Merge staging-next into staging
This commit is contained in:
commit
25a77b7210
3
.github/FUNDING.yml
vendored
Normal file
3
.github/FUNDING.yml
vendored
Normal file
@ -0,0 +1,3 @@
|
||||
# These are supported funding model platforms
|
||||
|
||||
custom: https://nixos.org/nixos/foundation.html
|
2
.github/PULL_REQUEST_TEMPLATE.md
vendored
2
.github/PULL_REQUEST_TEMPLATE.md
vendored
@ -15,7 +15,7 @@
|
||||
- [ ] Tested compilation of all pkgs that depend on this change using `nix-shell -p nix-review --run "nix-review wip"`
|
||||
- [ ] Tested execution of all binary files (usually in `./result/bin/`)
|
||||
- [ ] Determined the impact on package closure size (by running `nix path-info -S` before and after)
|
||||
- [ ] Assured whether relevant documentation is up to date
|
||||
- [ ] Ensured that relevant documentation is up to date
|
||||
- [ ] Fits [CONTRIBUTING.md](https://github.com/NixOS/nixpkgs/blob/master/.github/CONTRIBUTING.md).
|
||||
|
||||
---
|
||||
|
@ -325,6 +325,18 @@ packageOverrides = pkgs: {
|
||||
elm2nix</link>.
|
||||
</para>
|
||||
</section>
|
||||
<section xml:id="sec-kakoune">
|
||||
<title>Kakoune</title>
|
||||
|
||||
<para>
|
||||
Kakoune can be built to autoload plugins:
|
||||
<programlisting>(kakoune.override {
|
||||
configure = {
|
||||
plugins = with pkgs.kakounePlugins; [ parinfer-rust ];
|
||||
};
|
||||
})</programlisting>
|
||||
</para>
|
||||
</section>
|
||||
<section xml:id="sec-shell-helpers">
|
||||
<title>Interactive shell helpers</title>
|
||||
|
||||
|
@ -681,6 +681,11 @@
|
||||
github = "bergey";
|
||||
name = "Daniel Bergey";
|
||||
};
|
||||
betaboon = {
|
||||
email = "betaboon@0x80.ninja";
|
||||
github = "betaboon";
|
||||
name = "betaboon";
|
||||
};
|
||||
bfortz = {
|
||||
email = "bernard.fortz@gmail.com";
|
||||
github = "bfortz";
|
||||
@ -1940,6 +1945,11 @@
|
||||
github = "glenns";
|
||||
name = "Glenn Searby";
|
||||
};
|
||||
gloaming = {
|
||||
email = "ch9871@gmail.com";
|
||||
github = "gloaming";
|
||||
name = "Craig Hall";
|
||||
};
|
||||
globin = {
|
||||
email = "mail@glob.in";
|
||||
github = "globin";
|
||||
@ -2753,6 +2763,11 @@
|
||||
github = "lasandell";
|
||||
name = "Luke Sandell";
|
||||
};
|
||||
lambda-11235 = {
|
||||
email = "taranlynn0@gmail.com";
|
||||
github = "lambda-11235";
|
||||
name = "Taran Lynn";
|
||||
};
|
||||
lassulus = {
|
||||
email = "lassulus@gmail.com";
|
||||
github = "Lassulus";
|
||||
@ -3559,6 +3574,11 @@
|
||||
github = "nathan-gs";
|
||||
name = "Nathan Bijnens";
|
||||
};
|
||||
nathyong = {
|
||||
email = "nathyong@noreply.github.com";
|
||||
github = "nathyong";
|
||||
name = "Nathan Yong";
|
||||
};
|
||||
nckx = {
|
||||
email = "github@tobias.gr";
|
||||
github = "nckx";
|
||||
@ -4841,6 +4861,11 @@
|
||||
github = "severen";
|
||||
name = "Severen Redwood";
|
||||
};
|
||||
steell = {
|
||||
email = "steve@steellworks.com";
|
||||
github = "Steell";
|
||||
name = "Steve Elliott";
|
||||
};
|
||||
stephenmw = {
|
||||
email = "stephen@q5comm.com";
|
||||
github = "stephenmw";
|
||||
|
@ -39,7 +39,7 @@
|
||||
<xref linkend="opt-networking.defaultGateway6"/> = {
|
||||
address = "fe00::1";
|
||||
interface = "enp0s3";
|
||||
}
|
||||
};
|
||||
</programlisting>
|
||||
</para>
|
||||
|
||||
|
@ -22,7 +22,7 @@ in
|
||||
boot.kernelPackages = pkgs.linuxPackages_rpi;
|
||||
|
||||
sdImage = {
|
||||
populateBootCommands = let
|
||||
populateFirmwareCommands = let
|
||||
configTxt = pkgs.writeText "config.txt" ''
|
||||
# Prevent the firmware from smashing the framebuffer setup done by the mainline kernel
|
||||
# when attempting to show low-voltage or overtemperature warnings.
|
||||
|
@ -191,6 +191,7 @@
|
||||
./services/audio/liquidsoap.nix
|
||||
./services/audio/mpd.nix
|
||||
./services/audio/mopidy.nix
|
||||
./services/audio/roon-server.nix
|
||||
./services/audio/slimserver.nix
|
||||
./services/audio/snapserver.nix
|
||||
./services/audio/squeezelite.nix
|
||||
|
@ -213,6 +213,7 @@ with lib;
|
||||
(mkRemovedOptionModule [ "boot" "zfs" "enableLegacyCrypto" ] "The corresponding package was removed from nixpkgs.")
|
||||
(mkRemovedOptionModule [ "services" "winstone" ] "The corresponding package was removed from nixpkgs.")
|
||||
(mkRemovedOptionModule [ "services" "mysql" "pidDir" ] "Don't wait for pidfiles, describe dependencies through systemd")
|
||||
(mkRemovedOptionModule [ "services" "mysql" "rootPassword" ] "Use socket authentication or set the password outside of the nix store.")
|
||||
|
||||
# ZSH
|
||||
(mkRenamedOptionModule [ "programs" "zsh" "enableSyntaxHighlighting" ] [ "programs" "zsh" "syntaxHighlighting" "enable" ])
|
||||
@ -240,6 +241,12 @@ with lib;
|
||||
# binfmt
|
||||
(mkRenamedOptionModule [ "boot" "binfmtMiscRegistrations" ] [ "boot" "binfmt" "registrations" ])
|
||||
|
||||
# PHP-FPM
|
||||
(mkRemovedOptionModule [ "services" "phpfpm" "poolConfigs" ] "Use services.phpfpm.pools instead.")
|
||||
(mkRemovedOptionModule [ "services" "phpfpm" "phpPackage" ] "Use services.phpfpm.pools.<name>.phpPackage instead.")
|
||||
(mkRemovedOptionModule [ "services" "phpfpm" "phpOptions" ] "Use services.phpfpm.pools.<name>.phpOptions instead.")
|
||||
(mkRenamedOptionModule [ "services" "phpfpm" "extraConfig" ] [ "services" "phpfpm" "globalExtraConfig" ])
|
||||
|
||||
] ++ (flip map [ "blackboxExporter" "collectdExporter" "fritzboxExporter"
|
||||
"jsonExporter" "minioExporter" "nginxExporter" "nodeExporter"
|
||||
"snmpExporter" "unifiExporter" "varnishExporter" ]
|
||||
|
@ -70,25 +70,25 @@ in {
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d '${cfg.dataDir}' - mopidy mopidy - -"
|
||||
];
|
||||
|
||||
systemd.services.mopidy = {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "network.target" "sound.target" ];
|
||||
description = "mopidy music player daemon";
|
||||
preStart = "mkdir -p ${cfg.dataDir} && chown -R mopidy:mopidy ${cfg.dataDir}";
|
||||
serviceConfig = {
|
||||
ExecStart = "${mopidyEnv}/bin/mopidy --config ${concatStringsSep ":" ([mopidyConf] ++ cfg.extraConfigFiles)}";
|
||||
User = "mopidy";
|
||||
PermissionsStartOnly = true;
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.mopidy-scan = {
|
||||
description = "mopidy local files scanner";
|
||||
preStart = "mkdir -p ${cfg.dataDir} && chown -R mopidy:mopidy ${cfg.dataDir}";
|
||||
serviceConfig = {
|
||||
ExecStart = "${mopidyEnv}/bin/mopidy --config ${concatStringsSep ":" ([mopidyConf] ++ cfg.extraConfigFiles)} local scan";
|
||||
User = "mopidy";
|
||||
PermissionsStartOnly = true;
|
||||
Type = "oneshot";
|
||||
};
|
||||
};
|
||||
@ -98,7 +98,7 @@ in {
|
||||
group = "mopidy";
|
||||
extraGroups = [ "audio" ];
|
||||
description = "Mopidy daemon user";
|
||||
home = "${cfg.dataDir}";
|
||||
home = cfg.dataDir;
|
||||
};
|
||||
|
||||
users.groups.mopidy.gid = gid;
|
||||
|
49
nixos/modules/services/audio/roon-server.nix
Normal file
49
nixos/modules/services/audio/roon-server.nix
Normal file
@ -0,0 +1,49 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
name = "roon-server";
|
||||
cfg = config.services.roon-server;
|
||||
in {
|
||||
options = {
|
||||
services.roon-server = {
|
||||
enable = mkEnableOption "Roon Server";
|
||||
openFirewall = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Open ports in the firewall for the server.
|
||||
|
||||
UDP: 9003
|
||||
TCP: 9100 - 9200
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
systemd.services.roon-server = {
|
||||
after = [ "network.target" ];
|
||||
description = "Roon Server";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
environment.ROON_DATAROOT = "/var/lib/${name}";
|
||||
|
||||
serviceConfig = {
|
||||
ExecStart = "${pkgs.roon-server}/opt/start.sh";
|
||||
LimitNOFILE = 8192;
|
||||
DynamicUser = true;
|
||||
SupplementaryGroups = "audio";
|
||||
StateDirectory = name;
|
||||
};
|
||||
};
|
||||
|
||||
networking.firewall = mkIf cfg.openFirewall {
|
||||
allowedTCPPortRanges = [
|
||||
{ from = 9100; to = 9200; }
|
||||
];
|
||||
allowedUDPPorts = [ 9003 ];
|
||||
};
|
||||
};
|
||||
}
|
@ -42,15 +42,17 @@ in {
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d '${cfg.dataDir}' - slimserver slimserver - -"
|
||||
];
|
||||
|
||||
systemd.services.slimserver = {
|
||||
after = [ "network.target" ];
|
||||
description = "Slim Server for Logitech Squeezebox Players";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
preStart = "mkdir -p ${cfg.dataDir} && chown -R slimserver:slimserver ${cfg.dataDir}";
|
||||
serviceConfig = {
|
||||
User = "slimserver";
|
||||
PermissionsStartOnly = true;
|
||||
# Issue 40589: Disable broken image/video support (audio still works!)
|
||||
ExecStart = "${cfg.package}/slimserver.pl --logdir ${cfg.dataDir}/logs --prefsdir ${cfg.dataDir}/prefs --cachedir ${cfg.dataDir}/cache --noimage --novideo";
|
||||
};
|
||||
|
@ -47,15 +47,11 @@ in
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
User = cfg.user;
|
||||
PermissionsStartOnly = true;
|
||||
Group = "duplicati";
|
||||
StateDirectory = "duplicati";
|
||||
ExecStart = "${pkgs.duplicati}/bin/duplicati-server --webservice-interface=${cfg.interface} --webservice-port=${toString cfg.port} --server-datafolder=/var/lib/duplicati";
|
||||
Restart = "on-failure";
|
||||
};
|
||||
preStart = ''
|
||||
mkdir -p /var/lib/duplicati
|
||||
chown -R ${cfg.user}:duplicati /var/lib/duplicati
|
||||
'';
|
||||
};
|
||||
|
||||
users.users.duplicati = lib.optionalAttrs (cfg.user == "duplicati") {
|
||||
|
@ -105,19 +105,18 @@ in
|
||||
isSystemUser = true;
|
||||
};
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d '${cfg.dataDir}' - boinc - - -"
|
||||
];
|
||||
|
||||
systemd.services.boinc = {
|
||||
description = "BOINC Client";
|
||||
after = ["network.target" "local-fs.target"];
|
||||
wantedBy = ["multi-user.target"];
|
||||
preStart = ''
|
||||
mkdir -p ${cfg.dataDir}
|
||||
chown boinc ${cfg.dataDir}
|
||||
'';
|
||||
script = ''
|
||||
${fhsEnvExecutable} --dir ${cfg.dataDir} --redirectio ${allowRemoteGuiRpcFlag}
|
||||
'';
|
||||
serviceConfig = {
|
||||
PermissionsStartOnly = true; # preStart must be run as root
|
||||
User = "boinc";
|
||||
Nice = 10;
|
||||
};
|
||||
|
@ -95,6 +95,11 @@ in
|
||||
|
||||
environment.systemPackages = [cfg.package];
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d '${dataDir}' 0700 ${cfg.user} - - -"
|
||||
"d '${systemDir}' 0700 ${cfg.user} - - -"
|
||||
];
|
||||
|
||||
systemd.services.firebird =
|
||||
{ description = "Firebird Super-Server";
|
||||
|
||||
@ -104,21 +109,16 @@ in
|
||||
# is a better way
|
||||
preStart =
|
||||
''
|
||||
mkdir -m 0700 -p \
|
||||
"${dataDir}" \
|
||||
"${systemDir}" \
|
||||
/var/log/firebird
|
||||
|
||||
if ! test -e "${systemDir}/security2.fdb"; then
|
||||
cp ${firebird}/security2.fdb "${systemDir}"
|
||||
fi
|
||||
|
||||
chown -R ${cfg.user} "${dataDir}" "${systemDir}" /var/log/firebird
|
||||
chmod -R 700 "${dataDir}" "${systemDir}" /var/log/firebird
|
||||
'';
|
||||
|
||||
serviceConfig.PermissionsStartOnly = true; # preStart must be run as root
|
||||
serviceConfig.User = cfg.user;
|
||||
serviceConfig.LogsDirectory = "firebird";
|
||||
serviceConfig.LogsDirectoryMode = "0700";
|
||||
serviceConfig.ExecStart = ''${firebird}/bin/fbserver -d'';
|
||||
|
||||
# TODO think about shutdown
|
||||
|
@ -359,6 +359,13 @@ in
|
||||
}
|
||||
];
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d /etc/foundationdb 0755 ${cfg.user} ${cfg.group} - -"
|
||||
"d '${cfg.dataDir}' 0770 ${cfg.user} ${cfg.group} - -"
|
||||
"d '${cfg.logDir}' 0770 ${cfg.user} ${cfg.group} - -"
|
||||
"F '${cfg.pidFile}' - ${cfg.user} ${cfg.group} - -"
|
||||
];
|
||||
|
||||
systemd.services.foundationdb = {
|
||||
description = "FoundationDB Service";
|
||||
|
||||
@ -396,25 +403,12 @@ in
|
||||
path = [ pkg pkgs.coreutils ];
|
||||
|
||||
preStart = ''
|
||||
rm -f ${cfg.pidfile} && \
|
||||
touch ${cfg.pidfile} && \
|
||||
chown -R ${cfg.user}:${cfg.group} ${cfg.pidfile}
|
||||
|
||||
for x in "${cfg.logDir}" "${cfg.dataDir}"; do
|
||||
[ ! -d "$x" ] && mkdir -m 0770 -vp "$x";
|
||||
chown -R ${cfg.user}:${cfg.group} "$x";
|
||||
done
|
||||
|
||||
[ ! -d /etc/foundationdb ] && \
|
||||
mkdir -m 0775 -vp /etc/foundationdb && \
|
||||
chown -R ${cfg.user}:${cfg.group} "/etc/foundationdb"
|
||||
|
||||
if [ ! -f /etc/foundationdb/fdb.cluster ]; then
|
||||
cf=/etc/foundationdb/fdb.cluster
|
||||
desc=$(tr -dc A-Za-z0-9 </dev/urandom 2>/dev/null | head -c8)
|
||||
rand=$(tr -dc A-Za-z0-9 </dev/urandom 2>/dev/null | head -c8)
|
||||
echo ''${desc}:''${rand}@${initialIpAddr}:${builtins.toString cfg.listenPortStart} > $cf
|
||||
chmod 0664 $cf && chown -R ${cfg.user}:${cfg.group} $cf
|
||||
chmod 0664 $cf
|
||||
touch "${cfg.dataDir}/.first_startup"
|
||||
fi
|
||||
'';
|
||||
|
@ -94,6 +94,11 @@ in {
|
||||
|
||||
config = mkIf config.services.hbase.enable {
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d '${cfg.dataDir}' - ${cfg.user} ${cfg.group} - -"
|
||||
"d '${cfg.logDir}' - ${cfg.user} ${cfg.group} - -"
|
||||
];
|
||||
|
||||
systemd.services.hbase = {
|
||||
description = "HBase Server";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
@ -103,19 +108,7 @@ in {
|
||||
HBASE_LOG_DIR = cfg.logDir;
|
||||
};
|
||||
|
||||
preStart =
|
||||
''
|
||||
mkdir -p ${cfg.dataDir};
|
||||
mkdir -p ${cfg.logDir};
|
||||
|
||||
if [ "$(id -u)" = 0 ]; then
|
||||
chown ${cfg.user}:${cfg.group} ${cfg.dataDir}
|
||||
chown ${cfg.user}:${cfg.group} ${cfg.logDir}
|
||||
fi
|
||||
'';
|
||||
|
||||
serviceConfig = {
|
||||
PermissionsStartOnly = true;
|
||||
User = cfg.user;
|
||||
Group = cfg.group;
|
||||
ExecStart = "${cfg.package}/bin/hbase --config ${configDir} master start";
|
||||
|
@ -204,12 +204,6 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
# FIXME: remove this option; it's a really bad idea.
|
||||
rootPassword = mkOption {
|
||||
default = null;
|
||||
description = "Path to a file containing the root password, modified on the first startup. Not specifying a root password will leave the root password empty.";
|
||||
};
|
||||
|
||||
replication = {
|
||||
role = mkOption {
|
||||
type = types.enum [ "master" "slave" "none" ];
|
||||
@ -323,114 +317,105 @@ in
|
||||
RuntimeDirectoryMode = "0755";
|
||||
# The last two environment variables are used for starting Galera clusters
|
||||
ExecStart = "${mysql}/bin/mysqld --defaults-file=/etc/my.cnf ${mysqldOptions} $_WSREP_NEW_CLUSTER $_WSREP_START_POSITION";
|
||||
};
|
||||
ExecStartPost =
|
||||
let
|
||||
setupScript = pkgs.writeShellScript "mysql-setup" ''
|
||||
${optionalString (!hasNotify) ''
|
||||
# Wait until the MySQL server is available for use
|
||||
count=0
|
||||
while [ ! -e /run/mysqld/mysqld.sock ]
|
||||
do
|
||||
if [ $count -eq 30 ]
|
||||
then
|
||||
echo "Tried 30 times, giving up..."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
postStart =
|
||||
let
|
||||
cmdWatchForMysqlSocket = ''
|
||||
# Wait until the MySQL server is available for use
|
||||
count=0
|
||||
while [ ! -e /run/mysqld/mysqld.sock ]
|
||||
do
|
||||
if [ $count -eq 30 ]
|
||||
then
|
||||
echo "Tried 30 times, giving up..."
|
||||
exit 1
|
||||
fi
|
||||
echo "MySQL daemon not yet started. Waiting for 1 second..."
|
||||
count=$((count++))
|
||||
sleep 1
|
||||
done
|
||||
''}
|
||||
|
||||
echo "MySQL daemon not yet started. Waiting for 1 second..."
|
||||
count=$((count++))
|
||||
sleep 1
|
||||
done
|
||||
'';
|
||||
cmdInitialDatabases = concatMapStrings (database: ''
|
||||
# Create initial databases
|
||||
if ! test -e "${cfg.dataDir}/${database.name}"; then
|
||||
echo "Creating initial database: ${database.name}"
|
||||
( echo 'create database `${database.name}`;'
|
||||
if [ -f /tmp/mysql_init ]
|
||||
then
|
||||
${concatMapStrings (database: ''
|
||||
# Create initial databases
|
||||
if ! test -e "${cfg.dataDir}/${database.name}"; then
|
||||
echo "Creating initial database: ${database.name}"
|
||||
( echo 'create database `${database.name}`;'
|
||||
|
||||
${optionalString (database.schema != null) ''
|
||||
echo 'use `${database.name}`;'
|
||||
${optionalString (database.schema != null) ''
|
||||
echo 'use `${database.name}`;'
|
||||
|
||||
# TODO: this silently falls through if database.schema does not exist,
|
||||
# we should catch this somehow and exit, but can't do it here because we're in a subshell.
|
||||
if [ -f "${database.schema}" ]
|
||||
then
|
||||
cat ${database.schema}
|
||||
elif [ -d "${database.schema}" ]
|
||||
then
|
||||
cat ${database.schema}/mysql-databases/*.sql
|
||||
fi
|
||||
''}
|
||||
# TODO: this silently falls through if database.schema does not exist,
|
||||
# we should catch this somehow and exit, but can't do it here because we're in a subshell.
|
||||
if [ -f "${database.schema}" ]
|
||||
then
|
||||
cat ${database.schema}
|
||||
elif [ -d "${database.schema}" ]
|
||||
then
|
||||
cat ${database.schema}/mysql-databases/*.sql
|
||||
fi
|
||||
''}
|
||||
) | ${mysql}/bin/mysql -u root -N
|
||||
fi
|
||||
'') cfg.initialDatabases}
|
||||
|
||||
${optionalString (cfg.replication.role == "master")
|
||||
''
|
||||
# Set up the replication master
|
||||
|
||||
( echo "use mysql;"
|
||||
echo "CREATE USER '${cfg.replication.masterUser}'@'${cfg.replication.slaveHost}' IDENTIFIED WITH mysql_native_password;"
|
||||
echo "SET PASSWORD FOR '${cfg.replication.masterUser}'@'${cfg.replication.slaveHost}' = PASSWORD('${cfg.replication.masterPassword}');"
|
||||
echo "GRANT REPLICATION SLAVE ON *.* TO '${cfg.replication.masterUser}'@'${cfg.replication.slaveHost}';"
|
||||
) | ${mysql}/bin/mysql -u root -N
|
||||
''}
|
||||
|
||||
${optionalString (cfg.replication.role == "slave")
|
||||
''
|
||||
# Set up the replication slave
|
||||
|
||||
( echo "stop slave;"
|
||||
echo "change master to master_host='${cfg.replication.masterHost}', master_user='${cfg.replication.masterUser}', master_password='${cfg.replication.masterPassword}';"
|
||||
echo "start slave;"
|
||||
) | ${mysql}/bin/mysql -u root -N
|
||||
''}
|
||||
|
||||
${optionalString (cfg.initialScript != null)
|
||||
''
|
||||
# Execute initial script
|
||||
# using toString to avoid copying the file to nix store if given as path instead of string,
|
||||
# as it might contain credentials
|
||||
cat ${toString cfg.initialScript} | ${mysql}/bin/mysql -u root -N
|
||||
''}
|
||||
|
||||
rm /tmp/mysql_init
|
||||
fi
|
||||
|
||||
${optionalString (cfg.ensureDatabases != []) ''
|
||||
(
|
||||
${concatMapStrings (database: ''
|
||||
echo "CREATE DATABASE IF NOT EXISTS \`${database}\`;"
|
||||
'') cfg.ensureDatabases}
|
||||
) | ${mysql}/bin/mysql -u root -N
|
||||
fi
|
||||
'') cfg.initialDatabases;
|
||||
in
|
||||
''}
|
||||
|
||||
lib.optionalString (!hasNotify) cmdWatchForMysqlSocket + ''
|
||||
if [ -f /tmp/mysql_init ]
|
||||
then
|
||||
${cmdInitialDatabases}
|
||||
${optionalString (cfg.replication.role == "master")
|
||||
${concatMapStrings (user:
|
||||
''
|
||||
# Set up the replication master
|
||||
|
||||
( echo "use mysql;"
|
||||
echo "CREATE USER '${cfg.replication.masterUser}'@'${cfg.replication.slaveHost}' IDENTIFIED WITH mysql_native_password;"
|
||||
echo "SET PASSWORD FOR '${cfg.replication.masterUser}'@'${cfg.replication.slaveHost}' = PASSWORD('${cfg.replication.masterPassword}');"
|
||||
echo "GRANT REPLICATION SLAVE ON *.* TO '${cfg.replication.masterUser}'@'${cfg.replication.slaveHost}';"
|
||||
( echo "CREATE USER IF NOT EXISTS '${user.name}'@'localhost' IDENTIFIED WITH ${if isMariaDB then "unix_socket" else "auth_socket"};"
|
||||
${concatStringsSep "\n" (mapAttrsToList (database: permission: ''
|
||||
echo "GRANT ${permission} ON ${database} TO '${user.name}'@'localhost';"
|
||||
'') user.ensurePermissions)}
|
||||
) | ${mysql}/bin/mysql -u root -N
|
||||
''}
|
||||
|
||||
${optionalString (cfg.replication.role == "slave")
|
||||
''
|
||||
# Set up the replication slave
|
||||
|
||||
( echo "stop slave;"
|
||||
echo "change master to master_host='${cfg.replication.masterHost}', master_user='${cfg.replication.masterUser}', master_password='${cfg.replication.masterPassword}';"
|
||||
echo "start slave;"
|
||||
) | ${mysql}/bin/mysql -u root -N
|
||||
''}
|
||||
|
||||
${optionalString (cfg.initialScript != null)
|
||||
''
|
||||
# Execute initial script
|
||||
# using toString to avoid copying the file to nix store if given as path instead of string,
|
||||
# as it might contain credentials
|
||||
cat ${toString cfg.initialScript} | ${mysql}/bin/mysql -u root -N
|
||||
''}
|
||||
|
||||
${optionalString (cfg.rootPassword != null)
|
||||
''
|
||||
# Change root password
|
||||
|
||||
( echo "use mysql;"
|
||||
echo "update user set Password=password('$(cat ${cfg.rootPassword})') where User='root';"
|
||||
echo "flush privileges;"
|
||||
) | ${mysql}/bin/mysql -u root -N
|
||||
''}
|
||||
|
||||
rm /tmp/mysql_init
|
||||
fi
|
||||
|
||||
${optionalString (cfg.ensureDatabases != []) ''
|
||||
(
|
||||
${concatMapStrings (database: ''
|
||||
echo "CREATE DATABASE IF NOT EXISTS \`${database}\`;"
|
||||
'') cfg.ensureDatabases}
|
||||
) | ${mysql}/bin/mysql -u root -N
|
||||
''}
|
||||
|
||||
${concatMapStrings (user:
|
||||
''
|
||||
( echo "CREATE USER IF NOT EXISTS '${user.name}'@'localhost' IDENTIFIED WITH ${if isMariaDB then "unix_socket" else "auth_socket"};"
|
||||
${concatStringsSep "\n" (mapAttrsToList (database: permission: ''
|
||||
echo "GRANT ${permission} ON ${database} TO '${user.name}'@'localhost';"
|
||||
'') user.ensurePermissions)}
|
||||
) | ${mysql}/bin/mysql -u root -N
|
||||
'') cfg.ensureUsers}
|
||||
|
||||
''; # */
|
||||
'') cfg.ensureUsers}
|
||||
'';
|
||||
in
|
||||
# ensureDatbases & ensureUsers depends on this script being run as root
|
||||
# when the user has secured their mysql install
|
||||
"+${setupScript}";
|
||||
};
|
||||
};
|
||||
|
||||
};
|
||||
|
@ -33,8 +33,10 @@
|
||||
environment.systemPackages = [
|
||||
pkgs.deepin.dde-api
|
||||
pkgs.deepin.dde-calendar
|
||||
pkgs.deepin.dde-control-center
|
||||
pkgs.deepin.dde-daemon
|
||||
pkgs.deepin.dde-dock
|
||||
pkgs.deepin.dde-launcher
|
||||
pkgs.deepin.dde-file-manager
|
||||
pkgs.deepin.dde-session-ui
|
||||
pkgs.deepin.deepin-anything
|
||||
@ -45,8 +47,10 @@
|
||||
services.dbus.packages = [
|
||||
pkgs.deepin.dde-api
|
||||
pkgs.deepin.dde-calendar
|
||||
pkgs.deepin.dde-control-center
|
||||
pkgs.deepin.dde-daemon
|
||||
pkgs.deepin.dde-dock
|
||||
pkgs.deepin.dde-launcher
|
||||
pkgs.deepin.dde-file-manager
|
||||
pkgs.deepin.dde-session-ui
|
||||
pkgs.deepin.deepin-anything
|
||||
|
@ -134,6 +134,10 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d '${cfg.messageJournalDir}' - ${cfg.user} - - -"
|
||||
];
|
||||
|
||||
systemd.services.graylog = with pkgs; {
|
||||
description = "Graylog Server";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
@ -143,8 +147,6 @@ in
|
||||
};
|
||||
path = [ pkgs.jre_headless pkgs.which pkgs.procps ];
|
||||
preStart = ''
|
||||
mkdir -p /var/lib/graylog -m 755
|
||||
|
||||
rm -rf /var/lib/graylog/plugins || true
|
||||
mkdir -p /var/lib/graylog/plugins -m 755
|
||||
|
||||
@ -154,14 +156,10 @@ in
|
||||
for includedplugin in `ls ${cfg.package}/plugin/`; do
|
||||
ln -s ${cfg.package}/plugin/$includedplugin /var/lib/graylog/plugins/$includedplugin || true
|
||||
done
|
||||
chown -R ${cfg.user} /var/lib/graylog
|
||||
|
||||
mkdir -p ${cfg.messageJournalDir} -m 755
|
||||
chown -R ${cfg.user} ${cfg.messageJournalDir}
|
||||
'';
|
||||
serviceConfig = {
|
||||
User="${cfg.user}";
|
||||
PermissionsStartOnly=true;
|
||||
StateDirectory = "graylog";
|
||||
ExecStart = "${cfg.package}/bin/graylogctl run";
|
||||
};
|
||||
};
|
||||
|
@ -54,16 +54,18 @@ in
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d '${cfg.stateDir}' - nobody nogroup - -"
|
||||
];
|
||||
|
||||
systemd.services.heartbeat = with pkgs; {
|
||||
description = "heartbeat log shipper";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
preStart = ''
|
||||
mkdir -p "${cfg.stateDir}"/{data,logs}
|
||||
chown nobody:nogroup "${cfg.stateDir}"/{data,logs}
|
||||
'';
|
||||
serviceConfig = {
|
||||
User = "nobody";
|
||||
PermissionsStartOnly = true;
|
||||
AmbientCapabilities = "cap_net_raw";
|
||||
ExecStart = "${pkgs.heartbeat}/bin/heartbeat -c \"${heartbeatYml}\" -path.data \"${cfg.stateDir}/data\" -path.logs \"${cfg.stateDir}/logs\"";
|
||||
};
|
||||
|
@ -113,19 +113,14 @@ in {
|
||||
Group = cfg.group;
|
||||
RuntimeDirectory = optional (cfg.domainSocket == defaultSock) "dspam";
|
||||
RuntimeDirectoryMode = optional (cfg.domainSocket == defaultSock) "0750";
|
||||
PermissionsStartOnly = true;
|
||||
StateDirectory = "dspam";
|
||||
StateDirectoryMode = "0750";
|
||||
LogsDirectory = "dspam";
|
||||
LogsDirectoryMode = "0750";
|
||||
# DSPAM segfaults on just about every error
|
||||
Restart = "on-abort";
|
||||
RestartSec = "1s";
|
||||
};
|
||||
|
||||
preStart = ''
|
||||
mkdir -m750 -p /var/lib/dspam
|
||||
chown -R "${cfg.user}:${cfg.group}" /var/lib/dspam
|
||||
|
||||
mkdir -m750 -p /var/log/dspam
|
||||
chown -R "${cfg.user}:${cfg.group}" /var/log/dspam
|
||||
'';
|
||||
};
|
||||
}
|
||||
|
||||
|
@ -101,13 +101,16 @@ in {
|
||||
|
||||
environment.systemPackages = [ pkgs.opendkim ];
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d '${cfg.keyPath}' - ${cfg.user} ${cfg.group} - -"
|
||||
];
|
||||
|
||||
systemd.services.opendkim = {
|
||||
description = "OpenDKIM signing and verification daemon";
|
||||
after = [ "network.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
preStart = ''
|
||||
mkdir -p "${cfg.keyPath}"
|
||||
cd "${cfg.keyPath}"
|
||||
if ! test -f ${cfg.selector}.private; then
|
||||
${pkgs.opendkim}/bin/opendkim-genkey -s ${cfg.selector} -d all-domains-generic-key
|
||||
@ -116,7 +119,6 @@ in {
|
||||
cat ${cfg.selector}.txt
|
||||
echo "-------------------------------------------------------------"
|
||||
fi
|
||||
chown ${cfg.user}:${cfg.group} ${cfg.selector}.private
|
||||
'';
|
||||
|
||||
serviceConfig = {
|
||||
@ -124,7 +126,6 @@ in {
|
||||
User = cfg.user;
|
||||
Group = cfg.group;
|
||||
RuntimeDirectory = optional (cfg.socket == defaultSock) "opendkim";
|
||||
PermissionsStartOnly = true;
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -105,7 +105,7 @@ in
|
||||
extraConfig = ''
|
||||
location ~* \.php$ {
|
||||
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
||||
fastcgi_pass unix:/run/phpfpm/roundcube;
|
||||
fastcgi_pass unix:/run/phpfpm-roundcube/roundcube.sock;
|
||||
include ${pkgs.nginx}/conf/fastcgi_params;
|
||||
include ${pkgs.nginx}/conf/fastcgi.conf;
|
||||
}
|
||||
@ -119,24 +119,28 @@ in
|
||||
enable = true;
|
||||
};
|
||||
|
||||
services.phpfpm.poolConfigs.roundcube = ''
|
||||
listen = /run/phpfpm/roundcube
|
||||
listen.owner = nginx
|
||||
listen.group = nginx
|
||||
listen.mode = 0660
|
||||
user = nginx
|
||||
pm = dynamic
|
||||
pm.max_children = 75
|
||||
pm.start_servers = 2
|
||||
pm.min_spare_servers = 1
|
||||
pm.max_spare_servers = 20
|
||||
pm.max_requests = 500
|
||||
php_admin_value[error_log] = 'stderr'
|
||||
php_admin_flag[log_errors] = on
|
||||
php_admin_value[post_max_size] = 25M
|
||||
php_admin_value[upload_max_filesize] = 25M
|
||||
catch_workers_output = yes
|
||||
'';
|
||||
services.phpfpm.pools.roundcube = {
|
||||
socketName = "roundcube";
|
||||
phpPackage = pkgs.php;
|
||||
user = "${config.services.nginx.user}";
|
||||
group = "${config.services.nginx.group}";
|
||||
extraConfig = ''
|
||||
listen.owner = ${config.services.nginx.user}
|
||||
listen.group = ${config.services.nginx.group}
|
||||
listen.mode = 0600
|
||||
pm = dynamic
|
||||
pm.max_children = 75
|
||||
pm.start_servers = 2
|
||||
pm.min_spare_servers = 1
|
||||
pm.max_spare_servers = 20
|
||||
pm.max_requests = 500
|
||||
php_admin_value[error_log] = 'stderr'
|
||||
php_admin_flag[log_errors] = on
|
||||
php_admin_value[post_max_size] = 25M
|
||||
php_admin_value[upload_max_filesize] = 25M
|
||||
catch_workers_output = yes
|
||||
'';
|
||||
};
|
||||
systemd.services.phpfpm-roundcube.after = [ "roundcube-setup.service" ];
|
||||
|
||||
systemd.services.roundcube-setup = let
|
||||
|
@ -131,6 +131,8 @@ in {
|
||||
home = head cfg.logDirs;
|
||||
};
|
||||
|
||||
systemd.tmpfiles.rules = map (logDir: "d '${logDir} 0700 apache-kafka - - -") cfg.logDirs;
|
||||
|
||||
systemd.services.apache-kafka = {
|
||||
description = "Apache Kafka Daemon";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
@ -145,15 +147,8 @@ in {
|
||||
${serverConfig}
|
||||
'';
|
||||
User = "apache-kafka";
|
||||
PermissionsStartOnly = true;
|
||||
SuccessExitStatus = "0 143";
|
||||
};
|
||||
preStart = ''
|
||||
mkdir -m 0700 -p ${concatStringsSep " " cfg.logDirs}
|
||||
if [ "$(id -u)" = 0 ]; then
|
||||
chown apache-kafka ${concatStringsSep " " cfg.logDirs};
|
||||
fi
|
||||
'';
|
||||
};
|
||||
|
||||
};
|
||||
|
@ -19,16 +19,11 @@ in
|
||||
after = [ "network.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
preStart = ''
|
||||
mkdir -p /var/lib/couchpotato
|
||||
chown -R couchpotato:couchpotato /var/lib/couchpotato
|
||||
'';
|
||||
|
||||
serviceConfig = {
|
||||
Type = "simple";
|
||||
User = "couchpotato";
|
||||
Group = "couchpotato";
|
||||
PermissionsStartOnly = "true";
|
||||
StateDirectory = "couchpotato";
|
||||
ExecStart = "${pkgs.couchpotato}/bin/couchpotato";
|
||||
Restart = "on-failure";
|
||||
};
|
||||
|
@ -38,6 +38,7 @@ let
|
||||
HTTP_PORT = ${toString cfg.httpPort}
|
||||
ROOT_URL = ${cfg.rootUrl}
|
||||
STATIC_ROOT_PATH = ${cfg.staticRootPath}
|
||||
LFS_JWT_SECRET = #jwtsecret#
|
||||
|
||||
[session]
|
||||
COOKIE_NAME = session
|
||||
@ -326,21 +327,28 @@ in
|
||||
preStart = let
|
||||
runConfig = "${cfg.stateDir}/custom/conf/app.ini";
|
||||
secretKey = "${cfg.stateDir}/custom/conf/secret_key";
|
||||
jwtSecret = "${cfg.stateDir}/custom/conf/jwt_secret";
|
||||
in ''
|
||||
# copy custom configuration and generate a random secret key if needed
|
||||
${optionalString (cfg.useWizard == false) ''
|
||||
cp -f ${configFile} ${runConfig}
|
||||
|
||||
if [ ! -e ${secretKey} ]; then
|
||||
head -c 16 /dev/urandom | base64 > ${secretKey}
|
||||
${gitea.bin}/bin/gitea generate secret SECRET_KEY > ${secretKey}
|
||||
fi
|
||||
|
||||
KEY=$(head -n1 ${secretKey})
|
||||
DBPASS=$(head -n1 ${cfg.database.passwordFile})
|
||||
if [ ! -e ${jwtSecret} ]; then
|
||||
${gitea.bin}/bin/gitea generate secret LFS_JWT_SECRET > ${jwtSecret}
|
||||
fi
|
||||
|
||||
KEY="$(head -n1 ${secretKey})"
|
||||
DBPASS="$(head -n1 ${cfg.database.passwordFile})"
|
||||
JWTSECRET="$(head -n1 ${jwtSecret})"
|
||||
sed -e "s,#secretkey#,$KEY,g" \
|
||||
-e "s,#dbpass#,$DBPASS,g" \
|
||||
-e "s,#jwtsecet#,$JWTSECET,g" \
|
||||
-i ${runConfig}
|
||||
chmod 640 ${runConfig} ${secretKey}
|
||||
chmod 640 ${runConfig} ${secretKey} ${jwtSecret}
|
||||
''}
|
||||
|
||||
# update all hooks' binary paths
|
||||
|
@ -75,27 +75,24 @@ in
|
||||
|
||||
users.groups.gollum = { };
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d '${cfg.stateDir}' - ${config.users.users.gollum.name} ${config.users.groups.gollum.name} - -"
|
||||
];
|
||||
|
||||
systemd.services.gollum = {
|
||||
description = "Gollum wiki";
|
||||
after = [ "network.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
path = [ pkgs.git ];
|
||||
|
||||
preStart = let
|
||||
userName = config.users.users.gollum.name;
|
||||
groupName = config.users.groups.gollum.name;
|
||||
in ''
|
||||
# All of this is safe to be run on an existing repo
|
||||
mkdir -p ${cfg.stateDir}
|
||||
preStart = ''
|
||||
# This is safe to be run on an existing repo
|
||||
git init ${cfg.stateDir}
|
||||
chmod 755 ${cfg.stateDir}
|
||||
chown -R ${userName}:${groupName} ${cfg.stateDir}
|
||||
'';
|
||||
|
||||
serviceConfig = {
|
||||
User = config.users.users.gollum.name;
|
||||
Group = config.users.groups.gollum.name;
|
||||
PermissionsStartOnly = true;
|
||||
ExecStart = ''
|
||||
${pkgs.gollum}/bin/gollum \
|
||||
--port ${toString cfg.port} \
|
||||
|
@ -9,6 +9,13 @@ in
|
||||
options = {
|
||||
services.lidarr = {
|
||||
enable = mkEnableOption "Lidarr";
|
||||
|
||||
package = mkOption {
|
||||
type = types.package;
|
||||
default = pkgs.lidarr;
|
||||
defaultText = "pkgs.lidarr";
|
||||
description = "The Lidarr package to use";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
@ -22,7 +29,7 @@ in
|
||||
Type = "simple";
|
||||
User = "lidarr";
|
||||
Group = "lidarr";
|
||||
ExecStart = "${pkgs.lidarr}/bin/Lidarr";
|
||||
ExecStart = "${cfg.package}/bin/Lidarr";
|
||||
Restart = "on-failure";
|
||||
|
||||
StateDirectory = "lidarr";
|
||||
|
@ -272,10 +272,12 @@ in
|
||||
|
||||
binaryCaches = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [ https://cache.nixos.org/ ];
|
||||
description = ''
|
||||
List of binary cache URLs used to obtain pre-built binaries
|
||||
of Nix packages.
|
||||
|
||||
By default https://cache.nixos.org/ is added,
|
||||
to override it use <literal>lib.mkForce []</literal>.
|
||||
'';
|
||||
};
|
||||
|
||||
@ -386,6 +388,7 @@ in
|
||||
config = {
|
||||
|
||||
nix.binaryCachePublicKeys = [ "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" ];
|
||||
nix.binaryCaches = [ "https://cache.nixos.org/" ];
|
||||
|
||||
environment.etc."nix/nix.conf".source = nixConf;
|
||||
|
||||
|
@ -97,6 +97,10 @@ in
|
||||
gid = config.ids.gids.octoprint;
|
||||
});
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d '${cfg.stateDir}' - ${cfg.user} ${cfg.group} - -"
|
||||
];
|
||||
|
||||
systemd.services.octoprint = {
|
||||
description = "OctoPrint, web interface for 3D printers";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
@ -105,7 +109,6 @@ in
|
||||
environment.PYTHONPATH = makeSearchPathOutput "lib" pkgs.python.sitePackages [ pluginsEnv ];
|
||||
|
||||
preStart = ''
|
||||
mkdir -p "${cfg.stateDir}"
|
||||
if [ -e "${cfg.stateDir}/config.yaml" ]; then
|
||||
${pkgs.yaml-merge}/bin/yaml-merge "${cfg.stateDir}/config.yaml" "${cfgUpdate}" > "${cfg.stateDir}/config.yaml.tmp"
|
||||
mv "${cfg.stateDir}/config.yaml.tmp" "${cfg.stateDir}/config.yaml"
|
||||
@ -113,14 +116,12 @@ in
|
||||
cp "${cfgUpdate}" "${cfg.stateDir}/config.yaml"
|
||||
chmod 600 "${cfg.stateDir}/config.yaml"
|
||||
fi
|
||||
chown -R ${cfg.user}:${cfg.group} "${cfg.stateDir}"
|
||||
'';
|
||||
|
||||
serviceConfig = {
|
||||
ExecStart = "${pkgs.octoprint}/bin/octoprint serve -b ${cfg.stateDir}";
|
||||
User = cfg.user;
|
||||
Group = cfg.group;
|
||||
PermissionsStartOnly = true;
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -19,7 +19,7 @@ let
|
||||
|
||||
useCustomDir = cfg.storageDir != null;
|
||||
|
||||
socket = "/run/phpfpm/${dirName}.sock";
|
||||
socket = "/run/phpfpm-zoneminder/zoneminder.sock";
|
||||
|
||||
zms = "/cgi-bin/zms";
|
||||
|
||||
@ -50,7 +50,7 @@ let
|
||||
ZM_DB_TYPE=mysql
|
||||
ZM_DB_HOST=${cfg.database.host}
|
||||
ZM_DB_NAME=${cfg.database.name}
|
||||
ZM_DB_USER=${if cfg.database.createLocally then user else cfg.database.username}
|
||||
ZM_DB_USER=${cfg.database.username}
|
||||
ZM_DB_PASS=${cfg.database.password}
|
||||
|
||||
# Web
|
||||
@ -155,6 +155,7 @@ in {
|
||||
default = "zmpass";
|
||||
description = ''
|
||||
Username for accessing the database.
|
||||
Not used if <literal>createLocally</literal> is set.
|
||||
'';
|
||||
};
|
||||
};
|
||||
@ -189,6 +190,12 @@ in {
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
|
||||
assertions = [
|
||||
{ assertion = cfg.database.createLocally -> cfg.database.username == user;
|
||||
message = "services.zoneminder.database.username must be set to ${user} if services.zoneminder.database.createLocally is set true";
|
||||
}
|
||||
];
|
||||
|
||||
environment.etc = {
|
||||
"zoneminder/60-defaults.conf".source = defaultsFile;
|
||||
"zoneminder/80-nixos.conf".source = configFile;
|
||||
@ -204,10 +211,9 @@ in {
|
||||
};
|
||||
|
||||
mysql = lib.mkIf cfg.database.createLocally {
|
||||
enable = true;
|
||||
package = lib.mkDefault pkgs.mariadb;
|
||||
ensureDatabases = [ cfg.database.name ];
|
||||
initialDatabases = [{
|
||||
inherit (cfg.database) name; schema = "${pkg}/share/zoneminder/db/zm_create.sql";
|
||||
}];
|
||||
ensureUsers = [{
|
||||
name = cfg.database.username;
|
||||
ensurePermissions = { "${cfg.database.name}.*" = "ALL PRIVILEGES"; };
|
||||
@ -278,7 +284,10 @@ in {
|
||||
|
||||
phpfpm = lib.mkIf useNginx {
|
||||
pools.zoneminder = {
|
||||
listen = socket;
|
||||
socketName = "zoneminder";
|
||||
phpPackage = pkgs.php;
|
||||
user = "${user}";
|
||||
group = "${group}";
|
||||
phpOptions = ''
|
||||
date.timezone = "${config.time.timeZone}"
|
||||
|
||||
@ -286,9 +295,6 @@ in {
|
||||
"extension=${e.pkg}/lib/php/extensions/${e.name}.so") phpExtensions)}
|
||||
'';
|
||||
extraConfig = ''
|
||||
user = ${user}
|
||||
group = ${group}
|
||||
|
||||
listen.owner = ${user}
|
||||
listen.group = ${group}
|
||||
listen.mode = 0660
|
||||
@ -315,11 +321,16 @@ in {
|
||||
procps
|
||||
psmisc
|
||||
];
|
||||
after = [ "mysql.service" "nginx.service" ];
|
||||
after = [ "nginx.service" ] ++ lib.optional cfg.database.createLocally "mysql.service";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
restartTriggers = [ defaultsFile configFile ];
|
||||
preStart = lib.mkIf useCustomDir ''
|
||||
preStart = lib.optionalString useCustomDir ''
|
||||
install -dm775 -o ${user} -g ${group} ${cfg.storageDir}/{${lib.concatStringsSep "," libDirs}}
|
||||
'' + lib.optionalString cfg.database.createLocally ''
|
||||
if ! test -e "/var/lib/${dirName}/db-created"; then
|
||||
${config.services.mysql.package}/bin/mysql < ${pkg}/share/zoneminder/db/zm_create.sql
|
||||
touch "/var/lib/${dirName}/db-created"
|
||||
fi
|
||||
'';
|
||||
serviceConfig = {
|
||||
User = user;
|
||||
|
@ -83,6 +83,10 @@ in
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
systemd.tmpfiles.rules = [
|
||||
"d '${cfg.logDir}' - alerta alerta - -"
|
||||
];
|
||||
|
||||
systemd.services.alerta = {
|
||||
description = "Alerta Monitoring System";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
@ -94,12 +98,7 @@ in
|
||||
ExecStart = "${pkgs.python36Packages.alerta-server}/bin/alertad run --port ${toString cfg.port} --host ${cfg.bind}";
|
||||
User = "alerta";
|
||||
Group = "alerta";
|
||||
PermissionsStartOnly = true;
|
||||
};
|
||||
preStart = ''
|
||||
mkdir -p ${cfg.logDir}
|
||||
chown alerta:alerta ${cfg.logDir}
|
||||
'';
|
||||
};
|
||||
|
||||
environment.systemPackages = [ pkgs.python36Packages.alerta ];
|
||||
|
@ -163,6 +163,10 @@ in
|
||||
config = mkIf cfg.enable {
|
||||
environment.systemPackages = [ pkgs.kapacitor ];
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d '${cfg.dataDir}' - ${cfg.user} ${cfg.group} - -"
|
||||
];
|
||||
|
||||
systemd.services.kapacitor = {
|
||||
description = "Kapacitor Real-Time Stream Processing Engine";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
@ -171,12 +175,7 @@ in
|
||||
ExecStart = "${pkgs.kapacitor}/bin/kapacitord -config ${kapacitorConf}";
|
||||
User = "kapacitor";
|
||||
Group = "kapacitor";
|
||||
PermissionsStartOnly = true;
|
||||
};
|
||||
preStart = ''
|
||||
mkdir -p ${cfg.dataDir}
|
||||
chown ${cfg.user}:${cfg.group} ${cfg.dataDir}
|
||||
'';
|
||||
};
|
||||
|
||||
users.users.kapacitor = {
|
||||
|
@ -143,7 +143,6 @@ in {
|
||||
User = cfg.user;
|
||||
Group = cfg.group;
|
||||
Environment="PYTHONPATH=${pkgs.netdata}/libexec/netdata/python.d/python_modules";
|
||||
PermissionsStartOnly = true;
|
||||
ExecStart = "${pkgs.netdata}/bin/netdata -D -c ${configFile}";
|
||||
TimeoutStopSec = 60;
|
||||
};
|
||||
|
@ -59,18 +59,20 @@ in {
|
||||
group = "riemanndash";
|
||||
};
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d '${cfg.dataDir}' - riemanndash riemanndash - -"
|
||||
];
|
||||
|
||||
systemd.services.riemann-dash = {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
wants = [ "riemann.service" ];
|
||||
after = [ "riemann.service" ];
|
||||
preStart = ''
|
||||
mkdir -p ${cfg.dataDir}/config
|
||||
chown -R riemanndash:riemanndash ${cfg.dataDir}
|
||||
mkdir -p '${cfg.dataDir}/config'
|
||||
'';
|
||||
serviceConfig = {
|
||||
User = "riemanndash";
|
||||
ExecStart = "${launcher}/bin/riemann-dash";
|
||||
PermissionsStartOnly = true;
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -54,7 +54,6 @@ in {
|
||||
serviceConfig = {
|
||||
User = "riemanntools";
|
||||
ExecStart = "${healthLauncher}/bin/riemann-health";
|
||||
PermissionsStartOnly = true;
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -116,7 +116,6 @@ in {
|
||||
path = [ pkgs.coreutils pkgs.iproute ];
|
||||
|
||||
serviceConfig = {
|
||||
PermissionsStartOnly = true;
|
||||
User = cfg.user;
|
||||
Group = cfg.group;
|
||||
ExecStart = "${cfg.package.bin}/bin/scollector -conf=${conf} ${lib.concatStringsSep " " cfg.extraOpts}";
|
||||
|
@ -102,22 +102,19 @@ in
|
||||
|
||||
users.groups.aria2.gid = config.ids.gids.aria2;
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d '${homeDir}' 0770 aria2 aria2 - -"
|
||||
"d '${config.services.aria2.downloadDir}' 0770 aria2 aria2 - -"
|
||||
];
|
||||
|
||||
systemd.services.aria2 = {
|
||||
description = "aria2 Service";
|
||||
after = [ "local-fs.target" "network.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
preStart = ''
|
||||
mkdir -m 0770 -p "${homeDir}"
|
||||
chown aria2:aria2 "${homeDir}"
|
||||
if [[ ! -d "${config.services.aria2.downloadDir}" ]]
|
||||
then
|
||||
mkdir -m 0770 -p "${config.services.aria2.downloadDir}"
|
||||
chown aria2:aria2 "${config.services.aria2.downloadDir}"
|
||||
fi
|
||||
if [[ ! -e "${sessionFile}" ]]
|
||||
then
|
||||
touch "${sessionFile}"
|
||||
chown aria2:aria2 "${sessionFile}"
|
||||
fi
|
||||
cp -f "${settingsFile}" "${settingsDir}/aria2.conf"
|
||||
'';
|
||||
@ -128,7 +125,6 @@ in
|
||||
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
|
||||
User = "aria2";
|
||||
Group = "aria2";
|
||||
PermissionsStartOnly = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
@ -99,7 +99,6 @@ in
|
||||
|
||||
serviceConfig = {
|
||||
User = "${s.user}";
|
||||
PermissionsStartOnly = true;
|
||||
# AutoSSH may exit with 0 code if the SSH session was
|
||||
# gracefully terminated by either local or remote side.
|
||||
Restart = "on-success";
|
||||
|
@ -83,6 +83,10 @@ in
|
||||
gid = config.ids.gids.ircd;
|
||||
};
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d ${cfg.statedir} - ${cfg.user} ${cfg.group} - -"
|
||||
];
|
||||
|
||||
systemd.services.charybdis = {
|
||||
description = "Charybdis IRC daemon";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
@ -93,12 +97,7 @@ in
|
||||
ExecStart = "${charybdis}/bin/charybdis -foreground -logfile /dev/stdout -configfile ${configFile}";
|
||||
Group = cfg.group;
|
||||
User = cfg.user;
|
||||
PermissionsStartOnly = true; # preStart needs to run with root permissions
|
||||
};
|
||||
preStart = ''
|
||||
${coreutils}/bin/mkdir -p ${cfg.statedir}
|
||||
${coreutils}/bin/chown ${cfg.user}:${cfg.group} ${cfg.statedir}
|
||||
'';
|
||||
};
|
||||
|
||||
}
|
||||
|
@ -30,10 +30,11 @@ let
|
||||
ctrl_interface=/run/hostapd
|
||||
ctrl_interface_group=${cfg.group}
|
||||
|
||||
${if cfg.wpa then ''
|
||||
${optionalString cfg.wpa ''
|
||||
wpa=2
|
||||
wpa_passphrase=${cfg.wpaPassphrase}
|
||||
'' else ""}
|
||||
''}
|
||||
${optionalString cfg.noScan "noscan=1"}
|
||||
|
||||
${cfg.extraConfig}
|
||||
'' ;
|
||||
@ -69,6 +70,14 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
noScan = mkOption {
|
||||
default = false;
|
||||
description = ''
|
||||
Do not scan for overlapping BSSs in HT40+/- mode.
|
||||
Caution: turning this on will violate regulatory requirements!
|
||||
'';
|
||||
};
|
||||
|
||||
driver = mkOption {
|
||||
default = "nl80211";
|
||||
example = "hostapd";
|
||||
@ -162,6 +171,7 @@ in
|
||||
after = [ "sys-subsystem-net-devices-${escapedInterface}.device" ];
|
||||
bindsTo = [ "sys-subsystem-net-devices-${escapedInterface}.device" ];
|
||||
requiredBy = [ "network-link-${cfg.interface}.service" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
serviceConfig =
|
||||
{ ExecStart = "${pkgs.hostapd}/bin/hostapd ${configFile}";
|
||||
|
@ -98,16 +98,10 @@ in
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "network.target" "local-fs.target" ];
|
||||
|
||||
preStart =
|
||||
''
|
||||
mkdir -p /var/cache/minidlna
|
||||
chown -R minidlna:minidlna /var/cache/minidlna
|
||||
'';
|
||||
|
||||
serviceConfig =
|
||||
{ User = "minidlna";
|
||||
Group = "minidlna";
|
||||
PermissionsStartOnly = true;
|
||||
CacheDirectory = "minidlna";
|
||||
RuntimeDirectory = "minidlna";
|
||||
PIDFile = "/run/minidlna/pid";
|
||||
ExecStart =
|
||||
|
@ -104,6 +104,10 @@ in
|
||||
gid = config.ids.gids.quassel;
|
||||
}];
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d '${cfg.dataDir}' - ${user} - - -"
|
||||
];
|
||||
|
||||
systemd.services.quassel =
|
||||
{ description = "Quassel IRC client daemon";
|
||||
|
||||
@ -111,11 +115,6 @@ in
|
||||
after = [ "network.target" ] ++ optional config.services.postgresql.enable "postgresql.service"
|
||||
++ optional config.services.mysql.enable "mysql.service";
|
||||
|
||||
preStart = ''
|
||||
mkdir -p ${cfg.dataDir}
|
||||
chown ${user} ${cfg.dataDir}
|
||||
'';
|
||||
|
||||
serviceConfig =
|
||||
{
|
||||
ExecStart = concatStringsSep " " ([
|
||||
@ -126,7 +125,6 @@ in
|
||||
] ++ optional cfg.requireSSL "--require-ssl"
|
||||
++ optional (cfg.certificateFile != null) "--ssl-cert=${cfg.certificateFile}");
|
||||
User = user;
|
||||
PermissionsStartOnly = true;
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -159,11 +159,10 @@ in
|
||||
serviceConfig = {
|
||||
Type="forking";
|
||||
PIDFile="/run/squid.pid";
|
||||
PermissionsStartOnly = true;
|
||||
ExecStart = "${pkgs.squid}/bin/squid -YCs -f ${squidConfig}";
|
||||
};
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
}
|
||||
}
|
||||
|
@ -111,16 +111,15 @@ in
|
||||
gid = config.ids.gids.teamspeak;
|
||||
};
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d '${cfg.logPath}' - ${user} ${group} - -"
|
||||
];
|
||||
|
||||
systemd.services.teamspeak3-server = {
|
||||
description = "Teamspeak3 voice communication server daemon";
|
||||
after = [ "network.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
preStart = ''
|
||||
mkdir -p ${cfg.logPath}
|
||||
chown ${user}:${group} ${cfg.logPath}
|
||||
'';
|
||||
|
||||
serviceConfig = {
|
||||
ExecStart = ''
|
||||
${ts3}/bin/ts3server \
|
||||
@ -135,7 +134,6 @@ in
|
||||
WorkingDirectory = cfg.dataDir;
|
||||
User = user;
|
||||
Group = group;
|
||||
PermissionsStartOnly = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
@ -146,6 +146,11 @@ in
|
||||
where = where;
|
||||
}) mountPoints;
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"e '${stateDir}' 0700 unifi - - -"
|
||||
"e '${stateDir}/data' 0700 unifi - - -"
|
||||
];
|
||||
|
||||
systemd.services.unifi = {
|
||||
description = "UniFi controller daemon";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
@ -157,14 +162,9 @@ in
|
||||
environment.LD_LIBRARY_PATH = with pkgs.stdenv; "${cc.cc.lib}/lib";
|
||||
|
||||
preStart = ''
|
||||
# Ensure privacy of state and data.
|
||||
chown unifi "${stateDir}" "${stateDir}/data"
|
||||
chmod 0700 "${stateDir}" "${stateDir}/data"
|
||||
|
||||
# Create the volatile webapps
|
||||
rm -rf "${stateDir}/webapps"
|
||||
mkdir -p "${stateDir}/webapps"
|
||||
chown unifi "${stateDir}/webapps"
|
||||
ln -s "${cfg.unifiPackage}/webapps/ROOT" "${stateDir}/webapps/ROOT"
|
||||
'';
|
||||
|
||||
@ -177,7 +177,6 @@ in
|
||||
ExecStart = "${(removeSuffix "\n" cmd)} start";
|
||||
ExecStop = "${(removeSuffix "\n" cmd)} stop";
|
||||
User = "unifi";
|
||||
PermissionsStartOnly = true;
|
||||
UMask = "0077";
|
||||
WorkingDirectory = "${stateDir}";
|
||||
};
|
||||
|
@ -86,20 +86,17 @@ in with lib; {
|
||||
'';
|
||||
};
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d '${cfg.dataDir}' 750 zeronet zeronet - -"
|
||||
"d '${cfg.logDir}' 750 zeronet zeronet - -"
|
||||
];
|
||||
|
||||
systemd.services.zeronet = {
|
||||
description = "zeronet";
|
||||
after = [ "network.target" (optionalString cfg.tor "tor.service") ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
preStart = ''
|
||||
# Ensure folder exists or create it and permissions are correct
|
||||
mkdir -p ${escapeShellArg cfg.dataDir} ${escapeShellArg cfg.logDir}
|
||||
chmod 750 ${escapeShellArg cfg.dataDir} ${escapeShellArg cfg.logDir}
|
||||
chown zeronet:zeronet ${escapeShellArg cfg.dataDir} ${escapeShellArg cfg.logDir}
|
||||
'';
|
||||
|
||||
serviceConfig = {
|
||||
PermissionsStartOnly = true;
|
||||
PrivateTmp = "yes";
|
||||
User = "zeronet";
|
||||
Group = "zeronet";
|
||||
|
@ -149,6 +149,17 @@ in
|
||||
|
||||
users.groups."${cfg.group}" = {};
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d '${cfg.home}' - ${cfg.user} - - -"
|
||||
"d /run/confluence - - - - -"
|
||||
|
||||
"L+ /run/confluence/home - - - - ${cfg.home}"
|
||||
"L+ /run/confluence/logs - - - - ${cfg.home}/logs"
|
||||
"L+ /run/confluence/temp - - - - ${cfg.home}/temp"
|
||||
"L+ /run/confluence/work - - - - ${cfg.home}/work"
|
||||
"L+ /run/confluence/server.xml - - - - ${cfg.home}/server.xml"
|
||||
];
|
||||
|
||||
systemd.services.confluence = {
|
||||
description = "Atlassian Confluence";
|
||||
|
||||
@ -167,12 +178,6 @@ in
|
||||
preStart = ''
|
||||
mkdir -p ${cfg.home}/{logs,work,temp,deploy}
|
||||
|
||||
mkdir -p /run/confluence
|
||||
ln -sf ${cfg.home}/{logs,work,temp,server.xml} /run/confluence
|
||||
ln -sf ${cfg.home} /run/confluence/home
|
||||
|
||||
chown ${cfg.user} ${cfg.home}
|
||||
|
||||
sed -e 's,port="8090",port="${toString cfg.listenPort}" address="${cfg.listenAddress}",' \
|
||||
'' + (lib.optionalString cfg.proxy.enable ''
|
||||
-e 's,protocol="org.apache.coyote.http11.Http11NioProtocol",protocol="org.apache.coyote.http11.Http11NioProtocol" proxyName="${cfg.proxy.name}" proxyPort="${toString cfg.proxy.port}" scheme="${cfg.proxy.scheme}",' \
|
||||
@ -184,7 +189,6 @@ in
|
||||
User = cfg.user;
|
||||
Group = cfg.group;
|
||||
PrivateTmp = true;
|
||||
PermissionsStartOnly = true;
|
||||
ExecStart = "${pkg}/bin/start-confluence.sh -fg";
|
||||
ExecStop = "${pkg}/bin/stop-confluence.sh";
|
||||
};
|
||||
|
@ -117,6 +117,16 @@ in
|
||||
|
||||
users.groups."${cfg.group}" = {};
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d '${cfg.home}' - ${cfg.user} ${cfg.group} - -"
|
||||
"d /run/atlassian-crowd - - - - -"
|
||||
|
||||
"L+ /run/atlassian-crowd/database - - - - ${cfg.home}/database"
|
||||
"L+ /run/atlassian-crowd/logs - - - - ${cfg.home}/logs"
|
||||
"L+ /run/atlassian-crowd/work - - - - ${cfg.home}/work"
|
||||
"L+ /run/atlassian-crowd/server.xml - - - - ${cfg.home}/server.xml"
|
||||
];
|
||||
|
||||
systemd.services.atlassian-crowd = {
|
||||
description = "Atlassian Crowd";
|
||||
|
||||
@ -136,12 +146,6 @@ in
|
||||
rm -rf ${cfg.home}/work
|
||||
mkdir -p ${cfg.home}/{logs,database,work}
|
||||
|
||||
mkdir -p /run/atlassian-crowd
|
||||
ln -sf ${cfg.home}/{database,logs,work,server.xml} /run/atlassian-crowd
|
||||
|
||||
chown ${cfg.user}:${cfg.group} ${cfg.home}
|
||||
chown ${cfg.user}:${cfg.group} ${cfg.home}/{logs,database,work}
|
||||
|
||||
sed -e 's,port="8095",port="${toString cfg.listenPort}" address="${cfg.listenAddress}",' \
|
||||
'' + (lib.optionalString cfg.proxy.enable ''
|
||||
-e 's,compression="on",compression="off" protocol="HTTP/1.1" proxyName="${cfg.proxy.name}" proxyPort="${toString cfg.proxy.port}" scheme="${cfg.proxy.scheme}" secure="${boolToString cfg.proxy.secure}",' \
|
||||
@ -153,7 +157,6 @@ in
|
||||
User = cfg.user;
|
||||
Group = cfg.group;
|
||||
PrivateTmp = true;
|
||||
PermissionsStartOnly = true;
|
||||
ExecStart = "${pkg}/start_crowd.sh -fg";
|
||||
};
|
||||
};
|
||||
|
@ -155,6 +155,17 @@ in
|
||||
|
||||
users.groups."${cfg.group}" = {};
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d '${cfg.home}' - ${cfg.user} - - -"
|
||||
"d /run/atlassian-jira - - - - -"
|
||||
|
||||
"L+ /run/atlassian-jira/home - - - - ${cfg.home}"
|
||||
"L+ /run/atlassian-jira/logs - - - - ${cfg.home}/logs"
|
||||
"L+ /run/atlassian-jira/work - - - - ${cfg.home}/work"
|
||||
"L+ /run/atlassian-jira/temp - - - - ${cfg.home}/temp"
|
||||
"L+ /run/atlassian-jira/server.xml - - - - ${cfg.home}/server.xml"
|
||||
];
|
||||
|
||||
systemd.services.atlassian-jira = {
|
||||
description = "Atlassian JIRA";
|
||||
|
||||
@ -174,12 +185,6 @@ in
|
||||
preStart = ''
|
||||
mkdir -p ${cfg.home}/{logs,work,temp,deploy}
|
||||
|
||||
mkdir -p /run/atlassian-jira
|
||||
ln -sf ${cfg.home}/{logs,work,temp,server.xml} /run/atlassian-jira
|
||||
ln -sf ${cfg.home} /run/atlassian-jira/home
|
||||
|
||||
chown ${cfg.user} ${cfg.home}
|
||||
|
||||
sed -e 's,port="8080",port="${toString cfg.listenPort}" address="${cfg.listenAddress}",' \
|
||||
'' + (lib.optionalString cfg.proxy.enable ''
|
||||
-e 's,protocol="HTTP/1.1",protocol="HTTP/1.1" proxyName="${cfg.proxy.name}" proxyPort="${toString cfg.proxy.port}" scheme="${cfg.proxy.scheme}" secure="${toString cfg.proxy.secure}",' \
|
||||
@ -191,7 +196,6 @@ in
|
||||
User = cfg.user;
|
||||
Group = cfg.group;
|
||||
PrivateTmp = true;
|
||||
PermissionsStartOnly = true;
|
||||
ExecStart = "${pkg}/bin/start-jira.sh -fg";
|
||||
ExecStop = "${pkg}/bin/stop-jira.sh";
|
||||
};
|
||||
|
@ -182,16 +182,16 @@ in
|
||||
|
||||
users.groups = [ { name = cfg.group; } ];
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d '${cfg.statePath}/system/attachments' - ${cfg.user} ${cfg.group} - -"
|
||||
];
|
||||
|
||||
systemd.services.frab = {
|
||||
after = [ "network.target" "gitlab.service" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
environment = frabEnv;
|
||||
|
||||
preStart = ''
|
||||
mkdir -p ${cfg.statePath}/system/attachments
|
||||
chown ${cfg.user}:${cfg.group} -R ${cfg.statePath}
|
||||
|
||||
mkdir /run/frab -p
|
||||
ln -sf ${pkgs.writeText "frab-database.yml" databaseConfig} /run/frab/database.yml
|
||||
ln -sf ${cfg.statePath}/system /run/frab/system
|
||||
|
||||
@ -204,7 +204,6 @@ in
|
||||
'';
|
||||
|
||||
serviceConfig = {
|
||||
PermissionsStartOnly = true;
|
||||
PrivateTmp = true;
|
||||
PrivateDevices = true;
|
||||
Type = "simple";
|
||||
@ -213,6 +212,7 @@ in
|
||||
TimeoutSec = "300s";
|
||||
Restart = "on-failure";
|
||||
RestartSec = "10s";
|
||||
RuntimeDirectory = "frab";
|
||||
WorkingDirectory = "${package}/share/frab";
|
||||
ExecStart = "${frab-rake}/bin/frab-bundle exec rails server " +
|
||||
"--binding=${cfg.listenAddress} --port=${toString cfg.listenPort}";
|
||||
|
@ -1,7 +1,6 @@
|
||||
{ config, lib, pkgs, ... }: with lib; let
|
||||
cfg = config.services.icingaweb2;
|
||||
poolName = "icingaweb2";
|
||||
phpfpmSocketName = "/var/run/phpfpm/${poolName}.sock";
|
||||
|
||||
defaultConfig = {
|
||||
global = {
|
||||
@ -162,19 +161,23 @@ in {
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
services.phpfpm.poolConfigs = mkIf (cfg.pool == "${poolName}") {
|
||||
"${poolName}" = ''
|
||||
listen = "${phpfpmSocketName}"
|
||||
listen.owner = nginx
|
||||
listen.group = nginx
|
||||
listen.mode = 0600
|
||||
user = icingaweb2
|
||||
pm = dynamic
|
||||
pm.max_children = 75
|
||||
pm.start_servers = 2
|
||||
pm.min_spare_servers = 2
|
||||
pm.max_spare_servers = 10
|
||||
'';
|
||||
services.phpfpm.pools = mkIf (cfg.pool == "${poolName}") {
|
||||
"${poolName}" = {
|
||||
socketName = "${poolName}";
|
||||
phpPackage = pkgs.php;
|
||||
user = "icingaweb2";
|
||||
group = "icingaweb2";
|
||||
extraConfig = ''
|
||||
listen.owner = ${config.services.nginx.user}
|
||||
listen.group = ${config.services.nginx.group}
|
||||
listen.mode = 0600
|
||||
pm = dynamic
|
||||
pm.max_children = 75
|
||||
pm.start_servers = 2
|
||||
pm.min_spare_servers = 2
|
||||
pm.max_spare_servers = 10
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
services.phpfpm.phpOptions = mkIf (cfg.pool == "${poolName}")
|
||||
@ -206,7 +209,7 @@ in {
|
||||
include ${config.services.nginx.package}/conf/fastcgi.conf;
|
||||
try_files $uri =404;
|
||||
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
||||
fastcgi_pass unix:${phpfpmSocketName};
|
||||
fastcgi_pass unix:/run/phpfpm-${poolName}/${poolName}.sock;
|
||||
fastcgi_param SCRIPT_FILENAME ${pkgs.icingaweb2}/public/index.php;
|
||||
'';
|
||||
};
|
||||
@ -239,5 +242,8 @@ in {
|
||||
group = "icingaweb2";
|
||||
isSystemUser = true;
|
||||
};
|
||||
users.users.nginx = {
|
||||
extraGroups = [ "icingaweb2" ];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
@ -202,13 +202,13 @@ in
|
||||
};
|
||||
|
||||
services.phpfpm.pools.limesurvey = {
|
||||
socketName = "limesurvey";
|
||||
phpPackage = php;
|
||||
listen = "/run/phpfpm/limesurvey.sock";
|
||||
user = "${user}";
|
||||
group = "${group}";
|
||||
extraConfig = ''
|
||||
listen.owner = ${config.services.httpd.user};
|
||||
listen.group = ${config.services.httpd.group};
|
||||
user = ${user};
|
||||
group = ${group};
|
||||
|
||||
env[LIMESURVEY_CONFIG] = ${limesurveyConfig}
|
||||
|
||||
@ -241,7 +241,7 @@ in
|
||||
<Directory "${pkg}/share/limesurvey">
|
||||
<FilesMatch "\.php$">
|
||||
<If "-f %{REQUEST_FILENAME}">
|
||||
SetHandler "proxy:unix:/run/phpfpm/limesurvey.sock|fcgi://localhost/"
|
||||
SetHandler "proxy:unix:/run/phpfpm-limesurvey/limesurvey.sock|fcgi://localhost/"
|
||||
</If>
|
||||
</FilesMatch>
|
||||
|
||||
|
@ -4,13 +4,14 @@ let
|
||||
cfg = config.services.matomo;
|
||||
|
||||
user = "matomo";
|
||||
group = "matomo";
|
||||
dataDir = "/var/lib/${user}";
|
||||
deprecatedDataDir = "/var/lib/piwik";
|
||||
|
||||
pool = user;
|
||||
# it's not possible to use /run/phpfpm/${pool}.sock because /run/phpfpm/ is root:root 0770,
|
||||
# it's not possible to use /run/phpfpm-${pool}/${pool}.sock because /run/phpfpm/ is root:root 0770,
|
||||
# and therefore is not accessible by the web server.
|
||||
phpSocket = "/run/phpfpm-${pool}.sock";
|
||||
phpSocket = "/run/phpfpm-${pool}/${pool}.sock";
|
||||
phpExecutionUnit = "phpfpm-${pool}";
|
||||
databaseService = "mysql.service";
|
||||
|
||||
@ -137,9 +138,12 @@ in {
|
||||
isSystemUser = true;
|
||||
createHome = true;
|
||||
home = dataDir;
|
||||
group = user;
|
||||
group = "${group}";
|
||||
};
|
||||
users.groups.${user} = {};
|
||||
users.users.${config.services.nginx.user} = {
|
||||
extraGroups = [ "${group}" ];
|
||||
};
|
||||
users.groups.${group} = {};
|
||||
|
||||
systemd.services.matomo-setup-update = {
|
||||
# everything needs to set up and up to date before Matomo php files are executed
|
||||
@ -169,7 +173,7 @@ in {
|
||||
echo "Migrating from ${deprecatedDataDir} to ${dataDir}"
|
||||
mv -T ${deprecatedDataDir} ${dataDir}
|
||||
fi
|
||||
chown -R ${user}:${user} ${dataDir}
|
||||
chown -R ${user}:${group} ${dataDir}
|
||||
chmod -R ug+rwX,o-rwx ${dataDir}
|
||||
'';
|
||||
script = ''
|
||||
@ -225,22 +229,26 @@ in {
|
||||
serviceConfig.UMask = "0007";
|
||||
};
|
||||
|
||||
services.phpfpm.poolConfigs = let
|
||||
services.phpfpm.pools = let
|
||||
# workaround for when both are null and need to generate a string,
|
||||
# which is illegal, but as assertions apparently are being triggered *after* config generation,
|
||||
# we have to avoid already throwing errors at this previous stage.
|
||||
socketOwner = if (cfg.nginx != null) then config.services.nginx.user
|
||||
else if (cfg.webServerUser != null) then cfg.webServerUser else "";
|
||||
in {
|
||||
${pool} = ''
|
||||
listen = "${phpSocket}"
|
||||
listen.owner = ${socketOwner}
|
||||
listen.group = root
|
||||
listen.mode = 0600
|
||||
user = ${user}
|
||||
env[PIWIK_USER_PATH] = ${dataDir}
|
||||
${cfg.phpfpmProcessManagerConfig}
|
||||
'';
|
||||
${pool} = {
|
||||
socketName = "${pool}";
|
||||
phpPackage = pkgs.php;
|
||||
user = "${user}";
|
||||
group = "${group}";
|
||||
extraConfig = ''
|
||||
listen.owner = ${socketOwner}
|
||||
listen.group = ${group}
|
||||
listen.mode = 0600
|
||||
env[PIWIK_USER_PATH] = ${dataDir}
|
||||
${cfg.phpfpmProcessManagerConfig}
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
|
@ -394,13 +394,14 @@ in {
|
||||
phpOptions)));
|
||||
in {
|
||||
phpOptions = phpOptionsExtensions;
|
||||
socketName = "nextcloud";
|
||||
phpPackage = phpPackage;
|
||||
listen = "/run/phpfpm/nextcloud";
|
||||
user = "nextcloud";
|
||||
group = "${config.services.nginx.group}";
|
||||
extraConfig = ''
|
||||
listen.owner = nginx
|
||||
listen.group = nginx
|
||||
user = nextcloud
|
||||
group = nginx
|
||||
listen.owner = ${config.services.nginx.user}
|
||||
listen.group = ${config.services.nginx.group}
|
||||
listen.mode = 0600
|
||||
${cfg.poolConfig}
|
||||
env[NEXTCLOUD_CONFIG_DIR] = ${cfg.home}/config
|
||||
env[PATH] = /run/wrappers/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin:/usr/bin:/bin
|
||||
@ -466,7 +467,7 @@ in {
|
||||
fastcgi_param HTTPS ${if cfg.https then "on" else "off"};
|
||||
fastcgi_param modHeadersAvailable true;
|
||||
fastcgi_param front_controller_active true;
|
||||
fastcgi_pass unix:/run/phpfpm/nextcloud;
|
||||
fastcgi_pass unix:/run/phpfpm-nextcloud/nextcloud.sock;
|
||||
fastcgi_intercept_errors on;
|
||||
fastcgi_request_buffering off;
|
||||
fastcgi_read_timeout 120s;
|
||||
|
@ -13,7 +13,7 @@ let
|
||||
runDir = "/run/restya-board";
|
||||
|
||||
poolName = "restya-board";
|
||||
phpfpmSocketName = "/run/phpfpm/${poolName}.sock";
|
||||
phpfpmSocketName = "/run/phpfpm-${poolName}/${poolName}.sock";
|
||||
|
||||
in
|
||||
|
||||
@ -178,9 +178,12 @@ in
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
services.phpfpm.poolConfigs = {
|
||||
services.phpfpm.pools = {
|
||||
"${poolName}" = {
|
||||
listen = phpfpmSocketName;
|
||||
socketName = "${poolName}";
|
||||
phpPackage = pkgs.php;
|
||||
user = "${cfg.user}";
|
||||
group = "${cfg.group}";
|
||||
phpOptions = ''
|
||||
date.timezone = "CET"
|
||||
|
||||
@ -192,11 +195,9 @@ in
|
||||
''}
|
||||
'';
|
||||
extraConfig = ''
|
||||
listen.owner = nginx
|
||||
listen.group = nginx
|
||||
listen.owner = ${config.services.nginx.user}
|
||||
listen.group = ${config.services.nginx.group}
|
||||
listen.mode = 0600
|
||||
user = ${cfg.user}
|
||||
group = ${cfg.group}
|
||||
pm = dynamic
|
||||
pm.max_children = 75
|
||||
pm.start_servers = 10
|
||||
@ -365,6 +366,9 @@ in
|
||||
home = runDir;
|
||||
group = "restya-board";
|
||||
};
|
||||
users.users.nginx = {
|
||||
extraGroups = [ "restya-board" ];
|
||||
};
|
||||
users.groups.restya-board = {};
|
||||
|
||||
services.postgresql.enable = mkIf (cfg.database.host == null) true;
|
||||
|
@ -3,9 +3,9 @@ with lib;
|
||||
let
|
||||
cfg = config.services.selfoss;
|
||||
|
||||
poolName = "selfoss_pool";
|
||||
phpfpmSocketName = "/run/phpfpm/${poolName}.sock";
|
||||
|
||||
poolName = "selfoss";
|
||||
phpfpmSocketName = "/run/phpfpm-${poolName}/${poolName}.sock";
|
||||
group = "${cfg.user}";
|
||||
dataDir = "/var/lib/selfoss";
|
||||
|
||||
selfoss-config =
|
||||
@ -116,21 +116,25 @@ in
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
services.phpfpm.poolConfigs = mkIf (cfg.pool == "${poolName}") {
|
||||
"${poolName}" = ''
|
||||
listen = "${phpfpmSocketName}";
|
||||
listen.owner = nginx
|
||||
listen.group = nginx
|
||||
listen.mode = 0600
|
||||
user = nginx
|
||||
pm = dynamic
|
||||
pm.max_children = 75
|
||||
pm.start_servers = 10
|
||||
pm.min_spare_servers = 5
|
||||
pm.max_spare_servers = 20
|
||||
pm.max_requests = 500
|
||||
catch_workers_output = 1
|
||||
'';
|
||||
services.phpfpm.pools = mkIf (cfg.pool == "${poolName}") {
|
||||
"${poolName}" = {
|
||||
socketName = "${poolName}";
|
||||
phpPackage = pkgs.php;
|
||||
user = "${cfg.user}";
|
||||
group = "${group}";
|
||||
extraConfig = ''
|
||||
listen.owner = ${config.services.nginx.user}
|
||||
listen.group = ${config.services.nginx.group}
|
||||
listen.mode = 0600
|
||||
pm = dynamic
|
||||
pm.max_children = 75
|
||||
pm.start_servers = 10
|
||||
pm.min_spare_servers = 5
|
||||
pm.max_spare_servers = 20
|
||||
pm.max_requests = 500
|
||||
catch_workers_output = 1
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.selfoss-config = {
|
||||
@ -145,7 +149,7 @@ in
|
||||
# Create the files
|
||||
cp -r "${pkgs.selfoss}/"* "${dataDir}"
|
||||
ln -sf "${selfoss-config}" "${dataDir}/config.ini"
|
||||
chown -R "${cfg.user}" "${dataDir}"
|
||||
chown -R "${cfg.user}":"${group}" "${dataDir}"
|
||||
chmod -R 755 "${dataDir}"
|
||||
'';
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
@ -162,5 +166,8 @@ in
|
||||
|
||||
};
|
||||
|
||||
users.users.nginx = {
|
||||
extraGroups = [ "${group}" ];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
@ -512,12 +512,14 @@ let
|
||||
|
||||
services.phpfpm.pools = mkIf (cfg.pool == "${poolName}") {
|
||||
"${poolName}" = {
|
||||
listen = "/var/run/phpfpm/${poolName}.sock";
|
||||
socketName = "${poolName}";
|
||||
phpPackage = pkgs.php;
|
||||
user = "${config.services.nginx.user}";
|
||||
group = "${config.services.nginx.group}";
|
||||
extraConfig = ''
|
||||
listen.owner = nginx
|
||||
listen.group = nginx
|
||||
listen.owner = ${config.services.nginx.user}
|
||||
listen.group = ${config.services.nginx.group}
|
||||
listen.mode = 0600
|
||||
user = ${cfg.user}
|
||||
pm = dynamic
|
||||
pm.max_children = 75
|
||||
pm.start_servers = 10
|
||||
@ -543,7 +545,7 @@ let
|
||||
locations."~ \.php$" = {
|
||||
extraConfig = ''
|
||||
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
||||
fastcgi_pass unix:${config.services.phpfpm.pools.${cfg.pool}.listen};
|
||||
fastcgi_pass unix:/run/phpfpm-${poolName}/${poolName}.sock;
|
||||
fastcgi_index index.php;
|
||||
'';
|
||||
};
|
||||
|
@ -42,10 +42,10 @@ in
|
||||
configText = mkOption {
|
||||
default = "";
|
||||
example = ''
|
||||
cache-size=1000
|
||||
scan-path=/srv/git
|
||||
source-filter=''${pkgs.cgit}/lib/cgit/filters/syntax-highlighting.py
|
||||
about-filter=''${pkgs.cgit}/lib/cgit/filters/about-formatting.sh
|
||||
cache-size=1000
|
||||
scan-path=/srv/git
|
||||
'';
|
||||
type = types.lines;
|
||||
description = ''
|
||||
|
@ -4,37 +4,26 @@ with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.phpfpm;
|
||||
enabled = cfg.poolConfigs != {} || cfg.pools != {};
|
||||
enabled = cfg.pools != {};
|
||||
|
||||
stateDir = "/run/phpfpm";
|
||||
|
||||
poolConfigs =
|
||||
(mapAttrs mapPoolConfig cfg.poolConfigs) //
|
||||
(mapAttrs mapPool cfg.pools);
|
||||
|
||||
mapPoolConfig = n: p: {
|
||||
phpPackage = cfg.phpPackage;
|
||||
phpOptions = cfg.phpOptions;
|
||||
config = p;
|
||||
};
|
||||
poolConfigs = (mapAttrs mapPool cfg.pools);
|
||||
|
||||
mapPool = n: p: {
|
||||
phpPackage = p.phpPackage;
|
||||
phpOptions = p.phpOptions;
|
||||
config = ''
|
||||
listen = ${p.listen}
|
||||
${p.extraConfig}
|
||||
'';
|
||||
userPool = p.user;
|
||||
groupPool = p.group;
|
||||
};
|
||||
|
||||
fpmCfgFile = pool: conf: pkgs.writeText "phpfpm-${pool}.conf" ''
|
||||
[global]
|
||||
error_log = syslog
|
||||
daemonize = no
|
||||
${cfg.extraConfig}
|
||||
${cfg.globalExtraConfig}
|
||||
|
||||
[${pool}]
|
||||
${conf}
|
||||
listen = /run/phpfpm-${pool}/${cfg.pools.${pool}.socketName}.sock
|
||||
${cfg.pools.${pool}.extraConfig}
|
||||
'';
|
||||
|
||||
phpIni = pool: pkgs.runCommand "php.ini" {
|
||||
@ -49,86 +38,98 @@ let
|
||||
'';
|
||||
|
||||
in {
|
||||
|
||||
options = {
|
||||
services.phpfpm = {
|
||||
extraConfig = mkOption {
|
||||
globalExtraConfig = mkOption {
|
||||
type = types.lines;
|
||||
default = "";
|
||||
description = ''
|
||||
Extra configuration that should be put in the global section of
|
||||
Global extra configuration that should be put in the global section of
|
||||
the PHP-FPM configuration file. Do not specify the options
|
||||
<literal>error_log</literal> or
|
||||
<literal>daemonize</literal> here, since they are generated by
|
||||
NixOS.
|
||||
'';
|
||||
};
|
||||
|
||||
phpPackage = mkOption {
|
||||
type = types.package;
|
||||
default = pkgs.php;
|
||||
defaultText = "pkgs.php";
|
||||
description = ''
|
||||
The PHP package to use for running the PHP-FPM service.
|
||||
'';
|
||||
};
|
||||
|
||||
phpOptions = mkOption {
|
||||
type = types.lines;
|
||||
default = "";
|
||||
example =
|
||||
''
|
||||
date.timezone = "CET"
|
||||
'';
|
||||
description =
|
||||
"Options appended to the PHP configuration file <filename>php.ini</filename>.";
|
||||
};
|
||||
|
||||
poolConfigs = mkOption {
|
||||
default = {};
|
||||
type = types.attrsOf types.lines;
|
||||
example = literalExample ''
|
||||
{ mypool = '''
|
||||
listen = /run/phpfpm/mypool
|
||||
user = nobody
|
||||
pm = dynamic
|
||||
pm.max_children = 75
|
||||
pm.start_servers = 10
|
||||
pm.min_spare_servers = 5
|
||||
pm.max_spare_servers = 20
|
||||
pm.max_requests = 500
|
||||
''';
|
||||
}
|
||||
'';
|
||||
description = ''
|
||||
A mapping between PHP-FPM pool names and their configurations.
|
||||
See the documentation on <literal>php-fpm.conf</literal> for
|
||||
details on configuration directives. If no pools are defined,
|
||||
the phpfpm service is disabled.
|
||||
<literal>daemonize</literal> here, since they are generated by NixOS.
|
||||
'';
|
||||
};
|
||||
|
||||
pools = mkOption {
|
||||
type = types.attrsOf (types.submodule (import ./pool-options.nix {
|
||||
inherit lib config;
|
||||
}));
|
||||
default = {};
|
||||
type = types.attrsOf (types.submodule {
|
||||
options = {
|
||||
socketName = mkOption {
|
||||
type = types.str;
|
||||
example = "php-fpm";
|
||||
description = ''
|
||||
The address on which to accept FastCGI requests.
|
||||
'';
|
||||
};
|
||||
|
||||
phpPackage = mkOption {
|
||||
type = types.package;
|
||||
default = pkgs.php;
|
||||
defaultText = "pkgs.php";
|
||||
description = ''
|
||||
The PHP package to use for running this PHP-FPM pool.
|
||||
'';
|
||||
};
|
||||
|
||||
phpOptions = mkOption {
|
||||
type = types.lines;
|
||||
default = "";
|
||||
description = ''
|
||||
Options appended to the PHP configuration file <filename>php.ini</filename> used for this PHP-FPM pool.
|
||||
'';
|
||||
};
|
||||
|
||||
user = mkOption {
|
||||
type = types.string;
|
||||
default = "phpfpm";
|
||||
description = "User account under which phpfpm runs.";
|
||||
};
|
||||
|
||||
group = mkOption {
|
||||
type = types.string;
|
||||
default = "phpfpm";
|
||||
description = "Group account under which phpfpm runs.";
|
||||
};
|
||||
|
||||
extraConfig = mkOption {
|
||||
type = types.lines;
|
||||
example = ''
|
||||
pm = dynamic
|
||||
pm.max_children = 75
|
||||
pm.start_servers = 10
|
||||
pm.min_spare_servers = 5
|
||||
pm.max_spare_servers = 20
|
||||
pm.max_requests = 500
|
||||
'';
|
||||
|
||||
description = ''
|
||||
Extra lines that go into the pool configuration.
|
||||
See the documentation on <literal>php-fpm.conf</literal> for
|
||||
details on configuration directives.
|
||||
'';
|
||||
};
|
||||
};
|
||||
});
|
||||
|
||||
example = literalExample ''
|
||||
{
|
||||
mypool = {
|
||||
listen = "/path/to/unix/socket";
|
||||
phpPackage = pkgs.php;
|
||||
extraConfig = '''
|
||||
user = nobody
|
||||
pm = dynamic
|
||||
pm.max_children = 75
|
||||
pm.start_servers = 10
|
||||
pm.min_spare_servers = 5
|
||||
pm.max_spare_servers = 20
|
||||
pm.max_requests = 500
|
||||
''';
|
||||
}
|
||||
}'';
|
||||
{
|
||||
mypool = {
|
||||
socketName = "example";
|
||||
phpPackage = pkgs.php;
|
||||
user = "phpfpm";
|
||||
group = "phpfpm";
|
||||
extraConfig = '''
|
||||
pm = dynamic
|
||||
pm.max_children = 75
|
||||
pm.start_servers = 10
|
||||
pm.min_spare_servers = 5
|
||||
pm.max_spare_servers = 20
|
||||
pm.max_requests = 500
|
||||
''';
|
||||
}
|
||||
}
|
||||
'';
|
||||
description = ''
|
||||
PHP-FPM pools. If no pools or poolConfigs are defined, the PHP-FPM
|
||||
service is disabled.
|
||||
@ -154,9 +155,6 @@ in {
|
||||
after = [ "network.target" ];
|
||||
wantedBy = [ "phpfpm.target" ];
|
||||
partOf = [ "phpfpm.target" ];
|
||||
preStart = ''
|
||||
mkdir -p ${stateDir}
|
||||
'';
|
||||
serviceConfig = let
|
||||
cfgFile = fpmCfgFile pool poolConfig.config;
|
||||
iniFile = phpIni poolConfig;
|
||||
@ -166,10 +164,19 @@ in {
|
||||
ProtectSystem = "full";
|
||||
ProtectHome = true;
|
||||
# XXX: We need AF_NETLINK to make the sendmail SUID binary from postfix work
|
||||
RestrictAddressFamilies = "AF_UNIX AF_INET AF_INET6 AF_NETLINK";
|
||||
RestrictAddressFamilies = [ "AF_UNIX" "AF_INET" "AF_INET6" "AF_NETLINK" ];
|
||||
Type = "notify";
|
||||
ExecStart = "${poolConfig.phpPackage}/bin/php-fpm -y ${cfgFile} -c ${iniFile}";
|
||||
ExecStart = "${poolConfig.phpPackage}/bin/php-fpm -y '${cfgFile}' -c '${iniFile}'";
|
||||
ExecReload = "${pkgs.coreutils}/bin/kill -USR2 $MAINPID";
|
||||
# User and group
|
||||
User = "${poolConfig.userPool}";
|
||||
Group = "${poolConfig.groupPool}";
|
||||
# Runtime directory and mode
|
||||
RuntimeDirectory = "phpfpm-${pool}";
|
||||
RuntimeDirectoryMode = "0750";
|
||||
# Capabilities
|
||||
AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" "CAP_SETGID" "CAP_SETUID" "CAP_CHOWN" "CAP_SYS_RESOURCE" ];
|
||||
CapabilityBoundingSet = [ "CAP_NET_BIND_SERVICE" "CAP_SETGID" "CAP_SETUID" "CAP_CHOWN" "CAP_SYS_RESOURCE" ];
|
||||
};
|
||||
}
|
||||
);
|
||||
|
@ -1,57 +0,0 @@
|
||||
{ lib, config }:
|
||||
|
||||
let
|
||||
fpmCfg = config.services.phpfpm;
|
||||
in
|
||||
|
||||
with lib; {
|
||||
|
||||
options = {
|
||||
|
||||
listen = mkOption {
|
||||
type = types.str;
|
||||
example = "/path/to/unix/socket";
|
||||
description = ''
|
||||
The address on which to accept FastCGI requests.
|
||||
'';
|
||||
};
|
||||
|
||||
phpPackage = mkOption {
|
||||
type = types.package;
|
||||
default = fpmCfg.phpPackage;
|
||||
defaultText = "config.services.phpfpm.phpPackage";
|
||||
description = ''
|
||||
The PHP package to use for running this PHP-FPM pool.
|
||||
'';
|
||||
};
|
||||
|
||||
phpOptions = mkOption {
|
||||
type = types.lines;
|
||||
default = fpmCfg.phpOptions;
|
||||
defaultText = "config.services.phpfpm.phpOptions";
|
||||
description = ''
|
||||
"Options appended to the PHP configuration file <filename>php.ini</filename> used for this PHP-FPM pool."
|
||||
'';
|
||||
};
|
||||
|
||||
extraConfig = mkOption {
|
||||
type = types.lines;
|
||||
example = ''
|
||||
user = nobody
|
||||
pm = dynamic
|
||||
pm.max_children = 75
|
||||
pm.start_servers = 10
|
||||
pm.min_spare_servers = 5
|
||||
pm.max_spare_servers = 20
|
||||
pm.max_requests = 500
|
||||
'';
|
||||
|
||||
description = ''
|
||||
Extra lines that go into the pool configuration.
|
||||
See the documentation on <literal>php-fpm.conf</literal> for
|
||||
details on configuration directives.
|
||||
'';
|
||||
};
|
||||
};
|
||||
}
|
||||
|
@ -23,14 +23,16 @@ let
|
||||
''}
|
||||
${cfg.qemuVerbatimConfig}
|
||||
'';
|
||||
dirName = "libvirt";
|
||||
subDirs = list: [ dirName ] ++ map (e: "${dirName}/${e}") list;
|
||||
|
||||
in {
|
||||
|
||||
###### interface
|
||||
|
||||
options = {
|
||||
options.virtualisation.libvirtd = {
|
||||
|
||||
virtualisation.libvirtd.enable = mkOption {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
@ -41,7 +43,7 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
virtualisation.libvirtd.qemuPackage = mkOption {
|
||||
qemuPackage = mkOption {
|
||||
type = types.package;
|
||||
default = pkgs.qemu;
|
||||
description = ''
|
||||
@ -51,7 +53,7 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
virtualisation.libvirtd.extraConfig = mkOption {
|
||||
extraConfig = mkOption {
|
||||
type = types.lines;
|
||||
default = "";
|
||||
description = ''
|
||||
@ -60,7 +62,7 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
virtualisation.libvirtd.qemuRunAsRoot = mkOption {
|
||||
qemuRunAsRoot = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
@ -72,7 +74,7 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
virtualisation.libvirtd.qemuVerbatimConfig = mkOption {
|
||||
qemuVerbatimConfig = mkOption {
|
||||
type = types.lines;
|
||||
default = ''
|
||||
namespaces = []
|
||||
@ -84,7 +86,7 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
virtualisation.libvirtd.qemuOvmf = mkOption {
|
||||
qemuOvmf = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
@ -93,7 +95,7 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
virtualisation.libvirtd.extraOptions = mkOption {
|
||||
extraOptions = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [ ];
|
||||
example = [ "--verbose" ];
|
||||
@ -102,7 +104,7 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
virtualisation.libvirtd.onShutdown = mkOption {
|
||||
onShutdown = mkOption {
|
||||
type = types.enum ["shutdown" "suspend" ];
|
||||
default = "suspend";
|
||||
description = ''
|
||||
@ -113,6 +115,14 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
allowedBridges = mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [ "virbr0" ];
|
||||
description = ''
|
||||
List of bridge devices that can be used by qemu:///session
|
||||
'';
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
|
||||
@ -120,7 +130,12 @@ in {
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
environment.systemPackages = with pkgs; [ libvirt libressl.nc cfg.qemuPackage ];
|
||||
environment = {
|
||||
# this file is expected in /etc/qemu and not sysconfdir (/var/lib)
|
||||
etc."qemu/bridge.conf".text = lib.concatMapStringsSep "\n" (e:
|
||||
"allow ${e}") cfg.allowedBridges;
|
||||
systemPackages = with pkgs; [ libvirt libressl.nc cfg.qemuPackage ];
|
||||
};
|
||||
|
||||
boot.kernelModules = [ "tun" ];
|
||||
|
||||
@ -134,30 +149,15 @@ in {
|
||||
group = "qemu-libvirtd";
|
||||
};
|
||||
|
||||
security.wrappers.qemu-bridge-helper = {
|
||||
source = "/run/${dirName}/nix-helpers/qemu-bridge-helper";
|
||||
};
|
||||
|
||||
systemd.packages = [ pkgs.libvirt ];
|
||||
|
||||
systemd.services.libvirtd = {
|
||||
description = "Libvirt Virtual Machine Management Daemon";
|
||||
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "systemd-udev-settle.service" ]
|
||||
++ optional vswitch.enable "vswitchd.service";
|
||||
|
||||
environment.LIBVIRTD_ARGS = ''--config "${configFile}" ${concatStringsSep " " cfg.extraOptions}'';
|
||||
|
||||
path = [ cfg.qemuPackage ] # libvirtd requires qemu-img to manage disk images
|
||||
++ optional vswitch.enable vswitch.package;
|
||||
|
||||
preStart = ''
|
||||
mkdir -p /var/log/libvirt/qemu -m 755
|
||||
rm -f /var/run/libvirtd.pid
|
||||
|
||||
mkdir -p /var/lib/libvirt
|
||||
mkdir -p /var/lib/libvirt/dnsmasq
|
||||
|
||||
chmod 755 /var/lib/libvirt
|
||||
chmod 755 /var/lib/libvirt/dnsmasq
|
||||
|
||||
systemd.services.libvirtd-config = {
|
||||
description = "Libvirt Virtual Machine Management Daemon - configuration";
|
||||
script = ''
|
||||
# Copy default libvirt network config .xml files to /var/lib
|
||||
# Files modified by the user will not be overwritten
|
||||
for i in $(cd ${pkgs.libvirt}/var/lib && echo \
|
||||
@ -169,21 +169,45 @@ in {
|
||||
done
|
||||
|
||||
# Copy generated qemu config to libvirt directory
|
||||
cp -f ${qemuConfigFile} /var/lib/libvirt/qemu.conf
|
||||
cp -f ${qemuConfigFile} /var/lib/${dirName}/qemu.conf
|
||||
|
||||
# stable (not GC'able as in /nix/store) paths for using in <emulator> section of xml configs
|
||||
mkdir -p /run/libvirt/nix-emulators
|
||||
for emulator in ${pkgs.libvirt}/libexec/libvirt_lxc ${cfg.qemuPackage}/bin/qemu-kvm ${cfg.qemuPackage}/bin/qemu-system-*; do
|
||||
ln -s --force "$emulator" /run/libvirt/nix-emulators/
|
||||
ln -s --force "$emulator" /run/${dirName}/nix-emulators/
|
||||
done
|
||||
|
||||
for helper in libexec/qemu-bridge-helper bin/qemu-pr-helper; do
|
||||
ln -s --force ${cfg.qemuPackage}/$helper /run/${dirName}/nix-helpers/
|
||||
done
|
||||
|
||||
${optionalString cfg.qemuOvmf ''
|
||||
mkdir -p /run/libvirt/nix-ovmf
|
||||
ln -s --force ${pkgs.OVMF.fd}/FV/OVMF_CODE.fd /run/libvirt/nix-ovmf/
|
||||
ln -s --force ${pkgs.OVMF.fd}/FV/OVMF_VARS.fd /run/libvirt/nix-ovmf/
|
||||
ln -s --force ${pkgs.OVMF.fd}/FV/OVMF_CODE.fd /run/${dirName}/nix-ovmf/
|
||||
ln -s --force ${pkgs.OVMF.fd}/FV/OVMF_VARS.fd /run/${dirName}/nix-ovmf/
|
||||
''}
|
||||
'';
|
||||
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
RuntimeDirectoryPreserve = "yes";
|
||||
LogsDirectory = subDirs [ "qemu" ];
|
||||
RuntimeDirectory = subDirs [ "nix-emulators" "nix-helpers" "nix-ovmf" ];
|
||||
StateDirectory = subDirs [ "dnsmasq" ];
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.libvirtd = {
|
||||
description = "Libvirt Virtual Machine Management Daemon";
|
||||
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
requires = [ "libvirtd-config.service" ];
|
||||
after = [ "systemd-udev-settle.service" "libvirtd-config.service" ]
|
||||
++ optional vswitch.enable "vswitchd.service";
|
||||
|
||||
environment.LIBVIRTD_ARGS = ''--config "${configFile}" ${concatStringsSep " " cfg.extraOptions}'';
|
||||
|
||||
path = [ cfg.qemuPackage ] # libvirtd requires qemu-img to manage disk images
|
||||
++ optional vswitch.enable vswitch.package;
|
||||
|
||||
serviceConfig = {
|
||||
Type = "notify";
|
||||
KillMode = "process"; # when stopping, leave the VMs alone
|
||||
@ -203,7 +227,7 @@ in {
|
||||
systemd.sockets.virtlogd = {
|
||||
description = "Virtual machine log manager socket";
|
||||
wantedBy = [ "sockets.target" ];
|
||||
listenStreams = [ "/run/libvirt/virtlogd-sock" ];
|
||||
listenStreams = [ "/run/${dirName}/virtlogd-sock" ];
|
||||
};
|
||||
|
||||
systemd.services.virtlogd = {
|
||||
@ -215,7 +239,7 @@ in {
|
||||
systemd.sockets.virtlockd = {
|
||||
description = "Virtual machine lock manager socket";
|
||||
wantedBy = [ "sockets.target" ];
|
||||
listenStreams = [ "/run/libvirt/virtlockd-sock" ];
|
||||
listenStreams = [ "/run/${dirName}/virtlockd-sock" ];
|
||||
};
|
||||
|
||||
systemd.services.virtlockd = {
|
||||
|
@ -28,6 +28,12 @@ import ./make-test.nix ({ pkgs, ...} : {
|
||||
{
|
||||
users.users.testuser = { };
|
||||
services.mysql.enable = true;
|
||||
services.mysql.initialScript = pkgs.writeText "mariadb-init.sql" ''
|
||||
echo "ALTER USER root@localhost IDENTIFIED WITH unix_socket;"
|
||||
echo "DELETE FROM mysql.user WHERE password = ''' AND plugin = ''';"
|
||||
echo "DELETE FROM mysql.user WHERE user = ''';"
|
||||
echo "FLUSH PRIVILEGES;"
|
||||
'';
|
||||
services.mysql.ensureDatabases = [ "testdb" ];
|
||||
services.mysql.ensureUsers = [{
|
||||
name = "testuser";
|
||||
|
@ -1,6 +1,6 @@
|
||||
let
|
||||
version = "2.5.1";
|
||||
sha256 = "0nnrgc2qyqqld3znjigryqpg5jaqh3jnmin4a334dbr4jw50dz3d";
|
||||
cargoSha256 = "184vfhsalk5dims3k13zrsv4lmm45a7nm3r0b84g72q7hhbl8pkf";
|
||||
version = "2.5.3";
|
||||
sha256 = "04z38ba4f1kmaa3d9b4gqz7dwr5blbppnkngw758xdm56772hfmj";
|
||||
cargoSha256 = "03dlzl96g8k02lifymwp1xs0b2mrnj5c1xzpwp014ijqlnzcfgsv";
|
||||
in
|
||||
import ./parity.nix { inherit version sha256 cargoSha256; }
|
||||
|
@ -1,6 +1,6 @@
|
||||
let
|
||||
version = "2.4.6";
|
||||
sha256 = "0vfq1pyd92n60h9gimn4d5j56xanvl43sgxk9h2kb16amy0mmh3z";
|
||||
cargoSha256 = "04gi9vddahq1q207f83n3wriwdjnmmnby6mq4crdh7yx1p4b26m9";
|
||||
version = "2.4.8";
|
||||
sha256 = "1kr7hzv27vxa14wafhpaq5a4fv97zh71xjjmwzaqq4gj3k9yj0rm";
|
||||
cargoSha256 = "1yjyk6mhr3ws73aq6h8z5iabvj03ch7mxhkrfdkmhw3cjj0jgx6j";
|
||||
in
|
||||
import ./parity.nix { inherit version sha256 cargoSha256; }
|
||||
|
@ -5,7 +5,7 @@
|
||||
|
||||
{ stdenv
|
||||
, fetchFromGitHub
|
||||
, rustPlatform
|
||||
, rustPlatform
|
||||
, pkgconfig
|
||||
, openssl
|
||||
, systemd
|
||||
@ -29,12 +29,14 @@ rustPlatform.buildRustPackage rec {
|
||||
systemd.lib systemd.dev openssl openssl.dev
|
||||
];
|
||||
|
||||
cargoBuildFlags = [ "--features final" ];
|
||||
|
||||
# test result: FAILED. 80 passed; 12 failed; 0 ignored; 0 measured; 0 filtered out
|
||||
doCheck = false;
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "Fast, light, robust Ethereum implementation";
|
||||
homepage = http://parity.io;
|
||||
homepage = "http://parity.io";
|
||||
license = licenses.gpl3;
|
||||
maintainers = [ maintainers.akru ];
|
||||
platforms = platforms.linux;
|
||||
|
@ -15,11 +15,11 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "ecasound-${version}";
|
||||
version = "2.9.1";
|
||||
version = "2.9.2";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://ecasound.seul.org/download/ecasound-${version}.tar.gz";
|
||||
sha256 = "1wyws3xc4f9pglrrqv6k9137sarv4asizqrxz8h0dn44rnzfiz1r";
|
||||
sha256 = "15rcs28fq2wfvfs66p5na7adq88b55qszbhshpizgdbyqzgr2jf1";
|
||||
};
|
||||
|
||||
buildInputs = [ alsaLib audiofile libjack2 liblo liboil libsamplerate libsndfile lilv lv2 ];
|
||||
|
@ -35,6 +35,7 @@ in stdenv.mkDerivation rec {
|
||||
|
||||
patches = [
|
||||
./fix-install-path.patch
|
||||
./fix-aac-defaults.patch
|
||||
];
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
@ -0,0 +1,15 @@
|
||||
diff --git a/src/modules/bluetooth/a2dp/a2dp_aac.c b/src/modules/bluetooth/a2dp/a2dp_aac.c
|
||||
index 394a7a0..cf5abaf 100644
|
||||
--- a/src/modules/bluetooth/a2dp/a2dp_aac.c
|
||||
+++ b/src/modules/bluetooth/a2dp/a2dp_aac.c
|
||||
@@ -90,8 +90,8 @@ pa_aac_encoder_init(pa_a2dp_source_read_cb_t read_cb, pa_a2dp_source_read_buf_fr
|
||||
info->read_pcm = read_cb;
|
||||
info->read_buf_free = free_cb;
|
||||
info->aacenc_handle_opened = false;
|
||||
- info->aac_enc_bitrate_mode = 5;
|
||||
- info->aac_afterburner = false;
|
||||
+ info->aac_enc_bitrate_mode = 0;
|
||||
+ info->aac_afterburner = true;
|
||||
info->force_pa_fmt = PA_SAMPLE_INVALID;
|
||||
return true;
|
||||
}
|
@ -47,13 +47,13 @@ let
|
||||
];
|
||||
in stdenv.mkDerivation rec {
|
||||
pname = "pulseeffects";
|
||||
version = "4.6.3";
|
||||
version = "4.6.5";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "wwmm";
|
||||
repo = "pulseeffects";
|
||||
rev = "v${version}";
|
||||
sha256 = "1gp23hpsnbiymbbhn6hp8sg1pnysgf04bj9k4h9dfinbgshlq6m7";
|
||||
sha256 = "11ihr29szpqlk9wkscns00ijihyvn5659bj1p7r1ixwgfv708apq";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
@ -29,11 +29,11 @@
|
||||
# handle that.
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "qmmp-1.3.2";
|
||||
name = "qmmp-1.3.3";
|
||||
|
||||
src = fetchurl {
|
||||
url = "http://qmmp.ylsoftware.com/files/${name}.tar.bz2";
|
||||
sha256 = "1rh063kcyg7gs9yj2r4v5irpnq4pjaxaxsgrw30mdr21xhhc15cz";
|
||||
sha256 = "1777kqgvbkshqlawy00gbgwflxflwmjjidqdq29mhqszs76r6727";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake pkgconfig ];
|
||||
|
@ -13,9 +13,9 @@ let
|
||||
sha256Hash = "0y4l9d1yrvv1csx6vl4jnqgqy96y44rl6p8hcxrnbvrg61iqnj30";
|
||||
};
|
||||
betaVersion = {
|
||||
version = "3.5.0.16"; # "Android Studio 3.5 Beta 4"
|
||||
build = "191.5619324";
|
||||
sha256Hash = "1rg6v9b8fdnmslpv80khhpx59lvwhj1vwbkyabz2fryfj67wz01z";
|
||||
version = "3.5.0.17"; # "Android Studio 3.5 Beta 5"
|
||||
build = "191.5675373";
|
||||
sha256Hash = "0iw9v2rzr32dhs3z4vgz93zvxcv111q4cvwzi2cb83hn8kl050ip";
|
||||
};
|
||||
latestVersion = { # canary & dev
|
||||
version = "3.6.0.3"; # "Android Studio 3.6 Canary 3"
|
||||
|
@ -3,7 +3,7 @@
|
||||
with stdenv.lib;
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "kakoune-${version}";
|
||||
pname = "kakoune-unwrapped";
|
||||
version = "2019.01.20";
|
||||
src = fetchFromGitHub {
|
||||
repo = "kakoune";
|
||||
|
5
pkgs/applications/editors/kakoune/plugins.nix
Normal file
5
pkgs/applications/editors/kakoune/plugins.nix
Normal file
@ -0,0 +1,5 @@
|
||||
{ parinfer-rust }:
|
||||
|
||||
{
|
||||
inherit parinfer-rust;
|
||||
}
|
44
pkgs/applications/editors/kakoune/wrapper.nix
Normal file
44
pkgs/applications/editors/kakoune/wrapper.nix
Normal file
@ -0,0 +1,44 @@
|
||||
{ stdenv, bash }:
|
||||
with stdenv.lib;
|
||||
|
||||
kakoune:
|
||||
|
||||
let
|
||||
getPlugins = { plugins ? [] }: plugins;
|
||||
|
||||
wrapper = { configure ? {} }:
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "kakoune";
|
||||
version = getVersion kakoune;
|
||||
|
||||
src = ./.;
|
||||
buildCommand = ''
|
||||
mkdir -p $out/share/kak
|
||||
for plugin in ${strings.escapeShellArgs (getPlugins configure)}; do
|
||||
if [[ -d $plugin/share/kak/autoload ]]; then
|
||||
find "$plugin/share/kak/autoload" -type f -name '*.kak'| while read rcfile; do
|
||||
printf 'source "%s"\n' "$rcfile"
|
||||
done
|
||||
fi
|
||||
done >>$out/share/kak/plugins.kak
|
||||
|
||||
mkdir -p $out/bin
|
||||
substitute ${src}/wrapper.sh $out/bin/kak \
|
||||
--subst-var-by bash "${bash}" \
|
||||
--subst-var-by kakoune "${kakoune}" \
|
||||
--subst-var-by out "$out"
|
||||
chmod +x $out/bin/kak
|
||||
'';
|
||||
|
||||
preferLocalBuild = true;
|
||||
buildInputs = [ bash kakoune ];
|
||||
passthru = { unwrapped = kakoune; };
|
||||
|
||||
meta = kakoune.meta // {
|
||||
# prefer wrapper over the package
|
||||
priority = (kakoune.meta.priority or 0) - 1;
|
||||
hydraPlatforms = [];
|
||||
};
|
||||
};
|
||||
in
|
||||
makeOverridable wrapper
|
30
pkgs/applications/editors/kakoune/wrapper.sh
Normal file
30
pkgs/applications/editors/kakoune/wrapper.sh
Normal file
@ -0,0 +1,30 @@
|
||||
#!@bash@/bin/bash
|
||||
|
||||
# We use the -E option to load plugins. This only makes sense when we are
|
||||
# starting a new session, so we detect that. Also, Kakoune can only handle
|
||||
# one -E option, so we prepend loading plugins to an existing one.
|
||||
args=( "$@" )
|
||||
loadPlugins=true
|
||||
EValueOffset=-1
|
||||
pluginScript='@out@/share/kak/plugins.kak'
|
||||
|
||||
for (( i = 0; i < ${#args[@]}; i++ )); do
|
||||
case "${args[i]}" in
|
||||
-n|-c|-l|-p|-clear|-version) loadPlugins=false;;
|
||||
-E) EValueOffset=$(( i + 1 ));;
|
||||
--) break;;
|
||||
esac
|
||||
case "${args[i]}" in
|
||||
-E|-c|-e|-s|-p|-f|-i|-ui|-debug) i=$(( i + 1 ));;
|
||||
esac
|
||||
done
|
||||
|
||||
if [[ $loadPlugins = true ]]; then
|
||||
if (( EValueOffset >= 0 )); then
|
||||
args[EValueOffset]="source '$pluginScript'"$'\n'"${args[EValueOffset]}"
|
||||
else
|
||||
args=( "-E" "source '$pluginScript'" "${args[@]}" )
|
||||
fi
|
||||
fi
|
||||
|
||||
exec @kakoune@/bin/kak "${args[@]}"
|
@ -2,11 +2,11 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "typora";
|
||||
version = "0.9.70";
|
||||
version = "0.9.72";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://www.typora.io/linux/typora_${version}_amd64.deb";
|
||||
sha256 = "08bgllbvgrpdkk9bryj4s16n274ps4igwrzdvsdbyw8wpp44vcy2";
|
||||
sha256 = "0q7fj77pr3ykpwgip87h12qxvpvlzs15mi9w3phqm3p9mmm9rlrs";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
@ -68,6 +68,7 @@ runCommand "${wrappedPkgName}-with-extensions-${wrappedPkgVersion}" {
|
||||
|
||||
ln -sT "${vscode}/share/pixmaps/code.png" "$out/share/pixmaps/code.png"
|
||||
ln -sT "${vscode}/share/applications/${executableName}.desktop" "$out/share/applications/${executableName}.desktop"
|
||||
ln -sT "${vscode}/share/applications/${executableName}-url-handler.desktop" "$out/share/applications/${executableName}-url-handler.desktop"
|
||||
makeWrapper "${vscode}/bin/${executableName}" "$out/bin/${executableName}" ${lib.optionalString (vscodeExtensions != []) ''
|
||||
--add-flags "--extensions-dir ${combinedExtensionsDrv}/share/${wrappedPkgName}/extensions"
|
||||
''}
|
||||
|
@ -59,11 +59,11 @@ let
|
||||
|
||||
in stdenv.mkDerivation rec {
|
||||
name = "drawpile-${version}";
|
||||
version = "2.1.10";
|
||||
version = "2.1.11";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://drawpile.net/files/src/drawpile-${version}.tar.gz";
|
||||
sha256 = "074lp5z5kh6qwar3y4ik7gma5mdgafdsb50q425xcd3pv00gy0hm";
|
||||
sha256 = "00r5vzracvjk369rri2jxzgfaa1ll4qj5gdmzgflvidz8420bcvm";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
@ -1,6 +1,6 @@
|
||||
{ stdenv, fetchurl, pkgconfig, autoconf, automake, gettext, intltool
|
||||
, gtk3, lcms2, exiv2, libchamplain, clutter-gtk, ffmpegthumbnailer, fbida
|
||||
, wrapGAppsHook
|
||||
, wrapGAppsHook, fetchpatch
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
@ -12,8 +12,20 @@ stdenv.mkDerivation rec {
|
||||
sha256 = "0ciygvcxb78pqg59r6p061mkbpvkgv2rv3r79j3kgv3kalb3ln2w";
|
||||
};
|
||||
|
||||
# Do not build the changelog as this requires markdown.
|
||||
patches = [ ./geeqie-no-changelog.patch ];
|
||||
patches = [
|
||||
# Do not build the changelog as this requires markdown.
|
||||
(fetchpatch {
|
||||
name = "geeqie-1.4-goodbye-changelog.patch";
|
||||
url = "https://src.fedoraproject.org/rpms/geeqie/raw/132fb04a1a5e74ddb333d2474f7edb9a39dc8d27/f/geeqie-1.4-goodbye-changelog.patch";
|
||||
sha256 = "00a35dds44kjjdqsbbfk0x9y82jspvsbpm2makcm1ivzlhjjgszn";
|
||||
})
|
||||
# Fixes build with exiv2 0.27.1
|
||||
(fetchpatch {
|
||||
name = "geeqie-exiv2-0.27.patch";
|
||||
url = "https://git.archlinux.org/svntogit/packages.git/plain/trunk/geeqie-exiv2-0.27.patch?h=packages/geeqie&id=dee28a8b3e9039b9cd6927b5a93ef2a07cd8271d";
|
||||
sha256 = "05skpbyp8pcq92psgijyccc8liwfy2cpwprw6m186pf454yb5y9p";
|
||||
})
|
||||
];
|
||||
|
||||
preConfigure = "./autogen.sh";
|
||||
|
||||
|
@ -1,14 +0,0 @@
|
||||
--- geeqie-1.4.orig/Makefile.am 2017-12-31 07:31:21.000000000 -0500
|
||||
+++ geeqie-1.4/Makefile.am 2018-01-01 15:05:58.742068166 -0500
|
||||
@@ -10,9 +10,9 @@
|
||||
readmedir = @readmedir@
|
||||
|
||||
if HAVE_MARKDOWN
|
||||
-readme_DATA = README.md COPYING ChangeLog TODO README.lirc AUTHORS README.html ChangeLog.html
|
||||
+readme_DATA = README.md COPYING TODO README.lirc AUTHORS README.html
|
||||
else
|
||||
-readme_DATA = README.md COPYING ChangeLog TODO README.lirc AUTHORS ChangeLog.html
|
||||
+readme_DATA = README.md COPYING TODO README.lirc AUTHORS
|
||||
endif
|
||||
|
||||
desktopdir = $(datadir)/applications
|
@ -1,4 +1,4 @@
|
||||
{ stdenv, cmake, fetchurl, gnumake, makeWrapper, pkgconfig
|
||||
{ stdenv, cmake, fetchurl, gnumake, makeWrapper, pkgconfig, fetchpatch
|
||||
, autopanosiftc, boost, cairo, enblend-enfuse, exiv2, fftw, flann, gettext
|
||||
, glew, ilmbase, lcms2, lensfun, libjpeg, libpng, libtiff, libX11, libXi
|
||||
, libXmu, libGLU_combined, openexr, panotools, perlPackages, sqlite, vigra, wxGTK, zlib
|
||||
@ -12,6 +12,14 @@ stdenv.mkDerivation rec {
|
||||
sha256 = "1l925qslp98gg7yzmgps10h6dq0nb60wbfk345anlxsv0g2ifizr";
|
||||
};
|
||||
|
||||
patches = [
|
||||
# Fixes build with exiv2 0.27.1
|
||||
(fetchpatch {
|
||||
url = "https://git.archlinux.org/svntogit/community.git/plain/trunk/hugin-exiv2-0.27.1.patch?h=packages/hugin";
|
||||
sha256 = "1yxvlpvrhyrfd2w6kwx1w3mncsvlzdhp0w7xchy8q6kc2kd5nf7r";
|
||||
})
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
boost cairo exiv2 fftw flann gettext glew ilmbase lcms2 lensfun libjpeg
|
||||
libpng libtiff libX11 libXi libXmu libGLU_combined openexr panotools sqlite vigra
|
||||
|
@ -1,23 +1,25 @@
|
||||
{ stdenv, cmake, fetchurl, pkgconfig, boost, exiv2, fftwFloat, gsl
|
||||
{ stdenv, cmake, fetchFromGitHub, pkgconfig, boost, exiv2, fftwFloat, gsl
|
||||
, ilmbase, lcms2, libraw, libtiff, openexr
|
||||
, qtbase, qtdeclarative, qttools, qtwebengine
|
||||
, qtbase, qtdeclarative, qttools, qtwebengine, eigen
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "luminance-hdr-2.5.1";
|
||||
pname = "luminance-hdr";
|
||||
version = "2.6.0";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://sourceforge/qtpfsgui/${name}.tar.bz2";
|
||||
sha256 = "15hnyk9yjkkc97dmnrg2ipfgwqxprlcyv2kyvbls4d54zc56x658";
|
||||
src = fetchFromGitHub {
|
||||
owner = "LuminanceHDR";
|
||||
repo = "LuminanceHDR";
|
||||
rev = "v.${version}";
|
||||
sha256 = "1izmgjjp8mgyxv57sjjr05z7g7059ykb5wchlcn4wrnnb6aslnvn";
|
||||
};
|
||||
|
||||
NIX_CFLAGS_COMPILE = "-I${ilmbase.dev}/include/OpenEXR";
|
||||
|
||||
buildInputs =
|
||||
[
|
||||
qtbase qtdeclarative qttools qtwebengine
|
||||
boost exiv2 fftwFloat gsl ilmbase lcms2 libraw libtiff openexr
|
||||
];
|
||||
buildInputs = [
|
||||
qtbase qtdeclarative qttools qtwebengine eigen
|
||||
boost exiv2 fftwFloat gsl ilmbase lcms2 libraw libtiff openexr
|
||||
];
|
||||
|
||||
nativeBuildInputs = [ cmake pkgconfig ];
|
||||
|
||||
|
@ -27,6 +27,10 @@ stdenv.mkDerivation rec {
|
||||
sha256 = "12582i5v85da7vwjxj8grj99hxg34ij5cn3b1578wspdfw1xfy1i";
|
||||
};
|
||||
|
||||
patches = [
|
||||
./nomacs-iostream.patch
|
||||
];
|
||||
|
||||
enableParallelBuilding = true;
|
||||
|
||||
setSourceRoot = ''
|
||||
|
26
pkgs/applications/graphics/nomacs/nomacs-iostream.patch
Normal file
26
pkgs/applications/graphics/nomacs/nomacs-iostream.patch
Normal file
@ -0,0 +1,26 @@
|
||||
diff --git a/src/DkCore/DkMetaData.cpp b/src/DkCore/DkMetaData.cpp
|
||||
index d195757e..affec7be 100644
|
||||
--- a/src/DkCore/DkMetaData.cpp
|
||||
+++ b/src/DkCore/DkMetaData.cpp
|
||||
@@ -42,6 +42,8 @@
|
||||
#include <QApplication>
|
||||
#pragma warning(pop) // no warnings from includes - end
|
||||
|
||||
+#include <iostream>
|
||||
+
|
||||
namespace nmc {
|
||||
|
||||
// DkMetaDataT --------------------------------------------------------------------
|
||||
diff --git a/src/DkGui/DkNoMacs.cpp b/src/DkGui/DkNoMacs.cpp
|
||||
index 6a412f70..bbfba233 100644
|
||||
--- a/src/DkGui/DkNoMacs.cpp
|
||||
+++ b/src/DkGui/DkNoMacs.cpp
|
||||
@@ -96,6 +96,8 @@
|
||||
#include <QWinTaskbarButton>
|
||||
#endif
|
||||
|
||||
+#include <iostream>
|
||||
+
|
||||
namespace nmc {
|
||||
|
||||
DkNomacsOSXEventFilter::DkNomacsOSXEventFilter(QObject *parent) : QObject(parent) {
|
@ -37,5 +37,6 @@ stdenv.mkDerivation rec {
|
||||
meta = with stdenv.lib; {
|
||||
platforms = platforms.linux;
|
||||
license = licenses.gpl3;
|
||||
broken = true; # exiv2 0.27.1 FTBFS
|
||||
};
|
||||
}
|
||||
|
@ -1,23 +1,36 @@
|
||||
{ stdenv, fetchurl, cmake, exiv2, graphicsmagick, libraw
|
||||
{ stdenv, fetchurl, cmake, exiv2, graphicsmagick, libraw, fetchpatch
|
||||
, qtbase, qtdeclarative, qtmultimedia, qtquickcontrols, qttools, qtgraphicaleffects
|
||||
, extra-cmake-modules, poppler, kimageformats, libarchive, libdevil
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "photoqt-${version}";
|
||||
version = "1.5.1";
|
||||
pname = "photoqt";
|
||||
version = "1.7.1";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://photoqt.org/pkgs/photoqt-${version}.tar.gz";
|
||||
sha256 = "17kkpzkmzfnigs26jjyd75iy58qffjsclif81cmviq73lzmqy0b1";
|
||||
url = "https://${pname}.org/pkgs/${pname}-${version}.tar.gz";
|
||||
sha256 = "1qvxdh3cbjcywqx0da2qp8z092660qyzv5yknqbps2zr12qqb103";
|
||||
};
|
||||
|
||||
patches = [ ./photoqt-1.5.1-qt-5.9.patch ];
|
||||
patches = [
|
||||
# Fixes build with exiv2 0.27.1
|
||||
(fetchpatch {
|
||||
url = "https://gitlab.com/luspi/photoqt/commit/c6fd41478e818f3a651d40f96cab3d790e1c09a4.patch";
|
||||
sha256 = "1j2pdr7hm3js7lswhb4qkf9sj9viclhjqz50qxpyd7pqrl1gf2va";
|
||||
})
|
||||
];
|
||||
|
||||
nativeBuildInputs = [ cmake ];
|
||||
nativeBuildInputs = [ cmake extra-cmake-modules qttools ];
|
||||
|
||||
buildInputs = [
|
||||
qtbase qtquickcontrols qttools exiv2 graphicsmagick
|
||||
qtbase qtquickcontrols exiv2 graphicsmagick poppler
|
||||
qtmultimedia qtdeclarative libraw qtgraphicaleffects
|
||||
kimageformats libarchive
|
||||
];
|
||||
|
||||
cmakeFlags = [
|
||||
"-DFREEIMAGE=OFF"
|
||||
"-DDEVIL=OFF"
|
||||
];
|
||||
|
||||
preConfigure = ''
|
||||
|
@ -1,13 +0,0 @@
|
||||
diff --git a/CMakeLists.txt b/CMakeLists.txt
|
||||
index 97abcb5..fd4877a 100644
|
||||
--- a/CMakeLists.txt
|
||||
+++ b/CMakeLists.txt
|
||||
@@ -50,7 +50,7 @@ SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -std=c++11 -O3 -Wall")
|
||||
#### FIND REQUIRED PACKAGES ####
|
||||
################################
|
||||
|
||||
-FIND_PACKAGE(Qt5 COMPONENTS LinguistTools Quick Widgets Core Svg REQUIRED)
|
||||
+FIND_PACKAGE(Qt5 COMPONENTS LinguistTools Quick Widgets Core Svg Sql Xml REQUIRED)
|
||||
SET(CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/CMake" ${CMAKE_MODULE_PATH})
|
||||
FIND_PACKAGE(Magick)
|
||||
FIND_PACKAGE(Exiv2)
|
@ -1,41 +0,0 @@
|
||||
{stdenv, fetchurl, qt4, qmake4Hook, exiv2, openexr, fftwSinglePrec, libtiff, ilmbase }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "qtpfsgui-1.9.3";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://sourceforge/qtpfsgui/${name}.tar.gz";
|
||||
sha256 = "1mlg9dry4mfnnjlnwsw375hzsiagssdhccfmapx5nh6ykqrslsh1";
|
||||
};
|
||||
|
||||
buildInputs = [ qt4 exiv2 openexr fftwSinglePrec libtiff ];
|
||||
nativeBuildInputs = [ qmake4Hook ];
|
||||
|
||||
hardeningDisable = [ "format" ];
|
||||
|
||||
preConfigure = ''
|
||||
export CPATH="${ilmbase.dev}/include/OpenEXR:$CPATH"
|
||||
'';
|
||||
|
||||
qmakeFlags = [
|
||||
"EXIV2PATH=${exiv2.dev}/include/exiv2"
|
||||
"OPENEXRDIR=${openexr.dev}/include/OpenEXR"
|
||||
"FFTW3DIR=${fftwSinglePrec.dev}/include"
|
||||
"LIBTIFFDIR=${libtiff.dev}/include"
|
||||
];
|
||||
|
||||
meta = {
|
||||
homepage = http://qtpfsgui.sourceforge.net/;
|
||||
description = "Qtpfsqui, a graphical application for high dynamic range (HDR) imaging";
|
||||
|
||||
longDescription =
|
||||
'' Qtpfsgui is an open source graphical user interface application that
|
||||
aims to provide a workflow for high dynamic range (HDR) imaging.
|
||||
'';
|
||||
|
||||
license = stdenv.lib.licenses.gpl2Plus;
|
||||
|
||||
maintainers = [ ];
|
||||
platforms = stdenv.lib.platforms.gnu ++ stdenv.lib.platforms.linux;
|
||||
};
|
||||
}
|
@ -3,7 +3,7 @@
|
||||
extra-cmake-modules, kdoctools,
|
||||
exiv2, lcms2,
|
||||
baloo, kactivities, kdelibs4support, kio, kipi-plugins, libkdcraw, libkipi,
|
||||
phonon, qtimageformats, qtsvg, qtx11extras, kinit
|
||||
phonon, qtimageformats, qtsvg, qtx11extras, kinit, fetchpatch
|
||||
}:
|
||||
|
||||
mkDerivation {
|
||||
@ -18,4 +18,12 @@ mkDerivation {
|
||||
qtimageformats qtsvg qtx11extras
|
||||
];
|
||||
propagatedUserEnvPkgs = [ kipi-plugins libkipi (lib.getBin kinit) ];
|
||||
|
||||
# Fixes build with exiv2-0.27.1. Drop in 19.04.2
|
||||
patches = [
|
||||
(fetchpatch {
|
||||
url = "https://github.com/KDE/gwenview/commit/172560b845460b6121154f88221c855542219943.patch";
|
||||
sha256 = "0y1l34h2s7rhfknvg6ggcc389jfzhpq69wf0s3xd5ccwfw7c0ycq";
|
||||
})
|
||||
];
|
||||
}
|
||||
|
@ -2,24 +2,24 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "1password";
|
||||
version = "0.5.6-003";
|
||||
version = "0.5.7";
|
||||
src =
|
||||
if stdenv.hostPlatform.system == "i686-linux" then
|
||||
fetchzip {
|
||||
url = "https://cache.agilebits.com/dist/1P/op/pkg/v${version}/op_linux_386_v${version}.zip";
|
||||
sha256 = "11smnx8fh32qm3b82x2ps4y46q29h77x1j1dj3d5vs0vha9b8frj";
|
||||
sha256 = "1193lq6cvqkv2cy07l6wzb25gb5vb3s3pxm534q3izhzrrz6lisz";
|
||||
stripRoot = false;
|
||||
}
|
||||
else if stdenv.hostPlatform.system == "x86_64-linux" then
|
||||
fetchzip {
|
||||
url = "https://cache.agilebits.com/dist/1P/op/pkg/v${version}/op_linux_amd64_v${version}.zip";
|
||||
sha256 = "1qwxga6qmb3n76h2fl1lxhnz676cqbx8gic1b5c9hw88gnqwykb9";
|
||||
sha256 = "0hlw1jasxzg31293d2n3ydzj62q7ji7nig7aaighcvzi3c9j7v51";
|
||||
stripRoot = false;
|
||||
}
|
||||
else if stdenv.hostPlatform.system == "x86_64-darwin" then
|
||||
fetchzip {
|
||||
url = "https://cache.agilebits.com/dist/1P/op/pkg/v${version}/op_darwin_amd64_v${version}.zip";
|
||||
sha256 = "0gzmwc20liqx2cqply06yarwp228ydfgfb26bmpxbvlp0cq7d07g";
|
||||
sha256 = "05z5k63fza6v0vhydyiq4sh9xhxnd9rcfxyym7jihv6b3fv3fnx3";
|
||||
stripRoot = false;
|
||||
}
|
||||
else throw "Architecture not supported";
|
||||
|
@ -120,6 +120,6 @@ in buildRustPackage rec {
|
||||
homepage = https://github.com/jwilm/alacritty;
|
||||
license = with licenses; [ asl20 ];
|
||||
maintainers = with maintainers; [ mic92 ];
|
||||
platforms = [ "x86_64-linux" "x86_64-darwin" "aarch64-linux" ];
|
||||
platforms = [ "x86_64-linux" "i686-linux" "x86_64-darwin" "aarch64-linux" ];
|
||||
};
|
||||
}
|
||||
|
@ -2,11 +2,11 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "calcurse-${version}";
|
||||
version = "4.4.0";
|
||||
version = "4.5.0";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://calcurse.org/files/${name}.tar.gz";
|
||||
sha256 = "0vw2xi6a2lrhrb8n55zq9lv4mzxhby4xdf3hmi1vlfpyrpdwkjzd";
|
||||
sha256 = "1vjwcmp51h7dsvwn0qx93w9chp3wp970v7d9mjhk7jyamcbfywn3";
|
||||
};
|
||||
|
||||
buildInputs = [ ncurses gettext python3 python3Packages.wrapPython ];
|
||||
|
@ -5,13 +5,13 @@
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "CopyQ-${version}";
|
||||
version = "3.8.0";
|
||||
version = "3.9.0";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "hluk";
|
||||
repo = "CopyQ";
|
||||
rev = "v${version}";
|
||||
sha256 = "0kbhgg0j6iqfrpixvwl1mk3m0bz5s8bd6npk5xqcgzp1giywdc4i";
|
||||
sha256 = "1l9f0hg2ggy944sjlyiyglln5mjm9fvgmvwp3pnvmmc6mfbmslq3";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ cmake ];
|
||||
|
@ -2,13 +2,13 @@
|
||||
|
||||
python3Packages.buildPythonApplication rec {
|
||||
pname = "electron-cash";
|
||||
version = "4.0.2";
|
||||
version = "4.0.7";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://electroncash.org/downloads/${version}/win-linux/Electron-Cash-${version}.tar.gz";
|
||||
# Verified using official SHA-1 and signature from
|
||||
# https://github.com/fyookball/keys-n-hashes
|
||||
sha256 = "6255cd0493442ec57c10ae70ca2e84c6a29497f90a1393e6ac5772afe7572acf";
|
||||
sha256 = "d63ef2d52cff0b821b745067d752fd0c7f2902fa23eaf8e9392c54864cae5c77";
|
||||
};
|
||||
|
||||
propagatedBuildInputs = with python3Packages; [
|
||||
|
@ -1,28 +1,41 @@
|
||||
{ fetchFromGitHub, stdenv, pkgconfig, exiv2, libxml2, gtk2
|
||||
, libxslt, docbook_xsl, docbook_xml_dtd_42 }:
|
||||
{ fetchFromGitHub, stdenv, fetchpatch, pkgconfig, exiv2, libxml2, gtk3
|
||||
, libxslt, docbook_xsl, docbook_xml_dtd_42, desktop-file-utils }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "gpscorrelate-${version}";
|
||||
version = "1.6.1";
|
||||
pname = "gpscorrelate";
|
||||
version = "unstable-2019-06-05";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "freefoote";
|
||||
repo = "gpscorrelate";
|
||||
rev = version;
|
||||
sha256 = "1z0fc75rx7dl6nnydksa578qv116j2c2xs1czfiijzxjghx8njdj";
|
||||
owner = "dfandrich";
|
||||
repo = pname;
|
||||
rev = "80b14fe7c10c1cc8f62c13f517c062577ce88c85";
|
||||
sha256 = "1gaan0nd7ai0bwilfnkza7lg5mz87804mvlygj0gjc672izr37r6";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ pkgconfig ];
|
||||
buildInputs = [
|
||||
exiv2 libxml2 gtk2
|
||||
libxslt docbook_xsl
|
||||
nativeBuildInputs = [
|
||||
desktop-file-utils
|
||||
docbook_xml_dtd_42
|
||||
docbook_xsl
|
||||
libxslt
|
||||
pkgconfig
|
||||
];
|
||||
|
||||
patchPhase = ''
|
||||
sed -i "Makefile" \
|
||||
-es",^[[:blank:]]*prefix[[:blank:]]*=.*$,prefix = $out,g"
|
||||
'';
|
||||
buildInputs = [
|
||||
exiv2
|
||||
gtk3
|
||||
libxml2
|
||||
];
|
||||
|
||||
makeFlags = [
|
||||
"prefix=${placeholder ''out''}"
|
||||
"GTK=3"
|
||||
"CC=cc"
|
||||
"CXX=c++"
|
||||
];
|
||||
|
||||
doCheck = true;
|
||||
|
||||
installTargets = [ "install" "install-desktop-file" ];
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "A GPS photo correlation tool, to add EXIF geotags";
|
||||
@ -44,7 +57,7 @@ stdenv.mkDerivation rec {
|
||||
'';
|
||||
|
||||
license = licenses.gpl2Plus;
|
||||
homepage = https://github.com/freefoote/gpscorrelate;
|
||||
homepage = "https://github.com/dfandrich/gpscorrelate";
|
||||
platforms = platforms.linux;
|
||||
};
|
||||
}
|
||||
|
@ -1,8 +1,27 @@
|
||||
{ lib, bundlerApp, ruby
|
||||
, writeShellScriptBin, makeWrapper
|
||||
, withOptionalDependencies ? false
|
||||
}:
|
||||
|
||||
bundlerApp rec {
|
||||
let
|
||||
rubyWrapper = writeShellScriptBin "ruby" ''
|
||||
if [[ "$#" -eq 2 ]]; then
|
||||
if [[ "''${1##*/}" == "bundle" && "$2" == "install" ]]; then
|
||||
# See https://github.com/NixOS/nixpkgs/issues/58126 for more details.
|
||||
echo 'Skipping "bundle install" as it fails due to the Nix wrapper.'
|
||||
echo 'Please enter the new directory and run the following commands to serve the page:'
|
||||
echo 'nix-shell -p bundler --run "bundle install --gemfile=Gemfile --path vendor/cache"'
|
||||
echo 'nix-shell -p bundler --run "bundle exec jekyll serve"'
|
||||
exit 0
|
||||
# The following nearly works:
|
||||
unset BUNDLE_FROZEN
|
||||
exec ${ruby}/bin/ruby "$@" --gemfile=Gemfile --path=vendor/cache
|
||||
fi
|
||||
fi
|
||||
# Else: Don't modify the arguments:
|
||||
exec ${ruby}/bin/ruby "$@"
|
||||
'';
|
||||
in bundlerApp rec {
|
||||
pname = "jekyll";
|
||||
exes = [ "jekyll" ];
|
||||
|
||||
@ -11,6 +30,12 @@ bundlerApp rec {
|
||||
then ./full
|
||||
else ./basic;
|
||||
|
||||
buildInputs = [ makeWrapper ];
|
||||
|
||||
postBuild = ''
|
||||
wrapProgram $out/bin/jekyll --prefix PATH : ${rubyWrapper}/bin
|
||||
'';
|
||||
|
||||
meta = with lib; {
|
||||
description = "A blog-aware, static site generator, written in Ruby";
|
||||
longDescription = ''
|
||||
|
@ -3,12 +3,12 @@
|
||||
|
||||
mkDerivation rec {
|
||||
pname = "latte-dock";
|
||||
version = "0.8.8";
|
||||
version = "0.8.9";
|
||||
name = "${pname}-${version}";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://download.kde.org/stable/${pname}/${name}.tar.xz";
|
||||
sha256 = "137s7rx35a5qrfww3q8bllj4zyjfa7l709snvdfj34y7jbq7p6cd";
|
||||
sha256 = "1kkpxa39crjpqgamrcpgp1mrcdg0aq9850yb6cf7lw7d3x2fdrxj";
|
||||
name = "${name}.tar.xz";
|
||||
};
|
||||
|
||||
|
@ -103,7 +103,7 @@ let
|
||||
perl which p7zip gnused gnugrep psmisc cups lcms2 mpg123 cairo unixODBC
|
||||
samba4 sane-backends openldap opencl-headers ocl-icd utillinux
|
||||
|
||||
(wine.override { wineBuild = "wineWow"; })
|
||||
wineWowPackages.staging
|
||||
|
||||
# ZDOOM
|
||||
soundfont-fluid bzip2 game-music-emu
|
||||
|
@ -1,4 +1,4 @@
|
||||
{ stdenv, fetchFromGitHub, qmake, pkgconfig, boost, gdal, proj
|
||||
{ stdenv, fetchFromGitHub, makeWrapper, qmake, pkgconfig, boost, gdal, proj
|
||||
, qtbase, qtsvg, qtwebkit }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
@ -12,12 +12,17 @@ stdenv.mkDerivation rec {
|
||||
sha256 = "0ls3q8m1hxiwyrypy6qca8wczhl4969ncl0sszfdwfv70rzxjk88";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [ qmake pkgconfig ];
|
||||
nativeBuildInputs = [ makeWrapper qmake pkgconfig ];
|
||||
|
||||
buildInputs = [ boost gdal proj qtbase qtsvg qtwebkit ];
|
||||
|
||||
enableParallelBuilding = true;
|
||||
|
||||
postInstall = ''
|
||||
wrapProgram $out/bin/merkaartor \
|
||||
--set QT_QPA_PLATFORM_PLUGIN_PATH ${qtbase.bin}/lib/qt-*/plugins/platforms
|
||||
'';
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "OpenStreetMap editor";
|
||||
homepage = http://merkaartor.be/;
|
||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user