JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge master into staging-next

Browse Source
This commit is contained in:
Frederik Rietdijk 2019-11-14 13:31:39 +01:00
commit c6e31d0767
212 changed files with 6404 additions and 2952 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
doc/contributing/submitting-changes.xml
View File

@ -228,6 +228,33 @@ Additional information.
</listitem>
</itemizedlist>
</section>
<section xml:id="submitting-changes-submitting-security-fixes">
<title>Submitting security fixes</title>
<para>
Security fixes are submitted in the same way as other changes and thus the same guidelines apply.
</para>
<para>
If the security fix comes in the form of a patch and a CVE is available, then the name of the patch should be the CVE identifier, so e.g. <literal>CVE-2019-13636.patch</literal> in the case of a patch that is included in the Nixpkgs tree. If a patch is fetched the name needs to be set as well, e.g.:
</para>
<programlisting>
(fetchpatch {
name = "CVE-2019-11068.patch";
url = "https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6.patch";
sha256 = "0pkpb4837km15zgg6h57bncp66d5lwrlvkr73h0lanywq7zrwhj8";
})
</programlisting>
<para>
If a security fix applies to both master and a stable release then, similar to regular changes, they are preferably delivered via master first and cherry-picked to the release branch.
</para>
<para>
Critical security fixes may by-pass the staging branches and be delivered directly to release branches such as <literal>master</literal> and <literal>release-*</literal>.
</para>
</section>
<section xml:id="submitting-changes-pull-request-template">
<title>Pull Request Template</title>
@ -298,12 +325,17 @@ Additional information.
<para>
review changes from pull request number 12345:
<screen>nix-shell -p nix-review --run "nix-review pr 12345"</screen>
<screen>nix run nixpkgs.nix-review -c nix-review pr 12345</screen>
</para>
<para>
review uncommitted changes:
<screen>nix-shell -p nix-review --run "nix-review wip"</screen>
<screen>nix run nixpkgs.nix-review -c nix-review wip</screen>
</para>
<para>
review changes from last commit:
<screen>nix run nixpkgs.nix-review -c nix-review rev HEAD</screen>
</para>
</section>

4
doc/languages-frameworks/haskell.section.md
View File

@ -398,7 +398,9 @@ nix:
For more on how to write a `shell.nix` file see the below section. You'll need
to express a derivation. Note that Nixpkgs ships with a convenience wrapper
function around `mkDerivation` called `haskell.lib.buildStackProject` to help you
create this derivation in exactly the way Stack expects. All of the same inputs
create this derivation in exactly the way Stack expects. However for this to work
you need to disable the sandbox, which you can do by using `--option sandbox relaxed`
or `--option sandbox false` to the Nix command. All of the same inputs
as `mkDerivation` can be provided. For example, to build a Stack project that
including packages that link against a version of the R library compiled with
special options turned on:

18
doc/languages-frameworks/python.section.md
View File

@ -144,6 +144,24 @@ What's happening here?
2. Then we create a Python 3.5 environment with the `withPackages` function.
3. The `withPackages` function expects us to provide a function as an argument that takes the set of all python packages and returns a list of packages to include in the environment. Here, we select the packages `numpy` and `toolz` from the package set.
To combine this with `mkShell` you can:
```nix
with import <nixpkgs> {};
let
pythonEnv = python35.withPackages (ps: [
ps.numpy
ps.toolz
]);
in mkShell {
buildInputs = [
pythonEnv
hello
];
}
```
##### Execute command with `--run`
A convenient option with `nix-shell` is the `--run`
option, with which you can execute a command in the `nix-shell`. We can

14
maintainers/maintainer-list.nix
View File

@ -731,6 +731,16 @@
githubId = 135230;
name = "Aycan iRiCAN";
};
b4dm4n = {
email = "fabianm88@gmail.com";
github = "B4dM4n";
githubId = 448169;
name = "Fabian Möller";
keys = [{
longkeyid = "rsa4096/0x754B5C0963C42C5";
fingerprint = "6309 E212 29D4 DA30 AF24 BDED 754B 5C09 63C4 2C50";
}];
};
babariviere = {
email = "babathriviere@gmail.com";
github = "babariviere";
@ -4496,6 +4506,10 @@
github = "moredread";
githubId = 100848;
name = "André-Patrick Bubel";
keys = [{
longkeyid = "rsa8192/0x118CE7C424B45728";
fingerprint = "4412 38AD CAD3 228D 876C 5455 118C E7C4 24B4 5728";
}];
};
moretea = {
email = "maarten@moretea.nl";

189
nixos/lib/test-driver/test-driver.py
View File

@ -1,6 +1,5 @@
#! /somewhere/python3
from contextlib import contextmanager
from contextlib import contextmanager, _GeneratorContextManager
from xml.sax.saxutils import XMLGenerator
import _thread
import atexit
@ -8,7 +7,7 @@ import json
import os
import ptpython.repl
import pty
import queue
from queue import Queue, Empty
import re
import shutil
import socket
@ -17,6 +16,7 @@ import sys
import tempfile
import time
import unicodedata
from typing import Tuple, TextIO, Any, Callable, Dict, Iterator, Optional, List
CHAR_TO_KEY = {
"A": "shift-a",
@ -81,12 +81,18 @@ CHAR_TO_KEY = {
")": "shift-0x0B",
}
# Forward references
nr_tests: int
nr_succeeded: int
log: "Logger"
machines: "List[Machine]"
def eprint(*args, **kwargs):
def eprint(*args: object, **kwargs: Any) -> None:
print(*args, file=sys.stderr, **kwargs)
def create_vlan(vlan_nr):
def create_vlan(vlan_nr: str) -> Tuple[str, str, "subprocess.Popen[bytes]", Any]:
global log
log.log("starting VDE switch for network {}".format(vlan_nr))
vde_socket = os.path.abspath("./vde{}.ctl".format(vlan_nr))
@ -110,7 +116,7 @@ def create_vlan(vlan_nr):
return (vlan_nr, vde_socket, vde_process, fd)
def retry(fn):
def retry(fn: Callable) -> None:
"""Call the given function repeatedly, with 1 second intervals,
until it returns True or a timeout is reached.
"""
@ -125,52 +131,52 @@ def retry(fn):
class Logger:
def __init__(self):
def __init__(self) -> None:
self.logfile = os.environ.get("LOGFILE", "/dev/null")
self.logfile_handle = open(self.logfile, "wb")
self.xml = XMLGenerator(self.logfile_handle, encoding="utf-8")
self.queue = queue.Queue(1000)
self.queue: "Queue[Dict[str, str]]" = Queue(1000)
self.xml.startDocument()
self.xml.startElement("logfile", attrs={})
def close(self):
def close(self) -> None:
self.xml.endElement("logfile")
self.xml.endDocument()
self.logfile_handle.close()
def sanitise(self, message):
def sanitise(self, message: str) -> str:
return "".join(ch for ch in message if unicodedata.category(ch)[0] != "C")
def maybe_prefix(self, message, attributes):
def maybe_prefix(self, message: str, attributes: Dict[str, str]) -> str:
if "machine" in attributes:
return "{}: {}".format(attributes["machine"], message)
return message
def log_line(self, message, attributes):
def log_line(self, message: str, attributes: Dict[str, str]) -> None:
self.xml.startElement("line", attributes)
self.xml.characters(message)
self.xml.endElement("line")
def log(self, message, attributes={}):
def log(self, message: str, attributes: Dict[str, str] = {}) -> None:
eprint(self.maybe_prefix(message, attributes))
self.drain_log_queue()
self.log_line(message, attributes)
def enqueue(self, message):
def enqueue(self, message: Dict[str, str]) -> None:
self.queue.put(message)
def drain_log_queue(self):
def drain_log_queue(self) -> None:
try:
while True:
item = self.queue.get_nowait()
attributes = {"machine": item["machine"], "type": "serial"}
self.log_line(self.sanitise(item["msg"]), attributes)
except queue.Empty:
except Empty:
pass
@contextmanager
def nested(self, message, attributes={}):
def nested(self, message: str, attributes: Dict[str, str] = {}) -> Iterator[None]:
eprint(self.maybe_prefix(message, attributes))
self.xml.startElement("nest", attrs={})
@ -189,24 +195,22 @@ class Logger:
class Machine:
def __init__(self, args):
def __init__(self, args: Dict[str, Any]) -> None:
if "name" in args:
self.name = args["name"]
else:
self.name = "machine"
try:
cmd = args["startCommand"]
self.name = re.search("run-(.+)-vm$", cmd).group(1)
except KeyError:
pass
except AttributeError:
pass
cmd = args.get("startCommand", None)
if cmd:
match = re.search("run-(.+)-vm$", cmd)
if match:
self.name = match.group(1)
self.script = args.get("startCommand", self.create_startcommand(args))
tmp_dir = os.environ.get("TMPDIR", tempfile.gettempdir())
def create_dir(name):
def create_dir(name: str) -> str:
path = os.path.join(tmp_dir, name)
os.makedirs(path, mode=0o700, exist_ok=True)
return path
@ -216,14 +220,14 @@ class Machine:
self.booted = False
self.connected = False
self.pid = None
self.pid: Optional[int] = None
self.socket = None
self.monitor = None
self.logger = args["log"]
self.monitor: Optional[socket.socket] = None
self.logger: Logger = args["log"]
self.allow_reboot = args.get("allowReboot", False)
@staticmethod
def create_startcommand(args):
def create_startcommand(args: Dict[str, str]) -> str:
net_backend = "-netdev user,id=net0"
net_frontend = "-device virtio-net-pci,netdev=net0"
@ -273,30 +277,32 @@ class Machine:
return start_command
def is_up(self):
def is_up(self) -> bool:
return self.booted and self.connected
def log(self, msg):
def log(self, msg: str) -> None:
self.logger.log(msg, {"machine": self.name})
def nested(self, msg, attrs={}):
def nested(self, msg: str, attrs: Dict[str, str] = {}) -> _GeneratorContextManager:
my_attrs = {"machine": self.name}
my_attrs.update(attrs)
return self.logger.nested(msg, my_attrs)
def wait_for_monitor_prompt(self):
def wait_for_monitor_prompt(self) -> str:
assert self.monitor is not None
while True:
answer = self.monitor.recv(1024).decode()
if answer.endswith("(qemu) "):
return answer
def send_monitor_command(self, command):
def send_monitor_command(self, command: str) -> str:
message = ("{}\n".format(command)).encode()
self.log("sending monitor command: {}".format(command))
assert self.monitor is not None
self.monitor.send(message)
return self.wait_for_monitor_prompt()
def wait_for_unit(self, unit, user=None):
def wait_for_unit(self, unit: str, user: Optional[str] = None) -> bool:
while True:
info = self.get_unit_info(unit, user)
state = info["ActiveState"]
@ -316,7 +322,7 @@ class Machine:
if state == "active":
return True
def get_unit_info(self, unit, user=None):
def get_unit_info(self, unit: str, user: Optional[str] = None) -> Dict[str, str]:
status, lines = self.systemctl('--no-pager show "{}"'.format(unit), user)
if status != 0:
raise Exception(
@ -327,8 +333,9 @@ class Machine:
line_pattern = re.compile(r"^([^=]+)=(.*)$")
def tuple_from_line(line):
def tuple_from_line(line: str) -> Tuple[str, str]:
match = line_pattern.match(line)
assert match is not None
return match[1], match[2]
return dict(
@ -337,7 +344,7 @@ class Machine:
if line_pattern.match(line)
)
def systemctl(self, q, user=None):
def systemctl(self, q: str, user: Optional[str] = None) -> Tuple[int, str]:
if user is not None:
q = q.replace("'", "\\'")
return self.execute(
@ -349,7 +356,7 @@ class Machine:
)
return self.execute("systemctl {}".format(q))
def require_unit_state(self, unit, require_state="active"):
def require_unit_state(self, unit: str, require_state: str = "active") -> None:
with self.nested(
"checking if unit {} has reached state '{}'".format(unit, require_state)
):
@ -361,7 +368,7 @@ class Machine:
+ "'active' but it is in state {}".format(state)
)
def execute(self, command):
def execute(self, command: str) -> Tuple[int, str]:
self.connect()
out_command = "( {} ); echo '|!EOF' $?\n".format(command)
@ -379,7 +386,7 @@ class Machine:
return (status_code, output)
output += chunk
def succeed(self, *commands):
def succeed(self, *commands: str) -> str:
"""Execute each command and check that it succeeds."""
output = ""
for command in commands:
@ -393,7 +400,7 @@ class Machine:
output += out
return output
def fail(self, *commands):
def fail(self, *commands: str) -> None:
"""Execute each command and check that it fails."""
for command in commands:
with self.nested("must fail: {}".format(command)):
@ -403,21 +410,21 @@ class Machine:
"command `{}` unexpectedly succeeded".format(command)
)
def wait_until_succeeds(self, command):
def wait_until_succeeds(self, command: str) -> str:
with self.nested("waiting for success: {}".format(command)):
while True:
status, output = self.execute(command)
if status == 0:
return output
def wait_until_fails(self, command):
def wait_until_fails(self, command: str) -> str:
with self.nested("waiting for failure: {}".format(command)):
while True:
status, output = self.execute(command)
if status != 0:
return output
def wait_for_shutdown(self):
def wait_for_shutdown(self) -> None:
if not self.booted:
return
@ -429,14 +436,14 @@ class Machine:
self.booted = False
self.connected = False
def get_tty_text(self, tty):
def get_tty_text(self, tty: str) -> str:
status, output = self.execute(
"fold -w$(stty -F /dev/tty{0} size | "
"awk '{{print $2}}') /dev/vcs{0}".format(tty)
)
return output
def wait_until_tty_matches(self, tty, regexp):
def wait_until_tty_matches(self, tty: str, regexp: str) -> bool:
matcher = re.compile(regexp)
with self.nested("waiting for {} to appear on tty {}".format(regexp, tty)):
while True:
@ -444,43 +451,43 @@ class Machine:
if len(matcher.findall(text)) > 0:
return True
def send_chars(self, chars):
def send_chars(self, chars: List[str]) -> None:
with self.nested("sending keys {}".format(chars)):
for char in chars:
self.send_key(char)
def wait_for_file(self, filename):
def wait_for_file(self, filename: str) -> bool:
with self.nested("waiting for file {}".format(filename)):
while True:
status, _ = self.execute("test -e {}".format(filename))
if status == 0:
return True
def wait_for_open_port(self, port):
def port_is_open(_):
def wait_for_open_port(self, port: int) -> None:
def port_is_open(_: Any) -> bool:
status, _ = self.execute("nc -z localhost {}".format(port))
return status == 0
with self.nested("waiting for TCP port {}".format(port)):
retry(port_is_open)
def wait_for_closed_port(self, port):
def port_is_closed(_):
def wait_for_closed_port(self, port: int) -> None:
def port_is_closed(_: Any) -> bool:
status, _ = self.execute("nc -z localhost {}".format(port))
return status != 0
retry(port_is_closed)
def start_job(self, jobname, user=None):
def start_job(self, jobname: str, user: Optional[str] = None) -> Tuple[int, str]:
return self.systemctl("start {}".format(jobname), user)
def stop_job(self, jobname, user=None):
def stop_job(self, jobname: str, user: Optional[str] = None) -> Tuple[int, str]:
return self.systemctl("stop {}".format(jobname), user)
def wait_for_job(self, jobname):
def wait_for_job(self, jobname: str) -> bool:
return self.wait_for_unit(jobname)
def connect(self):
def connect(self) -> None:
if self.connected:
return
@ -496,7 +503,7 @@ class Machine:
self.log("(connecting took {:.2f} seconds)".format(toc - tic))
self.connected = True
def screenshot(self, filename):
def screenshot(self, filename: str) -> None:
out_dir = os.environ.get("out", os.getcwd())
word_pattern = re.compile(r"^\w+$")
if word_pattern.match(filename):
@ -513,12 +520,12 @@ class Machine:
if ret.returncode != 0:
raise Exception("Cannot convert screenshot")
def dump_tty_contents(self, tty):
def dump_tty_contents(self, tty: str) -> None:
"""Debugging: Dump the contents of the TTY<n>
"""
self.execute("fold -w 80 /dev/vcs{} | systemd-cat".format(tty))
def get_screen_text(self):
def get_screen_text(self) -> str:
if shutil.which("tesseract") is None:
raise Exception("get_screen_text used but enableOCR is false")
@ -546,30 +553,30 @@ class Machine:
return ret.stdout.decode("utf-8")
def wait_for_text(self, regex):
def screen_matches(last):
def wait_for_text(self, regex: str) -> None:
def screen_matches(last: bool) -> bool:
text = self.get_screen_text()
m = re.search(regex, text)
matches = re.search(regex, text) is not None
if last and not m:
if last and not matches:
self.log("Last OCR attempt failed. Text was: {}".format(text))
return m
return matches
with self.nested("waiting for {} to appear on screen".format(regex)):
retry(screen_matches)
def send_key(self, key):
def send_key(self, key: str) -> None:
key = CHAR_TO_KEY.get(key, key)
self.send_monitor_command("sendkey {}".format(key))
def start(self):
def start(self) -> None:
if self.booted:
return
self.log("starting vm")
def create_socket(path):
def create_socket(path: str) -> socket.socket:
if os.path.exists(path):
os.unlink(path)
s = socket.socket(family=socket.AF_UNIX, type=socket.SOCK_STREAM)
@ -619,9 +626,9 @@ class Machine:
self.monitor, _ = self.monitor_socket.accept()
self.shell, _ = self.shell_socket.accept()
def process_serial_output():
for line in self.process.stdout:
line = line.decode("unicode_escape").replace("\r", "").rstrip()
def process_serial_output() -> None:
for _line in self.process.stdout:
line = _line.decode("unicode_escape").replace("\r", "").rstrip()
eprint("{} # {}".format(self.name, line))
self.logger.enqueue({"msg": line, "machine": self.name})
@ -634,14 +641,14 @@ class Machine:
self.log("QEMU running (pid {})".format(self.pid))
def shutdown(self):
def shutdown(self) -> None:
if not self.booted:
return
self.shell.send("poweroff\n".encode())
self.wait_for_shutdown()
def crash(self):
def crash(self) -> None:
if not self.booted:
return
@ -649,7 +656,7 @@ class Machine:
self.send_monitor_command("quit")
self.wait_for_shutdown()
def wait_for_x(self):
def wait_for_x(self) -> None:
"""Wait until it is possible to connect to the X server. Note that
testing the existence of /tmp/.X11-unix/X0 is insufficient.
"""
@ -666,15 +673,15 @@ class Machine:
if status == 0:
return
def get_window_names(self):
def get_window_names(self) -> List[str]:
return self.succeed(
r"xwininfo -root -tree | sed 's/.*0x[0-9a-f]* \"\([^\"]*\)\".*/\1/; t; d'"
).splitlines()
def wait_for_window(self, regexp):
def wait_for_window(self, regexp: str) -> None:
pattern = re.compile(regexp)
def window_is_visible(last_try):
def window_is_visible(last_try: bool) -> bool:
names = self.get_window_names()
if last_try:
self.log(
@ -687,10 +694,10 @@ class Machine:
with self.nested("Waiting for a window to appear"):
retry(window_is_visible)
def sleep(self, secs):
def sleep(self, secs: int) -> None:
time.sleep(secs)
def forward_port(self, host_port=8080, guest_port=80):
def forward_port(self, host_port: int = 8080, guest_port: int = 80) -> None:
"""Forward a TCP port on the host to a TCP port on the guest.
Useful during interactive testing.
"""
@ -698,43 +705,46 @@ class Machine:
"hostfwd_add tcp::{}-:{}".format(host_port, guest_port)
)
def block(self):
def block(self) -> None:
"""Make the machine unreachable by shutting down eth1 (the multicast
interface used to talk to the other VMs). We keep eth0 up so that
the test driver can continue to talk to the machine.
"""
self.send_monitor_command("set_link virtio-net-pci.1 off")
def unblock(self):
def unblock(self) -> None:
"""Make the machine reachable.
"""
self.send_monitor_command("set_link virtio-net-pci.1 on")
def create_machine(args):
def create_machine(args: Dict[str, Any]) -> Machine:
global log
args["log"] = log
args["redirectSerial"] = os.environ.get("USE_SERIAL", "0") == "1"
return Machine(args)
def start_all():
def start_all() -> None:
global machines
with log.nested("starting all VMs"):
for machine in machines:
machine.start()
def join_all():
def join_all() -> None:
global machines
with log.nested("waiting for all VMs to finish"):
for machine in machines:
machine.wait_for_shutdown()
def test_script():
def test_script() -> None:
exec(os.environ["testScript"])
def run_tests():
def run_tests() -> None:
global machines
tests = os.environ.get("tests", None)
if tests is not None:
with log.nested("running the VM test script"):
@ -757,7 +767,7 @@ def run_tests():
@contextmanager
def subtest(name):
def subtest(name: str) -> Iterator[None]:
global nr_tests
global nr_succeeded
@ -774,7 +784,6 @@ def subtest(name):
if __name__ == "__main__":
global log
log = Logger()
vlan_nrs = list(dict.fromkeys(os.environ["VLANS"].split()))
@ -793,7 +802,7 @@ if __name__ == "__main__":
nr_succeeded = 0
@atexit.register
def clean_up():
def clean_up() -> None:
with log.nested("cleaning up"):
for machine in machines:
if machine.pid is None:

5
nixos/lib/testing-python.nix
View File

@ -26,7 +26,7 @@ in rec {
nativeBuildInputs = [ makeWrapper ];
buildInputs = [ (python3.withPackages (p: [ p.ptpython ])) ];
checkInputs = with python3Packages; [ pylint black ];
checkInputs = with python3Packages; [ pylint black mypy ];
dontUnpack = true;
@ -34,6 +34,9 @@ in rec {
doCheck = true;
checkPhase = ''
mypy --disallow-untyped-defs \
--no-implicit-optional \
--ignore-missing-imports ${testDriverScript}
pylint --errors-only ${testDriverScript}
black --check --diff ${testDriverScript}
'';

1
nixos/modules/module-list.nix
View File

@ -841,6 +841,7 @@
./services/web-servers/shellinabox.nix
./services/web-servers/tomcat.nix
./services/web-servers/traefik.nix
./services/web-servers/ttyd.nix
./services/web-servers/uwsgi.nix
./services/web-servers/varnish/default.nix
./services/web-servers/zope2.nix

6
nixos/modules/security/acme.nix
View File

@ -224,6 +224,12 @@ in
environment.REQUESTS_CA_BUNDLE = "/etc/ssl/certs/ca-certificates.crt";
serviceConfig = {
Type = "oneshot";
# With RemainAfterExit the service is considered active even
# after the main process having exited, which means when it
# gets changed, the activation phase restarts it, meaning
# the permissions of the StateDirectory get adjusted
# according to the specified group
RemainAfterExit = true;
SuccessExitStatus = [ "0" "1" ];
User = data.user;
Group = data.group;

1
nixos/modules/services/audio/mpd.nix
View File

@ -18,7 +18,6 @@ let
''}
state_file "${cfg.dataDir}/state"
sticker_file "${cfg.dataDir}/sticker.sql"
log_file "syslog"
user "${cfg.user}"
group "${cfg.group}"

51
nixos/modules/services/computing/slurm/slurm.nix
View File

@ -18,7 +18,7 @@ let
${optionalString (cfg.controlAddr != null) ''controlAddr=${cfg.controlAddr}''}
${toString (map (x: "NodeName=${x}\n") cfg.nodeName)}
${toString (map (x: "PartitionName=${x}\n") cfg.partitionName)}
PlugStackConfig=${plugStackConfig}
PlugStackConfig=${plugStackConfig}/plugstack.conf
ProctrackType=${cfg.procTrackType}
${cfg.extraConfig}
'';
@ -39,6 +39,8 @@ let
DbdHost=${cfg.dbdserver.dbdHost}
SlurmUser=${cfg.user}
StorageType=accounting_storage/mysql
StorageUser=${cfg.dbdserver.storageUser}
${optionalString (cfg.dbdserver.storagePass != null) "StoragePass=${cfg.dbdserver.storagePass}"}
${cfg.dbdserver.extraConfig}
'';
@ -48,7 +50,6 @@ let
name = "etc-slurm";
paths = [ configFile cgroupConfig plugStackConfig ] ++ cfg.extraConfigPaths;
};
in
{
@ -86,6 +87,37 @@ in
'';
};
storageUser = mkOption {
type = types.str;
default = cfg.user;
description = ''
Database user name.
'';
};
storagePass = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
Database password. Note that this password will be publicable
readable in the nix store. Use <option>configFile</option>
to store the and config file and password outside the nix store.
'';
};
configFile = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
Path to <literal>slurmdbd.conf</literal>. The password for the database connection
is stored in the config file. Use this option to specfify a path
outside the nix store. If this option is unset a configuration file
will be generated. See also:
<citerefentry><refentrytitle>slurmdbd.conf</refentrytitle>
<manvolnum>8</manvolnum></citerefentry>.
'';
};
extraConfig = mkOption {
type = types.lines;
default = "";
@ -112,7 +144,7 @@ in
package = mkOption {
type = types.package;
default = pkgs.slurm;
default = pkgs.slurm.override { enableX11 = ! cfg.enableSrunX11; };
defaultText = "pkgs.slurm";
example = literalExample "pkgs.slurm-full";
description = ''
@ -178,9 +210,14 @@ in
If enabled srun will accept the option "--x11" to allow for X11 forwarding
from within an interactive session or a batch job. This activates the
slurm-spank-x11 module. Note that this option also enables
'services.openssh.forwardX11' on the client.
<option>services.openssh.forwardX11</option> on the client.
This option requires slurm to be compiled without native X11 support.
The default behavior is to re-compile the slurm package with native X11
support disabled if this option is set to true.
To use the native X11 support add <literal>PrologFlags=X11</literal> in <option>extraConfig</option>.
Note that this method will only work RSA SSH host keys.
'';
};
@ -356,7 +393,11 @@ in
requires = [ "munged.service" "mysql.service" ];
# slurm strips the last component off the path
environment.SLURM_CONF = "${slurmdbdConf}/slurm.conf";
environment.SLURM_CONF =
if (cfg.dbdserver.configFile == null) then
"${slurmdbdConf}/slurm.conf"
else
cfg.dbdserver.configFile;
serviceConfig = {
Type = "forking";

8
nixos/modules/services/mail/postfix.nix
View File

@ -631,6 +631,14 @@ in
setgid = true;
};
security.wrappers.mailq = {
program = "mailq";
source = "${pkgs.postfix}/bin/mailq";
group = setgidGroup;
setuid = false;
setgid = true;
};
security.wrappers.postqueue = {
program = "postqueue";
source = "${pkgs.postfix}/bin/postqueue";

1
nixos/modules/services/network-filesystems/samba.nix
View File

@ -40,7 +40,6 @@ let
daemonService = appName: args:
{ description = "Samba Service Daemon ${appName}";
after = [ "network.target" ];
requiredBy = [ "samba.target" ];
partOf = [ "samba.target" ];

129
nixos/modules/services/networking/vsftpd.nix
View File

@ -34,6 +34,15 @@ let
};
optionDescription = [
(yesNoOption "allowWriteableChroot" "allow_writeable_chroot" false ''
Allow the use of writeable root inside chroot().
'')
(yesNoOption "virtualUseLocalPrivs" "virtual_use_local_privs" false ''
If enabled, virtual users will use the same privileges as local
users. By default, virtual users will use the same privileges as
anonymous users, which tends to be more restrictive (especially
in terms of write access).
'')
(yesNoOption "anonymousUser" "anonymous_enable" false ''
Whether to enable the anonymous FTP user.
'')
@ -76,9 +85,21 @@ let
outgoing data connections can only connect to the client. Only enable if you
know what you are doing!
'')
(yesNoOption "ssl_tlsv1" "ssl_tlsv1" true '' '')
(yesNoOption "ssl_sslv2" "ssl_sslv2" false '' '')
(yesNoOption "ssl_sslv3" "ssl_sslv3" false '' '')
(yesNoOption "ssl_tlsv1" "ssl_tlsv1" true ''
Only applies if <option>ssl_enable</option> is activated. If
enabled, this option will permit TLS v1 protocol connections.
TLS v1 connections are preferred.
'')
(yesNoOption "ssl_sslv2" "ssl_sslv2" false ''
Only applies if <option>ssl_enable</option> is activated. If
enabled, this option will permit SSL v2 protocol connections.
TLS v1 connections are preferred.
'')
(yesNoOption "ssl_sslv3" "ssl_sslv3" false ''
Only applies if <option>ssl_enable</option> is activated. If
enabled, this option will permit SSL v3 protocol connections.
TLS v1 connections are preferred.
'')
];
configFile = pkgs.writeText "vsftpd.conf"
@ -98,6 +119,9 @@ let
listen=YES
nopriv_user=vsftpd
secure_chroot_dir=/var/empty
${optionalString (cfg.localRoot != null) ''
local_root=${cfg.localRoot}
''}
syslog_enable=YES
${optionalString (pkgs.stdenv.hostPlatform.system == "x86_64-linux") ''
seccomp_sandbox=NO
@ -106,6 +130,11 @@ let
${optionalString cfg.anonymousUser ''
anon_root=${cfg.anonymousUserHome}
''}
${optionalString cfg.enableVirtualUsers ''
guest_enable=YES
guest_username=vsftpd
pam_service_name=vsftpd
''}
${cfg.extraConfig}
'';
@ -119,10 +148,7 @@ in
services.vsftpd = {
enable = mkOption {
default = false;
description = "Whether to enable the vsftpd FTP server.";
};
enable = mkEnableOption "vsftpd";
userlist = mkOption {
default = [];
@ -143,6 +169,61 @@ in
'';
};
enableVirtualUsers = mkOption {
type = types.bool;
default = false;
description = ''
Whether to enable the <literal>pam_userdb</literal>-based
virtual user system
'';
};
userDbPath = mkOption {
type = types.nullOr types.str;
example = "/etc/vsftpd/userDb";
default = null;
description = ''
Only applies if <option>enableVirtualUsers</option> is true.
Path pointing to the <literal>pam_userdb</literal> user
database used by vsftpd to authenticate the virtual users.
This user list should be stored in the Berkeley DB database
format.
To generate a new user database, create a text file, add
your users using the following format:
<programlisting>
user1
password1
user2
password2
</programlisting>
You can then install <literal>pkgs.db</literal> to generate
the Berkeley DB using
<programlisting>
db_load -T -t hash -f logins.txt userDb.db
</programlisting>
Caution: <literal>pam_userdb</literal> will automatically
append a <literal>.db</literal> suffix to the filename you
provide though this option. This option shouldn't include
this filetype suffix.
'';
};
localRoot = mkOption {
type = types.nullOr types.str;
default = null;
example = "/var/www/$USER";
description = ''
This option represents a directory which vsftpd will try to
change into after a local (i.e. non- anonymous) login.
Failure is silently ignored.
'';
};
anonymousUserHome = mkOption {
type = types.path;
default = "/home/ftp/";
@ -186,18 +267,25 @@ in
config = mkIf cfg.enable {
assertions = singleton
assertions = [
{ assertion =
(cfg.forceLocalLoginsSSL -> cfg.rsaCertFile != null)
&& (cfg.forceLocalDataSSL -> cfg.rsaCertFile != null);
message = "vsftpd: If forceLocalLoginsSSL or forceLocalDataSSL is true then a rsaCertFile must be provided!";
};
}
{
assertion = (cfg.enableVirtualUsers -> cfg.userDbPath != null)
&& (cfg.enableVirtualUsers -> cfg.localUsers != null);
message = "vsftpd: If enableVirtualUsers is true, you need to setup both the userDbPath and localUsers options.";
}];
users.users =
[ { name = "vsftpd";
uid = config.ids.uids.vsftpd;
description = "VSFTPD user";
home = "/homeless-shelter";
home = if cfg.localRoot != null
then cfg.localRoot # <= Necessary for virtual users.
else "/homeless-shelter";
}
] ++ optional cfg.anonymousUser
{ name = "ftp";
@ -213,23 +301,24 @@ in
# = false and whitelist root
services.vsftpd.userlist = if cfg.userlistDeny then ["root"] else [];
systemd.services.vsftpd =
{ description = "Vsftpd Server";
systemd = {
tmpfiles.rules = optional cfg.anonymousUser
#Type Path Mode User Gr Age Arg
"d '${builtins.toString cfg.anonymousUserHome}' 0555 'ftp' 'ftp' - -";
services.vsftpd = {
description = "Vsftpd Server";
wantedBy = [ "multi-user.target" ];
preStart =
optionalString cfg.anonymousUser
''
mkdir -p -m 555 ${cfg.anonymousUserHome}
chown -R ftp:ftp ${cfg.anonymousUserHome}
'';
serviceConfig.ExecStart = "@${vsftpd}/sbin/vsftpd vsftpd ${configFile}";
serviceConfig.Restart = "always";
serviceConfig.Type = "forking";
};
};
security.pam.services.vsftpd.text = mkIf (cfg.enableVirtualUsers && cfg.userDbPath != null)''
auth required pam_userdb.so db=${cfg.userDbPath}
account required pam_userdb.so db=${cfg.userDbPath}
'';
};
}

66
nixos/modules/services/networking/wireguard.nix
View File

@ -112,6 +112,32 @@ let
Determines whether to add allowed IPs as routes or not.
'';
};
socketNamespace = mkOption {
default = null;
type = with types; nullOr str;
example = "container";
description = ''The pre-existing network namespace in which the
WireGuard interface is created, and which retains the socket even if the
interface is moved via <option>interfaceNamespace</option>. When
<literal>null</literal>, the interface is created in the init namespace.
See <link
xlink:href="https://www.wireguard.com/netns/">documentation</link>.
'';
};
interfaceNamespace = mkOption {
default = null;
type = with types; nullOr str;
example = "init";
description = ''The pre-existing network namespace the WireGuard
interface is moved to. The special value <literal>init</literal> means
the init namespace. When <literal>null</literal>, the interface is not
moved.
See <link
xlink:href="https://www.wireguard.com/netns/">documentation</link>.
'';
};
};
};
@ -239,6 +265,10 @@ let
if peer.presharedKey != null
then pkgs.writeText "wg-psk" peer.presharedKey
else peer.presharedKeyFile;
src = interfaceCfg.socketNamespace;
dst = interfaceCfg.interfaceNamespace;
ip = nsWrap "ip" src dst;
wg = nsWrap "wg" src dst;
in nameValuePair "wireguard-${interfaceName}-peer-${unitName}"
{
description = "WireGuard Peer - ${interfaceName} - ${peer.publicKey}";
@ -255,16 +285,16 @@ let
};
script = let
wg_setup = "wg set ${interfaceName} peer ${peer.publicKey}" +
wg_setup = "${wg} set ${interfaceName} peer ${peer.publicKey}" +
optionalString (psk != null) " preshared-key ${psk}" +
optionalString (peer.endpoint != null) " endpoint ${peer.endpoint}" +
optionalString (peer.persistentKeepalive != null) " persistent-keepalive ${toString peer.persistentKeepalive}" +
optionalString (peer.allowedIPs != []) " allowed-ips ${concatStringsSep "," peer.allowedIPs}";
route_setup =
optionalString (interfaceCfg.allowedIPsAsRoutes != false)
optionalString interfaceCfg.allowedIPsAsRoutes
(concatMapStringsSep "\n"
(allowedIP:
"ip route replace ${allowedIP} dev ${interfaceName} table ${interfaceCfg.table}"
"${ip} route replace ${allowedIP} dev ${interfaceName} table ${interfaceCfg.table}"
) peer.allowedIPs);
in ''
${wg_setup}
@ -272,13 +302,13 @@ let
'';
postStop = let
route_destroy = optionalString (interfaceCfg.allowedIPsAsRoutes != false)
route_destroy = optionalString interfaceCfg.allowedIPsAsRoutes
(concatMapStringsSep "\n"
(allowedIP:
"ip route delete ${allowedIP} dev ${interfaceName} table ${interfaceCfg.table}"
"${ip} route delete ${allowedIP} dev ${interfaceName} table ${interfaceCfg.table}"
) peer.allowedIPs);
in ''
wg set ${interfaceName} peer ${peer.publicKey} remove
${wg} set ${interfaceName} peer ${peer.publicKey} remove
${route_destroy}
'';
};
@ -287,6 +317,13 @@ let
# exactly one way to specify the private key must be set
#assert (values.privateKey != null) != (values.privateKeyFile != null);
let privKey = if values.privateKeyFile != null then values.privateKeyFile else pkgs.writeText "wg-key" values.privateKey;
src = values.socketNamespace;
dst = values.interfaceNamespace;
ipPreMove = nsWrap "ip" src null;
ipPostMove = nsWrap "ip" src dst;
wg = nsWrap "wg" src dst;
ns = if dst == "init" then "1" else dst;
in
nameValuePair "wireguard-${name}"
{
@ -307,26 +344,33 @@ let
${values.preSetup}
ip link add dev ${name} type wireguard
${ipPreMove} link add dev ${name} type wireguard
${optionalString (values.interfaceNamespace != null && values.interfaceNamespace != values.socketNamespace) "${ipPreMove} link set ${name} netns ${ns}"}
${concatMapStringsSep "\n" (ip:
"ip address add ${ip} dev ${name}"
"${ipPostMove} address add ${ip} dev ${name}"
) values.ips}
wg set ${name} private-key ${privKey} ${
${wg} set ${name} private-key ${privKey} ${
optionalString (values.listenPort != null) " listen-port ${toString values.listenPort}"}
ip link set up dev ${name}
${ipPostMove} link set up dev ${name}
${values.postSetup}
'';
postStop = ''
ip link del dev ${name}
${ipPostMove} link del dev ${name}
${values.postShutdown}
'';
};
nsWrap = cmd: src: dst:
let
nsList = filter (ns: ns != null) [ src dst ];
ns = last nsList;
in
if (length nsList > 0 && ns != "init") then "ip netns exec ${ns} ${cmd}" else cmd;
in
{

196
nixos/modules/services/web-servers/ttyd.nix Normal file
View File

@ -0,0 +1,196 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.ttyd;
# Command line arguments for the ttyd daemon
args = [ "--port" (toString cfg.port) ]
++ optionals (cfg.socket != null) [ "--interface" cfg.socket ]
++ optionals (cfg.interface != null) [ "--interface" cfg.interface ]
++ [ "--signal" (toString cfg.signal) ]
++ (concatLists (mapAttrsToList (_k: _v: [ "--client-option" "${_k}=${_v}" ]) cfg.clientOptions))
++ [ "--terminal-type" cfg.terminalType ]
++ optionals cfg.checkOrigin [ "--check-origin" ]
++ [ "--max-clients" (toString cfg.maxClients) ]
++ optionals (cfg.indexFile != null) [ "--index" cfg.indexFile ]
++ optionals cfg.enableIPv6 [ "--ipv6" ]
++ optionals cfg.enableSSL [ "--ssl-cert" cfg.certFile
"--ssl-key" cfg.keyFile
"--ssl-ca" cfg.caFile ]
++ [ "--debug" (toString cfg.logLevel) ];
in
{
###### interface
options = {
services.ttyd = {
enable = mkEnableOption "ttyd daemon";
port = mkOption {
type = types.int;
default = 7681;
description = "Port to listen on (use 0 for random port)";
};
socket = mkOption {
type = types.nullOr types.path;
default = null;
example = "/var/run/ttyd.sock";
description = "UNIX domain socket path to bind.";
};
interface = mkOption {
type = types.nullOr types.str;
default = null;
example = "eth0";
description = "Network interface to bind.";
};
username = mkOption {
type = types.nullOr types.str;
default = null;
description = "Username for basic authentication.";
};
passwordFile = mkOption {
type = types.nullOr types.path;
default = null;
apply = value: if value == null then null else toString value;
description = ''
File containing the password to use for basic authentication.
For insecurely putting the password in the globally readable store use
<literal>pkgs.writeText "ttydpw" "MyPassword"</literal>.
'';
};
signal = mkOption {
type = types.ints.u8;
default = 1;
description = "Signal to send to the command on session close.";
};
clientOptions = mkOption {
type = types.attrsOf types.str;
default = {};
example = literalExample ''{
fontSize = "16";
fontFamily = "Fira Code";
}'';
description = ''
Attribute set of client options for xtermjs.
<link xlink:href="https://xtermjs.org/docs/api/terminal/interfaces/iterminaloptions/"/>
'';
};
terminalType = mkOption {
type = types.str;
default = "xterm-256color";
description = "Terminal type to report.";
};
checkOrigin = mkOption {
type = types.bool;
default = false;
description = "Whether to allow a websocket connection from a different origin.";
};
maxClients = mkOption {
type = types.int;
default = 0;
description = "Maximum clients to support (0, no limit)";
};
indexFile = mkOption {
type = types.nullOr types.path;
default = null;
description = "Custom index.html path";
};
enableIPv6 = mkOption {
type = types.bool;
default = false;
description = "Whether or not to enable IPv6 support.";
};
enableSSL = mkOption {
type = types.bool;
default = false;
description = "Whether or not to enable SSL (https) support.";
};
certFile = mkOption {
type = types.nullOr types.path;
default = null;
description = "SSL certificate file path.";
};
keyFile = mkOption {
type = types.nullOr types.path;
default = null;
apply = value: if value == null then null else toString value;
description = ''
SSL key file path.
For insecurely putting the keyFile in the globally readable store use
<literal>pkgs.writeText "ttydKeyFile" "SSLKEY"</literal>.
'';
};
caFile = mkOption {
type = types.nullOr types.path;
default = null;
description = "SSL CA file path for client certificate verification.";
};
logLevel = mkOption {
type = types.int;
default = 7;
description = "Set log level.";
};
};
};
###### implementation
config = mkIf cfg.enable {
assertions =
[ { assertion = cfg.enableSSL
-> cfg.certFile != null && cfg.keyFile != null && cfg.caFile != null;
message = "SSL is enabled for ttyd, but no certFile, keyFile or caFile has been specefied."; }
{ assertion = ! (cfg.interface != null && cfg.socket != null);
message = "Cannot set both interface and socket for ttyd."; }
{ assertion = (cfg.username != null) == (cfg.passwordFile != null);
message = "Need to set both username and passwordFile for ttyd"; }
];
systemd.services.ttyd = {
description = "ttyd Web Server Daemon";
wantedBy = [ "multi-user.target" ];
serviceConfig = {
# Runs login which needs to be run as root
# login: Cannot possibly work without effective root
User = "root";
};
script = if cfg.passwordFile != null then ''
PASSWORD=$(cat ${escapeShellArg cfg.passwordFile})
${pkgs.ttyd}/bin/ttyd ${lib.escapeShellArgs args} \
--credential ${escapeShellArg cfg.username}:"$PASSWORD" \
${pkgs.shadow}/bin/login
''
else ''
${pkgs.ttyd}/bin/ttyd ${lib.escapeShellArgs args} \
${pkgs.shadow}/bin/login
'';
};
};
}

6
nixos/modules/services/web-servers/varnish/default.nix
View File

@ -15,8 +15,8 @@ in
package = mkOption {
type = types.package;
default = pkgs.varnish5;
defaultText = "pkgs.varnish5";
default = pkgs.varnish;
defaultText = "pkgs.varnish";
description = ''
The package to use
'';
@ -48,7 +48,7 @@ in
extraModules = mkOption {
type = types.listOf types.package;
default = [];
example = literalExample "[ pkgs.varnish5Packages.geoip ]";
example = literalExample "[ pkgs.varnishPackages.geoip ]";
description = "
Varnish modules (except 'std').
";

20
nixos/modules/services/x11/desktop-managers/gnome3.nix
View File

@ -278,6 +278,26 @@ in
source-sans-pro
];
## Enable soft realtime scheduling, only supported on wayland ##
security.wrappers.".gnome-shell-wrapped" = {
source = "${pkgs.gnome3.gnome-shell}/bin/.gnome-shell-wrapped";
capabilities = "cap_sys_nice=ep";
};
systemd.user.services.gnome-shell-wayland = let
gnomeShellRT = with pkgs.gnome3; pkgs.runCommand "gnome-shell-rt" {} ''
mkdir -p $out/bin/
cp ${gnome-shell}/bin/gnome-shell $out/bin
sed -i "s@${gnome-shell}/bin/@${config.security.wrapperDir}/@" $out/bin/gnome-shell
'';
in {
# Note we need to clear ExecStart before overriding it
serviceConfig.ExecStart = ["" "${gnomeShellRT}/bin/gnome-shell"];
# Do not use the default environment, it provides a broken PATH
environment = mkForce {};
};
# Adapt from https://gitlab.gnome.org/GNOME/gnome-build-meta/blob/gnome-3-32/elements/core/meta-gnome-core-shell.bst
environment.systemPackages = with pkgs.gnome3; [
adwaita-icon-theme

3
nixos/modules/virtualisation/libvirtd.nix
View File

@ -146,7 +146,8 @@ in {
# this file is expected in /etc/qemu and not sysconfdir (/var/lib)
etc."qemu/bridge.conf".text = lib.concatMapStringsSep "\n" (e:
"allow ${e}") cfg.allowedBridges;
systemPackages = with pkgs; [ libvirt libressl.nc cfg.qemuPackage ];
systemPackages = with pkgs; [ libvirt libressl.nc iptables cfg.qemuPackage ];
etc.ethertypes.source = "${pkgs.iptables}/etc/ethertypes";
};
boot.kernelModules = [ "tun" ];

1
nixos/tests/all-tests.nix
View File

@ -280,6 +280,7 @@ in
virtualbox = handleTestOn ["x86_64-linux"] ./virtualbox.nix {};
wireguard = handleTest ./wireguard {};
wireguard-generated = handleTest ./wireguard/generated.nix {};
wireguard-namespaces = handleTest ./wireguard/namespaces.nix {};
wordpress = handleTest ./wordpress.nix {};
xautolock = handleTest ./xautolock.nix {};
xfce = handleTest ./xfce.nix {};

8
nixos/tests/jellyfin.nix
View File

@ -1,4 +1,4 @@
import ./make-test.nix ({ lib, ...}:
import ./make-test-python.nix ({ lib, ...}:
{
name = "jellyfin";
@ -9,8 +9,8 @@ import ./make-test.nix ({ lib, ...}:
{ services.jellyfin.enable = true; };
testScript = ''
$machine->waitForUnit('jellyfin.service');
$machine->waitForOpenPort('8096');
$machine->succeed("curl --fail http://localhost:8096/");
machine.wait_for_unit("jellyfin.service")
machine.wait_for_open_port(8096)
machine.succeed("curl --fail http://localhost:8096/")
'';
})

68
nixos/tests/mpd.nix
View File

@ -1,4 +1,4 @@
import ./make-test.nix ({ pkgs, ... }:
import ./make-test.nix ({ pkgs, lib, ... }:
let
track = pkgs.fetchurl {
# Sourced from http://freemusicarchive.org/music/Blue_Wave_Theory/Surf_Music_Month_Challenge/Skyhawk_Beach_fade_in
@ -46,38 +46,51 @@ import ./make-test.nix ({ pkgs, ... }:
};
nodes =
{ client =
{ client =
{ ... }: { };
serverALSA =
{ ... }: (mkServer {
mpd = defaultMpdCfg // {
network.listenAddress = "any";
extraConfig = ''
audio_output {
type "alsa"
name "ALSA"
mixer_type "null"
}
'';
};
musicService = with defaultMpdCfg; musicService { inherit user group musicDirectory; };
}) // { networking.firewall.allowedTCPPorts = [ 6600 ]; };
{ ... }: lib.mkMerge [
(mkServer {
mpd = defaultMpdCfg // {
network.listenAddress = "any";
extraConfig = ''
audio_output {
type "alsa"
name "ALSA"
mixer_type "null"
}
'';
};
musicService = with defaultMpdCfg; musicService { inherit user group musicDirectory; };
})
{ networking.firewall.allowedTCPPorts = [ 6600 ]; }
];
serverPulseAudio =
{ ... }: (mkServer {
mpd = defaultMpdCfg // {
extraConfig = ''
audio_output {
type "pulse"
name "The Pulse"
}
'';
};
{ ... }: lib.mkMerge [
(mkServer {
mpd = defaultMpdCfg // {
extraConfig = ''
audio_output {
type "pulse"
name "The Pulse"
}
'';
};
musicService = with defaultCfg; musicService { inherit user group musicDirectory; };
}) // { hardware.pulseaudio.enable = true; };
musicService = with defaultCfg; musicService { inherit user group musicDirectory; };
})
{
hardware.pulseaudio = {
enable = true;
systemWide = true;
tcp.enable = true;
tcp.anonymousClients.allowAll = true;
};
systemd.services.mpd.environment.PULSE_SERVER = "localhost";
}
];
};
testScript = ''
@ -110,6 +123,7 @@ import ./make-test.nix ({ pkgs, ... }:
play_some_music($serverALSA);
play_some_music($serverPulseAudio);
$client->waitForUnit("multi-user.target");
$client->succeed("$mpc -h serverALSA status");
# The PulseAudio-based server is configured not to accept external client connections

4
nixos/tests/prometheus-exporters.nix
View File

@ -457,9 +457,7 @@ let
wait_for_unit("prometheus-varnish-exporter.service")
wait_for_open_port(6081)
wait_for_open_port(9131)
succeed(
"curl -sSf http://localhost:9131/metrics | grep -q 'varnish_up 1'"
)
succeed("curl -sSf http://localhost:9131/metrics | grep -q 'varnish_up 1'")
'';
};

2
nixos/tests/sddm.nix
View File

@ -27,7 +27,7 @@ let
user = nodes.machine.config.users.users.alice;
in ''
start_all()
machine.wait_for_text("select your user")
machine.wait_for_text("(?i)select your user")
machine.screenshot("sddm")
machine.send_chars("${user.password}\n")
machine.wait_for_file("${user.home}/.Xauthority")

87
nixos/tests/slurm.nix
View File

@ -1,4 +1,4 @@
import ./make-test.nix ({ lib, ... }:
import ./make-test-python.nix ({ lib, ... }:
let
mungekey = "mungeverryweakkeybuteasytointegratoinatest";
@ -54,10 +54,15 @@ in {
networking.firewall.enable = false;
services.slurm.dbdserver = {
enable = true;
storagePass = "password123";
};
services.mysql = {
enable = true;
package = pkgs.mysql;
package = pkgs.mariadb;
initialScript = pkgs.writeText "mysql-init.sql" ''
CREATE USER 'slurm'@'localhost' IDENTIFIED BY 'password123';
GRANT ALL PRIVILEGES ON slurm_acct_db.* TO 'slurm'@'localhost';
'';
ensureDatabases = [ "slurm_acct_db" ];
ensureUsers = [{
ensurePermissions = { "slurm_acct_db.*" = "ALL PRIVILEGES"; };
@ -80,63 +85,57 @@ in {
testScript =
''
startAll;
start_all()
# Set up authentification across the cluster
foreach my $node (($submit,$control,$dbd,$node1,$node2,$node3))
{
$node->waitForUnit("default.target");
for node in [submit, control, dbd, node1, node2, node3]:
$node->succeed("mkdir /etc/munge");
$node->succeed("echo '${mungekey}' > /etc/munge/munge.key");
$node->succeed("chmod 0400 /etc/munge/munge.key");
$node->succeed("chown munge:munge /etc/munge/munge.key");
$node->succeed("systemctl restart munged");
node.wait_for_unit("default.target")
node.succeed("mkdir /etc/munge")
node.succeed(
"echo '${mungekey}' > /etc/munge/munge.key"
)
node.succeed("chmod 0400 /etc/munge/munge.key")
node.succeed("chown munge:munge /etc/munge/munge.key")
node.succeed("systemctl restart munged")
node.wait_for_unit("munged")
$node->waitForUnit("munged");
};
# Restart the services since they have probably failed due to the munge init
# failure
subtest "can_start_slurmdbd", sub {
$dbd->succeed("systemctl restart slurmdbd");
$dbd->waitForUnit("slurmdbd.service");
$dbd->waitForOpenPort(6819);
};
with subtest("can_start_slurmdbd"):
dbd.succeed("systemctl restart slurmdbd")
dbd.wait_for_unit("slurmdbd.service")
dbd.wait_for_open_port(6819)
# there needs to be an entry for the current
# cluster in the database before slurmctld is restarted
subtest "add_account", sub {
$control->succeed("sacctmgr -i add cluster default");
# check for cluster entry
$control->succeed("sacctmgr list cluster | awk '{ print \$1 }' | grep default");
};
with subtest("add_account"):
control.succeed("sacctmgr -i add cluster default")
# check for cluster entry
control.succeed("sacctmgr list cluster | awk '{ print $1 }' | grep default")
subtest "can_start_slurmctld", sub {
$control->succeed("systemctl restart slurmctld");
$control->waitForUnit("slurmctld.service");
};
with subtest("can_start_slurmctld"):
control.succeed("systemctl restart slurmctld")
control.waitForUnit("slurmctld.service")
subtest "can_start_slurmd", sub {
foreach my $node (($node1,$node2,$node3))
{
$node->succeed("systemctl restart slurmd.service");
$node->waitForUnit("slurmd");
}
};
with subtest("can_start_slurmd"):
for node in [node1, node2, node3]:
node.succeed("systemctl restart slurmd.service")
node.wait_for_unit("slurmd")
# Test that the cluster works and can distribute jobs;
subtest "run_distributed_command", sub {
# Run `hostname` on 3 nodes of the partition (so on all the 3 nodes).
# The output must contain the 3 different names
$submit->succeed("srun -N 3 hostname | sort | uniq | wc -l | xargs test 3 -eq");
};
with subtest("run_distributed_command"):
# Run `hostname` on 3 nodes of the partition (so on all the 3 nodes).
# The output must contain the 3 different names
submit.succeed("srun -N 3 hostname | sort | uniq | wc -l | xargs test 3 -eq")
subtest "check_slurm_dbd", sub {
# find the srun job from above in the database
sleep 5;
$control->succeed("sacct | grep hostname");
};
with subtest("check_slurm_dbd"):
# find the srun job from above in the database
control.succeed("sleep 5")
control.succeed("sacct | grep hostname")
'';
})

80
nixos/tests/wireguard/namespaces.nix Normal file
View File

@ -0,0 +1,80 @@
let
listenPort = 12345;
socketNamespace = "foo";
interfaceNamespace = "bar";
node = {
networking.wireguard.interfaces.wg0 = {
listenPort = listenPort;
ips = [ "10.10.10.1/24" ];
privateKeyFile = "/etc/wireguard/private";
generatePrivateKeyFile = true;
};
};
in
import ../make-test.nix ({ pkgs, ...} : {
name = "wireguard-with-namespaces";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ asymmetric ];
};
nodes = {
# interface should be created in the socketNamespace
# and not moved from there
peer0 = pkgs.lib.attrsets.recursiveUpdate node {
networking.wireguard.interfaces.wg0 = {
preSetup = ''
ip netns add ${socketNamespace}
'';
inherit socketNamespace;
};
};
# interface should be created in the init namespace
# and moved to the interfaceNamespace
peer1 = pkgs.lib.attrsets.recursiveUpdate node {
networking.wireguard.interfaces.wg0 = {
preSetup = ''
ip netns add ${interfaceNamespace}
'';
inherit interfaceNamespace;
};
};
# interface should be created in the socketNamespace
# and moved to the interfaceNamespace
peer2 = pkgs.lib.attrsets.recursiveUpdate node {
networking.wireguard.interfaces.wg0 = {
preSetup = ''
ip netns add ${socketNamespace}
ip netns add ${interfaceNamespace}
'';
inherit socketNamespace interfaceNamespace;
};
};
# interface should be created in the socketNamespace
# and moved to the init namespace
peer3 = pkgs.lib.attrsets.recursiveUpdate node {
networking.wireguard.interfaces.wg0 = {
preSetup = ''
ip netns add ${socketNamespace}
'';
inherit socketNamespace;
interfaceNamespace = "init";
};
};
};
testScript = ''
startAll();
$peer0->waitForUnit("wireguard-wg0.service");
$peer1->waitForUnit("wireguard-wg0.service");
$peer2->waitForUnit("wireguard-wg0.service");
$peer3->waitForUnit("wireguard-wg0.service");
$peer0->succeed("ip -n ${socketNamespace} link show wg0");
$peer1->succeed("ip -n ${interfaceNamespace} link show wg0");
$peer2->succeed("ip -n ${interfaceNamespace} link show wg0");
$peer3->succeed("ip link show wg0");
'';
})

2
pkgs/applications/audio/amarok/default.nix
View File

@ -33,6 +33,8 @@ mkDerivation rec {
enableParallelBuilding = true;
meta = with lib; {
homepage = "https://amarok.kde.org";
description = "A powerful music player with an intuitive interface";
license = licenses.gpl2;
maintainers = with maintainers; [ peterhoeg ];
};

13
pkgs/applications/audio/audacity/default.nix
View File

@ -1,4 +1,4 @@
{ stdenv, fetchurl, wxGTK30, pkgconfig, file, gettext, gtk2,
{ stdenv, fetchzip, wxGTK30, pkgconfig, file, gettext,
libvorbis, libmad, libjack2, lv2, lilv, serd, sord, sratom, suil, alsaLib, libsndfile, soxr, flac, lame,
expat, libid3tag, ffmpeg, soundtouch, /*, portaudio - given up fighting their portaudio.patch */
autoconf, automake, libtool
@ -10,9 +10,9 @@ stdenv.mkDerivation rec {
version = "2.3.2";
pname = "audacity";
src = fetchurl {
src = fetchzip {
url = "https://github.com/audacity/audacity/archive/Audacity-${version}.tar.gz";
sha256 = "0cf7fr1qhyyylj8g9ax1rq5sb887bcv5b8d7hwlcfwamzxqpliyc";
sha256 = "08w96124vv8k4myd4vifq73ningq6404x889wvg2sk016kc4dfv1";
};
preConfigure = /* we prefer system-wide libs */ ''
@ -43,12 +43,11 @@ stdenv.mkDerivation rec {
"-lswscale"
];
nativeBuildInputs = [ pkgconfig ];
nativeBuildInputs = [ pkgconfig autoconf automake libtool ];
buildInputs = [
file gettext wxGTK30 expat alsaLib
libsndfile soxr libid3tag libjack2 lv2 lilv serd sord sratom suil gtk2
libsndfile soxr libid3tag libjack2 lv2 lilv serd sord sratom suil wxGTK30.gtk
ffmpeg libmad lame libvorbis flac soundtouch
autoconf automake libtool # for the preConfigure phase
]; #ToDo: detach sbsms
enableParallelBuilding = true;
@ -60,7 +59,7 @@ stdenv.mkDerivation rec {
description = "Sound editor with graphical UI";
homepage = http://audacityteam.org/;
license = licenses.gpl2Plus;
platforms = with platforms; linux;
platforms = intersectLists platforms.linux platforms.x86; # fails on ARM
maintainers = with maintainers; [ the-kenny ];
};
}

4
pkgs/applications/audio/bitwig-studio/bitwig-studio3.nix
View File

@ -3,11 +3,11 @@
bitwig-studio1.overrideAttrs (oldAttrs: rec {
name = "bitwig-studio-${version}";
version = "3.0.1";
version = "3.0.3";
src = fetchurl {
url = "https://downloads.bitwig.com/stable/${version}/bitwig-studio-${version}.deb";
sha256 = "0k25p1j4kgnhm7p90qp1cz79xddgi6nh1nx1y5wz42x8qrpxya0s";
sha256 = "162l95imq2fb4blfkianlkymm690by9ri73xf9zigknqf0gacgsa";
};
runtimeDependencies = [

10
pkgs/applications/audio/mpc/default.nix
View File

@ -1,21 +1,19 @@
{ stdenv, fetchFromGitHub, autoreconfHook, pkgconfig, mpd_clientlib }:
{ stdenv, fetchFromGitHub, meson, ninja, pkgconfig, mpd_clientlib, sphinx }:
stdenv.mkDerivation rec {
pname = "mpc";
version = "0.28";
version = "0.31";
src = fetchFromGitHub {
owner = "MusicPlayerDaemon";
repo = "mpc";
rev = "v${version}";
sha256 = "1g8i4q5xsqdhidyjpvj6hzbhxacv27cb47ndv9k68whd80c5f9n9";
sha256 = "06wn5f24bgkqmhh2p8rbizmqibzqr4x1q7c6zl0pfq7mdy49g5ds";
};
buildInputs = [ mpd_clientlib ];
nativeBuildInputs = [ autoreconfHook pkgconfig ];
enableParallelBuilding = true;
nativeBuildInputs = [ meson ninja pkgconfig sphinx ];
meta = with stdenv.lib; {
description = "A minimalist command line interface to MPD";

4
pkgs/applications/audio/pithos/default.nix
View File

@ -4,13 +4,13 @@
pythonPackages.buildPythonApplication rec {
pname = "pithos";
version = "1.4.1";
version = "1.5.0";
src = fetchFromGitHub {
owner = pname;
repo = pname;
rev = version;
sha256 = "0vaw0rfcdh4bsp9b8la9bs36kw0iwia54y5x060byxhff9av6nj4";
sha256 = "10nnm55ql86x1qfmq6dx9a1igf7myjxibmvyhd7fyv06vdhfifgy";
};
format = "other";

4
pkgs/applications/audio/qjackctl/default.nix
View File

@ -1,14 +1,14 @@
{ stdenv, mkDerivation, fetchurl, pkgconfig, alsaLib, libjack2, dbus, qtbase, qttools, qtx11extras }:
mkDerivation rec {
version = "0.5.9";
version = "0.6.0";
pname = "qjackctl";
# some dependencies such as killall have to be installed additionally
src = fetchurl {
url = "mirror://sourceforge/qjackctl/${pname}-${version}.tar.gz";
sha256 = "1saywsda9m124rmjp7i3n0llryaliabjxhqhvqr6dm983qy7pypk";
sha256 = "1kddvxxhwvw1ps1c1drr08hxqci7jw4jwr8h1d9isb8agydfxmcx";
};
buildInputs = [

4
pkgs/applications/audio/snd/default.nix
View File

@ -4,11 +4,11 @@
}:
stdenv.mkDerivation rec {
name = "snd-19.7";
name = "snd-19.8";
src = fetchurl {
url = "mirror://sourceforge/snd/${name}.tar.gz";
sha256 = "1pr3l9iadvwinmxfl9a2lsm67yi7w3rhxglidpd41m2ni8jf2rlm";
sha256 = "0cdf3940cjvf5kls5l1zjll9wgg152xzlxs0jmpsq1kml12qa67b";
};
nativeBuildInputs = [ pkgconfig ];

29
pkgs/applications/blockchains/wownero.nix
View File

@ -1,27 +1,25 @@
{ stdenv, fetchFromGitHub, cmake, pkgconfig, git
, boost, miniupnpc_2, openssl, unbound, cppzmq
, zeromq, pcsclite, readline, libsodium, rapidjson
{ stdenv, fetchFromGitHub, cmake, boost, miniupnpc_2, openssl, unbound
, readline, libsodium, rapidjson
}:
with stdenv.lib;
stdenv.mkDerivation rec {
pname = "wownero";
version = "0.7.0";
version = "0.6.1.2";
src = fetchFromGitHub {
owner = "wownero";
repo = "wownero";
rev = "v${version}";
sha256 = "03q3pviyhrldpa3f4ly4d97jr39hvrz37chl102bap0790d9lk09";
sha256 = "0lji24s6346qxcj4pmylv8byb8fnqzpmz81rx4i3zhc1bcsvdwas";
fetchSubmodules = true;
};
nativeBuildInputs = [ cmake pkgconfig git ];
nativeBuildInputs = [ cmake ];
buildInputs = [
boost miniupnpc_2 openssl unbound rapidjson
cppzmq zeromq pcsclite readline libsodium
boost miniupnpc_2 openssl unbound rapidjson readline libsodium
];
cmakeFlags = [
@ -30,13 +28,16 @@ stdenv.mkDerivation rec {
];
meta = {
description = "Wownero is a fork of the cryptocurrency Monero with primary alterations";
description = ''
A privacy-centric memecoin that was fairly launched on April 1, 2018 with
no pre-mine, stealth-mine or ICO
'';
longDescription = ''
Wowneros emission is capped and supply is finite. Wownero is a fairly
launched coin with no premine. Its not a fork of another blockchain. With
its own genesis block there is no degradation of privacy caused by ring
signatures using different participants for the same transaction outputs.
Unlike opposing forks.
Wownero has a maximum supply of around 184 million WOW with a slow and
steady emission over 50 years. It is a fork of Monero, but with its own
genesis block, so there is no degradation of privacy due to ring
signatures using different participants for the same tx outputs on
opposing forks.
'';
homepage = http://wownero.org/;
license = licenses.bsd3;

44
pkgs/applications/editors/jetbrains/default.nix
View File

@ -250,12 +250,12 @@ in
clion = buildClion rec {
name = "clion-${version}";
version = "2019.2.3"; /* updated by script */
version = "2019.2.5"; /* updated by script */
description = "C/C++ IDE. New. Intelligent. Cross-platform";
license = stdenv.lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/cpp/CLion-${version}.tar.gz";
sha256 = "0kiqbcx64rlz1pajbn326zwy0d1vxdxpvk5xpqkcj7nva611pdq1"; /* updated by script */
sha256 = "0p0shikhf73ayflv5bm212kz06hiy3brww9h9ijjp6lcadxc9pmf"; /* updated by script */
};
wmClass = "jetbrains-clion";
update-channel = "CLion RELEASE"; # channel's id as in http://www.jetbrains.com/updates/updates.xml
@ -263,12 +263,12 @@ in
datagrip = buildDataGrip rec {
name = "datagrip-${version}";
version = "2019.2.5"; /* updated by script */
version = "2019.2.6"; /* updated by script */
description = "Your Swiss Army Knife for Databases and SQL";
license = stdenv.lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/datagrip/${name}.tar.gz";
sha256 = "18frmlchalpvc55j25ig2slf2h33gwmbmm8dvc29jb3kgsl0ny7p"; /* updated by script */
sha256 = "0g57njcklyskadxmvwb0r0z3ckq9qmcwh8qd80w396gj8fgbg50g"; /* updated by script */
};
wmClass = "jetbrains-datagrip";
update-channel = "DataGrip RELEASE";
@ -276,12 +276,12 @@ in
goland = buildGoland rec {
name = "goland-${version}";
version = "2019.2.2"; /* updated by script */
version = "2019.2.4"; /* updated by script */
description = "Up and Coming Go IDE";
license = stdenv.lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/go/${name}.tar.gz";
sha256 = "1wq1prgfn6wc7lc6qjhiykm62c56yrb5rv0hyylcsgdw0q3ns6z2"; /* updated by script */
sha256 = "0rkyw3532qvr6jhr09m3h0ssdy5ilfgfvqqliyf0cacwzw9lfv0p"; /* updated by script */
};
wmClass = "jetbrains-goland";
update-channel = "GoLand RELEASE";
@ -289,12 +289,12 @@ in
idea-community = buildIdea rec {
name = "idea-community-${version}";
version = "2019.2.3"; /* updated by script */
version = "2019.2.4"; /* updated by script */
description = "Integrated Development Environment (IDE) by Jetbrains, community edition";
license = stdenv.lib.licenses.asl20;
src = fetchurl {
url = "https://download.jetbrains.com/idea/ideaIC-${version}.tar.gz";
sha256 = "0gy42x49yhdnp4ks6445xbc24dxw2vxnl12hdyx03mszdv0r58ni"; /* updated by script */
sha256 = "012vmclx6kg85gffgc9mr3fp1ffgx20dz7xvafk7c1iynawx8wgq"; /* updated by script */
};
wmClass = "jetbrains-idea-ce";
update-channel = "IntelliJ IDEA RELEASE";
@ -302,12 +302,12 @@ in
idea-ultimate = buildIdea rec {
name = "idea-ultimate-${version}";
version = "2019.2.3"; /* updated by script */
version = "2019.2.4"; /* updated by script */
description = "Integrated Development Environment (IDE) by Jetbrains, requires paid license";
license = stdenv.lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/idea/ideaIU-${version}-no-jbr.tar.gz";
sha256 = "0allnibq8van3n1c5y85gscbpls0wshwffa6b2l2andw1jkhc259"; /* updated by script */
sha256 = "09mz4dx3zbnqw0vh4iqr8sn2s8mvgr7zvn4k7kqivsiv8f79g90a"; /* updated by script */
};
wmClass = "jetbrains-idea";
update-channel = "IntelliJ IDEA RELEASE";
@ -315,12 +315,12 @@ in
phpstorm = buildPhpStorm rec {
name = "phpstorm-${version}";
version = "2019.2.3"; /* updated by script */
version = "2019.2.4"; /* updated by script */
description = "Professional IDE for Web and PHP developers";
license = stdenv.lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/webide/PhpStorm-${version}.tar.gz";
sha256 = "0pra0hmyczxcxnvsc7rqiwhwj23ckx97c9m1wcyn7ik612xwik1i"; /* updated by script */
sha256 = "1bx8s4hh96pjfyccldwfarwv5fky6kg2kyc0h2arhfzwq1pbaisl"; /* updated by script */
};
wmClass = "jetbrains-phpstorm";
update-channel = "PhpStorm RELEASE";
@ -328,12 +328,12 @@ in
pycharm-community = buildPycharm rec {
name = "pycharm-community-${version}";
version = "2019.2.3"; /* updated by script */
version = "2019.2.4"; /* updated by script */
description = "PyCharm Community Edition";
license = stdenv.lib.licenses.asl20;
src = fetchurl {
url = "https://download.jetbrains.com/python/${name}.tar.gz";
sha256 = "02fynwi54libibgigwggh6xaf5p4046n0kjsqsck1kjbnrlghp10"; /* updated by script */
sha256 = "00dl3yx13lw8qyc23dirw96vm2d8c6zsx73ds1ha8zycfh6hkxf8"; /* updated by script */
};
wmClass = "jetbrains-pycharm-ce";
update-channel = "PyCharm RELEASE";
@ -341,12 +341,12 @@ in
pycharm-professional = buildPycharm rec {
name = "pycharm-professional-${version}";
version = "2019.2.3"; /* updated by script */
version = "2019.2.4"; /* updated by script */
description = "PyCharm Professional Edition";
license = stdenv.lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/python/${name}.tar.gz";
sha256 = "19i3ll8p69n7jw7psv2nkhjq899gljwmc5ixpqhyl203rykavb7n"; /* updated by script */
sha256 = "14ab1cvypanwwn0k1hrx3rl964av6pvridgc19z49idw5wpgxgw7"; /* updated by script */
};
wmClass = "jetbrains-pycharm";
update-channel = "PyCharm RELEASE";
@ -354,12 +354,12 @@ in
rider = buildRider rec {
name = "rider-${version}";
version = "2019.2.2"; /* updated by script */
version = "2019.2.3"; /* updated by script */
description = "A cross-platform .NET IDE based on the IntelliJ platform and ReSharper";
license = stdenv.lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/rider/JetBrains.Rider-${version}.tar.gz";
sha256 = "1wv5vhiv3w1dwyklx1pr5javp4psqyiv4naq37cvxxp9zh7hk8rc"; /* updated by script */
sha256 = "13br6zmqpvi9hcd6wdnalkhj50gzr7cwrdh4v2bpda77iby2pz93"; /* updated by script */
};
wmClass = "jetbrains-rider";
update-channel = "Rider RELEASE";
@ -367,12 +367,12 @@ in
ruby-mine = buildRubyMine rec {
name = "ruby-mine-${version}";
version = "2019.2.3"; /* updated by script */
version = "2019.2.4"; /* updated by script */
description = "The Most Intelligent Ruby and Rails IDE";
license = stdenv.lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/ruby/RubyMine-${version}.tar.gz";
sha256 = "0g8yxsq9xn8l8wnmcm0y5y0ll5081s83mmwrb62k4bldlsr25iba"; /* updated by script */
sha256 = "1dqp222zvi8ikqdkprmqihyjxiq90vd0a0zl5935xjg1mzf8ald9"; /* updated by script */
};
wmClass = "jetbrains-rubymine";
update-channel = "RubyMine RELEASE";
@ -380,12 +380,12 @@ in
webstorm = buildWebStorm rec {
name = "webstorm-${version}";
version = "2019.2.3"; /* updated by script */
version = "2019.2.4"; /* updated by script */
description = "Professional IDE for Web and JavaScript development";
license = stdenv.lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/webstorm/WebStorm-${version}.tar.gz";
sha256 = "0l3c3b1d53b3w90d4g99pjw8vmjj716jjaxsv4hy53shh1ncd55g"; /* updated by script */
sha256 = "0iz9qgrbhn1rxr8n5q1y7klfs27j1f55pw8hqbl2ln4df94zqi5j"; /* updated by script */
};
wmClass = "jetbrains-webstorm";
update-channel = "WebStorm RELEASE";

11
pkgs/applications/editors/texstudio/default.nix
View File

@ -1,6 +1,7 @@
{ stdenv, fetchFromGitHub, qt5, poppler, zlib, pkgconfig}:
{ lib, mkDerivation, fetchFromGitHub, qmake, qtbase, qtscript, qtsvg,
poppler, zlib, pkgconfig }:
stdenv.mkDerivation rec {
mkDerivation rec {
pname = "texstudio";
version = "2.12.16";
@ -11,12 +12,12 @@ stdenv.mkDerivation rec {
sha256 = "0ck65fvz6mzfpqdb1ndgyvgxdnslrwhdr1swgck4gaghcrgbg3gq";
};
nativeBuildInputs = [ qt5.qmake pkgconfig ];
buildInputs = [ qt5.qtbase qt5.qtscript qt5.qtsvg poppler zlib ];
nativeBuildInputs = [ qmake pkgconfig ];
buildInputs = [ qtbase qtscript qtsvg poppler zlib ];
qmakeFlags = [ "NO_APPDATA=True" ];
meta = with stdenv.lib; {
meta = with lib; {
description = "TeX and LaTeX editor";
longDescription=''
Fork of TeXMaker, this editor is a full fledged IDE for

19
pkgs/applications/graphics/displaycal/default.nix
View File

@ -1,8 +1,19 @@
{buildPythonPackage, stdenv, fetchurl, pkgconfig
, libXext, libXxf86vm, libX11, libXrandr, libXinerama, libXScrnSaver
, argyllcms, wxPython, numpy
{ python2
, stdenv
, fetchurl
, pkgconfig
, libXext
, libXxf86vm
, libX11
, libXrandr
, libXinerama
, libXScrnSaver
, argyllcms
}:
buildPythonPackage {
let
inherit (python2.pkgs) buildPythonApplication wxPython numpy;
in buildPythonApplication {
pname = "displaycal";
version = "3.5.0.0";

10
pkgs/applications/graphics/dosage/default.nix
View File

@ -1,6 +1,6 @@
{ stdenv, pythonPackages, fetchFromGitHub }:
{ stdenv, python3Packages, fetchFromGitHub }:
pythonPackages.buildPythonApplication rec {
python3Packages.buildPythonApplication rec {
pname = "dosage";
version = "2018.04.08";
PBR_VERSION = version;
@ -11,10 +11,10 @@ pythonPackages.buildPythonApplication rec {
rev = "b2fdc13feb65b93762928f7e99bac7b1b7b31591";
sha256 = "1p6vllqaf9s6crj47xqp97hkglch1kd4y8y4lxvzx3g2shhhk9hh";
};
checkInputs = with pythonPackages; [ pytest responses ];
propagatedBuildInputs = with pythonPackages; [ colorama lxml requests pbr ];
checkInputs = with python3Packages; [ pytest responses ];
propagatedBuildInputs = with python3Packages; [ colorama lxml requests pbr setuptools ];
disabled = pythonPackages.pythonOlder "3.3";
disabled = python3Packages.pythonOlder "3.3";
checkPhase = ''
py.test tests/

4
pkgs/applications/graphics/feh/default.nix
View File

@ -1,6 +1,6 @@
{ stdenv, fetchurl, makeWrapper
, xorg, imlib2, libjpeg, libpng
, curl, libexif, perlPackages }:
, curl, libexif, jpegexiforient, perlPackages }:
with stdenv.lib;
@ -25,7 +25,7 @@ stdenv.mkDerivation rec {
installTargets = [ "install" ];
postInstall = ''
wrapProgram "$out/bin/feh" --prefix PATH : "${libjpeg.bin}/bin" \
wrapProgram "$out/bin/feh" --prefix PATH : "${makeBinPath [ libjpeg jpegexiforient ]}" \
--add-flags '--theme=feh'
'';

6
pkgs/applications/kde/print-manager.nix
View File

@ -20,4 +20,10 @@ mkDerivation {
kwidgetsaddons kitemviews kio kwindowsystem plasma-framework qtdeclarative
];
outputs = [ "out" "dev" ];
# Fix build with cups deprecations etc.
# See: https://github.com/NixOS/nixpkgs/issues/73334
NIX_CFLAGS_COMPILE = [
"-Wno-error=deprecated-declarations"
"-Wno-error=format-security"
];
}

6
pkgs/applications/misc/hubstaff/revision.json
View File

@ -1,5 +1,5 @@
{
"url": "https://hubstaff-production.s3.amazonaws.com/downloads/HubstaffClient/Builds/Release/1.5.0-4309ed45/Hubstaff-1.5.0-4309ed45.sh",
"version": "1.5.0-4309ed45",
"sha256": "1rfxizb28b8r344d18jh6shfcxz35vx8vh10c3j6zdcc998zkcr1"
"url": "https://hubstaff-production.s3.amazonaws.com/downloads/HubstaffClient/Builds/Release/1.5.2-bead991b/Hubstaff-1.5.2-bead991b.sh",
"version": "1.5.2-bead991b",
"sha256": "068b0q94ydldyjmzbka1j94vr1xdxvkxq79pp7ria81hvpp68yxf"
}

38
pkgs/applications/misc/khard/default.nix
View File

@ -1,36 +1,15 @@
{ stdenv, fetchurl, glibcLocales, python3 }:
{ stdenv, glibcLocales, python3 }:
let
python = python3.override {
packageOverrides = self: super: {
# https://github.com/pimutils/khal/issues/780
python-dateutil = super.python-dateutil.overridePythonAttrs (oldAttrs: rec {
version = "2.6.1";
src = oldAttrs.src.override {
inherit version;
sha256 = "891c38b2a02f5bb1be3e4793866c8df49c7d19baabf9c1bad62547e0b4866aca";
};
});
};
};
in with python.pkgs; buildPythonApplication rec {
version = "0.14.0";
python3.pkgs.buildPythonApplication rec {
version = "0.15.1";
pname = "khard";
namePrefix = "";
src = fetchurl {
url = "https://github.com/scheibler/khard/archive/v${version}.tar.gz";
sha256 = "0m1pc67jz663yfc0xzfpknymn8jj2bpfxaph3pl0mjd3h1zjfyaq";
src = python3.pkgs.fetchPypi {
inherit pname version;
sha256 = "18ba2xgfq8sw0bg6xmlfjpizid1hkzgswcfcc54gl21y2dwfda2w";
};
# setup.py reads the UTF-8 encoded readme.
LC_ALL = "en_US.UTF-8";
buildInputs = [ glibcLocales ];
propagatedBuildInputs = [
propagatedBuildInputs = with python3.pkgs; [
atomicwrites
configobj
vobject
@ -43,9 +22,6 @@ in with python.pkgs; buildPythonApplication rec {
install -D misc/zsh/_khard $out/share/zsh/site-functions/_khard
'';
# Fails; but there are no tests anyway.
doCheck = false;
meta = {
homepage = https://github.com/scheibler/khard;
description = "Console carddav client";

18
pkgs/applications/networking/browsers/chromium/upstream-info.nix
View File

@ -1,18 +1,18 @@
# This file is autogenerated from update.sh in the same directory.
{
beta = {
sha256 = "0pw0z35v04jzcnshsfwbc8cz95cl0dq6405rlmh2a3xz2gxaacqi";
sha256bin64 = "1xyvaksik5a1jkkv7zqyys33n8x0n7q8xzf5mpgj71iany57z2sv";
version = "79.0.3945.16";
sha256 = "1n45pfpjqrpzmy7k2ps498mm273bpzfda58dz78lbdm6r7z3s7av";
sha256bin64 = "1rf31v1ipix8c6q4blqjrn2ap3pxnlrpfx7037qjpg84zhip0zpc";
version = "79.0.3945.29";
};
dev = {
sha256 = "169iwzqc5zvbmm7cq1q185w2j2y2r716pbgpadps7ng2i47z6rqs";
sha256bin64 = "0ravjdmmbwlf3ydgmk7hdd5d92zxh67nv49igr5km6mr4fi1xsw2";
version = "80.0.3955.4";
sha256 = "1zj0nmj1687xsyzlh1hy2wblxv1qgdy2kj9h8bmqhld16laxwqw5";
sha256bin64 = "1x8wpdz18cflvj2ambqwyhzq206dil4szh1s8paqw1jwncaw7gjf";
version = "80.0.3962.2";
};
stable = {
sha256 = "0mpb7798hzpysidp10k4x54b56c3fm7wqfj4s3kl7z47835gzxld";
sha256bin64 = "1y75687w0rls03yps63hi4m0qfdm0qzgq1jhp1jicyyhjkp0xw5q";
version = "78.0.3904.87";
sha256 = "01wx5bi397d80za0sdfwgfbjj6n2ad2i31zmcrhm6wzryjwrmx6i";
sha256bin64 = "1nwhyasqxkxkx5pn2j9dx95mblj5w7fkh2zwvjz763b331w65ivp";
version = "78.0.3904.97";
};
}

776
pkgs/applications/networking/browsers/firefox-bin/devedition_sources.nix
View File

File diff suppressed because it is too large Load Diff

25
pkgs/applications/networking/cluster/atlantis/default.nix Normal file
View File

@ -0,0 +1,25 @@
{ stdenv, buildGoModule, fetchFromGitHub }:
buildGoModule rec {
pname = "atlantis";
version = "0.10.1";
src = fetchFromGitHub {
owner = "runatlantis";
repo = "atlantis";
rev = "v${version}";
sha256 = "08k2dgz6rph68647ah1rdp7hqa5h1ar4gdy7vdjy5kn7gz21gmri";
};
modSha256 = "1i4s3xcq2qc3zy00wk2l77935ilm6n5k1msilmdnj0061ia4860y";
subPackages = [ "." ];
meta = with stdenv.lib; {
homepage = https://github.com/runatlantis/atlantis;
description = "Terraform Pull Request Automation";
platforms = platforms.all;
license = licenses.asl20;
maintainers = with maintainers; [ jpotier ];
};
}

6
pkgs/applications/networking/cluster/cni/plugins.nix
View File

@ -1,13 +1,13 @@
{ stdenv, lib, fetchFromGitHub, go, removeReferencesTo, buildGoPackage }:
buildGoPackage rec {
pname = "cni-plugins";
version = "0.8.2";
version = "0.8.3";
src = fetchFromGitHub {
owner = "containernetworking";
repo = "plugins";
rev = "v${version}";
sha256 = "0gyxa6mhiyxqw4wpn6r7wgr2kyvflzbdcqsk5ch0b6zih98144ia";
sha256 = "0dc4fs08x4x518yhgvq3drjvansnc0cb8rm4h5wiw7k3whjii3cd";
};
goDeps = ./plugins-deps.nix;
@ -35,6 +35,6 @@ buildGoPackage rec {
homepage = https://github.com/containernetworking/plugins;
license = licenses.asl20;
platforms = platforms.linux;
maintainers = with maintainers; [ cstrahan ];
maintainers = with maintainers; [ cstrahan saschagrunert ];
};
}

16
pkgs/applications/networking/mailreaders/afew/default.nix
View File

@ -1,19 +1,19 @@
{ stdenv, pythonPackages, notmuch }:
{ stdenv, python3Packages, notmuch }:
pythonPackages.buildPythonApplication rec {
python3Packages.buildPythonApplication rec {
pname = "afew";
version = "2.0.0";
src = pythonPackages.fetchPypi {
src = python3Packages.fetchPypi {
inherit pname version;
sha256 = "0j60501nm242idf2ig0h7p6wrg58n5v2p6zfym56v9pbvnbmns0s";
};
nativeBuildInputs = with pythonPackages; [ sphinx setuptools_scm ];
nativeBuildInputs = with python3Packages; [ sphinx setuptools_scm ];
propagatedBuildInputs = with pythonPackages; [
pythonPackages.setuptools pythonPackages.notmuch chardet dkimpy
] ++ stdenv.lib.optional (!pythonPackages.isPy3k) subprocess32;
propagatedBuildInputs = with python3Packages; [
python3Packages.setuptools python3Packages.notmuch chardet dkimpy
] ++ stdenv.lib.optional (!python3Packages.isPy3k) subprocess32;
makeWrapperArgs = [
''--prefix PATH ':' "${notmuch}/bin"''
@ -22,7 +22,7 @@ pythonPackages.buildPythonApplication rec {
outputs = [ "out" "doc" ];
postBuild = ''
python setup.py build_sphinx -b html,man
${python3Packages.python.interpreter} setup.py build_sphinx -b html,man
'';
postInstall = ''

4
pkgs/applications/networking/mailreaders/imapfilter.nix
View File

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "imapfilter";
version = "2.6.13";
version = "2.6.14";
src = fetchFromGitHub {
owner = "lefcha";
repo = "imapfilter";
rev = "v${version}";
sha256 = "02997rnnvid3rfkxmlgjpbspi4svdmq8r8wd2zvf25iadim3hxqi";
sha256 = "09aq9gw1vz0zl6k4fb4zdm6cpjhddsl13asfjx3qy21pbw0azmj6";
};
makeFlagsArray = "PREFIX=$(out)";

6
pkgs/applications/networking/sync/onedrive/default.nix
View File

@ -8,13 +8,13 @@
stdenv.mkDerivation rec {
pname = "onedrive";
version = "2.3.10";
version = "2.3.11";
src = fetchFromGitHub {
owner = "abraunegg";
repo = "onedrive";
rev = "v${version}";
sha256 = "0ks22anxih63zwlc11z0gi531wvcricbkv1wlkrgfihi58l8fhfk";
sha256 = "08k5b3izqzk9mjjny5y47i3q5sl0w37xdqrhaacjxwm0jib9w0mh";
};
nativeBuildInputs = [
@ -29,7 +29,7 @@ stdenv.mkDerivation rec {
description = "A complete tool to interact with OneDrive on Linux";
homepage = "https://github.com/abraunegg/onedrive";
license = licenses.gpl3;
maintainers = with maintainers; [ doronbehar ];
maintainers = with maintainers; [ doronbehar srgom ];
platforms = platforms.linux;
};
}

4
pkgs/applications/office/atlassian-cli/default.nix
View File

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
pname = "atlassian-cli";
version = "8.5.0";
version = "9.0.0";
src = fetchzip {
url = "https://bobswift.atlassian.net/wiki/download/attachments/16285777/${pname}-${version}-distribution.zip";
sha256 = "0c9jq7q0bx0db0zhdh89bv1ijfg7cddbx04v451vl8caqcyhkfgz";
sha256 = "1z8723krq65fcy5aapgiz216vrpw2nw8fbn1h3a4zpis7kw8qp0f";
extraPostFetch = "chmod go-w $out";
};

1
pkgs/applications/office/fava/default.nix
View File

@ -25,6 +25,7 @@ buildPythonApplication rec {
markdown2
ply
simplejson
jaraco_functools
];
# CLI test expects fava on $PATH. Not sure why static_url fails.

8
pkgs/applications/office/mendeley/default.nix
View File

@ -1,4 +1,4 @@
{ fetchurl, stdenv, dpkg, which
{ fetchurl, stdenv, mkDerivation, dpkg, which
, makeWrapper
, alsaLib
, desktop-file-utils
@ -90,7 +90,7 @@ let
in
stdenv.mkDerivation {
mkDerivation {
pname = "mendeley";
inherit version;
@ -106,6 +106,8 @@ stdenv.mkDerivation {
dontUnpack = true;
dontWrapQtApps = true;
installPhase = ''
dpkg-deb -x $src $out
mv $out/opt/mendeleydesktop/{bin,lib,share} $out
@ -115,7 +117,7 @@ stdenv.mkDerivation {
--set-rpath ${stdenv.lib.makeLibraryPath deps}:$out/lib \
$out/bin/mendeleydesktop
wrapProgram $out/bin/mendeleydesktop \
wrapQtApp $out/bin/mendeleydesktop \
--add-flags "--unix-distro-build" \
${stdenv.lib.optionalString autorunLinkHandler # ignore errors installing the link handler
''--run "$out/bin/install-mendeley-link-handler.sh $out/bin/mendeleydesktop ||:"''}

12
pkgs/applications/radio/urh/default.nix
View File

@ -1,25 +1,31 @@
{ stdenv, lib, fetchFromGitHub, python3Packages
, hackrf, rtl-sdr, airspy, limesuite, libiio
, qt5
, USRPSupport ? false, uhd }:
python3Packages.buildPythonApplication rec {
pname = "urh";
version = "2.7.3";
version = "2.8.0";
src = fetchFromGitHub {
owner = "jopohl";
repo = pname;
rev = "v${version}";
sha256 = "1jrrj9c4ddm37m8j0g693xjimpnlvx7lan5kxish5p14xpwdak35";
sha256 = "1c87lff9bqhf574420ycqz88x6ad5hmy36wrb8pi0dqd1s1d72qb";
};
nativeBuildInputs = [ qt5.wrapQtAppsHook ];
buildInputs = [ hackrf rtl-sdr airspy limesuite libiio ]
++ lib.optional USRPSupport uhd;
propagatedBuildInputs = with python3Packages; [
pyqt5 numpy psutil cython pyzmq pyaudio
pyqt5 numpy psutil cython pyzmq pyaudio setuptools
];
postFixup = ''
wrapQtApp $out/bin/urh
'';
doCheck = false;
meta = with lib; {

4
pkgs/applications/science/electronics/eagle/eagle.nix
View File

@ -1,4 +1,4 @@
{ stdenv, fetchurl, makeDesktopItem
{ stdenv, mkDerivation, fetchurl, makeDesktopItem
, libXrender, libXrandr, libXcursor, libX11, libXext, libXi, libxcb
, libGL, glib, nss, nspr, expat, alsaLib
, qtbase, qtdeclarative, qtsvg, qtlocation, qtwebchannel, qtwebengine
@ -11,7 +11,7 @@ let
qtbase qtdeclarative qtsvg qtlocation qtwebchannel qtwebengine
];
in
stdenv.mkDerivation rec {
mkDerivation rec {
pname = "eagle";
version = "9.5.0";

6
pkgs/applications/science/logic/why3/default.nix
View File

@ -3,11 +3,11 @@
stdenv.mkDerivation {
pname = "why3";
version = "1.2.0";
version = "1.2.1";
src = fetchurl {
url = https://gforge.inria.fr/frs/download.php/file/37903/why3-1.2.0.tar.gz;
sha256 = "0xz001jhi71ja8vqrjz27v63bidrzj4qvg1yqarq6p4dmpxhk348";
url = https://gforge.inria.fr/frs/download.php/file/38185/why3-1.2.1.tar.gz;
sha256 = "014gkwisjp05x3342zxkryb729p02ngx1hcjjsrplpa53jzgz647";
};
buildInputs = with ocamlPackages; [

16
pkgs/applications/science/misc/snakemake/default.nix
View File

@ -1,28 +1,26 @@
{
stdenv
, python
}:
{ stdenv, python3Packages }:
python.buildPythonPackage rec {
python3Packages.buildPythonApplication rec {
pname = "snakemake";
version = "5.4.4";
version = "5.7.4";
propagatedBuildInputs = with python; [
propagatedBuildInputs = with python3Packages; [
appdirs
ConfigArgParse
datrie
docutils
GitPython
jsonschema
psutil
pyyaml
ratelimiter
requests
wrapt
];
src = python.fetchPypi {
src = python3Packages.fetchPypi {
inherit pname version;
sha256 = "157323e0e1be34302edbbf399b2acbe25a4291bceffd47a0469963a970c9375f";
sha256 = "11f2f00c505d928b91332056667d49c96ed1694bf78e798ce27613948d44a2a2";
};
doCheck = false; # Tests depend on Google Cloud credentials at ${HOME}/gcloud-service-key.json

17
pkgs/applications/version-management/git-and-tools/git-extras/default.nix
View File

@ -1,19 +1,26 @@
{ stdenv, fetchurl }:
{ stdenv, fetchzip, unixtools, which }:
stdenv.mkDerivation rec {
pname = "git-extras";
version = "4.7.0";
version = "5.0.0";
src = fetchurl {
src = fetchzip {
url = "https://github.com/tj/git-extras/archive/${version}.tar.gz";
sha256 = "0pab4f5kmmcn333aswkgndf1fgilc41h8h0rk3lviz0yi8j59vaq";
sha256 = "0c839kc5mhi1iqhc696p4dj67i5hm2gi4d8cvdpskaapb124mj2f";
};
nativeBuildInputs = [ unixtools.column which ];
dontBuild = true;
installFlags = [ "DESTDIR=${placeholder "out"}" "PREFIX=" ];
preInstall = ''
patchShebangs .
'';
installFlags = [ "PREFIX=${placeholder "out"}" ];
postInstall = ''
# bash completion is already handled by make install
install -D etc/git-extras-completion.zsh $out/share/zsh/site-functions/_git_extras
'';

2
pkgs/applications/video/mpv/default.nix
View File

@ -39,7 +39,7 @@
, pulseSupport ? config.pulseaudio or stdenv.isLinux, libpulseaudio ? null
, rubberbandSupport ? stdenv.isLinux, rubberband ? null
, screenSaverSupport ? true, libXScrnSaver ? null
, sambaSupport ? true, samba ? null
, sambaSupport ? stdenv.isLinux, samba ? null
, sdl2Support ? true, SDL2 ? null
, sndioSupport ? true, sndio ? null
, speexSupport ? true, speex ? null

13
pkgs/applications/video/obs-studio/fix-search-path.patch Normal file
View File

@ -0,0 +1,13 @@
diff --git a/external/FindLibObs.cmake b/external/FindLibObs.cmake
index ab0a3de..19c63ee 100644
--- a/external/FindLibObs.cmake
+++ b/external/FindLibObs.cmake
@@ -95,7 +95,7 @@ if(LIBOBS_FOUND)
set(LIBOBS_INCLUDE_DIRS ${LIBOBS_INCLUDE_DIR} ${W32_PTHREADS_INCLUDE_DIR})
set(LIBOBS_LIBRARIES ${LIBOBS_LIB} ${W32_PTHREADS_LIB})
- include(${LIBOBS_INCLUDE_DIR}/../cmake/external/ObsPluginHelpers.cmake)
+ include(external/ObsPluginHelpers.cmake)
# allows external plugins to easily use/share common dependencies that are often included with libobs (such as FFmpeg)
if(NOT DEFINED INCLUDED_LIBOBS_CMAKE_MODULES)

39
pkgs/applications/video/obs-studio/obs-ndi.nix Normal file
View File

@ -0,0 +1,39 @@
# We don't have a wrapper which can supply obs-studio plugins so you have to
# somewhat manually install this:
# nix-env -f "<nixpkgs>" -iA obs-ndi
# mkdir -p ~/.config/obs-studio/plugins
# ln -s ~/.nix-profile/share/obs/obs-plugins/obs-ndi ~/.config/obs-studio/plugins/
{ stdenv, fetchFromGitHub, obs-studio, cmake, qt5 }:
stdenv.mkDerivation rec {
pname = "obs-ndi";
version = "4.7.1";
src = fetchFromGitHub {
owner = "Palakis";
repo = "obs-ndi";
rev = version;
sha256 = "040fkbf3f3qgqcrd3072y3zrjb4fwga8zr10jym744xd7bgyylqh";
};
patches = [ ./fix-search-path.patch ];
nativeBuildInputs = [ cmake ];
buildInputs = [ obs-studio qt5.qtbase ];
cmakeFlags = [
"-DLIBOBS_INCLUDE_DIR=${obs-studio}/include/obs"
"-DLIBOBS_LIB=${obs-studio}/lib"
"-DCMAKE_CXX_FLAGS=-I${obs-studio.src}/UI/obs-frontend-api"
];
meta = with stdenv.lib; {
description = "Network A/V plugin for OBS Studio";
homepage = https://github.com/Palakis/obs-ndi;
maintainers = with maintainers; [ peti ];
license = licenses.gpl2;
platforms = with platforms; linux;
};
}

10
pkgs/data/fonts/xits-math/default.nix
View File

@ -1,17 +1,17 @@
{ stdenv, fetchFromGitHub, python2Packages, fontforge }:
{ stdenv, fetchFromGitHub, python3Packages}:
stdenv.mkDerivation rec {
pname = "xits-math";
version = "1.200";
version = "1.301";
src = fetchFromGitHub {
owner = "alif-type";
repo = "xits";
rev = "v${version}";
sha256 = "0s1qqqg3zv9k4wqn1vkx0z895fjccg96n58syc1d5f2wba9kyfcm";
sha256 = "043g0gnjc7wn1szvrs0rc1vvrq1qmhqh45b0y2kwrlxsgprpv8ll";
};
nativeBuildInputs = [ fontforge ] ++ (with python2Packages; [ python fonttools ]);
nativeBuildInputs = (with python3Packages; [ python fonttools fontforge ]);
postPatch = ''
rm *.otf
@ -22,7 +22,7 @@ stdenv.mkDerivation rec {
'';
meta = with stdenv.lib; {
homepage = https://github.com/khaledhosny/xits-math;
homepage = "https://github.com/alif-type/xits";
description = "OpenType implementation of STIX fonts with math support";
license = licenses.ofl;
platforms = platforms.all;

4
pkgs/desktops/deepin/dde-api/default.nix
View File

@ -24,7 +24,7 @@
buildGoPackage rec {
pname = "dde-api";
version = "3.18.4.1";
version = "5.0.0";
goPackagePath = "pkg.deepin.io/dde/api";
@ -32,7 +32,7 @@ buildGoPackage rec {
owner = "linuxdeepin";
repo = pname;
rev = version;
sha256 = "0bcjp5ijwa4wmx6p43lik6vjlb7d5rk7nf8xl495i3yk9x70wyfa";
sha256 = "0iv4krj6dqdknwvmax7aj40k1h96259kqcfnljadrwpl7cvsvp5p";
};
goDeps = ./deps.nix;

24
pkgs/desktops/deepin/dde-api/deps.nix generated
View File

@ -5,8 +5,8 @@
fetch = {
type = "git";
url = "https://github.com/alecthomas/template";
rev = "a0175ee3bccc567396460bf5acd36800cb10c49c";
sha256 = "0qjgvvh26vk1cyfq9fadyhfgdj36f1iapbmr5xp6zqipldz8ffxj";
rev = "fb15b899a75114aa79cc930e33c46b577cc664b1";
sha256 = "1vlasv4dgycydh5wx6jdcvz40zdv90zz1h7836z7lhsi2ymvii26";
};
}
{
@ -14,8 +14,8 @@
fetch = {
type = "git";
url = "https://github.com/alecthomas/units";
rev = "2efee857e7cfd4f3d0138cc3cbb1b4966962b93a";
sha256 = "1j65b91qb9sbrml9cpabfrcf07wmgzzghrl7809hjjhrmbzri5bl";
rev = "f65c72e2690dc4b403c8bd637baf4611cd4c069b";
sha256 = "04jyqm7m3m01ppfy1f9xk4qvrwvs78q9zml6llyf2b3v5k6b2bbc";
};
}
{
@ -32,8 +32,8 @@
fetch = {
type = "git";
url = "https://github.com/disintegration/imaging";
rev = "465faf0892b5c7b3325643b0e47282e1331672e7";
sha256 = "1z9rkphmqgyphznl53pp1gmf0dfrfrmr95bx46p422ldml26c5a0";
rev = "9aab30e6aa535fe3337b489b76759ef97dfaf362";
sha256 = "015amm3x989hl3r4gxnixj602fl9j8z53n0lrq804cbfbk7a31fw";
};
}
{
@ -41,8 +41,8 @@
fetch = {
type = "git";
url = "https://github.com/fogleman/gg";
rev = "f194ddec6f45226fc9e1b4a61b7237f186edd543";
sha256 = "095g5hpqvpy5w9l4kb65cif013snsvlbw6sgln0kwdix0z099j3i";
rev = "4dc34561c649343936bb2d29e23959bd6d98ab12";
sha256 = "1x1finzdrr80dd3r7wvf7zb184yjf4dawz7s581p2dr64dcialww";
};
}
{
@ -77,8 +77,8 @@
fetch = {
type = "git";
url = "https://go.googlesource.com/image";
rev = "7e034cad644213bc79b336b52fce73624259aeca";
sha256 = "04n4yi0p2yjv8sr9dmnzwc2k6hvzzvl6jdq2xd043kvjwzk583va";
rev = "e7c1f5e7dbb87d8921928a6d9fc52fb31ce73b24";
sha256 = "0czp897aicqw1dgybj0hc2zzwb20rhqkdqm7siqci3yk7yk9cymf";
};
}
{
@ -86,8 +86,8 @@
fetch = {
type = "git";
url = "https://go.googlesource.com/net";
rev = "3b0461eec859c4b73bb64fdc8285971fd33e3938";
sha256 = "0l00c8l0a8xnv6qdpwfzxxsr58jggacgzdrwiprrfx2xqm37b6d5";
rev = "daa7c04131f568e31c51927b359a2d197a357058";
sha256 = "17gbfvb5iqyayzw0zd6q218zsbf7x74rflvn18wkxvsw95n1y54h";
};
}
{

4
pkgs/desktops/deepin/dde-calendar/default.nix
View File

@ -4,13 +4,13 @@
mkDerivation rec {
pname = "dde-calendar";
version = "1.2.10";
version = "5.0.1";
src = fetchFromGitHub {
owner = "linuxdeepin";
repo = pname;
rev = version;
sha256 = "00aqx24jccf88vvkpb9svyjz8knrqyjgd0152psf9dxc9q13f61h";
sha256 = "1zzr3crkz4l5l135y0m53vqhv7fkrbvbspk8295swz9gsm3f7ah9";
};
nativeBuildInputs = [

4
pkgs/desktops/deepin/dde-control-center/default.nix
View File

@ -8,13 +8,13 @@
mkDerivation rec {
pname = "dde-control-center";
version = "4.10.11";
version = "5.0.0";
src = fetchFromGitHub {
owner = "linuxdeepin";
repo = pname;
rev = version;
sha256 = "1ip8wjwf0n9q8xnqymzh8lz0j5gcnns976n291np6k5kdh2wqhr5";
sha256 = "10bx8bpvi3ib32a3l4nyb1j0iq3bch8jm9wfm6d5v0ym1zb92x3b";
};
nativeBuildInputs = [

4
pkgs/desktops/deepin/dde-daemon/default.nix
View File

@ -8,7 +8,7 @@
buildGoPackage rec {
pname = "dde-daemon";
version = "3.27.2.6";
version = "5.0.0";
goPackagePath = "pkg.deepin.io/dde/daemon";
@ -16,7 +16,7 @@ buildGoPackage rec {
owner = "linuxdeepin";
repo = pname;
rev = version;
sha256 = "14g138h23f1lh1y98pdrfhnph1m7pw8lq8ypiwv9qf3fmdyn35d4";
sha256 = "08jri31bvzbaxaq78rpp46ndv0li2dij63hakvd9b9gs786srql1";
};
patches = [

20
pkgs/desktops/deepin/dde-daemon/deps.nix generated
View File

@ -5,8 +5,8 @@
fetch = {
type = "git";
url = "https://github.com/alecthomas/template";
rev = "a0175ee3bccc567396460bf5acd36800cb10c49c";
sha256 = "0qjgvvh26vk1cyfq9fadyhfgdj36f1iapbmr5xp6zqipldz8ffxj";
rev = "fb15b899a75114aa79cc930e33c46b577cc664b1";
sha256 = "1vlasv4dgycydh5wx6jdcvz40zdv90zz1h7836z7lhsi2ymvii26";
};
}
{
@ -14,8 +14,8 @@
fetch = {
type = "git";
url = "https://github.com/alecthomas/units";
rev = "2efee857e7cfd4f3d0138cc3cbb1b4966962b93a";
sha256 = "1j65b91qb9sbrml9cpabfrcf07wmgzzghrl7809hjjhrmbzri5bl";
rev = "f65c72e2690dc4b403c8bd637baf4611cd4c069b";
sha256 = "04jyqm7m3m01ppfy1f9xk4qvrwvs78q9zml6llyf2b3v5k6b2bbc";
};
}
{
@ -77,8 +77,8 @@
fetch = {
type = "git";
url = "https://go.googlesource.com/image";
rev = "7e034cad644213bc79b336b52fce73624259aeca";
sha256 = "04n4yi0p2yjv8sr9dmnzwc2k6hvzzvl6jdq2xd043kvjwzk583va";
rev = "e7c1f5e7dbb87d8921928a6d9fc52fb31ce73b24";
sha256 = "0czp897aicqw1dgybj0hc2zzwb20rhqkdqm7siqci3yk7yk9cymf";
};
}
{
@ -86,8 +86,8 @@
fetch = {
type = "git";
url = "https://go.googlesource.com/net";
rev = "3b0461eec859c4b73bb64fdc8285971fd33e3938";
sha256 = "0l00c8l0a8xnv6qdpwfzxxsr58jggacgzdrwiprrfx2xqm37b6d5";
rev = "daa7c04131f568e31c51927b359a2d197a357058";
sha256 = "17gbfvb5iqyayzw0zd6q218zsbf7x74rflvn18wkxvsw95n1y54h";
};
}
{
@ -95,8 +95,8 @@
fetch = {
type = "git";
url = "https://go.googlesource.com/text";
rev = "342b2e1fbaa52c93f31447ad2c6abc048c63e475";
sha256 = "0flv9idw0jm5nm8lx25xqanbkqgfiym6619w575p7nrdh0riqwqh";
rev = "4b67af870c6ffd08258ef1202f371aebccaf7b68";
sha256 = "01mhy1xs2dh18kp6wdk1xnb34lbzv2qkvdwj7w5ha2qgm5rrm4ik";
};
}
{

4
pkgs/desktops/deepin/dde-dock/default.nix
View File

@ -7,13 +7,13 @@
let
unwrapped = mkDerivation rec {
pname = "dde-dock";
version = "4.10.3";
version = "5.0.0";
src = fetchFromGitHub {
owner = "linuxdeepin";
repo = pname;
rev = version;
sha256 = "17iy78r0frpv42g521igfdcgdklbifzig1wzxq2nl14fq0bgxg4v";
sha256 = "12dshsqhzajnxm7r53qg0c84b6xlj313qnssnx2m25z4jdp5i7pr";
};
nativeBuildInputs = [

24
pkgs/desktops/deepin/dde-file-manager/default.nix
View File

@ -1,22 +1,23 @@
{ stdenv, mkDerivation, fetchFromGitHub, pkgconfig, avfs, dde-daemon, dde-dock,
dde-polkit-agent, dde-qt-dbus-factory, deepin, deepin-anything,
deepin-desktop-schemas, deepin-gettext-tools, deepin-movie-reborn,
deepin-shortcut-viewer, deepin-terminal, dtkcore, dtkwidget,
ffmpegthumbnailer, file, glib, gnugrep, gsettings-qt, gvfs,
jemalloc, kcodecs, libX11, libsecret, polkit, polkit-qt, poppler,
procps, qmake, qt5integration, qtmultimedia, qtsvg, qttools,
qtx11extras, runtimeShell, samba, shadow, taglib, udisks2-qt5,
xdg-user-dirs, xorg, zlib, wrapGAppsHook }:
{ stdenv, mkDerivation, fetchFromGitHub, pkgconfig, avfs, dde-daemon,
dde-dock, dde-polkit-agent, dde-qt-dbus-factory, deepin,
deepin-anything, deepin-desktop-schemas, deepin-gettext-tools,
deepin-movie-reborn, deepin-shortcut-viewer, deepin-terminal,
disomaster, dtkcore, dtkwidget, ffmpegthumbnailer, file, glib,
gnugrep, gsettings-qt, gvfs, jemalloc, kcodecs, libX11, libsecret,
polkit, polkit-qt, poppler, procps, qmake, qt5integration,
qtmultimedia, qtsvg, qttools, qtx11extras, runtimeShell, samba,
shadow, taglib, udisks2-qt5, xdg-user-dirs, xorg, zlib,
wrapGAppsHook }:
mkDerivation rec {
pname = "dde-file-manager";
version = "4.8.6.4";
version = "5.0.0";
src = fetchFromGitHub {
owner = "linuxdeepin";
repo = pname;
rev = version;
sha256 = "1m0ykw5a91rm5xcah8bzk21xsambqvncj8104ihdhf9h0z9kdmm2";
sha256 = "0n2nl09anqdq0n5yn688n385rn81lcpybs0sa8m311k3k9ndkkyr";
};
nativeBuildInputs = [
@ -39,6 +40,7 @@ mkDerivation rec {
deepin-movie-reborn.dev
deepin-shortcut-viewer
deepin-terminal
disomaster
dtkcore
dtkwidget
ffmpegthumbnailer

4
pkgs/desktops/deepin/dde-launcher/default.nix
View File

@ -5,13 +5,13 @@
mkDerivation rec {
pname = "dde-launcher";
version = "4.6.13";
version = "5.0.0";
src = fetchFromGitHub {
owner = "linuxdeepin";
repo = pname;
rev = version;
sha256 = "1lwwn2qjbd4i7wx18mi8n7hzdh832i3kdadrivr10sbafdank7ky";
sha256 = "0zh6bb0r3pgjrnw9rba46ghdzza1ka1mv7r1znf8gw24wsjgjcpn";
};
nativeBuildInputs = [

4
pkgs/desktops/deepin/dde-network-utils/default.nix
View File

@ -3,13 +3,13 @@
mkDerivation rec {
pname = "dde-network-utils";
version = "0.1.4";
version = "5.0.1";
src = fetchFromGitHub {
owner = "linuxdeepin";
repo = pname;
rev = version;
sha256 = "0nj9lf455lf2hyqv6xwhm4vrr825ldbl83azzrrzqs6p781x65i1";
sha256 = "0670kfnkplf7skkd1ql6y9x15kmrcbdv1005qwkg4vn8hic6s0z3";
};
nativeBuildInputs = [

4
pkgs/desktops/deepin/dde-polkit-agent/default.nix
View File

@ -3,13 +3,13 @@
mkDerivation rec {
pname = "dde-polkit-agent";
version = "0.2.10";
version = "5.0.0";
src = fetchFromGitHub {
owner = "linuxdeepin";
repo = pname;
rev = version;
sha256 = "0syg121slpd6d9xpifgcf85lg9ca0k96cl1g3rjvsmczs2d2ffgf";
sha256 = "00p8syx6rfwhq7wdsk37hm9mvwd0kwj9h0s39hii892h1psd84q9";
};
nativeBuildInputs = [

4
pkgs/desktops/deepin/dde-qt-dbus-factory/default.nix
View File

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "dde-qt-dbus-factory";
version = "1.1.5";
version = "5.0.1";
src = fetchFromGitHub {
owner = "linuxdeepin";
repo = pname;
rev = version;
sha256 = "1jzfblsmnfpgym95mmbd8mjkk8wqqfb0kz6n6fy742hmqlzrpsj7";
sha256 = "1wbh4jgvy3c09ivy0vvfk0azkg4d2sv37y23c9rq49jb3sakcjgm";
};
nativeBuildInputs = [

8
pkgs/desktops/deepin/dde-session-ui/default.nix
View File

@ -7,13 +7,13 @@
mkDerivation rec {
pname = "dde-session-ui";
version = "4.9.12";
version = "5.0.0";
src = fetchFromGitHub {
owner = "linuxdeepin";
repo = pname;
rev = version;
sha256 = "00i45xv87wx9cww1d445lg6zjbhda5kki8nhsaav8gf2d4cmwzf4";
sha256 = "1gy9nlpkr9ayrs1z2dvd7h0dqlw6fq2m66d9cs48qyfkr6c8l9jj";
};
nativeBuildInputs = [
@ -89,8 +89,8 @@ mkDerivation rec {
substituteInPlace lightdm-deepin-greeter/scripts/lightdm-deepin-greeter --replace "/usr/bin/lightdm-deepin-greeter" "$out/bin/lightdm-deepin-greeter"
substituteInPlace session-ui-guardien/guardien.cpp --replace "dde-lock" "$out/bin/dde-lock"
substituteInPlace session-ui-guardien/guardien.cpp --replace "dde-shutdown" "$out/bin/dde-shutdown"
substituteInPlace session-widgets/lockworker.cpp --replace "dde-switchtogreeter" "$out/bin/dde-switchtogreeter"
substituteInPlace session-widgets/lockworker.cpp --replace "which" "${which}/bin/which"
substituteInPlace dde-lock/lockworker.cpp --replace "dde-switchtogreeter" "$out/bin/dde-switchtogreeter"
substituteInPlace dde-lock/lockworker.cpp --replace "which" "${which}/bin/which"
substituteInPlace session-widgets/userinfo.cpp --replace "/usr/share/wallpapers/deepin" "${deepin-wallpapers}/share/wallpapers/deepin"
substituteInPlace widgets/fullscreenbackground.cpp --replace "/usr/share/wallpapers/deepin" "${deepin-wallpapers}/share/wallpapers/deepin"
substituteInPlace widgets/kblayoutwidget.cpp --replace "setxkbmap" "${setxkbmap}/bin/setxkbmap"

2
pkgs/desktops/deepin/deepin-anything/default.nix
View File

@ -3,7 +3,7 @@
mkDerivation rec {
pname = "deepin-anything";
version = "0.1.0";
version = "5.0.1";
src = fetchFromGitHub {
owner = "linuxdeepin";

4
pkgs/desktops/deepin/deepin-calculator/default.nix
View File

@ -3,13 +3,13 @@
mkDerivation rec {
pname = "deepin-calculator";
version = "1.0.11";
version = "5.0.1";
src = fetchFromGitHub {
owner = "linuxdeepin";
repo = pname;
rev = version;
sha256 = "10bfq0h8v0a8i46gcbsy79l194g8sc0ysg289ndrra209fhwlidq";
sha256 = "0f26y7b3giybybhvlzbnwcw8kidzvhq66h0c15n9ww81gnlqf7v5";
};
nativeBuildInputs = [

4
pkgs/desktops/deepin/deepin-desktop-base/default.nix
View File

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "deepin-desktop-base";
version = "2019.06.19";
version = "2019.07.10";
src = fetchFromGitHub {
owner = "linuxdeepin";
repo = pname;
rev = version;
sha256 = "1r158x4z4qalv4q1ni3aln05krdzblvr7y6wyciwl7cr5ag1i1jy";
sha256 = "0rs7bjy35k5gc5nbba1cijhdz16zny30lgmcf2ckx1pkdszk2vra";
};
nativeBuildInputs = [ deepin.setupHook ];

4
pkgs/desktops/deepin/deepin-desktop-schemas/default.nix
View File

@ -3,13 +3,13 @@
stdenv.mkDerivation rec {
pname = "deepin-desktop-schemas";
version = "3.13.6";
version = "3.13.9";
src = fetchFromGitHub {
owner = "linuxdeepin";
repo = pname;
rev = version;
sha256 = "03jqb47kjyb9b43m2yincfjn2i43ma1pn1hddyicrrpg937caa81";
sha256 = "1c69j6s7561zb1hrd1j3ihji1nvpgfzfgnp6svsv8jd8dg8vs8l1";
};
nativeBuildInputs = [

4
pkgs/desktops/deepin/deepin-image-viewer/default.nix
View File

@ -5,13 +5,13 @@
mkDerivation rec {
pname = "deepin-image-viewer";
version = "1.3.17";
version = "5.0.0";
src = fetchFromGitHub {
owner = "linuxdeepin";
repo = pname;
rev = version;
sha256 = "0hz4f1kqcycyvggwfzpkblhhha87rqd427hq0mf31jfh5x17ymnh";
sha256 = "01524hfdy3wvdf07n9b3qb8jdpxzg2hwjpl4gxvr68qws5nbnb3c";
};
nativeBuildInputs = [

22
pkgs/desktops/deepin/deepin-movie-reborn/default.nix
View File

@ -1,16 +1,16 @@
{ stdenv, mkDerivation, fetchFromGitHub, cmake, pkgconfig, qttools, qtx11extras,
{ stdenv, mkDerivation, fetchFromGitHub, fetchpatch, cmake, pkgconfig, qttools, qtx11extras,
dtkcore, dtkwidget, ffmpeg, ffmpegthumbnailer, mpv, pulseaudio,
libdvdnav, libdvdread, xorg, deepin }:
mkDerivation rec {
pname = "deepin-movie-reborn";
version = "3.2.24";
version = "5.0.0";
src = fetchFromGitHub {
owner = "linuxdeepin";
repo = pname;
rev = version;
sha256 = "16mxym7dm6qk90q2w7xqm62047rq0lirrjmnnpaxshzaww9gngkh";
sha256 = "0cly8q0514a58s3h3wsvx9yxar7flz6i2q8xkrkfjias22b3z7b0";
};
outputs = [ "out" "dev" ];
@ -19,6 +19,7 @@ mkDerivation rec {
cmake
pkgconfig
qttools
deepin.setupHook
];
buildInputs = [
@ -37,11 +38,24 @@ mkDerivation rec {
xorg.xcbproto
];
patches = [
# fix: build failed if cannot find dtk-settings tool
(fetchpatch {
url = "https://github.com/linuxdeepin/deepin-movie-reborn/commit/fbb307b.patch";
sha256 = "0915za0khki0729rvcfpxkh6vxhqwc47cgcmjc90kfq1004221vx";
})
];
NIX_LDFLAGS = "-ldvdnav";
postPatch = ''
sed -i src/CMakeLists.txt -e "s,/usr/lib/dtk2,${dtkcore}/lib/dtk2,"
searchHardCodedPaths # debugging
sed -i src/libdmr/libdmr.pc.in -e "s,/usr,$out," -e 's,libdir=''${prefix}/,libdir=,'
substituteInPlace src/deepin-movie.desktop \
--replace "Exec=deepin-movie" "Exec=$out/bin/deepin-movie"
'';
passthru.updateScript = deepin.updateScript { inherit ;name = "${pname}-${version}"; };

4
pkgs/desktops/deepin/deepin-screenshot/default.nix
View File

@ -4,13 +4,13 @@
mkDerivation rec {
pname = "deepin-screenshot";
version = "4.2.1";
version = "5.0.0";
src = fetchFromGitHub {
owner = "linuxdeepin";
repo = pname;
rev = version;
sha256 = "16wy1ywp4lm7fg488laqxgxpir745rbpj9z410r6x7krpgjds189";
sha256 = "0h1kcf9i8q6rz4jhym3yf84zr6svzff0hh9sl7b24sflzkxx6zwk";
};
nativeBuildInputs = [

2
pkgs/desktops/deepin/deepin-shortcut-viewer/default.nix
View File

@ -3,7 +3,7 @@
mkDerivation rec {
pname = "deepin-shortcut-viewer";
version = "1.3.5";
version = "5.0.0";
src = fetchFromGitHub {
owner = "linuxdeepin";

8
pkgs/desktops/deepin/deepin-terminal/default.nix
View File

@ -1,4 +1,4 @@
{ stdenv, fetchFromGitHub, pkgconfig, cmake, ninja, vala_0_44,
{ stdenv, fetchFromGitHub, pkgconfig, cmake, ninja, vala_0_40,
gettext, at-spi2-core, dbus, epoxy, expect, gtk3, json-glib,
libXdmcp, libgee, libpthreadstubs, librsvg, libsecret, libtasn1,
libxcb, libxkbcommon, p11-kit, pcre, vte, wnck, libselinux, gnutls, pcre2,
@ -6,20 +6,20 @@
stdenv.mkDerivation rec {
pname = "deepin-terminal";
version = "3.2.6";
version = "5.0.0";
src = fetchFromGitHub {
owner = "linuxdeepin";
repo = "deepin-terminal";
rev = version;
sha256 = "09s5gvzfxfb353kb61x1b6z3h2aqgln3s3mah3f3zkf5y8hrp2pj";
sha256 = "1929saj828b438d07caw3cjhqq60v6gni7mi3fqrg9wdjz81xwv7";
};
nativeBuildInputs = [
pkgconfig
cmake
ninja
vala_0_44 # xcb.vapi:411.3-411.48: error: missing return statement at end of subroutine body
vala_0_40 # xcb.vapi:411.3-411.48: error: missing return statement at end of subroutine body
gettext
libselinux libsepol utillinux # required by gio
deepin.setupHook

1
pkgs/desktops/deepin/default.nix
View File

@ -37,6 +37,7 @@ let
};
deepin-turbo = callPackage ./deepin-turbo { };
deepin-wallpapers = callPackage ./deepin-wallpapers { };
disomaster = callPackage ./disomaster { };
dpa-ext-gnomekeyring = callPackage ./dpa-ext-gnomekeyring { };
dtkcore = callPackage ./dtkcore { };
dtkwidget = callPackage ./dtkwidget { };

41
pkgs/desktops/deepin/disomaster/default.nix Normal file
View File

@ -0,0 +1,41 @@
{ stdenv, mkDerivation, fetchFromGitHub, pkgconfig, qmake, qtbase, libisoburn, deepin }:
mkDerivation rec {
pname = "disomaster";
version = "5.0.0";
src = fetchFromGitHub {
owner = "linuxdeepin";
repo = pname;
rev = version;
sha256 = "13144gq0mpbpclzxc79fb1kirh0vvi50jvjnbpla9s8lvh59xl62";
};
nativeBuildInputs = [
deepin.setupHook
pkgconfig
qmake
];
buildInputs = [
libisoburn
qtbase
];
postPatch = ''
searchHardCodedPaths # debugging
sed -i '/^QMAKE_PKGCONFIG_DESTDIR/i QMAKE_PKGCONFIG_PREFIX = $$PREFIX' \
libdisomaster/libdisomaster.pro
'';
passthru.updateScript = deepin.updateScript { inherit ;name = "${pname}-${version}"; };
meta = with stdenv.lib; {
description = "A libisoburn wrapper for Qt";
homepage = https://github.com/linuxdeepin/disomaster;
license = licenses.gpl3;
platforms = platforms.linux;
maintainers = with maintainers; [ romildo worldofpeace ];
};
}

2
pkgs/desktops/deepin/dpa-ext-gnomekeyring/default.nix
View File

@ -3,7 +3,7 @@
stdenv.mkDerivation rec {
pname = "dpa-ext-gnomekeyring";
version = "0.1.0";
version = "5.0.1";
src = fetchFromGitHub {
owner = "linuxdeepin";

11
pkgs/desktops/deepin/dtkcore/default.nix
View File

@ -2,13 +2,13 @@
mkDerivation rec {
pname = "dtkcore";
version = "2.0.14";
version = "2.1.1";
src = fetchFromGitHub {
owner = "linuxdeepin";
repo = pname;
rev = version;
sha256 = "0yc6zx8rhzg9mj2brggcsr1jy1pzfvgqy1h305y2dwnx5haazd04";
sha256 = "0xdh6mmrv8yr6mjmlwj0fv037parkkwfwlaibcbrskwxqp9iri1y";
};
nativeBuildInputs = [
@ -31,12 +31,13 @@ mkDerivation rec {
qmakeFlags = [
"DTK_VERSION=${version}"
"LIB_INSTALL_DIR=${placeholder "out"}/lib"
"MKSPECS_INSTALL_DIR=${placeholder "out"}/mkspecs"
];
postFixup = ''
chmod +x $out/lib/dtk2/*.py
wrapPythonProgramsIn "$out/lib/dtk2" "$out $pythonPath"
chmod +x $out/lib/libdtk-${version}/DCore/bin/*.py
wrapPythonProgramsIn "$out/lib/libdtk-${version}/DCore/bin" "$out $pythonPath"
searchHardCodedPaths $out # debugging
'';
@ -45,7 +46,7 @@ mkDerivation rec {
passthru.updateScript = deepin.updateScript { inherit ;name = "${pname}-${version}"; };
meta = with stdenv.lib; {
description = "Deepin tool kit core modules";
description = "Deepin tool kit core library";
homepage = https://github.com/linuxdeepin/dtkcore;
license = licenses.gpl3;
platforms = platforms.linux;

4
pkgs/desktops/deepin/dtkwidget/default.nix
View File

@ -4,13 +4,13 @@
mkDerivation rec {
pname = "dtkwidget";
version = "2.0.14";
version = "2.1.1";
src = fetchFromGitHub {
owner = "linuxdeepin";
repo = pname;
rev = version;
sha256 = "11ws0rl7rhlgwbqd4nqpqxhngf4lcyfrrdq33wzxwdlk33d69i1h";
sha256 = "0yqrm1p0k1843ldvcd79dxl26ybyl5kljl6vwhzc58sx7pw4qmvh";
};
nativeBuildInputs = [

15
pkgs/desktops/deepin/dtkwm/default.nix
View File

@ -1,15 +1,14 @@
{ stdenv, mkDerivation, fetchFromGitHub, pkgconfig, qmake, qtx11extras, dtkcore,
deepin }:
{ stdenv, mkDerivation, fetchFromGitHub, fetchpatch, pkgconfig, qmake, qtx11extras, dtkcore, deepin }:
mkDerivation rec {
pname = "dtkwm";
version = "2.0.11";
version = "2.0.12";
src = fetchFromGitHub {
owner = "linuxdeepin";
repo = pname;
rev = version;
sha256 = "10l89i84vsh5knq9wg2php7vfg5rj5c9hrrl9rjlcidn1rz8yx6f";
sha256 = "0rdzzqsggqarldwb4yp5s4sf5czicgxbdmibjn0pw32129r2d1g3";
};
nativeBuildInputs = [
@ -22,6 +21,14 @@ mkDerivation rec {
qtx11extras
];
patches = [
# Set DTK_MODULE_NAME
(fetchpatch {
url = "https://github.com/linuxdeepin/dtkwm/commit/2490891a.patch";
sha256 = "0krydxjpnaihkgs1n49b6mcf3rd3lkispcnkb1j5vpfs9hp9f48j";
})
];
outRef = placeholder "out";
qmakeFlags = [

2
pkgs/desktops/deepin/go-dbus-generator/default.nix
View File

@ -2,7 +2,7 @@
stdenv.mkDerivation rec {
pname = "go-dbus-generator";
version = "0.6.6";
version = "5.0.0";
src = fetchFromGitHub {
owner = "linuxdeepin";

4
pkgs/desktops/deepin/go-lib/default.nix
View File

@ -3,13 +3,13 @@
stdenv.mkDerivation rec {
pname = "go-lib";
version = "1.10.2";
version = "5.0.0";
src = fetchFromGitHub {
owner = "linuxdeepin";
repo = pname;
rev = version;
sha256 = "05z7ayl23cm8mbn4vkn3isy5kgwxljc26ifmzrhmnqm5yibd6lsf";
sha256 = "0j1ik5hfrysqgync8cyv815cwyjn67k8n69x6llxdp39jli1k8q0";
};
buildInputs = [

6
pkgs/desktops/deepin/qcef/default.nix
View File

@ -40,7 +40,7 @@ in
mkDerivation rec {
pname = "qcef";
version = "1.1.6";
version = "1.1.7";
srcs = [
(fetchFromGitHub {
@ -53,8 +53,8 @@ mkDerivation rec {
(fetchFromGitHub {
owner = "linuxdeepin";
repo = "cef-binary";
rev = "059a0c9cef4e289a50dc7a2f4c91fe69db95035e";
sha256 = "1h7cq63n94y2a6fprq4g63admh49rcci7avl5z9kdimkhqb2jb84";
rev = "fecf00339545d2819224333cc506d5aa22ae8008";
sha256 = "06i1zc7ciy7d0qhndiwpjrsii0x5i5hg9j6ddi4w5yf1nzgsrj4n";
name = "cef-binary";
})
];

2
pkgs/desktops/deepin/qt5integration/default.nix
View File

@ -4,7 +4,7 @@
mkDerivation rec {
pname = "qt5integration";
version = "0.3.12";
version = "5.0.0";
src = fetchFromGitHub {
owner = "linuxdeepin";

4
pkgs/desktops/deepin/udisks2-qt5/default.nix
View File

@ -2,13 +2,13 @@
mkDerivation rec {
pname = "udisks2-qt5";
version = "0.0.1";
version = "5.0.0";
src = fetchFromGitHub {
owner = "linuxdeepin";
repo = pname;
rev = version;
sha256 = "1gk4jmq7mrzk181r6man2rz1iyzkfasz7053a30h4nn24mq8ikig";
sha256 = "0mqxm6ixzpbg0rr6ly2kvnkpag8gjza67ya7jv4i4rihbq1d0wzi";
};
nativeBuildInputs = [

10
pkgs/desktops/gnome-3/core/mutter/default.nix
View File

@ -1,5 +1,5 @@
{ fetchurl, fetchpatch, substituteAll, stdenv, pkgconfig, gnome3, gettext, gobject-introspection, upower, cairo
, pango, cogl, clutter, libstartup_notification, zenity, libcanberra-gtk3
, pango, cogl, json-glib, libstartup_notification, zenity, libcanberra-gtk3
, ninja, xkeyboard_config, libxkbfile, libxkbcommon, libXtst, libinput
, gsettings-desktop-schemas, glib, gtk3, gnome-desktop
, geocode-glib, pipewire, libgudev, libwacom, xwayland, meson
@ -9,6 +9,7 @@
, wrapGAppsHook
, sysprof
, desktop-file-utils
, libcap_ng
}:
stdenv.mkDerivation rec {
@ -30,6 +31,8 @@ stdenv.mkDerivation rec {
propagatedBuildInputs = [
# required for pkgconfig to detect mutter-clutter
libXtst
json-glib
libcap_ng
];
nativeBuildInputs = [
@ -46,7 +49,7 @@ stdenv.mkDerivation rec {
buildInputs = [
glib gobject-introspection gtk3 gsettings-desktop-schemas upower
gnome-desktop cairo pango cogl clutter zenity libstartup_notification
gnome-desktop cairo pango cogl zenity libstartup_notification
geocode-glib libinput libgudev libwacom
libcanberra-gtk3 zenity xkeyboard_config libxkbfile
libxkbcommon pipewire xwayland
@ -54,6 +57,9 @@ stdenv.mkDerivation rec {
];
patches = [
# Drop inheritable cap_sys_nice, to prevent the ambient set from leaking
# from mutter/gnome-shell, see https://github.com/NixOS/nixpkgs/issues/71381
./drop-inheritable.patch
# TODO: submit upstream
./0001-build-use-get_pkgconfig_variable-for-sysprof-dbusdir.patch
(substituteAll {

132
pkgs/desktops/gnome-3/core/mutter/drop-inheritable.patch Normal file
View File

@ -0,0 +1,132 @@
From e9c772e265b2293af031c79f4bbc99b5847dfe3c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tor=20Hedin=20Br=C3=B8nner?= <torhedinbronner@gmail.com>
Date: Sat, 19 Oct 2019 13:26:05 +0200
Subject: [PATCH] drop inheritable
Adapted from https://gitlab.gnome.org/GNOME/mutter/commit/c53c47ae123b03cc66044d2b846342123ecb3a01
We only want to drop inheritable though, to prevent the ambient set leaking further than gnome-shell.
---
config.h.meson | 3 +++
meson.build | 5 +++++
meson_options.txt | 6 ++++++
src/core/main.c | 11 +++++++++++
src/meson.build | 1 +
5 files changed, 26 insertions(+)
diff --git a/config.h.meson b/config.h.meson
index 0bab71848..202fb7ed1 100644
--- a/config.h.meson
+++ b/config.h.meson
@@ -58,6 +58,9 @@
/* Xwayland applications allowed to issue keyboard grabs */
#mesondefine XWAYLAND_GRAB_DEFAULT_ACCESS_RULES
+/* Defined if libcap-ng is available */
+#mesondefine HAVE_LIBCAPNG
+
/* XKB base prefix */
#mesondefine XKB_BASE
diff --git a/meson.build b/meson.build
index 3322bd3b1..01c8020fa 100644
--- a/meson.build
+++ b/meson.build
@@ -35,6 +35,7 @@ libstartup_notification_req = '>= 0.7'
libcanberra_req = '>= 0.26'
libwacom_req = '>= 0.13'
atk_req = '>= 2.5.3'
+libcapng_req = '>= 0.7.9'
# optional version requirements
udev_req = '>= 228'
@@ -125,6 +126,7 @@ xau_dep = dependency('xau')
ice_dep = dependency('ice')
atk_dep = dependency('atk', version: atk_req)
libcanberra_dep = dependency('libcanberra', version: libcanberra_req)
+libcapng_dep = dependency('libcap-ng', required: get_option('libcapng'))
# For now always require X11 support
have_x11 = true
@@ -256,6 +258,7 @@ have_core_tests = false
have_cogl_tests = false
have_clutter_tests = false
have_installed_tests = false
+have_libcapng = libcapng_dep.found()
if have_tests
have_core_tests = get_option('core_tests')
@@ -361,6 +364,7 @@ cdata.set('HAVE_LIBWACOM', have_libwacom)
cdata.set('HAVE_SM', have_sm)
cdata.set('HAVE_STARTUP_NOTIFICATION', have_startup_notification)
cdata.set('HAVE_INTROSPECTION', have_introspection)
+cdata.set('HAVE_LIBCAPNG', have_libcapng)
cdata.set('HAVE_PROFILER', have_profiler)
xkb_base = xkeyboard_config_dep.get_pkgconfig_variable('xkb_base')
@@ -443,6 +447,7 @@ output = [
' Startup notification..... ' + have_startup_notification.to_string(),
' Introspection............ ' + have_introspection.to_string(),
' Profiler................. ' + have_profiler.to_string(),
+ ' libcap-ng................ ' + have_libcapng.to_string(),
'',
' Tests:',
'',
diff --git a/meson_options.txt b/meson_options.txt
index 73aa7adde..8bfaacd9a 100644
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -152,3 +152,9 @@ option('xwayland_grab_default_access_rules',
value: 'gnome-boxes,remote-viewer,virt-viewer,virt-manager,vinagre,vncviewer,Xephyr',
description: 'Comma delimited list of applications ressources or class allowed to issue X11 grabs in Xwayland'
)
+
+option('libcapng',
+ type: 'feature',
+ value: 'auto',
+ description: 'Enable libcap-ng support'
+)
diff --git a/src/core/main.c b/src/core/main.c
index 7f4f666d2..b27968f13 100644
--- a/src/core/main.c
+++ b/src/core/main.c
@@ -66,6 +66,10 @@
#include <girepository.h>
#endif
+#ifdef HAVE_LIBCAPNG
+#include <cap-ng.h>
+#endif
+
#if defined(HAVE_NATIVE_BACKEND) && defined(HAVE_WAYLAND)
#include <systemd/sd-login.h>
#endif /* HAVE_WAYLAND && HAVE_NATIVE_BACKEND */
@@ -673,6 +677,12 @@ meta_run (void)
if (!meta_display_open ())
meta_exit (META_EXIT_ERROR);
+#ifdef HAVE_LIBCAPNG
+ capng_clear(CAPNG_SELECT_BOTH);
+ capng_update(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED, CAP_SYS_NICE);
+ capng_apply(CAPNG_SELECT_BOTH);
+#endif
+
g_main_loop_run (meta_main_loop);
meta_finalize ();
diff --git a/src/meson.build b/src/meson.build
index 90d80734f..a9fffa2c2 100644
--- a/src/meson.build
+++ b/src/meson.build
@@ -18,6 +18,7 @@ mutter_pkg_deps = [
glib_dep,
gsettings_desktop_schemas_dep,
gtk3_dep,
+ libcapng_dep,
pango_dep,
]
--
2.23.0

2
pkgs/development/compilers/gcc/common/configure-flags.nix
View File

@ -22,7 +22,7 @@
}:
assert cloog != null -> stdenv.lib.versionOlder version "5";
assert langJava -> stdenv.lib.versionOlder version "6";
assert langJava -> stdenv.lib.versionOlder version "7";
let
inherit (stdenv)

4
pkgs/development/compilers/intel-graphics-compiler/default.nix
View File

@ -24,13 +24,13 @@ in
stdenv.mkDerivation rec {
pname = "intel-graphics-compiler";
version = "1.0.10";
version = "1.0.2714.1";
src = fetchFromGitHub {
owner = "intel";
repo = "intel-graphics-compiler";
rev = "igc-${version}";
sha256 = "1yqd2zvvvxxxzb5d3v0f03n0jdivid5l2cj11dw7ff7xz7jwiv2i";
sha256 = "0ys03sv08fg8q06lb6k5088xirnwms4nzazxp3kbdjm973n7imxc";
};
nativeBuildInputs = [ clang cmake bison flex llvm python ];

3
pkgs/development/compilers/llvm/7/llvm.nix
View File

@ -94,6 +94,9 @@ in stdenv.mkDerivation ({
rm test/tools/llvm-dwarfdump/X86/debug_addr_dwarf4.s
rm test/tools/llvm-dwarfdump/X86/debug_addr_unsupported_version.s
rm test/tools/llvm-dwarfdump/X86/debug_addr_version_mismatch.s
'' + optionalString (stdenv.hostPlatform.system == "armv6l-linux") ''
# Seems to require certain floating point hardware (NEON?)
rm test/ExecutionEngine/frem.ll
'' + ''
patchShebangs test/BugPoint/compile-custom.ll.py
'';

9
pkgs/development/compilers/llvm/9/llvm.nix
View File

@ -75,6 +75,15 @@ in stdenv.mkDerivation (rec {
rm unittests/Support/DynamicLibrary/DynamicLibraryTest.cpp
# valgrind unhappy with musl or glibc, but fails w/musl only
rm test/CodeGen/AArch64/wineh4.mir
'' + optionalString stdenv.hostPlatform.isAarch32 ''
# skip failing X86 test cases on 32-bit ARM
rm test/DebugInfo/X86/convert-debugloc.ll
rm test/DebugInfo/X86/convert-inlined.ll
rm test/DebugInfo/X86/convert-linked.ll
rm test/tools/dsymutil/X86/op-convert.test
'' + optionalString (stdenv.hostPlatform.system == "armv6l-linux") ''
# Seems to require certain floating point hardware (NEON?)
rm test/ExecutionEngine/frem.ll
'' + ''
patchShebangs test/BugPoint/compile-custom.ll.py

6
pkgs/development/compilers/purescript/purescript/default.nix
View File

@ -18,19 +18,19 @@ let
in stdenv.mkDerivation rec {
pname = "purescript";
version = "0.13.3";
version = "0.13.4";
src =
if stdenv.isDarwin
then
fetchurl {
url = "https://github.com/${pname}/${pname}/releases/download/v${version}/macos.tar.gz";
sha256 = "04ylhqadj7wnclhiar9il6fkrxmh9qkz6fpas7z3b37w4qg0gshl";
sha256 = "0rqjair1r1yr1k8rva3ly16dv5594f4s8xwpnrz9n7x3f99mk4fx";
}
else
fetchurl {
url = "https://github.com/${pname}/${pname}/releases/download/v${version}/linux64.tar.gz";
sha256 = "1xcn694qfql87pdjh09hhvfvpakzxb2hagss61vh9msqq3s96l3z";
sha256 = "1ajzi5ikgzgdfrgq36r9pc3yc6f7h0qgnqcq414zd66z08mbggng";
};

Some files were not shown because too many files have changed in this diff Show More