Merge staging-next into staging

This commit is contained in:
Frederik Rietdijk 2020-05-14 09:37:03 +02:00
commit 404fe35d65
197 changed files with 2754 additions and 1663 deletions

View File

@ -141,7 +141,7 @@ let
mergeAttrsWithFunc mergeAttrsConcatenateValues
mergeAttrsNoOverride mergeAttrByFunc mergeAttrsByFuncDefaults
mergeAttrsByFuncDefaultsClean mergeAttrBy
fakeSri fakeSha256 fakeSha512
fakeHash fakeSha256 fakeSha512
nixType imap;
inherit (versions)
splitVersion;

View File

@ -272,7 +272,7 @@ rec {
imap = imap1;
# Fake hashes. Can be used as hash placeholders, when computing hash ahead isn't trivial
fakeSri = "sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=";
fakeHash = "sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=";
fakeSha256 = "0000000000000000000000000000000000000000000000000000000000000000";
fakeSha512 = "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000";
}

View File

@ -2044,6 +2044,12 @@
githubId = 108501;
name = "David Pflug";
};
dramaturg = {
email = "seb@ds.ag";
github = "dramaturg";
githubId = 472846;
name = "Sebastian Krohn";
};
drets = {
email = "dmitryrets@gmail.com";
github = "drets";
@ -2482,7 +2488,7 @@
};
evils = {
email = "evils.devils@protonmail.com";
github = "evils-devils";
github = "evils";
githubId = 30512529;
name = "Evils";
};
@ -4609,6 +4615,12 @@
githubId = 2057309;
name = "Sergey Sofeychuk";
};
lynty = {
email = "ltdong93+nix@gmail.com";
github = "lynty";
githubId = 39707188;
name = "Lynn Dong";
};
lyt = {
email = "wheatdoge@gmail.com";
name = "Tim Liou";
@ -7130,6 +7142,12 @@
githubId = 1505617;
name = "Sean Lee";
};
SlothOfAnarchy = {
email = "slothofanarchy1@gmail.com";
github = "SlothOfAnarchy";
githubId = 12828415;
name = "Michel Weitbrecht";
};
smakarov = {
email = "setser200018@gmail.com";
github = "setser";

View File

@ -235,7 +235,16 @@ php.override {
Be aware that backwards state migrations are not supported by Deluge.
</para>
</listitem>
<listitem>
<para>
Add option <literal>services.nginx.enableSandbox</literal> to starting Nginx web server with additional sandbox/hardening options.
By default, write access to <literal>services.nginx.stateDir</literal> is allowed. To allow writing to other folders,
use <literal>systemd.services.nginx.serviceConfig.ReadWritePaths</literal>
<programlisting>
systemd.services.nginx.serviceConfig.ReadWritePaths = [ "/var/www" ];
</programlisting>
</para>
</listitem>
<listitem>
<para>
The NixOS options <literal>nesting.clone</literal> and
@ -335,6 +344,15 @@ php.override {
your configuration simply remove the quotes around the numbers.
</para>
</listitem>
<listitem>
<para>
When using <literal>buildBazelPackage</literal> from Nixpkgs,
<literal>flat</literal> hash mode is now used for dependencies
instead of <literal>recursive</literal>. This is to better allow
using hashed mirrors where needed. As a result, these hashes
will have changed.
</para>
</listitem>
</itemizedlist>
</section>

View File

@ -52,6 +52,15 @@ in
];
options = {
hardware.nvidia.powerManagement.enable = mkOption {
type = types.bool;
default = false;
description = ''
Experimental power management through systemd. For more information, see
the NVIDIA docs, on Chapter 21. Configuring Power Management Support.
'';
};
hardware.nvidia.modesetting.enable = mkOption {
type = types.bool;
default = false;
@ -226,12 +235,34 @@ in
environment.systemPackages = [ nvidia_x11.bin nvidia_x11.settings ]
++ filter (p: p != null) [ nvidia_x11.persistenced ];
systemd.tmpfiles.rules = optional config.virtualisation.docker.enableNvidia
"L+ /run/nvidia-docker/bin - - - - ${nvidia_x11.bin}/origBin"
++ optional (nvidia_x11.persistenced != null && config.virtualisation.docker.enableNvidia)
"L+ /run/nvidia-docker/extras/bin/nvidia-persistenced - - - - ${nvidia_x11.persistenced}/origBin/nvidia-persistenced";
systemd.packages = optional cfg.powerManagement.enable nvidia_x11.out;
systemd.services."nvidia-persistenced" = mkIf nvidiaPersistencedEnabled {
systemd.services = let
baseNvidiaService = state: {
description = "NVIDIA system ${state} actions";
path = with pkgs; [ kbd ];
serviceConfig = {
Type = "oneshot";
ExecStart = "${nvidia_x11.out}/bin/nvidia-sleep.sh '${state}'";
};
};
nvidiaService = sleepState: (baseNvidiaService sleepState) // {
before = [ "systemd-${sleepState}.service" ];
requiredBy = [ "systemd-${sleepState}.service" ];
};
services = (builtins.listToAttrs (map (t: nameValuePair "nvidia-${t}" (nvidiaService t)) ["hibernate" "suspend"]))
// {
nvidia-resume = (baseNvidiaService "resume") // {
after = [ "systemd-suspend.service" "systemd-hibernate.service" ];
requiredBy = [ "systemd-suspend.service" "systemd-hibernate.service" ];
};
};
in optionalAttrs cfg.powerManagement.enable services
// optionalAttrs nvidiaPersistencedEnabled {
"nvidia-persistenced" = mkIf nvidiaPersistencedEnabled {
description = "NVIDIA Persistence Daemon";
wantedBy = [ "multi-user.target" ];
serviceConfig = {
@ -242,6 +273,12 @@ in
ExecStopPost = "${pkgs.coreutils}/bin/rm -rf /var/run/nvidia-persistenced";
};
};
};
systemd.tmpfiles.rules = optional config.virtualisation.docker.enableNvidia
"L+ /run/nvidia-docker/bin - - - - ${nvidia_x11.bin}/origBin"
++ optional (nvidia_x11.persistenced != null && config.virtualisation.docker.enableNvidia)
"L+ /run/nvidia-docker/extras/bin/nvidia-persistenced - - - - ${nvidia_x11.persistenced}/origBin/nvidia-persistenced";
boot.extraModulePackages = [ nvidia_x11.bin ];
@ -250,7 +287,8 @@ in
optionals config.services.xserver.enable [ "nvidia" "nvidia_modeset" "nvidia_drm" ];
# If requested enable modesetting via kernel parameter.
boot.kernelParams = optional (offloadCfg.enable || cfg.modesetting.enable) "nvidia-drm.modeset=1";
boot.kernelParams = optional (offloadCfg.enable || cfg.modesetting.enable) "nvidia-drm.modeset=1"
++ optional cfg.powerManagement.enable "nvidia.NVreg_PreserveVideoMemoryAllocations=1";
# Create /dev/nvidia-uvm when the nvidia-uvm module is loaded.
services.udev.extraRules =

View File

@ -792,6 +792,7 @@
./services/security/nginx-sso.nix
./services/security/oauth2_proxy.nix
./services/security/oauth2_proxy_nginx.nix
./services/security/privacyidea.nix
./services/security/physlock.nix
./services/security/shibboleth-sp.nix
./services/security/sks.nix

View File

@ -223,7 +223,7 @@ in
config = mkIf cfg.enable {
security.doas.extraRules = [
security.doas.extraRules = mkOrder 600 [
{
groups = [ "wheel" ];
noPass = !cfg.wheelNeedsPassword;

View File

@ -54,7 +54,7 @@ let
description = ''
If set, users listed in
<filename>~/.yubico/authorized_yubikeys</filename>
are able to log in with the asociated Yubikey tokens.
are able to log in with the associated Yubikey tokens.
'';
};

View File

@ -268,7 +268,8 @@ let
mkSrcAttrs = srcCfg: with srcCfg; {
enabled = onOff enable;
mbuffer = with mbuffer; if enable then "${pkgs.mbuffer}/bin/mbuffer"
# mbuffer is not referenced by its full path to accomodate non-NixOS systems or differing mbuffer versions between source and target
mbuffer = with mbuffer; if enable then "mbuffer"
+ optionalString (port != null) ":${toString port}" else "off";
mbuffer_size = mbuffer.size;
post_znap_cmd = nullOff postsnap;
@ -357,6 +358,12 @@ in
default = false;
};
features.oracleMode = mkEnableOption ''
Destroy snapshots one by one instead of using one long argument list.
If source and destination are out of sync for a long time, you may have
so many snapshots to destroy that the argument gets is too long and the
command fails.
'';
features.recvu = mkEnableOption ''
recvu feature which uses <literal>-u</literal> on the receiving end to keep the destination
filesystem unmounted.
@ -458,5 +465,5 @@ in
};
};
meta.maintainers = with maintainers; [ infinisil ];
meta.maintainers = with maintainers; [ infinisil SlothOfAnarchy ];
}

View File

@ -17,6 +17,7 @@ let
hba_file = '${pkgs.writeText "pg_hba.conf" cfg.authentication}'
ident_file = '${pkgs.writeText "pg_ident.conf" cfg.identMap}'
log_destination = 'stderr'
log_line_prefix = '${cfg.logLinePrefix}'
listen_addresses = '${if cfg.enableTCPIP then "*" else "localhost"}'
port = ${toString cfg.port}
${cfg.extraConfig}
@ -186,6 +187,17 @@ in
'';
};
logLinePrefix = mkOption {
type = types.str;
default = "[%p] ";
example = "%m [%p] ";
description = ''
A printf-style string that is output at the beginning of each log line.
Upstream default is <literal>'%m [%p] '</literal>, i.e. it includes the timestamp. We do
not include the timestamp, because journal has it anyway.
'';
};
extraPlugins = mkOption {
type = types.listOf types.path;
default = [];

View File

@ -217,6 +217,9 @@ in {
createHome = false;
uid = config.ids.uids.ipfs;
description = "IPFS daemon user";
packages = [
pkgs.ipfs-migrator
];
};
};

View File

@ -115,7 +115,7 @@ in
if cfg.mode == "boot"
then [ "boot" cfg.kernel ]
++ optional (cfg.initrd != "") cfg.initrd
++ optional (cfg.cmdLine != "") "--cmdline=${lib.escapeShellArg cfg.cmdLine}"
++ optionals (cfg.cmdLine != "") [ "--cmdline" cfg.cmdLine ]
else [ "api" cfg.apiServer ];
in
''

View File

@ -0,0 +1,279 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.privacyidea;
uwsgi = pkgs.uwsgi.override { plugins = [ "python3" ]; };
python = uwsgi.python3;
penv = python.withPackages (ps: [ ps.privacyidea ]);
logCfg = pkgs.writeText "privacyidea-log.cfg" ''
[formatters]
keys=detail
[handlers]
keys=stream
[formatter_detail]
class=privacyidea.lib.log.SecureFormatter
format=[%(asctime)s][%(process)d][%(thread)d][%(levelname)s][%(name)s:%(lineno)d] %(message)s
[handler_stream]
class=StreamHandler
level=NOTSET
formatter=detail
args=(sys.stdout,)
[loggers]
keys=root,privacyidea
[logger_privacyidea]
handlers=stream
qualname=privacyidea
level=INFO
[logger_root]
handlers=stream
level=ERROR
'';
piCfgFile = pkgs.writeText "privacyidea.cfg" ''
SUPERUSER_REALM = [ '${concatStringsSep "', '" cfg.superuserRealm}' ]
SQLALCHEMY_DATABASE_URI = 'postgresql:///privacyidea'
SECRET_KEY = '${cfg.secretKey}'
PI_PEPPER = '${cfg.pepper}'
PI_ENCFILE = '${cfg.encFile}'
PI_AUDIT_KEY_PRIVATE = '${cfg.auditKeyPrivate}'
PI_AUDIT_KEY_PUBLIC = '${cfg.auditKeyPublic}'
PI_LOGCONFIG = '${logCfg}'
${cfg.extraConfig}
'';
in
{
options = {
services.privacyidea = {
enable = mkEnableOption "PrivacyIDEA";
stateDir = mkOption {
type = types.str;
default = "/var/lib/privacyidea";
description = ''
Directory where all PrivacyIDEA files will be placed by default.
'';
};
superuserRealm = mkOption {
type = types.listOf types.str;
default = [ "super" "administrators" ];
description = ''
The realm where users are allowed to login as administrators.
'';
};
secretKey = mkOption {
type = types.str;
example = "t0p s3cr3t";
description = ''
This is used to encrypt the auth_token.
'';
};
pepper = mkOption {
type = types.str;
example = "Never know...";
description = ''
This is used to encrypt the admin passwords.
'';
};
encFile = mkOption {
type = types.str;
default = "${cfg.stateDir}/enckey";
description = ''
This is used to encrypt the token data and token passwords
'';
};
auditKeyPrivate = mkOption {
type = types.str;
default = "${cfg.stateDir}/private.pem";
description = ''
Private Key for signing the audit log.
'';
};
auditKeyPublic = mkOption {
type = types.str;
default = "${cfg.stateDir}/public.pem";
description = ''
Public key for checking signatures of the audit log.
'';
};
adminPasswordFile = mkOption {
type = types.path;
description = "File containing password for the admin user";
};
adminEmail = mkOption {
type = types.str;
example = "admin@example.com";
description = "Mail address for the admin user";
};
extraConfig = mkOption {
type = types.lines;
default = "";
description = ''
Extra configuration options for pi.cfg.
'';
};
user = mkOption {
type = types.str;
default = "privacyidea";
description = "User account under which PrivacyIDEA runs.";
};
group = mkOption {
type = types.str;
default = "privacyidea";
description = "Group account under which PrivacyIDEA runs.";
};
ldap-proxy = {
enable = mkEnableOption "PrivacyIDEA LDAP Proxy";
configFile = mkOption {
type = types.path;
default = "";
description = ''
Path to PrivacyIDEA LDAP Proxy configuration (proxy.ini).
'';
};
user = mkOption {
type = types.str;
default = "pi-ldap-proxy";
description = "User account under which PrivacyIDEA LDAP proxy runs.";
};
group = mkOption {
type = types.str;
default = "pi-ldap-proxy";
description = "Group account under which PrivacyIDEA LDAP proxy runs.";
};
};
};
};
config = mkMerge [
(mkIf cfg.enable {
environment.systemPackages = [ python.pkgs.privacyidea ];
services.postgresql.enable = mkDefault true;
systemd.services.privacyidea = let
piuwsgi = pkgs.writeText "uwsgi.json" (builtins.toJSON {
uwsgi = {
plugins = [ "python3" ];
pythonpath = "${penv}/${uwsgi.python3.sitePackages}";
socket = "/run/privacyidea/socket";
uid = cfg.user;
gid = cfg.group;
chmod-socket = 770;
chown-socket = "${cfg.user}:nginx";
chdir = cfg.stateDir;
wsgi-file = "${penv}/etc/privacyidea/privacyideaapp.wsgi";
processes = 4;
harakiri = 60;
reload-mercy = 8;
stats = "/run/privacyidea/stats.socket";
max-requests = 2000;
limit-as = 1024;
reload-on-as = 512;
reload-on-rss = 256;
no-orphans = true;
vacuum = true;
};
});
in {
wantedBy = [ "multi-user.target" ];
after = [ "postgresql.service" ];
path = with pkgs; [ openssl ];
environment.PRIVACYIDEA_CONFIGFILE = piCfgFile;
preStart = let
pi-manage = "${pkgs.sudo}/bin/sudo -u privacyidea -HE ${penv}/bin/pi-manage";
pgsu = config.services.postgresql.superUser;
psql = config.services.postgresql.package;
in ''
mkdir -p ${cfg.stateDir} /run/privacyidea
chown ${cfg.user}:${cfg.group} -R ${cfg.stateDir} /run/privacyidea
if ! test -e "${cfg.stateDir}/db-created"; then
${pkgs.sudo}/bin/sudo -u ${pgsu} ${psql}/bin/createuser --no-superuser --no-createdb --no-createrole ${cfg.user}
${pkgs.sudo}/bin/sudo -u ${pgsu} ${psql}/bin/createdb --owner ${cfg.user} privacyidea
${pi-manage} create_enckey
${pi-manage} create_audit_keys
${pi-manage} createdb
${pi-manage} admin add admin -e ${cfg.adminEmail} -p "$(cat ${cfg.adminPasswordFile})"
${pi-manage} db stamp head -d ${penv}/lib/privacyidea/migrations
touch "${cfg.stateDir}/db-created"
chmod g+r "${cfg.stateDir}/enckey" "${cfg.stateDir}/private.pem"
fi
${pi-manage} db upgrade -d ${penv}/lib/privacyidea/migrations
'';
serviceConfig = {
Type = "notify";
ExecStart = "${uwsgi}/bin/uwsgi --json ${piuwsgi}";
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
ExecStop = "${pkgs.coreutils}/bin/kill -INT $MAINPID";
NotifyAccess = "main";
KillSignal = "SIGQUIT";
StandardError = "syslog";
};
};
users.users.privacyidea = mkIf (cfg.user == "privacyidea") {
group = cfg.group;
};
users.groups.privacyidea = mkIf (cfg.group == "privacyidea") {};
})
(mkIf cfg.ldap-proxy.enable {
systemd.services.privacyidea-ldap-proxy = let
ldap-proxy-env = pkgs.python2.withPackages (ps: [ ps.privacyidea-ldap-proxy ]);
in {
description = "privacyIDEA LDAP proxy";
wantedBy = [ "multi-user.target" ];
serviceConfig = {
User = cfg.ldap-proxy.user;
Group = cfg.ldap-proxy.group;
ExecStart = ''
${ldap-proxy-env}/bin/twistd \
--nodaemon \
--pidfile= \
-u ${cfg.ldap-proxy.user} \
-g ${cfg.ldap-proxy.group} \
ldap-proxy \
-c ${cfg.ldap-proxy.configFile}
'';
Restart = "always";
};
};
users.users.pi-ldap-proxy = mkIf (cfg.ldap-proxy.user == "pi-ldap-proxy") {
group = cfg.ldap-proxy.group;
};
users.groups.pi-ldap-proxy = mkIf (cfg.ldap-proxy.group == "pi-ldap-proxy") {};
})
];
}

View File

@ -463,6 +463,14 @@ in
'';
};
enableSandbox = mkOption {
default = false;
type = types.bool;
description = ''
Starting Nginx web server with additional sandbox/hardening options.
'';
};
user = mkOption {
type = types.str;
default = "nginx";
@ -710,6 +718,27 @@ in
LogsDirectoryMode = "0750";
# Capabilities
AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" "CAP_SYS_RESOURCE" ];
CapabilityBoundingSet = [ "CAP_NET_BIND_SERVICE" "CAP_SYS_RESOURCE" ];
# Security
NoNewPrivileges = true;
} // optionalAttrs cfg.enableSandbox {
# Sandboxing
ProtectSystem = "strict";
ProtectHome = mkDefault true;
PrivateTmp = true;
PrivateDevices = true;
ProtectHostname = true;
ProtectKernelTunables = true;
ProtectKernelModules = true;
ProtectControlGroups = true;
RestrictAddressFamilies = [ "AF_UNIX" "AF_INET" "AF_INET6" ];
LockPersonality = true;
MemoryDenyWriteExecute = !(builtins.any (mod: (mod.allowMemoryWriteExecute or false)) pkgs.nginx.modules);
RestrictRealtime = true;
RestrictSUIDSGID = true;
PrivateMounts = true;
# System Call Filtering
SystemCallArchitectures = "native";
};
};

View File

@ -30,6 +30,7 @@ in
./sawfish.nix
./stumpwm.nix
./spectrwm.nix
./tinywm.nix
./twm.nix
./windowmaker.nix
./wmii.nix

View File

@ -0,0 +1,25 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.xserver.windowManager.tinywm;
in
{
###### interface
options = {
services.xserver.windowManager.tinywm.enable = mkEnableOption "tinywm";
};
###### implementation
config = mkIf cfg.enable {
services.xserver.windowManager.session = singleton {
name = "tinywm";
start = ''
${pkgs.tinywm}/bin/tinywm &
waitPID=$!
'';
};
environment.systemPackages = [ pkgs.tinywm ];
};
}

View File

@ -201,8 +201,23 @@ let
];
makeJobScript = name: text:
let mkScriptName = s: "unit-script-" + (replaceChars [ "\\" "@" ] [ "-" "_" ] (shellEscape s) );
in pkgs.writeTextFile { name = mkScriptName name; executable = true; inherit text; };
let
scriptName = replaceChars [ "\\" "@" ] [ "-" "_" ] (shellEscape name);
out = pkgs.writeTextFile {
# The derivation name is different from the script file name
# to keep the script file name short to avoid cluttering logs.
name = "unit-script-${scriptName}";
executable = true;
destination = "/bin/${scriptName}";
text = ''
#!${pkgs.runtimeShell} -e
${text}
'';
checkPhase = ''
${pkgs.stdenv.shell} -n "$out/bin/${scriptName}"
'';
};
in "${out}/bin/${scriptName}";
unitConfig = { config, options, ... }: {
config = {
@ -250,40 +265,28 @@ let
environment.PATH = config.path;
}
(mkIf (config.preStart != "")
{ serviceConfig.ExecStartPre = makeJobScript "${name}-pre-start" ''
#! ${pkgs.runtimeShell} -e
${config.preStart}
'';
{ serviceConfig.ExecStartPre =
makeJobScript "${name}-pre-start" config.preStart;
})
(mkIf (config.script != "")
{ serviceConfig.ExecStart = makeJobScript "${name}-start" ''
#! ${pkgs.runtimeShell} -e
${config.script}
'' + " " + config.scriptArgs;
{ serviceConfig.ExecStart =
makeJobScript "${name}-start" config.script + " " + config.scriptArgs;
})
(mkIf (config.postStart != "")
{ serviceConfig.ExecStartPost = makeJobScript "${name}-post-start" ''
#! ${pkgs.runtimeShell} -e
${config.postStart}
'';
{ serviceConfig.ExecStartPost =
makeJobScript "${name}-post-start" config.postStart;
})
(mkIf (config.reload != "")
{ serviceConfig.ExecReload = makeJobScript "${name}-reload" ''
#! ${pkgs.runtimeShell} -e
${config.reload}
'';
{ serviceConfig.ExecReload =
makeJobScript "${name}-reload" config.reload;
})
(mkIf (config.preStop != "")
{ serviceConfig.ExecStop = makeJobScript "${name}-pre-stop" ''
#! ${pkgs.runtimeShell} -e
${config.preStop}
'';
{ serviceConfig.ExecStop =
makeJobScript "${name}-pre-stop" config.preStop;
})
(mkIf (config.postStop != "")
{ serviceConfig.ExecStopPost = makeJobScript "${name}-post-stop" ''
#! ${pkgs.runtimeShell} -e
${config.postStop}
'';
{ serviceConfig.ExecStopPost =
makeJobScript "${name}-post-stop" config.postStop;
})
];
};

View File

@ -7,10 +7,8 @@ let
cfg = config.virtualisation.libvirtd;
vswitch = config.virtualisation.vswitch;
configFile = pkgs.writeText "libvirtd.conf" ''
unix_sock_group = "libvirtd"
unix_sock_rw_perms = "0770"
auth_unix_ro = "none"
auth_unix_rw = "none"
auth_unix_ro = "polkit"
auth_unix_rw = "polkit"
${cfg.extraConfig}
'';
qemuConfigFile = pkgs.writeText "qemu.conf" ''
@ -269,5 +267,14 @@ in {
systemd.sockets.libvirtd .wantedBy = [ "sockets.target" ];
systemd.sockets.libvirtd-tcp.wantedBy = [ "sockets.target" ];
security.polkit.extraConfig = ''
polkit.addRule(function(action, subject) {
if (action.id == "org.libvirt.unix.manage" &&
subject.isInGroup("libvirtd")) {
return polkit.Result.YES;
}
});
'';
};
}

View File

@ -225,6 +225,7 @@ in
nginx = handleTest ./nginx.nix {};
nginx-etag = handleTest ./nginx-etag.nix {};
nginx-pubhtml = handleTest ./nginx-pubhtml.nix {};
nginx-sandbox = handleTestOn ["x86_64-linux"] ./nginx-sandbox.nix {};
nginx-sso = handleTest ./nginx-sso.nix {};
nix-ssh-serve = handleTest ./nix-ssh-serve.nix {};
nixos-generate-config = handleTest ./nixos-generate-config.nix {};
@ -260,6 +261,7 @@ in
pppd = handleTest ./pppd.nix {};
predictable-interface-names = handleTest ./predictable-interface-names.nix {};
printing = handleTest ./printing.nix {};
privacyidea = handleTest ./privacyidea.nix {};
prometheus = handleTest ./prometheus.nix {};
prometheus-exporters = handleTest ./prometheus-exporters.nix {};
prosody = handleTest ./xmpp/prosody.nix {};

View File

@ -97,7 +97,7 @@ let
def create_machine_named(name):
return create_machine({**default_flags, "name": "boot-after-install"})
return create_machine({**default_flags, "name": name})
machine.start()
@ -650,6 +650,32 @@ in {
'';
};
bcache = makeInstallerTest "bcache" {
createPartitions = ''
machine.succeed(
"flock /dev/vda parted --script /dev/vda --"
+ " mklabel msdos"
+ " mkpart primary ext2 1M 50MB" # /boot
+ " mkpart primary 50MB 512MB " # swap
+ " mkpart primary 512MB 1024MB" # Cache (typically SSD)
+ " mkpart primary 1024MB -1s ", # Backing device (typically HDD)
"modprobe bcache",
"udevadm settle",
"make-bcache -B /dev/vda4 -C /dev/vda3",
"echo /dev/vda3 > /sys/fs/bcache/register",
"echo /dev/vda4 > /sys/fs/bcache/register",
"udevadm settle",
"mkfs.ext3 -L nixos /dev/bcache0",
"mount LABEL=nixos /mnt",
"mkfs.ext3 -L boot /dev/vda1",
"mkdir /mnt/boot",
"mount LABEL=boot /mnt/boot",
"mkswap -f /dev/vda2 -L swap",
"swapon -L swap",
)
'';
};
# Test a basic install using GRUB 1.
grub1 = makeInstallerTest "grub1" {
createPartitions = ''

View File

@ -2,6 +2,7 @@ import ./make-test-python.nix {
name = "nginx-pubhtml";
machine = { pkgs, ... }: {
systemd.services.nginx.serviceConfig.ProtectHome = "read-only";
services.nginx.enable = true;
services.nginx.virtualHosts.localhost = {
locations."~ ^/\\~([a-z0-9_]+)(/.*)?$".alias = "/home/$1/public_html$2";

View File

@ -0,0 +1,66 @@
import ./make-test-python.nix ({ pkgs, ... }: {
name = "nginx-sandbox";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ izorkin ];
};
# This test checks the creation and reading of a file in sandbox mode. Used simple lua script.
machine = { pkgs, ... }: {
nixpkgs.overlays = [
(self: super: {
nginx-lua = super.nginx.override {
modules = [
pkgs.nginxModules.lua
];
};
})
];
services.nginx.enable = true;
services.nginx.package = pkgs.nginx-lua;
services.nginx.enableSandbox = true;
services.nginx.virtualHosts.localhost = {
extraConfig = ''
location /test1-write {
content_by_lua_block {
local create = os.execute('${pkgs.coreutils}/bin/mkdir /tmp/test1-read')
local create = os.execute('${pkgs.coreutils}/bin/touch /tmp/test1-read/foo.txt')
local echo = os.execute('${pkgs.coreutils}/bin/echo worked > /tmp/test1-read/foo.txt')
}
}
location /test1-read {
root /tmp;
}
location /test2-write {
content_by_lua_block {
local create = os.execute('${pkgs.coreutils}/bin/mkdir /var/web/test2-read')
local create = os.execute('${pkgs.coreutils}/bin/touch /var/web/test2-read/bar.txt')
local echo = os.execute('${pkgs.coreutils}/bin/echo error-worked > /var/web/test2-read/bar.txt')
}
}
location /test2-read {
root /var/web;
}
'';
};
users.users.foo.isNormalUser = true;
};
testScript = ''
machine.wait_for_unit("nginx")
machine.wait_for_open_port(80)
# Checking write in temporary folder
machine.succeed("$(curl -vvv http://localhost/test1-write)")
machine.succeed('test "$(curl -fvvv http://localhost/test1-read/foo.txt)" = worked')
# Checking write in protected folder. In sandbox mode for the nginx service, the folder /var/web is mounted
# in read-only mode.
machine.succeed("mkdir -p /var/web")
machine.succeed("chown nginx:nginx /var/web")
machine.succeed("$(curl -vvv http://localhost/test2-write)")
assert "404 Not Found" in machine.succeed(
"curl -vvv -s http://localhost/test2-read/bar.txt"
)
'';
})

View File

@ -0,0 +1,36 @@
# Miscellaneous small tests that don't warrant their own VM run.
import ./make-test-python.nix ({ pkgs, ...} : rec {
name = "privacyidea";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ fpletz ];
};
machine = { ... }: {
virtualisation.cores = 2;
virtualisation.memorySize = 512;
services.privacyidea = {
enable = true;
secretKey = "testing";
pepper = "testing";
adminPasswordFile = pkgs.writeText "admin-password" "testing";
adminEmail = "root@localhost";
};
services.nginx = {
enable = true;
virtualHosts."_".locations."/".extraConfig = ''
uwsgi_pass unix:/run/privacyidea/socket;
'';
};
};
testScript = ''
machine.start()
machine.wait_for_unit("multi-user.target")
machine.succeed("curl --fail http://localhost | grep privacyIDEA")
machine.succeed(
"curl --fail http://localhost/auth -F username=admin -F password=testing | grep token"
)
'';
})

View File

@ -0,0 +1,73 @@
{ lib
, fetchFromGitHub
, python3
, gtk3
, wrapGAppsHook
, glibcLocales
, gobject-introspection
, gettext
, pango
, gdk-pixbuf
, librsvg
, atk
, libnotify
, libappindicator-gtk3
, gst_all_1
, makeWrapper
, picotts
, sox
}:
python3.pkgs.buildPythonApplication rec {
pname = "gSpeech";
version = "0.9.2";
src = fetchFromGitHub {
owner = "mothsart";
repo = pname;
rev = version;
sha256 = "11pvdpb9jjssp8nmlj21gs7ncgfm89kw26mfc8c2x8w2q4h92ja3";
};
nativeBuildInputs = [
wrapGAppsHook
gobject-introspection
pango
gdk-pixbuf
atk
gettext
libnotify
libappindicator-gtk3
gst_all_1.gstreamer
gst_all_1.gst-plugins-base
gst_all_1.gst-plugins-good
makeWrapper
];
buildInputs = [
glibcLocales
gtk3
python3
];
propagatedBuildInputs = with python3.pkgs; [
pygobject3
librsvg
];
postFixup = ''
wrapProgram $out/bin/gspeech --prefix PATH : ${lib.makeBinPath [ picotts ]}
wrapProgram $out/bin/gspeech-cli --prefix PATH : ${lib.makeBinPath [ picotts ]}
'';
strictDeps = false;
meta = with lib; {
description = "A minimal GUI for the Text To Speech 'Svox Pico'. Read clipboard or selected text in different languages and manage it : pause, stop, replay.";
homepage = "https://github.com/mothsART/gSpeech";
maintainers = with maintainers; [ mothsart ];
license = licenses.gpl3;
platforms = platforms.unix;
};
}

View File

@ -2,11 +2,11 @@
mkDerivation rec {
pname = "synthv1";
version = "0.9.13";
version = "0.9.14";
src = fetchurl {
url = "mirror://sourceforge/synthv1/${pname}-${version}.tar.gz";
sha256 = "0bb48myvgvqcibwm68qhd4852pjr2g19rasf059a799d1hzgfq3l";
sha256 = "08n83krkak20924flb9azhm9hn40lyfvn29m63zs3lw3wajf0b40";
};
buildInputs = [ qtbase qttools libjack2 alsaLib liblo lv2 ];

View File

@ -2,12 +2,12 @@
let
pname = "ledger-live-desktop";
version = "2.1.0";
version = "2.3.2";
name = "${pname}-${version}";
src = fetchurl {
url = "https://github.com/LedgerHQ/${pname}/releases/download/v${version}/${pname}-${version}-linux-x86_64.AppImage";
sha256 = "1ywvdqmq8asczhmvc6ai2v6di1f5q19x3ygqlinwz8d1hrj3496r";
sha256 = "0xd3w564zij614ajg57n1qlvz0hd9l7219qxx81ai6b02b9a5g9h";
};
appimageContents = appimageTools.extractType2 {

View File

@ -1,10 +1,9 @@
{ stdenv, fetchurl, makeWrapper, emacs, tcl, tclx, espeak-ng }:
{ stdenv, fetchurl, makeWrapper, emacs, tcl, tclx, espeak-ng, lib }:
stdenv.mkDerivation rec {
pname = "emacspeak";
version = "51.0";
src = fetchurl {
url = "https://github.com/tvraman/emacspeak/releases/download/${version}/${pname}-${version}.tar.bz2";
sha256 = "09a0ywxlqa8jmc0wmvhaf7bdydnkyhy9nqfsdqcpbsgdzj6qpg90";
@ -33,11 +32,11 @@ stdenv.mkDerivation rec {
--add-flags '-l "${placeholder "out"}/share/emacs/site-lisp/emacspeak/lisp/emacspeak-setup.elc"'
'';
meta = with stdenv.lib; {
meta = {
homepage = "https://github.com/tvraman/emacspeak/";
description = "Emacs extension that provides spoken output";
license = licenses.gpl2;
maintainers = [ dema ];
platforms = platforms.linux;
license = lib.licenses.gpl2;
maintainers = [ ];
platforms = lib.platforms.linux;
};
}

View File

@ -1,29 +0,0 @@
{ stdenv, fetchsvn }:
stdenv.mkDerivation rec {
pname = "hol_light-mode";
version = "73";
src = fetchsvn {
url = "http://seanmcl-ocaml-lib.googlecode.com/svn/trunk/workshop/software/emacs";
rev = version;
sha256 = "3ca83098960439da149a47e1caff32536601559a77f04822be742a390c67feb7";
};
installPhase = ''
DEST=$out/share/emacs/site-lisp
mkdir -p $DEST
cp -a * $DEST
'';
meta = {
description = "A HOL Light mode for Emacs";
homepage = "http://www.cl.cam.ac.uk/~jrh13/hol-light/";
license = stdenv.lib.licenses.gpl2Plus;
platforms = stdenv.lib.platforms.all;
maintainers = [ stdenv.lib.maintainers.thoughtpolice ];
# Fails trying to fetch dependencies in build
# broken = true;
};
}

View File

@ -25,10 +25,12 @@ let
}
) {};
git = self.callPackage ({ fetchgit }:
fetchgit {
(fetchgit {
rev = commit;
inherit sha256 url;
}
}).overrideAttrs(_: {
GIT_SSL_NO_VERIFY = true;
})
) {};
bitbucket = self.callPackage ({ fetchhg }:
fetchhg {

View File

@ -135,7 +135,6 @@
colorThemeSolarized = callPackage ./color-theme-solarized { };
emacsSessionManagement = callPackage ./session-management-for-emacs { };
hsc3-mode = callPackage ./hsc3 { };
hol_light_mode = callPackage ./hol_light { };
ido-ubiquitous = callPackage ./ido-ubiquitous { };
ocaml-mode = callPackage ./ocaml { };
prolog-mode = callPackage ./prolog { };

View File

@ -0,0 +1,58 @@
{ stdenv
, fetchFromGitHub
, SDL2
, lua52Packages
, pkg-config
, makeWrapper
} :
stdenv.mkDerivation rec {
pname = "lite";
version = "1.03";
src = fetchFromGitHub {
owner = "rxi";
repo = pname;
rev = "v${version}";
sha256 = "1h8z4fav5ns9sm92axs3k9v6jgkqq0vg9mixza14949blr426mlj";
};
nativeBuildInputs = [ makeWrapper pkg-config ];
buildInputs = [ SDL2 lua52Packages.lua ];
postPatch = ''
# use system Lua 5.2
rm -rf src/lib/lua52
substituteInPlace src/api/api.h \
--replace '"lib/lua52/lua.h"' '<lua.h>' \
--replace '"lib/lua52/lauxlib.h"' '<lauxlib.h>' \
--replace '"lib/lua52/lualib.h"' '<lualib.h>'
'';
buildPhase = ''
# extracted and adapted from build.sh
CC=$NIX_CC/bin/cc
CFLAGS="-Wall -O3 -g -std=gnu11 -Isrc -DLUA_USE_POPEN $(pkg-config --cflags lua sdl2)"
LDFLAGS="$(pkg-config --libs lua sdl2)"
for f in $(find src -name "*.c"); do
$CC -c $CFLAGS $f -o "''${f//\//_}.o"
done
$CC *.o $LDFLAGS -o lite
'';
installPhase = ''
mkdir -p $out/bin $out/lib/${pname}
cp -a lite $out/lib/${pname}
cp -a data $out/lib/${pname}
makeWrapper $out/lib/${pname}/lite $out/bin/lite
'';
meta = with stdenv.lib; {
description = "A lightweight text editor written in Lua";
homepage = "https://github.com/rxi/lite";
license = licenses.mit;
maintainers = with maintainers; [ filalex77 ];
platforms = platforms.unix;
};
}

View File

@ -78,8 +78,6 @@ in
mkdir -p $out/lib/vscode $out/bin
cp -r ./* $out/lib/vscode
substituteInPlace $out/lib/vscode/bin/${executableName} --replace '"$CLI" "$@"' '"$CLI" "--skip-getting-started" "$@"'
ln -s $out/lib/vscode/bin/${executableName} $out/bin
mkdir -p $out/share/applications

View File

@ -11,8 +11,8 @@ let
archive_fmt = if system == "x86_64-darwin" then "zip" else "tar.gz";
sha256 = {
x86_64-linux = "1n083pzp2dsz6z6rcl1ldcwhd4i03sjigdfslfardhc4v5lbvmv8";
x86_64-darwin = "1qk3gscyskf4fwc8i09afr3wsyd1lwwycx6rf02wwh4n9py50b20";
x86_64-linux = "16zchjp72m6n6za4ak5kn2ax1s5pjfn7l082d6gfbb2y62isvs7q";
x86_64-darwin = "0w35s6nxagcnd6xcm6bp0m63agkqxffig61cr3nnmpbcgj9zc969";
}.${system};
in
callPackage ./generic.nix rec {
@ -21,7 +21,7 @@ in
# Please backport all compatible updates to the stable release.
# This is important for the extension ecosystem.
version = "1.44.2";
version = "1.45.0";
pname = "vscode";
executableName = "code" + lib.optionalString isInsiders "-insiders";

View File

@ -11,8 +11,8 @@ let
archive_fmt = if system == "x86_64-darwin" then "zip" else "tar.gz";
sha256 = {
x86_64-linux = "141hwj1a2bsgzpfk354dnnmg4ak00fss3xsgqplyk949pbk6v1af";
x86_64-darwin = "0fi8nz1gayzw5dp6d3m7jsmij3jj4yjg5rk1s9w6falpgka76dm1";
x86_64-linux = "1wb4s2jw90irlawgl6539gwl0xwaxglaksmbcddbvnr6rq3ypn8n";
x86_64-darwin = "16c1r7knfd5pfqhnk77nanh82azkc28pwkqfcyasbdgm70k17d3p";
}.${system};
sourceRoot = {
@ -27,7 +27,7 @@ in
# Please backport all compatible updates to the stable release.
# This is important for the extension ecosystem.
version = "1.44.2";
version = "1.45.0";
pname = "vscodium";
executableName = "codium";

View File

@ -24,6 +24,10 @@ python3Packages.buildPythonApplication rec {
"\${qtWrapperArgs[@]}"
];
postInstall = ''
install -m666 -Dt $out/share/applications krop.desktop
'';
# Disable checks because of interference with older Qt versions // xcb
doCheck = false;

View File

@ -13,7 +13,7 @@ mkDerivation {
# Fix a bug with thumbnail.so processes hanging:
# https://bugs.kde.org/show_bug.cgi?id=404652
(fetchpatch {
url = "https://phabricator.kde.org/file/data/tnk4b6roouixzifi6vre/PHID-FILE-qkkedevt7svx7lv56ea5/D26635.diff";
url = "https://github.com/KDE/kdegraphics-thumbnailers/commit/3e2ea6e924d0e2a2cdd9bb435b06965117d6d34c.patch";
sha256 = "0fq85zhymmrq8vl0y6vgh87qf4c6fhcq704p4kpkaq7y0isxj4h1";
})
];

View File

@ -1,5 +1,6 @@
{ stdenv
, fetchurl
, fetchpatch
, atk
, cairo
, desktop-file-utils
@ -30,6 +31,15 @@ stdenv.mkDerivation rec {
sha256 = "09rxx4s4c34d1axza6ayss33v78p44r9bpx058shllh1sf5avpcb";
};
patches = [
# Fix gpgme detection
# https://gitlab.gnome.org/GNOME/almanah/merge_requests/7
(fetchpatch {
url = "https://gitlab.gnome.org/GNOME/almanah/commit/4b979c4145ef2fbceebb3849a70df1d0ceb1bb93.patch";
sha256 = "q3M+osNWz7AsDQtFju5S7P4wH3cAdzKOPKnEXTJ+k3M=";
})
];
nativeBuildInputs = [
desktop-file-utils
gettext

View File

@ -3,13 +3,13 @@
buildGoModule rec {
pname = "cheat";
version = "3.9.0";
version = "3.10.0";
src = fetchFromGitHub {
owner = "cheat";
repo = "cheat";
rev = version;
sha256 = "0jbqflkcfdrinx1lk45klm8ml0n4cgp43nzls1376cd3hfayby1y";
sha256 = "1rrhll1i5ibxdchpdifajvsm697pilf82rbq7arn4f4pw5izrhy6";
};
subPackages = [ "cmd/cheat" ];
@ -20,7 +20,7 @@ buildGoModule rec {
installShellCompletion scripts/cheat.{bash,fish,zsh}
'';
modSha256 = "1is19qca5wgzya332rmpk862nnivxzgxchkllv629f5fwwdvdgmg";
modSha256 = "1z4za3rivc3vqv59p5yb5c9dcpmq669rzmf4z7zilbvmgm0pbgfp";
meta = with stdenv.lib; {
description = "Create and view interactive cheatsheets on the command-line";

View File

@ -0,0 +1,27 @@
{ stdenv, fetchFromGitHub, cmake, pkgconfig, gtk3, ncurses, curl
, json_c, libcpuid, pciutils, procps, wrapGAppsHook, nasm }:
stdenv.mkDerivation rec {
pname = "cpu-x";
version = "3.2.4";
src = fetchFromGitHub {
owner = "X0rg";
repo = "CPU-X";
rev = "v${version}";
sha256 = "03y49wh9v7x6brmavj5a2clihn0z4f01pypl7m8ymarv4y3a6xkl";
};
nativeBuildInputs = [ cmake pkgconfig wrapGAppsHook nasm ];
buildInputs = [
gtk3 ncurses curl json_c libcpuid pciutils procps
];
meta = with stdenv.lib; {
description = "Free software that gathers information on CPU, motherboard and more";
homepage = src.meta.homepage;
license = licenses.gpl3;
platforms = [ "x86_64-linux" ];
maintainers = with maintainers; [ gnidorah ];
};
}

View File

@ -105,6 +105,9 @@ in buildFHSUserEnv {
cups lcms2 mpg123 cairo unixODBC samba4 sane-backends openldap
ocl-icd utillinux libkrb5
# Proton
libselinux
# Winetricks
fribidi
] ++ xorgDeps pkgs;

View File

@ -7,13 +7,13 @@ with stdenv.lib;
stdenv.mkDerivation rec {
pname = "tilda";
version = "1.5.0";
version = "1.5.1";
src = fetchFromGitHub {
owner = "lanoxx";
repo = "tilda";
rev = "${pname}-${version}";
sha256 = "13djibj3s7ig13c57ywy38pxy3qfmqihii2c0g15fy2h9q8xp1gx";
sha256 = "1kk69sg7ph906yr5jagkjx0qfkhr5w2nyx407wl2dsjimbps44rd";
};
nativeBuildInputs = [ autoreconfHook makeWrapper pkgconfig ];

View File

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "translate-shell";
version = "0.9.6.11";
version = "0.9.6.12";
src = fetchFromGitHub {
owner = "soimort";
repo = "translate-shell";
rev = "v${version}";
sha256 = "137fz3ahzf65hfqcs4k7hhrmfjlhlw7wr3gfsvk88bnyqkyw44sm";
sha256 = "075vqnha21rhr1b61dim7dqlfwm1yffyzcaa83s36rpk9r5sddzx";
};
buildInputs = [ makeWrapper ];

View File

@ -43,7 +43,7 @@ buildPythonApplication rec {
description = "Interactive terminal multitool for tabular data";
license = lib.licenses.gpl3;
maintainers = [ lib.maintainers.raskin ];
platforms = lib.platforms.linux;
platforms = with lib.platforms; linux ++ darwin;
homepage = "http://visidata.org/";
};
}

View File

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
pname = "worker";
version = "4.3.0";
version = "4.4.0";
src = fetchurl {
url = "http://www.boomerangsworld.de/cms/worker/downloads/${pname}-${version}.tar.gz";
sha256 = "0s7i1qjnh4mfjyrfvbbr1dklqi0n2nwksls21106q633wk9qdlqx";
sha256 = "1k2svpzq01n1h9365nhi7r2k7dmsviczxi9m6fb80ccccdz7i530";
};
buildInputs = [ libX11 ];

View File

@ -1,20 +1,20 @@
{ stdenv, lib, fetchFromGitHub, cmake, libuv, libmicrohttpd, libuuid, openssl
{ stdenv, lib, fetchFromGitHub, cmake, libuv, libmicrohttpd, openssl
, donateLevel ? 0
}:
stdenv.mkDerivation rec {
pname = "xmrig-proxy";
version = "5.0.1";
version = "5.10.0";
src = fetchFromGitHub {
owner = "xmrig";
repo = "xmrig-proxy";
rev = "v${version}";
sha256 = "0lp11p4lf03l9x2kcpq1j19z7c1zrdvjmcfh2xyvlbw8pqx0hxkv";
sha256 = "1p8bxp2nv30c3j3kb0bpby86378h6m7nv2vvzw06lqsj5fqbw4g5";
};
nativeBuildInputs = [ cmake ];
buildInputs = [ libuv libmicrohttpd libuuid openssl ];
buildInputs = [ libuv libmicrohttpd openssl ];
postPatch = ''
# Link dynamically against libuuid instead of statically

View File

@ -94,6 +94,11 @@ stdenv.mkDerivation ({
patches = [
./env_var_for_system_dir.patch
# Fix for NSS 3.52 (add missing CK_GCM_PARMS field)
(fetchpatch {
url = "https://hg.mozilla.org/mozilla-central/raw-rev/463069687b3d";
sha256 = "00yhz67flnkww3rbry0kqn6z6bm7vxfb2sgf7qikgbjcm3ysvpsm";
})
]
++ patches;

View File

@ -21,12 +21,12 @@ let
in mkDerivationWith python3Packages.buildPythonApplication rec {
pname = "qutebrowser";
version = "1.11.0";
version = "1.11.1";
# the release tarballs are different from the git checkout!
src = fetchurl {
url = "https://github.com/qutebrowser/qutebrowser/releases/download/v${version}/${pname}-${version}.tar.gz";
sha256 = "0b0qlki9bp9mm41lrh6rc6qqvm4nsz8da63sby3a1f2xm9b9vvg2";
sha256 = "0cxmmw002f5rvxzyhlhzqm2ipf64w4vspf298p6c5kpg535m8cvs";
};
# Needs tox

View File

@ -2,17 +2,21 @@
buildGoPackage rec {
pname = "cni-plugins";
version = "0.8.5";
version = "0.8.6";
src = fetchFromGitHub {
owner = "containernetworking";
repo = "plugins";
rev = "v${version}";
sha256 = "17c8pvpn0dpda6ah7irr9hhd8sk7mnm32zv72nc5pxg1xvfpaipi";
sha256 = "0f1cqxjf26sy1c4aw6y7pyd9lrz0vknby4q5j6xj77a1pab9073m";
};
goPackagePath = "github.com/containernetworking/plugins";
buildFlagsArray = [
"-ldflags=-X ${goPackagePath}/pkg/utils/buildversion.BuildVersion=${version}"
];
subPackages = [
"plugins/ipam/dhcp"
"plugins/ipam/host-local"

View File

@ -0,0 +1,23 @@
{ lib, buildGoModule, fetchFromGitHub, ... }:
buildGoModule rec {
pname = "helmsman";
version = "3.3.0";
src = fetchFromGitHub {
owner = "Praqma";
repo = "helmsman";
rev = "v${version}";
sha256 = "0i7sg3iwxb07gjxcz6chpdcx3fqykzldmf7s1c9m02hkps910ca8";
};
modSha256 = "19qdrrwmjc32nw8m0zi251z32wqj2d956wgd1dkcvx1x0n4p435g";
meta = with lib; {
description = "Helm Charts (k8s applications) as Code tool";
homepage = "https://github.com/Praqma/helmsman";
license = licenses.mit;
maintainers = with maintainers; [ lynty ];
platforms = platforms.unix;
};
}

View File

@ -11,18 +11,18 @@
buildGoModule rec {
pname = "minikube";
version = "1.9.2";
version = "1.10.1";
# for -ldflags
commit = "1b78a7b8a99ad6a3c62b8d22f57120d614d17935";
commit = "63ab801ac27e5742ae442ce36dff7877dcccb278";
modSha256 = "1pxs6myszgma3rzz0nhfjbnylv6m0xzlinvmlg0c4ijvkkzxg3v5";
modSha256 = "1g94jjwr5higg1b297zwp6grkj7if3mrdafjq9vls9y2svh11xr8";
src = fetchFromGitHub {
owner = "kubernetes";
repo = "minikube";
rev = "v${version}";
sha256 = "025v45427d885qkjjg7ig8fgrvjalnf1lajsj0cnbwbih2m69svg";
sha256 = "05lv6k0j0l00s2895fryp027aa40whbf1gf3fhfg0z5d3p9sbprk";
};
nativeBuildInputs = [ go-bindata installShellFiles pkg-config which ];

View File

@ -118,8 +118,8 @@ in rec {
terraform_0_11-full = terraform_0_11.full;
terraform_0_12 = pluggable (generic {
version = "0.12.24";
sha256 = "1rjihp6qcaizp2nnv4z20kpmjnqcw95pq5rnhq381a3pdzr0cd0z";
version = "0.12.25";
sha256 = "0xq4327386x6isw82d4xyq70pw7xxlh4sgmqas0b2pvyz85jxdch";
patches = [
./provider-path.patch
(fetchpatch {

View File

@ -15,11 +15,11 @@ assert pulseaudioSupport -> libpulseaudio != null;
let
inherit (stdenv.lib) concatStringsSep makeBinPath optional;
version = "5.0.399860.0429";
version = "5.0.403652.0509";
srcs = {
x86_64-linux = fetchurl {
url = "https://zoom.us/client/${version}/zoom_x86_64.tar.xz";
sha256 = "1jid8rs403b709scz8vpqsi1dxdmssn5426wa3d16p45blnxk16k";
sha256 = "00bprrfc7mmf3yg6jddqm2qr73m2zycr8hy19dxqpzld9gbvyzik";
};
};

View File

@ -0,0 +1,57 @@
{ stdenv
, fetchurl
, gcc-unwrapped
, dpkg
, bash
, nodePackages
, makeWrapper
, electron_6
}:
stdenv.mkDerivation rec {
pname = "openbazaar-client";
version = "2.4.4";
src = fetchurl {
url = "https://github.com/OpenBazaar/openbazaar-desktop/releases/download/v${version}/openbazaar2client_${version}_amd64.deb";
sha256 = "146vqwc1gv5zqcz60np8v9ps44m0d2yyjzqpmd4s0pcywvvwdvn6";
};
dontBuild = true;
dontConfigure = true;
nativeBuildInputs = [ makeWrapper ];
unpackPhase = ''
${dpkg}/bin/dpkg-deb -x $src .
'';
installPhase = ''
runHook preInstall
mkdir -p $out/bin $out/share/{${pname},applications,pixmaps}
cp -a usr/lib/openbazaar2client/{locales,resources} $out/share/${pname}
cp -a usr/share/applications/openbazaar2client.desktop $out/share/applications/${pname}.desktop
cp -a usr/share/pixmaps/openbazaar2client.png $out/share/pixmaps/${pname}.png
substituteInPlace $out/share/applications/${pname}.desktop \
--replace 'openbazaar2client' 'openbazaar-client'
runHook postInstall
'';
postFixup = ''
makeWrapper ${electron_6}/bin/electron $out/bin/${pname} \
--add-flags $out/share/${pname}/resources/app \
--prefix LD_LIBRARY_PATH : "${stdenv.lib.makeLibraryPath [ gcc-unwrapped.lib ]}"
'';
meta = with stdenv.lib; {
description = "Decentralized Peer to Peer Marketplace for Bitcoin - client";
homepage = "https://www.openbazaar.org/";
license = licenses.mit;
maintainers = with maintainers; [ prusnak ];
platforms = [ "x86_64-linux" ];
};
}

View File

@ -0,0 +1,48 @@
{ stdenv
, fetchurl
}:
stdenv.mkDerivation rec {
pname = "openbazaar";
version = "0.14.2";
suffix = {
i686-linux = "linux-386";
x86_64-darwin = "darwin-10.6-amd64";
x86_64-linux = "linux-amd64";
}.${stdenv.hostPlatform.system} or (throw "Unsupported system: ${stdenv.hostPlatform.system}");
src = fetchurl {
url = "https://github.com/OpenBazaar/openbazaar-go/releases/download/v${version}/${pname}-go-${suffix}";
sha256 = {
i686-linux = "02kl4ci2pz86qqsll7578q0acygncsyylaschjzzii34c86f1aym";
x86_64-darwin = "1v5m94x4x0nc6i8zlcwb36ps1zpgqgcsz81x1ghkz5c9xzszgzbp";
x86_64-linux = "0m0digw66rzhwl2im88qavli9cc5vxd9pwj6ix86dcf98r93xsrp";
}.${stdenv.hostPlatform.system} or (throw "Unsupported system: ${stdenv.hostPlatform.system}");
};
dontUnpack = true;
dontConfigure = true;
dontBuild = true;
dontStrip = true;
dontPatchELF = true;
preferLocalBuild = true;
installPhase = ''
install -D $src $out/bin/openbazaard
'';
postFixup = stdenv.lib.optionalString (!stdenv.isDarwin) ''
patchelf \
--set-interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" \
$out/bin/openbazaard
'';
meta = with stdenv.lib; {
description = "Decentralized Peer to Peer Marketplace for Bitcoin - daemon";
homepage = "https://www.openbazaar.org/";
license = licenses.mit;
maintainers = with maintainers; [ prusnak ];
platforms = [ "i686-linux" "x86_64-darwin" "x86_64-linux" ];
};
}

View File

@ -13,11 +13,11 @@ with stdenv.lib;
stdenv.mkDerivation rec {
pname = "znc";
version = "1.7.5";
version = "1.8.0";
src = fetchurl {
url = "https://znc.in/releases/archive/${pname}-${version}.tar.gz";
sha256 = "08a7yb2xs85hyyz8dpzfbsfjwj2r6kcii022lj3l4rf8hl9ix558";
sha256 = "0m5xf60r40pgbg9lyk56dafxj2hj149pn2wf8vzsp8xgq4kv5zcl";
};
nativeBuildInputs = [ pkgconfig ];

View File

@ -7,11 +7,11 @@
mkDerivation rec {
pname = "skrooge";
version = "2.21.1";
version = "2.22.1";
src = fetchurl {
url = "http://download.kde.org/stable/skrooge/${pname}-${version}.tar.xz";
sha256 = "0lv953i7cybzbxr5gx6g4libdcjj086jf152mwrwvx1avrpjavb8";
sha256 = "194vwnc2fi7cgdhasxpr1gxjqqsiqadhadvv43d0lxaxys6f360h";
};
nativeBuildInputs = [

View File

@ -35,11 +35,11 @@
stdenv.mkDerivation rec {
pname = "zotero";
version = "5.0.83";
version = "5.0.85";
src = fetchurl {
url = "https://download.zotero.org/client/release/${version}/Zotero-${version}_linux-x86_64.tar.bz2";
sha256 = "1abkwxdi154hnry8nsvxbklvbsnvd7cs2as0041h2kbiz824pv31";
sha256 = "0zqc27kld7rm3akmrnf9ba1x2hb9838cbv6i3nkqvg81ly5gfbxs";
};
nativeBuildInputs = [ wrapGAppsHook ];

View File

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
pname = "verilator";
version = "4.032";
version = "4.034";
src = fetchurl {
url = "https://www.veripool.org/ftp/${pname}-${version}.tgz";
sha256 = "1l3rhgw7pk59dz7dyhcl0iygn6c9rv9bv131rfzg66asxfwbfq1s";
sha256 = "02xqvl9ic21jpda0xldh4ihqwl4ss8389s8fklgx5d98xq37pval";
};
enableParallelBuilding = true;

View File

@ -4,13 +4,13 @@
stdenv.mkDerivation rec {
pname = "wxmaxima";
version = "20.02.4";
version = "20.04.0";
src = fetchFromGitHub {
owner = "wxMaxima-developers";
repo = "wxmaxima";
rev = "Version-${version}";
sha256 = "106a7jrjwfmymzj70nsv44fm3jbxngr8pmkaghhpwy0ln38lhf54";
sha256 = "0vrjxzfgmjdzm1rgl0crz4b4badl14jwh032y3xkcdvjl5j67lp3";
};
buildInputs = [ wxGTK maxima gnome3.adwaita-icon-theme ];

View File

@ -2,13 +2,13 @@
buildGoModule rec {
pname = "gh";
version = "0.7.0";
version = "0.8.0";
src = fetchFromGitHub {
owner = "cli";
repo = "cli";
rev = "v${version}";
sha256 = "054mag8jgxkvx2f95ha10n45v4xv5lms69w76g95z18m62qhjcyl";
sha256 = "08fy3677yq52x40rab49ijhw4r25ls2807dbv9wpna6w07n7r8v7";
};
modSha256 = "0v33x9bnwjfg4425vralnsb4i22c0g1rcmaga9911v0i7d51k0fn";

View File

@ -4,11 +4,11 @@
buildPythonApplication rec {
pname = "git-machete";
version = "2.13.6";
version = "2.14.0";
src = fetchPypi {
inherit pname version;
sha256 = "0n07gm05676vgfh6vlym59jwwzym9xmibhr0zpf0drlx02fr47qy";
sha256 = "01ch4d0r3bi9nl5nknp3dyizc2rl9w46gm1ydnvqbrzhgw65lpp0";
};
nativeBuildInputs = [ installShellFiles pbr ];

View File

@ -2,16 +2,16 @@
rustPlatform.buildRustPackage rec {
pname = "gitui";
version = "0.2.1";
version = "0.2.2";
src = fetchFromGitHub {
owner = "extrawurst";
repo = pname;
rev = "v${version}";
sha256 = "0ln959zsdn0w15kfyp5i4524hzzk23l31n9smi1md4jfj7jycbh1";
sha256 = "1vcdgzr71m9rlkaq5pc2vnli3hdh7vv8g3ji5ancnlk3zcqc78xy";
};
cargoSha256 = "128g23pcccy07jcb4phlfag9ixh5fkwkaiyd7mxjh3wmhppjcx0i";
cargoSha256 = "04g089y6k0p36h08v6swcg1ig2kcadkidnlc0rh04znmv0bkn84d";
buildInputs = stdenv.lib.optionals stdenv.isDarwin [ libiconv Security ];

View File

@ -3,21 +3,21 @@
}:
let
version = "1.15.0";
version = "1.15.1";
# Using two URLs as the first one will break as soon as a new version is released
src_bin = fetchurl {
urls = [
"http://www.makemkv.com/download/makemkv-bin-${version}.tar.gz"
"http://www.makemkv.com/download/old/makemkv-bin-${version}.tar.gz"
];
sha256 = "1zr63fqx4qcrnrbg1f97w9mp3yzzxf0dk8pw60y2d4436vanfba4";
sha256 = "0c9661sdlld8b1g2pk8lbn3gz7cikh9bjqss11ffkriwii1x9fw0";
};
src_oss = fetchurl {
urls = [
"http://www.makemkv.com/download/makemkv-oss-${version}.tar.gz"
"http://www.makemkv.com/download/old/makemkv-oss-${version}.tar.gz"
];
sha256 = "01pdydll37inkq74874rqd5kk0maafnm1lqcv41jzgzjrfkky8d9";
sha256 = "0rm1zykqagy2g8hb7pjrc6akdsym8pgdnx66hnna161jbah3sssy";
};
in mkDerivation {
pname = "makemkv";

View File

@ -8,13 +8,13 @@
stdenv.mkDerivation rec {
pname = "conmon";
version = "2.0.15";
version = "2.0.16";
src = fetchFromGitHub {
owner = "containers";
repo = pname;
rev = "v${version}";
sha256 = "1fshcmnfqzbagzcrh5nxw7pi0dd60xpq47a2lzfghklqhl1h0b5i";
sha256 = "0z0hds95mjxm703ig2aisghvpd2l3wn6m72jnnlv8jnz2iq2nc4g";
};
nativeBuildInputs = [ pkg-config ];

View File

@ -1,5 +1,4 @@
{ flavor ? ""
, stdenv
{ stdenv
, btrfs-progs
, buildGoPackage
, fetchFromGitHub
@ -18,7 +17,6 @@
buildGoPackage rec {
pname = "cri-o";
version = "1.18.0";
name = "${pname}-${version}${flavor}";
goPackagePath = "github.com/cri-o/cri-o";
@ -54,9 +52,7 @@ buildGoPackage rec {
'';
installPhase = ''
install -Dm755 bin/crio $out/bin/crio${flavor}
install -Dm755 bin/crio-status $out/bin/crio-status${flavor}
install -Dm755 bin/pinns $out/bin/pinns${flavor}
install -Dm755 bin/* -t $out/bin
for shell in bash fish zsh; do
installShellCompletion --$shell completions/$shell/*

View File

@ -76,7 +76,7 @@ in buildBazelPackage rec {
rm -f "$bazelOut"/java.log "$bazelOut"/java.log.*
'';
sha256 = "1bn7nhv5pag8fdm8l8nvgg3fzvhpy2yv9yl2slrb16lckxzha3v6";
sha256 = "0r11kbyp1ambgcj35gvjjmxrsrdg7b9jb9sq3kih4lik7zyljp25";
};
buildAttrs = {

View File

@ -14,13 +14,13 @@
buildGoPackage rec {
pname = "podman";
version = "1.9.1";
version = "1.9.2";
src = fetchFromGitHub {
owner = "containers";
repo = "libpod";
rev = "v${version}";
sha256 = "0dr5vd52fnjwx3zn2nj2nlvkbvh5bg579nf3qw8swrn8i1jwxd6j";
sha256 = "0jvqzn1q52z6aka98d2i3dyn2i8xld7xvmi2zfxgm9g53wdgi2g2";
};
goPackagePath = "github.com/containers/libpod";

View File

@ -29,7 +29,7 @@ let
in runCommand podman.name {
name = "${podman.pname}-wrapper-${podman.version}";
inherit (podman) pname version;
inherit (podman) pname version passthru;
meta = builtins.removeAttrs podman.meta [ "outputsToInstall" ];

View File

@ -0,0 +1,51 @@
{ stdenv, fetchFromGitHub
, libX11 }:
stdenv.mkDerivation rec {
pname = "tinywm";
version = "2014-04-22";
src = fetchFromGitHub {
owner = "mackstann";
repo = pname;
rev = "9d05612f41fdb8bc359f1fd9cc930bf16315abb1";
sha256 = "1s7r4f2d3lk1i8h089v2vyrr02hh0y9i3ihl9kqgk9s87hqw8q5b";
};
buildInputs = [ libX11 ];
dontConfigure = true;
buildPhase = ''
${stdenv.cc}/bin/cc -Wall -pedantic -I${libX11}/include tinywm.c -L${libX11}/lib -lX11 -o tinywm
'';
installPhase = ''
install -dm755 $out/bin $out/share/doc/${pname}-${version}
install -m755 tinywm -t $out/bin/
# The annotated source code is a piece of documentation
install -m644 annotated.c README -t $out/share/doc/${pname}-${version}
'';
meta = with stdenv.lib;{
description = "A tiny window manger for X11";
longDescription = ''
TinyWM is a tiny window manager that I created as an exercise in
minimalism. It is also maybe helpful in learning some of the very basics
of creating a window manager. It is only around 50 lines of C. There is
also a Python version using python-xlib.
It lets you do four basic things:
- Move windows interactively with Alt+Button1 drag (left mouse button)
- Resize windows interactively with Alt+Button3 drag (right mouse button)
- Raise windows with Alt+F1 (not high on usability I know, but I needed a
keybinding in there somewhere)
- Focus windows with the mouse pointer (X does this on its own)
'';
homepage = "http://incise.org/tinywm.html";
maintainers = with maintainers; [ AndersonTorres ];
platforms = libX11.meta.platforms;
};
}

View File

@ -42,9 +42,11 @@ in stdenv.mkDerivation (fBuildAttrs // {
inherit name bazelFlags bazelBuildFlags bazelFetchFlags bazelTarget;
deps = stdenv.mkDerivation (fFetchAttrs // {
name = "${name}-deps";
name = "${name}-deps.tar.gz";
inherit bazelFlags bazelBuildFlags bazelFetchFlags bazelTarget;
impureEnvVars = lib.fetchers.proxyImpureEnvVars;
nativeBuildInputs = fFetchAttrs.nativeBuildInputs or [] ++ [ bazel ];
preHook = fFetchAttrs.preHook or "" + ''
@ -120,9 +122,9 @@ in stdenv.mkDerivation (fBuildAttrs // {
ln -sf "$new_target" "$symlink"
done
cp -r $bazelOut/external $out
echo '${bazel.name}' > $bazelOut/external/.nix-bazel-version
echo '${bazel.name}' > $out/.nix-bazel-version
(cd $bazelOut/ && tar czf $out --sort=name --mtime='@1' --owner=0 --group=0 --numeric-owner external/)
runHook postInstall
'';
@ -130,7 +132,6 @@ in stdenv.mkDerivation (fBuildAttrs // {
dontFixup = true;
allowedRequisites = [];
outputHashMode = "recursive";
outputHashAlgo = "sha256";
outputHash = fetchAttrs.sha256;
});
@ -146,14 +147,15 @@ in stdenv.mkDerivation (fBuildAttrs // {
preConfigure = ''
mkdir -p "$bazelOut"
test "${bazel.name}" = "$(<$deps/.nix-bazel-version)" || {
(cd $bazelOut && tar xfz $deps)
test "${bazel.name}" = "$(<$bazelOut/external/.nix-bazel-version)" || {
echo "fixed output derivation was built for a different bazel version" >&2
echo " got: $(<$deps/.nix-bazel-version)" >&2
echo " got: $(<$bazelOut/external/.nix-bazel-version)" >&2
echo "expected: ${bazel.name}" >&2
exit 1
}
cp -r $deps $bazelOut/external
chmod -R +w $bazelOut
find $bazelOut -type l | while read symlink; do
ln -sf $(readlink "$symlink" | sed "s,NIX_BUILD_TOP,$NIX_BUILD_TOP,") "$symlink"

View File

@ -2,18 +2,18 @@
rustPlatform.buildRustPackage rec {
pname = "gleam";
version = "0.7.1";
version = "0.8.0";
src = fetchFromGitHub {
owner = "gleam-lang";
repo = pname;
rev = "v${version}";
sha256 = "1bcxq7bgn0kf1vdw6id8s3izz6mwf3ivr8iph4miig302qm9lmmr";
sha256 = "05n8a7b63i9946fvbxphfh8n6ib20qnbv44ghlzcjwca9qvlx7i7";
};
buildInputs = stdenv.lib.optionals stdenv.isDarwin [ Security ];
cargoSha256 = "17bvms65frxhw0d196qswh3jjqlriidq3xi3mfjjgfh6n17rh608";
cargoSha256 = "1ga5dinkmibkg53bfr6vc0i4bbgyn2y3d5qjf5bd965c1v7ba1jl";
meta = with stdenv.lib; {
description = "A statically typed language for the Erlang VM";

View File

@ -3,17 +3,17 @@
with stdenv.lib;
stdenv.mkDerivation rec {
pname = "babashka";
version = "0.0.89";
version = "0.0.94";
reflectionJson = fetchurl {
name = "reflection.json";
url = "https://github.com/borkdude/${pname}/releases/download/v${version}/${pname}-${version}-reflection.json";
sha256 = "0bc5rbizd2lg7qfh733yiip8m9zqrwgjf5ca09sdibxp7nhhsjby";
sha256 = "103x5ih48rhhdipar66bp0s0j62fv4r3sszh8fwaivs7dvsvcvsd";
};
src = fetchurl {
url = "https://github.com/borkdude/${pname}/releases/download/v${version}/${pname}-${version}-standalone.jar";
sha256 = "11jhqbm3svvikr9glz8wwps1267y25g3384ijw6avn267s7d7l8c";
sha256 = "0fin80x898qzylzq91q6mp8pgwk0sciwwa9l71mdhahqasa90sri";
};
dontUnpack = true;
@ -79,6 +79,6 @@ stdenv.mkDerivation rec {
homepage = "https://github.com/borkdude/babashka";
license = licenses.epl10;
platforms = graalvm8.meta.platforms;
maintainers = with maintainers; [ bhougland DerGuteMoritz jlesquembre ];
maintainers = with maintainers; [ bandresen bhougland DerGuteMoritz jlesquembre ];
};
}

View File

@ -1,4 +1,6 @@
{ stdenv, fetchFromGitHub, readline, libedit, bc }:
{ stdenv, fetchFromGitHub, readline, libedit, bc
, avxSupport ? false
}:
stdenv.mkDerivation rec {
pname = "j";
@ -19,6 +21,9 @@ stdenv.mkDerivation rec {
if stdenv.isLinux then "linux" else
if stdenv.isDarwin then "darwin" else
"unknown";
variant = if stdenv.isx86_64 && avxSupport then "avx" else "";
j64x="j${bits}${variant}";
doCheck = true;
@ -34,7 +39,7 @@ stdenv.mkDerivation rec {
patchShebangs .
sed -i $JLIB/bin/profile.ijs -e "s@'/usr/share/j/.*'@'$out/share/j'@;"
./build_all.sh
j64x="${j64x}" ./build_all.sh
cp $SOURCE_DIR/bin/${platform}/j${bits}*/* "$JLIB/bin"
'';

View File

@ -8,17 +8,17 @@
rustPlatform.buildRustPackage rec {
pname = "wasmer";
version = "0.16.2";
version = "0.17.0";
src = fetchFromGitHub {
owner = "wasmerio";
repo = pname;
rev = version;
sha256 = "124zq772kz9a7n3qpxgmp4awqj41l8mhhwc0y3r77i1q02i1sy7z";
sha256 = "05g4h0xkqd14wnmijiiwmhk6l909fjxr6a2zplrjfxk5bypdalpm";
fetchSubmodules = true;
};
cargoSha256 = "1qqysvcviimpm2zhzsbn8vhy91rxzaknh9hv75y38xd5ggnnh9m6";
cargoSha256 = "1ssmgx9fjvkq7ycyzjanqmlm5b80akllq6qyv3mj0k5fvs659wcq";
nativeBuildInputs = [ cmake pkg-config ];

View File

@ -0,0 +1,14 @@
diff --git a/Makefile.am b/Makefile.am
index 45f216a..39c3c82 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -3,6 +3,9 @@ ACLOCAL_AMFLAGS = -I m4
include_HEADERS = cudd/cudd.h
if DDDMP
include_HEADERS += dddmp/dddmp.h
+include_HEADERS += util/util.h
+include_HEADERS += config.h
+include_HEADERS += mtr/mtr.h
endif
if OBJ
include_HEADERS += cplusplus/cuddObj.hh

View File

@ -0,0 +1,30 @@
{ stdenv, fetchurl, autoreconfHook }:
stdenv.mkDerivation rec {
pname = "cudd";
version = "3.0.0";
src = fetchurl {
url = "https://davidkebo.com/source/cudd_versions/cudd-3.0.0.tar.gz";
sha256 = "0sgbgv7ljfr0lwwwrb9wsnav7mw7jmr3k8mygwza15icass6dsdq";
};
configureFlags = [
"--enable-dddmp"
"--enable-obj"
];
patches = [
./cudd.patch
];
nativeBuildInputs = [ autoreconfHook ];
meta = with stdenv.lib; {
homepage = "https://davidkebo.com/cudd";
description = "Binary Decision Diagram (BDD) library";
license = licenses.bsd3;
platforms = platforms.all;
maintainers = with maintainers; [ chessai ];
};
}

View File

@ -1,17 +1,21 @@
{stdenv, fetchurl}:
{ stdenv, fetchurl }:
stdenv.mkDerivation rec {
name = "libcello-0.9.2";
pname = "libcello";
version = "2.1.0";
src = fetchurl {
url = "http://libcello.org/static/${name}.tar.gz";
sha256 = "cd82639cb9b133119fd89a77a5a505a55ea5fcc8decfc53bee0725358ec8bad0";
url = "http://libcello.org/static/libCello-${version}.tar.gz";
sha256 = "0a1b2x5ni07vd9ridnl7zv7h2s32070wsphjy94qr066b99gdb29";
};
makeFlags = [ "PREFIX=$(out)" ];
meta = {
homepage = "http://libcello.org/";
description = "Higher level programming in C";
license = stdenv.lib.licenses.bsd3;
maintainers = [ stdenv.lib.maintainers.MostAwesomeDude ];
platforms = stdenv.lib.platforms.unix;
};
}

View File

@ -2,7 +2,7 @@
stdenv.mkDerivation rec {
pname = "librealsense";
version = "2.33.1";
version = "2.34.0";
outputs = [ "out" "dev" ];
@ -10,7 +10,7 @@ stdenv.mkDerivation rec {
owner = "IntelRealSense";
repo = pname;
rev = "v${version}";
sha256 = "04macplj3k2sdpf1wdjm6gsghak5dzfhi2pmr47qldh2sy2zz0a3";
sha256 = "0bi7pszrryz18aqna0z73mb1hzz2vqdb0m00pf93hnwc2hba7hwm";
};
buildInputs = [

View File

@ -1,12 +1,12 @@
{ stdenv, fetchurl, perl }:
stdenv.mkDerivation rec {
version = "0.11.1";
version = "0.12.1";
pname = "liburcu";
src = fetchurl {
url = "https://lttng.org/files/urcu/userspace-rcu-${version}.tar.bz2";
sha256 = "0l1kxgzch4m8fxiz2hc8fwg56hrvzzspp7n0svnl7i7iycdrgfcj";
sha256 = "03nd1gy2c3fdb6xwdrd5lr1jcjxbzffqh3z91mzbjhjn6k8fmymv";
};
checkInputs = [ perl ];

View File

@ -4,7 +4,7 @@
, iproute, iptables, readline, lvm2, utillinux, systemd, libpciaccess, gettext
, libtasn1, ebtables, libgcrypt, yajl, pmutils, libcap_ng, libapparmor
, dnsmasq, libnl, libpcap, libxslt, xhtml1, numad, numactl, perlPackages
, curl, libiconv, gmp, zfs, parted, bridge-utils, dmidecode
, curl, libiconv, gmp, zfs, parted, bridge-utils, dmidecode, dbus
, enableXen ? false, xen ? null
, enableIscsi ? false, openiscsi
, enableCeph ? false, ceph
@ -36,7 +36,7 @@ in stdenv.mkDerivation rec {
nativeBuildInputs = [ makeWrapper pkgconfig docutils ] ++ optionals (!buildFromTarball) [ autoreconfHook ];
buildInputs = [
libxml2 gnutls perl python2 readline gettext libtasn1 libgcrypt yajl
libxslt xhtml1 perlPackages.XMLXPath curl libpcap glib
libxslt xhtml1 perlPackages.XMLXPath curl libpcap glib dbus
] ++ optionals stdenv.isLinux [
libpciaccess lvm2 utillinux systemd libnl numad zfs
libapparmor libcap_ng numactl attr parted
@ -74,6 +74,7 @@ in stdenv.mkDerivation rec {
"--with-test"
"--with-esx"
"--with-remote"
"--with-polkit"
] ++ optionals stdenv.isLinux [
"QEMU_BRIDGE_HELPER=/run/wrappers/bin/qemu-bridge-helper"
"QEMU_PR_HELPER=/run/libvirt/nix-helpers/qemu-pr-helper"

View File

@ -9,7 +9,7 @@
}:
stdenv.mkDerivation rec {
version = "2.023.5";
version = "2.023.6";
pname = "sympow";
src = fetchFromGitLab {
@ -17,7 +17,7 @@ stdenv.mkDerivation rec {
owner = "forks";
repo = "sympow";
rev = "v${version}";
sha256 = "1c5a2pizgqsf3pjkf7rfj20022ym4ixhrddp8ivs2nbzxwz6qvv9";
sha256 = "132l0xv00ld1svvv9wh99wfra4zzjv2885h2sq0dsl98wiyvi5zl";
};
postUnpack = ''

View File

@ -9,13 +9,13 @@
stdenv.mkDerivation rec {
pname = "sentencepiece";
version = "0.1.86";
version = "0.1.90";
src = fetchFromGitHub {
owner = "google";
repo = pname;
rev = "v${version}";
sha256 = "0r4z5n3dx0bg1pm2kgfllyj65s7ljn2ny7i7c5bz618r7h8bax9p";
sha256 = "10y16qkr2ibn8synmyzgwcbkszyfys1v0dx75p3mayh02yif4dx2";
};
nativeBuildInputs = [ cmake ] ++ lib.optional withGPerfTools gperftools;

View File

@ -178,7 +178,6 @@ stdenv.mkDerivation rec {
homepage = "https://webkitgtk.org/";
license = licenses.bsd2;
platforms = platforms.linux;
hydraPlatforms = [];
maintainers = teams.gnome.members;
};
}

View File

@ -0,0 +1,26 @@
{ lib, buildDunePackage, fetchurl, alcotest, asn1-combinators, benchmark
, bigarray-compat, cstruct, eqaf, hex, ppx_deriving_yojson, rresult
, stdlib-shims, yojson, dune-configurator }:
buildDunePackage rec {
pname = "fiat-p256";
version = "0.2.1";
src = fetchurl {
url = "https://github.com/mirage/fiat/releases/download/v${version}/${pname}-v${version}.tbz";
sha256 = "0086h9qkvnqfm8acrxqbki54z619nj73x7f0d01v5vg2naznx7w9";
};
buildInputs = [ dune-configurator ];
propagatedBuildInputs = [ bigarray-compat cstruct eqaf hex ];
checkInputs = [ alcotest asn1-combinators benchmark
ppx_deriving_yojson rresult stdlib-shims yojson ];
doCheck = true;
meta = with lib; {
description = "Primitives for Elliptic Curve Cryptography taken from Fiat";
homepage = "https://github.com/mirage/fiat";
license = licenses.mit;
maintainers = with maintainers; [ sternenseemann ];
};
}

View File

@ -0,0 +1,23 @@
{ lib, buildDunePackage, fetchurl, benchmark, cstruct
, eqaf, hex, ppx_blob, ppx_deriving_yojson, stdlib-shims, yojson }:
buildDunePackage rec {
pname = "hacl_x25519";
version = "0.1.1";
src = fetchurl {
url = "https://github.com/mirage/hacl/releases/download/v${version}/${pname}-v${version}.tbz";
sha256 = "187khbx1myh942c2v5f7wbms2hmhmgn57ik25djhnryln32c0874";
};
propagatedBuildInputs = [ eqaf cstruct ];
checkInputs = [ benchmark hex ppx_blob ppx_deriving_yojson stdlib-shims yojson ];
doCheck = true;
meta = with lib; {
description = "Primitives for Elliptic Curve Cryptography taken from Project Everest";
homepage = "https://github.com/mirage/hacl";
license = licenses.mit;
maintainers = with maintainers; [ sternenseemann ];
};
}

View File

@ -0,0 +1,26 @@
{ lib, buildDunePackage, fetchurl, cstruct, mirage-crypto, alcotest }:
buildDunePackage rec {
pname = "hkdf";
version = "1.0.4";
minimumOCamlVersion = "4.07";
src = fetchurl {
url = "https://github.com/hannesm/ocaml-${pname}/releases/download/v${version}/${pname}-v${version}.tbz";
sha256 = "0nzx6vzbc1hh6vx1ly8df4b16lgps6zjpp9mjycsnnn49bddc9mr";
};
useDune2 = true;
propagatedBuildInputs = [ cstruct mirage-crypto ];
checkInputs = [ alcotest ];
doCheck = true;
meta = with lib; {
description = "HMAC-based Extract-and-Expand Key Derivation Function (RFC 5869)";
homepage = "https://github.com/hannesm/ocaml-hkdf";
license = licenses.mit;
maintainers = with maintainers; [ sternenseemann ];
};
}

View File

@ -1,20 +0,0 @@
{stdenv, buildOcamlJane,
bin_prot, core_kernel, fieldslib, sexplib, typerep, variantslib,
ppx_assert, ppx_bench, ppx_driver, ppx_expect, ppx_inline_test, ppx_jane,
rsync}:
buildOcamlJane {
name = "re2";
hash = "0fw5jscb1i17aw8v4l965zw20kyimhfnmf4w83wqaaxkqy3l6fqw";
buildInputs = [ rsync ];
propagatedBuildInputs =
[ bin_prot core_kernel fieldslib sexplib typerep variantslib
ppx_assert ppx_bench ppx_driver ppx_expect ppx_inline_test ppx_jane ];
meta = with stdenv.lib; {
homepage = "https://github.com/janestreet/re2";
description = "OCaml bindings for RE2";
maintainers = [ maintainers.maurer ];
license = licenses.asl20;
};
}

View File

@ -1,19 +1,20 @@
{ lib, fetchurl, buildDunePackage, opaline, ocaml
, alcotest
, astring, cmdliner, cppo, fmt, logs, ocaml-migrate-parsetree, ocaml-version, ocaml_lwt, pandoc, re }:
buildDunePackage rec {
pname = "mdx";
version = "1.5.0";
version = "1.6.0";
src = fetchurl {
url = "https://github.com/realworldocaml/mdx/releases/download/1.5.0/mdx-1.5.0.tbz";
sha256 = "0g45plf4z7d178gp0bx7842fwbd3m19679yfph3s95da6mrfm3xn";
url = "https://github.com/realworldocaml/mdx/releases/download/${version}/mdx-${version}.tbz";
sha256 = "18m4ay226dwbgnwp3ia6bfcm033dvp9yby0lbddqn8ak374m2k3b";
};
nativeBuildInputs = [ cppo ];
buildInputs = [ cmdliner ];
propagatedBuildInputs = [ astring fmt logs ocaml-migrate-parsetree ocaml-version re ];
checkInputs = lib.optionals doCheck [ ocaml_lwt pandoc ];
checkInputs = [ alcotest ocaml_lwt pandoc ];
doCheck = true;

View File

@ -1,17 +0,0 @@
--- ./lib/Makefile 2014-11-18 08:16:19.000000000 -0800
+++ ./lib/Makefile 2015-05-23 14:48:31.000000000 -0700
@@ -6,12 +6,12 @@
all: libre2_stubs.a dllre2_stubs.so
dllre2_stubs.so libre2_stubs.a: stubs.o $(LIBRE2)
- ocamlmklib -oc re2_stubs stubs.o $(LIBRE2) -lstdc++
+ ocamlmklib -oc re2_stubs stubs.o $(LIBRE2) -lc++
rm libre2_stubs.a # ocamlmklib just includes $(LIBRE2) inside the stubs archive
cp $(LIBRE2) libre2_stubs.a && ar r libre2_stubs.a stubs.o
stubs.o: stubs.cpp stubs.h util.h enum_x_macro.h
- g++ -O2 -DPIC -fPIC -g -pipe -DCAML_NAME_SPACE -Wall -I. -I../../../include \
+ $(CXX) -O2 -DPIC -fPIC -g -pipe -DCAML_NAME_SPACE -Wall -I. -I../../../include \
-I$(RE2_HOME) -I$(ocaml-version-selected-include-path) -c stubs.cpp
#stubs.o: %.o: %.cpp %.h

View File

@ -1,29 +0,0 @@
{stdenv, buildOcaml, fetchurl, core_p4, pa_ounit, pa_test,
bin_prot_p4, comparelib, sexplib_p4, rsync}:
buildOcaml rec {
name = "re2";
version = "112.06.00";
minimumSupportedOcamlVersion = "4.00";
src = fetchurl {
url = "https://github.com/janestreet/re2/archive/${version}.tar.gz";
sha256 = "a538765872363fcb67f12b95c07455a0afd68f5ae9008b59bb85a996d97cc752";
};
patches = if stdenv.isDarwin
then [./Makefile.patch ./myocamlbuild.patch]
else null;
buildInputs = [ pa_ounit pa_test rsync ];
propagatedBuildInputs = [ core_p4 bin_prot_p4 comparelib sexplib_p4 ];
hasSharedObjects = true;
meta = with stdenv.lib; {
homepage = "https://github.com/janestreet/re2";
description = "OCaml bindings for RE2";
license = stdenv.lib.licenses.asl20;
maintainers = [ maintainers.ericbmerritt ];
};
}

View File

@ -1,24 +0,0 @@
--- ./myocamlbuild.ml 2015-05-23 14:35:18.000000000 -0700
+++ ./myocamlbuild.ml 2015-05-23 15:05:24.000000000 -0700
@@ -626,16 +626,18 @@
rule "Generate lib/options.ml"
~prod:"lib/options.ml"
~deps:["lib/options.mlp"; "lib/enum_x_macro.h"]
- (fun _ _ -> Cmd (S[A"gcc"; A"-E"; A"-P"; A"-x"; A"c";
+ (fun _ _ -> Cmd (S[A"cc"; A"-E"; A"-P"; A"-x"; A"c";
P"lib/options.mlp"; A"-o"; P"lib/options.ml"]));
flag ["ocaml"; "link"; "library"; "native"] (S[A"-cclib"; A"-Llib";
A"-cclib"; A"-lre2_stubs";
- A"-cclib"; A"-lstdc++"]);
+ A"-ccopt"; A"--stdlib=libc++";
+ A"-cclib"; A"-lc++"]);
flag ["ocaml"; "link"; "library"; "byte"] (S[A"-dllib"; A"dllre2_stubs.so";
A"-cclib"; A"-Llib";
A"-cclib"; A"-lre2_stubs";
- A"-cclib"; A"-lstdc++"]);
+ A"-ccopt"; A"--stdlib=libc++";
+ A"-cclib"; A"-lc++"]);
| _ ->
()

View File

@ -1,28 +1,30 @@
{ stdenv, fetchurl, buildDunePackage, ppx_sexp_conv, ppx_cstruct, cstruct
{ lib, fetchurl, buildDunePackage, ppx_sexp_conv, ppx_cstruct, cstruct
, cstruct-sexp, sexplib, mirage-crypto, mirage-crypto-pk, mirage-crypto-rng
, x509, domain-name, fmt, cstruct-unix, ounit2, ocaml_lwt, ptime }:
, x509, domain-name, fmt, cstruct-unix, ounit2, ocaml_lwt, ptime
, hacl_x25519, fiat-p256, hkdf, logs, alcotest }:
buildDunePackage rec {
minimumOCamlVersion = "4.07";
version = "0.11.1";
version = "0.12.0";
pname = "tls";
src = fetchurl {
url = "https://github.com/mirleft/ocaml-tls/releases/download/v${version}/tls-v${version}.tbz";
sha256 = "0ms13fbaxgmpbviazlfa4hb7nmi7s22nklc7ns926b0rr1aq1069";
sha256 = "0fy38qmy7rcld1b4qzz4ycl1fr0v1wa7qd24125lpd6hly86fn57";
};
useDune2 = true;
doCheck = true;
buildInputs = [ cstruct-unix ounit2 ];
checkInputs = [ cstruct-unix ounit2 alcotest ];
propagatedBuildInputs = [ ppx_sexp_conv ppx_cstruct cstruct cstruct-sexp
sexplib mirage-crypto mirage-crypto-pk mirage-crypto-rng
x509 domain-name fmt ocaml_lwt ptime ];
x509 domain-name fmt ocaml_lwt ptime hacl_x25519 fiat-p256
hkdf logs ];
meta = with stdenv.lib; {
meta = with lib; {
homepage = "https://github.com/mirleft/ocaml-tls";
description = "TLS in pure OCaml";
license = licenses.bsd2;

View File

@ -6,13 +6,13 @@ else
stdenv.mkDerivation rec {
name = "ocaml${ocaml.version}-wasm-${version}";
version = "1.1";
version = "1.1.1";
src = fetchFromGitHub {
owner = "WebAssembly";
repo = "spec";
rev = "v${version}";
sha256 = "1jsgrjqzsdmm6f5pgd947nikj7pnxx1mqdnz16j7s62rg8x06h7d";
rev = "opam-${version}";
sha256 = "1kp72yv4k176i94np0m09g10cviqp2pnpm7jmiq6ik7fmmbknk7c";
};
buildInputs = [ ocaml findlib ocamlbuild ];

View File

@ -167,6 +167,9 @@ buildPythonPackage rec {
--replace "/bin/bash" "${stdenv.shell}"
'';
# allow for gunicorn processes to have access to python packages
makeWrapperArgs = [ "--prefix PYTHONPATH : $PYTHONPATH" ];
checkPhase = ''
export HOME=$(mktemp -d)
export AIRFLOW_HOME=$HOME

View File

@ -15,12 +15,12 @@
buildPythonPackage rec {
pname = "asdf";
version = "2.5.2";
version = "2.6.0";
disabled = isPy27;
src = fetchPypi {
inherit pname version;
sha256 = "0ai5l62ldaq1cqfmq3hvnzp8gp0hjjmjnck9d3cnx5r8la5ig18y";
sha256 = "1ym9mmxjpnnlinly1rxfqj9rlyl2fv7dxc81f30n1b8n9pwc6jb5";
};
postPatch = ''

View File

@ -12,14 +12,14 @@
}:
buildPythonPackage rec {
version = "1.4.0";
version = "1.5.0";
pname = "azure-core";
disabled = isPy27;
src = fetchPypi {
inherit pname version;
extension = "zip";
sha256 = "0vfcfpb01qsrqh9xg4xyfm153bczwjglkv59zpdvrn7x0rrdc1cc";
sha256 = "181iyigm11y56lf1kwv7pcdyppavpwjb1b6k3qp3jnbqaypad9mg";
};
propagatedBuildInputs = [

View File

@ -12,12 +12,12 @@
buildPythonPackage rec {
pname = "bidict";
version = "0.18.3";
version = "0.19.0";
disabled = !isPy3k;
src = fetchPypi {
inherit pname version;
sha256 = "1742a25a9ef1b1ac4000683406879a3e1a6577faa02f31e482e6c84e2e3bf628";
sha256 = "11wiis62kcw6g3n4gdj39fx1yrlq5vz3zx3kmb6g79mliyhn2x7g";
};
nativeBuildInputs = [ setuptools_scm ];

View File

@ -2,11 +2,11 @@
buildPythonPackage rec {
pname = "dict2xml";
version = "1.6.1";
version = "1.7.0";
src = fetchPypi {
inherit pname version;
sha256 = "17wsybqq0916i1yh7bpf2cmicldn7d0y2b9mzlgs503fkcpxda5w";
sha256 = "0bfn8n8sb3slwx7ra8m8fbfy65k20h2qxcqfq99hwqrrkgcffihl";
};
propagatedBuildInputs = [ six ];

View File

@ -36,7 +36,7 @@ let
bazelTarget = ":install";
fetchAttrs = {
sha256 = "0wb2gh9ji8bgq4s9ci9x017dybxqzjhncpw33b1wjksm2yhbkvlz";
sha256 = "0jlgmwcanfkhkwvh4vxibpi0zyyl6xkjzcz2xqn7raympqscq81a";
};
bazelFlags = [

View File

@ -15,7 +15,7 @@ buildPythonPackage rec {
inherit pname version format;
python = "py3";
platform = "manylinux1_x86_64";
sha256 = "68182f4b704db401b2012c10ed8a19561f8d487063632f8731c2e58960ca9242";
sha256 = "0dxp9a73ncjylc09bjwq81fgj5ysk1yi27l8ka5f98121k1kmn6q";
};
nativeBuildInputs = [ unzip ];
@ -35,14 +35,18 @@ buildPythonPackage rec {
)
];
# prevent exposing a broken dotnet executable
postInstall = ''
rm -r $out/${python.sitePackages}/${pname}/bin
# remove bin, which has a broken dotnetcore installation
installPhase = ''
rm -rf dotnetcore2/bin
mkdir -p $out/${python.sitePackages}/
cp -r dotnetcore2 $out/${python.sitePackages}/
'';
# no tests, ensure it's one useful function works
checkPhase = ''
${python.interpreter} -c 'from dotnetcore2 import runtime; print(runtime.get_runtime_path())'
rm -r dotnetcore2 # avoid importing local directory
export PYTHONPATH=$out/${python.sitePackages}:$PYTHONPATH
${python.interpreter} -c 'from dotnetcore2 import runtime; print(runtime.get_runtime_path()); runtime.ensure_dependencies()'
'';
meta = with lib; {

Some files were not shown because too many files have changed in this diff Show More