha256-slJYbhjNrzwq5rl83HV0Uy7BUK/bbltWSyH0198kSqw=";
};
postInstall = ''

4
pkgs/applications/video/obs-studio/plugins/obs-move-transition.nix
View File

@ -7,13 +7,13 @@
stdenv.mkDerivation rec {
pname = "obs-move-transition";
version = "3.0.2";
version = "3.1.0";
src = fetchFromGitHub {
owner = "exeldro";
repo = "obs-move-transition";
rev = version;
sha256 = "sha256-Vwm0Eyb8MevZtS3PTqnFQAbCj7JuTw9Ju0lS9CZ6rf8=";
sha256 = "sha256-ZmxopTv6YuAZ/GykvMRcP2PQwQk08ObmqZ9kBcR0UH4=";
};
nativeBuildInputs = [ cmake ];

4
pkgs/by-name/ac/actionlint/package.nix
View File

@ -10,7 +10,7 @@
}:
let
version = "1.7.2";
version = "1.7.3";
in
buildGoModule {
pname = "actionlint";
@ -22,7 +22,7 @@ buildGoModule {
owner = "rhysd";
repo = "actionlint";
rev = "v${version}";
hash = "sha256-/VhSmNwAhgAM/506MjI07KBFbkBTLpQfod49ysju+uU=";
hash = "sha256-IwkTiuQ3eTZMn1y0NG1jo9UrX7AmEUBRSGQ/vq/0YL8=";
};
vendorHash = "sha256-SIY79SjYYXW2slUQr2Bm9dLH8K2wE3l/TL3QP0m8GLs=";

6
pkgs/by-name/ai/aiken/package.nix
View File

@ -10,16 +10,16 @@
rustPlatform.buildRustPackage rec {
pname = "aiken";
version = "1.1.3";
version = "1.1.4";
src = fetchFromGitHub {
owner = "aiken-lang";
repo = "aiken";
rev = "v${version}";
hash = "sha256-n373MgPjJzP+yRSQLA07RijFBjbRItK/nX8k7SJ6ITE=";
hash = "sha256-PTC7qn8Z1PGcBTNK5MtMvThIEhmAqTj23B/cHHhiDFE=";
};
cargoHash = "sha256-gQ7DfYyVF6Gk8N+spBd97BWxTwydq+lDbnCsVPPzWLU=";
cargoHash = "sha256-p//1TZJ6sJUUDPPpxRBKL7w7MBTUQppbQedj2x4T17w=";
buildInputs =
[ openssl ]

51
pkgs/by-name/al/almo/package.nix Normal file
View File

@ -0,0 +1,51 @@
{
lib,
fetchFromGitHub,
stdenv,
gcc,
python312Packages,
}:
let
version = "0.9.5-alpha";
in
stdenv.mkDerivation {
pname = "almo";
inherit version;
src = fetchFromGitHub {
owner = "abap34";
repo = "almo";
rev = "refs/tags/v${version}";
sha256 = "sha256-Cz+XDJmdp+utzwm1c7ThTNS6kfNF6r4B16tnGQSCVMc=";
};
buildInputs = [
gcc
python312Packages.pybind11
];
makeFlags = [ "all" ];
# remove darwin-only linker flag on linux
postPatch = lib.optionalString (!stdenv.isDarwin) ''
substituteInPlace scripts/pybind.sh \
--replace-fail " -undefined dynamic_lookup" ""
'';
installPhase = ''
runHook preInstall
mkdir -p $out/bin $out/lib
cp build/almo $out/bin
cp almo.so $out/lib
runHook postInstall
'';
meta = {
description = "ALMO is markdown parser and static site generator";
license = lib.licenses.mit;
platforms = lib.platforms.all;
homepage = "https://github.com/abap34/almo";
maintainers = with lib.maintainers; [ momeemt ];
mainProgram = "almo";
};
}

4
pkgs/by-name/an/ansible-navigator/package.nix
View File

@ -7,7 +7,7 @@
}:
python3Packages.buildPythonApplication rec {
pname = "ansible-navigator";
version = "24.7.0";
version = "24.9.0";
pyproject = true;
disabled = python3Packages.pythonOlder "3.10";
@ -15,7 +15,7 @@ python3Packages.buildPythonApplication rec {
src = fetchPypi {
inherit version;
pname = "ansible_navigator";
hash = "sha256-XMwJzDxo/VZ+0qy5MLg/Kw/7j3V594qfV+T6jeVEWzg=";
hash = "sha256-eW38/n3vh2l2hKrh1xpW2fiB5yOkTnK77AnevDStD7s=";
};
build-system = with python3Packages; [

6
pkgs/by-name/at/atlas/package.nix
View File

@ -2,19 +2,19 @@
buildGoModule rec {
pname = "atlas";
version = "0.27.0";
version = "0.28.0";
src = fetchFromGitHub {
owner = "ariga";
repo = "atlas";
rev = "v${version}";
hash = "sha256-av2WKuEzDhjvqGHIAlNR/Tt8AhqkjLhgcZIpJEKgEVA=";
hash = "sha256-D6dHHTxD2eObmXwYntIOtcPsU1vP+K289n+XVoaGUVc=";
};
modRoot = "cmd/atlas";
proxyVendor = true;
vendorHash = "sha256-wu2WONeL5LNGjn/xaRDPtBBVcvLOxSeelj7a6xxMHTY=";
vendorHash = "sha256-SFG//hc5vLQXC3SeEn4YRcc82PItYZy+TNqzq19sRnI=";
nativeBuildInputs = [ installShellFiles ];

56
pkgs/applications/misc/bibletime/default.nix → pkgs/by-name/bi/bibletime/package.nix
View File

@ -1,20 +1,26 @@
{ lib
, stdenv
, fetchFromGitHub
, cmake
, docbook_xml_dtd_45
, pkg-config
, wrapQtAppsHook
, boost
, clucene_core_2
, docbook_xsl_ns
, perlPackages
, qtbase
, qtsvg
, qttools
, sword
{
lib,
boost,
clucene_core_2,
cmake,
docbook_xml_dtd_45,
docbook_xsl_ns,
fetchFromGitHub,
perlPackages,
pkg-config,
qt5,
stdenv,
sword,
}:
let
inherit (qt5)
qtbase
qtsvg
qttools
wrapQtAppsHook
;
in
stdenv.mkDerivation (finalAttrs: {
pname = "bibletime";
version = "3.0.3";
@ -31,12 +37,12 @@ stdenv.mkDerivation (finalAttrs: {
docbook_xml_dtd_45
pkg-config
wrapQtAppsHook
perlPackages.Po4a
];
buildInputs = [
boost
clucene_core_2
perlPackages.Po4a
qtbase
qtsvg
qttools
@ -49,18 +55,20 @@ stdenv.mkDerivation (finalAttrs: {
'';
cmakeFlags = [
"-DBUILD_HOWTO_PDF=OFF"
"-DBUILD_HANDBOOK_PDF=OFF"
"-DBT_DOCBOOK_XSL_HTML_CHUNK_XSL=${docbook_xsl_ns}/share/xml/docbook-xsl-ns/html/chunk.xsl"
"-DBT_DOCBOOK_XSL_PDF_DOCBOOK_XSL=${docbook_xsl_ns}/share/xml/docbook-xsl-ns/html/chunk.xsl"
(lib.cmakeBool "BUILD_HOWTO_PDF" false)
(lib.cmakeBool "BUILD_HANDBOOK_PDF" false)
(lib.cmakeFeature "BT_DOCBOOK_XSL_HTML_CHUNK_XSL" "${docbook_xsl_ns}/share/xml/docbook-xsl-ns/html/chunk.xsl")
(lib.cmakeFeature "BT_DOCBOOK_XSL_PDF_DOCBOOK_XSL" "${docbook_xsl_ns}/share/xml/docbook-xsl-ns/html/chunk.xsl")
];
meta = with lib; {
strictDeps = true;
meta = {
homepage = "http://www.bibletime.info/";
description = "Powerful cross platform Bible study tool";
license = lib.licenses.gpl2Plus;
mainProgram = "bibletime";
license = licenses.gpl2Plus;
maintainers = with maintainers; [ AndersonTorres ];
platforms = platforms.linux;
maintainers = with lib.maintainers; [ AndersonTorres ];
platforms = lib.platforms.linux;
};
})

3
pkgs/by-name/ca/cairosvg/package.nix Normal file
View File

@ -0,0 +1,3 @@
{ python3Packages }:
python3Packages.toPythonApplication python3Packages.cairosvg

5
pkgs/by-name/cf/cfn-nag/Gemfile Normal file
View File

@ -0,0 +1,5 @@
# frozen_string_literal: true
source 'https://rubygems.org'
gemspec

106
pkgs/by-name/cf/cfn-nag/Gemfile.lock Normal file
View File

@ -0,0 +1,106 @@
PATH
remote: .
specs:
cfn-nag (0.8.10)
aws-sdk-s3 (~> 1.76)
cfn-model (= 0.6.6)
lightly (~> 0.3.2)
logging (~> 2.2.2)
netaddr (~> 2.0.4)
optimist (~> 3.0.0)
rexml
GEM
remote: https://rubygems.org/
specs:
ast (2.4.2)
aws-eventstream (1.3.0)
aws-partitions (1.982.0)
aws-sdk-core (3.209.1)
aws-eventstream (~> 1, >= 1.3.0)
aws-partitions (~> 1, >= 1.651.0)
aws-sigv4 (~> 1.9)
jmespath (~> 1, >= 1.6.1)
aws-sdk-kms (1.94.0)
aws-sdk-core (~> 3, >= 3.207.0)
aws-sigv4 (~> 1.5)
aws-sdk-s3 (1.166.0)
aws-sdk-core (~> 3, >= 3.207.0)
aws-sdk-kms (~> 1)
aws-sigv4 (~> 1.5)
aws-sigv4 (1.10.0)
aws-eventstream (~> 1, >= 1.0.2)
cfn-model (0.6.6)
kwalify (= 0.7.2)
psych (~> 3)
diff-lcs (1.5.1)
docile (1.4.1)
jmespath (1.6.2)
json (2.7.2)
kwalify (0.7.2)
language_server-protocol (3.17.0.3)
lightly (0.3.3)
little-plugger (1.1.4)
logging (2.2.2)
little-plugger (~> 1.1)
multi_json (~> 1.10)
multi_json (1.15.0)
netaddr (2.0.6)
optimist (3.0.1)
parallel (1.26.3)
parser (3.3.5.0)
ast (~> 2.4.1)
racc
psych (3.3.4)
racc (1.8.1)
rainbow (3.1.1)
rake (13.2.1)
regexp_parser (2.9.2)
rexml (3.3.8)
rspec (3.13.0)
rspec-core (~> 3.13.0)
rspec-expectations (~> 3.13.0)
rspec-mocks (~> 3.13.0)
rspec-core (3.13.1)
rspec-support (~> 3.13.0)
rspec-expectations (3.13.3)
diff-lcs (>= 1.2.0, < 2.0)
rspec-support (~> 3.13.0)
rspec-mocks (3.13.1)
diff-lcs (>= 1.2.0, < 2.0)
rspec-support (~> 3.13.0)
rspec-support (3.13.1)
rubocop (1.66.1)
json (~> 2.3)
language_server-protocol (>= 3.17.0)
parallel (~> 1.10)
parser (>= 3.3.0.2)
rainbow (>= 2.2.2, < 4.0)
regexp_parser (>= 2.4, < 3.0)
rubocop-ast (>= 1.32.2, < 2.0)
ruby-progressbar (~> 1.7)
unicode-display_width (>= 2.4.0, < 3.0)
rubocop-ast (1.32.3)
parser (>= 3.3.1.0)
ruby-progressbar (1.13.0)
simplecov (0.22.0)
docile (~> 1.1)
simplecov-html (~> 0.11)
simplecov_json_formatter (~> 0.1)
simplecov-html (0.13.1)
simplecov_json_formatter (0.1.4)
unicode-display_width (2.6.0)
PLATFORMS
arm64-darwin-23
ruby
DEPENDENCIES
cfn-nag!
rake
rspec (~> 3.4)
rubocop
simplecov (~> 0.21)
BUNDLED WITH
2.5.11

536
pkgs/by-name/cf/cfn-nag/gemset.nix Normal file
View File

@ -0,0 +1,536 @@
{
ast = {
groups = [
"default"
"development"
];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "04nc8x27hlzlrr5c2gn7mar4vdr0apw5xg22wp6m8dx3wqr04a0y";
type = "gem";
};
version = "2.4.2";
};
aws-eventstream = {
groups = [ "default" ];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "0gvdg4yx4p9av2glmp7vsxhs0n8fj1ga9kq2xdb8f95j7b04qhzi";
type = "gem";
};
version = "1.3.0";
};
aws-partitions = {
groups = [ "default" ];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "075y2zwfqwg7qb7w34bfvp8dkjcmiz6hx5a3rbhpqglnlkav7ir4";
type = "gem";
};
version = "1.982.0";
};
aws-sdk-core = {
dependencies = [
"aws-eventstream"
"aws-partitions"
"aws-sigv4"
"jmespath"
];
groups = [ "default" ];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "06mrp7g24ndg55w85ndyrvxfx2v6hnkh5fj32w9s6w3xsc8v5kqq";
type = "gem";
};
version = "3.209.1";
};
aws-sdk-kms = {
dependencies = [
"aws-sdk-core"
"aws-sigv4"
];
groups = [ "default" ];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "1acx3bhqkhni3kbl7xnjdgy8raq5y7p0zyniq61bsihzkwcj7imh";
type = "gem";
};
version = "1.94.0";
};
aws-sdk-s3 = {
dependencies = [
"aws-sdk-core"
"aws-sdk-kms"
"aws-sigv4"
];
groups = [ "default" ];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "0zpww3lxpjg8smmznz2nbx5hrpnkzflbasllxjwprkqr56rrrjap";
type = "gem";
};
version = "1.166.0";
};
aws-sigv4 = {
dependencies = [ "aws-eventstream" ];
groups = [ "default" ];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "176zh13m1vhwgys0drlqiw79ljmmx84vva036shsb7rzr4yi36qm";
type = "gem";
};
version = "1.10.0";
};
cfn-model = {
dependencies = [
"kwalify"
"psych"
];
groups = [ "default" ];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "1b3ix36yfnfwyxb4w9ss8a7nc6w15m1wbj3q8rarsqjrs3xj6wjs";
type = "gem";
};
version = "0.6.6";
};
cfn-nag = {
dependencies = [
"aws-sdk-s3"
"cfn-model"
"lightly"
"logging"
"netaddr"
"optimist"
"rexml"
];
groups = [ "default" ];
platforms = [ ];
source = {
path = ./.;
type = "path";
};
version = "0.8.10";
};
diff-lcs = {
groups = [
"default"
"development"
];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "1znxccz83m4xgpd239nyqxlifdb7m8rlfayk6s259186nkgj6ci7";
type = "gem";
};
version = "1.5.1";
};
docile = {
groups = [
"default"
"development"
];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "07pj4z3h8wk4fgdn6s62vw1lwvhj0ac0x10vfbdkr9xzk7krn5cn";
type = "gem";
};
version = "1.4.1";
};
jmespath = {
groups = [ "default" ];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "1cdw9vw2qly7q7r41s7phnac264rbsdqgj4l0h4nqgbjb157g393";
type = "gem";
};
version = "1.6.2";
};
json = {
groups = [
"default"
"development"
];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "0b4qsi8gay7ncmigr0pnbxyb17y3h8kavdyhsh7nrlqwr35vb60q";
type = "gem";
};
version = "2.7.2";
};
kwalify = {
groups = [ "default" ];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "1ngxg3ysq5vip9dn3d32ajc7ly61kdin86hfycm1hkrcvkkn1vjf";
type = "gem";
};
version = "0.7.2";
};
language_server-protocol = {
groups = [
"default"
"development"
];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "0gvb1j8xsqxms9mww01rmdl78zkd72zgxaap56bhv8j45z05hp1x";
type = "gem";
};
version = "3.17.0.3";
};
lightly = {
groups = [ "default" ];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "0sgj2r6j7qxb9vqzkx5isjbphi38rplk4h8838am0cjcpq5h3jb3";
type = "gem";
};
version = "0.3.3";
};
little-plugger = {
groups = [ "default" ];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "1frilv82dyxnlg8k1jhrvyd73l6k17mxc5vwxx080r4x1p04gwym";
type = "gem";
};
version = "1.1.4";
};
logging = {
dependencies = [
"little-plugger"
"multi_json"
];
groups = [ "default" ];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "06j6iaj89h9jhkx1x3hlswqrfnqds8br05xb1qra69dpvbdmjcwn";
type = "gem";
};
version = "2.2.2";
};
multi_json = {
groups = [ "default" ];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "0pb1g1y3dsiahavspyzkdy39j4q377009f6ix0bh1ag4nqw43l0z";
type = "gem";
};
version = "1.15.0";
};
netaddr = {
groups = [ "default" ];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "1d7iccg9cjcsfl0fd0iiqfc5s7yh2602dgscbji5lrn2q879ghz7";
type = "gem";
};
version = "2.0.6";
};
optimist = {
groups = [ "default" ];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "1vg2chy1cfmdj6c1gryl8zvjhhmb3plwgyh1jfnpq4fnfqv7asrk";
type = "gem";
};
version = "3.0.1";
};
parallel = {
groups = [
"default"
"development"
];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "1vy7sjs2pgz4i96v5yk9b7aafbffnvq7nn419fgvw55qlavsnsyq";
type = "gem";
};
version = "1.26.3";
};
parser = {
dependencies = [
"ast"
"racc"
];
groups = [
"default"
"development"
];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "1cqs31cyg2zp8yx2zzm3zkih0j93q870wasbviy2w343nxqvn3pk";
type = "gem";
};
version = "3.3.5.0";
};
psych = {
groups = [ "default" ];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "186i2hc6sfvg4skhqf82kxaf4mb60g65fsif8w8vg1hc9mbyiaph";
type = "gem";
};
version = "3.3.4";
};
racc = {
groups = [
"default"
"development"
];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "0byn0c9nkahsl93y9ln5bysq4j31q8xkf2ws42swighxd4lnjzsa";
type = "gem";
};
version = "1.8.1";
};
rainbow = {
groups = [
"default"
"development"
];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "0smwg4mii0fm38pyb5fddbmrdpifwv22zv3d3px2xx497am93503";
type = "gem";
};
version = "3.1.1";
};
rake = {
groups = [ "development" ];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "17850wcwkgi30p7yqh60960ypn7yibacjjha0av78zaxwvd3ijs6";
type = "gem";
};
version = "13.2.1";
};
regexp_parser = {
groups = [
"default"
"development"
];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "0ik40vcv7mqigsfpqpca36hpmnx0536xa825ai5qlkv3mmkyf9ss";
type = "gem";
};
version = "2.9.2";
};
rexml = {
groups = [ "default" ];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "0rr145mvjgc4n28lfy0gw87aw3ab680h83bdi5i102ik8mixk3zn";
type = "gem";
};
version = "3.3.8";
};
rspec = {
dependencies = [
"rspec-core"
"rspec-expectations"
"rspec-mocks"
];
groups = [ "development" ];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "14xrp8vq6i9zx37vh0yp4h9m0anx9paw200l1r5ad9fmq559346l";
type = "gem";
};
version = "3.13.0";
};
rspec-core = {
dependencies = [ "rspec-support" ];
groups = [
"default"
"development"
];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "0s688wfw77fjldzayvczg8bgwcgh6bh552dw7qcj1rhjk3r4zalx";
type = "gem";
};
version = "3.13.1";
};
rspec-expectations = {
dependencies = [
"diff-lcs"
"rspec-support"
];
groups = [
"default"
"development"
];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "0n3cyrhsa75x5wwvskrrqk56jbjgdi2q1zx0irllf0chkgsmlsqf";
type = "gem";
};
version = "3.13.3";
};
rspec-mocks = {
dependencies = [
"diff-lcs"
"rspec-support"
];
groups = [
"default"
"development"
];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "0f3vgp43hajw716vmgjv6f4ar6f97zf50snny6y3fy9kkj4qjw88";
type = "gem";
};
version = "3.13.1";
};
rspec-support = {
groups = [
"default"
"development"
];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "03z7gpqz5xkw9rf53835pa8a9vgj4lic54rnix9vfwmp2m7pv1s8";
type = "gem";
};
version = "3.13.1";
};
rubocop = {
dependencies = [
"json"
"language_server-protocol"
"parallel"
"parser"
"rainbow"
"regexp_parser"
"rubocop-ast"
"ruby-progressbar"
"unicode-display_width"
];
groups = [ "development" ];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "1rsyxrl647bz49gpa4flh8igg6wy7qxyh2jrp01x0kqnn5iw4y86";
type = "gem";
};
version = "1.66.1";
};
rubocop-ast = {
dependencies = [ "parser" ];
groups = [
"default"
"development"
];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "03zywfpm4540q6hw8srhi8pzp0gg51w65ir8jkaw58vk3j31w820";
type = "gem";
};
version = "1.32.3";
};
ruby-progressbar = {
groups = [
"default"
"development"
];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "0cwvyb7j47m7wihpfaq7rc47zwwx9k4v7iqd9s1xch5nm53rrz40";
type = "gem";
};
version = "1.13.0";
};
simplecov = {
dependencies = [
"docile"
"simplecov-html"
"simplecov_json_formatter"
];
groups = [ "development" ];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "198kcbrjxhhzca19yrdcd6jjj9sb51aaic3b0sc3pwjghg3j49py";
type = "gem";
};
version = "0.22.0";
};
simplecov-html = {
groups = [
"default"
"development"
];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "02zi3rwihp7rlnp9x18c9idnkx7x68w6jmxdhyc0xrhjwrz0pasx";
type = "gem";
};
version = "0.13.1";
};
simplecov_json_formatter = {
groups = [
"default"
"development"
];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "0a5l0733hj7sk51j81ykfmlk2vd5vaijlq9d5fn165yyx3xii52j";
type = "gem";
};
version = "0.1.4";
};
unicode-display_width = {
groups = [
"default"
"development"
];
platforms = [ ];
source = {
remotes = [ "https://rubygems.org" ];
sha256 = "0nkz7fadlrdbkf37m0x7sw8bnz8r355q3vwcfb9f9md6pds9h9qj";
type = "gem";
};
version = "2.6.0";
};
}

17
pkgs/development/tools/cfn-nag/default.nix → pkgs/by-name/cf/cfn-nag/package.nix
View File

@ -1,19 +1,24 @@
{ lib, bundlerEnv, bundlerUpdateScript, ruby }:
{
lib,
bundlerEnv,
bundlerUpdateScript,
ruby,
}:
bundlerEnv {
pname = "cfn-nag";
version = "0.8.9";
version = "0.8.10";
inherit ruby;
gemdir = ./.;
passthru.updateScript = bundlerUpdateScript "cfn-nag";
meta = with lib; {
meta = {
description = "Linting tool for CloudFormation templates";
homepage = "https://github.com/stelligent/cfn_nag";
license = licenses.mit;
maintainers = [ ];
platforms = platforms.unix;
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ momeemt ];
platforms = lib.platforms.unix;
};
}

44
pkgs/by-name/co/cope/package.nix Normal file
View File

@ -0,0 +1,44 @@
{
lib,
fetchFromGitHub,
perl,
perlPackages,
}:
perlPackages.buildPerlPackage {
pname = "cope";
version = "0-unstable-2024-03-27";
src = fetchFromGitHub {
owner = "deftdawg";
repo = "cope";
rev = "ad0c1ebec5684f5ec3e8becf348414292c489175";
hash = "sha256-LMAir7tUkjHtKz+KME/Raa9QHGN1g0bzr56fNxfURQY=";
};
buildInputs = with perlPackages; [
EnvPath
FileShareDir
IOPty
IOStty
ListMoreUtils
RegexpCommon
RegexpIPv6
];
postInstall = ''
mkdir -p $out/bin
mv $out/${perlPackages.perl.libPrefix}/${perlPackages.perl.version}/auto/share/dist/Cope/* $out/bin/
rm -r $out/${perlPackages.perl.libPrefix}/${perlPackages.perl.version}/auto
'';
meta = {
description = "A colourful wrapper for terminal programs";
homepage = "https://github.com/deftdawg/cope";
license = with lib.licenses; [
artistic1
gpl1Plus
];
maintainers = with lib.maintainers; [ deftdawg ];
};
}

6
pkgs/by-name/cp/cpuinfo/package.nix
View File

@ -10,13 +10,13 @@
}:
stdenv.mkDerivation (finalAttrs: {
pname = "cpuinfo";
version = "0-unstable-2024-09-11";
version = "0-unstable-2024-09-26";
src = fetchFromGitHub {
owner = "pytorch";
repo = "cpuinfo";
rev = "a5ff6df40ce528721cfc310c7ed43946d77404d5";
hash = "sha256-JbIEQ6jFprbMpeH8IBhuRo3VXxo8a32lmT4yfxSIEj0=";
rev = "1e83a2fdd3102f65c6f1fb602c1b320486218a99";
hash = "sha256-28cFACca+NYE8oKlP5aWXNCLeEjhWqJ6gRnFI+VxDvg=";
};
passthru.updateScript = nix-update-script { extraArgs = [ "--version=branch" ]; };

6
pkgs/by-name/cr/cryptpad/package.nix
View File

@ -9,7 +9,7 @@
}:
let
version = "2024.6.1";
version = "2024.9.0";
# nix version of install-onlyoffice.sh
# a later version could rebuild from sdkjs/web-apps as per
# https://github.com/cryptpad/onlyoffice-builds/blob/main/build.sh
@ -68,10 +68,10 @@ buildNpmPackage {
owner = "cryptpad";
repo = "cryptpad";
rev = version;
hash = "sha256-qwyXpTY8Ds7R5687PVGZa/rlEyrAZjNzJ4+VQZpF8v0=";
hash = "sha256-OUtWaDVLRUbKS0apwY0aNq4MalGFv+fH9VA7LvWWYRs=";
};
npmDepsHash = "sha256-GSTPsXqe/rxiDh5OW2t+ZY1YRNgRSDxkJ0pvcLIFtFw=";
npmDepsHash = "sha256-pK0b7q1kJja9l8ANwudbfo3jpldwuO56kuulS8X9A5s=";
nativeBuildInputs = [
makeBinaryWrapper

91
pkgs/by-name/ex/exo/package.nix Normal file
View File

@ -0,0 +1,91 @@
{
lib,
stdenv,
fetchFromGitHub,
python3Packages,
}:
python3Packages.buildPythonApplication {
pname = "exo";
version = "0-unstable-2024-10-02";
pyproject = true;
src = fetchFromGitHub {
owner = "exo-explore";
repo = "exo";
rev = "2654f290c3179aa143960e336e8985a8b6f6b72b";
hash = "sha256-jaIeK3sn6Swi20DNnvDtSAIt3DXIN0OQDiozNUHqtjs=";
};
build-system = with python3Packages; [ setuptools ];
pythonRelaxDeps = [
"aiohttp"
"aiofiles"
"blobfile"
"grpcio-tools"
"huggingface-hub"
"numpy"
"protobuf"
"pynvml"
"safetensors"
"tenacity"
"tokenizers"
"transformers"
];
pythonRemoveDeps = [ "uuid" ];
dependencies = with python3Packages; [
aiohttp
aiohttp-cors
aiofiles
blobfile
grpcio
grpcio-tools
hf-transfer
huggingface-hub
jinja2
netifaces
numpy
pillow
prometheus-client
protobuf
psutil
pynvml
requests
rich
safetensors
tailscale
tenacity
tiktoken
tokenizers
tqdm
transformers
tinygrad
];
pythonImportsCheck = [
"exo"
"exo.inference.tinygrad.models"
];
nativeCheckInputs = with python3Packages; [
mlx
pytestCheckHook
];
disabledTestPaths = [
"test/test_tokenizers.py"
];
# Tests require `mlx` which is not supported on linux.
doCheck = stdenv.isDarwin;
meta = {
description = "Run your own AI cluster at home with everyday devices";
homepage = "https://github.com/exo-explore/exo";
license = lib.licenses.gpl3Only;
maintainers = with lib.maintainers; [ GaetanLepage ];
mainProgram = "exo";
};
}

6
pkgs/by-name/ez/eza/package.nix
View File

@ -17,16 +17,16 @@
rustPlatform.buildRustPackage rec {
pname = "eza";
version = "0.20.0";
version = "0.20.1";
src = fetchFromGitHub {
owner = "eza-community";
repo = "eza";
rev = "v${version}";
hash = "sha256-lQEQLINjXGbg9KnqJCQXR/wG50dBTnmWp06wKJi0NE8=";
hash = "sha256-dJrGPxqFfveb7lyCmDU0hnx5TkaDsdJgpKPtWyjj5ls=";
};
cargoHash = "sha256-WT5jwG+c3cSKjAgzlOX3kbtOF3E6NICgGT2BGxcWzDA=";
cargoHash = "sha256-LM+ikA0aiSZmTH5cUcSQ0ikVd9kcADyCOR5qdCD1UJ4=";
nativeBuildInputs = [ cmake pkg-config installShellFiles pandoc ];
buildInputs = [ zlib ]

6
pkgs/by-name/gh/gh-dash/package.nix
View File

@ -7,16 +7,16 @@
buildGoModule rec {
pname = "gh-dash";
version = "4.5.4";
version = "4.7.0";
src = fetchFromGitHub {
owner = "dlvhdr";
repo = "gh-dash";
rev = "v${version}";
hash = "sha256-RGl947fWoifw6+YHykL/k7uie5WqZqEAKWK7NZT+Upo=";
hash = "sha256-+tUG+ReP8y6wI4XZsR2Look4LAwK79CZf9fWUgkx4O0=";
};
vendorHash = "sha256-zrHDxMqIzMQ2En8/sZ0BZjKM8JZrDjrRq9eWisSY3N0=";
vendorHash = "sha256-lqmz+6Cr9U5IBoJ5OeSN6HKY/nKSAmszfvifzbxG7NE=";
ldflags = [
"-s"

5
pkgs/by-name/gm/gmic-qt/package.nix
View File

@ -12,6 +12,7 @@
, libpng
, libsForQt5
, libtiff
, llvmPackages
, ninja
, nix-update-script
, openexr
@ -79,7 +80,9 @@ stdenv.mkDerivation (finalAttrs: {
] ++ (with libsForQt5; [
qtbase
qttools
]) ++ variants.${variant}.extraDeps;
]) ++ lib.optionals stdenv.cc.isClang [
llvmPackages.openmp
] ++ variants.${variant}.extraDeps;
postPatch = ''
patchShebangs \

9
pkgs/by-name/gm/gmic/package.nix
View File

@ -13,9 +13,12 @@
, gnused
, graphicsmagick
, jq
, libX11
, libXext
, libjpeg
, libpng
, libtiff
, llvmPackages
, ninja
, opencv
, openexr
@ -55,18 +58,24 @@ stdenv.mkDerivation (finalAttrs: {
cimg
fftw
graphicsmagick
libX11
libXext
libjpeg
libpng
libtiff
opencv
openexr
zlib
] ++ lib.optionals stdenv.cc.isClang [
llvmPackages.openmp
];
cmakeFlags = [
(lib.cmakeBool "BUILD_LIB_STATIC" false)
(lib.cmakeBool "ENABLE_CURL" false)
(lib.cmakeBool "ENABLE_DYNAMIC_LINKING" true)
(lib.cmakeBool "ENABLE_OPENCV" true)
(lib.cmakeBool "ENABLE_XSHM" true)
(lib.cmakeBool "USE_SYSTEM_CIMG" true)
];

6
pkgs/by-name/go/goldwarden/package.nix
View File

@ -13,13 +13,13 @@
buildGoModule rec {
pname = "goldwarden";
version = "0.3.3";
version = "0.3.4";
src = fetchFromGitHub {
owner = "quexten";
repo = "goldwarden";
rev = "v${version}";
hash = "sha256-s00ZgRmp+0UTp4gpoQgZZqSJMRGsGuUxoX2DEryG+XM=";
hash = "sha256-LAnhCQmyubWeZtTVaW8IoNmfipvMIlAnY4pKwrURPDs=";
};
postPatch = ''
@ -38,7 +38,7 @@ buildGoModule rec {
--replace-fail "@PATH@" "$out/bin/goldwarden"
'';
vendorHash = "sha256-TSmYqLMeS/G1rYNxVfh3uIK9bQJhsd7mos50yIXQoT4=";
vendorHash = "sha256-rMs7FP515aClzt9sjgIQHiYo5SYa2tDHrVRhtT+I8aM=";
ldflags = [ "-s" "-w" ];

22
pkgs/by-name/go/google-chrome/package.nix
View File

@ -44,6 +44,7 @@
nss,
pango,
pipewire,
vulkan-loader,
wayland, # ozone/wayland
# Command line programs
@ -152,6 +153,7 @@ let
speechd-minimal
systemd
util-linux
vulkan-loader
wayland
wget
]
@ -164,11 +166,11 @@ let
linux = stdenv.mkDerivation (finalAttrs: {
inherit pname meta passthru;
version = "129.0.6668.58";
version = "129.0.6668.89";
src = fetchurl {
url = "https://dl.google.com/linux/chrome/deb/pool/main/g/google-chrome-stable/google-chrome-stable_${finalAttrs.version}-1_amd64.deb";
hash = "sha256-lFYGwpdicvp+E4S+sw4+3uFQSwGKvhyFenBZMVgVnMo=";
hash = "sha256-7siTsIW29x4XZ+Zut9b5BFSTtc5tuhxusxnkJPouG1w=";
};
# With strictDeps on, some shebangs were not being patched correctly
@ -209,9 +211,12 @@ let
exe=$out/bin/google-chrome-$dist
mkdir -p $out/bin $out/share
cp -v -a opt/* $out/share
cp -v -a usr/share/* $out/share
cp -a opt/* $out/share
cp -a usr/share/* $out/share
# replace bundled vulkan-loader
rm -v $out/share/google/$appname/libvulkan.so.1
ln -v -s -t "$out/share/google/$appname" "${lib.getLib vulkan-loader}/lib/libvulkan.so.1"
substituteInPlace $out/share/google/$appname/google-$appname \
--replace-fail 'CHROME_WRAPPER' 'WRAPPER'
@ -247,6 +252,9 @@ let
--add-flags "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" \
--add-flags ${lib.escapeShellArg commandLineArgs}
# Make sure that libGL and libvulkan are found by ANGLE libGLESv2.so
patchelf --set-rpath $rpath $out/share/google/$appname/lib*GL*
for elf in $out/share/google/$appname/{chrome,chrome-sandbox,chrome_crashpad_handler}; do
patchelf --set-rpath $rpath $elf
patchelf --set-interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" $elf
@ -258,11 +266,11 @@ let
darwin = stdenvNoCC.mkDerivation (finalAttrs: {
inherit pname meta passthru;
version = "129.0.6668.59";
version = "129.0.6668.90";
src = fetchurl {
url = "http://dl.google.com/release2/chrome/acinjqjzbtmzhvrebvzymzvzfaoq_129.0.6668.59/GoogleChrome-129.0.6668.59.dmg";
hash = "sha256-02J3TpcAsCvsB71C8/bfgIxiqcGIxjKiTWR32On66+g=";
url = "http://dl.google.com/release2/chrome/n4gcpoygckhm4y53qwq7lkpnqu_129.0.6668.90/GoogleChrome-129.0.6668.90.dmg";
hash = "sha256-viQSX8ogY5ywPqgVmMToHdZysxLuC8U78UJ9fIUrGCs=";
};
dontPatch = true;

17
pkgs/development/tools/gotools/default.nix → pkgs/by-name/go/gotools/package.nix
View File

@ -1,15 +1,19 @@
{ lib, buildGoModule, fetchFromGitHub }:
{
lib,
buildGoModule,
fetchFromGitHub,
}:
buildGoModule rec {
pname = "gotools";
version = "0.22.0";
version = "0.25.0";
# using GitHub instead of https://go.googlesource.com/tools because Gitiles UI is to basic to browse
src = fetchFromGitHub {
owner = "golang";
repo = "tools";
rev = "v${version}";
hash = "sha256-qqzvbHFbm6RlqztBnuj7HvMa9Wff1+YUA0fxiM0cx8o=";
hash = "sha256-iM6mGIQF+TOo1iV8hH9/4iOPdNiS9ymPmhslhDVnIIs=";
};
postPatch = ''
@ -18,7 +22,7 @@ buildGoModule rec {
rm -r gopls
'';
vendorHash = "sha256-eQ/T/Zxmzn6KF0ewjvt9TDd48RSsSbQ3LgVcKgdeVbU=";
vendorHash = "sha256-9NSgtranuyRqtBq1oEnHCPIDFOIUJdVh5W/JufqN2Ko=";
doCheck = false;
@ -36,6 +40,9 @@ buildGoModule rec {
'';
homepage = "https://go.googlesource.com/tools";
license = licenses.bsd3;
maintainers = with maintainers; [ SuperSandro2000 ];
maintainers = with maintainers; [
SuperSandro2000
techknowlogick
];
};
}

0
pkgs/development/tools/gotools/setup-hook.sh → pkgs/by-name/go/gotools/setup-hook.sh
View File

4
pkgs/by-name/he/hercules/package.nix
View File

@ -105,13 +105,13 @@ let
in
stdenv.mkDerivation rec {
pname = "hercules";
version = "4.6";
version = "4.7";
src = fetchFromGitHub {
owner = "SDL-Hercules-390";
repo = "hyperion";
rev = "Release_${version}";
hash = "sha256-ZhMTun6tmTsmIiFPTRFudwRXzWydrih61RsLyv0p24U=";
hash = "sha256-5Kvs2OWQrlsRZpmx7vet8GCky5xAISBNAqn+NHgicOM";
};
postPatch = ''

6
pkgs/by-name/hu/hugo/package.nix
View File

@ -10,16 +10,16 @@
buildGoModule rec {
pname = "hugo";
version = "0.134.3";
version = "0.135.0";
src = fetchFromGitHub {
owner = "gohugoio";
repo = "hugo";
rev = "refs/tags/v${version}";
hash = "sha256-rdXiuFWMB+cTK5mhtpabWq8Uf9ihDnkHNG1JnD3rLKE=";
hash = "sha256-WCWaEVD2HON6feOev9HBfpqBWYIFmfevu6LH0OMtv2Q=";
};
vendorHash = "sha256-oDa5uWQ/vFSmTNwZ3zsYtsuLCzddV9DeaEGx5krwWRE=";
vendorHash = "sha256-XIFgmT0VyhRrUNfwy85Ac7YIO9fij0KqVmqb/s3IDVg=";
doCheck = false;

10
pkgs/by-name/im/immersed-vr/package.nix
View File

@ -6,16 +6,16 @@
}:
let
pname = "immersed-vr";
version = "9.10";
version = "10.5.0";
sources = rec {
x86_64-linux = {
url = "https://web.archive.org/web/20240210075929/https://static.immersed.com/dl/Immersed-x86_64.AppImage";
hash = "sha256-Mx8UnV4fZSebj9ah650ZqsL/EIJpM6jl8tYmXJZiJpA=";
url = "https://web.archive.org/web/20240909144905if_/https://static.immersed.com/dl/Immersed-x86_64.AppImage";
hash = "sha256-/fc/URYJZftZPyVicmZjyvcGPLaHrnlsrERlQFN5E98=";
};
x86_64-darwin = {
url = "https://web.archive.org/web/20240210075929/https://static.immersed.com/dl/Immersed.dmg";
hash = "sha256-CR2KylovlS7zerZIEScnadm4+ENNhib5QnS6z5Ihv1Y=";
url = "https://web.archive.org/web/20240910022037if_/https://static.immersed.com/dl/Immersed.dmg";
hash = "sha256-UkfB151bX0D5k0IBZczh36TWOOYJbBe5e6LIErON214=";
};
aarch64-darwin = x86_64-darwin;
};

46
pkgs/by-name/in/invidious-router/package.nix
View File

@ -2,29 +2,33 @@
lib,
buildGoModule,
fetchFromGitLab,
}: let
version = "1.1";
nix-update-script,
}:
let
version = "1.2";
in
buildGoModule {
pname = "invidious-router";
inherit version;
buildGoModule {
pname = "invidious-router";
inherit version;
src = fetchFromGitLab {
owner = "gaincoder";
repo = "invidious-router";
rev = version;
hash = "sha256-t8KQqMPkBbVis1odDcSu+H0uvyvoFqCmtWoHqVRxmfc=";
};
src = fetchFromGitLab {
owner = "gaincoder";
repo = "invidious-router";
rev = "refs/tags/${version}";
hash = "sha256-YcMtZq4VMHr6XqHcsAAEmMF6jF1j1wb7Lq4EK42QAEo=";
};
vendorHash = "sha256-c03vYidm8SkoesRVQZdg/bCp9LIpdTmpXdfwInlHBKk=";
vendorHash = "sha256-c03vYidm8SkoesRVQZdg/bCp9LIpdTmpXdfwInlHBKk=";
doCheck = true;
passthru.updateScript = nix-update-script { };
meta = {
homepage = "https://gitlab.com/gaincoder/invidious-router";
description = "Go application that routes requests to different Invidious instances based on their health status and (optional) response time";
license = with lib.licenses; [mit];
maintainers = with lib.maintainers; [sils];
mainProgram = "invidious-router";
};
}
doCheck = true;
meta = {
homepage = "https://gitlab.com/gaincoder/invidious-router";
description = "Go application that routes requests to different Invidious instances based on their health status and (optional) response time";
license = with lib.licenses; [ mit ];
maintainers = with lib.maintainers; [ sils ];
mainProgram = "invidious-router";
};
}

35
pkgs/applications/networking/cluster/kubelogin-oidc/default.nix → pkgs/by-name/ku/kubelogin-oidc/package.nix
View File

@ -1,31 +1,48 @@
{ lib, buildGoModule, fetchFromGitHub }:
{
lib,
buildGo123Module,
fetchFromGitHub,
}:
buildGoModule rec {
buildGo123Module rec {
pname = "kubelogin";
version = "1.30.0";
version = "1.30.1";
src = fetchFromGitHub {
owner = "int128";
repo = pname;
repo = "kubelogin";
rev = "v${version}";
sha256 = "sha256-DHg46t0gMypK6Nj428gpOMtPuA+XcW4IJU39CHTVGPw=";
hash = "sha256-aoLPT3lX+q426QlxAPsjeQyTZMnmqMGh85jJPU7lQVU=";
};
subPackages = ["."];
subPackages = [ "." ];
ldflags = [
"-s"
"-w"
"-X main.version=v${version}"
];
vendorHash = "sha256-gr+SsC7MiLj/MZ8kca5Hcfge+7Pm4y963TfwyKHEhBY=";
# test all packages
preCheck = ''
unset subPackages
'';
# Rename the binary instead of symlinking to avoid conflict with the
# Azure version of kubelogin
postInstall = ''
mv $out/bin/kubelogin $out/bin/kubectl-oidc_login
'';
meta = with lib; {
meta = {
description = "Kubernetes credential plugin implementing OpenID Connect (OIDC) authentication";
mainProgram = "kubectl-oidc_login";
inherit (src.meta) homepage;
license = licenses.asl20;
maintainers = with maintainers; [ benley ];
license = lib.licenses.asl20;
maintainers = with lib.maintainers; [
benley
nevivurn
];
};
}

12
pkgs/by-name/li/libtorrent/package.nix
View File

@ -10,18 +10,18 @@
, openssl
, pkg-config
, zlib
, unstableGitUpdater
, gitUpdater
}:
stdenv.mkDerivation {
stdenv.mkDerivation rec {
pname = "rakshasa-libtorrent";
version = "0.13.8-unstable-2024-09-01";
version = "0.14.0";
src = fetchFromGitHub {
owner = "rakshasa";
repo = "libtorrent";
rev = "ca6eed1c7e7985016689004eaeed2fb2a119e5f8";
hash = "sha256-Hu0/T5NG7h+COLoOsfi2Uy0BVUPiEhkMhUhFo/JqZq0=";
rev = "v${version}";
hash = "sha256-MDLAp7KFmVvHL+haWVYwWG8gnLkTh6g19ydRkbu9cIs=";
};
nativeBuildInputs = [
@ -37,7 +37,7 @@ stdenv.mkDerivation {
zlib
];
passthru.updateScript = unstableGitUpdater { tagPrefix = "v"; };
passthru.updateScript = gitUpdater { tagPrefix = "v"; };
enableParallelBuilding = true;

49
pkgs/by-name/lo/local-ai/lib.nix
View File

@ -1,30 +1,39 @@
{ lib
, writers
, writeText
, linkFarmFromDrvs
}: {
genModels = configs:
{
lib,
writers,
writeText,
linkFarmFromDrvs,
}:
{
genModels =
configs:
let
name = lib.strings.sanitizeDerivationName
(builtins.concatStringsSep "_" ([ "local-ai-models" ] ++ (builtins.attrNames configs)));
name = lib.strings.sanitizeDerivationName (
builtins.concatStringsSep "_" ([ "local-ai-models" ] ++ (builtins.attrNames configs))
);
genModelFiles = name: config:
genModelFiles =
name: config:
let
templateName = type: name + "_" + type;
config' = lib.recursiveUpdate config ({
inherit name;
} // lib.optionalAttrs (lib.isDerivation config.parameters.model) {
parameters.model = config.parameters.model.name;
} // lib.optionalAttrs (config ? template) {
template = builtins.mapAttrs (n: _: templateName n) config.template;
});
config' = lib.recursiveUpdate config (
{
inherit name;
}
// lib.optionalAttrs (lib.isDerivation config.parameters.model) {
parameters.model = config.parameters.model.name;
}
// lib.optionalAttrs (config ? template) {
template = builtins.mapAttrs (n: _: templateName n) config.template;
}
);
in
[ (writers.writeYAML "${name}.yaml" config') ]
++ lib.optional (lib.isDerivation config.parameters.model)
config.parameters.model
++ lib.optionals (config ? template)
(lib.mapAttrsToList (n: writeText "${templateName n}.tmpl") config.template);
++ lib.optional (lib.isDerivation config.parameters.model) config.parameters.model
++ lib.optionals (config ? template) (
lib.mapAttrsToList (n: writeText "${templateName n}.tmpl") config.template
);
in
linkFarmFromDrvs name (lib.flatten (lib.mapAttrsToList genModelFiles configs));
}

37
pkgs/by-name/lo/local-ai/module.nix
View File

@ -1,4 +1,9 @@
{ pkgs, config, lib, ... }:
{
pkgs,
config,
lib,
...
}:
let
cfg = config.services.local-ai;
inherit (lib) mkOption types;
@ -35,7 +40,13 @@ in
};
logLevel = mkOption {
type = types.enum [ "error" "warn" "info" "debug" "trace" ];
type = types.enum [
"error"
"warn"
"info"
"debug"
"trace"
];
default = "warn";
};
};
@ -46,16 +57,18 @@ in
environment.LLAMACPP_PARALLEL = toString cfg.parallelRequests;
serviceConfig = {
DynamicUser = true;
ExecStart = lib.escapeShellArgs ([
"${cfg.package}/bin/local-ai"
"--address=:${toString cfg.port}"
"--threads=${toString cfg.threads}"
"--localai-config-dir=."
"--models-path=${cfg.models}"
"--log-level=${cfg.logLevel}"
]
++ lib.optional (cfg.parallelRequests > 1) "--parallel-requests"
++ cfg.extraArgs);
ExecStart = lib.escapeShellArgs (
[
"${cfg.package}/bin/local-ai"
"--address=:${toString cfg.port}"
"--threads=${toString cfg.threads}"
"--localai-config-dir=."
"--models-path=${cfg.models}"
"--log-level=${cfg.logLevel}"
]
++ lib.optional (cfg.parallelRequests > 1) "--parallel-requests"
++ cfg.extraArgs
);
RuntimeDirectory = "local-ai";
WorkingDirectory = "%t/local-ai";
};

479
pkgs/by-name/lo/local-ai/package.nix
View File

@ -1,71 +1,87 @@
{ config
, callPackages
, stdenv
, lib
, addDriverRunpath
, fetchFromGitHub
, protobuf
, protoc-gen-go
, protoc-gen-go-grpc
, grpc
, openssl
, llama-cpp
{
config,
callPackages,
stdenv,
lib,
addDriverRunpath,
fetchFromGitHub,
protobuf,
protoc-gen-go,
protoc-gen-go-grpc,
grpc,
openssl,
llama-cpp,
# needed for audio-to-text
, ffmpeg
, cmake
, pkg-config
, buildGoModule
, makeWrapper
, ncurses
, which
ffmpeg,
cmake,
pkg-config,
buildGoModule,
makeWrapper,
ncurses,
which,
, enable_upx ? true
, upx
enable_upx ? true,
upx,
# apply feature parameter names according to
# https://github.com/NixOS/rfcs/pull/169
# CPU extensions
, enable_avx ? true
, enable_avx2 ? true
, enable_avx512 ? stdenv.hostPlatform.avx512Support
, enable_f16c ? true
, enable_fma ? true
enable_avx ? true,
enable_avx2 ? true,
enable_avx512 ? stdenv.hostPlatform.avx512Support,
enable_f16c ? true,
enable_fma ? true,
, with_openblas ? false
, openblas
with_openblas ? false,
openblas,
, with_cublas ? config.cudaSupport
, cudaPackages
with_cublas ? config.cudaSupport,
cudaPackages,
, with_clblas ? false
, clblast
, ocl-icd
, opencl-headers
with_clblas ? false,
clblast,
ocl-icd,
opencl-headers,
, with_tinydream ? false # do not compile with cublas
, ncnn
with_tinydream ? false, # do not compile with cublas
ncnn,
, with_stablediffusion ? true
, opencv
with_stablediffusion ? true,
opencv,
, with_tts ? true
, onnxruntime
, sonic
, spdlog
, fmt
, espeak-ng
, piper-tts
with_tts ? true,
onnxruntime,
sonic,
spdlog,
fmt,
espeak-ng,
piper-tts,
}:
let
BUILD_TYPE =
assert (lib.count lib.id [ with_openblas with_cublas with_clblas ]) <= 1;
if with_openblas then "openblas"
else if with_cublas then "cublas"
else if with_clblas then "clblas"
else "";
assert
(lib.count lib.id [
with_openblas
with_cublas
with_clblas
]) <= 1;
if with_openblas then
"openblas"
else if with_cublas then
"cublas"
else if with_clblas then
"clblas"
else
"";
inherit (cudaPackages) libcublas cuda_nvcc cuda_cccl cuda_cudart libcufft;
inherit (cudaPackages)
libcublas
cuda_nvcc
cuda_cccl
cuda_cudart
libcufft
;
go-llama = effectiveStdenv.mkDerivation {
name = "go-llama";
@ -81,13 +97,21 @@ let
"BUILD_TYPE=${BUILD_TYPE}"
];
buildInputs = [ ]
++ lib.optionals with_cublas [ cuda_cccl cuda_cudart libcublas ]
++ lib.optionals with_clblas [ clblast ocl-icd opencl-headers ]
buildInputs =
[ ]
++ lib.optionals with_cublas [
cuda_cccl
cuda_cudart
libcublas
]
++ lib.optionals with_clblas [
clblast
ocl-icd
opencl-headers
]
++ lib.optionals with_openblas [ openblas.dev ];
nativeBuildInputs = [ cmake ]
++ lib.optionals with_cublas [ cuda_nvcc ];
nativeBuildInputs = [ cmake ] ++ lib.optionals with_cublas [ cuda_nvcc ];
dontUseCmakeConfigure = true;
@ -98,82 +122,70 @@ let
'';
};
llama-cpp-rpc = (llama-cpp-grpc.overrideAttrs (prev: {
name = "llama-cpp-rpc";
cmakeFlags = prev.cmakeFlags ++ [
(lib.cmakeBool "GGML_AVX" false)
(lib.cmakeBool "GGML_AVX2" false)
(lib.cmakeBool "GGML_AVX512" false)
(lib.cmakeBool "GGML_FMA" false)
(lib.cmakeBool "GGML_F16C" false)
];
})).override {
cudaSupport = false;
openclSupport = false;
blasSupport = false;
rpcSupport = true;
};
llama-cpp-rpc =
(llama-cpp-grpc.overrideAttrs (prev: {
name = "llama-cpp-rpc";
cmakeFlags = prev.cmakeFlags ++ [
(lib.cmakeBool "GGML_AVX" false)
(lib.cmakeBool "GGML_AVX2" false)
(lib.cmakeBool "GGML_AVX512" false)
(lib.cmakeBool "GGML_FMA" false)
(lib.cmakeBool "GGML_F16C" false)
];
})).override
{
cudaSupport = false;
openclSupport = false;
blasSupport = false;
rpcSupport = true;
};
llama-cpp-grpc = (llama-cpp.overrideAttrs (final: prev: {
name = "llama-cpp-grpc";
src = fetchFromGitHub {
owner = "ggerganov";
repo = "llama.cpp";
rev = "ed9d2854c9de4ae1f448334294e61167b04bec2a";
hash = "sha256-Xu2h9Zu+Q9utfFFmDWBOEu/EXth4xWRNoTMvPF5Fo/A=";
fetchSubmodules = true;
};
postPatch = prev.postPatch + ''
cd examples
cp -r --no-preserve=mode ${src}/backend/cpp/llama grpc-server
cp llava/clip.* llava/llava.* grpc-server
printf "\nadd_subdirectory(grpc-server)" >> CMakeLists.txt
llama-cpp-grpc =
(llama-cpp.overrideAttrs (
final: prev: {
name = "llama-cpp-grpc";
src = fetchFromGitHub {
owner = "ggerganov";
repo = "llama.cpp";
rev = "fc54ef0d1c138133a01933296d50a36a1ab64735";
hash = "sha256-o87EhrA2Oa98pwyb6GSUgwERY0/GWJiX7kvlxDv4zb4=";
fetchSubmodules = true;
};
postPatch =
prev.postPatch
+ ''
cd examples
cp -r --no-preserve=mode ${src}/backend/cpp/llama grpc-server
cp llava/clip.* llava/llava.* grpc-server
printf "\nadd_subdirectory(grpc-server)" >> CMakeLists.txt
cp ${src}/backend/backend.proto grpc-server
sed -i grpc-server/CMakeLists.txt \
-e '/get_filename_component/ s;[.\/]*backend/;;' \
-e '$a\install(TARGETS ''${TARGET} RUNTIME)'
cd ..
'';
cmakeFlags = prev.cmakeFlags ++ [
(lib.cmakeBool "BUILD_SHARED_LIBS" false)
(lib.cmakeBool "GGML_AVX" enable_avx)
(lib.cmakeBool "GGML_AVX2" enable_avx2)
(lib.cmakeBool "GGML_AVX512" enable_avx512)
(lib.cmakeBool "GGML_FMA" enable_fma)
(lib.cmakeBool "GGML_F16C" enable_f16c)
];
buildInputs = prev.buildInputs ++ [
protobuf # provides also abseil_cpp as propagated build input
grpc
openssl
];
})).override {
cudaSupport = with_cublas;
rocmSupport = false;
openclSupport = with_clblas;
blasSupport = with_openblas;
};
gpt4all = stdenv.mkDerivation {
name = "gpt4all";
src = fetchFromGitHub {
owner = "nomic-ai";
repo = "gpt4all";
rev = "27a8b020c36b0df8f8b82a252d261cda47cf44b8";
hash = "sha256-djq1eK6ncvhkO3MNDgasDBUY/7WWcmZt/GJsHAulLdI=";
fetchSubmodules = true;
};
makeFlags = [ "-C gpt4all-bindings/golang" ];
buildFlags = [ "libgpt4all.a" ];
dontUseCmakeConfigure = true;
nativeBuildInputs = [ cmake ];
installPhase = ''
mkdir $out
tar cf - --exclude=CMakeFiles . \
| tar xf - -C $out
'';
};
cp ${src}/backend/backend.proto grpc-server
sed -i grpc-server/CMakeLists.txt \
-e '/get_filename_component/ s;[.\/]*backend/;;' \
-e '$a\install(TARGETS ''${TARGET} RUNTIME)'
cd ..
'';
cmakeFlags = prev.cmakeFlags ++ [
(lib.cmakeBool "BUILD_SHARED_LIBS" false)
(lib.cmakeBool "GGML_AVX" enable_avx)
(lib.cmakeBool "GGML_AVX2" enable_avx2)
(lib.cmakeBool "GGML_AVX512" enable_avx512)
(lib.cmakeBool "GGML_FMA" enable_fma)
(lib.cmakeBool "GGML_F16C" enable_f16c)
];
buildInputs = prev.buildInputs ++ [
protobuf # provides also abseil_cpp as propagated build input
grpc
openssl
];
}
)).override
{
cudaSupport = with_cublas;
rocmSupport = false;
openclSupport = with_clblas;
blasSupport = with_openblas;
};
espeak-ng' = espeak-ng.overrideAttrs (self: {
name = "espeak-ng'";
@ -199,8 +211,14 @@ let
name = "piper-phonemize";
inherit (go-piper) src;
sourceRoot = "${go-piper.src.name}/piper-phonemize";
buildInputs = [ espeak-ng' onnxruntime ];
nativeBuildInputs = [ cmake pkg-config ];
buildInputs = [
espeak-ng'
onnxruntime
];
nativeBuildInputs = [
cmake
pkg-config
];
cmakeFlags = [
(lib.cmakeFeature "ONNXRUNTIME_DIR" "${onnxruntime.dev}")
(lib.cmakeFeature "ESPEAK_NG_DIR" "${espeak-ng'}")
@ -240,7 +258,15 @@ let
-e '/CXXFLAGS *= / s;$; -DSPDLOG_FMT_EXTERNAL=1;'
'';
buildFlags = [ "libpiper_binding.a" ];
buildInputs = [ piper-tts' espeak-ng' piper-phonemize sonic fmt spdlog onnxruntime ];
buildInputs = [
piper-tts'
espeak-ng'
piper-phonemize
sonic
fmt
spdlog
onnxruntime
];
installPhase = ''
cp -r --no-preserve=mode $src $out
mkdir -p $out/piper-phonemize/pi
@ -273,16 +299,28 @@ let
src = fetchFromGitHub {
owner = "ggerganov";
repo = "whisper.cpp";
rev = "6739eb83c3ca5cf40d24c6fe8442a761a1eb6248";
hash = "sha256-1yDdJVjIwYDJKn93zn4xOJXMoDTqaG2TvakjdHIMCxk=";
rev = "9e3c5345cd46ea718209db53464e426c3fe7a25e";
hash = "sha256-JOptyveuaKRLzeZ6GuB3A70IM7dk4we95g5o25XVXJI=";
};
nativeBuildInputs = [ cmake pkg-config ]
++ lib.optionals with_cublas [ cuda_nvcc ];
nativeBuildInputs = [
cmake
pkg-config
] ++ lib.optionals with_cublas [ cuda_nvcc ];
buildInputs = [ ]
++ lib.optionals with_cublas [ cuda_cccl cuda_cudart libcublas libcufft ]
++ lib.optionals with_clblas [ clblast ocl-icd opencl-headers ]
buildInputs =
[ ]
++ lib.optionals with_cublas [
cuda_cccl
cuda_cudart
libcublas
libcufft
]
++ lib.optionals with_clblas [
clblast
ocl-icd
opencl-headers
]
++ lib.optionals with_openblas [ openblas.dev ];
cmakeFlags = [
@ -379,25 +417,26 @@ let
meta.broken = lib.versionOlder go-tiny-dream.stdenv.cc.version "13";
};
GO_TAGS = lib.optional with_tinydream "tinydream"
GO_TAGS =
lib.optional with_tinydream "tinydream"
++ lib.optional with_tts "tts"
++ lib.optional with_stablediffusion "stablediffusion";
effectiveStdenv =
if with_cublas then
# It's necessary to consistently use backendStdenv when building with CUDA support,
# otherwise we get libstdc++ errors downstream.
# It's necessary to consistently use backendStdenv when building with CUDA support,
# otherwise we get libstdc++ errors downstream.
cudaPackages.backendStdenv
else
stdenv;
pname = "local-ai";
version = "2.19.4";
version = "2.20.1";
src = fetchFromGitHub {
owner = "go-skynet";
repo = "LocalAI";
rev = "v${version}";
hash = "sha256-aKq6/DI+4+BvIEw6eONqPr3mZXuz7rMFN+FBypVj0Gc=";
hash = "sha256-FeZZC0Tg9JT9Yj0e27GOLSdHEtWl17AHK3j7epwPyY8=";
};
prepare-sources =
@ -407,53 +446,67 @@ let
''
mkdir sources
${cp} ${go-llama} sources/go-llama.cpp
${cp} ${gpt4all} sources/gpt4all
${cp} ${if with_tts then go-piper else go-piper.src} sources/go-piper
${cp} ${go-rwkv} sources/go-rwkv.cpp
${cp} ${whisper-cpp.src} sources/whisper.cpp
cp ${whisper-cpp}/lib/lib*.a sources/whisper.cpp
${cp} ${go-bert} sources/go-bert.cpp
${cp} ${if with_stablediffusion then go-stable-diffusion else go-stable-diffusion.src} sources/go-stable-diffusion
${cp} ${
if with_stablediffusion then go-stable-diffusion else go-stable-diffusion.src
} sources/go-stable-diffusion
${cp} ${if with_tinydream then go-tiny-dream else go-tiny-dream.src} sources/go-tiny-dream
'';
self = buildGoModule.override { stdenv = effectiveStdenv; } {
inherit pname version src;
vendorHash = "sha256-HEKE75+ixuNbM+KEuhbQQ/NYYEzVlGYOttPavftWKhk=";
vendorHash = "sha256-mDxp5frUIECSHKjxaJVqIP7mnIusvdT45Xlxc9+P5tE=";
env.NIX_CFLAGS_COMPILE = lib.optionalString with_stablediffusion " -isystem ${opencv}/include/opencv4";
postPatch = ''
sed -i Makefile \
-e '/mod download/ d' \
-e '/^ALL_GRPC_BACKENDS+=backend-assets\/grpc\/llama-cpp-fallback/ d' \
-e '/^ALL_GRPC_BACKENDS+=backend-assets\/grpc\/llama-cpp-avx/ d' \
-e '/^ALL_GRPC_BACKENDS+=backend-assets\/grpc\/llama-cpp-cuda/ d' \
postPatch =
''
sed -i Makefile \
-e '/mod download/ d' \
-e '/^ALL_GRPC_BACKENDS+=backend-assets\/grpc\/llama-cpp-fallback/ d' \
-e '/^ALL_GRPC_BACKENDS+=backend-assets\/grpc\/llama-cpp-avx/ d' \
-e '/^ALL_GRPC_BACKENDS+=backend-assets\/grpc\/llama-cpp-cuda/ d' \
'' + lib.optionalString with_cublas ''
sed -i Makefile \
-e '/^CGO_LDFLAGS_WHISPER?=/ s;$;-L${libcufft}/lib -L${cuda_cudart}/lib;'
'';
''
+ lib.optionalString with_cublas ''
sed -i Makefile \
-e '/^CGO_LDFLAGS_WHISPER?=/ s;$;-L${libcufft}/lib -L${cuda_cudart}/lib;'
'';
postConfigure = prepare-sources + ''
shopt -s extglob
mkdir -p backend-assets/grpc
cp ${llama-cpp-grpc}/bin/grpc-server backend-assets/grpc/llama-cpp-avx2
cp ${llama-cpp-rpc}/bin/grpc-server backend-assets/grpc/llama-cpp-grpc
postConfigure =
prepare-sources
+ ''
shopt -s extglob
mkdir -p backend-assets/grpc
cp ${llama-cpp-grpc}/bin/grpc-server backend-assets/grpc/llama-cpp-avx2
cp ${llama-cpp-rpc}/bin/grpc-server backend-assets/grpc/llama-cpp-grpc
mkdir -p backend/cpp/llama/llama.cpp
mkdir -p backend/cpp/llama/llama.cpp
mkdir -p backend-assets/util
cp ${llama-cpp-rpc}/bin/llama-rpc-server backend-assets/util/llama-cpp-rpc-server
mkdir -p backend-assets/util
cp ${llama-cpp-rpc}/bin/llama-rpc-server backend-assets/util/llama-cpp-rpc-server
# avoid rebuild of prebuilt make targets
touch backend-assets/grpc/* backend-assets/util/* sources/**/lib*.a
'';
# avoid rebuild of prebuilt make targets
touch backend-assets/grpc/* backend-assets/util/* sources/**/lib*.a
'';
buildInputs = [ ]
++ lib.optionals with_cublas [ cuda_cudart libcublas libcufft ]
++ lib.optionals with_clblas [ clblast ocl-icd opencl-headers ]
buildInputs =
[ ]
++ lib.optionals with_cublas [
cuda_cudart
libcublas
libcufft
]
++ lib.optionals with_clblas [
clblast
ocl-icd
opencl-headers
]
++ lib.optionals with_openblas [ openblas.dev ]
++ lib.optionals with_stablediffusion go-stable-diffusion.buildInputs
++ lib.optionals with_tts go-piper.buildInputs;
@ -465,16 +518,16 @@ let
makeWrapper
ncurses # tput
which
]
++ lib.optional enable_upx upx
++ lib.optionals with_cublas [ cuda_nvcc ];
] ++ lib.optional enable_upx upx ++ lib.optionals with_cublas [ cuda_nvcc ];
enableParallelBuilding = false;
modBuildPhase = prepare-sources + ''
make protogen-go
go mod tidy -v
'';
modBuildPhase =
prepare-sources
+ ''
make protogen-go
go mod tidy -v
'';
proxyVendor = true;
@ -482,12 +535,13 @@ let
# containing spaces
env.GO_TAGS = builtins.concatStringsSep " " GO_TAGS;
makeFlags = [
"VERSION=v${version}"
"BUILD_TYPE=${BUILD_TYPE}"
]
++ lib.optional with_cublas "CUDA_LIBPATH=${cuda_cudart}/lib"
++ lib.optional with_tts "PIPER_CGO_CXXFLAGS=-DSPDLOG_FMT_EXTERNAL=1";
makeFlags =
[
"VERSION=v${version}"
"BUILD_TYPE=${BUILD_TYPE}"
]
++ lib.optional with_cublas "CUDA_LIBPATH=${cuda_cudart}/lib"
++ lib.optional with_tts "PIPER_CGO_CXXFLAGS=-DSPDLOG_FMT_EXTERNAL=1";
buildPhase = ''
runHook preBuild
@ -516,18 +570,25 @@ let
# raises an segmentation fault
postFixup =
let
LD_LIBRARY_PATH = [ ]
LD_LIBRARY_PATH =
[ ]
++ lib.optionals with_cublas [
# driverLink has to be first to avoid loading the stub version of libcuda.so
# https://github.com/NixOS/nixpkgs/issues/320145#issuecomment-2190319327
addDriverRunpath.driverLink
(lib.getLib libcublas)
cuda_cudart
]
++ lib.optionals with_clblas [ clblast ocl-icd ]
# driverLink has to be first to avoid loading the stub version of libcuda.so
# https://github.com/NixOS/nixpkgs/issues/320145#issuecomment-2190319327
addDriverRunpath.driverLink
(lib.getLib libcublas)
cuda_cudart
]
++ lib.optionals with_clblas [
clblast
ocl-icd
]
++ lib.optionals with_openblas [ openblas ]
++ lib.optionals with_tts [ piper-phonemize ]
++ lib.optionals (with_tts && enable_upx) [ fmt spdlog ];
++ lib.optionals (with_tts && enable_upx) [
fmt
spdlog
];
in
''
wrapProgram $out/bin/${pname} \
@ -537,15 +598,30 @@ let
passthru.local-packages = {
inherit
go-tiny-dream go-rwkv go-bert go-llama gpt4all go-piper
llama-cpp-grpc whisper-cpp go-tiny-dream-ncnn espeak-ng' piper-phonemize
piper-tts' llama-cpp-rpc;
go-tiny-dream
go-rwkv
go-bert
go-llama
go-piper
llama-cpp-grpc
whisper-cpp
go-tiny-dream-ncnn
espeak-ng'
piper-phonemize
piper-tts'
llama-cpp-rpc
;
};
passthru.features = {
inherit
with_cublas with_openblas with_tts with_stablediffusion
with_tinydream with_clblas;
with_cublas
with_openblas
with_tts
with_stablediffusion
with_tinydream
with_clblas
;
};
passthru.tests = callPackages ./tests.nix { inherit self; };
@ -555,7 +631,10 @@ let
description = "OpenAI alternative to run local LLMs, image and audio generation";
homepage = "https://localai.io";
license = licenses.mit;
maintainers = with maintainers; [ onny ck3d ];
maintainers = with maintainers; [
onny
ck3d
];
platforms = platforms.linux;
};
};

203
pkgs/by-name/lo/local-ai/tests.nix
View File

@ -1,23 +1,26 @@
{ self
, lib
, testers
, fetchzip
, fetchurl
, writers
, symlinkJoin
, jq
, prom2json
{
self,
lib,
testers,
fetchzip,
fetchurl,
writers,
symlinkJoin,
jq,
prom2json,
}:
let
common-config = { config, ... }: {
imports = [ ./module.nix ];
services.local-ai = {
enable = true;
package = self;
threads = config.virtualisation.cores;
logLevel = "debug";
common-config =
{ config, ... }:
{
imports = [ ./module.nix ];
services.local-ai = {
enable = true;
package = self;
threads = config.virtualisation.cores;
logLevel = "debug";
};
};
};
inherit (self.lib) genModels;
in
@ -73,7 +76,9 @@ in
virtualisation.memorySize = 2048;
services.local-ai.models = models;
};
passthru = { inherit models requests; };
passthru = {
inherit models requests;
};
testScript =
let
port = "8080";
@ -93,7 +98,8 @@ in
'';
};
} // lib.optionalAttrs (!self.features.with_cublas && !self.features.with_clblas) {
}
// lib.optionalAttrs (!self.features.with_cublas && !self.features.with_clblas) {
# https://localai.io/docs/getting-started/manual/
llama =
let
@ -146,7 +152,12 @@ in
# https://localai.io/features/text-generation/#chat-completions
chat-completions = {
inherit model;
messages = [{ role = "user"; content = "1 + 2 = ?"; }];
messages = [
{
role = "user";
content = "1 + 2 = ?";
}
];
};
# https://localai.io/features/text-generation/#edit-completions
edit-completions = {
@ -172,7 +183,9 @@ in
# TODO: Add test case parallel requests
services.local-ai.parallelRequests = 2;
};
passthru = { inherit models requests; };
passthru = {
inherit models requests;
};
testScript =
let
port = "8080";
@ -196,80 +209,88 @@ in
machine.succeed("curl -f http://localhost:${port}/v1/completions --json @${writers.writeJSON "request-completions.json" requests.completions} --output completions.json")
machine.copy_from_vm("completions.json")
machine.succeed("${jq}/bin/jq --exit-status 'debug | .object ==\"text_completion\"' completions.json")
machine.succeed("${jq}/bin/jq --exit-status '.usage.completion_tokens | debug == ${toString model-configs.${model}.parameters.max_tokens}' completions.json")
machine.succeed("${jq}/bin/jq --exit-status '.usage.completion_tokens | debug == ${
toString model-configs.${model}.parameters.max_tokens
}' completions.json")
machine.succeed("${prom2json}/bin/prom2json http://localhost:${port}/metrics > metrics.json")
machine.copy_from_vm("metrics.json")
'';
};
} // lib.optionalAttrs (self.features.with_tts && !self.features.with_cublas && !self.features.with_clblas) {
# https://localai.io/features/text-to-audio/#piper
tts =
let
model-stt = "whisper-en";
model-configs.${model-stt} = {
backend = "whisper";
parameters.model = fetchurl {
url = "https://huggingface.co/ggerganov/whisper.cpp/resolve/main/ggml-tiny.en-q5_1.bin";
hash = "sha256-x3xXZvHO8JtrfUfyG1Rsvd1BV4hrO11tT3CekeZsfCs=";
};
};
model-tts = "piper-en";
model-configs.${model-tts} = {
backend = "piper";
parameters.model = "en-us-danny-low.onnx";
};
models =
let
models = genModels model-configs;
in
symlinkJoin {
inherit (models) name;
paths = [
models
(fetchzip {
url = "https://github.com/rhasspy/piper/releases/download/v0.0.2/voice-en-us-danny-low.tar.gz";
hash = "sha256-5wf+6H5HeQY0qgdqnAG1vSqtjIFM9lXH53OgouuPm0M=";
stripRoot = false;
})
];
};
requests.request = {
model = model-tts;
input = "Hello, how are you?";
};
in
testers.runNixOSTest {
name = self.name + "-tts";
nodes.machine = {
imports = [ common-config ];
virtualisation.cores = 2;
services.local-ai.models = models;
};
passthru = { inherit models requests; };
testScript =
let
port = "8080";
in
''
machine.wait_for_open_port(${port})
machine.succeed("curl -f http://localhost:${port}/readyz")
machine.succeed("curl -f http://localhost:${port}/v1/models --output models.json")
machine.succeed("${jq}/bin/jq --exit-status 'debug' models.json")
machine.succeed("curl -f http://localhost:${port}/tts --json @${writers.writeJSON "request.json" requests.request} --output out.wav")
machine.copy_from_vm("out.wav")
machine.succeed("curl -f http://localhost:${port}/v1/audio/transcriptions --header 'Content-Type: multipart/form-data' --form file=@out.wav --form model=${model-stt} --output transcription.json")
machine.copy_from_vm("transcription.json")
machine.succeed("${jq}/bin/jq --exit-status 'debug | .segments | first.text == \"${requests.request.input}\"' transcription.json")
machine.succeed("${prom2json}/bin/prom2json http://localhost:${port}/metrics > metrics.json")
machine.copy_from_vm("metrics.json")
'';
};
}
//
lib.optionalAttrs
(self.features.with_tts && !self.features.with_cublas && !self.features.with_clblas)
{
# https://localai.io/features/text-to-audio/#piper
tts =
let
model-stt = "whisper-en";
model-configs.${model-stt} = {
backend = "whisper";
parameters.model = fetchurl {
url = "https://huggingface.co/ggerganov/whisper.cpp/resolve/main/ggml-tiny.en-q5_1.bin";
hash = "sha256-x3xXZvHO8JtrfUfyG1Rsvd1BV4hrO11tT3CekeZsfCs=";
};
};
model-tts = "piper-en";
model-configs.${model-tts} = {
backend = "piper";
parameters.model = "en-us-danny-low.onnx";
};
models =
let
models = genModels model-configs;
in
symlinkJoin {
inherit (models) name;
paths = [
models
(fetchzip {
url = "https://github.com/rhasspy/piper/releases/download/v0.0.2/voice-en-us-danny-low.tar.gz";
hash = "sha256-5wf+6H5HeQY0qgdqnAG1vSqtjIFM9lXH53OgouuPm0M=";
stripRoot = false;
})
];
};
requests.request = {
model = model-tts;
input = "Hello, how are you?";
};
in
testers.runNixOSTest {
name = self.name + "-tts";
nodes.machine = {
imports = [ common-config ];
virtualisation.cores = 2;
services.local-ai.models = models;
};
passthru = {
inherit models requests;
};
testScript =
let
port = "8080";
in
''
machine.wait_for_open_port(${port})
machine.succeed("curl -f http://localhost:${port}/readyz")
machine.succeed("curl -f http://localhost:${port}/v1/models --output models.json")
machine.succeed("${jq}/bin/jq --exit-status 'debug' models.json")
machine.succeed("curl -f http://localhost:${port}/tts --json @${writers.writeJSON "request.json" requests.request} --output out.wav")
machine.copy_from_vm("out.wav")
machine.succeed("curl -f http://localhost:${port}/v1/audio/transcriptions --header 'Content-Type: multipart/form-data' --form file=@out.wav --form model=${model-stt} --output transcription.json")
machine.copy_from_vm("transcription.json")
machine.succeed("${jq}/bin/jq --exit-status 'debug | .segments | first.text == \"${requests.request.input}\"' transcription.json")
machine.succeed("${prom2json}/bin/prom2json http://localhost:${port}/metrics > metrics.json")
machine.copy_from_vm("metrics.json")
'';
};
}

4
pkgs/by-name/lo/logiops/package.nix
View File

@ -12,13 +12,13 @@
stdenv.mkDerivation (oldAttrs: {
pname = "logiops";
version = "0.3.4";
version = "0.3.5";
src = fetchFromGitHub {
owner = "PixlOne";
repo = "logiops";
rev = "v${oldAttrs.version}";
hash = "sha256-IL7jQA3lGhxVLYCFRgeXdadaBlQr+Op9cedHBlLUCWY=";
hash = "sha256-GAnlPqjIFGyOWwYFs7gth2m9ITc1jyiaW0sWwQ2zFOs=";
# In v0.3.0, the `ipcgull` submodule was added as a dependency
# https://github.com/PixlOne/logiops/releases/tag/v0.3.0
fetchSubmodules = true;

72
pkgs/by-name/lu/luckybackup/package.nix Normal file
View File

@ -0,0 +1,72 @@
{
lib,
fetchurl,
libtool,
openssh,
pkg-config,
qt5,
rsync,
stdenv,
}:
stdenv.mkDerivation (finalAttrs: {
pname = "luckybackup";
version = "0.5.0";
src = fetchurl {
url = "mirror://sourceforge/project/luckybackup/${finalAttrs.version}/source/luckybackup-${finalAttrs.version}.tar.gz";
hash = "sha256-6AGvJIPL3WK8mvji3tJSxRrbrYFILikQQvWOIcPUkls=";
};
outputs = [
"out"
"doc"
"man"
];
nativeBuildInputs = [
libtool
pkg-config
qt5.qmake
qt5.wrapQtAppsHook
];
buildInputs = [
rsync
openssh
];
strictDeps = true;
prePatch = ''
for File in \
luckybackup.pro \
menu/luckybackup-pkexec \
menu/luckybackup-su.desktop \
menu/luckybackup.desktop \
menu/net.luckybackup.su.policy \
src/functions.cpp \
src/global.cpp \
src/scheduleDialog.cpp; do
substituteInPlace $File --replace "/usr" "$out"
done
'';
meta = {
homepage = "https://luckybackup.sourceforge.net/";
description = "Powerful, fast and reliable backup & sync tool";
longDescription = ''
luckyBackup is an application for data back-up and synchronization
powered by the rsync tool.
It is simple to use, fast (transfers over only changes made and not
all data), safe (keeps your data safe by checking all declared directories
before proceeding in any data manipulation), reliable and fully
customizable.
'';
license = lib.licenses.gpl3Plus;
mainProgram = "luckybackup";
maintainers = with lib.maintainers; [ AndersonTorres ];
platforms = lib.platforms.linux;
};
})

4
pkgs/by-name/lu/lumafly/package.nix
View File

@ -12,13 +12,13 @@
}:
buildDotnetModule rec {
pname = "lumafly";
version = "3.2.0.0";
version = "3.3.0.0";
src = fetchFromGitHub {
owner = "TheMulhima";
repo = "lumafly";
rev = "v${version}";
hash = "sha256-oDSM5Ev9SCjbvCgDZcpzm2bVnzG04yy/WaSwJyh0b18=";
hash = "sha256-GVPMAwxbq9XlKjMKd9G5yUol42f+6lSyHukN7NMCVDA=";
};
projectFile = "Lumafly/Lumafly.csproj";

4
pkgs/by-name/lx/lxgw-wenkai-tc/package.nix
View File

@ -5,10 +5,10 @@
stdenvNoCC.mkDerivation rec {
pname = "lxgw-wenkai-tc";
version = "1.330";
version = "1.500";
src = fetchurl {
url = "https://github.com/lxgw/LxgwWenKaiTC/releases/download/v${version}/lxgw-wenkai-tc-v${version}.tar.gz";
hash = "sha256-qpX5shH1HbGMa287u/R1rMFgQeAUC0wwKFVD+QSTyho=";
hash = "sha256-GuGIRgBQTmlKmarEVFmZ2RgYtlw6mz3nfFdWbjlm934=";
};
installPhase = ''

48
pkgs/by-name/ma/marble-shell-theme/package.nix Normal file
View File

@ -0,0 +1,48 @@
{
lib,
stdenvNoCC,
fetchFromGitHub,
python3,
colors ? [ "all" ], # Default to install all available colors
additionalInstallationTweaks ? [ ], # Additional installation tweaks
}:
assert lib.assertMsg (colors != [ ]) "The `colors` list can not be empty";
stdenvNoCC.mkDerivation (finalAttrs: {
pname = "marble-shell-theme";
version = "46.2.3";
src = fetchFromGitHub {
owner = "imarkoff";
repo = "Marble-shell-theme";
rev = "5971b15d8115c60c3a16b1d219ecffd2cfcdb323";
hash = "sha256-TX6BSS29EAi2PjL1fMvEKD12RjB9xrfqPSQsJJrUcJg=";
};
nativeBuildInputs = [ python3 ];
patchPhase = ''
runHook prePatch
substituteInPlace scripts/config.py \
--replace-fail "~/.themes" ".themes"
runHook postPatch
'';
installPhase = ''
runHook preInstall
mkdir -p $out/share/themes
python install.py ${
lib.escapeShellArgs (map (color: "--${color}") colors)
} ${lib.escapeShellArgs additionalInstallationTweaks}
cp -r .themes/* $out/share/themes/
runHook postInstall
'';
meta = {
description = "Shell theme for GNOME DE";
license = lib.licenses.gpl3Plus;
platforms = lib.platforms.linux;
homepage = "https://github.com/imarkoff/Marble-shell-theme";
changelog = "https://github.com/imarkoff/Marble-shell-theme/releases/tag/${finalAttrs.version}";
maintainers = with lib.maintainers; [ aucub ];
};
})

4
pkgs/by-name/ma/marwaita-red/package.nix
View File

@ -10,13 +10,13 @@
stdenv.mkDerivation rec {
pname = "marwaita-red";
version = "21";
version = "22";
src = fetchFromGitHub {
owner = "darkomarko42";
repo = pname;
rev = version;
hash = "sha256-VCNwWtAzMORF+gXjcLhJCsmllGD2xGgRSS3WxaVoRfU=";
hash = "sha256-oUJ74MNAFbbM123v7i+b29UEFFumswPI3DmqeeahMd4=";
};
buildInputs = [

4
pkgs/by-name/ma/marwaita-teal/package.nix
View File

@ -10,13 +10,13 @@
stdenv.mkDerivation rec {
pname = "marwaita-teal";
version = "21";
version = "22";
src = fetchFromGitHub {
owner = "darkomarko42";
repo = pname;
rev = version;
hash = "sha256-9WH/mbnLLLAf8B5Fwd7PMRAX2psWVJn7gGO4C5KkLjM=";
hash = "sha256-aSzeF4winpea21gADa/HT+a+FZ4Ykrpue/ePmveJU8E=";
};
buildInputs = [

0
pkgs/applications/science/math/mathmod/fix-paths.patch → pkgs/by-name/ma/mathmod/fix-paths.patch
View File

25
pkgs/applications/science/math/mathmod/default.nix → pkgs/by-name/ma/mathmod/package.nix
View File

@ -1,18 +1,19 @@
{ lib
, mkDerivation
, fetchFromGitHub
, qmake
{
lib,
stdenv,
fetchFromGitHub,
libsForQt5,
}:
mkDerivation {
stdenv.mkDerivation (finalAttrs: {
pname = "mathmod";
version = "11.1-unstable-2024-01-26";
version = "12.0";
src = fetchFromGitHub {
owner = "parisolab";
repo = "mathmod";
rev = "24d03a04c17363520ae7cf077e72a7b8684eb6fd";
hash = "sha256-HiqHssPGqYEVZWchZRj4rFPc+xNVZk1ryl5qvFC2BmQ=";
rev = "refs/tags/${finalAttrs.version}";
hash = "sha256-h1iI7bheJVfE2+0m6Yk7QNCkl9Vye97tqb/WkQExVcQ=";
};
patches = [ ./fix-paths.patch ];
@ -21,9 +22,13 @@ mkDerivation {
substituteInPlace MathMod.pro --subst-var out
'';
nativeBuildInputs = [ qmake ];
nativeBuildInputs = with libsForQt5; [
qmake
wrapQtAppsHook
];
meta = {
changelog = "https://github.com/parisolab/mathmod/releases/tag/${finalAttrs.version}";
description = "Mathematical modelling software";
homepage = "https://github.com/parisolab/mathmod";
license = lib.licenses.gpl2Plus;
@ -31,4 +36,4 @@ mkDerivation {
maintainers = with lib.maintainers; [ tomasajt ];
platforms = lib.platforms.unix;
};
}
})

6
pkgs/servers/geospatial/mbtileserver/default.nix → pkgs/by-name/mb/mbtileserver/package.nix
View File

@ -2,16 +2,16 @@
buildGoModule rec {
pname = "mbtileserver";
version = "0.10.0";
version = "0.11.0";
src = fetchFromGitHub {
owner = "consbio";
repo = pname;
rev = "v${version}";
sha256 = "sha256-hKDgKiy3tmZ7gxmxZlflJHcxatrSqE1d1uhSLJh8XLo=";
sha256 = "sha256-RLaAhc24zdCFvpSN2LZXNyS1ygg9zCi4jEj8owdreWU=";
};
vendorHash = "sha256-QcyFnzRdGdrVqgKEMbhaD7C7dkGKKhTesMMZKrrLx70=";
vendorHash = "sha256-yn7LcR/DvHDSRicUnWLrFZKqZti+YQoLSk3mZkDIj10=";
meta = with lib; {
description = "Simple Go-based server for map tiles stored in mbtiles format";

6
pkgs/by-name/mo/movim/package.nix
View File

@ -38,13 +38,13 @@ let
in
php.buildComposerProject (finalAttrs: {
pname = "movim";
version = "0.27.1";
version = "0.28";
src = fetchFromGitHub {
owner = "movim";
repo = "movim";
rev = "refs/tags/v${finalAttrs.version}";
hash = "sha256-7/8d+GU/hLaiFqo4Rl0ardhOwEpSeJ3GfJMNpGbNlnU=";
hash = "sha256-mjBeBu1seH5XMls+e4ON13ayVeugKogbNTzbjp1pUjE=";
};
php = php.buildEnv ({
@ -67,7 +67,7 @@ php.buildComposerProject (finalAttrs: {
# pinned commonmark
composerStrictValidation = false;
vendorHash = "sha256-wDnOh1CdJOovqmr4k45ksycuylYwL0Dm/UTl4EETf1k=";
vendorHash = "sha256-ZfMUpkIRCAsiQf6PEVPrMpljZWjP9JXf+nEFA/LunsQ=";
postPatch = ''
# Our modules are already wrapped, removes missing *.so warnings;

37
pkgs/by-name/mo/mozillavpn/package.nix
View File

@ -1,4 +1,5 @@
{
_experimental-update-script-combinators,
buildGoModule,
cargo,
cmake,
@ -9,6 +10,7 @@
libgcrypt,
libgpg-error,
libsecret,
nix-update-script,
pkg-config,
python3,
qt6,
@ -20,27 +22,26 @@
stdenv.mkDerivation (finalAttrs: {
pname = "mozillavpn";
version = "2.24.0";
version = "2.24.1";
src = fetchFromGitHub {
owner = "mozilla-mobile";
repo = "mozilla-vpn-client";
rev = "v${finalAttrs.version}";
fetchSubmodules = true;
hash = "sha256-iTnwx+KPZ5b8qT0fEMUCGQx1UyGVM4VCzooZqslGWtw=";
hash = "sha256-X2rtHAZ9vbWjuOmD3B/uPasUQ1Q+b4SkNqk4MqGMaYo=";
};
patches = [ ];
netfilterGoModules =
(buildGoModule {
inherit (finalAttrs)
pname
version
src
patches
;
modRoot = "linux/netfilter";
vendorHash = "sha256-Cmo0wnl0z5r1paaEf1MhCPbInWeoMhGjnxCxGh0cyO8=";
}).goModules;
netfilter = buildGoModule {
pname = "${finalAttrs.pname}-netfilter";
inherit (finalAttrs)
version
src
patches
;
modRoot = "linux/netfilter";
vendorHash = "sha256-Cmo0wnl0z5r1paaEf1MhCPbInWeoMhGjnxCxGh0cyO8=";
};
cargoDeps = rustPlatform.fetchCargoTarball {
inherit (finalAttrs) src patches;
@ -83,7 +84,7 @@ stdenv.mkDerivation (finalAttrs: {
substituteInPlace extension/CMakeLists.txt \
--replace '/etc' "$out/etc"
ln -s '${finalAttrs.netfilterGoModules}' linux/netfilter/vendor
ln -s '${finalAttrs.netfilter.goModules}' linux/netfilter/vendor
'';
cmakeFlags = [
@ -100,6 +101,14 @@ stdenv.mkDerivation (finalAttrs: {
(lib.makeBinPath [ wireguard-tools ])
];
passthru.updateScript = _experimental-update-script-combinators.sequence [
(nix-update-script { })
(nix-update-script {
attrPath = "mozillavpn.netfilter";
extraArgs = [ "--version=skip" ];
})
];
meta = {
description = "Client for the Mozilla VPN service";
mainProgram = "mozillavpn";

4
pkgs/by-name/no/notcurses/package.nix
View File

@ -14,13 +14,13 @@
stdenv.mkDerivation rec {
pname = "notcurses";
version = "3.0.9";
version = "3.0.11";
src = fetchFromGitHub {
owner = "dankamongmen";
repo = "notcurses";
rev = "v${version}";
sha256 = "sha256-8SJeqLcV4xp968YgGsJccsgpB5wwaJDaoWsaYxf8upM=";
sha256 = "sha256-3ddiHzPZ74GN2Hu+6Oe1DaNFn6S9gegGwXSX8fbtPp8=";
};
outputs = [ "out" "dev" ];

4
pkgs/by-name/nz/nzbhydra2/package.nix
View File

@ -10,11 +10,11 @@
}:
stdenv.mkDerivation rec {
pname = "nzbhydra2";
version = "7.6.0";
version = "7.7.0";
src = fetchzip {
url = "https://github.com/theotherp/nzbhydra2/releases/download/v${version}/nzbhydra2-${version}-generic.zip";
hash = "sha256-EMp7bR3VCFWgg32ddUzAIEVINIeGXq8qBiIp3G/YI0I=";
hash = "sha256-8Q/aTMwHFy7OG+VyoSRYlXp4l247nUSPP0YCMkv9Cec=";
stripRoot = false;
};

6
pkgs/by-name/op/opencomposite/package.nix
View File

@ -16,13 +16,13 @@
stdenv.mkDerivation {
pname = "opencomposite";
version = "0-unstable-2024-09-13";
version = "0-unstable-2024-10-02";
src = fetchFromGitLab {
owner = "znixian";
repo = "OpenOVR";
rev = "f8db7aa35831753f00215a2d9ba7197a80d7bacd";
hash = "sha256-3fqh7Kth5XFcDsJUMmR2af+r5QPW3/mAsEauGUXaWq8=";
rev = "f969a972e9a151de776fa8d1bd6e67056f0a5d5d";
hash = "sha256-CE+ushwNv8kQSXtrQ6K5veBmpQvQaMKk6P9G1wV2uvM=";
};
nativeBuildInputs = [ cmake ];

2
pkgs/by-name/os/ossia-score/package.nix
View File

@ -111,7 +111,7 @@ clangStdenv.mkDerivation (finalAttrs: {
"-DSuil_INCLUDE_DIR=${suil}/include/suil-0"
];
# Needed for libraries that get dlopen'd
# Needed for libraries that get dlopen'd
env.NIX_LDFLAGS = toString [
"-lasound"
"-llilv-0"

6
pkgs/by-name/pi/pietrasanta-traceroute/package.nix
View File

@ -7,13 +7,13 @@
stdenv.mkDerivation rec {
pname = "pietrasanta-traceroute";
version = "0.0.5-unstable-2024-06-11";
version = "0.0.5-unstable-2024-09-06";
src = fetchFromGitHub {
owner = "catchpoint";
repo = "Networking.traceroute";
rev = "5b9f9cd2cbd5b8d90442d4ddb71ab788297e2153";
hash = "sha256-/WsBh42brVCRP31LnCPS34kRaQKMvP+XEENyD5MjCfw=";
rev = "e4a5cf94dccd646e03b9b75a762e9b014e3a3128";
hash = "sha256-5FbuITewgSh6UFUU1vttkokk8uZ2IrzkDwsCuWJPKlM=";
};
passthru.updateScript = unstableGitUpdater { };

6
pkgs/by-name/pr/proto/package.nix
View File

@ -10,16 +10,16 @@
rustPlatform.buildRustPackage rec {
pname = "proto";
version = "0.41.1";
version = "0.41.3";
src = fetchFromGitHub {
owner = "moonrepo";
repo = "proto";
rev = "v${version}";
hash = "sha256-IQKFQvWEPB5yssvdHl6gGmgxkbXzpRhU6hqaTLsQizE=";
hash = "sha256-FkuHKfrMH+l/k9lfFhbG619KoDIxmEYwoaniHSPF8hQ=";
};
cargoHash = "sha256-SvdfTiyJhJ4w9aBiElh9zgug8hNwiX7xUjtYFjykJqc=";
cargoHash = "sha256-vll9ckegcECmzoOkTCe2q2M1r4s5JlUnv2DtzJEQ7bY=";
buildInputs = lib.optionals stdenv.hostPlatform.isDarwin [
darwin.apple_sdk.frameworks.SystemConfiguration

4
pkgs/by-name/pr/proton-ge-bin/package.nix
View File

@ -6,11 +6,11 @@
}:
stdenvNoCC.mkDerivation (finalAttrs: {
pname = "proton-ge-bin";
version = "GE-Proton9-13";
version = "GE-Proton9-15";
src = fetchzip {
url = "https://github.com/GloriousEggroll/proton-ge-custom/releases/download/${finalAttrs.version}/${finalAttrs.version}.tar.gz";
hash = "sha256-/KaFYCLvojxH3coiJaArXMPIIwW5qzK+I0bGyt7oBNY=";
hash = "sha256-WeqntQxez6XPRZxpPNUAQ8/7sw6TzOKU1yrtPHmQNh0=";
};
outputs = [

6
pkgs/by-name/pr/proton-pass/package.nix
View File

@ -8,11 +8,11 @@
}:
stdenvNoCC.mkDerivation (finalAttrs: {
pname = "proton-pass";
version = "1.22.1";
version = "1.23.0";
src = fetchurl {
url = "https://proton.me/download/PassDesktop/linux/x64/ProtonPass_${finalAttrs.version}.deb";
hash = "sha256-DIA54xxJ8Nhh8wb4p13yjdenqgTgenAH4Tmbqk3IXwo=";
url = "https://proton.me/download/pass/linux/x64/proton-pass_${finalAttrs.version}_amd64.deb";
hash = "sha256-ewrPk3v1jgF87uY+7P8oQdWARcuFKdfiM1BzulMPBpg=";
};
dontConfigure = true;

143
pkgs/by-name/re/renderdoc/package.nix Normal file
View File

@ -0,0 +1,143 @@
{
lib,
addDriverRunpath,
autoconf,
automake,
bison,
cmake,
fetchFromGitHub,
libXdmcp,
libglvnd,
libpthreadstubs,
makeWrapper,
nix-update-script,
pcre,
pkg-config,
python311Packages,
qt5,
stdenv,
vulkan-loader,
wayland,
# Boolean flags
waylandSupport ? true,
}:
let
custom_swig = fetchFromGitHub {
owner = "baldurk";
repo = "swig";
rev = "renderdoc-modified-7";
hash = "sha256-RsdvxBBQvwuE5wSwL8OBXg5KMSpcO6EuMS0CzWapIpc=";
};
in
stdenv.mkDerivation (finalAttrs: {
pname = "renderdoc";
version = "1.35";
src = fetchFromGitHub {
owner = "baldurk";
repo = "renderdoc";
rev = "v${finalAttrs.version}";
hash = "sha256-iBe3JNtG9P1IAd00s/fL2RcImMrTwruld98OFHrIhp4=";
};
outputs = [
"out"
"dev"
"doc"
];
buildInputs =
[
libXdmcp
libpthreadstubs
python311Packages.pyside2
python311Packages.pyside2-tools
python311Packages.shiboken2
qt5.qtbase
qt5.qtsvg
vulkan-loader
]
++ lib.optionals waylandSupport [
wayland
];
nativeBuildInputs = [
addDriverRunpath
autoconf
automake
bison
cmake
makeWrapper
pcre
pkg-config
python311Packages.python
qt5.qtx11extras
qt5.wrapQtAppsHook
];
cmakeFlags = [
(lib.cmakeFeature "BUILD_VERSION_HASH" finalAttrs.src.rev)
(lib.cmakeFeature "BUILD_VERSION_DIST_NAME" "NixOS")
(lib.cmakeFeature "BUILD_VERSION_DIST_VER" finalAttrs.version)
(lib.cmakeFeature "BUILD_VERSION_DIST_CONTACT" "https://github.com/NixOS/nixpkgs/")
(lib.cmakeBool "BUILD_VERSION_STABLE" true)
(lib.cmakeBool "ENABLE_WAYLAND" waylandSupport)
];
dontWrapQtApps = true;
strictDeps = true;
postUnpack = ''
cp -r ${custom_swig} swig
chmod -R +w swig
patchShebangs swig/autogen.sh
'';
# TODO: define these in the above array via placeholders, once those are
# widely supported
preConfigure = ''
cmakeFlagsArray+=(
"-DRENDERDOC_SWIG_PACKAGE=$PWD/../swig"
"-DVULKAN_LAYER_FOLDER=$out/share/vulkan/implicit_layer.d/"
)
'';
preFixup =
let
libPath = lib.makeLibraryPath [
libglvnd
vulkan-loader
];
in
''
wrapQtApp $out/bin/qrenderdoc \
--suffix LD_LIBRARY_PATH : "$out/lib:${libPath}"
wrapProgram $out/bin/renderdoccmd \
--suffix LD_LIBRARY_PATH : "$out/lib:${libPath}"
'';
# The only documentation for this so far is in the setup-hook.sh script from
# add-opengl-runpath
postFixup = ''
addDriverRunpath $out/lib/librenderdoc.so
'';
passthru.updateScript = nix-update-script { };
meta = {
homepage = "https://renderdoc.org/";
description = "Single-frame graphics debugger";
longDescription = ''
RenderDoc is a free MIT licensed stand-alone graphics debugger that
allows quick and easy single-frame capture and detailed introspection
of any application using Vulkan, D3D11, OpenGL or D3D12 across
Windows 7 - 10, Linux or Android.
'';
license = lib.licenses.mit;
mainProgram = "renderdoccmd";
maintainers = with lib.maintainers; [ AndersonTorres ];
platforms = lib.intersectLists lib.platforms.linux (lib.platforms.x86_64 ++ lib.platforms.i686);
};
})

12
pkgs/by-name/rt/rtorrent/package.nix
View File

@ -15,18 +15,18 @@
, xmlrpc_c
, zlib
, nixosTests
, unstableGitUpdater
, gitUpdater
}:
stdenv.mkDerivation {
stdenv.mkDerivation rec {
pname = "rakshasa-rtorrent";
version = "0.9.8-unstable-2024-09-07";
version = "0.10.0";
src = fetchFromGitHub {
owner = "rakshasa";
repo = "rtorrent";
rev = "9a93281ded3f6c6bb40593f9bbd3597683cff263";
hash = "sha256-dbZ0Q6v6vu8rlr7p1rPc3Cx/9R53OelkoTNsdAVQAxE=";
rev = "v${version}";
hash = "sha256-G/30Enycpqg/pWC95CzT9LY99kN4tI+S8aSQhnQO+M8=";
};
outputs = [ "out" "man" ];
@ -60,7 +60,7 @@ stdenv.mkDerivation {
];
passthru = {
updateScript = unstableGitUpdater { tagPrefix = "v"; };
updateScript = gitUpdater { tagPrefix = "v"; };
tests = {
inherit (nixosTests) rtorrent;
};

6
pkgs/by-name/se/sendme/package.nix
View File

@ -7,16 +7,16 @@
rustPlatform.buildRustPackage rec {
pname = "sendme";
version = "0.16.0";
version = "0.17.0";
src = fetchFromGitHub {
owner = "n0-computer";
repo = pname;
rev = "v${version}";
hash = "sha256-nDYsNaR3NQ6ut6gtHwEoiwhj4B4Bac5+NOOq3H2NCYY=";
hash = "sha256-YnabQ8YHDsFYu5RX3E2NvPARsl+qn4688q9KxZ5Fegc=";
};
cargoHash = "sha256-U2/GUpWtpTX+RCBojh3N6DsWB0gjFkH1mGA+AS+fH+o=";
cargoHash = "sha256-yD40QKceLjtq80K6I98bT27sCAkCnkRkfE3m4eGjueU=";
buildInputs = lib.optionals stdenv.hostPlatform.isDarwin (
with darwin.apple_sdk.frameworks; [

41
pkgs/by-name/sl/slweb/package.nix Normal file
View File

@ -0,0 +1,41 @@
{
lib,
stdenv,
fetchFromSourcehut,
versionCheckHook,
}:
stdenv.mkDerivation (finalAttrs: {
pname = "slweb";
version = "0.10.1";
src = fetchFromSourcehut {
owner = "~strahinja";
repo = "slweb";
rev = "v${finalAttrs.version}";
hash = "sha256-AJg8qgbNUKizU0uyTnq9EviIXOUuaGvQowLAyTWhGTY=";
};
postPatch = ''
substituteInPlace config.mk \
--replace-fail "/usr/local" "$out"
'';
env = {
FALLBACKVER = finalAttrs.version;
};
nativeInstallCheckInputs = [
versionCheckHook
];
doInstallCheck = true;
meta = {
description = "Static website generator which aims at being simplistic";
homepage = "https://strahinja.srht.site/slweb/";
license = lib.licenses.gpl3Plus;
platforms = lib.platforms.linux;
maintainers = with lib.maintainers; [ GaetanLepage ];
mainProgram = "slweb";
};
})

Some files were not shown because too many files have changed in this diff Show More