Merge commit 'e82bd498d1a2a28fb20249569a6f49fcaab9aca8' into mingw32-w64-fix

This commit is contained in:
John Ericson 2017-12-29 14:28:16 -05:00
commit 5d336d36bb
5617 changed files with 130362 additions and 89871 deletions

79
.github/CODEOWNERS vendored
View File

@ -7,17 +7,76 @@
# For documentation on this file, see https://help.github.com/articles/about-codeowners/
# Mentioned users will get code review requests.
# Python-related code and docs
pkgs/top-level/python-packages.nix @FRidh
pkgs/development/interpreters/python/* @FRidh
pkgs/development/python-modules/* @FRidh
doc/languages-frameworks/python.md @FRidh
# This file
/.github/CODEOWNERS @edolstra
# Boostraping and core infra
pkgs/stdenv/ @Ericson2314
pkgs/build-support/cc-wrapper/ @Ericson2314
/pkgs/stdenv @edolstra
/pkgs/build-support/cc-wrapper @edolstra
# Libraries
/lib @edolstra @nbp
# Nixpkgs Internals
/default.nix @nbp
/pkgs/top-level/default.nix @nbp
/pkgs/top-level/impure.nix @nbp
/pkgs/top-level/stage.nix @nbp
# NixOS Internals
/nixos/default.nix @nbp
/nixos/lib/from-env.nix @nbp
/nixos/lib/eval-config.nix @nbp
/nixos/doc/manual/configuration/abstractions.xml @nbp
/nixos/doc/manual/configuration/config-file.xml @nbp
/nixos/doc/manual/configuration/config-syntax.xml @nbp
/nixos/doc/manual/configuration/modularity.xml @nbp
/nixos/doc/manual/development/assertions.xml @nbp
/nixos/doc/manual/development/meta-attributes.xml @nbp
/nixos/doc/manual/development/option-declarations.xml @nbp
/nixos/doc/manual/development/option-def.xml @nbp
/nixos/doc/manual/development/option-types.xml @nbp
/nixos/doc/manual/development/replace-modules.xml @nbp
/nixos/doc/manual/development/writing-modules.xml @nbp
/nixos/doc/manual/man-nixos-option.xml @nbp
/nixos/modules/installer/tools/nixos-option.sh @nbp
# Python-related code and docs
/pkgs/top-level/python-packages.nix @FRidh
/pkgs/development/interpreters/python @FRidh
/pkgs/development/python-modules @FRidh
/doc/languages-frameworks/python.md @FRidh
# Haskell
/pkgs/development/compilers/ghc @peti
/pkgs/development/haskell-modules @peti
/pkgs/development/haskell-modules/default.nix @peti
/pkgs/development/haskell-modules/generic-builder.nix @peti
/pkgs/development/haskell-modules/hoogle.nix @peti
# R
/pkgs/applications/science/math/R @peti
/pkgs/development/r-modules @peti
# Ruby
/pkgs/development/interpreters/ruby @zimbatm
/pkgs/development/ruby-modules @zimbatm
# Darwin-related
pkgs/stdenv/darwin/* @copumpkin @LnL7
pkgs/os-specific/darwin/* @LnL7
pkgs/os-specific/darwin/apple-source-releases/* @copumpkin
/pkgs/stdenv/darwin @NixOS/darwin-maintainers
/pkgs/os-specific/darwin @NixOS/darwin-maintainers
# Beam-related (Erlang, Elixir, LFE, etc)
/pkgs/development/beam-modules @gleber
/pkgs/development/interpreters/erlang @gleber
/pkgs/development/interpreters/lfe @gleber
/pkgs/development/interpreters/elixir @gleber
/pkgs/development/tools/build-managers/rebar @gleber
/pkgs/development/tools/build-managers/rebar3 @gleber
/pkgs/development/tools/erlang @gleber
# Jetbrains
/pkgs/applications/editors/jetbrains @edwtjo
# Eclipse
/pkgs/applications/editors/eclipse @rycee

View File

@ -23,7 +23,7 @@ under the terms of [COPYING](../COPYING), which is an MIT-like license.
Examples:
* nginx: init at 2.0.1
* firefox: 3.0 -> 3.1.1
* firefox: 54.0.1 -> 55.0
* nixos/hydra: add bazBaz option
Dual baz behavior is needed to do foo.
@ -32,11 +32,14 @@ under the terms of [COPYING](../COPYING), which is an MIT-like license.
The old config generation system used impure shell scripts and could break in specific circumstances (see #1234).
* `meta.description` should:
* Be capitalized
* Not start with the package name
* Not have a dot at the end
* Be capitalized.
* Not start with the package name.
* Not have a period at the end.
* `meta.license` must be set and fit the upstream license.
* If there is no upstream license, `meta.license` should default to `stdenv.lib.licenses.unfree`.
* `meta.maintainers` must be set.
See the nixpkgs manual for more details on how to [Submit changes to nixpkgs](https://nixos.org/nixpkgs/manual/#chap-submitting-changes).
See the nixpkgs manual for more details on [standard meta-attributes](https://nixos.org/nixpkgs/manual/#sec-standard-meta-attributes) and on how to [submit changes to nixpkgs](https://nixos.org/nixpkgs/manual/#chap-submitting-changes).
## Writing good commit messages

View File

@ -5,14 +5,11 @@
<!-- Please check what applies. Note that these are not hard requirements but merely serve as information for reviewers. -->
- [ ] Tested using sandboxing
([nix.useSandbox](http://nixos.org/nixos/manual/options.html#opt-nix.useSandbox) on NixOS,
or option `build-use-sandbox` in [`nix.conf`](http://nixos.org/nix/manual/#sec-conf-file)
on non-NixOS)
- [ ] Tested using sandboxing ([nix.useSandbox](http://nixos.org/nixos/manual/options.html#opt-nix.useSandbox) on NixOS, or option `build-use-sandbox` in [`nix.conf`](http://nixos.org/nix/manual/#sec-conf-file) on non-NixOS)
- Built on platform(s)
- [ ] NixOS
- [ ] macOS
- [ ] Linux
- [ ] other Linux distributions
- [ ] Tested via one or more NixOS test(s) if existing and applicable for the change (look inside [nixos/tests](https://github.com/NixOS/nixpkgs/blob/master/nixos/tests))
- [ ] Tested compilation of all pkgs that depend on this change using `nix-shell -p nox --run "nox-review wip"`
- [ ] Tested execution of all binary files (usually in `./result/bin/`)

View File

@ -1 +1 @@
17.09
18.03

View File

@ -23,9 +23,7 @@ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Note: the license above does not apply to the packages built by the
Nix Packages collection, merely to the package descriptions (i.e., Nix
expressions, build scripts, etc.). Also, the license does not apply
to some of the binaries used for bootstrapping Nixpkgs (e.g.,
pkgs/stdenv/linux/tools/bash). It also might not apply to patches
expressions, build scripts, etc.). It also might not apply to patches
included in Nixpkgs, which may be derivative works of the packages to
which they apply. The aforementioned artifacts are all covered by the
licenses of the respective packages.

View File

@ -13,12 +13,12 @@ build daemon as so-called channels. To get channel information via git, add
```
For stability and maximum binary package support, it is recommended to maintain
custom changes on top of one of the channels, e.g. `nixos-17.03` for the latest
custom changes on top of one of the channels, e.g. `nixos-17.09` for the latest
release and `nixos-unstable` for the latest successful build of master:
```
% git remote update channels
% git rebase channels/nixos-17.03
% git rebase channels/nixos-17.09
```
For pull-requests, please rebase onto nixpkgs `master`.
@ -30,11 +30,11 @@ For pull-requests, please rebase onto nixpkgs `master`.
* [Documentation (Nix Expression Language chapter)](https://nixos.org/nix/manual/#ch-expression-language)
* [Manual (How to write packages for Nix)](https://nixos.org/nixpkgs/manual/)
* [Manual (NixOS)](https://nixos.org/nixos/manual/)
* [Nix Wiki](https://nixos.org/wiki/) (deprecated, see milestone ["Move the Wiki!"](https://github.com/NixOS/nixpkgs/issues?q=is%3Aopen+is%3Aissue+milestone%3A%22Move+the+wiki%21%22))
* [Community maintained wiki](https://nixos.wiki/)
* [Continuous package builds for unstable/master](https://hydra.nixos.org/jobset/nixos/trunk-combined)
* [Continuous package builds for 17.03 release](https://hydra.nixos.org/jobset/nixos/release-17.03)
* [Continuous package builds for 17.09 release](https://hydra.nixos.org/jobset/nixos/release-17.09)
* [Tests for unstable/master](https://hydra.nixos.org/job/nixos/trunk-combined/tested#tabs-constituents)
* [Tests for 17.03 release](https://hydra.nixos.org/job/nixos/release-17.03/tested#tabs-constituents)
* [Tests for 17.09 release](https://hydra.nixos.org/job/nixos/release-17.09/tested#tabs-constituents)
Communication:

View File

@ -365,7 +365,7 @@ splitting up an existing category.</para>
<varlistentry>
<term>If its a (set of) <emphasis>tool(s)</emphasis>:</term>
<listitem>
<para>(A tool is a relatively small program, especially one intented
<para>(A tool is a relatively small program, especially one intended
to be used non-interactively.)</para>
<variablelist>
<varlistentry>
@ -456,7 +456,7 @@ splitting up an existing category.</para>
<varlistentry>
<term>If its a <emphasis>window manager</emphasis>:</term>
<listitem>
<para><filename>applications/window-managers</filename> (e.g. <filename>awesome</filename>, <filename>compiz</filename>, <filename>stumpwm</filename>)</para>
<para><filename>applications/window-managers</filename> (e.g. <filename>awesome</filename>, <filename>stumpwm</filename>)</para>
</listitem>
</varlistentry>
<varlistentry>
@ -608,7 +608,7 @@ evaluate correctly.</para>
</section>
<section xml:id="sec-sources"><title>Fetching Sources</title>
<para>There are multiple ways to fetch a package source in nixpkgs. The
general guidline is that you should package sources with a high degree of
general guideline is that you should package sources with a high degree of
availability. Right now there is only one fetcher which has mirroring
support and that is <literal>fetchurl</literal>. Note that you should also
prefer protocols which have a corresponding proxy environment variable.

View File

@ -55,6 +55,10 @@ configuration file located at
</programlisting>
</para>
<para>Note that we are not able to test or build unfree software on Hydra
due to policy. Most unfree licenses prohibit us from either executing or
distributing the software.</para>
<section xml:id="sec-allow-broken">
<title>Installing broken packages</title>

View File

@ -184,7 +184,7 @@
For now, feel free to use either method.
</para>
<note><para>
There is also a "backlink" <varname>__targetPackages</varname>, yielding a package set whose <varname>buildPackages</varname> is the current package set.
There is also a "backlink" <varname>targetPackages</varname>, yielding a package set whose <varname>buildPackages</varname> is the current package set.
This is a hack, though, to accommodate compilers with lousy build systems.
Please do not use this unless you are absolutely sure you are packaging such a compiler and there is no other way.
</para></note>

View File

@ -48,6 +48,4 @@ The binaries are made available via a [binary cache](https://cache.nixos.org).
The current Nix expressions of the channels are available in the
[`nixpkgs-channels`](https://github.com/NixOS/nixpkgs-channels) repository,
which has branches corresponding to the available channels. There is also the
[Nixpkgs Monitor](http://monitor.nixos.org) which keeps track of updates
and security vulnerabilities.
which has branches corresponding to the available channels.

View File

@ -867,6 +867,67 @@ use the following to get the `scientific` package build with `integer-simple`:
nix-build -A haskell.packages.integer-simple.ghc802.scientific
```
### Quality assurance
The `haskell.lib` library includes a number of functions for checking for
various imperfections in Haskell packages. It's useful to apply these functions
to your own Haskell packages and integrate that in a Continuous Integration
server like [hydra](https://nixos.org/hydra/) to assure your packages maintain a
minimum level of quality. This section discusses some of these functions.
#### failOnAllWarnings
Applying `haskell.lib.failOnAllWarnings` to a Haskell package enables the
`-Wall` and `-Werror` GHC options to turn all warnings into build failures.
#### buildStrictly
Applying `haskell.lib.buildStrictly` to a Haskell package calls
`failOnAllWarnings` on the given package to turn all warnings into build
failures. Additionally the source of your package is gotten from first invoking
`cabal sdist` to ensure all needed files are listed in the Cabal file.
#### checkUnusedPackages
Applying `haskell.lib.checkUnusedPackages` to a Haskell package invokes
the [packunused](http://hackage.haskell.org/package/packunused) tool on the
package. `packunused` complains when it finds packages listed as build-depends
in the Cabal file which are redundant. For example:
```
$ nix-build -E 'let pkgs = import <nixpkgs> {}; in pkgs.haskell.lib.checkUnusedPackages {} pkgs.haskellPackages.scientific'
these derivations will be built:
/nix/store/3lc51cxj2j57y3zfpq5i69qbzjpvyci1-scientific-0.3.5.1.drv
...
detected package components
~~~~~~~~~~~~~~~~~~~~~~~~~~~
- library
- testsuite(s): test-scientific
- benchmark(s): bench-scientific*
(component names suffixed with '*' are not configured to be built)
library
~~~~~~~
The following package dependencies seem redundant:
- ghc-prim-0.5.0.0
testsuite(test-scientific)
~~~~~~~~~~~~~~~~~~~~~~~~~~
no redundant packages dependencies found
builder for /nix/store/3lc51cxj2j57y3zfpq5i69qbzjpvyci1-scientific-0.3.5.1.drv failed with exit code 1
error: build of /nix/store/3lc51cxj2j57y3zfpq5i69qbzjpvyci1-scientific-0.3.5.1.drv failed
```
As you can see, `packunused` finds out that although the testsuite component has
no redundant dependencies the library component of `scientific-0.3.5.1` depends
on `ghc-prim` which is unused in the library.
## Other resources
- The Youtube video [Nix Loves Haskell](https://www.youtube.com/watch?v=BsBhi_r-OeE)

View File

@ -2,115 +2,204 @@
## User Guide
Several versions of Python are available on Nix as well as a high amount of
packages. The default interpreter is CPython 2.7.
### Using Python
#### Overview
Several versions of the Python interpreter are available on Nix, as well as a
high amount of packages. The attribute `python` refers to the default
interpreter, which is currently CPython 2.7. It is also possible to refer to
specific versions, e.g. `python35` refers to CPython 3.5, and `pypy` refers to
the default PyPy interpreter.
Python is used a lot, and in different ways. This affects also how it is
packaged. In the case of Python on Nix, an important distinction is made between
whether the package is considered primarily an application, or whether it should
be used as a library, i.e., of primary interest are the modules in
`site-packages` that should be importable.
In the Nixpkgs tree Python applications can be found throughout, depending on
what they do, and are called from the main package set. Python libraries,
however, are in separate sets, with one set per interpreter version.
The interpreters have several common attributes. One of these attributes is
`pkgs`, which is a package set of Python libraries for this specific
interpreter. E.g., the `toolz` package corresponding to the default interpreter
is `python.pkgs.toolz`, and the CPython 3.5 version is `python35.pkgs.toolz`.
The main package set contains aliases to these package sets, e.g.
`pythonPackages` refers to `python.pkgs` and `python35Packages` to
`python35.pkgs`.
#### Installing Python and packages
It is important to make a distinction between Python packages that are
used as libraries, and applications that are written in Python.
The Nix and NixOS manuals explain how packages are generally installed. In the
case of Python and Nix, it is important to make a distinction between whether the
package is considered an application or a library.
Applications on Nix are installed typically into your user
Applications on Nix are typically installed into your user
profile imperatively using `nix-env -i`, and on NixOS declaratively by adding the
package name to `environment.systemPackages` in `/etc/nixos/configuration.nix`.
Dependencies such as libraries are automatically installed and should not be
installed explicitly.
The same goes for Python applications and libraries. Python applications can be
installed in your profile, but Python libraries you would like to use to develop
cannot. If you do install libraries in your profile, then you will end up with
import errors.
installed in your profile. But Python libraries you would like to use for
development cannot be installed, at least not individually, because they won't
be able to find each other resulting in import errors. Instead, it is possible
to create an environment with `python.buildEnv` or `python.withPackages` where
the interpreter and other executables are able to find each other and all of the
modules.
#### Python environments using `nix-shell`
In the following examples we create an environment with Python 3.5, `numpy` and
`toolz`. As you may imagine, there is one limitation here, and that's that
you can install only one environment at a time. You will notice the complaints
about collisions when you try to install a second environment.
The recommended method for creating Python environments for development is with
`nix-shell`. Executing
##### Environment defined in separate `.nix` file
```sh
$ nix-shell -p python35Packages.numpy python35Packages.toolz
Create a file, e.g. `build.nix`, with the following expression
```nix
with import <nixpkgs> {};
python35.withPackages (ps: with ps; [ numpy toolz ])
```
and install it in your profile with
```shell
nix-env -if build.nix
```
Now you can use the Python interpreter, as well as the extra packages (`numpy`,
`toolz`) that you added to the environment.
##### Environment defined in `~/.config/nixpkgs/config.nix`
If you prefer to, you could also add the environment as a package override to the Nixpkgs set, e.g.
using `config.nix`,
```nix
{ # ...
packageOverrides = pkgs: with pkgs; {
myEnv = python35.withPackages (ps: with ps; [ numpy toolz ]);
};
}
```
and install it in your profile with
```shell
nix-env -iA nixpkgs.myEnv
```
The environment is is installed by referring to the attribute, and considering
the `nixpkgs` channel was used.
##### Environment defined in `/etc/nixos/configuration.nix`
For the sake of completeness, here's another example how to install the environment system-wide.
```nix
{ # ...
environment.systemPackages = with pkgs; [
(python35.withPackages(ps: with ps; [ numpy toolz ]))
];
}
```
opens a Nix shell which has available the requested packages and dependencies.
Now you can launch the Python interpreter (which is itself a dependency)
#### Temporary Python environment with `nix-shell`
The examples in the previous section showed how to install a Python environment
into a profile. For development you may need to use multiple environments.
`nix-shell` gives the possibility to temporarily load another environment, akin
to `virtualenv`.
There are two methods for loading a shell with Python packages. The first and recommended method
is to create an environment with `python.buildEnv` or `python.withPackages` and load that. E.g.
```sh
$ nix-shell -p 'python35.withPackages(ps: with ps; [ numpy toolz ])'
```
opens a shell from which you can launch the interpreter
```sh
[nix-shell:~] python3
```
The other method, which is not recommended, does not create an environment and requires you to list the packages directly,
If the packages were not available yet in the Nix store, Nix would download or
build them automatically. A convenient option with `nix-shell` is the `--run`
option, with which you can execute a command in the `nix-shell`. Let's say we
want the above environment and directly run the Python interpreter
```sh
$ nix-shell -p python35.pkgs.numpy python35.pkgs.toolz
```
Again, it is possible to launch the interpreter from the shell.
The Python interpreter has the attribute `pkgs` which contains all Python libraries for that specific interpreter.
##### Load environment from `.nix` expression
As explained in the Nix manual, `nix-shell` can also load an
expression from a `.nix` file. Say we want to have Python 3.5, `numpy`
and `toolz`, like before, in an environment. Consider a `shell.nix` file
with
```nix
with import <nixpkgs> {};
python35.withPackages (ps: [ps.numpy ps.toolz])
```
Executing `nix-shell` gives you again a Nix shell from which you can run Python.
What's happening here?
1. We begin with importing the Nix Packages collections. `import <nixpkgs>` imports the `<nixpkgs>` function, `{}` calls it and the `with` statement brings all attributes of `nixpkgs` in the local scope. These attributes form the main package set.
2. Then we create a Python 3.5 environment with the `withPackages` function.
3. The `withPackages` function expects us to provide a function as an argument that takes the set of all python packages and returns a list of packages to include in the environment. Here, we select the packages `numpy` and `toolz` from the package set.
##### Execute command with `--run`
A convenient option with `nix-shell` is the `--run`
option, with which you can execute a command in the `nix-shell`. We can
e.g. directly open a Python shell
```sh
$ nix-shell -p python35Packages.numpy python35Packages.toolz --run "python3"
```
This way you can use the `--run` option also to directly run a script
or run a script
```sh
$ nix-shell -p python35Packages.numpy python35Packages.toolz --run "python3 myscript.py"
```
In fact, for this specific use case there is a more convenient method. You can
##### `nix-shell` as shebang
In fact, for the second use case, there is a more convenient method. You can
add a [shebang](https://en.wikipedia.org/wiki/Shebang_(Unix)) to your script
specifying which dependencies Nix shell needs. With the following shebang, you
can use `nix-shell myscript.py` and it will make available all dependencies and
specifying which dependencies `nix-shell` needs. With the following shebang, you
can just execute `./myscript.py`, and it will make available all dependencies and
run the script in the `python3` shell.
```py
#! /usr/bin/env nix-shell
#! nix-shell -i python3 -p python3Packages.numpy
#! nix-shell -i python3 -p "python3.withPackages(ps: [ps.numpy])"
import numpy
print(numpy.__version__)
```
Likely you do not want to type your dependencies each and every time. What you
can do is write a simple Nix expression which sets up an environment for you,
requiring you only to type `nix-shell`. Say we want to have Python 3.5, `numpy`
and `toolz`, like before, in an environment. With a `shell.nix` file
containing
```nix
with import <nixpkgs> {};
(pkgs.python35.withPackages (ps: [ps.numpy ps.toolz])).env
```
executing `nix-shell` gives you again a Nix shell from which you can run Python.
What's happening here?
1. We begin with importing the Nix Packages collections. `import <nixpkgs>` import the `<nixpkgs>` function, `{}` calls it and the `with` statement brings all attributes of `nixpkgs` in the local scope. Therefore we can now use `pkgs`.
2. Then we create a Python 3.5 environment with the `withPackages` function.
3. The `withPackages` function expects us to provide a function as an argument that takes the set of all python packages and returns a list of packages to include in the environment. Here, we select the packages `numpy` and `toolz` from the package set.
4. And finally, for in interactive use we return the environment by using the `env` attribute.
### Developing with Python
Now that you know how to get a working Python environment with Nix, it is time
to go forward and start actually developing with Python. We will first have a
look at how Python packages are packaged on Nix. Then, we will look at how you
can use development mode with your code.
Now that you know how to get a working Python environment on Nix, it is time to go forward and start actually developing with Python.
We will first have a look at how Python packages are packaged on Nix. Then, we will look how you can use development mode with your code.
#### Packaging a library
#### Python packaging on Nix
On Nix all packages are built by functions. The main function in Nix for building Python packages is [`buildPythonPackage`](https://github.com/NixOS/nixpkgs/blob/master/pkgs/development/interpreters/python/build-python-package.nix).
Let's see how we would build the `toolz` package. According to [`python-packages.nix`](https://raw.githubusercontent.com/NixOS/nixpkgs/master/pkgs/top-level/python-packages.nix) `toolz` is build using
With Nix all packages are built by functions. The main function in Nix for
building Python libraries is `buildPythonPackage`. Let's see how we can build the
`toolz` package.
```nix
{ # ...
toolz = buildPythonPackage rec {
name = "toolz-${version}";
pname = "toolz";
version = "0.7.4";
name = "${pname}-${version}";
src = pkgs.fetchurl {
url = "mirror://pypi/t/toolz/toolz-${version}.tar.gz";
src = fetchPypi {
inherit pname version;
sha256 = "43c2c9e5e7a16b6c88ba3088a9bfc82f7db8e13378be7c78d6c14a5f8ed05afd";
};
doCheck = false;
meta = {
homepage = "http://github.com/pytoolz/toolz/";
description = "List processing tools and functional utilities";
@ -122,63 +211,37 @@ Let's see how we would build the `toolz` package. According to [`python-packages
```
What happens here? The function `buildPythonPackage` is called and as argument
it accepts a set. In this case the set is a recursive set ([`rec`](http://nixos.org/nix/manual/#sec-constructs)).
One of the arguments is the name of the package, which consists of a basename
(generally following the name on PyPi) and a version. Another argument, `src`
specifies the source, which in this case is fetched from an url. `fetchurl` not
only downloads the target file, but also validates its hash. Furthermore, we
specify some (optional) [meta information](http://nixos.org/nixpkgs/manual/#chap-meta).
The output of the function is a derivation, which is an attribute with the name
`toolz` of the set `pythonPackages`. Actually, sets are created for all interpreter versions,
so e.g. `python27Packages`, `python35Packages` and `pypyPackages`.
it accepts a set. In this case the set is a recursive set, `rec`. One of the
arguments is the name of the package, which consists of a basename (generally
following the name on PyPi) and a version. Another argument, `src` specifies the
source, which in this case is fetched from PyPI using the helper function
`fetchPypi`. The argument `doCheck` is used to set whether tests should be run
when building the package. Furthermore, we specify some (optional) meta
information. The output of the function is a derivation.
An expression for `toolz` can be found in the Nixpkgs repository. As explained
in the introduction of this Python section, a derivation of `toolz` is available
for each interpreter version, e.g. `python35.pkgs.toolz` refers to the `toolz`
derivation corresponding to the CPython 3.5 interpreter.
The above example works when you're directly working on
`pkgs/top-level/python-packages.nix` in the Nixpkgs repository. Often though,
you will want to test a Nix expression outside of the Nixpkgs tree. If you
create a `shell.nix` file with the following contents
you will want to test a Nix expression outside of the Nixpkgs tree.
```nix
with import <nixpkgs> {};
pkgs.python35Packages.buildPythonPackage rec {
name = "toolz-${version}";
version = "0.8.0";
src = pkgs.fetchurl {
url = "mirror://pypi/t/toolz/toolz-${version}.tar.gz";
sha256 = "e8451af61face57b7c5d09e71c0d27b8005f001ead56e9fdf470417e5cc6d479";
};
doCheck = false;
meta = {
homepage = "http://github.com/pytoolz/toolz/";
description = "List processing tools and functional utilities";
license = licenses.bsd3;
maintainers = with maintainers; [ fridh ];
};
}
```
and then execute `nix-shell` will result in an environment in which you can use
Python 3.5 and the `toolz` package. As you can see we had to explicitly mention
for which Python version we want to build a package.
The above example considered only a single package. Generally you will want to use multiple packages.
If we create a `shell.nix` file with the following contents
The following expression creates a derivation for the `toolz` package,
and adds it along with a `numpy` package to a Python environment.
```nix
with import <nixpkgs> {};
( let
toolz = pkgs.python35Packages.buildPythonPackage rec {
name = "toolz-${version}";
version = "0.8.0";
my_toolz = python35.pkgs.buildPythonPackage rec {
pname = "toolz";
version = "0.7.4";
name = "${pname}-${version}";
src = pkgs.fetchurl {
url = "mirror://pypi/t/toolz/toolz-${version}.tar.gz";
sha256 = "e8451af61face57b7c5d09e71c0d27b8005f001ead56e9fdf470417e5cc6d479";
src = python35.pkgs.fetchPypi {
inherit pname version;
sha256 = "43c2c9e5e7a16b6c88ba3088a9bfc82f7db8e13378be7c78d6c14a5f8ed05afd";
};
doCheck = false;
@ -189,24 +252,24 @@ with import <nixpkgs> {};
};
};
in pkgs.python35.withPackages (ps: [ps.numpy toolz])
in python35.withPackages (ps: [ps.numpy my_toolz])
).env
```
Executing `nix-shell` will result in an environment in which you can use
Python 3.5 and the `toolz` package. As you can see we had to explicitly mention
for which Python version we want to build a package.
and again execute `nix-shell`, then we get a Python 3.5 environment with our
locally defined package as well as `numpy` which is build according to the
definition in Nixpkgs. What did we do here? Well, we took the Nix expression
that we used earlier to build a Python environment, and said that we wanted to
include our own version of `toolz`. To introduce our own package in the scope of
`withPackages` we used a
[`let`](http://nixos.org/nix/manual/#sec-constructs) expression.
You can see that we used `ps.numpy` to select numpy from the nixpkgs package set (`ps`).
But we do not take `toolz` from the nixpkgs package set this time.
Instead, `toolz` will resolve to our local definition that we introduced with `let`.
So, what did we do here? Well, we took the Nix expression that we used earlier
to build a Python environment, and said that we wanted to include our own
version of `toolz`, named `my_toolz`. To introduce our own package in the scope
of `withPackages` we used a `let` expression. You can see that we used
`ps.numpy` to select numpy from the nixpkgs package set (`ps`). We did not take
`toolz` from the Nixpkgs package set this time, but instead took our own version
that we introduced with the `let` expression.
### Handling dependencies
#### Handling dependencies
Our example, `toolz`, doesn't have any dependencies on other Python
Our example, `toolz`, does not have any dependencies on other Python
packages or system libraries. According to the manual, `buildPythonPackage`
uses the arguments `buildInputs` and `propagatedBuildInputs` to specify dependencies. If something is
exclusively a build-time dependency, then the dependency should be included as a
@ -527,7 +590,7 @@ By default tests are run because `doCheck = true`. Test dependencies, like
e.g. the test runner, should be added to `buildInputs`.
By default `meta.platforms` is set to the same value
as the interpreter unless overriden otherwise.
as the interpreter unless overridden otherwise.
##### `buildPythonPackage` parameters
@ -711,65 +774,36 @@ The `buildPythonPackage` function sets `DETERMINISTIC_BUILD=1` and
Both are also exported in `nix-shell`.
### Automatic tests
It is recommended to test packages as part of the build process.
Source distributions (`sdist`) often include test files, but not always.
By default the command `python setup.py test` is run as part of the
`checkPhase`, but often it is necessary to pass a custom `checkPhase`. An
example of such a situation is when `py.test` is used.
#### Common issues
- Non-working tests can often be deselected. By default `buildPythonPackage` runs `python setup.py test`.
Most python modules follows the standard test protocol where the pytest runner can be used instead.
`py.test` supports a `-k` parameter to ignore test methods or classes:
```nix
buildPythonPackage {
# ...
# assumes the tests are located in tests
checkInputs = [ pytest ];
checkPhase = ''
py.test -k 'not function_name and not other_function' tests
'';
}
```
- Unicode issues can typically be fixed by including `glibcLocales` in `buildInputs` and exporting `LC_ALL=en_US.utf-8`.
- Tests that attempt to access `$HOME` can be fixed by using the following work-around before running tests (e.g. `preCheck`): `export HOME=$(mktemp -d)`
## FAQ
### How can I install a working Python environment?
As explained in the user's guide installing individual Python packages
imperatively with `nix-env -i` or declaratively in `environment.systemPackages`
is not supported. However, it is possible to install a Python environment with packages (`python.buildEnv`).
In the following examples we create an environment with Python 3.5, `numpy` and `ipython`.
As you might imagine there is one limitation here, and that's you can install
only one environment at a time. You will notice the complaints about collisions
when you try to install a second environment.
#### Environment defined in separate `.nix` file
Create a file, e.g. `build.nix`, with the following expression
```nix
with import <nixpkgs> {};
pkgs.python35.withPackages (ps: with ps; [ numpy ipython ])
```
and install it in your profile with
```shell
nix-env -if build.nix
```
Now you can use the Python interpreter, as well as the extra packages that you added to the environment.
#### Environment defined in `~/.config/nixpkgs/config.nix`
If you prefer to, you could also add the environment as a package override to the Nixpkgs set.
```nix
{ # ...
packageOverrides = pkgs: with pkgs; {
myEnv = python35.withPackages (ps: with ps; [ numpy ipython ]);
};
}
```
and install it in your profile with
```shell
nix-env -iA nixpkgs.myEnv
```
We're installing using the attribute path and assume the channels is named `nixpkgs`.
Note that I'm using the attribute path here.
#### Environment defined in `/etc/nixos/configuration.nix`
For the sake of completeness, here's another example how to install the environment system-wide.
```nix
{ # ...
environment.systemPackages = with pkgs; [
(python35.withPackages(ps: with ps; [ numpy ipython ]))
];
}
```
### How to solve circular dependencies?
Consider the packages `A` and `B` that depend on each other. When packaging `B`,
@ -979,8 +1013,9 @@ rec {
Following rules are desired to be respected:
* Python libraries are supposed to be called from `python-packages.nix` and packaged with `buildPythonPackage`. The expression of a library should be in `pkgs/development/python-modules/<name>/default.nix`. Libraries in `pkgs/top-level/python-packages.nix` are sorted quasi-alphabetically to avoid merge conflicts.
* Python libraries are called from `python-packages.nix` and packaged with `buildPythonPackage`. The expression of a library should be in `pkgs/development/python-modules/<name>/default.nix`. Libraries in `pkgs/top-level/python-packages.nix` are sorted quasi-alphabetically to avoid merge conflicts.
* Python applications live outside of `python-packages.nix` and are packaged with `buildPythonApplication`.
* Make sure libraries build for all Python interpreters.
* By default we enable tests. Make sure the tests are found and, in the case of libraries, are passing for all interpreters. If certain tests fail they can be disabled individually. Try to avoid disabling the tests altogether. In any case, when you disable tests, leave a comment explaining why.
* Commit names of Python libraries should include `pythonPackages`, for example `pythonPackages.numpy: 1.11 -> 1.12`.
* Commit names of Python libraries should reflect that they are Python libraries, so write for example `pythonPackages.numpy: 1.11 -> 1.12`.

View File

@ -9,16 +9,15 @@ date: 2017-03-05
To install the rust compiler and cargo put
```
rustStable.rustc
rustStable.cargo
rust
```
into the `environment.systemPackages` or bring them into scope with
`nix-shell -p rustStable.rustc -p rustStable.cargo`.
into the `environment.systemPackages` or bring them into
scope with `nix-shell -p rust`.
There are also `rustBeta` and `rustNightly` package sets available.
These are not updated very regulary. For daily builds use either rustup from
nixpkgs or use the [Rust nightlies overlay](#using-the-rust-nightlies-overlay).
For daily builds (beta and nightly) use either rustup from
nixpkgs or use the [Rust nightlies
overlay](#using-the-rust-nightlies-overlay).
## Packaging Rust applications
@ -38,7 +37,7 @@ buildRustPackage rec {
sha256 = "0y5d1n6hkw85jb3rblcxqas2fp82h3nghssa4xqrhqnz25l799pj";
};
depsSha256 = "0q68qyl2h6i0qsz82z840myxlnjay8p1w5z7hfyr8fqp7wgwa9cx";
cargoSha256 = "0q68qyl2h6i0qsz82z840myxlnjay8p1w5z7hfyr8fqp7wgwa9cx";
meta = with stdenv.lib; {
description = "A utility that combines the usability of The Silver Searcher with the raw speed of grep";
@ -50,7 +49,7 @@ buildRustPackage rec {
}
```
`buildRustPackage` requires a `depsSha256` attribute which is computed over
`buildRustPackage` requires a `cargoSha256` attribute which is computed over
all crate sources of this package. Currently it is obtained by inserting a
fake checksum into the expression and building the package once. The correct
checksum can be then take from the failed build.
@ -76,11 +75,11 @@ in the `~/.config/nixpkgs/overlays` directory.
The latest version can be installed with the following command:
$ nix-env -Ai nixos.rustChannels.stable.rust
$ nix-env -Ai nixos.latest.rustChannels.stable.rust
Or using the attribute with nix-shell:
$ nix-shell -p nixos.rustChannels.stable.rust
$ nix-shell -p nixos.latest.rustChannels.stable.rust
To install the beta or nightly channel, "stable" should be substituted by
"nightly" or "beta", or

View File

@ -18,6 +18,7 @@
<xi:include href="functions.xml" />
<xi:include href="meta.xml" />
<xi:include href="languages-frameworks/index.xml" />
<xi:include href="platform-notes.xml" />
<xi:include href="package-notes.xml" />
<xi:include href="overlays.xml" />
<xi:include href="coding-conventions.xml" />

View File

@ -200,11 +200,9 @@ meta-attributes</title>
meta.platforms = stdenv.lib.platforms.linux;
</programlisting>
Attribute Set <varname>stdenv.lib.platforms</varname> in
<link xlink:href="https://github.com/NixOS/nixpkgs/blob/master/lib/platforms.nix">
<filename>nixpkgs/lib/platforms.nix</filename></link> defines various common
lists of platforms types.
</para></listitem>
Attribute Set <varname>stdenv.lib.platforms</varname> defines
<link xlink:href="https://github.com/NixOS/nixpkgs/blob/master/lib/systems/doubles.nix">
various common lists</link> of platforms types.</para></listitem>
</varlistentry>
<varlistentry>

View File

@ -476,25 +476,19 @@ it. Place the resulting <filename>package.nix</filename> file into
</varlistentry>
<varlistentry>
<term>Using the FOSS Radeon drivers</term>
<listitem><itemizedlist><listitem><para>
The open source radeon drivers need a newer libc++ than is provided
by the default runtime, which leads to a crash on launch. Use
<programlisting>environment.systemPackages = [(pkgs.steam.override { newStdcpp = true; })];</programlisting>
in your config if you get an error like
<programlisting>
libGL error: unable to load driver: radeonsi_dri.so
libGL error: driver pointer missing
libGL error: failed to load driver: radeonsi
libGL error: unable to load driver: swrast_dri.so
libGL error: failed to load driver: swrast</programlisting></para></listitem>
<listitem><para>
Steam ships statically linked with a version of libcrypto that
conflics with the one dynamically loaded by radeonsi_dri.so.
If you get the error
<programlisting>steam.sh: line 713: 7842 Segmentation fault (core dumped)</programlisting>
have a look at <link xlink:href="https://github.com/NixOS/nixpkgs/pull/20269">this pull request</link>.
</para></listitem>
<term>Using the FOSS Radeon or nouveau (nvidia) drivers</term>
<listitem><itemizedlist>
<listitem><para>The <literal>newStdcpp</literal> parameter
was removed since NixOS 17.09 and should not be needed anymore.
</para></listitem>
<listitem><para>
Steam ships statically linked with a version of libcrypto that
conflics with the one dynamically loaded by radeonsi_dri.so.
If you get the error
<programlisting>steam.sh: line 713: 7842 Segmentation fault (core dumped)</programlisting>
have a look at <link xlink:href="https://github.com/NixOS/nixpkgs/pull/20269">this pull request</link>.
</para></listitem>
</itemizedlist></listitem></varlistentry>
@ -670,4 +664,34 @@ cp ${myEmacsConfig} $out/share/emacs/site-lisp/default.el
</section>
<section xml:id="sec-weechat">
<title>Weechat</title>
<para>
Weechat can currently be configured to include your choice of plugins.
To make use of this functionality, install an expression that overrides its configuration such as
<programlisting>weechat.override {configure = {availablePlugins, ...}: {
plugins = with availablePlugins; [ python perl ];
}
}</programlisting>
</para>
<para>
The plugins currently available are <literal>python</literal>,
<literal>perl</literal>, <literal>ruby</literal>, <literal>guile</literal>,
<literal>tcl</literal> and <literal>lua</literal>.
</para>
<para>
The python plugin allows the addition of extra libraries. For instance,
the <literal>inotify.py</literal> script in weechat-scripts requires
D-Bus or libnotify, and the <literal>fish.py</literal> script requires
pycrypto. To use these scripts, use the <literal>python</literal>
plugin's <literal>withPackages</literal> attribute:
<programlisting>weechat.override {configure = {availablePlugins, ...}: {
plugins = with availablePlugins; [
(python.withPackages (ps: with ps; [ pycrypto python-dbus ]))
];
}
}
</programlisting>
</para>
</section>
</chapter>

83
doc/platform-notes.xml Normal file
View File

@ -0,0 +1,83 @@
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xml:id="chap-platform-nodes">
<title>Platform Notes</title>
<section xml:id="sec-darwin">
<title>Darwin (macOS)</title>
<para>Some common issues when packaging software for darwin:</para>
<itemizedlist>
<listitem>
<para>
The darwin <literal>stdenv</literal> uses clang instead of gcc.
When referring to the compiler <varname>$CC</varname> or <command>cc</command>
will work in both cases. Some builds hardcode gcc/g++ in their
build scripts, that can usually be fixed with using something
like <literal>makeFlags = [ "CC=cc" ];</literal> or by patching
the build scripts.
</para>
<programlisting>
stdenv.mkDerivation {
name = "libfoo-1.2.3";
# ...
buildPhase = ''
$CC -o hello hello.c
'';
}
</programlisting>
</listitem>
<listitem>
<para>
On darwin libraries are linked using absolute paths, libraries
are resolved by their <literal>install_name</literal> at link
time. Sometimes packages won't set this correctly causing the
library lookups to fail at runtime. This can be fixed by adding
extra linker flags or by running <command>install_name_tool -id</command>
during the <function>fixupPhase</function>.
</para>
<programlisting>
stdenv.mkDerivation {
name = "libfoo-1.2.3";
# ...
makeFlags = stdenv.lib.optional stdenv.isDarwin "LDFLAGS=-Wl,-install_name,$(out)/lib/libfoo.dylib";
}
</programlisting>
</listitem>
<listitem>
<para>
Some packages assume xcode is available and use <command>xcrun</command>
to resolve build tools like <command>clang</command>, etc.
This causes errors like <code>xcode-select: error: no developer tools were found at '/Applications/Xcode.app'</code>
while the build doesn't actually depend on xcode.
</para>
<programlisting>
stdenv.mkDerivation {
name = "libfoo-1.2.3";
# ...
prePatch = ''
substituteInPlace Makefile \
--replace '/usr/bin/xcrun clang' clang
'';
}
</programlisting>
<para>
The package <literal>xcbuild</literal> can be used to build projects
that really depend on Xcode, however projects that build some kind of
graphical interface won't work without using Xcode in an impure way.
</para>
</listitem>
</itemizedlist>
</section>
</chapter>

View File

@ -1,4 +1,3 @@
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xml:id="chap-stdenv">
@ -188,11 +187,13 @@ genericBuild
<varlistentry>
<term><varname>NIX_DEBUG</varname></term>
<listitem><para>If set, <literal>stdenv</literal> will print some
debug information during the build. In particular, the
<command>gcc</command> and <command>ld</command> wrapper scripts
will print out the complete command line passed to the wrapped
tools.</para></listitem>
<listitem><para>
A natural number indicating how much information to log.
If set to 1 or higher, <literal>stdenv</literal> will print moderate debug information during the build.
In particular, the <command>gcc</command> and <command>ld</command> wrapper scripts will print out the complete command line passed to the wrapped tools.
If set to 6 or higher, the <literal>stdenv</literal> setup script will be run with <literal>set -x</literal> tracing.
If set to 7 or higher, the <command>gcc</command> and <command>ld</command> wrapper scripts will also be run with <literal>set -x</literal> tracing.
</para></listitem>
</varlistentry>
</variablelist>
@ -697,8 +698,14 @@ nothing.</para>
<listitem><para>A list of strings passed as additional flags to
<command>make</command>. These flags are also used by the default
install and check phase. For setting make flags specific to the
build phase, use <varname>buildFlags</varname> (see
below).</para></listitem>
build phase, use <varname>buildFlags</varname> (see below).
<programlisting>
makeFlags = [ "PREFIX=$(out)" ];
</programlisting>
<note><para>The flags are quoted in bash, but environment variables can
be specified by using the make syntax.</para></note></para></listitem>
</varlistentry>
<varlistentry>

View File

@ -61,7 +61,7 @@ $ git checkout -b 'fix/pkg-name-update'
<listitem>
<para>Format the commit in a following way:</para>
<programlisting>
(pkg-name | service-name): (from -> to | init at version | refactor | etc)
(pkg-name | nixos/&lt;module>): (from -> to | init at version | refactor | etc)
Additional information.
</programlisting>
@ -78,19 +78,19 @@ Additional information.
<listitem>
<para>
<command>firefox: 3.0 -> 3.1.1</command>
<command>firefox: 54.0.1 -> 55.0</command>
</para>
</listitem>
<listitem>
<para>
<command>hydra service: add bazBaz option</command>
<command>nixos/hydra: add bazBaz option</command>
</para>
</listitem>
<listitem>
<para>
<command>nginx service: refactor config generation</command>
<command>nixos/nginx: refactor config generation</command>
</para>
</listitem>
</itemizedlist>
@ -196,7 +196,7 @@ Additional information.
<itemizedlist>
<listitem>
<para>Write the title in format <command>(pkg-name | service): improvement</command>.
<para>Write the title in format <command>(pkg-name | nixos/&lt;module>): improvement</command>.
<itemizedlist>
<listitem>
@ -223,6 +223,133 @@ Additional information.
</itemizedlist>
</section>
<section>
<title>Pull Request Template</title>
<para>
The pull request template helps determine what steps have been made for a
contribution so far, and will help guide maintainers on the status of a
change. The motivation section of the PR should include any extra details
the title does not address and link any existing issues related to the pull
request.
</para>
<para>When a PR is created, it will be pre-populated with some checkboxes detailed below:
</para>
<section>
<title>Tested using sandboxing</title>
<para>
When sandbox builds are enabled, Nix will setup an isolated environment
for each build process. It is used to remove further hidden dependencies
set by the build environment to improve reproducibility. This includes
access to the network during the build outside of
<function>fetch*</function> functions and files outside the Nix store.
Depending on the operating system access to other resources are blocked
as well (ex. inter process communication is isolated on Linux); see <link
xlink:href="https://nixos.org/nix/manual/#description-45">build-use-sandbox</link>
in Nix manual for details.
</para>
<para>
Sandboxing is not enabled by default in Nix due to a small performance
hit on each build. In pull requests for <link
xlink:href="https://github.com/NixOS/nixpkgs/">nixpkgs</link> people
are asked to test builds with sandboxing enabled (see <literal>Tested
using sandboxing</literal> in the pull request template) because
in<link
xlink:href="https://nixos.org/hydra/">https://nixos.org/hydra/</link>
sandboxing is also used.
</para>
<para>
Depending if you use NixOS or other platforms you can use one of the
following methods to enable sandboxing <emphasis role="bold">before</emphasis> building the package:
<itemizedlist>
<listitem>
<para>
<emphasis role="bold">Globally enable sandboxing on NixOS</emphasis>:
add the following to
<filename>configuration.nix</filename>
<screen>nix.useSandbox = true;</screen>
</para>
</listitem>
<listitem>
<para>
<emphasis role="bold">Globally enable sandboxing on non-NixOS platforms</emphasis>:
add the following to: <filename>/etc/nix/nix.conf</filename>
<screen>build-use-sandbox = true</screen>
</para>
</listitem>
</itemizedlist>
</para>
</section>
<section>
<title>Built on platform(s)</title>
<para>
Many Nix packages are designed to run on multiple
platforms. As such, it's important to let the maintainer know which
platforms your changes have been tested on. It's not always practical to
test a change on all platforms, and is not required for a pull request to
be merged. Only check the systems you tested the build on in this
section.
</para>
</section>
<section>
<title>Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)</title>
<para>
Packages with automated tests are much more likely to be merged in a
timely fashion because it doesn't require as much manual testing by the
maintainer to verify the functionality of the package. If there are
existing tests for the package, they should be run to verify your changes
do not break the tests. Tests only apply to packages with NixOS modules
defined and can only be run on Linux. For more details on writing and
running tests, see the <link
xlink:href="https://nixos.org/nixos/manual/index.html#sec-nixos-tests">section
in the NixOS manual</link>.
</para>
</section>
<section>
<title>Tested compilation of all pkgs that depend on this change using <command>nox-review</command></title>
<para>
If you are updating a package's version, you can use nox to make sure all
packages that depend on the updated package still compile correctly. This
can be done using the nox utility. The <command>nox-review</command>
utility can look for and build all dependencies either based on
uncommited changes with the <literal>wip</literal> option or specifying a
github pull request number.
</para>
<para>
review uncommitted changes:
<screen>nix-shell -p nox --run nox-review wip</screen>
</para>
<para>
review changes from pull request number 12345:
<screen>nix-shell -p nox --run nox-review pr 12345</screen>
</para>
</section>
<section>
<title>Tested execution of all binary files (usually in <filename>./result/bin/</filename>)</title>
<para>
It's important to test any executables generated by a build when you
change or create a package in nixpkgs. This can be done by looking in
<filename>./result/bin</filename> and running any files in there, or at a
minimum, the main executable for the package. For example, if you make a change
to <package>texlive</package>, you probably would only check the binaries
associated with the change you made rather than testing all of them.
</para>
</section>
<section>
<title>Meets nixpkgs contribution standards</title>
<para>
The last checkbox is fits <link
xlink:href="https://github.com/NixOS/nixpkgs/blob/master/.github/CONTRIBUTING.md">CONTRIBUTING.md</link>.
The contributing document has detailed information on standards the Nix
community has for commit messages, reviews, licensing of contributions
you make to the project, etc... Everyone should read and understand the
standards the community has for contributing before submitting a pull
request.
</para>
</section>
</section>
<section>
<title>Hotfixing pull requests</title>

View File

@ -1,11 +1,11 @@
{ lib }:
# Operations on attribute sets.
let
inherit (builtins) head tail length;
inherit (import ./trivial.nix) and or;
inherit (import ./default.nix) fold;
inherit (import ./strings.nix) concatStringsSep;
inherit (import ./lists.nix) concatMap concatLists all deepSeqList;
inherit (lib.trivial) and or;
inherit (lib.strings) concatStringsSep;
inherit (lib.lists) fold concatMap concatLists all deepSeqList;
in
rec {

View File

@ -1,6 +1,6 @@
{ lib }:
let
lib = import ./default.nix;
inherit (builtins) attrNames isFunction;
in

View File

@ -1,4 +1,6 @@
let lib = import ./default.nix;
{ lib }:
let
inherit (builtins) trace attrNamesToStr isAttrs isFunction isList isInt
isString isBool head substring attrNames;

View File

@ -5,58 +5,127 @@
*/
let
# often used, or depending on very little
trivial = import ./trivial.nix;
fixedPoints = import ./fixed-points.nix;
callLibs = file: import file { inherit lib; };
# datatypes
attrsets = import ./attrsets.nix;
lists = import ./lists.nix;
strings = import ./strings.nix;
stringsWithDeps = import ./strings-with-deps.nix;
lib = rec {
# packaging
customisation = import ./customisation.nix;
maintainers = import ./maintainers.nix;
meta = import ./meta.nix;
sources = import ./sources.nix;
# often used, or depending on very little
trivial = callLibs ./trivial.nix;
fixedPoints = callLibs ./fixed-points.nix;
# module system
modules = import ./modules.nix;
options = import ./options.nix;
types = import ./types.nix;
# datatypes
attrsets = callLibs ./attrsets.nix;
lists = callLibs ./lists.nix;
strings = callLibs ./strings.nix;
stringsWithDeps = callLibs ./strings-with-deps.nix;
# constants
licenses = import ./licenses.nix;
systems = import ./systems;
# packaging
customisation = callLibs ./customisation.nix;
maintainers = callLibs ./maintainers.nix;
meta = callLibs ./meta.nix;
sources = callLibs ./sources.nix;
# misc
debug = import ./debug.nix;
generators = import ./generators.nix;
misc = import ./deprecated.nix;
# domain-specific
sandbox = import ./sandbox.nix;
fetchers = import ./fetchers.nix;
# module system
modules = callLibs ./modules.nix;
options = callLibs ./options.nix;
types = callLibs ./types.nix;
# Eval-time filesystem handling
filesystem = import ./filesystem.nix;
# constants
licenses = callLibs ./licenses.nix;
systems = callLibs ./systems;
in
{ inherit trivial fixedPoints
attrsets lists strings stringsWithDeps
customisation maintainers meta sources
modules options types
licenses systems
debug generators misc
sandbox fetchers filesystem;
# misc
debug = callLibs ./debug.nix;
generators = callLibs ./generators.nix;
misc = callLibs ./deprecated.nix;
# domain-specific
sandbox = callLibs ./sandbox.nix;
fetchers = callLibs ./fetchers.nix;
# Eval-time filesystem handling
filesystem = callLibs ./filesystem.nix;
# back-compat aliases
platforms = systems.doubles;
}
# !!! don't include everything at top-level; perhaps only the most
# commonly used functions.
// trivial // fixedPoints
// lists // strings // stringsWithDeps // attrsets // sources
// options // types // meta // debug // misc // modules
// customisation
inherit (builtins) add addErrorContext attrNames
concatLists deepSeq elem elemAt filter genericClosure genList
getAttr hasAttr head isAttrs isBool isFunction isInt isList
isString length lessThan listToAttrs pathExists readFile
replaceStrings seq stringLength sub substring tail;
inherit (trivial) id const concat or and boolToString mergeAttrs
flip mapNullable inNixShell min max importJSON warn info
nixpkgsVersion mod;
inherit (fixedPoints) fix fix' extends composeExtensions
makeExtensible makeExtensibleWithCustomName;
inherit (attrsets) attrByPath hasAttrByPath setAttrByPath
getAttrFromPath attrVals attrValues catAttrs filterAttrs
filterAttrsRecursive foldAttrs collect nameValuePair mapAttrs
mapAttrs' mapAttrsToList mapAttrsRecursive mapAttrsRecursiveCond
genAttrs isDerivation toDerivation optionalAttrs
zipAttrsWithNames zipAttrsWith zipAttrs recursiveUpdateUntil
recursiveUpdate matchAttrs overrideExisting getOutput getBin
getLib getDev chooseDevOutputs zipWithNames zip;
inherit (lists) singleton foldr fold foldl foldl' imap0 imap1
concatMap flatten remove findSingle findFirst any all count
optional optionals toList range partition zipListsWith zipLists
reverseList listDfs toposort sort take drop sublist last init
crossLists unique intersectLists subtractLists
mutuallyExclusive;
inherit (strings) concatStrings concatMapStrings concatImapStrings
intersperse concatStringsSep concatMapStringsSep
concatImapStringsSep makeSearchPath makeSearchPathOutput
makeLibraryPath makeBinPath makePerlPath optionalString
hasPrefix hasSuffix stringToCharacters stringAsChars escape
escapeShellArg escapeShellArgs replaceChars lowerChars upperChars
toLower toUpper addContextFrom splitString removePrefix
removeSuffix versionOlder versionAtLeast getVersion nameFromURL
enableFeature fixedWidthString fixedWidthNumber isStorePath
toInt readPathsFromFile fileContents;
inherit (stringsWithDeps) textClosureList textClosureMap
noDepEntry fullDepEntry packEntry stringAfter;
inherit (customisation) overrideDerivation makeOverridable
callPackageWith callPackagesWith addPassthru hydraJob makeScope;
inherit (meta) addMetaAttrs dontDistribute setName updateName
appendToName mapDerivationAttrset lowPrio lowPrioSet hiPrio
hiPrioSet;
inherit (sources) pathType pathIsDirectory cleanSourceFilter
cleanSource sourceByRegex sourceFilesBySuffices
commitIdFromGitRepo;
inherit (modules) evalModules closeModules unifyModuleSyntax
applyIfFunction unpackSubmodule packSubmodule mergeModules
mergeModules' mergeOptionDecls evalOptionValue mergeDefinitions
pushDownProperties dischargeProperties filterOverrides
sortProperties fixupOptionType mkIf mkAssert mkMerge mkOverride
mkOptionDefault mkDefault mkForce mkVMOverride mkStrict
mkFixStrictness mkOrder mkBefore mkAfter mkAliasDefinitions
mkAliasAndWrapDefinitions fixMergeModules mkRemovedOptionModule
mkRenamedOptionModule mkMergedOptionModule mkChangedOptionModule
mkAliasOptionModule doRename filterModules;
inherit (options) isOption mkEnableOption mkSinkUndeclaredOptions
mergeDefaultOption mergeOneOption mergeEqualOption getValues
getFiles optionAttrSetToDocList optionAttrSetToDocList'
scrubOptionValue literalExample showOption showFiles
unknownModule mkOption;
inherit (types) isType setType defaultTypeMerge defaultFunctor
isOptionType mkOptionType;
inherit (debug) addErrorContextToAttrs traceIf traceVal
traceXMLVal traceXMLValMarked traceSeq traceSeqN traceValSeq
traceValSeqN traceShowVal traceShowValMarked
showVal traceCall traceCall2 traceCall3 traceValIfNot runTests
testAllTrue strict traceCallXml attrNamesToStr;
inherit (misc) maybeEnv defaultMergeArg defaultMerge foldArgs
defaultOverridableDelayableArgs composedArgsAndFun
maybeAttrNullable maybeAttr ifEnable checkFlag getValue
checkReqs uniqList uniqListExt condConcat lazyGenericClosure
innerModifySumArgs modifySumArgs innerClosePropagation
closePropagation mapAttrsFlatten nvs setAttr setAttrMerge
mergeAttrsWithFunc mergeAttrsConcatenateValues
mergeAttrsNoOverride mergeAttrByFunc mergeAttrsByFuncDefaults
mergeAttrsByFuncDefaultsClean mergeAttrBy
prepareDerivationArgs nixType imap overridableDelayableArgs;
};
in lib

View File

@ -1,11 +1,12 @@
let lib = import ./default.nix;
{ lib }:
let
inherit (builtins) isFunction head tail isList isAttrs isInt attrNames;
in
with import ./lists.nix;
with import ./attrsets.nix;
with import ./strings.nix;
with lib.lists;
with lib.attrsets;
with lib.strings;
rec {

View File

@ -1,4 +1,5 @@
# snippets that can be shared by multiple fetchers (pkgs/build-support)
{ lib }:
{
proxyImpureEnvVars = [

View File

@ -1,3 +1,4 @@
{ lib }:
{ # haskellPathsInDir : Path -> Map String Path
# A map of all haskell packages defined in the given path,
# identified by having a cabal file with the same name as the

View File

@ -1,3 +1,4 @@
{ ... }:
rec {
# Compute the fixed point of the given function `f`, which is usually an
# attribute set that expects its final, non-recursive representation as an

View File

@ -7,10 +7,11 @@
* Tests can be found in ./tests.nix
* Documentation in the manual, #sec-generators
*/
with import ./trivial.nix;
{ lib }:
with (lib).trivial;
let
libStr = import ./strings.nix;
libAttr = import ./attrsets.nix;
libStr = lib.strings;
libAttr = lib.attrsets;
flipMapAttrs = flip libAttr.mapAttrs;
in

View File

@ -1,7 +1,6 @@
{ lib }:
let
lib = import ./default.nix;
spdx = lic: lic // {
url = "http://spdx.org/licenses/${lic.spdxId}";
};
@ -175,6 +174,12 @@ lib.mapAttrs (n: v: v // { shortName = n; }) rec {
fullName = "DOC License";
};
eapl = {
fullName = "EPSON AVASYS PUBLIC LICENSE";
url = http://avasys.jp/hp/menu000000700/hpg000000603.htm;
free = false;
};
efl10 = spdx {
spdxId = "EFL-1.0";
fullName = "Eiffel Forum License v1.0";
@ -198,7 +203,7 @@ lib.mapAttrs (n: v: v // { shortName = n; }) rec {
eupl11 = spdx {
spdxId = "EUPL-1.1";
fullname = "European Union Public License 1.1";
fullName = "European Union Public License 1.1";
};
fdl12 = spdx {
@ -211,6 +216,12 @@ lib.mapAttrs (n: v: v // { shortName = n; }) rec {
fullName = "GNU Free Documentation License v1.3";
};
ffsl = {
fullName = "Floodgap Free Software License";
url = http://www.floodgap.com/software/ffsl/license.html;
free = false;
};
free = {
fullName = "Unspecified free software license";
};
@ -271,6 +282,11 @@ lib.mapAttrs (n: v: v // { shortName = n; }) rec {
url = https://fedoraproject.org/wiki/Licensing/GPL_Classpath_Exception;
};
hpnd = spdx {
spdxId = "HPND";
fullName = "Historic Permission Notice and Disclaimer";
};
# Intel's license, seems free
iasl = {
fullName = "iASL";
@ -282,9 +298,10 @@ lib.mapAttrs (n: v: v // { shortName = n; }) rec {
fullName = "Independent JPEG Group License";
};
inria = {
fullName = "INRIA Non-Commercial License Agreement";
inria-compcert = {
fullName = "INRIA Non-Commercial License Agreement for the CompCert verified compiler";
url = "http://compcert.inria.fr/doc/LICENSE";
free = false;
};
ipa = spdx {
@ -363,7 +380,7 @@ lib.mapAttrs (n: v: v // { shortName = n; }) rec {
};
miros = {
fullname = "MirOS License";
fullName = "MirOS License";
url = https://opensource.org/licenses/MirOS;
};

View File

@ -1,6 +1,6 @@
# General list operations.
with import ./trivial.nix;
{ lib }:
with lib.trivial;
rec {

View File

@ -1,3 +1,4 @@
{ ...}:
/* List of NixOS maintainers. The format is:
handle = "Real Name <address@example.org>";
@ -30,21 +31,26 @@
ak = "Alexander Kjeldaas <ak@formalprivacy.com>";
akaWolf = "Artjom Vejsel <akawolf0@gmail.com>";
akc = "Anders Claesson <akc@akc.is>";
alexvorobiev = "Alex Vorobiev <alexander.vorobiev@gmail.com";
algorith = "Dries Van Daele <dries_van_daele@telenet.be>";
alibabzo = "Alistair Bill <alistair.bill@gmail.com>";
all = "Nix Committers <nix-commits@lists.science.uu.nl>";
alunduil = "Alex Brandt <alunduil@alunduil.com>";
ambrop72 = "Ambroz Bizjak <ambrop7@gmail.com>";
amiddelk = "Arie Middelkoop <amiddelk@gmail.com>";
amiloradovsky = "Andrew Miloradovsky <miloradovsky@gmail.com>";
amorsillo = "Andrew Morsillo <andrew.morsillo@gmail.com>";
AndersonTorres = "Anderson Torres <torres.anderson.85@gmail.com>";
anderspapitto = "Anders Papitto <anderspapitto@gmail.com>";
andir = "Andreas Rammhold <andreas@rammhold.de>";
andres = "Andres Loeh <ksnixos@andres-loeh.de>";
andrestylianos = "Andre S. Ramos <andre.stylianos@gmail.com>";
andrewrk = "Andrew Kelley <superjoe30@gmail.com>";
andsild = "Anders Sildnes <andsild@gmail.com>";
aneeshusa = "Aneesh Agrawal <aneeshusa@gmail.com>";
ankhers = "Justin Wood <justin.k.wood@gmail.com>";
antono = "Antono Vasiljev <self@antono.info>";
antonxy = "Anton Schirg <anton.schirg@posteo.de>";
apeschar = "Albert Peschar <albert@peschar.net>";
apeyroux = "Alexandre Peyroux <alex@px.io>";
ardumont = "Antoine R. Dumont <eniotna.t@gmail.com>";
@ -62,13 +68,14 @@
aycanirican = "Aycan iRiCAN <iricanaycan@gmail.com>";
bachp = "Pascal Bach <pascal.bach@nextrem.ch>";
badi = "Badi' Abdul-Wahid <abdulwahidc@gmail.com>";
balajisivaraman = "Balaji Sivaraman<sivaraman.balaji@gmail.com>";
balajisivaraman = "Balaji Sivaraman <sivaraman.balaji@gmail.com>";
barrucadu = "Michael Walker <mike@barrucadu.co.uk>";
basvandijk = "Bas van Dijk <v.dijk.bas@gmail.com>";
Baughn = "Svein Ove Aas <sveina@gmail.com>";
bcarrell = "Brandon Carrell <brandoncarrell@gmail.com>";
bcdarwin = "Ben Darwin <bcdarwin@gmail.com>";
bdimcheff = "Brandon Dimcheff <brandon@dimcheff.com>";
bendlas = "Herwig Hochleitner <herwig@bendlas.net>";
benley = "Benjamin Staffin <benley@gmail.com>";
bennofs = "Benno Fünfstück <benno.fuenfstueck@gmail.com>";
benwbooth = "Ben Booth <benwbooth@gmail.com>";
@ -88,28 +95,36 @@
bramd = "Bram Duvigneau <bram@bramd.nl>";
bstrik = "Berno Strik <dutchman55@gmx.com>";
bzizou = "Bruno Bzeznik <Bruno@bzizou.net>";
c0bw3b = "Renaud <c0bw3b@gmail.com>";
c0dehero = "CodeHero <codehero@nerdpol.ch>";
calbrecht = "Christian Albrecht <christian.albrecht@mayflower.de>";
calrama = "Moritz Maxeiner <moritz@ucworks.org>";
calvertvl = "Victor Calvert <calvertvl@gmail.com>";
campadrenalin = "Philip Horger <campadrenalin@gmail.com>";
canndrew = "Andrew Cann <shum@canndrew.org>";
carlsverre = "Carl Sverre <accounts@carlsverre.com>";
casey = "Casey Rodarmor <casey@rodarmor.net>";
catern = "Spencer Baugh <sbaugh@catern.com>";
caugner = "Claas Augner <nixos@caugner.de>";
cdepillabout = "Dennis Gosnell <cdep.illabout@gmail.com>";
cfouche = "Chaddaï Fouché <chaddai.fouche@gmail.com>";
changlinli = "Changlin Li <mail@changlinli.com>";
chaoflow = "Florian Friesdorf <flo@chaoflow.net>";
chattered = "Phil Scott <me@philscotted.com>";
choochootrain = "Hurshal Patel <hurshal@imap.cc>";
chpatrick = "Patrick Chilton <chpatrick@gmail.com>";
chris-martin = "Chris Martin <ch.martin@gmail.com>";
chrisjefferson = "Christopher Jefferson <chris@bubblescope.net>";
chrisrosset = "Christopher Rosset <chris@rosset.org.uk>";
christopherpoole = "Christopher Mark Poole <mail@christopherpoole.net>";
ciil = "Simon Lackerbauer <simon@lackerbauer.com>";
ckampka = "Christian Kampka <christian@kampka.net>";
ckauhaus = "Christian Kauhaus <christian@kauhaus.de>";
cko = "Christine Koppelt <christine.koppelt@gmail.com>";
cleverca22 = "Michael Bishop <cleverca22@gmail.com>";
cmcdragonkai = "Roger Qiu <roger.qiu@matrix.ai>";
cmfwyp = "cmfwyp <cmfwyp@riseup.net>";
cobbal = "Andrew Cobb <andrew.cobb@gmail.com>";
coconnor = "Corey O'Connor <coreyoconnor@gmail.com>";
codsl = "codsl <codsl@riseup.net>";
codyopel = "Cody Opel <codyopel@gmail.com>";
@ -124,12 +139,14 @@
cryptix = "Henry Bubert <cryptix@riseup.net>";
CrystalGamma = "Jona Stubbe <nixos@crystalgamma.de>";
cstrahan = "Charles Strahan <charles@cstrahan.com>";
csingley = "Christopher Singley <csingley@gmail.com>";
cwoac = "Oliver Matthews <oliver@codersoffortune.net>";
DamienCassou = "Damien Cassou <damien@cassou.me>";
danbst = "Danylo Hlynskyi <abcz2.uprola@gmail.com>";
dancek = "Hannu Hartikainen <hannu.hartikainen@gmail.com>";
danielfullmer = "Daniel Fullmer <danielrf12@gmail.com>";
dasuxullebt = "Christoph-Simon Senjak <christoph.senjak@googlemail.com>";
david50407 = "David Kuo <me@davy.tw>";
davidak = "David Kleuker <post@davidak.de>";
davidrusu = "David Rusu <davidrusu.me@gmail.com>";
davorb = "Davor Babic <davor@davor.se>";
@ -144,10 +161,12 @@
desiderius = "Didier J. Devroye <didier@devroye.name>";
devhell = "devhell <\"^\"@regexmail.net>";
dezgeg = "Tuomas Tynkkynen <tuomas.tynkkynen@iki.fi>";
dfordivam = "Divam <dfordivam+nixpkgs@gmail.com>";
dfoxfranke = "Daniel Fox Franke <dfoxfranke@gmail.com>";
dgonyeo = "Derek Gonyeo <derek@gonyeo.com>";
dipinhora = "Dipin Hora <dipinhora+github@gmail.com>";
disassembler = "Samuel Leathers <disasm@gmail.com>";
dizfer = "David Izquierdo <david@izquierdofernandez.com>";
dmalikov = "Dmitry Malikov <malikov.d.y@gmail.com>";
DmitryTsygankov = "Dmitry Tsygankov <dmitry.tsygankov@gmail.com>";
dmjio = "David Johnson <djohnson.m@gmail.com>";
@ -156,13 +175,16 @@
dotlambda = "Robert Schütz <rschuetz17@gmail.com>";
doublec = "Chris Double <chris.double@double.co.nz>";
dpaetzel = "David Pätzel <david.a.paetzel@gmail.com>";
dpflug = "David Pflug <david@pflug.email>";
drets = "Dmytro Rets <dmitryrets@gmail.com>";
drewkett = "Andrew Burkett <burkett.andrew@gmail.com>";
dsferruzza = "David Sferruzza <david.sferruzza@gmail.com>";
dtzWill = "Will Dietz <nix@wdtz.org>";
dupgit = "Olivier Delhomme <olivier.delhomme@free.fr>";
dywedir = "Vladyslav M. <dywedir@protonmail.ch>";
e-user = "Alexander Kahl <nixos@sodosopa.io>";
ebzzry = "Rommel Martinez <ebzzry@gmail.com>";
earldouglas = "James Earl Douglas <james@earldouglas.com>";
ebzzry = "Rommel Martinez <ebzzry@ebzzry.io>";
edanaher = "Evan Danaher <nixos@edanaher.net>";
edef = "edef <edef@edef.eu>";
ederoyd46 = "Matthew Brown <matt@ederoyd.co.uk>";
@ -180,17 +202,23 @@
ellis = "Ellis Whitehead <nixos@ellisw.net>";
eperuffo = "Emanuele Peruffo <info@emanueleperuffo.com>";
epitrochoid = "Mabry Cervin <mpcervin@uncg.edu>";
eqyiel = "Ruben Maher <r@rkm.id.au>";
ericbmerritt = "Eric Merritt <eric@afiniate.com>";
ericsagnes = "Eric Sagnes <eric.sagnes@gmail.com>";
ericson2314 = "John Ericson <John.Ericson@Obsidian.Systems>";
erictapen = "Justin Humm <justin.humm@posteo.de>";
erikryb = "Erik Rybakken <erik.rybakken@math.ntnu.no>";
ertes = "Ertugrul Söylemez <esz@posteo.de>";
ethercrow = "Dmitry Ivanov <ethercrow@gmail.com>";
etu = "Elis Hirwing <elis@hirwing.se>";
exi = "Reno Reckling <nixos@reckling.org>";
exlevan = "Alexey Levan <exlevan@gmail.com>";
expipiplus1 = "Joe Hermaszewski <nix@monoid.al>";
fadenb = "Tristan Helmich <tristan.helmich+nixos@gmail.com>";
fare = "Francois-Rene Rideau <fahree@gmail.com>";
falsifian = "James Cook <james.cook@utoronto.ca>";
fare = "Francois-Rene Rideau <fahree@gmail.com>";
fgaz = "Francesco Gazzetta <francygazz@gmail.com>";
flokli = "Florian Klink <flokli@flokli.de>";
florianjacob = "Florian Jacob <projects+nixos@florianjacob.de>";
flosse = "Markus Kohlhase <mail@markus-kohlhase.de>";
fluffynukeit = "Daniel Austin <dan@fluffynukeit.com>";
@ -207,11 +235,13 @@
fuuzetsu = "Mateusz Kowalczyk <fuuzetsu@fuuzetsu.co.uk>";
fuzzy-id = "Thomas Bach <hacking+nixos@babibo.de>";
fxfactorial = "Edgar Aroutiounian <edgar.factorial@gmail.com>";
gabesoft = "Gabriel Adomnicai <gabesoft@gmail.com>";
gal_bolle = "Florent Becker <florent.becker@ens-lyon.org>";
garbas = "Rok Garbas <rok@garbas.si>";
garrison = "Jim Garrison <jim@garrison.cc>";
gavin = "Gavin Rogers <gavin@praxeology.co.uk>";
gebner = "Gabriel Ebner <gebner@gebner.org>";
geistesk = "Alvar Penning <post@0x21.biz>";
georgewhewell = "George Whewell <georgerw@gmail.com>";
gilligan = "Tobias Pflug <tobias.pflug@gmail.com>";
giogadi = "Luis G. Torres <lgtorres42@gmail.com>";
@ -227,13 +257,16 @@
grburst = "Julius Elias <grburst@openmailbox.org>";
gridaphobe = "Eric Seidel <eric@seidel.io>";
guibert = "David Guibert <david.guibert@gmail.com>";
guibou = "Guillaume Bouchard <guillaum.bouchard@gmail.com>";
guillaumekoenig = "Guillaume Koenig <guillaume.edward.koenig@gmail.com>";
guyonvarch = "Joris Guyonvarch <joris@guyonvarch.me>";
hakuch = "Jesse Haber-Kucharsky <hakuch@gmail.com>";
hamhut1066 = "Hamish Hutchings <github@hamhut1066.com>";
havvy = "Ryan Scheel <ryan.havvy@gmail.com>";
hbunke = "Hendrik Bunke <bunke.hendrik@gmail.com>";
hce = "Hans-Christian Esperer <hc@hcesperer.org>";
hectorj = "Hector Jusforgues <hector.jusforgues+nixos@gmail.com>";
hedning = "Tor Hedin Brønner <torhedinbronner@gmail.com>";
heel = "Sergii Paryzhskyi <parizhskiy@gmail.com>";
henrytill = "Henry Till <henrytill@gmail.com>";
hhm = "hhm <heehooman+nixpkgs@gmail.com>";
@ -243,9 +276,11 @@
htr = "Hugo Tavares Reis <hugo@linux.com>";
iand675 = "Ian Duncan <ian@iankduncan.com>";
ianwookim = "Ian-Woo Kim <ianwookim@gmail.com>";
iblech = "Ingo Blechschmidt <iblech@speicherleck.de>";
igsha = "Igor Sharonov <igor.sharonov@gmail.com>";
ikervagyok = "Balázs Lengyel <ikervagyok@gmail.com>";
infinisil = "Silvan Mosberger <infinisil@icloud.com";
infinisil = "Silvan Mosberger <infinisil@icloud.com>";
ironpinguin = "Michele Catalano <michele@catalano.de>";
ivan-tkatchev = "Ivan Tkatchev <tkatchev@gmail.com>";
j-keck = "Jürgen Keck <jhyphenkeck@gmail.com>";
jagajaga = "Arseniy Seroka <ars.seroka@gmail.com>";
@ -273,10 +308,11 @@
joelmo = "Joel Moberg <joel.moberg@gmail.com>";
joelteon = "Joel Taylor <me@joelt.io>";
johbo = "Johannes Bornhold <johannes@bornhold.name>";
johnmh = "John M. Harris, Jr. <johnmh@openblox.org>";
johnramsden = "John Ramsden <johnramsden@riseup.net>";
joko = "Ioannis Koutras <ioannis.koutras@gmail.com>";
jonafato = "Jon Banafato <jon@jonafato.com>";
jpbernardy = "Jean-Philippe Bernardy <jeanphilippe.bernardy@gmail.com>";
joncojonathan = "Jonathan Haddock <joncojonathan@gmail.com>";
jpierre03 = "Jean-Pierre PRUNARET <nix@prunetwork.fr>";
jpotier = "Martin Potier <jpo.contributes.to.nixos@marvid.fr>";
jraygauthier = "Raymond Gauthier <jraygauthier@gmail.com>";
@ -284,6 +320,7 @@
juliendehos = "Julien Dehos <dehos@lisic.univ-littoral.fr>";
jwiegley = "John Wiegley <johnw@newartisans.com>";
jwilberding = "Jordan Wilberding <jwilberding@afiniate.com>";
jyp = "Jean-Philippe Bernardy <jeanphilippe.bernardy@gmail.com>";
jzellner = "Jeff Zellner <jeffz@eml.cc>";
kaiha = "Kai Harries <kai.harries@gmail.com>";
kamilchm = "Kamil Chmielewski <kamil.chm@gmail.com>";
@ -294,14 +331,17 @@
KibaFox = "Kiba Fox <kiba.fox@foxypossibilities.com>";
kierdavis = "Kier Davis <kierdavis@gmail.com>";
kiloreux = "Kiloreux Emperex <kiloreux@gmail.com>";
kini = "Keshav Kini <keshav.kini@gmail.com>";
kkallio = "Karn Kallio <tierpluspluslists@gmail.com>";
knedlsepp = "Josef Kemetmüller <josef.kemetmueller@gmail.com>";
konimex = "Muhammad Herdiansyah <herdiansyah@openmailbox.org>";
konimex = "Muhammad Herdiansyah <herdiansyah@netc.eu>";
koral = "Koral <koral@mailoo.org>";
kovirobi = "Kovacsics Robert <kovirobi@gmail.com>";
kquick = "Kevin Quick <quick@sparq.org>";
kragniz = "Louis Taylor <louis@kragniz.eu>";
kristoff3r = "Kristoffer Søholm <k.soeholm@gmail.com>";
ktosiek = "Tomasz Kontusz <tomasz.kontusz@gmail.com>";
kuznero = "Roman Kuznetsov <roman@kuznero.com>";
lassulus = "Lassulus <lassulus@gmail.com>";
layus = "Guillaume Maudoux <layus.on@gmail.com>";
ldesgoui = "Lucas Desgouilles <ldesgoui@gmail.com>";
@ -319,10 +359,12 @@
linus = "Linus Arver <linusarver@gmail.com>";
lluchs = "Lukas Werling <lukas.werling@gmail.com>";
lnl7 = "Daiderd Jordan <daiderd@gmail.com>";
lo1tuma = "Mathias Schreck <schreck.mathias@gmail.com>";
loskutov = "Ignat Loskutov <ignat.loskutov@gmail.com>";
lovek323 = "Jason O'Conal <jason@oconal.id.au>";
lowfatcomputing = "Andreas Wagner <andreas.wagner@lowfatcomputing.org>";
lsix = "Lancelot SIX <lsix@lancelotsix.com>";
ltavard = "Laure Tavard <laure.tavard@univ-grenoble-alpes.fr>";
lucas8 = "Luc Chabassier <luc.linux@mailoo.org>";
ludo = "Ludovic Courtès <ludo@gnu.org>";
lufia = "Kyohei Kadota <lufia@lufia.org>";
@ -356,8 +398,10 @@
mcmtroffaes = "Matthias C. M. Troffaes <matthias.troffaes@gmail.com>";
mdaiter = "Matthew S. Daiter <mdaiter8121@gmail.com>";
meditans = "Carlo Nucera <meditans@gmail.com>";
mehandes = "Matt Deming <niewskici@gmail.com>";
meisternu = "Matt Miemiec <meister@krutt.org>";
metabar = "Celine Mercier <softs@metabarcoding.org>";
mgdelacroix = "Miguel de la Cruz <mgdelacroix@gmail.com>";
mguentner = "Maximilian Güntner <code@klandest.in>";
mic92 = "Jörg Thalheim <joerg@thalheim.io>";
michaelpj = "Michael Peyton Jones <michaelpj@gmail.com>";
@ -367,7 +411,6 @@
mikefaille = "Michaël Faille <michael@faille.io>";
miltador = "Vasiliy Solovey <miltador@yandex.ua>";
mimadrid = "Miguel Madrid <mimadrid@ucm.es>";
mingchuan = "Ming Chuan <ming@culpring.com>";
mirdhyn = "Merlin Gaillard <mirdhyn@gmail.com>";
mirrexagon = "Andrew Abbott <mirrexagon@mirrexagon.com>";
mjanczyk = "Marcin Janczyk <m@dragonvr.pl>";
@ -407,7 +450,7 @@
nicknovitski = "Nick Novitski <nixpkgs@nicknovitski.com>";
nico202 = "Nicolò Balzarotti <anothersms@gmail.com>";
NikolaMandic = "Ratko Mladic <nikola@mandic.email>";
nixy = "Andrew R. M. <andrewmiller237@gmail.com>";
nixy = "Andrew R. M. <nixy@nixy.moe>";
nocoolnametom = "Tom Doggett <nocoolnametom@gmail.com>";
notthemessiah = "Brian Cohen <brian.cohen.88@gmail.com>";
np = "Nicolas Pouillard <np.nix@nicolaspouillard.fr>";
@ -441,6 +484,7 @@
periklis = "theopompos@gmail.com";
pesterhazy = "Paulus Esterhazy <pesterhazy@gmail.com>";
peterhoeg = "Peter Hoeg <peter@hoeg.com>";
peterromfeldhk = "Peter Romfeld <peter.romfeld.hk@gmail.com>";
peti = "Peter Simons <simons@cryp.to>";
philandstuff = "Philip Potter <philip.g.potter@gmail.com>";
phile314 = "Philipp Hausmann <nix@314.ch>";
@ -476,6 +520,7 @@
rardiol = "Ricardo Ardissone <ricardo.ardissone@gmail.com>";
rasendubi = "Alexey Shmalko <rasen.dubi@gmail.com>";
raskin = "Michael Raskin <7c6f434c@mail.ru>";
ravloony = "Tom Macdonald <ravloony@gmail.com>";
rbasso = "Rafael Basso <rbasso@sharpgeeks.net>";
redbaron = "Maxim Ivanov <ivanov.maxim@gmail.com>";
redvers = "Redvers Davies <red@infect.me>";
@ -485,6 +530,7 @@
renzo = "Renzo Carbonara <renzocarbonara@gmail.com>";
retrry = "Tadas Barzdžius <retrry@gmail.com>";
rht = "rht <rhtbot@protonmail.com>";
richardipsum = "Richard Ipsum <richardipsum@fastmail.co.uk>";
rick68 = "Wei-Ming Yang <rick68@gmail.com>";
rickynils = "Rickard Nilsson <rickynils@gmail.com>";
ris = "Robert Scott <code@humanleg.org.uk>";
@ -494,6 +540,7 @@
robberer = "Longrin Wischnewski <robberer@freakmail.de>";
robbinch = "Robbin C. <robbinch33@gmail.com>";
roberth = "Robert Hensing <nixpkgs@roberthensing.nl>";
robertodr = "Roberto Di Remigio <roberto.diremigio@gmail.com>";
robgssp = "Rob Glossop <robgssp@gmail.com>";
roblabla = "Robin Lambertz <robinlambertz+dev@gmail.com>";
roconnor = "Russell O'Connor <roconnor@theorem.ca>";
@ -513,6 +560,7 @@
ryneeverett = "Ryne Everett <ryneeverett@gmail.com>";
rzetterberg = "Richard Zetterberg <richard.zetterberg@gmail.com>";
s1lvester = "Markus Silvester <s1lvester@bockhacker.me>";
samdroid-apps = "Sam Parkinson <sam@sam.today>";
samuelrivas = "Samuel Rivas <samuelrivas@gmail.com>";
sander = "Sander van der Burg <s.vanderburg@tudelft.nl>";
sargon = "Daniel Ehlers <danielehlers@mindeye.net>";
@ -522,6 +570,7 @@
schristo = "Scott Christopher <schristopher@konputa.com>";
scolobb = "Sergiu Ivanov <sivanov@colimite.fr>";
sdll = "Sasha Illarionov <sasha.delly@gmail.com>";
SeanZicari = "Sean Zicari <sean.zicari@gmail.com>";
sepi = "Raffael Mancini <raffael@mancini.lu>";
seppeljordan = "Sebastian Jordan <sebastian.jordan.mail@googlemail.com>";
shanemikel = "Shane Pearlman <shanemikel1@gmail.com>";
@ -531,8 +580,10 @@
shell = "Shell Turner <cam.turn@gmail.com>";
shlevy = "Shea Levy <shea@shealevy.com>";
siddharthist = "Langston Barrett <langston.barrett@gmail.com>";
sifmelcara = "Ming Chuan <ming@culpring.com>";
sigma = "Yann Hodique <yann.hodique@gmail.com>";
simonvandel = "Simon Vandel Sillesen <simon.vandel@gmail.com>";
sivteck = "Sivaram Balakrishnan <sivaram1992@gmail.com>";
sjagoe = "Simon Jagoe <simon@simonjagoe.com>";
sjmackenzie = "Stewart Mackenzie <setori88@gmail.com>";
sjourdois = "Stéphane kwisatz Jourdois <sjourdois@gmail.com>";
@ -542,6 +593,8 @@
smironov = "Sergey Mironov <grrwlf@gmail.com>";
snyh = "Xia Bin <snyh@snyh.org>";
solson = "Scott Olson <scott@solson.me>";
sorpaas = "Wei Tang <hi@that.world>";
sorki = "Richard Marko <srk@48.io>";
spacefrogg = "Michael Raitza <spacefrogg-nixos@meterriblecrew.net>";
spencerjanssen = "Spencer Janssen <spencerjanssen@gmail.com>";
spinus = "Tomasz Czyż <tomasz.czyz@gmail.com>";
@ -553,28 +606,37 @@
sternenseemann = "Lukas Epple <post@lukasepple.de>";
stesie = "Stefan Siegl <stesie@brokenpipe.de>";
steveej = "Stefan Junker <mail@stefanjunker.de>";
stumoss = "Stuart Moss <samoss@gmail.com>";
SuprDewd = "Bjarki Ágúst Guðmundsson <suprdewd@gmail.com>";
swarren83 = "Shawn Warren <shawn.w.warren@gmail.com>";
swflint = "Samuel W. Flint <swflint@flintfam.org>";
swistak35 = "Rafał Łasocha <me@swistak35.com>";
symphorien = "Guillaume Girol <symphorien_nixpkgs@xlumurb.eu>";
szczyp = "Szczyp <qb@szczyp.com>";
sztupi = "Attila Sztupak <attila.sztupak@gmail.com>";
taeer = "Taeer Bar-Yam <taeer@necsi.edu>";
tailhook = "Paul Colomiets <paul@colomiets.name>";
taketwo = "Sergey Alexandrov <alexandrov88@gmail.com>";
takikawa = "Asumu Takikawa <asumu@igalia.com>";
taktoa = "Remy Goldschmidt <taktoa@gmail.com>";
taku0 = "Takuo Yonezawa <mxxouy6x3m_github@tatapa.org>";
tari = "Peter Marheine <peter@taricorp.net>";
tavyc = "Octavian Cerna <octavian.cerna@gmail.com>";
TealG = "Teal Gaure <~@Teal.Gr>";
teh = "Tom Hunger <tehunger@gmail.com>";
telotortium = "Robert Irelan <rirelan@gmail.com>";
teto = "Matthieu Coudron <mcoudron@hotmail.com>";
tex = "Milan Svoboda <milan.svoboda@centrum.cz>";
thall = "Niclas Thall <niclas.thall@gmail.com>";
thammers = "Tobias Hammerschmidt <jawr@gmx.de>";
the-kenny = "Moritz Ulrich <moritz@tarn-vedra.de>";
theuni = "Christian Theune <ct@flyingcircus.io>";
ThomasMader = "Thomas Mader <thomas.mader@gmail.com>";
thoughtpolice = "Austin Seipp <aseipp@pobox.com>";
timbertson = "Tim Cuthbertson <tim@gfxmonk.net>";
timokau = "Timo Kaufmann <timokau@zoho.com>";
titanous = "Jonathan Rudenberg <jonathan@titanous.com>";
tnias = "Philipp Bartsch <phil@grmr.de>";
tohl = "Tomas Hlavaty <tom@logand.com>";
tokudan = "Daniel Frank <git@danielfrank.net>";
tomberek = "Thomas Bereknyei <tomberek@gmail.com>";
@ -594,6 +656,7 @@
#urkud = "Yury G. Kudryashov <urkud+nix@ya.ru>"; inactive since 2012
uwap = "uwap <me@uwap.name>";
vaibhavsagar = "Vaibhav Sagar <vaibhavsagar@gmail.com>";
valeriangalliat = "Valérian Galliat <val@codejam.info>";
vandenoever = "Jos van den Oever <jos@vandenoever.info>";
vanschelven = "Klaas van Schelven <klaas@vanschelven.com>";
vanzef = "Ivan Solyankin <vanzef@gmail.com>";
@ -610,26 +673,30 @@
vlstill = "Vladimír Štill <xstill@fi.muni.cz>";
vmandela = "Venkateswara Rao Mandela <venkat.mandela@gmail.com>";
vmchale = "Vanessa McHale <tmchale@wisc.edu>";
valeriangalliat = "Valérian Galliat <val@codejam.info>";
volhovm = "Mikhail Volkhov <volhovm.cs@gmail.com>";
volth = "Jaroslavas Pocepko <jaroslavas@volth.com>";
vozz = "Oliver Hunt <oliver.huntuk@gmail.com>";
vrthra = "Rahul Gopinath <rahul@gopinath.org>";
vyp = "vyp <elisp.vim@gmail.com>";
wedens = "wedens <kirill.wedens@gmail.com>";
willibutz = "Willi Butz <willibutz@posteo.de>";
willtim = "Tim Philip Williams <tim.williams.public@gmail.com>";
winden = "Antonio Vargas Gonzalez <windenntw@gmail.com>";
wizeman = "Ricardo M. Correia <rcorreia@wizy.org>";
wjlroe = "William Roe <willroe@gmail.com>";
wkennington = "William A. Kennington III <william@wkennington.com>";
wmertens = "Wout Mertens <Wout.Mertens@gmail.com>";
woffs = "Frank Doepper <github@woffs.de>";
womfoo = "Kranium Gikos Mendoza <kranium@gikos.net>";
wscott = "Wayne Scott <wsc9tt@gmail.com>";
wyvie = "Elijah Rum <elijahrum@gmail.com>";
xnwdd = "Guillermo NWDD <nwdd+nixos@no.team>";
xvapx = "Marti Serra <marti.serra.coscollano@gmail.com>";
xwvvvvwx = "David Terry <davidterry@posteo.de>";
xzfc = "Albert Safin <xzfcpw@gmail.com>";
yarr = "Dmitry V. <savraz@gmail.com>";
yegortimoshenko = "Yegor Timoshenko <yegortimoshenko@gmail.com>";
ylwghst = "Burim Augustin Berisa <ylwghst@onionmail.info>";
yochai = "Yochai <yochai@titat.info>";
yorickvp = "Yorick van Pelt <yorickvanpelt@gmail.com>";
yuriaisaka = "Yuri Aisaka <yuri.aisaka+nix@gmail.com>";
@ -646,4 +713,5 @@
zoomulator = "Kim Simmons <zoomulator@gmail.com>";
zraexy = "David Mell <zraexy@gmail.com>";
zx2c4 = "Jason A. Donenfeld <Jason@zx2c4.com>";
zzamboni = "Diego Zamboni <diego@zzamboni.org>";
}

View File

@ -1,8 +1,7 @@
/* Some functions for manipulating meta attributes, as well as the
name attribute. */
let lib = import ./default.nix;
in
{ lib }:
rec {

View File

@ -1,2 +1,2 @@
# Expose the minimum required version for evaluating Nixpkgs
"1.10"
"1.11"

View File

@ -1,10 +1,12 @@
with import ./lists.nix;
with import ./strings.nix;
with import ./trivial.nix;
with import ./attrsets.nix;
with import ./options.nix;
with import ./debug.nix;
with import ./types.nix;
{ lib }:
with lib.lists;
with lib.strings;
with lib.trivial;
with lib.attrsets;
with lib.options;
with lib.debug;
with lib.types;
rec {
@ -336,7 +338,7 @@ rec {
# Type-check the remaining definitions, and merge them.
mergedValue = foldl' (res: def:
if type.check def.value then res
else throw "The option value `${showOption loc}' in `${def.file}' is not a ${type.description}.")
else throw "The option value `${showOption loc}' in `${def.file}' is not of type `${type.description}'.")
(type.merge loc defsFinal) defsFinal;
isDefined = defsFinal != [];

View File

@ -1,11 +1,10 @@
# Nixpkgs/NixOS option handling.
{ lib }:
let lib = import ./default.nix; in
with import ./trivial.nix;
with import ./lists.nix;
with import ./attrsets.nix;
with import ./strings.nix;
with lib.trivial;
with lib.lists;
with lib.attrsets;
with lib.strings;
rec {

View File

@ -1,4 +1,5 @@
with import ./strings.nix;
{ lib }:
with lib.strings;
/* Helpers for creating lisp S-exprs for the Apple sandbox

View File

@ -1,6 +1,5 @@
# Functions for copying sources to the Nix store.
let lib = import ./default.nix; in
{ lib }:
rec {
@ -15,8 +14,11 @@ rec {
cleanSourceFilter = name: type: let baseName = baseNameOf (toString name); in ! (
# Filter out Subversion and CVS directories.
(type == "directory" && (baseName == ".git" || baseName == ".svn" || baseName == "CVS" || baseName == ".hg")) ||
# Filter out backup files.
# Filter out editor backup / swap files.
lib.hasSuffix "~" baseName ||
builtins.match "^\\.sw[a-z]$" baseName != null ||
builtins.match "^\\..*\\.sw[a-z]$" baseName != null ||
# Filter out generates files.
lib.hasSuffix ".o" baseName ||
lib.hasSuffix ".so" baseName ||

View File

@ -1,3 +1,4 @@
{ lib }:
/*
Usage:
@ -40,9 +41,9 @@ Usage:
[1] maybe this behaviour should be removed to keep things simple (?)
*/
with import ./lists.nix;
with import ./attrsets.nix;
with import ./strings.nix;
with lib.lists;
with lib.attrsets;
with lib.strings;
rec {

View File

@ -1,6 +1,6 @@
/* String manipulation functions. */
let lib = import ./default.nix;
{ lib }:
let
inherit (builtins) length;

View File

@ -1,11 +1,12 @@
let inherit (import ../attrsets.nix) mapAttrs; in
{ lib }:
let inherit (lib.attrsets) mapAttrs; in
rec {
doubles = import ./doubles.nix;
parse = import ./parse.nix;
inspect = import ./inspect.nix;
platforms = import ./platforms.nix;
examples = import ./examples.nix;
doubles = import ./doubles.nix { inherit lib; };
parse = import ./parse.nix { inherit lib; };
inspect = import ./inspect.nix { inherit lib; };
platforms = import ./platforms.nix { inherit lib; };
examples = import ./examples.nix { inherit lib; };
# Elaborate a `localSystem` or `crossSystem` so that it contains everything
# necessary.
@ -28,6 +29,15 @@ rec {
else if final.isLinux then "glibc"
# TODO(@Ericson2314) think more about other operating systems
else "native/impure";
extensions = {
sharedLibrary =
/**/ if final.isDarwin then ".dylib"
else if final.isWindows then ".dll"
else ".so";
executable =
/**/ if final.isWindows then ".exe"
else "";
};
} // mapAttrs (n: v: v final.parsed) inspect.predicates
// args;
in final;

View File

@ -1,8 +1,9 @@
{ lib }:
let
lists = import ../lists.nix;
parse = import ./parse.nix;
inherit (import ./inspect.nix) predicates;
inherit (import ../attrsets.nix) matchAttrs;
inherit (lib) lists;
parse = import ./parse.nix { inherit lib; };
inherit (import ./inspect.nix { inherit lib; }) predicates;
inherit (lib.attrsets) matchAttrs;
all = [
"aarch64-linux"
@ -26,7 +27,7 @@ in rec {
allBut = platforms: lists.filter (x: !(builtins.elem x platforms)) all;
none = [];
arm = filterDoubles predicates.isArm32;
arm = filterDoubles predicates.isArm;
i686 = filterDoubles predicates.isi686;
mips = filterDoubles predicates.isMips;
x86_64 = filterDoubles predicates.isx86_64;

View File

@ -1,8 +1,8 @@
# These can be passed to nixpkgs as either the `localSystem` or
# `crossSystem`. They are put here for user convenience, but also used by cross
# tests and linux cross stdenv building, so handle with care!
let platforms = import ./platforms.nix; in
{ lib }:
let platforms = import ./platforms.nix { inherit lib; }; in
rec {
#

View File

@ -1,6 +1,7 @@
with import ./parse.nix;
with import ../attrsets.nix;
with import ../lists.nix;
{ lib }:
with import ./parse.nix { inherit lib; };
with lib.attrsets;
with lib.lists;
rec {
patterns = rec {
@ -11,6 +12,7 @@ rec {
PowerPC = { cpu = cpuTypes.powerpc; };
x86 = { cpu = { family = "x86"; }; };
Arm = { cpu = { family = "arm"; }; };
Aarch64 = { cpu = { family = "aarch64"; }; };
Mips = { cpu = { family = "mips"; }; };
BigEndian = { cpu = { significantByte = significantBytes.bigEndian; }; };
LittleEndian = { cpu = { significantByte = significantBytes.littleEndian; }; };
@ -28,9 +30,6 @@ rec {
Windows = { kernel = kernels.windows; };
Cygwin = { kernel = kernels.windows; abi = abis.cygnus; };
MinGW = { kernel = kernels.windows; abi = abis.gnu; };
Arm32 = recursiveUpdate Arm patterns."32bit";
Arm64 = recursiveUpdate Arm patterns."64bit";
};
matchAnyAttrs = patterns:

View File

@ -4,14 +4,13 @@
# http://llvm.org/docs/doxygen/html/Triple_8cpp_source.html especially
# Triple::normalize. Parsing should essentially act as a more conservative
# version of that last function.
with import ../lists.nix;
with import ../types.nix;
with import ../attrsets.nix;
with (import ./inspect.nix).predicates;
{ lib }:
with lib.lists;
with lib.types;
with lib.attrsets;
with (import ./inspect.nix { inherit lib; }).predicates;
let
lib = import ../default.nix;
setTypesAssert = type: pred:
mapAttrs (name: value:
assert pred value;
@ -40,7 +39,7 @@ rec {
armv6l = { bits = 32; significantByte = littleEndian; family = "arm"; };
armv7a = { bits = 32; significantByte = littleEndian; family = "arm"; };
armv7l = { bits = 32; significantByte = littleEndian; family = "arm"; };
aarch64 = { bits = 64; significantByte = littleEndian; family = "arm"; };
aarch64 = { bits = 64; significantByte = littleEndian; family = "aarch64"; };
i686 = { bits = 32; significantByte = littleEndian; family = "x86"; };
x86_64 = { bits = 64; significantByte = littleEndian; family = "x86"; };
mips64el = { bits = 32; significantByte = littleEndian; family = "mips"; };

View File

@ -1,7 +1,7 @@
{ lib }:
rec {
pcBase = {
name = "pc";
uboot = null;
kernelHeadersBaseConfig = "defconfig";
kernelBaseConfig = "defconfig";
# Build whatever possible as a module, if not stated in the extra config.
@ -49,9 +49,6 @@ rec {
kernelTarget = "uImage";
# TODO reenable once manual-config's config actually builds a .dtb and this is checked to be working
#kernelDTB = true;
# XXX can be anything non-null, pkgs actually only cares if it is set or not
uboot = "pogoplug4";
};
sheevaplug = {
@ -161,9 +158,6 @@ rec {
'';
kernelMakeFlags = [ "LOADADDR=0x0200000" ];
kernelTarget = "uImage";
uboot = "sheevaplug";
# Only for uboot = uboot :
ubootConfig = "sheevaplug_config";
kernelDTB = true; # Beyond 3.10
gcc = {
arch = "armv5te";
@ -250,7 +244,6 @@ rec {
LATENCYTOP y
'';
kernelTarget = "zImage";
uboot = null;
gcc = {
arch = "armv6";
fpu = "vfp";
@ -341,7 +334,6 @@ rec {
XEN? n
'';
kernelTarget = "zImage";
uboot = null;
};
scaleway-c1 = armv7l-hf-multiplatform // {
@ -373,7 +365,6 @@ rec {
kernelMakeFlags = [ "LOADADDR=0x10800000" ];
kernelTarget = "uImage";
kernelDTB = true;
uboot = true; #XXX: any non-null value here is needed so that mkimage is present to build kernelTarget uImage
gcc = {
cpu = "cortex-a9";
fpu = "neon";
@ -463,7 +454,6 @@ rec {
FTRACE n
'';
kernelTarget = "vmlinux";
uboot = null;
gcc = {
arch = "loongson2f";
abi = "n32";
@ -472,11 +462,10 @@ rec {
beaglebone = armv7l-hf-multiplatform // {
name = "beaglebone";
kernelBaseConfig = "omap2plus_defconfig";
kernelBaseConfig = "bb.org_defconfig";
kernelAutoModules = false;
kernelExtraConfig = ""; # TBD kernel config
kernelTarget = "zImage";
uboot = null;
};
armv7l-hf-multiplatform = {
@ -488,7 +477,6 @@ rec {
kernelDTB = true;
kernelAutoModules = true;
kernelPreferBuiltin = true;
uboot = null;
kernelTarget = "zImage";
kernelExtraConfig = ''
# Fix broken sunxi-sid nvmem driver.
@ -544,11 +532,13 @@ rec {
# Cavium ThunderX stuff.
PCI_HOST_THUNDER_ECAM y
# Nvidia Tegra stuff.
PCI_TEGRA y
# The default (=y) forces us to have the XHCI firmware available in initrd,
# which our initrd builder can't currently do easily.
USB_XHCI_TEGRA m
'';
uboot = null;
kernelTarget = "Image";
gcc = {
arch = "armv8-a";

View File

@ -61,6 +61,16 @@ checkConfigError() {
checkConfigOutput "false" config.enable ./declare-enable.nix
checkConfigError 'The option .* defined in .* does not exist.' config.enable ./define-enable.nix
# Check integer types.
# unsigned
checkConfigOutput "42" config.value ./declare-int-unsigned-value.nix ./define-value-int-positive.nix
checkConfigError 'The option value .* in .* is not of type.*unsigned integer.*' config.value ./declare-int-unsigned-value.nix ./define-value-int-negative.nix
# positive
checkConfigError 'The option value .* in .* is not of type.*positive integer.*' config.value ./declare-int-positive-value.nix ./define-value-int-zero.nix
# between
checkConfigOutput "42" config.value ./declare-int-between-value.nix ./define-value-int-positive.nix
checkConfigError 'The option value .* in .* is not of type.*between.*-21 and 43.*inclusive.*' config.value ./declare-int-between-value.nix ./define-value-int-negative.nix
# Check mkForce without submodules.
set -- config.enable ./declare-enable.nix ./define-enable.nix
checkConfigOutput "true" "$@"
@ -126,7 +136,7 @@ checkConfigOutput "true" "$@" ./define-module-check.nix
# Check coerced value.
checkConfigOutput "\"42\"" config.value ./declare-coerced-value.nix
checkConfigOutput "\"24\"" config.value ./declare-coerced-value.nix ./define-value-string.nix
checkConfigError 'The option value .* in .* is not a string or integer.' config.value ./declare-coerced-value.nix ./define-value-list.nix
checkConfigError 'The option value .* in .* is not.*string or signed integer.*' config.value ./declare-coerced-value.nix ./define-value-list.nix
cat <<EOF
====== module tests ======

View File

@ -0,0 +1,9 @@
{ lib, ... }:
{
options = {
value = lib.mkOption {
type = lib.types.ints.between (-21) 43;
};
};
}

View File

@ -0,0 +1,9 @@
{ lib, ... }:
{
options = {
value = lib.mkOption {
type = lib.types.ints.positive;
};
};
}

View File

@ -0,0 +1,9 @@
{ lib, ... }:
{
options = {
value = lib.mkOption {
type = lib.types.ints.unsigned;
};
};
}

View File

@ -0,0 +1,3 @@
{
value = -23;
}

View File

@ -0,0 +1,3 @@
{
value = 42;
}

View File

@ -0,0 +1,3 @@
{
value = 0;
}

View File

@ -1,3 +1,4 @@
{ lib }:
rec {
/* The identity function
@ -55,7 +56,7 @@ rec {
isInt add sub lessThan
seq deepSeq genericClosure;
inherit (import ./strings.nix) fileContents;
inherit (lib.strings) fileContents;
# Return the Nixpkgs version number.
nixpkgsVersion =
@ -70,6 +71,16 @@ rec {
min = x: y: if x < y then x else y;
max = x: y: if x > y then x else y;
/* Integer modulus
Example:
mod 11 10
=> 1
mod 1 10
=> 1
*/
mod = base: int: base - (int * (builtins.div base int));
/* Reads a JSON file. */
importJSON = path:
builtins.fromJSON (builtins.readFile path);

View File

@ -1,15 +1,16 @@
# Definitions related to run-time type checking. Used in particular
# to type-check NixOS configurations.
{ lib }:
with lib.lists;
with lib.attrsets;
with lib.options;
with lib.trivial;
with lib.strings;
let
with import ./lists.nix;
with import ./attrsets.nix;
with import ./options.nix;
with import ./trivial.nix;
with import ./strings.nix;
let inherit (import ./modules.nix) mergeDefinitions filterOverrides; in
inherit (lib.modules) mergeDefinitions filterOverrides;
outer_types =
rec {
isType = type: x: (x._type or "") == type;
setType = typeName: value: value // {
@ -95,7 +96,6 @@ rec {
# When adding new types don't forget to document them in
# nixos/doc/manual/development/option-types.xml!
types = rec {
unspecified = mkOptionType {
name = "unspecified";
};
@ -108,11 +108,64 @@ rec {
};
int = mkOptionType rec {
name = "int";
description = "integer";
check = isInt;
merge = mergeOneOption;
};
name = "int";
description = "signed integer";
check = isInt;
merge = mergeOneOption;
};
# Specialized subdomains of int
ints =
let
betweenDesc = lowest: highest:
"${toString lowest} and ${toString highest} (both inclusive)";
between = lowest: highest: assert lowest <= highest;
addCheck int (x: x >= lowest && x <= highest) // {
name = "intBetween";
description = "integer between ${betweenDesc lowest highest}";
};
ign = lowest: highest: name: docStart:
between lowest highest // {
inherit name;
description = docStart + "; between ${betweenDesc lowest highest}";
};
unsign = bit: range: ign 0 (range - 1)
"unsignedInt${toString bit}" "${toString bit} bit unsigned integer";
sign = bit: range: ign (0 - (range / 2)) (range / 2 - 1)
"signedInt${toString bit}" "${toString bit} bit signed integer";
in rec {
/* An int with a fixed range.
*
* Example:
* (ints.between 0 100).check (-1)
* => false
* (ints.between 0 100).check (101)
* => false
* (ints.between 0 0).check 0
* => true
*/
inherit between;
unsigned = addCheck types.int (x: x >= 0) // {
name = "unsignedInt";
description = "unsigned integer, meaning >=0";
};
positive = addCheck types.int (x: x > 0) // {
name = "positiveInt";
description = "positive integer, meaning >0";
};
u8 = unsign 8 256;
u16 = unsign 16 65536;
# the biggest int a 64-bit Nix accepts is 2^63 - 1 (9223372036854775808), for a 32-bit Nix it is 2^31 - 1 (2147483647)
# the smallest int a 64-bit Nix accepts is -2^63 (-9223372036854775807), for a 32-bit Nix it is -2^31 (-2147483648)
# u32 = unsign 32 4294967296;
# u64 = unsign 64 18446744073709551616;
s8 = sign 8 256;
s16 = sign 16 65536;
# s32 = sign 32 4294967296;
};
str = mkOptionType {
name = "str";
@ -172,7 +225,7 @@ rec {
};
# drop this in the future:
list = builtins.trace "`types.list' is deprecated; use `types.listOf' instead" types.listOf;
list = builtins.trace "`types.list` is deprecated; use `types.listOf` instead" types.listOf;
listOf = elemType: mkOptionType rec {
name = "listOf";
@ -189,7 +242,7 @@ rec {
).optionalValue
) def.value
else
throw "The option value `${showOption loc}' in `${def.file}' is not a list.") defs)));
throw "The option value `${showOption loc}` in `${def.file}` is not a list.") defs)));
getSubOptions = prefix: elemType.getSubOptions (prefix ++ ["*"]);
getSubModules = elemType.getSubModules;
substSubModules = m: listOf (elemType.substSubModules m);
@ -240,25 +293,6 @@ rec {
functor = (defaultFunctor name) // { wrapped = elemType; };
};
# List or element of ...
loeOf = elemType: mkOptionType rec {
name = "loeOf";
description = "element or list of ${elemType.description}s";
check = x: isList x || elemType.check x;
merge = loc: defs:
let
defs' = filterOverrides defs;
res = (head defs').value;
in
if isList res then concatLists (getValues defs')
else if lessThan 1 (length defs') then
throw "The option `${showOption loc}' is defined multiple times, in ${showFiles (getFiles defs)}."
else if !isString res then
throw "The option `${showOption loc}' does not have a string value, in ${showFiles (getFiles defs)}."
else res;
functor = (defaultFunctor name) // { wrapped = elemType; };
};
# Value of given type but with no merging (i.e. `uniq list`s are not concatenated).
uniq = elemType: mkOptionType rec {
name = "uniq";
@ -279,7 +313,7 @@ rec {
let nrNulls = count (def: def.value == null) defs; in
if nrNulls == length defs then null
else if nrNulls != 0 then
throw "The option `${showOption loc}' is defined both null and not null, in ${showFiles (getFiles defs)}."
throw "The option `${showOption loc}` is defined both null and not null, in ${showFiles (getFiles defs)}."
else elemType.merge loc defs;
getSubOptions = elemType.getSubOptions;
getSubModules = elemType.getSubModules;
@ -291,7 +325,7 @@ rec {
submodule = opts:
let
opts' = toList opts;
inherit (import ./modules.nix) evalModules;
inherit (lib.modules) evalModules;
in
mkOptionType rec {
name = "submodule";
@ -307,8 +341,17 @@ rec {
}).config;
getSubOptions = prefix: (evalModules
{ modules = opts'; inherit prefix;
# FIXME: hack to get shit to evaluate.
args = { name = ""; }; }).options;
# This is a work-around due to the fact that some sub-modules,
# such as the one included in an attribute set, expects a "args"
# attribute to be given to the sub-module. As the option
# evaluation does not have any specific attribute name, we
# provide a default one for the documentation.
#
# This is mandatory as some option declaration might use the
# "name" attribute given as argument of the submodule and use it
# as the default of option declarations.
args.name = "&lt;name&gt;";
}).options;
getSubModules = opts';
substSubModules = m: submodule m;
functor = (defaultFunctor name) // {
@ -395,5 +438,6 @@ rec {
addCheck = elemType: check: elemType // { check = x: elemType.check x && check x; };
};
};
}
in outer_types // outer_types.types

View File

@ -6,20 +6,18 @@ GNOME_FTP=ftp.gnome.org/pub/GNOME/sources
# projects that don't follow the GNOME major versioning, or that we don't want to
# programmatically update
NO_GNOME_MAJOR="ghex gtkhtml gdm"
NO_GNOME_MAJOR="ghex gtkhtml gdm gucharmap"
usage() {
echo "Usage: $0 gnome_dir <show project>|<update project>|<update-all> [major.minor]" >&2
echo "gnome_dir is for example pkgs/desktops/gnome-3/3.18" >&2
echo "Usage: $0 <show project>|<update project>|<update-all> [major.minor]" >&2
exit 0
}
if [ "$#" -lt 2 ]; then
if [ "$#" -lt 1 ]; then
usage
fi
GNOME_TOP=$1
shift
GNOME_TOP=pkgs/desktops/gnome-3
action=$1

View File

@ -13,10 +13,8 @@ from pyquery import PyQuery as pq
maintainers_json = subprocess.check_output([
'nix-instantiate',
'lib/maintainers.nix',
'--eval',
'--json'])
'nix-instantiate', '-E', 'import ./lib/maintainers.nix {}', '--eval', '--json'
])
maintainers = json.loads(maintainers_json)
MAINTAINERS = {v: k for k, v in maintainers.iteritems()}
@ -31,25 +29,28 @@ EVAL_FILE = {
def get_maintainers(attr_name):
nixname = attr_name.split('.')
meta_json = subprocess.check_output([
'nix-instantiate',
'--eval',
'--strict',
'-A',
'.'.join(nixname[1:]) + '.meta',
EVAL_FILE[nixname[0]],
'--json'])
meta = json.loads(meta_json)
if meta.get('maintainers'):
return [MAINTAINERS[name] for name in meta['maintainers'] if MAINTAINERS.get(name)]
try:
nixname = attr_name.split('.')
meta_json = subprocess.check_output([
'nix-instantiate',
'--eval',
'--strict',
'-A',
'.'.join(nixname[1:]) + '.meta',
EVAL_FILE[nixname[0]],
'--json'])
meta = json.loads(meta_json)
if meta.get('maintainers'):
return [MAINTAINERS[name] for name in meta['maintainers'] if MAINTAINERS.get(name)]
except:
return []
@click.command()
@click.option(
'--jobset',
default="nixos/release-17.03",
help='Hydra project like nixos/release-17.03')
default="nixos/release-17.09",
help='Hydra project like nixos/release-17.09')
def cli(jobset):
"""
Given a Hydra project, inspect latest evaluation

View File

@ -18,6 +18,7 @@ import os
import re
import requests
import toolz
from concurrent.futures import ThreadPoolExecutor as pool
INDEX = "https://pypi.io/pypi"
"""url of PyPI"""
@ -235,7 +236,8 @@ def main():
packages = map(os.path.abspath, args.package)
count = list(map(_update, packages))
with pool() as p:
count = list(p.map(_update, packages))
logging.info("{} package(s) updated".format(sum(count)))

View File

@ -16,7 +16,7 @@ containers.database =
{ config =
{ config, pkgs, ... }:
{ services.postgresql.enable = true;
services.postgresql.package = pkgs.postgresql92;
services.postgresql.package = pkgs.postgresql96;
};
};
</programlisting>

View File

@ -113,7 +113,8 @@ manual</link> for the rest.</para>
</row>
<row>
<entry><literal>assert 1 + 1 == 2; "yes!"</literal></entry>
<entry>Assertion check (evaluates to <literal>"yes!"</literal>)</entry>
<entry>Assertion check (evaluates to <literal>"yes!"</literal>). See <xref
linkend="sec-assertions"/> for using assertions in modules</entry>
</row>
<row>
<entry><literal>let x = "foo"; y = "bar"; in x + y</literal></entry>

View File

@ -0,0 +1,80 @@
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-assertions">
<title>Warnings and Assertions</title>
<para>
When configuration problems are detectable in a module, it is a good
idea to write an assertion or warning. Doing so provides clear
feedback to the user and prevents errors after the build.
</para>
<para>
Although Nix has the <literal>abort</literal> and
<literal>builtins.trace</literal> <link xlink:href="https://nixos.org/nix/manual/#ssec-builtins">functions</link> to perform such tasks,
they are not ideally suited for NixOS modules. Instead of these
functions, you can declare your warnings and assertions using the
NixOS module system.
</para>
<section>
<title>Warnings</title>
<para>
This is an example of using <literal>warnings</literal>.
</para>
<programlisting>
<![CDATA[
{ config, lib, ... }:
{
config = lib.mkIf config.services.foo.enable {
warnings =
if config.services.foo.bar
then [ ''You have enabled the bar feature of the foo service.
This is known to cause some specific problems in certain situations.
'' ]
else [];
}
}
]]>
</programlisting>
</section>
<section>
<title>Assertions</title>
<para>
This example, extracted from the
<link xlink:href="https://github.com/NixOS/nixpkgs/blob/release-17.09/nixos/modules/services/logging/syslogd.nix">
<literal>syslogd</literal> module
</link> shows how to use <literal>assertions</literal>. Since there
can only be one active syslog daemon at a time, an assertion is useful to
prevent such a broken system from being built.
</para>
<programlisting>
<![CDATA[
{ config, lib, ... }:
{
config = lib.mkIf config.services.syslogd.enable {
assertions =
[ { assertion = !config.services.rsyslogd.enable;
message = "rsyslogd conflicts with syslogd";
}
];
}
}
]]>
</programlisting>
</section>
</section>

View File

@ -137,8 +137,8 @@ services.xserver.displayManager.enable = mkOption {
};</screen></example>
<example xml:id='ex-option-declaration-eot-backend-sddm'><title>Extending
<literal>services.foo.backend</literal> in the <literal>sddm</literal>
module</title>
<literal>services.xserver.displayManager.enable</literal> in the
<literal>sddm</literal> module</title>
<screen>
services.xserver.displayManager.enable = mkOption {
type = with types; nullOr (enum [ "sddm" ]);

View File

@ -22,10 +22,6 @@
<listitem><para>A boolean, its values can be <literal>true</literal> or
<literal>false</literal>.</para></listitem>
</varlistentry>
<varlistentry>
<term><varname>types.int</varname></term>
<listitem><para>An integer.</para></listitem>
</varlistentry>
<varlistentry>
<term><varname>types.path</varname></term>
<listitem><para>A filesystem path, defined as anything that when coerced to
@ -39,7 +35,59 @@
</varlistentry>
</variablelist>
<para>String related types:</para>
<para>Integer-related types:</para>
<variablelist>
<varlistentry>
<term><varname>types.int</varname></term>
<listitem><para>A signed integer.</para></listitem>
</varlistentry>
<varlistentry>
<term>
<varname>types.ints.{s8, s16, s32}</varname>
</term>
<listitem>
<para>Signed integers with a fixed length (8, 16 or 32 bits).
They go from
<inlineequation><mathphrase>2<superscript>n</superscript>/2</mathphrase>
</inlineequation> to <inlineequation>
<mathphrase>2<superscript>n</superscript>/21</mathphrase>
</inlineequation>
respectively (e.g. <literal>128</literal> to <literal>127</literal>
for 8 bits).
</para></listitem>
</varlistentry>
<varlistentry>
<term>
<varname>types.ints.unsigned</varname>
</term>
<listitem><para>An unsigned integer (that is >= 0).
</para></listitem>
</varlistentry>
<varlistentry>
<term>
<varname>types.ints.{u8, u16, u32}</varname>
</term>
<listitem>
<para>Unsigned integers with a fixed length (8, 16 or 32 bits).
They go from
<inlineequation><mathphrase>0</mathphrase></inlineequation> to <inlineequation>
<mathphrase>2<superscript>n</superscript>1</mathphrase>
</inlineequation>
respectively (e.g. <literal>0</literal> to <literal>255</literal>
for 8 bits).
</para></listitem>
</varlistentry>
<varlistentry>
<term>
<varname>types.ints.positive</varname>
</term>
<listitem><para>A positive integer (that is > 0).
</para></listitem>
</varlistentry>
</variablelist>
<para>String-related types:</para>
<variablelist>
<varlistentry>
@ -68,7 +116,7 @@
<section><title>Value Types</title>
<para>Value types are type that take a value parameter.</para>
<para>Value types are types that take a value parameter.</para>
<variablelist>
<varlistentry>
@ -84,6 +132,17 @@
<replaceable>sep</replaceable>, e.g. <literal>types.separatedString
"|"</literal>.</para></listitem>
</varlistentry>
<varlistentry>
<term>
<varname>types.ints.between</varname>
<replaceable>lowest</replaceable>
<replaceable>highest</replaceable>
</term>
<listitem><para>An integer between <replaceable>lowest</replaceable>
and <replaceable>highest</replaceable> (both inclusive).
Useful for creating types like <literal>types.port</literal>.
</para></listitem>
</varlistentry>
<varlistentry>
<term><varname>types.submodule</varname> <replaceable>o</replaceable></term>
<listitem><para>A set of sub options <replaceable>o</replaceable>.
@ -157,27 +216,26 @@
<section xml:id='section-option-types-submodule'><title>Submodule</title>
<para>Submodule is a very powerful type that defines a set of sub-options that
are handled like a separate module.
It is especially interesting when used with composed types like
<literal>attrsOf</literal> or <literal>listOf</literal>.</para>
<para><literal>submodule</literal> is a very powerful type that defines a set
of sub-options that are handled like a separate module.</para>
<para>The submodule type take a parameter <replaceable>o</replaceable>, that
should be a set, or a function returning a set with an
<literal>options</literal> key defining the sub-options.
The option set can be defined directly (<xref linkend='ex-submodule-direct'
/>) or as reference (<xref linkend='ex-submodule-reference' />).</para>
<para>It takes a parameter <replaceable>o</replaceable>, that should be a set,
or a function returning a set with an <literal>options</literal> key
defining the sub-options.
Submodule option definitions are type-checked accordingly to the
<literal>options</literal> declarations.
Of course, you can nest submodule option definitons for even higher
modularity.</para>
<para>Submodule option definitions are type-checked accordingly to the options
declarations. It is possible to declare submodule options inside a submodule
sub-options for even higher modularity.</para>
<para>The option set can be defined directly
(<xref linkend='ex-submodule-direct' />) or as reference
(<xref linkend='ex-submodule-reference' />).</para>
<example xml:id='ex-submodule-direct'><title>Directly defined submodule</title>
<screen>
options.mod = mkOption {
name = "mod";
description = "submodule example";
type = with types; listOf (submodule {
type = with types; submodule {
options = {
foo = mkOption {
type = int;
@ -186,7 +244,7 @@ options.mod = mkOption {
type = str;
};
};
});
};
};</screen></example>
<example xml:id='ex-submodule-reference'><title>Submodule defined as a
@ -206,16 +264,20 @@ let
in
options.mod = mkOption {
description = "submodule example";
type = with types; listOf (submodule modOptions);
type = with types; submodule modOptions;
};</screen></example>
<section><title>Composed with <literal>listOf</literal></title>
<para>The <literal>submodule</literal> type is especially interesting when
used with composed types like <literal>attrsOf</literal> or
<literal>listOf</literal>.
When composed with <literal>listOf</literal>
(<xref linkend='ex-submodule-listof-declaration' />),
<literal>submodule</literal> allows multiple definitions of the submodule
option set (<xref linkend='ex-submodule-listof-definition' />).</para>
<para>When composed with <literal>listOf</literal>, submodule allows multiple
definitions of the submodule option set.</para>
<example xml:id='ex-submodule-listof-declaration'><title>Declaration of a list
of submodules</title>
nof submodules</title>
<screen>
options.mod = mkOption {
description = "submodule example";
@ -239,13 +301,11 @@ config.mod = [
{ foo = 2; bar = "two"; }
];</screen></example>
</section>
<section><title>Composed with <literal>attrsOf</literal></title>
<para>When composed with <literal>attrsOf</literal>, submodule allows multiple
named definitions of the submodule option set.</para>
<para>When composed with <literal>attrsOf</literal>
(<xref linkend='ex-submodule-attrsof-declaration' />),
<literal>submodule</literal> allows multiple named definitions of the
submodule option set (<xref linkend='ex-submodule-attrsof-definition' />).
</para>
<example xml:id='ex-submodule-attrsof-declaration'><title>Declaration of
attribute sets of submodules</title>
@ -270,7 +330,6 @@ options.mod = mkOption {
config.mod.one = { foo = 1; bar = "one"; };
config.mod.two = { foo = 2; bar = "two"; };</screen></example>
</section>
</section>
<section><title>Extending types</title>

View File

@ -10,7 +10,7 @@
<title>Release process</title>
<para>
Going through an example of releasing NixOS 15.09:
Going through an example of releasing NixOS 17.09:
</para>
<section xml:id="one-month-before-the-beta">
@ -18,13 +18,13 @@
<itemizedlist spacing="compact">
<listitem>
<para>
Send an email to nix-dev mailinglist as a warning about upcoming beta "feature freeze" in a month.
Send an email to the nix-devel mailinglist as a warning about upcoming beta "feature freeze" in a month.
</para>
</listitem>
<listitem>
<para>
Discuss with Eelco Dolstra and the community (via IRC, ML) about what will reach the deadline.
Any issue or Pull Request targeting the release should have assigned milestone.
Any issue or Pull Request targeting the release should be included in the release milestone.
</para>
</listitem>
</itemizedlist>
@ -32,64 +32,6 @@
<section xml:id="at-beta-release-time">
<title>At beta release time</title>
<itemizedlist spacing="compact">
<listitem>
<para>
Rename <literal>rl-unstable.xml</literal> -&gt;
<literal>rl-1509.xml</literal>.
</para>
</listitem>
<listitem>
<para>
<literal>git tag -a -m &quot;Release 15.09-beta&quot; 15.09-beta &amp;&amp; git push --tags</literal>
</para>
</listitem>
<listitem>
<para>
From the master branch run <literal>git checkout -B release-15.09</literal>.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://github.com/NixOS/nixos-org-configurations/pull/18">
Make sure channel is created at http://nixos.org/channels/.
</link>
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://github.com/NixOS/nixpkgs/settings/branches">
Lock the branch on github (so developers cant force push)
</link>
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://github.com/NixOS/nixpkgs/compare/bdf161ed8d21...6b63c4616790">bump
<literal>system.defaultChannel</literal> attribute in
<literal>nixos/modules/misc/version.nix</literal></link>
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://github.com/NixOS/nixpkgs/commit/d6b08acd1ccac0d9d502c4b635e00b04d3387f06">update
<literal>versionSuffix</literal> in
<literal>nixos/release.nix</literal></link>, use
<literal>git log --format=%an|wc -l</literal> to get commit
count
</para>
</listitem>
<listitem>
<para>
<literal>echo -n &quot;16.03&quot; &gt; .version</literal> in
master.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://github.com/NixOS/nixpkgs/commit/b8a4095003e27659092892a4708bb3698231a842">pick
a new name for unstable branch.</link>
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://github.com/NixOS/nixpkgs/issues/13559">Create
@ -99,26 +41,81 @@
</listitem>
<listitem>
<para>
Use https://lwn.net/Vulnerabilities/ and
<link xlink:href="https://github.com/NixOS/nixpkgs/search?utf8=%E2%9C%93&amp;q=vulnerabilities&amp;type=Issues">triage vulnerabilities in an issue</link>.
<literal>git tag -a -s -m &quot;Release 17.09-beta&quot; 17.09-beta &amp;&amp; git push --tags</literal>
</para>
</listitem>
<listitem>
<para>
Create two Hydra jobsets: release-15.09 and release-15.09-small with <literal>stableBranch</literal> set to false
From the master branch run <literal>git checkout -B release-17.09</literal>.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://github.com/NixOS/nixos-org-configurations/pull/18">
Make sure a channel is created at http://nixos.org/channels/.
</link>
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://github.com/NixOS/nixpkgs/settings/branches">
Let a GitHub nixpkgs admin lock the branch on github for you.
(so developers cant force push)
</link>
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://github.com/NixOS/nixpkgs/compare/bdf161ed8d21...6b63c4616790">
Bump the <literal>system.defaultChannel</literal> attribute in
<literal>nixos/modules/misc/version.nix</literal>
</link>
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://github.com/NixOS/nixpkgs/commit/d6b08acd1ccac0d9d502c4b635e00b04d3387f06">
Update <literal>versionSuffix</literal> in
<literal>nixos/release.nix</literal></link>, use
<literal>git log --format=%an|wc -l</literal> to get the commit
count
</para>
</listitem>
<listitem>
<para>
<literal>echo -n &quot;18.03&quot; &gt; .version</literal> on
master.
</para>
</listitem>
<listitem>
<para>
<link xlink:href="https://github.com/NixOS/nixpkgs/commit/b8a4095003e27659092892a4708bb3698231a842">
Pick a new name for the unstable branch.
</link>
</para>
</listitem>
<listitem>
<para>
Create a new release notes file for the upcoming release + 1, in this
case <literal>rl-1803.xml</literal>.
</para>
</listitem>
<listitem>
<para>
Create two Hydra jobsets: release-17.09 and release-17.09-small with <literal>stableBranch</literal> set to false.
</para>
</listitem>
<listitem>
<para>
Edit changelog at
<literal>nixos/doc/manual/release-notes/rl-1509.xml</literal>
<literal>nixos/doc/manual/release-notes/rl-1709.xml</literal>
(double check desktop versions are noted)
</para>
<itemizedlist spacing="compact">
<listitem>
<para>
Get all new NixOS modules
<literal>git diff release-14.12..release-15.09 nixos/modules/module-list.nix|grep ^+</literal>
<literal>git diff release-17.03..release-17.09 nixos/modules/module-list.nix|grep ^+</literal>
</para>
</listitem>
<listitem>
@ -130,9 +127,25 @@
</listitem>
</itemizedlist>
</section>
<section xml:id="during-beta">
<title>During Beta</title>
<itemizedlist spacing="compact">
<listitem>
<para>
Monitor the master branch for bugfixes and minor updates
and cherry-pick them to the release branch.
</para>
</listitem>
</itemizedlist>
</section>
<section xml:id="before-the-final-release">
<title>Before the final release</title>
<itemizedlist spacing="compact">
<listitem>
<para>
Re-check that the release notes are complete.
</para>
</listitem>
<listitem>
<para>
Release Nix (currently only Eelco Dolstra can do that).

View File

@ -178,6 +178,7 @@ in {
<xi:include href="option-declarations.xml" />
<xi:include href="option-types.xml" />
<xi:include href="option-def.xml" />
<xi:include href="assertions.xml" />
<xi:include href="meta-attributes.xml" />
<xi:include href="replace-modules.xml" />

View File

@ -31,7 +31,7 @@ ISO, copy its contents verbatim to your drive, then either:
<para>Edit <filename>loader/entries/nixos-livecd.conf</filename> on the drive
and change the <literal>root=</literal> field in the <literal>options</literal>
line to point to your drive (see the documentation on <literal>root=</literal>
in <link xlink:href="https://www.kernel.org/doc/Documentation/kernel-parameters.txt">
in <link xlink:href="https://www.kernel.org/doc/Documentation/admin-guide/kernel-parameters.txt">
the kernel documentation</link> for more details).</para>
</listitem>
<listitem>

View File

@ -16,7 +16,8 @@
hardware.</para></listitem>
<listitem><para>The NixOS manual is available on virtual console 8
(press Alt+F8 to access).</para></listitem>
(press Alt+F8 to access) or by running <command>nixos-help</command>.
</para></listitem>
<listitem><para>You get logged in as <literal>root</literal>
(with empty password).</para></listitem>
@ -139,6 +140,11 @@
the GRUB boot loader is to be installed. Without it, NixOS cannot
boot.</para>
<para>If there are other operating systems running on the machine before
installing NixOS, the
<option>boot.loader.grub.useOSProber</option> option can be set to
<literal>true</literal> to automatically add them to the grub menu.</para>
<para>Another critical option is <option>fileSystems</option>,
specifying the file systems that need to be mounted by NixOS.
However, you typically dont need to set it yourself, because

View File

@ -9,6 +9,7 @@
<para>This section lists the release notes for each stable version of NixOS
and current unstable revision.</para>
<xi:include href="rl-1803.xml" />
<xi:include href="rl-1709.xml" />
<xi:include href="rl-1703.xml" />
<xi:include href="rl-1609.xml" />

View File

@ -176,7 +176,7 @@ following incompatible changes:</para>
streamlined. Desktop users should be able to simply set
<programlisting>security.grsecurity.enable = true</programlisting> to get
a reasonably secure system without having to sacrifice too much
functionality. See <xref linkend="sec-grsecurity" /> for documentation
functionality.
</para></listitem>
<listitem><para>Special filesystems, like <literal>/proc</literal>,

View File

@ -6,10 +6,24 @@
<title>Release 17.09 (“Hummingbird”, 2017/09/??)</title>
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-release-17.09-highlights">
<title>Highlights</title>
<para>In addition to numerous new and upgraded packages, this release
has the following highlights: </para>
<itemizedlist>
<listitem>
<para>
The GNOME version is now 3.24. KDE Plasma was upgraded to 5.10,
KDE Applications to 17.08.1 and KDE Frameworks to 5.37.
</para>
</listitem>
<listitem>
<para>
The user handling now keeps track of deallocated UIDs/GIDs. When a user
@ -40,16 +54,130 @@ has the following highlights: </para>
even though <literal>HDMI-0</literal> is the first head in the list.
</para>
</listitem>
<listitem>
<para>
The handling of SSL in the <literal>services.nginx</literal> module has
been cleaned up, renaming the misnamed <literal>enableSSL</literal> to
<literal>onlySSL</literal> which reflects its original intention. This
is not to be used with the already existing <literal>forceSSL</literal>
which creates a second non-SSL virtual host redirecting to the SSL
virtual host. This by chance had worked earlier due to specific
implementation details. In case you had specified both please remove
the <literal>enableSSL</literal> option to keep the previous behaviour.
</para>
<para>
Another <literal>addSSL</literal> option has been introduced to configure
both a non-SSL virtual host and an SSL virtual host with the same
configuration.
</para>
<para>
Options to configure <literal>resolver</literal> options and
<literal>upstream</literal> blocks have been introduced. See their information
for further details.
</para>
<para>
The <literal>port</literal> option has been replaced by a more generic
<literal>listen</literal> option which makes it possible to specify
multiple addresses, ports and SSL configs dependant on the new SSL
handling mentioned above.
</para>
</listitem>
</itemizedlist>
</section>
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-release-17.09-new-services">
<title>New Services</title>
<para>The following new services were added since the last release:</para>
<itemizedlist>
<listitem>
<para></para>
</listitem>
<listitem><para><literal>config/fonts/fontconfig-penultimate.nix</literal></para></listitem>
<listitem><para><literal>config/fonts/fontconfig-ultimate.nix</literal></para></listitem>
<listitem><para><literal>config/terminfo.nix</literal></para></listitem>
<listitem><para><literal>hardware/sensor/iio.nix</literal></para></listitem>
<listitem><para><literal>hardware/nitrokey.nix</literal></para></listitem>
<listitem><para><literal>hardware/raid/hpsa.nix</literal></para></listitem>
<listitem><para><literal>programs/browserpass.nix</literal></para></listitem>
<listitem><para><literal>programs/gnupg.nix</literal></para></listitem>
<listitem><para><literal>programs/qt5ct.nix</literal></para></listitem>
<listitem><para><literal>programs/slock.nix</literal></para></listitem>
<listitem><para><literal>programs/thefuck.nix</literal></para></listitem>
<listitem><para><literal>security/auditd.nix</literal></para></listitem>
<listitem><para><literal>security/lock-kernel-modules.nix</literal></para></listitem>
<listitem><para><literal>service-managers/docker.nix</literal></para></listitem>
<listitem><para><literal>service-managers/trivial.nix</literal></para></listitem>
<listitem><para><literal>services/admin/salt/master.nix</literal></para></listitem>
<listitem><para><literal>services/admin/salt/minion.nix</literal></para></listitem>
<listitem><para><literal>services/audio/slimserver.nix</literal></para></listitem>
<listitem><para><literal>services/cluster/kubernetes/default.nix</literal></para></listitem>
<listitem><para><literal>services/cluster/kubernetes/dns.nix</literal></para></listitem>
<listitem><para><literal>services/cluster/kubernetes/dashboard.nix</literal></para></listitem>
<listitem><para><literal>services/continuous-integration/hail.nix</literal></para></listitem>
<listitem><para><literal>services/databases/clickhouse.nix</literal></para></listitem>
<listitem><para><literal>services/databases/postage.nix</literal></para></listitem>
<listitem><para><literal>services/desktops/gnome3/gnome-disks.nix</literal></para></listitem>
<listitem><para><literal>services/desktops/gnome3/gpaste.nix</literal></para></listitem>
<listitem><para><literal>services/logging/SystemdJournal2Gelf.nix</literal></para></listitem>
<listitem><para><literal>services/logging/heartbeat.nix</literal></para></listitem>
<listitem><para><literal>services/logging/journalwatch.nix</literal></para></listitem>
<listitem><para><literal>services/logging/syslogd.nix</literal></para></listitem>
<listitem><para><literal>services/mail/mailhog.nix</literal></para></listitem>
<listitem><para><literal>services/mail/nullmailer.nix</literal></para></listitem>
<listitem><para><literal>services/misc/airsonic.nix</literal></para></listitem>
<listitem><para><literal>services/misc/autorandr.nix</literal></para></listitem>
<listitem><para><literal>services/misc/exhibitor.nix</literal></para></listitem>
<listitem><para><literal>services/misc/fstrim.nix</literal></para></listitem>
<listitem><para><literal>services/misc/gollum.nix</literal></para></listitem>
<listitem><para><literal>services/misc/irkerd.nix</literal></para></listitem>
<listitem><para><literal>services/misc/jackett.nix</literal></para></listitem>
<listitem><para><literal>services/misc/radarr.nix</literal></para></listitem>
<listitem><para><literal>services/misc/snapper.nix</literal></para></listitem>
<listitem><para><literal>services/monitoring/osquery.nix</literal></para></listitem>
<listitem><para><literal>services/monitoring/prometheus/collectd-exporter.nix</literal></para></listitem>
<listitem><para><literal>services/monitoring/prometheus/fritzbox-exporter.nix</literal></para></listitem>
<listitem><para><literal>services/network-filesystems/kbfs.nix</literal></para></listitem>
<listitem><para><literal>services/networking/dnscache.nix</literal></para></listitem>
<listitem><para><literal>services/networking/fireqos.nix</literal></para></listitem>
<listitem><para><literal>services/networking/iwd.nix</literal></para></listitem>
<listitem><para><literal>services/networking/keepalived/default.nix</literal></para></listitem>
<listitem><para><literal>services/networking/keybase.nix</literal></para></listitem>
<listitem><para><literal>services/networking/lldpd.nix</literal></para></listitem>
<listitem><para><literal>services/networking/matterbridge.nix</literal></para></listitem>
<listitem><para><literal>services/networking/squid.nix</literal></para></listitem>
<listitem><para><literal>services/networking/tinydns.nix</literal></para></listitem>
<listitem><para><literal>services/networking/xrdp.nix</literal></para></listitem>
<listitem><para><literal>services/security/shibboleth-sp.nix</literal></para></listitem>
<listitem><para><literal>services/security/sks.nix</literal></para></listitem>
<listitem><para><literal>services/security/sshguard.nix</literal></para></listitem>
<listitem><para><literal>services/security/torify.nix</literal></para></listitem>
<listitem><para><literal>services/security/usbguard.nix</literal></para></listitem>
<listitem><para><literal>services/security/vault.nix</literal></para></listitem>
<listitem><para><literal>services/system/earlyoom.nix</literal></para></listitem>
<listitem><para><literal>services/system/saslauthd.nix</literal></para></listitem>
<listitem><para><literal>services/web-apps/nexus.nix</literal></para></listitem>
<listitem><para><literal>services/web-apps/pgpkeyserver-lite.nix</literal></para></listitem>
<listitem><para><literal>services/web-apps/piwik.nix</literal></para></listitem>
<listitem><para><literal>services/web-servers/lighttpd/collectd.nix</literal></para></listitem>
<listitem><para><literal>services/web-servers/minio.nix</literal></para></listitem>
<listitem><para><literal>services/x11/display-managers/xpra.nix</literal></para></listitem>
<listitem><para><literal>services/x11/xautolock.nix</literal></para></listitem>
<listitem><para><literal>tasks/filesystems/bcachefs.nix</literal></para></listitem>
<listitem><para><literal>tasks/powertop.nix</literal></para></listitem>
</itemizedlist>
</section>
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-release-17.09-incompatibilities">
<title>Backward Incompatibilities</title>
<para>When upgrading from a previous release, please be aware of the
following incompatible changes:</para>
@ -57,10 +185,97 @@ following incompatible changes:</para>
<itemizedlist>
<listitem>
<para>
<literal>aiccu</literal> package was removed. This is due to SixXS
<emphasis role="strong">
In an Qemu-based virtualization environment, the network interface
names changed from i.e. <literal>enp0s3</literal> to
<literal>ens3</literal>.
</emphasis>
</para>
<para>
This is due to a kernel configuration change. The new naming
is consistent with those of other Linux distributions with
systemd. See
<link xlink:href="https://github.com/NixOS/nixpkgs/issues/29197">#29197</link>
for more information.
</para>
<para>
A machine is affected if the <literal>virt-what</literal> tool
either returns <literal>qemu</literal> or
<literal>kvm</literal> <emphasis>and</emphasis> has
interface names used in any part of its NixOS configuration,
in particular if a static network configuration with
<literal>networking.interfaces</literal> is used.
</para>
<para>
Before rebooting affected machines, please ensure:
<itemizedlist>
<listitem>
<para>
Change the interface names in your NixOS configuration.
The first interface will be called <literal>ens3</literal>,
the second one <literal>ens8</literal> and starting from there
incremented by 1.
</para>
</listitem>
<listitem>
<para>
After changing the interface names, rebuild your system with
<literal>nixos-rebuild boot</literal> to activate the new
configuration after a reboot. If you switch to the new
configuration right away you might lose network connectivity!
If using <literal>nixops</literal>, deploy with
<literal>nixops deploy --force-reboot</literal>.
</para>
</listitem>
</itemizedlist>
</para>
</listitem>
<listitem>
<para>
The following changes apply if the <literal>stateVersion</literal> is changed to 17.09 or higher.
For <literal>stateVersion = "17.03"</literal> or lower the old behavior is preserved.
</para>
<itemizedlist>
<listitem>
<para>
The <literal>postgres</literal> default version was changed from 9.5 to 9.6.
</para>
</listitem>
<listitem>
<para>
The <literal>postgres</literal> superuser name has changed from <literal>root</literal> to <literal>postgres</literal> to more closely follow what other Linux distributions are doing.
</para>
</listitem>
<listitem>
<para>
The <literal>postgres</literal> default <literal>dataDir</literal> has changed from <literal>/var/db/postgres</literal> to <literal>/var/lib/postgresql/$psqlSchema</literal> where $psqlSchema is 9.6 for example.
</para>
</listitem>
<listitem>
<para>
The <literal>mysql</literal> default <literal>dataDir</literal> has changed from <literal>/var/mysql</literal> to <literal>/var/lib/mysql</literal>.
</para>
</listitem>
<listitem>
<para>
Radicale's default package has changed from 1.x to 2.x. Instructions to migrate can be found <link xlink:href="http://radicale.org/1to2/"> here </link>. It is also possible to use the newer version by setting the <literal>package</literal> to <literal>radicale2</literal>, which is done automatically when <literal>stateVersion</literal> is 17.09 or higher. The <literal>extraArgs</literal> option has been added to allow passing the data migration arguments specified in the instructions; see the <filename xlink:href="https://github.com/NixOS/nixpkgs/blob/master/nixos/tests/radicale.nix">radicale.nix</filename> NixOS test for an example migration.
</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>
The <literal>aiccu</literal> package was removed. This is due to SixXS
<link xlink:href="https://www.sixxs.net/main/"> sunsetting</link> its IPv6 tunnel.
</para>
</listitem>
<listitem>
<para>
The <literal>fanctl</literal> package and <literal>fan</literal> module
have been removed due to the developers not upstreaming their iproute2
patches and lagging with compatibility to recent iproute2 versions.
</para>
</listitem>
<listitem>
<para>
Top-level <literal>idea</literal> package collection was renamed.
@ -76,7 +291,7 @@ following incompatible changes:</para>
</listitem>
<listitem>
<para>
The ipfs package now doesn't ignore the <literal>dataDir</literal> option anymore. If you've ever set this option to anything other than the default you'll have to either unset it (so the default gets used) or migrate the old data manually with
The <literal>ipfs</literal> service now doesn't ignore the <literal>dataDir</literal> option anymore. If you've ever set this option to anything other than the default you'll have to either unset it (so the default gets used) or migrate the old data manually with
<programlisting>
dataDir=&lt;valueOfDataDir&gt;
mv /var/lib/ipfs/.ipfs/* $dataDir
@ -84,29 +299,11 @@ rmdir /var/lib/ipfs/.ipfs
</programlisting>
</para>
</listitem>
<listitem>
<para>
The following changes apply if the <literal>stateVersion</literal> is changed to 17.09 or higher.
For <literal>stateVersion = "17.03</literal> or lower the old behavior is preserved.
</para>
<para>
The <literal>postgres</literal> default version was changed from 9.5 to 9.6.
</para>
<para>
The <literal>postgres</literal> superuser name has changed from <literal>root</literal> to <literal>postgres</literal> to more closely follow what other Linux distributions are doing.
</para>
<para>
The <literal>postgres</literal> default <literal>dataDir</literal> has changed from <literal>/var/db/postgres</literal> to <literal>/var/lib/postgresql/$psqlSchema</literal> where $psqlSchema is 9.6 for example.
</para>
<para>
The <literal>mysql</literal> default <literal>dataDir</literal> has changed from <literal>/var/mysql</literal> to <literal>/var/lib/mysql</literal>.
</para>
</listitem>
<listitem>
<para>
The <literal>caddy</literal> service was previously using an extra
<literal>.caddy</literal> in the data directory specified with the
<literal>dataDir</literal> option. The contents of the
<literal>.caddy</literal> directory in the data directory specified
with the <literal>dataDir</literal> option. The contents of the
<literal>.caddy</literal> directory are now expected to be in the
<literal>dataDir</literal>.
</para>
@ -154,9 +351,145 @@ rmdir /var/lib/ipfs/.ipfs
variables as parameters.
</para>
</listitem>
<listitem>
<para>
<literal>services.firefox.syncserver</literal> now runs by default as a
non-root user. To accomodate this change, the default sqlite database
location has also been changed. Migration should work automatically.
Refer to the description of the options for more details.
</para>
</listitem>
<listitem>
<para>
The <literal>compiz</literal> window manager and package was
removed. The system support had been broken for several years.
</para>
</listitem>
<listitem>
<para>
Touchpad support should now be enabled through
<literal>libinput</literal> as <literal>synaptics</literal> is
now deprecated. See the option
<literal>services.xserver.libinput.enable</literal>.
</para>
</listitem>
<listitem>
<para>
grsecurity/PaX support has been dropped, following upstream's
decision to cease free support. See
<link xlink:href="https://grsecurity.net/passing_the_baton.php">
upstream's announcement</link> for more information.
No complete replacement for grsecurity/PaX is available presently.
</para>
</listitem>
<listitem>
<para>
<literal>services.mysql</literal> now has declarative
configuration of databases and users with the <literal>ensureDatabases</literal> and
<literal>ensureUsers</literal> options.
</para>
<para>
These options will never delete existing databases and users,
especially not when the value of the options are changed.
</para>
<para>
The MySQL users will be identified using
<link xlink:href="https://mariadb.com/kb/en/library/authentication-plugin-unix-socket/">
Unix socket authentication</link>. This authenticates the
Unix user with the same name only, and that without the need
for a password.
</para>
<para>
If you have previously created a MySQL <literal>root</literal>
user <emphasis>with a password</emphasis>, you will need to add
<literal>root</literal> user for unix socket authentication
before using the new options. This can be done by running the
following SQL script:
<programlisting language="sql">
CREATE USER 'root'@'%' IDENTIFIED BY '';
GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' WITH GRANT OPTION;
FLUSH PRIVILEGES;
-- Optionally, delete the password-authenticated user:
-- DROP USER 'root'@'localhost';
</programlisting>
</para>
</listitem>
<listitem>
<para>
<literal>services.mysqlBackup</literal> now works by default
without any user setup, including for users other than
<literal>mysql</literal>.
</para>
<para>
By default, the <literal>mysql</literal> user is no longer the
user which performs the backup. Instead a system account
<literal>mysqlbackup</literal> is used.
</para>
<para>
The <literal>mysqlBackup</literal> service is also now using
systemd timers instead of <literal>cron</literal>.
</para>
<para>
Therefore, the <literal>services.mysqlBackup.period</literal>
option no longer exists, and has been replaced with
<literal>services.mysqlBackup.calendar</literal>, which is in
the format of <link
xlink:href="https://www.freedesktop.org/software/systemd/man/systemd.time.html#Calendar%20Events">systemd.time(7)</link>.
</para>
<para>
If you expect to be sent an e-mail when the backup fails,
consider using a script which monitors the systemd journal for
errors. Regretfully, at present there is no built-in
functionality for this.
</para>
<para>
You can check that backups still work by running
<command>systemctl start mysql-backup</command> then
<command>systemctl status mysql-backup</command>.
</para>
</listitem>
<listitem>
<para>
Templated systemd services e.g <literal>container@name</literal> are
now handled currectly when switching to a new configuration, resulting
in them being reloaded.
</para>
</listitem>
<listitem>
<para>Steam: the <literal>newStdcpp</literal> parameter
was removed and should not be needed anymore.</para>
</listitem>
<listitem>
<para>
Redis has been updated to version 4 which mandates a cluster
mass-restart, due to changes in the network handling, in order
to ensure compatibility with networks NATing traffic.
</para>
</listitem>
</itemizedlist>
<para>Other notable improvements:</para>
</section>
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-release-17.09-notable-changes">
<title>Other Notable Changes</title>
<itemizedlist>
@ -201,13 +534,78 @@ rmdir /var/lib/ipfs/.ipfs
Nixpkgs overlays may now be specified with a file as well as a directory. The
value of <literal>&lt;nixpkgs-overlays></literal> may be a file, and
<filename>~/.config/nixpkgs/overlays.nix</filename> can be used instead of the
<filename>~/.config/nixpkgs/overalys</filename> directory.
<filename>~/.config/nixpkgs/overlays</filename> directory.
</para>
<para>
See the overlays chapter of the Nixpkgs manual for more details.
</para>
</listitem>
<listitem>
<para>
Definitions for <filename>/etc/hosts</filename> can now be specified
declaratively with <literal>networking.hosts</literal>.
</para>
</listitem>
<listitem>
<para>
Two new options have been added to the installer loader, in addition
to the default having changed. The kernel log verbosity has been lowered
to the upstream default for the default options, in order to not spam
the console when e.g. joining a network.
</para>
<para>
This therefore leads to adding a new <literal>debug</literal> option
to set the log level to the previous verbose mode, to make debugging
easier, but still accessible easily.
</para>
<para>
Additionally a <literal>copytoram</literal> option has been added,
which makes it possible to remove the install medium after booting.
This allows tethering from your phone after booting from it.
</para>
</listitem>
<listitem>
<para>
<literal>services.gitlab-runner.configOptions</literal> has been added
to specify the configuration of gitlab-runners declaratively.
</para>
</listitem>
<listitem>
<para>
<literal>services.jenkins.plugins</literal> has been added
to install plugins easily, this can be generated with jenkinsPlugins2nix.
</para>
</listitem>
<listitem>
<para>
<literal>services.postfix.config</literal> has been added
to specify the main.cf with NixOS options. Additionally other options
have been added to the postfix module and has been improved further.
</para>
</listitem>
<listitem>
<para>
The GitLab package and module have been updated to the latest 10.0
release.
</para>
</listitem>
<listitem>
<para>
The <literal>systemd-boot</literal> boot loader now lists the NixOS
version, kernel version and build date of all bootable generations.
</para>
</listitem>
<listitem>
<para>
The dnscrypt-proxy service now defaults to using a random upstream resolver,
selected from the list of public non-logging resolvers with DNSSEC support.
Existing configurations can be migrated to this mode of operation by
omitting the <option>services.dnscrypt-proxy.resolverName</option> option
or setting it to <literal>"random"</literal>.
</para>
</listitem>
</itemizedlist>
</section>
</section>

View File

@ -0,0 +1,96 @@
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-release-18.03">
<title>Release 18.03 (“Impala”, 2018/03/??)</title>
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-release-18.03-highlights">
<title>Highlights</title>
<para>In addition to numerous new and upgraded packages, this release
has the following highlights: </para>
<itemizedlist>
<listitem>
<para>
</para>
</listitem>
</itemizedlist>
</section>
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-release-18.03-new-services">
<title>New Services</title>
<para>The following new services were added since the last release:</para>
<itemizedlist>
<listitem>
<para></para>
</listitem>
</itemizedlist>
</section>
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-release-18.03-incompatibilities">
<title>Backward Incompatibilities</title>
<para>When upgrading from a previous release, please be aware of the
following incompatible changes:</para>
<itemizedlist>
<listitem>
<para>
Dollar signs in options under <option>services.postfix</option> are
passed verbatim to Postfix, which will interpret them as the beginning of
a parameter expression. This was already true for string-valued options
in the previous release, but not for list-valued options. If you need to
pass literal dollar signs through Postfix, double them.
</para>
</listitem>
<listitem>
<para>
The <literal>postage</literal> package (for web-based PostgreSQL
administration) has been renamed to <literal>pgmanage</literal>. The
corresponding module has also been renamed. To migrate please rename all
<option>services.postage</option> options to
<option>services.pgmanage</option>.
</para>
</listitem>
</itemizedlist>
</section>
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-release-18.03-notable-changes">
<title>Other Notable Changes</title>
<itemizedlist>
<listitem>
<para>
ZNC option <option>services.znc.mutable</option> now defaults to <literal>true</literal>.
That means that old configuration is not overwritten by default when update to the znc options are made.
</para>
</listitem>
</itemizedlist>
</section>
</section>

View File

@ -33,7 +33,8 @@
, name ? "nixos-disk-image"
, format ? "raw"
, # Disk image format, one of qcow2, vpc, raw.
format ? "raw"
}:
with lib;
@ -45,19 +46,7 @@ let
raw = "img";
};
# Copied from https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/installer/cd-dvd/channel.nix
# TODO: factor out more cleanly
# Do not include these things:
# - The '.git' directory
# - Result symlinks from nix-build ('result', 'result-2', 'result-bin', ...)
# - VIM/Emacs swap/backup files ('.swp', '.swo', '.foo.swp', 'foo~', ...)
filterFn = path: type: let basename = baseNameOf (toString path); in
if type == "directory" then basename != ".git"
else if type == "symlink" then builtins.match "^result(|-.*)$" basename == null
else builtins.match "^((|\..*)\.sw[a-z]|.*~)$" basename == null;
nixpkgs = builtins.filterSource filterFn pkgs.path;
nixpkgs = cleanSource pkgs.path;
channelSources = pkgs.runCommand "nixos-${config.system.nixosVersion}" {} ''
mkdir -p $out
@ -85,14 +74,14 @@ let
targets = map (x: x.target) contents;
prepareImage = ''
export PATH=${pkgs.lib.makeSearchPathOutput "bin" "bin" prepareImageInputs}
export PATH=${makeSearchPathOutput "bin" "bin" prepareImageInputs}
mkdir $out
diskImage=nixos.raw
truncate -s ${toString diskSize}M $diskImage
${if partitioned then ''
parted $diskImage -- mklabel msdos mkpart primary ext4 1M -1s
parted --script $diskImage -- mklabel msdos mkpart primary ext4 1M -1s
offset=$((2048*512))
'' else ''
offset=0

View File

@ -372,6 +372,17 @@ sub getUnitInfo {
return $info;
}
# Fail if the given systemd unit is not in the "active" state.
sub requireActiveUnit {
my ($self, $unit) = @_;
$self->nest("checking if unit $unit has reached state 'active'", sub {
my $info = $self->getUnitInfo($unit);
my $state = $info->{ActiveState};
if ($state ne "active") {
die "Expected unit $unit to to be in state 'active' but it is in state $state\n";
};
});
}
# Wait for a systemd unit to reach the "active" state.
sub waitForUnit {

View File

@ -149,6 +149,7 @@ rec {
{ key = "run-in-machine";
networking.hostName = "client";
nix.readOnlyStore = false;
virtualisation.writableStore = false;
}
];

View File

@ -77,7 +77,6 @@ let
excludedOptions = [
"boot.systemd.services"
"systemd.services"
"environment.gnome3.packageSet"
"kde.extraPackages"
];
excludeOptions = list:

View File

@ -9,6 +9,12 @@ in {
imports = [ ../../../modules/virtualisation/amazon-image.nix ];
options.amazonImage = {
name = mkOption {
type = types.str;
description = "The name of the generated derivation";
default = "nixos-disk-image";
};
contents = mkOption {
example = literalExample ''
[ { source = pkgs.memtest86 + "/memtest.bin";
@ -38,7 +44,7 @@ in {
config.system.build.amazonImage = import ../../../lib/make-disk-image.nix {
inherit lib config;
inherit (cfg) contents format;
inherit (cfg) contents format name;
pkgs = import ../../../.. { inherit (pkgs) system; }; # ensure we use the regular qemu-kvm package
partitioned = config.ec2.hvm;
diskSize = cfg.sizeMB;

View File

@ -17,7 +17,7 @@ mkdir -p $stateDir
rm -f ec2-amis.nix
types="hvm"
stores="ebs s3"
stores="ebs"
regions="eu-west-1 eu-west-2 eu-central-1 us-east-1 us-east-2 us-west-1 us-west-2 ca-central-1 ap-southeast-1 ap-southeast-2 ap-northeast-1 ap-northeast-2 sa-east-1 ap-south-1"
for type in $types; do

View File

@ -1,3 +1,5 @@
# nix-build '<nixpkgs/nixos>' -A config.system.build.novaImage --arg configuration "{ imports = [ ./nixos/maintainers/scripts/openstack/nova-image.nix ]; }"
{ config, lib, pkgs, ... }:
with lib;

View File

@ -30,14 +30,15 @@ with lib;
};
config = {
config = mkIf config.environment.enableDebugInfo {
# FIXME: currently disabled because /lib is already in
# environment.pathsToLink, and we can't have both.
#environment.pathsToLink = [ "/lib/debug/.build-id" ];
environment.extraOutputsToInstall =
optional config.environment.enableDebugInfo "debug";
environment.extraOutputsToInstall = [ "debug" ];
environment.variables.NIX_DEBUG_INFO_DIRS = [ "/run/current-system/sw/lib/debug" ];
};

View File

@ -53,7 +53,7 @@ in
};
substitutions = mkOption {
type = types.nullOr (types.enum ["free" "combi" "ms"]);
type = types.enum ["free" "combi" "ms" "none"];
default = "free";
description = ''
Font substitutions to replace common Type 1 fonts with nicer

View File

@ -43,7 +43,7 @@ with lib;
<literal>"all"</literal> means that all locales supported by
Glibc will be installed. A full list of supported locales
can be found at <link
xlink:href="http://sourceware.org/cgi-bin/cvsweb.cgi/libc/localedata/SUPPORTED?cvsroot=glibc"/>.
xlink:href="https://sourceware.org/git/?p=glibc.git;a=blob;f=localedata/SUPPORTED"/>.
'';
};

View File

@ -1,206 +0,0 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.krb5;
in
{
###### interface
options = {
krb5 = {
enable = mkOption {
default = false;
description = "Whether to enable Kerberos V.";
};
defaultRealm = mkOption {
default = "ATENA.MIT.EDU";
description = "Default realm.";
};
domainRealm = mkOption {
default = "atena.mit.edu";
description = "Default domain realm.";
};
kdc = mkOption {
default = "kerberos.mit.edu";
description = "Key Distribution Center";
};
kerberosAdminServer = mkOption {
default = "kerberos.mit.edu";
description = "Kerberos Admin Server.";
};
};
};
###### implementation
config = mkIf config.krb5.enable {
environment.systemPackages = [ pkgs.krb5Full ];
environment.etc."krb5.conf".text =
''
[libdefaults]
default_realm = ${cfg.defaultRealm}
encrypt = true
# The following krb5.conf variables are only for MIT Kerberos.
krb4_config = /etc/krb.conf
krb4_realms = /etc/krb.realms
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
# The following encryption type specification will be used by MIT Kerberos
# if uncommented. In general, the defaults in the MIT Kerberos code are
# correct and overriding these specifications only serves to disable new
# encryption types as they are added, creating interoperability problems.
# default_tgs_enctypes = aes256-cts arcfour-hmac-md5 des3-hmac-sha1 des-cbc-crc des-cbc-md5
# default_tkt_enctypes = aes256-cts arcfour-hmac-md5 des3-hmac-sha1 des-cbc-crc des-cbc-md5
# permitted_enctypes = aes256-cts arcfour-hmac-md5 des3-hmac-sha1 des-cbc-crc des-cbc-md5
# The following libdefaults parameters are only for Heimdal Kerberos.
v4_instance_resolve = false
v4_name_convert = {
host = {
rcmd = host
ftp = ftp
}
plain = {
something = something-else
}
}
fcc-mit-ticketflags = true
[realms]
${cfg.defaultRealm} = {
kdc = ${cfg.kdc}
admin_server = ${cfg.kerberosAdminServer}
#kpasswd_server = ${cfg.kerberosAdminServer}
}
ATHENA.MIT.EDU = {
kdc = kerberos.mit.edu:88
kdc = kerberos-1.mit.edu:88
kdc = kerberos-2.mit.edu:88
admin_server = kerberos.mit.edu
default_domain = mit.edu
}
MEDIA-LAB.MIT.EDU = {
kdc = kerberos.media.mit.edu
admin_server = kerberos.media.mit.edu
}
ZONE.MIT.EDU = {
kdc = casio.mit.edu
kdc = seiko.mit.edu
admin_server = casio.mit.edu
}
MOOF.MIT.EDU = {
kdc = three-headed-dogcow.mit.edu:88
kdc = three-headed-dogcow-1.mit.edu:88
admin_server = three-headed-dogcow.mit.edu
}
CSAIL.MIT.EDU = {
kdc = kerberos-1.csail.mit.edu
kdc = kerberos-2.csail.mit.edu
admin_server = kerberos.csail.mit.edu
default_domain = csail.mit.edu
krb524_server = krb524.csail.mit.edu
}
IHTFP.ORG = {
kdc = kerberos.ihtfp.org
admin_server = kerberos.ihtfp.org
}
GNU.ORG = {
kdc = kerberos.gnu.org
kdc = kerberos-2.gnu.org
kdc = kerberos-3.gnu.org
admin_server = kerberos.gnu.org
}
1TS.ORG = {
kdc = kerberos.1ts.org
admin_server = kerberos.1ts.org
}
GRATUITOUS.ORG = {
kdc = kerberos.gratuitous.org
admin_server = kerberos.gratuitous.org
}
DOOMCOM.ORG = {
kdc = kerberos.doomcom.org
admin_server = kerberos.doomcom.org
}
ANDREW.CMU.EDU = {
kdc = vice28.fs.andrew.cmu.edu
kdc = vice2.fs.andrew.cmu.edu
kdc = vice11.fs.andrew.cmu.edu
kdc = vice12.fs.andrew.cmu.edu
admin_server = vice28.fs.andrew.cmu.edu
default_domain = andrew.cmu.edu
}
CS.CMU.EDU = {
kdc = kerberos.cs.cmu.edu
kdc = kerberos-2.srv.cs.cmu.edu
admin_server = kerberos.cs.cmu.edu
}
DEMENTIA.ORG = {
kdc = kerberos.dementia.org
kdc = kerberos2.dementia.org
admin_server = kerberos.dementia.org
}
stanford.edu = {
kdc = krb5auth1.stanford.edu
kdc = krb5auth2.stanford.edu
kdc = krb5auth3.stanford.edu
admin_server = krb5-admin.stanford.edu
default_domain = stanford.edu
}
[domain_realm]
.${cfg.domainRealm} = ${cfg.defaultRealm}
${cfg.domainRealm} = ${cfg.defaultRealm}
.mit.edu = ATHENA.MIT.EDU
mit.edu = ATHENA.MIT.EDU
.exchange.mit.edu = EXCHANGE.MIT.EDU
exchange.mit.edu = EXCHANGE.MIT.EDU
.media.mit.edu = MEDIA-LAB.MIT.EDU
media.mit.edu = MEDIA-LAB.MIT.EDU
.csail.mit.edu = CSAIL.MIT.EDU
csail.mit.edu = CSAIL.MIT.EDU
.whoi.edu = ATHENA.MIT.EDU
whoi.edu = ATHENA.MIT.EDU
.stanford.edu = stanford.edu
[logging]
kdc = SYSLOG:INFO:DAEMON
admin_server = SYSLOG:INFO:DAEMON
default = SYSLOG:INFO:DAEMON
krb4_convert = true
krb4_get_tickets = false
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
max_timeout = 30
timeout_shift = 2
initial_timeout = 1
}
'';
};
}

View File

@ -0,0 +1,367 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.krb5;
# This is to provide support for old configuration options (as much as is
# reasonable). This can be removed after 18.03 was released.
defaultConfig = {
libdefaults = optionalAttrs (cfg.defaultRealm != null)
{ default_realm = cfg.defaultRealm; };
realms = optionalAttrs (lib.all (value: value != null) [
cfg.defaultRealm cfg.kdc cfg.kerberosAdminServer
]) {
"${cfg.defaultRealm}" = {
kdc = cfg.kdc;
admin_server = cfg.kerberosAdminServer;
};
};
domain_realm = optionalAttrs (lib.all (value: value != null) [
cfg.domainRealm cfg.defaultRealm
]) {
".${cfg.domainRealm}" = cfg.defaultRealm;
"${cfg.domainRealm}" = cfg.defaultRealm;
};
};
mergedConfig = (recursiveUpdate defaultConfig {
inherit (config.krb5)
kerberos libdefaults realms domain_realm capaths appdefaults plugins
extraConfig config;
});
filterEmbeddedMetadata = value: if isAttrs value then
(filterAttrs
(attrName: attrValue: attrName != "_module" && attrValue != null)
value)
else value;
mkIndent = depth: concatStrings (builtins.genList (_: " ") (2 * depth));
mkRelation = name: value: "${name} = ${mkVal { inherit value; }}";
mkVal = { value, depth ? 0 }:
if (value == true) then "true"
else if (value == false) then "false"
else if (isInt value) then (toString value)
else if (isList value) then
concatMapStringsSep " " mkVal { inherit value depth; }
else if (isAttrs value) then
(concatStringsSep "\n${mkIndent (depth + 1)}"
([ "{" ] ++ (mapAttrsToList
(attrName: attrValue: let
mappedAttrValue = mkVal {
value = attrValue;
depth = depth + 1;
};
in "${attrName} = ${mappedAttrValue}")
value))) + "\n${mkIndent depth}}"
else value;
mkMappedAttrsOrString = value: concatMapStringsSep "\n"
(line: if builtins.stringLength line > 0
then "${mkIndent 1}${line}"
else line)
(splitString "\n"
(if isAttrs value then
concatStringsSep "\n"
(mapAttrsToList mkRelation value)
else value));
in {
###### interface
options = {
krb5 = {
enable = mkEnableOption "Whether to enable Kerberos V.";
kerberos = mkOption {
type = types.package;
default = pkgs.krb5Full;
defaultText = "pkgs.krb5Full";
example = literalExample "pkgs.heimdalFull";
description = ''
The Kerberos implementation that will be present in
<literal>environment.systemPackages</literal> after enabling this
service.
'';
};
libdefaults = mkOption {
type = with types; either attrs lines;
default = {};
apply = attrs: filterEmbeddedMetadata attrs;
example = literalExample ''
{
default_realm = "ATHENA.MIT.EDU";
};
'';
description = ''
Settings used by the Kerberos V5 library.
'';
};
realms = mkOption {
type = with types; either attrs lines;
default = {};
example = literalExample ''
{
"ATHENA.MIT.EDU" = {
admin_server = "athena.mit.edu";
kdc = "athena.mit.edu";
};
};
'';
apply = attrs: filterEmbeddedMetadata attrs;
description = "Realm-specific contact information and settings.";
};
domain_realm = mkOption {
type = with types; either attrs lines;
default = {};
example = literalExample ''
{
"example.com" = "EXAMPLE.COM";
".example.com" = "EXAMPLE.COM";
};
'';
apply = attrs: filterEmbeddedMetadata attrs;
description = ''
Map of server hostnames to Kerberos realms.
'';
};
capaths = mkOption {
type = with types; either attrs lines;
default = {};
example = literalExample ''
{
"ATHENA.MIT.EDU" = {
"EXAMPLE.COM" = ".";
};
"EXAMPLE.COM" = {
"ATHENA.MIT.EDU" = ".";
};
};
'';
apply = attrs: filterEmbeddedMetadata attrs;
description = ''
Authentication paths for non-hierarchical cross-realm authentication.
'';
};
appdefaults = mkOption {
type = with types; either attrs lines;
default = {};
example = literalExample ''
{
pam = {
debug = false;
ticket_lifetime = 36000;
renew_lifetime = 36000;
max_timeout = 30;
timeout_shift = 2;
initial_timeout = 1;
};
};
'';
apply = attrs: filterEmbeddedMetadata attrs;
description = ''
Settings used by some Kerberos V5 applications.
'';
};
plugins = mkOption {
type = with types; either attrs lines;
default = {};
example = literalExample ''
{
ccselect = {
disable = "k5identity";
};
};
'';
apply = attrs: filterEmbeddedMetadata attrs;
description = ''
Controls plugin module registration.
'';
};
extraConfig = mkOption {
type = with types; nullOr lines;
default = null;
example = ''
[logging]
kdc = SYSLOG:NOTICE
admin_server = SYSLOG:NOTICE
default = SYSLOG:NOTICE
'';
description = ''
These lines go to the end of <literal>krb5.conf</literal> verbatim.
<literal>krb5.conf</literal> may include any of the relations that are
valid for <literal>kdc.conf</literal> (see <literal>man
kdc.conf</literal>), but it is not a recommended practice.
'';
};
config = mkOption {
type = with types; nullOr lines;
default = null;
example = ''
[libdefaults]
default_realm = EXAMPLE.COM
[realms]
EXAMPLE.COM = {
admin_server = kerberos.example.com
kdc = kerberos.example.com
default_principal_flags = +preauth
}
[domain_realm]
example.com = EXAMPLE.COM
.example.com = EXAMPLE.COM
[logging]
kdc = SYSLOG:NOTICE
admin_server = SYSLOG:NOTICE
default = SYSLOG:NOTICE
'';
description = ''
Verbatim <literal>krb5.conf</literal> configuration. Note that this
is mutually exclusive with configuration via
<literal>libdefaults</literal>, <literal>realms</literal>,
<literal>domain_realm</literal>, <literal>capaths</literal>,
<literal>appdefaults</literal>, <literal>plugins</literal> and
<literal>extraConfig</literal> configuration options. Consult
<literal>man krb5.conf</literal> for documentation.
'';
};
defaultRealm = mkOption {
type = with types; nullOr str;
default = null;
example = "ATHENA.MIT.EDU";
description = ''
DEPRECATED, please use
<literal>krb5.libdefaults.default_realm</literal>.
'';
};
domainRealm = mkOption {
type = with types; nullOr str;
default = null;
example = "athena.mit.edu";
description = ''
DEPRECATED, please create a map of server hostnames to Kerberos realms
in <literal>krb5.domain_realm</literal>.
'';
};
kdc = mkOption {
type = with types; nullOr str;
default = null;
example = "kerberos.mit.edu";
description = ''
DEPRECATED, please pass a <literal>kdc</literal> attribute to a realm
in <literal>krb5.realms</literal>.
'';
};
kerberosAdminServer = mkOption {
type = with types; nullOr str;
default = null;
example = "kerberos.mit.edu";
description = ''
DEPRECATED, please pass an <literal>admin_server</literal> attribute
to a realm in <literal>krb5.realms</literal>.
'';
};
};
};
###### implementation
config = mkIf cfg.enable {
environment.systemPackages = [ cfg.kerberos ];
environment.etc."krb5.conf".text = if isString cfg.config
then cfg.config
else (''
[libdefaults]
${mkMappedAttrsOrString mergedConfig.libdefaults}
[realms]
${mkMappedAttrsOrString mergedConfig.realms}
[domain_realm]
${mkMappedAttrsOrString mergedConfig.domain_realm}
[capaths]
${mkMappedAttrsOrString mergedConfig.capaths}
[appdefaults]
${mkMappedAttrsOrString mergedConfig.appdefaults}
[plugins]
${mkMappedAttrsOrString mergedConfig.plugins}
'' + optionalString (mergedConfig.extraConfig != null)
("\n" + mergedConfig.extraConfig));
warnings = flatten [
(optional (cfg.defaultRealm != null) ''
The option krb5.defaultRealm is deprecated, please use
krb5.libdefaults.default_realm.
'')
(optional (cfg.domainRealm != null) ''
The option krb5.domainRealm is deprecated, please use krb5.domain_realm.
'')
(optional (cfg.kdc != null) ''
The option krb5.kdc is deprecated, please pass a kdc attribute to a
realm in krb5.realms.
'')
(optional (cfg.kerberosAdminServer != null) ''
The option krb5.kerberosAdminServer is deprecated, please pass an
admin_server attribute to a realm in krb5.realms.
'')
];
assertions = [
{ assertion = !((builtins.any (value: value != null) [
cfg.defaultRealm cfg.domainRealm cfg.kdc cfg.kerberosAdminServer
]) && ((builtins.any (value: value != {}) [
cfg.libdefaults cfg.realms cfg.domain_realm cfg.capaths
cfg.appdefaults cfg.plugins
]) || (builtins.any (value: value != null) [
cfg.config cfg.extraConfig
])));
message = ''
Configuration of krb5.conf by deprecated options is mutually exclusive
with configuration by section. Please migrate your config using the
attributes suggested in the warnings.
'';
}
{ assertion = !(cfg.config != null
&& ((builtins.any (value: value != {}) [
cfg.libdefaults cfg.realms cfg.domain_realm cfg.capaths
cfg.appdefaults cfg.plugins
]) || (builtins.any (value: value != null) [
cfg.extraConfig cfg.defaultRealm cfg.domainRealm cfg.kdc
cfg.kerberosAdminServer
])));
message = ''
Configuration of krb5.conf using krb.config is mutually exclusive with
configuration by section. If you want to mix the two, you can pass
lines to any configuration section or lines to krb5.extraConfig.
'';
}
];
};
}

View File

@ -34,6 +34,7 @@ with lib;
networkmanager_openvpn = pkgs.networkmanager_openvpn.override { withGnome = false; };
networkmanager_pptp = pkgs.networkmanager_pptp.override { withGnome = false; };
networkmanager_vpnc = pkgs.networkmanager_vpnc.override { withGnome = false; };
networkmanager_iodine = pkgs.networkmanager_iodine.override { withGnome = false; };
pinentry = pkgs.pinentry.override { gtk2 = null; qt4 = null; };
};
};

View File

@ -18,7 +18,7 @@ let
hostArray = [ "files" ]
++ optionals mymachines [ "mymachines" ]
++ optionals nssmdns [ "mdns_minimal [!UNAVAIL=return]" ]
++ optionals nssmdns [ "mdns_minimal [NOTFOUND=return]" ]
++ optionals nsswins [ "wins" ]
++ optionals resolved ["resolve [!UNAVAIL=return]"]
++ [ "dns" ]

View File

@ -31,6 +31,7 @@ let
pkgs.nano
pkgs.ncurses
pkgs.netcat
pkgs.nix-info
config.programs.ssh.package
pkgs.perl
pkgs.procps

View File

@ -5,6 +5,9 @@ with lib;
let
tzdir = "${pkgs.tzdata}/share/zoneinfo";
nospace = str: filter (c: c == " ") (stringToCharacters str) == [];
timezone = types.nullOr (types.addCheck types.str nospace)
// { description = "null or string without spaces"; };
in
@ -15,7 +18,7 @@ in
timeZone = mkOption {
default = null;
type = types.nullOr types.str;
type = timezone;
example = "America/New_York";
description = ''
The time zone used when displaying times and dates. See <link

View File

@ -1,3 +0,0 @@
{
hardware.enableRedistributableFirmware = true;
}

View File

@ -1,30 +0,0 @@
{ config, pkgs, lib, ... }:
{
###### interface
options = {
networking.enableIntel2100BGFirmware = lib.mkOption {
default = false;
type = lib.types.bool;
description = ''
Turn on this option if you want firmware for the Intel
PRO/Wireless 2100BG to be loaded automatically. This is
required if you want to use this device.
'';
};
};
###### implementation
config = lib.mkIf config.networking.enableIntel2100BGFirmware {
hardware.enableRedistributableFirmware = true;
};
}

View File

@ -1,29 +0,0 @@
{ config, pkgs, lib, ... }:
{
###### interface
options = {
networking.enableIntel3945ABGFirmware = lib.mkOption {
default = false;
type = lib.types.bool;
description = ''
This option enables automatic loading of the firmware for the Intel
PRO/Wireless 3945ABG.
'';
};
};
###### implementation
config = lib.mkIf config.networking.enableIntel3945ABGFirmware {
hardware.enableRedistributableFirmware = true;
};
}

View File

@ -1,3 +0,0 @@
{
hardware.enableRedistributableFirmware = true;
}

View File

@ -1,3 +0,0 @@
{
hardware.enableRedistributableFirmware = true;
}

View File

@ -1,3 +0,0 @@
{
hardware.enableRedistributableFirmware = true;
}

View File

@ -1,3 +0,0 @@
{
hardware.enableRedistributableFirmware = true;
}

View File

@ -1,3 +0,0 @@
{
hardware.enableRedistributableFirmware = true;
}

View File

@ -1,3 +0,0 @@
{
hardware.enableRedistributableFirmware = true;
}

View File

@ -1,26 +0,0 @@
{pkgs, config, lib, ...}:
{
###### interface
options = {
networking.enableRalinkFirmware = lib.mkOption {
default = false;
type = lib.types.bool;
description = ''
Turn on this option if you want firmware for the RT73 NIC.
'';
};
};
###### implementation
config = lib.mkIf config.networking.enableRalinkFirmware {
hardware.enableRedistributableFirmware = true;
};
}

View File

@ -1,26 +0,0 @@
{pkgs, config, lib, ...}:
{
###### interface
options = {
networking.enableRTL8192cFirmware = lib.mkOption {
default = false;
type = lib.types.bool;
description = ''
Turn on this option if you want firmware for the RTL8192c (and related) NICs.
'';
};
};
###### implementation
config = lib.mkIf config.networking.enableRTL8192cFirmware {
hardware.enableRedistributableFirmware = true;
};
}

View File

@ -93,7 +93,7 @@ in
hardware.opengl.extraPackages = mkOption {
type = types.listOf types.package;
default = [];
example = literalExample "with pkgs; [ vaapiIntel libvdpau-va-gl vaapiVdpau ]";
example = literalExample "with pkgs; [ vaapiIntel libvdpau-va-gl vaapiVdpau intel-ocl ]";
description = ''
Additional packages to add to OpenGL drivers. This can be used
to add OpenCL drivers, VA-API/VDPAU drivers etc.

View File

@ -0,0 +1,61 @@
{ config, lib, pkgs, ... }:
with lib;
let
hpssacli = pkgs.stdenv.mkDerivation rec {
name = "hpssacli-${version}";
version = "2.40-13.0";
src = pkgs.fetchurl {
url = "http://downloads.linux.hpe.com/SDR/downloads/MCP/Ubuntu/pool/non-free/${name}_amd64.deb";
sha256 = "11w7fwk93lmfw0yya4jpjwdmgjimqxx6412sqa166g1pz4jil4sw";
};
nativeBuildInputs = [ pkgs.dpkg ];
unpackPhase = "dpkg -x $src ./";
installPhase = ''
mkdir -p $out/bin $out/share/doc $out/share/man
mv opt/hp/hpssacli/bld/{hpssascripting,hprmstr,hpssacli} $out/bin/
mv opt/hp/hpssacli/bld/*.{license,txt} $out/share/doc/
mv usr/man $out/share/
for file in $out/bin/*; do
chmod +w $file
patchelf --set-interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" \
--set-rpath ${lib.makeLibraryPath [ pkgs.stdenv.cc.cc ]} \
$file
done
'';
dontStrip = true;
meta = with lib; {
description = "HP Smart Array CLI";
homepage = http://downloads.linux.hpe.com/SDR/downloads/MCP/Ubuntu/pool/non-free/;
license = licenses.unfreeRedistributable;
platforms = [ "x86_64-linux" ];
maintainers = with maintainers; [ volth ];
};
};
in {
###### interface
options = {
hardware.raid.HPSmartArray = {
enable = mkEnableOption "HP Smart Array kernel modules and CLI utility";
};
};
###### implementation
config = mkIf config.hardware.raid.HPSmartArray.enable {
boot.initrd.kernelModules = [ "sg" ]; /* hpssacli wants it */
boot.initrd.availableKernelModules = [ "hpsa" ];
environment.systemPackages = [ hpssacli ];
};
}

View File

@ -40,6 +40,12 @@ in
{
config = mkIf enabled {
assertions = [
{
assertion = config.services.xserver.displayManager.gdm.wayland;
message = "NVidia drivers don't support wayland";
}
];
services.xserver.drivers = singleton
{ name = "nvidia"; modules = [ nvidia_x11.bin ]; libPath = [ nvidia_x11 ]; };
@ -62,11 +68,16 @@ in
boot.extraModulePackages = [ nvidia_x11.bin ];
# nvidia-uvm is required by CUDA applications.
boot.kernelModules = [ "nvidia-uvm" ];
boot.kernelModules = [ "nvidia-uvm" ] ++
lib.optionals config.services.xserver.enable [ "nvidia" "nvidia_modeset" "nvidia_drm" ];
# Create /dev/nvidia-uvm when the nvidia-uvm module is loaded.
services.udev.extraRules =
''
KERNEL=="nvidia", RUN+="${pkgs.stdenv.shell} -c 'mknod -m 666 /dev/nvidiactl c $(grep nvidia-frontend /proc/devices | cut -d \ -f 1) 255'"
KERNEL=="nvidia_modeset", RUN+="${pkgs.stdenv.shell} -c 'mknod -m 666 /dev/nvidia-modeset c $(grep nvidia-frontend /proc/devices | cut -d \ -f 1) 254'"
KERNEL=="card*", SUBSYSTEM=="drm", DRIVERS=="nvidia", RUN+="${pkgs.stdenv.shell} -c 'mknod -m 666 /dev/nvidia%n c $(grep nvidia-frontend /proc/devices | cut -d \ -f 1) %n'"
KERNEL=="nvidia_uvm", RUN+="${pkgs.stdenv.shell} -c 'mknod -m 666 /dev/nvidia-uvm c $(grep nvidia-uvm /proc/devices | cut -d \ -f 1) 0'"
'';

Some files were not shown because too many files have changed in this diff Show More