JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/master' into vbox-extpack

Browse Source
This commit is contained in:
(cdep)illabout 2018-08-16 00:40:09 +09:00
commit e04e92d38b
No known key found for this signature in database
GPG Key ID: 462E0C03D11422F4
547 changed files with 8151 additions and 8464 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.github/CODEOWNERS vendored
View File

@ -21,7 +21,8 @@
/pkgs/top-level/default.nix @nbp @Ericson2314
/pkgs/top-level/impure.nix @nbp @Ericson2314
/pkgs/top-level/stage.nix @nbp @Ericson2314
/pkgs/stdenv
/pkgs/stdenv/generic @Ericson2314
/pkgs/stdenv/cross @Ericson2314
/pkgs/build-support/cc-wrapper @Ericson2314 @orivej
/pkgs/build-support/bintools-wrapper @Ericson2314 @orivej
/pkgs/build-support/setup-hooks @Ericson2314

13
doc/languages-frameworks/haskell.section.md
View File

@ -1047,6 +1047,19 @@ As you can see, `packunused` finds out that although the testsuite component has
no redundant dependencies the library component of `scientific-0.3.5.1` depends
on `ghc-prim` which is unused in the library.
### Using hackage2nix with nixpkgs
Hackage package derivations are found in the
[`hackage-packages.nix`](https://github.com/NixOS/nixpkgs/blob/master/pkgs/development/haskell-modules/hackage-packages.nix)
file within `nixpkgs` and are used as the initial package set for
`haskellPackages`. The `hackage-packages.nix` file is not meant to be edited
by hand, but rather autogenerated by [`hackage2nix`](https://github.com/NixOS/cabal2nix/tree/master/hackage2nix),
which by default uses the [`configuration-hackage2nix.yaml`](https://github.com/NixOS/nixpkgs/blob/master/pkgs/development/haskell-modules/configuration-hackage2nix.yaml)
file to generate all the derivations.
To modify the contents `configuration-hackage2nix.yaml`, follow the
instructions on [`hackage2nix`](https://github.com/NixOS/cabal2nix/tree/master/hackage2nix).
## Other resources
- The Youtube video [Nix Loves Haskell](https://www.youtube.com/watch?v=BsBhi_r-OeE)

5
doc/languages-frameworks/rust.section.md
View File

@ -59,6 +59,11 @@ all crate sources of this package. Currently it is obtained by inserting a
fake checksum into the expression and building the package once. The correct
checksum can be then take from the failed build.
When the `Cargo.lock`, provided by upstream, is not in sync with the
`Cargo.toml`, it is possible to use `cargoPatches` to update it. All patches
added in `cargoPatches` will also be prepended to the patches in `patches` at
build-time.
To install crates with nix there is also an experimental project called
[nixcrates](https://github.com/fractalide/nixcrates).

7
doc/stdenv.xml
View File

@ -836,9 +836,10 @@ passthru = {
These can optionally be compressed using <command>gzip</command>
(<filename>.tar.gz</filename>, <filename>.tgz</filename> or
<filename>.tar.Z</filename>), <command>bzip2</command>
(<filename>.tar.bz2</filename> or <filename>.tbz2</filename>) or
<command>xz</command> (<filename>.tar.xz</filename> or
<filename>.tar.lzma</filename>).
(<filename>.tar.bz2</filename>, <filename>.tbz2</filename> or
<filename>.tbz</filename>) or <command>xz</command>
(<filename>.tar.xz</filename>, <filename>.tar.lzma</filename> or
<filename>.txz</filename>).
</para>
</listitem>
</varlistentry>

20
maintainers/maintainer-list.nix
View File

@ -1382,6 +1382,11 @@
github = "fps";
name = "Florian Paul Schmidt";
};
freepotion = {
email = "freepotion@protonmail.com";
github = "freepotion";
name = "Free Potion";
};
Fresheyeball = {
email = "fresheyeball@gmail.com";
github = "fresheyeball";
@ -1679,6 +1684,11 @@
github = "ikervagyok";
name = "Balázs Lengyel";
};
illegalprime = {
email = "themichaeleden@gmail.com";
github = "illegalprime";
name = "Michael Eden";
};
ilya-kolpakov = {
email = "ilya.kolpakov@gmail.com";
github = "ilya-kolpakov";
@ -1847,6 +1857,11 @@
github = "jluttine";
name = "Jaakko Luttinen";
};
jmettes = {
email = "jonathan@jmettes.com";
github = "jmettes";
name = "Jonathan Mettes";
};
Jo = {
email = "0x4A6F@shackspace.de";
name = "Joachim Ernst";
@ -2862,11 +2877,6 @@
github = "nocoolnametom";
name = "Tom Doggett";
};
nonfreeblob = {
email = "nonfreeblob@yandex.com";
github = "nonfreeblob";
name = "nonfreeblob";
};
notthemessiah = {
email = "brian.cohen.88@gmail.com";
github = "notthemessiah";

10
nixos/doc/manual/release-notes/rl-1809.xml
View File

@ -190,6 +190,16 @@ $ nix-instantiate -E '(import &lt;nixpkgsunstable&gt; {}).gitFull'
which indicates that the nix output hash will be used as tag.
</para>
</listitem>
<listitem>
<para>
Options
<literal>boot.initrd.luks.devices.<replaceable>name</replaceable>.yubikey.ramfsMountPoint</literal>
<literal>boot.initrd.luks.devices.<replaceable>name</replaceable>.yubikey.storage.mountPoint</literal>
were removed. <literal>luksroot.nix</literal> module never supported more than one YubiKey at
a time anyway, hence those options never had any effect. You should be able to remove them
from your config without any issues.
</para>
</listitem>
</itemizedlist>
</section>

2
nixos/modules/config/shells-environment.nix
View File

@ -70,7 +70,7 @@ in
description = ''
Shell script code called during global environment initialisation
after all variables and profileVariables have been set.
This code is asumed to be shell-independent, which means you should
This code is assumed to be shell-independent, which means you should
stick to pure sh without sh word split.
'';
type = types.lines;

2
nixos/modules/misc/ids.nix
View File

@ -325,6 +325,7 @@
hydron = 298;
cfssl = 299;
cassandra = 300;
qemu-libvirtd = 301;
# When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399!
@ -610,6 +611,7 @@
hydron = 298;
cfssl = 299;
cassandra = 300;
qemu-libvirtd = 301;
# When adding a gid, make sure it doesn't match an existing
# uid. Users and groups with the same name should have equal

3
nixos/modules/misc/version.nix
View File

@ -76,9 +76,6 @@ in
config = {
warnings = lib.optional (options.system.stateVersion.highestPrio > 1000)
"You don't have `system.stateVersion` explicitly set. Expect things to break.";
system.nixos = {
# These defaults are set here rather than up there so that
# changing them would not rebuild the manual

1
nixos/modules/module-list.nix
View File

@ -623,6 +623,7 @@
./services/search/hound.nix
./services/search/kibana.nix
./services/search/solr.nix
./services/security/certmgr.nix
./services/security/cfssl.nix
./services/security/clamav.nix
./services/security/fail2ban.nix

52
nixos/modules/programs/zsh/oh-my-zsh.nix
View File

@ -3,7 +3,30 @@
with lib;
let
cfg = config.programs.zsh.ohMyZsh;
mkLinkFarmEntry = name: dir:
let
env = pkgs.buildEnv {
name = "zsh-${name}-env";
paths = cfg.customPkgs;
pathsToLink = "/share/zsh/${dir}";
};
in
{ inherit name; path = "${env}/share/zsh/${dir}"; };
mkLinkFarmEntry' = name: mkLinkFarmEntry name name;
custom =
if cfg.custom != null then cfg.custom
else if length cfg.customPkgs == 0 then null
else pkgs.linkFarm "oh-my-zsh-custom" [
(mkLinkFarmEntry' "themes")
(mkLinkFarmEntry "completions" "site-functions")
(mkLinkFarmEntry' "plugins")
];
in
{
options = {
@ -34,10 +57,19 @@ in
};
custom = mkOption {
default = "";
type = types.str;
default = null;
type = with types; nullOr str;
description = ''
Path to a custom oh-my-zsh package to override config of oh-my-zsh.
(Can't be used along with `customPkgs`).
'';
};
customPkgs = mkOption {
default = [];
type = types.listOf types.package;
description = ''
List of custom packages that should be loaded into `oh-my-zsh`.
'';
};
@ -67,7 +99,7 @@ in
environment.systemPackages = [ cfg.package ];
programs.zsh.interactiveShellInit = with builtins; ''
programs.zsh.interactiveShellInit = ''
# oh-my-zsh configuration generated by NixOS
export ZSH=${cfg.package}/share/oh-my-zsh
@ -75,8 +107,8 @@ in
"plugins=(${concatStringsSep " " cfg.plugins})"
}
${optionalString (stringLength(cfg.custom) > 0)
"ZSH_CUSTOM=\"${cfg.custom}\""
${optionalString (custom != null)
"ZSH_CUSTOM=\"${custom}\""
}
${optionalString (stringLength(cfg.theme) > 0)
@ -92,5 +124,15 @@ in
source $ZSH/oh-my-zsh.sh
'';
assertions = [
{
assertion = cfg.custom != null -> cfg.customPkgs == [];
message = "If `cfg.custom` is set for `ZSH_CUSTOM`, `customPkgs` can't be used!";
}
];
};
meta.doc = ./oh-my-zsh.xml;
}

125
nixos/modules/programs/zsh/oh-my-zsh.xml Normal file
View File

@ -0,0 +1,125 @@
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="module-programs-zsh-ohmyzsh">
<title>Oh my ZSH</title>
<para><literal><link xlink:href="https://ohmyz.sh/">oh-my-zsh</link></literal> is a framework
to manage your <link xlink:href="https://www.zsh.org/">ZSH</link> configuration
including completion scripts for several CLI tools or custom prompt themes.</para>
<section><title>Basic usage</title>
<para>The module uses the <literal>oh-my-zsh</literal> package with all available features. The
initial setup using Nix expressions is fairly similar to the configuration format
of <literal>oh-my-zsh</literal>.
<programlisting>
{
programs.ohMyZsh = {
enable = true;
plugins = [ "git" "python" "man" ];
theme = "agnoster";
};
}
</programlisting>
For a detailed explanation of these arguments please refer to the
<link xlink:href="https://github.com/robbyrussell/oh-my-zsh/wiki"><literal>oh-my-zsh</literal> docs</link>.
</para>
<para>The expression generates the needed
configuration and writes it into your <literal>/etc/zshrc</literal>.
</para></section>
<section><title>Custom additions</title>
<para>Sometimes third-party or custom scripts such as a modified theme may be needed.
<literal>oh-my-zsh</literal> provides the
<link xlink:href="https://github.com/robbyrussell/oh-my-zsh/wiki/Customization#overriding-internals"><literal>ZSH_CUSTOM</literal></link>
environment variable for this which points to a directory with additional scripts.</para>
<para>The module can do this as well:
<programlisting>
{
programs.ohMyZsh.custom = "~/path/to/custom/scripts";
}
</programlisting>
</para></section>
<section><title>Custom environments</title>
<para>There are several extensions for <literal>oh-my-zsh</literal> packaged in <literal>nixpkgs</literal>.
One of them is <link xlink:href="https://github.com/spwhitt/nix-zsh-completions">nix-zsh-completions</link>
which bundles completion scripts and a plugin for <literal>oh-my-zsh</literal>.</para>
<para>Rather than using a single mutable path for <literal>ZSH_CUSTOM</literal>, it's also possible to
generate this path from a list of Nix packages:
<programlisting>
{ pkgs, ... }:
{
programs.ohMyZsh.customPkgs = with pkgs; [
pkgs.nix-zsh-completions
# and even more...
];
}
</programlisting>
Internally a single store path will be created using <literal>buildEnv</literal>.
Please refer to the docs of
<link xlink:href="https://nixos.org/nixpkgs/manual/#sec-building-environment"><literal>buildEnv</literal></link>
for further reference.</para>
<para><emphasis>Please keep in mind that this is not compatible with <literal>programs.ohMyZsh.custom</literal>
as it requires an immutable store path while <literal>custom</literal> shall remain mutable! An evaluation failure
will be thrown if both <literal>custom</literal> and <literal>customPkgs</literal> are set.</emphasis>
</para></section>
<section><title>Package your own customizations</title>
<para>If third-party customizations (e.g. new themes) are supposed to be added to <literal>oh-my-zsh</literal>
there are several pitfalls to keep in mind:</para>
<itemizedlist>
<listitem>
<para>To comply with the default structure of <literal>ZSH</literal> the entire output needs to be written to
<literal>$out/share/zsh.</literal></para>
</listitem>
<listitem>
<para>Completion scripts are supposed to be stored at <literal>$out/share/zsh/site-functions</literal>. This directory
is part of the <literal><link xlink:href="http://zsh.sourceforge.net/Doc/Release/Functions.html">fpath</link></literal>
and the package should be compatible with pure <literal>ZSH</literal> setups. The module will automatically link
the contents of <literal>site-functions</literal> to completions directory in the proper store path.</para>
</listitem>
<listitem>
<para>The <literal>plugins</literal> directory needs the structure <literal>pluginname/pluginname.plugin.zsh</literal>
as structured in the <link xlink:href="https://github.com/robbyrussell/oh-my-zsh/tree/91b771914bc7c43dd7c7a43b586c5de2c225ceb7/plugins">upstream repo.</link>
</para>
</listitem>
</itemizedlist>
<para>
A derivation for <literal>oh-my-zsh</literal> may look like this:
<programlisting>
{ stdenv, fetchFromGitHub }:
stdenv.mkDerivation rec {
name = "exemplary-zsh-customization-${version}";
version = "1.0.0";
src = fetchFromGitHub {
# path to the upstream repository
};
dontBuild = true;
installPhase = ''
mkdir -p $out/share/zsh/site-functions
cp {themes,plugins} $out/share/zsh
cp completions $out/share/zsh/site-functions
'';
}
</programlisting>
</para>
</section>
</chapter>

1
nixos/modules/rename.nix
View File

@ -256,6 +256,7 @@ with lib;
(mkRemovedOptionModule [ "fonts" "fontconfig" "forceAutohint" ] "")
(mkRemovedOptionModule [ "fonts" "fontconfig" "renderMonoTTFAsBitmap" ] "")
(mkRemovedOptionModule [ "virtualisation" "xen" "qemu" ] "You don't need this option anymore, it will work without it.")
(mkRemovedOptionModule [ "boot" "zfs" "enableLegacyCrypto" ] "The corresponding package was removed from nixpkgs.")
# ZSH
(mkRenamedOptionModule [ "programs" "zsh" "enableSyntaxHighlighting" ] [ "programs" "zsh" "syntaxHighlighting" "enable" ])

35
nixos/modules/services/desktops/geoclue2.nix
View File

@ -4,6 +4,10 @@
with lib;
let
# the demo agent isn't built by default, but we need it here
package = pkgs.geoclue2.override { withDemoAgent = config.services.geoclue2.enableDemoAgent; };
in
{
###### interface
@ -21,21 +25,42 @@ with lib;
'';
};
enableDemoAgent = mkOption {
type = types.bool;
default = true;
description = ''
Whether to use the GeoClue demo agent. This should be
overridden by desktop environments that provide their own
agent.
'';
};
};
};
###### implementation
config = mkIf config.services.geoclue2.enable {
environment.systemPackages = [ pkgs.geoclue2 ];
environment.systemPackages = [ package ];
services.dbus.packages = [ pkgs.geoclue2 ];
systemd.packages = [ pkgs.geoclue2 ];
services.dbus.packages = [ package ];
systemd.packages = [ package ];
# this needs to run as a user service, since it's associated with the
# user who is making the requests
systemd.user.services = mkIf config.services.geoclue2.enableDemoAgent {
"geoclue-agent" = {
description = "Geoclue agent";
script = "${package}/libexec/geoclue-2.0/demos/agent";
# this should really be `partOf = [ "geoclue.service" ]`, but
# we can't be part of a system service, and the agent should
# be okay with the main service coming and going
wantedBy = [ "default.target" ];
};
};
};
}

8
nixos/modules/services/editors/infinoted.nix
View File

@ -10,8 +10,8 @@ in {
package = mkOption {
type = types.package;
default = pkgs.libinfinity.override { daemon = true; };
defaultText = "pkgs.libinfinity.override { daemon = true; }";
default = pkgs.libinfinity;
defaultText = "pkgs.libinfinity";
description = ''
Package providing infinoted
'';
@ -119,7 +119,7 @@ in {
users.groups = optional (cfg.group == "infinoted")
{ name = "infinoted";
};
systemd.services.infinoted =
{ description = "Gobby Dedicated Server";
@ -129,7 +129,7 @@ in {
serviceConfig = {
Type = "simple";
Restart = "always";
ExecStart = "${cfg.package}/bin/infinoted-${versions.majorMinor cfg.package.version} --config-file=/var/lib/infinoted/infinoted.conf";
ExecStart = "${cfg.package.infinoted} --config-file=/var/lib/infinoted/infinoted.conf";
User = cfg.user;
Group = cfg.group;
PermissionsStartOnly = true;

2
nixos/modules/services/networking/dhcpcd.nix
View File

@ -161,8 +161,8 @@ in
{ description = "DHCP Client";
wantedBy = [ "multi-user.target" ] ++ optional (!hasDefaultGatewaySet) "network-online.target";
after = [ "network.target" ];
wants = [ "network.target" ];
before = [ "network.target" ];
# Stopping dhcpcd during a reconfiguration is undesirable
# because it brings down the network interfaces configured by

12
nixos/modules/services/networking/wpa_supplicant.nix
View File

@ -8,6 +8,7 @@ let
${optionalString cfg.userControlled.enable ''
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=${cfg.userControlled.group}
update_config=1''}
${cfg.extraConfig}
${concatStringsSep "\n" (mapAttrsToList (ssid: config: with config; let
key = if psk != null
then ''"${psk}"''
@ -165,6 +166,17 @@ in {
description = "Members of this group can control wpa_supplicant.";
};
};
extraConfig = mkOption {
type = types.str;
default = "";
example = ''
p2p_disabled=1
'';
description = ''
Extra lines appended to the configuration file.
See wpa_supplicant.conf(5) for available options.
'';
};
};
};

15
nixos/modules/services/networking/zerotierone.nix
View File

@ -17,6 +17,15 @@ in
'';
};
options.services.zerotierone.port = mkOption {
default = 9993;
example = 9993;
type = types.int;
description = ''
Network port used by ZeroTier.
'';
};
options.services.zerotierone.package = mkOption {
default = pkgs.zerotierone;
defaultText = "pkgs.zerotierone";
@ -40,7 +49,7 @@ in
touch "/var/lib/zerotier-one/networks.d/${netId}.conf"
'') cfg.joinNetworks);
serviceConfig = {
ExecStart = "${cfg.package}/bin/zerotier-one";
ExecStart = "${cfg.package}/bin/zerotier-one -p${toString cfg.port}";
Restart = "always";
KillMode = "process";
};
@ -49,8 +58,8 @@ in
# ZeroTier does not issue DHCP leases, but some strangers might...
networking.dhcpcd.denyInterfaces = [ "zt*" ];
# ZeroTier receives UDP transmissions on port 9993 by default
networking.firewall.allowedUDPPorts = [ 9993 ];
# ZeroTier receives UDP transmissions
networking.firewall.allowedUDPPorts = [ cfg.port ];
environment.systemPackages = [ cfg.package ];
};

194
nixos/modules/services/security/certmgr.nix Normal file
View File

@ -0,0 +1,194 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.certmgr;
specs = mapAttrsToList (n: v: rec {
name = n + ".json";
path = if isAttrs v then pkgs.writeText name (builtins.toJSON v) else v;
}) cfg.specs;
allSpecs = pkgs.linkFarm "certmgr.d" specs;
certmgrYaml = pkgs.writeText "certmgr.yaml" (builtins.toJSON {
dir = allSpecs;
default_remote = cfg.defaultRemote;
svcmgr = cfg.svcManager;
before = cfg.validMin;
interval = cfg.renewInterval;
inherit (cfg) metricsPort metricsAddress;
});
specPaths = map dirOf (concatMap (spec:
if isAttrs spec then
collect isString (filterAttrsRecursive (n: v: isAttrs v || n == "path") spec)
else
[ spec ]
) (attrValues cfg.specs));
preStart = ''
${concatStringsSep " \\\n" (["mkdir -p"] ++ map escapeShellArg specPaths)}
${pkgs.certmgr}/bin/certmgr -f ${certmgrYaml} check
'';
in
{
options.services.certmgr = {
enable = mkEnableOption "certmgr";
defaultRemote = mkOption {
type = types.str;
default = "127.0.0.1:8888";
description = "The default CA host:port to use.";
};
validMin = mkOption {
default = "72h";
type = types.str;
description = "The interval before a certificate expires to start attempting to renew it.";
};
renewInterval = mkOption {
default = "30m";
type = types.str;
description = "How often to check certificate expirations and how often to update the cert_next_expires metric.";
};
metricsAddress = mkOption {
default = "127.0.0.1";
type = types.str;
description = "The address for the Prometheus HTTP endpoint.";
};
metricsPort = mkOption {
default = 9488;
type = types.ints.u16;
description = "The port for the Prometheus HTTP endpoint.";
};
specs = mkOption {
default = {};
example = literalExample ''
{
exampleCert =
let
domain = "example.com";
secret = name: "/var/lib/secrets/''${name}.pem";
in {
service = "nginx";
action = "reload";
authority = {
file.path = secret "ca";
};
certificate = {
path = secret domain;
};
private_key = {
owner = "root";
group = "root";
mode = "0600";
path = secret "''${domain}-key";
};
request = {
CN = domain;
hosts = [ "mail.''${domain}" "www.''${domain}" ];
key = {
algo = "rsa";
size = 2048;
};
names = {
O = "Example Organization";
C = "USA";
};
};
};
otherCert = "/var/certmgr/specs/other-cert.json";
}
'';
type = with types; attrsOf (either (submodule {
options = {
service = mkOption {
type = nullOr str;
default = null;
description = "The service on which to perform &lt;action&gt; after fetching.";
};
action = mkOption {
type = addCheck str (x: cfg.svcManager == "command" || elem x ["restart" "reload" "nop"]);
default = "nop";
description = "The action to take after fetching.";
};
# These ought all to be specified according to certmgr spec def.
authority = mkOption {
type = attrs;
description = "certmgr spec authority object.";
};
certificate = mkOption {
type = nullOr attrs;
description = "certmgr spec certificate object.";
};
private_key = mkOption {
type = nullOr attrs;
description = "certmgr spec private_key object.";
};
request = mkOption {
type = nullOr attrs;
description = "certmgr spec request object.";
};
};
}) path);
description = ''
Certificate specs as described by:
<link xlink:href="https://github.com/cloudflare/certmgr#certificate-specs" />
These will be added to the Nix store, so they will be world readable.
'';
};
svcManager = mkOption {
default = "systemd";
type = types.enum [ "circus" "command" "dummy" "openrc" "systemd" "sysv" ];
description = ''
This specifies the service manager to use for restarting or reloading services.
See: <link xlink:href="https://github.com/cloudflare/certmgr#certmgryaml" />.
For how to use the "command" service manager in particular,
see: <link xlink:href="https://github.com/cloudflare/certmgr#command-svcmgr-and-how-to-use-it" />.
'';
};
};
config = mkIf cfg.enable {
assertions = [
{
assertion = cfg.specs != {};
message = "Certmgr specs cannot be empty.";
}
{
assertion = !any (hasAttrByPath [ "authority" "auth_key" ]) (attrValues cfg.specs);
message = ''
Inline services.certmgr.specs are added to the Nix store rendering them world readable.
Specify paths as specs, if you want to use include auth_key - or use the auth_key_file option."
'';
}
];
systemd.services.certmgr = {
description = "certmgr";
path = mkIf (cfg.svcManager == "command") [ pkgs.bash ];
after = [ "network-online.target" ];
wantedBy = [ "multi-user.target" ];
inherit preStart;
serviceConfig = {
Restart = "always";
RestartSec = "10s";
ExecStart = "${pkgs.certmgr}/bin/certmgr -f ${certmgrYaml}";
};
};
};
}

22
nixos/modules/services/security/vault.nix
View File

@ -1,6 +1,7 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.vault;
@ -24,15 +25,22 @@ let
${cfg.telemetryConfig}
}
''}
${cfg.extraConfig}
'';
in
{
options = {
services.vault = {
enable = mkEnableOption "Vault daemon";
package = mkOption {
type = types.package;
default = pkgs.vault;
defaultText = "pkgs.vault";
description = "This option specifies the vault package to use.";
};
address = mkOption {
type = types.str;
default = "127.0.0.1:8200";
@ -58,7 +66,7 @@ in
default = ''
tls_min_version = "tls12"
'';
description = "extra configuration";
description = "Extra text appended to the listener section.";
};
storageBackend = mkOption {
@ -84,6 +92,12 @@ in
default = "";
description = "Telemetry configuration";
};
extraConfig = mkOption {
type = types.lines;
default = "";
description = "Extra text appended to <filename>vault.hcl</filename>.";
};
};
};
@ -122,7 +136,7 @@ in
User = "vault";
Group = "vault";
PermissionsStartOnly = true;
ExecStart = "${pkgs.vault}/bin/vault server -config ${configFile}";
ExecStart = "${cfg.package}/bin/vault server -config ${configFile}";
PrivateDevices = true;
PrivateTmp = true;
ProtectSystem = "full";

10
nixos/modules/services/system/localtime.nix
View File

@ -22,14 +22,8 @@ in {
config = mkIf cfg.enable {
services.geoclue2.enable = true;
security.polkit.extraConfig = ''
polkit.addRule(function(action, subject) {
if (action.id == "org.freedesktop.timedate1.set-timezone"
&& subject.user == "localtimed") {
return polkit.Result.YES;
}
});
'';
# so polkit will pick up the rules
environment.systemPackages = [ pkgs.localtime ];
users.users = [{
name = "localtimed";

4
nixos/modules/services/web-apps/youtrack.nix
View File

@ -118,14 +118,14 @@ in
systemd.services.youtrack = {
environment.HOME = cfg.statePath;
environment.YOUTRACK_JVM_OPTS = "-Xmx${cfg.maxMemory} -XX:MaxMetaspaceSize=${cfg.maxMetaspaceSize} ${cfg.jvmOpts} ${extraAttr}";
environment.YOUTRACK_JVM_OPTS = "${extraAttr}";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "simple";
User = "youtrack";
Group = "youtrack";
ExecStart = ''${cfg.package}/bin/youtrack ${cfg.address}:${toString cfg.port}'';
ExecStart = ''${cfg.package}/bin/youtrack --J-Xmx${cfg.maxMemory} --J-XX:MaxMetaspaceSize=${cfg.maxMetaspaceSize} ${cfg.jvmOpts} ${cfg.address}:${toString cfg.port}'';
};
};

2
nixos/modules/services/x11/desktop-managers/gnome3.nix
View File

@ -97,6 +97,8 @@ in {
services.udisks2.enable = true;
services.accounts-daemon.enable = true;
services.geoclue2.enable = mkDefault true;
# GNOME should have its own geoclue agent
services.geoclue2.enableDemoAgent = false;
services.dleyna-renderer.enable = mkDefault true;
services.dleyna-server.enable = mkDefault true;
services.gnome3.at-spi2-core.enable = true;

4
nixos/modules/services/x11/display-managers/default.nix
View File

@ -56,10 +56,6 @@ let
# Start PulseAudio if enabled.
${optionalString (config.hardware.pulseaudio.enable) ''
${optionalString (!config.hardware.pulseaudio.systemWide)
"${config.hardware.pulseaudio.package.out}/bin/pulseaudio --start"
}
# Publish access credentials in the root window.
if ${config.hardware.pulseaudio.package.out}/bin/pulseaudio --dump-modules | grep module-x11-publish &> /dev/null; then
${config.hardware.pulseaudio.package.out}/bin/pactl load-module module-x11-publish "display=$DISPLAY"

1
nixos/modules/services/x11/display-managers/sddm.nix
View File

@ -265,6 +265,7 @@ in
};
environment.etc."sddm.conf".source = cfgFile;
environment.pathsToLink = [ "/share/sddm/themes" ];
users.groups.sddm.gid = config.ids.gids.sddm;

3
nixos/modules/services/x11/redshift.nix
View File

@ -116,6 +116,9 @@ in {
}
];
# needed so that .desktop files are installed, which geoclue cares about
environment.systemPackages = [ cfg.package ];
services.geoclue2.enable = mkIf (cfg.provider == "geoclue2") true;
systemd.user.services.redshift =

12
nixos/modules/services/x11/window-managers/metacity.nix
View File

@ -5,9 +5,7 @@ with lib;
let
cfg = config.services.xserver.windowManager.metacity;
xorg = config.services.xserver.package;
gnome = pkgs.gnome;
inherit (pkgs) gnome3;
in
{
@ -20,16 +18,12 @@ in
services.xserver.windowManager.session = singleton
{ name = "metacity";
start = ''
env LD_LIBRARY_PATH=${lib.makeLibraryPath [ xorg.libX11 xorg.libXext ]}:/usr/lib/
# !!! Hack: load the schemas for Metacity.
GCONF_CONFIG_SOURCE=xml::~/.gconf ${gnome.GConf.out}/bin/gconftool-2 \
--makefile-install-rule ${gnome.metacity}/etc/gconf/schemas/*.schemas # */
${gnome.metacity}/bin/metacity &
${gnome3.metacity}/bin/metacity &
waitPID=$!
'';
};
environment.systemPackages = [ gnome.metacity ];
environment.systemPackages = [ gnome3.metacity ];
};

2
nixos/modules/system/boot/loader/systemd-boot/systemd-boot-builder.py
View File

@ -42,7 +42,7 @@ def write_loader_conf(profile, generation):
else:
f.write("default nixos-generation-%d\n" % (generation))
if not @editor@:
f.write("editor 0");
f.write("editor 0\n");
f.write("console-mode @consoleMode@\n");
os.rename("@efiSysMountPoint@/loader/loader.conf.tmp", "@efiSysMountPoint@/loader/loader.conf")

333
nixos/modules/system/boot/luksroot.nix
View File

@ -5,62 +5,171 @@ with lib;
let
luks = config.boot.initrd.luks;
openCommand = name': { name, device, header, keyFile, keyFileSize, keyFileOffset, allowDiscards, yubikey, fallbackToPassword, ... }: assert name' == name; ''
commonFunctions = ''
die() {
echo "$@" >&2
exit 1
}
# Wait for a target (e.g. device, keyFile, header, ...) to appear.
wait_target() {
local name="$1"
local target="$2"
local secs="''${3:-10}"
local desc="''${4:-$name $target to appear}"
if [ ! -e $target ]; then
echo -n "Waiting 10 seconds for $name $target to appear"
echo -n "Waiting $secs seconds for $desc..."
local success=false;
for try in $(seq 10); do
for try in $(seq $secs); do
echo -n "."
sleep 1
if [ -e $target ]; then success=true break; fi
if [ -e $target ]; then
success=true
break
fi
done
if [ $success = true ]; then
if [ $success == true ]; then
echo " - success";
return 0
else
echo " - failure";
return 1
fi
fi
return 0
}
wait_yubikey() {
local secs="''${1:-10}"
ykinfo -v 1>/dev/null 2>&1
if [ $? != 0 ]; then
echo -n "Waiting $secs seconds for Yubikey to appear..."
local success=false
for try in $(seq $secs); do
echo -n .
sleep 1
ykinfo -v 1>/dev/null 2>&1
if [ $? == 0 ]; then
success=true
break
fi
done
if [ $success == true ]; then
echo " - success";
return 0
else
echo " - failure";
return 1
fi
fi
return 0
}
'';
preCommands = ''
# A place to store crypto things
# A ramfs is used here to ensure that the file used to update
# the key slot with cryptsetup will never get swapped out.
# Warning: Do NOT replace with tmpfs!
mkdir -p /crypt-ramfs
mount -t ramfs none /crypt-ramfs
# For Yubikey salt storage
mkdir -p /crypt-storage
# Disable all input echo for the whole stage. We could use read -s
# instead but that would ocasionally leak characters between read
# invocations.
stty -echo
'';
postCommands = ''
stty echo
umount /crypt-storage 2>/dev/null
umount /crypt-ramfs 2>/dev/null
'';
openCommand = name': { name, device, header, keyFile, keyFileSize, keyFileOffset, allowDiscards, yubikey, fallbackToPassword, ... }: assert name' == name;
let
csopen = "cryptsetup luksOpen ${device} ${name} ${optionalString allowDiscards "--allow-discards"} ${optionalString (header != null) "--header=${header}"}";
cschange = "cryptsetup luksChangeKey ${device} ${optionalString (header != null) "--header=${header}"}";
in ''
# Wait for luksRoot (and optionally keyFile and/or header) to appear, e.g.
# if on a USB drive.
wait_target "device" ${device}
${optionalString (keyFile != null) ''
wait_target "key file" ${keyFile}
''}
wait_target "device" ${device} || die "${device} is unavailable"
${optionalString (header != null) ''
wait_target "header" ${header}
wait_target "header" ${header} || die "${header} is unavailable"
''}
open_normally() {
echo luksOpen ${device} ${name} ${optionalString allowDiscards "--allow-discards"} \
${optionalString (header != null) "--header=${header}"} \
> /.luksopen_args
${optionalString (keyFile != null) ''
${optionalString fallbackToPassword "if [ -e ${keyFile} ]; then"}
echo " --key-file=${keyFile} ${optionalString (keyFileSize != null) "--keyfile-size=${toString keyFileSize}"}" \
"${optionalString (keyFileOffset != null) "--keyfile-offset=${toString keyFileOffset}"}" \
>> /.luksopen_args
${optionalString fallbackToPassword ''
else
echo "keyfile ${keyFile} not found -- fallback to interactive unlocking"
fi
''}
''}
cryptsetup-askpass
rm /.luksopen_args
do_open_passphrase() {
local passphrase
while true; do
echo -n "Passphrase for ${device}: "
passphrase=
while true; do
if [ -e /crypt-ramfs/passphrase ]; then
echo "reused"
passphrase=$(cat /crypt-ramfs/passphrase)
break
else
# ask cryptsetup-askpass
echo -n "${device}" > /crypt-ramfs/device
# and try reading it from /dev/console with a timeout
IFS= read -t 1 -r passphrase
if [ -n "$passphrase" ]; then
${if luks.reusePassphrases then ''
# remember it for the next device
echo -n "$passphrase" > /crypt-ramfs/passphrase
'' else ''
# Don't save it to ramfs. We are very paranoid
''}
echo
break
fi
fi
done
echo -n "Verifiying passphrase for ${device}..."
echo -n "$passphrase" | ${csopen} --key-file=-
if [ $? == 0 ]; then
echo " - success"
${if luks.reusePassphrases then ''
# we don't rm here because we might reuse it for the next device
'' else ''
rm -f /crypt-ramfs/passphrase
''}
break
else
echo " - failure"
# ask for a different one
rm -f /crypt-ramfs/passphrase
fi
done
}
${optionalString (luks.yubikeySupport && (yubikey != null)) ''
# LUKS
open_normally() {
${if (keyFile != null) then ''
if wait_target "key file" ${keyFile}; then
${csopen} --key-file=${keyFile} \
${optionalString (keyFileSize != null) "--keyfile-size=${toString keyFileSize}"} \
${optionalString (keyFileOffset != null) "--keyfile-offset=${toString keyFileOffset}"}
else
${if fallbackToPassword then "echo" else "die"} "${keyFile} is unavailable"
echo " - failing back to interactive password prompt"
do_open_passphrase
fi
'' else ''
do_open_passphrase
''}
}
${if luks.yubikeySupport && (yubikey != null) then ''
# Yubikey
rbtohex() {
( od -An -vtx1 | tr -d ' \n' )
}
@ -69,8 +178,7 @@ let
( tr '[:lower:]' '[:upper:]' | sed -e 's/\([0-9A-F]\{2\}\)/\\\\\\x\1/gI' | xargs printf )
}
open_yubikey() {
do_open_yubikey() {
# Make all of these local to this function
# to prevent their values being leaked
local salt
@ -86,19 +194,18 @@ let
local new_response
local new_k_luks
mkdir -p ${yubikey.storage.mountPoint}
mount -t ${yubikey.storage.fsType} ${toString yubikey.storage.device} ${yubikey.storage.mountPoint}
mount -t ${yubikey.storage.fsType} ${yubikey.storage.device} /crypt-storage || \
die "Failed to mount Yubikey salt storage device"
salt="$(cat ${yubikey.storage.mountPoint}${yubikey.storage.path} | sed -n 1p | tr -d '\n')"
iterations="$(cat ${yubikey.storage.mountPoint}${yubikey.storage.path} | sed -n 2p | tr -d '\n')"
salt="$(cat /crypt-storage${yubikey.storage.path} | sed -n 1p | tr -d '\n')"
iterations="$(cat /crypt-storage${yubikey.storage.path} | sed -n 2p | tr -d '\n')"
challenge="$(echo -n $salt | openssl-wrap dgst -binary -sha512 | rbtohex)"
response="$(ykchalresp -${toString yubikey.slot} -x $challenge 2>/dev/null)"
for try in $(seq 3); do
${optionalString yubikey.twoFactor ''
echo -n "Enter two-factor passphrase: "
read -s k_user
read -r k_user
echo
''}
@ -108,9 +215,9 @@ let
k_luks="$(echo | pbkdf2-sha512 ${toString yubikey.keyLength} $iterations $response | rbtohex)"
fi
echo -n "$k_luks" | hextorb | cryptsetup luksOpen ${device} ${name} ${optionalString allowDiscards "--allow-discards"} --key-file=-
echo -n "$k_luks" | hextorb | ${csopen} --key-file=-
if [ $? == "0" ]; then
if [ $? == 0 ]; then
opened=true
break
else
@ -119,11 +226,7 @@ let
fi
done
if [ "$opened" == false ]; then
umount ${yubikey.storage.mountPoint}
echo "Maximum authentication errors reached"
exit 1
fi
[ "$opened" == false ] && die "Maximum authentication errors reached"
echo -n "Gathering entropy for new salt (please enter random keys to generate entropy if this blocks for long)..."
for i in $(seq ${toString yubikey.saltLength}); do
@ -148,69 +251,52 @@ let
new_k_luks="$(echo | pbkdf2-sha512 ${toString yubikey.keyLength} $new_iterations $new_response | rbtohex)"
fi
mkdir -p ${yubikey.ramfsMountPoint}
# A ramfs is used here to ensure that the file used to update
# the key slot with cryptsetup will never get swapped out.
# Warning: Do NOT replace with tmpfs!
mount -t ramfs none ${yubikey.ramfsMountPoint}
echo -n "$new_k_luks" | hextorb > /crypt-ramfs/new_key
echo -n "$k_luks" | hextorb | ${cschange} --key-file=- /crypt-ramfs/new_key
echo -n "$new_k_luks" | hextorb > ${yubikey.ramfsMountPoint}/new_key
echo -n "$k_luks" | hextorb | cryptsetup luksChangeKey ${device} --key-file=- ${yubikey.ramfsMountPoint}/new_key
if [ $? == "0" ]; then
echo -ne "$new_salt\n$new_iterations" > ${yubikey.storage.mountPoint}${yubikey.storage.path}
if [ $? == 0 ]; then
echo -ne "$new_salt\n$new_iterations" > /crypt-storage${yubikey.storage.path}
else
echo "Warning: Could not update LUKS key, current challenge persists!"
fi
rm -f ${yubikey.ramfsMountPoint}/new_key
umount ${yubikey.ramfsMountPoint}
rm -rf ${yubikey.ramfsMountPoint}
umount ${yubikey.storage.mountPoint}
rm -f /crypt-ramfs/new_key
umount /crypt-storage
}
${optionalString (yubikey.gracePeriod > 0) ''
echo -n "Waiting ${toString yubikey.gracePeriod} seconds as grace..."
for i in $(seq ${toString yubikey.gracePeriod}); do
sleep 1
echo -n .
done
echo "ok"
''}
open_yubikey() {
if wait_yubikey ${toString yubikey.gracePeriod}; then
do_open_yubikey
else
echo "No yubikey found, falling back to non-yubikey open procedure"
open_normally
fi
}
yubikey_missing=true
ykinfo -v 1>/dev/null 2>&1
if [ $? != "0" ]; then
echo -n "waiting 10 seconds for yubikey to appear..."
for try in $(seq 10); do
sleep 1
ykinfo -v 1>/dev/null 2>&1
if [ $? == "0" ]; then
yubikey_missing=false
break
fi
echo -n .
done
echo "ok"
else
yubikey_missing=false
fi
if [ "$yubikey_missing" == true ]; then
echo "no yubikey found, falling back to non-yubikey open procedure"
open_normally
else
open_yubikey
fi
''}
# open luksRoot and scan for logical volumes
${optionalString ((!luks.yubikeySupport) || (yubikey == null)) ''
open_yubikey
'' else ''
open_normally
''}
'';
askPass = pkgs.writeScriptBin "cryptsetup-askpass" ''
#!/bin/sh
${commonFunctions}
while true; do
wait_target "luks" /crypt-ramfs/device 10 "LUKS to request a passphrase" || die "Passphrase is not requested now"
device=$(cat /crypt-ramfs/device)
echo -n "Passphrase for $device: "
IFS= read -rs passphrase
echo
rm /crypt-ramfs/device
echo -n "$passphrase" > /crypt-ramfs/passphrase
done
'';
preLVM = filterAttrs (n: v: v.preLVM) luks.devices;
postLVM = filterAttrs (n: v: !v.preLVM) luks.devices;
@ -256,6 +342,22 @@ in
'';
};
boot.initrd.luks.reusePassphrases = mkOption {
type = types.bool;
default = true;
description = ''
When opening a new LUKS device try reusing last successful
passphrase.
Useful for mounting a number of devices that use the same
passphrase without retyping it several times.
Such setup can be useful if you use <command>cryptsetup
luksSuspend</command>. Different LUKS devices will still have
different master keys even when using the same passphrase.
'';
};
boot.initrd.luks.devices = mkOption {
default = { };
example = { "luksroot".device = "/dev/disk/by-uuid/430e9eff-d852-4f68-aa3b-2fa3599ebe08"; };
@ -397,15 +499,9 @@ in
};
gracePeriod = mkOption {
default = 2;
default = 10;
type = types.int;
description = "Time in seconds to wait before attempting to find the Yubikey.";
};
ramfsMountPoint = mkOption {
default = "/crypt-ramfs";
type = types.str;
description = "Path where the ramfs used to update the LUKS key will be mounted during early boot.";
description = "Time in seconds to wait for the Yubikey.";
};
/* TODO: Add to the documentation of the current module:
@ -428,12 +524,6 @@ in
description = "The filesystem of the unencrypted device.";
};
mountPoint = mkOption {
default = "/crypt-storage";
type = types.str;
description = "Path where the unencrypted device will be mounted during early boot.";
};
path = mkOption {
default = "/crypt-storage/default";
type = types.str;
@ -446,8 +536,8 @@ in
};
});
};
}; }));
};
}));
};
boot.initrd.luks.yubikeySupport = mkOption {
@ -477,18 +567,8 @@ in
# copy the cryptsetup binary and it's dependencies
boot.initrd.extraUtilsCommands = ''
copy_bin_and_libs ${pkgs.cryptsetup}/bin/cryptsetup
cat > $out/bin/cryptsetup-askpass <<EOF
#!$out/bin/sh -e
if [ -e /.luksopen_args ]; then
cryptsetup \$(cat /.luksopen_args)
killall -q cryptsetup
else
echo "Passphrase is not requested now"
exit 1
fi
EOF
chmod +x $out/bin/cryptsetup-askpass
copy_bin_and_libs ${askPass}/bin/cryptsetup-askpass
sed -i s,/bin/sh,$out/bin/sh, $out/bin/cryptsetup-askpass
${optionalString luks.yubikeySupport ''
copy_bin_and_libs ${pkgs.yubikey-personalization}/bin/ykchalresp
@ -520,8 +600,9 @@ in
''}
'';
boot.initrd.preLVMCommands = concatStrings (mapAttrsToList openCommand preLVM);
boot.initrd.postDeviceCommands = concatStrings (mapAttrsToList openCommand postLVM);
boot.initrd.preFailCommands = postCommands;
boot.initrd.preLVMCommands = commonFunctions + preCommands + concatStrings (mapAttrsToList openCommand preLVM) + postCommands;
boot.initrd.postDeviceCommands = commonFunctions + preCommands + concatStrings (mapAttrsToList openCommand postLVM) + postCommands;
environment.systemPackages = [ pkgs.cryptsetup ];
};

8
nixos/modules/system/boot/stage-1.nix
View File

@ -248,6 +248,14 @@ let
isExecutable = true;
postInstall = ''
echo checking syntax
# check both with bash
${pkgs.bash}/bin/sh -n $target
# and with ash shell, just in case
${extraUtils}/bin/ash -n $target
'';
inherit udevRules extraUtils modulesClosure;
inherit (config.boot) resumeDevice;

35
nixos/modules/tasks/filesystems/zfs.nix
View File

@ -23,12 +23,8 @@ let
kernel = config.boot.kernelPackages;
packages = if config.boot.zfs.enableLegacyCrypto then {
spl = kernel.splLegacyCrypto;
zfs = kernel.zfsLegacyCrypto;
zfsUser = pkgs.zfsLegacyCrypto;
} else if config.boot.zfs.enableUnstable then {
spl = kernel.splUnstable;
packages = if config.boot.zfs.enableUnstable then {
spl = null;
zfs = kernel.zfsUnstable;
zfsUser = pkgs.zfsUnstable;
} else {
@ -117,27 +113,6 @@ in
'';
};
enableLegacyCrypto = mkOption {
type = types.bool;
default = false;
description = ''
Enabling this option will allow you to continue to use the old format for
encrypted datasets. With the inclusion of stability patches the format of
encrypted datasets has changed. They can still be accessed and mounted but
in read-only mode mounted. It is highly recommended to convert them to
the new format.
This option is only for convenience to people that cannot convert their
datasets to the new format yet and it will be removed in due time.
For migration strategies from old format to this new one, check the Wiki:
https://nixos.wiki/wiki/NixOS_on_ZFS#Encrypted_Dataset_Format_Change
See https://github.com/zfsonlinux/zfs/pull/6864 for more details about
the stability patches.
'';
};
extraPools = mkOption {
type = types.listOf types.str;
default = [];
@ -350,12 +325,12 @@ in
virtualisation.lxd.zfsSupport = true;
boot = {
kernelModules = [ "spl" "zfs" ] ;
extraModulePackages = with packages; [ spl zfs ];
kernelModules = [ "zfs" ] ++ optional (!cfgZfs.enableUnstable) "spl";
extraModulePackages = with packages; [ zfs ] ++ optional (!cfgZfs.enableUnstable) spl;
};
boot.initrd = mkIf inInitrd {
kernelModules = [ "spl" "zfs" ];
kernelModules = [ "zfs" ] ++ optional (!cfgZfs.enableUnstable) "spl";
extraUtilsCommands =
''
copy_bin_and_libs ${packages.zfsUser}/sbin/zfs

24
nixos/modules/virtualisation/libvirtd.nix
View File

@ -17,6 +17,10 @@ let
${optionalString cfg.qemuOvmf ''
nvram = ["/run/libvirt/nix-ovmf/OVMF_CODE.fd:/run/libvirt/nix-ovmf/OVMF_VARS.fd"]
''}
${optionalString (!cfg.qemuRunAsRoot) ''
user = "qemu-libvirtd"
group = "qemu-libvirtd"
''}
${cfg.qemuVerbatimConfig}
'';
@ -56,6 +60,18 @@ in {
'';
};
virtualisation.libvirtd.qemuRunAsRoot = mkOption {
type = types.bool;
default = true;
description = ''
If true, libvirtd runs qemu as root.
If false, libvirtd runs qemu as unprivileged user qemu-libvirtd.
Changing this option to false may cause file permission issues
for existing guests. To fix these, manually change ownership
of affected files in /var/lib/libvirt/qemu to qemu-libvirtd.
'';
};
virtualisation.libvirtd.qemuVerbatimConfig = mkOption {
type = types.lines;
default = ''
@ -110,6 +126,14 @@ in {
users.groups.libvirtd.gid = config.ids.gids.libvirtd;
# libvirtd runs qemu as this user and group by default
users.extraGroups.qemu-libvirtd.gid = config.ids.gids.qemu-libvirtd;
users.extraUsers.qemu-libvirtd = {
uid = config.ids.uids.qemu-libvirtd;
isNormalUser = false;
group = "qemu-libvirtd";
};
systemd.packages = [ pkgs.libvirt ];
systemd.services.libvirtd = {

11
nixos/modules/virtualisation/virtualbox-host.nix
View File

@ -5,7 +5,7 @@ with lib;
let
cfg = config.virtualisation.virtualbox.host;
virtualbox = pkgs.virtualbox.override {
virtualbox = cfg.package.override {
inherit (cfg) enableHardening headless;
extensionPack = if cfg.enableExtensionPack then pkgs.virtualboxExtpack else null;
};
@ -40,6 +40,15 @@ in
'';
};
package = mkOption {
type = types.package;
default = pkgs.virtualbox;
defaultText = "pkgs.virtualbox";
description = ''
Which VirtualBox package to use.
'';
};
addNetworkInterface = mkOption {
type = types.bool;
default = true;

1
nixos/release.nix
View File

@ -256,6 +256,7 @@ in rec {
tests.buildbot = callTest tests/buildbot.nix {};
tests.cadvisor = callTestOnMatchingSystems ["x86_64-linux"] tests/cadvisor.nix {};
tests.ceph = callTestOnMatchingSystems ["x86_64-linux"] tests/ceph.nix {};
tests.certmgr = callSubTests tests/certmgr.nix {};
tests.cfssl = callTestOnMatchingSystems ["x86_64-linux"] tests/cfssl.nix {};
tests.chromium = (callSubTestsOnMatchingSystems ["x86_64-linux"] tests/chromium.nix {}).stable or {};
tests.cjdns = callTest tests/cjdns.nix {};

148
nixos/tests/certmgr.nix Normal file
View File

@ -0,0 +1,148 @@
{ system ? builtins.currentSystem }:
with import ../lib/testing.nix { inherit system; };
let
mkSpec = { host, service ? null, action }: {
inherit action;
authority = {
file = {
group = "nobody";
owner = "nobody";
path = "/tmp/${host}-ca.pem";
};
label = "www_ca";
profile = "three-month";
remote = "localhost:8888";
};
certificate = {
group = "nobody";
owner = "nobody";
path = "/tmp/${host}-cert.pem";
};
private_key = {
group = "nobody";
mode = "0600";
owner = "nobody";
path = "/tmp/${host}-key.pem";
};
request = {
CN = host;
hosts = [ host "www.${host}" ];
key = {
algo = "rsa";
size = 2048;
};
names = [
{
C = "US";
L = "San Francisco";
O = "Example, LLC";
ST = "CA";
}
];
};
inherit service;
};
mkCertmgrTest = { svcManager, specs, testScript }: makeTest {
name = "certmgr-" + svcManager;
nodes = {
machine = { config, lib, pkgs, ... }: {
networking.firewall.allowedTCPPorts = with config.services; [ cfssl.port certmgr.metricsPort ];
networking.extraHosts = "127.0.0.1 imp.example.org decl.example.org";
services.cfssl.enable = true;
systemd.services.cfssl.after = [ "cfssl-init.service" "networking.target" ];
systemd.services.cfssl-init = {
description = "Initialize the cfssl CA";
wantedBy = [ "multi-user.target" ];
serviceConfig = {
User = "cfssl";
Type = "oneshot";
WorkingDirectory = config.services.cfssl.dataDir;
};
script = ''
${pkgs.cfssl}/bin/cfssl genkey -initca ${pkgs.writeText "ca.json" (builtins.toJSON {
hosts = [ "ca.example.com" ];
key = {
algo = "rsa"; size = 4096; };
names = [
{
C = "US";
L = "San Francisco";
O = "Internet Widgets, LLC";
OU = "Certificate Authority";
ST = "California";
}
];
})} | ${pkgs.cfssl}/bin/cfssljson -bare ca
'';
};
services.nginx = {
enable = true;
virtualHosts = lib.mkMerge (map (host: {
${host} = {
sslCertificate = "/tmp/${host}-cert.pem";
sslCertificateKey = "/tmp/${host}-key.pem";
extraConfig = ''
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
'';
onlySSL = true;
serverName = host;
root = pkgs.writeTextDir "index.html" "It works!";
};
}) [ "imp.example.org" "decl.example.org" ]);
};
systemd.services.nginx.wantedBy = lib.mkForce [];
systemd.services.certmgr.after = [ "cfssl.service" ];
services.certmgr = {
enable = true;
inherit svcManager;
inherit specs;
};
};
};
inherit testScript;
};
in
{
systemd = mkCertmgrTest {
svcManager = "systemd";
specs = {
decl = mkSpec { host = "decl.example.org"; service = "nginx"; action ="restart"; };
imp = toString (pkgs.writeText "test.json" (builtins.toJSON (
mkSpec { host = "imp.example.org"; service = "nginx"; action = "restart"; }
)));
};
testScript = ''
$machine->waitForUnit('cfssl.service');
$machine->waitUntilSucceeds('ls /tmp/decl.example.org-ca.pem');
$machine->waitUntilSucceeds('ls /tmp/decl.example.org-key.pem');
$machine->waitUntilSucceeds('ls /tmp/decl.example.org-cert.pem');
$machine->waitUntilSucceeds('ls /tmp/imp.example.org-ca.pem');
$machine->waitUntilSucceeds('ls /tmp/imp.example.org-key.pem');
$machine->waitUntilSucceeds('ls /tmp/imp.example.org-cert.pem');
$machine->waitForUnit('nginx.service');
$machine->succeed('[ "1" -lt "$(journalctl -u nginx | grep "Starting Nginx" | wc -l)" ]');
$machine->succeed('curl --cacert /tmp/imp.example.org-ca.pem https://imp.example.org');
$machine->succeed('curl --cacert /tmp/decl.example.org-ca.pem https://decl.example.org');
'';
};
command = mkCertmgrTest {
svcManager = "command";
specs = {
test = mkSpec { host = "command.example.org"; action = "touch /tmp/command.executed"; };
};
testScript = ''
$machine->waitForUnit('cfssl.service');
$machine->waitUntilSucceeds('stat /tmp/command.executed');
'';
};
}

13
nixos/tests/hydra/default.nix
View File

@ -2,14 +2,11 @@ import ../make-test.nix ({ pkgs, ...} :
let
trivialJob = pkgs.writeTextDir "trivial.nix" ''
with import <nix/config.nix>;
{ trivial = builtins.derivation {
name = "trivial";
system = "x86_64-linux";
PATH = coreutils;
builder = shell;
args = ["-c" "touch $out; exit 0"];
builder = "/bin/sh";
args = ["-c" "echo success > $out; exit 0"];
};
}
'';
@ -27,7 +24,7 @@ let
in {
name = "hydra-init-localdb";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ pstn lewo ];
maintainers = [ pstn lewo ma27 ];
};
machine =
@ -50,6 +47,8 @@ in {
hostName = "localhost";
systems = [ "x86_64-linux" ];
}];
binaryCaches = [];
};
};
@ -74,5 +73,5 @@ in {
$machine->succeed("create-trivial-project.sh");
$machine->waitUntilSucceeds('curl -L -s http://localhost:3000/build/1 -H "Accept: application/json" | jq .buildstatus | xargs test 0 -eq');
'';
'';
})

2
nixos/tests/installer.nix
View File

@ -467,7 +467,7 @@ in {
enableOCR = true;
preBootCommands = ''
$machine->start;
$machine->waitForText(qr/Enter passphrase/);
$machine->waitForText(qr/Passphrase for/);
$machine->sendChars("supersecret\n");
'';
};

2
nixos/tests/yabar.nix
View File

@ -1,4 +1,4 @@
import ./make-test.nix ({ pkgs, lib }:
import ./make-test.nix ({ pkgs, lib, ... }:
with lib;

5
pkgs/applications/altcoins/namecoin.nix
View File

@ -1,4 +1,4 @@
{ stdenv, fetchFromGitHub, openssl, boost, libevent, autoreconfHook, db4, miniupnpc, eject, pkgconfig, qt4, protobuf, libqrencode
{ stdenv, fetchFromGitHub, openssl, boost, libevent, autoreconfHook, db4, miniupnpc, eject, pkgconfig, qt4, protobuf, libqrencode, hexdump
, withGui }:
with stdenv.lib;
@ -16,6 +16,7 @@ stdenv.mkDerivation rec {
nativeBuildInputs = [
autoreconfHook
pkgconfig
hexdump
];
buildInputs = [
@ -31,6 +32,8 @@ stdenv.mkDerivation rec {
libqrencode
];
enableParallelBuilding = true;
configureFlags = [
"--with-boost-libdir=${boost.out}/lib"
];

6
pkgs/applications/audio/MMA/default.nix
View File

@ -1,4 +1,4 @@
{ stdenv, fetchurl, makeWrapper, python, alsaUtils, timidity }:
{ stdenv, fetchurl, makeWrapper, python3, alsaUtils, timidity }:
stdenv.mkDerivation rec {
version = "16.06";
@ -9,7 +9,7 @@
sha256 = "1g4gvc0nr0qjc0fyqrnx037zpaasgymgmrm5s7cdxqnld9wqw8ww";
};
buildInputs = [ makeWrapper python alsaUtils timidity ];
buildInputs = [ makeWrapper python3 alsaUtils timidity ];
patchPhase = ''
sed -i 's@/usr/bin/aplaymidi@/${alsaUtils}/bin/aplaymidi@g' mma-splitrec
@ -18,7 +18,7 @@
sed -i 's@/usr/bin/arecord@/${alsaUtils}/bin/arecord@g' util/mma-splitrec.py
sed -i 's@/usr/bin/timidity@/${timidity}/bin/timidity@g' mma-splitrec
sed -i 's@/usr/bin/timidity@/${timidity}/bin/timidity@g' util/mma-splitrec.py
find . -type f | xargs sed -i 's@/usr/bin/env python@${python}/bin/python@g'
find . -type f | xargs sed -i 's@/usr/bin/env python@${python3.interpreter}@g'
'';
installPhase = ''

4
pkgs/applications/audio/mopidy/iris.nix
View File

@ -2,11 +2,11 @@
pythonPackages.buildPythonApplication rec {
pname = "Mopidy-Iris";
version = "3.23.0";
version = "3.23.2";
src = pythonPackages.fetchPypi {
inherit pname version;
sha256 = "1zhd82mzbzc9jx7xhglgq0giyy214ypq1rw5kmhp5zswv71hf2j0";
sha256 = "1zf4ck19z3nh1x9a847ay1qnkyvi6s6866kp6q6dh1xpn7i9rmx7";
};
propagatedBuildInputs = [

15
pkgs/applications/audio/paprefs/default.nix
View File

@ -1,21 +1,16 @@
{ fetchurl, stdenv, pkgconfig, pulseaudioFull, gtkmm2, libglademm
, dbus-glib, GConf, gconfmm, intltool }:
{ fetchurl, stdenv, meson, ninja, gettext, pkgconfig, pulseaudioFull, gtkmm3, dbus-glib, wrapGAppsHook }:
stdenv.mkDerivation rec {
name = "paprefs-0.9.10";
name = "paprefs-1.0";
src = fetchurl {
url = "https://freedesktop.org/software/pulseaudio/paprefs/${name}.tar.xz";
sha256 = "1c5b3sb881szavly220q31g7rvpn94wr7ywlk00hqb9zaikml716";
sha256 = "0y77i9gaaassvvjrpwb4xbgqcmr51zmj5rh4z8zm687i5izf84md";
};
buildInputs = [ pulseaudioFull gtkmm2 libglademm dbus-glib gconfmm ];
nativeBuildInputs = [ meson ninja gettext pkgconfig wrapGAppsHook ];
nativeBuildInputs = [ pkgconfig intltool ];
propagatedUserEnvPkgs = [ GConf ];
configureFlags = [ "--disable-lynx" ];
buildInputs = [ pulseaudioFull gtkmm3 dbus-glib ];
meta = with stdenv.lib; {
description = "PulseAudio Preferences";

1
pkgs/applications/audio/pianobar/default.nix
View File

@ -23,6 +23,5 @@ stdenv.mkDerivation rec {
homepage = http://6xq.net/projects/pianobar/;
platforms = platforms.linux;
license = licenses.mit; # expat version
maintainers = with maintainers; [ eduarrrd ];
};
}

4
pkgs/applications/audio/pulseeffects/default.nix
View File

@ -42,13 +42,13 @@ let
];
in stdenv.mkDerivation rec {
name = "pulseeffects-${version}";
version = "4.2.3";
version = "4.2.6";
src = fetchFromGitHub {
owner = "wwmm";
repo = "pulseeffects";
rev = "v${version}";
sha256 = "0s3lc0xkr48wzk0b6akq4yw19n0iwfi9jyji8bpdgj5y7kjg5mqm";
sha256 = "1b5h760bb1wgn4avirjjri5fcfqvnsr076qnhrdiqcic3vgircsm";
};
nativeBuildInputs = [

4
pkgs/applications/audio/qjackctl/default.nix
View File

@ -1,14 +1,14 @@
{ stdenv, fetchurl, pkgconfig, alsaLib, libjack2, dbus, qtbase, qttools, qtx11extras }:
stdenv.mkDerivation rec {
version = "0.5.2";
version = "0.5.3";
name = "qjackctl-${version}";
# some dependencies such as killall have to be installed additionally
src = fetchurl {
url = "mirror://sourceforge/qjackctl/${name}.tar.gz";
sha256 = "0nqr5f82lry3i4if8wdmrqsw84m45ijyj4psll30plxx5732zzaz";
sha256 = "0x08af8m5l8qy9av3dlldsg58ny9nc69h1s4i6hqkvj24jwy6fw1";
};
buildInputs = [

4
pkgs/applications/audio/qsampler/default.nix
View File

@ -3,11 +3,11 @@
stdenv.mkDerivation rec {
name = "qsampler-${version}";
version = "0.5.1";
version = "0.5.2";
src = fetchurl {
url = "mirror://sourceforge/qsampler/${name}.tar.gz";
sha256 = "18j4cwmn7waih9x5b66cba2aa85spqqp507bf19ahsb5gl358yhh";
sha256 = "0xb0j57k03pkdl7yl5mcv1i21ljnxcq6b9h3zp6mris916lj45zq";
};
nativeBuildInputs = [ autoconf automake libtool pkgconfig qttools ];

4
pkgs/applications/audio/setbfree/default.nix
View File

@ -4,11 +4,11 @@
stdenv.mkDerivation rec {
name = "setbfree-${version}";
version = "0.8.5";
version = "0.8.7";
src = fetchurl {
url = "https://github.com/pantherb/setBfree/archive/v${version}.tar.gz";
sha256 = "0qfccny0hh9lq54272mzmxvfz2jmzcgigjkjwn6v9h6n00gi5bw4";
sha256 = "07s320r67cz0cdjdsbcwn0fw3xs0wz7lgrybqpws2skvkbls228q";
};
patchPhase = ''

4
pkgs/applications/audio/x42-plugins/default.nix
View File

@ -3,12 +3,12 @@
, libGLU, lv2, gtk2, cairo, pango, fftwFloat, zita-convolver }:
stdenv.mkDerivation rec {
version = "20180320";
version = "20180803";
name = "x42-plugins-${version}";
src = fetchurl {
url = "https://gareus.org/misc/x42-plugins/${name}.tar.xz";
sha256 = "167ly9nxqq3g0j35i9jv9rvd8qp4i9ncfcjxmg972cp6q8ak8mdl";
sha256 = "1v7p6vnkcbzyvmcysabhmn603cndzx9mwzaw5dppy4wd687vhgis";
};
nativeBuildInputs = [ pkgconfig ];

1
pkgs/applications/display-managers/sddm/default.nix
View File

@ -62,5 +62,6 @@ in mkDerivation rec {
homepage = https://github.com/sddm/sddm;
maintainers = with maintainers; [ abbradar ttuegel ];
platforms = platforms.linux;
license = licenses.gpl2Plus;
};
}

1
pkgs/applications/display-managers/slim/default.nix
View File

@ -50,5 +50,6 @@ stdenv.mkDerivation rec {
meta = {
homepage = https://sourceforge.net/projects/slim.berlios/; # berlios shut down; I found no replacement yet
platforms = stdenv.lib.platforms.linux;
license = stdenv.lib.licenses.gpl2;
};
}

28
pkgs/applications/editors/gobby/default.nix
View File

@ -1,26 +1,22 @@
{ avahiSupport ? false # build support for Avahi in libinfinity
, gnomeSupport ? false # build support for Gnome(gnome-vfs)
, stdenv, fetchurl, pkgconfig
, gtkmm2, gsasl, gtksourceview, libxmlxx, libinfinity, intltool
, gnome_vfs ? null}:
, stdenv, fetchurl, fetchFromGitHub, autoconf, automake, pkgconfig, wrapGAppsHook
, gtkmm3, gsasl, gtksourceview3, libxmlxx, libinfinity, intltool, itstool, gnome3 }:
let
libinf = libinfinity.override { gtkWidgets = true; inherit avahiSupport; };
in stdenv.mkDerivation rec {
name = "gobby-0.5.0";
src = fetchurl {
url = "http://releases.0x539.de/gobby/${name}.tar.gz";
sha256 = "165x0r668ma5blziisvbr8qig3jw9hf7i6w8r7wwvz3wsac3bswc";
name = "gobby-unstable-2018-04-03";
src = fetchFromGitHub {
owner = "gobby";
repo = "gobby";
rev = "ea4df27c9b6b885434797b0071ce198b23f9f63b";
sha256 = "0q7lq64yn16lxvj4jphs8y9194h0xppj8k7y9x8b276krraak2az";
};
nativeBuildInputs = [ pkgconfig ];
buildInputs = [ gtkmm2 gsasl gtksourceview libxmlxx libinf intltool ]
++ stdenv.lib.optional gnomeSupport gnome_vfs;
configureFlags = ''
'';
nativeBuildInputs = [ autoconf automake pkgconfig intltool itstool gnome3.yelp-tools wrapGAppsHook ];
buildInputs = [ gtkmm3 gsasl gtksourceview3 libxmlxx libinf ];
preConfigure = "./autogen.sh";
meta = with stdenv.lib; {
homepage = http://gobby.0x539.de/;

40
pkgs/applications/editors/jetbrains/default.nix
View File

@ -249,12 +249,12 @@ in
clion = buildClion rec {
name = "clion-${version}";
version = "2018.2"; /* updated by script */
version = "2018.2.1"; /* updated by script */
description = "C/C++ IDE. New. Intelligent. Cross-platform";
license = stdenv.lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/cpp/CLion-${version}.tar.gz";
sha256 = "08kjlmldnd6rnk8m12klfp9vbkbvcsgaknpi55r248nzglnbx9gz"; /* updated by script */
sha256 = "16fr5760nkzgx8785x6hh7s96x097y6vdx7w1f9ipg71vv25cscq"; /* updated by script */
};
wmClass = "jetbrains-clion";
update-channel = "CLion Release"; # channel's id as in http://www.jetbrains.com/updates/updates.xml
@ -262,12 +262,12 @@ in
datagrip = buildDataGrip rec {
name = "datagrip-${version}";
version = "2018.2"; /* updated by script */
version = "2018.2.1"; /* updated by script */
description = "Your Swiss Army Knife for Databases and SQL";
license = stdenv.lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/datagrip/${name}.tar.gz";
sha256 = "1byf46vni8s6qf3wlsnscxipgndl6ic48nizwiaqasnhhszqssxs"; /* updated by script */
sha256 = "1jfkxr790wr8ffn7ph694hfzahs2akjcfk4rfsvjv1dccqb0167k"; /* updated by script */
};
wmClass = "jetbrains-datagrip";
update-channel = "DataGrip 2018.2";
@ -275,12 +275,12 @@ in
goland = buildGoland rec {
name = "goland-${version}";
version = "2018.2"; /* updated by script */
version = "2018.2.1"; /* updated by script */
description = "Up and Coming Go IDE";
license = stdenv.lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/go/${name}.tar.gz";
sha256 = "0z7a06892c3hcq5zxvkfnyf0ablwq51710x1f12v6r297l4mfra0"; /* updated by script */
sha256 = "0k96v00cbxkgxs9xby5m4dxl4w2kkm2lii54z1hqjwqmc9kxa2ia"; /* updated by script */
};
wmClass = "jetbrains-goland";
update-channel = "GoLand Release";
@ -288,12 +288,12 @@ in
idea-community = buildIdea rec {
name = "idea-community-${version}";
version = "2018.2"; /* updated by script */
version = "2018.2.1"; /* updated by script */
description = "Integrated Development Environment (IDE) by Jetbrains, community edition";
license = stdenv.lib.licenses.asl20;
src = fetchurl {
url = "https://download.jetbrains.com/idea/ideaIC-${version}.tar.gz";
sha256 = "0r5fsai77w74vhfs449yff56pi4vynl8w25amn23k6hddlqxph2s"; /* updated by script */
sha256 = "04dqyzkkrwvcdy1raard77v2315d44h29cpc9p98bjidvjd6bhsx"; /* updated by script */
};
wmClass = "jetbrains-idea-ce";
update-channel = "IntelliJ IDEA Release";
@ -301,12 +301,12 @@ in
idea-ultimate = buildIdea rec {
name = "idea-ultimate-${version}";
version = "2018.2"; /* updated by script */
version = "2018.2.1"; /* updated by script */
description = "Integrated Development Environment (IDE) by Jetbrains, requires paid license";
license = stdenv.lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/idea/ideaIU-${version}-no-jdk.tar.gz";
sha256 = "1xq97dcf7xcs8fsrjsqqrzxf2gnrll8bbqkzrpg85bqxap0hvb45"; /* updated by script */
sha256 = "0ydidg9pk8bqf5jb1z0fw2m88v6mi38b4ddgmh5c9d9p44g6mddv"; /* updated by script */
};
wmClass = "jetbrains-idea";
update-channel = "IntelliJ IDEA Release";
@ -314,12 +314,12 @@ in
phpstorm = buildPhpStorm rec {
name = "phpstorm-${version}";
version = "2018.2"; /* updated by script */
version = "2018.2.1"; /* updated by script */
description = "Professional IDE for Web and PHP developers";
license = stdenv.lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/webide/PhpStorm-${version}.tar.gz";
sha256 = "15czwk15c1gnf7xrgm423xafsw55083dd6g15g69zs0l9psrss31"; /* updated by script */
sha256 = "042qhdkl4v5q4cdbqfbiwj6s3acivdb5kmbyn4jix8pg8r37yfnm"; /* updated by script */
};
wmClass = "jetbrains-phpstorm";
update-channel = "PhpStorm 2018.2";
@ -327,12 +327,12 @@ in
pycharm-community = buildPycharm rec {
name = "pycharm-community-${version}";
version = "2018.2"; /* updated by script */
version = "2018.2.1"; /* updated by script */
description = "PyCharm Community Edition";
license = stdenv.lib.licenses.asl20;
src = fetchurl {
url = "https://download.jetbrains.com/python/${name}.tar.gz";
sha256 = "0a5dsr2piw0vgm9lvc2k18sdnvii55xdyi90z95hzg5syhsm1a94"; /* updated by script */
sha256 = "14vnwqk0x0anvzmdv2ddc3qc9g5fll2ql02mi12k425j30fl2z2q"; /* updated by script */
};
wmClass = "jetbrains-pycharm-ce";
update-channel = "PyCharm Release";
@ -340,12 +340,12 @@ in
pycharm-professional = buildPycharm rec {
name = "pycharm-professional-${version}";
version = "2018.2"; /* updated by script */
version = "2018.2.1"; /* updated by script */
description = "PyCharm Professional Edition";
license = stdenv.lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/python/${name}.tar.gz";
sha256 = "0azjrbxpwank09i7riflbkgrgm23f0q6hgisca6d14ldcbr933aj"; /* updated by script */
sha256 = "1h4f9l577w2ps0y79x79yhpbrsv3j5nwr1lr1890phmp6zri6wyf"; /* updated by script */
};
wmClass = "jetbrains-pycharm";
update-channel = "PyCharm Release";
@ -366,12 +366,12 @@ in
ruby-mine = buildRubyMine rec {
name = "ruby-mine-${version}";
version = "2018.2"; /* updated by script */
version = "2018.2.1"; /* updated by script */
description = "The Most Intelligent Ruby and Rails IDE";
license = stdenv.lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/ruby/RubyMine-${version}.tar.gz";
sha256 = "0la83cqf3aknrc62ddpij0gg50rws5l2g4iasyrvfhn4wnmj6n4q"; /* updated by script */
sha256 = "1gwcadjgs4cw5i3h1xn92ng415vzr5cxyrpgckr1qy37d5f4bhqg"; /* updated by script */
};
wmClass = "jetbrains-rubymine";
update-channel = "RubyMine 2018.2";
@ -379,12 +379,12 @@ in
webstorm = buildWebStorm rec {
name = "webstorm-${version}";
version = "2018.2"; /* updated by script */
version = "2018.2.1"; /* updated by script */
description = "Professional IDE for Web and JavaScript development";
license = stdenv.lib.licenses.unfree;
src = fetchurl {
url = "https://download.jetbrains.com/webstorm/WebStorm-${version}.tar.gz";
sha256 = "024schngx26ik8cvmkijfzzmpkajckl2dbyz31ajnmixpn07pwi6"; /* updated by script */
sha256 = "1jbzkp13qn4n58kbcsszm2gfnywjma2yvn48g0vi14v7x6zihhxd"; /* updated by script */
};
wmClass = "jetbrains-webstorm";
update-channel = "WebStorm Release";

6
pkgs/applications/editors/kakoune/default.nix
View File

@ -4,12 +4,12 @@ with stdenv.lib;
stdenv.mkDerivation rec {
name = "kakoune-unstable-${version}";
version = "2018-05-21";
version = "2018-08-05";
src = fetchFromGitHub {
repo = "kakoune";
owner = "mawww";
rev = "878d2a4bdb674a5e7703a66e530520f48efba641";
sha256 = "0pwy6ilsb62s1792gjyvhvq8shj60l8lx26b58zvpfb54an4s6rk";
rev = "ae75032936ed9ffa2bf14589fef115d3d684a7c6";
sha256 = "1qm6i8vzr4wjxxdvhr54pan0ysxq1sn880bz8p2w9y6qa91yd3m3";
};
nativeBuildInputs = [ pkgconfig ];
buildInputs = [ ncurses asciidoc docbook_xsl libxslt ];

1
pkgs/applications/editors/nedit/default.nix
View File

@ -28,5 +28,6 @@ stdenv.mkDerivation rec {
meta = with stdenv.lib; {
homepage = https://sourceforge.net/projects/nedit;
platforms = with platforms; linux ++ darwin;
license = licenses.gpl2;
};
}

4
pkgs/applications/editors/sigil/default.nix
View File

@ -6,10 +6,10 @@
stdenv.mkDerivation rec {
name = "sigil-${version}";
version = "0.9.9";
version = "0.9.10";
src = fetchFromGitHub {
sha256 = "01pvc7k54mx5c7h1qiw92d4j459psv7n9xg94qbinf8vmpvkrcbw";
sha256 = "11r7043kbqv67z1aqk929scsg6yllldpl8icl32dw3dai7f1c658";
rev = version;
repo = "Sigil";
owner = "Sigil-Ebook";

6
pkgs/applications/editors/vim/configurable.nix
View File

@ -6,6 +6,7 @@ args@{ source ? "default", callPackage, fetchurl, stdenv, ncurses, pkgconfig, ge
, libICE
, vimPlugins
, makeWrapper
, wrapGAppsHook
# apple frameworks
, CoreServices, CoreData, Cocoa, Foundation, libobjc, cf-private
@ -122,6 +123,7 @@ in stdenv.mkDerivation rec {
++ stdenv.lib.optional wrapPythonDrv makeWrapper
++ stdenv.lib.optional nlsSupport gettext
++ stdenv.lib.optional perlSupport perl
++ stdenv.lib.optional (guiSupport == "gtk3") wrapGAppsHook
;
buildInputs = [ ncurses libX11 libXext libSM libXpm libXt libXaw libXau
@ -152,6 +154,10 @@ in stdenv.mkDerivation rec {
ln -sfn '${nixosRuntimepath}' "$out"/share/vim/vimrc
'' + stdenv.lib.optionalString wrapPythonDrv ''
wrapProgram "$out/bin/vim" --prefix PATH : "${python}/bin"
'' + stdenv.lib.optionalString (guiSupport == "gtk3") ''
rm "$out/bin/gvim"
echo -e '#!${stdenv.shell}\n"'"$out/bin/vim"'" -g "$@"' > "$out/bin/gvim"
chmod a+x "$out/bin/gvim"
'';
preInstall = ''

8
pkgs/applications/editors/vscode/default.nix
View File

@ -2,7 +2,7 @@
gtk2, makeWrapper, libXScrnSaver, libxkbfile, libsecret }:
let
version = "1.25.1";
version = "1.26.0";
channel = "stable";
plat = {
@ -12,9 +12,9 @@ let
}.${stdenv.system};
sha256 = {
"i686-linux" = "1qljnajk4h9ki5gvydh1b557fvhvcryvkrvypvz0pr804lpdqsmg";
"x86_64-linux" = "0f1lpwyxfchmbymzzxv97w9cy1z5pdljhwm49mc5v84aygmvnmjq";
"x86_64-darwin" = "1dgda1drij1c114xzv4hs44k7rx4x1vzghlxgii0h2rg641n6pbn";
"i686-linux" = "fd150bee8e1be4f5461013b8fee19f855200d046643e4ea5387aad170ad5f12b";
"x86_64-linux" = "618ca429e23777ef6b512c0cbd78bc711a7cf6f58752d9f805ced1dc62abb8f0";
"x86_64-darwin" = "07c2d678596e4e1f0bdf35b7d72a6d46851bf169d89f134fa73ff4f9007efbc3";
}.${stdenv.system};
archive_fmt = if stdenv.system == "x86_64-darwin" then "zip" else "tar.gz";

3
pkgs/applications/graphics/dosage/default.nix
View File

@ -1,4 +1,4 @@
{ pythonPackages, fetchFromGitHub }:
{ stdenv, pythonPackages, fetchFromGitHub }:
pythonPackages.buildPythonApplication rec {
pname = "dosage";
@ -23,5 +23,6 @@ pythonPackages.buildPythonApplication rec {
meta = {
description = "A comic strip downloader and archiver";
homepage = https://dosage.rocks/;
license = stdenv.lib.licenses.mit;
};
}

1
pkgs/applications/graphics/jbrout/default.nix
View File

@ -37,5 +37,6 @@ in pythonPackages.buildPythonApplication rec {
homepage = http://manatlan.com/jbrout/;
description = "Photo manager";
platforms = stdenv.lib.platforms.linux;
license = stdenv.lib.licenses.gpl2Plus;
};
}

23
pkgs/applications/graphics/meshlab/default.nix
View File

@ -1,10 +1,13 @@
{ stdenv, fetchFromGitHub, libGLU, qtbase, qtscript, qtxmlpatterns }:
{ fetchFromGitHub, libGLU, llvmPackages, qtbase, qtscript, qtxmlpatterns }:
let
meshlabRev = "5700f5474c8f90696a8925e2a209a0a8ab506662";
vcglibRev = "a8e87662b63ee9f4ded5d4699b28d74183040803";
meshlabRev = "d596d7c086c51fbdfb56050f9c30b55dd0286d4c";
vcglibRev = "6c3c940e34327322507c703889f9f1cfa73ab183";
# ^ this should be the latest commit in the vcglib devel branch at the time of the meshlab revision
stdenv = llvmPackages.stdenv; # only building with clang seems to be tested upstream
in stdenv.mkDerivation {
name = "meshlab-2016.12";
name = "meshlab-20180627-beta";
srcs =
[
@ -12,31 +15,32 @@ in stdenv.mkDerivation {
owner = "cnr-isti-vclab";
repo = "meshlab";
rev = meshlabRev;
sha256 = "0srrp7zhi86dsg4zsx1615gr26barz38zdl8s03zq6vm1dgzl3cc";
sha256 = "0xi7wiyy0yi545l5qvccbqahlcsf70mhx829gf7bq29640si4rax";
name = "meshlab-${meshlabRev}";
})
(fetchFromGitHub {
owner = "cnr-isti-vclab";
repo = "vcglib";
rev = vcglibRev;
sha256 = "0jh8jc8rn7rci8qr3q03q574fk2hsc3rllysck41j8xkr3rmxz2f";
sha256 = "0jfgjvf21y9ncmyr7caipy3ardhig7hh9z8miy885c99b925hhwd";
name = "vcglib-${vcglibRev}";
})
];
sourceRoot = "meshlab-${meshlabRev}";
patches = [ ./fix-2016.02.patch ];
hardeningDisable = [ "format" ];
enableParallelBuilding = true;
patches = [ ./fix-20180627-beta.patch ];
buildPhase = ''
# MeshLab has ../vcglib hardcoded everywhere, so move the source dir
mv ../vcglib-${vcglibRev} ../vcglib
cd src
export NIX_LDFLAGS="-rpath $out/opt/meshlab $NIX_LDFLAGS"
export QMAKESPEC="linux-clang"
pushd external
qmake -recursive external.pro
@ -53,7 +57,7 @@ in stdenv.mkDerivation {
ln -s $out/opt/meshlab/meshlabserver $out/bin/meshlabserver
'';
buildInputs = [ libGLU qtbase qtscript qtxmlpatterns ];
buildInputs = [ libGLU llvmPackages.openmp qtbase qtscript qtxmlpatterns ];
meta = {
description = "A system for processing and editing 3D triangular meshes.";
@ -61,6 +65,5 @@ in stdenv.mkDerivation {
license = stdenv.lib.licenses.gpl3;
maintainers = with stdenv.lib.maintainers; [viric];
platforms = with stdenv.lib.platforms; linux;
broken = true; # 2018-04-11
};
}

88
pkgs/applications/graphics/meshlab/fix-2016.02.patch
View File

@ -1,88 +0,0 @@
From 0fd17cd2b6d57e8a2a981a70115c2565ee076d0f Mon Sep 17 00:00:00 2001
From: Marco Callieri <callieri@isti.cnr.it>
Date: Mon, 9 Jan 2017 16:06:14 +0100
Subject: [PATCH 1/3] resolved ambiguity for abs overloads
diff --git a/src/meshlabplugins/edit_quality/eqhandle.cpp b/src/meshlabplugins/edit_quality/eqhandle.cpp
index 364d53bf..ef3d4a2d 100644
--- a/src/meshlabplugins/edit_quality/eqhandle.cpp
+++ b/src/meshlabplugins/edit_quality/eqhandle.cpp
@@ -83,7 +83,7 @@ void EqHandle::mouseMoveEvent(QGraphicsSceneMouseEvent *event)
setCursor(Qt::OpenHandCursor);
QPointF newPos = event->scenePos();
- qreal handleOffset = abs(newPos.x()-pos().x());
+ qreal handleOffset = std::fabs(newPos.x()-pos().x());
if (handleOffset >= std::numeric_limits<float>::epsilon())
{
--
2.15.0
From 33cfd5801e59b6c9e34360c75112e6dcb88d807b Mon Sep 17 00:00:00 2001
From: Marco Callieri <callieri@isti.cnr.it>
Date: Tue, 10 Jan 2017 10:05:05 +0100
Subject: [PATCH 2/3] again, fabs ambiguity
diff --git a/src/meshlabplugins/edit_quality/eqhandle.cpp b/src/meshlabplugins/edit_quality/eqhandle.cpp
index ef3d4a2d..d29f8c45 100644
--- a/src/meshlabplugins/edit_quality/eqhandle.cpp
+++ b/src/meshlabplugins/edit_quality/eqhandle.cpp
@@ -30,6 +30,7 @@ FIRST RELEASE
#include "eqhandle.h"
#include <QMouseEvent>
#include <QGraphicsSceneMouseEvent>
+#include <math.h>
EqHandle::EqHandle(CHART_INFO *environment_info, QColor color, QPointF position,
EQUALIZER_HANDLE_TYPE type, EqHandle** handles, qreal* midHandlePercentilePosition, QDoubleSpinBox* spinbox,
@@ -83,7 +84,7 @@ void EqHandle::mouseMoveEvent(QGraphicsSceneMouseEvent *event)
setCursor(Qt::OpenHandCursor);
QPointF newPos = event->scenePos();
- qreal handleOffset = std::fabs(newPos.x()-pos().x());
+ qreal handleOffset = fabs(newPos.x()-pos().x());
if (handleOffset >= std::numeric_limits<float>::epsilon())
{
--
2.15.0
From d717e44f4134ebee03322a6a2a56fce626084a3c Mon Sep 17 00:00:00 2001
From: Patrick Chilton <chpatrick@gmail.com>
Date: Mon, 4 Dec 2017 21:27:23 +0100
Subject: [PATCH 3/3] io_TXT -> io_txt
diff --git a/src/meshlab_full.pro b/src/meshlab_full.pro
index 6ea7f1db..2a95c127 100644
--- a/src/meshlab_full.pro
+++ b/src/meshlab_full.pro
@@ -16,7 +16,7 @@ SUBDIRS = common \
meshlabplugins/io_x3d \
meshlabplugins/io_expe \
meshlabplugins/io_pdb \
- plugins_experimental/io_TXT \
+ plugins_experimental/io_txt \
# Filter plugins
meshlabplugins/filter_aging \
meshlabplugins/filter_ao \
diff --git a/src/plugins_experimental/io_TXT/io_txt.cpp b/src/plugins_experimental/io_txt/io_txt.cpp
similarity index 100%
rename from src/plugins_experimental/io_TXT/io_txt.cpp
rename to src/plugins_experimental/io_txt/io_txt.cpp
diff --git a/src/plugins_experimental/io_TXT/io_txt.h b/src/plugins_experimental/io_txt/io_txt.h
similarity index 100%
rename from src/plugins_experimental/io_TXT/io_txt.h
rename to src/plugins_experimental/io_txt/io_txt.h
diff --git a/src/plugins_experimental/io_TXT/io_txt.pro b/src/plugins_experimental/io_txt/io_txt.pro
similarity index 100%
rename from src/plugins_experimental/io_TXT/io_txt.pro
rename to src/plugins_experimental/io_txt/io_txt.pro
--
2.15.0

25
pkgs/applications/graphics/meshlab/fix-20180627-beta.patch Normal file
View File

@ -0,0 +1,25 @@
diff --git a/src/meshlabplugins/edit_paint/paintbox.cpp b/src/meshlabplugins/edit_paint/paintbox.cpp
index 2097a5b..6bcd1a4 100644
--- a/src/meshlabplugins/edit_paint/paintbox.cpp
+++ b/src/meshlabplugins/edit_paint/paintbox.cpp
@@ -23,6 +23,7 @@
#include "paintbox.h"
#include <QFileDialog>
+#include <QAction>
Paintbox::Paintbox(QWidget * parent, Qt::WindowFlags flags) : QWidget(parent, flags)
{
diff --git a/src/meshlabplugins/render_gdp/shaderDialog.h b/src/meshlabplugins/render_gdp/shaderDialog.h
index a62d3b5..7eb1594 100644
--- a/src/meshlabplugins/render_gdp/shaderDialog.h
+++ b/src/meshlabplugins/render_gdp/shaderDialog.h
@@ -32,6 +32,8 @@
#include "shaderStructs.h"
#include "ui_shaderDialog.h"
#include <QMap>
+#include <QSlider>
+#include <QLineEdit>
class QGLWidget;

1
pkgs/applications/graphics/photoqt/default.nix
View File

@ -31,6 +31,5 @@ stdenv.mkDerivation rec {
description = "Simple, yet powerful and good looking image viewer";
license = stdenv.lib.licenses.gpl2Plus;
platforms = stdenv.lib.platforms.unix;
maintainers = [ stdenv.lib.maintainers.eduarrrd ];
};
}

8
pkgs/applications/graphics/processing3/default.nix
View File

@ -1,14 +1,14 @@
{ stdenv, fetchFromGitHub, fetchurl, xmlstarlet, makeWrapper, ant, jdk, rsync, javaPackages, libXxf86vm, gsettings-desktop-schemas }:
stdenv.mkDerivation rec {
version = "3.3.7";
version = "3.4";
name = "processing3-${version}";
src = fetchFromGitHub {
owner = "processing";
repo = "processing";
rev = "processing-0264-3.3.7";
sha256 = "0a20z19lmc4xarfnr7xshcmlv3xkc2dgjxknis0iv79gxnwlqhpq";
rev = "processing-0265-${version}";
sha256 = "12wpxgn2wd5vbasx9584w5yb1s319smq1zh8m7dvp7gkqw9plwp4";
};
nativeBuildInputs = [ ant rsync makeWrapper ];
@ -23,7 +23,7 @@ stdenv.mkDerivation rec {
${xmlstarlet}/bin/xmlstarlet ed --inplace -P -d '//get[@src="http://download.processing.org/reference.zip"]' build/build.xml
install -D -m0444 ${fetchurl {
url = http://download.processing.org/reference.zip;
sha256 = "104zig026y8vbl4qksmscjq0bms8mi2jmri1ijdlbkxcqnv9bnlf";
sha256 = "0dli1bdgw8hsx7g7b048ap81v2za9maa6pfcwdqm3qkfypr8q7pr";
}
} ./java/reference.zip

4
pkgs/applications/misc/calibre/default.nix
View File

@ -5,12 +5,12 @@
}:
stdenv.mkDerivation rec {
version = "3.28.0";
version = "3.29.0";
name = "calibre-${version}";
src = fetchurl {
url = "https://download.calibre-ebook.com/${version}/${name}.tar.xz";
sha256 = "0b3vv03c6m6972sk8zj3zc5sq6b9837irnfgjlqhv9z5i75m0414";
sha256 = "1r29vi8j51r0nnzpjbg34ryvizzkn31sq1iz7z748wjfgr87wmyh";
};
patches = [

1
pkgs/applications/misc/cointop/default.nix
View File

@ -26,5 +26,6 @@ buildGoPackage rec {
homepage = https://cointop.sh;
platforms = stdenv.lib.platforms.linux; # cannot test others
maintainers = [ ];
license = stdenv.lib.licenses.asl20;
};
}

4
pkgs/applications/misc/dbeaver/default.nix
View File

@ -7,7 +7,7 @@
stdenv.mkDerivation rec {
name = "dbeaver-ce-${version}";
version = "5.1.4";
version = "5.1.5";
desktopItem = makeDesktopItem {
name = "dbeaver";
@ -30,7 +30,7 @@ stdenv.mkDerivation rec {
src = fetchurl {
url = "https://dbeaver.io/files/${version}/dbeaver-ce-${version}-linux.gtk.x86_64.tar.gz";
sha256 = "14i7b3l89rkhqq4zgsdbvcs9pp60djv0rjbm86fpk2wi4zkrlzi5";
sha256 = "17ai2gxnz1wj5m282sib9qhvy3665km2ig1ixxdklmk8apgdl1xr";
};
installPhase = ''

1
pkgs/applications/misc/dfilemanager/default.nix
View File

@ -20,6 +20,5 @@ stdenv.mkDerivation {
description = "File manager written in Qt/C++";
license = stdenv.lib.licenses.gpl2;
platforms = stdenv.lib.platforms.unix;
maintainers = [ stdenv.lib.maintainers.eduarrrd ];
};
}

1
pkgs/applications/misc/fetchmail/default.nix
View File

@ -29,5 +29,6 @@ stdenv.mkDerivation {
platforms = stdenv.lib.platforms.unix;
maintainers = [ stdenv.lib.maintainers.peti ];
license = stdenv.lib.licenses.gpl2Plus;
};
}

6
pkgs/applications/misc/gutenberg/default.nix
View File

@ -2,16 +2,16 @@
rustPlatform.buildRustPackage rec {
name = "gutenberg-${version}";
version = "0.4.0";
version = "0.4.1";
src = fetchFromGitHub {
owner = "Keats";
repo = "gutenberg";
rev = "v${version}";
sha256 = "1i2jcyq6afswxyjifhl5irv84licsad7c83yiy17454mplvrmyg2";
sha256 = "0is7156aim2ad8xg2f5068crc4gfvm89x8gxa25vc25p0yr1bpla";
};
cargoSha256 = "0hzxwvb5m8mvpfxys4ikkaag6khflh5bfglmay11wf6ayighv834";
cargoSha256 = "146vlr85n9d06am5ki76fh1vb5r8a4lzx5b7dmgi292kc3dsn41z";
nativeBuildInputs = [ cmake pkgconfig openssl ];
buildInputs = stdenv.lib.optionals stdenv.isDarwin [ CoreServices cf-private ];

27
pkgs/applications/misc/img2pdf/default.nix Normal file
View File

@ -0,0 +1,27 @@
{ stdenv, python3Packages }:
with python3Packages;
buildPythonApplication rec {
pname = "img2pdf";
version = "0.3.1";
src = fetchPypi {
inherit pname version;
sha256 = "071s3gf28nb8ifxkix7dzjny6vib7791mnp0v3f4zagcjcic22a4";
};
doCheck = false; # needs pdfrw
propagatedBuildInputs = [
pillow
];
meta = with stdenv.lib; {
description = "Convert images to PDF via direct JPEG inclusion";
homepage = https://gitlab.mister-muffin.de/josch/img2pdf;
license = licenses.lgpl2;
platforms = platforms.unix;
maintainers = [ maintainers.veprbl ];
};
}

4
pkgs/applications/misc/josm/default.nix
View File

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
name = "josm-${version}";
version = "14026";
version = "14066";
src = fetchurl {
url = "https://josm.openstreetmap.de/download/josm-snapshot-${version}.jar";
sha256 = "1ysi23j2yj5b6cn3xdsrl4xp56klpw4xa7c4gv90z2dllx06mqli";
sha256 = "06mhaz5vr19ydqc5irhgcbl0s8fifwvaq60iz2nsnlxb1pw89xia";
};
buildInputs = [ jre10 makeWrapper ];

8
pkgs/applications/misc/keepass-plugins/keeagent/default.nix
View File

@ -1,19 +1,19 @@
{ stdenv, buildEnv, fetchzip, mono }:
let
version = "0.8.1";
version = "0.10.1";
drv = stdenv.mkDerivation {
name = "keeagent-${version}";
src = fetchzip {
url = http://lechnology.com/wp-content/uploads/2016/07/KeeAgent_v0.8.1.zip;
sha256 = "16x1qrnzg0xkvi7w29wj3z0ldmql2vcbwxksbsmnidzmygwg98hk";
url = "https://lechnology.com/wp-content/uploads/2018/04/KeeAgent_v0.10.1.zip";
sha256 = "0j7az6l9wcr8z66mfplkxwydd4bgz2p2vd69xncf0nxlfb0lshh7";
stripRoot = false;
};
meta = {
description = "KeePass plugin to allow other programs to access SSH keys stored in a KeePass database for authentication";
homepage = http://lechnology.com/software/keeagent;
homepage = "http://lechnology.com/software/keeagent";
platforms = with stdenv.lib.platforms; linux;
license = stdenv.lib.licenses.gpl2;
maintainers = [ ];

29
pkgs/applications/misc/latte-dock/default.nix
View File

@ -1,28 +1,31 @@
{ mkDerivation, lib, cmake, xorg, plasma-framework, fetchFromGitHub
, extra-cmake-modules, karchive, kwindowsystem, qtx11extras, kcrash }:
{ mkDerivation, lib, cmake, xorg, plasma-framework, fetchurl
, extra-cmake-modules, karchive, kwindowsystem, qtx11extras, kcrash, knewstuff }:
let version = "0.7.5"; in
mkDerivation rec {
pname = "latte-dock";
version = "0.8.0";
name = "${pname}-${version}";
mkDerivation {
name = "latte-dock-${version}";
src = fetchFromGitHub {
owner = "psifidotos";
repo = "Latte-Dock";
rev = "v${version}";
sha256 = "0fblbx6qk4miag1mhiyns7idsw03p9pj3xc3xxxnb5rpj1fy0ifv";
src = fetchurl {
url = "https://download.kde.org/stable/${pname}/${name}.tar.xz";
sha256 = "1zg9r162r66vcvj5rzgy61mda89sk5yfy96g5p1aahbim0rgbdbs";
name = "${name}.tar.xz";
};
buildInputs = [ plasma-framework xorg.libpthreadstubs xorg.libXdmcp xorg.libSM ];
nativeBuildInputs = [ extra-cmake-modules cmake karchive kwindowsystem
qtx11extras kcrash ];
qtx11extras kcrash knewstuff ];
meta = with lib; {
description = "Dock-style app launcher based on Plasma frameworks";
homepage = https://github.com/psifidotos/Latte-Dock;
license = licenses.gpl2;
platforms = platforms.unix;
maintainers = [ maintainers.benley ];
maintainers = [ maintainers.benley maintainers.ysndr ];
};
}

38
pkgs/applications/misc/masterpdfeditor/default.nix
View File

@ -1,35 +1,41 @@
{ stdenv, fetchurl, sane-backends, qtbase, qtsvg, autoPatchelfHook }:
{ stdenv, fetchurl, sane-backends, qtbase, qtsvg, nss, autoPatchelfHook }:
let
version = "4.3.89";
version = "5.1.12";
in stdenv.mkDerivation {
name = "masterpdfeditor-${version}";
src = fetchurl {
url = "https://code-industry.net/public/master-pdf-editor-${version}_qt5.amd64.tar.gz";
sha256 = "0k5bzlhqglskiiq86nmy18mnh5bf2w3mr9cq3pibrwn5pisxnxxc";
sha256 = "1i3pdrhnlj06phm36gs42s6b94pigcfb8wa5dhmplxn0dqp434hq";
};
nativeBuildInputs = [ autoPatchelfHook ];
buildInputs = [ sane-backends qtbase qtsvg ];
buildInputs = [ nss qtbase qtsvg sane-backends stdenv.cc.cc ];
dontStrip = true;
installPhase = ''
p=$out/opt/masterpdfeditor
mkdir -p $out/bin $p $out/share/applications $out/share/pixmaps
runHook preInstall
substituteInPlace masterpdfeditor4.desktop \
--replace 'Exec=/opt/master-pdf-editor-4' "Exec=$out/bin" \
--replace 'Path=/opt/master-pdf-editor-4' "Path=$out/bin" \
--replace 'Icon=/opt/master-pdf-editor-4' "Icon=$out/share/pixmaps"
cp -v masterpdfeditor4.png $out/share/pixmaps/
cp -v masterpdfeditor4.desktop $out/share/applications
p=$out/opt/masterpdfeditor
mkdir -p $out/bin
cp -v masterpdfeditor4 $p/
ln -s $p/masterpdfeditor4 $out/bin/masterpdfeditor4
cp -v -r stamps templates lang fonts $p
substituteInPlace masterpdfeditor5.desktop \
--replace 'Exec=/opt/master-pdf-editor-5' "Exec=$out/bin" \
--replace 'Path=/opt/master-pdf-editor-5' "Path=$out/bin" \
--replace 'Icon=/opt/master-pdf-editor-5' "Icon=$out/share/pixmaps"
install -D license.txt $out/share/$name/LICENSE
install -Dm644 -t $out/share/pixmaps masterpdfeditor5.png
install -Dm644 -t $out/share/applications masterpdfeditor5.desktop
install -Dm755 -t $p masterpdfeditor5
install -Dm644 license.txt $out/share/$name/LICENSE
ln -s $p/masterpdfeditor5 $out/bin/masterpdfeditor5
cp -v -r stamps templates lang fonts $p
runHook postInstall
'';
meta = with stdenv.lib; {

4
pkgs/applications/misc/mdp/default.nix
View File

@ -1,14 +1,14 @@
{ stdenv, fetchFromGitHub, ncurses }:
stdenv.mkDerivation rec {
version = "1.0.12";
version = "1.0.13";
name = "mdp-${version}";
src = fetchFromGitHub {
owner = "visit1985";
repo = "mdp";
rev = version;
sha256 = "04izj9i9rxmgswjh2iawqs6qglfv44zfv042smmcvfh1pm43361i";
sha256 = "0snmglsmgfavgv6cnlb0j54sr0paf570ajpwk1b3g81v078hz2aq";
};
makeFlags = [ "PREFIX=$(out)" ];

6
pkgs/applications/misc/memo/default.nix
View File

@ -1,4 +1,5 @@
{ fetchFromGitHub, silver-searcher, tree, man, stdenv,
git,
pandocSupport ? true, pandoc ? null
, ... }:
@ -8,13 +9,13 @@ stdenv.mkDerivation rec {
name = "memo-${version}";
version = "0.5";
version = "0.6";
src = fetchFromGitHub {
owner = "mrVanDalo";
repo = "memo";
rev = "${version}";
sha256 = "1kq8hmq4lgvkk717nhmdryr90g61xm0jm7y8dzya8jsxsn531gm8";
sha256 = "1cvjs36f6vxzfz5d63yhyw8j7gdw5hn6cfzccf7ag08lamjhfhbr";
};
installPhase = let
@ -28,6 +29,7 @@ stdenv.mkDerivation rec {
--replace "ack_cmd=ack" "ack_cmd=${silver-searcher}/bin/ag" \
--replace "tree_cmd=tree" "tree_cmd=${tree}/bin/tree" \
--replace "man_cmd=man" "man_cmd=${man}/bin/man" \
--replace "git_cmd=git" "git_cmd=${git}/bin/git" \
--replace "pandoc_cmd=pandoc" "${pandocReplacement}"
mv memo $out/bin/
mv doc/memo.1 $out/share/man/man1/memo.1

159
pkgs/applications/misc/mysql-workbench/default.nix
View File

@ -1,118 +1,95 @@
{ stdenv, fetchurl, makeWrapper, cmake, pkgconfig
, glibc, gnome-keyring, gtk, gtkmm, pcre, swig, sudo
, mysql, libxml2, libctemplate, libmysqlconnectorcpp
, vsqlite, tinyxml, gdal, libiodbc, libpthreadstubs
, libXdmcp, libuuid, libzip, libgnome-keyring, file
, pythonPackages, jre, autoconf, automake, libtool
, boost, glibmm, libsigcxx, pangomm, libX11, openssl
, proj, cairo, libglade
{ stdenv, fetchurl, substituteAll, cmake, ninja, pkgconfig
, glibc, gtk3, gtkmm3, pcre, swig, antlr4_7, sudo
, mysql, libxml2, libmysqlconnectorcpp
, vsqlite, gdal, libiodbc, libpthreadstubs
, libXdmcp, libuuid, libzip, libsecret, libssh
, python2, jre
, boost, libsigcxx, libX11, openssl
, proj, cairo, libxkbcommon, epoxy, wrapGAppsHook
, at-spi2-core, dbus, bash, coreutils
}:
let
inherit (pythonPackages) pexpect pycrypto python paramiko;
inherit (python2.pkgs) paramiko pycairo pyodbc;
in stdenv.mkDerivation rec {
pname = "mysql-workbench";
version = "6.3.8";
version = "8.0.12";
name = "${pname}-${version}";
src = fetchurl {
url = "http://dev.mysql.com/get/Downloads/MySQLGUITools/mysql-workbench-community-${version}-src.tar.gz";
sha256 = "1bxd828nrawmym6d8awh1vrni8dsbwh1k5am1lrq5ihp5c3kw9ka";
sha256 = "0d6k1kw0bi3q5dlilzlgds1gcrlf7pis4asm3d6pssh2jmn5hh82";
};
nativeBuildInputs = [ pkgconfig ];
buildInputs = [ cmake gnome-keyring gtk gtk.dev gtkmm pcre swig python sudo
paramiko mysql libxml2 libctemplate libmysqlconnectorcpp vsqlite tinyxml gdal libiodbc file
libpthreadstubs libXdmcp libuuid libzip libgnome-keyring libgnome-keyring.dev jre autoconf
automake libtool boost glibmm glibmm.dev libsigcxx pangomm libX11 pexpect pycrypto openssl
proj cairo cairo.dev makeWrapper libglade ] ;
patches = [
./fix-gdal-includes.patch
(substituteAll {
src = ./hardcode-paths.patch;
catchsegv = "${glibc.bin}/bin/catchsegv";
bash = "${bash}/bin/bash";
cp = "${coreutils}/bin/cp";
dd = "${coreutils}/bin/dd";
ls = "${coreutils}/bin/ls";
mkdir = "${coreutils}/bin/mkdir";
nohup = "${coreutils}/bin/nohup";
rm = "${coreutils}/bin/rm";
rmdir = "${coreutils}/bin/rmdir";
sudo = "${sudo}/bin/sudo";
})
];
prePatch = ''
for f in backend/wbpublic/{grt/spatial_handler.h,grtui/geom_draw_box.h,objimpl/db.query/db_query_Resultset.cpp} ;
do
sed -i 's@#include <gdal/@#include <@' $f ;
done
nativeBuildInputs = [
cmake ninja pkgconfig jre swig wrapGAppsHook
];
sed -i '32s@mysqlparser@mysqlparser sqlparser@' library/mysql.parser/CMakeLists.txt
buildInputs = [
gtk3 gtkmm3 libX11 antlr4_7.runtime.cpp python2 mysql libxml2
libmysqlconnectorcpp vsqlite gdal boost libssh openssl
libiodbc pcre cairo libuuid libzip libsecret
libsigcxx proj
# python dependencies:
paramiko pycairo pyodbc # sqlanydb
# transitive dependencies:
libpthreadstubs libXdmcp libxkbcommon epoxy at-spi2-core dbus
];
cat <<EOF > ext/antlr-runtime/fix-configure
#!${stdenv.shell}
echo "fixing bundled antlr3c configure" ;
sed -i 's@/usr/bin/file@${file}/bin/file@' configure
sed -i '12121d' configure
EOF
chmod +x ext/antlr-runtime/fix-configure
sed -i '236s@&&@& ''${PROJECT_SOURCE_DIR}/ext/antlr-runtime/fix-configure &@' CMakeLists.txt
substituteInPlace $(pwd)/frontend/linux/workbench/mysql-workbench.in --replace "catchsegv" "${glibc.bin}/bin/catchsegv"
substituteInPlace $(pwd)/frontend/linux/workbench/mysql-workbench.in --replace "/usr/lib/x86_64-linux-gnu" "${proj}/lib"
patchShebangs $(pwd)/library/mysql.parser/grammar/build-parser
patchShebangs $(pwd)/tools/get_wb_version.sh
postPatch = ''
patchShebangs tools/get_wb_version.sh
'';
NIX_CFLAGS_COMPILE = [
"-I${libsigcxx}/lib/sigc++-2.0/include"
"-I${pangomm}/lib/pangomm-1.4/include"
"-I${glibmm}/lib/giomm-2.4/include"
# error: 'OGRErr OGRSpatialReference::importFromWkt(char**)' is deprecated
"-Wno-error=deprecated-declarations"
];
cmakeFlags = [
"-DCMAKE_CXX_FLAGS=-std=c++11"
"-DMySQL_CONFIG_PATH=${mysql}/bin/mysql_config"
"-DCTemplate_INCLUDE_DIR=${libctemplate}/include"
"-DCAIRO_INCLUDE_DIRS=${cairo.dev}/include"
"-DGTK2_GDKCONFIG_INCLUDE_DIR=${gtk}/lib/gtk-2.0/include"
"-DGTK2_GLIBCONFIG_INCLUDE_DIR=${gtk.dev}/include"
"-DGTK2_GTKMMCONFIG_INCLUDE_DIR=${gtkmm}/lib/gtkmm-2.4/include"
"-DGTK2_GDKMMCONFIG_INCLUDE_DIR=${gtkmm}/lib/gdkmm-2.4/include"
"-DGTK2_GLIBMMCONFIG_INCLUDE_DIR=${glibmm}/lib/glibmm-2.4/include"
"-DIODBC_CONFIG_PATH=${libiodbc}/bin/iodbc-config"
"-DWITH_ANTLR_JAR=${antlr4_7.jarLocation}"
];
postInstall = ''
patchShebangs $out/share/mysql-workbench/extras/build_freetds.sh
# There is already an executable and a wrapper in bindir
# No need to wrap both
dontWrapGApps = true;
for i in $out/lib/mysql-workbench/modules/wb_utils_grt.py \
$out/lib/mysql-workbench/modules/wb_server_management.py \
$out/lib/mysql-workbench/modules/wb_admin_grt.py; do
substituteInPlace $i \
--replace "/bin/bash" ${stdenv.shell} \
--replace "/usr/bin/sudo" ${sudo}/bin/sudo
preFixup = ''
gappsWrapperArgs+=(
--prefix PATH : "${python2}/bin"
--prefix PROJSO : "${proj}/lib/libproj.so"
--set PYTHONPATH $PYTHONPATH
)
'';
# Lets wrap the programs not ending with bin
# until https://bugs.mysql.com/bug.php?id=91948 is fixed
postFixup = ''
find -L "$out/bin" -type f -executable -print0 \
| while IFS= read -r -d ''' file; do
if [[ "''${file}" != *-bin ]]; then
echo "Wrapping program ''${file}"
wrapProgram "''${file}" "''${gappsWrapperArgs[@]}"
fi
done
wrapProgram "$out/bin/mysql-workbench" \
--prefix LD_LIBRARY_PATH : "${python}/lib" \
--prefix LD_LIBRARY_PATH : "$(cat ${stdenv.cc}/nix-support/orig-cc)/lib64" \
--prefix PATH : "${gnome-keyring}/bin" \
--prefix PATH : "${python}/bin" \
--set PYTHONPATH $PYTHONPATH \
--run '
# The gnome-keyring-daemon must be running. To allow for environments like
# kde, xfce where this is not so, we start it first.
# It is cleaned up using a supervisor subshell which detects that
# the parent has finished via the closed pipe as terminate signal idiom,
# used because we cannot clean up after ourselves due to the exec call.
# Start gnome-keyring-daemon, export the environment variables it asks us to set.
for expr in $( gnome-keyring-daemon --start ) ; do eval "export "$expr ; done
# Prepare fifo pipe.
FIFOCTL="/tmp/gnome-keyring-daemon-ctl.$$.fifo"
[ -p $FIFOCTL ] && rm $FIFOCTL
mkfifo $FIFOCTL
# Supervisor subshell waits reading from pipe, will receive EOF when parent
# closes pipe on termination. Negate read with ! operator to avoid subshell
# quitting when read EOF returns 1 due to -e option being set.
(
exec 19< $FIFOCTL
! read -u 19
kill $GNOME_KEYRING_PID
rm $FIFOCTL
) &
exec 19> $FIFOCTL
'
'';
meta = with stdenv.lib; {
@ -127,6 +104,6 @@ exec 19> $FIFOCTL
homepage = http://wb.mysql.com/;
license = licenses.gpl2;
maintainers = [ maintainers.kkallio ];
platforms = [ "x86_64-linux" ];
platforms = platforms.linux;
};
}

47
pkgs/applications/misc/mysql-workbench/fix-gdal-includes.patch Normal file
View File

@ -0,0 +1,47 @@
--- a/backend/wbpublic/grt/spatial_handler.h
+++ b/backend/wbpublic/grt/spatial_handler.h
@@ -24,12 +24,12 @@
#ifndef SPATIAL_HANDLER_H_
#define SPATIAL_HANDLER_H_
-#include <gdal/ogrsf_frmts.h>
-#include <gdal/ogr_api.h>
-#include <gdal/gdal_pam.h>
-#include <gdal/memdataset.h>
-#include <gdal/gdal_alg.h>
-#include <gdal/gdal.h>
+#include <ogrsf_frmts.h>
+#include <ogr_api.h>
+#include <gdal_pam.h>
+#include <memdataset.h>
+#include <gdal_alg.h>
+#include <gdal.h>
#include <deque>
#include "base/geometry.h"
#include "wbpublic_public_interface.h"
--- a/backend/wbpublic/grtui/geom_draw_box.h
+++ b/backend/wbpublic/grtui/geom_draw_box.h
@@ -25,7 +25,7 @@
#define _GEOM_DRAW_BOX_H_
#include <mforms/drawbox.h>
-#include <gdal/ogr_geometry.h>
+#include <ogr_geometry.h>
#include "wbpublic_public_interface.h"
class WBPUBLICBACKEND_PUBLIC_FUNC GeomDrawBox : public mforms::DrawBox {
--- a/backend/wbpublic/objimpl/db.query/db_query_Resultset.cpp
+++ b/backend/wbpublic/objimpl/db.query/db_query_Resultset.cpp
@@ -21,9 +21,9 @@
* 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*/
-#include <gdal/ogrsf_frmts.h>
-#include <gdal/ogr_api.h>
-#include <gdal/gdal.h>
+#include <ogrsf_frmts.h>
+#include <ogr_api.h>
+#include <gdal.h>
#include <grts/structs.db.query.h>
#include <grtpp_util.h>

187
pkgs/applications/misc/mysql-workbench/hardcode-paths.patch Normal file
View File

@ -0,0 +1,187 @@
--- a/frontend/linux/workbench/mysql-workbench.in
+++ b/frontend/linux/workbench/mysql-workbench.in
@@ -99,8 +99,8 @@
if test "$WB_DEBUG" != ""; then
$WB_DEBUG $MWB_BINARIES_DIR/mysql-workbench-bin "$@"
else
- if type -p catchsegv > /dev/null; then
- catchsegv $MWB_BINARIES_DIR/mysql-workbench-bin "$@"
+ if type -p @catchsegv@ > /dev/null; then
+ @catchsegv@ $MWB_BINARIES_DIR/mysql-workbench-bin "$@"
else
$MWB_BINARIES_DIR/mysql-workbench-bin "$@"
fi
--- a/plugins/migration/frontend/migration_bulk_copy_data.py
+++ b/plugins/migration/frontend/migration_bulk_copy_data.py
@@ -110,7 +110,7 @@
return 'sh'
def generate_import_script(self, connection_args, path_to_file, schema_name):
- output = ['#!/bin/bash']
+ output = ['#!/usr/bin/env bash']
output.append('MYPATH=\`pwd\`')
output.append('if [ -f \$MYPATH/%s ] ; then' % self.error_log_name)
@@ -164,7 +164,7 @@
return 'sh'
def generate_import_script(self, connection_args, path_to_file, schema_name):
- output = ['#!/bin/bash']
+ output = ['#!/usr/bin/env bash']
output.append('MYPATH=\`pwd\`')
output.append('if [ -f \$MYPATH/%s ] ; then' % self.error_log_name)
@@ -417,7 +417,7 @@
with open(script_path, 'w+') as f:
os.chmod(script_path, 0700)
- f.write('#!/bin/bash\n\n')
+ f.write('#!/usr/bin/env bash\n\n')
f.write('MYPATH=`pwd`\n')
f.write("arg_source_password=\"<put source password here>\"\n")
@@ -521,7 +521,7 @@
with open(script_path, 'w+') as f:
os.chmod(script_path, 0700)
- f.write('#!/bin/bash\n\n')
+ f.write('#!/usr/bin/env bash\n\n')
f.write('MYPATH=`pwd`\n')
f.write("arg_source_password=\"<put source password here>\"\n")
--- a/plugins/wb.admin/backend/wb_server_control.py
+++ b/plugins/wb.admin/backend/wb_server_control.py
@@ -39,7 +39,7 @@
UnixVariant = {
"" : {
- 'sudo_command' : "/usr/bin/sudo -k -S -p EnterPasswordHere ",
+ 'sudo_command' : "@sudo@ -k -S -p EnterPasswordHere ",
}
}
--- a/plugins/wb.admin/backend/wb_server_management.py
+++ b/plugins/wb.admin/backend/wb_server_management.py
@@ -40,7 +40,7 @@
def reset_sudo_prefix():
global default_sudo_prefix
- default_sudo_prefix = '/usr/bin/sudo -k -S -p EnterPasswordHere'
+ default_sudo_prefix = '@sudo@ -k -S -p EnterPasswordHere'
reset_sudo_prefix()
@@ -100,7 +100,7 @@
if to_spawn:
command += ' &'
- sudo_prefix += ' /usr/bin/nohup'
+ sudo_prefix += ' @nohup@'
# If as_user is the CURRENT then there's no need to sudo
if as_user != Users.CURRENT:
@@ -111,7 +111,7 @@
if '/bin/sh' in sudo_prefix or '/bin/bash' in sudo_prefix:
command = "LANG=C " + sudo_prefix + " \"" + command.replace('\\', '\\\\').replace('"', r'\"').replace('$','\\$') + "\""
else:
- command = "LANG=C " + sudo_prefix + " /bin/bash -c \"" + command.replace('\\', '\\\\').replace('"', r'\"').replace('$','\\$') + "\""
+ command = "LANG=C " + sudo_prefix + " @bash@ -c \"" + command.replace('\\', '\\\\').replace('"', r'\"').replace('$','\\$') + "\""
return command
@@ -896,9 +896,9 @@
if as_user == Users.CURRENT:
raise PermissionDeniedError("Cannot set owner of directory %s" % path)
else:
- command = "/bin/mkdir %s && chown %s %s" % (quote_path(path), with_owner, quote_path(path))
+ command = "@mkdir@ %s && chown %s %s" % (quote_path(path), with_owner, quote_path(path))
else:
- command = "/bin/mkdir %s" % (quote_path(path))
+ command = "@mkdir@ %s" % (quote_path(path))
res = self.process_ops.exec_cmd(command,
as_user = as_user,
@@ -927,7 +927,7 @@
@useAbsPath("path")
def remove_directory(self, path, as_user = Users.CURRENT, user_password = None):
output = StringIO.StringIO()
- res = self.process_ops.exec_cmd('/bin/rmdir ' + quote_path(path),
+ res = self.process_ops.exec_cmd('@rmdir@ ' + quote_path(path),
as_user = as_user,
user_password = user_password,
output_handler = output.write,
@@ -940,7 +940,7 @@
@useAbsPath("path")
def remove_directory_recursive(self, path, as_user = Users.CURRENT, user_password = None):
output = StringIO.StringIO()
- res = self.process_ops.exec_cmd('/bin/rm -R ' + quote_path(path),
+ res = self.process_ops.exec_cmd('@rm@ -R ' + quote_path(path),
as_user = as_user,
user_password = user_password,
output_handler = output.write,
@@ -953,7 +953,7 @@
@useAbsPath("path")
def delete_file(self, path, as_user = Users.CURRENT, user_password = None):
output = StringIO.StringIO()
- res = self.process_ops.exec_cmd("/bin/rm " + quote_path(path),
+ res = self.process_ops.exec_cmd("@rm@ " + quote_path(path),
as_user = as_user,
user_password = user_password,
output_handler = output.write,
@@ -1001,7 +1001,7 @@
def _copy_file(self, source, dest, as_user = Users.CURRENT, user_password = None):
output = StringIO.StringIO()
- res = self.process_ops.exec_cmd("LC_ALL=C /bin/cp " + quote_path(source) + " " + quote_path(dest),
+ res = self.process_ops.exec_cmd("LC_ALL=C @cp@ " + quote_path(source) + " " + quote_path(dest),
as_user = as_user,
user_password = user_password,
output_handler = output.write,
@@ -1077,9 +1077,9 @@
# for ls -l, the output format changes depending on stdout being a terminal or not
# since both cases are possible, we need to handle both at the same time (1st line being total <nnnn> or not)
# the good news is that if the line is there, then it will always start with total, regardless of the locale
- command = 'LC_ALL=C /bin/ls -l -p %s' % quote_path(path)
+ command = 'LC_ALL=C @ls@ -l -p %s' % quote_path(path)
else:
- command = 'LC_ALL=C /bin/ls -1 -p %s' % quote_path(path)
+ command = 'LC_ALL=C @ls@ -1 -p %s' % quote_path(path)
output = StringIO.StringIO()
res = self.process_ops.exec_cmd(command,
@@ -2160,9 +2160,9 @@
def get_range(self, start, end):
f = StringIO.StringIO()
if not self._need_sudo:
- ret = self.server_helper.execute_command("/bin/dd if=%s ibs=1 skip=%i count=%i 2> /dev/null" % (quote_path(self.path), start, end-start), as_user = Users.CURRENT, user_password=None, output_handler=f.write)
+ ret = self.server_helper.execute_command("@dd@ if=%s ibs=1 skip=%i count=%i 2> /dev/null" % (quote_path(self.path), start, end-start), as_user = Users.CURRENT, user_password=None, output_handler=f.write)
else:
- ret = self.server_helper.execute_command("/bin/dd if=%s ibs=1 skip=%i count=%i 2> /dev/null" % (quote_path(self.path), start, end-start), as_user = Users.ADMIN, user_password=self.get_password, output_handler=f.write)
+ ret = self.server_helper.execute_command("@dd@ if=%s ibs=1 skip=%i count=%i 2> /dev/null" % (quote_path(self.path), start, end-start), as_user = Users.ADMIN, user_password=self.get_password, output_handler=f.write)
if ret != 0:
raise RuntimeError("Could not get data from file %s" % self.path)
@@ -2170,9 +2170,9 @@
def read_task(self, offset, file):
if not self._need_sudo:
- self.server_helper.execute_command("/bin/dd if=%s ibs=1 skip=%i 2> /dev/null" % (quote_path(self.path), offset), as_user = Users.CURRENT, user_password=None, output_handler=file.write)
+ self.server_helper.execute_command("@dd@ if=%s ibs=1 skip=%i 2> /dev/null" % (quote_path(self.path), offset), as_user = Users.CURRENT, user_password=None, output_handler=file.write)
else:
- self.server_helper.execute_command("/bin/dd if=%s ibs=1 skip=%i 2> /dev/null" % (quote_path(self.path), offset), as_user = Users.ADMIN, user_password=self.get_password, output_handler=file.write)
+ self.server_helper.execute_command("@dd@ if=%s ibs=1 skip=%i 2> /dev/null" % (quote_path(self.path), offset), as_user = Users.ADMIN, user_password=self.get_password, output_handler=file.write)
# this will signal the reader end that there's no more data
file.close()
@@ -2198,9 +2198,9 @@
self._pos = offset
f = StringIO.StringIO()
if not self._need_sudo:
- self.server_helper.execute_command("/bin/dd if=%s ibs=1 skip=%i 2> /dev/null" % (quote_path(self.path), offset), as_user = Users.CURRENT, user_password=None, output_handler=f.write)
+ self.server_helper.execute_command("@dd@ if=%s ibs=1 skip=%i 2> /dev/null" % (quote_path(self.path), offset), as_user = Users.CURRENT, user_password=None, output_handler=f.write)
else:
- self.server_helper.execute_command("/bin/dd if=%s ibs=1 skip=%i 2> /dev/null" % (quote_path(self.path), offset), as_user = Users.ADMIN, user_password=self._password, output_handler=f.write)
+ self.server_helper.execute_command("@dd@ if=%s ibs=1 skip=%i 2> /dev/null" % (quote_path(self.path), offset), as_user = Users.ADMIN, user_password=self._password, output_handler=f.write)
self.data = f
self.data.seek(0)
if self.skip_first_newline:

1
pkgs/applications/misc/osmctools/default.nix
View File

@ -42,5 +42,6 @@ stdenv.mkDerivation rec {
https://wiki.openstreetmap.org/wiki/Osmfilter
];
platforms = platforms.unix;
license = licenses.agpl3;
};
}

1
pkgs/applications/misc/pdfmod/default.nix
View File

@ -44,5 +44,6 @@ stdenv.mkDerivation rec {
description = "A simple application for modifying PDF documents";
platforms = platforms.all;
maintainers = with maintainers; [ obadz ];
license = licenses.gpl2Plus;
};
}

1
pkgs/applications/misc/pdfshuffler/default.nix
View File

@ -36,5 +36,6 @@ python3Packages.buildPythonApplication rec {
description = "Merge or split pdf documents and rotate, crop and rearrange their pages";
platforms = platforms.linux;
maintainers = with maintainers; [ mic92 ];
license = licenses.gpl3;
};
}

4
pkgs/applications/misc/pgmanage/default.nix
View File

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
name = "pgmanage-${version}";
version = "10.3.0";
version = "10.3.1";
src = fetchFromGitHub {
owner = "pgManage";
repo = "pgManage";
rev = "v${version}";
sha256 = "105gmwkifq04qmp5kpgybwjyx01528r6m3x1pxbvnfyni8sf74qj";
sha256 = "0ym1arla9wfkmr5n6h6dfyd680vlnng5s5j5nyxi2gl2wxqqhxzz";
};
patchPhase = ''

21
pkgs/applications/misc/polybar/default.nix
View File

@ -1,33 +1,36 @@
{ cairo, cmake, fetchgit, libXdmcp, libpthreadstubs, libxcb, pcre, pkgconfig
, python2 , stdenv, xcbproto, xcbutil, xcbutilimage, xcbutilrenderutil
, xcbutilwm, xcbutilxrm, makeWrapper
, python2, stdenv, xcbproto, xcbutil, xcbutilcursor, xcbutilimage
, xcbutilrenderutil, xcbutilwm, xcbutilxrm, makeWrapper
# optional packages-- override the variables ending in 'Support' to enable or
# disable modules
, alsaSupport ? true, alsaLib ? null
, iwSupport ? true, wirelesstools ? null
, githubSupport ? false, curl ? null
, mpdSupport ? false, mpd_clientlib ? null
, pulseSupport ? false, libpulseaudio ? null
, iwSupport ? false, wirelesstools ? null
, nlSupport ? true, libnl ? null
, i3Support ? false, i3GapsSupport ? false, i3 ? null, i3-gaps ? null, jsoncpp ? null
}:
assert alsaSupport -> alsaLib != null;
assert githubSupport -> curl != null;
assert iwSupport -> wirelesstools != null;
assert mpdSupport -> mpd_clientlib != null;
assert pulseSupport -> libpulseaudio != null;
assert iwSupport -> ! nlSupport && wirelesstools != null;
assert nlSupport -> ! iwSupport && libnl != null;
assert i3Support -> ! i3GapsSupport && jsoncpp != null && i3 != null;
assert i3GapsSupport -> ! i3Support && jsoncpp != null && i3-gaps != null;
stdenv.mkDerivation rec {
name = "polybar-${version}";
version = "3.2.0";
version = "3.2.1";
src = fetchgit {
url = "https://github.com/jaagr/polybar";
rev = version;
sha256 = "0p94brndysvmmbidhl4ds4w3qvddb752s4vryp0qckb0hz3knqk8";
sha256 = "1z45swj2l0h8x8li7prl963cgl6zm3birsswpij8qwcmjaj5l8vz";
};
meta = with stdenv.lib; {
@ -44,14 +47,16 @@ stdenv.mkDerivation rec {
buildInputs = [
cairo libXdmcp libpthreadstubs libxcb pcre python2 xcbproto xcbutil
xcbutilimage xcbutilrenderutil xcbutilwm xcbutilxrm
xcbutilcursor xcbutilimage xcbutilrenderutil xcbutilwm xcbutilxrm
(if alsaSupport then alsaLib else null)
(if githubSupport then curl else null)
(if iwSupport then wirelesstools else null)
(if mpdSupport then mpd_clientlib else null)
(if pulseSupport then libpulseaudio else null)
(if iwSupport then wirelesstools else null)
(if nlSupport then libnl else null)
(if i3Support || i3GapsSupport then jsoncpp else null)
(if i3Support then i3 else null)
(if i3GapsSupport then i3-gaps else null)

57
pkgs/applications/misc/qradiolink/default.nix Normal file
View File

@ -0,0 +1,57 @@
{ stdenv, fetchFromGitHub, alsaLib, boost
, qt4, libpulseaudio, codec2, libconfig
, gnuradio, gnuradio-osmosdr, gsm
, libopus, libjpeg, protobuf, qwt, speex
} :
let
version = "0.5.0";
in stdenv.mkDerivation {
name = "qradiolink-${version}";
src = fetchFromGitHub {
owner = "kantooon";
repo = "qradiolink";
rev = "${version}";
sha256 = "0xhg5zhjznmls5m3rhpk1qx0dipxmca12s85w15d0i7qwva2f1gi";
};
preBuild = ''
cd ext
protoc --cpp_out=. Mumble.proto
protoc --cpp_out=. QRadioLink.proto
cd ..
qmake
'';
installPhase = ''
mkdir -p $out/bin
cp qradiolink $out/bin
'';
buildInputs = [
qt4
alsaLib
boost
libpulseaudio
codec2
libconfig
gsm
gnuradio
gnuradio-osmosdr
libopus
libjpeg
protobuf
speex
qwt
];
meta = with stdenv.lib; {
description = "SDR transceiver application for analog and digital modes";
homepage = http://qradiolink.org/;
license = licenses.agpl3;
maintainers = [ maintainers.markuskowa ];
platforms = platforms.linux;
};
}

9
pkgs/applications/misc/redshift/default.nix
View File

@ -61,6 +61,15 @@ stdenv.mkDerivation rec {
postFixup = "wrapPythonPrograms";
# the geoclue agent may inspect these paths and expect them to be
# valid without having the correct $PATH set
postInstall = ''
substituteInPlace $out/share/applications/redshift.desktop \
--replace 'Exec=redshift' "Exec=$out/bin/redshift"
substituteInPlace $out/share/applications/redshift.desktop \
--replace 'Exec=redshift-gtk' "Exec=$out/bin/redshift-gtk"
'';
enableParallelBuilding = true;
meta = with stdenv.lib; {

1
pkgs/applications/misc/rxvt_unicode/default.nix
View File

@ -67,5 +67,6 @@ stdenv.mkDerivation (rec {
downloadPage = "http://dist.schmorp.de/rxvt-unicode/Attic/";
maintainers = [ ];
platforms = platforms.unix;
license = licenses.gpl3;
};
})

1
pkgs/applications/misc/tasknc/default.nix
View File

@ -38,5 +38,6 @@ stdenv.mkDerivation rec {
description = "A ncurses wrapper around taskwarrior";
maintainers = with maintainers; [ infinisil ];
platforms = platforms.linux; # Cannot test others
license = licenses.mit;
};
}

19
pkgs/applications/misc/toggldesktop/TogglDesktop.pro Normal file
View File

@ -0,0 +1,19 @@
QT += core network widgets
DEFINES += APP_ENVIRONMENT=\\\"production\\\"
DEFINES += APP_VERSION=\\\"@version@\\\"
TARGET = toggldesktop
TEMPLATE = app
SOURCES += *.cpp
HEADERS += *.h
FORMS += *.ui
RESOURCES += *.qrc
target.path = $$PREFIX
INSTALLS += target
CONFIG += link_pkgconfig
PKGCONFIG += bugsnag-qt qxtglobalshortcut qt-oauth-lib toggl x11 xscrnsaver

148
pkgs/applications/misc/toggldesktop/default.nix Normal file
View File

@ -0,0 +1,148 @@
{ stdenv, fetchzip, buildEnv, makeDesktopItem, runCommand, writeText, pkgconfig
, cmake, qmake, cacert, jsoncpp, libX11, libXScrnSaver, lua, openssl, poco
, qtbase, qtwebkit, qtx11extras, sqlite }:
let
name = "toggldesktop-${version}";
version = "7.4.231";
src = fetchzip {
url = "https://github.com/toggl/toggldesktop/archive/v${version}.tar.gz";
sha256 = "01hqkx9dljnhwnyqi6mmzfp02hnbi2j50rsfiasniqrkbi99x9v1";
};
bugsnag-qt = stdenv.mkDerivation rec {
name = "bugsnag-qt-${version}";
version = "20180522.005732";
src = fetchzip {
url = "https://github.com/yegortimoshenko/bugsnag-qt/archive/${version}.tar.gz";
sha256 = "02s6mlggh0i4a856md46dipy6mh47isap82jlwmjr7hfsk2ykgnq";
};
nativeBuildInputs = [ qmake ];
buildInputs = [ qtbase ];
};
qxtglobalshortcut = stdenv.mkDerivation rec {
name = "qxtglobalshortcut-${version}";
version = "f584471dada2099ba06c574bdfdd8b078c2e3550";
src = fetchzip {
url = "https://github.com/hluk/qxtglobalshortcut/archive/${version}.tar.gz";
sha256 = "1iy17gypav10z8aa62s5jb6mq9y4kb9ms4l61ydmk3xwlap7igw1";
};
nativeBuildInputs = [ cmake ];
buildInputs = [ qtbase qtx11extras ];
};
qt-oauth-lib = stdenv.mkDerivation rec {
name = "qt-oauth-lib-${version}";
version = "20180521.233208";
src = fetchzip {
url = "https://github.com/yegortimoshenko/qt-oauth-lib/archive/${version}.tar.gz";
sha256 = "0f46d44slzvzaqx0lksvv14lsc1jp8vd2mragxd61r820hybf5z3";
};
nativeBuildInputs = [ qmake ];
buildInputs = [ qtbase qtwebkit ];
};
poco-pc = writeText "poco.pc" ''
Name: Poco
Description: ${poco.meta.description}
Version: ${poco.version}
Libs: -L${poco}/lib -lPocoDataSQLite -lPocoData -lPocoNet -lPocoNetSSL -lPocoCrypto -lPocoUtil -lPocoXML -lPocoFoundation
Cflags: -I${poco}/include/Poco
'';
poco-pc-wrapped = runCommand "poco-pc-wrapped" {} ''
mkdir -p $out/lib/pkgconfig && ln -s ${poco-pc} $_/poco.pc
'';
libtoggl = stdenv.mkDerivation {
name = "libtoggl-${version}";
inherit src version;
sourceRoot = "source/src";
nativeBuildInputs = [ qmake pkgconfig ];
buildInputs = [ jsoncpp lua openssl poco poco-pc-wrapped sqlite libX11 ];
postPatch = ''
cat ${./libtoggl.pro} > libtoggl.pro
rm get_focused_window_{mac,windows}.cc
'';
};
toggldesktop = stdenv.mkDerivation {
name = "${name}-unwrapped";
inherit src version;
sourceRoot = "source/src/ui/linux/TogglDesktop";
postPatch = ''
substituteAll ${./TogglDesktop.pro} TogglDesktop.pro
substituteInPlace toggl.cpp \
--replace ./../../../toggl_api.h toggl_api.h
'';
postInstall = ''
ln -s ${cacert}/etc/ssl/certs/ca-bundle.crt $out/cacert.pem
'';
nativeBuildInputs = [ qmake pkgconfig ];
buildInputs = [
bugsnag-qt
libtoggl
qxtglobalshortcut
qtbase
qtwebkit
qt-oauth-lib
qtx11extras
libX11
libXScrnSaver
];
};
toggldesktop-icons = stdenv.mkDerivation {
name = "${name}-icons";
inherit (toggldesktop) src sourceRoot;
installPhase = ''
for f in icons/*; do
mkdir -p $out/share/icons/hicolor/$(basename $f)/apps
mv $f/toggldesktop.png $_
done
'';
};
toggldesktop-wrapped = runCommand "toggldesktop-wrapped" {} ''
mkdir -p $out/bin && ln -s ${toggldesktop}/toggldesktop $_
'';
desktopItem = makeDesktopItem rec {
categories = "Utility;";
desktopName = "Toggl";
genericName = desktopName;
name = "toggldesktop";
exec = "${toggldesktop-wrapped}/bin/toggldesktop";
icon = "toggldesktop";
};
in
buildEnv {
inherit name;
paths = [ desktopItem toggldesktop-icons toggldesktop-wrapped ];
meta = with stdenv.lib; {
description = "Client for Toggl time tracking service";
homepage = https://github.com/toggl/toggldesktop;
license = licenses.bsd3;
maintainers = with maintainers; [ yegortimoshenko ];
platforms = platforms.linux;
};
}

20
pkgs/applications/misc/toggldesktop/libtoggl.pro Normal file
View File

@ -0,0 +1,20 @@
TARGET = toggl
TEMPLATE = lib
SOURCES += *.cc
HEADERS += *.h
headers.files = $$HEADERS
headers.path = $$PREFIX/include
target.path = $$PREFIX/lib
INSTALLS += headers target
CONFIG += create_prl create_pc link_pkgconfig
PKGCONFIG += jsoncpp openssl lua poco sqlite3 x11
QMAKE_PKGCONFIG_NAME = $$TARGET
QMAKE_PKGCONFIG_PREFIX = $$PREFIX
QMAKE_PKGCONFIG_LIBDIR = $$target.path
QMAKE_PKGCONFIG_INCDIR = $$headers.path
QMAKE_PKGCONFIG_DESTDIR = pkgconfig

4
pkgs/applications/misc/translate-shell/default.nix
View File

@ -3,13 +3,13 @@
stdenv.mkDerivation rec {
name = "${pname}-${version}";
pname = "translate-shell";
version = "0.9.6.7";
version = "0.9.6.8";
src = fetchFromGitHub {
owner = "soimort";
repo = "translate-shell";
rev = "v${version}";
sha256 = "0krcidjh32xwybr1v4nykgf0jjnffjqx125bvn3jh2a44cikyq3n";
sha256 = "17fc5nlc594lvmihx39h4ddmi8ja3qqsyswzxadbaz7l3zm356b8";
};
buildInputs = [ makeWrapper ];

1
pkgs/applications/misc/twmn/default.nix
View File

@ -30,5 +30,6 @@ stdenv.mkDerivation rec {
homepage = https://github.com/sboli/twmn;
platforms = with stdenv.lib.platforms; linux;
maintainers = [ stdenv.lib.maintainers.matejc ];
license = stdenv.lib.licenses.lgpl3;
};
}

4
pkgs/applications/misc/urh/default.nix
View File

@ -2,13 +2,13 @@
python3Packages.buildPythonApplication rec {
name = "urh-${version}";
version = "2.2.2";
version = "2.2.3";
src = fetchFromGitHub {
owner = "jopohl";
repo = "urh";
rev = "v${version}";
sha256 = "0ncvfl5iyngw3lr2g7awpskrrld6y0x7w0xyp827lcr7x73fvqgp";
sha256 = "1iq84590cjpf2rlxb60fy4hxi7vir27bbb10axbwrqwnp5cc4bql";
};
buildInputs = [ hackrf rtl-sdr ];

1
pkgs/applications/misc/xmove/default.nix
View File

@ -14,5 +14,6 @@ stdenv.mkDerivation {
meta = {
platforms = stdenv.lib.platforms.linux;
license = stdenv.lib.licenses.mit;
};
}

1
pkgs/applications/networking/browsers/dillo/default.nix
View File

@ -27,5 +27,6 @@ stdenv.mkDerivation rec {
'';
maintainers = [ maintainers.AndersonTorres ];
platforms = platforms.linux;
license = licenses.gpl3;
};
}

794
pkgs/applications/networking/browsers/firefox-bin/beta_sources.nix
View File

File diff suppressed because it is too large Load Diff

794
pkgs/applications/networking/browsers/firefox-bin/devedition_sources.nix
View File

File diff suppressed because it is too large Load Diff

786
pkgs/applications/networking/browsers/firefox-bin/release_sources.nix
View File

File diff suppressed because it is too large Load Diff

Some files were not shown because too many files have changed in this diff Show More