Merge remote-tracking branch 'upstream/master' into hardened-stdenv
This commit is contained in:
commit
2d382f3d98
3
.github/PULL_REQUEST_TEMPLATE.md
vendored
3
.github/PULL_REQUEST_TEMPLATE.md
vendored
@ -1,3 +1,6 @@
|
||||
###### Motivation for this change
|
||||
|
||||
|
||||
###### Things done
|
||||
|
||||
- [ ] Tested using sandboxing
|
||||
|
@ -46,10 +46,10 @@ $ export NIXPKGS_ALLOW_UNFREE=1
|
||||
allowUnfreePredicate = (pkg: ...);
|
||||
</programlisting>
|
||||
|
||||
Example to allow flash player only:
|
||||
Example to allow flash player and visual studio code only:
|
||||
|
||||
<programlisting>
|
||||
allowUnfreePredicate = (pkg: pkgs.lib.hasPrefix "flashplayer-" pkg.name);
|
||||
allowUnfreePredicate = with builtins; (pkg: elem (parseDrvName pkg.name).name [ "flashplayer" "vscode" ]);
|
||||
</programlisting>
|
||||
|
||||
</para>
|
||||
|
@ -27,6 +27,7 @@ stdenv.mkDerivation {
|
||||
in ''
|
||||
{
|
||||
pandoc '${inputFile}' -w docbook ${optionalString useChapters "--chapters"} \
|
||||
--smart \
|
||||
| sed -e 's|<ulink url=|<link xlink:href=|' \
|
||||
-e 's|</ulink>|</link>|' \
|
||||
-e 's|<sect. id=|<section xml:id=|' \
|
||||
@ -52,9 +53,8 @@ stdenv.mkDerivation {
|
||||
outputFile = "./languages-frameworks/python.xml";
|
||||
}
|
||||
+ toDocbook {
|
||||
inputFile = ./haskell-users-guide.md;
|
||||
outputFile = "haskell-users-guide.xml";
|
||||
useChapters = true;
|
||||
inputFile = ./languages-frameworks/haskell.md;
|
||||
outputFile = "./languages-frameworks/haskell.xml";
|
||||
}
|
||||
+ toDocbook {
|
||||
inputFile = ./../pkgs/development/idris-modules/README.md;
|
||||
|
@ -92,7 +92,14 @@ in ...</programlisting>
|
||||
<para>Do not use this function in Nixpkgs. Because it breaks
|
||||
package abstraction and doesn’t provide error checking for
|
||||
function arguments, it is only intended for ad-hoc customisation
|
||||
(such as in <filename>~/.nixpkgs/config.nix</filename>).</para>
|
||||
(such as in <filename>~/.nixpkgs/config.nix</filename>).
|
||||
</para>
|
||||
|
||||
<para>
|
||||
Additionally, <varname>overrideDerivation</varname> forces an evaluation
|
||||
of the Derivation which can be quite a performance penalty if there are many
|
||||
overrides used.
|
||||
</para>
|
||||
</warning>
|
||||
|
||||
<para>
|
||||
|
@ -1,10 +1,10 @@
|
||||
<chapter xmlns="http://docbook.org/ns/docbook"
|
||||
<section xmlns="http://docbook.org/ns/docbook"
|
||||
xmlns:xlink="http://www.w3.org/1999/xlink"
|
||||
xml:id="users-guide-to-the-erlang-infrastructure">
|
||||
xml:id="sec-beam">
|
||||
|
||||
<title>User's Guide to the Beam Infrastructure</title>
|
||||
<title>Beam Languages (Erlang & Elixir)</title>
|
||||
<section xml:id="beam-introduction">
|
||||
<title>Beam Languages (Erlang & Elixir) on Nix</title>
|
||||
<title>Introduction</title>
|
||||
<para>
|
||||
In this document and related Nix expressions we use the term
|
||||
<emphasis>Beam</emphasis> to describe the environment. Beam is
|
||||
@ -373,4 +373,4 @@ $ nix-build -A beamPackages
|
||||
that.
|
||||
</para>
|
||||
</section>
|
||||
</chapter>
|
||||
</section>
|
@ -329,7 +329,7 @@ workarounds.
|
||||
|
||||
### How to build a Haskell project using Stack
|
||||
|
||||
[Stack][http://haskellstack.org] is a popular build tool for Haskell projects.
|
||||
[Stack](http://haskellstack.org) is a popular build tool for Haskell projects.
|
||||
It has first-class support for Nix. Stack can optionally use Nix to
|
||||
automatically select the right version of GHC and other build tools to build,
|
||||
test and execute apps in an existing project downloaded from somewhere on the
|
@ -13,19 +13,20 @@ in Nixpkgs to easily build packages for other programming languages,
|
||||
such as Perl or Haskell. These are described in this chapter.</para>
|
||||
|
||||
|
||||
<xi:include href="perl.xml" />
|
||||
<xi:include href="python.xml" />
|
||||
<xi:include href="ruby.xml" />
|
||||
<xi:include href="beam.xml" />
|
||||
<xi:include href="bower.xml" />
|
||||
<xi:include href="coq.xml" />
|
||||
<xi:include href="go.xml" />
|
||||
<xi:include href="haskell.xml" />
|
||||
<xi:include href="idris.xml" /> <!-- generated from ../../pkgs/development/idris-modules/README.md -->
|
||||
<xi:include href="java.xml" />
|
||||
<xi:include href="lua.xml" />
|
||||
<xi:include href="coq.xml" />
|
||||
<xi:include href="idris.xml" /> <!-- generated from ../../pkgs/development/idris-modules/README.md -->
|
||||
<xi:include href="r.xml" /> <!-- generated from ../../pkgs/development/r-modules/README.md -->
|
||||
<xi:include href="perl.xml" />
|
||||
<xi:include href="python.xml" />
|
||||
<xi:include href="qt.xml" />
|
||||
<xi:include href="r.xml" /> <!-- generated from ../../pkgs/development/r-modules/README.md -->
|
||||
<xi:include href="ruby.xml" />
|
||||
<xi:include href="texlive.xml" />
|
||||
<xi:include href="bower.xml" />
|
||||
|
||||
|
||||
</chapter>
|
||||
|
||||
|
@ -78,18 +78,16 @@ containing
|
||||
```nix
|
||||
with import <nixpkgs> {};
|
||||
|
||||
(pkgs.python35.buildEnv.override {
|
||||
extraLibs = with pkgs.python35Packages; [ numpy toolz ];
|
||||
}).env
|
||||
(pkgs.python35.withPackages (ps: [ps.numpy ps.toolz])).env
|
||||
```
|
||||
executing `nix-shell` gives you again a Nix shell from which you can run Python.
|
||||
|
||||
What's happening here?
|
||||
|
||||
1. We begin with importing the Nix Packages collections. `import <nixpkgs>` import the `<nixpkgs>` function, `{}` calls it and the `with` statement brings all attributes of `nixpkgs` in the local scope. Therefore we can now use `pkgs`.
|
||||
2. Then we create a Python 3.5 environment with `pkgs.buildEnv`. Because we want to use it with a custom set of Python packages, we override it.
|
||||
3. The `extraLibs` argument of the original `buildEnv` function can be used to specify which packages should be included. We want `numpy` and `toolz`. Again, we use the `with` statement to bring a set of attributes into the local scope.
|
||||
4. And finally, for in interactive use we return the environment.
|
||||
2. Then we create a Python 3.5 environment with the `withPackages` function.
|
||||
3. The `withPackages` function expects us to provide a function as an argument that takes the set of all python packages and returns a list of packages to include in the environment. Here, we select the packages `numpy` and `toolz` from the package set.
|
||||
4. And finally, for in interactive use we return the environment by using the `env` attribute.
|
||||
|
||||
### Developing with Python
|
||||
|
||||
@ -187,10 +185,7 @@ with import <nixpkgs> {};
|
||||
};
|
||||
};
|
||||
|
||||
in pkgs.python35.buildEnv.override rec {
|
||||
|
||||
extraLibs = [ pkgs.python35Packages.numpy toolz ];
|
||||
}
|
||||
in pkgs.python35.withPackages (ps: [ps.numpy toolz])
|
||||
).env
|
||||
```
|
||||
|
||||
@ -199,8 +194,11 @@ locally defined package as well as `numpy` which is build according to the
|
||||
definition in Nixpkgs. What did we do here? Well, we took the Nix expression
|
||||
that we used earlier to build a Python environment, and said that we wanted to
|
||||
include our own version of `toolz`. To introduce our own package in the scope of
|
||||
`buildEnv.override` we used a
|
||||
`withPackages` we used a
|
||||
[`let`](http://nixos.org/nix/manual/#sec-constructs) expression.
|
||||
You can see that we used `ps.numpy` to select numpy from the nixpkgs package set (`ps`).
|
||||
But we do not take `toolz` from the nixpkgs package set this time.
|
||||
Instead, `toolz` will resolve to our local definition that we introduced with `let`.
|
||||
|
||||
### Handling dependencies
|
||||
|
||||
@ -359,7 +357,7 @@ own packages. The important functions here are `import` and `callPackage`.
|
||||
|
||||
### Including a derivation using `callPackage`
|
||||
|
||||
Earlier we created a Python environment using `buildEnv`, and included the
|
||||
Earlier we created a Python environment using `withPackages`, and included the
|
||||
`toolz` package via a `let` expression.
|
||||
Let's split the package definition from the environment definition.
|
||||
|
||||
@ -394,9 +392,7 @@ with import <nixpkgs> {};
|
||||
|
||||
( let
|
||||
toolz = pkgs.callPackage ~/path/to/toolz/release.nix { pkgs=pkgs; buildPythonPackage=pkgs.python35Packages.buildPythonPackage; };
|
||||
in pkgs.python35.buildEnv.override rec {
|
||||
extraLibs = [ pkgs.python35Packages.numpy toolz ];
|
||||
}
|
||||
in pkgs.python35.withPackages (ps: [ ps.numpy toolz ])
|
||||
).env
|
||||
```
|
||||
|
||||
@ -450,6 +446,7 @@ Each interpreter has the following attributes:
|
||||
- `libPrefix`. Name of the folder in `${python}/lib/` for corresponding interpreter.
|
||||
- `interpreter`. Alias for `${python}/bin/${executable}`.
|
||||
- `buildEnv`. Function to build python interpreter environments with extra packages bundled together. See section *python.buildEnv function* for usage and documentation.
|
||||
- `withPackages`. Simpler interface to `buildEnv`. See section *python.withPackages function* for usage and documentation.
|
||||
- `sitePackages`. Alias for `lib/${libPrefix}/site-packages`.
|
||||
- `executable`. Name of the interpreter executable, ie `python3.4`.
|
||||
|
||||
@ -548,7 +545,7 @@ Python environments can be created using the low-level `pkgs.buildEnv` function.
|
||||
This example shows how to create an environment that has the Pyramid Web Framework.
|
||||
Saving the following as `default.nix`
|
||||
|
||||
with import {};
|
||||
with import <nixpkgs> {};
|
||||
|
||||
python.buildEnv.override {
|
||||
extraLibs = [ pkgs.pythonPackages.pyramid ];
|
||||
@ -565,7 +562,7 @@ You can also use the `env` attribute to create local environments with needed
|
||||
packages installed. This is somewhat comparable to `virtualenv`. For example,
|
||||
running `nix-shell` with the following `shell.nix`
|
||||
|
||||
with import {};
|
||||
with import <nixpkgs> {};
|
||||
|
||||
(python3.buildEnv.override {
|
||||
extraLibs = with python3Packages; [ numpy requests ];
|
||||
@ -581,6 +578,37 @@ specified packages in its path.
|
||||
* `postBuild`: Shell command executed after the build of environment.
|
||||
* `ignoreCollisions`: Ignore file collisions inside the environment (default is `false`).
|
||||
|
||||
#### python.withPackages function
|
||||
|
||||
The `python.withPackages` function provides a simpler interface to the `python.buildEnv` functionality.
|
||||
It takes a function as an argument that is passed the set of python packages and returns the list
|
||||
of the packages to be included in the environment. Using the `withPackages` function, the previous
|
||||
example for the Pyramid Web Framework environment can be written like this:
|
||||
|
||||
with import <nixpkgs> {};
|
||||
|
||||
python.withPackages (ps: [ps.pyramid])
|
||||
|
||||
`withPackages` passes the correct package set for the specific interpreter version as an
|
||||
argument to the function. In the above example, `ps` equals `pythonPackages`.
|
||||
But you can also easily switch to using python3:
|
||||
|
||||
with import <nixpkgs> {};
|
||||
|
||||
python3.withPackages (ps: [ps.pyramid])
|
||||
|
||||
Now, `ps` is set to `python3Packages`, matching the version of the interpreter.
|
||||
|
||||
As `python.withPackages` simply uses `python.buildEnv` under the hood, it also supports the `env`
|
||||
attribute. The `shell.nix` file from the previous section can thus be also written like this:
|
||||
|
||||
with import <nixpkgs> {};
|
||||
|
||||
(python33.withPackages (ps: [ps.numpy ps.requests])).env
|
||||
|
||||
In contrast to `python.buildEnv`, `python.withPackages` does not support the more advanced options
|
||||
such as `ignoreCollisions = true` or `postBuild`. If you need them, you have to use `python.buildEnv`.
|
||||
|
||||
### Development mode
|
||||
|
||||
Development or editable mode is supported. To develop Python packages
|
||||
@ -591,7 +619,7 @@ Warning: `shellPhase` is executed only if `setup.py` exists.
|
||||
|
||||
Given a `default.nix`:
|
||||
|
||||
with import {};
|
||||
with import <nixpkgs> {};
|
||||
|
||||
buildPythonPackage { name = "myproject";
|
||||
|
||||
@ -649,9 +677,8 @@ newpkgs = pkgs.overridePackages(self: super: rec {
|
||||
self = python35Packages // { pandas = python35Packages.pandas.override{name="foo";};};
|
||||
};
|
||||
});
|
||||
in newpkgs.python35.buildEnv.override{
|
||||
extraLibs = [newpkgs.python35Packages.blaze ];
|
||||
}).env
|
||||
in newpkgs.python35.withPackages (ps: [ps.blaze])
|
||||
).env
|
||||
```
|
||||
A typical use case is to switch to another version of a certain package. For example, in the Nixpkgs repository we have multiple versions of `django` and `scipy`.
|
||||
In the following example we use a different version of `scipy`. All packages in `newpkgs` will now use the updated `scipy` version.
|
||||
@ -665,9 +692,8 @@ newpkgs = pkgs.overridePackages(self: super: rec {
|
||||
self = python35Packages // { scipy = python35Packages.scipy_0_16;};
|
||||
};
|
||||
});
|
||||
in pkgs.python35.buildEnv.override{
|
||||
extraLibs = [newpkgs.python35Packages.blaze ];
|
||||
}).env
|
||||
in newpkgs.python35.withPackages (ps: [ps.blaze])
|
||||
).env
|
||||
```
|
||||
The requested package `blaze` depends upon `pandas` which itself depends on `scipy`.
|
||||
|
||||
|
@ -20,8 +20,6 @@
|
||||
<xi:include href="package-notes.xml" />
|
||||
<xi:include href="coding-conventions.xml" />
|
||||
<xi:include href="submitting-changes.xml" />
|
||||
<xi:include href="haskell-users-guide.xml" />
|
||||
<xi:include href="beam-users-guide.xml" />
|
||||
<xi:include href="contributing.xml" />
|
||||
|
||||
</book>
|
||||
|
@ -50,7 +50,7 @@ let inherit (lib) nv nvs; in
|
||||
# nice features:
|
||||
# declaring "optional featuers" is modular. For instance:
|
||||
# flags.curl = {
|
||||
# configureFlags = ["--with-curl=${curl}" "--with-curlwrappers"];
|
||||
# configureFlags = ["--with-curl=${curl.dev}" "--with-curlwrappers"];
|
||||
# buildInputs = [curl openssl];
|
||||
# };
|
||||
# flags.other = { .. }
|
||||
|
@ -24,7 +24,7 @@ rec {
|
||||
Example:
|
||||
concat = fold (a: b: a + b) "z"
|
||||
concat [ "a" "b" "c" ]
|
||||
=> "abcnul"
|
||||
=> "abcz"
|
||||
*/
|
||||
fold = op: nul: list:
|
||||
let
|
||||
|
@ -76,6 +76,7 @@
|
||||
choochootrain = "Hurshal Patel <hurshal@imap.cc>";
|
||||
christopherpoole = "Christopher Mark Poole <mail@christopherpoole.net>";
|
||||
cleverca22 = "Michael Bishop <cleverca22@gmail.com>";
|
||||
cmcdragonkai = "Roger Qiu <roger.qiu@matrix.ai>";
|
||||
coconnor = "Corey O'Connor <coreyoconnor@gmail.com>";
|
||||
codsl = "codsl <codsl@riseup.net>";
|
||||
codyopel = "Cody Opel <codyopel@gmail.com>";
|
||||
@ -85,7 +86,7 @@
|
||||
couchemar = "Andrey Pavlov <couchemar@yandex.ru>";
|
||||
cransom = "Casey Ransom <cransom@hubns.net>";
|
||||
CrystalGamma = "Jona Stubbe <nixos@crystalgamma.de>";
|
||||
cstrahan = "Charles Strahan <charles.c.strahan@gmail.com>";
|
||||
cstrahan = "Charles Strahan <charles@cstrahan.com>";
|
||||
cwoac = "Oliver Matthews <oliver@codersoffortune.net>";
|
||||
DamienCassou = "Damien Cassou <damien@cassou.me>";
|
||||
dasuxullebt = "Christoph-Simon Senjak <christoph.senjak@googlemail.com>";
|
||||
@ -150,6 +151,7 @@
|
||||
goibhniu = "Cillian de Róiste <cillian.deroiste@gmail.com>";
|
||||
Gonzih = "Max Gonzih <gonzih@gmail.com>";
|
||||
gpyh = "Yacine Hmito <yacine.hmito@gmail.com>";
|
||||
grahamc = "Graham Christensen <graham@grahamc.com>";
|
||||
gridaphobe = "Eric Seidel <eric@seidel.io>";
|
||||
guibert = "David Guibert <david.guibert@gmail.com>";
|
||||
havvy = "Ryan Scheel <ryan.havvy@gmail.com>";
|
||||
@ -228,7 +230,7 @@
|
||||
matthiasbeyer = "Matthias Beyer <mail@beyermatthias.de>";
|
||||
maurer = "Matthew Maurer <matthew.r.maurer+nix@gmail.com>";
|
||||
mbakke = "Marius Bakke <ymse@tuta.io>";
|
||||
mbauer = "Matthew Bauer <mjbauer95@gmail.com>";
|
||||
matthewbauer = "Matthew Bauer <mjbauer95@gmail.com>";
|
||||
mbe = "Brandon Edens <brandonedens@gmail.com>";
|
||||
mboes = "Mathieu Boespflug <mboes@tweag.net>";
|
||||
mcmtroffaes = "Matthias C. M. Troffaes <matthias.troffaes@gmail.com>";
|
||||
@ -259,6 +261,7 @@
|
||||
nfjinjing = "Jinjing Wang <nfjinjing@gmail.com>";
|
||||
nico202 = "Nicolò Balzarotti <anothersms@gmail.com>";
|
||||
notthemessiah = "Brian Cohen <brian.cohen.88@gmail.com>";
|
||||
NikolaMandic = "Ratko Mladic <nikola@mandic.email>";
|
||||
np = "Nicolas Pouillard <np.nix@nicolaspouillard.fr>";
|
||||
nslqqq = "Nikita Mikhailov <nslqqq@gmail.com>";
|
||||
obadz = "obadz <obadz-nixos@obadz.com>";
|
||||
@ -293,6 +296,7 @@
|
||||
pmiddend = "Philipp Middendorf <pmidden@secure.mailbox.org>";
|
||||
prikhi = "Pavan Rikhi <pavan.rikhi@gmail.com>";
|
||||
profpatsch = "Profpatsch <mail@profpatsch.de>";
|
||||
pshendry = "Paul Hendry <paul@pshendry.com>";
|
||||
psibi = "Sibi <sibi@psibi.in>";
|
||||
pSub = "Pascal Wittmann <mail@pascal-wittmann.de>";
|
||||
puffnfresh = "Brian McKenna <brian@brianmckenna.org>";
|
||||
@ -303,6 +307,7 @@
|
||||
rasendubi = "Alexey Shmalko <rasen.dubi@gmail.com>";
|
||||
raskin = "Michael Raskin <7c6f434c@mail.ru>";
|
||||
redbaron = "Maxim Ivanov <ivanov.maxim@gmail.com>";
|
||||
redvers = "Redvers Davies <red@infect.me>";
|
||||
refnil = "Martin Lavoie <broemartino@gmail.com>";
|
||||
relrod = "Ricky Elrod <ricky@elrod.me>";
|
||||
renzo = "Renzo Carbonara <renzocarbonara@gmail.com>";
|
||||
|
@ -29,4 +29,30 @@ rec {
|
||||
in type == "directory" || lib.any (ext: lib.hasSuffix ext base) exts;
|
||||
in builtins.filterSource filter path;
|
||||
|
||||
# Get the commit id of a git repo
|
||||
# Example: commitIdFromGitRepo <nixpkgs/.git>
|
||||
commitIdFromGitRepo =
|
||||
let readCommitFromFile = path: file:
|
||||
with builtins;
|
||||
let fileName = toString path + "/" + file;
|
||||
packedRefsName = toString path + "/packed-refs";
|
||||
in if lib.pathExists fileName
|
||||
then
|
||||
let fileContent = readFile fileName;
|
||||
# Sometimes git stores the commitId directly in the file but
|
||||
# sometimes it stores something like: «ref: refs/heads/branch-name»
|
||||
matchRef = match "^ref: (.*)\n$" fileContent;
|
||||
in if isNull matchRef
|
||||
then lib.removeSuffix "\n" fileContent
|
||||
else readCommitFromFile path (lib.head matchRef)
|
||||
# Sometimes, the file isn't there at all and has been packed away in the
|
||||
# packed-refs file, so we have to grep through it:
|
||||
else if lib.pathExists packedRefsName
|
||||
then
|
||||
let packedRefs = lib.splitString "\n" (readFile packedRefsName);
|
||||
matchRule = match ("^(.*) " + file + "$");
|
||||
matchedRefs = lib.flatten (lib.filter (m: ! (isNull m)) (map matchRule packedRefs));
|
||||
in lib.head matchedRefs
|
||||
else throw ("Not a .git directory: " + path);
|
||||
in lib.flip readCommitFromFile "HEAD";
|
||||
}
|
||||
|
@ -114,13 +114,17 @@ rec {
|
||||
name = "list of ${elemType.name}s";
|
||||
check = isList;
|
||||
merge = loc: defs:
|
||||
map (x: x.value) (filter (x: x ? value) (concatLists (imap (n: def: imap (m: def':
|
||||
map (x: x.value) (filter (x: x ? value) (concatLists (imap (n: def:
|
||||
if isList def.value then
|
||||
imap (m: def':
|
||||
(mergeDefinitions
|
||||
(loc ++ ["[definition ${toString n}-entry ${toString m}]"])
|
||||
elemType
|
||||
[{ inherit (def) file; value = def'; }]
|
||||
).optionalValue
|
||||
) def.value) defs)));
|
||||
) def.value
|
||||
else
|
||||
throw "The option value `${showOption loc}' in `${def.file}' is not a list.") defs)));
|
||||
getSubOptions = prefix: elemType.getSubOptions (prefix ++ ["*"]);
|
||||
getSubModules = elemType.getSubModules;
|
||||
substSubModules = m: listOf (elemType.substSubModules m);
|
||||
|
@ -1,7 +1,7 @@
|
||||
{ stdenv, makeWrapper, perl, perlPackages }:
|
||||
|
||||
stdenv.mkDerivation {
|
||||
name = "nix-generate-from-cpan-2";
|
||||
name = "nix-generate-from-cpan-3";
|
||||
|
||||
buildInputs = with perlPackages; [
|
||||
makeWrapper perl CPANMeta GetoptLongDescriptive CPANPLUS Readonly Log4Perl
|
||||
@ -20,5 +20,6 @@ stdenv.mkDerivation {
|
||||
meta = {
|
||||
maintainers = with stdenv.lib.maintainers; [ eelco rycee ];
|
||||
description = "Utility to generate a Nix expression for a Perl package from CPAN";
|
||||
platforms = stdenv.lib.platforms.unix;
|
||||
};
|
||||
}
|
||||
|
@ -278,14 +278,14 @@ sub get_deps {
|
||||
foreach my $n ( $deps->required_modules ) {
|
||||
next if $n eq "perl";
|
||||
|
||||
# Hacky way to figure out if this module is part of Perl.
|
||||
if ( $n !~ /^JSON/ && $n !~ /^YAML/ && $n !~ /^Module::Pluggable/ && $n !~ /^if$/ ) {
|
||||
eval "use $n;";
|
||||
if ( !$@ ) {
|
||||
# Figure out whether the module is a core module by attempting
|
||||
# to `use` the module in a pure Perl interpreter and checking
|
||||
# whether it succeeded. Note, $^X is a magic variable holding
|
||||
# the path to the running Perl interpreter.
|
||||
if ( system("env -i $^X -M$n -e1 >/dev/null 2>&1") == 0 ) {
|
||||
DEBUG("skipping Perl-builtin module $n");
|
||||
next;
|
||||
}
|
||||
}
|
||||
|
||||
my $pkg = module_to_pkg( $cb, $n );
|
||||
|
||||
|
@ -19,7 +19,7 @@ kernel.</para>
|
||||
|
||||
<para>The default Linux kernel configuration should be fine for most users. You can see the configuration of your current kernel with the following command:
|
||||
<programlisting>
|
||||
cat /proc/config.gz | gunzip
|
||||
zcat /proc/config.gz
|
||||
</programlisting>
|
||||
If you want to change the kernel configuration, you can use the
|
||||
<option>packageOverrides</option> feature (see <xref
|
||||
@ -66,4 +66,25 @@ boot.kernel.sysctl."net.ipv4.tcp_keepalive_time" = 120;
|
||||
sets the kernel’s TCP keepalive time to 120 seconds. To see the
|
||||
available parameters, run <command>sysctl -a</command>.</para>
|
||||
|
||||
<section>
|
||||
<title>Developing kernel modules</title>
|
||||
|
||||
<para>When developing kernel modules it's often convenient to run
|
||||
edit-compile-run loop as quickly as possible.
|
||||
|
||||
See below snippet as an example of developing <literal>mellanox</literal>
|
||||
drivers.
|
||||
</para>
|
||||
|
||||
<screen><![CDATA[
|
||||
$ nix-build '<nixpkgs>' -A linuxPackages.kernel.dev
|
||||
$ nix-shell '<nixpkgs>' -A linuxPackages.kernel
|
||||
$ unpackPhase
|
||||
$ cd linux-*
|
||||
$ make -C $dev/lib/modules/*/build M=$(pwd)/drivers/net/ethernet/mellanox modules
|
||||
$ sudo insmod ./drivers/net/ethernet/mellanox/mlx5/core/mlx5_core.ko
|
||||
]]></screen>
|
||||
|
||||
</section>
|
||||
|
||||
</chapter>
|
||||
|
@ -9,21 +9,21 @@
|
||||
<para>NixOS supports file systems that are encrypted using
|
||||
<emphasis>LUKS</emphasis> (Linux Unified Key Setup). For example,
|
||||
here is how you create an encrypted Ext4 file system on the device
|
||||
<filename>/dev/sda2</filename>:
|
||||
<filename>/dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d</filename>:
|
||||
|
||||
<screen>
|
||||
$ cryptsetup luksFormat /dev/sda2
|
||||
$ cryptsetup luksFormat /dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d
|
||||
|
||||
WARNING!
|
||||
========
|
||||
This will overwrite data on /dev/sda2 irrevocably.
|
||||
This will overwrite data on /dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d irrevocably.
|
||||
|
||||
Are you sure? (Type uppercase yes): YES
|
||||
Enter LUKS passphrase: ***
|
||||
Verify passphrase: ***
|
||||
|
||||
$ cryptsetup luksOpen /dev/sda2 crypted
|
||||
Enter passphrase for /dev/sda2: ***
|
||||
$ cryptsetup luksOpen /dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d crypted
|
||||
Enter passphrase for /dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d: ***
|
||||
|
||||
$ mkfs.ext4 /dev/mapper/crypted
|
||||
</screen>
|
||||
@ -33,7 +33,7 @@ as <filename>/</filename>, add the following to
|
||||
<filename>configuration.nix</filename>:
|
||||
|
||||
<programlisting>
|
||||
boot.initrd.luks.devices = [ { device = "/dev/sda2"; name = "crypted"; } ];
|
||||
boot.initrd.luks.devices.crypted.device = "/dev/disk/by-uuid/3f6b0024-3a44-4fde-a43a-767b872abe5d";
|
||||
fileSystems."/".device = "/dev/mapper/crypted";
|
||||
</programlisting>
|
||||
|
||||
|
@ -7,8 +7,8 @@
|
||||
<title>Option Declarations</title>
|
||||
|
||||
<para>An option declaration specifies the name, type and description
|
||||
of a NixOS configuration option. It is illegal to define an option
|
||||
that hasn’t been declared in any module. A option declaration
|
||||
of a NixOS configuration option. It is invalid to define an option
|
||||
that hasn’t been declared in any module. An option declaration
|
||||
generally looks like this:
|
||||
|
||||
<programlisting>
|
||||
@ -42,7 +42,7 @@ options = {
|
||||
<listitem>
|
||||
<para>The default value used if no value is defined by any
|
||||
module. A default is not required; in that case, if the option
|
||||
value is ever used, an error will be thrown.</para>
|
||||
value is never used, an error will be thrown.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
|
@ -113,8 +113,8 @@
|
||||
<varlistentry>
|
||||
<term><option>--no-filesystems</option></term>
|
||||
<listitem>
|
||||
<para>Omit everything concerning file system information
|
||||
(which includes swap devices) from the hardware configuration.</para>
|
||||
<para>Omit everything concerning file systems and swap devices
|
||||
from the hardware configuration.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
|
@ -279,7 +279,7 @@ fileSystems."/example" = {
|
||||
|
||||
<listitem>
|
||||
<para><literal>services.xserver.vaapiDrivers</literal> has been removed. Use
|
||||
<literal>services.hardware.opengl.extraPackages{,32}</literal> instead. You can
|
||||
<literal>hardware.opengl.extraPackages{,32}</literal> instead. You can
|
||||
also specify VDPAU drivers there.</para>
|
||||
</listitem>
|
||||
|
||||
|
@ -30,7 +30,10 @@ following incompatible changes:</para>
|
||||
|
||||
<itemizedlist>
|
||||
<listitem>
|
||||
<para>todo</para>
|
||||
<para>Shell aliases for systemd sub-commands
|
||||
<link xlink:href="https://github.com/NixOS/nixpkgs/pull/15598">were dropped</link>:
|
||||
<command>start</command>, <command>stop</command>,
|
||||
<command>restart</command>, <command>status</command>.</para>
|
||||
</listitem>
|
||||
</itemizedlist>
|
||||
|
||||
|
@ -3,6 +3,7 @@ package Logger;
|
||||
use strict;
|
||||
use Thread::Queue;
|
||||
use XML::Writer;
|
||||
use Encode qw(decode encode);
|
||||
|
||||
sub new {
|
||||
my ($class) = @_;
|
||||
@ -56,7 +57,8 @@ sub nest {
|
||||
sub sanitise {
|
||||
my ($s) = @_;
|
||||
$s =~ s/[[:cntrl:]\xff]//g;
|
||||
return $s;
|
||||
$s = decode('UTF-8', $s, Encode::FB_DEFAULT);
|
||||
return encode('UTF-8', $s, Encode::FB_CROAK);
|
||||
}
|
||||
|
||||
sub log {
|
||||
|
@ -382,9 +382,17 @@ sub waitForUnit {
|
||||
my $state = $info->{ActiveState};
|
||||
die "unit ‘$unit’ reached state ‘$state’\n" if $state eq "failed";
|
||||
if ($state eq "inactive") {
|
||||
# If there are no pending jobs, then assume this unit
|
||||
# will never reach active state.
|
||||
my ($status, $jobs) = $self->execute("systemctl list-jobs --full 2>&1");
|
||||
if ($jobs =~ /No jobs/) { # FIXME: fragile
|
||||
# Handle the case where the unit may have started
|
||||
# between the previous getUnitInfo() and
|
||||
# list-jobs.
|
||||
my $info2 = $self->getUnitInfo($unit);
|
||||
die "unit ‘$unit’ is inactive and there are no pending jobs\n"
|
||||
if $jobs =~ /No jobs/; # FIXME: fragile
|
||||
if $info2->{ActiveState} eq $state;
|
||||
}
|
||||
}
|
||||
return 1 if $state eq "active";
|
||||
};
|
||||
|
@ -4,47 +4,17 @@ with lib;
|
||||
|
||||
let
|
||||
|
||||
fontDirs = config.fonts.fonts;
|
||||
|
||||
localDefs = with pkgs.builderDefs; pkgs.builderDefs.passthru.function rec {
|
||||
src = "";/* put a fetchurl here */
|
||||
buildInputs = [pkgs.xorg.mkfontdir pkgs.xorg.mkfontscale];
|
||||
inherit fontDirs;
|
||||
installPhase = fullDepEntry ("
|
||||
list='';
|
||||
for i in ${toString fontDirs} ; do
|
||||
if [ -d \$i/ ]; then
|
||||
list=\"\$list \$i\";
|
||||
fi;
|
||||
done
|
||||
list=\$(find \$list -name fonts.dir -o -name '*.ttf' -o -name '*.otf');
|
||||
fontDirs='';
|
||||
for i in \$list ; do
|
||||
fontDirs=\"\$fontDirs \$(dirname \$i)\";
|
||||
done;
|
||||
mkdir -p \$out/share/X11-fonts/;
|
||||
find \$fontDirs -type f -o -type l | while read i; do
|
||||
j=\"\${i##*/}\"
|
||||
if ! test -e \"\$out/share/X11-fonts/\${j}\"; then
|
||||
ln -s \"\$i\" \"\$out/share/X11-fonts/\${j}\";
|
||||
fi;
|
||||
done;
|
||||
cd \$out/share/X11-fonts/
|
||||
rm fonts.dir
|
||||
rm fonts.scale
|
||||
rm fonts.alias
|
||||
mkfontdir
|
||||
mkfontscale
|
||||
cat \$( find ${pkgs.xorg.fontalias}/ -name fonts.alias) >fonts.alias
|
||||
") ["minInit" "addInputs"];
|
||||
};
|
||||
|
||||
x11Fonts = with localDefs; stdenv.mkDerivation rec {
|
||||
name = "X11-fonts";
|
||||
builder = writeScript (name + "-builder")
|
||||
(textClosure localDefs
|
||||
[installPhase doForceShare doPropagate]);
|
||||
};
|
||||
x11Fonts = pkgs.runCommand "X11-fonts" { } ''
|
||||
mkdir -p "$out/share/X11-fonts"
|
||||
find ${toString config.fonts.fonts} \
|
||||
\( -name fonts.dir -o -name '*.ttf' -o -name '*.otf' \) \
|
||||
-exec ln -sf -t "$out/share/X11-fonts" '{}' \;
|
||||
cd "$out/share/X11-fonts"
|
||||
rm -f fonts.dir fonts.scale fonts.alias
|
||||
${pkgs.xorg.mkfontdir}/bin/mkfontdir
|
||||
${pkgs.xorg.mkfontscale}/bin/mkfontscale
|
||||
cat $(find ${pkgs.xorg.fontalias}/ -name fonts.alias) >fonts.alias
|
||||
'';
|
||||
|
||||
in
|
||||
|
||||
@ -70,6 +40,8 @@ in
|
||||
|
||||
environment.systemPackages = [ x11Fonts ];
|
||||
|
||||
environment.pathsToLink = [ "/share/X11-fonts" ];
|
||||
|
||||
};
|
||||
|
||||
}
|
||||
|
@ -192,7 +192,7 @@ in
|
||||
system.activationScripts = mkIf insertLdapPassword {
|
||||
ldap = stringAfter [ "etc" "groups" "users" ] ''
|
||||
if test -f "${cfg.bind.password}" ; then
|
||||
echo "bindpw "$(cat ${cfg.bind.password})"" | cat ${ldapConfig} - > /etc/ldap.conf.bindpw
|
||||
echo "bindpw "$(cat ${cfg.bind.password})"" | cat ${ldapConfig.source} - > /etc/ldap.conf.bindpw
|
||||
mv -fT /etc/ldap.conf.bindpw /etc/ldap.conf
|
||||
chmod 600 /etc/ldap.conf
|
||||
fi
|
||||
|
@ -11,6 +11,9 @@ let
|
||||
config.services.dnsmasq.resolveLocalQueries;
|
||||
hasLocalResolver = config.services.bind.enable || dnsmasqResolve;
|
||||
|
||||
resolvconfOptions = cfg.resolvconfOptions
|
||||
++ optional cfg.dnsSingleRequest "single-request"
|
||||
++ optional cfg.dnsExtensionMechanism "ends0";
|
||||
in
|
||||
|
||||
{
|
||||
@ -59,6 +62,14 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
networking.resolvconfOptions = lib.mkOption {
|
||||
type = types.listOf types.str;
|
||||
default = [];
|
||||
example = [ "ndots:1" "rotate" ];
|
||||
description = ''
|
||||
Set the options in <filename>/etc/resolv.conf</filename>.
|
||||
'';
|
||||
};
|
||||
|
||||
networking.proxy = {
|
||||
|
||||
@ -171,12 +182,9 @@ in
|
||||
# Invalidate the nscd cache whenever resolv.conf is
|
||||
# regenerated.
|
||||
libc_restart='${pkgs.systemd}/bin/systemctl try-restart --no-block nscd.service 2> /dev/null'
|
||||
'' + optionalString cfg.dnsSingleRequest ''
|
||||
# only send one DNS request at a time
|
||||
resolv_conf_options+=' single-request'
|
||||
'' + optionalString cfg.dnsExtensionMechanism ''
|
||||
# enable extension mechanisms for DNS
|
||||
resolv_conf_options+=' edns0'
|
||||
'' + optionalString (length resolvconfOptions > 0) ''
|
||||
# Options as described in resolv.conf(5)
|
||||
resolv_conf_options='${concatStringsSep " " resolvconfOptions}'
|
||||
'' + optionalString hasLocalResolver ''
|
||||
# This hosts runs a full-blown DNS resolver.
|
||||
name_servers='127.0.0.1'
|
||||
|
@ -150,10 +150,6 @@ in
|
||||
|
||||
system.build.binsh = pkgs.bashInteractive;
|
||||
|
||||
# Ensure TERMINFO is set appropriately *before* user shells are run,
|
||||
# as they may depend on it
|
||||
environment.sessionVariables.TERMINFO = "/run/current-system/sw/share/terminfo";
|
||||
|
||||
# Set session variables in the shell as well. This is usually
|
||||
# unnecessary, but it allows changes to session variables to take
|
||||
# effect without restarting the session (e.g. by opening a new
|
||||
|
@ -79,7 +79,7 @@ let
|
||||
echo "options init=${config.system.build.toplevel}/init ${toString config.boot.kernelParams} nomodeset" >> $out/loader/entries/nixos-livecd-nomodeset.conf
|
||||
|
||||
echo "default nixos-livecd" > $out/loader/loader.conf
|
||||
echo "timeout ${builtins.toString config.boot.loader.gummiboot.timeout}" >> $out/loader/loader.conf
|
||||
echo "timeout ${builtins.toString config.boot.loader.timeout}" >> $out/loader/loader.conf
|
||||
'';
|
||||
|
||||
efiImg = pkgs.runCommand "efi-image_eltorito" { buildInputs = [ pkgs.mtools pkgs.libfaketime ]; }
|
||||
|
@ -1,5 +1,6 @@
|
||||
#! @perl@
|
||||
|
||||
use strict;
|
||||
use Cwd 'abs_path';
|
||||
use File::Spec;
|
||||
use File::Path;
|
||||
@ -69,6 +70,7 @@ for (my $n = 0; $n < scalar @ARGV; $n++) {
|
||||
my @attrs = ();
|
||||
my @kernelModules = ();
|
||||
my @initrdKernelModules = ();
|
||||
my @initrdAvailableKernelModules = ();
|
||||
my @modulePackages = ();
|
||||
my @imports;
|
||||
|
||||
@ -379,7 +381,7 @@ EOF
|
||||
# Is this a btrfs filesystem?
|
||||
if ($fsType eq "btrfs") {
|
||||
my ($status, @id_info) = runCommand("btrfs subvol show $rootDir$mountPoint");
|
||||
if ($status != 0 || join("", @msg) =~ /ERROR:/) {
|
||||
if ($status != 0 || join("", @id_info) =~ /ERROR:/) {
|
||||
die "Failed to retrieve subvolume info for $mountPoint\n";
|
||||
}
|
||||
my @ids = join("", @id_info) =~ m/Subvolume ID:[ \t\n]*([^ \t\n]*)/;
|
||||
@ -417,6 +419,25 @@ EOF
|
||||
};
|
||||
|
||||
EOF
|
||||
|
||||
# If this filesystem is on a LUKS device, then add a
|
||||
# boot.initrd.luks.devices entry.
|
||||
if (-e $device) {
|
||||
my $deviceName = basename(abs_path($device));
|
||||
if (-e "/sys/class/block/$deviceName"
|
||||
&& read_file("/sys/class/block/$deviceName/dm/uuid", err_mode => 'quiet') =~ /^CRYPT-LUKS/)
|
||||
{
|
||||
my @slaves = glob("/sys/class/block/$deviceName/slaves/*");
|
||||
if (scalar @slaves == 1) {
|
||||
my $slave = "/dev/" . basename($slaves[0]);
|
||||
if (-e $slave) {
|
||||
my $dmName = read_file("/sys/class/block/$deviceName/dm/name");
|
||||
chomp $dmName;
|
||||
$fileSystems .= " boot.initrd.luks.devices.\"$dmName\".device = \"${\(findStableDevPath $slave)}\";\n\n";
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -440,7 +461,7 @@ sub toNixList {
|
||||
sub multiLineList {
|
||||
my $indent = shift;
|
||||
return " [ ]" if !@_;
|
||||
$res = "\n${indent}[ ";
|
||||
my $res = "\n${indent}[ ";
|
||||
my $first = 1;
|
||||
foreach my $s (@_) {
|
||||
$res .= "$indent " if !$first;
|
||||
@ -457,7 +478,7 @@ my $modulePackages = toNixList(uniq @modulePackages);
|
||||
|
||||
my $fsAndSwap = "";
|
||||
if (!$noFilesystems) {
|
||||
$fsAndSwap = "\n${fileSystems} ";
|
||||
$fsAndSwap = "\n$fileSystems ";
|
||||
$fsAndSwap .= "swapDevices =" . multiLineList(" ", @swapDevices) . ";\n";
|
||||
}
|
||||
|
||||
@ -494,7 +515,7 @@ if ($showHardwareConfig) {
|
||||
if ($force || ! -e $fn) {
|
||||
print STDERR "writing $fn...\n";
|
||||
|
||||
my $bootloaderConfig = "";
|
||||
my $bootLoaderConfig = "";
|
||||
if (-e "/sys/firmware/efi/efivars") {
|
||||
$bootLoaderConfig = <<EOF;
|
||||
# Use the gummiboot efi boot loader.
|
||||
@ -568,7 +589,7 @@ $bootLoaderConfig
|
||||
# };
|
||||
|
||||
# The NixOS release to be compatible with for stateful data such as databases.
|
||||
system.stateVersion = "@nixosRelease@";
|
||||
system.stateVersion = "${\(qw(@nixosRelease@))}";
|
||||
|
||||
}
|
||||
EOF
|
||||
|
@ -267,6 +267,8 @@
|
||||
graylog = 243;
|
||||
sniproxy = 244;
|
||||
nzbget = 245;
|
||||
mosquitto = 246;
|
||||
toxvpn = 247;
|
||||
|
||||
# When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399!
|
||||
|
||||
@ -504,6 +506,8 @@
|
||||
emby = 242;
|
||||
sniproxy = 244;
|
||||
nzbget = 245;
|
||||
mosquitto = 246;
|
||||
#toxvpn = 247; # unused
|
||||
|
||||
# When adding a gid, make sure it doesn't match an existing
|
||||
# uid. Users and groups with the same name should have equal
|
||||
|
@ -8,6 +8,8 @@ let
|
||||
releaseFile = "${toString pkgs.path}/.version";
|
||||
suffixFile = "${toString pkgs.path}/.version-suffix";
|
||||
revisionFile = "${toString pkgs.path}/.git-revision";
|
||||
gitRepo = "${toString pkgs.path}/.git";
|
||||
gitCommitId = lib.substring 0 7 (commitIdFromGitRepo gitRepo);
|
||||
in
|
||||
|
||||
{
|
||||
@ -102,6 +104,8 @@ in
|
||||
# changing them would not rebuild the manual
|
||||
nixosLabel = mkDefault (maybeEnv "NIXOS_LABEL" cfg.nixosVersion);
|
||||
nixosVersion = mkDefault (maybeEnv "NIXOS_VERSION" (cfg.nixosRelease + cfg.nixosVersionSuffix));
|
||||
nixosRevision = mkIf (pathExists gitRepo) (mkDefault gitCommitId);
|
||||
nixosVersionSuffix = mkIf (pathExists gitRepo) (mkDefault (".git." + gitCommitId));
|
||||
|
||||
# Note: code names must only increase in alphabetical order.
|
||||
nixosCodeName = "Flounder";
|
||||
|
@ -62,7 +62,8 @@
|
||||
./programs/bash/bash.nix
|
||||
./programs/blcr.nix
|
||||
./programs/cdemu.nix
|
||||
./programs/command-not-found/command-not-found.nix
|
||||
# see https://github.com/NixOS/nixos-channel-scripts/issues/4
|
||||
#./programs/command-not-found/command-not-found.nix
|
||||
./programs/dconf.nix
|
||||
./programs/environment.nix
|
||||
./programs/freetds.nix
|
||||
@ -346,6 +347,7 @@
|
||||
./services/networking/mjpg-streamer.nix
|
||||
./services/networking/minidlna.nix
|
||||
./services/networking/miniupnpd.nix
|
||||
./services/networking/mosquitto.nix
|
||||
./services/networking/mstpd.nix
|
||||
./services/networking/murmur.nix
|
||||
./services/networking/namecoind.nix
|
||||
@ -395,6 +397,7 @@
|
||||
./services/networking/tftpd.nix
|
||||
./services/networking/tlsdated.nix
|
||||
./services/networking/tox-bootstrapd.nix
|
||||
./services/networking/toxvpn.nix
|
||||
./services/networking/tvheadend.nix
|
||||
./services/networking/unbound.nix
|
||||
./services/networking/unifi.nix
|
||||
|
@ -84,19 +84,19 @@ in
|
||||
|
||||
set fish_function_path $fish_function_path ${pkgs.fish-foreign-env}/share/fish-foreign-env/functions
|
||||
|
||||
fenv source ${config.system.build.setEnvironment} 1> /dev/null
|
||||
fenv source /etc/fish/foreign-env/shellInit 1> /dev/null
|
||||
fenv source ${config.system.build.setEnvironment} > /dev/null ^&1
|
||||
fenv source /etc/fish/foreign-env/shellInit > /dev/null
|
||||
|
||||
${cfg.shellInit}
|
||||
|
||||
if builtin status --is-login
|
||||
fenv source /etc/fish/foreign-env/loginShellInit 1> /dev/null
|
||||
if status --is-login
|
||||
fenv source /etc/fish/foreign-env/loginShellInit > /dev/null
|
||||
${cfg.loginShellInit}
|
||||
end
|
||||
|
||||
if builtin status --is-interactive
|
||||
if status --is-interactive
|
||||
${fishAliases}
|
||||
fenv source /etc/fish/foreign-env/interactiveShellInit 1> /dev/null
|
||||
fenv source /etc/fish/foreign-env/interactiveShellInit > /dev/null
|
||||
${cfg.interactiveShellInit}
|
||||
end
|
||||
'';
|
||||
|
@ -19,7 +19,7 @@ with lib;
|
||||
|
||||
config = mkIf config.programs.man.enable {
|
||||
|
||||
environment.systemPackages = [ pkgs.man ];
|
||||
environment.systemPackages = [ pkgs.man-db ];
|
||||
|
||||
environment.pathsToLink = [ "/share/man" ];
|
||||
|
||||
|
@ -5,8 +5,57 @@ let
|
||||
|
||||
cfg = config.programs.tmux;
|
||||
|
||||
in
|
||||
{
|
||||
defaultKeyMode = "emacs";
|
||||
defaultResize = 5;
|
||||
defaultShortcut = "b";
|
||||
defaultTerminal = "screen";
|
||||
|
||||
boolToStr = value: if value then "on" else "off";
|
||||
|
||||
tmuxConf = ''
|
||||
set -g default-terminal "${cfg.terminal}"
|
||||
set -g base-index ${toString cfg.baseIndex}
|
||||
setw -g pane-base-index ${toString cfg.baseIndex}
|
||||
|
||||
${if cfg.newSession then "new-session" else ""}
|
||||
|
||||
${if cfg.reverseSplit then ''
|
||||
bind v split-window -h
|
||||
bind s split-window -v
|
||||
'' else ""}
|
||||
|
||||
set -g status-keys ${cfg.keyMode}
|
||||
set -g mode-keys ${cfg.keyMode}
|
||||
|
||||
${if cfg.keyMode == "vi" then ''
|
||||
bind h select-pane -L
|
||||
bind j select-pane -D
|
||||
bind k select-pane -U
|
||||
bind l select-pane -R
|
||||
|
||||
bind -r H resize-pane -L ${toString cfg.resizeAmount}
|
||||
bind -r J resize-pane -D ${toString cfg.resizeAmount}
|
||||
bind -r K resize-pane -U ${toString cfg.resizeAmount}
|
||||
bind -r L resize-pane -R ${toString cfg.resizeAmount}
|
||||
'' else ""}
|
||||
|
||||
${if (cfg.shortcut != defaultShortcut) then ''
|
||||
# rebind main key: C-${cfg.shortcut}
|
||||
unbind C-${defaultShortcut}
|
||||
set -g prefix C-${cfg.shortcut}
|
||||
bind ${cfg.shortcut} send-prefix
|
||||
bind C-${cfg.shortcut} last-window
|
||||
'' else ""}
|
||||
|
||||
setw -g aggressive-resize ${boolToStr cfg.aggressiveResize}
|
||||
setw -g clock-mode-style ${if cfg.clock24 then "24" else "12"}
|
||||
set -s escape-time ${toString cfg.escapeTime}
|
||||
set -g history-limit ${toString cfg.historyLimit}
|
||||
|
||||
${cfg.extraTmuxConf}
|
||||
'';
|
||||
|
||||
in {
|
||||
###### interface
|
||||
|
||||
options = {
|
||||
@ -14,13 +63,92 @@ in
|
||||
|
||||
enable = mkEnableOption "<command>tmux</command> - a <command>screen</command> replacement.";
|
||||
|
||||
tmuxconf = mkOption {
|
||||
aggressiveResize = mkOption {
|
||||
default = false;
|
||||
example = true;
|
||||
type = types.bool;
|
||||
description = ''
|
||||
Resize the window to the size of the smallest session for which it is the current window.
|
||||
'';
|
||||
};
|
||||
|
||||
baseIndex = mkOption {
|
||||
default = 0;
|
||||
example = 1;
|
||||
type = types.int;
|
||||
description = "Base index for windows and panes.";
|
||||
};
|
||||
|
||||
clock24 = mkOption {
|
||||
default = false;
|
||||
example = true;
|
||||
type = types.bool;
|
||||
description = "Use 24 hour clock.";
|
||||
};
|
||||
|
||||
escapeTime = mkOption {
|
||||
default = 500;
|
||||
example = 0;
|
||||
type = types.int;
|
||||
description = "Time in milliseconds for which tmux waits after an escape is input.";
|
||||
};
|
||||
|
||||
extraTmuxConf = mkOption {
|
||||
default = "";
|
||||
description = ''
|
||||
The contents of /etc/tmux.conf
|
||||
Additional contents of /etc/tmux.conf
|
||||
'';
|
||||
type = types.lines;
|
||||
};
|
||||
|
||||
historyLimit = mkOption {
|
||||
default = 2000;
|
||||
example = 5000;
|
||||
type = types.int;
|
||||
description = "Maximum number of lines held in window history.";
|
||||
};
|
||||
|
||||
keyMode = mkOption {
|
||||
default = defaultKeyMode;
|
||||
example = "vi";
|
||||
type = types.enum [ "emacs" "vi" ];
|
||||
description = "VI or Emacs style shortcuts.";
|
||||
};
|
||||
|
||||
newSession = mkOption {
|
||||
default = false;
|
||||
example = true;
|
||||
type = types.bool;
|
||||
description = "Automatically spawn a session if trying to attach and none are running.";
|
||||
};
|
||||
|
||||
reverseSplit = mkOption {
|
||||
default = false;
|
||||
example = true;
|
||||
type = types.bool;
|
||||
description = "Reverse the window split shortcuts.";
|
||||
};
|
||||
|
||||
resizeAmount = mkOption {
|
||||
default = defaultResize;
|
||||
example = 10;
|
||||
type = types.int;
|
||||
description = "Number of lines/columns when resizing.";
|
||||
};
|
||||
|
||||
shortcut = mkOption {
|
||||
default = defaultShortcut;
|
||||
example = "a";
|
||||
type = types.str;
|
||||
description = "Ctrl following by this key is used as the main shortcut.";
|
||||
};
|
||||
|
||||
terminal = mkOption {
|
||||
default = defaultTerminal;
|
||||
example = "screen-256color";
|
||||
type = types.str;
|
||||
description = "Set the $TERM variable.";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
@ -28,8 +156,13 @@ in
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
environment = {
|
||||
etc."tmux.conf".text = tmuxConf;
|
||||
|
||||
systemPackages = [ pkgs.tmux ];
|
||||
etc."tmux.conf".text = cfg.tmuxconf;
|
||||
|
||||
variables = {
|
||||
TMUX_TMPDIR = ''''${XDG_RUNTIME_DIR:-"/run/user/\$(id -u)"}'';
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
@ -34,6 +34,8 @@ with lib;
|
||||
# Old Grub-related options.
|
||||
(mkRenamedOptionModule [ "boot" "initrd" "extraKernelModules" ] [ "boot" "initrd" "kernelModules" ])
|
||||
(mkRenamedOptionModule [ "boot" "extraKernelParams" ] [ "boot" "kernelParams" ])
|
||||
(mkRenamedOptionModule [ "boot" "loader" "grub" "timeout" ] [ "boot" "loader" "timeout" ])
|
||||
(mkRenamedOptionModule [ "boot" "loader" "gummiboot" "timeout" ] [ "boot" "loader" "timeout" ])
|
||||
|
||||
# smartd
|
||||
(mkRenamedOptionModule [ "services" "smartd" "deviceOpts" ] [ "services" "smartd" "defaults" "monitored" ])
|
||||
|
@ -96,7 +96,7 @@ in
|
||||
}:
|
||||
|
||||
''
|
||||
if ! source=${if source != "" then source else "$(PATH=$SETUID_PATH type -tP ${program})"}; then
|
||||
if ! source=${if source != "" then source else "$(readlink -f $(PATH=$SETUID_PATH type -tP ${program}))"}; then
|
||||
# If we can't find the program, fall back to the
|
||||
# system profile.
|
||||
source=/nix/var/nix/profiles/default/bin/${program}
|
||||
|
@ -40,7 +40,7 @@ in
|
||||
defaultText = "pkgs.slurm-llnl";
|
||||
example = literalExample "pkgs.slurm-llnl-full";
|
||||
description = ''
|
||||
The packge to use for slurm binaries.
|
||||
The package to use for slurm binaries.
|
||||
'';
|
||||
};
|
||||
|
||||
@ -111,7 +111,7 @@ in
|
||||
builder = pkgs.writeText "builder.sh" ''
|
||||
source $stdenv/setup
|
||||
mkdir -p $out/bin
|
||||
find ${cfg.package}/bin -type f -executable | while read EXE
|
||||
find ${getBin cfg.package}/bin -type f -executable | while read EXE
|
||||
do
|
||||
exename="$(basename $EXE)"
|
||||
wrappername="$out/bin/$exename"
|
||||
|
@ -68,6 +68,22 @@ in
|
||||
description = "The port for Redis to listen to.";
|
||||
};
|
||||
|
||||
vmOverCommit = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Set vm.overcommit_memory to 1 (Suggested for Background Saving: http://redis.io/topics/faq)
|
||||
'';
|
||||
};
|
||||
|
||||
openFirewall = mkOption {
|
||||
type = types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to open ports in the firewall for the server.
|
||||
'';
|
||||
};
|
||||
|
||||
bind = mkOption {
|
||||
type = with types; nullOr str;
|
||||
default = null; # All interfaces
|
||||
@ -193,6 +209,14 @@ in
|
||||
|
||||
config = mkIf config.services.redis.enable {
|
||||
|
||||
boot.kernel.sysctl = mkIf cfg.vmOverCommit {
|
||||
"vm.overcommit_memory" = "1";
|
||||
};
|
||||
|
||||
networking.firewall = mkIf cfg.openFirewall {
|
||||
allowedTCPPorts = [ cfg.port ];
|
||||
};
|
||||
|
||||
users.extraUsers.redis =
|
||||
{ name = cfg.user;
|
||||
uid = config.ids.uids.redis;
|
||||
|
@ -36,7 +36,7 @@ in
|
||||
|
||||
environment.systemPackages = [ gnome3.gnome_keyring ];
|
||||
|
||||
services.dbus.packages = [ gnome3.gnome_keyring ];
|
||||
services.dbus.packages = [ gnome3.gnome_keyring gnome3.gcr ];
|
||||
|
||||
};
|
||||
|
||||
|
@ -107,7 +107,16 @@ in {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
wants = [ "network.target" ];
|
||||
after = [ "network.target" ];
|
||||
preStart = "mkdir -p /var/spool";
|
||||
preStart = ''
|
||||
mkdir -p /var/spool/smtpd
|
||||
|
||||
mkdir -p /var/spool/smtpd/offline
|
||||
chown root.smtpq /var/spool/smtpd/offline
|
||||
chmod 770 /var/spool/smtpd/offline
|
||||
|
||||
mkdir -p /var/spool/smtpd/purge
|
||||
chmod 700 /var/spool/smtpd/purge
|
||||
'';
|
||||
serviceConfig.ExecStart = "${opensmtpd}/sbin/smtpd -d -f ${conf} ${args}";
|
||||
environment.OPENSMTPD_PROC_PATH = "${procEnv}/libexec/opensmtpd";
|
||||
};
|
||||
|
@ -153,7 +153,7 @@ in
|
||||
after = [ "network.target" ];
|
||||
serviceConfig = {
|
||||
ExecStart = "${pkgs.diod}/sbin/diod -f -c ${diodConfig}";
|
||||
Capabilities = "cap_net_bind_service+=ep";
|
||||
CapabilityBoundingSet = "cap_net_bind_service+=ep";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
@ -64,7 +64,7 @@ in
|
||||
|
||||
###### implementation
|
||||
|
||||
config = mkIf config.services.chrony.enable {
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
# Make chronyc available in the system path
|
||||
environment.systemPackages = [ pkgs.chrony ];
|
||||
@ -101,12 +101,14 @@ in
|
||||
home = stateDir;
|
||||
};
|
||||
|
||||
systemd.services.ntpd.enable = false;
|
||||
systemd.services.ntpd.enable = mkForce false;
|
||||
|
||||
systemd.services.chronyd =
|
||||
{ description = "chrony NTP daemon";
|
||||
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
wants = [ "time-sync.target" ];
|
||||
before = [ "time-sync.target" ];
|
||||
after = [ "network.target" ];
|
||||
conflicts = [ "ntpd.service" "systemd-timesyncd.service" ];
|
||||
|
||||
|
@ -90,7 +90,7 @@ in
|
||||
example = literalExample "${pkgs.dnscrypt-proxy}/share/dnscrypt-proxy/dnscrypt-resolvers.csv";
|
||||
default = pkgs.fetchurl {
|
||||
url = "https://raw.githubusercontent.com/jedisct1/dnscrypt-proxy/master/dnscrypt-resolvers.csv";
|
||||
sha256 = "07kbbisrvrqdxif3061hxj3whin3llg4nh50ln7prisi2vbd76xd";
|
||||
sha256 = "0lac20qhcgjxxiiz8jzcn3hkqj4ywl58hahp5n2i6vf9akfyqp7c";
|
||||
};
|
||||
defaultText = "pkgs.fetchurl { url = ...; sha256 = ...; }";
|
||||
};
|
||||
|
219
nixos/modules/services/networking/mosquitto.nix
Normal file
219
nixos/modules/services/networking/mosquitto.nix
Normal file
@ -0,0 +1,219 @@
|
||||
{ config, lib, pkgs, ...}:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.mosquitto;
|
||||
|
||||
listenerConf = optionalString cfg.ssl.enable ''
|
||||
listener ${toString cfg.ssl.port} ${cfg.ssl.host}
|
||||
cafile ${cfg.ssl.cafile}
|
||||
certfile ${cfg.ssl.certfile}
|
||||
keyfile ${cfg.ssl.keyfile}
|
||||
'';
|
||||
|
||||
mosquittoConf = pkgs.writeText "mosquitto.conf" ''
|
||||
pid_file /run/mosquitto/pid
|
||||
acl_file ${aclFile}
|
||||
persistence true
|
||||
allow_anonymous ${if cfg.allowAnonymous then "true" else "false"}
|
||||
bind_address ${cfg.host}
|
||||
port ${toString cfg.port}
|
||||
${listenerConf}
|
||||
${cfg.extraConf}
|
||||
'';
|
||||
|
||||
userAcl = (concatStringsSep "\n\n" (mapAttrsToList (n: c:
|
||||
"user ${n}\n" + (concatStringsSep "\n" c.acl)) cfg.users
|
||||
));
|
||||
|
||||
aclFile = pkgs.writeText "mosquitto.acl" ''
|
||||
${cfg.aclExtraConf}
|
||||
${userAcl}
|
||||
'';
|
||||
|
||||
in
|
||||
|
||||
{
|
||||
|
||||
###### Interface
|
||||
|
||||
options = {
|
||||
services.mosquitto = {
|
||||
enable = mkEnableOption "Enable the MQTT Mosquitto broker.";
|
||||
|
||||
host = mkOption {
|
||||
default = "127.0.0.1";
|
||||
example = "0.0.0.0";
|
||||
type = types.string;
|
||||
description = ''
|
||||
Host to listen on without SSL.
|
||||
'';
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
default = 1883;
|
||||
example = 1883;
|
||||
type = types.int;
|
||||
description = ''
|
||||
Port on which to listen without SSL.
|
||||
'';
|
||||
};
|
||||
|
||||
ssl = {
|
||||
enable = mkEnableOption "Enable SSL listener.";
|
||||
|
||||
cafile = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
default = null;
|
||||
description = "Path to PEM encoded CA certificates.";
|
||||
};
|
||||
|
||||
certfile = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
default = null;
|
||||
description = "Path to PEM encoded server certificate.";
|
||||
};
|
||||
|
||||
keyfile = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
default = null;
|
||||
description = "Path to PEM encoded server key.";
|
||||
};
|
||||
|
||||
host = mkOption {
|
||||
default = "0.0.0.0";
|
||||
example = "localhost";
|
||||
type = types.string;
|
||||
description = ''
|
||||
Host to listen on with SSL.
|
||||
'';
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
default = 8883;
|
||||
example = 8883;
|
||||
type = types.int;
|
||||
description = ''
|
||||
Port on which to listen with SSL.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
dataDir = mkOption {
|
||||
default = "/var/lib/mosquitto";
|
||||
type = types.path;
|
||||
description = ''
|
||||
The data directory.
|
||||
'';
|
||||
};
|
||||
|
||||
users = mkOption {
|
||||
type = types.attrsOf (types.submodule {
|
||||
options = {
|
||||
password = mkOption {
|
||||
type = with types; uniq (nullOr str);
|
||||
default = null;
|
||||
description = ''
|
||||
Specifies the (clear text) password for the MQTT User.
|
||||
'';
|
||||
};
|
||||
|
||||
hashedPassword = mkOption {
|
||||
type = with types; uniq (nullOr str);
|
||||
default = null;
|
||||
description = ''
|
||||
Specifies the hashed password for the MQTT User.
|
||||
<option>hashedPassword</option> overrides <option>password</option>.
|
||||
To generate hashed password install <literal>mkpasswd</literal>
|
||||
package and run <literal>mkpasswd -m sha-512</literal>.
|
||||
'';
|
||||
};
|
||||
|
||||
acl = mkOption {
|
||||
type = types.listOf types.string;
|
||||
example = [ "topic read A/B" "topic A/#" ];
|
||||
description = ''
|
||||
Control client access to topics on the broker.
|
||||
'';
|
||||
};
|
||||
};
|
||||
});
|
||||
example = { john = { password = "123456"; acl = [ "topic readwrite john/#" ]; }; };
|
||||
description = ''
|
||||
A set of users and their passwords and ACLs.
|
||||
'';
|
||||
};
|
||||
|
||||
allowAnonymous = mkOption {
|
||||
default = false;
|
||||
example = true;
|
||||
type = types.bool;
|
||||
description = ''
|
||||
Allow clients to connect without authentication.
|
||||
'';
|
||||
};
|
||||
|
||||
extraConf = mkOption {
|
||||
default = "";
|
||||
type = types.lines;
|
||||
description = ''
|
||||
Extra config to append to `mosquitto.conf` file.
|
||||
'';
|
||||
};
|
||||
|
||||
aclExtraConf = mkOption {
|
||||
default = "";
|
||||
type = types.lines;
|
||||
description = ''
|
||||
Extra config to prepend to the ACL file.
|
||||
'';
|
||||
};
|
||||
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
###### Implementation
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
systemd.services.mosquitto = {
|
||||
description = "Mosquitto MQTT Broker Daemon";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "network.target" ];
|
||||
serviceConfig = {
|
||||
Type = "forking";
|
||||
User = "mosquitto";
|
||||
Group = "mosquitto";
|
||||
RuntimeDirectory = "mosquitto";
|
||||
WorkingDirectory = cfg.dataDir;
|
||||
Restart = "on-failure";
|
||||
ExecStart = "${pkgs.mosquitto}/bin/mosquitto -c ${mosquittoConf} -d";
|
||||
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
|
||||
PIDFile = "/run/mosquitto/pid";
|
||||
};
|
||||
preStart = ''
|
||||
rm -f ${cfg.dataDir}/passwd
|
||||
touch ${cfg.dataDir}/passwd
|
||||
'' + concatStringsSep "\n" (
|
||||
mapAttrsToList (n: c:
|
||||
if c.hashedPassword != null then
|
||||
"echo '${n}:${c.hashedPassword}' > ${cfg.dataDir}/passwd"
|
||||
else optionalString (c.password != null)
|
||||
"${pkgs.mosquitto}/bin/mosquitto_passwd -b ${cfg.dataDir}/passwd ${n} ${c.password}"
|
||||
) cfg.users);
|
||||
};
|
||||
|
||||
users.extraUsers.mosquitto = {
|
||||
description = "Mosquitto MQTT Broker Daemon owner";
|
||||
group = "mosquitto";
|
||||
uid = config.ids.uids.mosquitto;
|
||||
home = cfg.dataDir;
|
||||
createHome = true;
|
||||
};
|
||||
|
||||
users.extraGroups.mosquitto.gid = config.ids.gids.mosquitto;
|
||||
|
||||
};
|
||||
}
|
@ -114,12 +114,10 @@ in {
|
||||
# Ugly hack for using the correct gnome3 packageSet
|
||||
basePackages = mkOption {
|
||||
type = types.attrsOf types.package;
|
||||
default = { inherit modemmanager wpa_supplicant
|
||||
default = { inherit networkmanager modemmanager wpa_supplicant
|
||||
networkmanager_openvpn networkmanager_vpnc
|
||||
networkmanager_openconnect
|
||||
networkmanager_pptp networkmanager_l2tp;
|
||||
networkmanager = networkmanager.out;
|
||||
};
|
||||
networkmanager_pptp networkmanager_l2tp; };
|
||||
internal = true;
|
||||
};
|
||||
|
||||
@ -189,7 +187,7 @@ in {
|
||||
|
||||
boot.kernelModules = [ "ppp_mppe" ]; # Needed for most (all?) PPTP VPN connections.
|
||||
|
||||
environment.etc = with mapAttrs (name: getBin) cfg.basePackages; [
|
||||
environment.etc = with cfg.basePackages; [
|
||||
{ source = ipUpScript;
|
||||
target = "NetworkManager/dispatcher.d/01nixos-ip-up";
|
||||
}
|
||||
|
@ -82,6 +82,8 @@ in
|
||||
{ description = "NTP Daemon";
|
||||
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
wants = [ "time-sync.target" ];
|
||||
before = [ "time-sync.target" ];
|
||||
|
||||
preStart =
|
||||
''
|
||||
|
@ -64,7 +64,8 @@ in
|
||||
systemd.services.openntpd = {
|
||||
description = "OpenNTP Server";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
wants = [ "network-online.target" ];
|
||||
wants = [ "network-online.target" "time-sync.target" ];
|
||||
before = [ "time-sync.target" ];
|
||||
after = [ "dnsmasq.service" "bind.service" "network-online.target" ];
|
||||
serviceConfig.ExecStart = "${package}/sbin/ntpd -d -f ${cfgFile} ${cfg.extraOptions}";
|
||||
};
|
||||
|
@ -121,7 +121,7 @@ in
|
||||
User = cfg.user;
|
||||
Group = cfg.group;
|
||||
PermissionsStartOnly = true;
|
||||
ExecStart = "${pkgs.syncthing}/bin/syncthing -no-browser -home=${cfg.dataDir}";
|
||||
ExecStart = "${cfg.package}/bin/syncthing -no-browser -home=${cfg.dataDir}";
|
||||
};
|
||||
};
|
||||
};
|
||||
@ -129,7 +129,7 @@ in
|
||||
systemd.user.services = {
|
||||
syncthing = header // {
|
||||
serviceConfig = service // {
|
||||
ExecStart = "${pkgs.syncthing}/bin/syncthing -no-browser";
|
||||
ExecStart = "${cfg.package}/bin/syncthing -no-browser";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
54
nixos/modules/services/networking/toxvpn.nix
Normal file
54
nixos/modules/services/networking/toxvpn.nix
Normal file
@ -0,0 +1,54 @@
|
||||
{ config, stdenv, pkgs, lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
{
|
||||
options = {
|
||||
services.toxvpn = {
|
||||
enable = mkEnableOption "enable toxvpn running on startup";
|
||||
|
||||
localip = mkOption {
|
||||
type = types.string;
|
||||
default = "10.123.123.1";
|
||||
description = "your ip on the vpn";
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
type = types.int;
|
||||
default = 33445;
|
||||
description = "udp port for toxcore, port-forward to help with connectivity if you run many nodes behind one NAT";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf config.services.toxvpn.enable {
|
||||
systemd.services.toxvpn = {
|
||||
description = "toxvpn daemon";
|
||||
|
||||
requires = [ "network-online.target" ]; # consider replacing by NetworkManager-wait-online.service
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
preStart = ''
|
||||
mkdir -p /run/toxvpn || true
|
||||
chown toxvpn /run/toxvpn
|
||||
'';
|
||||
|
||||
serviceConfig = {
|
||||
ExecStart = "${pkgs.toxvpn}/bin/toxvpn -i ${config.services.toxvpn.localip} -l /run/toxvpn/control -u toxvpn -p ${toString config.services.toxvpn.port}";
|
||||
KillMode = "process";
|
||||
Restart = "on-success";
|
||||
Type = "notify";
|
||||
};
|
||||
|
||||
restartIfChanged = false; # Likely to be used for remote admin
|
||||
};
|
||||
|
||||
users.extraUsers = {
|
||||
toxvpn = {
|
||||
uid = config.ids.uids.toxvpn;
|
||||
home = "/var/lib/toxvpn";
|
||||
createHome = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
@ -106,8 +106,10 @@ in
|
||||
preStart = ''
|
||||
mkdir -m 0755 -p ${stateDir}/dev/
|
||||
cp ${confFile} ${stateDir}/unbound.conf
|
||||
${optionalString cfg.enableRootTrustAnchor ''
|
||||
${pkgs.unbound}/bin/unbound-anchor -a ${rootTrustAnchorFile}
|
||||
chown unbound ${stateDir} ${rootTrustAnchorFile}
|
||||
''}
|
||||
touch ${stateDir}/dev/random
|
||||
${pkgs.utillinux}/bin/mount --bind -n /dev/random ${stateDir}/dev/random
|
||||
'';
|
||||
|
@ -102,7 +102,7 @@ in
|
||||
partOf = optional config.networking.firewall.enable "firewall.service";
|
||||
|
||||
restartTriggers = [ fail2banConf jailConf ];
|
||||
path = [ pkgs.fail2ban pkgs.iptables ];
|
||||
path = [ pkgs.fail2ban pkgs.iptables pkgs.iproute ];
|
||||
|
||||
preStart =
|
||||
''
|
||||
|
@ -110,7 +110,7 @@ in
|
||||
};
|
||||
|
||||
services.dbus.packages = [
|
||||
pkgs.dbus
|
||||
pkgs.dbus.out
|
||||
config.system.path
|
||||
];
|
||||
|
||||
|
@ -113,22 +113,22 @@ in
|
||||
#include <abstractions/base>
|
||||
#include <abstractions/nameservice>
|
||||
|
||||
${pkgs.glibc.out}/lib/*.so mr,
|
||||
${pkgs.libevent.out}/lib/libevent*.so* mr,
|
||||
${pkgs.curl.out}/lib/libcurl*.so* mr,
|
||||
${pkgs.openssl.out}/lib/libssl*.so* mr,
|
||||
${pkgs.openssl.out}/lib/libcrypto*.so* mr,
|
||||
${pkgs.zlib.out}/lib/libz*.so* mr,
|
||||
${pkgs.libssh2.out}/lib/libssh2*.so* mr,
|
||||
${pkgs.systemd}/lib/libsystemd*.so* mr,
|
||||
${pkgs.xz.out}/lib/liblzma*.so* mr,
|
||||
${pkgs.libgcrypt.out}/lib/libgcrypt*.so* mr,
|
||||
${pkgs.libgpgerror.out}/lib/libgpg-error*.so* mr,
|
||||
${pkgs.nghttp2.lib}/lib/libnghttp2*.so* mr,
|
||||
${pkgs.c-ares.out}/lib/libcares*.so* mr,
|
||||
${pkgs.libcap.lib}/lib/libcap*.so* mr,
|
||||
${pkgs.attr.out}/lib/libattr*.so* mr,
|
||||
${pkgs.lz4}/lib/liblz4*.so* mr,
|
||||
${getLib pkgs.glibc}/lib/*.so mr,
|
||||
${getLib pkgs.libevent}/lib/libevent*.so* mr,
|
||||
${getLib pkgs.curl}/lib/libcurl*.so* mr,
|
||||
${getLib pkgs.openssl}/lib/libssl*.so* mr,
|
||||
${getLib pkgs.openssl}/lib/libcrypto*.so* mr,
|
||||
${getLib pkgs.zlib}/lib/libz*.so* mr,
|
||||
${getLib pkgs.libssh2}/lib/libssh2*.so* mr,
|
||||
${getLib pkgs.systemd}/lib/libsystemd*.so* mr,
|
||||
${getLib pkgs.xz}/lib/liblzma*.so* mr,
|
||||
${getLib pkgs.libgcrypt}/lib/libgcrypt*.so* mr,
|
||||
${getLib pkgs.libgpgerror}/lib/libgpg-error*.so* mr,
|
||||
${getLib pkgs.nghttp2}/lib/libnghttp2*.so* mr,
|
||||
${getLib pkgs.c-ares}/lib/libcares*.so* mr,
|
||||
${getLib pkgs.libcap}/lib/libcap*.so* mr,
|
||||
${getLib pkgs.attr}/lib/libattr*.so* mr,
|
||||
${getLib pkgs.lz4}/lib/liblz4*.so* mr,
|
||||
|
||||
@{PROC}/sys/kernel/random/uuid r,
|
||||
@{PROC}/sys/vm/overcommit_memory r,
|
||||
|
@ -43,7 +43,7 @@ let
|
||||
# Paths to external programs.
|
||||
$wgDiff3 = "${pkgs.diffutils}/bin/diff3";
|
||||
$wgDiff = "${pkgs.diffutils}/bin/diff";
|
||||
$wgImageMagickConvertCommand = "${pkgs.imagemagick}/bin/convert";
|
||||
$wgImageMagickConvertCommand = "${pkgs.imagemagick.out}/bin/convert";
|
||||
|
||||
#$wgDebugLogFile = "/tmp/mediawiki_debug_log.txt";
|
||||
|
||||
|
@ -44,7 +44,7 @@ let
|
||||
${cfg.extraGSettingsOverrides}
|
||||
EOF
|
||||
|
||||
${pkgs.glib}/bin/glib-compile-schemas $out/share/gsettings-schemas/nixos-gsettings-overrides/glib-2.0/schemas/
|
||||
${pkgs.glib.dev}/bin/glib-compile-schemas $out/share/gsettings-schemas/nixos-gsettings-overrides/glib-2.0/schemas/
|
||||
'';
|
||||
};
|
||||
|
||||
|
@ -32,6 +32,12 @@ let
|
||||
''
|
||||
#! ${pkgs.bash}/bin/bash
|
||||
|
||||
${optionalString cfg.displayManager.logToJournal ''
|
||||
if [ -z "$_DID_SYSTEMD_CAT" ]; then
|
||||
_DID_SYSTEMD_CAT=1 exec ${config.systemd.package}/bin/systemd-cat -t xsession -- "$0" "$1"
|
||||
fi
|
||||
''}
|
||||
|
||||
. /etc/profile
|
||||
cd "$HOME"
|
||||
|
||||
@ -39,7 +45,7 @@ let
|
||||
sessionType="$1"
|
||||
if [ "$sessionType" = default ]; then sessionType=""; fi
|
||||
|
||||
${optionalString (!cfg.displayManager.job.logsXsession) ''
|
||||
${optionalString (!cfg.displayManager.job.logsXsession && !cfg.displayManager.logToJournal) ''
|
||||
exec > ~/.xsession-errors 2>&1
|
||||
''}
|
||||
|
||||
@ -83,6 +89,8 @@ let
|
||||
# .local/share doesn't exist yet.
|
||||
mkdir -p $HOME/.local/share
|
||||
|
||||
unset _DID_SYSTEMD_CAT
|
||||
|
||||
${cfg.displayManager.sessionCommands}
|
||||
|
||||
# Allow the user to execute commands at the beginning of the X session.
|
||||
@ -278,6 +286,16 @@ in
|
||||
|
||||
};
|
||||
|
||||
logToJournal = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
By default, the stdout/stderr of sessions is written
|
||||
to <filename>~/.xsession-errors</filename>. When this option
|
||||
is enabled, it will instead be written to the journal.
|
||||
'';
|
||||
};
|
||||
|
||||
};
|
||||
|
||||
};
|
||||
|
@ -139,7 +139,7 @@ in
|
||||
mkdir -m 0755 -p /var/lib/kdm
|
||||
chown kdm /var/lib/kdm
|
||||
${(optionalString (config.system.boot.loader.id == "grub" && config.system.build.grub != null) "PATH=${config.system.build.grub}/sbin:$PATH ") +
|
||||
"KDEDIRS=/run/current-system/sw exec ${kdebase_workspace}/bin/kdm -config ${kdmrc} -nodaemon"}
|
||||
"KDEDIRS=/run/current-system/sw exec ${kdebase_workspace}/bin/kdm -config ${kdmrc} -nodaemon -logfile /dev/stderr"}
|
||||
'';
|
||||
logsXsession = true;
|
||||
};
|
||||
|
@ -169,10 +169,10 @@ in {
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
services.xserver.modules = [ pkg ];
|
||||
services.xserver.modules = [ pkg.out ];
|
||||
|
||||
environment.etc."${etcFile}".source =
|
||||
"${pkg}/share/X11/xorg.conf.d/50-synaptics.conf";
|
||||
"${pkg.out}/share/X11/xorg.conf.d/50-synaptics.conf";
|
||||
|
||||
environment.systemPackages = [ pkg ];
|
||||
|
||||
|
@ -16,6 +16,7 @@ let
|
||||
virtualbox = { modules = [ kernelPackages.virtualboxGuestAdditions ]; driverName = "vboxvideo"; };
|
||||
ati = { modules = with pkgs.xorg; [ xf86videoati glamoregl ]; };
|
||||
intel = { modules = with pkgs.xorg; [ xf86videointel glamoregl ]; };
|
||||
modesetting = { modules = []; };
|
||||
};
|
||||
|
||||
fontsForXServer =
|
||||
@ -519,6 +520,7 @@ in
|
||||
serviceConfig = {
|
||||
Restart = "always";
|
||||
RestartSec = "200ms";
|
||||
SyslogIdentifier = "display-manager";
|
||||
};
|
||||
};
|
||||
|
||||
@ -526,10 +528,11 @@ in
|
||||
[ "-terminate"
|
||||
"-config ${configFile}"
|
||||
"-xkbdir" "${cfg.xkbDir}"
|
||||
# Log at the default verbosity level to stderr rather than /var/log/X.*.log.
|
||||
"-verbose" "3" "-logfile" "/dev/null"
|
||||
] ++ optional (cfg.display != null) ":${toString cfg.display}"
|
||||
++ optional (cfg.tty != null) "vt${toString cfg.tty}"
|
||||
++ optional (cfg.dpi != null) "-dpi ${toString cfg.dpi}"
|
||||
++ optionals (cfg.display != null) [ "-logfile" "/var/log/X.${toString cfg.display}.log" ]
|
||||
++ optional (!cfg.enableTCP) "-nolisten tcp";
|
||||
|
||||
services.xserver.modules =
|
||||
|
@ -85,6 +85,10 @@ in
|
||||
};
|
||||
|
||||
config = mkIf (config.boot.initrd.network.enable && cfg.enable) {
|
||||
assertions = [ {
|
||||
assertion = cfg.hostRSAKey != null || cfg.hostDSSKey != null || cfg.hostECDSAKey != null;
|
||||
message = "You should specify at least one host key for initrd SSH";
|
||||
} ];
|
||||
|
||||
boot.initrd.extraUtilsCommands = ''
|
||||
copy_bin_and_libs ${pkgs.dropbear}/bin/dropbear
|
||||
|
@ -48,12 +48,13 @@ let
|
||||
bootPath = args.path;
|
||||
storePath = config.boot.loader.grub.storePath;
|
||||
bootloaderId = if args.efiBootloaderId == null then "NixOS${efiSysMountPoint'}" else args.efiBootloaderId;
|
||||
timeout = if config.boot.loader.timeout == null then -1 else config.boot.loader.timeout;
|
||||
inherit efiSysMountPoint;
|
||||
inherit (args) devices;
|
||||
inherit (efi) canTouchEfiVariables;
|
||||
inherit (cfg)
|
||||
version extraConfig extraPerEntryConfig extraEntries
|
||||
extraEntriesBeforeNixOS extraPrepareConfig configurationLimit copyKernels timeout
|
||||
extraEntriesBeforeNixOS extraPrepareConfig configurationLimit copyKernels
|
||||
default fsIdentifier efiSupport gfxmodeEfi gfxmodeBios;
|
||||
path = (makeBinPath ([
|
||||
pkgs.coreutils pkgs.gnused pkgs.gnugrep pkgs.findutils pkgs.diffutils pkgs.btrfs-progs
|
||||
@ -313,14 +314,6 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
timeout = mkOption {
|
||||
default = if (config.boot.loader.timeout != null) then config.boot.loader.timeout else -1;
|
||||
type = types.int;
|
||||
description = ''
|
||||
Timeout (in seconds) until GRUB boots the default menu item.
|
||||
'';
|
||||
};
|
||||
|
||||
default = mkOption {
|
||||
default = 0;
|
||||
type = types.int;
|
||||
|
@ -16,7 +16,7 @@ let
|
||||
|
||||
nix = config.nix.package.out;
|
||||
|
||||
timeout = if cfg.timeout != null then cfg.timeout else "";
|
||||
timeout = if config.boot.loader.timeout != null then config.boot.loader.timeout else "";
|
||||
|
||||
inherit (efi) efiSysMountPoint canTouchEfiVariables;
|
||||
};
|
||||
@ -29,20 +29,6 @@ in {
|
||||
|
||||
description = "Whether to enable the gummiboot UEFI boot manager";
|
||||
};
|
||||
|
||||
timeout = mkOption {
|
||||
default = if config.boot.loader.timeout == null then 10000 else config.boot.loader.timeout;
|
||||
|
||||
example = 4;
|
||||
|
||||
type = types.nullOr types.int;
|
||||
|
||||
description = ''
|
||||
Timeout (in seconds) for how long to show the menu (null if none).
|
||||
Note that even with no timeout the menu can be forced if the space
|
||||
key is pressed during bootup
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
@ -5,7 +5,7 @@ with lib;
|
||||
let
|
||||
luks = config.boot.initrd.luks;
|
||||
|
||||
openCommand = { name, device, header, keyFile, keyFileSize, allowDiscards, yubikey, ... }: ''
|
||||
openCommand = name': { name, device, header, keyFile, keyFileSize, allowDiscards, yubikey, ... }: assert name' == name; ''
|
||||
# Wait for luksRoot to appear, e.g. if on a usb drive.
|
||||
# XXX: copied and adapted from stage-1-init.sh - should be
|
||||
# available as a function.
|
||||
@ -192,9 +192,8 @@ let
|
||||
''}
|
||||
'';
|
||||
|
||||
isPreLVM = f: f.preLVM;
|
||||
preLVM = filter isPreLVM luks.devices;
|
||||
postLVM = filter (f: !(isPreLVM f)) luks.devices;
|
||||
preLVM = filterAttrs (n: v: v.preLVM) luks.devices;
|
||||
postLVM = filterAttrs (n: v: !v.preLVM) luks.devices;
|
||||
|
||||
in
|
||||
{
|
||||
@ -228,31 +227,31 @@ in
|
||||
};
|
||||
|
||||
boot.initrd.luks.devices = mkOption {
|
||||
default = [ ];
|
||||
example = literalExample ''[ { name = "luksroot"; device = "/dev/sda3"; preLVM = true; } ]'';
|
||||
default = { };
|
||||
example = { "luksroot".device = "/dev/disk/by-uuid/430e9eff-d852-4f68-aa3b-2fa3599ebe08"; };
|
||||
description = ''
|
||||
The list of devices that should be decrypted using LUKS before trying to mount the
|
||||
root partition. This works for both LVM-over-LUKS and LUKS-over-LVM setups.
|
||||
|
||||
The devices are decrypted to the device mapper names defined.
|
||||
|
||||
Make sure that initrd has the crypto modules needed for decryption.
|
||||
The encrypted disk that should be opened before the root
|
||||
filesystem is mounted. Both LVM-over-LUKS and LUKS-over-LVM
|
||||
setups are sypported. The unencrypted devices can be accessed as
|
||||
<filename>/dev/mapper/<replaceable>name</replaceable></filename>.
|
||||
'';
|
||||
|
||||
type = types.listOf types.optionSet;
|
||||
type = types.loaOf types.optionSet;
|
||||
|
||||
options = {
|
||||
options = { name, ... }: { options = {
|
||||
|
||||
name = mkOption {
|
||||
visible = false;
|
||||
default = name;
|
||||
example = "luksroot";
|
||||
type = types.str;
|
||||
description = "Named to be used for the generated device in /dev/mapper.";
|
||||
description = "Name of the unencrypted device in <filename>/dev/mapper</filename>.";
|
||||
};
|
||||
|
||||
device = mkOption {
|
||||
example = "/dev/sda2";
|
||||
example = "/dev/disk/by-uuid/430e9eff-d852-4f68-aa3b-2fa3599ebe08";
|
||||
type = types.str;
|
||||
description = "Path of the underlying block device.";
|
||||
description = "Path of the underlying encrypted block device.";
|
||||
};
|
||||
|
||||
header = mkOption {
|
||||
@ -289,6 +288,7 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
# FIXME: get rid of this option.
|
||||
preLVM = mkOption {
|
||||
default = true;
|
||||
type = types.bool;
|
||||
@ -394,7 +394,7 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
};
|
||||
}; };
|
||||
};
|
||||
|
||||
boot.initrd.luks.yubikeySupport = mkOption {
|
||||
@ -408,7 +408,7 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf (luks.devices != []) {
|
||||
config = mkIf (luks.devices != {}) {
|
||||
|
||||
# actually, sbp2 driver is the one enabling the DMA attack, but this needs to be tested
|
||||
boot.blacklistedKernelModules = optionals luks.mitigateDMAAttacks
|
||||
@ -438,7 +438,7 @@ in
|
||||
copy_bin_and_libs ${pkgs.ykpers}/bin/ykinfo
|
||||
copy_bin_and_libs ${pkgs.openssl.bin}/bin/openssl
|
||||
|
||||
cc -O3 -I${pkgs.openssl}/include -L${pkgs.openssl.out}/lib ${./pbkdf2-sha512.c} -o pbkdf2-sha512 -lcrypto
|
||||
cc -O3 -I${pkgs.openssl.dev}/include -L${pkgs.openssl.out}/lib ${./pbkdf2-sha512.c} -o pbkdf2-sha512 -lcrypto
|
||||
strip -s pbkdf2-sha512
|
||||
copy_bin_and_libs pbkdf2-sha512
|
||||
|
||||
@ -463,8 +463,8 @@ in
|
||||
''}
|
||||
'';
|
||||
|
||||
boot.initrd.preLVMCommands = concatMapStrings openCommand preLVM;
|
||||
boot.initrd.postDeviceCommands = concatMapStrings openCommand postLVM;
|
||||
boot.initrd.preLVMCommands = concatStrings (mapAttrsToList openCommand preLVM);
|
||||
boot.initrd.postDeviceCommands = concatStrings (mapAttrsToList openCommand postLVM);
|
||||
|
||||
environment.systemPackages = [ pkgs.cryptsetup ];
|
||||
};
|
||||
|
@ -753,13 +753,6 @@ in
|
||||
"TMPFS_XATTR" "SECCOMP"
|
||||
];
|
||||
|
||||
environment.shellAliases =
|
||||
{ start = "systemctl start";
|
||||
stop = "systemctl stop";
|
||||
restart = "systemctl restart";
|
||||
status = "systemctl status";
|
||||
};
|
||||
|
||||
users.extraGroups.systemd-journal.gid = config.ids.gids.systemd-journal;
|
||||
users.extraUsers.systemd-journal-gateway.uid = config.ids.uids.systemd-journal-gateway;
|
||||
users.extraGroups.systemd-journal-gateway.gid = config.ids.gids.systemd-journal-gateway;
|
||||
|
@ -38,7 +38,7 @@ in
|
||||
description = "CPU Frequency Governor Setup";
|
||||
after = [ "systemd-modules-load.service" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
path = [ cpupower ];
|
||||
path = [ cpupower config.system.sbin.modprobe ];
|
||||
unitConfig.ConditionVirtualization = false;
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
|
@ -113,6 +113,16 @@ let kernel = config.boot.kernelPackages.kernel; in
|
||||
# Make it easy to log in as root when running the test interactively.
|
||||
users.extraUsers.root.initialHashedPassword = mkOverride 150 "";
|
||||
|
||||
services.xserver.displayManager.logToJournal = true;
|
||||
|
||||
# Bump kdm's X server start timeout to account for heavily loaded
|
||||
# VM host systems.
|
||||
services.xserver.displayManager.kdm.extraConfig =
|
||||
''
|
||||
[X-:*-Core]
|
||||
ServerTimeout=240
|
||||
'';
|
||||
|
||||
};
|
||||
|
||||
}
|
||||
|
@ -32,8 +32,8 @@ let cfg = config.ec2; in
|
||||
# Generate a GRUB menu. Amazon's pv-grub uses this to boot our kernel/initrd.
|
||||
boot.loader.grub.version = if cfg.hvm then 2 else 1;
|
||||
boot.loader.grub.device = if cfg.hvm then "/dev/xvda" else "nodev";
|
||||
boot.loader.grub.timeout = 0;
|
||||
boot.loader.grub.extraPerEntryConfig = mkIf (!cfg.hvm) "root (hd0)";
|
||||
boot.loader.timeout = 0;
|
||||
|
||||
boot.initrd.postDeviceCommands =
|
||||
''
|
||||
|
@ -13,7 +13,7 @@ with lib;
|
||||
# Generate a GRUB menu.
|
||||
boot.loader.grub.device = "/dev/sda";
|
||||
boot.loader.grub.version = 2;
|
||||
boot.loader.grub.timeout = 0;
|
||||
boot.loader.timeout = 0;
|
||||
|
||||
# Don't put old configurations in the GRUB menu. The user has no
|
||||
# way to select them anyway.
|
||||
|
@ -94,7 +94,7 @@ in
|
||||
|
||||
# Generate a GRUB menu. Amazon's pv-grub uses this to boot our kernel/initrd.
|
||||
boot.loader.grub.device = "/dev/vda";
|
||||
boot.loader.grub.timeout = 0;
|
||||
boot.loader.timeout = 0;
|
||||
|
||||
# Don't put old configurations in the GRUB menu. The user has no
|
||||
# way to select them anyway.
|
||||
|
@ -309,6 +309,10 @@ in
|
||||
touch "$root/etc/os-release"
|
||||
fi
|
||||
|
||||
if ! [ -e "$root/etc/machine-id" ]; then
|
||||
touch "$root/etc/machine-id"
|
||||
fi
|
||||
|
||||
mkdir -p -m 0755 \
|
||||
"/nix/var/nix/profiles/per-container/$INSTANCE" \
|
||||
"/nix/var/nix/gcroots/per-container/$INSTANCE"
|
||||
@ -338,7 +342,7 @@ in
|
||||
fi
|
||||
''}
|
||||
|
||||
|
||||
rm -f $root/var/lib/private/host-notify
|
||||
|
||||
# Run systemd-nspawn without startup notification (we'll
|
||||
# wait for the container systemd to signal readiness).
|
||||
|
@ -102,7 +102,7 @@ in
|
||||
|
||||
# Generate a GRUB menu. Amazon's pv-grub uses this to boot our kernel/initrd.
|
||||
boot.loader.grub.device = "/dev/sda";
|
||||
boot.loader.grub.timeout = 0;
|
||||
boot.loader.timeout = 0;
|
||||
|
||||
# Don't put old configurations in the GRUB menu. The user has no
|
||||
# way to select them anyway.
|
||||
|
@ -27,7 +27,7 @@ with lib;
|
||||
|
||||
boot.kernelParams = [ "console=ttyS0" ];
|
||||
boot.loader.grub.device = "/dev/vda";
|
||||
boot.loader.grub.timeout = 0;
|
||||
boot.loader.timeout = 0;
|
||||
|
||||
# Allow root logins
|
||||
services.openssh.enable = true;
|
||||
|
@ -465,7 +465,7 @@ in
|
||||
});
|
||||
|
||||
swapDevices = mkVMOverride [ ];
|
||||
boot.initrd.luks.devices = mkVMOverride [];
|
||||
boot.initrd.luks.devices = mkVMOverride {};
|
||||
|
||||
# Don't run ntpd in the guest. It should get the correct time from KVM.
|
||||
services.ntp.enable = false;
|
||||
|
@ -69,6 +69,7 @@ in rec {
|
||||
(all nixos.tests.boot.uefiUsb)
|
||||
(all nixos.tests.boot-stage1)
|
||||
(all nixos.tests.ipv6)
|
||||
(all nixos.tests.i3wm)
|
||||
(all nixos.tests.kde4)
|
||||
#(all nixos.tests.lightdm)
|
||||
(all nixos.tests.login)
|
||||
|
@ -12,7 +12,6 @@ let
|
||||
modules =
|
||||
[ ../modules/installer/cd-dvd/installation-cd-minimal.nix
|
||||
../modules/testing/test-instrumentation.nix
|
||||
{ key = "serial"; }
|
||||
];
|
||||
}).config.system.build.isoImage;
|
||||
|
||||
@ -30,20 +29,25 @@ let
|
||||
'';
|
||||
};
|
||||
in {
|
||||
|
||||
biosCdrom = makeBootTest "bios-cdrom" ''
|
||||
cdrom => glob("${iso}/iso/*.iso")
|
||||
'';
|
||||
|
||||
biosUsb = makeBootTest "bios-usb" ''
|
||||
usb => glob("${iso}/iso/*.iso")
|
||||
'';
|
||||
|
||||
uefiCdrom = makeBootTest "uefi-cdrom" ''
|
||||
cdrom => glob("${iso}/iso/*.iso"),
|
||||
bios => '${pkgs.OVMF}/FV/OVMF.fd'
|
||||
'';
|
||||
|
||||
uefiUsb = makeBootTest "uefi-usb" ''
|
||||
usb => glob("${iso}/iso/*.iso"),
|
||||
bios => '${pkgs.OVMF}/FV/OVMF.fd'
|
||||
'';
|
||||
|
||||
netboot = let
|
||||
config = (import ../lib/eval-config.nix {
|
||||
inherit system;
|
||||
|
@ -360,14 +360,8 @@ in {
|
||||
"mount LABEL=boot /mnt/boot",
|
||||
);
|
||||
'';
|
||||
# XXX: Currently, generate-config doesn't detect LUKS yet.
|
||||
extraConfig = ''
|
||||
boot.kernelParams = lib.mkAfter [ "console=tty0" ];
|
||||
boot.initrd.luks.devices = lib.singleton {
|
||||
name = "cryptroot";
|
||||
device = "/dev/vda3";
|
||||
preLVM = true;
|
||||
};
|
||||
'';
|
||||
enableOCR = true;
|
||||
preBootCommands = ''
|
||||
@ -403,8 +397,6 @@ in {
|
||||
"mkdir /mnt/boot",
|
||||
"mount LABEL=boot /mnt/boot",
|
||||
"udevadm settle",
|
||||
"mdadm --verbose -W /dev/md0", # wait for sync to finish; booting off an unsynced device tends to fail
|
||||
"mdadm --verbose -W /dev/md1",
|
||||
);
|
||||
'';
|
||||
preBootCommands = ''
|
||||
|
@ -11,7 +11,7 @@ let
|
||||
#!${pkgs.stdenv.shell} -xe
|
||||
export PATH="${pkgs.coreutils}/bin:${pkgs.utillinux}/bin"
|
||||
|
||||
mkdir -p /etc/dbus-1 /var/run/dbus
|
||||
mkdir -p /var/run/dbus
|
||||
cat > /etc/passwd <<EOF
|
||||
root:x:0:0::/root:/bin/false
|
||||
messagebus:x:1:1::/var/run/dbus:/bin/false
|
||||
@ -20,9 +20,9 @@ let
|
||||
root:x:0:
|
||||
messagebus:x:1:
|
||||
EOF
|
||||
cp -v "${pkgs.dbus.daemon}/etc/dbus-1/system.conf" \
|
||||
/etc/dbus-1/system.conf
|
||||
"${pkgs.dbus.daemon}/bin/dbus-daemon" --fork --system
|
||||
|
||||
"${pkgs.dbus.daemon}/bin/dbus-daemon" --fork \
|
||||
--config-file="${pkgs.dbus.daemon}/share/dbus-1/system.conf"
|
||||
|
||||
${guestAdditions}/bin/VBoxService
|
||||
${(attrs.vmScript or (const "")) pkgs}
|
||||
@ -326,6 +326,7 @@ let
|
||||
in [ ./common/user-account.nix ./common/x11.nix ] ++ vmConfigs;
|
||||
virtualisation.memorySize = 2048;
|
||||
virtualisation.virtualbox.host.enable = true;
|
||||
services.xserver.displayManager.auto.user = "alice";
|
||||
users.extraUsers.alice.extraGroups = let
|
||||
inherit (config.virtualisation.virtualbox.host) enableHardening;
|
||||
in lib.mkIf enableHardening (lib.singleton "vboxusers");
|
||||
@ -363,7 +364,9 @@ in mapAttrs mkVBoxTest {
|
||||
simple-gui = ''
|
||||
createVM_simple;
|
||||
$machine->succeed(ru "VirtualBox &");
|
||||
$machine->waitForWindow(qr/Oracle VM VirtualBox Manager/);
|
||||
$machine->waitUntilSucceeds(
|
||||
ru "xprop -name 'Oracle VM VirtualBox Manager'"
|
||||
);
|
||||
$machine->sleep(5);
|
||||
$machine->screenshot("gui_manager_started");
|
||||
$machine->sendKeys("ret");
|
||||
|
@ -1,7 +1,7 @@
|
||||
{ stdenv, fetchurl, pkgconfig, glib, gtk3, libmowgli, libmcs
|
||||
, gettext, dbus_glib, libxml2, libmad, xorg, alsaLib, libogg
|
||||
, libvorbis, libcdio, libcddb, flac, ffmpeg, makeWrapper
|
||||
, mpg123, neon, faad2
|
||||
, mpg123, neon, faad2, gnome3
|
||||
}:
|
||||
|
||||
let version = "3.5.2"; in
|
||||
@ -22,7 +22,7 @@ stdenv.mkDerivation {
|
||||
buildInputs =
|
||||
[ gettext pkgconfig glib gtk3 libmowgli libmcs libxml2 dbus_glib
|
||||
libmad xorg.libXcomposite libogg libvorbis flac alsaLib libcdio
|
||||
libcddb ffmpeg makeWrapper mpg123 neon faad2
|
||||
libcddb ffmpeg makeWrapper mpg123 neon faad2 gnome3.defaultIconTheme
|
||||
];
|
||||
|
||||
# Here we build bouth audacious and audacious-plugins in one
|
||||
@ -48,8 +48,11 @@ stdenv.mkDerivation {
|
||||
(
|
||||
source $stdenv/setup
|
||||
# gsettings schemas for file dialogues
|
||||
# XDG_ICON_DIRS is set by hook for gnome3.defaultIconTheme
|
||||
for file in "$out/bin/"*; do
|
||||
wrapProgram "$file" --prefix XDG_DATA_DIRS : "$XDG_ADD:$GSETTINGS_SCHEMAS_PATH"
|
||||
wrapProgram "$file" \
|
||||
--prefix XDG_DATA_DIRS : "$XDG_ADD:$GSETTINGS_SCHEMAS_PATH" \
|
||||
--suffix XDG_DATA_DIRS : "$XDG_ICON_DIRS"
|
||||
done
|
||||
)
|
||||
'';
|
||||
|
@ -1,9 +1,10 @@
|
||||
{ stdenv, fetchFromGitHub, makeWrapper, callPackage, libgroove, python, utillinux }:
|
||||
{ stdenv, fetchFromGitHub, makeWrapper, callPackage, libgroove, python, utillinux, nodejs }:
|
||||
|
||||
with stdenv.lib;
|
||||
|
||||
let
|
||||
nodePackages = callPackage (import ../../../top-level/node-packages.nix) {
|
||||
inherit nodejs;
|
||||
neededNatives = [ libgroove python utillinux ];
|
||||
self = nodePackages;
|
||||
generated = ./package.nix;
|
||||
|
@ -1,20 +1,27 @@
|
||||
{ fetchurl, stdenv, libmp3splt, pkgconfig }:
|
||||
{ stdenv, fetchurl, pkgconfig, libmp3splt }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "mp3splt-2.6.1";
|
||||
pname = "mp3splt";
|
||||
version = "2.6.2";
|
||||
name = "${pname}-${version}";
|
||||
|
||||
|
||||
src = fetchurl {
|
||||
url = "http://prdownloads.sourceforge.net/mp3splt/${name}.tar.gz";
|
||||
sha256 = "783a903fafbcf47f06673136a78b78d32a8e616a6ae06b79b459a32090dd14f7";
|
||||
url = "mirror://sourceforge/${pname}/${name}.tar.gz";
|
||||
sha256 = "1aiv20gypb6r84qabz8gblk8vi42cg3x333vk2pi3fyqvl82phry";
|
||||
};
|
||||
|
||||
buildInputs = [ libmp3splt pkgconfig ];
|
||||
configureFlags = [ "--enable-oggsplt-symlink" "--enable-flacsplt-symlink" ];
|
||||
nativeBuildInputs = [ pkgconfig ];
|
||||
buildInputs = [ libmp3splt ];
|
||||
|
||||
meta = {
|
||||
description = "utility to split mp3, ogg vorbis and FLAC files without decoding";
|
||||
outputs = [ "out" "man" ];
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "Utility to split mp3, ogg vorbis and FLAC files without decoding";
|
||||
homepage = http://sourceforge.net/projects/mp3splt/;
|
||||
license = stdenv.lib.licenses.gpl2;
|
||||
maintainers = [ stdenv.lib.maintainers.bosu ];
|
||||
platforms = stdenv.lib.platforms.unix;
|
||||
license = licenses.gpl2;
|
||||
maintainers = [ maintainers.bosu ];
|
||||
platforms = platforms.unix;
|
||||
};
|
||||
}
|
||||
|
@ -6,8 +6,6 @@ pythonPackages.buildPythonApplication rec {
|
||||
version = "1.1.2";
|
||||
name = "${pname}-${version}";
|
||||
|
||||
namePrefix = "";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = pname;
|
||||
repo = pname;
|
||||
@ -15,6 +13,9 @@ pythonPackages.buildPythonApplication rec {
|
||||
sha256 = "0zk9clfawsnwmgjbk7y5d526ksxd1pkh09ln6sb06v4ygaiifcxp";
|
||||
};
|
||||
|
||||
# No tests in repo
|
||||
doCheck = false;
|
||||
|
||||
postPatch = ''
|
||||
substituteInPlace setup.py --replace "/usr/share" "$out/share"
|
||||
'';
|
||||
|
@ -28,11 +28,11 @@
|
||||
# handle that.
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "qmmp-0.8.4";
|
||||
name = "qmmp-0.9.9";
|
||||
|
||||
src = fetchurl {
|
||||
url = "http://qmmp.ylsoftware.com/files/${name}.tar.bz2";
|
||||
sha256 = "1ld69xypyak3lzwmfvzbxsyd4fl841aaq0gmkfa7jpavbdlggydf";
|
||||
sha256 = "1wv4kbjq50xflhrl1jjf1hm3rrw599xkd72dwm4rscm0sdvzhnc1";
|
||||
};
|
||||
|
||||
buildInputs =
|
||||
|
@ -28,7 +28,7 @@ stdenv.mkDerivation rec {
|
||||
|
||||
cmakeFlags = [ "-DUSE_PAM=1" ];
|
||||
|
||||
NIX_CFLAGS_COMPILE = "-I${freetype}/include/freetype -std=c++11";
|
||||
NIX_CFLAGS_COMPILE = "-I${freetype.dev}/include/freetype -std=c++11";
|
||||
|
||||
enableParallelBuilding = true;
|
||||
|
||||
|
@ -64,7 +64,7 @@ stdenv.mkDerivation rec {
|
||||
"--with-gif=no" "--with-tiff=no" ];
|
||||
|
||||
NIX_CFLAGS_COMPILE = stdenv.lib.optionalString (stdenv.isDarwin && withX)
|
||||
"-I${cairo}/include/cairo";
|
||||
"-I${cairo.dev}/include/cairo";
|
||||
|
||||
preBuild = ''
|
||||
find . -name '*.elc' -delete
|
||||
|
@ -81,10 +81,10 @@
|
||||
aggressive-indent = callPackage ({ cl-lib ? null, elpaBuild, emacs, fetchurl, lib }:
|
||||
elpaBuild {
|
||||
pname = "aggressive-indent";
|
||||
version = "1.7";
|
||||
version = "1.8.1";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/aggressive-indent-1.7.el";
|
||||
sha256 = "0z2zsw0qnzcabsz2frfsjhfg7qa4nbmprrd41yjfxq62d12wg70m";
|
||||
url = "https://elpa.gnu.org/packages/aggressive-indent-1.8.1.el";
|
||||
sha256 = "07d311dwg6rpzydh9bw9dn1djf4x4f00ma41jmsl35mcd2m0bpz8";
|
||||
};
|
||||
packageRequires = [ cl-lib emacs ];
|
||||
meta = {
|
||||
@ -95,10 +95,10 @@
|
||||
ahungry-theme = callPackage ({ elpaBuild, emacs, fetchurl, lib }:
|
||||
elpaBuild {
|
||||
pname = "ahungry-theme";
|
||||
version = "1.1.0";
|
||||
version = "1.2.0";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/ahungry-theme-1.1.0.tar";
|
||||
sha256 = "1jy2h4r72fr26yavs0s8dy1xnkxvaf2hsrlm63f6sng81njj9dgx";
|
||||
url = "https://elpa.gnu.org/packages/ahungry-theme-1.2.0.tar";
|
||||
sha256 = "04z9d8xszgsl6p02gf3yixgj8kwwb6rfc6bq1b3sz95n3v9wmg9d";
|
||||
};
|
||||
packageRequires = [ emacs ];
|
||||
meta = {
|
||||
@ -162,10 +162,10 @@
|
||||
}) {};
|
||||
async = callPackage ({ elpaBuild, fetchurl, lib }: elpaBuild {
|
||||
pname = "async";
|
||||
version = "1.6";
|
||||
version = "1.9";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/async-1.6.tar";
|
||||
sha256 = "17psvz75n42x33my967wkgi7r0blx46n3jdv510j0z5jswv66039";
|
||||
url = "https://elpa.gnu.org/packages/async-1.9.tar";
|
||||
sha256 = "1ip5nc8xyln5szvqwp6wqva9xr84pn8ssn3nnphrszr19y4js2bm";
|
||||
};
|
||||
packageRequires = [];
|
||||
meta = {
|
||||
@ -566,10 +566,10 @@
|
||||
}) {};
|
||||
el-search = callPackage ({ elpaBuild, emacs, fetchurl, lib }: elpaBuild {
|
||||
pname = "el-search";
|
||||
version = "0.1.3";
|
||||
version = "0.2";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/el-search-0.1.3.el";
|
||||
sha256 = "1iwglpzs78zy07k3ijbwgv9781bs5cpf088giyz6bn5amfpp1jks";
|
||||
url = "https://elpa.gnu.org/packages/el-search-0.2.el";
|
||||
sha256 = "1ps4p79xrvsdys9yh1wyk4zdly6c55agbqa6f8q3xkwc9sva9lw9";
|
||||
};
|
||||
packageRequires = [ emacs ];
|
||||
meta = {
|
||||
@ -850,8 +850,8 @@
|
||||
pname = "javaimp";
|
||||
version = "0.6";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/javaimp-0.6.el";
|
||||
sha256 = "00a37jv9wbzy521a15vk7a66rsf463zzr57adc8ii2m4kcyldpqh";
|
||||
url = "https://elpa.gnu.org/packages/javaimp-0.6.tar";
|
||||
sha256 = "015kchx6brsjk7q6lz9y44a18n5imapd95czx50hqdscjczmj2ff";
|
||||
};
|
||||
packageRequires = [];
|
||||
meta = {
|
||||
@ -1505,6 +1505,19 @@
|
||||
license = lib.licenses.free;
|
||||
};
|
||||
}) {};
|
||||
smart-yank = callPackage ({ elpaBuild, emacs, fetchurl, lib }: elpaBuild {
|
||||
pname = "smart-yank";
|
||||
version = "0.1.1";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/smart-yank-0.1.1.el";
|
||||
sha256 = "1v7hbn8pl4bzal31m132dn04rgsgjjcc7k2knd1jqzk1wq6azpdn";
|
||||
};
|
||||
packageRequires = [ emacs ];
|
||||
meta = {
|
||||
homepage = "https://elpa.gnu.org/packages/smart-yank.html";
|
||||
license = lib.licenses.free;
|
||||
};
|
||||
}) {};
|
||||
sml-mode = callPackage ({ elpaBuild, fetchurl, lib }: elpaBuild {
|
||||
pname = "sml-mode";
|
||||
version = "6.7";
|
||||
@ -1905,10 +1918,10 @@
|
||||
xelb = callPackage ({ cl-generic, elpaBuild, emacs, fetchurl, lib }:
|
||||
elpaBuild {
|
||||
pname = "xelb";
|
||||
version = "0.6";
|
||||
version = "0.7";
|
||||
src = fetchurl {
|
||||
url = "https://elpa.gnu.org/packages/xelb-0.6.tar";
|
||||
sha256 = "1m91af5srxq8zs9w4gb44kl4bgka8fq7k33h7f2yn213h23kvvvh";
|
||||
url = "https://elpa.gnu.org/packages/xelb-0.7.tar";
|
||||
sha256 = "0i4336a8xns6zp82dj77w5gjgv3mfngcjsw7ghyf7bb7flh8ipw1";
|
||||
};
|
||||
packageRequires = [ cl-generic emacs ];
|
||||
meta = {
|
||||
|
@ -19,11 +19,11 @@ stdenv.mkDerivation rec {
|
||||
patchPhase = ''
|
||||
sed -i "w3m.el" \
|
||||
-e 's|defcustom w3m-command nil|defcustom w3m-command "${w3m}/bin/w3m"|g ;
|
||||
s|(w3m-which-command "display")|"${imagemagick}/bin/display"|g'
|
||||
s|(w3m-which-command "display")|"${imagemagick.out}/bin/display"|g'
|
||||
|
||||
sed -i "w3m-image.el" \
|
||||
-e 's|(w3m-which-command "convert")|"${imagemagick}/bin/convert"|g ;
|
||||
s|(w3m-which-command "identify")|"${imagemagick}/bin/identify"|g'
|
||||
-e 's|(w3m-which-command "convert")|"${imagemagick.out}/bin/convert"|g ;
|
||||
s|(w3m-which-command "identify")|"${imagemagick.out}/bin/identify"|g'
|
||||
'';
|
||||
|
||||
configureFlags = [
|
||||
|
File diff suppressed because it is too large
Load Diff
@ -60,9 +60,6 @@ self:
|
||||
# upstream issue: missing file header
|
||||
connection = markBroken super.connection;
|
||||
|
||||
# upstream issue: missing file header
|
||||
crux = markBroken super.crux;
|
||||
|
||||
# upstream issue: missing file header
|
||||
dictionary = markBroken super.dictionary;
|
||||
|
||||
|
File diff suppressed because it is too large
Load Diff
@ -1,7 +1,7 @@
|
||||
{ stdenv, fetchurl, makeDesktopItem, makeWrapper, patchelf, p7zip
|
||||
, coreutils, gnugrep, which, git, python, unzip, jdk }:
|
||||
|
||||
{ name, product, version, build, src, meta } @ attrs:
|
||||
{ name, product, version, build, src, wmClass, meta } @ attrs:
|
||||
|
||||
with stdenv.lib;
|
||||
|
||||
@ -20,6 +20,9 @@ with stdenv; lib.makeOverridable mkDerivation rec {
|
||||
genericName = meta.description;
|
||||
categories = "Application;Development;";
|
||||
icon = execName;
|
||||
extraEntries = ''
|
||||
StartupWMClass=${wmClass}
|
||||
'';
|
||||
};
|
||||
|
||||
buildInputs = [ makeWrapper patchelf p7zip unzip ];
|
||||
|
@ -10,9 +10,9 @@ let
|
||||
bnumber = with stdenv.lib; build: last (splitString "-" build);
|
||||
mkIdeaProduct = callPackage ./common.nix { };
|
||||
|
||||
buildAndroidStudio = { name, version, build, src, license, description }:
|
||||
buildAndroidStudio = { name, version, build, src, license, description, wmClass }:
|
||||
let drv = (mkIdeaProduct rec {
|
||||
inherit name version build src;
|
||||
inherit name version build src wmClass;
|
||||
product = "Studio";
|
||||
meta = with stdenv.lib; {
|
||||
homepage = https://developer.android.com/sdk/installing/studio.html;
|
||||
@ -35,9 +35,9 @@ let
|
||||
'';
|
||||
});
|
||||
|
||||
buildClion = { name, version, build, src, license, description }:
|
||||
buildClion = { name, version, build, src, license, description, wmClass }:
|
||||
(mkIdeaProduct rec {
|
||||
inherit name version build src;
|
||||
inherit name version build src wmClass;
|
||||
product = "CLion";
|
||||
meta = with stdenv.lib; {
|
||||
homepage = "https://www.jetbrains.com/clion/";
|
||||
@ -51,9 +51,9 @@ let
|
||||
};
|
||||
});
|
||||
|
||||
buildIdea = { name, version, build, src, license, description }:
|
||||
buildIdea = { name, version, build, src, license, description, wmClass }:
|
||||
(mkIdeaProduct rec {
|
||||
inherit name version build src;
|
||||
inherit name version build src wmClass;
|
||||
product = "IDEA";
|
||||
meta = with stdenv.lib; {
|
||||
homepage = "https://www.jetbrains.com/idea/";
|
||||
@ -68,9 +68,9 @@ let
|
||||
};
|
||||
});
|
||||
|
||||
buildRubyMine = { name, version, build, src, license, description }:
|
||||
buildRubyMine = { name, version, build, src, license, description, wmClass }:
|
||||
(mkIdeaProduct rec {
|
||||
inherit name version build src;
|
||||
inherit name version build src wmClass;
|
||||
product = "RubyMine";
|
||||
meta = with stdenv.lib; {
|
||||
homepage = "https://www.jetbrains.com/ruby/";
|
||||
@ -81,9 +81,9 @@ let
|
||||
};
|
||||
});
|
||||
|
||||
buildPhpStorm = { name, version, build, src, license, description }:
|
||||
buildPhpStorm = { name, version, build, src, license, description, wmClass }:
|
||||
(mkIdeaProduct {
|
||||
inherit name version build src;
|
||||
inherit name version build src wmClass;
|
||||
product = "PhpStorm";
|
||||
meta = with stdenv.lib; {
|
||||
homepage = "https://www.jetbrains.com/phpstorm/";
|
||||
@ -98,9 +98,9 @@ let
|
||||
};
|
||||
});
|
||||
|
||||
buildWebStorm = { name, version, build, src, license, description }:
|
||||
buildWebStorm = { name, version, build, src, license, description, wmClass }:
|
||||
(mkIdeaProduct {
|
||||
inherit name version build src;
|
||||
inherit name version build src wmClass;
|
||||
product = "WebStorm";
|
||||
meta = with stdenv.lib; {
|
||||
homepage = "https://www.jetbrains.com/webstorm/";
|
||||
@ -115,9 +115,9 @@ let
|
||||
};
|
||||
});
|
||||
|
||||
buildPycharm = { name, version, build, src, license, description }:
|
||||
buildPycharm = { name, version, build, src, license, description, wmClass }:
|
||||
(mkIdeaProduct rec {
|
||||
inherit name version build src;
|
||||
inherit name version build src wmClass;
|
||||
product = "PyCharm";
|
||||
meta = with stdenv.lib; {
|
||||
homepage = "https://www.jetbrains.com/pycharm/";
|
||||
@ -157,6 +157,7 @@ in
|
||||
"/android-studio-ide-${buildNumber}-linux.zip";
|
||||
sha256 = "1zxxzyhny7j4vzlydrhwz3g8l8zcml84mhkcf5ckx8xr50j3m101";
|
||||
};
|
||||
wmClass = "jetbrains-studio";
|
||||
};
|
||||
|
||||
clion = buildClion rec {
|
||||
@ -169,6 +170,7 @@ in
|
||||
url = "https://download.jetbrains.com/cpp/${name}.tar.gz";
|
||||
sha256 = "0ll1rcnnbd1if6x5rp3qw35lvp5zdzmvyg9n1lha89i34xiw36jp";
|
||||
};
|
||||
wmClass = "jetbrains-clion";
|
||||
};
|
||||
|
||||
idea14-community = buildIdea rec {
|
||||
@ -181,6 +183,7 @@ in
|
||||
url = "https://download.jetbrains.com/idea/ideaIC-${version}.tar.gz";
|
||||
sha256 = "1i4mdjm9dd6zvxlpdgd3bqg45ir0cfc9hl55cdc0hg5qwbz683fz";
|
||||
};
|
||||
wmClass = "jetbrains-idea-ce";
|
||||
};
|
||||
|
||||
idea-community = buildIdea rec {
|
||||
@ -193,6 +196,7 @@ in
|
||||
url = "https://download.jetbrains.com/idea/ideaIC-${version}.tar.gz";
|
||||
sha256 = "15c92wsfw16j48k12x4vw78886yf9yjx7hwwjamgf28lmzvc37iz";
|
||||
};
|
||||
wmClass = "jetbrains-idea-ce";
|
||||
};
|
||||
|
||||
idea14-ultimate = buildIdea rec {
|
||||
@ -205,6 +209,7 @@ in
|
||||
url = "https://download.jetbrains.com/idea/ideaIU-${version}.tar.gz";
|
||||
sha256 = "a2259249f6e7bf14ba17b0af90a18d24d9b4670af60d24f0bb51af2f62500fc2";
|
||||
};
|
||||
wmClass = "jetbrains-idea";
|
||||
};
|
||||
|
||||
idea15-ultimate = buildIdea rec {
|
||||
@ -217,6 +222,7 @@ in
|
||||
url = "https://download.jetbrains.com/idea/ideaIU-${version}.tar.gz";
|
||||
sha256 = "012aap2qn0jx4x34bdv9ivrsr86vvf683srb5vpj27hc4l6rw6ll";
|
||||
};
|
||||
wmClass = "jetbrains-idea";
|
||||
};
|
||||
|
||||
idea-ultimate = buildIdea rec {
|
||||
@ -229,6 +235,7 @@ in
|
||||
url = "https://download.jetbrains.com/idea/ideaIU-${version}.tar.gz";
|
||||
sha256 = "0dxpx4nx845vgqxl5qz029d3w3kn3hi98wgzympidplxrphgalgy";
|
||||
};
|
||||
wmClass = "jetbrains-idea";
|
||||
};
|
||||
|
||||
ruby-mine = buildRubyMine rec {
|
||||
@ -241,6 +248,7 @@ in
|
||||
url = "https://download.jetbrains.com/ruby/RubyMine-${version}.tar.gz";
|
||||
sha256 = "04fcxj1xlap9mxmwf051s926p2darlj5kwl4lms2gy5d8b2lhd5l";
|
||||
};
|
||||
wmClass = "jetbrains-rubymine";
|
||||
};
|
||||
|
||||
pycharm-community = buildPycharm rec {
|
||||
@ -253,6 +261,7 @@ in
|
||||
url = "https://download.jetbrains.com/python/${name}.tar.gz";
|
||||
sha256 = "1ks7crrfnhzkdxban2hh2pnr986vqwmac5zybmb1ighcyamhdi4q";
|
||||
};
|
||||
wmClass = "jetbrains-pycharm-ce";
|
||||
};
|
||||
|
||||
pycharm-professional = buildPycharm rec {
|
||||
@ -265,6 +274,7 @@ in
|
||||
url = "https://download.jetbrains.com/python/${name}.tar.gz";
|
||||
sha256 = "1rn0i5qbvfjbl4v571ngmyslispibcq5ab0fb7xjl38vr1y417f2";
|
||||
};
|
||||
wmClass = "jetbrains-pycharm";
|
||||
};
|
||||
|
||||
phpstorm = buildPhpStorm rec {
|
||||
@ -277,6 +287,7 @@ in
|
||||
url = "https://download.jetbrains.com/webide/PhpStorm-${version}.tar.gz";
|
||||
sha256 = "0fi042zvjpg5pn2mnhj3bbrdkl1b9vmhpf2l6ca4nr0rhjjv7dsm";
|
||||
};
|
||||
wmClass = "jetbrains-phpstorm";
|
||||
};
|
||||
|
||||
webstorm = buildWebStorm rec {
|
||||
@ -289,6 +300,7 @@ in
|
||||
url = "https://download.jetbrains.com/webstorm/WebStorm-${version}.tar.gz";
|
||||
sha256 = "0a5s6f99wyql5pgjl94pf4ljdbviik3b8dbr1s6b7c6jn1gk62ic";
|
||||
};
|
||||
wmClass = "jetbrains-webstorm";
|
||||
};
|
||||
|
||||
}
|
||||
|
@ -1,6 +1,6 @@
|
||||
{ stdenv, fetchFromGitHub, cmake, gettext, glib, libmsgpack, libtermkey
|
||||
, libtool, libuv, lpeg, lua, luajit, luaMessagePack, luabitop, ncurses, perl
|
||||
, pkgconfig, unibilium, makeWrapper, vimUtils
|
||||
, libtool, libuv, lpeg, lua, luajit, luaMessagePack, luabitop, man, ncurses
|
||||
, perl, pkgconfig, unibilium, makeWrapper, vimUtils, xsel
|
||||
|
||||
, withPython ? true, pythonPackages, extraPythonPackages ? []
|
||||
, withPython3 ? true, python3Packages, extraPython3Packages ? []
|
||||
@ -101,7 +101,10 @@ let
|
||||
# triggers on buffer overflow bug while running tests
|
||||
hardeningDisable = [ "fortify" ];
|
||||
|
||||
preConfigure = stdenv.lib.optionalString stdenv.isDarwin ''
|
||||
preConfigure = ''
|
||||
substituteInPlace runtime/autoload/man.vim \
|
||||
--replace /usr/bin/man ${man}/bin/man
|
||||
'' + stdenv.lib.optionalString stdenv.isDarwin ''
|
||||
export DYLD_LIBRARY_PATH=${jemalloc}/lib
|
||||
substituteInPlace src/nvim/CMakeLists.txt --replace " util" ""
|
||||
'';
|
||||
@ -111,6 +114,7 @@ let
|
||||
install_name_tool -change libjemalloc.1.dylib \
|
||||
${jemalloc}/lib/libjemalloc.1.dylib \
|
||||
$out/bin/nvim
|
||||
sed -i -e "s|'xsel|'${xsel}/bin/xsel|" share/nvim/runtime/autoload/provider/clipboard.vim
|
||||
'' + optionalString withPython ''
|
||||
ln -s ${pythonEnv}/bin/python $out/bin/nvim-python
|
||||
'' + optionalString withPyGUI ''
|
||||
|
@ -1,4 +1,4 @@
|
||||
{ fetchurl, stdenv, glib, xorg, cairo, gtk}:
|
||||
{ fetchurl, stdenv, glib, xorg, cairo, gtk, makeDesktopItem }:
|
||||
let
|
||||
libPath = stdenv.lib.makeLibraryPath [glib xorg.libX11 gtk cairo];
|
||||
in
|
||||
@ -31,8 +31,27 @@ stdenv.mkDerivation rec {
|
||||
--interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" \
|
||||
--set-rpath ${libPath}:${stdenv.cc.cc.lib}/lib${stdenv.lib.optionalString stdenv.is64bit "64"} \
|
||||
$out/sublime/sublime_text
|
||||
|
||||
mkdir -p $out/share/icons
|
||||
|
||||
for x in $(ls $out/sublime/Icon); do
|
||||
mkdir -p $out/share/icons/hicolor/$x/apps
|
||||
cp -v $out/sublime/Icon/$x/* $out/share/icons/hicolor/$x/apps
|
||||
done
|
||||
|
||||
ln -sv "${desktopItem}/share/applications" $out/share
|
||||
'';
|
||||
|
||||
desktopItem = makeDesktopItem {
|
||||
name = "sublime2";
|
||||
exec = "sublime2 %F";
|
||||
comment = meta.description;
|
||||
desktopName = "Sublime Text";
|
||||
genericName = "Text Editor";
|
||||
categories = "TextEditor;Development;";
|
||||
icon = "sublime_text";
|
||||
};
|
||||
|
||||
meta = {
|
||||
description = "Sophisticated text editor for code, markup and prose";
|
||||
license = stdenv.lib.licenses.unfree;
|
||||
|
@ -12,7 +12,7 @@ stdenv.mkDerivation rec {
|
||||
|
||||
buildInputs = [ qt4 poppler_qt4 zlib ];
|
||||
nativeBuildInputs = [ pkgconfig poppler qmake4Hook ];
|
||||
NIX_CFLAGS_COMPILE="-I${poppler}/include/poppler";
|
||||
NIX_CFLAGS_COMPILE="-I${poppler.dev}/include/poppler";
|
||||
|
||||
preConfigure = ''
|
||||
qmakeFlags="$qmakeFlags DESKTOPDIR=$out/share/applications ICONDIR=$out/share/pixmaps"
|
||||
|
@ -43,7 +43,8 @@ stdenv.mkDerivation rec {
|
||||
|
||||
patches = [ ./imagetragick.patch ] ++ cfg.patches;
|
||||
|
||||
outputs = [ "out" "doc" ];
|
||||
outputs = [ "dev" "out" "doc" ]; # bin/ isn't really big
|
||||
outputMan = "out"; # it's tiny
|
||||
|
||||
enableParallelBuilding = true;
|
||||
|
||||
@ -76,18 +77,23 @@ stdenv.mkDerivation rec {
|
||||
;
|
||||
|
||||
postInstall = ''
|
||||
|
||||
(cd "$out/include" && ln -s ImageMagick* ImageMagick)
|
||||
(cd "$dev/include" && ln -s ImageMagick* ImageMagick)
|
||||
moveToOutput "bin/*-config" "$dev"
|
||||
moveToOutput "lib/ImageMagick-*/config-Q16" "$dev" # includes configure params
|
||||
for file in "$dev"/bin/*-config; do
|
||||
substituteInPlace "$file" --replace pkg-config \
|
||||
"PKG_CONFIG_PATH='$dev/lib/pkgconfig' '${pkgconfig}/bin/pkg-config'"
|
||||
done
|
||||
'' + lib.optionalString (ghostscript != null) ''
|
||||
for la in $out/lib/*.la; do
|
||||
sed 's|-lgs|-L${ghostscript}/lib -lgs|' -i $la
|
||||
sed 's|-lgs|-L${lib.getLib ghostscript}/lib -lgs|' -i $la
|
||||
done
|
||||
'';
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
homepage = http://www.imagemagick.org/;
|
||||
description = "A software suite to create, edit, compose, or convert bitmap images";
|
||||
platforms = platforms.linux ++ [ "x86_64-darwin" ];
|
||||
platforms = platforms.linux ++ platforms.darwin;
|
||||
maintainers = with maintainers; [ the-kenny wkennington ];
|
||||
};
|
||||
}
|
||||
|
@ -71,7 +71,7 @@ let
|
||||
# Help digiKam find libusb, otherwise gphoto2 support is disabled
|
||||
cmakeFlags = [
|
||||
"-DLIBUSB_LIBRARIES=${libusb1.out}/lib"
|
||||
"-DLIBUSB_INCLUDE_DIR=${libusb1}/include/libusb-1.0"
|
||||
"-DLIBUSB_INCLUDE_DIR=${libusb1.dev}/include/libusb-1.0"
|
||||
"-DENABLE_BALOOSUPPORT=ON"
|
||||
"-DENABLE_KDEPIMLIBSSUPPORT=ON"
|
||||
"-DENABLE_LCMS2=ON" ]
|
||||
|
@ -1,27 +1,29 @@
|
||||
{ stdenv, fetchurl, pkgconfig, fltk, openexr, mesa, which, openexr_ctl }:
|
||||
{ stdenv, fetchurl, pkgconfig, fltk, openexr, mesa, openexr_ctl }:
|
||||
|
||||
assert fltk.glSupport;
|
||||
|
||||
stdenv.mkDerivation {
|
||||
name ="openexr_viewers-1.0.1";
|
||||
name ="openexr_viewers-2.2.0";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://savannah/openexr/openexr_viewers-1.0.1.tar.gz";
|
||||
sha256 = "1w5qbcdp7sw48z1wk2v07f7p14vqqb1m2ncxyxnbkm9f4ab0ymg6";
|
||||
url = "mirror://savannah/openexr/openexr_viewers-2.2.0.tar.gz";
|
||||
sha256 = "1s84vnas12ybx8zz0jcmpfbk9m4ab5bg2d3cglqwk3wys7jf4gzp";
|
||||
};
|
||||
|
||||
configurePhase =
|
||||
''
|
||||
# don't know why.. adding these flags it works
|
||||
#export CXXFLAGS=`fltk-config --use-gl --cxxflags --ldflags`
|
||||
configurePhase = ''
|
||||
./configure --prefix=$out --with-fltk-config=${fltk}/bin/fltk-config
|
||||
'';
|
||||
|
||||
buildInputs = [ openexr fltk pkgconfig mesa which openexr_ctl ];
|
||||
buildPahse = ''
|
||||
make LDFLAGS="`fltk-config --ldflags` -lGL -lfltk_gl"
|
||||
'';
|
||||
|
||||
buildInputs = [ openexr fltk pkgconfig mesa openexr_ctl ];
|
||||
|
||||
meta = {
|
||||
description = "Tool to view OpenEXR images";
|
||||
homepage = http://openexr.com;
|
||||
license = "BSD-like";
|
||||
description = "Application for viewing OpenEXR images on a display at various exposure settings";
|
||||
homepage = "http://openexr.com";
|
||||
platforms = stdenv.lib.platforms.linux;
|
||||
license = stdenv.lib.licenses.bsd3;
|
||||
};
|
||||
}
|
||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user